tor-project

tor-project@lists.torproject.org

7 participants
2368 discussions

Repurposing the Global South Mailing List
by Za'atar زَعْتَر 04 Feb '25

04 Feb '25

Hello, The Global South mailing list has been quiet for some time, and the Tor community team has decided to repurpose it for Tor partners in the Global South. Moving forward, we will use it to share updates on activities such as online meetups, Privacy Resilience Grants, in-person training-of-trainers opportunities (Tor Training Academy), and more. The list will be refreshed today, Tuesday, February 4th. We invite everyone to join the Tor forum: https://forum.torproject.org/ Thank you, Za'atar

1 0

intrigeri's report, January 2025
by intrigeri 04 Feb '25

04 Feb '25

Hi, User-visible ============ I've reviewed and supported the work of my team-mates on a number of high priority user-visible improvements. User-invisible ============== Apart of the usual amount of KTLO work: - I've been coordinating the search for new maintainers for Metadata Cleaner: https://forum.torproject.org/t/metadata-cleaner-is-looking-for-a-new-co-mai… - I have automated some Git operations that were previously done manually every time we merged changes into our main development branch. - I have fixed several vulnerabilities that were found by Radically Open Security as part of their recent security audit of Tails. Sadly, some of them were similar to those found during their previous audit. We want to learn from this, stay tuned! - I created automation that ensures we won't reintroduce 1 of the types of vulnerability that were found during this audit. Team lead ========= - We, the Tails Team, have been working on our priorities for 2025 together with sajolida (UX). I'll publish a cleaned up version shortly. - I've learned how the grant reporting process works at Tor. - I've deleted or updated public documentation for Tails contributors that was made obsolete by the merge with Tor. Accounting ========== I've reviewed partial books from 1 of Tails' previous fiscal sponsors, as part of the transition to Tails' new nest, the Tor project. Cheers, -- intrigeri

1 0

Nina’s Monthly Status Report, January, 2025
by Nina 03 Feb '25

03 Feb '25

Hi! Below is my January’25 report! In January, I resolved a total of 904 tickets, a decrease of 775 from the previous month (total: 1679): - RT (frontdesk@tpo) - 191 (↓28) - Telegram (@TorProjectSupportBot) - 712 (↓747) - WhatsApp (+447421000612) - 1 (1) - Signal (+17787431312) - 0 (0). My main focus in January (and always) was supporting Russian-speaking users in bypassing internet censorship. So I shared censorship circumvention instructions, helped users resolve any issues they are facing with Tor Browser, and collected their feedback on what worked for them and what didn’t. I also took part in Tor Forum moderation and worked on reviewing Google Play Store users' reviews. For the first in the last six months, we observed a decrease in support tickets from Russian-speaking users. Despite this decrease, the number of tickets is still higher than in July-2024, when new censorship activities by Roskomnadzor were detected[1]. I created a new ticket to track censorship in Russia in 2025[2]. ## Elections in Belarus In January there were Presidential Elections in Belarus [3]. On the eve of the elections many VPN services and websites were blocked in the country [4]. It seems Tor remained accessiblewith bridges[5],however some users reported difficulties in finding working bridges. *##**Google Play Reviews for Tor Browser**(TBA)**and Tor Browser Alpha**for Android* - Tor Browser for Android (TBA) had a Google Play rating of 4.389 (↑) stars in January 2025, which is higher than in December. - Tor Browser for Android (TBA) got 774 (↑17) reviews out of 60,429 for the lifetime. - Tor Browser for Android Alpha (TBA-Alpha) app had a rating of 4.219 (↓) which is lower than in December. - In January, Tor Browser for Android (TBA-Alpha) got 37 (0) reviews out of 8,448 for the lifetime. ## Most common issues on the Google Play store reviews - “Tor Browser doesn’t work”: - often from Russian users, who are struggling to find a way to connect to Tor; - “Tor speed is too slow”: I use a template asking to refresh the Tor circuit or contact Tor Browser support. In the reviews I also encountered an issue of Tor Browserfor Androidfreezes when used on Realme GT NEO 3 smartphone[6]. [1] https://gitlab.torproject.org/tpo/anti-censorship/censorship-analysis/-/iss… [2] https://gitlab.torproject.org/tpo/anti-censorship/censorship-analysis/-/iss… [3] https://en.wikipedia.org/wiki/2025_Belarusian_presidential_election [4] https://news.zerkalo.io/life/89461.html?tg=4 [5] https://metrics.torproject.org/userstats-bridge-combined.html?start=2024-10… <https://metrics.torproject.org/userstats-bridge-combined.html?start=2024-10…> [6] https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/43444

