tor-project

tor-project@lists.torproject.org

16 participants
2324 discussions

ebanam's monthly status report and user support report for January 2024
by ebanam 07 Feb '24

07 Feb '24

Hello everyone, Last month there was a slight uptick in private bridge requests from Chinese speaking users which also involved helping users with installing Tor Browser, troubleshooting Tor Browser on Windows and using pluggable transports. Similar to last month, we got another couple of reports about the "Proxy Server Refused Connection" bug affecting users using Tor Browser for Android on Oppo devices.[0] Following is a breakdown of tickets our user support team handled in January: # Frontdesk (email support channel) * 450(↓) RT tickets created * 430(↓) RT tickets resolved Tickets by numbers: 1. 208(↑) RT tickets: private bridge requests from Chinese speaking users. 2. 115(↓) RT tickets: circumventing censorship in Russian speaking countries. 3. 2(-) RT tickets: "Proxy Server Refused Connection" bug on Tor Browser for Android, affecting users with Oppo phones. Highlighting some other topics we received questions and feedback: 4. Circumventing censorship with Tor in Farsi. 5. Question about how to contribute and volunteer.[1] 6. Question on how to setup Tor Browser Alpha for Alpha testing.[2] # Telegram, WhatsApp and Signal Support channel * 508(↓) tickets resolved Breakdown: * 485(↓) tickets on Telegram * 15(↓) tickets on WhatsApp * 8(↓) tickets on Signal Tickets by numbers: 1. 325(↓) tickets: circumventing censorship in Russian speaking countries. 2. 16(↓) tickets: circumventing censorship with Tor in Farsi. 3. 13(↓) tickets: private bridge requests from Chinese speaking users. 4. 3 tickets: Questions about using GetTor Highlighting some other topics we received questions about: 5. Help with installing Tor Browser on Linux. 6. Questions about Orbot: how to use obfs4 bridges and snowflake with Orbot. 7. PTs on Tor Browser 13 do not work with Windows 7 (issue is resolved with Tor Browser 13.0.8)[3]. # Highlights from the Tor Forum 1. How to start Tor Browser on Linux?[4] 2. New Alpha Release: Tor Browser 13.5a4[5]. Help us test initial implementation of Connect Assist on Tor Browser for Android. 3. Tor Browser unable to connect on Windows 10[6] Thanks! e. Note: (↑), (↓) and (-) are indicating if the number of tickets we received for these topics have been increasing, decreasing or have been the same from the previous month respectively. [0]: https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/41289 [1]: https://community.torproject.org/ [2]: https://community.torproject.org/user-research/become-tester/ [3]: https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/42179 [4]: https://forum.torproject.org/t/how-to-start-tor-browser-on-linux/11202 [5]: https://forum.torproject.org/t/new-alpha-release-tor-browser-13-5a4/11386 [6]: https://forum.torproject.org/t/tor-browser-cant-connect/11259

1 0

cohosh's monthly status report, January 2024
by Cecylia Bocovich 05 Feb '24

05 Feb '24

Hi! This is my status report for contract work done in January 2024. # Reputation-based bridge distribution Most of this month was spent on the integration of Lox with Tor Browser. The completed Lox module has now been merged. https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/10d5eb0… https://gitlab.torproject.org/tpo/applications/tor-browser/-/merge_requests… https://gitlab.torproject.org/tpo/anti-censorship/team/-/issues/116 # Snowflake - Reviewed SQS rendezvous work https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow…

1 0

Rhatto's Monthly Status Report, January 2024
by rhatto 02 Feb '24

02 Feb '24

Hi all :) This is my monthly status report for January 2024 with the main relevant activities I have done during the period. ## 0. Research * Minor research activities related to The Onion Plan: https://tpo.pages.torproject.net/onion-services/onionplan/ ## 1. Development ### Onionspray * Worked on Onionspray, a new Onion Services rewriting proxy based on EOTK: https://gitlab.torproject.org/tpo/onion-services/onionspray Details in an upcoming release/announcement message. ### Onionbalance * Improved the sketch design for implementing PoW: https://gitlab.torproject.org/tpo/onion-services/onionbalance/-/issues/13#n… * Organized tasks into milestones: * 0.2.3: https://gitlab.torproject.org/tpo/onion-services/onionbalance/-/milestones/1 * 0.3.0: https://gitlab.torproject.org/tpo/onion-services/onionbalance/-/milestones/2 ## 2. Support * Ongoing sponsored work with deployment, maintenance and monitoring of Onion Services. * Did some support related to setting up Onion Services. ## 3. Organization Time spent (from the total available for Tor-related work): | Category | Percentage |---------------|------------ | Research | 3 | Development | 49 | Support | 8 | Organization | 40 |---------------|------------ | Total | 100 -- Silvio Rhatto pronouns he/him

