[tor-bugs] #33299 [Circumvention/BridgeDB]: Remove retired pluggable transports from BridgeDB

Tor Bug Tracker & Wiki blackhole at torproject.org
Tue Feb 18 22:13:40 UTC 2020 

#33299: Remove retired pluggable transports from BridgeDB
------------------------------------+-------------------------------
 Reporter:  phw                     |          Owner:  phw
     Type:  task                    |         Status:  needs_review
 Priority:  Medium                  |      Milestone:
Component:  Circumvention/BridgeDB  |        Version:
 Severity:  Normal                  |     Resolution:
 Keywords:  s30-o22a2               |  Actual Points:
Parent ID:  #31279                  |         Points:  0.5
 Reviewer:  cohosh                  |        Sponsor:  Sponsor30-can
------------------------------------+-------------------------------
Changes (by phw):

 * status:  needs_information => needs_review


Comment:

 Replying to [comment:3 cohosh]:
 > - This ticket that changes the email body should be updated to remove
 the transport TYPEs we don't support: #30941
 [[br]]
 Yes, good point. I left a note in that ticket.
 [[br]]
 > - There are still a bunch of tests (e.g.,
 [https://gitweb.torproject.org/bridgedb.git/tree/bridgedb/test/test_email_request.py#n63
 here) that use obfs3
 [[br]]
 I think it would be useful to keep these tests because they can point out
 issues unrelated to obfs3. The reason I removed two specific tests is
 because they no longer work after deactivating scramblesuit and obfs3.

 To be clear, this patch set doesn't rip out our retired PTs altogether. It
 just deactivates distribution by removing them from the UI. It will still
 be possible to request obfs3 by going to
 https://bridges.torproject.org/bridges?transport=obfs3.
 [[br]]
 > - I noticed obfs3 usage in particular is still
 [https://metrics.torproject.org/userstats-bridge-
 transport.html?start=2019-11-20&end=2020-02-18&transport=obfs2&transport=obfs3&transport=fte&transport=scramblesuit
 pretty high]. I wonder if these are mostly users who already had obfs3
 bridges or if we can even tell.
 [[br]]
 We still see a bunch of obfs3 requests in our BridgeDB metrics: ~30 for
 the email distributor and <10 for a handful of countries for HTTPS. Usage
 however is independent from distribution, so I wouldn't worry about this.
 [[br]]
 > Just doing a grep for "obfs3" in the git repository shows it comes up in
 a lot of places, including l10n files, do we need to worry about that?
 [[br]]
 Good point. I
 [https://github.com/NullHypothesis/bridgedb/commit/116be8e57f862dbd04e7cb760b86097719d84ee7
 fixed a bunch of comments] that are now semi-misleading.

 Does the above sound reasonable to you?

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/33299#comment:4>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online

More information about the tor-bugs mailing list