We have implemented the http and email bots, which are working well
without much human labor work.<br><br>I'd recommend CATCHA to be implemented on the bridge http server. The email server should have at least a challenge-response mechanism. However, this challenge-response mechanism helps only a little bit. Maybe we should not have the email distribution mechanism if decent CATCHA is used on the http server?<br>
<br>Xinwen Fu <br><br><div class="gmail_quote">On Mon, Jul 19, 2010 at 5:17 AM, <span dir="ltr"><<a href="mailto:andrew@torproject.org">andrew@torproject.org</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin: 0pt 0pt 0pt 0.8ex; border-left: 1px solid rgb(204, 204, 204); padding-left: 1ex;">
On Mon, Jul 19, 2010 at 12:12:48AM +0800, <a href="mailto:moses.mason@gmail.com">moses.mason@gmail.com</a> wrote 1.0K bytes in 27 lines about:<br>
: Could you guys add a CAPTCHA test for the bridges page<br>
<div class="im">: <a href="https://bridges.torproject.org/" target="_blank">https://bridges.torproject.org/</a> ? It is almost certain that bridges<br>
: are crawled, analyzed and blocked by bots now.<br>
<br>
</div>This is on the short-term todo list. However, it's been told to us that<br>
humans are crawling the bridges, not bots. In particular, China is<br>
crawling the https and smtp pools by human interaction, not bots.<br>
<br>
Stopping the bots is a fine idea as well. I believe captchas are easy<br>
to break by automated analysis already, but we'll find out when we roll<br>
out a captcha on <a href="http://bridges.torproject.org" target="_blank">bridges.torproject.org</a>.<br>
<br>
--<br>
Andrew Lewman<br>
The Tor Project<br>
pgp 0x31B0974B<br>
+1-781-352-0568<br>
<br>
Website: <a href="https://www.torproject.org/" target="_blank">https://www.torproject.org/</a><br>
Blog: <a href="https://blog.torproject.org/" target="_blank">https://blog.torproject.org/</a><br>
Identi.ca: torproject<br>
Skype: lewmanator<br>
<div><div></div><div class="h5">***********************************************************************<br>
To unsubscribe, send an e-mail to <a href="mailto:majordomo@torproject.org">majordomo@torproject.org</a> with<br>
unsubscribe or-talk in the body. <a href="http://archives.seul.org/or/talk/" target="_blank">http://archives.seul.org/or/talk/</a><br>
</div></div></blockquote></div><br>