- tor-project - lists.torproject.org

New Campaign: Take Back the Internet with Tor
by Stephanie A. Whited 28 Oct '19

28 Oct '19

** *Hello Tor, * * Some of us remember a time when the internet felt freer, when it felt like your identity didn’t matter and your online activity wasn’t being exploited, at least so blatantly, by big tech, advertisers, or worse. Whether it’s something we experienced or not, I think it’s safe to say this is a vision of the internet we all share in the Tor community. In line with that vision, today, we launched our end of year fundraising campaign, Take Back the Internet with Tor. Antonela and Alon created the retro-inspired visuals you can now see on the donate page, our swag, banners, and social media profiles. We are asking for donations [1] to help Take Back the Internet with Tor through the end of the year, and Mozilla will be matching every donation we receive until 31 December. Throughout the campaign, we’ll be offering prizes, and everyone who donates any amount in the first week will be entered to win each giveaway [2]. This is where we need your help. We rely on our end of year fundraising campaigns for a significant amount of our funding and in a crucial form (unrestricted). Please help us spread the word about the campaign to friends and family, on social media, or in your community. Just liking and RTing our social media posts [3] can make an impact. Thanks for your support. Cheers,Steph [1] https://donate.torproject.org [2] https://blog.torproject.org/take-back-internet-us [3] https://twitter.com/torproject/status/1188802873997565952 * -- Stephanie A. Whited Communications Director The Tor Project IRC: stephw PGP Fingerprint: E976 9771 7D46 2E63 9697 9F6D 6D6B 72C3 39A8 76AD <https://pgp.mit.edu/pks/lookup?op=get&search=0x6D6B72C339A876AD>

1 0

Notes from Vegas Meeting OCTOBER 24 2019
by Erin Wyatt 25 Oct '19

25 Oct '19

Vegas Team Meeting Notes OCTOBER 24 2019 ++ OLD BUSINESS + Blog temporary resolution - We lost our discount which means we are still paying 600 bucks/month; Mike will ask about it + isabela is working on trademark faq update, to include how we deal w/ the use of Tor name/logo on swags: + isabela will draft letter to developer who were going to fix css on drupal w/ gus + anarcat: SVN internal shutdown today, go? (#15949) Yes, but keep the data for a month just in case + We need more git admins? Gaba suggests taking the discussion to individual teams and asking for volunteers; follow up next meeting. ++ NEW BUSINESS anarcat: + What should we call the new nextcloud service? nc.torproject.net? cloud.tpn? docs.tpn? #32267 - To redirect or not redirect. That is the question. Name t.b.d. Nick + I need a hostname for use with doxygen. See #32101. - For now: src-ref.docs.torproject.org/tor; subject to change. ++ GENERAL NOTES Gus 1. Helped some relay operators to run private obfs4 bridges 2. Working with Outreachy applicants, reviewing their pull requests and answering theirs questions (irc, email, dip tickets). Due too many applicants, we closed today (10/23) for new applicants (project 1 - "Help Tor Project support our users"). 3. Updating Tor Browser 9 documentation (support / tb-manual / training slides). 4. Frontdesk sprint - reduced new tickets queue from 200 to ~90. 5. Mostly afk next week; only available for meetings. 6. Organizing remotely the first round of Tor trainings with our new partners in Global South. 7. Went to this activity: https://blog.torproject.org/events/tor-aromi-e-lacrime-del-routing-cipolla-… isabela 1. Coordinating with folks to build the corporation membership program 2. Working on YE campaign blog post and major donor's folder and personas presentation for Wendy's dinner 3. Going to Oslo Internet Forum NYC 4. Following up with sponsors/donors 5. Blog temporary resolution - we lost our discount which means we are still paying 600 bucks/month; mike will check in about it 6. working on trademark faq update to include how we deal w/ the use of Tor name/logo on swags 7. Start to prep for board meeting on November 6th antonela 1. community.torproject.org/user-research is live 2. TB9 was released 3. made some printable materials for fundraising 4. working with web/lego and styleguide.tpo.org 5. planning a ux session for the OTF summit with OKThanks 6. reviewing ux team roadmap for the next months Georg 1. We released Tor Browser 9. Thanks to everyone involved in making this happen! 2. Dealing with backlog now that the release is out Mike: 1. Wrapping up sponsor2 Sarah 1. EOY campaign launching next Monday. Please amplify the message on social media. People who donate the first week will be entered to win all of the prizes throughout the campaign. about:tor will be updated with the campaign graphic on 11/4. 2. Final plans for party on Monday. 3. Planning some donor visits for Isa. Antoine 1. worked sysadmin onboarding process docs (ticket #29395) 2. SVN internal shutdown today, go? (#15949) 3. usual daily grind (gitweb performance problems, DNS changes, puppet reviews, security upgrades, et) 4. started work on caching service 5. drafted a template for service documentation in https://help.torproject.org/tsa/howto/template/ 6. what should we call the new nextcloud service? nc.torproject.net? cloud.tpn? docs.tpn? #32267 Roger: 0) I cleared out all the old pending comments on the blog. Also, I added this sentence to https://trac.torproject.org/projects/tor/wiki/doc/community/blog-comment-po… : "(Please resolve any pending comments on the post first, so they don't get trapped in limbo when you disable comments.) 1) I wrote up an explainer text on "DoH and Tor Browser" for Steph. Maybe we'll try to put it in front of more audiences. 2) I reached out to the "30% of androids are running Tor and they don't know it" people. No response yet. 3) I've been moving forward a Tor relay accounting hibernation bugfix, wearing my network health team hat. 4) I still need to organize our OTF intro censorship circumvention session. I started a thread but need to do more. 6) Steph, Sarah: I think it might be time to conclude that the lack of answer about a Tor booth at shmoocon is indeed our answer. 7) We should make some choices around the CCC event in Leipzig. Plan: Erin will check with Isa and send an update mail so folks know there are no issues with Tor people going to Congress this year. It is quite late in the process to submit talks. Maybe somebody will submit one, or maybe we'll plan to get our act together more thoroughly next year. 8) Status of Feb/Mar dev meeting scheduling? Plan: Jon and Isa will talk today and make a decision. 9) We're running thin on mailing list moderators. Mostly the job is to approve pending queued mails, so the occasional spam one doesn't go through.Plan: I'm going to add gaba+sysrqb+phw as moderators for now, and Erin with help from Gus will draft a call-for-volunteers from among the core contributors. Erin: 1. Shadow Dev posting is live; getting organized around that 2. General HR/personnel stuff Alex: 1. Got the Shadow Simulation Developer job posting out together with Roger and Erin with the help of Emmapeel. 2. Finished my 042-must tickets. 3. Moved back to working on sponsored work. 4. Need to prepare slides for the Zurich presentation next week. Philipp: 1. Sponsor 30-related BridgeDB UI fixes (translations, documentation, emergency fixes, metrics analysis) 2. Preparation for OTF summit in Taiwan 3. Improved process of supplying NGOs with private bridges 4. RACE-related progress on snowflake (sequencing layer, client/server protocol) 5. Grant writing Steph 1) EOY launching Monday -- let the sharing begin! 2) Edited tb9 blog post, sent press release 3) Made graphic for and shared new job 4) Lots of back and forth with outreachy applicants 5) Coordinating talks at a couple events: Hackers Next Door, Fastly summit. 6) Combing through BBC onion and 9.0 related mentions 7) Community portal reviews 8) Helping with Save app promotion 9) Media inquiries Nick 1) Working on 0.4.2.3-alpha -- should be out in 0-2 working days. 2) Busy wrapping up Sponsor 31 -- it ends on 30 Nov. 3) Will roll out new stable releases soon for #32108 (accounting bug) 4) prep for event at Wendy's on Monday. 5) I need a hostname for use with doxygen. See #32101. Matt 1) Tor Browser 9.0 bug triage 2) Getting a handle on Tor Browser on Android 3) Planning Tor Browser 9.0 and 9.5 features for the remainder of the year Gaba 1. Mozfest this week (working on workshop with Pili for Saturday) 2. Sorted out gettor roadmap 3. S31 checkin meeting this week 4. Went to open news event with a bunch of people from BBC labs 5. Disappointed with gitlab on their lack of understanding of their users (https://gitlab.com/gitlab-org/growth/product/issues/164)

