Hello!
We're making changes to the GitLab CI infrastructure you should know
about. TL;DR: new OSUOSL runners, tags are now lowercase, clarification
on the "tpa" tag.
First, we're adopting a few CI runners provided by the good people at
OSUOSL. Two new amd64 runners are joining the fleet and will be
executing untagged jobs across our instance. This should help relieve
the pressure on our existing runners, specifically related to delays in
job processing when large simulations would run.
In addition, we also gain three new runners running on arm64, ppc64le
and s390x architectures, again from OSUOSL.
Secondly, we've updated the tags on our existing runners in order for
both TPA and OSUOSL runners to improve consistency. In short, we've
lower-cased the former "Linux" and "TPA" tags, which are now "linux" and
"tpa". If you have CI jobs with the old uppercase tags, please make sure
to update your .gitlab-ci.yml files. Also refer to the CI documentation
for further details on the available tags:
https://gitlab.torproject.org/tpo/tpa/team/-/wikis/service/ci#runner-tags
Finally, note that the OSUOSL runners are *not* marked "tpa", because we
do not manage the underlying virtual machines. In that sense they are
slightly less "trusted" because we do not control the runner's
configuration, so if you want to limit certain jobs to those "trusted"
runners, be sure to limit your jobs to the `tpa` tag.
In general, you shouldn't really *trust* GitLab or GitLab CI for
anything else than running tests. Builds should be verified out of band
with reproducible builds. You can reproduce a local GitLab CI
environment by installing gitlab-runner and executing jobs locally,
without having to trust the entire GitLab installation or foreign
runners. As a reminder, it is your responsibility to ensure the
integrity of your code and artifacts, see those links for a further
discussion:
https://gitlab.torproject.org/tpo/tpa/gitlab/-/issues/81https://gitlab.torproject.org/tpo/tpa/team/-/wikis/howto/gitlab#git-reposit…https://gitlab.torproject.org/tpo/tpa/team/-/wikis/howto/git#security-conce…
This work was done as part of this ticket:
https://gitlab.torproject.org/tpo/tpa/team/-/issues/40780
Feedback is welcome there, but new issues should probably be reported in
a new ticket. In any case, let us know if anything seems off.
A.
PS: Note that those runners are not *yet* online, but we expect them to
become live within a few days. The above ticket will be updated when
that happens.
--
Antoine Beaupré
torproject.org system administration
Hi Everyone,
As Juneteenth is an official Tor Project holiday, we will be moving our weekly meeting back a day to
Tuesday (2022-06-21) at 1100 UTC in #tor-meeting on OFTC IRC.
best,
-Richard
Hello Tor folks,
I'm reaching out to share the following which may be of interest:
Last year, OONI wrote a research paper ("*Measuring DoT/DoH Blocking Using
OONI Probe: A Preliminary Study*") which was presented at the Network and
Distributed System Security Symposium (NDSS'21) as part of the DNS Privacy
Workshop. You can read this paper here:
https://www.ndss-symposium.org/wp-content/uploads/dnspriv21-02-paper.pdf
This study involves an *investigation of encrypted DNS (DoT & DoH) blocking
in Kazakhstan, Iran, and China* with a new OONI Probe experiment
(DNSCheck).
Today, we're publishing a blog post with a *summary of findings* (and video
presentation): https://ooni.org/post/2022-doh-dot-paper-dnsprivacy21/
You can also find a summary of findings through this Twitter thread:
https://twitter.com/OpenObservatory/status/1537764247442268161
You can help contribute measurements on encrypted DNS blocking by running
OONI Probe: https://ooni.org/install
Thanks,
Maria.
Hey everyone!
