September 2021 - tor-project - lists.torproject.org

minutes from the sysadmin meeting
by Antoine Beaupré 10 Sep '21

10 Sep '21

Hi! I'm back from vacation, so we're meeting again! Here are the minutes from the meeting held yesterday. # Roll call: who's there and emergencies anarcat, kez, lavamind, gaba No emergencies. # Milestones for TPA projects Question: we're going to use the milestones functionality to sort large projects in the roadmap, which projects should go in there? We're going to review the roadmap before finishing off the other items on the checklist, if anything. Many of those are a little too vague to have clear deadlines and objective tasks. But we agree that we want to use milestones to track progress in the roadmap. Milestones may be created outside of the TPA namespace if we believe they will affect other projects (e.g. Jenkins). Milestones will be linked from the Wiki page for tracking. # Roadmap review Quarterly roadmap review: review priorities of the [2021 roadmap][] to establish *everything* that we will do this year. Hint: this will require making hard choices and postponing a certain number of things to 2022. [2021 roadmap]: https://gitlab.torproject.org/tpo/tpa/team/-/wikis/roadmap/2021 We did this in three stages: * Q3: what we did (or did not) do last quarter (and what we need to bring to Q4) * Q4: what we'll do in the final quarter * Must have: what we really need to do by the end of the year (really the same as Q4 at this point) ## Q3 We're reviewing Q3 first. Vacations and onboarding happened, and so did making a plan for the blog. Removed the "improve communications/monitoring" item: it's too vague and we're not going to finish it off in Q4. We kept the RT stuff, but moved it to Q4. ## Q4 review * blog migration is going well, we added the discourse forum as an item in the roadmap * the gitolite/gitweb retirement plan was removed from Q4, we're postponing to 2022 * jenkins migration is going well. websites are the main blocker. anarcat is bottomlining it, jerome will help with the webhook stuff, migrating status.tpo and then blog.tpo * moving the [email submission server ticket][] to the end of the list, as it is less of a priority than the other things * we're not going to fix [btcpayserver hosting][] yet, but we'll need to [pay for it][] * kez' projects were not listed in the roadmap so we've added them: * donate react.js rewrite * rewrite bridges.torproject.org templates as part of Sponsor 30's project [email submission server ticket]: https://gitlab.torproject.org/tpo/tpa/team/-/issues/30608 [btcpayserver hosting]: https://gitlab.torproject.org/tpo/tpa/team/-/issues/33750 [pay for it]: https://gitlab.torproject.org/tpo/tpa/team/-/issues/40303 ## Must have review * **email delivery improvements**: postponed to 2022, in general, and will need a tighter/clearer plan, including [mail standards][] * we keep that at the top of the list, "continued email improvements", next year * **service retirements**: SVN/fpcentral will be retired! * **scale GitLab with ongoing and surely expanding usage**. this happened: * we resized the VM (twice?) and provided more runners, including the huge shadow runner * we can deploy runners with very specific docker configurations * we discussed implementing a better system for caching (shared caching) and artifacts (an object storage system with minio/s3, which could be reused by gitlab pages) * scaling the runners and CI infrastructure will be a priority in 2022 * **provide reliable and simple continuous integration services**: working well! jenkins will be retired! * **fixing the blog**: happening * **improve communications and monitoring** * moving root@ and noise to RT is still planned * Nagios is going to require a redesign in 2022, even if just for upgrading it, because it is a breaking upgrade. maybe rebuild a new server with puppet or consider replacing with Prometheus + alert manager [mail standards]: https://gitlab.torproject.org/tpo/tpa/team/-/issues/40363 # Triage Go through the [web][] and [TPA team board][] and: 1. reduce the size of the Backlog 2. establish correctly what will be done next [web]: https://gitlab.torproject.org/tpo/tpa/team/-/boards/117 [TPA team board]: https://gitlab.torproject.org/groups/tpo/web/-/boards *Discussion postponed to next weekly check-in.