Andrew Lewman:
On Fri, 3 May 2013 16:05:15 -0400 "Runa A. Sandvik" runa.sandvik@gmail.com wrote:
I disagree. The Tor help desk sees a ton of requests from users saying that Tor is unable to connect, and the simple fix is to give them a bridge or two. Not all users know what they need to connect, and not all users will know the difference between bridge, obfs2, and obfs3.
One answer is the user shouldn't care. Tor Browser should automatically loop through the various kinds of connectivity and just connect. non-obfs bridges really should get wholly replaced with obfs bridges en masse.
Probing doesn't work well for people in countries where using Tor is dangerous.
I think you should completely drop the "hide Tor from your ISP, because it's dangerous in your country" use case. It's an arms race you already lost and conceptually always can easily lose against endless data retention with retroactive policing. Even if you had a perfect unbreakable obfsproxy working perfectly for private bridges, 100% always hiding Tor would still be a complicated bootstrap problem no regular user in those countries won't be able to solve.
Quote Jacob Appelbaum (in context of private obfuscated bridges) [1]
Some pluggable transports may seek to obfuscate traffic or to morph
it. However, they do not claim to hide that you are using Tor in all cases but rather in very specific cases. An example threat model includes a DPI device with limited time to make a classification choice - so the hiding is very specific to functionality and generally does not take into account endless data retention with retroactive policing.
[1] https://mailman.boum.org/pipermail/tails-dev/2013-April/002950.html