- tor-project - lists.torproject.org

Damian's Status Report - November 2019
by Damian Johnson 05 Dec '19

05 Dec '19

Hi all! Just a quick update on what I've been up to. Now that our HSv3 branch is finally wrapped up giving thought to what's next... https://blog.atagar.com/november2019/

1 0

The Tor Censorship Arms Race: The Next Chapter
by Roger Dingledine 04 Dec '19

04 Dec '19

Hi folks, The video from my Defcon 2019 talk ("The Tor Censorship Arms Race: The Next Chapter") is now up: https://blog.torproject.org/next-chapter-anti-censorship I'll be happy to answer questions about the talk, or about the censorship team in general, in the comments. --Roger

1 0

Network Team Meeting Notes, 25 November 2019
by Alexander Færøy 04 Dec '19

04 Dec '19

Hello, Here is a short summary of the network team meeting from Monday the 25th of November. Riseup's pad was being a bit sad last week, but it looks like my backup after the meeting was OK and was the same content when I used the time-slider on the pad :-) 1) We started out by looking at the 0.4.2 status page on Trac to see how we are doing there. 2) We went over our Kanban board. 3) We went over our review queue. 4) Alex made some announcements: please respond to Gaba's doodle and we need help looking at migrated Gitlab tickets. 5) We will begin doing interviews for the Shadow hire next week. Does anybody wanna listen in? 6) We decided not to do team meetings 23/12 and 30/12 of 2019. 7) Nobody had anything else to discuss. --- end of summary --- You can read today's network team meeting log at: http://meetbot.debian.net/tor-meeting/2019/tor-meeting.2019-11-25-17.59.html Below are the contents of our meeting pad: gaba: (updated on november 18th) Last week (actual): s31 report This week (planned): grants proposal sponsors other reports due at the end of the month preparing for DRL implementers meeting in 2 weeks kickoff information gathering for coordinating a roadmap with almost no sponsors in december, january and february :) Help with: teor: (online first week of the month, offline at the usual meeting time) Week of 18 November (planned): Take Time for: - Write relay/dirauth modules, tooling, and testing parts of s31 report (Deadline: 30 Nov?) - catching up on emails Roadmap: - Sponsor 31 modularisation: - Modularisation dependency tooling (#32522) - Do more modularisation (#31851 / #29211) - Sponsor 31 code reviews Other: - Bug fixes, ticket triage, and quick reviews Week of 18 November (actual): Take Time for: - catching up on emails Roadmap: - Sponsor 31 modularisation: - Modularisation dependency tooling (#32522) - Sponsor 31 code reviews Other: - Fixing work laptop Week of 25 November (planned): Take Time for: - Draft s31 report: relay/dirauth modules, tooling, and testing (Deadline: 30 Nov) - catching up on emails - post-0.4.2.4-rc backports Roadmap: - Sponsor 31 modularisation: - Modularisation dependency tooling (#32522) - Sponsor 31 code reviews Other: - Bug fixes, ticket triage, and quick reviews Week of 25 November (planned): Take Time for: - catching up on emails and IRC - post-0.4.2.4-rc backports Roadmap: - Sponsor 31 modularisation: - Modularisation dependency tooling (#32522) - Sponsor 31 code reviews Other: - Doc fixes, ticket triage, and quick reviews Nick: Week of 18 November (planned): - More documentation work. - Finish 32427 (refactor options_act_reversible). - 32139 (configuration isolation for directory authority options) - 32408 (refactor new options_act_reversible into new system.) - Regression analysis on 041-regression,042-regression tickets?? Week of 18 November (actual): - review and merge - Keep an eye on blog comments for 0.4.2.4-rc release post - Triaged my remaining 042 tickets - Identify hardware possibly donate for EOY campaign - Finish refactoring options_act_reversible() (32427) - Write paragraphs for S31 report - catch up on emails - Drop support for openssl <1.1.1 (31820) Week of 25 November (planned): - Short week due to US holiday. Not planning to be available Thursday through Sunday; please use signal if I'm needed. - Review and merge - Keep an eye on blog comments for 0.4.2.4-rc release post - analyze 0421/042 regressions, at last - List stuff I want to work on in December. - Any last-minute improvements needed for S31 wrapup. - Dirauth configuration isolation (32139) - Design for 32408 (migration path for options_act_reversible()) Mike: Since 6 November (planned): - Finish cleaning up circpad simulator - Read asn's research feedback - Get DNS recommendations for exit operators for fingerprinting blog post - Update + triage circpad bugs Since 6 November (actual): - Computer issues (mostly resolved) - Scalability meeting - Read+replied to asn's research feedback - Some review of circpad simulator - Last minute Mozilla all hands invite + booking Week of 25 November (planned): - Catch up on mail - Follow-up + summary of scalability meeting - Update, file, and triage circpad bugs - Document circpad simulator and new bugs/gotchas in circpad doc - Document intuition behind state machine choice in circpad doc Need help with/at risk of dropping this month: - Get DNS recommendations for exit operators for fingerprinting blog post - Deep-thought-required research project followup - (Google masque, BGP, ECN, Rob's bw experiments, Dennis's Mozilla video, etc etc...) catalyst: week of 11/18 (2019-W47) (planned): - reviews - sponsor31 architecture doc stuff - GSoD stuff as needed week of 11/18 (2019-W47) (actual): - reviews - reviewing C reformatting output week of 11/25 (2019-W48) (planned): - public holiday 11/28 - reviews - sponsor31 wrap up - more follow up about C style stuff asn: Week of 18/11 (planned): - Review atagar's HSv3 descriptor encoding work. - Write test vectors for HSv3 descriptor encoding/decoding as stem support stabilizes. Week of 18/11 (actual): - Reviewed atagar's HSv3 descriptor encoding work (#31823). And went over a few revision rounds. Will be doing more revisions as onionbalance work proceeds. To make the actual test vectors I need to do some more onionbalance work (and in particular computing the right blinding parameters). - Implement permanent client auth credentials over the control port (#32563). More work than initially anticipated because of forward-compatibility issues and other stuff. - Triaged S27 tickets and did planning for future onion services work. - More post-OTF onion work. Week of 25/11 (planned): - Get back to onionbalance work (#31823 and #26768) - Do revisions as neede dfor the client auth control port work (#32563) - Continue S27 triaging. ahf: Week of 18 November (planned): - Shadow Simulation developer decisions/next step/interview questions - S28 tickets. - Friday is the "big day" for trying out a complete Gitlab migration to see if things go well - Catch up on things I missed to do last week. Week of 18 November (actually): - Lots of Shadow Dev stuff, but it is making progress. - Moved all tickets from Trac to Gitlab. Now begins the hunt for issues/information loss. - Spend quite a bit of time with Hiro trying to debug an issue with the Gitlab instance that leads to 503 issues. This is still ongoing. - Began re-writing some tests for #28930 Week of 25 November (planned): - Still some Shadow Dev stuff. - Follow up on Gitlab migration work with Gaba - Figure out the 503 issue on GL with Hiro - Test changes for #19327 dgoulet: Week of 18/11 (actual): - s27: #32546, #30381 (reviewed, merged), #32543. - s27: Revision on #32020 - s27: Meeting with asn, triage on all s27 tickets. - Worked on a test bed for the NetDev CFP submission. Week of 25/11 (planned): - Finalize s27-must ticket as much as possible. -- Alexander Færøy

1 0

www November 2019 report
by Hiro 04 Dec '19

04 Dec '19

What has happened in November in the Tor www world * A new language was launched on tpo! https://www.torproject.org/ca/ * Cleaned up databags in all the websites to have less issues with localizing menus and some content. * Went through a lot of localization issues. * New training materials to the community portal/training * We are trying a review/merge workflow that can be helpful and not a stopper. * Started working on planning for dev.tp.o: https://gitweb.torproject.org/project/web/dev.git/ Meeting notes for November can be found: https://dip.torproject.org/torproject/web/www-meeting-notes/blob/master/201… This summary and past and future ones can be accessed online: https://dip.torproject.org/torproject/web/www-monthly

