hellais
commented
4 years ago This is a follow up issue from: https://github.com/ooni/backend/issues/396
Closed hellais closed 2 years ago
hellais
commented
4 years ago This is a follow up issue from: https://github.com/ooni/backend/issues/396
NullHypothesis
commented
3 years ago Hey folks, a brief update from Tor's side: wolpertinger should be up and running and is currently returning our (public) default bridges. I don't think it's a good idea to use OONI to probe our entire private bridge pool because we cannot tell the difference between a censor and a user running OONI. This makes it too easy for a censor to get private bridges. We may use wolpertinger to test some private bridges but we're currently planning on setting up bridgestrap on a VPS in a few countries and use it to probe most of our private bridges. Since we control these instances, we don't need to worry about censors pretending to be users.
bassosimone
commented
3 years ago Added this issue to the next Sprint, so we can take a look with @hellais at the orchestra deployment. My understanding, in any case, @NullHypothesis is that the API we previously agreed with should not change in any detail and you're just telling us that the service will return public default bridges only. Do I understand correctly? Thank you!
hellais
commented
2 years ago This has been merged and deployed.
hellais
commented
2 years ago Just as a side note, while it is deployed, we don't actually have a valid "bridges-api-key" so we aren't actually retrieving bridges from the distributor.
I guess we should discuss with @cohosh if it's still useful for us to test private bridges and if so get a bridges-api-key for wolpertinger.
cohosh
commented
2 years ago Also cc'ing @meskio here because of his work on bridge distribution and testing.
Very cool! I agree with the comment by @NullHypothesis above, that for now it is most useful for us to use this to make sure OONI is up to date with Tor Browser's built-in bridges. We have some tentative plans to be more agile with our built-in bridges and our circumvention settings in Tor Browser, and this will help facilitate that. We can re-evaluate this in the future, and I'll let @meskio chime in as well if there are other bridges he thinks we should add.
I opened an issue to track the creation of an API key for you and have started working on it: https://gitlab.torproject.org/tpo/anti-censorship/bridgedb-admin/-/issues/1
cohosh
commented
2 years ago Oh on that note, can one of you send me an email address (and a PGP public key) I can use to send the private token?
meskio
commented
2 years ago I didn't even know wolpertinger existed :) One of the things I'm currently doing is a public API that provides the built-in bridges (and it doesn't require an api-key): https://bridges.torproject.org/moat/circumvention/builtin Is not yet in production, but I don't expect it to change. And hopefully will get in production this month.
Anyway, I guess for OONI makes more sense to use wopertinger and with it we can decide if we want to provide.
I'm happy to hear that this channel exists with OONI, I'll give it some thinking if we can provide more bridges than the default ones. But the default is a good start.
bassosimone
commented
2 years ago @cohosh we list the GPG keys of every team member here: https://ooni.org/about/. (My public key is also available via GitHub: https://github.com/bassosimone.gpg)
This is about merging and deploying this: https://github.com/ooni/orchestra/pull/88.
It's currently blocked by: ooni/probe-engine#629 ooni/probe-engine#643
This is a follow up issue to: https://github.com/ooni/backend/issues/396