Hey everyone!
Here are our meeting logs:
http://meetbot.debian.net/tor-meeting/2024/tor-meeting.2024-02-29-15.57.html
And our meeting pad:
Anti-censorship
--------------------------------
Next meeting: Thursday, March 7 16:00 UTC
Facilitator: onyinyang
Weekly meetings, every Thursday at 16:00 UTC, in #tor-meeting at OFTC
(channel is logged while meetings are in progress)
This week's Facilitator: meskio
== Goal of this meeting ==
Weekly check-in about the status of anti-censorship work at Tor.
Coordinate collaboration between people/teams on anti-censorship at the Tor Project and Tor community.
== Links to Useful documents ==
* Our anti-censorship roadmap:
* Roadmap:https://gitlab.torproject.org/groups/tpo/anti-censorship/-/boards
* The anti-censorship team's wiki page:
* https://gitlab.torproject.org/tpo/anti-censorship/team/-/wikis/home
* Past meeting notes can be found at:
* https://lists.torproject.org/pipermail/tor-project/
* Tickets that need reviews: from sponsors, we are working on:
* All needs review tickets:
* https://gitlab.torproject.org/groups/tpo/anti-censorship/-/merge_requests?s…
* Sponsor 96 <-- meskio, shell, onyinyang, cohosh
* https://gitlab.torproject.org/groups/tpo/-/milestones/24
* Sponsor 150 <-- meskio working on it
* https://gitlab.torproject.org/groups/tpo/anti-censorship/-/issues/?label_na…
== Announcements ==
- Ireland Constitution Amendment Referendum: March 8th
Anything to note?
* Belarus - General elections (2024-02-25): https://explorer.ooni.org/chart/mat?probe_cc=BY&since=2024-01-16&until=2024…
* Cambodia - Senate election (2024-02-25): https://explorer.ooni.org/chart/mat?probe_cc=KH&since=2024-01-16&until=2024…
== Discussion ==
* Mysterious reported snowflake issue in China has maybe gone away as of 2024-02-26? But reportedly still slow/unreliable https://github.com/net4people/bbs/issues/325#issuecomment-1963226429
* looks like we can reproduce the issue: https://gitlab.torproject.org/tpo/anti-censorship/connectivity-measurement/…
* shelikhoo will investigate when time is available
* Unclear whether AWS will allow public disclosure of credentials
* https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow…
* we are waiting for their response
== Actions ==
== Interesting links ==
*
== Reading group ==
* We will discuss "" on
*
* Questions to ask and goals to have:
* What aspects of the paper are questionable?
* Are there immediate actions we can take based on this work?
* Are there long-term actions we can take based on this work?
* Is there future work that we want to call out in hopes that others will pick it up?
== Updates ==
Name:
This week:
- What you worked on this week.
Next week:
- What you are planning to work on next week.
Help with:
- Something you need help with.
cecylia (cohosh): 2024-02-29
Last week:
- released v2.9.1 for snowflake
- merged shadow ci integration tests for snowflake
- https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow…
- responded to AWS warning about public disclosure of credentials
- https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow…
- set up a cdn77 endpoint for meek
- worked on snowflake webext source code instructions for 0.7.3 rejection
- https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow…
This week:
- continue following up on AWS support case
- review lox synchronization fix
- compile a list of next-steps for lox
- update wasm-bindgen fork to fix some bugs and hopefully upstream changes
- tor-browser-build updates for lox wasm + bindings generation
- Conjure bridge maintenance
- more testing of available domain fronts
Needs help with:
dcf: 2024-02-29
Last week:
- archived snowflake-webext-0.7.3 https://archive.org/details/snowflake-webextension-0.7.3
- rebased https://gitlab.torproject.org/dcf/snowflake/-/commits/handshake-padding and for testers in China
Next week:
- review draft MR for unreliable data channels https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow…
- open issue to have snowflake-client log whenever KCPInErrors is nonzero https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow…
- parent: https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow…
- open issue to disable /debug endpoint on snowflake broker
- move snowflake-02 to new VM
Help with:
meskio: 2023-02-29
Last week:
- email tor-relays to request bridges for lox (lox#56)
- mark bridges with local addresses as dysfunciontional in rdsys (rdsys!270)
- get the version number from git in lyrebird (lyrebird!31)
- try and fail to use iptables to bloc local connections from bridgestrap
Next week:
- moat distributor in rdsys
