[tor-bugs] #31701 [Circumvention/Obfs4]: Reachability tests for new obfs4 bridges

Tor Bug Tracker & Wiki blackhole at torproject.org
Wed Jan 8 17:37:26 UTC 2020 

#31701: Reachability tests for new obfs4 bridges
---------------------------------------+--------------------------
 Reporter:  cohosh                     |          Owner:  cohosh
     Type:  defect                     |         Status:  assigned
 Priority:  Medium                     |      Milestone:
Component:  Circumvention/Obfs4        |        Version:
 Severity:  Normal                     |     Resolution:
 Keywords:  reachability, measurement  |  Actual Points:
Parent ID:                             |         Points:
 Reviewer:                             |        Sponsor:
---------------------------------------+--------------------------

Comment (by sigvids):

 > I just re-ran these tests and looks like at least 2 bridges that were
 previously unreachable in China are now reachable again.

 I have seen some reports saying that the GFW will unblock blocked IP
 addresses after a period of time. One report for Outline (i.e.,
 Shadowsocks) says unblocking can happen after as little as three days.
 However, if you start reusing the server for the same purpose, it will be
 blocked again:

 https://github.com/Jigsaw-Code/outline-
 server/issues/193#issuecomment-405042583

 It's possible that this unblocking rule applies also to IP addresses
 scraped from web/email/moat.

 > So perhaps the block list populated by BridgeDB scraping is not static.

 Are the reachability tests based on a single connection, or on multiple
 connections with a realistic volume of traffic? It's possible that the GFW
 uses other detection methods in addition to scraping. A thread on Github
 suggests that blocking can be triggered by factors that include (1) volume
 of traffic, (2) traffic being fully encrypted, (3) very high entropy, and
 (4) use of popular VPS locations. The pattern is initially an IP/port ban,
 and then if you change ports multiple times, you get a full IP ban:

 https://github.com/shadowsocks/shadowsocks-libev/issues/2288

 > It also looks like there are some bridges that are no longer reachable
 in North America. Might be worth checking into that.

 Is it possible that the bridges that are no longer reachable in North
 America have been taken offline? I sometimes see complaints by volunteers
 that their bridges don't get any traffic. For example:

 https://tor.stackexchange.com/questions/17398/no-traffic-on-obfs4-bridge

 https://tor.stackexchange.com/questions/20216/why-is-my-tor-bridge-relay-
 not-getting-any-traffic

 Are bridge operators giving up after a few months of minimal traffic?

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/31701#comment:4>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online

More information about the tor-bugs mailing list