Re: [tor-bugs] #23089 [Obfuscation/Pluggable transport]: Most of bridges share the same 3 subnets. What if this subnets got blocked? It will be devastating!

[Tor Bug Tracker & Wiki]

#23089: Most of bridges share the same 3 subnets. What if this subnets got 
blocked?
It will be devastating!
-+--
 Reporter:  cypherpunks  |  Owner:  asn
 Type:  defect   | Status:  reopened
 Priority:  Very High|  Milestone:
Component:  Obfuscation/Pluggable transport  |Version:
 Severity:  Normal   | Resolution:
 Keywords:   |  Actual Points:
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+--

Comment (by cypherpunks):

 > Try e-mail?

 Assume that email, SMS, social networks, messengers, forums, any other
 unencrypted channels are censored too and that people trying to acquire
 bridges using such personalized channels are prosecuted. Bridges must be
 acquired stealthy. Noone must know that you are using a bridge except the
 bridge itself.

 >Second, reality is different. For me only 1/10 bridges from bridges.tpo
 was affected by your "3 firewall rules".

 Maybe.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #23089 [Obfuscation/Pluggable transport]: Most of bridges share the same 3 subnets. What if this subnets got blocked? It will be devastating!

[Tor Bug Tracker & Wiki]

#23089: Most of bridges share the same 3 subnets. What if this subnets got 
blocked?
It will be devastating!
-+--
 Reporter:  cypherpunks  |  Owner:  asn
 Type:  defect   | Status:  reopened
 Priority:  Very High|  Milestone:
Component:  Obfuscation/Pluggable transport  |Version:
 Severity:  Normal   | Resolution:
 Keywords:   |  Actual Points:
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+--

Comment (by cypherpunks):

 > Why? It's easy for everyone to download some bridges' addresses, look at
 them, spot common subnets and create just 3 firewall rules to block most
 of them, even unknown? Its not a bug, its a vuln!

 First:
 > Then other people should step up and run bridges, instead of just
 Torservers. But this isn't a bug, it's more an outreach problem.

 Second, reality is different. For me only 1/10 bridges from bridges.tpo
 was affected by your "3 firewall rules".

 > How can I request a new one if TPO websites are blocked? And what if I
 requested a new one and would be given the new one already blocked?

 Try e-mail?

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #23089 [Obfuscation/Pluggable transport]: Most of bridges share the same 3 subnets. What if this subnets got blocked? It will be devastating! (was: What if 0.0.0.0/0 got blocked?)

[Tor Bug Tracker & Wiki]

#23089: Most of bridges share the same 3 subnets. What if this subnets got 
blocked?
It will be devastating!
-+--
 Reporter:  cypherpunks  |  Owner:  asn
 Type:  defect   | Status:  reopened
 Priority:  Very High|  Milestone:
Component:  Obfuscation/Pluggable transport  |Version:
 Severity:  Normal   | Resolution:
 Keywords:   |  Actual Points:
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+--
Changes (by cypherpunks):

 * status:  closed => reopened
 * resolution:  invalid =>


Comment:

 > It seems like you disclose some information fetched from bridges.tpo,
 please don't do that.

 Why? It's easy for everyone to download some bridges' addresses, look at
 them, spot common subnets and create just 3 firewall rules to block most
 of them, even unknown? Its not a bug, its a vuln!

 > If bridge got blocked you can to request new one.

 How can I request a new one if TPO websites are blocked? And what if I
 request a new one and would be given the new one already blocked?

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs