[tor-dev] Email Bridge Distributor Interactive Commands
Matthew Finkel
matthew.finkel at gmail.com
Sat Jul 26 09:13:22 UTC 2014
On Fri, Jul 25, 2014 at 07:32:42AM +0000, isis wrote:
> Lunar transcribed 2.1K bytes:
> > isis:
> > > > PS: why are we still shipping obfs2 bridges?!
> > >
> > >
> > > tl;dr: Because we have them.
> >
> > The protocol is known to be broken and fingerprintable. That's something
> > we know. Not users. If BridgeDB is giving them out, then it must be that
> > it's ok to use, right?
>
> It still works to get past many corporate/university firewalls, from what I
> understand. And the UI clearly says that "obfs3" is recommended. It even
> defaults to giving "obfs3" if you ask for transports. You'd have to
> specifically request "obfs2" to get them.
>
I agree, and I think it's safe to assume that some nation-state
adversaries do not have these capabilities yet. Users should choose
obfs3 over obfs2, but if a user has a reason for requesting obfs2 then
I don't think we should deny them.
obfs2 is dangerous when used to circumvent the strongest adversaries
in the world. Luckily we have a very diverse userbase and not all users
have the same requirements :) (I honestly do say this in the most
loving way possible)
> > We can't just make Tor Browser stop accepting obfs2 because some people
> > are using obfs2 bridges right now. But we shouldn't add more people to
> > the set of users of a broken protocol.
>
> Obfs3 is also "broken", it's just that we haven't yet seen a DPI box do it
> IRL. If you want me to only hand out the holy grail, I'm never going to hand
> anything out.
It's probably safer to say that obfs3 is a weaker protocol than we think
may adequately protect users against some powerful adversaries. (Yes,
I'm splitting hairs/bikeshedding, please don't throw your laptop! but
I think we, as a community, have not seen evidence to support this yet
(as far as I know) and saying it is broken is unnecessarily scary right
now). This could change at any time, though, so we should make sure
we're ready to flip the default to the next transport when that time
comes (and I do think we are). <3
More information about the tor-dev
mailing list