I'm investigating the applicability of the IETF's DDoS Open Threat
Signaling (DOTS) specifications[1] to the needs of privacy-preserving
overlay networks, including VPNs but with particular interest in Tor.
Specifically, now that the July 2022 D/DoS attack has finally come to a
close, I'm wondering about:
1. the history, frequency, and magnitude of D/DoS attacks against the
Tor network;
2. when these have taken the form of Tor traffic versus lower-level
attacks on Tor nodes and HSDirs; and
3. how the new "proof of work over introduction circuits" scheme fits
into Tor's overall strategy for mitigating D/DoS attacks.
I've found plenty of current and historical GitLab tickets---but I'm
wondering if there are more comprehensive documents or other resources
I'm not aware of.
--- cfm[2].
[1]: https://datatracker.ietf.org/wg/dots/documents/
[2]: I'm a maintainer of the SecureDrop project at the Freedom of the
Press Foundation, but this work is supported by ARTICLE 19's
Internet of Rights Fellowship.
Hey everyone!
Here are our meeting logs:
http://meetbot.debian.net/tor-meeting/2023/tor-meeting.2023-06-22-15.57.html
And our meeting pad:
Anti-censorship
--------------------------------
Next meeting: Thursday, July 6 16:00 UTC
Facilitator: meskio
Weekly meetings, every Thursday at 16:00 UTC, in #tor-meeting at OFTC
(channel is logged while meetings are in progress)
This week's Facilitator: Shelikhoo
== Goal of this meeting ==
Weekly check-in about the status of anti-censorship work at Tor.
Coordinate collaboration between people/teams on anti-censorship at the Tor Project and Tor community.
== Links to Useful documents ==
* Our anti-censorship roadmap:
* Roadmap: https://gitlab.torproject.org/groups/tpo/anti-censorship/-/boards
* The anti-censorship team's wiki page:
* https://gitlab.torproject.org/tpo/anti-censorship/team/-/wikis/home
* Past meeting notes can be found at:
* https://lists.torproject.org/pipermail/tor-project/
* Tickets that need reviews: from sponsors, we are working on:
* All needs review tickets:
* https://gitlab.torproject.org/groups/tpo/anti-censorship/-/merge_requests?s…
* Sponsor 96 <-- meskio, shell, onyinyang, cohosh
* https://gitlab.torproject.org/groups/tpo/-/milestones/24
* Sponsor 139 <-- hackerncoder, irl, joydeep, meskio, emmapeel working on it
* https://pad.riseup.net/p/sponsor139-meeting-pad
== Announcements ==
* rdsys is ignoring the running flag now :)
* To hide your bridge's ORPort:
ORPort 127.0.0.1:auto
AssumeReachable 1
* No meeting July 13 or 20
== Discussion ==
* do we want to activate renovate bot in snowflake?
* conjure and rdsys have being using it for a while
* https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow…
* meskio will enable it
* do we want to use the triage bot to warn on stalled issues?
* https://gitlab.torproject.org/tpo/tpa/triage-ops/-/blob/main/common/02-stal…
* so issues are reminded if they get stalled for too long
* meskio will enable it for snowflake and rdsys to try it out
* Conjure call for testers: are we done here? can we wrap up? (--gus)
https://forum.torproject.org/t/call-for-testers-help-the-tor-project-to-tes…
* we can close the call for testers after 28 days
* there was a lot of good feedback
* now we need to work on reliability and testing it from vantage points
* should we cancel this meeting during PETS??
* let's cancel July 13 and 20 meetings
* WebTunnel soft release update
* https://gitlab.torproject.org/tpo/community/team/-/issues/94
* https://lists.torproject.org/pipermail/tor-relays/2023-June/021224.html
* the user support eam will start asking folks to test webtunnel
== Actions ==
*
== Interesting links ==
*
== Reading group ==
* We will discuss "" on
*
* Questions to ask and goals to have:
* What aspects of the paper are questionable?
* Are there immediate actions we can take based on this work?
* Are there long-term actions we can take based on this work?
* Is there future work that we want to call out in hopes that others will pick it up?
== Updates ==
Name:
This week:
- What you worked on this week.
Next week:
- What you are planning to work on next week.
