[tor-project] Many bridges (22%) have nickname "ki"

Roger Dingledine arma at mit.edu
Tue Dec 13 22:14:49 UTC 2016

On Tue, Dec 13, 2016 at 09:11:17PM +0000, Yawning Angel wrote:
> Should both groups be dropped at the BridgeAuth or what?  As far as I
> am aware, there is nothing that is doing Sybil detection at the Bridge
> level, and I don't really think that's an arms race that's winnable
> (even at the standard relay level, it feels like an uphill battle).
> If I were to hypothesize, it's probably someone's botnet/malware or
> something (in both cases), but that's just a guess and it could be
> something either more nefarious, or more benign.

I would put my money on "somebody's research project, which aims to show
how easy it is to do what they're doing." Then they'll tell everybody
how broken the design is, without coming up with any helpful fixes or
improvements. So not exactly malicious per se, but for sure indirectly

If only we had so many hundreds of thousands of bridges that 700 were
not a big deal.

I agree with you that the Sybil arms race is tougher here compared to
the public relays, because some of the characteristics we might use for
correlation are weakened by the bridge anonymization process.

I wouldn't object if somebody wants to try to fight the arms race, but
if it leads to everything becoming more complicated and harder to use,
I suspect I would call that a failure in fighting the arms race.

I wonder if there are more systemic solutions we can consider, ranging
from "just inform people that bridges from bridgedb are dangerous" to
"we only give out bridges run by vetted people".


More information about the tor-project mailing list