Opened 8 years ago

Closed 8 years ago

Last modified 7 years ago

#4392 closed defect (duplicate)

UpdateBridgesFromAuthority is problematic

Reported by: Sebastian Owned by:
Priority: Medium Milestone: Tor: unspecified
Component: Core Tor/Tor Version:
Severity: Keywords: tor-bridge
Cc: Actual Points:
Parent ID: Points:
Reviewer: Sponsor:

Description

When UpdateBridgesFromAuthority is set to 1, Tor makes a direct connection to Tonga to fetch the bridge descriptor referenced in the configuration, as long as it includes the fingerprint. This happens before even trying the bridge directly, so we definitely leak to censors that a) we're a tor client, trying to use bridges; and b) that we'll soon connect to a real bridge IP:port. Back when Tonga wasn't blocked, this seemed fine, but now that we have adversaries that actually pick up on the Tor handshake or network behavior and send active probes, this seems like a poor idea.

Child Tickets

Change History (3)

comment:1 Changed 8 years ago by Sebastian

Resolution: duplicate
Status: newclosed

arma points out this is a duplicate of #1938. We should teach arma to predict the future so he can tell me before I open the bug :)

comment:2 Changed 7 years ago by nickm

Keywords: tor-bridge added

comment:3 Changed 7 years ago by nickm

Component: Tor BridgeTor
Note: See TracTickets for help on using tickets.