I don't trust Google neither Yahoo nor Bing. If they have captchas and your phone then they're done and you're screwed. Don't be afraid of using Riseup a lot. They are in the market. But I think, Roger can do something with this (sorry, I talk to the boos, not to the hand). Perhaps he don't because there are more people talking of Tor than using it. Cheers.
On Sat, Jul 26, 2014 at 7:47 AM, Matthew Finkel <[email protected]> wrote: > On Fri, Jul 25, 2014 at 03:44:21PM +0000, obx wrote: > > > Because we need an adequately popular provider that makes it hard to > > > generate lots of addresses. Otherwise an attacker could make millions > > > of addresses and "be" millions of different people asking for bridges. > > > > I know this is the reason, but there are still captchas, right? > > > > Yes, they do rely on captchas and phone numbers. But luckily, in the > case for gmail, the capture-difficulty is variable. This in no way > solves the problem, but it's certainly better than most alternatives. > > > Also, I think this list needs to be expanded. > > > > > (Also, it recently became clear that it would be useful for people to > > > access this provider via https, rather than http, so a network > adversary > > > can't just sniff the bridge addresses off the Internet when the user > > > reads her mail. > > > > I'm not sure if gmail is safe against this recent adversary, regardless > > of the protocol. > > > > Excluding the NSA/US Gov, I think gmail is the best > corporate-controlled service available, right now. This > opinion may change if contradictory information is released, but at > this time, for our purposes, I am happy requiring gmail. > > Services like riseup are excellent, but we are abusing their systems > (a little), as well as potentially putting more work/stress/pressure on > the staff. I wish there was a way to necessitate the requirements and > rigor of riseup with the scalability of gmail. Alas, this isn't > available, as far as I know. Riseup is also special due to existing > person relationships, it's possible we can expand the whitelist to other > provides such as autistici, but it will be a more involved process. > > Suggestions and help always appreciated > -- > tor-talk mailing list - [email protected] > To unsubscribe or change other settings go to > https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk > -- tor-talk mailing list - [email protected] To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
