Skip to content
Snippets Groups Projects
New look: Off

BridgeDB email response is confusing

    • Closed (moved) Issue created by Aaron Gibson @aagbsn

    BridgeDB's email response should be rephrased.

    To upload designs, you'll need to enable LFS and have an admin enable hashed storage. More information

    Child items 0

    • No child items are currently assigned. Use child items to break down this issue into smaller parts.

    Activity

    • Aaron Gibson added bridgedb-email component::circumvention/bridgedb owner::isis priority::high resolution::fixed status::closed type::enhancement labels

      added bridgedb-email component::circumvention/bridgedb owner::isis priority::high resolution::fixed status::closed type::enhancement labels

    • A
      Aaron Gibson @aagbsn ·
      Author

      velope points out that we could use mailto: links here to make composing emails easier (though, if the web interface works, why not just ask it for bridges)

    • A
      Aaron Gibson @aagbsn ·
      Author

      The current bridges.tpo text is:

      _("""Another way to find public bridge addresses is to send mail to bridges@torproject.org with the line "get bridges" by itself in the body
      of the mail. However, so we can make it harder for an attacker to learn lots of bridge addresses, you must send this request from an email address at one of the following domains:"""),

      Suggested replacement:

      _("""Another way to find public bridge addresses is to send mail to bridges@torproject.org with the line "get bridges" by itself in the body
      of the mail. If you are looking for obfsproxy bridges, include the line "transport obfs2" in the body of the mail. If you are looking for IPv6 bridges, include the line "ipv6" in the body of the mail. However, so we can make it harder for an attacker to learn lots of bridge addresses, you must send this request from an email address at one of the following domains:"""),

    • A
      Aaron Gibson @aagbsn ·
      Author

      And for the email text:

      _("""For example, to request obfsproxy bridges include 'transport obfs2' in your email"""),

    • A
      Aaron Gibson @aagbsn ·
      Author

      Trac:
      Description: BridgeDB's email response mentions that it supports queries for ipv6 bridges and bridges with specified transports, but the rate limiting feature prevents the responder from being used in an interactive way.

      We could modify the rate limiting feature to allow several requests before responding negatively.

      Alternately, the first response could include a brief set of instructions only, and only apply rate limiting to subsequent queries for bridges. However, this might be confusing, especially if not all translations are initially available.

      to

      BridgeDB's email response should be rephrased.
      Summary: BridgeDB email responder is not interactive to BridgeDB email response is confusing

    • S
      Matthew Finkel @sysrqb ·

      Is this a ticket for two separate issues?

      1. Website: bridge.torproject.org does not clearly describe how a user can retrieve certain information via email

      2. Email Response: The response received via email is confusing?

    • A
      Aaron Gibson @aagbsn ·
      Author

      If the latter, the two tickets are coupled and should be resolved before considering this ticket closed.

      Both responses could probably be simplified or improved. We could also consider alternatives to specifying the transport name in the body or subject of the mail.

    • S
      Matthew Finkel @sysrqb ·

      Replying to aagbsn:

      If the latter, the two tickets are coupled and should be resolved before considering this ticket closed.

      Agreed. (1) will hopefully be partially solved by the website. I don't remember if the directions are clearer, so we may need to decide on new wording for it.

      (2) will be trickier and may depend on #5463 (moved) because we really should start using it (shall we make this a parent?)

      Both responses could probably be simplified or improved.

      Probably =/ Should we split this into two UX/usability tickets? one for email distributor and one for http? Can we ask people to do field tests after the new site is deployed? :)

      We could also consider alternatives to specifying the transport name in the body or subject of the mail.

      I think, for now, the best way to specify various attributes is in the body. I can't think of an easier way, at least. With a vastly improve web UI and with more detailed/understandable instructions, I think the email format should be pretty easy to follow.

    • S
      Matthew Finkel @sysrqb ·

      ah, and scanning through tickets this may be (indirectly) related to #7296 (moved)

    • S
      Matthew Finkel @sysrqb ·

      This may be dupe of #8616 (moved), but setting as child until we have a better idea of what else we're missing.

      Trac:
      Parent: N/A to #8616 (moved)

    • I
      Isis Lovecruft @isis ·

      Replying to sysrqb:

      This may be dupe of #8616 (moved), but setting as child until we have a better idea of what else we're missing.

      #8616 (moved) has two children: this ticket and #7550 (moved). Since #8616 (moved) has no discussion on it, I'm going to set #8616 (moved) as a duplicate of this one, and move #7550 (moved) to be a child of this ticket.

