- tor-project - lists.torproject.org

Anti-censorship team meeting notes, 2025-05-29
by Shelikhoo 29 May '25

29 May '25

Hey everyone! Here are our meeting logs: http://meetbot.debian.net/tor-meeting/2025/tor-meeting.2025-05-29-16.03.html And our meeting pad: Anti-censorship work meeting pad -------------------------------- Anti-censorship -------------------------------- Next meeting: Thursday, June 5 16:00 UTC Facilitator: meskio ^^^(See Facilitator Queue at tail) Weekly meetings, every Thursday at 16:00 UTC, in #tor-meeting at OFTC (channel is logged while meetings are in progress) This week's Facilitator: shelikhoo == Goal of this meeting == Weekly check-in about the status of anti-censorship work at Tor. Coordinate collaboration between people/teams on anti-censorship at the Tor Project and Tor community. == Links to Useful documents == * Our anti-censorship roadmap: * Roadmap:https://gitlab.torproject.org/groups/tpo/anti-censorship/-/boards * The anti-censorship team's wiki page: * https://gitlab.torproject.org/tpo/anti-censorship/team/-/wikis/home * Past meeting notes can be found at: * https://lists.torproject.org/pipermail/tor-project/ * Tickets that need reviews: from projects, we are working on: * All needs review tickets: * https://gitlab.torproject.org/groups/tpo/anti-censorship/-/merge_requests?s… * Project 158 <-- meskio working on it * https://gitlab.torproject.org/groups/tpo/anti-censorship/-/issues/?label_na… == Announcements == * == Discussion == * Happy Families https://blog.torproject.org/happy-families/ * does not solve the fundamental bridges + exits issue * there are 2 things going on * 1. Families currently ask operators to disclose the fingerprints of their other relays, that is solved by happy families * https://gitlab.torproject.org/tpo/core/tor/-/blob/36cd4a50fc9d861c6c35a0f6d… * 2. The other problem is how circuit selection works * https://gitlab.torproject.org/tpo/core/tor/-/issues/40935#note_3090023 * Tor picks exit relays first, and then picks a guard * With bridges like snowflake, conjure, and meek (i.e. publicly known bridges, where the concern about leaking fingerprints in MyFamily doesn't even apply), the client is very restricted in which entry point it can select * we have one conjure bridge and effectively one meek bridge * even though we have more than one snowflake bridge, the tor source code currently ignores family restrictions for bridges * This is a proposal for relaxed restrictions that has more recent thinking on threat models * https://spec.torproject.org/proposals/354-relaxed-restrictions.html * argues for why families and subject restrictions should not apply to circuits with bridges == Actions == == Interesting links == * == Reading group == * We will discuss "" on * Questions to ask and goals to have: * What aspects of the paper are questionable? * Are there immediate actions we can take based on this work? * Are there long-term actions we can take based on this work? * Is there future work that we want to call out in hopes that others will pick it up? == Updates == Name: This week: - What you worked on this week. Next week: - What you are planning to work on next week. Help with: - Something you need help with. cecylia (cohosh): 2025-05-29 Last week: - added documentation for new snowflake timeout metric - reviewed Conjure staleness check (conjure!45) - wrote a draft call for a Conjure bridge operator (conjure#46) - worked on removing mutexes from Snowflake broker metrics (snowflake#40458) - tested and wrote feedback on unreliable transport mode (snowflake!315) This week: - support conjure work - finish testing and give feedback on unreliable transport mode for snowflake - follow up on snowflake rendezvous failures - reduce/remove use of mutexes for broker metrics (snowflake#40458) - take a look at potential snowflake orbot bug - https://github.com/guardianproject/orbot-android/issues/1183 dcf: 2025-05-29 Last week: - opined some more on a FEP design https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/lyre… Next week: - open issue to have snowflake-client log whenever KCPInErrors is nonzero https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… - parent: https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… Help with: meskio: 2024-05-29 Last week: - test email service on the staging server (rdsys#219) - review and coordinate grants Next week: - steps towards a rdsys in containers (rdsys#219) - investigate why we don't distribute webtunnel bridges over https some days (rdsys#262) Shelikhoo: 2024-05-29 Last Week: - [Testing] Unreliable+unordered WebRTC data channel transport for Snowflake rev2 (cont.)( https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… ) testing environment setup/research - Snowfalke Staging Server Experiment - Support the Testing of domain fronting sites ( https://gitlab.torproject.org/tpo/anti-censorship/connectivity-measurement/… ) (cont.) - [Merge Request] Add Domain Fronting Testing Support to logcollector ( https://gitlab.torproject.org/tpo/anti-censorship/connectivity-measurement/… ) - Merge request reviews Next Week/TODO: - Merge request reviews (Away until June 10) onyinyang: 2025-05-29 Last week(s): - Attempted to get conjure DNS registrar working - encountering errors for both conjure and gotapdance cli with DNS registrar https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/conj… - hoping for an update: https://github.com/refraction-networking/conjure/issues/293 - Completed staleness check for conjure bufferedconn https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/conj… - phantombox improvement Next week: - Continue improvements for phantombox testing environment - Test DNS/Decoy registrar in phantombox Switch back to some of these: As time allows: - review Tor browser Lox integration https://gitlab.torproject.org/tpo/applications/tor-browser/-/merge_requests… - add TTL cache to lox MR for duplicate responses: https://gitlab.torproject.org/tpo/anti-censorship/lox/-/merge_requests/305 - Work on outstanding milestone issues: - key rotation automation Later: pending decision on abandoning lox wasm in favour of some kind of FFI? https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/43096) - add pref to handle timing for pubkey checks in Tor browser - add trusted invitation logic to tor browser integration: https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/42974 - improve metrics collection/think about how to show Lox is working/valuable - sketch out Lox blog post/usage notes for forum (long term things were discussed at the meeting!): - brainstorming grouping strategies for Lox buckets (of bridges) and gathering context on how types of bridges are distributed/use in practice Question: What makes a bridge usable for a given user, and how can we encode that to best ensure we're getting the most appropriate resources to people? 1. Are there some obvious grouping strategies that we can already consider? e.g., by PT, by bandwidth (lower bandwidth bridges sacrificed to open-invitation buckets?), by locale (to be matched with a requesting user's geoip or something?) 2. Does it make sense to group 3 bridges/bucket, so trusted users have access to 3 bridges (and untrusted users have access to 1)? More? Less? theodorsm: 2025-04-10 Last weeks: - fixing bugs in covert-dtls, only mimic DTLS 1.2 - Running proxy with covert-dtls - MR covert-dtls: https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… Next weeks: - Write instructions on how to configure covert-dtls with snowflake client (are we going to run a user test?) - Fix merge conflicts in MR (https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow…) - Condensing thesis into paper Help with: - Test stability of covert-dtls in snowflake Facilitator Queue: onyinyang meskio shelikhoo 1. First available staff in the Facilitator Queue will be the facilitator for the meeting 2. After facilitating the meeting, the facilitator will be moved to the tail of the queue

