@mlanger yes, and it'll only get worse.
- I'd not be surprised if soon all sites will act like @torproject's #BridgeDB via mail [
bridges@torproject.org] and only allowlist a few #MailProviders (in their case @riseup and #GMail)...
#BridgeDB
@torproject Q: I wish there was a similar tool test #Bridges, as https://bridges.torproject.org/scan/ is not that good and I don't want to hammer it with dozens of addresses, cuz at best that's quite antisocial if not possibly trigger responses assuming this is an intelligence gathering operation.
- Ideally sone standalone binary that one can just give a list of #TorBridge|s in a text file (similar to the way one can just past them in at #TorBrowser) would help.
I.e.
bridgetest -v4 obfs4 203.0.113.0:80 …
bridgetest -v6 webtunnel [2001:DB8::1]:443 …
bridgetest -list ./tor.bridges.list.private.tsv
- But maybe #onionprobe already does that. In that case please tell me to "#RTFM!"…
Similarly there needs to be a more granular way to request #TorBridges from #BridgeDB (as it's basically impossible to get #IPv4 #Webtunnel addresses nor is there an option to filter for #ports like :80 & :443 to deal with restrictive #firewalls (i.e. on public #WiFi)…
- there are flags like
ipv6=yesbut neitheripv4=yesnoripv6=noyielded me other resultd than #IPv6webtunnelbridges…
And before anyone asks: Yes, I do have a "legitimate purpose" as some of my contacts do need Bridges to get beyond a mandatory firewall and/or do use #TorBrowser (through an #SSH tunnel) to circumvent Tor & #VPN blocks and maintain privacy (as many companies do block sometimes entire #Hosters' ASNs due to rampant #scrapers…
@tails_live @tails @torproject plus support for meek, snowflake, webtunnel and non-#obfs4 #Bridges seems missing in #Tails.
- It would also help if #BridgeDB allowed to actually select #IPv4 and not just #IPv6 and select ports (i.e. 80 & 443) on top of that.
Cuz to this day I've to yet see an IPv4-#webtunnel #bridge…
Right now the problem with @torproject #BridgeDB is that I can't get #webtunnel bridges on #IPv4 even when I try to specify those by setting ipv6=no at the URL:
https://bridges.torproject.org/bridges?transport=webtunnel&ipv6=no
And no, removing IPv6 from the URL doesn't yield any IPv4 results either.
https://bridges.torproject.org/bridges?transport=webtunnel
It would be better if #BridgeDB would have a radio button / switch to choose IPv4 & #IPv6 for this reason.
#WhatsMissing: A tool to check if #TorBridges are still available/online/reachable that one can use either #standalone (with #TorBrowser and/or #Tor Expert Bundle) or on @tails_live / @tails / #Tails.
- Cuz I do run into issues and kinda want to sort #Bridges by availability so I don't waste time on a #TorBridge that is down and also thin-out the list of bridges that ain't online anymore.
Whilst I do acknowledge that @torproject do disrecommend having a huge list of Tor Bridges on hand, I do regularly need them for contacts who are behind a #GreatFirewall and can't #SSH-Tunnel out of it.
- Sadly #BridgeDB doesn't offer good #filtering options so one can't just query types effectively like "I need #webtunnel on #IPv4" or "I can only use Ports 80 & 443 on #IPv6" which may work.
Espechally being able to filter for #IPv4only and not just #IPv6only is something I miss, alongside the filter for #PluggableTransports type as @guardianproject #Orbot seems to only handle #obfs4 and not webtunnel or #meek at all...
- I'm pretty certain that merely pinging a bridge at it's port isn't working as a shure-fire way to check for it's availability.
#WhatsMissing:
A #TorBridges #Bot on the #Fediverse which allows people to interact with #BridgeDB and just fill out:
- IPv4 or IPv6
- vanilla, obfs4, meek or webtunnel
- restricted ( 80 / 443 ) or unrestricted ports.
1. One can just DMs it i.e. "get bridge IPv4 webtunnel restricted".
2. it replies with a captcha (may it be image or audio)...