Shelikhoo: 2024-02-29
Last Week:
- [Merge Request]HTTPS distributors in rdsys: https://gitlab.torproject.org/tpo/anti-censorship/rdsys/-/merge_requests/260
- [Research] Inspect Snowflake Situation In China
- Update WebTunnel Container Image(https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transport…
- Merge request reviews
Next Week/TODO:
- Inspect Snowflake Situation In China and create ticket for that
- Create Issue for "Merging webtunnel + lyrebird"
onyinyang: 2023-02-29
Last week(s):
- continued prep for HACS/DRL meeting
- Thought about/work on other Lox test deployment milestone pieces
-https://gitlab.torproject.org/tpo/anti-censorship/lox/-/milestones/1#tab-issues
- worked on better invitation encoding issue: https://gitlab.torproject.org/tpo/anti-censorship/lox/-/issues/58, implemented base64 serialization/deserialization but waiting for more feedback from the wider team
- looked into bridge blockage reporting: https://gitlab.torproject.org/tpo/anti-censorship/lox/-/issues/57
This week:
- continue prep for HACS/DRL meeting
- improve metrics collection/think about how to show Lox is working/valuable
- sketch out Lox blog post/usage notes for forum
- attempt hyper upgrade again
(long term things were discussed at the meeting!): https://pad.riseup.net/p/tor-ac-community-azaleas-room-keep
- brainstorming grouping strategies for Lox buckets (of bridges) and gathering context on how types of bridges are distributed/use in practice
Question: What makes a bridge usable for a given user, and how can we encode that to best ensure we're getting the most appropriate resources to people?
1. Are there some obvious grouping strategies that we can already consider?
e.g., by PT, by bandwidth (lower bandwidth bridges sacrificed to open-invitation buckets?), by locale (to be matched with a requesting user's geoip or something?)
2. Does it make sense to group 3 bridges/bucket, so trusted users have access to 3 bridges (and untrusted users have access to 1)? More? Less?
theodorsm: 2023-01-11
Last weeks:
- Currently in the start phase of writing my master thesis (to be finished late june 2024) in communication technology on reducing distinguishability of DTLS. The goal is to implement a validated DTLS anti-fingerprinting library similar to uTLS (useful for Snowflake).
Next weeks:
- Talk with Sean DuBois about contributing to adding anti-fingerprinting capabilities to the pion library
Help with:
- Find recent data set of captured DTLS traffic
--
meskio | https://meskio.net/
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
My contact info: https://meskio.net/crypto.txt
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
Nos vamos a Croatan.
Hey everyone!
Here are our meeting logs:
http://meetbot.debian.net/tor-meeting/2024/tor-meeting.2024-02-22-15.57.html
And our meeting pad:
Anti-censorship work meeting pad
--------------------------------
Anti-censorship
--------------------------------
Next meeting: Thursday, February 29 16:00 UTC
Facilitator: onyinyang
Weekly meetings, every Thursday at 16:00 UTC, in #tor-meeting at OFTC
(channel is logged while meetings are in progress)
This week's Facilitator: shelikhoo
== Goal of this meeting ==
Weekly check-in about the status of anti-censorship work at Tor.
Coordinate collaboration between people/teams on anti-censorship at the
Tor Project and Tor community.
== Links to Useful documents ==
* Our anti-censorship roadmap:
*
Roadmap:https://gitlab.torproject.org/groups/tpo/anti-censorship/-/boards
* The anti-censorship team's wiki page:
*
https://gitlab.torproject.org/tpo/anti-censorship/team/-/wikis/home
* Past meeting notes can be found at:
* https://lists.torproject.org/pipermail/tor-project/
* Tickets that need reviews: from sponsors, we are working on:
* All needs review tickets:
*
https://gitlab.torproject.org/groups/tpo/anti-censorship/-/merge_requests?s…
* Sponsor 96 <-- meskio, shell, onyinyang, cohosh
* https://gitlab.torproject.org/groups/tpo/-/milestones/24
* Sponsor 150 <-- meskio working on it
*
https://gitlab.torproject.org/groups/tpo/anti-censorship/-/issues/?label_na…
== Announcements ==
* Belarus - General elections (2024-02-25):
https://explorer.ooni.org/chart/mat?probe_cc=BY&since=2024-01-16&until=2024…
* Cambodia - Senate election (2024-02-25):
https://explorer.ooni.org/chart/mat?probe_cc=KH&since=2024-01-16&until=2024…
* Ireland Constitution Amendment Referendum: March 8th
== Discussion ==
*
== Actions ==
== Interesting links ==
*
== Reading group ==
* We will discuss "" on
*
* Questions to ask and goals to have:
* What aspects of the paper are questionable?
