March 2020 - tor-project - lists.torproject.org

Notes from Vegas Meeting MARCH 26 2020
by Erin Wyatt 28 Mar '20

28 Mar '20

Vegas Team Meeting notes March 26 2020 NEW BUSINESS + Gaba: tor releases: we are thinking on call them outside of the network team meetings and review each time with more people what is going in (similar than the Tor Browser release meetings). Thoughts? - We are going to bring this back to the network team and move forward with release planning meetings. + Pili: We are going to be implementing onion-location headers on our websites to take advantage of a new feature we will introduce into Tor Browser in an upcoming alpha release to redirect visitors using tor-browser to the .onion address. We should coordinate this work to happen on websites at the same time as we release Tor Browser Alpha and also to make a nice announcement about it. We would also like to reach out to some orgs who are operating onion services to let them know about this new feature. GENERAL NOTES GeKo 1. network health work is moving along 2. spent some time getting back to Coil and their issues with using Tor for Webpayments (spoiler alert: we found some weird breakae due to Cloudflare; following up on that this week) 3. more work on the licensing/copyright issue for TPI folks 4. getting back to onion service education coordination 5. H1 bug bounty fun Sarah 1. Major donor virtual happy hour tonight 2. Will follow up with 1:1s with attendees 3. Moving onto plans for April 13th foundation presentation 4. Working on projections for FY21 Antonela • 1. working on s30 user research, listening ICFP fellow interviews in Cameroon and Nigeria. Due covid-19 the scheduled interviews are going to 2. continue remotely • 3. planning remote user research for s9 • 4. working with onions in multiple salads, closing s27 • 5. moving forward with diogosergio's proposal for design git • 6. #docshackathon: working on having Tor Browser's new features highlights in a webpage • 7. tagging s58 ux issues Gaba • 1. DoS follow up on funding proposals • 2. Gitlab migration plans • 3. syncs with ahf & nick and follow ups • 4. tor releases: we are thinking on call them outside of the network team meetings and review each time with more people what is going in isabela: 1. getting ready for today's event and the follow up after that 2. following up with some discussions/email threads that I was behind w/ 3. preparing things for the next board meeting Steph 1. Preparing for today's event, adding new slides 2. Working with OTF Learning Lab 3. Press inquiries 4. Remote work and personal safety post published 5. Invited to do a podcast 6. Social media Mike: 1. HS DoS experiments and literature review 2. Employee peer reviews 3. Press inquiry help Alex: 1. Had 1:1:1 with Gaba and Nick. Some follow ups from that. 2. Had Gitlab meeting with Gaba where we went over the list of issues that remained and tried to make a plan. 3. GeKo and I started having weekly sbws meetings with Juga. 4. General development. 5. Concentration back to normal this week. Nick: 1. Bad concentration this week; but trying to get back into productivity. Experience has taught me not to try to force it too hard. 2. Trying to write end-of-month notes, and including the question "what is my job anyway". Let's see how that goes. Gus: 1. DocsHackathon week! If you want to join us, jump on #tor-www IRC channel! 2. Running new Outreachy project and onboarding new applicants 3. Network Health: worked with Steph to announce 0.2.9 and 0.4.0 rejection from the tor network 4. Drafting an email to contact our training partners Pili: 1. Starting to wrap up S27 and taking stock of what we have achieved. • - We are going to be implementing onion-location headers on our websites to take advantage of a new feature we will introduce into Tor Browser in an upcoming alpha release to redirect visitors using tor-browser to the .onion address. We should coordinate this work to happen on websites at the same time as we release Tor Browser Alpha and also to make a nice announcement about it. We would also like to reach out to some orgs who are operating onion services to let them know about this new feature. 2. Helping outreachy and GSoC candidates 3. Pushing github sponsors forward and some other github admin. 4. Trying to get Same-Origin Onion Certificates for Tor Onion Addresses scheduled and possibly funded. I need to write an email about this. 5. Docshackathon and other website work this week. 6. Setting up for S58 7. Planting lots of herb and vegetable seeds and obsessively watching for germination :) anarcat 1. whoa, weird color 2. investigated possible solutions for onion v3 deployment in our fleet, will require puppet development work 3. (basic) install of the new ganeti server with a single command, automation is starting to give us real benefits 4. started the migration of kvm3, you might have seen some tickets warning you about server moves, let me know if you have any questions 5. deployed a new IRC bot to automate IRC notifications for planned outages 6. did research on the possibilities hosting our own audio and/or video conferencing software in #33700 7. regular housekeeping (email aliases, code reviews, smartd SNAFU #33684 ewyatt 1. HR/Personnel Stuff 2. Still chipping away at things, trying to stay focused amid all the craziness Philipp 1. Made some progress on sponsor 30 deliverables 2. Found some time to help out volunteers Karsten: 1. Rewrote OnionPerf's tgen plots in seaborn and pandas (#33258). 2. Worked on various character encoding tickets (#24384, #21933). Charly 1. Working on some new documentation drafts with the help of gaba for meetings and organizing ourselves on the non-technical side 2. Trying to still meet with everyone on Vegas to get a sense of their action items needed from Isa 3. Slowly coming up with a system for organizing and integrating the tools we use like NextCloud 4. Getting ready for tonights event

