December 2023 - tor-project - lists.torproject.org

Are there countries where using Tor is illegal?
by Cristian Consonni 11 May '25

11 May '25

Hi, (Sorry if this question has already been asked in the past, feel free to point me to the relevant resources.) I know that the legal FAQs by the EFF state that: «we believe that running a Tor relay — including an exit relay that allows people to anonymously send and receive traffic — is legal under U.S. law.»[1] I also know there is a list of countries for which there is legislation that exclude communication service providers from liability. They are indicated in the Legal of the Tor Exit Guidelines page[2], they are USA, Germany, Netherlands, Austria, France, and Sweden. >From some articles in the press[3a][3b] it may be illegal - depending on how you interpret the wording[*] - to use Tor (and other technologies such as VPNs or proxies) in the UAE, with fines ranging in the millions of dirhams (hundreds of thousand of dollars). A couple of weeks ago it was discussed - on this list as well - that a law was introduced to the state parliament to ban Tor[4a][4b]. This follows a case of some months ago of a Russian Tor exit node operator being arrested for inciting mass riots and terrorism[4c][4d]. The idea of blocking VPNs or Tor seems to have already been considered in the past[4e]. This infographic about pluggable transports[5] suggests access to the Tor network is censored or limited in China, Uzbekistan, Iran, and Kazakhstan. Tor being censored orblocked may be different from it being illegal. What about other countries? Is there a place where I can find more about this topic? Cristian [1]: https://www.torproject.org/eff/tor-legal-faq.html.en [2]: https://trac.torproject.org/projects/tor/wiki/doc/TorExitGuidelines [3a]: http://www.emirates247.com/news/emirates/dh500-000-fine-if-you-use-fraud-ip… [3b]: http://news.softpedia.com/news/people-caught-using-vpns-tor-or-proxies-in-t… [*]: «Whoever uses a fraudulent computer network protocol address (IP address) by using a false address or a third-party address by any other means for the purpose of committing a crime or preventing its discovery» [4a]: https://lists.torproject.org/pipermail/tor-talk/2017-June/043293.html [4b]: https://trac.torproject.org/projects/tor/ticket/22055 [4c]: https://lists.torproject.org/pipermail/tor-talk/2017-April/043109.html [4d]: https://techcrunch.com/2017/04/24/dmitry-bogatov-tor-russia/ [4e]; https://torrentfreak.com/vpn-and-tor-ban-looming-on-the-horizon-for-russia-… [5]: https://www.torproject.org/images/PT/2016-07-how-to-use-PT.png

4 3

Retirement of Gitolite and GitWeb started, please migrate by end of year
by Antoine Beaupré 26 Mar '24

26 Mar '24

Hi, Gitolite (`git.torproject.org` and `git-rw.torproject.org`) and GitWeb (<https://gitweb.torproject.org>) will be fully retired within 9 to 12 months (by the end of Q2 2024). TPA will implement redirections on the web interfaces to maintain limited backwards compatibility for the old URLs. Start migrating your repositories now by following the [migration procedure][], and please complete the migration by the end of year 2023. See the full discussion in [TPA-RFC-36][]. [migration procedure]: https://gitlab.torproject.org/tpo/tpa/team/-/wikis/howto/git#how-to-migrate… [TPA-RFC-36]: https://gitlab.torproject.org/tpo/tpa/team/-/wikis/policy/tpa-rfc-36-gitoli… A. -- Antoine Beaupré torproject.org system administration

1 2

Anti-censorship team meeting notes, 2023-12-21
by meskio 21 Dec '23

21 Dec '23

Hey everyone! Here are our meeting logs: http://meetbot.debian.net/tor-meeting/2023/tor-meeting.2023-12-21-15.57.html And our meeting pad: Anti-censorship -------------------------------- Next meeting: Thursday, January 11 16:00 UTC Facilitator: shelikhoo Weekly meetings, every Thursday at 16:00 UTC, in #tor-meeting at OFTC (channel is logged while meetings are in progress) This week's Facilitator: meskio == Goal of this meeting == Weekly check-in about the status of anti-censorship work at Tor. Coordinate collaboration between people/teams on anti-censorship at the Tor Project and Tor community. == Links to Useful documents == * Our anti-censorship roadmap: * Roadmap:https://gitlab.torproject.org/groups/tpo/anti-censorship/-/boards * The anti-censorship team's wiki page: * https://gitlab.torproject.org/tpo/anti-censorship/team/-/wikis/home * Past meeting notes can be found at: * https://lists.torproject.org/pipermail/tor-project/ * Tickets that need reviews: from sponsors, we are working on: * All needs review tickets: * https://gitlab.torproject.org/groups/tpo/anti-censorship/-/merge_requests?s… * Sponsor 96 <-- meskio, shell, onyinyang, cohosh * https://gitlab.torproject.org/groups/tpo/-/milestones/24 * Sponsor 150 <-- meskio working on it * https://gitlab.torproject.org/groups/tpo/anti-censorship/-/issues/?label_na… == Announcements == * No meetings December 28, neither January 4 == Discussion == * Tor Browser users on Windows 7/8 have started having problems with PTs because Go 1.21 removed support * tor-browser-build now uses Go 1.20 for everything except Snowflake: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/commit/2… * we'll try to fix the issue by providing our own random source and see how invasive si the change * manifest v2 deprecation in browsers and snowflake webextension * https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… * https://developer.chrome.com/blog/resuming-the-transition-to-mv3/ * google chrome will stop supporting mv2 June 2024 * will the snowflake webextension stop working? do we want to do something? or just recommend firefox? * cohosh will look into this next year and see how hacky needs to be the solution * validation for bridgelines * https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/41913#n… * there is no fingerprint in the conjure bridgeline we shared, and we have some doubts if giving an error on bridgelines without fingerprint in TB or not * we'll include a fingerprint in future conjure bridgelines * and we'll not give an error for now on missing fingerprint bridgelines == Actions == == Interesting links == == Reading group == * We will discuss "" on * * Questions to ask and goals to have: * What aspects of the paper are questionable? * Are there immediate actions we can take based on this work? * Are there long-term actions we can take based on this work? * Is there future work that we want to call out in hopes that others will pick it up? == Updates == Name: This week: - What you worked on this week. Next week: - What you are planning to work on next week. Help with: - Something you need help with. cecylia (cohosh): 2023-12-21 Last week: - debugged some issues with the lox distributor deployment - https://gitlab.torproject.org/tpo/tpa/team/-/issues/41406 - lox tor browser integration work - removed extra log message for snowflake connection closure - https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… - worked on finding alternative domain fronting providers This week: - conjure bridge maintenance - review SQS rendezvous Needs help with: dcf: 2023-12-14 Last week: - opened issue to upgrade snowflake bridges to 0.4.8.10 https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… - azure CDN bookkeeping https://gitlab.torproject.org/tpo/anti-censorship/team/-/wikis/Snowflake-co… Next week: - upgrade snowflake bridges to 0.4.8.10 https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… - review draft MR for unreliable data channels https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… - open issue to have snowflake-client log whenever KCPInErrors is nonzero https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… - parent: https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… - open issue to disable /debug endpoint on snowflake broker Before EOY 2023: - move snowflake-02 to new VM Help with: meskio: 2023-12-21 Last week: - grant writing Next week: Shelikhoo: 2023-12-21 Last Week: - Work on snowflake performance improvement (WIP): https://gitlab.torproject.org/shelikhoo/snowflake/-/tree/dev-udp-performanc… https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… - Analysis of S150 HTTPS distributors design: https://gitlab.torproject.org/tpo/anti-censorship/rdsys/-/issues/191 - Merge request reviews Next Week/TODO: onyinyang: 2023-12-21 Last week(s): - Worked on Telegram bot: https://gitlab.torproject.org/tpo/anti-censorship/rdsys/-/merge_requests/223 - Added several additional Lox wasm stubs needed by applications team This week: - Finish up Telegram bot dev - Continue to support Lox wasm stubs as needed - attempt hyper upgrade again - Holiday! (long term things were discussed at the meeting!): https://pad.riseup.net/p/tor-ac-community-azaleas-room-keep - brainstorming grouping strategies for Lox buckets (of bridges) and gathering context on how types of bridges are distributed/use in practice Question: What makes a bridge usable for a given user, and how can we encode that to best ensure we're getting the most appropriate resources to people? 1. Are there some obvious grouping strategies that we can already consider? e.g., by PT, by bandwidth (lower bandwidth bridges sacrificed to open-invitation buckets?), by locale (to be matched with a requesting user's geoip or something?) 2. Does it make sense to group 3 bridges/bucket, so trusted users have access to 3 bridges (and untrusted users have access to 1)? More? Less? -- meskio | https://meskio.net/ -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- My contact info: https://meskio.net/crypto.txt -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Nos vamos a Croatan.

