Opened 14 months ago

Closed 4 months ago

Last modified 4 months ago

#30941 closed defect (fixed)

Need better instructions for requesting bridges via email

Reported by: pili Owned by: phw
Priority: Medium Milestone:
Component: Circumvention/BridgeDB Version:
Severity: Normal Keywords: ux-team, s30-o22a2, anti-censorship-roadmap-2020Q1
Cc: antonela, phw, cohosh Actual Points: 1
Parent ID: #31279 Points: 1
Reviewer: cohosh Sponsor: Sponsor30

Description

For bridges obtained via email by emailing bridges@ it's not clear how/where to request bridges via email.

E.g the bridges.tpo website simply says to email bridges@ to get bridges

Emailing that address gives you a number of commands but doesn't specify where to send the commands (email subject, body...) I tried both and wasn't able to get it to work.

It also specifies that you can combine commands but it doesn't give any examples or indication of how to do so.

This was raised by a user and I also couldn't figure it out after trying for about 5 minutes :/

Child Tickets

Change History (21)

comment:1 Changed 14 months ago by pili

P.s I finally figured out that the body content has to be empty apart from the command... (previously I was just replying to the original email, keeping the conversation history in the body)

comment:2 Changed 14 months ago by antonela

Yes, requesting bridges is painful right now. I suggested a usable solution for it in #30456.

comment:3 in reply to:  1 ; Changed 13 months ago by phw

Cc: phw added

Replying to pili:

P.s I finally figured out that the body content has to be empty apart from the command... (previously I was just replying to the original email, keeping the conversation history in the body)


This issue is documented over in #17626.

I agree that we need to overhaul the email distribution method. It took me a while too, to first figure out how it works, which is bad. Fixing the instructions on bridges.torproject.org is something we can do easily. How about we change it to the following:

Another way to get bridges is to send an email to bridges@…. Leave the email subject empty and write "get bridges" in the email body for normal bridges or "get transport obfs4" for an obfuscated bridge. Please note that you must send the email using an address from one of the following email providers: Riseup or Gmail.

comment:4 Changed 12 months ago by pili

Parent ID: #31279

comment:5 Changed 11 months ago by gaba

Keywords: s30-o22a2 added

comment:6 Changed 6 months ago by gaba

Keywords: anti-censorship-roadmap-2020Q1 added

comment:7 in reply to:  3 Changed 6 months ago by phw

Status: newneeds_review

Replying to phw:

I agree that we need to overhaul the email distribution method. It took me a while too, to first figure out how it works, which is bad. Fixing the instructions on bridges.torproject.org is something we can do easily. How about we change it to the following:

Another way to get bridges is to send an email to bridges@…. Leave the email subject empty and write "get bridges" in the email body for normal bridges or "get transport obfs4" for an obfuscated bridge. Please note that you must send the email using an address from one of the following email providers: Riseup or Gmail.


I just deployed this fix as part of #31427. Ticket #17626 is also fixed, so what's left is to improve BridgeDB's email instructions. They currently say:

Hey, identityfunction! Welcome to BridgeDB!



COMMANDs: (combine COMMANDs to specify multiple options simultaneously)
  get bridges            Request vanilla bridges.
  get transport [TYPE]   Request a Pluggable Transport by TYPE.
  get help               Displays this message.
  get key                Get a copy of BridgeDB's public GnuPG key.
  get ipv6               Request IPv6 bridges.

Currently supported transport TYPEs:
  fte
  obfs3
  obfs4
  scramblesuit


BridgeDB can provide bridges with several types of Pluggable Transports[0],
which can help obfuscate your connections to the Tor Network, making it more
difficult for anyone watching your internet traffic to determine that you are
using Tor.

Some bridges with IPv6 addresses are also available, though some Pluggable
Transports aren't IPv6 compatible.

Additionally, BridgeDB has plenty of plain-ol'-vanilla bridges - without any
Pluggable Transports - which maybe doesn't sound as cool, but they can still
help to circumvent internet censorship in many cases.