1 0

Metrics Team Meeting Notes, November 29th 2019 [includes last week releases]
by Gaba 29 Nov '19

29 Nov '19

Next meeting: *Thursday*, December 5th, 15 UTC Hi! We had our meeting on Friday November 29th (it had to be rescheduled this week). Pad for the meeting: https://nc.torproject.net/s/Znd4MkHebAznEgA Meeting Log: http://meetbot.debian.net/tor-meeting/2019/tor-meeting.2019-11-29-15.01.log… Agenda and Notes: collector disk space, and unreliable physical host (irl) irl asks for the disk space to be doubled: #32644 "metrics-team" keyword on IRC (karsten) we'll think about this more and make a decision next week. Pending reviews (karsten) Onionoo backends (karsten) irl asks for another backend host for onionoo-backend-02, and we keep onionoo-backend-01; we also turn off the webservers on omeiense and oo-hetzner-03 once the two new backends are running. irl and karsten are meeting on Tue, Dec 3, 15:00 UTC to set up the new backends. Roadmap - how are we doing? (gaba) https://trello.com/b/Mu5fYg53/tor-metrics-roadmap [announcement] we are testing phase of migration to gitlab - it would be good to get people to check for possible problems https://pad.riseup.net/p/gitlab-migration-problems Releases last week: #32635: Release Onionoo 7.0-1.22.0 Interesting links: Network Traffic Measurement and Analysis Conference https://tma.ifip.org/2020/call-for-papers/ -- Project Manager: Network, Anti-Censorship and Metrics teams gaba at torproject.org she/her are my pronouns GPG Fingerprint EE3F DF5C AD91 643C 21BE 8370 180D B06C 59CA BD19

1 0

Gitlab Ticket Migration: Help Needed
by Alexander Færøy 29 Nov '19

29 Nov '19

Hello! We are moving into the final phase of testing out our migration tool for Trac tickets to Gitlab issues. We have managed to do a "complete run" where we have taken every ticket from Trac and turned it into a Gitlab issue on our https://dip.torproject.org/ Gitlab instance. All the converted Gitlab tickets can be found at https://dip.torproject.org/ahf-admin/legacy-20/issues/ and have the same Ticket ID as on Trac. But we are not done yet. We have discovered a few formatting issues with the conversion from the Trac markup language to the Markdown markup that Gitlab uses, but that might not be everything that is wrong, but we need help with discovering the rest. Gaba have created a pad at https://pad.riseup.net/p/gitlab-migration-problems where people can report issues on specific tickets in the bottom of the pad. It would be very useful for us, if people could spend some time going over some complicated tickets they have been involved with in the past and look for the following issues: 1. Is there any loss of information: is any information from Trac *not* being converted in the Gitlab issue. Right now we are missing some information such as assignee, estimated points, and actual points. We also don't change the author of the ticket and comments right now, as that would generate too many notifications for people who are using Gitlab today. 2. Is there any formatting issues? Right now we know of at least two "classes" of formatting issues, namely an issue around {{{ }}} (code blocks) and == Title == (headlines). But we do expect to find more. Please help us out by spending a few minutes going over some of your favorite tickets and look for issues and note them down in the pad. Please describe the issue as well as possible, such that it will be easy for us to spot what the issue is and hopefully make a fix in the Ticket converter tool :-) Thank you! All the best, Alex. -- Alexander Færøy

1 1

Tor Browser Release meeting: Wednesday 27th November @ 19UTC
by Pili Guerra 27 Nov '19

