[tor-project] Automatic Circumvention For Briar

Torsten Grote t at grobox.de
Wed Jul 18 18:22:11 UTC 2018


Hi all,

some of you might know Briar which uses Tor as its internet data
transport. Currently, we only use direct Tor connections, but we also
want the app to work where connections to Tor might get blocked.

Since we don't want all of our users go through bridges, we need to know
where it is really needed, because we want things to work out of the box
as much as possible. So I did some research and was surprised that there
doesn't seem to be a maintained list of places where Tor is blocked.

Therefore, I looked into OONI vanilla_tor measurements from the past
year and into the ratio of bridge users per country in the last three
months with data from Tor Metrics. You can find the result here:

    https://grobox.de/tor/  (needs JavaScript)

You will notice that Iran, Turkey and Venezuela are absent from both
lists. Even China has a surprisingly high success rate. Do these
countries maybe block the connections only later when the OONI probe
doesn't listen anymore or is the blocking just very inconsistent? Tor
Metrics also shows quite a few direct relay users in those countries.

So once we know where Tor is likely to be blocked, we would like to know
where bridges will work and which kind. The only data source for this
that we found are the OONI tcp_connect measurements. You can find our
results from the past year here:

    https://grobox.de/tor/bridges.html  (needs JavaScript)

This is looking at TCP connection success rates in some pre-selected
countries compared to a control group. Only China seems to be
interfering with bridge connections, but not with all and not all the time.

When you only show Tor Browser bridges and even the ones with bad
control group reachability, you will see that there's quite a few that
perform very poorly. You might want to rethink including them.

If anybody finds these pages useful, I could set up a cronjob that
automatically updates them.

I imagine that countries have other ways to interfere with bridge
connections besides simple TCP blocking. If anybody is aware of reliable
data sources for those, please let me know. Eventually, I would also be
interested in knowing which pluggable transports work in which country.
One-off academic research has limited usefulness here as we ideally have
fresh data to decide parameters before each new Briar release.

Which bridges should we include in Briar? The first impulse is to just
use whatever Tor Browser is using, but on IRC somebody told me that
those bridges are already overloaded and that we better request some
through the usual channels. Is that the recommended approach?

Thanks and Kind Regards,
Torsten

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 801 bytes
Desc: OpenPGP digital signature
URL: <http://lists.torproject.org/pipermail/tor-project/attachments/20180718/456c3c09/attachment.sig>


More information about the tor-project mailing list