[tor-relays] [Censorship in Russia] Make HTTPS/Moat captcha more complex?

meskio meskio at torproject.org
Thu Dec 16 11:43:09 UTC 2021


Quoting Space Oddity via tor-relays (2021-12-16 11:35:10)
> I was thinking, what could be the ways Russian authorities could get bridges 
> to block. One of the obvious ways to do this is to grab bridges from 
> Moat/HTTPS, but since that would require solving a captcha, this would 
> indicate its strength is insufficient, or they are able to crowdsource/mass 
> solve somehow.

Captchas are a hard valance between usability an hard to break. I'm happy to 
hear ideas on how to do captchas better without sharing data of the users to 
third parties or making it way harder for people that solve them.

There are many services that you pay to solve captchas they could be using, 
captchas doesn't seem to be a great protection and we are working on finding 
other options.

> The other thought is an attack via email. Can we do something with it, what do 
> you think?

What do you mean about attack via email?


-- 
meskio | https://meskio.net/
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
 My contact info: https://meskio.net/crypto.txt
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
Nos vamos a Croatan.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: signature
URL: <http://lists.torproject.org/pipermail/tor-relays/attachments/20211216/9bca9143/attachment.sig>


More information about the tor-relays mailing list