- tor-project - lists.torproject.org

Tor User Support team will be partly unavailable during the holidays between December 19 2024 to January 5 2025
by ebanam 03 Dec '24

03 Dec '24

Hello, Tor User Support team will be partly unavailable between December 19th, 2024 and January 5th, 2025. If you reach out to us on our user support channels via email[0], Tor Forum[1], Telegram[2], WhatsApp[3] or Signal[4], it may take longer than usual for us to respond. Please rest assured we will get back to your messages as soon as possible. Our team will be back at our regular office hours[5] from January 6th, 2025. Thank you! Community Team Tor Project [0]: frontdesk(a)torproject.org [1]: https://forum.torproject.org [2]: https://t.me/TorProjectSupportBot [3]: https://wa.me/447421000612 [4]: https://signal.me/#p/+17787431312 [5]: https://tb-manual.torproject.org/support/

1 0

cohosh's monthly status report, November 2024
by Cecylia Bocovich 03 Dec '24

03 Dec '24

Hi! This is my status report for contract work done in November 2024. # Snowflake Snowflake was blocked in Russia in early November. The blocking has since stopped (at least temporarily). I did some analysis using the automatically generated pcaps from our vantage point, and write a few patches to more easily test whether specific proxies or versions of Snowflake can evade the blocking. We'll continue to monitor reachability in case the blocking returns. https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… My main ongoing task on Snowflake is to look at how we can use Snowflake broker metrics to more accurately detect and respond to censorship events. https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… I released version 0.9.2 of the webextension and version 2.10.1 of snowflake this month. We had a major upgrade of the Snowflake broker at the end of November. This required a few followup tasks and debugging. I worked on getting metrics back up and running. https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… And lastly, a few small logging fixups for Snowflake proxies https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… # PT library work After October, there were a few outstanding tasks and issues with the IPtProxy rewrite. This has now been merged and released as version 4.0.0! https://github.com/tladesignz/IPtProxy/tree/4.0.0 https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/lyre… # Domain fronting A few of the remaining Fastly front domains renewed their certificates recently, so we had to update all of our settings to use non-Fastly configurations. https://gitlab.torproject.org/tpo/anti-censorship/team/-/issues/151 https://github.com/guardianproject/orbot/pull/1197 I made some more progress on the meek bridge handover, and updated the bridge to use the new meek.torproject.net and meektm.torproject.net domains. https://gitlab.torproject.org/tpo/anti-censorship/team/-/issues/133 # Lox I worked on a few code quality changes last month, including simplifying some Lox tests so they run more easily on laptops. https://gitlab.torproject.org/tpo/anti-censorship/lox/-/merge_requests/281 https://gitlab.torproject.org/tpo/anti-censorship/lox/-/merge_requests/277 # Miscellaneous All the usual merge request reviews and general project maintenance tasks :) I helped with some grant writing and planning early this month. I also helped debug a tor bootstrapping issue with PTs https://gitlab.torproject.org/tpo/core/tor/-/issues/40990

