[tor-bugs] #10239 [BridgeDB]: Payment for bridges (and effects this would have)
Tor Bug Tracker & Wiki
blackhole at torproject.org
Mon Dec 16 00:19:42 UTC 2013
#10239: Payment for bridges (and effects this would have)
--------------------------+-----------------
Reporter: tmp | Owner:
Type: project | Status: new
Priority: normal | Milestone:
Component: BridgeDB | Version:
Resolution: | Keywords:
Actual Points: | Parent ID:
Points: |
--------------------------+-----------------
Comment (by sysrqb):
Replying to [ticket:10239 tmp]:
> There are a few advantages to handing out bridges in this way:
> - This method of handing out bridges is non-exhaustive. The more bridge
requests come in, the more bridges will be created.
Non-exhaustive except for finding cheap hosting and adequate address
space. #7207 might be potentially useful for this.
> - The bridge will be shared with one identity exclusively and will be
used at their discretion. It becomes more difficult to block the user of a
bridge.
Yes, but only in some circumstances. At this point only obfs3 seems to be
successful with respect to blocking resistance (and scramblesuit, etc). In
some places it only requires single use of a bridge for it to be detected
and blocked, so user count isn't really a factor - not including the
nefarious BridgeDB users.
> - Bitcoin is being traded in Iran, China, etc.
> - No need to search for a working bridge every week. (I assume this is
an issue?).
Possibly, I think many bridges are stable, though. (I need to fix the
stability tracking code, though.)
>
> Some disadvantages:
> - This method is undemocratic. Privacy would become better for those
with more resources.
I think it depends on how you define privacy. The user's anonymity will
likely decrease because they will be the only user of that bridge, thus
all traffic into and out of that bridge will be from a single user, not
including traffic due to consensus/descriptor fetches.
> - This method centralizes power when it becomes the main method to get a
bridge. In the event that this method becomes popular, more parties might
implement this scheme. Some state might start to issue payed-for bridges
(at a competitive rate) to a significant amount of users, and then kill
all the bridges at their discretion. Not sure how much of an issue this
would be in practice.
Users should only use providers that they trust, for some degree of trust.
This is a potential problem, but it seems like the availability of the
bridge is outside the control of the user.
> Open questions:
> - Can it be automated to create unique bridges? (That are not all in the
same block).
Someone just has to spend the time to write it. My main question is: what
is the appeal of this? I've heard there is a market for a system like
this, but if bridgedb provides a sufficient number of unblocked bridges
then is there a need? (I'm not saying it does, but ideally it should). If
this is true, then would a system such as this mainly benefit the
providers rather than the users?
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/10239#comment:1>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list