* Are there immediate actions we can take based on this work?
* Are there long-term actions we can take based on this work?
* Is there future work that we want to call out in hopes
that others will pick it up?
== Updates ==
Name:
This week:
- What you worked on this week.
Next week:
- What you are planning to work on next week.
Help with:
- Something you need help with.
cecylia (cohosh): 2024-02-15
Last week:
- caught up on manifest v3 updates
-
https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow…
- release new version of snowflake addon (0.7.3)
- updated addon stores
- updated website
- opened tor-browser-build MR to get SQS rendezvous in Tor Browser
-
https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/merge_re…
- fixed shadow integration tests
-
https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow…
- opened an issue for country-specific client rendezvous poll
counts
-
https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow…
- caught up on dependency update backlog
- mostly caught up on review backlog
This week:
- review lox synchronization fix
- compile a list of next-steps for lox
- update wasm-bindgen fork to fix some bugs and hopefully
upstream changes
- tor-browser-build updates for lox wasm + bindings generation
- Conjure bridge maintenance
- more testing of available domain fronts
Needs help with:
dcf: 2024-02-15
Last week:
- snowflake azure CDN bookkeeping
https://gitlab.torproject.org/tpo/anti-censorship/team/-/wikis/Snowflake-co…
Next week:
- review draft MR for unreliable data channels
https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow…
- open issue to have snowflake-client log whenever KCPInErrors
is nonzero
https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow…
- parent:
https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow…
- open issue to disable /debug endpoint on snowflake broker
- move snowflake-02 to new VM
Help with:
meskio: 2023-02-22
Last week:
- limit the size of requests in rdsys (rdsys!261)
- configure if web proxy headers are trusted in rdsys (rdsys!262)
- block connections to localhost in webtunnel (webtunnel!20)
- review HTTPS distributor in rdsys (rdsys!260)
Next week:
- draft an email to request bridges for lox in tor-relays (lox#56)
- moat distributor in rdsys
Shelikhoo: 2024-02-22
Last Week:
- [Merge Request]HTTPS distributors in rdsys:
https://gitlab.torproject.org/tpo/anti-censorship/rdsys/-/merge_requests/260
- [Research] Inspect Snowflake Situation In China
- [Merge Request] Update Renovate Golang version to
1.21(https://gitlab.torproject.org/tpo/anti-censorship/rdsys/-/merge_reques…
- [Merge Request Review] Automatically build container
on release and push to our registry.
(https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow…)
- [Merge Request Review] client: Only accept
connections to remote hosts
(https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/webt…)
- Attend Online FOCI
- Merge request reviews
Next Week/TODO:
- Inspect Snowflake Situation In China
- Create Issue for "Merging webtunnel + lyrebird"
- Update WebTunnel Container Image
onyinyang: 2023-02-15
Last week(s):
- Finished up fixing problems with syncing functions
- Opened ticket to Lox invitation endpoint only accessible via
telegram
This week:
- redeploy rdsys and lox-distributor with bug fixes and
telegram bot
- improve metrics collection/think about how to show Lox is
working/valuable
- start prep for HACS/DRL meeting
- sketch out Lox blog post/usage notes for forum
- attempt hyper upgrade again
(long term things were discussed at the meeting!):
https://pad.riseup.net/p/tor-ac-community-azaleas-room-keep
- brainstorming grouping strategies for Lox buckets (of
bridges) and gathering context on how types of bridges are
distributed/use in practice
Question: What makes a bridge usable for a given user, and
how can we encode that to best ensure we're getting the most appropriate
resources to people?
1. Are there some obvious grouping strategies that we
can already consider?
e.g., by PT, by bandwidth (lower bandwidth bridges
sacrificed to open-invitation buckets?), by locale (to be matched with a
requesting user's geoip or something?)
2. Does it make sense to group 3 bridges/bucket, so
trusted users have access to 3 bridges (and untrusted users have access
to 1)? More? Less?
theodorsm: 2023-01-11
Last weeks:
- Currently in the start phase of writing my master thesis
(to be finished late june 2024) in communication technology on reducing
distinguishability of DTLS. The goal is to implement a validated DTLS
anti-fingerprinting library similar to uTLS (useful for Snowflake).
