Hi,
So it's the most wonderful time of the year and everything... This means
that we're actually coming pretty close to the holidays!
TL;DR: everything will be fine, but if you need something from us before
the holidays, ask now!
TPA is, as usual, going to ensure some minimal rotation during the TPI
holidays (December 21st to January 5th, inclusively), so we should be
able to deal with emergencies. We'll have someone checking alerts and
mail on a daily basis, basically. "How to report issues" doesn't change,
see:
https://gitlab.torproject.org/tpo/tpa/team/-/wikis/support
If you're curious, you can see who's on rotation in the "TPA rotations"
calendar I have just shared with TPI (an oversight).
That said.
If you think you might need something urgently before the holidays, it's
getting *really* late to tell us now, as we're pretty much trying to
wrap up everything to quiet down our infra before the holidays.
So if you need anything from TPA, the time to ask for this is pretty
much right now, we'll be glad to consider your request! And as the ~3
weeks pass before the holidays, we'll be less and less happy to deal
with urgent "oh I just need this blog post" or "can I get a little VM
cluster setup now?" right before the holidays. :)
(If you need a coordinated release right before the holidays, that's
fine too, but let's plan it no!)
Thank you for your attention, and happy holidays!
a.
--
Antoine Beaupré
torproject.org system administration
Hello everyone!
Daylight savings has migrated the weekly Tor Browser meeting to an
unreasonable hour for some of us, so lets move it back an hour to 1600
UTC in #tor-meeting2 in 2025.
best,
-morgan
Summary: a proposal to limit the retention of GitLab CI data to 1 year
# Background
As more and more Tor projects moved to GitLab and embraced its
continuous integration features, managing the ensuing storage
requirements has been a challenge.
We regularly deal with near filesystem saturation incidents on the
GitLab server, especially involving CI artifact storage, such as
tpo/tpa/team#41402 and recently, tpo/tpa/team#41861
Previously, [TPA-RFC-14][] was implemented to reduce the default
artifact retention period from 30 to 14 days. This, and CI optimization
of individual projects has provided relief, but the long-term issue has
not been definitively addressed since the retention period doesn't apply
to some artifacts such as job logs, which are kept indefinitely by default.
[TPA-RFC-14]:
https://gitlab.torproject.org/tpo/tpa/team/-/wikis/tpa-rfc-14-gitlab-artifa…
# Proposal
Implement a daily GitLab maintenance task to delete CI pipelines older
than 1 year in *all* projects hosted on our instance. This will:
* Purge old CI pipeline and job records for the GitLab database
* Delete associated CI job artifacts, even those "kept" either:
* When [manually prevented from expiring][] ("Keep" button on CI job
pages)
* When they're the [latest successful pipeline artifact][]
* Delete old CI job log artifacts
[manually prevented from expiring]:
https://gitlab.torproject.org/help/ci/jobs/job_artifacts#with-an-expiry
[latest successful pipeline artifact]:
https://gitlab.torproject.org/help/ci/jobs/job_artifacts.md#keep-artifacts-…
## Goals
This is expected to significantly reduce the growth rate of CI-related
storage usage, and of the GitLab service in general.
## Affected users
All users of GitLab CI will be impacted by this change.
But more specifically, some projects have "kept" artifacts, which were
manually set not to expire. We'll ensure the concerned users and
projects will be notified of this proposal. GitLab's documentation has
the [instructions to extract this list of non-expiring
artifacts](https://docs.gitlab.com/ee/administration/cicd/job_artifacts_tro….
## Timeline
Barring the need to further discussion, this will be implemented on
Monday, December 9th.
## Costs estimates
### Hardware
This is expected to reduce future requirements in terms of storage hardware.
### Staff
This will reduce the amount of TPA labor needed to deal with filesystem
saturation incidents.
# Alternatives considered
A "CI housekeeping" script is already in place, which scrubs job logs
daily in a hard-coded list of key projects such as c-tor packaging,
which runs an elaborate CI pipeline on a daily basis, and triage-bot,
which runs it CI pipeline on a schedule, every 15 minutes.
Although it has helped up until now, this approach is not able to deal
with the increasing use of personal fork projects which are used for
development.
It's possible to define a different retention policy based on a
project's namespace. For example, projects under the `tpo` namespace
could have a longer retention period, while others (personal projects)
could have a shorter one. This isn't part of the proposal currently as
it could violate the principle of least surprise.