* # Routine tasks review A number of routine tasks have fallen by the wayside during my vacations. Do we want to keep doing them? I'm thinking of: 1. monthly reports: super useful 2. weekly office hours: also useful, maybe do a reminder? 3. "star of the weeks" and regular triage, also provides an interruption shield: does not work so well because two people are part-time. other teams do triage with gaba once a week, half an hour. important to rotate to share the knowledge. a triage-howto page would be helpful to have on the wiki to make rotation as seamless as possible (see [ticket 40382][]) [ticket 40382]: https://gitlab.torproject.org/tpo/tpa/team/-/issues/40382 # Other discussions No other discussion came up during the meeting. # Next meeting In one month, usual time, to be scheduled. # Metrics of the month * hosts in Puppet: 88, LDAP: 91, Prometheus exporters: 142 * number of Apache servers monitored: 28, hits per second: 145 * number of Nginx servers: 2, hits per second: 2, hit ratio: 0.82 * number of self-hosted nameservers: 6, mail servers: 7 * pending upgrades: 15, reboots: 0 * average load: 0.33, memory available: 3.39 TiB/4.26 TiB, running processes: 647 * bytes sent: 277.79 MB/s, received: 166.01 MB/s * [GitLab tickets][]: ? tickets including... * open: 0 * icebox: 119 * backlog: 17 * next: 6 * doing: 5 * needs information: 3 * needs review: 0 * (closed: 2387) [Gitlab tickets]: https://gitlab.torproject.org/tpo/tpa/team/-/boards # Ticket analysis | date | open | icebox | backlog | next | doing | closed | delta | sum | new | spill | |------------|------|--------|---------|------|-------|--------|-------|------|------|-------| | 2020-11-18 | 1 | 84 | 32 | 5 | 4 | 2119 | NA | 2245 | NA | NA | | 2020-12-02 | 0 | 92 | 20 | 9 | 8 | 2130 | 11 | 2259 | 14 | -3 | | 2021-01-19 | 0 | 91 | 20 | 12 | 10 | 2165 | 35 | 2298 | 39 | -4 | | 2021-02-02 | 0 | 96 | 18 | 10 | 7 | 2182 | 17 | 2313 | 15 | 2 | | 2021-03-02 | 0 | 107 | 15 | 9 | 7 | 2213 | 31 | 2351 | 38 | -7 | | 2021-04-07 | 0 | 106 | 22 | 7 | 4 | 2225 | 12 | 2364 | 13 | -1 | | 2021-05-03 | 0 | 109 | 15 | 2 | 2 | 2266 | 41 | 2394 | 30 | 11 | | 2021-06-02 | 0 | 114 | 14 | 2 | 1 | 2297 | 31 | 2428 | 34 | -3 | | 2021-09-07 | 0 | 119 | 17 | 6 | 5 | 2397 | 100 | 2544 | 116 | -16 | |------------|------|--------|---------|------|-------|--------|-------|------|------|-------| | mean | 0.1 | 102.0 | 19.2 | 6.9 | 5.3 | NA | 30.9 | NA | 33.2 | -2.3 |    We have knocked out an average of 33 tickets per month during the vacations, which is pretty amazing. Still not enough to keep up with the tide, so the icebox is still filling up. Also note that there are 3 tickets ("Needs review") that are not listed in the last month. Legend: * date: date of the report * open: untriaged tickets * icebox: tickets triaged in the "icebox" ("stalled") * backlog: triaged, planned work for the "next" iteration (e.g. "next month") * next: work to be done in the current iteration or "sprint" (e.g. currently a month, so "this month") * doing: work being done right now (generally during the day or week) * closed: completed work * delta: number of new closed tickets from last report * sum: total number of tickets * new: tickets created since the last report * spill: difference between "delta" and "new", whether we closed more or less tickets than were created -- Antoine Beaupré torproject.org system administration

