Supporting NGOs with private bridges.

Inspired by #28526, this page documents how we can support NGOs with private bridges.

0. Understand the NGO's requirements

To be maximally useful, we need to understand the NGO's requirements. Ask at least the following questions:

  • How many users do you have?
  • Where are your users located?
  • What is your threat model?
  • What platforms are your users using? Desktop? Android?
  • Can you run your own bridges? Or do you need bridges from us?

The NGO's users are likely subject to censorship and therefore unable to access our official download page. To download Tor Browser, we need to point the NGO to GetTor download links, which the NGO can then distribute to its users:

These hosting platforms all contain a large and confusing list of download links. To make things easier for the NGO, provide a few specific links; that is, links for Windows, MacOS, and Linux; for the desired locale. Also tell the NGO that its users can download their own copy of Tor Browser by emailing gettor@….

2. Supply the NGO with bridges

There are two options. Whatever option we go with, we should monitor the bridges and take action if any go offline.

2.1 Teach the NGO how to run their own bridges

Point the NGO to our bridge setup guides and tell them to use the following torrc instead, to keep their bridge private:

BridgeRelay 1

# Replace "TODO1" with a Tor port of your choice.  This port must be externally
# reachable.  Avoid port 9001 because it's commonly associated with Tor and
# censors may be scanning the Internet for this port.  You can firewall this
# port if your users only connect over obfs4.

ServerTransportPlugin obfs4 exec /usr/bin/obfs4proxy

# Replace "TODO2" with an obfs4 port of your choice.  This port must be
# externally reachable and must be different from the one specified for ORPort.
# Avoid port 9001 because it's commonly associated with
# Tor and censors may be scanning the Internet for this port.
ServerTransportListenAddr obfs4

# Local communication port between Tor and obfs4.  Always set this to "auto".
# "Ext" means "extended", not "external".  Don't try to set a specific port
# number, nor listen on
ExtORPort auto

# Replace "<>" with your email address so we can contact
# you if there are problems with your bridge. This is optional but encouraged.
ContactInfo <>

# Pick a nickname that you like for your bridge.  This is optional.
Nickname PickANickname

# Tell BridgeDB to not distribute the bridge, so it remains private.
BridgeDistribution none

# Don't self-test, to minimise exposure.
AssumeReachable 1

Tell the NGO that they may also want to firewall their bridges' OR port (as long as #7349 is still unfixed). Mention that we are happy to help them test their bridges, to make sure that everything is configured correctly.

2.2 Supply the NGO with bridges

We are closely working with volunteers who maintain a pool of reliable and fast obfs4 bridges in various data centres around the world. We can take a subset of these bridges and send them to an NGO for private distribution. Keep track of what bridge was sent to what NGO.

3. Provide instructions on adding bridges

Provide instructions on how to add these private bridges to Tor Browser. Provide our official instructions and, if available, localised instructions (e.g., in Chinese).

Orbot can (or will) hook a bridge:// URI (see #28015 and #15035), making it easier for the NGO's users to configure their bridges.

Last modified 9 months ago Last modified on Feb 3, 2020, 10:33:19 PM