1 0

Anti-censorship meeting notes, 24 Oct 2019
by Philipp Winter 24 Oct '19

24 Oct '19

Here are our meeting notes: http://meetbot.debian.net/tor-meeting/2019/tor-meeting.2019-10-24-16.59.html And here is our meeting pad: Anti-censorship work meeting pad -------------------------------- Next meeting: Thursday October 24th 17:00 UTC Weekly meetings, every Thursday at 17:00 UTC, in #tor-meeting at OFTC (channel is logged while meetings are in progress). == Goal of this meeting == Weekly checkin about the status of anti-censorship work at Tor. Coordinate collaboration between people/teams on anti-censorship at Tor. == Links to Useful documents == * Our anti-censorship roadmap: https://dip.torproject.org/torproject/anti-censorship/roadmap/boards * Our roadmap consists of a subset of trac tickets. * The anti-censorship team's wiki page: https://trac.torproject.org/projects/tor/wiki/org/teams/AntiCensorshipTeam * GetTor's roadmap: https://dip.torproject.org/groups/torproject/anti-censorship/gettor-project… * Tickets that need reviews: https://trac.torproject.org/projects/tor/query?status=needs_review&componen… * Projects from sponsors we are working on: * https://trac.torproject.org/projects/tor/wiki/org/sponsors/Sponsor30 * https://trac.torproject.org/projects/tor/wiki/org/sponsors/Sponsor28 --------------------------- --- 24th October 2019 --- --------------------------- == Announcements == * == Discussion == * Gettor roadmap and workflow (gaba reorganized the roadmap - let's discuss it) * https://dip.torproject.org/groups/torproject/anti-censorship/gettor-project… * Should we scrap current work in #29206 and go with turbo tunnel? * https://trac.torproject.org/projects/tor/ticket/32135 (BridgeDB metrics parser) -- what else do we want to learn? == Actions == * == Interesting links == * https://www.vpndada.com/wp-content/uploads/2015/08/astrill-calling-user-stu… == Updates == FORMAT! Name: This week: - What you worked on this week. Next week: - What you are planning to work on next week (related to anti-censorship work). Help with: - Something you may need help with. Hiro: Started restoring Twitter Responder. When retrieving tweets I need to check for new tweets only otherwise Gettor will end up responding to old back log and already answered messages. Next Week: - Work on gettor specs - More with review of strings and website content and translation phw: This week (2019-10-24): * Fixed https://trac.torproject.org/projects/tor/ticket/32134 (request new BridgeDB translation and update i18n instructions) * Determined another winner for our bridge campaign because one of our original ones did not respond * Reviewed bridge setup guides for NetBSD and DragonflyBSD * Implemented prototype of https://trac.torproject.org/projects/tor/ticket/31874 (bridge test tool) * Took a look at the x-forwarded-for header of moat requests in BridgeDB * X-Forwarded-Host: ['bridges.torproject.org'] * X-Forwarded-For: ['127.0.0.1'] * There's no "Moat-IP" header * Implemented a BridgeDB metrics parser and created visualisations https://trac.torproject.org/projects/tor/ticket/32135 * Updated monitoring tools after getulum was replaced by gettor-01 * Created YAML file for private bridges. Seems like a decent file format for this purpose. * Ran RIPE Atlas measurement for meek-azure in Venezuela because some users said it doesn't work: * https://atlas.ripe.net/measurements/23107685/ * No obvious signs of censorship. Maybe just slow? * Filed and fixed https://trac.torproject.org/projects/tor/ticket/32203 * Added another patch for https://trac.torproject.org/projects/tor/ticket/32105 * Documents BridgeDB's ~/.procmailrc in the bridgedb-admin repository * Started working on BridgeDB's broken email localisation: https://trac.torproject.org/projects/tor/ticket/15404 * Roadmap cleanup Next week: * Travel to Taiwan * Wrap up #32135, #32105, and #31874 Help with: * https://trac.torproject.org/projects/tor/ticket/32105 (small addition to bridgedb-admin) * https://trac.torproject.org/projects/tor/ticket/31874 (review of work-in-progress bridge testing service) Gaba: (updated October 18th) Last week (): * gettor & s30 This week (planned): * mozfest ahf Last week: - Worked on #28930 This week: - Finished refactoring parts of #28930. Trying to figure out if we should begin the discussion on how PT's can report back on bootstrap info. - Continued to work on a tool to convert Trac tickets into Gitlab tickets. cecylia (cohosh): last updated 2019-10-24 Last week: - BridgeDB reviews: #32105, #32134 - refactored proxy-pair state machine (#31310) - made a lot of revisions to snowflake sequencing layer (#29206) - got caught up on Turbo Tunnel and provided some comments - noticed we lost metrics with the broker host migration and made #32231 - grant writing - made progress on exapnding unit tests for snowflake - created patch for #32131 - reviewed #32129 This week: - continue on tests (#29259) - snowflake dogfood and think about how to address bad snowflake health - more work on #29207 and #29206 - bridgedb reviews - look at obfs4 improvements and provide feedback - take a look at gettor code tickets and see if there are code quality improvements Needs help with: - reviews of #29206, #29207 (I'd like to move a bit faster with #29207 if possible) - review of #31310 - review of #32131 catalyst: week of 09/19 (planned): - reviews - sponsor31 planning - coding style discussion - comment on draft network team review guidelines - #30984 week of 09/19 (actual): - reviews - sponsor31 planning - talking with people about proposed network team review processes week of 09/26 (planned): - reviews - sponsor31 doc coordination - checking in on Season of Docs work - #30984 arlolra: 2019-10-24 Last week: - reviewed #31497 Next week: - continue on #31028 - add a build step / documentation for code reuse in cupcake - read up on turbo tunnel Help with: - dcf: 2019-10-24 Last week: - got the snowflake-broker.torproject.net domain name pointing at the new IPv6 broker (#29258, #32128) - filed a ticket about excessive log output in proxy-go (#32131) - filed a ticket to increase the Snowflake proxy poll interval (#32129) - made a patch to link Cupcake from the Snowflake home page (#31497) - reviewed Snowflake protocol sequencing layer (#29206) - made branches of obfs4proxy with QUIC and KCP for session persistence https://github.com/net4people/bbs/issues/14#issuecomment-544747519 - started reviewing broker negotiation protocol changes (#29207) Next week: - review #29207 (broker protocol for Snowflake) - review Snowflake proxy poll interval patch (#32129) - prototyping KCP and QUIC in meek Help with: - need meek-azure to redeploy meek-server for #31890

1 0

Metrics meeting notes, 24 Oct 2019
by Gaba 24 Oct '19

24 Oct '19

** Next meeting: *Thursday*, October 31st , 15 UTC ** For today's meeting: Meeting logs: http://meetbot.debian.net/tor-meeting/2019/tor-meeting.2019-10-24-15.04.html Agenda Thursday, October 31st, 15 UTC Exit scanner (gaba) https://trac.torproject.org/projects/tor/ticket/29650 Updating the wiki page for the metrics team https://trac.torproject.org/projects/tor/wiki/org/teams/MetricsTeam Roadmap - how are we doing? (gaba) https://trello.com/b/Mu5fYg53/tor-metrics-roadmap -- Project Manager: Network, Anti-Censorship and Metrics teams gaba at torproject.org she/her are my pronouns GPG Fingerprint EE3F DF5C AD91 643C 21BE 8370 180D B06C 59CA BD19