1 0

cve monthly status report -- May 2025
by Clara Engler 28 May '25

28 May '25

Hello tor-project@, the following contains the work I have done for The Tor Project, Inc. in May 2025. # Migration to Payroll Provider Starting on the 2nd of June, I will no longer be a contractor and instead be an employee. This also means that this will be the last status report of its kind from me, as it is a contractor thing. Besides this, nothing much will change though. I will continue to work for The Tor Project, Inc., only the way on how I get my salary will change. # oniux This month, the comms team and I wrote a blog post introducing oniux[1], which was well received across the internet. So far, it already made it into several distributions and the overall feedback has been very positive. Besides this, we released v0.4.0 and v0.5.0 of oniux, with v0.4.0 introducing a large change, namely implementing oniux in a capability free fashion by utilizing the concept of `user_namespaces(7)`. The v0.5.0 mostly contained bug fixes for some paper cuts that became evident after users reported them the moment the blog post became viral. # onionmasq This month, I finally merged a new integration test suite into onionmasq, which is no longer as flaky as it once was. Primarily, this change is of rather internal nature and probably not very interesting to users of the application. More interestingly however, I fixed a bug where onionmasq leaked resources on mobile devices, namely ticket #141. As always, I also performed various general maintainer tasks, such as fixing CI warnings and updating dependencies. # arti dircache Most of my work this month went into the technical design of the directory cache that will soon be implemented in arti. I did this with the help of Diziet and so far the progress is going great. Looking forward to start writing actual code very soon, as the database schema is more or less finished. Besides, this work also resulted in some changes within the specification, as reading them revealed some ambiguities which have been addressed appropriately. Thank You Clara [1]: https://blog.torproject.org/introducing-oniux-tor-isolation-using-linux-nam…

1 0

2nd batch of upgrades to Debian Trixie sarting on June 2nd
by Zen Fu 26 May '25

26 May '25

Hello, dear Tor folks! TPA plans to start the 2nd batch of system upgrades to Debian Trixie on June 2nd 2025, also known as "next week". This is the corresponding issue: https://gitlab.torproject.org/tpo/tpa/team/-/issues/42070 The 2nd batch is about systems with "moderate complexity", so we expect that each one may need more attention and take a bit longer than systems in the 1st batch. We're not sure about how long the whole batch will take, so please expect system reboots during the next weeks and kindly notify us if you detect that something is not right for a system that already has its checkbox marked. We will do the TPA machines first, and the Tails machines are scheduled a week later, but could be postponed further depnding on how things go. For your convenience, below there's a list of systems that will be upgraded in this batch. Thanks! ----------8<---------- 39 TPA machines: - anonticket-01.torproject.org - backup-storage-01.torproject.org - bacula-director-01.torproject.org - btcpayserver-02.torproject.org - bungei.torproject.org - carinatum.torproject.org - check-01.torproject.org - ci-runner-x86-02.torproject.org - ci-runner-x86-03.torproject.org - colchicifolium.torproject.org - collector-02.torproject.org - crm-int-01.torproject.org (blocked by #42169) - dangerzone-01.torproject.org - donate-01.torproject.org - donate-review-01.torproject.org - forum-01.torproject.org - gitlab-02.torproject.org (blocked by #42169) - henryi.torproject.org - materculae.torproject.org - meronense.torproject.org - metricsdb-02.torproject.org - metrics-store-01.torproject.org - onionbalance-02.torproject.org - onionoo-backend-03.torproject.org - polyanthum.torproject.org - probetelemetry-01.torproject.org - rdsys-frontend-01.torproject.org (blocked by #42169) - rdsys-test-01.torproject.org (blocked by #42169) - relay-01.torproject.org - rude.torproject.org (blocked by #42169) - survey-01.torproject.org - tbb-nightlies-master.torproject.org - tb-build-02.torproject.org - tb-build-03.torproject.org - tb-build-06.torproject.org - tb-pkgstage-01.torproject.org - tb-tester-01.torproject.org - telegram-bot-01.torproject.org - weather-01.torproject.org 17 tails servers: - apt-proxy.lizard - apt.lizard - bitcoin.lizard - bittorrent.lizard - bridge.lizard - dns.lizard - dragon.tails.net - gitlab-runner.iguana - iguana.tails.net - lizard.tails.net - mail.lizard - misc.lizard - puppet-git.lizard - rsync.lizard - teels.tails.net - whisperback.lizard - www.lizard -- Zen Fu

