September 2019 - tor-project - lists.torproject.org

Are there countries where using Tor is illegal?
by Cristian Consonni 11 May '25

11 May '25

Hi, (Sorry if this question has already been asked in the past, feel free to point me to the relevant resources.) I know that the legal FAQs by the EFF state that: «we believe that running a Tor relay — including an exit relay that allows people to anonymously send and receive traffic — is legal under U.S. law.»[1] I also know there is a list of countries for which there is legislation that exclude communication service providers from liability. They are indicated in the Legal of the Tor Exit Guidelines page[2], they are USA, Germany, Netherlands, Austria, France, and Sweden. >From some articles in the press[3a][3b] it may be illegal - depending on how you interpret the wording[*] - to use Tor (and other technologies such as VPNs or proxies) in the UAE, with fines ranging in the millions of dirhams (hundreds of thousand of dollars). A couple of weeks ago it was discussed - on this list as well - that a law was introduced to the state parliament to ban Tor[4a][4b]. This follows a case of some months ago of a Russian Tor exit node operator being arrested for inciting mass riots and terrorism[4c][4d]. The idea of blocking VPNs or Tor seems to have already been considered in the past[4e]. This infographic about pluggable transports[5] suggests access to the Tor network is censored or limited in China, Uzbekistan, Iran, and Kazakhstan. Tor being censored orblocked may be different from it being illegal. What about other countries? Is there a place where I can find more about this topic? Cristian [1]: https://www.torproject.org/eff/tor-legal-faq.html.en [2]: https://trac.torproject.org/projects/tor/wiki/doc/TorExitGuidelines [3a]: http://www.emirates247.com/news/emirates/dh500-000-fine-if-you-use-fraud-ip… [3b]: http://news.softpedia.com/news/people-caught-using-vpns-tor-or-proxies-in-t… [*]: «Whoever uses a fraudulent computer network protocol address (IP address) by using a false address or a third-party address by any other means for the purpose of committing a crime or preventing its discovery» [4a]: https://lists.torproject.org/pipermail/tor-talk/2017-June/043293.html [4b]: https://trac.torproject.org/projects/tor/ticket/22055 [4c]: https://lists.torproject.org/pipermail/tor-talk/2017-April/043109.html [4d]: https://techcrunch.com/2017/04/24/dmitry-bogatov-tor-russia/ [4e]; https://torrentfreak.com/vpn-and-tor-ban-looming-on-the-horizon-for-russia-… [5]: https://www.torproject.org/images/PT/2016-07-how-to-use-PT.png

4 3

fosdem?
by Gaba 17 Jan '20

17 Jan '20

Hi! The call for proposals is open for fosdem [0] as well as the stand submission [1] . It would be great to have Tor people from Europe giving a talk in the main track and setting up a stand. Any volunteer? [0] https://fosdem.org/2020/news/2019-08-13-call-for-participation/ [1] https://submission.fosdem.org/submission/stand -- Project Manager: Network, Anti-Censorship and Metrics teams gaba at torproject.org she/her are my pronouns GPG Fingerprint EE3F DF5C AD91 643C 21BE 8370 180D B06C 59CA BD19

7 11

August Fundraising Report
by Sarah Stevenson 10 Jan '20

10 Jan '20

Hello Tor world. Here is the Fundraising team’s report for August. As always, let us know if you have any questions. ## Events We ran our first booth at DEF CON in August. It was an exhausting few days, but we exceeded our goal and raised over $43,000! We also made several connections with folks who want to help us with projects in the coming months. We have compiled lessons learned and are looking forward to attending again next year. ## Appeals The Bug Smash campaign[1] ran from August 1 to August 31. We raised a little over $86K across postal mail, social media, email appeal, and in-person gifts at DEF CON and CCCamp. We received a mixture of currencies, including a variety of cryptocurrencies. This a strong increase over August 2018 when we raised $13K. ## Grants We submitted a grant to RIPE NCC Community Project’s support program for 50,000 EUR to improve our IPv6 support. Thanks to teor, Nick, & Gaba for their help writing this proposal. We submitted a concept note to OTF for a large Tor Browser project which would move us away from the ESR cycle and onto Mozilla’s regular release cycle; it would also allow us to implement some of Firefox’s Enhanced Tracking Protection features. Thanks to the Browser team and Pili for making this happen! We found out that two of our grant requests were declined, one to NLnet for ESR migration and the other to the Deer Creek Foundation for Communications work. Upcoming grant requests: DRL SOIs for Community and Scalability, due 9/20 MOSS Scalability project, due 9/?? (rolling) NLnet, due 10/1 Herb Block Foundation, due 10/3 NSF Dark Decoys project, due ?? (rolling) ## Cryptocurrency We made a connection with a company called The Giving Block[2] that helps nonprofits accept cryptocurrency donations called. We are now listed on their website and will participate in their Giving Tuesday efforts this coming December. We are also discussing other ways to collaborate. ## Monthly Donors We continue to see growth in our monthly donor program, Defenders of Privacy. In August we received $5,386.75 from this group. As you can see in the chart below, our efforts to recognize and communicate with these donors has resulted in more stable income and less attrition. We should expect the group to continue to grow through the end of the year and then have a dip again in January when people tend to reassess their monthly commitments. [1] https://blog.torproject.org/tors-bug-smash-fund-help-tor-smash-all-bugs <https://blog.torproject.org/tors-bug-smash-fund-help-tor-smash-all-bugs> [2] https://www.thegivingblock.com/donate-bitcoin <https://www.thegivingblock.com/donate-bitcoin>

