[tor-dev] A proposal to phase out CAPTCHAs for BridgeDB

sajolida sajolida at pimienta.org
Fri Jul 30 16:07:39 UTC 2021


Cecylia Bocovich:
> Option 1: Just remove the CAPTCHAs already!
> 
>     We're tired of waiting and just want our bridges.
> 
> Option 2: Do some science?
> 
>     We could make a new distribution bucket in BridgeDB that distributes
> bridges through Moat without a CAPTCHA and have new versions of Tor
> Browser pull from this bucket. We can watch and perform measurements in
> places we know enumeration attempts have occurred in the past and see
> whether these bridges are enumerated more quickly and more completely
> than the old-school Moat bucket.

Hi Cecylia,

I understand that your Option 2 would remove all CAPTCHAs for all Tor
Browser users.

I don't know much about bridge distribution so my idea is most likely
flawed. But what about combining Option 1 and Option 2 by doing a bigger
experiment that would already remove the CAPTCHAs for a significant
amount of users:

Split the current CAPTCHA bridges 50/50 into 2 buckets:

- Bridges in the 1st bucket would be distributed without CAPTCHA.
- Bridges in the 2nd bucket would be distributed with a CAPTCHA.

New versions of Tor Browser could pick from either of the 2 buckets.
Maybe based on a silly metric like whether the 3rd part of the IP
address is odd or even to be consistent across a same local network,
or maybe something smarter.

You get the science while saving CAPTCHAs to 50% of users already and
not risking all your CAPTCHA bridges in the gamble. It might be easier
to measure how much CAPTCHAs really prevent enumeration by comparing
both buckets over the same period of time. All Tor Browsers remain the
same. The current UI could display or not display the CAPTCHAs when
requesting a bridge without a lot of change.

> Option 3: Keep doing what we're doing but try to make the CAPTCHAs more
> usable.
> 
>     This is the work we've had planned, but will only get us so far.

I'd keep Option 3 for if the experiment proves that CAPTCHAs are really
useful at preventing enumeration.

-- 
sajolida
Tails — https://tails.boum.org/
UX · Fundraising · Technical Writing

-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_signature
Type: application/pgp-signature
Size: 840 bytes
Desc: OpenPGP digital signature
URL: <http://lists.torproject.org/pipermail/tor-dev/attachments/20210730/110d3509/attachment.sig>


More information about the tor-dev mailing list