27 Nov '19

Hi everyone, Please join us for the Tor Browser release meeting this week on Wednesday 27th November at 19UTC. Thanks! Pili — Project Manager: Tor Browser, UX and Community teams pili at torproject dot org gpg 3E7F A89E 2459 B6CC A62F 56B8 C6CB 772E F096 9C45

2 1

minutes from the sysadmin meeting
by Antoine Beaupré 26 Nov '19

26 Nov '19

Hello! Here are the minutes from the last sysadmin meeting. # Roll call: who's there and emergencies anarcat, gaba, hiro present, weasel and linus couldn't make it, no news from qbi. # What has everyone been up to ## anarcat * followup with cymru ([#29397][]) * OONI.tpo now moved out of TPO infrastructure (hosted at netlify) and closed some related accounts ([#31718][]) - implied documenting how to retire a static component * identified that we need to work on onboarding/offboarding procedures ([#32519][]) and especially "what happens to email when people leave" ([#32558][]) * new caching service tweaks, now 88% hit ratio, will hopefully go down to 300$/mth costs in november! see the [shiny graphs][] * worked more on Nginx status dashboards to ensure we have good response latency and rates in the caching system * reconfirmed mailing list problems as related to DMARC, can we fix this now? ([#29770][]) * wrote a Postfix mail log parser (in lnav) to diagnose email issues in the mail server * helped with the deployment of a ZNC bouncer for IRC users ([#32532][]) along with fixes to the "mosh" configuration * getting started on the [new email service project][], reconfirmed the "Goals" section with vegas * lots of work on puppet cleanup and refactoring * NMU'd upstream ganeti installer fix, proposed stable update * build-arm-* box retirement and ipsec config cleanup * fixed prometheus/ipsec reliability issues ([#31916][], it was ipsec!) [#29397]: https://bugs.torproject.org/29397 [#31718]: https://bugs.torproject.org/31718 [#32519]: https://bugs.torproject.org/32519 [#32558]: https://bugs.torproject.org/32558 [shiny graphs]: https://grafana.torproject.org/d/p21-cvJWk/cache-health [#29770]: https://bugs.torproject.org/29770 [#32532]: https://bugs.torproject.org/32532 [new email service project]: https://help.torproject.org/tsa/howto/submission/ [#31916]: https://bugs.torproject.org/31916 # Hiro * Some work on donate.tpo with giant rabbit * Updates and debug on dip.tp.o * Security updates and reboots * Work on the websites * Git maintenance * Decommissioning Getulum * Started running the website meeting and coordinating dev portal for december ## linus Some coordination work around Nextcloud. ## weasel Nothing to report. # What we're up to next ## anarcat New: * varnish -> nginx conversion? ([#32462][]) * review cipher suites? ([#32351][]) * release our custom installer for public review? ([#31239][]) * publish our puppet source code ([#29387][]) [#32462]: https://bugs.torproject.org/32462 [#32351]: https://bugs.torproject.org/32351 [#31239]: https://bugs.torproject.org/31239 [#29387]: https://bugs.torproject.org/29387 Continued/stalled: * followup on SVN shutdown, only corp missing ([#17202][]) * audit of the other installers for ping/ACL issue ([#31781][]) * followup with email services improvements ([#30608][]) * send root@ emails to RT ([#31242][]) * continue prometheus module merges [#17202]: https://bugs.torproject.org/17202 [#31781]: https://bugs.torproject.org/31781 [#30608]: https://bugs.torproject.org/30608 [#31242]: https://bugs.torproject.org/31242 ## Hiro * Clean up websites bugs * needrestart automation ([#31957][]) * CRM upgrades coordination for january? ([#32198][]) * translation move ([#31784][]) [#31957]: https://bugs.torproject.org/31957 [#32198]: https://bugs.torproject.org/32198 [#31784]: https://bugs.torproject.org/31784 ## linus Will try to followup with Nextcloud again. ## weasel Nothing to report. # Winter holidays Who's online when in December? Can we look at continuity during that merry time? hiro will be online during the holidays. anarcat will be moderately online until january, but will take a week offline some time early january. to be clarified. Need to clarify how much support we provide, see [#31243][] for the discussion. [#31243]: https://bugs.torproject.org/31243 # prometheus server resize Can i double the size of the prometheus server to cover for extra disk space? See [#31244][] for the larger project. [#31244]: https://bugs.torproject.org/31244 Will rise the cost from 4.90EUR to 8.90EUR. Everyone is go on this, anarcat updated the budget to reflect the new expense. # Other discussions Blog status? Anarcat got a quote back and will bring it up at the next vegas meeting. # Next meeting Unclear. jan 6th is a holiday in europe ("the day of the kings"), so we might postpone until january 13th. we are considering having shorter, weekly meetings. # Metrics of the month * hosts in Puppet: 76, LDAP: 79, Prometheus exporters: 123 * number of apache servers monitored: 32, hits per second: 195 * number of nginx servers: 109, hits per second: 1, hit ratio: 0.88 * number of self-hosted nameservers: 5, mail servers: 10 * pending upgrades: 0, reboots: 0 * average load: 0.62, memory available: 334.59 GiB/957.91 GiB, running processes: 414 * bytes sent: 176.80 MB/s, received: 118.35 MB/s * planned buster upgrades completion date: 2020-05-01 Now also available as the main Grafana dashboard. Head to <https://grafana.torproject.org/>, change the time period to 30 days, and wait a while for results to render. The Nginx cache ratio stats are not (yet?) in the main dashboard. Upgrade prediction graph still lives at <https://help.torproject.org/tsa/howto/upgrades/> but the [prediction script][] has been rewritten and moved to GitLab. [prediction script]: https://gitlab.com/anarcat/predict-os -- Antoine Beaupré torproject.org system administration