1 0

The Tor Project Community Policies new website!
by gus 15 Dec '23

15 Dec '23

Hello Tor Community, I'm happy to announce that the Tor Project Community Policies have a new website! You can visit our Policies website here: <https://community.torproject.org/policies>. The website hosts the Tor Project Community governance policies, including our Code of Conduct, Social Contract, Relay Operators docs, and other important documents. The website was generated using Onion MkDocs[1] and was part of our project at Tor Hackweek[2]. We've also updated all links directing to the old repository (gitweb.tpo) to the new website. If you find any issue or have suggestions for improvements, please feel invited to open a ticket in the Community/Policies repository: <https://gitlab.torproject.org/tpo/community/policies>. A special thanks to Rhatto and Lavamind for their support and assistance with the deployment. I'm very happy to have a more accessible and user friendly page for the Tor Community. Best regards, Gus [1] Onion MkDocs: https://gitlab.torproject.org/tpo/web/onion-mkdocs [2] Tor Hackweek: https://gitlab.torproject.org/tpo/community/hackweek/-/issues/13 -- The Tor Project Community Team Lead

3 3

Anti-censorship team meeting notes, 2023-12-14
by onyinyang 14 Dec '23

14 Dec '23

Hey everyone! Here are our meeting logs: http://meetbot.debian.net/tor-meeting/2023/tor-meeting.2023-12-14-15.59.html And our meeting pad: Anti-censorship -------------------------------- Next meeting: Thursday, Dec 21 16:00 UTC Facilitator: meskio Weekly meetings, every Thursday at 16:00 UTC, in #tor-meeting at OFTC (channel is logged while meetings are in progress) This week's Facilitator: onyinyang == Goal of this meeting == Weekly check-in about the status of anti-censorship work at Tor. Coordinate collaboration between people/teams on anti-censorship at the Tor Project and Tor community. == Links to Useful documents == Our anti-censorship roadmap: Roadmap:https://gitlab.torproject.org/groups/tpo/anti-censorship/-/boards The anti-censorship team's wiki page: https://gitlab.torproject.org/tpo/anti-censorship/team/-/wikis/home Past meeting notes can be found at: https://lists.torproject.org/pipermail/tor-project/ Tickets that need reviews: from sponsors, we are working on: All needs review tickets: https://gitlab.torproject.org/groups/tpo/anti-censorship/-/merge_requests?s… Sponsor 96 <-- meskio, shell, onyinyang, cohosh https://gitlab.torproject.org/groups/tpo/-/milestones/24 Sponsor 150 <-- meskio working on it https://gitlab.torproject.org/groups/tpo/anti-censorship/-/issues/?label_na… == Announcements == == Discussion == Snowflake UDP-like transport ready for a draft review: https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… since the prior draft, disabled KCP stream mode, and disabled data channel retransmission (the earlier draft had only turned off "ordered" mode, but had not also turned off "reliable" mode): https://lists.torproject.org/pipermail/anti-censorship-team/2023-March/0002… will wait for cohosh to be around: manifest v3 deprecation in browsers and snowflake webextension https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… https://developer.chrome.com/blog/resuming-the-transition-to-mv3/ google chrome will stop supporting mv2 June 2024 will the snowflake webextension stop working? do we want to do something? or just recommend firefox? == Actions == == Interesting links == https://opencollective.com/censorship-circumvention/projects/snowflake-dail… https://ooni.org/post/2023-interview-with-ihueze-nwobilor/ https://explorer.ooni.org/findings https://ooni.org/post/2023-launch-ooni-censorship-findings-platform/ == Reading group == We will discuss "NetShuffle: Circumventing Censorship with Shuffle Proxies at the Edge" on December 14 https://www.cs-pk.com/papers/3/ Questions to ask and goals to have: What aspects of the paper are questionable? Are there immediate actions we can take based on this work? Are there long-term actions we can take based on this work? Is there future work that we want to call out in hopes that others will pick it up? == Updates == Name: This week: - What you worked on this week. Next week: - What you are planning to work on next week. Help with: - Something you need help with. cecylia (cohosh): 2023-11-09 Last week: - conjure bridge maintenance - caught a bug in safelog library - https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… - caught problem with domain front in conjure - https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/conj… This week: - lox tor browser UX integration - lox distributor testing - look into alternative domain fronting providers Needs help with: dcf: 2023-12-14 Last week: - opened issue to upgrade snowflake bridges to 0.4.8.10 https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… - azure CDN bookkeeping https://gitlab.torproject.org/tpo/anti-censorship/team/-/wikis/Snowflake-co… Next week: - upgrade snowflake bridges to 0.4.8.10 https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… - review draft MR for unreliable data channels https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… - open issue to have snowflake-client log whenever KCPInErrors is nonzero https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… - parent: https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… - open issue to disable /debug endpoint on snowflake broker Before EOY 2023: - move snowflake-02 to new VM Help with: meskio: 2023-12-14 Last week: - grant writing - prepare settings anti-listing logic to be reused by HTTP distributor (rdsys#181) - setup rdsys staging server (rdsys#170) Next week: - investigate missing bridges in the assignments (rdsys#190) Shelikhoo: 2023-12-14 Last Week: - Work on snowflake performance improvement (WIP): https://gitlab.torproject.org/shelikhoo/snowflake/-/tree/dev-speedwithudp?r… https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… - Merge request reviews Next Week/TODO: - Write Tor Spec for Armored URL (continue) - Work on snowflake performance improvement (WIP): https://gitlab.torproject.org/shelikhoo/snowflake/-/tree/dev-speedwithudp?r… - Check any blockers for s150 rdsys HTTPS distributor - Merge request reviews onyinyang: 2023-12-14 Last week(s): - continued and nearly finished Telegram bot dev - Splintercon This week: - Finish up Telegram bot dev - Add Lox wasm stubs needed by applications team - Start of Tor browser integration - attempt hyper upgrade again (long term things were discussed at the meeting!): https://pad.riseup.net/p/tor-ac-community-azaleas-room-keep - brainstorming grouping strategies for Lox buckets (of bridges) and gathering context on how types of bridges are distributed/use in practice Question: What makes a bridge usable for a given user, and how can we encode that to best ensure we're getting the most appropriate resources to people? 1. Are there some obvious grouping strategies that we can already consider? e.g., by PT, by bandwidth (lower bandwidth bridges sacrificed to open-invitation buckets?), by locale (to be matched with a requesting user's geoip or something?) 2. Does it make sense to group 3 bridges/bucket, so trusted users have access to 3 bridges (and untrusted users have access to 1)? More? Less? -- --- onyinyang GPG Fingerprint 3CC3 F8CC E9D0 A92F A108 38EF 156A 6435 430C 2036

1 0

Tails report for November 2023
by bokonon 13 Dec '23

13 Dec '23

Hello :) * Tails report for November 2023 <https://tails.net/news/report_2023_11/>* Highlights * We had asked Radically Open Security <https://www.radicallyopensecurity.com/> to audit Tails. The results of the audit <https://tails.net/news/audit_by_ROS/index.en.html> reinforced Tails credentials as a "solid" operating system for preserving anonymity. We were super proactive with addressing the reported vulnerabilities, fixing them all within 3 weeks of being reported. This is a reminder that as good as Tails is, it needs to be updated regularly! * We undertook a bunch of home improvement projects for our new address <https://tails.net/news/new_domain/index.en.html>. Highlights: o the language switcher on the website is more prominent, and also in the website footer, o warning buttons display warnings better - in a new colour, and with wrapped text, o our redesigned security page <https://tails.net/security/index.en.html> better showcases the history of our security advisories. * We have a new sponsor: igaming.com <https://www.igaming.com/> joined our mission! Our donors also received the quarterly newsletter with early insights into upcoming Tails features. You, too, could subscribe while making your next donation <https://tails.net/donate/index.en.html>. Help make our ongoing fundraiser <https://tails.net/news/gift_of_privacy/index.en.html> a success! Releases November featured 2 new versions of Tails: 5.19.1 and 5.20. 5.19.1 <https://tails.net/news/version_5.19.1/index.en.html> was an emergency release. We updated the Tor client to bring the fix to the TROVE-2023-006 vulnerability <https://gitlab.torproject.org/tpo/core/team/-/wikis/NetworkTeam/TROVE> to Tails users. And in 5.20 <https://tails.net/news/version_5.20/index.en.html>, we: * brought the usual, latest updates to Tor Browser and Thunderbird, * fixed a security vulnerability in uBlock Origin to protect Tails users from advanced browser fingerprinting techniques, and * continued making Persistent Storage more usable, and made it even easier to report issues when it doesn't work through improvements to WhisperBack. Metrics Tails was started more than 825,741 times this month. That's a daily average of over 27,520 boots

