[tor-dev] Email Bridge Distributor Interactive Commands
isis at torproject.org
Fri Jul 25 07:32:42 UTC 2014
Lunar transcribed 2.1K bytes:
> > > PS: why are we still shipping obfs2 bridges?!
> > tl;dr: Because we have them.
> The protocol is known to be broken and fingerprintable. That's something
> we know. Not users. If BridgeDB is giving them out, then it must be that
> it's ok to use, right?
It still works to get past many corporate/university firewalls, from what I
understand. And the UI clearly says that "obfs3" is recommended. It even
defaults to giving "obfs3" if you ask for transports. You'd have to
specifically request "obfs2" to get them.
> We can't just make Tor Browser stop accepting obfs2 because some people
> are using obfs2 bridges right now. But we shouldn't add more people to
> the set of users of a broken protocol.
Obfs3 is also "broken", it's just that we haven't yet seen a DPI box do it
IRL. If you want me to only hand out the holy grail, I'm never going to hand
♥Ⓐ isis agora lovecruft
Current Keys: https://blog.patternsinthevoid.net/isis.txt
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 1154 bytes
Desc: Digital signature
More information about the tor-dev