1 0

Network Team Meeting Notes, 21 October 2019
by Alexander Færøy 23 Oct '19

23 Oct '19

Hello! Here is a short summary of the network team meeting from Monday: 1) We started out by looking at the 0.4.2 status page on Trac to see how we are doing there. The team is now done with all 0.4.2-must tickets. 2) We went over our Kanban board. 3) We skipped going over review assignments because none had been assigned at the given time, but David did it right after the meeting. 4) Not everybody submitted the C style survey, but it sounds like the missing people are going to submit it soon. 5) Status of our policy changes: one is withdrawn, one is pending updates from ahf, one proposal needs some "parameter tuning". 6) Nobody had anything additional to discuss. --- end of summary --- You can read today's network team meeting log at: http://meetbot.debian.net/tor-meeting/2019/tor-meeting.2019-10-21-16.59.html Below are the contents of our meeting pad: gaba: (updated on september 30th) Last week (actual): up to date with trac & gitlab This week (planned): mozfest Help with: teor: (online first week of the month, offline at the usual meeting time) Week of 14 October (planned): (No plans, leave 2 weeks ago) Week of 14 October (actual): Take Time for: - team policies: - faster reviews - commit bit and roles Roadmap: - Sponsor 31 code reviews x4 - Sponsor 31 modularisation: disable relay mode when compiling - Merged preparation work - speed up CI - Merged autoconf fixes for --disable-module-dirauth - Code, review, and revision for disabling routermode.c Other: - Add a git script to set up merger worktrees - #29603 - Quick bug fixes / revisions x3 - CI Improvements - new Appveyor Windows Server 2019 image - Ticket, coverity, CI triage - Backport deciding, a few backports Week of 21 October (planned): Take Time for: - team policies: - commit bit - backports Roadmap: - Sponsor 31 modularisation: disable relay mode when compiling - Disable major relay and dirauth options, when those modules are disabled - Add tor controller trace logging to diagnose stem hangs (#30901) - continue work Other: - Keep on revising monotime coarse stamp bug fix Week of 21 October (actual): Urgent: - CI issues #32177 Take Time for: - team policies: - commit bit - backports - backport deciding 0.4.2 bugs: - Avoid possible overflow when converting between coarse stamp to approx ms #31482 Roadmap: - Sponsor 31 modularisation: disable relay mode when compiling - Disable major relay and dirauth options, when those modules are disabled #32213 - List of code chunks to disable https://trac.torproject.org/projects/tor/ticket/31851#comment:9 Other: - merges - Helping other people with tickets - fixes on merge_ready and merged code (#31684, #31762, others) - Bug fixes - Ticket triage Nick: Week of 14 October (planned): - More 042-should items if they come up - Wrap up C survey - Edit collaborative webpost? - Review and merge - S31 work: - tor-guts documentation work - more config.c refactoring once #32003 is reviewed - possibly, help with relay modularization work. Week of 14 October (actual): - Various documentation/doxygen revisions - Keep up with blog comments on 0.4.2.2-alpha release - A few 042-should itesms - Reviwes and merges - More config.c refactorig, work on 31999 (default log handling) Week of 21 October (planned): - Finish 31999 (default log handling) - Reviews and merges - 042-should TBD - Prepare for fundraising/outreach event at Wendy's next week. - Work on config.c verification refactor (31241) - Help with relay modularization (31851) - More high-level documentation - Edit collaborative blog post - Start working on 0.4.1.7 - PETS meta-review Mike: Week of 10/14 (planned): - Respond to Firefox networking review followups - Do some of Firefox Feature Review - Check in with Tobias re circpad perf issues and simulator plan - Blog post writing? - Tor blog discussions Week of 10/14 (actual): - Finished Firefox networking and feature review - Blog post writing - Did some more analysis for the https://trac.torproject.org/projects/tor/ticket/31561 fix wrt Vanguards Week of 10/21 (planned): - Work with Tobias on circpad simulator issues (https://trac.torproject.org/projects/tor/ticket/31788) - Blog post writing - Begin wrapping up Sponsor2 - Work on Research Director Roles Description - Catch back up on network-team mails - Catch back up with tor-scaling mails Need help with/at risk of dropping this month: - Deep-thought-required research project followup - (Google masque, BGP, ECN, Rob's bw experiments, Dennis's Mozilla video, etc etc...) - Relay community drive/mgmt (and related LTS herding) catalyst: week of 10/14 (2019-W42) (planned): - reviews - more GSoD feedback week of 10/14 (2019-W42) (actual): - GitLab migration meeting - tried to figure out how to help swati get Asciidoc working locally so she can preview her changes the way we will see them - filed some UX bugs against Tor Browser 9.0a8 - provided C style feedback - reviewed policy proposals some more week of 10/22 (2019-W43) (planned): - reviews - more GSoD stuff asn: Week of 02/10 (planned): - Bring OB hsv3 descriptor encoding closer to completion. - Attend s27 meeting about error passing over SOCKS vs HTTP vs control port - Handle remaining 042 bugfixes. Week of 02/10 (actual): - Working on hsv3 descriptor encoding (#31823) - Can now do blinding #31777 (also ported the tor ed25519 to python3 on the way #31912) - Can now do descriptor layer encryption - Can do the superencrypted layer - Stem hsv3 descriptor decoding is merged upstream (#31369)! - Reviewing and testing - Did 042 tickets assigned to me. Also reviews and merges. Week of 07/10 (planned): - Bring the hsv3 descriptor encoding branch to some browseable state so that I can show atagar before I leave for vacations on Friday. - Attend the s27 meeting about error passing which did not happen last week. - Check updates on #19251 - Finalize anything else remaining before I sign off for two weeks on Friday. ahf: Week of 14 October (planned): - Gitlab migration meeting. - Kill todo list items: some CC, some Network Team policy stuff, an old review. - Resubmit #31810 Week of 14 October (actually): - Got my last 0.4.2-must items merged: #31091, #31810. - Booked trip with Gus to Freedom not Fear in Brussels in November. - Went over all my old reviews. - Gitlab meeting: discussion particular around setting deadlines and figuring out how to do wiki migration. - Work on new job post that came out today for the Shadow Simulation Developer. - Went over Nick's survey for coding style. - Lots of smaller todo items crunched. Week of 21 October (planned): - Focus on 042-should and s28 PT related tickets. - Make slides for presentation in Zurich next week. - Focus on Gitlab wiki migration. - Help Swati with Windows/Asciidoc/Man page situation. dgoulet: Week of 14/10 (actual): - s27 work: Found HSv3 issues with work in #31561. TIcket #32094 was created about it. - s27: Worked on #30382 for upstream merge. I fixed the timeout issue on it and I still am missing 2/6 error codes to return. At least, usable on Tor Browser side for testing. - Worked on #32058 (mainloop bug). Fun ticket work #31373 and merged :). - Started writing unit tests in #29698 for which much more is needed. - Reviews and merges. Week of 21/10 (planned): - Finalize #30382 and fix #32094 for s27. - Finish unit tests on #29698. - Work on a Tor talk proposal for Netdev conference that opened its CFP for 2020 edition. All the best, Alex. -- Alexander Færøy