1 0

Nina’s Monthly Status Report, November, 2024
by Nina 03 Dec '24

03 Dec '24

Hi! Below is my November’24 report! In November, I resolved 1569 (↑465) tickets: * On Telegram (@TorProjectSupportBot) - 1351 (↑496); * On RT (frontdesk@tpo) - 215 (↓33); * On WhatsApp (+447421000612) - 3 (↑2); * and on Signal (+17787431312) - 0 (0). Since August 2024, I've noticed a significant increase in Russian-speaking user requests on our support channels: * July: 587 tickets * August: 928 tickets * September: 994 tickets * October: 1104 tickets * November: 1569 tickets (this report) My main focus in November was to help Russian-speaking users bypass censorship and help users to resolve any issues they are facing with Tor Browser. I also took part in Tor Forum moderation and worked reviewingGoogle PlayStore users reviews. In November,we had much more tickets from Russian-speaking users than usual (+42% comparing with October). It happened due to internet censorship in Russia is getting more severe, and some pluggable transports are being blocked or partially blocked[1]. So in November,we launched a WebTunnelcampaign and asked the Tor community to help users in Russia by running more bridges [2], which is a pluggable transport reported to work well in Russia. Last monthwe got multiple requests from Apple devices users from Russia regarding what app to use on iOS or how to downloadTor Browser - macOS does not allow to install apps downloaded from Telegram [3], so users need to use website mirror. The process of upgrading CDR.link has started in November[4],which included upgrade to a newer Zammad version, testing, bug reporting and consultation with the contractor. *##**Google Play Reviews for Tor Browser**(TBA)**and Tor Browser Alpha**for Android* Tor Browser for Androidhad a Google Play rating of 4.89 (↓) stars in November 2024, which is lower than in October. Tor Browser for Android (TBA) got 672 (↓19) reviews out of 59,115 for the lifetime. Tor Browser for Android Alpha (TBA-Alpha) app had a rating of 4.241 (↓) which is lower than in October. In November, Tor Browser for Android (TBA-Alpha) got 38 (↓2) reviews out of 8,396 for the lifetime. Most common issues on the Google Play store reviews: * Tor Browser doesn’t work: mostly from Russian users, who are struggling to find a bridge that is not blocked; * Tor speed is too slow:This issue is currently under investigation, I'lloffer users some ways to improve the speed and gather their feedback. [1] https://gitlab.torproject.org/tpo/anti-censorship/censorship-analysis/-/iss… [2] https://blog.torproject.org/call-for-webtunnel-bridges/ [3] https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/issues/4… [4] https://gitlab.torproject.org/tpo/community/support/-/issues/40165

1 0

intrigeri's report, November 2024
by intrigeri 03 Dec '24

03 Dec '24

Hi, I took 1.5 week off for personal reasons mid-November. The work time & energy I had left was barely enough to do most of the usual day-to-day work that's not worth reporting about, hence this slim report. User-visible ============ I prepared a short talk for the State of the Onion, then recorded it in highly challenging circumstances. I'm happy with the script, I think the slides are good ~enough, and the actual delivery has lots of margin for improvement. User-invisible ============== I did the usual amount of KTLO work; nothing worth highlighting this month. Team lead ========= I've been working, together with a number of other Tor folks from my team and other teams, on a large grant proposal. This was the opportunity for me to discover the workflows and tooling used by Tor in this area, and gain some familiarity with it. Accounting ========== We've been making some more progress on transitioning away from the former Tails fiscal sponsorship arrangements into Tails' new nest, the Tor project. Cheers, -- intrigeri

1 0

Rhatto's Monthly Status Report, November 2024
by rhatto 02 Dec '24

02 Dec '24

Hi all :) This is my monthly status report for November 2024 with the main relevant activities I have done, was involved or are related to my work during the period. ## SOTO 2024 * Did a presentation at Tor's State of the Onion 2024. Video available at https://www.youtube.com/watch?v=HjPdReNmf_g&t=596s ## Internet Archive * Support given for the Archive's new onionsite! It was released on SOTO: https://www.youtube.com/watch?v=EODNtLqD7f8&t=3196s ## Onionspray * Released Onionspray 1.6.2 (application to serve regular websites as onionsites): https://forum.torproject.org/t/onionspray-release-1-6-2/16014 ## Onionprobe * Released Onionprobe 1.2.1 (Onion Services monitoring application): https://forum.torproject.org/t/onionprobe-release-1-2-1/16015 * The Onionprobe role is not available at the Ansible Galaxy: https://galaxy.ansible.com/ui/standalone/roles/torproject/onionprobe/ ## Support Did the usual and ongoing sponsored work with deployment, maintenance and monitoring of Onion Services. -- Silvio Rhatto pronouns he/him