Here are our meeting logs:
http://meetbot.debian.net/tor-meeting/2022/tor-meeting.2022-06-16-15.59.html
<http://meetbot.debian.net/tor-meeting/2022/tor-meeting.2022-03-31-15.59.html>
And our meeting pad:
Anti-censorship work meeting pad
--------------------------------
Next meeting: Thursday June 23rd 16:00 UTC
Weekly meetings, every Thursday at 16:00 UTC, in #tor-meeting at OFTC
(channel is logged while meetings are in progress)
== Goal of this meeting ==
Weekly check-in about the status of anti-censorship work at Tor.
Coordinate collaboration between people/teams on anti-censorship at Tor.
== Links to Useful documents ==
* Our anti-censorship roadmap:
* Roadmap:
https://gitlab.torproject.org/groups/tpo/anti-censorship/-/boards
* The anti-censorship team's wiki page:
*
https://gitlab.torproject.org/tpo/anti-censorship/team/-/wikis/home
* Past meeting notes can be found at:
* https://lists.torproject.org/pipermail/tor-project/
* Tickets that need reviews: from sponsors we are working on:
* All needs review tickets:
https://gitlab.torproject.org/groups/tpo/anti-censorship/-/merge_requests?s…
* Sponsor 28
* must-do tickets:
https://gitlab.torproject.org/groups/tpo/-/milestones/10
* possible tickets:
https://gitlab.torproject.org/groups/tpo/-/issues?scope=all&utf8=%E2%9C%93&…
* Sponsor 96
* https://gitlab.torproject.org/groups/tpo/-/milestones/24
== Announcements ==
* Distributed Snowflake, IP Change Rate Measurement is ready for
merge src Shell
* Shell will handle the merge
* Will wait for a day when others are online to do the deployment
* Will deploy both new features at once
== Discussion ==
* What is the status of adjusting snowflake (pion) DTLS signature
to avoid blocking in Russia? (Based on offset of supported_groups
extension.)
*
https://gitlab.torproject.org/tpo/anti-censorship/censorship-analysis/-/iss…
* https://github.com/pion/dtls/pull/474
* https://ntc.party/t/webrtc/2174/21
*
https://gitlab.torproject.org/tpo/community/support/-/issues/40050
(generally)
* UDP packets matching the pattern
`^\x16\xfe[\xfd\xff].{X}\x00\x1d\x00\x17\x00\x18` are getting blocked,
where X is a small number of enumerated byte offsets, and
\x00\x1d\x00\x17\x00\x18 is the supported_groups extension. One of the
offsets happens to match where pion/dtls places the extension in its
Client Hello.
* Concise description of the current situation: snowflake
connections are blocked when either peer in the connection is Pion-based
(e.g. snowflake-client or proxy-go) and takes the role of the DTLS client.
* Put another way, the connection is ok if: the proxy is a
browser proxy (not proxy-go) and snowflake-client operates as a DTLS
server, not client
* Pull request 474 has the risk of creating a new, even more
distinctive fingerprint
* So does altering the offset of supported_groups without
changing other aspects of the fingerprint
* One idea is to make a patch or fork of pion/dtls with either
pull request 474 or some other change that alters the offset, then ask
people to test it
*
https://gitweb.torproject.org/builders/tor-browser-build.git/commit/?id=7ff…
is a past temporary fork for a fingerprinting fix
*
https://archive.org/details/snowflake-ru_snowflake_fix-20211208-ae7cc478fd34
is the resulting bundle that we asked people to test
* Shell will create a ticket for releasing a version of
Snowflake/TorBrowser with patch applied
== Actions ==
== Interesting links ==
== Reading group ==
* We will discuss "Even Censors Have a Backup: Examining China's
Double HTTPS Censorship Middleboxes" on June 23
* https://dl.acm.org/doi/10.1145/3473604.3474559
* Questions to ask and goals to have:
* What aspects of the paper are questionable?
* Are there immediate actions we can take based on this work?
* Are there long-term actions we can take based on this work?
* Is there future work that we want to call out in hopes
that others will pick it up?
== Updates ==
Name:
This week:
- What you worked on this week.
Next week:
- What you are planning to work on next week.