Help with:
- Something you need help with.
cecylia (cohosh): last updated 2023-06-29
Last weeks:
- fixed certificate error in Snowflake and Conjure
- https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow…
- https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/conj…
- released snowflake v2.6.0
- https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow…
- bumped version of Snowflake in Tor Browser
- https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/issues/4…
- fixed a crash in Conjure on Android
- https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/conj…
- code lint improvements in lox
- https://gitlab.torproject.org/tpo/anti-censorship/lox-rs/-/merge_requests/12
- started deployment of lox distributor
- https://gitlab.torproject.org/tpo/anti-censorship/lox-rs/-/issues/19
- found and fixed a bug in the parsing of resource diffs from rdsys
- https://gitlab.torproject.org/tpo/anti-censorship/lox-rs/-/issues/22
This week:
- tidy up and share shadow simulations guide for PTs
- Lox tor browser integration
- conjure maintenance
Needs help with:
dcf: 2023-06-29
Last week:
- tried an encapsulation.ReadData performance improvement https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow…
Next week:
- open issue to have snowflake-client log whenever KCPInErrors is nonzero https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow…
- parent: https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow…
- open issue to disable /debug endpoint on snowflake broker
Help with:
meskio: 2023-06-29
Last week:
- Distribute webtunnel bridges in the HTTPS distributor without enabling IPv6 flag (bridgedb!56)
- review what projects are missing license (team#110)
- update rdsys grafana dashboard
- update rdsys alerts in prometheus (tpa/prometheus-alerts!32)
- release and deploy a new version of rdsys
- make rdsys take into account the bandwidth ratio (rdsys!135)
- triage down why gettor is not updating to TB 12.5 to a bug on TB release (rdsys#166)
- update wiki links to gitlab.tpo instead of .onion (rdsys#127)
- add a generic metric with resources by their testing status to rdsys (rdsys!134)
- ignore the running flag in rdsys (rdsys!134)
- build snowflake 2.6.0 docker image
Next week:
- test i18n support in rdsys (rdsys#11)
- finish the migration to git.tpo (team#86)
Shelikhoo: 2023-06-29
Last Week:
- [Merge Request Awaiting] Add SOCKS5 forward proxy support to snowflake (snowflake!64) (stalled)
- [Research] HTTPT Planning https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/http…
- Presentation "Call for webtunnel bridges" @ Relay Operator Meetup
- Email "(Announcement) WebTunnel, a new pluggable transport for bridges,
now available for deployment" to relay operator mailing list. Thanks ggus!
- logcollector alert system - ongoing
Next Week/TODO:
- logcollector alert system <- immediate todo
- [Research] WebTunnel planning (Continue)
- Try to find a place to host another vantage point
- Snowflake Performance Analysis
onyinyang: 2023-06-29
Last week:
- Finished changing vectors to maps
- Started looking into db for Lox structures
- Started working on Lox presentation for PETS
This week:
- fix up indexing of hashmaps for Lox bridgetable
- Working on Lox presentation for PETS (to include some details about Tor integration)
- Decide between databases to back the Lox structures (poloDB, redb, surrealdb seem like reasonable candidates)
If time:
- work on syncing Lox with rdsys given https://gitlab.torproject.org/tpo/anti-censorship/rdsys/-/issues/168
- start thinking about metrics to add
(long term things were discussed at the meeting!):
https://pad.riseup.net/p/tor-ac-community-azaleas-room-keep
- brainstorming grouping strategies for Lox buckets (of bridges) and gathering context on how types of bridges are distributed/use in practice
Question: What makes a bridge usable for a given user, and how can we encode that to best ensure we're getting the most appropriate resources to people?
1. Are there some obvious grouping strategies that we can already consider?
e.g., by pt, by bandwidth (lower bandwidth bridges sacrificed to open-invitation buckets?), by locale (to be matched with a requesting user's geoip or something?)
2. Does it make sense to group 3 bridges/bucket, so trusted users have access to 3 bridges (and untrusted users have access to 1)? More? Less?
Itchy Onion: 2023-06-08
Last week:
- fixed snowflake pipeline due to outdated Debian image
- continue working on rdsys#56 implementation. Still need to do the following:
- finish up computing bridge distribution in Kraken
- does it have to be deterministic?
- does the disproportion have to be strictly followed
- finish writing tests
- refactor code because some functions are getting extremely long
- what to do with stencil package?