1 0

OONI Monthly Report: November 2023
by Maria Xynou 12 Dec '23

12 Dec '23

Hello, This email shares OONI's monthly report for November 2023. *# OONI Monthly Report: November 2023* Throughout November 2023, the OONI team worked on the following sprints: * Sprint 103 (1st - 5th November 2023) * Sprint 104 (6th - 19th November 2023) * Sprint 105 (20th - 30th November 2023) Our work can be tracked through the various OONI GitHub repositories: https://github.com/ooni Highlights are shared in this report below. *## Launched the OONI Censorship Findings platform* We are excited to share that we launched a new Censorship Findings platform! Along with the launch, we published: * 20 reports on censorship events that emerged in 2023: https://explorer.ooni.org/findings * Blog post sharing information about the Censorship Findings platform: https://ooni.org/post/2023-launch-ooni-censorship-findings-platform/ The Censorship Findings platform was also featured as a “Tool of the Week” in Top10VPN’s newsletter: https://top10vpn.substack.com/p/friday-digest-4-fb-messenger-whatsapp The Censorship Findings platform includes 20 reports on internet censorship events that emerged around the world in 2023 based on OONI data. These short reports include key censorship findings and charts based on OONI data. We describe the criteria that inform which cases we report on in our blog post: https://ooni.org/post/2023-launch-ooni-censorship-findings-platform/#limita… Our goal is to support research and advocacy efforts aimed at monitoring and responding to internet censorship around the world. In response to emergent censorship events, we will continue to publish reports on the Censorship Findings platform on an ongoing basis. We thank the global OONI community for contributing measurements, making the creation of this platform possible. *## OONI Team Meeting 2023* Our team is distributed in various countries (and continents) and throughout the year, we work remotely online. Once a year, we come together for an in-person OONI Team Meeting to discuss projects, strategic priorities, and to refine our roadmaps. Between 8th-10th November 2023, we hosted our annual OONI Team Meeting in Nairobi, Kenya. We chose Nairobi as a location for our team meeting based on our script which automatically provides locations that are visa-friendly, safe, and cost-effective to help ensure in person attendance from all of our team members. We took this measure because last year, half of our team was not able to travel to Rome for our 2022 Team Meeting due to visa issues (and we therefore had to host a hybrid event). This year, hosting the meeting in Kenya meant that all of our team members were able to join in person! And this meeting provided us the opportunity to meet some of our colleagues in person for the first time! In addition to our team, the meeting also included an OTF research fellow who we will be hosting over the next year. As part of the 3-day OONI Team Meeting 2023, we facilitated the following 15 sessions: 1) OONI Strategy: Now and in the Future 2) Automating censorship detection and characterization, and creating a Social Media Censorship Alert System: Discussion of current status and next steps 3) Community engagement and new community roadmap 4) Supporting richer testing input: Discussion of current status and next steps 5) Presenting thematic censorship findings on OONI Explorer: Discussion of current status and next steps 6) Measuring the blocking of VPNs and evolving circumvention games 7) Evolution of OONI measurement representations: Moving towards a flexible architecture and data model for research and presentation 8) Methods for measuring throttling: Discussion of current status and next steps 9) OONI Run v2: Discussion of current status and next steps towards launch 10) Team Health Check 11) Psychological safety and supportive group norms 12) Roadmap session (Part 1) 13) Roadmap session (Part 2) 14) OONI funds and finances for 2024 15) OONI fundraising priorities As an outcome, we have significantly improved roadmaps, and we made important progress on many of our high-priority projects and activities. We also had an opportunity to discuss strategic priorities for the future, as well as approaches for improving our team’s health and organization’s long-term resilience. On 11th November 2023 (after the 3-day team meeting), we hosted a “team bonding day”, providing our team some extra time for in person bonding – which is important given that we work remotely throughout the year. *## Published blog post about IMC 2023 internet measurement hackathon* In collaboration with ISOC, M-Lab, Censored Planet, and IODA, OONI co-hosted an internet measurement hackathon alongside the Internet Measurement Conference (IMC) 2023. In November 2023, we published a blog post sharing the great projects that came out of the hackathon: https://ooni.org/post/imc-hackathon-results-2023/ The hackathon participants worked on using OONI data to investigate IPv6 connectivity, data triangulation to infer censorship or shutdown events, and on correlating alarms across multiple datasets. We were very impressed with the results produced by the participants! During the hackathon, OONI's Arturo created "The Sound of Internet Shutdowns": a sonification project which transforms some of the features of the IODA dataset into synthesized sounds: https://shutdown-sound.vercel.app/ Here is an example of how an internet shutdown in Iraq based on IODA data sounds like: https://www.youtube.com/watch?v=Z1TFc1AyqI4 The "Sound of Internet Shutdowns" project was featured as a “Tool of the Week” in Top10VPN’s newsletter: https://top10vpn.substack.com/p/friday-digest-3-vpn-vulnerabilities We thank all the participants and co-organizers for making the hackathon a great event! *## OONI Probe Mobile* In November 2023, we released OONI Probe Mobile 3.8.5 for both Android ( https://github.com/ooni/probe-android/releases/tag/v3.8.5) and iOS ( https://github.com/ooni/probe-ios/releases/tag/v3.8.5) which included some minor improvements and maintenance work. *## OONI Run* As part of our work on creating the next generation version of OONI Run (“OONI Run v2”), we continued to iterate on the user interface designs for the web and mobile applications. Most notably, we updated the run button from the dashboard to display the new flow for selecting tests ( https://github.com/ooni/probe-android/pull/632) and we updated the preferences to reflect the new designs ( https://github.com/ooni/probe-android/pull/633) We also started working on our test plans to prepare for internal testing and QA next year. Moreover, we added OONI Run link ID support ( https://github.com/ooni/backend/pull/768) and backend support for searching measurements from a specific OONI Run v2 link ( https://github.com/ooni/backend/issues/701) to the fastpath pipeline. *## OONI Probe CLI* We released OONI Probe CLI versions 3.19.1 and 3.19.2 to address data quality issues caused by changes in the endpoints used by the Signal application. You can read the changelogs at the following links: * https://github.com/ooni/probe-cli/releases/tag/v3.19.1 * https://github.com/ooni/probe-cli/releases/tag/v3.19.2 We also continued working on improving our throttling methodology by merging work into the master branch (see the throttling section) and starting to prepare for the OONI Probe CLI 3.20 release. Our community has asked us to add support for Go 1.21, but unfortunately it seems we will not be able to do that for OONI Probe 3.20. We will nonetheless try our best to support Go 1.21 before Go 1.20 goes EOL in February 2024. You can read more about this topic here: https://github.com/ooni/probe/issues/2548 *## Expanding OONI’s testing model to support richer testing input* As part of our OONI Team Meeting 2023 in Nairobi, we facilitated a session on “supporting richer testing input”, as part of which we discussed the current status and next steps. As part of this, we documented the next milestones and improved upon our relevant roadmap. We illustrate the updated plan in the following GitHub issue: https://github.com/ooni/ooni.org/issues/1291 In summary, we aim to incrementally add richer testing input to the data structure returned by the check-in API for the experiments that would benefit the most from obtaining richer input. Based