On Sun, Jan 17, 2016 at 11:34:48AM -0800, Rick Huebner wrote:
I can't imagine the GFW would be so kind as to only block the ORport's specific port number, I assume it blocks the entire bridge IP address, making all transports useless if any single one of them is detected. Would it be better to only offer obfs4 to avoid detection and blockage via older transports?
So far, the GFW blocks the bridges it discovers by IP:port. Therefore, you can run two bridges on your machine and if one gets discovered, the other one should still be reachable. Of course, that could change any moment.
Ideally, we would like bridges to only run modern transports such as obfs4. Unfortunately, the following bug is still in the way, requiring the vanilla OR port to be reachable: https://bugs.torproject.org/7349
Cheers, Philipp