On 2018-02-07 19:37, Sebastian Hahn wrote:
On 7. Feb 2018, at 18:55, Geoff Down geoffdown@fastmail.net wrote:
On Wed, Feb 7, 2018, at 4:45 PM, Karsten Loesing wrote:
Possible disadvantages are:
- If somebody runs a relay and a bridge, both with the same contact
information, a censoring adversary might guess that the bridge might run on a nearby IP address as the relay. However, they could as well assume that for all relays and block or scan the IP space around all known relays.
- Bridge operators might be surprised to see their contact information
in a public archive. We do have a warning in the tor manual https://www.torproject.org/docs/tor-manual.html.en#ContactInfo, but maybe nobody reads the fine manual.
An email address may be linked to an IP address in public sources, e.g. mailing list archives, forum postings.
... or whois information.
Okay.
These sound like variants of the first disadvantage listed above. There are two additional assumptions in here, though:
1) bridge operators use the same or a similar email address as their bridge contact information and for mailing list/forum postings or in their whois information;
2) bridge operators are running their bridges close to the host they're using to post to mailing lists/forums or close to the host where they're hosting a registered domain.
I can see situations where both assumptions are met. But I think, overall, that the likelihood of locating a bridge by connecting contact information to mailing list archives, forum postings, or whois information makes this attack rather unattractive.
I'd say let's list this as another possible disadvantage, and let's compare them all to the possible advantages at the end.
Unless you thought of this as a show-stopper, in which case I'd kindly ask you to elaborate.
Thanks for the feedback, Geoff and Sebastian!
All the best, Karsten