on our current plan, the OONI experiments that would benefit most from richer testing input include: * DNS Check: Richer testing input would allow us to serve information about HTTP/3 and start testing DNS-over-HTTP3. * Signal: Richer testing input would enable us to serve the custom CA and to measure the endpoints from the backend, thus eliminating the need to make emergency releases (such as with OONI Probe CLI 3.19.1 and 3.19.2) to handle endpoint changes. *STUN Reachability: Richer testing input will allow us to serve the STUN endpoints used by the snowflake client and to keep updating them without making new releases. * Tor Snowflake: Richer testing input will allow us to modify some parameters used by snowflake to bootstrap and to reduce the number of cases where we need to issue new bug-fixing releases. * RiseupVPN: Richer testing input will allow us to eliminate the functional coupling in the experiment implementation between checking for Riseup’s API reachability and obtaining the endpoints to measure, thus making the experiment more robust and adaptable. * (Potentially) urlgetter: Richer testing input will allow us to run custom measurements when there is an emerging censorship condition for which we don’t already have an experiment. These changes will modify the OONI Probe client and, for some experiments, we will take advantage of the new ooni/data processing pipeline ( https://github.com/ooni/data) *## Creating a methodology for measuring throttling* We already implemented better support for measuring throttling in Web Connectivity v0.5, which is currently not enabled for most OONI Probe apps users. To enable this experiment for everyone, we first need to make sure that it is fully compatible with the current stable version (v0.4). That is, if a website was previously marked as blocked in a specific way by v0.4, we would like v0.5 to say the same. We would also like v0.5 to provide a more nuanced view of the blocking that is happening, but we definitely don’t want to introduce data quality issues. During November 2023, we made significant progress to make this happen. Specifically, we ran A/B testing between Web Connectivity v0.5 and v0.4 using our Gvisor-based QA suite. As part of this work, we wrestled with the difficulty of mapping the results produced by v0.5 to the ones produced by v0.4. The underpinning issue is that v0.5 results answer the question of “all the ways in which the tested website is blocked.” Conversely, v0.4 analysis code aims to answer the question of “the first way in which the website is blocked.” To reconcile these differences, we needed to significantly enrich our in-probe data processing capabilities. To this end, we authored a new Go package named “minipipeline.” We implemented this package to mirror the data analysis architecture implemented in the new ooni/data processing pipeline ( https://github.com/ooni/data) The general idea is that an OONI measurement (i.e., the piece of JSON OONI Probe sends to the backend and you can inspect in Explorer) goes through the following set of standard transformations: 1) We process the fundamental results inside the measurement (e.g., the results of DNS lookups, TCP connects, TLS handshakes) to produce flat “observations.” Each observation is a statement about measurements performed by OONI Probe with a single possible failure. In other words, each DNS lookup produces an observation, and each attempt at measuring an endpoint (e.g., “8.8.8.8:443” with SNI equal to “dns.google”) is also an observation. We also link DNS and endpoints observations together, take note of the redirect depth (i.e., is this the first request or the N-th redirect?), and distinguish between observations that aim to fetch a webpage and observations that just enrich the measurement. 2) We analyze the observations to produce a synthetic representation called “analysis,” which contains metrics such as (a) which DNS lookups failed where we expected them to succeed based on the control measurement and (b) the linear list of operations performed to fetch the final webpage, sorted by descending redirect depth, type, and result. In turn, Web Connectivity v0.5 uses the “analysis” results to produce its top-level keys (e.g., the blocking and accessible fields also produced by Web Connectivity v0.4). Thanks to this more comprehensive and more accurate measurement analysis process, and by filtering observations to only include into the analysis those observations that would also be produced by v0.4, we’re now able to obtain the same documented top-level test keys in v0.4 and v0.5 for all the test cases defined in our GVisor-based QA suite. This result is a significant milestone for us, because it means we can start running A/B testing in production using existing probes once the new code has been shipped. The aim of this further A/B testing stage would be to collect real world data that is useful to compare v0.4 and v0.5, possibly leading to additional bug fixes and new QA test cases. Additionally, from the engineering perspective, using a similar data processing architecture between OONI Probe and the ooni/data pipeline enables running A/B testing between the two tools in the future, and potentially opens up the possibility of sharing code between them. *## OONI Explorer* As part of our OONI Team Meeting 2023 in Nairobi, we facilitated a session on “presenting thematic censorship findings on OONI Explorer”. As part of this session, we discussed the challenges associated with grouping OONI measurements by resource and presenting thematic censorship findings (while eliminating the risk of false positives) in an automated way. We also discussed and determined the next steps towards implementing this area of work over the next months. In November 2023, we also launched the new Censorship Findings ( https://explorer.ooni.org/findings) page on OONI Explorer (as discussed previously in this report). *## Creating a Social Media Censorship Alert System* As part of our OONI Team Meeting 2023 in Nairobi, we facilitated a session on “creating a Social Media Censorship Alert System”. As part of this, our colleagues presented the current status of the alert system, and we discussed related challenges and next steps. *## Automating censorship detection and characterization based on OONI measurements* In November 2023, we made significant progress in the area of automating the detection and characterization of internet censorship. Specifically, we came up with a new metric for representing the outcomes related to blocking happening, called the Likelihood of Network Interference (LoNI). This metric represents the likelihood that access to a given resource is being restricted via a particular method within the specified network region over some period of time. The LoNI metric is implemented through a new data model called Experiment Results. The analysis code of ooni/data (https://github.com/ooni/data) has been significantly refactored to generate Experiment Results through an intermediate data model called Analysis. The basic idea is to take the Analysis keys that are generated by comparing an individual observation with ground truth data. Through a very large set of rules we are able to assign individual blocking, down and ok rules based on how confident we are in that particular signal being a sign for censorship. We then take all the scores pertaining to a particular observation group relevant to a measurement and generate a MeasurementExperimentResult which should be backward compatible with our existing data model. In terms of performance, some cursory benchmarks were run on the dataset from 2023-09-01 to 2023-11-01 and it was processing data at a rate of ~7k observations per second, scaling on 34 cores. As part of our work (https://github.com/ooni/data/pull/44) we: * Implemented the Experiment Result generation based on the analysis tables; * Implemented minimal UI for MeasurementExperimentResult; * Added support for generating MeasurementExperimentResult as part of mkanalysis cli command; * Added more tests for all of the above. Moreover, we implemented a basic web interface for exploring these Experiment results (https://github.com/ooni/data/pull/43) We started working on creating a fastapi based HTTP API to expose this data to other OONI services, such as OONI Explorer (https://github.com/ooni/data/pull/45) We also wrote a minimal PoC that makes use of the backward compatible aggregation API that is using the new LoNI based experiment results ( https://github.com/ooni/explorer/pull/892) *## Preparing OONI backend documentation* In November 2023, we started working towards writing OONI backend documentation that describes the architecture of the main components of OONI infrastructure. Specifically, we focused on improving the documentation of our backend architecture, data flows, and deployment workflows. You can see a work in progress of the documentation here: https://github.com/ooni/backend-documentation/blob/main/backend_documentati… *## Published OONI Outreach Kit in French and Spanish* The OONI Outreach Kit is now available in both French and Spanish (in addition to Russian and English)! * French OONI Outreach Kit: https://ooni.org/fr/support/ooni-outreach-kit/ * Spanish OONI Outreach Kit: https://ooni.org/es/support/ooni-outreach-kit/ We thank our partner, Computech Institute ( https://ooni.org/partners/computech/) for the French translation, and we thank OONI community members, Mariengracia Chirinos and Katherine Pennachio, for the Spanish translation. We hope that the French and Spanish versions of the OONI Outreach Kit will help support OONI community engagement efforts! *## Published OONI Risks documentation in Burmese* The OONI Risks documentation is now available in Burmese: https://ooni.org/my/about/risks We thank the community members who translated this documentation to Burmese. We generally consider it important to have this documentation translated in as many languages as possible (particularly in languages spoken in high-risk countries), as it communicates the potential risks associated with running OONI Probe. The OONI Risks documentation (https://ooni.org/about/risks/) is also available in Arabic, Farsi, French, Russian, Spanish, and Swahili. *## Creating OONI Community Interview videos* In previous months, we interviewed community members so that they can share their work and their experience with using OONI tools and data. The goal of these interviews is to share how community members around the world make use of OONI tools and data as part of their work. As an outcome, we hope that such interviews will encourage others to use OONI tools too, and that our community members will receive more support for their important work. Throughout November 2023, we collaborated with a videographer on editing footage for OONI community interviews. Specifically, we worked on multiple rounds of video edits and iterations towards producing final short videos (based on lengthy footage). *## Rapid response efforts### Kenya blocked Telegram during KCSE 2023 exams* On 16th November 2023, we were notified by our community that access to Telegram was intermittently blocked in Kenya. We analyzed OONI data and rapidly responded on Twitter, where we shared OONI data findings and charts: https://twitter.com/OpenObservatory/status/1725202738370290053 We were surprised by this block, as this was the first time that we observed the blocking of a popular instant messaging app in Kenya. Overall, OONI data shows intermittent signs of Telegram blocking on several networks in Kenya between 8th to 24th November 2023. The timings of the blocks correlate with the timings of the KCSE 2023 exams. However, it’s worth noting that the block did not appear to be implemented on all networks, as OONI data shows that Telegram was accessible on many other networks in Kenya in November 2023. Out of all tested networks, Jambonet appears to have implemented the heaviest restrictions, as Telegram appears to have been consistently blocked since 8th November 2023. Interestingly, OONI data only shows signs of Telegram blocking until 24th November 2023, which was the last day of the KCSE 2023 exams. We also reported on this case on the OONI Censorship Findings platform: https://explorer.ooni.org/findings/228466228201 *### Guinea blocked WhatsApp, Telegram, Facebook, Twitter, Instagram, and YouTube* As of 24th November 2023, OONI data suggests that some ISPs in Guinea started blocking access to WhatsApp, Telegram, Facebook, Twitter, Instagram, and YouTube. OONI data shows that the blocks appear to be implemented by means of TLS interference. On 27th November 2023, we responded to this block by sharing relevant OONI data findings and charts on Twitter: https://twitter.com/OpenObservatory/status/1729105525437346052 We also reported on this case on the OONI Censorship Findings platform: https://explorer.ooni.org/findings/296303006301 Recent OONI data suggests that these blocks remain ongoing. *### Nepal blocked TikTok* In late November 2023, we were notified by our community that access to TikTok was blocked in Nepal. We immediately responded by making a public call for OONI Probe testing (sharing relevant testing instructions) on Twitter: https://twitter.com/OpenObservatory/status/1729499672694161890 We subsequently published a report on the OONI Censorship Findings platform, documenting the blocking of TikTok in Nepal based on OONI data: https://explorer.ooni.org/findings/112092297601 OONI data only shows signs of TikTok blocking in Nepal between 24th to 29th November 2023. *## Community use of OONI data### Access Now’s press statement on the blocking of Telegram in Kenya* In response to the blocking of Telegram in Kenya, Access Now published a press statement which cites OONI data: https://www.accessnow.org/press-release/telegram-kenya-connected-national-e… *## Community activities### OONI training for human rights defenders in the DRC* Between 15th-17th November 2023, OONI’s Maria and Arturo facilitated an online OONI training for human rights defenders and journalists in the Democratic Republic of Congo (DRC). This training was organized by Partenariat pour la Protection Integree (PPI) and the Integrated Refugee Organization (IRO), and it included 2 OONI training programmes for 2 groups of human rights defenders and journalists from the DRC. We were initially intending to travel to Kinshasa to facilitate a week-long training in person, but we unfortunately were unable to due to visa issues. As a result, we adapted the training programme accordingly and facilitated it entirely online. As part of this online training, we facilitated the following OONI sessions (twice each for 2 groups): * Introduction to OONI * Using OONI Probe and OONI Run: Hands-on workshop * Updating the DRC test list: Hands-on workshop * Using OONI Explorer: Hands-on workshop As part of these sessions, we provided relevant online presentations, followed by Q&A and hands-on exercises. Due to connectivity issues, we also created videos for each of the above sessions to enable the participants to watch the presentations without internet connectivity. To create the videos, we wrote 4 scripts (one for each session) and we automatically converted the scripts to French, which were read as part of the videos. That way, participants were able to watch the video presentations in French. We also followed up with the participants and organizers to share the training surveys and relevant resources for further learning. *### OONI presentation at RIPE 87* On 28th November 2023, OONI’s Arturo presented the Measurement Aggregation Toolkit (MAT) as part of a presentation (“Measuring Internet Censorship with OONI”) at RIPE 87 in Rome, Italy. Information about the event is available here: https://ripe87.ripe.net/programme/meeting-plan/mat-wg/ *### OONI Community Meeting* On 28th November 2023, we hosted the monthly OONI Community Meeting on our Slack channel (https://slack.ooni.org/) during which we shared OONI updates from the past month, and we discussed our thoughts for improving future OONI community meetings. As part of this discussion, we asked participants to share their thoughts and feedback on how we can improve the structure and format of future OONI community meetings to help make them as useful as possible to the community. *## Measurement coverage* In November 2023, 48,336,322 OONI Probe measurements were collected from 3,134 networks in 174 countries around the world. This information can also be found through our measurement stats on OONI Explorer (see chart on “monthly coverage worldwide”): https://explorer.ooni.org/ ~ OONI team.