1 0

UX team monthly meetings notes, September 7th
by Duncan Larsen-Russell 07 Sep '21

07 Sep '21

Hello, Thanks everyone who made it to today's UX team monthly meeting! We're looking forward to seeing you all again in October. Here are the minutes: http://meetbot.debian.net/tor-meeting/2021/tor-meeting.2021-09-07-14.00.log… <http://meetbot.debian.net/tor-meeting/2021/tor-meeting.2021-09-07-14.00.log…> Today we reviewed the script for the UX team’s upcoming VPN user survey, which will help us determine which VPNs the community use most, why they use a VPN, and how it fits into their browsing experience. Lastly, we also discussed the August 2021 user feedback report. *** == Monthly User Experience Team Meeting == Open IRC meetings happen monthly on the first Tuesday of the month at 1400 UTC in #tor-meeting on OFTC. The next meeting will be held on Tuesday October 5th at 1400 UTC in #tor-meeting on OFTC. Here are the minutes from our most recent meetings: September 7th: http://meetbot.debian.net/tor-meeting/2021/tor-meeting.2021-09-07-14.00.log… <http://meetbot.debian.net/tor-meeting/2021/tor-meeting.2021-09-07-14.00.log…> August 3rd: http://meetbot.debian.net/tor-meeting/2021/tor-meeting.2021-08-03-13.59.log… <http://meetbot.debian.net/tor-meeting/2021/tor-meeting.2021-08-03-13.59.log…> July 13th: http://meetbot.debian.net/tor-meeting/2021/tor-meeting.2021-07-13-14.00.log… <http://meetbot.debian.net/tor-meeting/2021/tor-meeting.2021-07-13-14.00.log…> June 8th: http://meetbot.debian.net/tor-meeting/2021/tor-meeting.2021-06-08-14.00.log… <http://meetbot.debian.net/tor-meeting/2021/tor-meeting.2021-06-08-14.00.log…> -------------------------- Tuesday September 7th 14:00 UTC -------------------------- == What projects are we working on? == S9 - Usability and Community Intervention on Support for Democracy and Human Rights https://gitlab.torproject.org/groups/tpo/-/issues?scope=all&utf8=%E2%9C%93&… <https://gitlab.torproject.org/groups/tpo/-/issues?scope=all&utf8=%E2%9C%93&…> S30 - Empowering Communities in the Global South to Bypass Censorship https://gitlab.torproject.org/groups/tpo/-/issues?scope=all&utf8=%E2%9C%93&… <https://gitlab.torproject.org/groups/tpo/-/issues?scope=all&utf8=%E2%9C%93&…> S96 – Rapid Expansion of Access to the Uncensored Internet through Tor in China, Hong Kong, & Tibet https://gitlab.torproject.org/groups/tpo/-/milestones/24 <https://gitlab.torproject.org/groups/tpo/-/milestones/24> S103 – Collaborative ResistancE to Web Surveillance (CREWS) https://gitlab.torproject.org/groups/tpo/-/issues?scope=all&utf8=%E2%9C%93&… <https://gitlab.torproject.org/groups/tpo/-/issues?scope=all&utf8=%E2%9C%93&…> == Announcements == * Tor Browser 10.5.5 Release: https://blog.torproject.org/new-release-tor-browser-1055 <https://blog.torproject.org/new-release-tor-browser-1055> * Tor Browser Alpha 11.0a5 Release: https://blog.torproject.org/new-release-tor-browser-110a5 <https://blog.torproject.org/new-release-tor-browser-110a5> * Tor Browser Alpha 11.0a6 Release (Android only): https://blog.torproject.org/new-release-tor-browser-110a6 <https://blog.torproject.org/new-release-tor-browser-110a6> * Tails 4.22 Release: https://blog.torproject.org/new-release-tails-422 <https://blog.torproject.org/new-release-tails-422> * V2 Onion Services deprecation: https://status.torproject.org/issues/2021-05-6-v2-deprecation/ <https://status.torproject.org/issues/2021-05-6-v2-deprecation/> == Agenda == 1. VPN user survey: - Move "Why do you use a VPN" question earier in the branch/thread - How device-agnostic vs. Android-specific should the survey be? - If device-agnostic, include full selection of web-browsers and VPN providers - If Android specific, feature very explicit wording explaining this 2. User Feedback Report – August 2021: https://lists.torproject.org/pipermail/tor-project/2021-September/003177.ht… <https://lists.torproject.org/pipermail/tor-project/2021-September/003177.ht…> - 9 reports of confusion regarding the V2 deprecation warning: are these users on older versions of TB (and as such still see the banner on about:tor), or do these reports pertain to the V2 deprecation error screen itself? == Open Call for User Research == Find out how to contribute to the UX team: https://community.torproject.org/user-research/how-to-volunteer/ <https://community.torproject.org/user-research/how-to-volunteer/> Thanks everyone! *** Duncan Larsen-Russell Product Manager & UX Team Lead duncan(a)torproject.org <mailto:duncan@torproject.org>

1 0

Anti-censorship team monthly report: July and August 2021
by Cecylia Bocovich 07 Sep '21

