[tor-bugs] #30441 [Circumvention/BridgeDB]: Stop BridgeDB from handing out offline bridges

Tor Bug Tracker & Wiki blackhole at torproject.org
Fri May 31 01:32:32 UTC 2019


#30441: Stop BridgeDB from handing out offline bridges
-------------------------------------------------+-------------------------
 Reporter:  phw                                  |          Owner:  phw
     Type:  defect                               |         Status:
                                                 |  assigned
 Priority:  Very High                            |      Milestone:
Component:  Circumvention/BridgeDB               |        Version:
 Severity:  Major                                |     Resolution:
 Keywords:  user-feedback, blog, anti-           |  Actual Points:
  censorship-roadmap                             |
Parent ID:                                       |         Points:  2
 Reviewer:                                       |        Sponsor:
-------------------------------------------------+-------------------------

Comment (by phw):

 Replying to [comment:7 phw]:
 > 2. In parallel, we should test if the TCP port of all of our obfs4
 bridges is reachable. For those that aren't, we should contact the
 operator, or, as a last resort, remove them from BridgeDB.

 I built a tool that takes Serge's bridge files as input and scans the TCP
 port of obfs4 bridges: https://github.com/NullHypothesis/bridgeauth-
 obfs4-scanner
 I believe one problem is that Serge's cached-extrainfo and cached-
 extrainfo.new do not contain ''all'' bridges that are in networkstatus-
 bridges, so the results only represent a lower bound of unreachable obfs4
 bridges.

 Here's the output for a Serge dump from 2019-05-31 00:34:50:
 {{{
 [+] 1,304 bridges in network status; 1,024 (78.5%) have 'Running' flag.
 [+] 581 (56.7%) of 1,024 bridges with 'Running' flag support obfs4.
 [+] 75 (12.9%) of 581 running obfs4 bridges fail to establish TCP
 connection.
 [+] 47 (62.7%) of 75 unreachable obfs4 bridges have contact info.
 }}}

 I will send an email to the operators of these bridges and periodically
 re-run the script to catch new obfs4 bridges that are unreachable.

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/30441#comment:10>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online


More information about the tor-bugs mailing list