ooni-talk October 2020

ooni-talk@lists.torproject.org

1 participants
6 discussions

New OONI experiment for measuring encrypted DNS blocking
by Maria Xynou 30 Oct '20

30 Oct '20

Hello, Our friends at India's Centre for Internet and Society (CIS) implemented a new OONI experiment (called `dnscheck`) for measuring the blocking of encrypted DNS transports! This experiment is currently available via the `miniooni` research client (https://github.com/ooni/probe-engine/tree/v0.19.0#building-miniooni) and we plan to integrate it as part of the Web Connectivity test (Websites card) in the OONI Probe apps. CIS India published a great research report ("Investigating Encrypted DNS Blocking in India") based on this test, which I encourage you to read: https://cis-india.org/internet-governance/blog/investigating-encrypted-dns-… And we published a short blog post about this here: https://ooni.org/post/2020-encrypted-dns-blocking-india/ Warm thanks to our friends at CIS India!! It's always super exciting when community members contribute new experiments to OONI Probe. <3 Stay tuned for the integration of `dnscheck` into OONI Probe! Cheers, Maria (on behalf of the OONI team). -- Maria Xynou Research & Partnerships Director Open Observatory of Network Interference (OONI) https://ooni.org/ PGP Key Fingerprint: 2DC8 AFB6 CA11 B552 1081 FBDE 2131 B3BE 70CA 417E

1 0

Updates on Tanzania election blocks
by Maria Xynou 28 Oct '20

28 Oct '20

Hello, Starting from yesterday (27th October 2020) -- which was the eve of Tanzania's general 2020 election -- OONI measurements continue to show the ongoing blocking of social media and a few circumvention tools in Tanzania. # Blocking of apps in Tanzania More specifically, OONI measurements show the ongoing blocking of: * WhatsApp: https://explorer.ooni.org/search?until=2020-10-29&since=2020-09-29&probe_cc… * Facebook Messenger: https://explorer.ooni.org/search?until=2020-10-29&since=2020-09-29&probe_cc… * Telegram: https://explorer.ooni.org/search?until=2020-10-29&since=2020-09-29&probe_cc… * Tor: https://explorer.ooni.org/search?until=2020-10-29&since=2020-09-29&probe_cc… # Blocking of websites in Tanzania We also observe the blocking of many social media websites in Tanzania, such as: * twitter.com: https://explorer.ooni.org/search?until=2020-10-29&since=2020-09-29&probe_cc… * instagram.com: https://explorer.ooni.org/search?until=2020-10-29&since=2020-09-29&probe_cc… * youtube.com: https://explorer.ooni.org/search?until=2020-10-29&since=2020-09-29&probe_cc… * whatsapp.com: https://explorer.ooni.org/search?until=2020-10-29&since=2020-09-29&probe_cc… You can find more potentially blocked websites in Tanzania (including a few circumvention tool sites) here: https://explorer.ooni.org/search?until=2020-10-29&since=2020-09-29&probe_cc… # What you can do If you're in Tanzania (or know others who are) and you are interested in contributing more measurements, you can do so via the following steps: 1. Install the OONI Probe mobile app: https://ooni.org/install/mobile 2. Tap "Run" (to run all tests => including the testing of social media apps and circumvention tools) In addition, I would strongly recommend the following: 1. Open the "Social media" button in this page (when accessed from a mobile browser): https://ooni.org/get-involved/run 2. Open that button with your OONI Probe mobile app (not with a web browser). 3. Tap "Run" (to test 39 internationally relevant/popular social media websites) Similarly: 1. Open the "VPNs" button in this page (when accessed from a mobile browser): https://ooni.org/get-involved/run 2. Open that button with your OONI Probe mobile app (not with a web browser). 3. Tap "Run" (to test 21 circumvention tool websites) In all cases, please have your VPN turned off when running OONI Probe tests (to help ensure more accurate test results). # Open data As soon as you run OONI Probe (unless if you opt out), all test results are automatically openly published here in near real-time: https://explorer.ooni.org/search?until=2020-10-29&since=2020-09-29&probe_cc… Through these measurements, we can all monitor ongoing censorship events in Tanzania in real-time (as soon as local users run tests)! Warm thanks to all OONI Probe users in Tanzania for contributing measurements!! Please reach out if you have any questions, or if there's any way I can support you. In solidarity, Maria. -- Maria Xynou Research & Partnerships Director Open Observatory of Network Interference (OONI) https://ooni.org/ PGP Key Fingerprint: 2DC8 AFB6 CA11 B552 1081 FBDE 2131 B3BE 70CA 417E