07 Sep '21

Hi everyone, This is what we've been up to during July and August! Snowflake ========= * Adjusted Snowflake session layer parameters for better performance. https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… * Added support for an AMP cache rendezvous to Snowflake. It is not being used yet, but is available if needed as an alternative to domain fronting rendezvous. https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… * Updated the web proxy for new browser requirements. https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… * Made the Snowflake client accept configuration in the form of SOCKS arguments (in preference to command-line options). This makes it easier to control the configuration in frontends such as Tor Browser's. https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… * Assign proxies based on their client load https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… * Wait pollInterval in snowflake between proxy offers https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… * Improved Snowflake documentation and READMEs https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… BridgeDB ======== * change bridgedb to send obfs4 bridges by default over email https://gitlab.torproject.org/tpo/anti-censorship/bridgedb/-/issues/40019 * Allowed BridgeDB to see the IP address of moat clients https://gitlab.torproject.org/tpo/anti-censorship/bridgedb/-/issues/32276 rdsys ===== * Integrate GetTor into rdsys https://gitlab.torproject.org/tpo/anti-censorship/rdsys/-/issues/32 * Add GetTor documentation https://gitlab.torproject.org/tpo/anti-censorship/rdsys/-/issues/44 * Run tests in the CI https://gitlab.torproject.org/tpo/anti-censorship/rdsys/-/issues/58 Other ===== * Investigated changes in user metrics in Turkmenistan. https://gitlab.torproject.org/tpo/community/support/-/issues/40030#note_274… * Bridgestrap CollecTor metrics https://gitlab.torproject.org/tpo/anti-censorship/bridgestrap/-/issues/15 * Set up reachability probes for Tor in Turkey https://gitlab.torproject.org/tpo/anti-censorship/censorship-analysis/-/iss…

1 0

UX team meeting on September 7th
by Duncan Russell 04 Sep '21

04 Sep '21

Hi everyone! Our next User Experience team meeting will be held on Tuesday September 7th at 1400 UTC in #tor-meeting.* During this meeting we'll share an update on the UX team’s ongoing work across key projects, including the planning for our upcoming VPN user survey which will ask the community which VPNs they use, why they use a VPN, and how it fits into their browsing experience. If you'd like to get involved please feel free to add your items to the pad: https://pad.riseup.net/p/1D8sK8Zy74b_0qclC97I-ux-team-monthly-2020-keep <https://pad.riseup.net/p/1D8sK8Zy74b_0qclC97I-ux-team-monthly-2020-keep> Remember: User Experience team meetings are an open space for discussion around ethical user research, user interface design and the user experience of privacy-enhancing products. See you soon! Duncan [*] https://gitlab.torproject.org/tpo/ux/team/-/wikis/home <https://gitlab.torproject.org/tpo/ux/team/-/wikis/home> *** Duncan Larsen-Russell Product Manager & UX Team Lead duncan(a)torproject.org <mailto:duncan@torproject.org>