This week:
- review MRs
- continue working on rdsys#56 implementation. Still need to do the following:
- fixed a problem with vanilla bridges not being added properly to the database
- still working on tests
- adding a migaration patch (https://gitlab.torproject.org/tpo/anti-censorship/rdsys/-/issues/56#note_29…)
hackerncoder: 2023-04-20
last week:
- (py-)ooni-exporter torsf (snowflake)
- (py-)ooni-exporter web_connectivity
Next week:
- work on "bridgetester"?
- how does Iran block bridges?
--
meskio | https://meskio.net/
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
My contact info: https://meskio.net/crypto.txt
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
Nos vamos a Croatan.
Hey everyone!
Here are our meeting logs:
http://meetbot.debian.net/tor-meeting/2023/tor-meeting.2023-06-22-15.57.html
And our meeting pad:
Anti-censorship work meeting pad
--------------------------------
------------------------------------------------------------------------------------
THIS IS A
PUBLIC PAD
------------------------------------------------------------------------------------
Anti-censorship
--------------------------------
Next meeting: Thursday, June 29 16:00 UTC
Facilitator: meskio
Weekly meetings, every Thursday at 16:00 UTC, in #tor-meeting at OFTC
(channel is logged while meetings are in progress)
This week's Facilitator: Shelikhoo
== Goal of this meeting ==
Weekly check-in about the status of anti-censorship work at Tor.
Coordinate collaboration between people/teams on anti-censorship at the
Tor Project and Tor community.
== Links to Useful documents ==
* Our anti-censorship roadmap:
* Roadmap:
https://gitlab.torproject.org/groups/tpo/anti-censorship/-/boards
* The anti-censorship team's wiki page:
*
https://gitlab.torproject.org/tpo/anti-censorship/team/-/wikis/home
* Past meeting notes can be found at:
* https://lists.torproject.org/pipermail/tor-project/
* Tickets that need reviews: from sponsors, we are working on:
* All needs review tickets:
*
https://gitlab.torproject.org/groups/tpo/anti-censorship/-/merge_requests?s…
* Sponsor 96 <-- meskio, shell, onyinyang, cohosh
* https://gitlab.torproject.org/groups/tpo/-/milestones/24
* Sponsor 139 <-- hackerncoder, irl, joydeep, meskio, emmapeel
working on it
* https://pad.riseup.net/p/sponsor139-meeting-pad
== Announcements ==
== Discussion ==
Last week: (June 15th)
* Documents for bridge operators about how to run a webtunnel
bridge (Updated Jun 15)
*
https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/webt…
* we'll encourage bridge operators to run webtunnel bridges in
the next Relay operators meetup (June 24th)
* we'll have the documentation of how to run a webtunnel bridge
in the README for now and move it in the future to the community portal
* shell will prepare a presentation for the relay operators meeting
* Conjure user feedback:
https://forum.torproject.net/t/call-for-testers-help-the-tor-project-to-tes…
* Need help:
https://forum.torproject.net/t/call-for-testers-help-the-tor-project-to-tes…
This week: (June 22nd)
* support non-public ORPort bridges by ignoring the running flag in
rdsys
*
https://gitlab.torproject.org/tpo/anti-censorship/rdsys/-/merge_requests/134
*
https://gitlab.torproject.org/tpo/anti-censorship/rdsys/-/issues/154
== Actions ==
*
== Interesting links ==
*
== Reading group ==
* We will discuss "" on
*
* Questions to ask and goals to have:
* What aspects of the paper are questionable?
* Are there immediate actions we can take based on this work?
* Are there long-term actions we can take based on this work?
* Is there future work that we want to call out in hopes
that others will pick it up?
== Updates ==
Name:
This week:
- What you worked on this week.
Next week:
- What you are planning to work on next week.