1 0

cve's monthly status report
by Clara Engler 03 Feb '25

03 Feb '25

Hello tor-project@, the following contains a summary of the work that I have done in January 2025. ## onionmasq * Integration test for the isolation cookie feature * Requires the use of connected UDP for the existing tests * Wrote unit test for the `config` module * Wrote unit test for the `scaffolding` module * Added IPv6 integration tests alongside all existing IPv4 integration tests * This achieves a full dual-stack testing environment * Added a feature to disable file system permission checks * This feature is crucial for CI integration * Fixed a bug in the arti documentation alongside * **Added integration tests to CI** * Many thanks to micah@ for providing a privileged container * Gives reproducible coverage numbers which is great, currently at >80% * Replaced loopback IP addresses in the integration test suite with real but private IPs * Replaces `127.0.0.1` with `172.23.39.177/12` * Replaces `::1` with `fd5b:955e:ad4d::` * Both IPs have no deep meaning and were randomly generated, with input given by Diziet * Disabled the use of namespaces in CI, as isolation makes no sense there * Fixed a clippy warning * Upgraded various dependencies * More or less finished providing basic test infrastructure * We are currently slightly above 80% coverage, doing more is possible, but probably not sustainable, due to the logarithmic nature of increasing test coverage ## oniux * Began working on a very new prototype for replacing `torsocks` with a namespace based approach * This is still very much WIP, the design concept is done and I am currently working on a prototype * It is open space and I will keep this mailing list informed about further progress * Name is also WIP 🙂 Thank You Clara

1 0

Rhatto's Monthly Status Report, January 2025
by rhatto 03 Feb '25

03 Feb '25

Hi all :) This is my monthly status report for January 2025 with the main relevant activities I have done, was involved or are related to my work during the period. ## Onionbalance docs Onionbalance documentation was refactored and updated: https://onionservices.torproject.org/apps/base/onionbalance/ Highlights: * New Security page, thanks to Pascal Tippe: https://onionservices.torproject.org/apps/base/onionbalance/security/ * Added an API page: https://onionservices.torproject.org/apps/base/onionbalance/api/ * Removed the old v2 docs. ## Onionsite Checklist Improved the Onionsite Checklist with two new sections: * https://onionservices.torproject.org/apps/web/checklist/#general-advice * https://onionservices.torproject.org/apps/web/checklist/#incident-response ## Support Did the ongoing sponsored work with deployment, maintenance and monitoring of Onion Services. -- Silvio Rhatto pronouns he/him Festina lente -- move slow and fix things. I sent this message during my active hours, which might be different from yours. I'm fine if you take your time to answer, and usually takes some time for me to answer.

1 0

Felicia's Montly Status Report, January 2025
by Priscila 03 Feb '25

03 Feb '25

Hi everyone, This is my status report for January 2025. I still have some tasks waiting for review, so the following list is about the new ones that I got to work this month: [1] Improve torconnect layouts for medium and expanded screen sizes: https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/42429 [2] Decide what to do with the "Choose a bridge for me" button in Connection settings: https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/42477 [3] Warn users about Connection Assist removing user-added bridges: https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/42546 [4] Improve the flows for manually added bridges and their validation: https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/41913 [5] Validate user added bridge lines on Android: https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/42633 (related to task number 4) [6] Improve Android’s bridge settings UI: https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/41187 Best, Priscila (aka Felicia) - UX Team