Help with:
- Something you need help with.
cecylia (cohosh): last updated 2022-06-16 (will miss meeting)
Last week:
- conjure station-side changes
- updated conjure test environment using cloud-init vms
This week:
- continued work on conjure PT
- continue snowflake maintenance tasks
Needs help with:
dcf: 2022-06-16
Last week:
- snowflake CDN bookkeeping
https://gitlab.torproject.org/tpo/anti-censorship/team/-/wikis/Snowflake-co…
- commented on dnstt pluggable transport client
https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/trac…
- commented on restarts for snowflake probetest
https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow…
Next week:
- look at STATUS VERSION proposal
https://gitlab.torproject.org/tpo/core/torspec/-/merge_requests/63
Help with:
meskio: 2022-06-02
Last week:
- use systemd to run bridgedb (team#72)
- update debian package for snowflake (snowflake#40143)
- don't use entropy in snowflake tests (snowflake!96)
- contact cymru about their builtin bridges, as they have
an old version of obfs4proxy
Next week:
- start working on gettor (rdsys#105)
Shelikhoo: 2022-06-16
Last Week:
- [Merge Request] Add Distributed Snowflake Server Support
(snowflake!87)
- [Merge Request] Distributed Snowflake Bridges (Javascript ver.)
(snowflake-webext!29)
- [Merge Request] Implement metrics to measure snowflake churn
(https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow…)
(snowflake!95)
- [Merge Request Awaiting] Add SOCKS5 forward proxy support to
snowflake (snowflake!64)
- [Discussion & Deployment] Migrating Controlling git repo to
Tor Gitlab Instance (shelikhoo/LogCollectorAncillary#5) <- awaiting/blocked
- [Research & Discussion] Discussion about the possibility of
adding PT support to V2Ray to serve the role of HTTPT
(https://gitlab.torproject.org/tpo/anti-censorship/team/-/issues/82)
- [Investigate] China "Anti-Fraud" Webpage Redirection
Censorship (censorship-analysis#40026): update the research based on
updated ooni result
Next Week:
- [Deployment] Snowflake Broker
- [Coding & Deployment] Proposal: Centralized Probe Result
Collector (anti-censorship/team#54)
- [Research & Coding] WebSocket + CDN Based Probe Control
Connection Forwarder (shelikhoo/LogCollectorAncillary#3)
- [Investigate] China "Anti-Fraud" Webpage Redirection
Censorship (censorship-analysis#40026): update the research based on
updated ooni result
Itchy Onion: 2022-06-16
Last week:
- ongoing debugging s28 issues 81 (snowflake crashes in
stree-testing)
- taking over part of testing snowflake
This week:
- ongoing debugging s28 issues 81, fixing a leaking file
descriptor issue
- taking over part of testing snowflake
Every 3rd Friday of the month the Tor L10n Team meets to translate together, share tricks, have fun while translating, meet fellow translators, and find out about the l10n priorities for the Tor Project.
Tomorrow on the hangout we will see how the previews for translation are built on our gitlab.
Come join us on the Localization Hangout, from Noon UTC, on the #tor-l10n channel in OFTC. (you can also use Element https://element.io/ to connect: #tor-l10n:matrix.org)
At 13 UTC we make a call on Big Blue Button
If you are not a translator yet, you still have time to become one before the hangout: https://community.torproject.org/localization/becoming-tor-translator/
What do we do in a hangout?
- Translate stuff
- Share translation tips and resources
- Complain about developers
- Talk about translation priorities
- Talk about our local contexts
- Practice bug reporting and git skills
see you there!
emmapeel
Hello, everyone!
I am excited to announce that we are hiring for a Director of Strategic Communications. Full job description here <https://www.torproject.org/about/jobs/director-strategic-comm/> and pasted below.
