[tor-bugs] #18068 [Tor Browser]: Bridge included in bridge_prefs.js is down

Tor Bug Tracker & Wiki blackhole at torproject.org
Wed Jan 20 17:11:47 UTC 2016 

#18068: Bridge included in bridge_prefs.js is down
-------------------------+----------------------------
 Reporter:  cypherpunks  |          Owner:  isis
     Type:  defect       |         Status:  closed
 Priority:  Medium       |      Milestone:
Component:  Tor Browser  |        Version:
 Severity:  Normal       |     Resolution:  worksforme
 Keywords:  tbb-bridges  |  Actual Points:
Parent ID:               |         Points:
  Sponsor:               |
-------------------------+----------------------------
Changes (by isis):

 * keywords:   => tbb-bridges
 * status:  new => closed
 * component:  BridgeDB => Tor Browser
 * resolution:   => worksforme
 * cc: isis (added)


Comment:

 Replying to [ticket:18068 cypherpunks]:
 > The running flag for bridge AF9F66B7B04F8FF6F32D455F05135250A16543C9 is
 false.

 Are you sure? The obfs3 one, right? It works for me…

 > I have a question, how are these bridges that are included in
 bridge_prefs.js selected?

 Volunteers who have "proven" (to us, at least) that they are capable of
 running fast relays and of making sensible decisions (e.g. not keeping
 logs, etc), and who volunteer high-capacity Pluggable Transport bridges by
 contacting us directly are considered for inclusion.

 > Are they just random bridges from the bridgedb?

 Most of Tor Browser's default bridges are not included in BridgeDB, but
 see also #13727.

 > or does the torproject know exactly who is running them personally, and
 there is zero chance that the bridge operator is running traffic
 correlation analysis on its users?

 We do generally know the people running them. However, in my opinion,
 knowing someone or smelling their armpits or whatever doesn't necessarily
 imply that person is a good person or trustworthy. :)

 For the traffic correlation attack: one, it is the opinion of myself and
 others in The Tor Project that traffic correlation attacks in the wild
 (i.e. on the entirety of sites online which a user might be browsing to)
 are statistically infeasible due to high false positive and false negative
 rates. There's not much information about user online behaviour to be
 gained from operating a bridge relay.

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/18068#comment:2>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online

More information about the tor-bugs mailing list