Next weeks:
- Talk with Sean DuBois about contributing to adding
anti-fingerprinting capabilities to the pion library
Help with:
- Find recent data set of captured DTLS traffic
Hi Everyone,
Monday is a holiday so we'll be moving our regularly scheduled Tor
Browser weekly meeting to Tuesday (2024-02-20) at 1500 UTC in
#tor-meeting on OFTC IRC.
best,
-richadr
Here are our meeting logs:
http://meetbot.debian.net/tor-meeting/2024/tor-meeting.2024-02-15-15.57.html
And our meeting pad:
Anti-censorship
--------------------------------
Next meeting: Thursday, February 22 16:00 UTC
Facilitator: shelikhoo
Weekly meetings, every Thursday at 16:00 UTC, in #tor-meeting at OFTC
(channel is logged while meetings are in progress)
This week's Facilitator: meskio
== Goal of this meeting ==
Weekly check-in about the status of anti-censorship work at Tor.
Coordinate collaboration between people/teams on anti-censorship at the Tor Project and Tor community.
== Links to Useful documents ==
* Our anti-censorship roadmap:
* Roadmap:https://gitlab.torproject.org/groups/tpo/anti-censorship/-/boards
* The anti-censorship team's wiki page:
* https://gitlab.torproject.org/tpo/anti-censorship/team/-/wikis/home
* Past meeting notes can be found at:
* https://lists.torproject.org/pipermail/tor-project/
* Tickets that need reviews: from sponsors, we are working on:
* All needs review tickets:
* https://gitlab.torproject.org/groups/tpo/anti-censorship/-/merge_requests?s…
* Sponsor 96 <-- meskio, shell, onyinyang, cohosh
* https://gitlab.torproject.org/groups/tpo/-/milestones/24
* Sponsor 150 <-- meskio working on it
* https://gitlab.torproject.org/groups/tpo/anti-censorship/-/issues/?label_na…
== Announcements ==
* Elections in Indonesia (2024-02-14): https://explorer.ooni.org/chart/mat?probe_cc=ID&since=2024-01-16&until=2024…
* Belarus - General elections (2024-02-25): https://explorer.ooni.org/chart/mat?probe_cc=BY&since=2024-01-16&until=2024…
* Cambodia - Senate election (2024-02-25): https://explorer.ooni.org/chart/mat?probe_cc=KH&since=2024-01-16&until=2024…
== Discussion ==
*
== Actions ==
== Interesting links ==
* FOCI registration is open (attendance is free): https://foci.community/register
* February 19th
== Reading group ==
* We will discuss "" on
*
* Questions to ask and goals to have:
* What aspects of the paper are questionable?
* Are there immediate actions we can take based on this work?
* Are there long-term actions we can take based on this work?
* Is there future work that we want to call out in hopes that others will pick it up?
== Updates ==
Name:
This week:
- What you worked on this week.
Next week:
- What you are planning to work on next week.
Help with:
- Something you need help with.
cecylia (cohosh): 2024-02-15
Last week:
- caught up on manifest v3 updates
- https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow…
- release new version of snowflake addon (0.7.3)
- updated addon stores
- updated website
- opened tor-browser-build MR to get SQS rendezvous in Tor Browser
- https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/merge_re…
- fixed shadow integration tests
- https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow…
- opened an issue for country-specific client rendezvous poll counts
- https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow…
- caught up on dependency update backlog
- mostly caught up on review backlog
This week:
- review lox synchronization fix
- compile a list of next-steps for lox
- update wasm-bindgen fork to fix some bugs and hopefully upstream changes
- tor-browser-build updates for lox wasm + bindings generation
- Conjure bridge maintenance
- more testing of available domain fronts
Needs help with:
dcf: 2024-02-15
Last week:
- snowflake azure CDN bookkeeping https://gitlab.torproject.org/tpo/anti-censorship/team/-/wikis/Snowflake-co…
Next week:
- review draft MR for unreliable data channels https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow…
- open issue to have snowflake-client log whenever KCPInErrors is nonzero https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow…
- parent: https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow…
- open issue to disable /debug endpoint on snowflake broker
- move snowflake-02 to new VM
Help with:
meskio: 2023-02-15
Last week:
- catching up after long vacation
Next week:
- react to S96 code audit
Shelikhoo: 2024-02-15
Last Week:
- [Merge Request]HTTPS distributors in rdsys: https://gitlab.torproject.org/tpo/anti-censorship/rdsys/-/merge_requests/260
- [Research] Inspect Snowflake Situation In China
- Merge request reviews
Next Week/TODO:
- Inspect Snowflake Situation In China
- Create Issue for "Merging webtunnel + lyrebird"
- Update WebTunnel Container Image
onyinyang: 2023-02-15
Last week(s):
- Finished up fixing problems with syncing functions
- Opened ticket to Lox invitation endpoint only accessible via telegram
This week:
- redeploy rdsys and lox-distributor with bug fixes and telegram bot
- improve metrics collection/think about how to show Lox is working/valuable
- start prep for HACS/DRL meeting
- sketch out Lox blog post/usage notes for forum
- attempt hyper upgrade again
(long term things were discussed at the meeting!): https://pad.riseup.net/p/tor-ac-community-azaleas-room-keep
- brainstorming grouping strategies for Lox buckets (of bridges) and gathering context on how types of bridges are distributed/use in practice
Question: What makes a bridge usable for a given user, and how can we encode that to best ensure we're getting the most appropriate resources to people?