2 1

Anti-censorship meeting notes, 26 Mar 2020
by Philipp Winter 26 Mar '20

26 Mar '20

Hi all, Here are our meeting minutes: http://meetbot.debian.net/tor-meeting/2020/tor-meeting.2020-03-26-17.59.html And here is our meeting pad: Anti-censorship work meeting pad -------------------------------- Next meeting: Thursday April 1st 18:00 UTC Weekly meetings, every Thursday at 18:00 UTC, in #tor-meeting at OFTC (channel is logged while meetings are in progress). == Goal of this meeting == Weekly checkin about the status of anti-censorship work at Tor. Coordinate collaboration between people/teams on anti-censorship at Tor. == Links to Useful documents == * Our anti-censorship roadmap: https://gitlab.torproject.org/torproject/anti-censorship/roadmap/boards * Our roadmap consists of a subset of trac tickets. For 2020 Q1, the trac keyword is anti-censorship-roadmap-2020Q1 * Next planning session: last week of April * The anti-censorship team's wiki page: https://trac.torproject.org/projects/tor/wiki/org/teams/AntiCensorshipTeam * Past meetings' notes can be found at: https://lists.torproject.org/pipermail/tor-project/ * GetTor's roadmap: https://gitlab.torproject.org/groups/torproject/anti-censorship/gettor-proj… * Tickets that need reviews: from sponsors we are working on: * https://trac.torproject.org/projects/tor/wiki/org/sponsors/Sponsor30 * https://trac.torproject.org/projects/tor/wiki/org/sponsors/Sponsor28 * Anti-censorship related tickets that we want other teams to fix: * https://pad.riseup.net/p/tor-anti-censorship-tickets-keep ------------------------- --- March 26th 2020 -- ------------------------- == Announcements == * == Discussion == * Can we close https://trac.torproject.org/projects/tor/ticket/29863 (snowflake infra disk space monitoring) ? * What's there to do for https://trac.torproject.org/projects/tor/ticket/29274 (get developers using new PT alphas) ? == Actions == * == Interesting links == * https://uncensoredlibrary.com/en * https://geneva.cs.umd.edu/posts/iran-whitelister/ * https://github.com/SadeghHayeri/GreenTunnel * https://info.williamlong.info/2020/03/github-pages.html * reported TLS MITM of GitHub Pages in China == Reading group == * We will discuss "Detecting Probe-resistant Proxies" on April 2 * https://censorbib.nymity.ch/#Frolov2020a * Questions to ask and goals to have: * What aspects of the paper are questionable? * Are there immediate actions we can take based on this work? * Are there long-term actions we can take based on this work? * Is there future work that we want to call out, in hopes that others will pick it up? == Updates == Name: This week: - What you worked on this week. Next week: - What you are planning to work on next week (related to anti-censorship work). Help with: - Something you may need help with. phw: This week (2020-03-26): * Made decent progress on making BridgeDB report internal metrics (#31422). * Merged patch that made docker obfs4 image support docker-compose to (re-)deploy container. Thanks to thymbahutymba for the patch! * Spent a lot of time debugging the failure that resulted from my own creation (#33709). * Merged #31967, thanks to agix for the patch! * Fixed and merged #30317. * Implemented #33631. * Revised #30941. Next week: * Write a summary of our current BridgeDB distribution mechanisms and brainstorm new ones * Pay attention to volunteer work (help agix with BridgeDB reviews; thymbahutymba with docker; Sergey with https proxy) * Make BridgeDB report internal metrics (#31422) * Catch up on RACE; in particular wrt obfs4 improvements Help with: * https://trac.torproject.org/projects/tor/ticket/30941 Gaba: () Last week (2020-03-26): * not much related to anti-censorship This week (planned): * not much related to anti-censorship cecylia (cohosh): last updated 2020-03-26 Last week: - Updated Snowflake license (#33637) - worked on learning about Debian for Snowflake (#19409) - chipped away at updating the debian obfs4proxy package (#33736) - travis fixes for #33593 - lots of grant writing, the grant seems pretty much finished! - lots of gsoc things, reviewed proposals, talked to applicants - created #33740 - reviewed #33631 and #30317 - read up on history of #33693 This week: - Resume obfs4 and snowflake tests (#31701, #32657, and #32545) - see if i can help push snowflake for android along (#28672) - write a patch for #33693 - look into proxy issues (#33666) - take a look at reviving the twitter responder in GetTor (#33036) Needs help with: juggy : arlolra: 2020-03-26 Last week: - merged #33665 Next week: - maybe the proxy parts of #19026 - start on #31201 Help with: - review of #19026 but also answer the question there dcf: 2020-03-26 Last week: - announced snowflake-turbotunnel packages built on 9.5a8 (#33519) - https://lists.torproject.org/pipermail/anti-censorship-team/2020-March/0000… - discussed snowflake client metrics (#33693) - security upgrade of snowflake bridge (#33644) - closed ticket for multiple SOCKS connections in turbotunnel snowflake (#33519) - reviewed unsafe logging patch (#33665) - investigated effects of missing client_ip at snowflake bridge (#33157) - https://lists.torproject.org/pipermail/metrics-team/2020-March/001139.html Next week: - file ticket for snowflake-turbotunnel merge - share access to the snowflake broker CDN configuration (#30510) Help with: cjb: 2020-03-26 Last week: - gonna be afk with kids Next week: Help with: antonela: 2020-03-26 - working with Babatunde's interviews (OTF Fellowship) from Nigeria and Cameroon. Shared preliminar notes with Tunde and Nah (#32811) - started to work on this user research document, we still stick to the plan of running it during April (#31870) Help with: - nothing yet :) agix:2020-03-26 Last week: - Finally patched #31967 - Finished the project proposal Next week: - Patch #31426 - Patch #33647 Help with: - catalyst: 2020-03-19 last week: - worked on #5304 (Obfsproxy should respect OutboundBindAddress in torrc) this week: - more work on #5304 and other s28/s30 tickets thymbahutymba: 2020-03-23 Last week: - CI/CD using github actions. - docker-obfs4-bridge CI/CD (testing and multiarch-testing branch) with release on hub.docker.com. Next week: Help with: - How should work (be triggered) the release of different arch images? Hiro: (last updated before 2020-01-09) Started restoring Twitter Responder. When retrieving tweets I need to check for new tweets only otherwise Gettor will end up responding to old back log and already answered messages. <-- is this #27330 ? Next Week: - Work on gettor specs <-- Is this #3781? - More with review of strings and website content and translation

