BridgeDB issueshttps://gitlab.torproject.org/tpo/anti-censorship/bridgedb/-/issues2020-06-27T13:43:26Zhttps://gitlab.torproject.org/tpo/anti-censorship/bridgedb/-/issues/7521Design a system for generating delegation tokens2020-06-27T13:43:26ZAaron GibsonDesign a system for generating delegation tokensDelegation tokens or invites should have the following properties:
Easy for a human to transcribe, from a screen or paper
Hard for a computer to brute force
Should be possible to generate offline, so that any secret key material does no...Delegation tokens or invites should have the following properties:
Easy for a human to transcribe, from a screen or paper
Hard for a computer to brute force
Should be possible to generate offline, so that any secret key material does not need to be present on the deployed system.Isis LovecruftIsis Lovecrufthttps://gitlab.torproject.org/tpo/anti-censorship/bridgedb/-/issues/7522Design a user interface for redeeming invite tokens2020-06-27T13:43:25ZAaron GibsonDesign a user interface for redeeming invite tokensPlease see [comment #4 on this ticket](https://trac.torproject.org/projects/tor/ticket/7522#comment:4) for a better description of the scope of this ticket. The following description is kept for historical purposes, and is no longer rele...Please see [comment #4 on this ticket](https://trac.torproject.org/projects/tor/ticket/7522#comment:4) for a better description of the scope of this ticket. The following description is kept for historical purposes, and is no longer relevant due to developments in the design of legacy/trac#7520. —isis
### Original Description
Should this interface be web based? Email based with gpg support? Both?
Should a token be redeemed for an account, or be used each time to request a bridge?
If a token is exchanged for an account, BridgeDB would need to store account credentials provided by a user. That might be more convenient for a user to remember, but might lead to problems such as:
account names can be probed (i.e. does an account by a certain name already exist?)
users might re-use nyms, potentially a liability.
On the other hand, an account might be identified by an email address, which could be used to periodically send new bridges or invites. We want to add email subscription support to BridgeDB (legacy/trac#1610), and perhaps these features should overlap.
Perhaps we could support both modes, where a valid token can be used to request bridges and add/remove email addresses. If a user chooses to add an email address, a suitable warning would be displayed to advise the user that the email address will be stored on the system.Isis LovecruftIsis Lovecrufthttps://gitlab.torproject.org/tpo/anti-censorship/bridgedb/-/issues/17006different perspective on censorship2020-06-27T13:43:02ZTracdifferent perspective on censorshipbridgedb and gettor are trying to solve a tchnical problem which is a good thing, no doubt but often technical solutions are not the key to changing a society. most of the time it is the way in which technology is brought into peoples li...bridgedb and gettor are trying to solve a tchnical problem which is a good thing, no doubt but often technical solutions are not the key to changing a society. most of the time it is the way in which technology is brought into peoples lives.
i think it is important to look at how censorship works and how it is integrates with peoples lives:
prevent people from spreading and finding specific information.
One average way someone uses tor could be like this:
-i feel like the goverment is hiding something from me.
-i should try to find a way to get around this.
-i found tons of different tools to do that but what is the best?
-i gonna use tor
-but the goverment makes it difficult for me to get it.
-i have to try to find a way to get it working.
-after a while i finally got it working
-i now have full access to the whole internet...
-now where are the interesting things the goverment is hiding?
-where should i start searching?
-...hmm this thing is nice to have but without aquiring further knowlege its probably not of much use for the average user...
-i probably should look into this some other day.
the problem here is that it requires initiative several times.
except for porn people usually do not show this behavior. thats why facebook and tv are so popular. most humans are passive animals and let others decide the boundaries of ther lives. so there are 2 ways of reaching people: attatch to something within the boundaries or change the boundaries. the best way is to start with the first and continue with the second. with other words we should find a way to make tor a thing.
but starting a movement is hard and usually not going to work. it has to evolve naturally. societies have a gigantic amount of trial and error potential. if a creative environment is being provided a crowd can come up with amazing solutions. creativity works the best the way of expression is universal but some not too tight and not to loose boundaries exist in one or few dimensions.
so what bridgedb gettor and other related projects should do is to find tools that can provide such properities.
on idea i had for example was to make a website or a button in torbrowser that generates a qr code that a mirror for torbrowser, a set of bridges and an url inside. that way all is in one place. the information and the tool to access it. it can be share with friends on a smartphone, stickers could be made of it or shared in any channel that is difficult for censors to control
thats only on idea. there are probably way more different things.
