Delivery-Date: Tue, 08 Jul 2014 08:45:34 -0400
Return-Path: <tor-talk-bounces@lists.torproject.org>
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on moria.seul.org
X-Spam-Level: 
X-Spam-Status: No, score=-4.9 required=5.0 tests=BAYES_00,RCVD_IN_DNSWL_MED,
	RP_MATCHES_RCVD autolearn=ham version=3.3.1
X-Original-To: archiver@seul.org
Delivered-To: archiver@seul.org
Received: from eugeni.torproject.org (eugeni.torproject.org [38.229.72.13])
	(using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by khazad-dum.seul.org (Postfix) with ESMTPS id E67611E0A7A
	for <archiver@seul.org>; Tue,  8 Jul 2014 08:45:31 -0400 (EDT)
Received: from eugeni.torproject.org (localhost [127.0.0.1])
	by eugeni.torproject.org (Postfix) with ESMTP id 4E95B3026E;
	Tue,  8 Jul 2014 12:45:29 +0000 (UTC)
Received: from localhost (localhost [127.0.0.1])
 by eugeni.torproject.org (Postfix) with ESMTP id 44C8B30373
 for <tor-talk@lists.torproject.org>; Tue,  8 Jul 2014 12:39:53 +0000 (UTC)
X-Virus-Scanned: Debian amavisd-new at eugeni.torproject.org
Received: from eugeni.torproject.org ([127.0.0.1])
 by localhost (eugeni.torproject.org [127.0.0.1]) (amavisd-new, port 10024)
 with ESMTP id vGF_8zq6aXB1 for <tor-talk@lists.torproject.org>;
 Tue,  8 Jul 2014 12:39:53 +0000 (UTC)
Received: from patternsinthevoid.net (greyarea.patternsinthevoid.net
 [106.187.37.158])
 by eugeni.torproject.org (Postfix) with ESMTP id AB76130372
 for <tor-talk@lists.torproject.org>; Tue,  8 Jul 2014 12:39:52 +0000 (UTC)
Received: from localhost (localhost [127.0.0.1])
 by patternsinthevoid.net (Postfix) with ESMTP id 003EB3A1413;
 Tue,  8 Jul 2014 12:39:47 +0000 (UTC)
X-Virus-Scanned: Debian amavisd-new at patternsinthevoid.net
Received: from patternsinthevoid.net ([127.0.0.1])
 by localhost (greyarea.patternsinthevoid.net [127.0.0.1]) (amavisd-new,
 port 10024)
 with ESMTP id hQjpfH_J-Wut; Tue,  8 Jul 2014 12:39:41 +0000 (UTC)
Date: Tue, 8 Jul 2014 12:36:55 +0000
From: isis <isis@torproject.org>
To: tor-talk@lists.torproject.org
Message-ID: <20140708123655.GB9691@patternsinthevoid.net>
Mail-Followup-To: cypherpunks@cpunks.org,
 Liberation Technologies <liberationtech@lists.stanford.edu>
References: <20140704145641.GP26986@leitl.org>
 <20140704213623.GA8586@patternsinthevoid.net>
 <20140705035926.GA12960@localhost> <20140705190820.7faddb9c@natsu>
 <EC442E57-306F-42B0-96FB-56C0303AED78@sebastianhahn.net>
MIME-Version: 1.0
In-Reply-To: <EC442E57-306F-42B0-96FB-56C0303AED78@sebastianhahn.net>
X-GPG-Public-Key-URL: https://blog.patternsinthevoid.net/isis.txt
X-Louis-Lingg: In this hope do I say to you I despise you. I despise your
 order, your laws, your force-propped authority. Hang me for it!
Cc: cypherpunks@cpunks.org,
 Liberation Technologies <liberationtech@lists.stanford.edu>
Subject: Re: [tor-talk] messing with XKeyScore
X-BeenThere: tor-talk@lists.torproject.org
X-Mailman-Version: 2.1.15
Precedence: list
Reply-To: tor-talk@lists.torproject.org
List-Id: "all discussion about theory, design,
 and development of Onion Routing" <tor-talk.lists.torproject.org>
List-Unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-talk>, 
 <mailto:tor-talk-request@lists.torproject.org?subject=unsubscribe>
List-Archive: <http://lists.torproject.org/pipermail/tor-talk/>
List-Post: <mailto:tor-talk@lists.torproject.org>
List-Help: <mailto:tor-talk-request@lists.torproject.org?subject=help>
List-Subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>, 
 <mailto:tor-talk-request@lists.torproject.org?subject=subscribe>
Content-Type: multipart/mixed; boundary="===============4083001241891460655=="
Errors-To: tor-talk-bounces@lists.torproject.org
Sender: "tor-talk" <tor-talk-bounces@lists.torproject.org>


--===============4083001241891460655==
Content-Type: multipart/signed; micalg=pgp-sha512;
	protocol="application/pgp-signature"; boundary="QTprm0S8XgL7H0Dt"
Content-Disposition: inline


--QTprm0S8XgL7H0Dt
Content-Type: text/plain; charset=utf-8
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

Sebastian Hahn transcribed 2.5K bytes:
>=20
> On 05 Jul 2014, at 15:08, Roman Mamedov <rm@romanrm.net> wrote:
>=20
> > On Sat, 5 Jul 2014 03:59:28 +0000
> > Matthew Finkel <matthew.finkel@gmail.com> wrote:
> >=20
> >> This problem makes me sad on many levels, and I'm not opposed to
> >> implementing mitigation techniques (within reason) based on the
> >> rulesets, however we shouldn't do anything that will hurt our users nor
> >> should be do anything that makes tor more difficult to use
> >> (unfortunately this includes sending users bogus bridge addresses).
> >=20
> > Well, what is the format of a E-Mail response with a bridge list?