1 0

minutes from the sysadmin meeting
by Antoine Beaupré 02 Dec '24

02 Dec '24

# Roll call: who's there and emergencies anarcat, groente, lavamind, lelutin, zen # Dashboard review We did our normal weekly checkin. # Last minute December coordination We're going to prioritize the converging the email stuff, ganeti and puppet upgrades, and security policy, although that might get delayed to 2025. # Holidays planning Confirmed shifts discussed in the 1:1s. # 2025 roadmap validation No major change, pauli upgraded before 2025, and anarcat will unsubscribe from Tails nagios notifications. # Metrics of the month * hosts in Puppet: 90, LDAP: 90, Prometheus exporters: 505 * number of Apache servers monitored: 33, hits per second: 669 * number of self-hosted nameservers: 6, mail servers: 11 * pending upgrades: 20, reboots: 0 * average load: 1.02, memory available: 3.73 TiB/4.99 TiB, running processes: 380 * disk free/total: 65.44 TiB/139.91 TiB * bytes sent: 395.69 MB/s, received: 248.31 MB/s * planned bookworm upgrades completion date: 2024-10-23 * [GitLab tickets][]: 257 tickets including... * open: 0 * icebox: 157 * future: 39 * needs information: 10 * backlog: 21 * next: 12 * doing: 11 * needs review: 8 * (closed: 3804) [Gitlab tickets]: https://gitlab.torproject.org/tpo/tpa/team/-/boards Obviously, the completion date is incorrect here, as it's in the past. As mentioned above, we're hoping to complete the bookworm upgrade before 2025. Upgrade prediction graph lives at: https://gitlab.torproject.org/tpo/tpa/team/-/wikis/howto/upgrades/bookworm/ Note that the all-time graph was updated to be more readable, see the gorgeous result in: https://gitlab.torproject.org/tpo/tpa/team/-/wikis/howto/upgrades/#all-time… -- Antoine Beaupré torproject.org system administration

1 0

Felicia's Montly Status Report, November 2024
by Priscila 02 Dec '24

02 Dec '24

Hi everyone, My status report for November 2024 is entirely focused on this Moat issue: https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/42605 Although I knew this task would be quite complex before starting, it proved to be more complex than I thought, as you can see from the numerous UI versions I made before realizing I’d need to step back to study things better: https://www.figma.com/design/4XiUaZPch3ejewlZO56lkR/Tor-Browser-14.5?node-i… Since Moat can be difficult to understand for non-tech people, comprehending how it works was the first step. For this, I used a CSD matrix based on information gathered in a meeting with the devs. Later on, it was necessary to understand the user flows where Moat calls are made so we know when we need to ask for the user’s consent. So with all that, I needed to answer some questions (e.g. what are we trying to tell users and why?) so I can summarize everything in a way to educate users on Moat calls and allow them to make an informed decision whether they consent to it or not - I’m actually in this point of the task. Besides that, I also worked on very small tasks of support to devs. Best, Priscila (aka Felicia) - UX Team

1 0

PieroV's Monthly Status Report, November 2024
by Pier Angelo Vendrame 02 Dec '24

02 Dec '24

Hi everyone! Here is my status report for November 2024. November was a short month for us, as we took a team break to rest a bit after the big 14.0 release and because of the holidays. For most of the month, I investigated how to remove Lox's WASM blob and instead integrate the Lox Rust crate in the browser build system [0]. Also, I checked the various options for exposing this integration crate to JavaScript, as the front end will remain in that language. This work will hopefully help us also when switching to Arti in the browser. We've also discussed the future changes for the Tor daemon integration in the browser, and I had to review a major refactor made by Henry [1], which took me some time. Apart from that, I rebased our 128-based channels (14.0 and 14.5), fixed the release preparation script to take the needs of the legacy channel into account [2], and made other similar fixes [3]. Also, I signed a release (13.5.10) for the first time. We decided to allow more people to sign to be more responsive under some circumstances and to spread the load on the team. Then, towards the end of the month, I resumed the work on anti-fingerprinting. I evaluated Thorin's proposal to abandon `font.system.whitelist` in favor of font visibility, which would bring us closer to Firefox [4]. While doing so, I found a problem with the changes I made to the FontConfig configuration file the previous month [5]. Finally, I proposed a fix for a conflict between the OpenSSL 3.0.x we ship with the tor daemon, and OpenSSL 3.2.x, required by a transitive dependency, which prevented the browser from starting in some systems [6]. If you have the same problem, deleting our libcrypto (form `TorBrowser/Tor`) should work, but we'll provide a proper fix in our next update. Best, Pier [0] https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/43096 [1] https://gitlab.torproject.org/tpo/applications/tor-browser/-/merge_requests… [2] https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/issues/4… [3] https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/merge_re… [4] https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/43322 [5] https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/43330 [6] https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/43326

1 0

Moving gitlab to our Dallas cluster on Thursday 2024-11-28
by Gabriel Filion 29 Nov '24

29 Nov '24

Hello, Additionally to the mail server switch on Monday, we're planning to move/migrate the gitlab server from our Falkenstein-based cluster to the one in Dallas. This move will be happening on Thursday november 28th starting at 18:00 UTC. The disks for the gitlab server are fairly sizeable so the transfer could be taking a long time. Our current estimates are that it could take about 18 hours to transfer. We will try launching an operation to zero out empty parts of the disk volumes before starting the transfer in the hopes that it could give the transfer a boost. So the transfer will most likely take gitlab offline until the next day, friday 29th, at which time we'll make sure that the service is coming back online properly. If there's any issue during the outage, please reach out to us via IRC or email, but not through gitlab issues since this last one will obviously be offline at that time. For status updates, see: https://status.torproject.org/issues/2024-11-28-gitlab-migration/ Cheers!

1 1

Anti-censorship team meeting notes, 2024-11-28
by Shelikhoo 28 Nov '24

28 Nov '24

Hey everyone! Here are our meeting logs: http://meetbot.debian.net/tor-meeting/2024/tor-meeting.2024-11-28-16.00.html And our meeting pad: Anti-censorship work meeting pad -------------------------------- Anti-censorship -------------------------------- Next meeting: Thursday, December 05 16:00 UTC Facilitator: onyinyang ^^^(See Facilitator Queue at tail) Weekly meetings, every Thursday at 16:00 UTC, in #tor-meeting at OFTC (channel is logged while meetings are in progress) This week's Facilitator: shelikhoo == Goal of this meeting == Weekly check-in about the status of anti-censorship work at Tor. Coordinate collaboration between people/teams on anti-censorship at the Tor Project and Tor community. == Links to Useful documents == * Our anti-censorship roadmap: * Roadmap:https://gitlab.torproject.org/groups/tpo/anti-censorship/-/boards * The anti-censorship team's wiki page: * https://gitlab.torproject.org/tpo/anti-censorship/team/-/wikis/home * Past meeting notes can be found at: * https://lists.torproject.org/pipermail/tor-project/ * Tickets that need reviews: from projects, we are working on: * All needs review tickets: * https://gitlab.torproject.org/groups/tpo/anti-censorship/-/merge_requests?s… * Project 158 <-- meskio working on it * https://gitlab.torproject.org/groups/tpo/anti-censorship/-/issues/?label_na… == Announcements == == Discussion == (old) * Snowflake blocking in Russia November 2024 * https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… * No apparent difference in DTLS handshakes between proxies that continue working and proxies that stop working. * Reports say that some proxies stop working, but only after transferring some traffic. * Hard to test because we can't easily control the proxy. It would be a good idea to set up a small test deployment to afford us more experimental control. * cohosh will work on that. * Traffic analysis fingerprinting? An old padding patch: https://github.com/net4people/bbs/issues/255#issuecomment-1566227484\ (New Nov 21) * Snowflake blocking in Russia November 2024 * Restored copy-paste signaling (manual without broker) to be able to control the proxy connection. * https://gitlab.torproject.org/cohosh/snowflake/-/commit/a4a574a4584332fc282… * Still blocked with a new proxy: therefore likely some kind of protocol fingerprinting, not proxy enumeration. * https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… * Still blocked with client-side padding patch as well. * https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… * theodorsm's covertDTLS fork https://gitlab.torproject.org/theodorsm/snowflake/-/tree/covert-dtls-test * Snowflake broker transition * Next monday 2024-11-25 there will be a DNS switch from the current broker to the new broker primary. * https://gitlab.torproject.org/tpo/tpa/team/-/issues/41878 (new Nov 28) * Broker Transition Anomaly * (added by non-Tor member WofWca): Evaluate [the plan for "Multi-Pool Matching Support"](https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snowflake/-/issues/40156#note_3132445)? * Snowflake blocking in Russia seems to have stopped == Actions == == Interesting links == * == Reading group == * We will discuss "" on * * Questions to ask and goals to have: * What aspects of the paper are questionable? * Are there immediate actions we can take based on this work? * Are there long-term actions we can take based on this work? * Is there future work that we want to call out in hopes that others will pick it up? == Updates == Name: This week: - What you worked on this week. Next week: - What you are planning to work on next week. Help with: - Something you need help with. cecylia (cohosh): 2024-11-28 Last week: - followed up on the snowflake blocking in Russia - helped debug and recover from the snowflake broker upgrade - caught up a bit on reviews - fixed the logging of the new proxy event (snowflake#40413) - started looking at alerts for censorship events (snowflake#40416) This week: - alerts for censorship events (snowflake#40416) - keep looking at snowflake blocking in Russia - take care of review backlog - finish snowflake dependency upgrades that were causing problems - take a look at snowflake web and webext translations and best practices - make changes to Lox encrypted bridge table - https://gitlab.torproject.org/tpo/anti-censorship/lox/-/merge_requests/147 Needs help with: - what was that censorship events mailing list? dcf: 2024-11-21 Last week: - released goptlib v1.6.0 https://lists.torproject.org/mailman3/hyperkitty/list/anti-censorship-team@… Next week: - comment on updates to unreliable snowflake transport https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… - open issue to have snowflake-client log whenever KCPInErrors is nonzero https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… - parent: https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… - open issue to disable /debug endpoint on snowflake broker Help with: meskio: 2024-11-28 Last week: - investigate why the metrics of the new broker were not arriving to prometheus (tpa/team#41902) - try to upgrade snowflake gitlab CI to debian stable and fail (for now) - multiple grant writting work (logic model, reviews, ...) - reports for grants fun - WIP: update snowflake proxy debian package (snowflake#40414) Next week: - update snowflake proxy debian package (snowflake#40414) Shelikhoo: 2024-11-28 Last Week: - [Pending] snowflake broker update/reinstall(cont.): https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… - [Awaiting Review] Unreliable+unordered WebRTC data channel transport for Snowflake rev2 (cont.)( https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… ) improvements - Vantage point deployment in Iran - Snowflake new broker deployment - Merge request reviews Next Week/TODO: - Merge request reviews - Work on finishing snowflake container release(and fix the comments) - Incorrectly flattened container image with "pull" command https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… onyinyang: 2024-11-21 Last week(s): - working on refactor of Lox (library) protocols to improve issuing efficiency as described in: https://eprint.iacr.org/2024/1552.pdf - WIP MR: https://gitlab.torproject.org/tpo/anti-censorship/lox/-/merge_requests/284 - Adjusted dependencies to line up with non-wasm browser integration for: https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/43096) - https://gitlab.torproject.org/tpo/anti-censorship/lox/-/merge_requests/283 - Updating renovate bot to ignore these dependencies (and maybe others) - Fixed up wasm changes in https://gitlab.torproject.org/tpo/anti-censorship/lox/-/merge_requests/271 Next week: - Fix up Troll-patrol MR - Deploy test distributor - Continue work on improving issuer efficiency in Lox protocols - update lox protocols to return duplicate responses for an already seen request - Work on outstanding milestone issues: in particular: https://gitlab.torproject.org/tpo/anti-censorship/lox/-/issues/69 - key rotation automation Later: pending decision on abandoning lox wasm in favour of some kind of FFI? https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/43096) - add pref to handle timing for pubkey checks in Tor browser - add trusted invitation logic to tor browser integration: https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/42974 - improve metrics collection/think about how to show Lox is working/valuable - sketch out Lox blog post/usage notes for forum (long term things were discussed at the meeting!): - brainstorming grouping strategies for Lox buckets (of bridges) and gathering context on how types of bridges are distributed/use in practice Question: What makes a bridge usable for a given user, and how can we encode that to best ensure we're getting the most appropriate resources to people? 1. Are there some obvious grouping strategies that we can already consider? e.g., by PT, by bandwidth (lower bandwidth bridges sacrificed to open-invitation buckets?), by locale (to be matched with a requesting user's geoip or something?) 2. Does it make sense to group 3 bridges/bucket, so trusted users have access to 3 bridges (and untrusted users have access to 1)? More? Less? theodorsm: 2024-10-24 Last weeks: - Adjusting to post-student life - Testing out beta releases of pion dtls and webrtc Next weeks: - Update Snowflake to use latest pion upstream releases - Test Snowflake fork with covert-dtls - Condensing thesis into paper Help with: - Feedback on thesis Facilitator Queue: onyinyang meskio shelikhoo 1. First available staff in the Facilitator Queue will be the facilitator for the meeting 2. After facilitating the meeting, the facilitator will be moved to the tail of the queue

1 0