Help with:
- Something you need help with.
cecylia (cohosh): last updated 2023-06-15
Last week:
- mostly finished reproducible builds of lox client and js bindings
-
https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/merge_re…
- debugged and wrote a patch for the cert error on older versions
of android
-
https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow…
- more work on shadow simulations for snowflake
This week:
- tidy up and share shadow simulations guide for PTs
- Lox tor browser integration
- conjure maintenance
Needs help with:
dcf: 2023-06-22
Last week:
- snowflake CDN bookkeeping
https://gitlab.torproject.org/tpo/anti-censorship/team/-/wikis/Snowflake-co…
- merged the IP_BIND_PORT_NO_ADDRESS patch in snowflake-server
https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow…,
thanks itchyonion
- talked about AV blocking some snowflake proxy connections,
apparently triggered by the client_ip parameter
https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow…
Next week:
- open issue to have snowflake-client log whenever KCPInErrors
is nonzero
https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow…
- parent:
https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow…
- open issue to disable /debug endpoint on snowflake broker
Help with:
meskio: 2023-06-22
Last week:
- work on i18n support in rdsys (rdsys#11)
- remove salmon code from rdsys (rdsys!132)
- ignore running flag in bridges (rdsys!134)
- test a bridge without ORPort reachable and AssumeReachable
and see it appearing in the bridge descriptors (rdsis#154)
- update S3 existence file only if needed so archive torrent
doesn't change (rdsys!133)
Next week:
- test i18n support in rdsys (rdsys#11)
- clean up my issue queue
Shelikhoo: 2023-06-22
Last Week:
- [Merge Request Awaiting] Add SOCKS5 forward proxy support to
snowflake (snowflake!64) (stalled)
- [Research] HTTPT Planning
https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/http…
- webtunnel document for proxy operator(Done!)
- Presentation "Call for webtunnel bridges" @ Relay Operator Meetup
Next Week/TODO:
- logcollector alert system <- immediate todo
- [Research] WebTunnel planning (Continue)
- Try to find a place to host another vantage point
- Snowflake Performance Analysis
onyinyang: 2023-06-22
Last week:
- First changing the vectors in the bridge_table to maps with
lookup by bridge fingerprint
This week:
- Continuing with changing the vectors to maps and looking into
a more reasonable way of storing Lox library data structures:
- https://gitlab.torproject.org/onyinyang/lox/-/issues/2
- https://gitlab.torproject.org/onyinyang/lox/-/issues/3
- Working on Lox presentation for PETS (to include some details
about Tor integration)
If time:
- start thinking about metrics to add
(long term things were discussed at the meeting!):
https://pad.riseup.net/p/tor-ac-community-azaleas-room-keep
- brainstorming grouping strategies for Lox buckets (of
bridges) and gathering context on how types of bridges are
distributed/use in practice
Question: What makes a bridge usable for a given user, and
how can we encode that to best ensure we're getting the most appropriate
resources to people?
1. Are there some obvious grouping strategies that we
can already consider?
e.g., by pt, by bandwidth (lower bandwidth bridges
sacrificed to open-invitation buckets?), by locale (to be matched with a
requesting user's geoip or something?)
2. Does it make sense to group 3 bridges/bucket, so
trusted users have access to 3 bridges (and untrusted users have access
to 1)? More? Less?
Itchy Onion: 2023-06-08
Last week:
- fixed snowflake pipeline due to outdated Debian image
- continue working on rdsys#56 implementation. Still need to do the
following:
- finish up computing bridge distribution in Kraken
- does it have to be deterministic?
- does the disproportion have to be strictly followed
- finish writing tests
- refactor code because some functions are getting extremely long
- what to do with stencil package?
This week:
- review MRs
- continue working on rdsys#56 implementation. Still need to do the
following:
- fixed a problem with vanilla bridges not being added properly
to the database
- still working on tests
- adding a migaration patch
(https://gitlab.torproject.org/tpo/anti-censorship/rdsys/-/issues/56#note_29…)
hackerncoder: 2023-04-20
last week:
- (py-)ooni-exporter torsf (snowflake)
- (py-)ooni-exporter web_connectivity
Next week:
- work on "bridgetester"?
- how does Iran block bridges?
Hello everyone,
I hope you are doing well. My name's Rishad Baniya, a GSoC'23 selected
mentee for the project "eRPC (An efficient Relay Partition Checker)", which
aims to be a flexible application that checks for relay partitioning. It
aims to be very configurable relay partition checker in things such as
selecting the relays, controlling the application during runtime, pausing
the scanner on demand and resuming it on demand .etc
I should've sent this email the day I started working on the project i.e 3
weeks ago, but I totally got distracted from this part, i'm really sorry
for that. Currently, I'm writing this email to introduce myself and the
project that I'm working on.
