On Sat, May 04, 2013 at 02:09:33AM -0700, Mike Perry wrote: | Thus spake Andrew Lewman (andrew@torproject.is):
| > One answer is the user shouldn't care. Tor Browser should automatically | > loop through the various kinds of connectivity and just connect. | > non-obfs bridges really should get wholly replaced with obfs bridges en | > masse. | | However, we can't just probe everything because we don't want to probe | for the public Tor network if you're censored. Best case: client IPs | that are observed to probe various known Tor transports get targeted for | more agressive censorship (the censor could just fail any unrecognizable | traffic for N minutes after someone touches a public Tor IP, for | example). Worst case: Targeted exploits are deployed that aim to subvert | their computer in general, via Tor or otherwise. | | It's tempting to say this means we should have either just two bundles | or perhaps just an "I'm censored" checkbox at startup.
I think this might be the right direction. The person running Tor knows two things: if they're worried about someone monitoring their network right now, and how technical they are (and their desire to tweak settings).
The UI could thus start:
"Should Tor do our best to figure out how to get connected, at risk of drawing attention and response if you're on a heavily-monitored network?"
[I need to be careful, I'll configure things (Recommended) ]
[ Probe the network (Riskier) ]
[ I'm not sure, please help me decide]