tor-project September 2021

tor-project@lists.torproject.org

10 participants
17 discussions

PSA: fpcentral / forrestii retirement notice
by Matthew Finkel 21 Oct '21

21 Oct '21

Hello! The service "fpcentral" (https://fpcentral.tbb.torproject.org/) will be retired on October 20th 2021 (6 months from now), along with the server it is running on (forrestii). We do not have the resources to maintain the service. Besides, other, and better alternatives have emerged since then, like, for example the EFF's Cover Your Tracks service (https://coveryourtracks.eff.org/, previously known as the Panopticlick) and TorZillaPrint (https://arkenfox.github.io/TZP/). On the retirement date, the server will be shutdown, rendering the service completely unavailable. A week later, the server will be destroyed, and its backups will be destroyed 30 days after the retirement date. The Internet Archive has an up to date copy of the site's static assets and will be able to keep it for posterity. It is recommended that you fix any bookmarks, links, or other references you have to this site. If you have concerns about the retirement or wish to delay the procedure, you can add a comment to the tracking issue (https://gitlab.torproject.org/tpo/tpa/team/-/issues/40009) or contact TPA: https://gitlab.torproject.org/tpo/tpa/team/-/wikis/policy/tpa-rfc-2-support…

2 1

BBC Tor sites are now available on V3 Onion URL
by Abdallah al-Salmi - BBC 29 Sep '21

29 Sep '21

We are delighted to announce that BBC websites (News, Persian, Chinese and many more) are now available on a V3 Onion URL: https://www.bbcnewsd73hkzno2ini43t4gblxvycyac5aw4gnv7t2rccijh7745uqd.onion/ To get straight to the desired service, just add its name at the end e.g. for BBC Persian ==> /Persian; for BBC Chinese --> /chinese; for BBC Food --> /food ..etc This is also to thank Alec Muffett for his work on EOTK and his great help in migrating our V2 service. Abdallah al-Salmi | Strategy Analyst | @abdallaBBC | WSG Distribution | BBC | 1st Floor | Wogan House | London | W1A 1AA | Mobile: 078 94 80 5423 | PGP key ID: 0X3D1436B7

1 0

Event Invite: PrivChat #5 | Sept. 27 @ 17:00 UTC
by Al Smith 27 Sep '21

27 Sep '21

Hello Tor world, I wanted to send you an invite to a Tor event happening next week: *our latest edition of PrivChat <https://torproject.org/privchat>. *PrivChat is a live event series featuring experts discussing the latest in privacy and human rights news. * *What: *PrivChat: Protection Against Pegasus <https://torproject.org/privchat> * *When: *Monday, Sept. 27 @ 17:00 UTC * *Where:* https://www.youtube.com/watch?v=4ovmcZtaacY <https://www.youtube.com/watch?v=4ovmcZtaacY> * *More information:* https://torproject.org/privchat <https://torproject.org/privchat> Here's a calendar invite so you can easily save the date, which contains the full event details and description: https://www.torproject.org/static/images/privchat/privchat-5.ics Al Al Smith | smith(a)torproject.org Fundraising Director The Tor Project ------------------------------------------------------------------------ *PrivChat #5 | Protection Against Pegasus* Every year, governments, law enforcement agencies, militaries, and corporations invest billions of dollars into building and buying malicious spyware--software designed to silently infiltrate a user's device and allow attackers to view the contents without detection. This year, the Pegasus Project revealed that users of this kind of spyware, known as Pegasus and built by the NSO group, had targeted the phones that belong to thousands of people in more than 50 countries, including business executives, politicians, journalists, and human rights activists. In this edition of PrivChat, join *Likhita* and *Etienne Maynier* of Amnesty International and *John Scott Railton* of Citizen Lab to discuss: * What individuals, journalists, activists, and human rights defenders can do to protect themselves against sophisticated spyware? * What kind of organizations can we support to help stop this abuse? * Who is working on safer, more private software that we can trust? *Roger Dingledine*, Co-Founder of the Tor Project, will join us as our host and moderator. ------------------------------------------------------------------------

