[tor-dev] [Tails-dev] Tails vs the capacity of the Meek bridges

anonym anonym at riseup.net
Tue Mar 24 11:28:23 UTC 2020

Iain Learmonth:
> Hi,
> On 20/03/2020 15:30, sajolida wrote:
>>> In Tails' threat model it is assumed that adversaries monitor the default bridges provided by the Tor Browser, and that our users want to avoid detection of that, so we are not interested in adding the default bridges to Tails
>> We're not offering the default bridges in Tails also because it's
>> impossible right now to store your bridge configuration in the
>> Persistent Storage.
> Maybe I've overlooked something obvious, but could you use Moat?
> https://gitweb.torproject.org/bridgedb.git/tree/README.rst#n391
> This would use meek to fetch the bridges, but then you have non-default
> bridges for the rest of the session. It can be automated as part of the
> Tor start-up, but you do need to solve a CAPTCHA.

Nothing is preventing us except more work. :) Essentially, Tails only allows the tor process to talk clearnet as part of its Tor enforcement [1], which makes this a bit trickier than in less locked down environments that Tor Launcher is designed to run from. But it indeed looks like also adding Moat support (and making it the default, I think) is the way for us to go, so thanks for the reminder! :)


[1] https://tails.boum.org/contribute/design/Tor_enforcement/

More information about the tor-dev mailing list