# References
* Discussion ticket: tpo/tpa/team#41874
* [Make It Ephemeral: Software Should Decay and Lose
Data](https://lucumr.pocoo.org/2024/10/30/make-it-ephemeral/)
Hello,
I'm writing to let you know that applications are now open for the
second SEEKCommons Fellowship[1] cohort.
The SEEKCommons Fellowship program is funded by NSF and run by partners
at University of Notre Dame, University of California Davis, University
of Michigan, University of Virginia, and The HDF Group. The goal of the
fellowship is to bring graduate students, post-doctoral researchers, and
professionals from community-based organizations with new perspectives
to socio-environmental research with open technologies.
Application deadline is Dec. 15, 2024.
The fellowship is designed to:
- Encourage new translational and integrative work involving
socio-environmental action research with Open Science practices;
- Provide a space for Fellows and Network members to collaborate on
common research issues, challenges, and solutions.
Fellows may be:
- Graduate students working with open technologies on
socio-environmental issues;
- Post-docs with existing community projects in Science and Technology
Studies, Open Science, and/or Socio-environmental research; and/or
- Community practitioners who are interested in integrating common
technologies into their environmental justice work.
The SEEKCommons website contains all the necessary fellowship
information, including the application link.
https://seekcommons.org/fellowship-application.html
Partnership SEEKCommons + Tor Project
=====================================
This year SEEKCommons is reserving one fellowship to sustainability
studies of community networks in partnership with the Tor Project!
We welcome Fellowship applications on the sustainability of the Tor
network with a focus on energy consumption and relay metadata (such as
ASN, uptime, and platform). The goal of the partnership between
SEEKCommons and Tor is to study the environmental impact of community
networks and promote the use of renewable energy in decentralized
infrastructures.
We would like to support applications that address one (or more) of these questions:
- What Free and Open Source technologies can be used to promote a more
sustainable and distributed Tor infrastructure?
- How can the energy consumption of the Tor network be measured and
optimized to reduce its environmental impact?
- How can the "Tor Snowflake" decentralized proxy model be used to
improve the sustainability of the network?
- How can we use metadata from relays (e.g., ASN / uptime / platform)
to assess the environmental impact of the network?
- What open hardware and renewable energy sources could be used/reused
in the Tor network?
More information: https://seekcommons.org/partnership-tor.html
If you have any questions, please don't hesitate to reach out.
Thank you so much!
Warmly,
Gus
[1] https://seekcommons.org/about.html
--
The Tor Project
Community Team Lead
Hello everyone,
Last month, our user support team worked on an unprecedented number of tickets
mostly due to the evolving Tor censorship in Russia[0] (big shoutout to @nina
and read her report[1] for more details!)
With 4 Tor Browser releases in last month, I worked on a number of Tor Browser
related user support tickets - from general questions about downloading,
installing, updating and troubleshooting to bug reports.
With the year-end campaign into it's second month, I also worked on related support
tickets, answering questions about Tor Browser. Topics included downloading, installing,
using the browser it's various privacy enhancing features and questions about
the Tor network in general.
I wrote and updated user documentation on the Tor Browser User manual[2] and some of the
articles and templates that we use on our various support channels.
Here's a more detailed breakdown of the tickets our user support team worked
on last month:
# Frontdesk (email user support channel)
* 614(↓) RT tickets created
* 558(↓) RT tickets resolved
Tickets by topics and numbers:
1. 226(↑) RT tickets: circumventing censorship in Russian speaking countries.
2. 213(↓) RT tickets: private bridge requests from Chinese speaking users.
3. 14(↓) RT tickets: help with Troubleshooting Tor Browser desktop on Windows, macOS
and Linux.
4. 6(↑) RT tickets: Tor Browser 14 crashing on macOS when visiting some
onionsites. (The bug is resolved with Tor Browser 14.0.2)
5. 5 RT tickets: WebTunnel bridges campaign.[3]
6. 4(↑) RT tickets: circumventing censorship with Tor in Farsi.
7. 4(↑) RT tickets: reports of a website blocking Tor traffic.
8. 3(-) RT tickets: Instructions to download Tor Browser 13.5 legacy for
legacy operating systems.
9. 3 RT tickets: Instructions on how to download and install Tor Browser.