Project Repo : https://gitlab.torproject.org/rishadbaniya/erpc
I've attached a brief report trying to explain how the project structure is
and how it's going on currently.
It would be great to hear your views on how a partition checking tool
should behave, how scanning should be done and what kind of configurable
options it should provide.
With Regards,
Rishad Baniya
Hey everyone!
Here are our meeting logs:
http://meetbot.debian.net/tor-meeting/2023/tor-meeting.2023-06-15-15.58.html
And our meeting pad:
Anti-censorship work meeting pad
--------------------------------
------------------------------------------------------------------------------------
THIS IS A
PUBLIC PAD
------------------------------------------------------------------------------------
Anti-censorship
--------------------------------
Next meeting: Thursday, June 15 16:00 UTC
Weekly meetings, every Thursday at 16:00 UTC, in #tor-meeting at OFTC
(channel is logged while meetings are in progress)
== Goal of this meeting ==
Weekly check-in about the status of anti-censorship work at Tor.
Coordinate collaboration between people/teams on anti-censorship at the
Tor Project and Tor community.
== Links to Useful documents ==
* Our anti-censorship roadmap:
* Roadmap:
https://gitlab.torproject.org/groups/tpo/anti-censorship/-/boards
* The anti-censorship team's wiki page:
*
https://gitlab.torproject.org/tpo/anti-censorship/team/-/wikis/home
* Past meeting notes can be found at:
* https://lists.torproject.org/pipermail/tor-project/
* Tickets that need reviews: from sponsors, we are working on:
* All needs review tickets:
*
https://gitlab.torproject.org/groups/tpo/anti-censorship/-/merge_requests?s…
* Sponsor 96 <-- meskio, shell, onyinyang, cohosh
* https://gitlab.torproject.org/groups/tpo/-/milestones/24
* Sponsor 139 <-- hackerncoder, irl, joydeep, meskio, emmapeel
working on it
* https://pad.riseup.net/p/sponsor139-meeting-pad
== Announcements ==
== Discussion ==
* Documents for bridge operators about how to run a webtunnel
bridge (Updated Jun 15)
*
https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/webt…
* we'll encourage bridge operators to run webtunnel bridges in
the next Relay operators meetup (June 24th)
* we'll have the documentation of how to run a webtunnel bridge
in the README for now and move it in the future to the community portal
* shell will prepare a presentation for the relay operators meeting
* Conjure user feedback:
https://forum.torproject.net/t/call-for-testers-help-the-tor-project-to-tes…
* Need help:
https://forum.torproject.net/t/call-for-testers-help-the-tor-project-to-tes…
== Actions ==
*
== Interesting links ==
*
== Reading group ==
* We will discuss "" on
*
* Questions to ask and goals to have:
* What aspects of the paper are questionable?
* Are there immediate actions we can take based on this work?
* Are there long-term actions we can take based on this work?
* Is there future work that we want to call out in hopes
that others will pick it up?
== Updates ==
Name:
This week:
- What you worked on this week.
Next week:
- What you are planning to work on next week.
Help with:
- Something you need help with.
cecylia (cohosh): last updated 2023-06-15
Last week:
- mostly finished reproducible builds of lox client and js bindings
-
https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/merge_re…
- debugged and wrote a patch for the cert error on older versions
of android
-
https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow…
- more work on shadow simulations for snowflake
This week:
- tidy up and share shadow simulations guide for PTs
- Lox tor browser integration
- conjure maintenance
Needs help with:
dcf: 2023-06-08
Last week:
- snowflake CDN bookkeeping
https://gitlab.torproject.org/tpo/anti-censorship/team/-/wikis/Snowflake-co…
- commented on the snowflake tests with and without padding in
China (which did not show signs of high packet loss this time)
https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow…
Next week:
- open issue to have snowflake-client log whenever KCPInErrors
is nonzero
https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow…
- parent:
https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow…
- open issue to disable /debug endpoint on snowflake broker
Help with:
meskio: 2023-06-15
Last week:
- work on i18n support in rdsys (rdsys#11)
- review webtunnel docker MRs (webtunnel!10 webtunnel!11)
- review adding last passed metadata to resources in rdsys
(rdsys!131)
- review LE pinning in snowflake (snowflake!151)
Next week:
- add i18n support in rdsys (rdsys#11)
Shelikhoo: 2023-06-15
Last Week:
- [Merge Request Awaiting] Add SOCKS5 forward proxy support to
snowflake (snowflake!64) (stalled)
- [Research] HTTPT Planning
https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/http…
- Research about designing an armored bridge line sharing URL
format (https://gitlab.torproject.org/tpo/anti-censorship/team/-/issues/126)
- Webtunnel Document for bridge operators(container setup)
(https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/webt…)
Next Week/TODO:
- webtunnel document for proxy operator <- finish it
- logcollector alert system <- immediate todo
- [Research] WebTunnel planning (Continue)
- Try to find a place to host another vantage point
- Snowflake Performance Analysis
onyinyang: 2023-06-15
Last week:
- finished lox-distributor tests
- reorganized more things within lox-rs (i.e., moving helper
files etc. into lox_utils, adding documentation, pipelines, etc.)