**Trac**:
**Username**: elypterIsis LovecruftIsis Lovecrufthttps://gitlab.torproject.org/tpo/anti-censorship/bridgedb/-/issues/29273Document BridgeDB infrastructure2020-06-27T13:42:51ZAlexander Færøyahf@torproject.orgDocument BridgeDB infrastructureWe should document how the current BridgeDB that is running is configured and how to configure a new instance in case there is a problem with the one we have today.We should document how the current BridgeDB that is running is configured and how to configure a new instance in case there is a problem with the one we have today.David Gouletdgoulet@torproject.orgDavid Gouletdgoulet@torproject.orghttps://gitlab.torproject.org/tpo/anti-censorship/bridgedb/-/issues/40018Evaluation of bridge statistics2023-08-24T15:15:04ZCecylia BocovichEvaluation of bridge statisticsSee what we information we have, what we need, and how we can use these statistics.See what we information we have, what we need, and how we can use these statistics.meskiomeskio@torproject.orgmeskiomeskio@torproject.orghttps://gitlab.torproject.org/tpo/anti-censorship/bridgedb/-/issues/9443Generate and secure pgp keys for bridges.tpo2020-06-27T13:43:21ZMatthew FinkelGenerate and secure pgp keys for bridges.tpoWe need to start signing the emails we send from bridges.tpo, but we need keys to do this. This means we need to be able to store them in a safe way, too; preferably the long-term keys will be stored in an offline hardware chip of some s...We need to start signing the emails we send from bridges.tpo, but we need keys to do this. This means we need to be able to store them in a safe way, too; preferably the long-term keys will be stored in an offline hardware chip of some sort, subkey(s) will be online. Who will generate these, who will control this chip and where will it be stored?
Plus any other important questions I missed.Isis LovecruftIsis Lovecrufthttps://gitlab.torproject.org/tpo/anti-censorship/bridgedb/-/issues/12547Get analysed data from bridge reachability tests to tor-devs2021-09-09T14:26:41ZArturo FilastòGet analysed data from bridge reachability tests to tor-devsThis means setting up a web server on the post processing machine (the one running the collector) with some access control so that tor devs can read the reports.This means setting up a web server on the post processing machine (the one running the collector) with some access control so that tor devs can read the reports.https://gitlab.torproject.org/tpo/anti-censorship/bridgedb/-/issues/5943Get ReCaptcha API keys for bridges.torproject.org2020-06-27T13:43:27ZAaron GibsonGet ReCaptcha API keys for bridges.torproject.orgBridgeDB needs ReCaptcha API keys (for address: bridges.torproject.org)BridgeDB needs ReCaptcha API keys (for address: bridges.torproject.org)Aaron GibsonAaron Gibsonhttps://gitlab.torproject.org/tpo/anti-censorship/bridgedb/-/issues/40023Go through process of distributing private bridges2021-07-15T17:32:56ZPhilipp Winterphw@torproject.orgGo through process of distributing private bridgesOver at legacy/trac#31872, we created a process for distributing private bridges to NGOs:
https://trac.torproject.org/projects/tor/wiki/org/teams/AntiCensorshipTeam/NGOBridgeSupport
It's now time to go through this process with a non-tr...Over at legacy/trac#31872, we created a process for distributing private bridges to NGOs:
https://trac.torproject.org/projects/tor/wiki/org/teams/AntiCensorshipTeam/NGOBridgeSupport
It's now time to go through this process with a non-trivial number of censored users. Once we did, we need to document our experience and iteratively improve the process.Sponsor 30 - Objective 2.3GusGushttps://gitlab.torproject.org/tpo/anti-censorship/bridgedb/-/issues/1612Group reserved bridges into buckets for people2020-06-27T13:43:36ZAndrew LewmanGroup reserved bridges into buckets for peopleGroup reserved bridges into buckets for people, write those buckets to files on request. (So that those files can be used by Roger or $foo to give to trusted people)Group reserved bridges into buckets for people, write those