1 0

Metrics Meeting Notes, March 26th 2020
by Gaba 26 Mar '20

26 Mar '20

Hi! We had our weekly metrics team meeting today. The next one is going to be on April 2nd at 1430 UTC and it will be a retrospective and roadmap update. The pad for the meetings in 2020 is at https://pad.riseup.net/p/tor-metricsteam-2020.1-keep The agenda and notes for today is here: ----------------------------------- Agenda Thursday, March 26th, 15 UTC ----------------------------------- Time tracking (karsten) 1.8 Add CSV file export of graphed data (#33258) 0.7 Decode percent-encoded characters in qualified search terms (#24384) 0.5 Fix deserialization of UTF-8 characters in details statuses and documents (#21933) 0.3 Don't trust "bridge-ips" blindly for user number estimates (#18167) 0.1 Extend integration tests in metrics-test to also test Onionoo (no ticket) 0.1 Add Git repository containing lots of large files (#33692) 0.8 Other Time tracking (irl) 0.7 Tasks review / direct emails 0.1 Mailing lists 0.5 Migrate from GitLab CI to Travis CI on GitHub for metrics-cloud (#33713, #33714) 0.1 TorBulkExitList.py has wrong mime type (#33682) 0.2 Review, fix and/or ignore linter errors found by cfn-lint (#31414) Time tracking (dj) I have been asked to help out on a COVID-19 contact tracing app (making sure it is as privacy preserving as possible) This has limited my time for Tor related stuff last week / the coming week, but should clear up after that Time tracking: weeks, months, quarters, years (karsten) New Onionoo backends (irl) Suggest holding off for a bit while we figure out #33733 Service documentation (irl) Exit Scanner, Check, Onionoo, Monitoring Need SSH keys Reviews (karsten) We said before that first meeting of April will have Roadmap update and Retrospective. That is next meeting. It will be on Thursday, April 2 at 14:30 UTC. more topics here Log: http://meetbot.debian.net/tor-meeting/2020/tor-meeting.2020-03-26-15.01.log… -- Project Manager: Network, Anti-Censorship and Metrics teams gaba at torproject.org she/her are my pronouns GPG Fingerprint EE3F DF5C AD91 643C 21BE 8370 180D B06C 59CA BD19