1 5

Tor Browser team meeting notes, 16 September 2019
by Matthew Finkel 17 Dec '19

17 Dec '19

Hello! We held our weekly Tor Browser meeting on Monday in #tor-meeting2. Here is the IRC log: http://meetbot.debian.net/tor-meeting2/2019/tor-meeting2.2019-09-16-17.30.l… >From the weekly updates, we discussed and planned a Tor Browser Alpha release for Mac OS X due to the new notarization requirement. This will allow for additional testing before Tor Browser 9.0 becomes the stable version. We also discussed backporting a patch onto Tor Browser 8.5 for this and including it in the next stable release. >From the discussions, we decided on making about:blank the default New Tab page (instead of Firefox's new about:home page), and about:tor will be an alternative option. We are also beginning the triage of Tor Browser tickets for Bug Smashing and we are adding the keyword "BugSmashFund" on the applicable tickets. Finally, we are aiming at releasing the new Tor Network Settings UI in an upcoming alpha release. This moves the configuration settings menu from Tor Launcher into the browser's preferences screen (about:preferences#tor). Below are the notes from our meeting pad: Discussion: (acat) Should we allow users to change New Tab page to "Firefox Home" (Firefox default new tab page)? see https://trac.torproject.org/projects/tor/ticket/31575 (pili) BugSmashFund: if you see any bugs that are outside sponsor work and would be good to fix after ESR68 work is over please tag on trac with "BugSmashFund" keyword (pili) Gentle reminder to update tickets for September with points estimate and actual points once closed. (anto) could we have #31286 (Tor Network Settings on about:preferences#tor) on alpha channel? GeKo: Last week: - Bug 30126: Apple notarization - Bug 31538: Windows reproducibility - Bug 31584: Clean-up mingw-w64 project (currently testing a final patch) - fixed Windows nightly build failure (#31732) - wrote a patch for #31725 (mk localization did not work properly) - worked on missing pieces for #30429 - acat/sysrqb where are we with the reviews/fixups for #31010? Is there anything left from your side? - reviews (#24653, #26345, #30304, #31575) - double-checked our hardening flag situation for Windows and Linux bundles after toolchain updates; I think there a no surprises and unknown issues that popped up - caught up with blog comments (having 4 active blog posts to take care of in parallel is harder than thought :) ) This week: - stack smashing protection for Windows binaries (#29013) - #31597 (Mozilla bug review for bugs squashed between Firefox 61-68) - finish missing pieces for #30429 - maybe release for testing #30126 on alpha channel? we'd need #31702 for that which is supposed to apply cleanly for esr68 at least; apple is saying Catalina gets out in October so, we might have a bit more time here? - reviews mcs and brade: Last week: - Testing and research for #30126 (Make Tor Browser on macOS compatible with Apple's notarization). - Verified that #31464 is no longer an issue (meek and moat are broken on macOS 10.9). - Debugged #31607 (App menu items stop working). - On macOS, menu-related objects are being freed too soon or at the wrong time. - This is a strange issue that is proving to be difficult to debug. (GeKo: Do we know which patch is causing that? If not, could we track down this bug easier that way? mcs: We think it is not caused by a patch but by Tor Launcher opening a modal window during startup but we will confirm) This week/upcoming: - Continue work on #31607 (App menu items stop working). - #31491 (clean up the old meek http helper browser profiles). - Work on other tbb-9.0-must-alpha tickets if time permits. - Reminder: we will be on vacation next week. sysrqb: Last week: Mostly afk. Releases Began dog-fooding 9.0a6 This week: - Pick up #30943 again (only private tabs as the