[0]: https://www.torproject.org/docs/pluggable-transports.html

 --
 <3 BridgeDB

I suggest that BridgeDB should respond with obfs4 bridges even if the email request is invalid:

Here are your obfs4 bridges:

 obfs4 1.2.3.4:1234 ...
 obfs4 4.3.2.1:4321 ...

Add these bridges to your Tor Browser by opening your browser
preferences, clicking on "Tor", and then adding them to the "Provide a
bridge" field.

If these bridges are not what you need, respond to this email with one
of the following commands in the message body:

  get bridges           (Request "vanilla" Tor bridges.)
  get transport TYPE    (Request a different obfuscation type. Replace
                         TYPE with obfs3, obfs4, or scramblesuit.)
  get ipv6              (Request IPv6 bridges.)

What do you think? How can we make it better?

comment:8 Changed 6 months ago by cohosh

Status: needs_reviewneeds_information

Nice! I think we should ask antonela to look over this as well. I like the changes. Some comments:

  • The idea to provide bridges on failure is really nice. I like how you've structured that email.
  • Are we still handing out FTE or scramblesuit bridges? From what i remember, we removed default FTE bridges from Tor Browser awhile ago. I guess the same could be asked of obfs3. If we only care about handing out obfs4, there's some simplification that can be done with the instructions here.
  • Should we have more text explaining that you issue the commands by replying to or sending a new email?

comment:9 Changed 6 months ago by teor

I suggest that BridgeDB should respond with obfs4 bridges even if the email request is invalid

Careful with responding to invalid input: it can enable some kinds of attacks.

I can't think of any attacks that are easier than "just send another, correctly-formatted email". But there can sometimes be risks with email forwarding, or mailing lists.

comment:10 Changed 6 months ago by teor

As far as the text itself goes, the following words are ambiguous:

  • vanilla
  • several
  • plain-ol'-vanilla
  • cool

We should replace them with simpler English words, to help people who don't use our dialect of English.

comment:11 Changed 6 months ago by phw

When rephrasing the email response, let's keep in mind that we're retiring obfs3, scramblesuit, and fte (see #33299).

comment:12 Changed 5 months ago by cohosh

Cc: cohosh added

comment:13 in reply to:  8 ; Changed 4 months ago by phw

Status: needs_informationneeds_review

Replying to cohosh:

  • Are we still handing out FTE or scramblesuit bridges? From what i remember, we removed default FTE bridges from Tor Browser awhile ago. I guess the same could be asked of obfs3. If we only care about handing out obfs4, there's some simplification that can be done with the instructions here.


Since #33299 we no longer are. At this point, the only PT is obfs4.

  • Should we have more text explaining that you issue the commands by replying to or sending a new email?


Hmm, doesn't the email already say that? Please let me know if you would like to rephrase it. Here's my latest iteration:

Here are your obfs4 bridges:

 obfs4 1.2.3.4:1234 ...
 obfs4 4.3.2.1:4321 ...

Add these bridges to your Tor Browser by opening your browser
preferences, clicking on "Tor", and then adding them to the "Provide a
bridge" field.

If these bridges are not what you need, reply to this email with one of
the following commands in the message body:

  get transport TYPE    (Request obfuscated bridges. Replace
                         TYPE with "obfs4".)
  get bridges           (Request unobfuscated Tor bridges.)
  get ipv6              (Request IPv6 bridges.)

I also replaced "vanilla" with "unobfuscated" as per teor's suggestion.

comment:14 in reply to:  9 Changed 4 months ago by phw

Replying to teor:

I suggest that BridgeDB should respond with obfs4 bridges even if the email request is invalid

Careful with responding to invalid input: it can enable some kinds of attacks.

I can't think of any attacks that are easier than "just send another, correctly-formatted email". But there can sometimes be risks with email forwarding, or mailing lists.