1 0

Anti-censorship team meeting notes, 2025-05-22
by onyinyang 22 May '25

22 May '25

Hey everyone! Here are our meeting logs: http://meetbot.debian.net/tor-meeting/2025/tor-meeting.2025-05-22-16.00.html And our meeting pad: Anti-censorship work meeting pad -------------------------------- Anti-censorship -------------------------------- Next meeting: Thursday, May 29 16:00 UTC Facilitator: meskio ^^^(See Facilitator Queue at tail) Weekly meetings, every Thursday at 16:00 UTC, in #tor-meeting at OFTC (channel is logged while meetings are in progress) This week's Facilitator: onyinyang == Goal of this meeting == Weekly check-in about the status of anti-censorship work at Tor. Coordinate collaboration between people/teams on anti-censorship at the Tor Project and Tor community. == Links to Useful documents == * Our anti-censorship roadmap: * Roadmap:https://gitlab.torproject.org/groups/tpo/anti-censorship/-/boards * The anti-censorship team's wiki page: * https://gitlab.torproject.org/tpo/anti-censorship/team/-/wikis/home * Past meeting notes can be found at: * https://lists.torproject.org/pipermail/tor-project/ * Tickets that need reviews: from projects, we are working on: * All needs review tickets: * https://gitlab.torproject.org/groups/tpo/anti-censorship/-/merge_requests?s… * Project 158 <-- meskio working on it * https://gitlab.torproject.org/groups/tpo/anti-censorship/-/issues/?label_na… == Announcements == * == Discussion == == Actions == == Interesting links == * https://www.financeuncovered.org/stories/british-norwegian-and-danish-gover… * Myanmar ISP Frontiir installed blocking equipment made by Chinese company Geedge Networks. * https://github.com/net4people/bbs/issues/369#issuecomment-2899187182 * https://blog.torproject.org/happy-families/ * happy families should allow bridges to be part of a family, so operators can run bridges and exit nodes == Reading group == * We will discuss "" on * Questions to ask and goals to have: * What aspects of the paper are questionable? * Are there immediate actions we can take based on this work? * Are there long-term actions we can take based on this work? * Is there future work that we want to call out in hopes that others will pick it up? == Updates == Name: This week: - What you worked on this week. Next week: - What you are planning to work on next week. Help with: - Something you need help with. cecylia (cohosh): 2025-05-15 Last week: - submitted conjure station MR to get CDN77 domain fronting working - https://github.com/refraction-networking/conjure/pull/291 - did some pair debugging - read up on the snowflake staging environment - https://gitlab.torproject.org/shelikhoo/snowflakestaging/-/issues/1 - started testing unreliable transport mode for snowflake - https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… - resumed work on snowflake metrics improvements - https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… This week: - support conjure work - finish testing and give feedback on unreliable transport mode for snowflake - follow up on snowflake rendezvous failures - reduce/remove use of mutexes for broker metrics (snowflake#40458) - take a look at potential snowflake orbot bug - https://github.com/guardianproject/orbot-android/issues/1183 dcf: 2025-05-22 Last week: Next week: - open issue to have snowflake-client log whenever KCPInErrors is nonzero https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… - parent: https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… Help with: meskio: 2024-05-22 Last week: - get a test authority and bridges working for the rdsys staging (rdsys#219) - review and coordinate grants Next week: - steps towards a rdsys in containers (rdsys#219) - investigate why we don't distribute webtunnel bridges over https some days (rdsys#262) Shelikhoo: 2024-05-22 Last Week: - [Testing] Unreliable+unordered WebRTC data channel transport for Snowflake rev2 (cont.)( https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… ) testing environment setup/research - Snowfalke Staging Server Experiment - Support the Testing of domain fronting sites ( https://gitlab.torproject.org/tpo/anti-censorship/connectivity-measurement/… ) (cont.) - Merge request reviews Next Week/TODO: - Merge request reviews - [Testing] Unreliable+unordered WebRTC data channel transport for Snowflake rev2 (cont.)( https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… ) improvements - Support the Testing of domain fronting sites ( https://gitlab.torproject.org/tpo/anti-censorship/connectivity-measurement/… ) (cont.) - Snowfalke Staging Server Experiment(Almost Done ^~^) onyinyang: 2025-05-22 Last week(s): - Attempted to get conjure DNS registrar working - encountering errors for both conjure and gotapdance cli with DNS registrar https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/conj… - Implemented staleness check for conjure bufferedconn https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/conj… Next week: - Improve phantombox testing environment - Continue testing DNS/Decoy registrar in phantombox As time allows: - review Tor browser Lox integration https://gitlab.torproject.org/tpo/applications/tor-browser/-/merge_requests… - add TTL cache to lox MR for duplicate responses: https://gitlab.torproject.org/tpo/anti-censorship/lox/-/merge_requests/305 - Work on outstanding milestone issues: - key rotation automation Later: pending decision on abandoning lox wasm in favour of some kind of FFI? https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/43096) - add pref to handle timing for pubkey checks in Tor browser - add trusted invitation logic to tor browser integration: https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/42974 - improve metrics collection/think about how to show Lox is working/valuable - sketch out Lox blog post/usage notes for forum (long term things were discussed at the meeting!): - brainstorming grouping strategies for Lox buckets (of bridges) and gathering context on how types of bridges are distributed/use in practice Question: What makes a bridge usable for a given user, and how can we encode that to best ensure we're getting the most appropriate resources to people? 1. Are there some obvious grouping strategies that we can already consider? e.g., by PT, by bandwidth (lower bandwidth bridges sacrificed to open-invitation buckets?), by locale (to be matched with a requesting user's geoip or something?) 2. Does it make sense to group 3 bridges/bucket, so trusted users have access to 3 bridges (and untrusted users have access to 1)? More? Less? theodorsm: 2025-04-10 Last weeks: - fixing bugs in covert-dtls, only mimic DTLS 1.2 - Running proxy with covert-dtls - MR covert-dtls: https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… Next weeks: - Write instructions on how to configure covert-dtls with snowflake client (are we going to run a user test?) - Fix merge conflicts in MR (https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow…) - Condensing thesis into paper Help with: - Test stability of covert-dtls in snowflake Facilitator Queue: onyinyang meskio shelikhoo 1. First available staff in the Facilitator Queue will be the facilitator for the meeting 2. After facilitating the meeting, the facilitator will be moved to the tail of the queue -- --- onyinyang GPG Fingerprint 3CC3 F8CC E9D0 A92F A108 38EF 156A 6435 430C 2036