1 0

No Tor Browser Release meeting this week
by Pili Guerra 22 Oct '19

22 Oct '19

Hi everyone, We will be moving this one to next week: Wednesday 30th October. Thanks! Pili — Project Manager: Tor Browser, UX and Community teams pili at torproject dot org gpg 3E7F A89E 2459 B6CC A62F 56B8 C6CB 772E F096 9C45

1 0

Open position at Tor Project - Shadow Simulation Developer
by Erin Wyatt 21 Oct '19

21 Oct '19

Hello, everyone! We have a new open position at The Tor Project! You can view the job description on our website <https://www.torproject.org/about/jobs/shadow-simulation-developer/> or pasted at the bottom of this email message. This is a really unique opportunity for someone to work as part of a small cross-organizational team, along with another simulation dev working at Micah Sherr's SecurityLab at Georgetown University and with Rob Jansen from the U.S. Naval Research Laboratory. Please help us spread the word! Cheers, Erin Wyatt Director of People and Office Operations ewyatt(a)torproject.org PGP: 35E7 2A9F 6655 45F9 2CB6 6624 BA0C 9400 F80F 91CE ———————————>8———————————>8———————————>8 The Tor Project is looking for a Shadow Simulation Developer October 18, 2019 We are seeking an experienced programmer to help us develop cutting-edge network simulation / emulation software. This person will be responsible for the implementation, documentation, and testing of software to support research into privacy-enhancing technologies. In particular, this person will be contributing to software that constructs large, realistic, high fidelity simulations of anonymity networks, allowing other researchers to run existing software (e.g., Tor) on top of a virtualized network. As such, this person should be comfortable working with established codebases (github.com/shadow) and incrementally improving them through modular design. The ideal candidate will have significant practical programming skills, specifically, expertise in parallel program design and development. For programming experience we seek a candidate with demonstrated ability to write correct, maintainable code in both Python and C. Experience with Rust, or a strong desire to learn to program in Rust, is preferred. In addition to high familiarity with parallel programming, the candidate will possess knowledge of the Linux operating system, networking, and algorithms at the BS level or higher. The candidate should be able to work both independently and as part of a small team, with strong communication skills and the ability to read and understand research papers and other technical documents. The person in this position will work as part of a small cross-organizational development team, along with another simulation developer working in Micah Sherr's SecurityLab at Georgetown University. Rob Jansen at the U.S. Naval Research Laboratory will oversee and lead the team, however, the person in this position is integrated into the Tor Project Community through working with its Network Team. The ideal candidate will be based in the Washington DC area (in which case we will try to get you a desk at Georgetown University). However, we will be considering remote candidates. This position has full-time funding for three years, with the possibility to continue in another role thereafter, depending on organizational finances. Required Qualifications: • Programming experience in Python and C. • Experience developing and running software in Linux. • Experience developing software using parallel programming models (multi-threading / multi-processing, shared memory, message passing). • Knowledge of networking: socket programming, TCP/IP, etc. • Experience interacting with users and other developers online, including experience being exposed to and discussing differing ideas and opinions, while maintaining a high level of respect and professionalism. • Comfort with transparency: as a non-profit organization who develops open source software, most of what we do is public. Preferred qualifications: • Familiarity with network simulation and/or emulation. • Familiarity with developing and scaling distributed systems. • Experience working with distributed (remote) teams across different time-zones with people of differing skill levels over multiple mediums, including email, instant messaging, and IRC. • Familiarity with or willingness/ability to learn the Rust programming language. • Open-source experience: contributed significant chunks of code to multiple open-source projects in the past. • Familiarity with distributed version control systems, including Git. • Genuinely be excited about Tor and its values! • Willingness and ability to travel internationally to twice-yearly team meetings (strongly preferred). Key responsibilities include but are not limited to • Software Development - software development, writing test cases, and coding review. • Evaluations - system evaluation, including performance. • Documentation - coding documentation, and assisting in preparing technical reports. Academic degrees are great, but not required if you have the right experience! Salary negotiable. We have a competitive benefits package, including a generous PTO policy; 14 paid holidays per year (US; including the week between Christmas and New Year's, when the office is closed); health, vision, dental, disability, and life insurance; flexible work schedule; and occasional travel opportunities. TO APPLY: Email a single PDF of your cover letter and resume/CV explaining how your qualifications and experience meet the requirements of this job description. Please include the reasons why you want to work at Tor Project, your salary expectations, and links to code samples (ideally, more than one and all of which we will presume you are authorized to disclose). Email should be sent to job-shadow-dev at torproject.org with "Shadow Simulation Developer" in the subject line. No phone calls, please! About the Organization: The Tor Project, Inc., is a 501(c)(3) organization headquartered in Seattle with paid staff and contractors of around 45 engineers and operational support people, plus many volunteers all over the world. Tor develops free and open source software for privacy and freedom online, protecting people from tracking, surveillance, and censorship. The Tor Project's mission is to advance human rights and freedoms by creating and deploying free and open source anonymity and privacy technologies, support their unrestricted availability and use, and further their scientific and popular understanding. The Tor Project, Inc., is an equal opportunity, affirmative action employer.