The format is best described in torspec.git/pt-spec.txt, [0] given as:

[["Bridge"] SP] [[METHOD] SP] IP:PORT [SP [FINGERPRINT]] [[[K=3DV] "," [[K=
=3DV] ","]] =E2=80=A6]

BridgeDB currently doesn't include the "Bridge" prefix (and hasn't for just
upwards of one year now) due a backwards-compatibility issue with Vidalia. =
[1]
Meaning that a correctly formed bridge line currently looks like this:

obfs4 1.2.3.4:11111 abcdef0123456789abcdef0123456789abcdef01 sekrit=3Dfu,pa=
ssword=3Dbar

TorLauncher is smart about this, and if a bridge line (such as this one)
doesn't start with "Bridge", then TorLauncher rewrites the line before addi=
ng
it to the user's torrc file:

Bridge obfs4 1.2.3.4:11111 abcdef0123456789abcdef0123456789abcdef01 sekrit=
=3Dfu,password=3Dbar

The same obviously happens when configuring bridges in Tails, because Tails
now uses TorLauncher. The biggest problem we've seen here is that users can=
not
correctly/accurately type a bridge's fingerprint.

> > If it's just plain text, why not instead send them as a picture in atta=
chment,
> > with bridge IP addresses encoded in CAPTCHA style to not be machine-rea=
dable.
>=20
> Because it makes it harder for humans to use, and doesn't help. Watching
> the bridge authority gives you a list of bridges, too - no need to read
> emails.
>=20
> There are no "quick fixes" to global surveillance, and we shouldn't
> forget our users when deploying questionable countermeasures.

I agree with Sebastian and Matthew. I'm not willing to deploy something whi=
ch
makes it more difficult for legitimate Tor users to obtain/utilise
bridges. It's already difficult enough to correctly type a fingerprint.

There are plans to move towards implementing rBridge [2], which would allow
legitimate users to receive new bridges automatically and anonymously. There
is, however, no funding for this work. Either way, due to implementation
difficulty (largely due to certain prerequisite cryptographic primitives of
the anonymous authentication scheme) and integration with Tor Browser, this
will take me and the other volunteers quite some time. Give or take, 2-3
years.

[0]: https://gitweb.torproject.org/torspec.git/blob/HEAD:/pt-spec.txt#l27
[1]: https://trac.torproject.org/projects/tor/ticket/5851
[2]: http://freehaven.net/anonbib/#ndss13-rbridge

--=20
 =E2=99=A5=E2=92=B6 isis agora lovecruft
_________________________________________________________
GPG: 4096R/A3ADB67A2CDB8B35
Current Keys: https://blog.patternsinthevoid.net/isis.txt

--QTprm0S8XgL7H0Dt
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: Digital signature

-----BEGIN PGP SIGNATURE-----

iQMhBAEBCgELBQJTu+XjBYMB4TOAVhSAAAAAACUAKGlzaXMrc2lnbnN1YmtleUBw
YXR0ZXJuc2ludGhldm9pZC5uZXRGQzYzQUE1Q0QxOTM4NjlDMzIzNzE0NUE1QzE3
Nzc2RTI3RjdFODRESxSAAAAAABoAKGlzaXNAcGF0dGVybnNpbnRoZXZvaWQubmV0
MEE2QTU4QTE0QjU5NDZBQkRFMThFMjA3QTNBREI2N0EyQ0RCOEIzNS4aaHR0cHM6
Ly9ibG9nLnBhdHRlcm5zaW50aGV2b2lkLm5ldC9wb2xpY3kudHh0LJhodHRwczov
L2Jsb2cucGF0dGVybnNpbnRoZXZvaWQubmV0L2lzaXMudHh0AAoJEFwXd24n9+hN
fuUP/il9XKQ+9clBYfHpNutC/tu1A3FAxuKSQreWmIcavGB/bW2vNpdG40Cm7Mdx
/TuKFno1Rbj3NQbYumLYhNLEQrfZOruCU7qLJpaewMVcU2tTtj3woYLIfCEZf8nX
8wmHRlUW+JhxsjIsWc0lx64TlBcBuDmuZuKviS+KmNv22nTeNy2E310p0XhFhMDm
dZJ2ieTxXZBkFCpBXXJWq8LlxHBQ9jy5uODOUc64BDgBfdd/K9SX7IVegl1KM2uB
giTZVVpLs+s5fIRcWc+R+uCp4B71dKZl40FA+VmuAoYTEV8oCRFL0hYEy1kTQuQ1
zFas2yln1rcL/ChIrsJdCh9ugF8te0+UhK1/Y4bdZAcJbOl7elHU5dL3PeEEgIIn
2bRK4dOjtHkoTDw/bAEVuHPfn0EdBTtIJ/N9QSkmSvEdh+rzA/2mZyy3GUaov6gs
AtbB6/rNo0WIZ1R3uHgYCw8rGcQLsz7l81HrP5IEmNJ1/dxpGMsuGwPPV1l/IKeX
qpbru2817jIEiEuWQQhoUYDwmaqHXnExffaYgnj4uVGqDZgm1+sfpq6WYNmWvoZb
/TrBLndTX9jYkwMmOUhRu/o9r9zTEux0rTuK1/GSou/o6gQ0IrxafX3j2cjT+HV0
BE/KMBPC04nDXrf5wWET/GgSVOk9K8qhl2zop4wTEK4Xll0d
=GSY0
-----END PGP SIGNATURE-----

--QTprm0S8XgL7H0Dt--

--===============4083001241891460655==
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline

-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

--===============4083001241891460655==--