1 0

Communications Report: January & February 2020
by Stephanie A. Whited 24 Mar '20

24 Mar '20

Hello Tor, Since the beginning of the year, we've been working with OTF Learning Labs to create new materials for debunking the dark web and promoting onion services. These are still in process. We've been working with the fundraising team to create new materials and prepare for events which are moving online. In January, we published a comprehensive review of press Tor received last year (in blog posts below). In February, Steph spoke on a Zeal community call about Tor and Walking Onions and responded to press inquiries from multiple outlets. Some of these correspondences are still open. Outreachy intern annalee_'s official internship has ended, but she will continue to work with us and is currently drafting a blog post. She helped us create a list of influencers, clean up blog tags, and clean up Steph's press list. Jan and Feb in links and stats: ## January = Blog posts = https://blog.torproject.org/tor-bug-smash-fund-progress https://blog.torproject.org/2019-campaign-wrapup-tor-take-back-the-internet = Twitter = https://twitter.com/torproject New followers: 3,537 Top tweets https://twitter.com/torproject/status/1212829700273426432 https://twitter.com/torproject/status/1221825005488488448 https://twitter.com/torproject/status/1222899806885957633 = Mastodon = https://mastodon.social/@torproject New followers: 350 = LinkedIn = https://linkedin.com/company/torproject New followers: 226 = Facebook = https://facebook.com/torproject New followers: 432 = Newsletter = https://newsletter.torproject.org/archive/2020-01-30-bug-smash-advocacy-wha… = Notable press = https://www.express.co.uk/life-style/science-technology/1227747/Android-upd… https://www.zdnet.com/article/50-orgs-ask-google-to-take-a-stance-against-a… ## February = Blog posts = https://blog.torproject.org/tor-village-iff-2020-call-proposals (event cancelled) https://blog.torproject.org/tor-media-2019 = Twitter = New followers: 4,835 = Top tweets = https://twitter.com/torproject/status/1233157310366855169 https://twitter.com/torproject/status/1227239767625977857 https://twitter.com/torproject/status/1230142134382211087 = Mastodon = New followers: 210 = Facebook = New followers: 348 = LinkedIn = New followers: 310 = Newsletter = https://newsletter.torproject.org/archive/2020-02-27-tor-in-the-news-we-are… = Notable press = https://techround.co.uk/interviews/interview-tor-project/ https://bitcoinmagazine.com/articles/2020-bitcoin-adoption-why-nonprofits-w… https://www.dw.com/en/tor-psiphon-signal-and-co-how-to-move-unrecognized-on… https://www.theverge.com/2020/2/21/21138403/tor-privacy-tools-private-netwo… https://computerworld.com.br/2020/02/24/8-etapas-para-ser-quase-completamen… -- Stephanie A. Whited Communications Director The Tor Project IRC: stephw PGP Fingerprint: E976 9771 7D46 2E63 9697 9F6D 6D6B 72C3 39A8 76AD <https://pgp.mit.edu/pks/lookup?op=get&search=0x6D6B72C339A876AD>

1 0

S27 (Onion Services) Meeting today: Tuesday 17th March @ 15UTC
by Pili Guerra 24 Mar '20

24 Mar '20

Hi everyone, We’ll be meeting shortly to discuss the Onion Services project. Thanks! Pili [1] https://trac.torproject.org/projects/tor/wiki/org/sponsors/Sponsor27 <https://trac.torproject.org/projects/tor/wiki/org/sponsors/Sponsor27> — Project Manager: Tor Browser, UX and Community teams pili at torproject dot org gpg 3E7F A89E 2459 B6CC A62F 56B8 C6CB 772E F096 9C45