1 0

Notes from Vegas Meeting OCTOBER 17 2019
by Erin Wyatt 21 Oct '19

21 Oct '19

Vegas Team Meeting Notes OCTOBER 17 2019 ++ OLD BUSINESS + From Oct 3: "What is our policy on people printing Tor swag for themselves" -> Isa will write a policy w/ Jon + From Oct 11: Do we need more git admins? -> Isa will mail "the list" to get us started on asking tor-internal for more git admins. ++ NEW BUSINESS + Georg: - Coordinating work for Tor Browser 9 release; Pili picking up this task. + Antoine: - What's the next step for the blog? (#32090) — step 1: manually reduce the service level, which will degrade performance, since we'd have less resources allocated to the site, but it should still work fine so long as we don't have any major traffic spikes — step 2: start the plan/implementation of our layer in the front — step 3: we agreed to pick up the conversation about a long term solution for the Blog in January + Gus - Drupal freelancer wants more access to our drupal installation. Gus is busy the next while with S9, Outreachy and support, so removing hisself from this task and giving back to TPA; anarcat will followup along with hosting solutions for the blog. + Gaba: - Anybody interested in mentoring/guiding/coaching a cybersecurity policy student from June 2020 to November 2020? Perhaps Steph; otherwise, maybe next year. ++ GENERAL NOTES Georg: 1. Final touches for Tor Browser 9 and prep for first alpha of 9.5 cycle 2. Work on the OTF proposal (thanks to everyone involved getting this proposal written up in such a short timeframe! *crossing fingers*) 3. Spent some time figuring out what we could/should do for the remainder of 2019 in Tor Browser land Steph: 1. Lots of back and forth with Outreachy applicants 2. community portal review 3. inquiries and podcast coordination 4. EOY campaign prep Antoine: 1. massive (~20%) trac ticket cleanup in the "trac" component 2. shutdown jabber service (#31700) 3. decomissioned older bacula director server and replaced with new one, I now know how to restore everything from backups (hopefully) (#31786) 4. sudo / LDAP password change (#6367) 5. synced up with Fastly 6. attended blog meeting to figure out next steps (probably varnish?) slightly confused as to where to go next (#32090) 7. usual daily grind (upgrades, reboots, email aliases, reading/responding to emails, etc) Sarah: 1. Got set up for Brave AdGrants with the Giving Block. We'll have around $10K worth of free ads per month. 2. EOY campaign prep 3. Helped with OTF proposal 4. Connected with Human Rights Foundation and looking into different ways to collaborate 5. Partnering with organizers of Bitcoin2020 conference in various ways Gaba 1. Updated several roadmaps 2. Keep up to date with Trac 3. Gitlab migration meeting and followup 4. MOSS meeting for metrics proposal 5. Prepared mozfest session for next week (Saturday) in London with Pili 6. Next week: mozfest & redecentralize conferences Alex: 1. Gitlab meeting: Moved to discussing Wiki transition too and set some deadlines for the upcoming 2.5 months of work on this. 2. Booked flights to Zurich and started writing the new talk outline. 3. Made some progress on the Shadow hire together with Roger. 4. 042 work continued. Philipp 1. Formalised process for supporting NGOs with private bridges: https://trac.torproject.org/projects/tor/wiki/org/teams/AntiCensorshipTeam/… 2. Helped produce quarterly RACE report (snowflake and obfs4 progress from our side) 3. Preparations for OTF summit 4. More BridgeDB progress (deployed language switcher, started thinking about PT bridge test service) 5. Snowflake progress (automation, "open UDP sockets" bug, website localisation) 6. Wrapped up prototype of obfs4 flow obfuscator Pili 1. OTF Browser Proposal 2. Responding to Outreachy candidates 3. S27 Meeting 4. Finishing off last outstanding bits on Community portal 5. Mozfest prep 6. Next week I'll be afk intermittently for Mozfest and related events. Nick 1. More network team stuff: 042 seems to be getting more stable and 043 is open. 2. We've changed our merge policy again: https://trac.torproject.org/projects/tor/wiki/org/teams/NetworkTeam/MergePo… Antonela 1. EOY campaign was delivered 2. TB9 release 3. I've been invited to join OKThanks to run a session about user-centered design in Taipei. We are meeting next week to coordinate it. 4. prepared material for isa and founders 5. progress on https://community.torproject.org/user-research/ 6. the new OnionShare allows people to create .onion sites so easy; hiro and i joined micah to push this feature and micah's post was #1 in HN this week 7. meeting Adam and Babatunde (OTF Fellow) to check progress 8. SimplySecure + Metrics portal OTF SOW was approved. [gaba: I will talk with Georgia at mozfest next week to confirm timeline] Karsten: 1. Conducted an analysis of OONI Vanilla Tor bootstrap time, with the goal to add this data and a graph to Tor Metrics: https://trac.torproject.org/projects/tor/ticket/32126#comment:1 isabela 1. Met w/ Amber (MDF's ED), following up on my report regarding the training/coach we received. 2. Met w/ folks from Bitcoin2020 conference in SF - they want to promote Tor in their conference again, putting our logo on the sponsors stuff, giving us a booth to showcase our product and other stuff. 3. Met w/ Mozilla foundation program managers 4. Working on a proposal for Corporation Membership program for Tor. Similar to what Linux Foundation does (and Let's Encrypt since they are under one of Linux Foundations non-profits) https://www.abetterinternet.org/sponsor/ https://letsencrypt.org/become-a-sponsor/ 5. Following up w/ the blog discussion, OTF full proposal submission, YE campaign, media requests, personnel stuff, and upcoming meetings w/ major donors. 6. Starting pre-vacation panic mode - will share the plan for while I am gone pretty soon Roger: 1. We continued the process of bumping out obsolete relays. It has been relatively uneventful, yay. 2. The team to advertise the Shadow simulation developer is making progress: expect a job posting next week ish. 3. OTF has asked us to a "state of censorship circumvention" session at the summit. I'll be starting that thread soon with phw/asn/antonela/arturo/maria. 4. I'm doing a keynote at a CDT "Future of Speech Online" event in DC on Nov 15. [I am registered to attend. - Sarah] 5. git admins question from last week: Nick has said he's not a git admin; hiro said she'd resolve the tickets but didn't; irl said he is a git admin but then no movement. 6. Pili: Are we doing ok with our gsod person? 7. Steph/Isa: Did we send the libreplanet rms mail? 8. No news on Shmoocon booth questions. Getting to be the point where no response is the response. 9. Tufts policy intern question: do we want one? Probably "yes in theory, but in practice it won't fit"? 10. Fastly speaking gig, should pick a speaker 11. Sue: NSF Georgetown contract status? Gus: 1. Helping Outreachy applicants with their tasks and (still) onboarding new applicants. 2. Collecting Partnership agreements from our training partners. 3. Working on Tor Browser 9 documentation updates for next week. 4. Answering RT/Frontdesk. 5. Drupal freelancer wanted more access to our drupal installation. I don't know what's our policy here and next weeks I'll be busy with S9, Outreachy and support, so I'm removing myself from this task and giving back to TPA. 6. S30 sync with Antonela and Gaba last week about Community tasks Erin: 1. Making progress on Shadow Dev process 2. General HR/Personnel Stuff Mike: 1. Finished up Firefox ESR network and feature review 2. Getting back to network team responsibilities Matt: 1. More team-lead transition and team health 2. Tor Browser releases and getting closer to Tor Browser 9.0 3. Helped with OTF proposal 4. Started laying the groundwork for running Tor Browser long-term measurements (no progress made yet, though)

