On 13 Dec (16:26:02), David Goulet wrote:
On 13 Dec (21:11:17), Yawning Angel wrote:
On Tue, 13 Dec 2016 10:37:31 -0800 David Fifield david@bamsoftware.com wrote:
This is a bit of a followup to my earlier post on obfs4 bridges with formulaic nicknames: https://lists.torproject.org/pipermail/tor-project/2016-November/000809.html
Those bridges are still there, but today I noticed a new weirdness: 756 bridges all having the nickname "ki". 756 is 21.8% of the total number, 3464. At the moment, "ki" far outnumbers every other nickname, apart from "Unnamed":
[snip]
Should both groups be dropped at the BridgeAuth or what? As far as I am aware, there is nothing that is doing Sybil detection at the Bridge level, and I don't really think that's an arms race that's winnable (even at the standard relay level, it feels like an uphill battle).
If I were to hypothesize, it's probably someone's botnet/malware or something (in both cases), but that's just a guess and it could be something either more nefarious, or more benign.
Yes, we should be safe here and reject those.
What's the procedure with the BridgeAuth? The dirauth-conf git repository isn't made for the bridge authority.
I want to bump this here btw.... I don't feel very comfortable with those bridge still around so we should REALLY block them soon.
If I remember correctly, Roger told me on IRC that we either have to go through the BridgeAuth directly with reject rules (unconfirmed) or we block them on BridgeDB.
I need someone with knowledge here and Isis needs to be in the loop as she basically run both service :).
Thanks! David
Cheers! David
Regards,
-- Yawning Angel _______________________________________________ tor-project mailing list tor-project@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-project
tor-project mailing list tor-project@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-project