BridgeDB already is responding to invalid emails with help instructions. I think the benefits of this behaviour (it helps confused users) outweighs the harm you mentioned – at least so far.

comment:15 Changed 4 months ago by cohosh

Reviewer: cohosh

comment:16 in reply to:  13 Changed 4 months ago by cohosh

Status: needs_reviewmerge_ready

Replying to phw:

Replying to cohosh:

  • Should we have more text explaining that you issue the commands by replying to or sending a new email?


Hmm, doesn't the email already say that? Please let me know if you would like to rephrase it. Here's my latest iteration:

Here are your obfs4 bridges:

 obfs4 1.2.3.4:1234 ...
 obfs4 4.3.2.1:4321 ...

Add these bridges to your Tor Browser by opening your browser
preferences, clicking on "Tor", and then adding them to the "Provide a
bridge" field.

If these bridges are not what you need, reply to this email with one of
the following commands in the message body:

  get transport TYPE    (Request obfuscated bridges. Replace
                         TYPE with "obfs4".)
  get bridges           (Request unobfuscated Tor bridges.)
  get ipv6              (Request IPv6 bridges.)

I also replaced "vanilla" with "unobfuscated" as per teor's suggestion.

Oh, you're right! This looks good to me. The only other piece of feedback is something that came up in a similar GetTor ticket: #23226 to make clear in the email text that this is an automated response.

comment:17 Changed 4 months ago by phw

Owner: changed from sysrqb to phw
Points: 1
Status: merge_readyassigned

I'm changing the status back to 'assigned' because I have yet to write the code. :)

comment:18 Changed 4 months ago by phw

Status: assignedneeds_review

I have a fix in my defect/30941 branch. Here's what the code does:

  • Respond with obfs4 (or whatever is configured in DEFAULT_TRANSPORT) bridges if the user's request is invalid or empty.
  • Remove the help email (which you would previously get after sending an invalid request or a request that contains "get help") because we no longer need it.
  • Simplify the automatic response as discussed above in this ticket.
  • Make it clear that the email response is automatically generated as cohosh suggested.

Here's what BridgeDB's new email response will look like:

[This is an automated email.  Please do not reply.]

Here are your bridges:

obfs4 1.1.1.1:1111 ...
obfs4 2.2.2.2:2222 ...

Add these bridges to your Tor Browser by opening your browser
preferences, clicking on "Tor", and then adding them to the "Provide a
bridge" field.

If these bridges are not what you need, reply to this email with one of
the following commands in the message body:

  get bridges            (Request unobfuscated Tor bridges.)
  get ipv6               (Request IPv6 bridges.)
  get transport TYPE     (Request obfuscated bridges. Replace TYPE with 'obfs4'.)
  get key                (Get a copy of BridgeDB's public GnuPG key.)

Note that "get key" is still supported but we will get rid of this functionality in #17548.

comment:19 Changed 4 months ago by cohosh

Status: needs_reviewmerge_ready

This looks great!

comment:20 Changed 4 months ago by phw

Actual Points: 1
Resolution: fixed
Status: merge_readyclosed

Thanks, merged into develop.

While inspecting BridgeDB's logs, I noticed that the autoresponder breaks when dealing with a quoted response from Gmail's web interface. I filed #33835 to get that fixed.

comment:21 Changed 4 months ago by phw

Roger suggested to abandon the concept of transport TYPEs for now because we only offer obfs4 anyway. I addressed his suggestion in commit 208b49c and deployed the fix. BridgeDB's email response now looks as follows:

[This is an automated email.]

Here are your bridges:

  obfs4 ...
  obfs4 ...

Add these bridges to your Tor Browser by opening your browser
preferences, clicking on "Tor", and then adding them to the "Provide a
bridge" field.

If these bridges are not what you need, reply to this email with one of
the following commands in the message body:

  get bridges            (Request unobfuscated Tor bridges.)
  get ipv6               (Request IPv6 bridges.)
  get transport obfs4    (Request obfs4 obfuscated bridges.)
  get key                (Get a copy of BridgeDB's public GnuPG key.)
Note: See TracTickets for help on using tickets.