Isa and I will be participating in the Team CommUNITY Job Fair <https://www.digitalrights.community/blog/digital-rights-job-fair-june-22> today/tomorrow, Thursday, June 16th, from 14:20-1700 UTC (Round 1 Expo Slot). RSVPs are closed for the event, but we I a small handful of tokens (single use links) for the event. If you are or know someone interested in the Director of Strategic Comms position who wants to chat with us, please email me and I’ll forward a link.
Otherwise, please help us spread the word and tweet/share/forward anywhere you think might be helpful. :)
Thank you!
Erin Wyatt
Director of People Operations (she/her)
ewyatt(a)torproject.org <mailto:ewyatt@torproject.org>
PGP: 35E7 2A9F 6655 45F9 2CB6 6624 BA0C 9400 F80F 91CE
https://www.torproject.org <https://www.torproject.org/>
http://2gzyxa5ihm7nsggfxnu52rck2vv4rvmdlkiu3zzui5du4xyclen53wid.onion/ <http://2gzyxa5ihm7nsggfxnu52rck2vv4rvmdlkiu3zzui5du4xyclen53wid.onion/>
------------------------------------>8
# Internet Freedom Nonprofit Seeks Director of Strategic Communications
June 14, 2022
The Tor Project is seeking a Director of Strategic Communications to help us tell the world about our important work. We are the nonprofit organization behind the Tor Browser and Tor network, and our technology helps millions of people around the world to securely and freely access the Internet and circumvent censorship.
Our mission is to advance human rights and freedoms by creating and deploying free and open source anonymity and privacy technologies, supporting their unrestricted availability and use, and furthering their scientific and popular understanding.
The Director of Strategic Communications role presents a unique and exciting opportunity for a motivated content strategist, brand storyteller, writer, editor, and versatile communicator with proven experience in the field. This position will be reporting directly to the Executive Director.
You will work with a diverse team of stakeholders (Executive Director, Community Team Lead, Fundraising Director, and Graphic Designer) who will contribute to your strategic communications plan by keeping you up-to-date on all Tor fronts. Your plan will include press release distribution, blog posts, media pitches, social media campaigns, etc. You will also work closely with a diverse, international community of people who are passionate about internet freedom, who make Tor and related software products.
This position will also include some internal communications management, such as helping our Project Manager organize weekly All Hands meeting agendas, and for organizing some of the large annual online events we host, such as [PrivChat](https://www.torproject.org/privchat/) and [State of the Onion](https://blog.torproject.org/state-of-the-onion-2021/).
This is a hands-on position for a highly skilled communications professional with a fierce passion for internet freedom and privacy-enhanced technology.
This is a full-time, remote position. Salary for this position is $90,000 USD per year and there is voluntary opt-in salary transparency for employees and contractors.
## Responsibilities
### Strategy and Other Responsibilities
- Create and execute multi-channel communications strategy. Serve as project manager for all communications programs, ensuring timelines and deliverable expectations are met.
- Ensure continuity of the brand story through tone, voice, accuracy, consistency, and quality.
- Maintain our stories database: Identify and collect stories from various sources that effectively communicate Tor’s impact and its importance.
- Report on the impact and effectiveness of communications activities to leadership.
- General writing and editing responsibilities as required.
- Other duties as assigned.
### Press, Media, and Conferences Representation
- Represent The Tor Project to the press; Write press releases, handle press calls, and distribute media calls to appropriate members of The Tor Project.
- Manage the Tor Project's media contacts.
- Train staff and community members on media skills and strategy on a per need basis; coach/prep/debrief people for specific media calls.
- Maintain the press section of the torproject.org website. Collect, organize, and post the Tor Project's press clippings to the website.
- Coordinate speaking opportunities and conferences for Tor Project staff and community members.
- Maintain the Tor Project's website calendar of speaking engagements.
### The Tor Project Communication Channels
- Manage the Tor Project's social media presence. Work with stakeholders (Community Team Lead, Fundraising Director and Applications Product Manager) to develop content for the Tor’s social media efforts.