1 0

PieroV's Monthly Status Report, January 2025
by Pier Angelo Vendrame 01 Feb '25

01 Feb '25

Hi everyone! Here is my status report for January 2025. At the beginning of this month, I continued fixing the letterboxing tests needed for the uplift process. There were several platform-specific failures, so I had to set up a Windows build and test environment for Firefox. It was the first time (we usually cross-compile Tor Browser), and it took me some time. Eventually, I got the Bug [0] to add some letterboxing exemptions landed. Then, I opened a stack of patches (authored by ma1) on Phabricator for the next Bug [1]. They have not been merged, yet, because some parts still need the desktop theme reviewers' approval. I also continued to help formalize the RR rebase process, and we merged the first version [2]. After that, I created the first MR to start this process, with the rebase of our patches onto Firefox 129 [3]. I checked the Firefox release calendar [4], and I suggested we keep a pace of one RR rebase every week. If we manage to, we will reach upstream by the end of March, with the rebase onto Firefox 138, and we will have some time in case we have problems with some versions since our objective is to be in sync with Firefox 129b1, which is scheduled for around the end of April. This month, I also tried to continue the fingerprinting fight effort, which involved some investigations that eventually resulted in small tasks. I started with v-sync on Wayland after we got an issue about possible refresh rate leaks [5]. Another task was controlling our macOS font allow list [6]. I had to verify some details in various macOS versions, and eventually, I will have to ask about Japanese fonts to Mozilla experts. Then, I started investigating why new windows are rounded incorrectly [7] and I briefly checked the overlay scrollbars [8]. Apart from this, I also helped with the regular releases. I rebased alpha onto 128.6.0esr at the beginning of the month, and I prepared the 14.5a2 release. Then, at the end of the month, I rebased stable and alpha onto 128.7.0esr and legacy onto 115.20.0esr. Finally, I started writing an uplift wish list for ESR 140 [9]. Best, Pier [0] https://bugzilla.mozilla.org/show_bug.cgi?id=1555815 [1] https://bugzilla.mozilla.org/show_bug.cgi?id=1556016 [2] https://gitlab.torproject.org/tpo/applications/tor-browser/-/merge_requests… [3] https://gitlab.torproject.org/tpo/applications/tor-browser/-/merge_requests… [4] https://whattrainisitnow.com/ [5] https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/43236 [6] https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/43378 [7] https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/43205 [8] https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/22137 [9] https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/40789#n…

1 0

sajolida's report, September 2024
by sajolida 30 Jan '25

30 Jan '25

Hi, September was again more busy than average to respect the timeline of Project 101 (Tor VPN) and Tails releases. Tor VPN ======= - I analyzed the usability test of Tor VPN 0.6.2 that I did in August. https://gitlab.torproject.org/tpo/ux/research/-/issues/69 In short, the usability of Tor VPN 0.6.2 is decent when people don't need to use a bridge, but very bad when Tor is blocked. None of the participant managed to use a bridge on their own. The main issues are unclear system status and confusing network model. Quotes: “Tor is like a bridge.“ — P5 “I'm looking for bridges that make it like if I were in Switzerland.“ — P4 “It should say: You are being blocked! With Tor you can bypass this censorship using a bridge.“ — P6 Summary of findings: https://gitlab.torproject.org/-/project/92/uploads/1fba8220a110622d852bf448… List of all issues: https://nc.torproject.net/s/fXbRYw76pTXJZym Video clips: https://nc.torproject.net/f/645757 - I created GitLab issues to document the most severe issues: Improve feedback while "Connecting" https://gitlab.torproject.org/tpo/applications/vpn/-/issues/181 Clarify connection status on all screens https://gitlab.torproject.org/tpo/applications/vpn/-/issues/182 Allow changing exit location from Configure menu https://gitlab.torproject.org/tpo/applications/vpn/-/issues/185 Improve discoverability of the list of countries https://gitlab.torproject.org/tpo/applications/vpn/-/issues/186 Clarify what can be tapped in the Bridges screen https://gitlab.torproject.org/tpo/applications/vpn/-/issues/187 Remove the need to press Enter when entering a bridge line https://gitlab.torproject.org/tpo/applications/vpn/-/issues/188 Clarify which bridge is being used (eg. after Bridge Bot) https://gitlab.torproject.org/tpo/applications/vpn/-/issues/189 Improve discoverability of the circuit view https://gitlab.torproject.org/tpo/applications/vpn/-/issues/190 Allow configuring only a single bridge https://gitlab.torproject.org/tpo/applications/vpn/-/issues/193 Rethink how the different relays are named https://gitlab.torproject.org/tpo/applications/vpn/-/issues/194 Clarify just enough about the network model https://gitlab.torproject.org/tpo/applications/vpn/-/issues/195 Don't allow changing exit location unless already connected https://gitlab.torproject.org/tpo/applications/vpn/-/issues/196 Report loss of connectivity to the Tor network https://gitlab.torproject.org/tpo/core/onionmasq/-/issues/110 - I started brainstorming solutions to all of these issues with Duncan and the rest of the UX team. Tails ===== I wrote some documentation to help users with recent issues: - Shim SBAT verification error (#20471) https://tails.net/news/version_6.7/#sbat - Provide fsck from Welcome Screen when the file system of the Persistent Storage is corrupted (#15451) https://gitlab.tails.boum.org/tails/tails/-/merge_requests/1586 This one was a LOT of work to figure out which data forensics path we should recommend to users and document the main ones step-by-step. -- sajolida

