isis:
Lunar transcribed 2.9K bytes:
Matthew Finkel:
I agree, and I think it's safe to assume that some nation-state
adversaries do not have these capabilities yet. Users should choose
obfs3 over obfs2, but if a user has a reason for requesting obfs2 then
I don't think we should deny
Lunar transcribed 3.7K bytes:
isis:
Lunar transcribed 2.9K bytes:
Matthew Finkel:
I agree, and I think it's safe to assume that some nation-state
adversaries do not have these capabilities yet. Users should choose
obfs3 over obfs2, but if a user has a reason for requesting obfs2
Matthew Finkel:
I agree, and I think it's safe to assume that some nation-state
adversaries do not have these capabilities yet. Users should choose
obfs3 over obfs2, but if a user has a reason for requesting obfs2 then
I don't think we should deny them.
But aren't “we” the expert on the
Lunar transcribed 2.9K bytes:
Matthew Finkel:
I agree, and I think it's safe to assume that some nation-state
adversaries do not have these capabilities yet. Users should choose
obfs3 over obfs2, but if a user has a reason for requesting obfs2 then
I don't think we should deny them.
On Sat, Jul 26, 2014 at 09:42:04PM -0700, Ken Keys wrote:
On 7/26/2014 1:54 AM, Matthew Finkel wrote:
We also do try to discard fake requests, isis actually added another
yesterday!
Could you elaborate on this? I don't understand what you mean my fake
requests but the incident sounds
On Fri, Jul 25, 2014 at 10:19:40PM +, isis wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Yawning Angel transcribed 2.9K bytes:
On Fri, 25 Jul 2014 13:25:31 +0200
Lunar lu...@torproject.org wrote:
isis:
We can't just make Tor Browser stop accepting obfs2 because
On Sun, Jul 20, 2014 at 06:07:03PM -0400, Philipp Winter wrote:
On Sun, Jul 20, 2014 at 06:52:44PM +, Matthew Finkel wrote:
So, the questions I am posing to those in the community who has an
opinion about this: What do you think? What problems do you currently
have with this? How can
On Thu, Jul 24, 2014 at 04:01:34PM -0400, Israel Leiva wrote:
Hi.
I support what Philipp and Nima say about keywords. The given commands
surely look simple for technical users, but what about non-technical users?
If the purpose of the distributor is to give info, and you're already
On Thu, Jul 24, 2014 at 04:16:44PM +, harmony wrote:
Nima Fatemi n...@riseup.net:
I think bridges works just fine for vanilla bridges and I want to
take the opportunity to +1 Philipp's idea on looking for keywords
instead of commands, regardless of how they're phrased.
Help desk
On Fri, Jul 25, 2014 at 07:32:42AM +, isis wrote:
Lunar transcribed 2.1K bytes:
isis:
PS: why are we still shipping obfs2 bridges?!
tl;dr: Because we have them.
The protocol is known to be broken and fingerprintable. That's something
we know. Not users. If BridgeDB is
On 7/26/2014 1:54 AM, Matthew Finkel wrote:
We also do try to discard fake requests, isis actually added another
yesterday!
Could you elaborate on this? I don't understand what you mean my fake
requests but the incident sounds interesting.
___
tor-dev
isis:
PS: why are we still shipping obfs2 bridges?!
tl;dr: Because we have them.
The protocol is known to be broken and fingerprintable. That's something
we know. Not users. If BridgeDB is giving them out, then it must be that
it's ok to use, right?
We can't just make Tor Browser stop
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Lunar wrote:
We can't just make Tor Browser stop accepting obfs2 because some
people are using obfs2 bridges right now. But we shouldn't add more
people to the set of users of a broken protocol.
We should really be reaching out to those running
Griffin Boyce transcribed 0.8K bytes:
isis wrote:
Do you have a better suggestion for what to call vanilla bridges?
I keep calling them standard bridges (as opposed to fancy, monocle-wearing
bridges). People seem to understand immediately that other types of bridges
are special somehow
Lunar transcribed 2.1K bytes:
isis:
PS: why are we still shipping obfs2 bridges?!
tl;dr: Because we have them.
The protocol is known to be broken and fingerprintable. That's something
we know. Not users. If BridgeDB is giving them out, then it must be that
it's ok to use, right?
isis:
We can't just make Tor Browser stop accepting obfs2 because some people
are using obfs2 bridges right now. But we shouldn't add more people to
the set of users of a broken protocol.
Obfs3 is also broken, it's just that we haven't yet seen a DPI box do it
IRL.
That's news to me.
