Custom Query (15 matches)

Filters
 
Or
 
  
 
Columns

Show under each result:


Results (1 - 5 of 15)

1 2 3
Ticket Summary Owner
#9835 Backup Stack Exchange Tor site lunar
Description

It looks like we are going live with the Tor Stack Exchange Q&A site. There is going to be a lot of valuable thoughts in there, and it is probably a good idea to have our own backups in case Stack Exchange falls, fails or bails on the Tor project.

It should probably be done using a query run regularly against http://data.stackexchange.com/ or maybe using the data dumps http://www.clearbits.net/creators/146-stack-exchange-data-dump

#10966 Define a process on how new support assistants can be accepted in the team phoul
Description

The switch from having a single person handling all support request to a team was made through recruiting support assistants as a contracting position. It would be good to define a process on how new people can get accepted in the team. It's mostly a question of trust and probably we need to define a vouching process and a set of people that need to ack the decision.

#28526 Document how NGOs can run private obfs4 bridges, and get some doing it ggus
Description

One of our eventual goals is to get bridgedb back on its feet, and using bridge distribution strategies that China can't defeat, but in the mean time we should document one approach that should still work: setting up your Tor Browser with a private (not publicized) tor bridge.

In particular, we know many NGOs that would be happy to run unpublished obfs4 bridges for their people, and give them private bridge addresses when they visit China.

There are several steps to following through with this idea.

Round one (minimum viable approach):

(1) Document for NGOs how to easily run a few private obfs4 bridges. I've seen some guides floating around but nothing both simple and obviously official.

(2) Document for NGOs how they should get these bridge addresses to their users, and how the users should add them to Tor Browser. On Android it seems that Orbot hooks the "bridge://" url, so sending bridge addresses via signal, email, etc should work: the user clicks on the bridge address, which launches Orbot which adds that bridge to its configuration. Having docs for actual users, with screenshots and stuff, would be the clear next step. On desktop the interface choices are messier: see #28015.

(3) Walk a few NGOs through the process from beginning to end, so we can confirm for ourselves that it works as intended, and so we can have a more direct connection to actual users to get feedback on all angles of the user experience.

Round two (once we like round one):

(4) Document for NGOs how to run a series of obfs4 bridges. This could start with one bridge address per computer, but the longer term answer is to have a single Tor client binding to many bridge addresses, maybe with help from the ISP to point these many bridge addresses to that Tor.

(5) Understand if private bridges actually work in China. Apparently Lantern uses obfs4 and they don't get blocked by DPI, so that's a good start, but I've also heard stories of DPI-based throttling. In step 3 above we'll get some anecdotal answers, but here we should design and deploy some recurring experiments from computers inside China that assess (a) connectivity, (b) whether it can bootstrap, and (c) throughput, through a private bridge.

(6) We should invent and document some best practices for where NGOs ought to run their bridges, and how many bridges they need per user. At the extreme bad end of the spectrum, they would run one bridge and give it to all of the people attending a given training -- and in that case, apart from the obvious "what if one of the users is bad and gets the address blocked" worry, discovering some of the users could lead to discovering other related users. At the other end of the spectrum is one bridge (on its own separate ISP) per user. What are some acceptable solutions in between?

#8518 Document the new support workflow phoul
Description

The support workflow is changing, the team is growing, I should document it.

#23840 Google's reCAPTCHA fails 100% hiro
Description

When I click "I;m not a robot" of Google Captcha, I instantly got:

Try again later Your computer or network may be sending automated queries. To protect our users, we can't process your request right now. For more details visit our help page

Switching identity didn't help. Looks like Google ban Tor completely. This will block Tor users to: a) use web services which use Google Captcha (reddit registration for example) b) visit Cloudflared website

You should write a blog to gather attention.

1 2 3
Note: See TracQuery for help on using queries.