      Trac:
      Cc: N/A to isis, sysrqb
      Priority: normal to major
      Status: new to assigned
      Keywords: N/A deleted, bridgedb-email added
      Parent: #8616 (moved) to N/A
      Owner: N/A to isis

    • I
      Isis Lovecruft @isis ·

      Adding this here rather than creating a new ticket, since it's not really a bug.

      While it's certainly better than failing silently, I don't think this should be the default behaviour:

      Mar 13 01:43:09 [DEBUG] > Received: BridgeDB
Mar 13 01:43:09 [DEBUG] > From example@gmail.com  Thu Mar 13 01:43:09 2014
Mar 13 01:43:09 [DEBUG] > X-Original-To: bridges@bridges.torproject.org
Mar 13 01:43:09 [DEBUG] > Delivered-To: bridgedb@ponticum.torproject.org
Mar 13 01:43:09 [DEBUG] > Received: from mail-pa0-x242.google.com (mail-pa0-x242.google.com [IPv6:2607:f8b0:400e:c03::242])
Mar 13 01:43:09 [DEBUG] >       (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits))
Mar 13 01:43:09 [DEBUG] >       (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (not verified))
Mar 13 01:43:09 [DEBUG] >       by ponticum.torproject.org (Postfix) with ESMTPS id 6A7EE22D24
Mar 13 01:43:09 [DEBUG] >       for <bridges@bridges.torproject.org>; Thu, 13 Mar 2014 01:43:09 +0000 (UTC)
Mar 13 01:43:09 [DEBUG] > Received: by mail-pa0-f66.google.com with SMTP id fb1so167089pad.1
Mar 13 01:43:09 [DEBUG] >         for <bridges@bridges.torproject.org>; Wed, 12 Mar 2014 18:43:08 -0700 (PDT)
Mar 13 01:43:09 [DEBUG] > DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
Mar 13 01:43:09 [DEBUG] >         d=gmail.com; s=20120113;
Mar 13 01:43:09 [DEBUG] >         h=mime-version:date:message-id:subject:from:to:content-type;
Mar 13 01:43:09 [DEBUG] >         bh=Wo1HgNnEzA/dctJtM0r1ea/1DycN91wa74VwGf0NWjs=;
Mar 13 01:43:09 [DEBUG] >         b=iWwiywlM1Hzdq6C1tg6MnDE6RgfJs1mSLs+gk68g6cT/NrKF+q4iU+xb4py1/7nv7r
Mar 13 01:43:09 [DEBUG] >          xdFMX2OhLUCuchi59LDJ6bsvGfZfVTC1GCgIZ0SRC3vDFOFB/GWyQarjbyXbm3q2oQP0
Mar 13 01:43:09 [DEBUG] >          pZLfJ7VJ2NFKo0+J2PIgIiCUrn/Y4t+mhyeOvKCRB2P0ZUwp2RaUMXE/KR/fNekCArdB
Mar 13 01:43:09 [DEBUG] >          WP8PpNaiW2hpBPAidVh19epwRok+2W5QDAE4zg/4C02Plb+favP87ABklBCZrE4RmoiR
Mar 13 01:43:09 [DEBUG] >          Pw0GlC0aKWTnVgaygm1inpPHR/Kup2mycLmHCKW8z84zOyvsv/xIiKqZuj6Q726/uR2B
Mar 13 01:43:09 [DEBUG] >          efrw==
Mar 13 01:43:09 [DEBUG] > MIME-Version: 1.0
Mar 13 01:43:09 [DEBUG] > X-Received: by 10.66.250.202 with SMTP id ze10mr745739pac.153.1394674988493;
Mar 13 01:43:09 [DEBUG] >  Wed, 12 Mar 2014 18:43:08 -0700 (PDT)
Mar 13 01:43:09 [DEBUG] > Received: by 10.70.72.8 with HTTP; Wed, 12 Mar 2014 18:43:08 -0700 (PDT)
Mar 13 01:43:09 [DEBUG] > Date: Thu, 13 Mar 2014 01:43:08 +0000
Mar 13 01:43:09 [DEBUG] > Message-ID: <CAOt0BpjJZ5nOCUPzwbR-9U+jxCT+XmYPdTYs61S-+6OHQVhG7g@mail.gmail.com>
Mar 13 01:43:09 [DEBUG] > Subject:
Mar 13 01:43:09 [DEBUG] > From: Isis Lovecruft <example@gmail.com>
Mar 13 01:43:09 [DEBUG] > To: bridges@bridges.torproject.org
Mar 13 01:43:09 [DEBUG] > Content-Type: text/plain; charset=ISO-8859-1
Mar 13 01:43:09 [DEBUG] > X-DKIM-Authentication-Results: pass
Mar 13 01:43:09 [DEBUG] >
Mar 13 01:43:09 [DEBUG] > get scramblesuit
Mar 13 01:43:09 [DEBUG] >
Mar 13 01:43:09 [INFO] Got a completed email; deciding whether to reply.
Mar 13 01:43:09 [INFO] Attempting to return for 3 bridges for [scrubbed]...
Mar 13 01:43:09 [DEBUG] Cache hit frozenset([<function filterBridgesByIP4 at 0x25b6578>])
Mar 13 01:43:09 [DEBUG] Returning 3 bridges from ring of len: 1943
Mar 13 01:43:09 [DEBUG] Got duplicate bridge '[scrubbed]' in main hashring for position '6d2721f10bc8a2302a1615fbfd3771d9ee1b8622'.
Mar 13 01:43:09 [DEBUG] Got duplicate bridge '[scrubbed]' in main hashring for position '6d2721f10bc8a2302a1615fbfd3771d9ee1b8622'.
Mar 13 01:43:09 [DEBUG] Email body:
Content-Type: text/plain
From: bridges@torproject.org
To: example@gmail.com
Message-ID: <20140313014309.18146.1299593451.4126@ponticum.torproject.org>
Subject: Re: [no subject]
In-Reply-To: <CAOt0BpjJZ5nOCUPzwbR-9U+jxCT+XmYPdTYs61S-+6OHQVhG7g@mail.gmail.com>
Date: Thu, 13 Mar 2014 01:43:09 +0000