1 0

Applications Team IRC meeting cancelled until June 9th
by Morgan 19 May '25

19 May '25

Hi everyone, The apps team has a series of conflicts over the next few weeks, so the next regularly scheduled irc meeting will be on Monday June 19th at 1600 UTC as usual. best, -morgan

1 0

Anti-censorship team meeting notes, 2025-05-15
by Shelikhoo 15 May '25

15 May '25

Hey everyone! Here are our meeting logs: http://meetbot.debian.net/tor-meeting/2025/tor-meeting.2025-05-15-15.59.html And our meeting pad: Anti-censorship work meeting pad -------------------------------- Anti-censorship -------------------------------- Next meeting: Thursday, May 22 16:00 UTC Facilitator: onyinyang ^^^(See Facilitator Queue at tail) Weekly meetings, every Thursday at 16:00 UTC, in #tor-meeting at OFTC (channel is logged while meetings are in progress) This week's Facilitator: shelikhoo == Goal of this meeting == Weekly check-in about the status of anti-censorship work at Tor. Coordinate collaboration between people/teams on anti-censorship at the Tor Project and Tor community. == Links to Useful documents == * Our anti-censorship roadmap: * Roadmap:https://gitlab.torproject.org/groups/tpo/anti-censorship/-/boards * The anti-censorship team's wiki page: * https://gitlab.torproject.org/tpo/anti-censorship/team/-/wikis/home * Past meeting notes can be found at: * https://lists.torproject.org/pipermail/tor-project/ * Tickets that need reviews: from projects, we are working on: * All needs review tickets: * https://gitlab.torproject.org/groups/tpo/anti-censorship/-/merge_requests?s… * Project 158 <-- meskio working on it * https://gitlab.torproject.org/groups/tpo/anti-censorship/-/issues/?label_na… == Announcements == * == Discussion == * Testing plans for unreliable transport mode for snowflake * Requires a complex testing setup that asks for some study * k3s or kubernetes based * The testing setup is meant to be reusable beyond testing for the unreliable transport mode * It is not needed to understand the stanging environment just to deploy new branches * Use for automated deployment? It's not set up for that now, but could be. == Actions == == Interesting links == == Reading group == * We will discuss "" on * Questions to ask and goals to have: * What aspects of the paper are questionable? * Are there immediate actions we can take based on this work? * Are there long-term actions we can take based on this work? * Is there future work that we want to call out in hopes that others will pick it up? == Updates == Name: This week: - What you worked on this week. Next week: - What you are planning to work on next week. Help with: - Something you need help with. cecylia (cohosh): 2025-05-15 Last week: - submitted conjure station MR to get CDN77 domain fronting working - https://github.com/refraction-networking/conjure/pull/291 - did some pair debugging - read up on the snowflake staging environment - https://gitlab.torproject.org/shelikhoo/snowflakestaging/-/issues/1 - started testing unreliable transport mode for snowflake - https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… - resumed work on snowflake metrics improvements - https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… This week: - support conjure work - finish testing and give feedback on unreliable transport mode for snowflake - follow up on snowflake rendezvous failures - reduce/remove use of mutexes for broker metrics (snowflake#40458) - take a look at potential snowflake orbot bug - https://github.com/guardianproject/orbot-android/issues/1183 dcf: 2025-05-15 Last week: - opened issue for missing documentation for client-snowflake-timeout-count in snowflake broker-spec.txt https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… - commented more on @luiz proposal for an updated FEP pluggable transport https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/lyre… Next week: - open issue to have snowflake-client log whenever KCPInErrors is nonzero https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… - parent: https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… Help with: meskio: 2024-05-15 Last week: - learn about podman quadlets and try to make them work for rdsys (rdsys#219) - investigate (and fail to find) why some users in russia can't reach moat/circumvention settings (rdsys#264) Next week: - steps towards a rdsys in containers (rdsys#219) - investigate why we don't distribute webtunnel bridges over https some days (rdsys#262) Shelikhoo: 2024-05-15 Last Week: - [Testing] Unreliable+unordered WebRTC data channel transport for Snowflake rev2 (cont.)( https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… ) testing environment setup/research - Snowfalke Staging Server Experiment - Support the Testing of domain fronting sites ( https://gitlab.torproject.org/tpo/anti-censorship/connectivity-measurement/… ) - Merge request reviews Next Week/TODO: - Merge request reviews - [Testing] Unreliable+unordered WebRTC data channel transport for Snowflake rev2 (cont.)( https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… ) improvements - Support the Testing of domain fronting sites ( https://gitlab.torproject.org/tpo/anti-censorship/connectivity-measurement/… ) (cont.) - Snowfalke Staging Server Experiment(Almost Done ^~^) onyinyang: 2025-05-15 Last week(s): - Attempted to get gotapdance decoy routing working - decoy routing may be a less viable solution than we expected, waiting for more info from UC Boulder folks - Working on more straightforward improvements to bufferedconn for the time being Next week: - Continue on bufferedconn improvements and other conjure reliability improvments for Objective 2: https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/conj… As time allows: - review Tor browser Lox integration https://gitlab.torproject.org/tpo/applications/tor-browser/-/merge_requests… - add TTL cache to lox MR for duplicate responses: https://gitlab.torproject.org/tpo/anti-censorship/lox/-/merge_requests/305 - Work on outstanding milestone issues: - key rotation automation Later: pending decision on abandoning lox wasm in favour of some kind of FFI? https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/43096) - add pref to handle timing for pubkey checks in Tor browser - add trusted invitation logic to tor browser integration: https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/42974 - improve metrics collection/think about how to show Lox is working/valuable - sketch out Lox blog post/usage notes for forum (long term things were discussed at the meeting!): - brainstorming grouping strategies for Lox buckets (of bridges) and gathering context on how types of bridges are distributed/use in practice Question: What makes a bridge usable for a given user, and how can we encode that to best ensure we're getting the most appropriate resources to people? 1. Are there some obvious grouping strategies that we can already consider? e.g., by PT, by bandwidth (lower bandwidth bridges sacrificed to open-invitation buckets?), by locale (to be matched with a requesting user's geoip or something?) 2. Does it make sense to group 3 bridges/bucket, so trusted users have access to 3 bridges (and untrusted users have access to 1)? More? Less? theodorsm: 2025-04-10 Last weeks: - fixing bugs in covert-dtls, only mimic DTLS 1.2 - Running proxy with covert-dtls - MR covert-dtls: https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… Next weeks: - Write instructions on how to configure covert-dtls with snowflake client (are we going to run a user test?) - Fix merge conflicts in MR (https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow…) - Condensing thesis into paper Help with: - Test stability of covert-dtls in snowflake Facilitator Queue: onyinyang meskio shelikhoo 1. First available staff in the Facilitator Queue will be the facilitator for the meeting 2. After facilitating the meeting, the facilitator will be moved to the tail of the queue