- tweaked the `gone` resources from rdsys, so that the
lox-distributor can handle them appropriately
This week:
- Looking into a more reasonable way of storing Lox library
data structures:
- https://gitlab.torproject.org/onyinyang/lox/-/issues/2
- https://gitlab.torproject.org/onyinyang/lox/-/issues/3
- First changing the vectors in the bridge_table to maps
with lookup by bridge fingerprint.
(long term things were discussed at the meeting!):
https://pad.riseup.net/p/tor-ac-community-azaleas-room-keep
- brainstorming grouping strategies for Lox buckets (of
bridges) and gathering context on how types of bridges are
distributed/use in practice.
Question: What makes a bridge useable for a given user, and
how can we encode that to best ensure we're getting the most appropriate
resources to people?
1. Are there some obvious grouping strategies that we
can already consider?
e.g., by pt, by bandwidth (lower bandwidth bridges
sacrificed to open-invitation buckets?), by locale (to be matched with a
requesting user's geoip or something?)
2. Does it make sense to group 3 bridges/bucket, so
trusted users have access to 3 bridges (and untrusted users have access
to 1)? More? Less?
Itchy Onion: 2023-06-08
Last week:
- fixed snowflake pipeline due to outdated Debian image
- continue working on rdsys#56 implementation. Still need to do the
following:
- finish up computing bridge distribution in Kraken
- does it have to be deterministic?
- does the disproportion have to be strictly followed
- finish writing tests
- refactor code because some functions are getting extremely long
- what to do with stencil package?
This week:
- review MRs
- continue working on rdsys#56 implementation. Still need to do the
following:
- fixed a problem with vanilla bridges not being added properly
to the database
- still working on tests
- adding a migaration patch
(https://gitlab.torproject.org/tpo/anti-censorship/rdsys/-/issues/56#note_29…)
hackerncoder: 2023-04-20
last week:
- (py-)ooni-exporter torsf (snowflake)
- (py-)ooni-exporter web_connectivity
Next week:
- work on "bridgetester"?
- how does Iran block bridges?
--
---
onyinyang
GPG Fingerprint 3CC3 F8CC E9D0 A92F A108 38EF 156A 6435 430C 2036
Dear Tor Core Contributors,
While discussing how to improve the Tor network health, some
contributors have raised their concerns regarding the clarity of who is
considered to be part of "The Tor Project" and should adhere to its
policies. This ambiguity can be interpreted in various ways, such as
excluding Directory Authorities or referring solely to Tor Project, Inc. (TPI).
It is crucial to clarify that when using the term "The Tor Project" in
such statements[1], it encompasses the entire organization, including the
community, network, contributors, operators, TPI, TPI board of
directors, directory authorities, and volunteers.
In order to address this confusion and ensure inclusivity, I'm proposing
to include this description in our Code of Conduct document[2]:
"The Tor Community consists of a diverse group of contributors,
including the Tor Directory Authorities, network operators, trainers,
translators, researchers, employees, contractors, and others valued
participants. This policy is applicable to all members, contributors,
volunteers, contractors (regardless of their employment status with The
Tor Project, Inc.), as well as individuals and entities involved in the
Tor Community and its network."