buckets to files on request. (So that those files can be used by Roger or $foo to give to trusted people)Christian FrommeChristian Frommehttps://gitlab.torproject.org/tpo/anti-censorship/bridgedb/-/issues/1613i18n bridgedb2020-06-27T13:43:36ZAndrew Lewmani18n bridgedbi18n bridgedbi18n bridgedbChristian FrommeChristian Frommehttps://gitlab.torproject.org/tpo/anti-censorship/bridgedb/-/issues/1608If we know a certain bridge is blocked in a certain country, don’t give out t...2020-06-27T13:43:36ZAndrew LewmanIf we know a certain bridge is blocked in a certain country, don’t give out that bridge to that countryIf we know a certain bridge is blocked in a certain country, don’t give out that bridge to that country
Child Tickets:
[[TicketQuery(parent=legacy/trac#1608)]]If we know a certain bridge is blocked in a certain country, don’t give out that bridge to that country
Child Tickets:
[[TicketQuery(parent=legacy/trac#1608)]]https://gitlab.torproject.org/tpo/anti-censorship/bridgedb/-/issues/22777Implement a backend HTTP server for Hyphae's credentials2020-06-27T13:42:58ZIsis LovecruftImplement a backend HTTP server for Hyphae's credentialsWe'll need an HTTP server which implements Appendix B of [the Hyphae paper](https://patternsinthevoid.net/hyphae/hyphae.pdf).We'll need an HTTP server which implements Appendix B of [the Hyphae paper](https://patternsinthevoid.net/hyphae/hyphae.pdf).https://gitlab.torproject.org/tpo/anti-censorship/bridgedb/-/issues/14453Implement statistics gathering for number of Bridges-per-Transport in BridgeDB2020-06-27T13:43:06ZIsis LovecruftImplement statistics gathering for number of Bridges-per-Transport in BridgeDBAs part of the [SponsorS PT work](https://trac.torproject.org/projects/tor/wiki/org/sponsors/SponsorS/PluggableTransports), we promised a way to gather statistics on the number of bridges per transport.
The proposal states this is a tas...As part of the [SponsorS PT work](https://trac.torproject.org/projects/tor/wiki/org/sponsors/SponsorS/PluggableTransports), we promised a way to gather statistics on the number of bridges per transport.
The proposal states this is a task for Metrics. However, it's possible to do this on the BridgeDB side. In fact, it would help BridgeDB in the future to determine how to better allocate bridges to its Distributors (and help the Distributors hand them out to users in smarter ways).
Technically, BridgeDB already sort-of has data on the number of Bridges-per-Transport… or, rather, when a client requests a certain type of bridge from a certain Distributor (e.g. "give me an IPv4 obfs3 bridge from the HTTPS Distributor"), BridgeDB creates (or retrieves from a cache) a "filtered" subhashring containing only Bridges which fit the client's request. BridgeDB even logs the number of Bridges in these subhashrings in its DEBUG and INFO logs:
```
22:19:16 INFO L1361:Bridges.addRing() Bridges inserted into HTTPS-Transpo subring: 235
22:19:16 DEBUG L75:Dist.getNumBridgesPerA() Returning 3 bridges from ring of len: 235
```
The problem with using those numbers for statistics is that BridgeDB's Distributors may have multiple adjacent subhashrings, usually about 5. So, in the above case, there's roughly something like 1175=5*235 obfs3 bridges in the HTTPS Distributor. (These numbers aren't from the real deployed BridgeDB, by the way.)
---------
A better way to do this would be to provide a database query (as part of legacy/trac#12031) which counts the number of Bridges which claim to offer a PT. An example mechanism for doing this in Redis would be to keep a hash (i.e. using [HSET](http://redis.io/commands/hset) or `HINCRBY`) of Bridges which have any PTs, where the keys are the Bridge fingerprints, add a field for each type of PT, and then (if not using `HINCRBY`) store `IP:PORT[,IP:PORT[,IP:PORT[…]]]`, for example:
```
redis> HSET 26F6A7570E0F655DFDD054E79ACBB127112C2D7B obfs4 "4.4.4.4:4444,5.5.5.5:5555"
```
With that scheme, a new `HSET` would be necessary each time the `@type bridge-extrainfo` descriptors are parsed, but this only has time complexity O(1).