1 4

Anti-censorship team meeting notes, 2025-01-30
by Shelikhoo 30 Jan '25

30 Jan '25

Hey everyone! Here are our meeting logs: http://meetbot.debian.net/tor-meeting/2025/tor-meeting.2025-01-30-16.00.html And our meeting pad: Anti-censorship work meeting pad -------------------------------- Anti-censorship -------------------------------- Next meeting: Thursday,Feb 02 16:00 UTC Facilitator: meskio ^^^(See Facilitator Queue at tail) Weekly meetings, every Thursday at 16:00 UTC, in #tor-meeting at OFTC (channel is logged while meetings are in progress) This week's Facilitator: shelikhoo == Goal of this meeting == Weekly check-in about the status of anti-censorship work at Tor. Coordinate collaboration between people/teams on anti-censorship at the Tor Project and Tor community. == Links to Useful documents == * Our anti-censorship roadmap: * Roadmap:https://gitlab.torproject.org/groups/tpo/anti-censorship/-/boards * The anti-censorship team's wiki page: * https://gitlab.torproject.org/tpo/anti-censorship/team/-/wikis/home * Past meeting notes can be found at: * https://lists.torproject.org/pipermail/tor-project/ * Tickets that need reviews: from projects, we are working on: * All needs review tickets: * https://gitlab.torproject.org/groups/tpo/anti-censorship/-/merge_requests?s… * Project 158 <-- meskio working on it * https://gitlab.torproject.org/groups/tpo/anti-censorship/-/issues/?label_na… == Announcements == * snowflake-broker.azureedge.net is still working, a week after the announced shutdown date.(It still work at Jan 30) curl -s -i https://snowflake-broker.azureedge.net/amp/client/ == Discussion == == Actions == == Interesting links == * "Identifying VPN Servers through Graph-Represented Behaviors" * https://dl.acm.org/doi/10.1145/3589334.3645552 * https://dl.acm.org/doi/pdf/10.1145/3589334.3645552 * https://github.com/chenxuStep/VPNChecker == Reading group == * We will discuss "" on * * Questions to ask and goals to have: * What aspects of the paper are questionable? * Are there immediate actions we can take based on this work? * Are there long-term actions we can take based on this work? * Is there future work that we want to call out in hopes that others will pick it up? == Updates == Name: This week: - What you worked on this week. Next week: - What you are planning to work on next week. Help with: - Something you need help with. cecylia (cohosh): 2025-01-30 Last week: - debugged problem with tor conjure PT getting invalid addresses - https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/conj… - reviewed conjure merge requests - made more improvements to phantombox, the conjure test environment This week: - support conjure work - take a look at potential snowflake orbot bug - https://github.com/guardianproject/orbot-android/issues/1183 - maybe do some lox work dcf: 2025-01-23 Last week: - tracked status of snowflake-broker.azureedge.net after announced date of Edgio shutdown https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… - helped debug reported "AMP cache rendezvous doesn't work in China" https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… Next week: - open issue to have snowflake-client log whenever KCPInErrors is nonzero https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… - parent: https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… - open issue to disable /debug endpoint on snowflake broker Help with: meskio: 2024-01-30 Last week: - investigate issues on TorBrowser in Iran (tor-browser#43454) - config repositories in irc tor bot - grant writting and review Next week: - containarize rdsys Shelikhoo: 2024-01-30 Last Week: - [Refine] Unreliable+unordered WebRTC data channel transport for Snowflake rev2 (cont.)( https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… ) improvements - Merge request reviews Next Week/TODO: - Merge request reviews - [Test] Unreliable+unordered WebRTC data channel transport for Snowflake rev2 (cont.)( https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… ) improvements onyinyang: 2025-01-30 Last week(s): - Got conjure up and running locally! (Thanks cohosh!) - uTLS implemented for conjure - moved uTLS library to ptutil - started work on ampcache Next week: - continue on alternative registration methods (ampcache, sqs) - Add decoy registration option As time allows: - Continue work on implementing issuer efficiency for check-blockage and trust-promotion protocols - Work on outstanding milestone issues: - key rotation automation Later: pending decision on abandoning lox wasm in favour of some kind of FFI? https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/43096): - add pref to handle timing for pubkey checks in Tor browser - add trusted invitation logic to tor browser integration: https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/42974 - improve metrics collection/think about how to show Lox is working/valuable - sketch out Lox blog post/usage notes for forum (long term things were discussed at the meeting!): - brainstorming grouping strategies for Lox buckets (of bridges) and gathering context on how types of bridges are distributed/use in practice Question: What makes a bridge usable for a given user, and how can we encode that to best ensure we're getting the most appropriate resources to people? 1. Are there some obvious grouping strategies that we can already consider? e.g., by PT, by bandwidth (lower bandwidth bridges sacrificed to open-invitation buckets?), by locale (to be matched with a requesting user's geoip or something?) 2. Does it make sense to group 3 bridges/bucket, so trusted users have access to 3 bridges (and untrusted users have access to 1)? More? Less? theodorsm: 2025-01-30 Last weeks: - Testing Tor Build with covert-dtls (troubleshooting becoming DTLS client with ICE and different NAT/host types). Next weeks: - Update covert-dtls to handle new DTLS extensions in recent browsers - Write instructions on how to configure covert-dtls with snowflake client - Fix merge conflicts in MR (https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow…). - Condensing thesis into paper (on hold) Help with: - Test stability of covert-dtls in snowflake Facilitator Queue: meskio onyinyang shelikhoo 1. First available staff in the Facilitator Queue will be the facilitator for the meeting 2. After facilitating the meeting, the facilitator will be moved to the tail of the queue

