[tor-talk] Other bridge distribution methods [was: why does gettor require Yahoo or Gmail?]
isis at torproject.org
Tue Jul 29 05:53:26 UTC 2014
Griffin Boyce transcribed 0.7K bytes:
> Matthew Finkel wrote:
> > This actually has very little to do with trust, and (as Roger said)
> > these providers were chosen because of the difficulty of creating new
> > accounts.
> Preventing bridge enumeration is a hard problem to solve, but I don't
> think that limiting gettor to gmail/yahoo actually solves it. It is not
> computationally difficult to pay for a few thousand yahoo addresses.
> What do you think about getting bridges via SMS?
That is essentially *why* BridgeDB used to require either Gmail or Yahoo,
because both email providers make accounts difficult to obtain via requiring
I am never going to add SMS verification to BridgeDB. See my replies on the
rest of this thread for why I refuse to continue coding up broken, half-assed,
and non-privacy-preserving "solutions" to the verification-authentication
problem which ultimately do no more than sweep the problem under someone else's
♥Ⓐ isis agora lovecruft
Current Keys: https://blog.patternsinthevoid.net/isis.txt
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 1154 bytes
Desc: Digital signature
More information about the tor-talk