Some considerations / additional query parameters:
* For these statistics, should we only count Bridges with the Running flag? Or only if the OONI machine says the PT is reachable?
* What sanitisations should be done on these numbers? Should we round them? Or provide a scale, i.e. "between 1000-5000 obfs4 bridges"?
* Do we want only the _Bridges_ with a given PT? Or do we want the _number of instances_ of a given PT (e.g. if a Bridge has multiple obfs3 instances)?Sponsor 30 - Objective 2.1https://gitlab.torproject.org/tpo/anti-censorship/bridgedb/-/issues/9332Implement whitelisting of (email_address, gpg_key_id) pairs for encrypted, au...2021-09-09T14:20:45ZGeorge KadianakisImplement whitelisting of (email_address, gpg_key_id) pairs for encrypted, automated email bridge distributionRoger told me that BridgeDB used to send bridges to a list of emails. It got those bridges from the reserved pool, and sent some of them to the members of the mailing list every so often.
This feature seems to be disabled now (for some ...Roger told me that BridgeDB used to send bridges to a list of emails. It got those bridges from the reserved pool, and sent some of them to the members of the mailing list every so often.
This feature seems to be disabled now (for some reason), but it might be a good idea to revive it.https://gitlab.torproject.org/tpo/anti-censorship/bridgedb/-/issues/1611Increase the "unreserved" share of bridges2020-06-27T13:43:36ZAndrew LewmanIncrease the "unreserved" share of bridgesIncrease the "unreserved" share of bridgesIncrease the "unreserved" share of bridgesChristian FrommeChristian Frommehttps://gitlab.torproject.org/tpo/anti-censorship/bridgedb/-/issues/29276Make a release of BridgeDB2020-06-27T13:42:51ZAlexander Færøyahf@torproject.orgMake a release of BridgeDBAs far as we understand here at the hackmeeting in Brussels there is currently no software release of the BridgeDB codebase. We should make a 0.0.1 release (or whatever we decide as initial version number).As far as we understand here at the hackmeeting in Brussels there is currently no software release of the BridgeDB codebase. We should make a 0.0.1 release (or whatever we decide as initial version number).Philipp Winterphw@torproject.orgPhilipp Winterphw@torproject.orghttps://gitlab.torproject.org/tpo/anti-censorship/bridgedb/-/issues/31878Make BridgeDB and bridge authority more resilient2020-11-20T18:46:03ZPhilipp Winterphw@torproject.orgMake BridgeDB and bridge authority more resilientWe should explore options to decentralise BridgeDB and/or our bridge authority.We should explore options to decentralise BridgeDB and/or our bridge authority.Sponsor 30 - Objective 2.4https://gitlab.torproject.org/tpo/anti-censorship/bridgedb/-/issues/2301migrate bridgedb to tor server2020-06-27T13:43:34ZAndrew Lewmanmigrate bridgedb to tor serverCurrently bridgedb runs on byblos. The byblos owner asks us to move it to a tor server.Currently bridgedb runs on byblos. The byblos owner asks us to move it to a tor server.Aaron GibsonAaron Gibsonhttps://gitlab.torproject.org/tpo/anti-censorship/bridgedb/-/issues/6652migrate phw's brdgrd code to Tor git repo2020-06-27T13:43:26ZRoger Dingledinemigrate phw's brdgrd code to Tor git repoI think we removed all appropriate trac components for this sort of thing, so picking a related one.
We should make a brdgrd Torproject git repo, and let phw (who already has an ldap account) commit to it.
The code is currently at http...I think we removed all appropriate trac components for this sort of thing, so picking a related one.
We should make a brdgrd Torproject git repo, and let phw (who already has an ldap account) commit to it.
The code is currently at https://github.com/NullHypothesis/brdgrd
I've been asking huge bridge operators to set it up, so we should make it into something more official (plus that way more people will look at it).Sebastian HahnSebastian Hahn