1 0

Metrics meeting notes, 17 Oct 2019
by Gaba 17 Oct '19

17 Oct '19

Hi! Metrics team meet every Thursday at 15UTC (Next meeting is on October 24th) at the #tor-meeting channel in irc.oftc.net The meeting log is in http://meetbot.debian.net/tor-meeting/2019/tor-meeting.2019-10-17-14.59.html And the content from our meeting pad for today: Agenda Thursday, October 17th 15 UTC OONI metadata database (karsten) This is now tracked in #32126. Planning to terminate the EC2 instance and resume this after exit scanner project. karsten is going to terminate the EC2 instance on Friday afternoon. karsten adds phw (and others?) to cc Tor Browser measurements (karsten) we're going to revisit this mid-November when Dennis and the browser team have more time. Onionoo release, new deployments, automation and documentation (irl) Should we include #31941 in this release? - yes, reviewed this offline but forgot to update the ticket, done that now karsten puts out an onionoo release and deploys it on both hosts on Friday irl asks for new hosts, and once they exist we set up new onionoos using the new ansible thing. Exit scanner (gaba) https://trac.torproject.org/projects/tor/ticket/29650 are we in track to finish this in december if we start now? Tor metrics data portal next steps (karsten) Review of #19332 (karsten) Roadmap - how are we doing? (gaba) https://trello.com/b/Mu5fYg53/tor-metrics-roadmap cheers, gaba -- Project Manager: Network, Anti-Censorship and Metrics teams gaba at torproject.org she/her are my pronouns GPG Fingerprint EE3F DF5C AD91 643C 21BE 8370 180D B06C 59CA BD19

