On Fri, Feb 14, 2014 at 01:27:32AM +0000, Delton Barnes wrote:
I am running a bridge with both obfs3 and scramblesuit. obfs3 is vulnerable to active probing. Say someone in China makes the mistake of connecting with obfs3 instead of scramblesuit, and active probing identifies it as a Tor bridge. Wouldn't the bridge IP address then be blacklisted, making it impossible for other people to connect even with scramblesuit? Would it make sense, then, as a bridge operator to elect to only support scramblesuit, even though no one will use it for a while? It seems you are only as good as your weakest transport.
That's a good point. When the GFW blocks a bridge, it typically does so by blocking an IP:port tuple -- probably in an attempt to minimise collateral damage [1]. Right now, that would save ScrambleSuit from an obfs3 instance on the same machine getting blocked. However, the GFW could be easily extended to scan ports on the same machine and look for other bridges. Active probing protection is not very useful if a censor strongly suspects your bridge to run another protocol.
Note that you run into the same problem when you have a relay and a bridge on the same machine. The relay is public and nothing prevents a censor from figuring out if there are bridges on the same machine.
So you are right, only running ScrambleSuit gives your bridge more protection than running other protocols at the same time -- at the cost of attracting less users, however.
[1] https://www.usenix.org/system/files/conference/foci12/foci12-final2.pdf
Cheers, Philipp