1 0

Nina’s Monthly Status Report: January, 2024
by Nina 01 Feb '24

01 Feb '24

Hi! Below is my January’24 report! In January, I resolved 531 tickets: On Telegram (@TorProjectSupportBot) - 404 On RT (frontdesk@tpo) - 115 On WhatsApp (+447421000612) - 9 and on Signal (+17787431312) - 3. My main focus of work is to help Russian-speaking users use Tor Browser and circumvent internet censorship. In January, there was a visible increase in the number of users from Russia requesting bridges and assistance with connection to Tor. The spike is visible in the Metrics data [1]. The increase can be explained by the upcoming presidential elections in Russia in March'24 and the blocking of popular messengers like WhatsApp in some regions of Russia in the course of protests [2]. I also assisted with Russian localization, focusing on reviewing and approving existing translations and fixing minor errors. In January, we again faced an increased number of tickets from the OPPO phone owners, who struggle to use Tor Browser on their devices [3]. With the help of our users, I reported several minor issueslike: - bridges(a)torproject.org not working - check.torproject.org not working [4] Also in January I took part as a moderator in the Relay Operators Meetup[5]. [1] https://metrics.torproject.org/userstats-bridge-country.html?start=2023-11-… <https://metrics.torproject.org/userstats-bridge-country.html?start=2023-11-…> [2] https://www.themoscowtimes.com/2024/01/24/widespread-telegram-whatsapp-outa… [3] https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/41289 [4] https://gitlab.torproject.org/tpo/network-health/metrics/tor-check/-/issues… [5] https://forum.torproject.org/t/tor-relays-next-tor-relay-operator-meetup-20…

