Quoting Keifer Bly (2022-07-22 18:42:57)
Says it is blocked in Russia. I take this as a good sign that the bridge is being used, as it is being picked up. But I am wondering is there a way to set the bridge to automatically change Ips every few days or so to make it harder to detect? Maybe this would be an interesting thing to implement.
tl;rd: no, please don't rotate the IP address of your bridges.
There is a complicated valance here.
Many users will keep their bridges for long time if they are working fine, it might not be easy in some places to get new bridges. Tor Browser and many other software based on tor is designed around that, and bridges are kept long time (there are also other benefits for privacy keeping them stable as they end up as guards).
At the same time once bridges are blocked it could be nice to rotate IP addresses, to keep them being useful. But rotating the IP address might affect users on other locations for which the bridge is still working fine.
For now we are asking people to keep their IP address stable and don't rotate it. As we find more valuable stable bridges and that is what users expect. We have some ideas for the future to allow rotation and let users rediscover them, but that is not going to happen soon.
So for now don't host a bridge if you can't have a stable IP address for a long period of time. Is not the end of the world if you rotate the IP address once per year or something like that, but don't do it on daily basics.
Thanks. But it just seems that would make it easier to have "new" bridges, as all of the in use ones will eventually be blocked? Have you seen my homemade tool for Windows tor relays at https://www.youtube.com/watch?v=Vpk6yvUWQqU? Thanks. --Keifer
On Tue, Aug 9, 2022 at 6:43 AM meskio meskio@torproject.org wrote:
Quoting Keifer Bly (2022-07-22 18:42:57)
Says it is blocked in Russia. I take this as a good sign that the
bridge
is being used, as it is being picked up. But I am wondering is there
a way
to set the bridge to automatically change Ips every few days or so to
make
it harder to detect? Maybe this would be an interesting thing to implement.
tl;rd: no, please don't rotate the IP address of your bridges.
There is a complicated valance here.
Many users will keep their bridges for long time if they are working fine, it might not be easy in some places to get new bridges. Tor Browser and many other software based on tor is designed around that, and bridges are kept long time (there are also other benefits for privacy keeping them stable as they end up as guards).
At the same time once bridges are blocked it could be nice to rotate IP addresses, to keep them being useful. But rotating the IP address might affect users on other locations for which the bridge is still working fine.
For now we are asking people to keep their IP address stable and don't rotate it. As we find more valuable stable bridges and that is what users expect. We have some ideas for the future to allow rotation and let users rediscover them, but that is not going to happen soon.
So for now don't host a bridge if you can't have a stable IP address for a long period of time. Is not the end of the world if you rotate the IP address once per year or something like that, but don't do it on daily basics.
-- meskio | https://meskio.net/ -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- My contact info: https://meskio.net/crypto.txt -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Nos vamos a Croatan.
On Mittwoch, 10. August 2022 02:02:36 CEST Keifer Bly wrote:
Thanks. But it just seems that would make it easier to have "new" bridges, as all of the in use ones will eventually be blocked?
So either you have dozens of unused IP's on your server then do as I do, let the bridges run, _now_ https://nusenu.github.io/OrNetStats/for-privacy.net.html and set different BridgeDistribution methods. # Recognized methods are: "https", "email", "moat", "settings", "telegram", "reserved".
Or you haven't ordered any IP's for a looong time. https://docs.hetzner.com/general/others/ipv4-pricing/ The setup fee + monthly costs = one bar metal server/month¹ or one KVM for a whole year (both incl. 1IP & IPv6/48 sub)
¹ unmetered unlimited traffic (1000 Mbit), see my OT post.
tor-relays@lists.torproject.org
-
Keifer Bly -
lists@for-privacy.net -
meskio