1 0

User Feedback Report - August 2021
by Kulsoom Zahra 04 Sep '21

04 Sep '21

Greetings, everyone! This is a report of the work done by the Community Team in the past month and general user feedback that we've received across our official support channels. Report Period - July 31 upto 31 August, 2021 Tickets resolved in the past month: 165 Here is a list of issues which got the most attention (at least 2 tickets on RT): # Tor Browser Breakdown of number of RT tickets received with respect to operating system: Windows (10,8,7 ...all the way upto Vista) - 24 macOS - 5 Android - 8 GNU/Linux - 2 iOS - 4 (Note: This includes tickets where the user mentioned the operating system or it was evident from the issue they were running into or enclosed screenshots.) 1. 12 RT tickets - Unable to access websites; Login fails. Users also reported issues with payment on sites like eBay, PayPal etc. Regarding websites blocking Tor users, Hackhard GSoC project is tracking the top 500 websites.[1] 2. 5 RT tickets - YouTube not accessible renders the error "Our system have detected unusual traffic from your computer network". We point users to the "Basic Troubleshooting when users can't access any particular website" article (template) on the RT. 3. 5 RT tickets - "Tor Unexpectedly Exited": Failure to launch Tor Browser. We direct users to the "Seven-point basic troubleshooting" article (template) on the RT to help users. 4. 5 RT tickets - Installation Issue (OS - Windows) We ask users to make sure they've downloaded the correct version of TB depending on their Operating System 32-bit or 64-bit. [2] 5. 4 RT tickets - Fake Tor App on Apple Store. Users are being charged after installing a fake Tor Browser app on iOS. We educate users about fake apps and recommend them to solely use the Onion Browser for iOS. 6. 3 RT tickets - Cannot download files on Tor Browser for Android. Regarding this we have a ticket on our GitLab. [3] A workaround for this recurring issue is to make a new Tor connection and relaunch the download. 7. 3 RT tickets - Error "Proxy Server Refused Connection". We ask users NOT to set TBA as their default browser and point them to the article on the Support Portal. [4] 8. 2 RT tickets - Reporting bad onion sites. The Tor Project doesnot host or control onion sites, we answer users taking help from the article on our Support portal. [5] 9. 1 RT ticket - Error "RSA_get0_d could not be located in the dynamic link library tor.exe" on Windows. We have a GitLab ticket regarding this long standing issue. [6] # Onion Services 1. 9 RT tickets - v2 onion deprecation. Users were confused 'how' to upgrade v2 onions to v3. They were asking for a direct link/button to upgrade. We help users identify v2 and v3 onions, point them to the "v2 onion deprecation" article (template) on the RT and FAQ on the Support Portal. [7] # UI/UX and documentation 1. Google Play Store - In terms of user experience, reviews mostly revolve around- 'Unable to access to YouTube and other sites', 'Tor freezes', 'Can't download anything files/images', 'Tor Browser is slow', 'can't upload files' and 'too many captchas'. However, in terms of reviews we have quite a good number of 4 and 5 star ratings. 2. Tor Stack Exchange - Statistics of what the discussion has been about (6 most active tags): hidden-services- 17 questions anonymity- 12 questions security- 9 questions configuration (questions about configuring Tor software)- 6 questions tor-browser-bundle- 6 questions onion-routing - 4 questions 3. Reddit Discussions have been around: * Tor browser is Looping same exits. * Hidden Service for Minecraft * Can't access YouTube and other sites over Tor * Tor is very slow * VPN and Tor - How does using VPN decrease anonymity? * fdroid version from the guardian project not updated * Onion sites # Anti-censorship 1. 5 RT tickets - Bridges not working Tor logs revealed that it was caused by users editing their torrc file; overriding the exit nodes and 'general SOCKS server failure' errors. We educate users NOT to modify their torrc file and one gets the best security Tor can provide when they leave the route selection up to Tor. Then point them to the FAQ on the Support Portal. [8] 2. 4 RT tickets - Bridge requests We got users requesting help to connect to Tor which have been from Iran, China and other countries. We provided private bridges for them. 3. In the past month, there have been instances of censorship and internet shutdowns in countries like Iran and South Sudan. We're following up on their situation.[9] There has also been a decrease in users connecting directly to Tor from Turkmenistan. We've a ticket open to track the status. [10] If you have any suggestions, questions or want to discuss anything in detail please feel free to reach out to me and/or anyone from the Community Team! Thanks, Kulsoom IRC - kulsoom_z Links: [1]: https://gitlab.torproject.org/woswos/CAPTCHA-Monitor/-/wikis/GSoC-2021 [2]: https://www.torproject.org/download/ [3]: https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/31013 [4]: https://support.torproject.org/tbb/#tbb-32 [5]: https://support.torproject.org/abuse/remove-content-from-onion-address/ [6]: https://gitlab.torproject.org/tpo/core/tor/-/issues/33702 [7]: https://support.torproject.org/onionservices/#v2-deprecation [8]: https://support.torproject.org/tbb/#tbb-16 [9]: https://gitlab.torproject.org/tpo/community/support/-/issues/40034 [10]: https://gitlab.torproject.org/tpo/community/support/-/issues/40030

