On 7 Apr 2016, at 23:53, George Kadianakis desnacked@riseup.net wrote:
Here is a non-smart thing we could do: We could prepopulate our sampled guards list with all the possible guard types. So we include an 80/443 bridge and an IPv6 bridge and an IPv6 bridge that is also on 80/443, and any other thing we can think of. Unfortunately, this would greatly reduce the diversity of our guard list since there can't be too many guards that are IPv6 and on 80/443, and in the end most clients will end up using the same guards.
It might be a good idea to enumerate the guards for each possible filter we will add, and then calculate their guard probabilities, to see how likely it is to randomly choose a guard of that type. If we have filters were there is only 1% probability of picking a bridge of the right type, then these "your current network settings make it impossible for us to safely choose an entry guard" messages might appear more frequently than we would like.
This sounds very much like ticket #17849. On that ticket, I suggest we use the current IPv4 FascistFirewall proportion as a guide to when we should warn the user. But we never considered failing closed in these circumstances: what if the user just wants circumvention, and not anonymity? https://trac.torproject.org/projects/tor/ticket/17849
Tim
Tim Wilson-Brown (teor)
teor2345 at gmail dot com PGP 968F094B ricochet:ekmygaiu4rzgsk6n