1 0

Anti-censorship team meeting notes, 2024-02-01
by Shelikhoo 01 Feb '24

01 Feb '24

Hey everyone! Here are our meeting logs: http://meetbot.debian.net/tor-meeting/2024/tor-meeting.2024-02-01-15.58.html And our meeting pad: Anti-censorship work meeting pad -------------------------------- Anti-censorship -------------------------------- Next meeting: Thursday, February 8 16:00 UTC Facilitator: cohosh Weekly meetings, every Thursday at 16:00 UTC, in #tor-meeting at OFTC (channel is logged while meetings are in progress) This week's Facilitator: shelikhoo == Goal of this meeting == Weekly check-in about the status of anti-censorship work at Tor. Coordinate collaboration between people/teams on anti-censorship at the Tor Project and Tor community. == Links to Useful documents == * Our anti-censorship roadmap: * Roadmap:https://gitlab.torproject.org/groups/tpo/anti-censorship/-/boards * The anti-censorship team's wiki page: * https://gitlab.torproject.org/tpo/anti-censorship/team/-/wikis/home * Past meeting notes can be found at: * https://lists.torproject.org/pipermail/tor-project/ * Tickets that need reviews: from sponsors, we are working on: * All needs review tickets: * https://gitlab.torproject.org/groups/tpo/anti-censorship/-/merge_requests?s… * Sponsor 96 <-- meskio, shell, onyinyang, cohosh * https://gitlab.torproject.org/groups/tpo/-/milestones/24 * Sponsor 150 <-- meskio working on it * https://gitlab.torproject.org/groups/tpo/anti-censorship/-/issues/?label_na… == Announcements == * 0.4.7.x EOL:"~964 bridges, which means roughly 45% of the advertised bridges bandwidth)" https://forum.torproject.org/t/tor-relays-psa-tor-0-4-7-reaches-end-of-life… * PSA: Elections in Pakistan February 8th. == Discussion == * Tor Browser binaries are getting too big, can we reduce the size of PTs? * TB 13.0.9 was initially rejected by Google, compressed with 7-zip as a temporary workaround. * Could possibly combine multiple Go executables into one (so as to ship only one Go runtime), similar to how IPtProxy does it. * https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/issues/1… * There's a possible difficulty in reconciling all the possibly different version numbers of the dependencies of constituent programs. * https://github.com/u-root/gobusybox * Or, instead of independent executables, can make a new unified pluggable transport client dispatcher, that decides which transports to instantiate using the normal TOR_PT_CLIENT_TRANSPORTS etc. mechanism. * Merging webtunnel + lyrebird could be a good first step (shelikhoo will create an issue to track this) * Add WebTunnel built-in bridge in TB or does it need more testing? * As a way of educating users and operators about this new PT * Discussion on the use of builtin bridges: https://gitlab.torproject.org/tpo/anti-censorship/team/-/issues/102 * First step is to find an operator * builtin bridge informal requirements: https://gitlab.torproject.org/tpo/anti-censorship/team/-/wikis/Default-Brid… == Actions == == Interesting links == == Reading group == * We will discuss "" on * * Questions to ask and goals to have: * What aspects of the paper are questionable? * Are there immediate actions we can take based on this work? * Are there long-term actions we can take based on this work? * Is there future work that we want to call out in hopes that others will pick it up? == Updates == Name: This week: - What you worked on this week. Next week: - What you are planning to work on next week. Help with: - Something you need help with. cecylia (cohosh): 2024-02-01 Last week: - Lox Tor Browser integration - finished Lox module implementation - wrote up testing documentation for code auditors - SQS rendezvous deployment - https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… This week: - open issue to update snowflake version for tor browser to include SQS rendezvous - update wasm-bindgen fork to fix some bugs and hopefully upstream changes - tor-browser-build updates for lox wasm + bindings generation - rebase and try out manifest v3 patch - Conjure bridge maintenance Needs help with: dcf: 2024-02-01 Last week: Next week: - review draft MR for unreliable data channels https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… - open issue to have snowflake-client log whenever KCPInErrors is nonzero https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… - parent: https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… - open issue to disable /debug endpoint on snowflake broker - move snowflake-02 to new VM Help with: meskio: 2023-12-21 Last week: - grant writing Next week: Shelikhoo: 2024-02-01 Last Week: - HTTPS distributors in rdsys: https://gitlab.torproject.org/tpo/anti-censorship/rdsys/-/issues/191 - Inspect Snowflake Situation In China - Merge request reviews Next Week/TODO: - HTTPS distributors in rdsys: https://gitlab.torproject.org/tpo/anti-censorship/rdsys/-/issues/191 - Update WebTunnel Container Image - Inspect Snowflake Situation In China onyinyang: 2023-02-01 Last week(s): - Bug fixing and other things that come up as lox integration is rolled out - Started writing tests to figure out problem that makes distributor hang when bridges are not working - fixing a number of things that are not working as expected with sync functiosn This week: - Continuing with bug fixing and other things that come up as lox integration is rolled out - Finish up fixing problems with syncing functions - Make Lox invitation endpoint only accessible via telegram - attempt hyper upgrade again (long term things were discussed at the meeting!): https://pad.riseup.net/p/tor-ac-community-azaleas-room-keep - brainstorming grouping strategies for Lox buckets (of bridges) and gathering context on how types of bridges are distributed/use in practice Question: What makes a bridge usable for a given user, and how can we encode that to best ensure we're getting the most appropriate resources to people? 1. Are there some obvious grouping strategies that we can already consider? e.g., by PT, by bandwidth (lower bandwidth bridges sacrificed to open-invitation buckets?), by locale (to be matched with a requesting user's geoip or something?) 2. Does it make sense to group 3 bridges/bucket, so trusted users have access to 3 bridges (and untrusted users have access to 1)? More? Less? theodorsm: 2023-01-11 Last weeks: - Currently in the start phase of writing my master thesis (to be finished late june 2024) in communication technology on reducing distinguishability of DTLS. The goal is to implement a validated DTLS anti-fingerprinting library similar to uTLS (useful for Snowflake). Next weeks: - Talk with Sean DuBois about contributing to adding anti-fingerprinting capabilities to the pion library Help with: - Find recent data set of captured DTLS traffic

