Skip to content

2022 05 21 QA report

Jump to bottom
sonia v edited this page May 21, 2022 · 2 revisions

What is the threat model and goal?

Entities are:

  • A censoring agency (like the Russian government, Roskomnadzor) made up of adversarial users
    • Users might be bots
    • We can assume a large number of them, sending a lot of messages all day
  • Users (like Russian citizens)

What are the goals?

By order of importance:

  1. Prevent bridge enumeration

  2. Detect bot abuse

  3. Mitigate db attack

    • log everything but not for more than one week
    • find data structures that can't reveal anything even when discovered, for example using hashes

  4. Report and respond to bridges not working

What can we base trust upon?

  • ✔️ Account age
  • ✔️ Recommendation by trusted users
  • ❌ Social media: they're blocked in Russia and monitored by the govt

Can we use whatsapp?

Yes using this workaround

Clone this wiki locally