1 0

Anti-censorship meeting notes, 2021 September 2
by Cecylia Bocovich 03 Sep '21

03 Sep '21

Hi everyone! Here are our meeting logs: http://meetbot.debian.net/tor-meeting/2021/tor-meeting.2021-09-02-16.00.html and our meeting pad: Anti-censorship work meeting pad -------------------------------- Next meeting: Thursday September 2nd 16:00 UTC Weekly meetings, every Thursday at 16:00 UTC, in #tor-meeting at OFTC (channel is logged while meetings are in progress) == Goal of this meeting == Weekly checkin about the status of anti-censorship work at Tor. Coordinate collaboration between people/teams on anti-censorship at Tor. == Announcements == Job opening on the anti-censorship team: https://www.torproject.org/about/jobs/software-developer-anticensorship-2/ \o/ == Discussion == - CPU use in proxies and bridge - https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… - bridge is sitting at about 200% CPU: about 30% tor, 170% snowflake-server - might be worth doing one round of profiling? - how to profile the bridge? in production or separately? - can use snowbox as a simulation - proxies can control CPU use with -capacity option - Reading group? - we'll read "BlindTLS" https://dl.acm.org/doi/10.1145/3473604.3474564 - DocsHackathon: - Add a new support item about using Tor in China: https://gitlab.torproject.org/tpo/web/support/-/issues/210 - Merging support.torproject.org/gettor into support.torproject.org/censorship - TM censorship update - do any of our gettor endpoints work in Turkmenistan? - archive.org seems to be ok for DNS, HTTP, and HTTPS == Actions == Update the monthly report for July + August: https://pad.riseup.net/p/l7d6oBd40EQa3u7cFxIk == Interesting links == https://ntc.party/t/an-open-encyclopedia-of-internet-censorship-persian/1223 ACM FOCI 2021 papers https://dl.acm.org/doi/proceedings/10.1145/3473604 "Even Censors Have a Backup: Examining China's Double HTTPS Censorship Middleboxes" https://dl.acm.org/doi/10.1145/3473604.3474559 "Measuring QQMail's automated email censorship in China" https://dl.acm.org/doi/10.1145/3473604.3474560 "A multi-perspective view of Internet censorship in Myanmar" https://dl.acm.org/doi/10.1145/3473604.3474562 "Exploring Simple Detection Techniques for DNS-over-HTTPS Tunnels" https://dl.acm.org/doi/10.1145/3473604.3474563 "BlindTLS: Circumventing TLS-based HTTPS censorship" https://dl.acm.org/doi/10.1145/3473604.3474564 USENIX Security 2021 papers https://www.usenix.org/conference/usenixsecurity21/technical-sessions "Domain Shadowing: Leveraging Content Delivery Networks for Robust Blocking-Resistant Communications" https://www.usenix.org/conference/usenixsecurity21/presentation/wei "How Great is the Great Firewall? Measuring China's DNS Censorship" https://www.usenix.org/conference/usenixsecurity21/presentation/hoang "Balboa: Bobbing and Weaving around Network Censorship" https://www.usenix.org/conference/usenixsecurity21/presentation/rosen "Weaponizing Middleboxes for TCP Reflected Amplification" https://www.usenix.org/conference/usenixsecurity21/presentation/bock "Defeating DNN-Based Traffic Analysis Systems in Real-Time With Blind Adversarial Perturbations" https://www.usenix.org/conference/usenixsecurity21/presentation/nasr == Reading group == We will discuss "BlindTLS: Circumventing TLS-based HTTPS censorship" on 2021-09-23 https://dl.acm.org/doi/10.1145/3473604.3474564 Questions to ask and goals to have: What aspects of the paper are questionable? Are there immediate actions we can take based on this work? Are there long-term actions we can take based on this work? Is there future work that we want to call out, in hopes that others will pick it up? == Updates == Name: This week: - What you worked on this week. Next week: - What you are planning to work on next week. Help with: - Something you need help with. cecylia (cohosh): last updated 2021-09-02 