21 Aug
2018
21 Aug
'18
3:36 p.m.
On Mon, Aug 20, 2018 at 02:25:40PM -0400, Nathaniel Suchy wrote:
Interesting. Is there any reason to not use an obfuscated bridge?
No, not really. obfs4 resists active probing without any special additional steps. But I can think of one reason why the MSS trick is worth trying, anyway. Due to a longstanding bug (really more of a design issue that's hard to repair), you can't run an obfs4 bridge without also running a vanilla (unobfuscated) bridge on a different port on the same IP address. So if anyone ever connects to that vanilla port, the bridge will get probed and the entire IP address blocked, including the obfs4 port. https://bugs.torproject.org/7349