1 1

Anti-censorship meeting notes, 2021 September 23
by Cecylia Bocovich 23 Sep '21

23 Sep '21

Hi everyone! Here are our meeting logs: http://meetbot.debian.net/tor-meeting/2021/tor-meeting.2021-09-23-15.59.html and our meeting pad: Anti-censorship work meeting pad -------------------------------- Next meeting: Thursday September 23th 16:00 UTC Weekly meetings, every Thursday at 16:00 UTC, in #tor-meeting at OFTC (channel is logged while meetings are in progress) == Goal of this meeting == Weekly checkin about the status of anti-censorship work at Tor. Coordinate collaboration between people/teams on anti-censorship at Tor. == Announcements == Job opening on the anti-censorship team: https://www.torproject.org/about/jobs/software-developer-anticensorship-2/ \o/ == Discussion == https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… the go.mod warning turned out to be caused by a too-old git, and was nothing to fix in goptlib reading group: "BlindTLS: Circumventing TLS-based HTTPS censorship" https://dl.acm.org/doi/10.1145/3473604.3474564 summary https://github.com/net4people/bbs/issues/86 == Actions == == Interesting links == https://censoredplanet.org/webinar2021 https://www.macrumors.com/2021/09/17/icloud-private-relay-disabled-russia/ == Reading group == We will discuss "Exploring Simple Detection Techniques for DNS-over-HTTPS Tunnels" on 2021-10-07 https://dl.acm.org/doi/10.1145/3473604.3474563 Questions to ask and goals to have: What aspects of the paper are questionable? Are there immediate actions we can take based on this work? Are there long-term actions we can take based on this work? Is there future work that we want to call out, in hopes that others will pick it up? == Updates == Name: This week: - What you worked on this week. Next week: - What you are planning to work on next week. Help with: - Something you need help with. cecylia (cohosh): last updated 2021-09-23 Last week(s): - fixed gitlab CI - afk till tuesday - a bunch of s28 things - anti-censorship/team#25 - anti-censorship/team#24 - hiring tasks This week: - continue snowflake v2 improvements - fixups for snowflake!56 - implement changes to server API - review rdsys!15 - catch up on censorship-analysis measurements and work - do some snowflake simulations in shadow :) Needs help with: arlolra: 2021-08-12 Last week: - Migrate to v3 of the webextension manifest Next week: - Maybe get back to snowflake-webext #10 - Write up the pitch for our use case for supporting creating PeerConnections in background service workers https://github.com/w3c/webrtc-extensions/issues/77 Help with: - dcf: 2021-09-23 Last week: - identified cause of go.mod issue (nothing to do with snowflake or goptlib, as it turns out) https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… Next week: Help with: agix:2021-07-15 Last week: -Off due to final exams Next week: -Work on bridgebox for rdsys -More research on httpt #4 Help with: - hanneloresx: 2021-3-4 Last week: - Submitted MR for bridgestrap issue #14 Next week: - Finish bridgestrap #14 - Find new issue to work on Help with: - maxb: 2021-09-23 Last week: - Worked on https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… re: utls for broker negotiation - Had conversation with someone about upstream utls http round tripper https://github.com/refraction-networking/utls/pull/74 - Too busy with work :/ Next week: - _Really_ want to get a PR for utls round tripper meskio: 2021-09-23 Last week: - implement censorship snapsot available on moat (bridgedb#40025) - Honour the operators choice of distribution method for bridges (rdsys#39) - parse bridge-descriptors file and fix networkstatus parser (rdsys#69) - Hiring process Next week: - deploy censorship snapshot as part of rdsys (rdsys#61) - refactor snowflakes geoip code into a library (team#32) - parse bridge-descriptors file and fix networkstatus parser (rdsys#69) Help with: -