1 2

Network health meeting notes, 23 Mar 2020
by Georg Koppen 24 Mar '20

24 Mar '20

Hello! We had another round of our weekly network-health meeting yesterday in #tor-meeting. The IRC log can be found at: http://meetbot.debian.net/tor-meeting/2020/tor-meeting.2020-03-23-18.59.log… The items from our pad (both discussion and status related) can be found below: Discussion: -meeting moves to 1800UTC next week (so everyone should have it at their usual local time)? [GeKo: yes. announcement got sent to networ-health list] - docshackathon this week. Do we need to update documentation about relays? Improvements? - DoS Prevention / PrivacyPass and Co / Onion Services (dj) [GeKo: yes, we think about participating] Statuses: GeKo: Last week: -more sbws work (I did not finish my work on #33009, but started to review closely #30905) -fixed #32864 -usual bad relay work -looked at our checktest doctor test (#33683) -started to look at another round of seemingly random resource load failures caused by Cloudflare (as part of #33466) -ggus: do we have some list of relay operators who run more than X% of the network and what kind of contacts we have to them? [GeKo: ggus asks sarah what the fundraising folks use and could find useful and we take it from there] This week -sbws work (mainly reviewing #30905 and hopefully fixing #33009) -more work on issues encountered with our bad relay scanners -more work on exit relay blocking problem (#33500 etc.) juga (offline): Last week: - Continued with child of #30719: #30905 (change state values when sbws is restarted) - Had irc meeting with GeKo and ahf together, we decided: - my minor (not bugfixes) changes for #30905 are ok, in the sense they are not just bugfixes, but with the current code it's all can be done (yet a lot of work). Still pending review. - we'll start to do reviews in gitlab.tpo, as soon as gaba creates the gitlab "canonical" sbws project. Next week: - Revisions on #30719 - Continue with #30735 Gus: This week: - Doing docshackathon this week. Do we need to update documentation about relays? Improvements? Gaba: This week: not doing anything related to the network health team. Georg

1 0

Notes from Vegas Meeting MARCH 19 2020
by Erin Wyatt 23 Mar '20

23 Mar '20

Vegas Team Meeting Notes March 19 2020: NEW BUSINESS + Sarah - We are looking at platforms and are leaning toward using Zoom for the upcoming webinars. We need something that is cheap (or free!), can handle 50 people, allows for screen sharing and recording, has a way for participants to ask questions. Suggestion: Jitsi? Maybe not because there is a thread in infrared from mayfirst and others; seems not to scale to more than 20 ppl --gaba] + isabela -> what are the pain points on vegas leads meetings so we can start thinking on how to address them and improve this meeting? - Long discussions about topics that only concern a few people - Discussion items need to be in the pad *at least 24 hours ahead of time*, ideally sooner; general notes can be last-minute - Maybe we can move to voice, or have a mix of voice- and text-based meetings; voice would require more attention to keeping minutes; Isa and Charly will be building a plan for meetings going forward. GENERAL NOTES GeKo: 1. network health work 2. Steph: Did you get my mail regarding the onion service education coordination? [yes, I did. Thanks for the reminder. things have been hectic -steph] 3. Working on licensing/copyright situation for TPI employees Sarah: 1. Working on webinar for next Thursday. We are looking at platforms and are leaning toward using Zoom. We need something that is cheap (or free!), can handle 50 people, allows for screen sharing and recording, has a way for participants to ask questions. 