1 1

OONI Community Meeting: Tuesday, 27th October 2020
by Maria Xynou 26 Oct '20

26 Oct '20

Hello, The OONI team warmly welcomes you to join us next Tuesday for our monthly community meeting. => Where? OONI Slack channel: https://slack.ooni.org/ (bridged with IRC: ircs://irc.oftc.net:6697/#ooni) => When? Tuesday, 27th October 2020 at 17:30 UTC (for 1 hour) Please add topics that you'd like to discuss during the meeting in this pad: https://pad.riseup.net/p/ooni-community-meeting-keep The monthly OONI community meetings aim to: * Collect community feedback on OONI tools & methodologies * Address questions in relation to the use of OONI tools and OONI data * Foster discussions on internet censorship issues * Receive updates from the community We'd love to meet you and hear from you, and we hope you can join us! All the best, ~ OONI team -- Maria Xynou Research & Partnerships Director Open Observatory of Network Interference (OONI) https://ooni.org/ PGP Key Fingerprint: 2DC8 AFB6 CA11 B552 1081 FBDE 2131 B3BE 70CA 417E

1 1

OONI Probe ASN Incident Report
by Maria Xynou 23 Oct '20

23 Oct '20

Hello, Last week we discovered an ASN-related bug in OONI Probe. Today we published an Incident Report which shares details about the bug, what we did to fix it, and we document our next steps (as well as measures for limiting the possibility of similar bugs recurring in the future). You can read our Incident Report here: https://ooni.org/post/2020-ooni-probe-asn-incident-report/ ## What you can do Please update to OONI Probe Mobile 2.7.0 (which fixes the bug): https://ooni.org/install/mobile If you're an OONI Probe desktop app user and you prefer *not* to share your network ASN, please refrain from running tests until we have released the fix -- hopefully next week (this requires third party action). If you're a legacy ooniprobe user, please use the OONI Probe Command Line Interface (CLI) instead. Version 3.0.8 contains the bug fix: https://github.com/ooni/probe-cli/releases/tag/v3.0.8 Over the next year, we aim to release OONI Probe Linux packages which would serve as a replacement for legacy ooniprobe. ## The bug in summary When you run OONI Probe, by default your network ASN (e.g. AS30722 for “Vodafone Italia”) is collected and published, as this information is very important for examining internet censorship (i.e. it's important to know on which network internet censorship is implemented). Through the OONI Probe apps, you can opt out of ASN collection (and publication) by disabling the "Include Network Info" setting. The bug is that if you disabled this setting, your network ASN was not published in the OONI Explorer measurement page or in the raw JSON data (where it was displayed as AS0), but it was included in the report ID of those measurements. During our investigation, we also found that in some cases, the network name (such as "Vodafone Italia") was included in AS0 measurements, and that it may have been possible to retrieve the ASN through the resolver IP (which we previously didn't sanitize because it's useful for measuring DNS consistency). All of these issues have been fixed in our probe engine, and we have released a fix for OONI Probe Mobile (as mentioned above). ## Affected measurements Most OONI Probe users were *not* affected by this bug, since roughly 86% of OONI measurements collected from around the world did not disable the collection and publication of network information, which is enabled in the default settings. According to our analysis, only around 2% of global OONI measurements leaked the user network ASN in the report ID (this mainly involves new probes), and about 12% of global OONI measurements might have disclosed the ASN through the client resolver in OONI’s Web Connectivity test (this mainly involves legacy probes). We made changes to OONI Explorer to hide AS0 measurements, and further details are available through our Incident Report. The OONI team apologizes to the OONI community for this incident. We would never intentionally harm our users, we value and respect user choice, and we take seriously the trust our users have placed in us. We do our best to give you as much control over how you use OONI Probe, but sometimes we make mistakes. We will always be transparent when such bugs occur. To learn more about our data practices and about the principles that govern OONI data collection, please refer to our Data Policy: https://ooni.org/about/data-policy If you have any questions or concerns related to this incident, please don't hesitate to reach out. Thank you, Maria (on behalf of the OONI team). -- Maria Xynou Research & Partnerships Director Open Observatory of Network Interference (OONI) https://ooni.org/ PGP Key Fingerprint: 2DC8 AFB6 CA11 B552 1081 FBDE 2131 B3BE 70CA 417E

