Cecylia Bocovich:
Option 1: Just remove the CAPTCHAs already!
We're tired of waiting and just want our bridges.Option 2: Do some science?
We could make a new distribution bucket in BridgeDB that distributesbridges through Moat without a CAPTCHA and have new versions of Tor Browser pull from this bucket. We can watch and perform measurements in places we know enumeration attempts have occurred in the past and see whether these bridges are enumerated more quickly and more completely than the old-school Moat bucket.
Hi Cecylia,
I understand that your Option 2 would remove all CAPTCHAs for all Tor Browser users.
I don't know much about bridge distribution so my idea is most likely flawed. But what about combining Option 1 and Option 2 by doing a bigger experiment that would already remove the CAPTCHAs for a significant amount of users:
Split the current CAPTCHA bridges 50/50 into 2 buckets:
- Bridges in the 1st bucket would be distributed without CAPTCHA. - Bridges in the 2nd bucket would be distributed with a CAPTCHA.
New versions of Tor Browser could pick from either of the 2 buckets. Maybe based on a silly metric like whether the 3rd part of the IP address is odd or even to be consistent across a same local network, or maybe something smarter.
You get the science while saving CAPTCHAs to 50% of users already and not risking all your CAPTCHA bridges in the gamble. It might be easier to measure how much CAPTCHAs really prevent enumeration by comparing both buckets over the same period of time. All Tor Browsers remain the same. The current UI could display or not display the CAPTCHAs when requesting a bridge without a lot of change.
Option 3: Keep doing what we're doing but try to make the CAPTCHAs more usable.
This is the work we've had planned, but will only get us so far.
I'd keep Option 3 for if the experiment proves that CAPTCHAs are really useful at preventing enumeration.