1 0

Metrics-web 1.4.1 released
by Silvia/Hiro 21 Sep '21

21 Sep '21

Hi, I have released metrics-web 1.4.0 and made a bug fix release for 1.4.1. Metrics-web aggregates publicly available data about the Tor network and visualizes that data on a website. This release was a long time in the making and has a lot of contribution from different people, which I hope will continue for the following releases. People that contribute to this release are: Ana Custura Gaba Georg Koppen Hiro Iain Learmoth Karsten Loesing # Changes in version 1.4.1 - 2020-09-21 * Medium changes - Fix how v3 statistics are extrapolated. See: https://gitlab.torproject.org/tpo/network-health/metrics/statistics/-/issue… * Minor changes - Fix a few copy paste issues in relay search overloaded banner # Changes in version 1.4.0 - 2020-09-20 * Medium changes - Improve runtime performance of the hidserv module by storing extrapolated statistics even if computed network fractions are zero, to avoid re-processing these statistics over and over. - Extract directory authority bytes per day in the bwhist module. - Rewrite insert_bwhist in SQL to improve performance of the bwhist module. - Estimate relay users by country based on responses to directory requests to reduce the overall effect of binning and to make relay and bridge user estimates more comparable. - Estimate bridge users by country based on requests by country, if available, to get more accurate numbers than those obtained from unique IP address counts. - Update to metrics-lib 2.19.0 and ExoneraTor 4.4.0. - Switch from processing Torperf .tpf to OnionPerf analysis .json files. - Add Onion Service v3 statistics. - Add overloaded relay information by displaying an amber dot next to the relay nickname in relay search. - Update throughput calculation for Onionperf transfers. * Minor changes - Make Jetty host configurable. - Configure a base URL in order to turn ExoneraTor's permanent links into https:// links. - Set default locale `US` at the beginning of the execution. - Set default time zone `UTC` at the beginning of the execution. - Simplify logging configuration. You can find the release at: https://dist.torproject.org/metrics-web/1.4.0/ https://dist.torproject.org/metrics-web/1.4.1/ You can find the sources at: https://gitlab.torproject.org/tpo/network-health/metrics/website/-/tree/met… https://gitlab.torproject.org/tpo/network-health/metrics/website/-/tree/met… Thanks, hiro _______________________________________________ tor-project mailing list tor-project(a)lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-project

1 0

Monthly Localization Hangout Tomorrow from 12UTC onwards
by emma peel 16 Sep '21

16 Sep '21

Just a note to remind you that..... Tomorrow we hang out! Every 3rd Friday of the month the Tor L10n Team meets to translate together, share tricks, have fun while translating, meet fellow translators, and find out about the l10n priorities for the Tor Project. Come join us on the Localization Hangout, from Noon UTC, on the #tor-l10n channel in OFTC. (you can also use Element https://element.io/ to connect: #tor-l10n:matrix.org) More information: https://gitlab.torproject.org/tpo/community/l10n/-/wikis/Monthly-Tor-Locali… emmapeel localization coordinator tor project