Last week: - hiring tasks for ac team and network team - more s28 scrimmage work - got snowflake working in shadow - https://github.com/shadow/shadow/pull/1601 - implemented parsing of networkstatus documents for rdsys (rdsys!14) - wrote a draft plug for implementing RTCPeerConnection for v3 manifests - reviewed GetTor implementation in rdsys (rdsys!11) - reviewed snowflake!52 - couple other small reviews This week: - snowflake package documentation and API changes (snowflake#40063) - more rdsys + BridgeDB deployment work - network simulations of Snowflake with shadow - censorship measurement tests and tools - lots of miscellaneous gitlab TODOs Needs help with: - feedback on v3 plug: https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… arlolra: 2021-08-12 Last week: - Migrate to v3 of the webextension manifest Next week: - Maybe get back to snowflake-webext #10 - Write up the pitch for our use case for supporting creating PeerConnections in background service workers https://github.com/w3c/webrtc-extensions/issues/77 Help with: - dcf: 2021-09-02 Last week (since 2021-08-19): - helped review snowflake-client SOCKS args https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… - more investigation of blocking in Turkmenistan https://gitlab.torproject.org/tpo/community/support/-/issues/40030#note_274… - helped analyze go mod issue with goptlib https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… - attended pluggable transports meetup https://internetfreedomfestival.org/wiki/index.php/September_2_2021_GM Next week: - fix meek-client test errors https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/meek… - identify cause and fix for the goptlib go.mod issue https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… - reply to Alexander Mages re SCTP pluggable transport https://lists.torproject.org/pipermail/anti-censorship-team/2021-August/000… Help with: agix:2021-07-15 Last week: -Off due to final exams Next week: -Work on bridgebox for rdsys -More research on httpt #4 Help with: - hanneloresx: 2021-3-4 Last week: - Submitted MR for bridgestrap issue #14 Next week: - Finish bridgestrap #14 - Find new issue to work on Help with: - maxb: 2021-07-15 Last week: - Opened https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… re: utls for broker negotiation - Worked on github.com/max-b/nat-testing for https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… - Added a snowflake-proxy-no-nat and a snowflake-client-no-nat to help with debugging - Successfully making connections from snowflake-client and snoflake-client-no-nat through the snowflake-proxy-no-nat, but not having any success with the snowflake-proxy (with nat). - Added a local dockerized STUN server Next week: - Use wireshark to figure out the difference between successful snowflake-proxy-no-nat and unsuccessful snowflake-proxy-nat - Work on implementing different NAT types, particularly in a way that's conducive to automatic testing - Add testing wrapper w/ "pass/fail" conditions meskio: 2021-09-02 Last week: - work on the moat Censorsip snapshot (bridgedb#40025) - merge gettor implemenation (rdsys!11) - update snowflake debian package (snowflake#19409) - write gettor documentation (rdsys#44) - test fixes into snowflake (snowflake!55) - run rdsys tests in the CI (rdsys#58) - review networkstatus parser (rdsys!14) - review rearquitecture to smaller docker image for snowflake-proxy (docker-snowflake-proxy!1) - review and merge gettor updater script (gettor!17) - review snowflake Check error for calls to preparePeerConnection (snowflake!54) - review and merge obfs4 docker build for multiple archs (docker-obfs4-bridge!4) Next week: - implement censorship snapsot available on moat (bridgedb#40025) - add more providers to gettor (rdsys#43) - get the snowflake debian package reviewed by a DD (snowflake#19409) Help with: -

