Bridge status website

Christian Fromme kaner at strace.org
Wed May 26 13:06:48 UTC 2010


Hi Sebastian,

On Wed, May 26, 2010 at 2:09 PM, Sebastian Hahn <hahn.seb at web.de> wrote:

>> I wonder whether (b) is a good idea. Say I am Sir John McEvil and I
>> want to learn something about which IP address belongs to which
>> bridge: All I gotta do is iterate connections from some obscure
>> countries to certain bridges and check the stats later on.
>
> This isn't really an issue: If they adversary has the ability to push
> traffic through a bridge, it can learn its descriptor, and thus its
> fingerprint. The hashed fingerprint is used to look up the bridge on
> the website.

Right. It was rather stupid thinking on my side. If someone connects
to a bridge from $country, he already knows the IP address of that
bridge. m(

>> I'd like to add something else instead: Giving out information about
>> which bridge is known to be blocked in which country maybe? I know
>> that feature isn't in BridgeDB yet, but it is on my TODO-list for it.
>> I don't see much risk in disclosing this information, but it'd bring
>> some sort of awareness and also offers data for researchers.
>
> I think this is probably hard to do reliably, as blockings are very
> inhomogenous if you look at an entire country. Another point
> is that seeing no Burmese users on my bridge doesn't mean the
> bridge is blocked there - maybe nobody has gotten its descriptor,
> or the people who have it turned off their Tor. This will be more
> common as we gain more bridges.

You're right that we need much more research in this area. I didn't
mean to add this info right away but I wanted to mention it so it
isn't forgotten.

As far as I know we really don't yet know a good algorithm (other than
testing and updating by hand [which is not what I'd call good]) that
will tell us "brigde X is blocked in country Y". We surely don't want
to scan in an automated and frequent way to help them learn all
bridges. Maybe heuristics are our answer: "based on data we have,
bridge X is likely to be blocked from country Y". Maybe people should
be able to tell us if they think a bridge is blocked: By mail or web
interface, whichever they are still able to reach. The more "bridge X
is blocked in Y" information we get from users for a certain bridge,
the more likely that bridge will really be blocked. Obviously that
method is open to manipulation. Maybe there's more information we
could gather. Some trusted contact person from China tells us "bridge
X is blocked" and we can manually update information for that bridge
which gets more weight in our heuristics. Sounds clumsy though.

The thing is, we should be able to stop handing out bridges to Chinese
users that we know are blocked there.

For the most commonly use cases Iran and China, are we really seeing
blockings on ISP level? I thought it was countrywide and therefore
rather homogenous. I might be wrong.

About your question what users can do with that information, I don't
really have a certain special use case to pinpoint. I'd say its a
statistical record. Researchers might be interested. I don't consider
it dangerous to give out and I think it's good to be transparent.

Thanks,
/C



More information about the tor-dev mailing list