default) - Investigate auto-complete not working on 9.0a6 Android (#31720) - Maybe look at showing Tor Browser version number on Android (#30943) - Maybe help with getting x86_64 Android builds (#31192) _hc/eighthave: Last week: tor-android clean-up work, 64-bit builds and configure.ac --enable-android path tor-android reproducible build (given the same docker container) This week: Android-native TorService tjr: - Worked on the WASM patch but waiting on help: https://bugzilla.mozilla.org/show_bug.cgi?id=1576254 - Landed the alloc/dealloc patch in 68: https://bugzilla.mozilla.org/show_bug.cgi?id=1547519#c32 - There are a couple of concerning test failures for the MinGW build in the esr68 branch that might/are probably related to this. - I need to fix my IDA installation to be able to dig into these though... boklm: Last week: - Did some reviews: - #31450 (Still use GCC for 64bit Linux debug builds after switch to 68 ESR) - #31264 (tar.gz output files contain non-reproducible timestamps) - #31621 (Fix node bug that makes large writes to stdout fail) - #31641 (Provide link to Tor Browser for Android alpha on our alpha download page) - #31596 (Bump mingw-w64 version to pick up fix for #31567) - #31732 (Windows nightly build failure) - Made a patch for #31448 (gold and lld break linking 32bit Linux bundles we need to resort to bfd) - Opened #31755 (Separate update pings and update requests graphs for Tor Browser alpha and release users) - Looked at #31646 (Update abicheck to require newer libstdc++.so.6) This week: - Test patch for #31538 (Windows bundles based on ESR 68 are not built reproducibly) - Review #27493 ('mk_add_options' or 'export' MOZILLA_OFFICIAL) - Make patch for #31646 (Update abicheck to require newer libstdc++.so.6) - will be afk on Tuesday (tomorrow) acat: Last week: - #26345 - Finish Disable tracking protection UI in FF67-esr (in review) - Investigated if serviceworkers can still see localized msgs in #30683. - Investigated a bit RemoteSettings background requests: #31740 - Created Bugzilla ticket for #30683 (https://bugzilla.mozilla.org/show_bug.cgi?id=1581537) This week: - 31303: Browser Toolbox fails to open when tor-launcher is present V(is it fine if I take this one pospeselr?) - tbb-9.0-must-alpha tickets sisbell: Last Week: - #31564: Android bundles not reproducible - implemented solution using apktool. Need verification if it works across build machines with different OS. (GeKo: I'll do that while reviewing) - #31568: Gradle how-to. Found solution to remove missing resources that was causing double artifact entries. Documented this. This week: - open tickets for tor-android-service patches - 31564 (if additional changes needed) - 31192 - x86_64 support Pili: Last week: - mostly afk - Gave a talk on using onion services for APIs at API Days Barcelona This week: - Looking at our roadmap and capacity - Moving forward with team lead transition tasks Antonela: - #31660 - Investigating about ESR68 Onboarding > https://trac.torproject.org/projects/tor/ticket/31660 - #31286 - TB9 Network Settings is almost done. Shared with phw and the anti-censorship team to have them in the same page. > https://trac.torproject.org/projects/tor/ticket/31286 - #27511 - Working with TB New Identity > https://trac.torproject.org/projects/tor/ticket/27511 - Back to S27 Onion Services pospeselr: Last Week: got moat bridgedb requests mostly working with new about:preferences#tor page (#31286) CAPTCHA displayed, guesses can be made and submitted, bridge strings returned back but aren't displayed or saved anywhere This Week: rebase current patches to latest esr68 branch >:[ port over the read/write logic for the tor proxy settings, and integrate that into the bridgedb request logic Have a good week! Matt

1 13

ANNOUNCEMENT: XMPP/Jabber services on torproject.org shutdown in 30 days
by Antoine Beaupré 16 Oct '19