On Fri, 25 Jul 2014 10:00:01 +0200
Lunar lu...@torproject.org wrote:
isis:
We can't just make Tor Browser stop accepting obfs2 because some
people are using obfs2 bridges right now. But we shouldn't add
more people to the set of users of a broken protocol.
Obfs3 is also broken,
isis:
We can't just make Tor Browser stop accepting obfs2 because some people
are using obfs2 bridges right now. But we shouldn't add more people to
the set of users of a broken protocol.
Obfs3 is also broken, it's just that we haven't yet seen a DPI box do it
IRL. If you want me to only
On Fri, 25 Jul 2014 13:25:31 +0200
Lunar lu...@torproject.org wrote:
isis:
We can't just make Tor Browser stop accepting obfs2 because some
people are using obfs2 bridges right now. But we shouldn't add
more people to the set of users of a broken protocol.
Obfs3 is also broken,
Griffin Boyce transcribed 1.6K bytes:
Lunar wrote:
We can't just make Tor Browser stop accepting obfs2 because some
people are using obfs2 bridges right now. But we shouldn't add more
people to the set of users of a broken protocol.
We should really be reaching out to those running
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Yawning Angel transcribed 2.9K bytes:
On Fri, 25 Jul 2014 13:25:31 +0200
Lunar lu...@torproject.org wrote:
isis:
We can't just make Tor Browser stop accepting obfs2 because some
people are using obfs2 bridges right now. But we
isis transcribed 4.0K bytes:
bridgedb@ponticum:/srv/bridges.torproject.org$ grep 'transport obfs2'
from-authority/cached-extrainfo* | wc -l
2071
bridgedb@ponticum:/srv/bridges.torproject.org$ grep 'transport obfs3'
from-authority/cached-extrainfo* | wc -l
2840
On Fri, 25 Jul 2014 22:19:40 +
isis i...@torproject.org wrote:
Personally I think when we deploy the next round of transports
(meek, and either ScrambleSuit or obfs4) would be the right time to
revisit this, and I can't think of a good reason to keep obfs2
around beyond there are
Ken Keys transcribed 3.4K bytes:
On 7/23/2014 10:57 AM, Matt Pagan wrote:
COMMANDs: (combine COMMANDs to specify multiple options simultaneously)
get bridgesRequest vanilla bridges.
get transport [TYPE] Request a Pluggable Transport by TYPE.
get help
isis:
[...]
Are some of our least technical users, many of whom have never even seen a
command line before and who may live in Sub-Saharan Africa or one of the
Stan countries with only a rudimentary knowledge of English going to
understand the difference between vanilla bridges and, say,
El jue, 24-07-2014 a las 06:54 +, Nima Fatemi escribió:
isis:
[...]
Are some of our least technical users, many of whom have never even seen a
command line before and who may live in Sub-Saharan Africa or one of the
Stan countries with only a rudimentary knowledge of English going to
isis wrote:
Do you have a better suggestion for what to call vanilla bridges?
I keep calling them standard bridges (as opposed to fancy,
monocle-wearing bridges). People seem to understand immediately that
other types of bridges are special somehow if I call
regular/vanilla/non-obfs
Nima Fatemi n...@riseup.net:
I think bridges works just fine for vanilla bridges and I want to
take the opportunity to +1 Philipp's idea on looking for keywords
instead of commands, regardless of how they're phrased.
Help desk frequently sees bridge keywords in other
(supported/unsupported)
Hi.
I support what Philipp and Nima say about keywords. The given commands
surely look simple for technical users, but what about non-technical users?
If the purpose of the distributor is to give info, and you're already
filtering emails to *try* to avoid fake requests (correct if i'm wrong),
On 7/23/2014 10:57 AM, Matt Pagan wrote:
COMMANDs: (combine COMMANDs to specify multiple options simultaneously)
get bridgesRequest vanilla bridges.
get transport [TYPE] Request a Pluggable Transport by TYPE.
get help Displays this message.
get key
Matt Pagan transcribed 2.6K bytes:
COMMANDs: (combine COMMANDs to specify multiple options simultaneously)
get bridgesRequest vanilla bridges.
get transport [TYPE] Request a Pluggable Transport by TYPE.
get help Displays this message.
get key
Hi everyone,
A short time ago BridgeDB learned how to accept some more commands via
email[0]. Below is an example of the current help/overview autoresponse
email[1] that users receive (in English, we do have translations).
These commands may not be optimal, so we'd love to be given feedback on
On Sun, Jul 20, 2014 at 06:52:44PM +, Matthew Finkel wrote:
So, the questions I am posing to those in the community who has an
opinion about this: What do you think? What problems do you currently
have with this? How can this be improved?
Non-technical users might be confused by the
33 matches
Mail list logo