[tbb-bugs] #18361 [Tor Browser]: Issues with corporate censorship and mass surveillance

Tor Bug Tracker & Wiki blackhole at torproject.org
Mon Feb 22 14:42:51 UTC 2016

#18361: Issues with corporate censorship and mass surveillance
 Reporter:  ioerror                       |          Owner:  tbb-team
     Type:  enhancement                   |         Status:  new
 Priority:  High                          |      Milestone:
Component:  Tor Browser                   |        Version:
 Severity:  Critical                      |     Resolution:
 Keywords:  security, privacy, anonymity  |  Actual Points:
Parent ID:                                |         Points:
  Sponsor:                                |

Comment (by cypherpunks):

 CAPTCHAs are a fundamentally untenable solution to dealing with DDOS
 attacks. Algorithmic solutions will always catch up to evolving CAPTCHA
 methods. CloudFlare and other service providers should recognize that is
 the inevitable direction technology is going and abandon it now.

 An alternate solution is a client proof-of-work protocol. This puts a
 greater burden on attackers attempting to establish many connections than
 on users who only need one connection. Then once a TLS session is
 established, the server can determine from behavior of that client whether
 it's an attacker and drop the connection. We should try to standardize
 that and get it into TLS implementations so service providers have an easy
 configuration choice.


Ticket URL: <https://trac.torproject.org/projects/tor/ticket/18361#comment:47>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online

More information about the tbb-bugs mailing list