[This is an automated message; please do not reply.]

Here are your bridge relays:

  123.123.123.123:443 1234abcd1234abcd1234abcd1234abcd1234abcd
  12.12.12.12:443  1234abcd1234abcd1234abcd1234abcd1234abcd
  1.1.1.1:443 1234abcd1234abcd1234abcd1234abcd1234abcd

Bridge relays (or "bridges" for short) are Tor relays that aren't listed
in the main directory. Since there is no complete public list of them,
even if your ISP is filtering connections to all the known Tor relays,
they probably won't be able to block all the bridges.

To use the above lines, go to Vidalia's Network settings page, and click
"My ISP blocks connections to the Tor network". Then add each bridge
address one at a time.

Configuring more than one bridge address will make your Tor connection
more stable, in case some of the bridges become unreachable.

The following commands are also supported:

  ipv6 : request ipv6 bridges.
  transport NAME : request transport NAME. Example: 'transport obfs2'

      Note that my request "get scramblesuit" is malformed, it should actually be "transport scramblesuit". Hence not being sure that this is actually a bug. It's just a tad bit confusing.

      Perhaps it would be better to say something like:

      We don't have any of that transport! Did you mean to say "transport obfs3", perhaps?
    • A
      Aaron Gibson @aagbsn ·
      Author

      Rethinking this ticket... I think it might make more sense to just scan the email body for known transport names, which BridgeDB could actually learn automatically since it sees all of the bridges anyway, and we could do away with the "transport NAME" syntax. And, it might be nice to try and fuzzy match requests. For example, "obfsproxy" or "obfs" would match obfs2 or obfs3. If the list of known transports were sorted descending, you could just pick the first match.

      Even better, we might want to support a method where you can request bridges for a specific country, where ideally we know which transports aren't blocked and can respond with those.

    • I
      Isis Lovecruft @isis ·

      Fixed, see this comment on #5463 (moved). I'm marking this as fixed, unless there is some specific usability issue from the branches in #5463 (moved) which justifies further work on this ticket.

      See this comment on #5463 (moved) to see what the new responses look like. They should be translatable now too. :)

      Trac:
      Resolution: N/A to fixed
      Status: assigned to closed

    • Trac closed

      closed

    • Isis Lovecruft mentioned in issue #7550 (moved)

      mentioned in issue #7550 (moved)

    • Isis Lovecruft mentioned in issue #8616 (moved)

      mentioned in issue #8616 (moved)

    • Isis Lovecruft mentioned in issue #10813 (moved)

      mentioned in issue #10813 (moved)

    • Trac moved to tpo/anti-censorship/bridgedb#7547 (closed)

      moved to tpo/anti-censorship/bridgedb#7547 (closed)

    Please register or sign in to reply