16 Oct '19

Hi! What? ===== The Tor Project's jabber server will be shutdown in thirty days. Why? ==== In a recent review of provided services, the sysadmin team has decided to retire the XMPP/Jabber services offered by the Torproject.org domain. The service was used by only four persons in the last month, out of over thirty registered users and over a hundred users which could use the service. The service is also maintained only by a single person, who agrees on retiring the service. This is not a statement on the merits of the XMPP protocol, the Jabber project, or federation as a whole. Those principles are dear to our hearts, we just feel it's better to direct our energies on services that are used by a larger community. When? ===== In thirty days, the server will be shutdown and unreachable. The machine itself will be kept up for an extra 7 days in case of a serious problem and then decomissioned using our [normal process][]. [normal process]: https://help.torproject.org/tsa/howto/retire-a-host/ How? ==== If you still wish to use another XMPP, you can follow the [Getting started][] instructions on the xmpp.net website. It links to two sites with lists of alternative servers that you could easily switch to. One which we particularly recommend you consider is ran by the good birds at [Riseup.net][], a donation based service ran "for people and groups working on liberatory social change". If you already have an account there, you can already use their XMPP server, see their [chat documentation][] for more information. Riseup is an invite-only service: if you know a friend on Riseup, they can send you an invite, but please do not go around bugging them for invites, they don't give invites to people they don't know. [Getting started]: https://xmpp.org/getting-started/ [Riseup.net] https://riseup.net/ [chat documentation]: https://riseup.net/en/chat Migrating to a different XMPP server can be done by downloading your roster on one host and uploading it on the other. Then you need to ask all your contacts to readd you to *their* roster, on the new server. It's a lossy process because people might have you on their roster without you having them on yours, but it might mean you get rid of spammers, on the upside. Here are instructions on how to migrate your roster from various clients. Gajim ----- 1. register with the new server and configure it in Gajim -> Accounts (control-shift-a) -> Add account 2. click on the new account 3. choose "Import contacts" 4. select the old account Gajim will then transfer the roster between the two accounts. This was tested in Gajim 1.1.2 Pidgin ------ As far as we could tell, there's no easy way to transfer rosters between accounts in Pidgin. Tkabber ------- 1. log into the old account (Tkabber -> Log in...) 2. export the roster (Tkabber -> Roster -> Export roster...) 3. log out (Tkabber -> Log out...) 4. log into the new account (Tkabber -> Log in...) 5. import the roster (Tkabber -> Roster -> Import roster...) Tkabber will then create the contacts in the roster of the new account. Tested with Tkabber 1.1.2. Jabber Migrate -------------- Finally, there's a tool that's designed specifically for migrating roster between servers, simply called "migrate". It used to be maintained on [Sourceforge][], but it seems to be abandoned there. Two forks have shown up on GitHub, from [jirutka][] and [spiculator][]. Note of those tools have been tested or reviewed by Torproject.org people. Use at your own risk. [Sourceforge]: http://migrate.sourceforge.net/ [jirutka]: https://github.com/jirutka/jabber-migrate [spiculator]: https://github.com/spiculator/jabber-migrate Who? ==== This effort has been accepted by the current service admin (dgoulet) and is led by the current sysadmin team lead (anarcat). Either person can be reached for comments or just by replying to this email. -- Antoine Beaupré torproject.org system administration

1 1

gitlab next steps
by Gaba 30 Sep '19

30 Sep '19

Hi! We met today to talk about the migration from trac into gitlab. The agenda and notes are in the pad (https://pad.riseup.net/p/e-q1GP43W4gsY_tYUNxf) and in the body of this mail. You can look at the logs for the meeting in: http://meetbot.debian.net/tor-meeting/2019/tor-meeting.2019-09-17-18.01.html Next meeting will be on October 1st. CONTENT OF THE PAD: References: mail with context: https://lists.torproject.org/pipermail/tor-project/2019-July/002407.html planning document: https://nc.riseup.net/s/SnQy3yMJewRBwA7 migration code: https://dip.torproject.org/ahf/trac-migration ticket: https://trac.torproject.org/projects/tor/ticket/30857 Agenda September 17th * Revisit agenda * Update that where we are at * Stuff that seems that still needs to be resolved or decided upon: * IRC ticket number bot * redirection from bugs.torproject.org to gitlab ticket (legacy project resolve links?) * structure for projects * anonymous users/ user registration * Preserving existing trac data * data migration process * Next steps Notes Logs: http://meetbot.debian.net/tor-meeting/2019/tor-meeting.2019-09-17-18.01.html On ticket numbers: 1) IRC bot for tickets (zwiebelbot) - get ticket's title and a link to the ticket when we write #TICKET-NUMBER. In gitlab tickets are per project. possible solutions: 1. write a plug-in for the bot that is running zwiebelbot to fetch the data via gitlab's api. we will lose the short hand ticket id syntax (#xxx) and have to use project-name#xxx instead with that 2) redirect from bugs.torproject.org/#TICKET-NUMBER to the right issue in gitlab possible solutions: 1. a part of the migration from tickets from trac to all the different gitlab project, we save a mapping between the old ticket ID's and their new project paths, which would allow us to update the redirection service with a tool that looks at htis mapping and does the redirect 2. all tickets first get migrated to a single project where there's a one to one mapping between ticket IDs in trac and gitlab so bugs.tpo/N point to dip.tpo/legacy/N for future issues (not legacy) we will have bugs.torproject.org/project/NNN 3) the question is how to keep ticket numbers consistent across the migration if we want to have tickets split between mut roject Nick's Absolute Requirements: 1. If there is #NN in trac, and there is tor#NN in gitlab, then they must be the same bug. 2. If there is tor#MM in gitlab, and it is the same as some bug #NN in trac, then MM must equal NN. NEXT STEP: AHF will experiment with aproach 2.2 on moving tickets from legacy project into its own. (ahf will move forward) Structure for projects: Proposed structure: Group TEAM X - all team members have ownership on this group. Project X1 - the ones related to repositories. Example: snowflake or little-t tor. Group XX1 - example pluggable transports for anti-censorship team Project Y - at organization level, example scalability that may touch all teams. NEXT STEP: rename the group 'torproject' to tpo (gaba will do it) NEXT STEP: add the rule "do not have two elements in the project naming tree with the same name, even if they are not ambiguous" NEXT STEP: add the rule "short names when possible for projects or groups" Anonymous users/ user registration: Options: (1) cypherpunks - people not ok with this one as there are trolls (2) salsa custom signup form - some people say this is not totally effective (3) akismet + recaptcha - not really an option because it blocks tor users and tracks people (4) write a custom captcha plugin - some people say this is not totally effective (5) open registration - spam is a huge issue here Proposals: 1) i suggest we manually register gitlab accounts for known good contributors and open up contributions from github issues (from catalyst) 2) open registration with some spam-limiter, and moderate accounts (from nick) 3) consider experimenting with the salsa custom signup form NEXT STEP: We need more research on how to deal with spam in gitlab. NOTHING DECIDED YET. (gaba will check) Preserving existing trac data: NEXT STEP with a list of things that you will not see in gitlab from trac Data migration process: NEXT STEP: write down a more concrete plan for migration. What do we test for? When we do it? Who is helping? - (gaba will do it) Issues about migration will be deal here: https://dip.torproject.org/ahf/trac-migration -- Project Manager: Network, Anti-Censorship and Metrics teams gaba at torproject.org she/her are my pronouns GPG Fingerprint EE3F DF5C AD91 643C 21BE 8370 180D B06C 59CA BD19

3 5

Damian's Status Report - September 2019
by Damian Johnson 29 Sep '19

29 Sep '19

Hi all. Non-technical aspects of life have kept me occupied the last few months but I should soon have more time to get back into the thick of things. https://blog.atagar.com/september2019/