1 1

Update re: OONI PostgreSQL MetaDB
by Maria Xynou 20 Oct '20

20 Oct '20

Hi friends, In light of the (unplanned) shutdown of some servers, we have had to work towards migrating our infrastructure (hosting the OONI data processing pipeline) and updating the OONI PostgreSQL metaDB to adapt it to the requirements of our new data processing pipeline. As a result, we will have to stop updating the OONI PostgreSQL metaDB ( https://github.com/ooni/sysadmin/blob/master/docs/metadb-sharing.md) WAL snapshots currently available on S3. If you are an OONI PostgreSQL metaDB user, we apologize for the short notice, and we encourage you to read the email below for further information. # Migration impacting the OONI PostgreSQL metaDB We are now replacing the batch OONI data processing pipeline with our new fast-path pipeline, which analyzes and publishes OONI measurements from around the world in near real-time (the measurements are published as soon as the report is closed). To this end, we have built a new PostgreSQL metaDB, which is powered by the latest version of PostgreSQL (11) available in debian stable, and which uses a different set of tables (based on our improved, fast-path pipeline). While we are excited to migrate over to a new and improved pipeline (particularly since this is expected to enhance the performance of OONI Explorer!), this unfortunately also means that the current OONI PostgreSQL MetaDB, which is powered by an older version ofPostgreSQL and which depends on the batch OONI data processing pipeline, will be affected. Specifically: If you are an OONI PostgreSQL MetaDB user, you will still have access to all previous OONI data, but you will unfortunately not receive any updates once the migration has completed (by 31st October 2020 latest). Going forward, we recommend removing the line in your PostgreSQL configuration that does sync (as we will not be updating the WAL snapshots). We might eventually restart exporting database tables, but by using the more modern logical replication feature of PostgreSQL 11. If you are an OONI PostgreSQL MetaDB user and unsure how to proceed, we encourage you to reach out and share details about your use case (so that we can also factor it into our future decisions). We will be happy to help you. You can reach us via email ( team(a)openobservatory.org) or via the OONI Slack channel ( https://slack.ooni.org/). In the meanwhile, please consider accessing OONI data via the ooni-data Amazon S3 bucket: https://ooni-data.s3.amazonaws.com/ Please refer to this blog post to see how to fetch the raw data on S3: https://ooni.org/post/mining-ooni-data/ We sincerely apologise for any inconvenience this may cause. Thanks for using the OONI PostgreSQL metaDB, and thanks for your patience throughout this process. Please contact us with any questions you may have. Thanks, ~ OONI team.

1 0

Testing Telegram in Thailand and Cuba
by Maria Xynou 19 Oct '20

19 Oct '20

Hi friends, Hope you're all doing well. Telegram appears to be blocked in Cuba, and Thailand may start blocking Telegram soon as well. If you're based in either of these countries (or know others that are) and are interested in testing Telegram in order to contribute open measurement data on its potential blocking, please read below. # Cuba Starting from 15th October 2020, OONI measurements suggest blocking of Telegram in Cuba. However, we are now seeing that OONI Probe Mobile tests no longer work in Cuba, and we're investigating this issue. Meanwhile, it seems that OONI Probe Desktop works in Cuba, through which locals can potentially run the Telegram test: https://ooni.org/install/desktop OONI measurements collected from Cuba are automatically published here: https://explorer.ooni.org/search?until=2020-10-20&probe_cc=CU # Thailand We're being told that 4 Telegram IPs have recently been added to the Thai blocklist, which is why we're expecting that Telegram will likely get blocked soon in Thailand. However, only 1 of those 4 IPs is being tested via the OONI Probe Telegram test. We therefore encourage you to test those 4 Telegram IPs through the following steps: 1. Install the OONI Probe mobile app: https://ooni.org/install/mobile 2. Open the following link with your OONI Probe mobile app (not with a web browser): https://run.ooni.io/nettest?tn=web_connectivity&ta=%7B%22urls%22%3A%5B%22ht… 3. Tap "Run" to test those Telegram IPs In addition, please also run the OONI Probe Telegram test (available through the "Instant Messaging" card in the OONI Probe app), because it tests additional Telegram IPs (which might also get blocked), in addition to Telegram Web (web.telegram.org). OONI measurements collected from Thailand are automatically published here: https://explorer.ooni.org/search?until=2020-10-20&probe_cc=TH In all cases, please have your VPN turned off whenever you run OONI Probe (for accurate testing). Happy to address any questions you may have. Thanks, Maria. -- Maria Xynou Research & Partnerships Director Open Observatory of Network Interference (OONI) https://ooni.org/ PGP Key Fingerprint: 2DC8 AFB6 CA11 B552 1081 FBDE 2131 B3BE 70CA 417E

1 0

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

ooni-talk October 2020