1 0

Anti-censorship meeting notes, 17 Oct 2019
by Philipp Winter 17 Oct '19

17 Oct '19

Here is our meeting log: http://meetbot.debian.net/tor-meeting/2019/tor-meeting.2019-10-17-16.59.html And here is our meeting pad: Anti-censorship work meeting pad -------------------------------- Next meeting: Thursday October 17th 17:00 UTC Weekly meetings, every Thursday at 17:00 UTC, in #tor-meeting at OFTC (channel is logged while meetings are in progress). == Goal of this meeting == Weekly checkin about the status of anti-censorship work at Tor. Coordinate collaboration between people/teams on anti-censorship at Tor. == Links to Useful documents == * Our anti-censorship roadmap: https://dip.torproject.org/torproject/anti-censorship/roadmap/boards * Our roadmap consists of a subset of trac tickets. * The anti-censorship team's wiki page: https://trac.torproject.org/projects/tor/wiki/org/teams/AntiCensorshipTeam * GetTor's roadmap: https://dip.torproject.org/torproject/anti-censorship/gettor/boards * Tickets that need reviews: https://trac.torproject.org/projects/tor/query?status=needs_review&componen… * Projects from sponsors we are working on: * https://trac.torproject.org/projects/tor/wiki/org/sponsors/Sponsor30 * https://trac.torproject.org/projects/tor/wiki/org/sponsors/Sponsor28 --------------------------- --- 17th October 2019 --- --------------------------- == Announcements == * == Discussion == * https://trac.torproject.org/projects/tor/wiki/org/teams/AntiCensorshipTeam/… * New wiki page on how to walk NGO through the process of distributing private bridges * How can we make this process easier? See: https://bugs.torproject.org/28015 * "Moat secret password" is a neat idea * How should we manage our private bridges? * So far, it's just a CSV. We want to keep track of who got what bridge and when. * When should we switch over to the new IPv6-having Snowflake broker? See https://bugs.torproject.org/29258#comment:11 * Design considerations for a new service that tests bridges: * https://trac.torproject.org/projects/tor/ticket/31874#comment:2 * Discuss workflow for gettor * Sponsor 28: status? anything to report? * we have a prototype of new obfs4 flow obfuscator: https://trac.torproject.org/projects/tor/ticket/30716#comment:16 * snowflake is moving forward * Sponsor 30: how are we doing? * https://trac.torproject.org/projects/tor/ticket/31274 * A1- Create an evaluation framework for bridge distribution and selection methods. * https://trac.torproject.org/projects/tor/ticket/31281 * A1 - Improve documentation on how to set up a bridge server and different pluggable transport bridge servers. * A2 - Create scripts and configuration code for setting up a bridge on cloud providers to make it easier for operators to launch a new bridge. * https://trac.torproject.org/projects/tor/ticket/31282 * A2 - Define which censorship scenarios we are going to address. * Should we increase the default Snowflake poll interval? A lot? Last I checked, the broker was getting like 40 requests/second, which is way way more than we need. * Note: https://metrics.torproject.org/collector/archive/snowflakes/ since the release for windows, client usage has gone up by 5-10x but we still have orders of magnitude more idle snowflakes * dcf wonders why there's no apparent change in the bridge statistics https://metrics.torproject.org/rs.html#details/5481936581E23D2D178105D44DB6… * We could use a dedicated build server for the anti-censorship team to test tor-browser-build.git builds. * It's too big to build comfortably on a development PC/laptop, so devs are getting their own VPSes. * Requirements: 8 CPUs, 200 GB+ disk. * Could be shared with other teams. * Snowflake: Support portal and tb-manual documentation updates == Actions == * == Interesting links == * https://jhalderm.com/pub/papers/conjure-ccs19.pdf * Conjure CCS'19 paper now out * Filed https://bugs.torproject.org/32064 after last week's discussion on web search results on "download tor" == Updates == FORMAT! Name: This week: - What you worked on this week. Next week: - What you are planning to work on next week (related to anti-censorship work). Help with: - Something you may need help with. Hiro: Started restoring Twitter Responder. When retrieving tweets I need to check for new tweets only otherwise Gettor will end up responding to old back log and already answered messages. Next Week: - Work on gettor specs - More with review of strings and