February 2025 - anti-censorship-team

[eclips.is] The future of eclips.is
by David Fifield 06 Feb '25

06 Feb '25

The Snowflake broker is currently hosted on Greenhost's subsidized eclips.is platform. Their funding has ended, and they are moving to a partial user-pays model. For the next year Greenhost will self-fund up to 50 EUR per month per user. I am not sure whether we fit under that threshold. ----- Forwarded message from Greenhost <support(a)greenhost.nl> ----- Date: Thu, 31 Oct 2024 14:43:05 +0000 From: Greenhost <support(a)greenhost.nl> To: david(a)bamsoftware.com Subject: [eclips.is] The future of eclips.is Hello david(a)bamsoftware.com, Hope you’re doing well! We’re happy to inform you that all VPSs have been successfully migrated from our Miami data center to Amsterdam. Please take a moment to check that your VPS is functioning as expected, and let us know if you encounter any issues. As mentioned earlier this year, funding support from the Open Technology Fund (OTF) will conclude on October 31st, 2024 (today). However, Greenhost is committed to ensuring continued service and will fully support eclips.is through December 31st, 2024. Starting January 1st, 2025, Greenhost will migrate eclips.is to a hybrid model. We will provide every account with a free tier of up to EUR 50 per month. Based on usage data, this will cover about 90% of current accounts. As a result, for the majority of accounts/users, nothing will change. For accounts using more resources, the portion above EUR 50 per month will be charged, with a discount of 25% applied. This model will be in place until at least October 31st, 2025. During the year, we will assess this model and determine if it is sustainable long-term. With this approach, Greenhost has found a good balance between continuing to fully support grassroots and small organizations, and providing heavy users with an affordable service. This sponsorship represents approximately €120,000 per year, and Greenhost is proud to be able to provide this service to the community without funding. However, we are dedicated to exploring extra funding options to further support the community and broaden our user base. For users who can fully cover their service costs, we encourage you to purchase directly through the Greenhost website. Direct purchases strengthen our ability to support the community in the long term. Thank you for being part of this journey! The Greenhost Team -- Voor vragen of opmerkingen kunt u contact opnemen via info(a)greenhost.nl Volg ons / Follow us: Website: https://greenhost.net/blog Twitter: https://twitter.com/greenhost ----- End forwarded message -----

2 6

Meek config for TM
by Michael Rogers 05 Feb '25

05 Feb '25

Hi all, While updating Briar's built-in bridge config from Moat I noticed that Moat's still listing the Azure front for Meek in TM - is it still working? Cheers, Michael

3 3

Meek/Snowflake/Moat fronts for older Android devices?
by Michael Rogers 05 Feb '25

05 Feb '25

Hi all, Devices running versions of Android older than 7.1.1 can't verify certificates signed with Let's Encrypt's ISRG Root X1 root certificate, so they can't connect to domain fronts that use such certificates. [1] These devices (released in 2016 or earlier) still make up nearly 5% of active Android devices. [2] There was a workaround in place at one point -- cross-signing Let's Encrypt certificates with a different, expired root certificate and relying on Android not to check the expiry date -- but I believe the cross-signature expired in early 2024. [3] With the loss of Fastly and Azure, the only remaining fronts for Meek and Snowflake in the default config served by Moat will be cdn77.com and phpmyadmin.net, both of which use Let's Encrypt certificates that are signed with ISRG Root X1 and don't appear to be cross-signed. It looks like there's some work in progress to address this issue in Lyrebird by adding the relevant certificates, so hopefully Meek and Snowflake will work in a future Lyrebird release. But what about the initial connection to Moat? Orbot has moved from Fastly to CDN77 for its Moat front [4]. Are there any plans underway to make another front available, or should we move to CDN77 and plan for Moat being unavailable on older Android devices? Thanks, Michael [1] https://letsencrypt.org/2020/11/06/own-two-feet/ [2] https://apilevels.com/ [3] https://arstechnica.com/gadgets/2020/12/lets-encrypt-comes-up-with-workarou… [4] https://github.com/guardianproject/orbot/pull/1191/files

4 10