On Tue, Dec 13, 2016 at 09:11:17PM +0000, Yawning Angel wrote:
Should both groups be dropped at the BridgeAuth or what? As far as I am aware, there is nothing that is doing Sybil detection at the Bridge level, and I don't really think that's an arms race that's winnable (even at the standard relay level, it feels like an uphill battle).
If I were to hypothesize, it's probably someone's botnet/malware or something (in both cases), but that's just a guess and it could be something either more nefarious, or more benign.
I would put my money on "somebody's research project, which aims to show how easy it is to do what they're doing." Then they'll tell everybody how broken the design is, without coming up with any helpful fixes or improvements. So not exactly malicious per se, but for sure indirectly harmful.
If only we had so many hundreds of thousands of bridges that 700 were not a big deal.
I agree with you that the Sybil arms race is tougher here compared to the public relays, because some of the characteristics we might use for correlation are weakened by the bridge anonymization process.
I wouldn't object if somebody wants to try to fight the arms race, but if it leads to everything becoming more complicated and harder to use, I suspect I would call that a failure in fighting the arms race.
I wonder if there are more systemic solutions we can consider, ranging from "just inform people that bridges from bridgedb are dangerous" to "we only give out bridges run by vetted people".
--Roger