1 0

Anti-censorship meeting notes, 2021 September 16
by meskio 16 Sep '21

16 Sep '21

Hi everyone! Here are our meeting logs: http://meetbot.debian.net/tor-meeting/2021/tor-meeting.2021-09-16-15.59.html and our meeting pad: Anti-censorship work meeting pad -------------------------------- Next meeting: Thursday September 16th 16:00 UTC Weekly meetings, every Thursday at 16:00 UTC, in #tor-meeting at OFTC (channel is logged while meetings are in progress) == Goal of this meeting == Weekly checkin about the status of anti-censorship work at Tor. Coordinate collaboration between people/teams on anti-censorship at Tor. == Links to Useful documents == Our anti-censorship roadmap: Roadmap: https://gitlab.torproject.org/groups/tpo/anti-censorship/-/boards The anti-censorship team's wiki page: https://gitlab.torproject.org/tpo/anti-censorship/team/-/wikis/home Past meeting notes can be found at: https://lists.torproject.org/pipermail/tor-project/ Tickets that need reviews: from sponsors we are working on: All needs review tickets: https://gitlab.torproject.org/groups/tpo/anti-censorship/-/merge_requests?s… Sponsor 30 https://gitlab.torproject.org/groups/tpo/-/milestones/4 https://gitlab.torproject.org/groups/tpo/-/milestones/7 https://gitlab.torproject.org/groups/tpo/-/milestones/5 https://gitlab.torproject.org/groups/tpo/-/milestones/6 Sponsor 28 must-do tickets: https://gitlab.torproject.org/groups/tpo/-/milestones/10 possible tickets: https://gitlab.torproject.org/groups/tpo/-/issues?scope=all&utf8=%E2%9C%93&… == Announcements == Job opening on the anti-censorship team: https://www.torproject.org/about/jobs/software-developer-anticensorship-2/ \o/ == Discussion == https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… any idea what this "go.mod" warning is about? updated goptlib to add a go.mod and checking with the reporter if it fixes the problem == Actions == == Interesting links == https://ntc.party/t/tls-youtube/1311 TLS filter on youtube.com in Russia == Reading group == We will discuss "BlindTLS: Circumventing TLS-based HTTPS censorship" on 2021-09-23 https://dl.acm.org/doi/10.1145/3473604.3474564 Questions to ask and goals to have: What aspects of the paper are questionable? Are there immediate actions we can take based on this work? Are there long-term actions we can take based on this work? Is there future work that we want to call out, in hopes that others will pick it up? == Updates == Name: This week: - What you worked on this week. Next week: - What you are planning to work on next week. Help with: - Something you need help with. cecylia (cohosh): last updated 2021-09-09 Last week: - provided usecase for v3 service worker implementation of RTCPeerConnection - https://github.com/w3c/webextensions/issues/72#issuecomment-912675268 - https://github.com/w3c/webrtc-extensions/issues/77#issuecomment-912667886 - finished up and merged rdsys#38 - sponsor 28 scrimmage work - hiring tasks - started work on snowflake library v2 API changes (snowflake#40063) This week: - Away next week Needs help with: arlolra: 2021-08-12 Last week: - Migrate to v3 of the webextension manifest Next week: - Maybe get back to snowflake-webext #10 - Write up the pitch for our use case for supporting creating PeerConnections in background service workers https://github.com/w3c/webrtc-extensions/issues/77 Help with: - dcf: 2021-09-16 Last week: - snowflake bookkeeping https://gitlab.torproject.org/tpo/anti-censorship/team/-/wikis/Snowflake-co… - added a go.mod file to goptlib, released v1.2.0 https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… - replied to a ticket about Snowflake connection problems with a suggestion to enable logs https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… - replied re SCTP pluggable transport https://lists.torproject.org/pipermail/anti-censorship-team/2021-September/… - reviewed Snowflake client lib cleanup https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… Next week: - identify cause and fix for the goptlib go.mod issue https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… Help with: agix:2021-07-15 Last week: -Off due to final exams Next week: -Work on bridgebox for rdsys -More research on httpt #4 Help with: - hanneloresx: 2021-3-4 Last week: - Submitted MR for bridgestrap issue #14 Next week: - Finish bridgestrap #14 - Find new issue to work on Help with: - maxb: 2021-07-15 Last week: - Opened https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… re: utls for broker negotiation - Worked on github.com/max-b/nat-testing for https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… - Added a snowflake-proxy-no-nat and a snowflake-client-no-nat to help with debugging - Successfully making connections from snowflake-client and snoflake-client-no-nat through the snowflake-proxy-no-nat, but not having any success with the snowflake-proxy (with nat). - Added a local dockerized STUN server Next week: - Use wireshark to figure out the difference between successful snowflake-proxy-no-nat and unsuccessful snowflake-proxy-nat - Work on implementing different NAT types, particularly in a way that's conducive to automatic testing - Add testing wrapper w/ "pass/fail" conditions meskio: 2021-09-16 Last week: - implement censorship snapsot available on moat (bridgedb#40025) - review Clean up and document Snowflake client package (snowflake!56) - look at bridgedb smtp errors (bridgedb#12627) Next week: - deploy censorship snapshot as part of rdsys (rdsys#61) - work on bridgedb and rdsys connection (rdsys#12) Help with: - -- meskio | https://meskio.net/ -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- My contact info: https://meskio.net/crypto.txt -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Nos vamos a Croatan.

1 0

upcoming change in mailing lists configurations
by Antoine Beaupré 14 Sep '21

14 Sep '21

Hi, TL;DR: we are going to enable DMARC workarounds on Mailman mailing lists, which should improve deliverability. You may need to change your mailbox filters. # What is happening? We are going to change the configuration of all Mailman mailing lists to set the `dmarc_moderation_action` to `Munge From`. This will change the `From` header of outgoing email from mailing lists (such as this one) from, say: From: "Antoine Beaupré" <anarcat(a)torproject.org> .. to something like: From: Antoine Beaupre via tor-project <tor-project(a)lists.torproject.org> # Why are we doing this? This is because some email providers comply with the DMARC standard. To give an example, say provider example.com says that only them is allowed to send email from that domain and a user(a)example.com sends an email to one of our mailing lists. It's possible that this email then ends up at provider user(a)test.test, which, when it looks at the DMARC policy, decides to refuse the email because example.com doesn't allow lists.torproject.org to impersonate it. The net effect of this is that user(a)test.test will not get the email (at best) or (at worst!) get unsubscribed from the mailing list even though their email provider is actually complying with the email standard. A longer discussion of this happened in the issue tracker, here: https://gitlab.torproject.org/tpo/tpa/team/-/issues/19914 # When? This change will be performed in one week. Tests have been going since August 24th on the tor-relays@ lists and it has actually solved issues there, while not causing any other problems. # How? TPA will actually change the configuration on all lists, in the backend. List admins wishing their list to be excluded can notify us by replying to this email or opening a ticket in the TPA issue tracker, as usual: https://gitlab.torproject.org/tpo/tpa/team/-/issues/new A. -- Antoine Beaupré torproject.org system administration