1 0

PieroV's Monthly Status Report, January 2024
by Pier Angelo Vendrame 01 Feb '24

01 Feb '24

Hi everyone! Here is my status report for January 2024. For most of the month, I worked on the Windows installer for Mullvad Browser [0]. This also involved working on NSIS. I finally succeeded in building it with Clang [1], so Rust remains the only project requiring GCC on Windows. Then, I refactored our existing Windows installer [2]. At this point, I could write a brand new installer for Mullvad Browser. It hasn't been reviewed yet, and it will need some polishing. However, it will help me to deal with the default browser feature, which I've just started investigating [3]. In addition to that, I helped with the January releases. I rebased stable and alpha onto Firefox 115.7.0esr and prepared the stable releases. At the moment of publishing, the Play Store rejected our x86 APK because it exceeded the 100MB threshold [4]. Therefore, I patched our build system to repack the APK using 7-zip, which offers better compression also for zip files. We saved around 4MB, enough to get the APK approved. Long-term alternatives could be Android App Bundles [5], which would force us to switch to Play App Signing, or APK Expansion files [6]. But we are trying to remove more unused assets first. Another Android problem I worked on was the incompatibility of 13.5a3 with API < 26 devices because I had used some NIO API. Finally, I resolved some issues with spoof English and reviewed a pair of big merge requests about S96 deliverables. Best, Pier [0] https://gitlab.torproject.org/tpo/applications/mullvad-browser/-/issues/200 [1] https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/issues/4… [2] https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/issues/4… [3] https://gitlab.torproject.org/tpo/applications/mullvad-browser/-/issues/80 [4] https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/issues/4… [5] https://developer.android.com/guide/app-bundle [6] https://developer.android.com/google/play/expansion-files

1 0

Tor Browser weekly meeting moved to February 6th 1500 UTC
by Richard Pospesel 31 Jan '24

31 Jan '24

Hi everyone, Due to scheduling conflicts, we will be moving our weekly Tor Browser meeting to Tuesday February 6th at 1500 UTC in #tor-meeting on OFTC IRC. best, -richard

1 0

minutes from the sysadmin meeting
by Antoine Beaupré 26 Jan '24

26 Jan '24

The usual, sorry nothing fancy this month. # Roll call: who's there and emergencies no emergency. anarcat and lavamind online. # Dashboard cleanup Normal per-user check-in: * https://gitlab.torproject.org/groups/tpo/-/boards?scope=all&utf8=%E2%9C%93&… * https://gitlab.torproject.org/groups/tpo/-/boards?scope=all&utf8=%E2%9C%93&… * https://gitlab.torproject.org/groups/tpo/-/boards?scope=all&utf8=%E2%9C%93&… General dashboards: * https://gitlab.torproject.org/tpo/tpa/team/-/boards/117 * https://gitlab.torproject.org/groups/tpo/web/-/boards * https://gitlab.torproject.org/groups/tpo/tpa/-/boards Had a long chat about metrics requirements, comments in https://gitlab.torproject.org/tpo/tpa/team/-/issues/41449 # 2024 roadmap We reviewed the proposed roadmap. All seem well, although there was some surprise in the team at the reversal of the decision taken in Costa Rica regarding migrating from SVN to Nextcloud. # Metrics of the month * hosts in Puppet: 88, LDAP: 88, Prometheus exporters: 169 * number of Apache servers monitored: 35, hits per second: 759 * number of self-hosted nameservers: 6, mail servers: 10 * pending upgrades: 0, reboots: 0 * average load: 0.58, memory available: 3.34 TiB/4.81 TiB, running processes: 391 * disk free/total: 64.37 TiB/131.80 TiB * bytes sent: 380.84 MB/s, received: 252.72 MB/s * planned bookworm upgrades completion date: 2024-08-22 * [GitLab tickets][]: 206 tickets including... * open: 0 * icebox: 163 * backlog: 23 * next: 8 * doing: 4 * needs information: 4 * needs review: 4 * (closed: 3434) [Gitlab tickets]: https://gitlab.torproject.org/tpo/tpa/team/-/boards Upgrade prediction graph lives at https://gitlab.torproject.org/tpo/tpa/team/-/wikis/howto/upgrades/bookworm/ Now also available as the main Grafana dashboard. Head to <https://grafana.torproject.org/>, change the time period to 30 days, and wait a while for results to render. -- Antoine Beaupré torproject.org system administration

1 0

Anti-censorship team meeting notes, 2024-01-25
by onyinyang 25 Jan '24

25 Jan '24

Hey everyone! Here are our meeting logs: http://meetbot.debian.net/tor-meeting/2024/tor-meeting.2024-01-25-15.58.html And our meeting pad: Anti-censorship work meeting pad -------------------------------- Anti-censorship -------------------------------- Next meeting: Thursday, February 116:00 UTC Facilitator: shelikhoo Weekly meetings, every Thursday at 16:00 UTC, in #tor-meeting at OFTC (channel is logged while meetings are in progress) This week's Facilitator: onyinyang == Goal of this meeting == Weekly check-in about the status of anti-censorship work at Tor. Coordinate collaboration between people/teams on anti-censorship at the Tor Project and Tor community. == Links to Useful documents == * Our anti-censorship roadmap: * Roadmap:https://gitlab.torproject.org/groups/tpo/anti-censorship/-/boards * The anti-censorship team's wiki page: * https://gitlab.torproject.org/tpo/anti-censorship/team/-/wikis/home * Past meeting notes can be found at: * https://lists.torproject.org/pipermail/tor-project/ * Tickets that need reviews: from sponsors, we are working on: * All needs review tickets: * https://gitlab.torproject.org/groups/tpo/anti-censorship/-/merge_requests?s… <https://gitlab.torproject.org/groups/tpo/anti-censorship/-/merge_requests?s…> * Sponsor 96 <-- meskio, shell, onyinyang, cohosh * https://gitlab.torproject.org/groups/tpo/-/milestones/24 * Sponsor 150 <-- meskio working on it * https://gitlab.torproject.org/groups/tpo/anti-censorship/-/issues/?label_na… == Announcements == * == Discussion == * SQS rendezvous deployment * follow up from last week: cohosh will try to deploy later today * https://github.com/net4people/bbs/issues/325"Default Snowflake bridges in Tor browser 13.0.8 stopped working properly in China since around 2024-01-12" * dcf hasn't had a chance to look at the logs yet * no big change in aggregate statistics https://people.torproject.org/~dcf/metrics-country.html?start=2023-11-01&en… <https://people.torproject.org/~dcf/metrics-country.html?start=2023-11-01&en…> * BridgeStatus also shows many 10% results for snowflake bootstrap attempts in China * 2024-01-25 https://gitlab.torproject.org/tpo/anti-censorship/connectivity-measurement/… * 2024-01-10 https://gitlab.torproject.org/tpo/anti-censorship/connectivity-measurement/… * 2023-12-10 https://gitlab.torproject.org/tpo/anti-censorship/connectivity-measurement/… rate of bootstrap percent, some 100 * https://mastodon.social/@tor4zh/111811643889038641 * from packet capture from vantage point, appears that there is a full block of proxy (one way stun) and block of server hello packet (keep receiving client hello) == Actions == == Interesting links == == Reading group == * We will discuss "" on * * Questions to ask and goals to have: * What aspects of the paper are questionable? * Are there immediate actions we can take based on this work? * Are there long-term actions we can take based on this work? * Is there future work that we want to call out in hopes that others will pick it up? == Updates == Name: * This week: * - What you worked on this week. * Next week: * - What you are planning to work on next week. * Help with: * - Something you need help with. cecylia (cohosh): 2024-01-25 * Last week: * - merged SQS rendezvous feature * - talked to browser team about lyrebird issue * - worked on Lox module for Tor Browser * This week: * - finish Lox module implementation * - update wasm-bindgen fork to fix some bugs and hopefully upstream changes * - tor-browser-build updates for lox wasm + bindings generation * - deploy SQS rendezvous changes at broker * - https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… * - rebase and try out manifest v3 patch * - Conjure bridge maintenance * Needs help with: dcf: 2024-01-25 * Last week: * -adjusted parity of upper port range on snowflake-02 https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… * - answered a question about distribution of users over snowflake bridges https://lists.torproject.org/pipermail/anti-censorship-team/2024-January/00… * - hacked a little bit on ALPN-01 ACME challenge in snowflake server https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… * Next week: * - review draft MR for unreliable data channels https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… * - open issue to have snowflake-client log whenever KCPInErrors is nonzero https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… * - parent: https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… * - open issue to disable /debug endpoint on snowflake broker * - move snowflake-02 to new VM Help with: meskio: 2023-12-21 Last week: - grant writing Next week: Shelikhoo: 2024-01-25 Last Week: * - HTTPS distributors in rdsys: https://gitlab.torproject.org/tpo/anti-censorship/rdsys/-/issues/191 * - update container image for snowflake-proxy and obfs4-proxy(Image is published already, while merge request under review: https://gitlab.torproject.org/tpo/anti-censorship/docker-snowflake-proxy/-/…) * - Merge request reviews Next Week/TODO: * - HTTPS distributors in rdsys: https://gitlab.torproject.org/tpo/anti-censorship/rdsys/-/issues/191 * - Inspect Snowflake Situation In China onyinyang: 2023-01-25 * Last week(s): * - Bug fixing and other things that come up as lox integration is rolled out * - document API for lox client/server requests * - get next unlock function * * This week: * - Bug fixing and other things that come up as lox integration is rolled out * - Figure out problem that makes distributor hang when bridges are not working * -Make Lox invitation endpoint only accessible via telegram * - attempt hyper upgrade again * * (long term things were discussed at the meeting!): https://pad.riseup.net/p/tor-ac-community-azaleas-room-keep * - brainstorming grouping strategies for Lox buckets (of bridges) and gathering context on how types of bridges are distributed/use in practice * Question: What makes a bridge usable for a given user, and how can we encode that to best ensure we're getting the most appropriate resources to people? * 1. Are there some obvious grouping strategies that we can already consider? * e.g., by PT, by bandwidth (lower bandwidth bridges sacrificed to open-invitation buckets?), by locale (to be matched with a requesting user's geoip or something?) * 2. Does it make sense to group 3 bridges/bucket, so trusted users have access to 3 bridges (and untrusted users have access to 1)? More? Less? * theodorsm: 2023-01-11 * Last weeks: * - Currently in the start phase of writing my master thesis (to be finished late june 2024) in communication technology on reducing distinguishability of DTLS. The goal is to implement a validated DTLS anti-fingerprinting library similar to uTLS (useful for Snowflake). * Next weeks: * - Talk with Sean DuBois about contributing to adding anti-fingerprinting capabilities to the pion library * Help with: * - Find recent data set of captured DTLS traffic -- --- onyinyang GPG Fingerprint 3CC3 F8CC E9D0 A92F A108 38EF 156A 6435 430C 2036

1 0

Anti-censorship team meeting notes, 2024-01-18
by Shelikhoo 18 Jan '24

18 Jan '24

Hey everyone! Here are our meeting logs: http://meetbot.debian.net/tor-meeting/2024/tor-meeting.2024-01-18-15.57.html And our meeting pad: Anti-censorship work meeting pad -------------------------------- Anti-censorship -------------------------------- Next meeting: Thursday, January 25 16:00 UTC Facilitator: cohosh Weekly meetings, every Thursday at 16:00 UTC, in #tor-meeting at OFTC (channel is logged while meetings are in progress) This week's Facilitator: shelikhoo == Goal of this meeting == Weekly check-in about the status of anti-censorship work at Tor. Coordinate collaboration between people/teams on anti-censorship at the Tor Project and Tor community. == Links to Useful documents == * Our anti-censorship roadmap: * Roadmap:https://gitlab.torproject.org/groups/tpo/anti-censorship/-/boards * The anti-censorship team's wiki page: * https://gitlab.torproject.org/tpo/anti-censorship/team/-/wikis/home * Past meeting notes can be found at: * https://lists.torproject.org/pipermail/tor-project/ * Tickets that need reviews: from sponsors, we are working on: * All needs review tickets: * https://gitlab.torproject.org/groups/tpo/anti-censorship/-/merge_requests?s… * Sponsor 96 <-- meskio, shell, onyinyang, cohosh * https://gitlab.torproject.org/groups/tpo/-/milestones/24 * Sponsor 150 <-- meskio working on it * https://gitlab.torproject.org/groups/tpo/anti-censorship/-/issues/?label_na… == Announcements == * == Discussion == * DTLS anti-fingerprinting library similar to uTLS * Useful for snowflake: https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… * Sean DuBois (from pion) has been interested in this and may have ideas on what this library could look like * SQS rendezvous deployment * https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… * almost ready for final merge, any objections to doing so? * can announce the new rendezvous method on forum and bbs as before with ampcache * will have a look at possible attack by flooding the service to generate significant bill * AWS may or may not support setting billing limits. Can at least set billing alerts. * Possibly use prepaid card with limited funds. * Future plan is to componentize the broker and make rendezvous methods more modular, not part of the SQS work though * https://bugs.torproject.org/tpo/anti-censorship/pluggable-transports/snowfl… * Also encrypt rendezvous messages separately from the rendezvous channel, https://bugs.torproject.org/tpo/anti-censorship/pluggable-transports/snowfl… * Our docker containers are out of date for snowflake and obfs4 * Have a version of tor that soon will be EOL * shelikhoo will update them from https://gitlab.torproject.org/tpo/anti-censorship/docker-obfs4-bridge and https://gitlab.torproject.org/tpo/anti-censorship/docker-snowflake-proxy == Actions == == Interesting links == * == Reading group == * We will discuss "" on * * Questions to ask and goals to have: * What aspects of the paper are questionable? * Are there immediate actions we can take based on this work? * Are there long-term actions we can take based on this work? * Is there future work that we want to call out in hopes that others will pick it up? == Updates == Name: This week: - What you worked on this week. Next week: - What you are planning to work on next week. Help with: - Something you need help with. cecylia (cohosh): 2024-01-18 Last week: - Lox + Tor Browser integration - Found a fix for snowflake shadow simulations - https://github.com/shadow/shadow/pull/3279 - Contributed to discussion on missing shadow feature policy - https://github.com/shadow/shadow/issues/3280 This week: - Review of final SQS rendezvous changes - Lox + Tor Browser integration - rebase and try out manifest v3 patch - Conjure bridge maintenance Needs help with: dcf: 2024-01-18 Last week: - started to review draft MR for unreliable data channels, merged cosmetic changes to main https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… - posted summary of snowflake bridge users in 2023 https://forum.torproject.org/t/snowflake-bridge-metrics-2023-year-in-review… Next week: - review draft MR for unreliable data channels https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… - open issue to have snowflake-client log whenever KCPInErrors is nonzero https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… - parent: https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… - open issue to disable /debug endpoint on snowflake broker - move snowflake-02 to new VM Help with: meskio: 2023-12-21 Last week: - grant writing Next week: Shelikhoo: 2024-01-18 Last Week: - HTTPS distributors in rdsys: https://gitlab.torproject.org/tpo/anti-censorship/rdsys/-/issues/191 - Merge request reviews Next Week/TODO: - HTTPS distributors in rdsys: https://gitlab.torproject.org/tpo/anti-censorship/rdsys/-/issues/191 - update container image for snowflake-proxy and obfs4-proxy onyinyang: 2023-01-11 Last week(s): - Finished Telegram bot dev - Continue to support Lox wasm stubs as needed - Holiday! This week: - Bug fixing and other things that come up as lox integration is rolled out - document API for lox client/server requests - Other Lox bug fixes/improvements - attempt hyper upgrade again theodorsm: 2023-01-11 Last weeks: - Currently in the start phase of writing my master thesis (to be finished late june 2024) in communication technology on reducing distinguishability of DTLS. The goal is to implement a validated DTLS anti-fingerprinting library similar to uTLS (useful for Snowflake). Next weeks: - Talk with Sean DuBois about contributing to adding anti-fingerprinting capabilities to the pion library Help with: - Find recent data set of captured DTLS traffic (long term things were discussed at the meeting!): https://pad.riseup.net/p/tor-ac-community-azaleas-room-keep - brainstorming grouping strategies for Lox buckets (of bridges) and gathering context on how types of bridges are distributed/use in practice Question: What makes a bridge usable for a given user, and how can we encode that to best ensure we're getting the most appropriate resources to people? 1. Are there some obvious grouping strategies that we can already consider? e.g., by PT, by bandwidth (lower bandwidth bridges sacrificed to open-invitation buckets?), by locale (to be matched with a requesting user's geoip or something?) 2. Does it make sense to group 3 bridges/bucket, so trusted users have access to 3 bridges (and untrusted users have access to 1)? More? Less?

1 0

Jump to page:

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

tor-project