website content and translation phw: This week (2019-10-17): * Sent five private obfs4 bridges to frontdesk for distribution to users in need. * Finished prototype of obfs4 flow obfuscator: * https://trac.torproject.org/projects/tor/ticket/30716#comment:16 * Filed ticket suggesting that we should only use >=80%-complete languages in BridgeDB: * https://trac.torproject.org/projects/tor/ticket/32035 * Filed ticket on more useful search results for "download tor": * https://trac.torproject.org/projects/tor/ticket/32064 * Created wiki page that documents our process for supporting NGOs with private bridges: * https://trac.torproject.org/projects/tor/wiki/org/teams/AntiCensorshipTeam/… * Did some prototyping for a bridge test tool: * https://trac.torproject.org/projects/tor/ticket/31874 * Reviewed #31384 and #31253. * Preparation for OTF summit. * Started removing PGP support from BridgeDB: * https://trac.torproject.org/projects/tor/ticket/17548 * Helped dgoulet debug an exitmap bootstrapping issue (culprit was outdated Stem). * Answered question of RACE collaborator on the necessity of obfs4's node ID. * Finally deployed BridgeDB's language switcher (and released v0.9.0): * https://trac.torproject.org/projects/tor/ticket/26543 * May have (accidentally) fixed another translation-related issue while implementing #26543: * https://trac.torproject.org/projects/tor/ticket/19839 * Debugged and fixed BridgeDB's broken email responder: * https://trac.torproject.org/projects/tor/ticket/32105 * If only we had our email monitoring system in place already :( * Changed expiration date of my PGP (sub)key. Next week: * Help with: * Need feedback on https://trac.torproject.org/projects/tor/ticket/31874#comment:2 (bridge test service) Gaba: (updated October 10th) Last week (): * sponsor 30 meeting This week (planned): * ahf Last week: - Worked on #28930 This week: - Finished refactoring parts of #28930. Trying to figure out if we should begin the discussion on how PT's can report back on bootstrap info. - Continued to work on a tool to convert Trac tickets into Gitlab tickets. cecylia (cohosh): last updated 2019-10-17 Last week: Last week: - update webextension version and deploy new versions of snowflake broker and proxies (#31889) - fixed open UDP sockets bug (#31285) - revised and merged snowflake website localization (#31384) and webext packaging script(#31253) - grant writing - progress on snowflake tests (#29259) - review of bridgedb localization ticket - created #32117 for collecting information on bridgedb scraping - did some more snowflake health checks: about 2/3 of all connections open a data channel in < 20s This week: - continue on tests (#29259) - snowflake dogfood and think about how to address bad snowflake health - refactor proxy-pair state machine (#31310) - work on #29207 and #29206 - look at recent improvements to obfs4 (#30716) catalyst: week of 09/19 (planned): - reviews - sponsor31 planning - coding style discussion - comment on draft network team review guidelines - #30984 week of 09/19 (actual): - reviews - sponsor31 planning - talking with people about proposed network team review processes week of 09/26 (planned): - reviews - sponsor31 doc coordination - checking in on Season of Docs work - #30984 arlolra: 2019-10-17 Last week: - merged #31685, #31537 - responded to #31765 - started on #31028 Next week: - continue on #31028 - add a build step / documentation for code reuse in cupcake Help with: - look at #31028 if you're curious, but not much to show yet dcf: 2019-10-17 Last week: - archived test pion builds from #28942 - redeployed meek-server instances (#31890) - prototyping KCP and QUIC in obfs4proxy - reviewed #29206 (sequencing protocol for Snowflake) - reviewed Snowflake broker and bridge upgrade (#31889) - helped deploy Snowflake webext-0.0.11 - reviewed Snowflake favicon (#31537) - posted a cleanup patch to remove unnecessary code (#32046) - posted a patch to remove Python LICENSE from Tor Browser (#32068) - reviewed Snowflake LICENSE packaging patch (#31932) - reviewed Snowflake socket leak fix (#31285) - dealt with a goptlib upgrade (#32056, #32076) - investigated a reported problem with the old meek-http-helper code (#32037) - set up a new instance of the Snowflake broker with IPv6 (#29258) Next week: - prototyping KCP and QUIC in obfs4proxy - review #29207 (broker protocol for Snowflake) Help with: - need meek-azure to redeploy meek-server for #31890

1 0