On Sat, Jul 26, 2014 at 09:42:04PM -0700, Ken Keys wrote: > On 7/26/2014 1:54 AM, Matthew Finkel wrote: > > We also do try to discard fake requests, isis actually added another > > yesterday! > Could you elaborate on this? I don't understand what you mean my fake > requests but the incident sounds interesting.
Sure :) Fake requests meaning requests that do not appear to be from users who need bridges to access the Tor network. The way we currently do it is by keeping a blacklist of known-spammy email addresses. When we receive a request for bridges we compare the source email address against the email addresses in the blacklist. If they are identical or very similar[0] then we probably deny[1] the request. See the ticket[2] for some more details. [0] https://gitweb.torproject.org/user/isis/bridgedb.git/commitdiff/20b3063ffb81225f642503ec1d335077a6e73b0d?hp=ece0df775f3b83a5c0ce677fb9f5b899d3969201 [1] https://gitweb.torproject.org/user/isis/bridgedb.git/commitdiff/98a1ed16d711bfa73495adb0b0e0666f472460f3?hp=f84416b3b50f74a0d61ea1fcce7185908fad6615 [2] https://trac.torproject.org/projects/tor/ticket/9385 _______________________________________________ tor-dev mailing list [email protected] https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev
