[tor-project] Anti-censorship team meeting notes, 2023-10-19
onyinyang
onyinyang at torproject.org
Thu Oct 19 17:17:13 UTC 2023
Hey everyone!
Here are our meeting logs:
http://meetbot.debian.net/tor-meeting/2023/tor-meeting.2023-10-19-15.59.html
And our meeting pad:
Anti-censorship work meeting pad
--------------------------------
------------------------------------------------------------------------------------
THIS IS A PUBLIC PAD
------------------------------------------------------------------------------------
Anti-censorship
--------------------------------
Next meeting: Thursday, Oct 26 16:00 UTC
Facilitator: meskio
Weekly meetings, every Thursday at 16:00 UTC, in #tor-meeting at OFTC
(channel is logged while meetings are in progress)
This week's Facilitator: onyinyang
== Goal of this meeting ==
Weekly check-in about the status of anti-censorship work at Tor.
Coordinate collaboration between people/teams on anti-censorship at the
Tor Project and Tor community.
== Links to Useful documents ==
* Our anti-censorship roadmap:
* Roadmap:
https://gitlab.torproject.org/groups/tpo/anti-censorship/-/boards
* The anti-censorship team's wiki page:
*
https://gitlab.torproject.org/tpo/anti-censorship/team/-/wikis/home
* Past meeting notes can be found at:
* https://lists.torproject.org/pipermail/tor-project/
* Tickets that need reviews: from sponsors, we are working on:
* All needs review tickets:
*
https://gitlab.torproject.org/groups/tpo/anti-censorship/-/merge_requests?scope=all&utf8=%E2%9C%93&state=opened&assignee_id=None
* Sponsor 96 <-- meskio, shell, onyinyang, cohosh
*
https://gitlab.torproject.org/groups/tpo/-/milestones/24
* Sponsor 150 <-- meskio working on it
*
https://gitlab.torproject.org/groups/tpo/anti-censorship/-/issues/?label_name%5B%5D=Sponsor%20150
== Announcements ==
* A poll to set a date for a 'Future of PTs' voice conversation
*
https://www.systemli.org/poll/#/poll/YRRF8K19Bq/evaluation?encryptionKey=e1f9KPaHH6z7I6uYGNQVlegHvMGB3aHJaEufGQl7
* Times in UTC
== Discussion ==
(Oct 12)
* Armored Bridge line Spec(Oct-19: let's discuss again)
https://gitlab.torproject.org/tpo/anti-censorship/team/-/issues/126#note_2954127
* the spec is ready to review
* we'll discuss it next week
* examples of bridgelines and their encoding will be handy
* currently is not possible with goptlib to publish
non-ascii bridgelines, we seem to be safe to assume ASCII bridgelines
* SmethodArgs calls encodeSmethodArgs, which does
not do anything to escape non-ASCII bytes, then the line function calls
argIsSafe to check the encoded line for non-ASCII before allowing it to
be printed
https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/goptlib/-/blob/v1.5.0/pt.go#L334
https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/goptlib/-/blob/v1.5.0/args.go#L196
https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/goptlib/-/blob/v1.5.0/pt.go#L334
* we'll use brdg.es as domain name for urls
* snowflake broker restart(deployment) needed, and deletion of
ip-count-mask key
https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snowflake/-/issues/40295
* shelikhoo will tag a snowflake version and deploy it
* v2.7.0 has been deployed
https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snowflake/-/issues/40296
* still need destruction of ip masking key
https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snowflake/-/issues/40295
== Actions ==
== Interesting links ==
* "On Precisely Detecting Censorship Circumvention in Real-World
Networks"
*
https://www.robgjansen.com/publications/precisedetect-ndss2024.html
* develops new classifiers for Snowflake rendezvous and data
transfer, among other things
* "Covertness Analysis of Snowflake Proxy Request"
* https://ieeexplore.ieee.org/document/10152736
* https://github.com/Xanole/SnowDT
* "TorKameleon: Improving Tor's Censorship Resistance With
K-anonymization and Media-based Covert Channels"
* https://arxiv.org/abs/2303.17544
* https://github.com/AfonsoVilalonga/TorKameleon
*
https://restoreprivacy.com/torkameleon-strengthening-tor-against-deanonymization-attacks/
* uses WebRTC Encoded Transforms for efficient encoding of data
into WebRTC media streams (rather than data channels), which we have
discussed before for Snowflake:
*
https://lists.torproject.org/pipermail/anti-censorship-team/2023-February/000284.html
*
https://github.com/AfonsoVilalonga/TorKameleon/blob/c6ef7116043dfd74701ddb62f38606e748faf84b/PT/WebRTC/Client/public/js/main.js#L225
* const transformStream = new TransformStream
*
https://github.com/AfonsoVilalonga/TorKameleon/blob/c6ef7116043dfd74701ddb62f38606e748faf84b/PT/WebRTC/Client/public/js/modulators/addFrame.js#L8
* if (encodedFrame instanceof RTCEncodedVideoFrame &&
enconding.length > 0)
== Reading group ==
* We will discuss "On Precisely Detecting Censorship
Circumvention in Real-World Networks" on November 9
*
https://www.robgjansen.com/publications/precisedetect-ndss2024.html
* Questions to ask and goals to have:
* What aspects of the paper are questionable?
* Are there immediate actions we can take based
on this work?
* Are there long-term actions we can take based
on this work?
* Is there future work that we want to call out
in hopes that others will pick it up?
== Updates ==
Name:
This week:
- What you worked on this week.
Next week:
- What you are planning to work on next week.
Help with:
- Something you need help with.
cecylia (cohosh): 2023-10-19
Last week:
- reviewed lox!51
- commented on snowflake!187
- commented on conjure#28
- attended meeting on PT-tor integration
This week:
- deploy lox distributor
- follow up on conjure reliability issues
- visualize and write up some snowflake shadow simulation
results
Needs help with:
dcf: 2023-10-19
Last week:
- commented on tor incorrectly reporting PT metrics since
0.4.8.4
https://gitlab.torproject.org/tpo/core/tor/-/issues/40871#note_2954288
- closed an obsolete uTLS-in-Snowflake issue
https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snowflake/-/issues/40217
- commented on reported "Unexpectedly high use successes
counts" with snowflake-02
https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/42161#note_2954316
- read some new snowflake-related papers (see Interesting Links)
Next week:
- revise encapsulation.ReadData redesign to return an error in
the case of a short buffer
https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snowflake/-/merge_requests/154
- open issue to have snowflake-client log whenever KCPInErrors
is nonzero
https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snowflake/-/issues/40262#note_2886018
- parent:
https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snowflake/-/issues/40267
- open issue to disable /debug endpoint on snowflake broker
Before EOY 2023:
- move snowflake-02 to new VM
Help with:
meskio: 2023-10-19
Last week:
- look at win7 lyrebrid crash in Tor Browser (tor-browser#42179)
- debug renovate bot issues in rdsys and snowflake (snowflake!199)
- deploy the latest onionsproutsbot and update translations
(onionsproutsbot#53)
- review lox rdsys integration (lox-rs!24)
- write Sponsor 96 report
- fail to get a phone number to register the whatsapp bot
Next week:
- test the whatsapp bot (rdsys#147)
Shelikhoo: 2023-10-12
Last Week:
- [Merge Request] Add SOCKS5 forward proxy support to snowflake
(snowflake!64) (continue): proceed to rebase
(https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snowflake/-/merge_requests/200)
- [Merge Request Done] Refine argument error processing in
WebTunnel
server(https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/webtunnel/-/merge_requests/19)
- [Merge Request Done] Release Snowflake
2.7.0(https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snowflake/-/merge_requests/198)
- [Deployment] Snowflake Broker Deployment 23-10-16
(https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snowflake/-/issues/40296#note_2955148)
- [Merge Request Reviews] lots of...
Next Week/TODO:
- Write Tor Spec for Armored URL (continue)
- Begin to work on snowflake performance improvement
- Merge request reviews
onyinyang: 2023-10-19
Last week(s):
- Continued with metrics
- Added functionality for a MAX_DAILY_BRIDGES (the number
of bridges that can be distributed each day)
- Found some bugs in static-resources MR and updated it
after review
This week:
- Hopefully finish up metrics work
- Start work on telegram distributor bot for Lox
- Add functionality to handle blocked bridges in a single
location for MVP
(long term things were discussed at the meeting!):
https://pad.riseup.net/p/tor-ac-community-azaleas-room-keep
- brainstorming grouping strategies for Lox
buckets (of bridges) and gathering context on how types of bridges are
distributed/use in practice
Question: What makes a bridge usable for a
given user, and how can we encode that to best ensure we're getting the
most appropriate resources to people?
1. Are there some obvious grouping
strategies that we can already consider?
e.g., by PT, by bandwidth (lower
bandwidth bridges sacrificed to open-invitation buckets?), by locale (to
be matched with a requesting user's geoip or something?)
2. Does it make sense to group 3
bridges/bucket, so trusted users have access to 3 bridges (and untrusted
users have access to 1)? More? Less?
--
---
onyinyang
GPG Fingerprint 3CC3 F8CC E9D0 A92F A108 38EF 156A 6435 430C 2036
-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_0x156A6435430C2036.asc
Type: application/pgp-keys
Size: 6206 bytes
Desc: OpenPGP public key
URL: <http://lists.torproject.org/pipermail/tor-project/attachments/20231019/7ab21dfa/attachment.key>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_signature
Type: application/pgp-signature
Size: 840 bytes
Desc: OpenPGP digital signature
URL: <http://lists.torproject.org/pipermail/tor-project/attachments/20231019/7ab21dfa/attachment.sig>
More information about the tor-project
mailing list