[tor-bugs] #11343 [Tor Launcher]: TorLauncher's UI should warn users when a bridge fingerprint appears to be incomplete
Tor Bug Tracker & Wiki
blackhole at torproject.org
Fri Mar 28 02:24:34 UTC 2014
#11343: TorLauncher's UI should warn users when a bridge fingerprint appears to be
Reporter: isis | Owner: brade
Type: defect | Status: new
Priority: normal | Milestone:
Component: Tor Launcher | Version:
Keywords: bridgedb | Actual Points:
Parent ID: | Points:
A Tails user reported some trouble using the new Tails (version 0.23)
which includes TorLauncher. They were entering a bridge line, and were
confused why it was not working. After some troubleshooting, we determined
that they had only entered 27 (out of 40) of the characters of the
Perhaps it would help users to have some sort of feedback on this?
The simplest would be: when they hit "OK", to take them back and display a
message saying "Oops! It looks like you were trying to enter a bridge
fingerprint. Bridge fingerprints are 40 characters long, and you only have
More complicated: while they are typing the fingerprint, display a dynamic
message which counts down the number of characters missing.
For posterity, here is the conversation from `#tails`:
00:55 alster ) i'm just trying to run tails for the first time actually,
a bridges setup, but having trouble to get past the point
i need to type the bridges.
00:56 alster ) but the error message actually sounds like i may have a
00:56 alster ) [warn] key digest for bridge is wrong
00:57 velope ) hmm, are you entering a fingerprint for the bridge? don't.
00:57 alster ) [warn] controller gave us config lines that didn't
Bridge line did not parse. See logs for details.
00:58 alster ) the lines i got in the box look like this:
00:58 alster ) bridge obfs3 <IPv4> <HASH>
00:59 alster ) i guess the HASH is the fingerprint you're referring to?
00:59 isis ) yes, HASH is the fingerprint
00:59 alster ) actually that's
00:59 alster ) bridge obfs3 <IPv4:PORT> <HASH>
00:59 isis ) that should be correct
01:00 alster ) so what i should be using is this instead?
01:00 alster ) bridge obfs3 <IPv4:PORT>
01:00 alster ) correct?
01:00 isis ) i am not sure, i have not tried the new tails yet, but you
really want the fingerprint in there, otherwise you could be trivially
01:01 isis ) so if tails is not handing the fingerprint correctly, that
01:01 alster ) maybe i don't want the leading "bridge"? since
bridges.torproject.org does not output this
01:02 isis ) well, i write the code for bridges.tpo
01:02 alster ) well i entered the data manually, so chances are i just
01:02 isis ) and the only reason we stopped putting the 'bridge ' at
beginning was because vidalia is idiotic and didn't handle
01:03 isis ) torlauncher explicitly has code to handle lines which
with 'bridge ', or with the transport method, or with the
01:03 alster ) i assume the fingerprints should be the exact same # of
01:03 isis ) yes, always 40 chars
01:04 isis ) though? perhaps? is your bridge's fingerprint all
01:04 alster ) all lowercase
01:04 isis ) bridges.torproject.org currently returns lowercase
01:05 alster ) i just checked, https://bridges.torproject.org gave me 2
fingerprints with 40 characters each
01:05 alster ) but one of those i typed has 29 only
01:05 alster ) so it's my fault
01:05 isis ) ah, okay, that make sense :)
01:06 isis ) but perhaps torlauncher should be a bit smarter and tell
that that was the problem
01:06 arma ) isis: you could be man-in-the-middled for your first hop,
not your second or third. and if they're in a position to
man-in-the-middle your first hop, they're in a position to
do traffic analysis on it. so either way you'd best hope
they're not watching the other end too. and if they are,
doesn't matter that they can mitm the first end.
01:06 isis ) arma: yes, true
01:07 arma ) that's why i was fine giving out bridges without
01:07 arma ) it seems there's been a big push lately to switch to "you
have a fingerprint"
01:07 arma ) which seems to really harm usability
01:07 isis ) arma: though mitm'ing the first hop opens the grounds for
attacks than just analysis, like the replay attack and
in tags into the encrypted streams
01:08 isis ) arma: but this is the first i've heard of a usability
with the fingerprints, is this normal? there are lots of
01:08 alster ) this GUI definitely needs something like "okay, you
characters so far, 13 more to go."
01:09 alster ) also, the lines you enter there do currently wrap
01:09 alster ) (making it hard to read)
01:09 isis ) yes, i agree, it definitely should tell you that something
01:09 arma ) isis: anybody who tries to manually copy a bridge line
basically fail if it's more than an ip and a port and
few more characters
01:10 isis ) arma: i can give them a QR code with two lines of python,
would that help?
01:10 arma ) but also, good point, they can get in past the tls if they
mitm the bridge. which is meaningful.
01:11 arma ) would the qr code help this tails person? probably not.
help an orbot person? maybe.
01:11 alster ) presenting the fingerprint in a user friendly way (and
user freindly input on the other end) would help
01:12 alster ) so think of images of fruits or whatever
01:12 isis ) should there be a "Wat? You expect me to type that in?
a QR code!" button on BridgeDB when you get bridges?
01:13 velope ) the GUI could be better, but for most people anything
long meaningless strings is massive fail
01:13 isis ) hmm, the images of fruits thing becomes much harder to do,
think, because it would need to be something that the
puts in their descriptor (so that your tor could check it
you try to connect to the bridge)
01:14 isis ) hmm. i will need to think about this more.
01:14 velope ) "needs proposal"
01:15 isis ) though torlauncher should also be okay if there is no
fingerprint at all
01:15 velope ) it is
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/11343>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs