[tor-bugs] #31874 [Circumvention]: Automatically test the PTs of bridges

Thu Oct 17 20:26:55 UTC 2019

#31874: Automatically test the PTs of bridges
---------------------------+--------------------------------
 Reporter:  phw            |          Owner:  (none)
     Type:  defect         |         Status:  new
 Priority:  Medium         |      Milestone:
Component:  Circumvention  |        Version:
 Severity:  Normal         |     Resolution:
 Keywords:  s30-o23a3      |  Actual Points:
Parent ID:  #31280         |         Points:  10
 Reviewer:                 |        Sponsor:  Sponsor30-must
---------------------------+--------------------------------

Comment (by phw):

 Some additional feedback from dcf and cohosh after
 [http://meetbot.debian.net/tor-meeting/2019/tor-
 meeting.2019-10-17-16.59.html today's anti-censorship meeting]:
 * There's potential for abuse. Exposing this service to the public means
 allowing anybody to use our machine to establish TLS connections (for
 vanilla Tor) and send garbage data (for obfs4) to arbitrary machines on
 the Internet. To prevent this, the service could first verify if the
 provided bridge is in BridgeDB, and only then proceed to test it.

 * If BridgeDB uses this service to test a bridge, and somehow propagates
 this information to CollecTor (so it can be listed on the bridge's status
 page), there may not be a need to expose it to the public.

 * BridgeDB should not hand out bridges that this service deems non-
 functional.

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/31874#comment:3>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online