1 0

Next Global South Meeting
by Cybelle 26 Nov '19

26 Nov '19

[EN] Hi Tor friends, just a quick reminder of our Global South meeting Friday, Nov 29, 16UTC*[1]* at #tor-south*[2]*. Bring your updates, questions or just join us to the meeting. If you need help using IRC, read the complete IRC for beginners*[3]*. ----- [ES] Hola amig@s de Tor, un recordatorio rápido de nuestra reunión de Global South, viernes, 29 de noviembre, 16UTC*[1]* en #tor-south*[2]*. Tráe tus actualizaciones, preguntas o solamente únete a nosotros en la reunión. Si necesita ayuda para usar IRC, lea el IRC para principiantes completo (en inglés)*[3]*. ----- [PT-BR] Olá amig@s do Tor, lembrete rapidão de nossa reunião do Global South, 29 de novembro,16UTC (13h no Brasil)*[1]*, no #tor-south*[2]*. Traga suas novidades, dúvidas ou só junte-se a nós na reunião. Se você precisa de ajuda para usar o IRC, leia o guia do IRC para iniciantes (em inglês)*[3]* *[1]* https://www.worldtimebuddy.com/ *[2]* https://webchat.oftc.net/ *[3]* https://trac.torproject.org/projects/tor/wiki/org/onboarding/IRC <https://trac.torproject.org/projects/tor/wiki/org/onboarding/IRC> See y'all there! Cheers, -- Cybelle DC8F 1F4C 9167 049F 7AA1 0BD6 2FB3 B0C9 F369 34C5 https://keybase.io/cy63113 @cyb3113

1 0

S27 Meeting: Tuesday 26th November @ 15UTC
by Pili Guerra 25 Nov '19

25 Nov '19

Hi everyone, It’s time for our S27 meeting once again. Please join us this Tuesday 26th November @ 15UTC on #tor-meeting to discuss this Onion Services project. Thanks! Pili — Project Manager: Tor Browser, UX and Community teams pili at torproject dot org gpg 3E7F A89E 2459 B6CC A62F 56B8 C6CB 772E F096 9C45

1 0