1 0

Are there countries where using Tor is illegal?
by Cristian Consonni 11 May '25

11 May '25

Hi, (Sorry if this question has already been asked in the past, feel free to point me to the relevant resources.) I know that the legal FAQs by the EFF state that: «we believe that running a Tor relay — including an exit relay that allows people to anonymously send and receive traffic — is legal under U.S. law.»[1] I also know there is a list of countries for which there is legislation that exclude communication service providers from liability. They are indicated in the Legal of the Tor Exit Guidelines page[2], they are USA, Germany, Netherlands, Austria, France, and Sweden. >From some articles in the press[3a][3b] it may be illegal - depending on how you interpret the wording[*] - to use Tor (and other technologies such as VPNs or proxies) in the UAE, with fines ranging in the millions of dirhams (hundreds of thousand of dollars). A couple of weeks ago it was discussed - on this list as well - that a law was introduced to the state parliament to ban Tor[4a][4b]. This follows a case of some months ago of a Russian Tor exit node operator being arrested for inciting mass riots and terrorism[4c][4d]. The idea of blocking VPNs or Tor seems to have already been considered in the past[4e]. This infographic about pluggable transports[5] suggests access to the Tor network is censored or limited in China, Uzbekistan, Iran, and Kazakhstan. Tor being censored orblocked may be different from it being illegal. What about other countries? Is there a place where I can find more about this topic? Cristian [1]: https://www.torproject.org/eff/tor-legal-faq.html.en [2]: https://trac.torproject.org/projects/tor/wiki/doc/TorExitGuidelines [3a]: http://www.emirates247.com/news/emirates/dh500-000-fine-if-you-use-fraud-ip… [3b]: http://news.softpedia.com/news/people-caught-using-vpns-tor-or-proxies-in-t… [*]: «Whoever uses a fraudulent computer network protocol address (IP address) by using a false address or a third-party address by any other means for the purpose of committing a crime or preventing its discovery» [4a]: https://lists.torproject.org/pipermail/tor-talk/2017-June/043293.html [4b]: https://trac.torproject.org/projects/tor/ticket/22055 [4c]: https://lists.torproject.org/pipermail/tor-talk/2017-April/043109.html [4d]: https://techcrunch.com/2017/04/24/dmitry-bogatov-tor-russia/ [4e]; https://torrentfreak.com/vpn-and-tor-ban-looming-on-the-horizon-for-russia-… [5]: https://www.torproject.org/images/PT/2016-07-how-to-use-PT.png

4 3

TPA-RFC-87: container image lifecycle
by Antoine Beaupré 08 May '25

08 May '25

--- affected users: container registry users deadline: 2025-05-08 (3 weeks) status: proposed discussion: https://gitlab.torproject.org/tpo/tpa/base-images/-/issues/24 --- Summary: TPA container images will follow upstream OS support schedules Table of contents: - Proposal - Debian images - Ubuntu images - Alternatives considered - Different schedules according to image type - Upgrades in lockstep with our major upgrades - Upgrade completes before EOL - Upgrade completes after EOL - References # Proposal Container image versions published by TPA as part of the `base-images` repository will be supported following upstream (Debian and Ubuntu) support policies, including "LTS" releases. In other words, we will *not* retire the images in lockstep with the normal "major release" upgrade policy, which typically starts the upgrade during the freeze and aims to retire the previous release within a year. This is to give our users a fallback if they have trouble with the major upgrades, and to simplify our upgrade policy. This implies supporting 4 or 5 Debian build per image, per architecture, depending on how long upstream live, including testing and unstable. We can make exceptions in case our major upgrades take an extremely long time (say, past the LTS EOL date), but we *strongly* encourage all container image users to regularly follow the latest "stable" release (if not "testing") to keep their things up to date, regardless of TPA's major upgrades schedules. Before image retirements, we'll send an announcement, typically about a year in advance (when the new stable is released, which is typically a year before the previous LTS drops out of support) and a month before the actual retirement. ## Debian images Those are the Debian images currently supported and their scheduled retirement date. | codename | version | end of support | |------------|---------|----------------| | `bullseye` | 