[tor-bugs] #15967 [BridgeDB]: Separate BridgeDB's CAPTCHA into another service

Sat May 9 02:57:59 UTC 2015

#15967: Separate BridgeDB's CAPTCHA into another service
-------------------------------------------------+-------------------------
 Reporter:  isis                                 |          Owner:  isis
     Type:  enhancement                          |         Status:  new
 Priority:  normal                               |      Milestone:
Component:  BridgeDB                             |        Version:
 Keywords:  bridgedb-https captcha tor-launcher  |  Actual Points:
  ooni-probe                                     |         Points:
Parent ID:                                       |
-------------------------------------------------+-------------------------
 This was first requested when my GSoC student a couple summers ago was
 hacking on a Twitter bridge distributor, so that twitter requests for
 bridges could use the CAPTCHAs to decrease automated requests.

 Last week, [https://lists.torproject.org/pipermail/tor-
 dev/2015-May/008794.html Mike Perry requested this], as part adding a
 mechanism to get new bridges directly from Tor Launcher.

 Finally, Arturo also requested this today so that OONI probes running in
 censored countries can have an interface for getting bridges:

 {{{
 23:37          hellais  | anyways it would be nice to have an API where I
 send a HTTP request and I get back some JSON with the captcha encoded in
 base64 and I can send back the solution to get bridges
 23:38             isis  | yep, that's exactly what we're going to do :)
 23:39             isis  | except we hadn't exactly decided on JSON, but
 yeah
 23:39             isis  | the captcha image is already base64, btw
 23:42             isis  | hellais: would these be bridges for
 bridge_reachability tests, or bridges just to get an ooniprobe capable of
 connecting to some (hopefully)-known-good-and-not-filtered version of the
                           internet, for like submitting reports and stuff
 23:43             isis  | hellais: err, that was meant as a question
 23:46          hellais  | the second
 23:46          hellais  | I would like to have this:
 https://gist.github.com/hellais/995793f88fc42727fb92
 23:46          hellais  | run when ooniprobe is first installed to check
 if the user needs some bridges
 23:47          hellais  | I think I'll put it in the setup.py or something
 23:47          hellais  | since ooniprobe relies on tor for reporting
 without a working tor, we can't collect the reports
 23:48          hellais  | parsing HTML with standard python libraries is
 just a bit messy and I was wondering if there was a better way
 00:10          hellais  | anyways I think I will end up making something
 that starts a web server and makes the user solve the CAPTCHA on the local
 webserver. Having to open a JPG file and input it into a shell
                           is so uncomfortable
 00:13          hellais  | but the JSON API would be nice nonetheless
 }}}

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/15967>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online