[tor-dev] Email Bridge Distributor Interactive Commands

isis isis at torproject.org
Fri Jul 25 07:32:42 UTC 2014

Lunar transcribed 2.1K bytes:
> isis:
> > > PS: why are we still shipping obfs2 bridges?!
> > 
> > 
> > tl;dr: Because we have them.
> The protocol is known to be broken and fingerprintable. That's something
> we know. Not users. If BridgeDB is giving them out, then it must be that
> it's ok to use, right?

It still works to get past many corporate/university firewalls, from what I
understand. And the UI clearly says that "obfs3" is recommended. It even
defaults to giving "obfs3" if you ask for transports. You'd have to
specifically request "obfs2" to get them.

> We can't just make Tor Browser stop accepting obfs2 because some people
> are using obfs2 bridges right now. But we shouldn't add more people to
> the set of users of a broken protocol.

Obfs3 is also "broken", it's just that we haven't yet seen a DPI box do it
IRL. If you want me to only hand out the holy grail, I'm never going to hand
anything out.

 ♥Ⓐ isis agora lovecruft
GPG: 4096R/A3ADB67A2CDB8B35
Current Keys: https://blog.patternsinthevoid.net/isis.txt
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 1154 bytes
Desc: Digital signature
URL: <http://lists.torproject.org/pipermail/tor-dev/attachments/20140725/95b30d67/attachment.sig>

More information about the tor-dev mailing list