[tor-project] Anti-censorship team monthly report: May 2019
Philipp Winter
phw at torproject.org
Mon Jun 3 18:24:39 UTC 2019
BridgeDB
========
* We submitted our "gather BridgeDB usage statistics" proposal to the
Tor research safety board. You can find the proposal it here:
<https://lists.torproject.org/pipermail/anti-censorship-team/2019-April/000004.html>
We are still waiting to hear back from the board.
* We filed <https://bugs.torproject.org/30441> to understand why
BridgeDB is handing out so many offline bridges. It looks like this
problem is a combination of several smaller problems. We wrote a tool
that scans the obfs4 port of all bridges that our bridge authority
knows about, and started contacting the operators of bridges whose
obfs4 port was unreachable. Have a look at the ticket for details.
GetTor
======
* We deployed the refactored GetTor codebase:
<https://bugs.torproject.org/28152>
Pluggable transports
====================
* We built a service that allows bridge operators to scan the obfs4 port
of their bridge. The service is now deployed and available at
<https://bridges.torproject.org/scan/>. Give it a try and tell us
what we can do better!
- The ticket is available here: <https://bugs.torproject.org/30472>
- The code is available here: <https://github.com/NullHypothesis/obfs4PortScan>
- This effort is part of improving the UX of setting up an obfs4
bridge: <https://trac.torproject.org/projects/tor/ticket/30471>.
* We revised our obfs4 setup instructions:
<https://trac.torproject.org/projects/tor/wiki/doc/PluggableTransports/obfs4proxy>
- This effort is part of improving the UX of setting up an obfs4
bridge: <https://trac.torproject.org/projects/tor/ticket/30471>.
* We assessed the HTTPS Proxy pluggable transport; i.e., understood its
advantages, disadvantages, and what it would take to deploy it. Our
assessment is available at
<https://trac.torproject.org/projects/tor/ticket/29278#comment:6>.
Censorship analysis
===================
* We are in touch with a research group that is studying the GFW's
active probing system. We noticed that the GFW does not probe recent
Tor versions. One explanation is that the cipher list in Tor's TLS
client hello (this is what the GFW uses to identify Tor) changed.
- See <https://bugs.torproject.org/30500> for the ticket.
* We recently saw a drastic increase of Tor users from Iran. We don't
yet understand the reason for this.
- See <https://bugs.torproject.org/projects/30636> for details.
Snowflake
=========
* We made progress with snowflake's WebExtension.
- See <https://bugs.torproject.org/23888> for details.
* We started working on detailed measurements of the snowflake blocking
in China. We saw Google's STUN servers starting to be blocked in
China, as well as blocking stop for individual proxies.
- See <https://bugs.torproject.org/30368> for the ticket.
* Fixed several bugs in the client and snowflake proxy-go instances.
* Starting locally collecting geo-IP metrics on snowflake proxies.
* Fought a broker outage and implemented a fall-back mechanism for
using snowflake certificates
- See <https://bugs.torproject.org/30512> and
<https://bugs.torproject.org/30509>.
Miscellaneous
=============
* We finished a technical report as deliverable for Sponsor 19. The
report provides a comprehensive overview of the state of Tor's
anti-censorship efforts and we will soon publish it in a blog post.
* We attended the kick-off meeting for Sponsor 28. As part of this
project we will keep improving snowflake, improve and evaluate the
obfs4 protocol, and extend our pluggable transport specification.
- See the following page for Sponsor 28-related work:
<https://trac.torproject.org/projects/tor/wiki/org/sponsors/Sponsor28>
More information about the tor-project
mailing list