10. 3 RT tickets: help with Troubleshooting Tor Browser on Android.
11. 2(↓) RT tickets: configuring Orbot to use bridges.
12. 2(↑) RT tickets: reports of a fake apps on iOS masquerading as official Tor Browser.
13. 2 RT tickets: include uBlock Origin with Tor Browser.[4]
14. 2 RT tickets: fingerprintability of Smooth Scroll in Tor Browser.[5]
15. Letterboxing is visible even if disabled when using Tor Browser
on Tiled window managers.[6]
16. One report of Tor Browser getting flagged by anti-virus software.
17. Static captcha when fetching bridges from within Tor Browser.[7]
18. What does "onionize" toggle in the search bar on about:tor do?
19. Tor circuit display on Tor Browser for Android.[8]
20. User trying to reach a v2 onion service. v2 onion services have been deprecated.
21. Question about using WebTunnel bridges with Tails. (This is not yet supported) [9]
22. Warning prompt to disable NoScript on resource-heavy websites on Tor Browser Desktop.[10]
# Telegram, WhatsApp and Signal Support channel
* 1548(↑) tickets resolved
Breakdown:
* 1532(↑) tickets on Telegram
* 16(↓) tickets on WhatsApp
* 0(-) ticket on Signal
Tickets by topics and numbers:
1. 1201(↑) tickets: circumventing censorship in Russian speaking
countries.
2. 42(↑) tickets: private bridge requests from Chinese
speaking users.
3. 26(↑) tickets: circumventing censorship with Tor in Farsi.
4. 18(↓) tickets: helping users on iOS, using Onion Browser or
Orbot, to use censorship circumvention methods.
5. 13(↑) tickets: Tor Browser 14 crashing on macOS when visiting some onionsites.
6. 13(↑) tickets: instructions on how to get Tor Browser binaries from GetTor.
7. 9(↑) tickets: help with instructions to use bridges with Tails.
8. 7(↓) tickets: help with troubleshooting Tor Browser on Android.
9. 4(-) tickets: help with using bridges with Orbot.
10. 4(↑) tickets: instructions to download Tor Browser 13.5 legacy for legacy
operating systems.[11]
11. 3(↑) tickets: help with using bridges and snowflake with little-t-tor.
12. 3(↑) tickets: help with instructions to verify Tor Browser signature with GPG.
13. 2(↓) tickets: help with troubleshooting Tor Browser Desktop
on Windows, macOS and Linux.
14. 2(↓) tickets: help with installing Tor Browser on linux.
15. 2(↓) tickets: users seeing a "proxy refused" error when visiting websites on
Tor Browser for Android using Samsung devices.[12]
16. 2(↑) tickets: reports of a fake apps on iOS masquerading as official Tor Browser.
17. 1 ticket: questions about accessing or setting up onion services.
18. 1 ticket: help with setting up Snowflake proxy.
# Discussions from the Tor Forum
1. Tor Expert Bundle on legacy Windows.[13]
2. Tor Browser Desktop and browser fingerprinting.[14]
3. Privacy benefits of running an Onion Service.[15]
Note: (↑), (↓) and (-) are indicating if the number of tickets we
received for these topics have been increasing, decreasing or have been
the same from the previous month respectively.
Thanks everyone!
e.
[0]: https://gitlab.torproject.org/tpo/anti-censorship/censorship-analysis/-/iss…
[1]: https://lists.torproject.org/mailman3/hyperkitty/list/tor-project@lists.tor…
[2]: https://gitlab.torproject.org/tpo/web/manual/-/commits/main?author=ebanam
[3]: https://blog.torproject.org/call-for-webtunnel-bridges/
[4]: https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/17569
[5]: https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/40704
[6]: https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/42670
[7]: https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/42086
[8]: https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/41234
[9]: https://gitlab.tails.boum.org/tails/tails/-/issues/20267
[10]: https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/43286
[11]: https://forum.torproject.org/t/download-tor-browser-13-5-legacy-on-windows-…
[12]: https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/42714
[13]: https://forum.torproject.org/t/0-4-8-13-tor-expert-bundle-doesnt-work-on-wi…
[14]: https://forum.torproject.org/t/what-information-about-the-computer-on-which…
[15]: https://forum.torproject.org/t/is-onion-site-any-better-if-a-site-also-prov…