1 0

minutes from the sysadmin meeting
by Antoine Beaupré 11 Dec '23

11 Dec '23

Hi, [[_TOC_]] # Roll call: who's there and emergencies anarcat, kez, lavamind # Roadmap review Everything postponed, to focus on fixing alerts and preparing for the holidays. A discussion of the deluge and a list of postponed issues has been documented in [issue 41411][]. [issue 41411]: https://gitlab.torproject.org/tpo/tpa/team/-/issues/41411 # Holidays We've looked at the coming holidays and allocated schedules for rotation, documented in the "TPA" Nextcloud calendar. A handoff should occur on December 30th. # Next meeting Planned for January 15th, when we'll hopefully be able to schedule a roadmap for the coming 2024 year. Anarcat has ordered 2024 to be better than 2023 or else. # Metrics of the month * hosts in Puppet: 88, LDAP: 88, Prometheus exporters: 165 * number of Apache servers monitored: 35, hits per second: 602 * number of self-hosted nameservers: 6, mail servers: 10 * pending upgrades: 0, reboots: 36 * average load: 0.56, memory available: 3.40 TiB/4.80 TiB, running processes: 420 * disk free/total: 68.51 TiB/131.80 TiB * bytes sent: 366.92 MB/s, received: 242.77 MB/s * planned bookworm upgrades completion date: 2024-08-03 * [GitLab tickets][]: 206 tickets including... * open: 0 * icebox: 159 * backlog: 21 * next: 11 * doing: 5 * needs review: 4 * (closed: 3383) [Gitlab tickets]: https://gitlab.torproject.org/tpo/tpa/team/-/boards Upgrade prediction graph lives at https://gitlab.torproject.org/tpo/tpa/team/-/wikis/howto/upgrades/bookworm/ Now also available as the main Grafana dashboard. Head to <https://grafana.torproject.org/>, change the time period to 30 days, and wait a while for results to render. -- Antoine Beaupré torproject.org system administration

1 0

Anti-censorship team meeting notes, 2023-12-07
by Shelikhoo 07 Dec '23

07 Dec '23

Hey everyone! Here are our meeting logs: http://meetbot.debian.net/tor-meeting/2023/tor-meeting.2023-12-07-15.57.html And our meeting pad: Anti-censorship work meeting pad -------------------------------- Anti-censorship -------------------------------- Next meeting: Thursday, Dec 14 16:00 UTC Facilitator: cohosh Weekly meetings, every Thursday at 16:00 UTC, in #tor-meeting at OFTC (channel is logged while meetings are in progress) This week's Facilitator: shelikhoo == Goal of this meeting == Weekly check-in about the status of anti-censorship work at Tor. Coordinate collaboration between people/teams on anti-censorship at the Tor Project and Tor community. == Links to Useful documents == * Our anti-censorship roadmap: * Roadmap:https://gitlab.torproject.org/groups/tpo/anti-censorship/-/boards * The anti-censorship team's wiki page: * https://gitlab.torproject.org/tpo/anti-censorship/team/-/wikis/home * Past meeting notes can be found at: * https://lists.torproject.org/pipermail/tor-project/ * Tickets that need reviews: from sponsors, we are working on: * All needs review tickets: * https://gitlab.torproject.org/groups/tpo/anti-censorship/-/merge_requests?s… * Sponsor 96 <-- meskio, shell, onyinyang, cohosh * https://gitlab.torproject.org/groups/tpo/-/milestones/24 * Sponsor 150 <-- meskio working on it * https://gitlab.torproject.org/groups/tpo/anti-censorship/-/issues/?label_na… == Announcements == == Discussion == will wait for cohosh to be around: * manifest v3 deprecation in browsers and snowflake webextension * https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… * https://developer.chrome.com/blog/resuming-the-transition-to-mv3/ * google chrome will stop supporting mv2 June 2024 * will the snowflake webextension stop working? do we want to do something? or just recommend firefox? == Actions == == Interesting links == * == Reading group == * We will discuss "NetShuffle: Circumventing Censorship with Shuffle Proxies at the Edge" on December 14 * https://www.cs-pk.com/papers/3/ * Questions to ask and goals to have: * What aspects of the paper are questionable? * Are there immediate actions we can take based on this work? * Are there long-term actions we can take based on this work? * Is there future work that we want to call out in hopes that others will pick it up? == Updates == Name: This week: - What you worked on this week. Next week: - What you are planning to work on next week. Help with: - Something you need help with. cecylia (cohosh): 2023-11-09 Last week: - conjure bridge maintenance - caught a bug in safelog library - https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… - caught problem with domain front in conjure - https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/conj… This week: - lox tor browser UX integration - lox distributor testing - look into alternative domain fronting providers Needs help with: dcf: 2023-11-30 Last week: - did some review of SQS rendezvous merge request https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… - answered a question about AMP cache rendezvous in China https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… Next week: - open issue to have snowflake-client log whenever KCPInErrors is nonzero https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… - parent: https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… - open issue to disable /debug endpoint on snowflake broker Before EOY 2023: - move snowflake-02 to new VM Help with: meskio: 2023-12-07 Last week: - prepare and give a talk in the Open Source Security Summit - grant writing - investigate gettor telegram not distributing android apks, was a bug on the TB release - break down rdsys staging server and fill up the disk with logs Next week: - prepare settings anti-listing logic to be reused by HTTP distributor (rdsys#181) - setup rdsys staging server (rdsys#170) Shelikhoo: 2023-12-07 Last Week: - Work on snowflake performance improvement (WIP): https://gitlab.torproject.org/shelikhoo/snowflake/-/tree/dev-speedwithudp?r… Now udp-like transport is slightly faster than tcp-like ready for a review of its draft - Merge request reviews Next Week/TODO: - Write Tor Spec for Armored URL (continue) - Work on snowflake performance improvement (WIP): https://gitlab.torproject.org/shelikhoo/snowflake/-/tree/dev-speedwithudp?r… - Merge request reviews onyinyang: 2023-11-30 Last week(s): - Finished up remaining docs tasks for crates.io publishing -published all relevant Lox crates to crates.io - SOTO anti-censorship team presentation preparation - looked into Telegram bot - attempted hyper upgrade, many breaking changes so this will take some work This week: - continue Telegram bot dev - attempt hyper upgrade again - Splintercon (long term things were discussed at the meeting!): https://pad.riseup.net/p/tor-ac-community-azaleas-room-keep - brainstorming grouping strategies for Lox buckets (of bridges) and gathering context on how types of bridges are distributed/use in practice Question: What makes a bridge usable for a given user, and how can we encode that to best ensure we're getting the most appropriate resources to people? 1. Are there some obvious grouping strategies that we can already consider? e.g., by PT, by bandwidth (lower bandwidth bridges sacrificed to open-invitation buckets?), by locale (to be matched with a requesting user's geoip or something?) 2. Does it make sense to group 3 bridges/bucket, so trusted users have access to 3 bridges (and untrusted users have access to 1)? More? Less?

