[tor-talk] Why does requesting for bridges by email require a Yahoo or Gmail address?

Mirimir mirimir at riseup.net
Fri Jul 25 18:27:11 UTC 2014

On 07/24/2014 08:38 PM, Matthew Finkel wrote:


> Another distribution method is currently being written and we will
> write others in the future, but please help us provide another way
> (yes, you, please help us if the current situation is unsatisfactory!).
> The more people we can safely help, the better.

In wiki:org/projects/projectM/brainstorming[1] I see "Better support for
"Proximax" scheme". But I haven't found anything in trac.torproject.org
that mentions the DNS-based fast flux approach presented in McCoy et al.
(2011)[2]. For example, I see nothing about that in ticket 7520[3].

Has the DNS-based fast flux approach been explicitly rejected?

If so, why?

As background, McCoy and coworkers explain[2]:

| As previously stated, each registered user has an individualized
| host name (which take the form of a unique domain name registered
| with DNS). In order to make it difficult to discover and ban
| channels we piggyback on the DNS infrastructure, using a
| technique, commonly employed by botnets and malware distributors,
| called fast flux. As part of this technique Proximax will register
| multiple proxies to the same domain name and uses round-robin DNS
| along with short Time-To-Live (TTL) values to create a constantly
| changing list of proxies for that single domain name. This
| additionally allows Proximax to automatically load balance
| resources by adding and removing proxies based on current
| utilization levels.

Even so, Proximax is vulnerable to adversaries who register multiple
users, and then block bridge IP addresses that they learn, perhaps at
plausibly gradual rates. Starzer[4] proposes a defense against such
adversaries. In his version, each bridge domain name is assigned to a
group of users. Group reputation increases over time, and
high-reputation groups preferentially get both new bridge IP addresses
and new members. Groups are split whenever one of their bridges is
blocked, and the reputations of both subgroups are reduced. Over time,
an adversary's users become restricted to increasingly smaller groups
with increasingly poor reputations.

I do see similar ideas in trac.torproject.org, but no cites to Michael
Starzer's masters thesis.

[1] wiki:org/projects/projectM/brainstorming
[2] McCoy et al. (2011)  Proximax: A Measurement Based System for
Proxies Dissemination
[3] Tor ticket 7520 <https://trac.torproject.org/projects/tor/ticket/7520>
[4] Starzer, M. (2013) Optimizing Tor Bridge Distribution (Masters
Thesis) <http://kau.diva-portal.org/smash/get/diva2:608803/FULLTEXT01.pdf>

More information about the tor-talk mailing list