2. Had productive meetings this week with Internet Society Foundation and Omidyar. We will be submitting proposals to both. 3. Received notice that the browser OTF proposal has been accepted. We are now moving onto the contract phase. NICE! 4. Decided to hold off on a spring appeal to individuals. Nick: 1. new releases came out, including security fix. Seriously, everybody should upgrade. No sign of anybody using the attack yet (as of 0000 UTC on 19 Mar) 2. A few of us had our first mayfirst-hosted online meeting on Tuesday : it went 4 hours, with 10-15 minute breaks every hour. asn and dgoulet facilitated. Ask us what worked! Anarcat: 1. published two technical articles on my personal blog https://anarc.at/blog/2020-03-17-git-gpg-verification/ https://anarc.at/blog/2020-03-15-remote-tools/ 2. finished migrating 3 more VMs: cupani, polyanthum, omeiense, automation is starting to pay off 3. that allowed retiring second old libvirt/KVM server (unifolium), 2/5 done! 4. ordered a new ganeti server which i'll setup soon, fsn-node-05, to continue the Great Migration 5. routine stuff isabela: 1. Working on webinar deck for next week and other details related to March 26 event 2. Meetings w/ foundations Internet Society, Omydiar 3. Prepaing as much as possible to all the changes and implications regarding covid-19 and trying to give support to Tor folks and our community 4. onboarding Charly! 5. what are the pain points on vegas leads meetings? so we can start thinking on how to address them and improve this meeting gus: 1. Next week we will have Documentation Hackathon. People will join us on IRC and ask questions, please send them to #tor-www or to this blog post - https://blog.torproject.org/docshackathon-2020 2. Engaging with Outreachies applicants - Project 1 - 'Help Tor support our users'. 3. CryptoRave is postponed due Covid-19 Steph: 1. Working on a blog post about remote work habits and quarantine privacy situations. Helped with onionbalance & docshackathon posts 2. Will still be submitting to def con for a booth 3. Working with OTF learning lab on onion services 4. Preparing for webinar next week 5. Responding to press inquiries 6. Social media Gaba 1. s55 tracking 2. reading on walking onion project updates from nick 3. DoS defenses meeting. 4. sent mail to some of the sponsors on c19 5. a bunch of ther small stuff Antonela 1. Regular sponsor work, S27, S30 2. Working on a git proposal for design iterations in gitlab.torproject.org/torproject/ux/design 3. S9 planning remote user research for onion services and bridges, working with nah on it 4. Planning Monthly Hall Demos Pili 1. S9 regular sync 2. Tor Browser Release meeting 3. Helping Outreachy and GSoC applicants 4. Starting to wrap up S27 and figuring out what we're going to release when 5. Looking at gitlab projects again and organising them 6. S58 set up: creating trac page, tagging tickets, etc... - https://trac.torproject.org/projects/tor/wiki/org/sponsors/Sponsor58 Matt: 1. New Tor Browser releases at the end of this week/early next week 2. Lots of distractions, but concentrating as best I can Alex: 1. Team seems to be doing OK. 2. Low on concentration. 3. Some infrastructure issues this week that David helped me solve. 4. Technical work this week is in security stuff, windows problems Erin: 1. Onboarding Charly (yay!) 2. Personnel/HR stuff 3. Still a little behind on some things 4. Trying to stay focused and optimistic Mike: 1. HS DoS meeting 2. Writing peer reviews Karsten: 1. Getting up to speed with Matplotlib as first step to tweaking graphs produced by OnionPerf's visualize mode. 2. Started tracking time at a granularity of 0.1 points for better reports and future estimates. Philipp: 1. Mostly caught up from vacation. S28/S30 business as usual 2. Trying to pay more attention to volunteer work that accumulated over the last weeks