1 1

Anti-censorship meeting notes, 2021 September 9
by Cecylia Bocovich 09 Sep '21

09 Sep '21

Hey everyone! Here are our meeting logs: http://meetbot.debian.net/tor-meeting/2021/tor-meeting.2021-09-09-16.00.html and our meeting pad: Anti-censorship work meeting pad -------------------------------- Next meeting: Thursday September 9th 16:00 UTC Weekly meetings, every Thursday at 16:00 UTC, in #tor-meeting at OFTC (channel is logged while meetings are in progress) == Goal of this meeting == Weekly checkin about the status of anti-censorship work at Tor. Coordinate collaboration between people/teams on anti-censorship at Tor. == Announcements == Job opening on the anti-censorship team: https://www.torproject.org/about/jobs/software-developer-anticensorship-2/ \o/ == Discussion == - what's going wrong with these connection failures? - https://bugs.torproject.org/tpo/anti-censorship/pluggable-transports/snowfl… - could just be getting unlucky with non-working proxies, and reaching the SOCKS timeout - will ask them to enable the snowflake-client log - is it ok to change the IP address of a bridge periodically (e.g. once per year)? - https://lists.torproject.org/pipermail/tor-relays/2021-August/019788.html - it's ok, bridgedb will start distributing the new IP address (existing users of the bridge lose access) - bridges are assigned to pools based on a hash of the fingerprint; is it possible for a bridge to fall into the manual, human-distributed pool that way? or are all those bridges hand-selected? == Actions == == Interesting links == Blocking of DNS/DoH/DoT servers of Google/Cloudflare/OpenDNS in Russia, begins today(?) https://github.com/net4people/bbs/issues/81 https://ntc.party/t/doh-dns-google/1225 Disruptions of BitTorrent and WireGuard in Russia last week https://github.com/net4people/bbs/issues/76#issuecomment-915544316 https://github.com/net4people/bbs/issues/83 https://ntc.party/t/an-open-encyclopedia-of-internet-censorship-persian/1223 == Reading group == We will discuss "BlindTLS: Circumventing TLS-based HTTPS censorship" on 2021-09-23 https://dl.acm.org/doi/10.1145/3473604.3474564 Questions to ask and goals to have: What aspects of the paper are questionable? Are there immediate actions we can take based on this work? Are there long-term actions we can take based on this work? Is there future work that we want to call out, in hopes that others will pick it up? == Updates == Name: This week: - What you worked on this week. Next week: - What you are planning to work on next week. Help with: - Something you need help with. cecylia (cohosh): last updated 2021-09-09 Last week: - provided usecase for v3 service worker implementation of RTCPeerConnection - https://github.com/w3c/webextensions/issues/72#issuecomment-912675268 - https://github.com/w3c/webrtc-extensions/issues/77#issuecomment-912667886 - finished up and merged rdsys#38 - sponsor 28 scrimmage work - hiring tasks - started work on snowflake library v2 API changes (snowflake#40063) This week: - Away next week Needs help with: arlolra: 2021-08-12 Last week: - Migrate to v3 of the webextension manifest Next week: - Maybe get back to snowflake-webext #10 - Write up the pitch for our use case for supporting creating PeerConnections in background service workers https://github.com/w3c/webrtc-extensions/issues/77 Help with: - dcf: 2021-09-09 Last week: - fixed meek-client test errors https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/meek… - commented on goptlib go.mod issue https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… Next week: - identify cause and fix for the goptlib go.mod issue https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… - reply to Alexander Mages re SCTP pluggable transport https://lists.torproject.org/pipermail/anti-censorship-team/2021-August/000… - suggest enabling logs in https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… Help with: agix:2021-07-15 Last week: -Off due to final exams Next week: -Work on bridgebox for rdsys -More research on httpt #4 Help with: - hanneloresx: 2021-3-4 Last week: - Submitted MR for bridgestrap issue #14 Next week: - Finish bridgestrap #14 - Find new issue to work on Help with: - maxb: 2021-07-15 Last week: - Opened https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… re: utls for broker negotiation - Worked on github.com/max-b/nat-testing for https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… - Added a snowflake-proxy-no-nat and a snowflake-client-no-nat to help with debugging - Successfully making connections from snowflake-client and snoflake-client-no-nat through the snowflake-proxy-no-nat, but not having any success with the snowflake-proxy (with nat). - Added a local dockerized STUN server Next week: - Use wireshark to figure out the difference between successful snowflake-proxy-no-nat and unsuccessful snowflake-proxy-nat - Work on implementing different NAT types, particularly in a way that's conducive to automatic testing - Add testing wrapper w/ "pass/fail" conditions meskio: 2021-09-09 Last week: - snowflake debian package (snowflake#19409) - failed gitlab uploader implementation for gettor in rdsys (rdsys#43) - start censorship snapsot available on moat (bridgedb#40025) - review networkstatus documents for running flag in rdsys (rdsys!14) Next week: - implement censorship snapsot available on moat (bridgedb#40025) - add more providers to gettor (rdsys#43) Help with: -

