Skip to content

future of builtin bridges

We've being removing obfs4 builtin bridges (#44 (closed) #98 (closed)) without replacing them. Talking with others about it we started questioning the value of builtin bridges and if it makes sense to keep them around and find more bridge operators for them.

I guess they were created because getting bridges (before moat) was hard and in many cases builtin bridges are enough to overcome restricted networks (like corporate firewalls). With connect assist getting bridges is trivial and is easier than configuring builtin bridges.

Another reason to use builtin bridges is that they are operated by trusted members of our community and hopefully are more stable than a random bridge. But we solve that by providing multiple bridges in each request to circumvention settings.

Currently there are two situations in Tor Browser where builtin bridges are used in two cases:

  • Circumvention settings API configure builtin bridges when we don't know anything about the country of the IP address. I expect this mostly to be used in corporate firewalls, where builtin bridges work fine, but I hope circumvention settings ones should work as good.
  • When users enable them manually. I'm not sure when will this happen. I expect that if circumvention settings is not reachable (our domain front is blocked) builtin bridges will not work.

I don't think we can't stop using builtin bridges from one day to another, as TB is not the only user of them. But if we don't see the need of them we can slowly move into the direction of deprecating them.

What kind of usecases might people have for builtin bridges that I'm missing? Is there any original reason form them that I don't know?

To upload designs, you'll need to enable LFS and have an admin enable hashed storage. More information