[tor-talk] How do the OBFS4 "built-in" Bridges work?
Matthew Finkel
matthew.finkel at gmail.com
Sun Apr 29 18:36:10 UTC 2018
On Sun, Apr 29, 2018 at 02:06:49PM -0400, Nathaniel Suchy (Lunorian) wrote:
> I see that Tor Browser, for users who are censored in their country,
> work, or school (or have some other reason to use bridges) has a variety
> of built in bridges. Once of those are the OBFS4 bridges. My first
> thought would be these are hard coded, of course giving everyone the
> same set of bridges is bad right?
Currently this is how it works, yes. It is not ideal, and there is
on-going development work for rolling out a more scalable method.
> Then a bad actor could download Tor
> Browser, get the list, and null route the IPs on their network(s). Also
> these bridges could get quite crowded. Are the bridges being used to
> fetch other bridges, or something else? How does Tor Browser handle
> these risks / technical issues?
Indeed "Bad actors" could block the bridges hard-coded in Tor Browser.
It is also true many of those default bridges are overloaded.
More information about the tor-talk
mailing list