- Publish the Tor Project's monthly newsletter.
- Maintain the Tor Project's Annual Report and other information pieces distributed at conferences and talks.
- Organize online events such as Privchat and State of the Onion.
- Internal Communications: support our Project Manager in organizing and communications for weekly All Hands meetings.
## Preferred Qualifications And Skills
- Bachelor's degree (or equivalent comparable/relevant experience) in journalism, communications, marketing, public relations, or a closely related field.
- A minimum of 5 - 7 years of progressive experience in Communications, including strategic communications leadership roles.
- Demonstrated success developing and executing communications strategies and messaging across various media and channels.
- Demonstrated skill and comfort in proactively building relationships with top tier reporters and editors, and in positioning subject matter with the media to achieve high-impact placements.
- Demonstrated experience with complex and high profile social media engagement.
- Comfortable with highly technical topics and ability to explain them clearly and accurately to non-technical audiences.
- Excellent verbal, written, and editing skills in English; fluency in other languages is a plus.
- Demonstrated experience with issue management, including media crisis management, and proven success in driving more advantageous coverage of the organization, its projects, and its people.
- Strong project management skills with high attention to detail
- Strong generalist understanding of the basic mechanics of how the Internet works, as well as issues related to privacy, security, censorship, and surveillance.
- Must have an action-oriented and proactive working style
- Knowledge of and appreciation for the Tor Project’s mission and the wider Internet Freedom movement.
If you feel that you meet most of these requirements or could meet them with a little time and support, we would love to hear from you!
## How to Apply
To apply, submit a cover letter and your CV/resume *in PDF format* to job-comms at torproject dot org with "Director of Strategic Communications" in the subject line. In your cover letter, please include the reason you want to work at the Tor Project, your experience as it relates to the job description, and where you heard about this job.
## About The Tor Project
The Tor Project's workforce is smart, committed, and hard working. We currently have a paid and contract staff of around 42 developers and operational support people, plus many volunteers who contribute to our work and thousands of volunteers who run relays. The Tor Project is funded in part by government research and development grants, and in part by individual, foundation, and corporate donations.
Tor is for everyone, and we are actively working to build a team that represents people from all over the world - people from diverse ethnic, national, and cultural backgrounds; people from all walks of life. We encourage people subject to systemic bias to apply, including people of color, indigenous people, LGBTQIA+ people, women, and any other person who is part of a group that is underrepresented in tech.
The Tor Project has a strong culture of transparency and democratic processes, and long-standing community guidelines and cultural norms. Our community is committed to creating an inclusive and welcoming environment. Please read more here:
- Our Code of Conduct: https://gitweb.torproject.org/community/policies.git/tree/code_of_conduct.t…
- Our Social Contract: https://gitweb.torproject.org/community/policies.git/tree/social_contract.t…
- Our Statement of Values: https://gitweb.torproject.org/community/policies.git/tree/statement_of_valu…
The Tor Project has a competitive benefits package, including a generous PTO policy, 16 paid holidays per year (including the week between Christmas and New Year's, when the office is closed), and flexible work schedule. Insurance benefits vary by employment status and country of residence.
Notice: Due to [U.S. sanctions and embargo regulations](https://www.bis.doc.gov/index.php/documents/regulation-docs/41…, The Tor Project, Inc. is not able to hire individuals with citizenship of certain countries, including but not limited to Russia, North Korea, Cuba, Iraq, Iran, and Syria.
The Tor Project, Inc. is an equal opportunity, affirmative action employer.
Hi,
Here are our meeting logs:
http://meetbot.debian.net/tor-meeting/2022/tor-meeting.2022-06-13-13.59.log…
And our meeting notes:
Next meeting: Tuesday, Jun 21, 2022 - 1400 UTC
## Announcement
- Tor Localization Hangout this Friday
https://community.torproject.org/localization/hangouts/
## Discussion
- Next community team meeting
-> June 21, 1400 UTC meeting on Tue because of the holiday
-> June 27 - hackweek - no meeting
-> July 5th, 1400 UTC meeting on Tue because of the holiday
- (update) cdr.link migration:
- new instance till the end of this month, and includes onboarding
for more people on the team.