11 | 2026-08-31 | | `bookworm` | 12 | 2028-06-30 | | `trixie` | 13 | likely 2030 | | `sid` | N/A | N/A | Note that `bullseye` was actually retired already, before this proposal was adopted ([tpo/tpa/base-images#19][]). [tpo/tpa/base-images#19]: https://gitlab.torproject.org/tpo/tpa/base-images/-/issues/19 ## Ubuntu images Ubuntu releases are tracked separately, as we do not actually perform Ubuntu major upgrades. So we currently have those images: | codename | version | end of support | |------------|-----------|----------------| | `focal` | 20.04 LTS | 2025-05-29 | | `jammy` | 22.04 LTS | 2027-06-01 | | `noble` | 24.04 LTS | 2029-05-31 | | `oracular` | 24.10 | 2025-07 | Concretely, it means we're supporting a relatively constant number (4) of upstream releases. Note that we do not currently build other images on top of Ubuntu images, and would discourage such an approach, as Ubuntu is typically not supported by TPA, except to build third-party software (in this case, "C" Tor). # Alternatives considered Those approaches were discussed but ultimately discarded. ## Different schedules according to image type We've also considered having different schedules for different image types, for example having only "stable" for some less common images. This, however, would be confusing for users: they would need to *guess* what exactly we consider to be a "common" image. This implies we build more images than we might truly need (e.g. who really needs the `redis-server` image from `testing` *and* `unstable`?) but this seems like a small cost to pay for the tradeoff. We currently do not feel the number of built images is a problem in our pipelines. ## Upgrades in lockstep with our major upgrades We've also considered retiring container images in lockstep with the major OS upgrades as performed by TPA. For Debian, this would have *not* include LTS releases, unless our upgrades are delayed. For Ubuntu, it includes LTS releases and supported rolling releases. For Debian, it meant we generally supported 3 releases (including testing and unstable), except during the upgrade, when we support 4 versions of the container images for however long it takes to complete the upgrade after the stable release. This was confusing, as the lifetime of an image depended upon the speed at which major upgrades were performed. Those are highly variable, as they depend on the team's workload and the difficulties encountered (or not) during the procedure. It could mean that support for a container image would abruptly be dropped if the major upgrade crossed the LTS boundary, although this is also a problem with the current proposal, alleviated by pre-retirement announcements. ### Upgrade completes before EOL In this case, we complete the Debian 13 upgrade before the EOL: - 2025-04-01: Debian 13 upgrade starts, 12 and 13 images supported - 2025-06-10: Debian 13 released, Debian 14 becomes `testing`, 12, 13 and 14 images supported - 2026-02-15: Debian 13 upgrade completes - 2026-06-10: Debian 12 becomes LTS, 12 support dropped, 13 and 14 supported In this case, "oldstable" images (Debian 12) images are supported 4 months after the major upgrade completion, and 14 months after the upgrades start. ### Upgrade completes after EOL In this case, we complete the Debian 13 upgrade after the EOL: - 2025-04-01: Debian 13 upgrade starts, 12 and 13 images supported - 2025-06-10: Debian 13 released, Debian 14 becomes `testing`, 12, 13 and 14 images supported - 2026-06-10: Debian 12 becomes LTS, 12, 13 and 14 supported - 2027-02-15: Debian 13 upgrade completes, Debian 12 images support dropped, 13 and 14 supported - 2028-06-30: Debian 12 LTS support dropped upstream In this case, "oldstable" (Debian 12) images are supported zero months after the major upgrades completes, and 22 months after the upgrade started. # References - [discussion issue][] - [Debian release support schedule][] - [Ubuntu][] and [Debian][] release timelines at Wikipedia - [Debian major upgrades progress and history][] [discussion issue]: https://gitlab.torproject.org/tpo/tpa/base-images/-/issues/24 [Debian major upgrades progress and history]: https://gitlab.torproject.org/tpo/tpa/team/-/wikis/howto/upgrades#all-time-… [Debian]: https://en.wikipedia.org/wiki/Debian_version_history#Release_table [Ubuntu]: https://en.wikipedia.org/wiki/Ubuntu_version_history#Table_of_versions [Debian release support schedule]: https://www.debian.org/releases/ -- Antoine Beaupré torproject.org system administration

