New release: BridgeDB 0.7.1
Our users rely on bridges if their ISPs or governments block access to the Tor network. In essence, bridges are just private Tor relays that we hand out to users who need them. The difficulty lies in handing out bridges to censored users but not to censors. We are tackling this problem with the tool BridgeDB, which makes it easy to get some bridges, but hard to get many. BridgeDB allows users to request bridges over a web page, over email, and directly in Tor Browser.
We just released BridgeDB version 0.7.1, which comes with the following improvements:
- From now on, users can no longer request bridges from a Yahoo email account, which fixes issue #28496. We believe that Yahoo fell behind in making it hard for spammers to create many email accounts, and it also has a feature that allows the creation of up to 500 disposable email addresses, which makes it easy for a censor to request a disproportionately large number of bridges. We therefore deactivated Yahoo, which leaves us with Gmail and Riseup as the email providers from which users can request bridges.
- When the Great Firewall's active probing attack discovered a bridge, the GFW used to block the bridge by its IP address and port, which conveniently left other transport protocols that ran on the same IP address, say obfs4, reachable. This behavior changed recently, and bridges are now blocked by their IP address. This means that a protocol that is vulnerable to the GFW’s active probing attack (e.g., vanilla Tor, fte, and obfs3) can get the entire bridge blocked—including obfs4, which is resistant to active probing! The new BridgeDB release addresses this issue by only handing out a bridge’s probing-resistant protocols if the bridge supports protocols that are both vulnerable and resistant to active probing. For example, if a bridge supports both vanilla Tor and obfs4, then we only hand obfs4 to users.
- We added new translations for BridgeDB and updated existing ones. Thanks to everybody who helped translate BridgeDB!
Unrelated to version 0.7.1, we heard that BridgeDB occasionally hands out bridges that are offline. We diagnosed this problem and noticed that several dozen obfs4 bridges are unreachable. If you’re running an obfs4 bridge, please make sure that both your vanilla Tor port and your obfs4 port are reachable. We set up a service that allows you to test if your obfs4 port is reachable.
Hey Philipp Winter! Nice to…
Hey Philipp Winter! Nice to see you more closely involved with TP development again!
Thanks to all involved in…
Thanks to all involved in this urgently necessary work!
BTW, The Guardian (theguardian.com) has been running an excellent series on the huge protests in Hong Kong over the extradition bill, which violates the treaty under which UK returned HK to CN, and will effectively ruin the rule of law in the former British colony. I hope these bridge improvements will help the protesters to tell their stories directly by reaching social media outside China.
I never needed to use…
I never needed to use bridges, but today discovered that T-Mobile is blocking the bridges that Orbot on Android is using by default, as well as the cloud server options. I needed to use bridgedb to be able to connect successfully. Thank you for the work in keeping privacy and censorship prevention alive!
Unfortunately, Orbot's…
Unfortunately, Orbot's default obfs4 bridges are currently all offline: https://bugs.torproject.org/30870
Urgent. Please exclude and…
Urgent.
Please exclude and remove all relays and bridges that were setup in Hong Kong. Because Hong Kong has been totally under controlled by CCP. All of relays and bridges may be disguised by Gov-controlled people. HKgers are being closely monitored and surveillance from CCP. Hong Kong is no longer safe.
Join the discussion...
We encourage respectful, on-topic comments. Comments that violate our Code of Conduct will be deleted. Off-topic comments may be deleted at the discretion of the post moderator. Please do not comment as a way to receive support or report bugs on a post unrelated to a release. If you are looking for support, please see our support portal or ways to get in touch with us.
And so the Great Arms Race…
And so the Great Arms Race continues. I don't use bridges but just want to say a MASSIVE THANKS to all the ToR Team again for great and hard work on them and everything else.