- good opportunity to learn how it works.
- Training in EA:
- as we aren't travelling, we launched a call for Tor trainings in
last Tor Meetup in the region.
- we received 10 proposals, approved 9 or 8
- trainings will happen in tanzania, uganda and kenya this month and
early july.
- the majority of the trainings will be in person, some remote.
- pad with all the topics that we want to discuss with the partners:
https://pad.riseup.net/p/ea-trainings-2022
## Updates
emmapeel:
Last week:
- support i18n of OnionSproutsBot - answer questions, give
suggestions, more screenshots, more instructions in context
- digest translators input in transifex
- s123 translations - keep verifying new langs
- tor browser alpha - l10n and docs
This week:
- documentation
- s123
- tor browser alpha - l10n and docs
Help with:
- let me know if you would like to review strings for your
language.
Gus:
Last week:
- Contact cdr.link and start the migration:
https://gitlab.torproject.org/tpo/community/support/-/issues/40083
- Review trainings proposals in EA:
https://gitlab.torproject.org/tpo/community/training/-/issues/50
- Organize the training material with AWJ:
https://gitlab.torproject.org/tpo/community/training/-/issues/48
- S30 Brazil plans with Tails/Sajolida
- Work on the sysadmin 101 post-training form
- team 1:1s
- Sponsor96, sponsor123 and Sponsor9 meeting
- Announced the Tor relay operator meetup:
https://forum.torproject.net/t/tor-relays-event-tor-relay-operator-meetup-j…
- Worked with rhatto on the sponsor123 landing page deployment
This week:
- Share the sysadmin 101 post-training form
- Follow up on EA trainings with nah and raya
- More S30 planning
- team 1:1s
- working on the tor meetup agenda with geko:
https://pad.riseup.net/p/tor-relay-meetup-june-2022-keep
- sponsor123 meeting
- Create a merge request for the Telegram verification:
https://gitlab.torproject.org/tpo/web/support/-/issues/304
Joydeep:
Last week:
- user support on RT, Forum, etc.
- added info about HTTPS-Only mode and Bridge-moji to the TB Manual
(alpha)
ticket: https://gitlab.torproject.org/tpo/web/manual/-/issues/119
preview: https://championquizzer.pages.torproject.net/manual/
- sync with Gus
- discussed the monthly user support report with UX team
- filed
https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/41026
This week:
- draft a forum post for TB 11.5 testing (pending blog post)
- sync with the UX team
- monthly L10n hangout on Friday
raya:
Last week:
- EA meetup and training proposal follow ups
- S123 coordination
- RightsCon panel
This week:
- S123 coordination
- EA training proposal 1:1s and follow ups
- Review and prepare for AWJ training interpretation
- Submit hackweek proposals
- Complete material on internet shutdowns mitigation with Tor
- Start drafting training guides
Help with:
- Something you need help with.
rhatto:
Last week:
- Test Bypass Censorship Dashboard:
https://gitlab.torproject.org/tpo/onion-services/onion-support/-/issues/95
(Sponsor 123)
- Deployments and fixes for Sponsor 123
This week:
- Landing Page deployment for Sponsor 123
- Maintenance for Sponsor 123 EOTK and Onionprobe instances
- Submit Hackweek proposal(s):
https://gitlab.torproject.org/tpo/onion-services/onion-support/-/issues/116
Nina:
Last week:
- User support on cdr.link and RT.
- Participating in running tests on TB availability
- 1:1 with Gus
- some help with the fonts issue in TB
This week:
- User support.
- Migration of cdr.link
- Hackweek proposal
--
The Tor Project
Community Team Lead