1 1

Anti-censorship team meeting notes, 2025-05-08
by meskio 08 May '25

08 May '25

Hey everyone! Here are our meeting logs: http://meetbot.debian.net/tor-meeting/2025/tor-meeting.2025-05-08-16.00.html And our meeting pad: Anti-censorship -------------------------------- Next meeting: Thursday, May 15 16:00 UTC Facilitator: shelikhoo ^^^(See Facilitator Queue at tail) Weekly meetings, every Thursday at 16:00 UTC, in #tor-meeting at OFTC (channel is logged while meetings are in progress) This week's Facilitator: meskio == Goal of this meeting == Weekly check-in about the status of anti-censorship work at Tor. Coordinate collaboration between people/teams on anti-censorship at the Tor Project and Tor community. == Links to Useful documents == * Our anti-censorship roadmap: * Roadmap:https://gitlab.torproject.org/groups/tpo/anti-censorship/-/boards * The anti-censorship team's wiki page: * https://gitlab.torproject.org/tpo/anti-censorship/team/-/wikis/home * Past meeting notes can be found at: * https://lists.torproject.org/pipermail/tor-project/ * Tickets that need reviews: from projects, we are working on: * All needs review tickets: * https://gitlab.torproject.org/groups/tpo/anti-censorship/-/merge_requests?s… * Project 158 <-- meskio working on it * https://gitlab.torproject.org/groups/tpo/anti-censorship/-/issues/?label_na… == Announcements == * == Discussion == * About SnowflakeStaging(https://gitlab.torproject.org/shelikhoo/snowflakestaging) * Please have a trial of the Snowflake Packet Transport Mode! * Relicense as MIT BSD 3Clause * Anything we wants to modify? * Anything we wants to add? * We will discuss this again this week to get feedback since other snowflake developers were away last week * cohosh will review it and provide feedback * Find a long term solution for utls downgrade check * https://metrics.torproject.org/userstats-bridge-combined.html?start=2025-02… * that was an emergency patch to backport the uTLS security update * https://gitlab.torproject.org/shelikhoo/utls-temporary * https://gitlab.torproject.org/shelikhoo/utls-temporary/-/commit/55c892a09c8… * we can't update uTLS because we need to keep supporting go 1.21 until Firefox ESR 140 (September) * we'll maintain our fork until that date * RFC: Collect Snowflake Proxy Pool Health Information (https://gitlab.torproject.org/tpo/anti-censorship/connectivity-measurement/…) * will try to do the analisys with the current tools and explore more if the change on the loging system is needed * deprecate obfs4-bridge docker image for arm and 386 * https://gitlab.torproject.org/tpo/anti-censorship/docker-obfs4-bridge/-/iss… == Actions == == Interesting links == * Big uptick in (especially) snowflake users from Turkmenistan since 2025-04-28 * https://metrics.torproject.org/userstats-bridge-combined.html?start=2025-02… * https://gitlab.torproject.org/tpo/anti-censorship/censorship-analysis/-/iss… == Reading group == * We will discuss "" on * Questions to ask and goals to have: * What aspects of the paper are questionable? * Are there immediate actions we can take based on this work? * Are there long-term actions we can take based on this work? * Is there future work that we want to call out in hopes that others will pick it up? == Updates == Name: This week: - What you worked on this week. Next week: - What you are planning to work on next week. Help with: - Something you need help with. cecylia (cohosh): 2025-05-08 Last week: - pair debugging phantombox with onyinyang - pair debugging conjure test network setup with ln5 - conjure#52 - presented project 173 work at all hands - worked on fix for CDN77 domain fronting with conjure - conjure#49 This week: - support conjure work - follow up on snowflake rendezvous failures - reduce/remove use of mutexes for broker metrics (snowflake#40458) - take a look at potential snowflake orbot bug - https://github.com/guardianproject/orbot-android/issues/1183 dcf: 2025-05-08 Last week: - commented on @luiz proposal for an updated FEP pluggable transport https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/lyre… Next week: - open issue to have snowflake-client log whenever KCPInErrors is nonzero https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… - parent: https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… Help with: meskio: 2024-05-08 Last week: - containarize a test bridge authority (rdsys#219) - investigate why we don't distribute webtunnel bridges over https some days (rdsys#262) - fix obfs4-bridge docker parser to allow params with = (docker-obfs4-bridge#23) - evaluate the deprecation of arm and 386 on obfs4-bridge docker image (docker-obfs4-bridge#25) Next week: - steps towards a rdsys in containers (rdsys#219) - investigate why we don't distribute webtunnel bridges over https some days (rdsys#262) Shelikhoo: 2024-05-08 Last Week: - [Testing] Unreliable+unordered WebRTC data channel transport for Snowflake rev2 (cont.)