1 0

Anti-censorship meeting notes, 2021 August 26
by Cecylia Bocovich 02 Sep '21

02 Sep '21

Hey everyone! This is a little late, but here were our logs from the meeting last week: http://meetbot.debian.net/tor-meeting/2021/tor-meeting.2021-08-26-15.59.html and here is our meeting pad: Anti-censorship work meeting pad -------------------------------- Next meeting: Thursday August 19th 16:00 UTC Weekly meetings, every Thursday at 16:00 UTC, in #tor-meeting at OFTC (channel is logged while meetings are in progress) == Goal of this meeting == Weekly checkin about the status of anti-censorship work at Tor. Coordinate collaboration between people/teams on anti-censorship at Tor. == Announcements == Job opening on the anti-censorship team: https://www.torproject.org/about/jobs/software-developer-anticensorship-2/ \o/ == Discussion == == Actions == == Interesting links == USENIX Security 2021 papers https://www.usenix.org/conference/usenixsecurity21/technical-sessions "Domain Shadowing: Leveraging Content Delivery Networks for Robust Blocking-Resistant Communications" https://www.usenix.org/conference/usenixsecurity21/presentation/wei "How Great is the Great Firewall? Measuring China's DNS Censorship" https://www.usenix.org/conference/usenixsecurity21/presentation/hoang "Balboa: Bobbing and Weaving around Network Censorship" https://www.usenix.org/conference/usenixsecurity21/presentation/rosen "Weaponizing Middleboxes for TCP Reflected Amplification" https://www.usenix.org/conference/usenixsecurity21/presentation/bock "Defeating DNN-Based Traffic Analysis Systems in Real-Time With Blind Adversarial Perturbations" https://www.usenix.org/conference/usenixsecurity21/presentation/nasr == Reading group == We will discuss "" on Questions to ask and goals to have: What aspects of the paper are questionable? Are there immediate actions we can take based on this work? Are there long-term actions we can take based on this work? Is there future work that we want to call out, in hopes that others will pick it up? == Updates == Name: This week: - What you worked on this week. Next week: - What you are planning to work on next week. Help with: - Something you need help with. cecylia (cohosh): last updated 2021-08-26 Last week: - hiring tasks for ac team and network team - mostly just s28 integration/scrimmage - more work on making OONI's tor tests look more like tor - helped plan tor's autoconnect feature This week: - more hiring and s28 meetings - censorship measurement tests and tools - reviews - snowflake!52 followup - snowflake#25595 followup - lots of miscellaneous gitlab TODOs Needs help with: arlolra: 2021-08-12 Last week: - Migrate to v3 of the webextension manifest Next week: - Maybe get back to snowflake-webext #10 - Write up the pitch for our use case for supporting creating PeerConnections in background service workers https://github.com/w3c/webrtc-extensions/issues/77 Help with: - dcf: 2021-08-19 Last week: - snowflake CDN bookkeeping https://gitlab.torproject.org/tpo/anti-censorship/team/-/wikis/Snowflake-co… - posted a summary of the Turkmenistan situation https://ntc.party/t/recent-drop-in-tor-users-from-turkmenistan-testers-want… https://gitlab.torproject.org/tpo/community/support/-/issues/40030 Next week: Help with: agix:2021-07-15 Last week: -Off due to final exams Next week: -Work on bridgebox for rdsys -More research on httpt #4 Help with: - hanneloresx: 2021-3-4 Last week: - Submitted MR for bridgestrap issue #14 Next week: - Finish bridgestrap #14 - Find new issue to work on Help with: - maxb: 2021-07-15 Last week: - Opened https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… re: utls for broker negotiation - Worked on github.com/max-b/nat-testing for https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… - Added a snowflake-proxy-no-nat and a snowflake-client-no-nat to help with debugging - Successfully making connections from snowflake-client and snoflake-client-no-nat through the snowflake-proxy-no-nat, but not having any success with the snowflake-proxy (with nat). - Added a local dockerized STUN server Next week: - Use wireshark to figure out the difference between successful snowflake-proxy-no-nat and unsuccessful snowflake-proxy-nat - Work on implementing different NAT types, particularly in a way that's conducive to automatic testing - Add testing wrapper w/ "pass/fail" conditions meskio: 2021-08-26 Last week: - make bridgestrap CollecTor metrics resistant to restarts (bridgestrap#22) - change bridgedb to send obfs4 bridges by default over email (bridgedb#50) - review gettor upload script mr (gettor!17) - review docker-obfs4-bridge multi arch build (docker-obfs4-bridge!4) - review docker-obfs4-bridge fix for the new debian release (docker-obfs4-bridge!3) - review new translations for GettorWeb (gettor-web!7) Next week: - make censorship snapsot available on moat (bridgedb#40025) - act on comments on rdsys-gettor (rdsys!11) Help with: -

1 0

Monthly status report for irl
by Iain R. Learmonth 01 Sep '21

01 Sep '21

Hi All, This is my monthly status report for work complete during August 2021. This will be my last status report for this contract, please direct all queries about metrics tooling going forward to the network health team. I released and deployed updates for CollecTor to archive bridgestrap data. This is currently disabled until the bridgestrap results can be declared stable by the anti-censorship team. If you're interested in following this, see: https://gitlab.torproject.org/tpo/anti-censorship/bridgestrap/-/issues/25 I completed an update to Onionoo that reads in this data from CollecTor and will use the bridgestrap test result to override the Running flag from the bridge authority, such that bridges with their OR ports hidden do not always show as offline, instead using the reachability of their PT port. I have spent time focussed on getting hiro up to speed on working with the Metrics codebases. During August, we saw releases of metrics-lib and Onionoo, including work on the overload-* lines in server/extra-info descriptors, that should give new insights into bottlenecks in the network. Finally, I have been around in Matrix/IRC to answer Metrics questions and on occasion to provide a little end-user support in #tor. Thanks, Iain.

1 0