1 0

Notes from Vegas team meeting September 26
by Erin Wyatt 27 Sep '19

27 Sep '19

SEPTEMBER 26 2019 Items Discussed: + Gaba: - Ongoing discussion: We checked with Gitlab to see if we could get a license for the ultimate tier (https://about.gitlab.com/pricing/#self-managed) and we could get it for free because we are an open source project. thoughts? Features comparison: https://about.gitlab.com/pricing/self-managed/feature-comparison/ <https://about.gitlab.com/pricing/self-managed/feature-comparison/> * Discussion: Many people are wary of hosting or depending on proprietary software, but we use proprietary software for other things. Some team really want and need it, others are not so sure. Most want to try and see how it goes and all present at the meeting agreed to proceed; a few are very hesitant and followed up the meeting by email for further discussion, so we shall have further discussion. + Georg: - Planning for Mozilla All Hands, FOSDEM, ShmooCon. Who goes where? [For where we are with this item regarding planning see notes from last week.]; all of them moving along. * Discussion: general (continued) discussion about the conferences; We need to decide on a main track talk to submit to FOSDEM asap. Re: schmoocon - waiting to hear if we have a boot. + Pili: - Should we participate in Hacktoberfest as project maintainers? (https://hacktoberfest.digitalocean.com/faq/) * Discussion: questions about what would be required of us. Answer: we can tag issues in github with hacktoberfest if we want to encourage people but otherwise people can just participate without us getting involved. If we really wanted to go for it, we might want to run some sort of social media campaign about it e.g about contributing to open source projects but not sure we have the capacity for this right now. Which repos would be participating then? website? community? is this similar to the docshackaton? OONI will participate. + Antoine - just FYI: opened up grafana semi-publicly see the beautiful dashboards at https://grafana.torproject.org/ --------------->8 General Notes: isabela: 1. Tea time on #tor-internal - will follow up on edits of employee handbook w/ erin 2. Last week in Seattle I worked w/ Sue on auditors requests, also met w/ a major donor in Seattle 3. Helped review and submit 2 proposals for DRL (done last Friday) 4. Catching up with backlog of emails (to sponsors and donors) 5. Met with OutRight for possible partnership on trainings 6. Will be part of a webinar on 'there is no dark web' Gaba: 1. DRL scalability proposal submitted by Al last week 2. Sponsor 30 signed and officially starting. 3. Checking anti-censorship roadmap 4. Small tasks 5. Gitlab moving forward. New meeting next week. Alex: 1. Getting a lot of help from Nick and Gaba with the transition work that is happening. 2. Building an overview of all the deliverables for the team in the near'ish future. 3. Working on Tor PT related tickets and Tor 0.4.2 tickets. 4. Continue progress on Gitlab migration. Gus: 1. Pili and I submitted an outreachy proposal for Community Team, "Help Tor Project support our users" - https://www.outreachy.org/apply/project-selection/#tor-project 2. Wrapping up #DocsHackathon 3. A lot of work on support portal - migrating resources from old FAQ 4. Answering RT/frontdesk 5. Working on S9 partnership agreement with local trainers 6. Blog comments layout: asked a Drupal freelancer to take a look and give an answer to us until next Monday (oct 1) 7. If you're going to FOSDEM, please help to fill this wiki page: https://trac.torproject.org/projects/tor/wiki/org/meetings/2020Brussels Sarah: 1. Took three classes on CiviCRM last week. Prepping database for EOY campaign emails. 2. Sending Isa's vision update to donors who have not yet given this year. 3. Working to set up Uphold account so we can access Brave reward tips sent to us. 4. Continuing to plan for party in Boston on October 28th. Let me know if you know someone who should be invited. <-- what is the profile of people that could be invited? --> Ideally we are looking for people who could now or eventually be a major donor - $1K+ per year. Steph: 1. EOY prep 2. Outreachy initial application closed. Contributions begin Oct 1, then we choose interns after a contribution period. 3. Drafted 'there is no dark web' presentation for a Friday call with DC area folks 4. Editing the community portal 5. Newsletter draft in the works 6. Working with emma on a post for International Translation Day Antonela 1. Updating the UX Team roadmap. 2. S9 2.1 regular website maintenance/review. 2.2 community.tpo.org/user-research needs content review 2.3 Narriral contract ends this week. We organized the user research done in 2018 and Q1/Q2 2019, wrote reports and set up the process for future user research with communities. 3. S27 3.1 The UX part of O2A1, O2A3, O2A5 is done 3.2 progress with .onion errors (O2A2, O2A4) 3.x are our OTF sponsors reports public? If yes, should we share those with OTF lists or TPO lists (even better)? 4. TB9.0 4.1 network settings UI review, dunqan will work on the onboarding update (#31768) 4.2 working on new identity UI 4.3 doing UI QA with TBA and TB alphas 5. OONI Probe UI/UX tasks 6. Reviewing Tunde's OTF progress 7. Working on the EOY Campaign Antoine 1. just FYI: opened up grafana semi-publicly see the beautiful dashboards at https://grafana.torproject.org/ 2. worked around stability issue on the new ganeti cluster, which has now entered a production phase with two new web mirrors in place 3. continued Puppet refactoring, review and cleanup, as usual 4. will send announcement for LDAP sudo changes tomorrow, pending for 3 years now 5. grafana dashboards now have support for "per role" displays (e.g. "show me the bandwidth usage of all the web mirrors") Georg 1. Helped with paper review 2. A lot of esr68 transition work Mike: 1. Circuit padding doc work 2. Paper review 3. Circuit padding bugs/ticket comments 4. Need to not be distracted by urgent things for next 2-3 weeks (lol), or ESR code review won't finish :/ Arturo: 1. Launched the new OONI Explorer, yay! https://ooni.org/post/next-generation-ooni-explorer/ 2. Working on infrastructure cleanup 3. Preparing release of OONI Probe mobile 2.2.0 4. Investigating blocking of media sites in Egypt 7. A lot of progress on the data analysis fastpath that will allow near-realtime publication of data as well as generating alerts for blocking events Pili: 1. Planning roadmaps for October 2. Working on S27 month end and work completion reports 3. Worked on Outreachy project for Community Team 4. Working on handing over parts of the website to new owners 5. Dockshackathon wrap up tasks 6. Still evaluating whether we want to participate in Hacktoberfest and how 7. Tor Browser release meeting 8. Hope to get around to more Fosdem organisation soon Matt: 1. Ongoing discussions with Georg and Pili for transitioning Tor Browser team lead 2. 68esr transition work, with a focus on Android 3. Beginning to look at important Tor Browser tickets we should work before the end of the year Erin: 1. Working on handbook clarifications 2. Exploring possibility of moving Seattle to small/cheap space in lieu of closing Philipp 1. Added new default bridges and coordinated with operates of prospective private/default bridges 2. More work on improving obfs4's flow shape, and making obfs4 client store state 3. Worked with new obfs4 bridge operators (useful feedback on our guides is still coming in) 4. More progress with snowflake's new client/server protocol 5. Worked on BridgeDB Sponsor 30 deliverables 6. Helped with paper review Karsten: 1. Made several smaller improvements to the code base (#31649, #31599) Nick: 1. Various documentation/text tasks 2. Team is working on 0.4.2 stability 3. Talked with group working on gathering at Wendy's place.