1 0

Anti-censorship team meeting notes, 2025-01-23
by onyinyang 23 Jan '25

23 Jan '25

Hey everyone! Here are our meeting logs: http://meetbot.debian.net/tor-meeting/2025/tor-meeting.2025-01-23-16.04.html And our meeting pad: Anti-censorship work meeting pad -------------------------------- Anti-censorship -------------------------------- Next meeting: Thursday,January 30 16:00 UTC Facilitator: shelikhoo ^^^(See Facilitator Queue at tail) Weekly meetings, every Thursday at 16:00 UTC, in #tor-meeting at OFTC (channel is logged while meetings are in progress) This week's Facilitator: onyinyang == Goal of this meeting == Weekly check-in about the status of anti-censorship work at Tor. Coordinate collaboration between people/teams on anti-censorship at the Tor Project and Tor community. == Links to Useful documents == * Our anti-censorship roadmap: * Roadmap:https://gitlab.torproject.org/groups/tpo/anti-censorship/-/boards * The anti-censorship team's wiki page: * https://gitlab.torproject.org/tpo/anti-censorship/team/-/wikis/home * Past meeting notes can be found at: * https://lists.torproject.org/pipermail/tor-project/ * Tickets that need reviews: from projects, we are working on: * All needs review tickets: * https://gitlab.torproject.org/groups/tpo/anti-censorship/-/merge_requests?s… * Project 158 <-- meskio working on it * https://gitlab.torproject.org/groups/tpo/anti-censorship/-/issues/?label_na… == Announcements == * BridgeStatus's Snowflake bridge test output will change after deployment of * Use gitlab circumvention setting for snowflake bridge line update * https://gitlab.torproject.org/tpo/anti-censorship/connectivity-measurement/… * Be sure to check if any automated script is still working correctly * snowflake-broker.azureedge.net is still working, a week after the announced shutdown date. curl -s -i https://snowflake-broker.azureedge.net/amp/client/ == Discussion == == Actions == == Interesting links == == Reading group == * We will discuss "" on * * Questions to ask and goals to have: * What aspects of the paper are questionable? * Are there immediate actions we can take based on this work? * Are there long-term actions we can take based on this work? * Is there future work that we want to call out in hopes that others will pick it up? == Updates == Name: This week: - What you worked on this week. Next week: - What you are planning to work on next week. Help with: - Something you need help with. cecylia (cohosh): 2025-01-23 Last week: - worked on some phantombox (conjure test environment) improvements - https://gitlab.torproject.org/cohosh/phantombox/-/issues/2 - fixups to switching to local storage for snowflake badges - https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… - some reviews and gitlab todos This week: - asn mapping geoip feature dcf: 2025-01-23 Last week: - tracked status of snowflake-broker.azureedge.net after announced date of Edgio shutdown https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… - helped debug reported "AMP cache rendezvous doesn't work in China" https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… Next week: - open issue to have snowflake-client log whenever KCPInErrors is nonzero https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… - parent: https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… - open issue to disable /debug endpoint on snowflake broker Help with: meskio: 2024-01-23 Last week: - debug a segfault in country based metrics to the snowflake proxy (snowflake!482) - debug why metrics.torproject.org doesn't display distributor metrics (rdsys#235) - keep up with snowflake debian dependencies (snowflake#40410) - deploy onionsproutsbot (onionsproutsbot#66) - investigate why we distribute non working bridges (rdsys#254) - simple refactor fixes on rdsys bridge tests (rdsys!454) - review and update P146 report - triage the long queue of open issues (there are still some snowflake ones missing) Next week: - snowflake debian package Shelikhoo: 2024-01-23 Last Week: - [Pending] snowflake broker update/reinstall(cont.): https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… - [Awaiting Review] Unreliable+unordered WebRTC data channel transport for Snowflake rev2 (cont.)