1 0

minutes from the sysadmin meeting
by Antoine Beaupré 09 Sep '21

09 Sep '21

Hi! I'm back from vacation, so we're meeting again! Here are the minutes from the meeting held yesterday. # Roll call: who's there and emergencies anarcat, kez, lavamind, gaba No emergencies. # Milestones for TPA projects Question: we're going to use the milestones functionality to sort large projects in the roadmap, which projects should go in there? We're going to review the roadmap before finishing off the other items on the checklist, if anything. Many of those are a little too vague to have clear deadlines and objective tasks. But we agree that we want to use milestones to track progress in the roadmap. Milestones may be created outside of the TPA namespace if we believe they will affect other projects (e.g. Jenkins). Milestones will be linked from the Wiki page for tracking. # Roadmap review Quarterly roadmap review: review priorities of the [2021 roadmap][] to establish *everything* that we will do this year. Hint: this will require making hard choices and postponing a certain number of things to 2022. [2021 roadmap]: https://gitlab.torproject.org/tpo/tpa/team/-/wikis/roadmap/2021 We did this in three stages: * Q3: what we did (or did not) do last quarter (and what we need to bring to Q4) * Q4: what we'll do in the final quarter * Must have: what we really need to do by the end of the year (really the same as Q4 at this point) ## Q3 We're reviewing Q3 first. Vacations and onboarding happened, and so did making a plan for the blog. Removed the "improve communications/monitoring" item: it's too vague and we're not going to finish it off in Q4. We kept the RT stuff, but moved it to Q4. ## Q4 review * blog migration is going well, we added the discourse forum as an item in the roadmap * the gitolite/gitweb retirement plan was removed from Q4, we're postponing to 2022 * jenkins migration is going well. websites are the main blocker. anarcat is bottomlining it, jerome will help with the webhook stuff, migrating status.tpo and then blog.tpo * moving the [email submission server ticket][] to the end of the list, as it is less of a priority than the other things * we're not going to fix [btcpayserver hosting][] yet, but we'll need to [pay for it][] * kez' projects were not listed in the roadmap so we've added them: * donate react.js rewrite * rewrite bridges.torproject.org templates as part of Sponsor 30's project [email submission server ticket]: https://gitlab.torproject.org/tpo/tpa/team/-/issues/30608 [btcpayserver hosting]: https://gitlab.torproject.org/tpo/tpa/team/-/issues/33750 [pay for it]: https://gitlab.torproject.org/tpo/tpa/team/-/issues/40303 ## Must have review * **email delivery improvements**: postponed to 2022, in general, and will need a tighter/clearer plan, including [mail standards][] * we keep that at the top of the list, "continued email improvements", next year * **service retirements**: SVN/fpcentral will be retired! * **scale GitLab with ongoing and surely expanding usage**. this happened: * we resized the VM (twice?) and provided more runners, including the huge shadow runner * we can deploy runners with very specific docker configurations * we discussed implementing a better system for caching (shared caching) and artifacts (an object storage system with minio/s3, which could be reused by gitlab pages) * scaling the runners and CI infrastructure will be a priority in 2022 * **provide reliable and simple continuous integration services**: working well! jenkins will be retired! * **fixing the blog**: happening * **improve communications and monitoring** * moving root@ and noise to RT is still planned * Nagios is going to require a redesign in 2022, even if just for upgrading it, because it is a breaking upgrade. maybe rebuild a new server with puppet or consider replacing with Prometheus + alert manager [mail standards]: https://gitlab.torproject.org/tpo/tpa/team/-/issues/40363 # Triage Go through the [web][] and [TPA team board][] and: 1. reduce the size of the Backlog 2. establish correctly what will be done next [web]: https://gitlab.torproject.org/tpo/tpa/team/-/boards/117 [TPA team board]: https://gitlab.torproject.org/groups/tpo/web/-/boards *Discussion postponed to next weekly check-in.