1. Are there some obvious grouping strategies that we can already consider?
e.g., by PT, by bandwidth (lower bandwidth bridges sacrificed to open-invitation buckets?), by locale (to be matched with a requesting user's geoip or something?)
2. Does it make sense to group 3 bridges/bucket, so trusted users have access to 3 bridges (and untrusted users have access to 1)? More? Less?
theodorsm: 2023-01-11
Last weeks:
- Currently in the start phase of writing my master thesis (to be finished late june 2024) in communication technology on reducing distinguishability of DTLS. The goal is to implement a validated DTLS anti-fingerprinting library similar to uTLS (useful for Snowflake).
Next weeks:
- Talk with Sean DuBois about contributing to adding anti-fingerprinting capabilities to the pion library
Help with:
- Find recent data set of captured DTLS traffic
--
meskio | https://meskio.net/
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
My contact info: https://meskio.net/crypto.txt
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
Nos vamos a Croatan.
Hi Everyone!
We have a new job opening for a Browser Software Engineer (Contractor)!
https://www.torproject.org/about/jobs/browser-software-engineer/
If you are or know someone who would be a good fit and wants to join our
team, please apply/share.
Have a great weekend and thanks for helping us spread the word! 🙂
Best,
Tyler
Hello everyone,
I'd like to announce Onionspray, a tool for setting up Onion Services for
existing public websites, working as a HTTPS rewriting proxy:
https://tpo.pages.torproject.net/onion-services/onionspray/
It's a fork of Alec Muffett's EOTK (https://github.com/alecmuffett/eotk), with
many enhancements but retaining compatibility, and relying on C Tor until an
alternative in Arti is available.
The first Onionspray version is 1.6.0, following the pre-existing version
sequence from EOTK.
Security fixes:
* This release fixes a CRITICAL security vulnerability related to
upstream HTTPS certificate verification, which is detailed at
https://tpo.pages.torproject.net/onion-services/onionspray/security/advisor…
A related fix is also available for EOTK:
https://github.com/alecmuffett/eotk/pull/116
We urge Onionspray users that were testing the software while it was being on
it's early stages to upgrade ASAP to 1.6.0 and update their configurations, and
we recommend that EOTK to the same with the corresponding patch.
This issue might also affect other similar rewriting proxy setups,
and we urge operators to review and fix their Onion Service
configurations.
Main improvements over EOTK:
* MetricsPort support (for gathering metrics data from the tor instances).
* Denial of Service (DoS) protections.
* Circuit ID exporting to NGINX logs and optionally to the upstream
proxy (through the X-Onion-CircuitID HTTP header).
* Onionbalance v3 support ("softmaps" are working again).
* Revamped documentation.
* Installation procedures added for recent Debian and Ubuntu releases.
* Tor and OpenResty upgraded to the latest versions.
* Option to keep Onionspray running in the foreground (`--no-daemonize`).
* Local healthcheck action (`--health-local`), useful for containerized
execution.
The full ChangeLog is available at
https://tpo.pages.torproject.net/onion-services/onionspray/changelog/
For those wishing to switch from EOTK to Onionspray, there's a migration guide
at https://tpo.pages.torproject.net/onion-services/onionspray/migrating/
We also welcome people to report issues, send merge requests etc:
https://tpo.pages.torproject.net/onion-services/onionspray/contact/
And we have a bunch of issues waiting for contributions:
https://gitlab.torproject.org/tpo/onion-services/onionspray/-/issues
Finally, I'd like to thank Alec Muffett for his important work with EOTK
and for promoting Onion Services all these years :)
Thanks!
--
Silvio Rhatto
pronouns he/him