1 0

ebanam's monthly status report and user support report for November 2023
by ebanam 06 Dec '23

06 Dec '23

Hello everyone! During the hackweek, I worked on reviewing and updating documentation as part of the project to clean up and improve entries on our Support Portal[0]. For Tor Browser, I worked on user support post-release(s) and handled a couple of bug reports of Tor Browser not working with Windows 7[1], issues with 'New Identity' in Tor Browser[2] and Tor circuit not shown when the bridge line doesn't contain the fingerprint[3], respectively. I worked with users in regions where Tor is censored, assisting with using pluggable transports, investigating Tor logs and collecting some general user feedback and handled some more tickets in light of our ongoing year-end campaign; questions including but not limited to downloading and installing Tor Browser, about letterboxing in Tor Browser, contributing and volunteering and reports of websites blocking Tor traffic. Following is a thorough breakdown of tickets our user support team handled in November: # Frontdesk (email support channel) * 630(↓) RT tickets created * 710(↓) RT tickets resolved Tickets by numbers: 1. 285(↑) RT tickets: private bridge requests from Chinese speaking users. 2. 189(↑) RT tickets: circumventing censorship in Russian speaking countries. 3. 6(↓) RT tickets: circumventing censorship with Tor in Farsi. 4. 5 RT tickets: reports of websites blocking Tor traffic. 5. 4 RT tickets: reports of apps on iOS App Store masquerading as Tor Browser. 6. 2 RT tickets: questions on how to download and install Tor Browser. 7. 2(↓) RT tickets: Tor Browser 13 does not work with Windows 7[1] 8. 2 RT tickets: Issue with 'New Identity' on Tor browser[2] 9. 2 RT tickets: The circuit display is not shown when the bridge line doesn't contain the node fingerprint[3] Highlighting some other topics we received a single RT ticket for: 10. Help setting up onion service 11. What does 'onionize' in the search bar on about:tor mean? 12. Question about volunteering and contributing 13. Question about letterboxing in Tor Browser[4] 14. Help with using bridges with little-t-tor. 15. Tor Browser crashes when extensions popups are opened with Wayland enabled[5] 16. Instructions to refresh Tor Browser signing key[6] 17. Can I access video conferencing platforms over Tor Browser? # Telegram, WhatsApp and Signal Support channel * 559(↓) tickets resolved Breakdown: * 532(↓) tickets on Telegram * 19(↓) tickets on WhatsApp * 8(↓) tickets on Signal Tickets by numbers: 1. 327(↓) tickets: circumventing censorship in Russian speaking countries. 2. 47(↑) tickets: private bridge requests from Chinese speaking users. 3. 42(↑) tickets: circumventing censorship with Tor in Farsi. 4. 3(↑) tickets: "Proxy Server Refused Connection" bug not related to the bootstrapping or using it as a default browser on Tor Browser Android[7] 5. 3 tickets: Queries about the correct Tor app to download for iOS (Onion Browser + Orbot) 6. 2 tickets: Queries about onionsites not available (these particular onion sites are offline) Highlighting some other topics we received a single ticket for: 7. Help with setting up onion service. 8. Help with GetTor bot on Telegram. 9. Question about some images not visible on Tor Browser (because of HTML5 canvas fingerprinting is blocked in Tor Browser) 10. Question about Letterboxing in Tor Browser 11. Help with setting up Tor Project's Debian package repository on Debian-based linux[8] # Highlights from the Tor Forum 1. "(Tor Browser) V13.0.1 Locked Settings and Startup Homepage"[9] 2. Explain what "onionize" in the new Tor Browser homepage does[10] 3. Static Firefox theme and can it affect browser fingerprint?[11] Thanks! e. Note: (↑), (↓) and (-) are indicating if the number of tickets we received for these topics have been increasing, decreasing or have been the same from the previous month respectively. [0]: https://gitlab.torproject.org/tpo/community/hackweek/-/issues/17 [1]: https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/42179 [2]: https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/42244 [3]: https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/42180 [4]: https://support.torproject.org/tbb/maximized-torbrowser-window/ [5]: https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/42306 [6]: https://support.torproject.org/tbb/how-to-verify-signature/ [7]: https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/41289 [8]: https://support.torproject.org/apt/tor-deb-repo/ [9]: https://forum.torproject.org/t/v13-0-1-locked-settings-and-startup-homepage… [10]: https://forum.torproject.org/t/onionize-site-explanation/10352 [11]: https://forum.torproject.org/t/static-theme-browser-fingerprints-question/1…

1 0