We have implemented the http and email bots, which are working well without much human labor work.
I'd recommend CATCHA to be implemented on the bridge http server. The email server should have at least a challenge-response mechanism. However, this challenge-response mechanism helps only a little bit. Maybe we should not have the email distribution mechanism if decent CATCHA is used on the http server? Xinwen Fu On Mon, Jul 19, 2010 at 5:17 AM, <[email protected]> wrote: > On Mon, Jul 19, 2010 at 12:12:48AM +0800, [email protected] wrote 1.0K > bytes in 27 lines about: > : Could you guys add a CAPTCHA test for the bridges page > : https://bridges.torproject.org/ ? It is almost certain that bridges > : are crawled, analyzed and blocked by bots now. > > This is on the short-term todo list. However, it's been told to us that > humans are crawling the bridges, not bots. In particular, China is > crawling the https and smtp pools by human interaction, not bots. > > Stopping the bots is a fine idea as well. I believe captchas are easy > to break by automated analysis already, but we'll find out when we roll > out a captcha on bridges.torproject.org. > > -- > Andrew Lewman > The Tor Project > pgp 0x31B0974B > +1-781-352-0568 > > Website: https://www.torproject.org/ > Blog: https://blog.torproject.org/ > Identi.ca: torproject > Skype: lewmanator > *********************************************************************** > To unsubscribe, send an e-mail to [email protected] with > unsubscribe or-talk in the body. http://archives.seul.org/or/talk/ >