* # Routine tasks review A number of routine tasks have fallen by the wayside during my vacations. Do we want to keep doing them? I'm thinking of: 1. monthly reports: super useful 2. weekly office hours: also useful, maybe do a reminder? 3. "star of the weeks" and regular triage, also provides an interruption shield: does not work so well because two people are part-time. other teams do triage with gaba once a week, half an hour. important to rotate to share the knowledge. a triage-howto page would be helpful to have on the wiki to make rotation as seamless as possible (see [ticket 40382][]) [ticket 40382]: https://gitlab.torproject.org/tpo/tpa/team/-/issues/40382 # Other discussions No other discussion came up during the meeting. # Next meeting In one month, usual time, to be scheduled. # Metrics of the month * hosts in Puppet: 88, LDAP: 91, Prometheus exporters: 142 * number of Apache servers monitored: 28, hits per second: 145 * number of Nginx servers: 2, hits per second: 2, hit ratio: 0.82 * number of self-hosted nameservers: 6, mail servers: 7 * pending upgrades: 15, reboots: 0 * average load: 0.33, memory available: 3.39 TiB/4.26 TiB, running processes: 647 * bytes sent: 277.79 MB/s, received: 166.01 MB/s * [GitLab tickets][]: ? tickets including... * open: 0 * icebox: 119 * backlog: 17 * next: 6 * doing: 5 * needs information: 3 * needs review: 0 * (closed: 2387) [Gitlab tickets]: https://gitlab.torproject.org/tpo/tpa/team/-/boards # Ticket analysis | date | open | icebox | backlog | next | doing | closed | delta | sum | new | spill | |------------|------|--------|---------|------|-------|--------|-------|------|------|-------| | 2020-11-18 | 1 | 84 | 32 | 5 | 4 | 2119 | NA | 2245 | NA | NA | | 2020-12-02 | 0 | 92 | 20 | 9 | 8 | 2130 | 11 | 2259 | 14 | -3 | | 2021-01-19 | 0 | 91 | 20 | 12 | 10 | 2165 | 35 | 2298 | 39 | -4 | | 2021-02-02 | 0 | 96 | 18 | 10 | 7 | 2182 | 17 | 2313 | 15 | 2 | | 2021-03-02 | 0 | 107 | 15 | 9 | 7 | 2213 | 31 | 2351 | 38 | -7 | | 2021-04-07 | 0 | 106 | 22 | 7 | 4 | 2225 | 12 | 2364 | 13 | -1 | | 2021-05-03 | 0 | 109 | 15 | 2 | 2 | 2266 | 41 | 2394 | 30 | 11 | | 2021-06-02 | 0 | 114 | 14 | 2 | 1 | 2297 | 31 | 2428 | 34 | -3 | | 2021-09-07 | 0 | 119 | 17 | 6 | 5 | 2397 | 100 | 2544 | 116 | -16 | |------------|------|--------|---------|------|-------|--------|-------|------|------|-------| | mean | 0.1 | 102.0 | 19.2 | 6.9 | 5.3 | NA | 30.9 | NA | 33.2 | -2.3 |    We have knocked out an average of 33 tickets per month during the vacations, which is pretty amazing. Still not enough to keep up with the tide, so the icebox is still filling up. Also note that there are 3 tickets ("Needs review") that are not listed in the last month. Legend: * date: date of the report * open: untriaged tickets * icebox: tickets triaged in the "icebox" ("stalled") * backlog: triaged, planned work for the "next" iteration (e.g. "next month") * next: work to be done in the current iteration or "sprint" (e.g. currently a month, so "this month") * doing: work being done right now (generally during the day or week) * closed: completed work * delta: number of new closed tickets from last report * sum: total number of tickets * new: tickets created since the last report * spill: difference between "delta" and "new", whether we closed more or less tickets than were created -- Antoine Beaupré torproject.org system administration

1 0

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

tor-project September 2021