3. if solved replies with a bridge that fits these criteria...
4. to prevent spamming the bot with a single account, it has progressive timeouts and will mute/softblock users for 5 minutes per request at minimum and triples that after each until it maxes out at 24hrs. It also has a blocklist against spammers and certain instances...
5. the entire conversation gets deleted by the bot after 1 hour.
I think that's better than the allow-listing of the #eMail bot.
https://bridges.torproject.org
#Tor #TorBridge #Mastodon #bots #ActivityPub #development #API
A #Tor #BridgeDB #bot on the :fediverse: that allows people to query for a #TorBridge with fixed parameters ( #IPv4 or #IPv6, #RestrictedPorts 80 & 443 or not, Type vanilla / #obfs4 / #meek / #webtunnel or just a completely random #Bridge...)
Basically it would make the #Tor BridgeDB query and let the user solve the #Captcha, relays back their solution and once completed, it'll send people their bridges and instruct them how to delete the DM conversation.
@a000d4f7a91939d0e71df1646d7a48 @torproject I guess someone's doing traffic analysis of #TorBrowser...
Ideally I recommend people to stock up on #TorBridges via #BridgeDB beforehand...
And yes, I've already tooted about @torproject 's #BridgeDB having need to improvement i.e. being able to filter #TorBridges for ports, type, IPv4 or IPv6 and so on.
I've slowly acquired a list of 49 bridges that I do share with trusted contacts in need...
OFC not the whole one as I want them also get some of their own - decentralization is key...
@torproject Not to mention it being used in more and more #Cyberfacist regimes to preemptively detain and harrass and detain people without charges.
And yes, that also happens in the global "west"...
https://mstdn.social/@kkarhan/110533134513076980
So let the #Wumao at least work for their sweet entries manually farming #BridgeDB @ https://bridges.torproject.org aka.
http://yq5jjvr7drkjrelzhut7kgclfuro65jjlivyzfmxiq2kyv5lickrl4qd.onion for #TorBridges...
Also #plzfix the issues re: #BridgeDB and querying bridges I've listed here:
https://mstdn.social/@kkarhan/111223884781997906
@torproject also make shure to get yourself some #Tor-#Bridges beforehand via #BridgeDB and to save them...
@torproject I mean it's cool that the #BridgeDB queries seem to filter per allocation.
Ideally it'll do some #GeoIP stuff and choose Bridges that don't have the same #ASN and/or #Location (i.e. Nation) allocated to them, if not are in different RIRs, but that's too deep...
https://gitlab.torproject.org/tpo/anti-censorship/bridgedb/-/issues/24704
@torproject And there's only so much bandwith I can donate aka. run a private bridge until that's no longer an option.
So having like a proper #API [even if it requires a #Captcha to solve] would be a godsent.
And no, #moat doesn't solve the demand for getting a #bridge with like parameters like
- IPv4
- Port: 443
- Webtunnel
Espechally when one's bedind the #IronFirewall and can't contact #BridgeDB...
https://gitlab.torproject.org/tpo/anti-censorship/bridgedb/-/issues/16671
There are several issues I have with @torproject 's #BridgeDB:
For once, it's good and convenient but it's filtering options are half broken.
For example https://bridges.torproject.org/bridges/?transport=webtunnel&ipv6=yes will get me a #Webtunnel #TorBridge that has #IPv6, but setting ipv6=no or ipv4=yes doesn't work.
Nor can I add ports=80,443 or port=443&port=80 or similar.
So it would be really cool if one could just query stuff like that [OFC I'm not talking about the CAPTCA, that exist for reasons]...
@tails @torproject And in the case of #meek that's the only reliable way to tunnel through the #GreatFirewall of the "P.R." #China.
And it's not as if one can query more than 2 bridges at the time from #BridgeDB or granularly filter like "I need an #obfs4 #bridge that uses port 443" or something...
https://bridges.torproject.org
I know ~ why ~ the #Tor Project does it: Otherwise some Governments would query the entire BridgeDB...
Client Info
Server: https://mastodon.social
Version: 2025.04
Repository: https://github.com/cyevgeniy/lmst