1 0

Moving Web group to Tor Project group in gitlab
by Pili Guerra 27 Sep '19

27 Sep '19

Hi everyone, Just a heads up that I’m planning to move the Website group[1] in gitlab under the Tor Project group[2] in gitlab in the next few days. This will mean that if you have bookmarked any issues here, the link to these will change. Also, any links and/or bookmarks to locations on the wiki will also break. Are there any strong objections from anyone before I do this? Thanks! Pili [1] https://dip.torproject.org/web [2] https://dip.torproject.org/torproject — Project Manager: Tor Browser, UX and Community teams pili at torproject dot org gpg 3E7F A89E 2459 B6CC A62F 56B8 C6CB 772E F096 9C45

1 1

LDAP sudo passwords change
by Antoine Beaupré 26 Sep '19

26 Sep '19

Hello! What ==== In a month from now, the sudo configuration on torproject.org machines will change. While right now your normal LDAP password can be used to authenticate with sudo, but it will then require you to use the dedicated sudo password. When ==== For now, both the LDAP password and the new sudo password will work to authenticate to sudo. Starting in the third week of October (around October 14th), the LDAP password will no longer be accepted for sudo authentication. Note that this was previously announced in March 2016, but never enforced: https://lists.torproject.org/pipermail/tor-project/2016-March/000199.html How === The LDAP password is the one you got sent in encrypted mail when your account was first created on db.torproject.org. You should have changed that on the [web interface][]. This password is the one that also allows you to log into the management interface there and change for instance your mail forwarding configuration or your sudo password. [web interface]: https://db.torproject.org/login.html To set the sudo password: 1. go to the user management website above 2. pick "Update my info" 3. set a new (strong) sudo password If you want, you can set a password that works for all the hosts that are managed by torproject-admin, by using the "wildcard ("*"). Alternatively, or additionally, you can have per-host sudo passwords -- just select the appropriate host in the pull-down box. Once set on the web interface, you will have to confirm the new settings by sending a signed challenge to the mail interface. Please ensure you don't introduce any additional line breaks. Note that setting a sudo password will only enable you to use sudo to configured accounts on configured hosts. Consult the output of "sudo -l" if you don't know what you may do. (If you don't know, chances are you don't need to nor can use sudo.) Why === We prefer to use two authentication factors to access the more powerful "sudo" command, this is a security measure. We want a different password for anything that elevates your privilege, in other words. Who === This change is operated by the Tor Project sysadmins (TPA). If you have any questions or comments, feel free to respond to this message or followup in ticket #6367. -- Antoine Beaupré torproject.org system administration

1 0