[tor-dev] bridge:// URI and QR codes

Nathan Freitas nathan at freitas.net
Wed Jul 20 17:15:29 UTC 2022



On Wed, Jul 20, 2022, at 8:01 AM, meskio wrote:
> Quoting Torsten Grote (2022-07-19 14:54:01)
>> On Monday, 18 July 2022 13:47:21 -03 meskio wrote:
>> > What do you think of the proposal? How can we improve it?
>> 
>> A slightly unrelated question:
>> 
>> Was there any consideration about deanonymization attacks by giving the user a 
>> bridge controlled by the attacker? I worry that those get more likely when 
>> getting bridges via links and QR codes becomes normalized.
>> 
>> Apart from the source IP address of the user and their Tor traffic pattern, is 
>> there anything else an attacker can learn from operating the bridge?
>
> At least from my side there was not consideration on this topic yet. Thank you 
> for bringing it, I think is a pretty valid concern and we should do some 
> planning on it.
>
> I wonder if we should only accept bridge URIs/QR codes when the user 
> clicks on 
> 'add bridges' inside the tor related app. Or will be enough to accept 
> bridge 
> URIs on any moment but communicate to the user clearly what is 
> happening and ask 
> them for confirmation. We should never change the bridge configuration 
> silently 
> from a bridge URI without any user intervention.
>
> I think we should add something about it to the "Recommendations to 
> implementers" on the proposal.

I believe in Orbot today we do promote the user after they scan a code or click on a bridge link. Definitely agree there should be that step.


More information about the tor-dev mailing list