( https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… ) improvements - Merge request reviews - Automate bridgeline update for snowflake(https://gitlab.torproject.org/tpo/anti-censorship/connectivity-me… ) - Use assume reachable for webtunnel bridges to avoid exporting OR port(https://gitlab.torproject.org/tpo/anti-censorship/connectivity-measure… - Update readme to include migration notice (https://gitlab.torproject.org/tpo/anti-censorship/docker-snowflake-proxy/-/… ) - Next Week/TODO: - Merge request reviews - [Resume] Unreliable+unordered WebRTC data channel transport for Snowflake rev2 (cont.)( https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… ) improvements - [Deployment] Automate bridgeline update for snowflake onyinyang: 2025-01-23 Last week(s): - Get conjure up and running (at least locally) - WIP Conjure stuff for Project 173 Next week: - Continue on getting conjure up and running (at least locally) - implement utls for conjure - start implementation of alternative registration methods As time allows: - Continue work on implementing issuer efficiency for check-blockage and trust-promotion protocols - Work on outstanding milestone issues: - key rotation automation Later: pending decision on abandoning lox wasm in favour of some kind of FFI? https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/43096): - add pref to handle timing for pubkey checks in Tor browser - add trusted invitation logic to tor browser integration: https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/42974 - improve metrics collection/think about how to show Lox is working/valuable - sketch out Lox blog post/usage notes for forum (long term things were discussed at the meeting!): - brainstorming grouping strategies for Lox buckets (of bridges) and gathering context on how types of bridges are distributed/use in practice Question: What makes a bridge usable for a given user, and how can we encode that to best ensure we're getting the most appropriate resources to people? 1. Are there some obvious grouping strategies that we can already consider? e.g., by PT, by bandwidth (lower bandwidth bridges sacrificed to open-invitation buckets?), by locale (to be matched with a requesting user's geoip or something?) 2. Does it make sense to group 3 bridges/bucket, so trusted users have access to 3 bridges (and untrusted users have access to 1)? More? Less? theodorsm: 2025-01-22 (AFK for meeting 01-23) Last weeks: - Testing Tor Build with covert-dtls Next weeks: - Update covert-dtls to handle new DTLS extensions in recent browsers - Write instructions on how to configure covert-dtls with snowflake client - Fix merge conflicts in MR (https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow…). - Condensing thesis into paper (on hold) Help with: - Test stability of covert-dtls in snowflake Facilitator Queue: meskio onyinyang shelikhoo 1. First available staff in the Facilitator Queue will be the facilitator for the meeting 2. After facilitating the meeting, the facilitator will be moved to the tail of the queue -- --- onyinyang GPG Fingerprint 3CC3 F8CC E9D0 A92F A108 38EF 156A 6435 430C 2036

1 0

Jump to page:

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

tor-project