( https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… ) testing environment setup/research - Research Collect Snowflake Proxy Pool Health Information (https://gitlab.torproject.org/tpo/anti-censorship/connectivity-measurement/…) - Snowfalke Staging Server Experiment - Vantage point maintainence - Merge request reviews Next Week/TODO: - Merge request reviews - [Testing] Unreliable+unordered WebRTC data channel transport for Snowflake rev2 (cont.)( https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… ) improvements - Research about designing an armored bridge line sharing URL format https://gitlab.torproject.org/tpo/anti-censorship/team/-/issues/126 - Vantage point maintainence - Snowfalke Staging Server Experiment(Almost Done ^~^) onyinyang: 2025-05-08 Last week(s): - Got phantombox working - Tried to make progress on decoy routing - Looked into turbotunnel implementation for conjure, seems like overkill for now - Working on more straightforward improvements to bufferedconn for the time being Next week: - Continue on bufferedcomm improvements and other conjure reliability improvments for Objective 2: https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/conj… As time allows: - review Tor browser Lox integration https://gitlab.torproject.org/tpo/applications/tor-browser/-/merge_requests… - add TTL cache to lox MR for duplicate responses: https://gitlab.torproject.org/tpo/anti-censorship/lox/-/merge_requests/305 - Work on outstanding milestone issues: - key rotation automation Later: pending decision on abandoning lox wasm in favour of some kind of FFI? https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/43096) - add pref to handle timing for pubkey checks in Tor browser - add trusted invitation logic to tor browser integration: https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/42974 - improve metrics collection/think about how to show Lox is working/valuable - sketch out Lox blog post/usage notes for forum (long term things were discussed at the meeting!): - brainstorming grouping strategies for Lox buckets (of bridges) and gathering context on how types of bridges are distributed/use in practice Question: What makes a bridge usable for a given user, and how can we encode that to best ensure we're getting the most appropriate resources to people? 1. Are there some obvious grouping strategies that we can already consider? e.g., by PT, by bandwidth (lower bandwidth bridges sacrificed to open-invitation buckets?), by locale (to be matched with a requesting user's geoip or something?) 2. Does it make sense to group 3 bridges/bucket, so trusted users have access to 3 bridges (and untrusted users have access to 1)? More? Less? theodorsm: 2025-04-10 Last weeks: - fixing bugs in covert-dtls, only mimic DTLS 1.2 - Running proxy with covert-dtls - MR covert-dtls: https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… Next weeks: - Write instructions on how to configure covert-dtls with snowflake client (are we going to run a user test?) - Fix merge conflicts in MR (https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow…) - Condensing thesis into paper Help with: - Test stability of covert-dtls in snowflake Facilitator Queue: shelikhoo onyinyang meskio 1. First available staff in the Facilitator Queue will be the facilitator for the meeting 2. After facilitating the meeting, the facilitator will be moved to the tail of the queue -- meskio | https://meskio.net/ -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- My contact info: https://meskio.net/crypto.txt -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Nos vamos a Croatan.

1 0

Haidi April'25 Monthly report
by haidis＠riseup.net 07 May '25

07 May '25

Hi! Below is my April’25 (Period: 2025-04-01 - 2025-04-30) report! In April, I resolved 92 tickets: * On Telegram (@TorProjectSupportBot) – 88 (from Iran); * On RT (frontdesk@tpo) – 4 (from Iran); * On WhatsApp (+447421000612) - 0; * And on Signal (+17787431312) - 0; I Worked on a forum document for ” Iran : Circumventing Censorship with Tor” to update according to the latest screenshots, translation, instruction and links. Working on some Farsi translations articles and text modules according to the latest Tor version. Thanks, Haidi

1 0