1 0

Anti-censorship meeting notes, 19 Mar 2020
by Philipp Winter 19 Mar '20

19 Mar '20

Hi friends, Here is our meeting summary: http://meetbot.debian.net/tor-meeting/2020/tor-meeting.2020-03-19-17.59.html And here is our meeting pad: Anti-censorship work meeting pad -------------------------------- Next meeting: Thursday March 19th 18:00 UTC Weekly meetings, every Thursday at 18:00 UTC, in #tor-meeting at OFTC (channel is logged while meetings are in progress). == Goal of this meeting == Weekly checkin about the status of anti-censorship work at Tor. Coordinate collaboration between people/teams on anti-censorship at Tor. == Links to Useful documents == * Our anti-censorship roadmap: https://gitlab.torproject.org/torproject/anti-censorship/roadmap/boards * Our roadmap consists of a subset of trac tickets. For 2020 Q1, the trac keyword is anti-censorship-roadmap-2020Q1 * Next planning session: last week of April * The anti-censorship team's wiki page: https://trac.torproject.org/projects/tor/wiki/org/teams/AntiCensorshipTeam * Past meetings' notes can be found at: https://lists.torproject.org/pipermail/tor-project/ * GetTor's roadmap: https://gitlab.torproject.org/groups/torproject/anti-censorship/gettor-proj… * Tickets that need reviews: from sponsors we are working on: * https://trac.torproject.org/projects/tor/wiki/org/sponsors/Sponsor30 * https://trac.torproject.org/projects/tor/wiki/org/sponsors/Sponsor28 * Anti-censorship related tickets that we want other teams to fix: * https://pad.riseup.net/p/tor-anti-censorship-tickets-keep ------------------------- --- March 19th 2020 -- ------------------------- == Announcements == * == Discussion == * Let's talk about the next steps to get snowflake to an "MVP" so it can be useful to users. * When is it a good time to blog about what we've been up to wrt snowflake? Before/after the TurboTunnel merge? * How about every two weeks, we pick a project or a paper and discuss it, reading group-style? * We could talk about it during our IRC meetings or over at https://github.com/net4people/bbs/issues * Ideally, we would exchange ideas about the benefits/issues of a project; how Tor could benefit from it; etc. * The goal is for us to stay up to date on recent developments and learn from each other. == Actions == * == Interesting links == * == Updates == Name: This week: - What you worked on this week. Next week: - What you are planning to work on next week (related to anti-censorship work). Help with: - Something you may need help with. phw: This week (2020-03-19): * Wrote February 2020 report * https://lists.torproject.org/pipermail/tor-project/2020-March/002774.html * Identified and contacted bridges that run soon-to-be-obsolete Tor versions * https://trac.torproject.org/projects/tor/ticket/32672#comment:42 * Added a bunch of new papers to CensorBib * Some catching up on Sponsor 28 emails * Reviewed several docker, GetTor, and BridgeDB patches * Tried to figure out if #33464 really is a problem (it isn't) * Addressed remaining feedback for #33008, merged, and deployed * Filed #33630 to get noisebridge01 removed from list of default bridges * It's been unmaintained for a looong time * Realised that BridgeDB doesn't let bridges *change* their distribution mechanism and filed #33631 to get it fixed * ...the fix is more invasive than I thought, though * More coordination on our monitoring infrastructure (#31159) * Our sysmon instance was broken, resulting in us not knowing that our UMN default bridge was down :( * Spent way too much time trying to figure out why BridgeDB's overly complicated installation procedure is now broken * ...still not clear :( Next week: * Write a summary of our current BridgeDB distribution mechanisms and brainstorm new ones * Pay attention to volunteer work (help agix with BridgeDB reviews; thymbahutymba with docker; Sergey with https proxy) * Make BridgeDB report internal metrics (#31422) * Catch up on RACE; in particular wrt obfs4 improvements Help with: * Gaba: () Last week (2020-03-12): * not much related to anti-censorship This week (planned): * not much related to anti-censorship cecylia (cohosh): last updated 2020-03-19 Last week: - finished Tor browser patch to update pion (#33576) - Revise GetTor help (and links) message (#23226) - removed server-webrtc (#33636) - final edit passes for NSF grant - worked on a Snowflake package for Debian (#19409) - helping with update of obfs4proxy debian package - remove server-webrtc from snowflake repo (#33636) - reviews of #33008, #33638 - talked with alwayslivid about telegram bot for GetTor (#22011) - prepared for potential snowflake repo split (#33593) This week: - maybe continue work on throughput check (#32938) - make a Snowflake package for debian (#19409) - Resume obfs4 and snowflake tests (#31701, #32657, and #32545) - look at options for getting STUN information to snowflake clients (#25591) - make sure obfs4proxy debian package gets updated - take a look at reviving the twitter responder in GetTor (#33036) Needs help with: - Update Snowflake license (#33637) - Review of GetTor help/links message update (#23226) - Decision and review of snowflake repo split (#33593) arlolra: 2020-03-19 Last week: - some snowflake refactoring (#33638) and review - #33665 Next week: - maybe the proxy parts of #19026 - start on #31201 Help with: - dcf: 2020-03-19 Last week: - reviewed snowflake proxy throughput tests (#32938) - filed a ticket for a needed security upgrade for the snowflake bridge (#33644) - let snowflake-turbotunnel handle simultaneous SOCKS connections (#33519) Next week: - announce snowflake-turbotunnel Tor Browser packages with 9.5a8 - file ticket for snowflake-turbotunnel merge - share access to the snowflake broker CDN configuration (#30510) Help with: cjb: 2020-03-19 Last week: - gonna be afk with kids Next week: Help with: agix:2020-03-19 Last week: - Opened #33647 (Minor updates to BridgeDB's dependencies) - Worked on the GSoC proposal - Fixed broken patch for #31967 Next week: - Continue on #31967 and #31426 Help with: - catalyst: 2020-03-19 last week: - did some s28/s30 prioritization with ahf - helped cohosh with some Debian packaging related things this week: - work on some s28/30 tickets, e.g., #5304 thymbahutymba: 2020-03-12 Last week: - docker-compose for obfs4-bridge (#31834) - multiarch docker obfs4 images #33461 (even though is more then a week ago) - reported issue concerning #31834 (comment 25) Next week: Help with: Hiro: (last updated before 2020-01-09) Started restoring Twitter Responder. When retrieving tweets I need to check for new tweets only otherwise Gettor will end up responding to old back log and already answered messages. <-- is this #27330 ? Next Week: - Work on gettor specs <-- Is this #3781? - More with review of strings and website content and translation