You can suggest improvements to the proposal here:
https://gitlab.torproject.org/tpo/community/policies/-/issues/7
Next steps
----------
This is a proposal to amend the Tor Project CoC, so I'm following our
voting process[3]. And here are the next steps:
* Your proposal will enter a 'discussion phase' for at least a week.
During this time the proposal can be refined based on feedback and
alternate proposals put forward.
* To move forward with a vote the proposal must receive at least two
other sponsors. In addition, any alternate proposal with at least
three supporters will also be included in the vote.
Gus
[1] https://gitlab.torproject.org/tpo/community/policies/-/blob/master/code_of_…
[2] https://gitlab.torproject.org/tpo/community/policies/-/blob/master/code_of_…
[3] https://gitlab.torproject.org/tpo/community/policies/-/blob/master/voting.t…
--
The Tor Project
Community Team Lead
Hello Everyone,
Next Monday is Juneteenth[1] and an official Tor holiday, so we will move our
regularly scheduled applications meeting to the following Tuesday (2023-06-20)
at 1500 UTC in #tor-meeting on OFTC IRC. See you all then!
best,
-richard
[1] https://en.wikipedia.org/wiki/Juneteenth
Hi everyone,
On June 20, we'll migrate the Discourse forum at
https://www.torproject.net to Tor Project server infrastructure.
If you have an account with two-factor authentication enabled using a
hardware key, such as a Yubikey, please ensure you've got backup codes
on hand. Once the forum is migrated to the new domain, you'll need one
to login-in and reset two-factor auth.
We also posted this announcement on the blog at
https://blog.torproject.org/tor-project-forum-migration
Thanks,
-- Jérôme
Hello everyone!
Here are my updates from the month of May. Like past few months, most of
my work has been concentrated on helping users from regions where Tor is
censored. I resolved 384 tickets across our user support channels on
email, Telegram, WhatsApp and Signal.
Following is a thorough breakdown of tickets our user support team
handled in May:
Timeframe: 01 - 31 May 2023
# Frontdesk (email)
* 490 RT tickets created
* 495 RT tickets resolved
Most frequent tickets by numbers:
1. 143(↓) RT tickets: private bridge requests from China.
2. 65(↓) RT tickets: circumventing censorship in Russian speaking countries.
3. 7(↑) RT tickets: circumventing censorship with Tor in Iran.
4. 3(-) RT tickets: Tor Browser doesn't run with Mandatory ASLR on Windows (the issue
is fixed with the 12.0.5 Tor Browser release and the users just had to
update their browser)[0]
# Telegram, WhatsApp and Signal Support channel
* 661 tickets resolved
Breakdown:
* 627 tickets on Telegram
* 27 tickets on WhatsApp
* 7 tickets on Signal
The most frequent tickets on cdr.link have been about:
1. 373(↑) tickets: Circumventing censorship in Russian speaking
countries.
2. 43(↓) tickets: Circumventing censorship in Iran.
3. 22(↓) tickets: Circumventing censorship in China.
4. 3(-) tickets: Windows installer for Tor Browser from our website is outdated
(We are in the process of updating our build signing infrastructure, and unfortunately
are unable to ship code-signed latest installers for Windows systems currently.
Automatic build-to-build upgrades from 12.0.4 and 12.0.5 should continue
to work as expected)[1]
# Tor Forum
1. "Threat secured in snowflake firefox add-on"[2]
2. Some users in China reported that Snowflake wasn't working for them [3]
3. "How to enable Firefox Account Sync?"[4]
4. "How can I get an onion domain email address?"[5]
5. "Why does Tor network not use certificates issued by CAs?"[6]
Thanks!
e.
Note: (↑), (↓) and (-) are indicative if the number of tickets we
received for these topics have been increasing, decreasing or have been
the same from the previous month respectively
[0]: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/issues/4…
[1]: https://blog.torproject.org/new-release-tor-browser-1206/
[2]: https://forum.torproject.net/t/threat-secured-in-snowflake-firefox-add-on/7…
[3]: https://forum.torproject.net/t/snowflake-bridge-does-not-work-in-china-sinc…
[4]: https://forum.torproject.net/t/how-to-enable-firefox-account-sync/7735/
[5]: https://forum.torproject.net/t/how-can-i-get-an-onion-domain-email-address/…
[6]: https://forum.torproject.net/t/why-does-tor-network-not-use-certificates-is…