[tor-bugs] #31252 [Circumvention/BridgeDB]: Equip BridgeDB with anti-bot mechanism

Tor Bug Tracker & Wiki blackhole at torproject.org
Thu Aug 15 00:03:23 UTC 2019


#31252: Equip BridgeDB with anti-bot mechanism
------------------------------------+------------------------------
 Reporter:  phw                     |          Owner:  phw
     Type:  enhancement             |         Status:  needs_review
 Priority:  Medium                  |      Milestone:
Component:  Circumvention/BridgeDB  |        Version:
 Severity:  Normal                  |     Resolution:
 Keywords:                          |  Actual Points:
Parent ID:                          |         Points:  4
 Reviewer:  cohosh                  |        Sponsor:
------------------------------------+------------------------------
Changes (by phw):

 * status:  assigned => needs_review
 * reviewer:   => cohosh


Comment:

 I have an implementation in my
 [https://github.com/NullHypothesis/bridgedb/commit/a728f5d50886911011cc269522c2dbad2c1b86d8
 feature/31252 branch]. The patch uses two new configuration files, which
 is a bit of a nuisance but we shouldn't be storing blacklisted request
 headers or decoy bridges in bridgedb.conf
 [https://gitweb.torproject.org/user/phw/bridgedb-
 admin.git/tree/etc/bridgedb.conf because the file is public]. Instead, we
 want to keep these configuration options hidden from our adversaries.

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/31252#comment:1>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online


More information about the tor-bugs mailing list