1 0

Sponsor 38 update (Shadow simulator)
by Jim Newsome 19 Mar '20

19 Mar '20

Project management: * We’ve filled in a more granular plan in the _Sponsor 38_ <https://trac.torproject.org/projects/tor/wiki/org/sponsors/Sponsor38>page. We’ve made some progress on _Shadow_ <https://github.com/shadow/shadow>’s milestone _Improve development assurance and velocity_ <https://github.com/shadow/shadow/milestone/15>. Notably: * Fixed remaining compiler warnings in our continuous-integration environments, and enabled -Werror there. _[#726_ <https://github.com/shadow/shadow/issues/711>] * Added continuous integration for shadow-plugin-tor, testing each pull request of shadow-plugin-tor against stable versions of shadow and Tor [_#85_ <https://github.com/shadow/shadow-plugin-tor/pull/85>, _#86_ <https://github.com/shadow/shadow-plugin-tor/pull/86>, _#90_ <https://github.com/shadow/shadow-plugin-tor/pull/90>], and also run it for pull requests in the Shadow plugin against stable versions of shadow-plugin-tor and Tor [_#727_ <https://github.com/shadow/shadow/pull/727>] _v1.14.0_ <https://github.com/shadow/shadow/releases/tag/v1.14.0>of Shadow was released. In addition to the changes above, it modularizes the router queue management algorithm and makes CoDel the default algorithm. Our current focus is on prototyping Phantom: a new architecture for Shadow that will run applications in their own processes rather than using a custom ELF loader to load them directly into Shadow’s process. The new architecture will work with unmodified program binaries (rather than having to recompile them with -fPIC), should be stabler and easier to maintain, and may have performance benefits. Because Rob Jansen and Ryan Wails at NRL are actively involved in this development work, NRL regulations require that the active development happen in a private branch. When it’s ready to be upstreamed, they’ll go through an NRL release process and merge it into the public repo. In the meantime there is a place-holder issue [_#738_ <https://github.com/shadow/shadow/issues/738>] in the public repo. Recent progress on Shadow-Phantom: * Added ability to simultaneously support alternative “thread” strategies for controlling and communicating with plugins. * Working proof-of-concept of “Shim-Pipe” threads, which use LD_PRELOAD to interpose the libc API to call a version of the “syscall” function that communicates via Shadow using a pipe. * Nearly done with a shared-memory-based IPC mechanism for the Shim-Pipe, which will be used for syscall pointer arguments. * Working proof-of-concept of “Ptrace” threads, which use ptrace to attach to plugin threads, and intercept and service syscalls. This approach is expected to be a bit simpler (the tracing process can directly read and write the tracee’s memory, making marshalling easier) and more reliable (e.g. handle direct usage of the syscall instruction), but be less performant (likely more context switches between Shadow, the OS, and the plugin). In the coming month our main focus will continue to be on Shadow-Phantom. We intend to flesh out the functionality enough to start doing simple networking benchmarks, and if results look promising will continue to flesh it out enough to run Tor.

1 0

Metrics Meeting Notes, March 19th 2020
by Gaba 19 Mar '20

19 Mar '20

Hi! We had our weekly metrics team meeting today. The next one is going to be on March 26th at 1500 UTC. The pad for the meetings in 2020 is at https://pad.riseup.net/p/tor-metricsteam-2020.1-keep The agenda and notes for today (and last week) are here: ----------------------------------- Agenda Thursday, March 19th, 15 UTC ----------------------------------- Time tracking (karsten) 1.0 Update CDF-TTFB graph (#33256) 0.8 Add CSV file export of graphed data (#33258) 0.6 Improve logging for Exonerator (#24542) 0.5 Extend integration tests in metrics-test to also test Onionoo (no ticket) 0.3 Make all Descriptor implementors serializable (#33090) 0.2 Display a bridge's distribution bucket (#33008) 0.2 Fix deserialization of UTF-8 characters in details statuses and documents (#21933) 0.1 Document how we estimate users by transport by country (#29636) 0.4 Other more topics here Log: http://meetbot.debian.net/tor-meeting/2020/tor-meeting.2020-03-19-15.02.log… ----------------------------------- Agenda Thursday, March 12th, 15 UTC ----------------------------------- Time tracking (karsten) 0.6 Add directory authority bytes to dirbytes graph (#33065) 0.4 Cache-Control header on 404 does not permit caching (#32065) 0.8 Simplify logging configuration across code bases (#33549) 0.1 Configure embedded Jetties programmatically rather than using IoC (no ticket) 0.1 Extend descriptorCutOff in CollecTor's RelayDescriptorDownloader by 6 hours (#19828) 0.1 Find a working alternative to using MaxMind's GeoLite2 databases (#32978) 0.1 Investigate possible bug in m-web logs (no ticket) 0.1 Make all Descriptor implementors serializable (#33090) 0.1 Relay Search does not have an icon for StaleDesc (#33453) 0.1 Relay Search flags are vertical on Tor Browser 8.0.2 on macOS (#28317) 0.1 Relay Search should be able to handle non-numbers in "as:" parameter (#32683) 0.1 Send service change announcement for check/tordnsel (#33510) 0.0 Update instructions for enabling javascript when javascript is disabled (#31714) 0.0 Do not let appended descriptor files grow too large (#33502) 0.4 Other ExitScanner (add more topics) Log: http://meetbot.debian.net/tor-meeting/2020/tor-meeting.2020-03-12-15.00.log… -- Project Manager: Network, Anti-Censorship and Metrics teams gaba at torproject.org she/her are my pronouns GPG Fingerprint EE3F DF5C AD91 643C 21BE 8370 180D B06C 59CA BD19

1 0