- tor-project - lists.torproject.org

Network team meeting notes; March 5
by Nick Mathewson 08 Mar '19

08 Mar '19

Hi! It looks like meetbot.debian.net is down right now, so I can't past the link to the chat today. But here are our notes from the meeting: = Network team meeting pad! = This week's team meeting is at Tuesday 5 March at 2300 UTC on #tor-meeting on OFTC. Welcome to our meeting! First meeting each month: Tuesday at 2300 UTC Other meetings each month: Mondays at 1800 UTC On #tor-meeting on OFTC. March schedule: * Tuesday 5 March at 2300 UTC * Monday 11 March at 1700 UTC * Monday 18 March at 1700 UTC * Monday 25 March at 1700 UTC April schedule notes: * Monday 22 April is an Easter public holiday May schedule notes: * teor will be on leave at the start of May (This channel is logged while meetings are in progress.) (See https://lists.torproject.org/pipermail/tor-project/2017-September/001459.ht… for background.) Want to participate? Awesome! Here's what to do: 1. If you have updates, enter them below, under your name. 2. If you see anything you want to talk about in your updates, put them in boldface! 3. Show up to the IRC meeting and say hi! After each week's meetings, the contents of this pad will be sent to tor-project @ lists.torproject.org. After that is done, the pad can be used for the next week. == Previous notes == (Search the list archive for older notes.) 22 Jan: https://lists.torproject.org/pipermail/tor-project/2019-January/002184.html 11 Feb: https://lists.torproject.org/pipermail/tor-project/2019-February/002214.html 19 Feb: https://lists.torproject.org/pipermail/tor-project/2019-February/002225.html 25 Feb: https://lists.torproject.org/pipermail/tor-project/2019-March/002236.html == Stuff to do every week = * Let's check and update the roadmap. What's done, and what's coming up? We're using a kanban board: https://storm.torproject.org/shared/_mx8PMGOHFBOximocl1gy3COvhLPr6k3Ja7JA1v… <-- filter by your name and check the 'in progress' column is correct. * Check reviewer assignments! Here are the needs-review tickets, by reviewer: https://trac.torproject.org/projects/tor/query?status=needs_review&reviewer… Here are the outstanding reviews, oldest first: https://trac.torproject.org/projects/tor/query?status=needs_review&componen… Including sbws: https://trac.torproject.org/projects/tor/query?status=needs_review&componen… * Also, let's check for things we need update on our spreadsheet! Are there important documents we should link to? Things we should archive? * Check rotations at https://trac.torproject.org/projects/tor/wiki/org/teams/NetworkTeam/TeamRot… Core Tor/sbws is now part of the bug triage, CI, and reviewer assignment roles == Reminders == * Remember to "/me status: foo" at least once daily. * Remember that our current code reviews should be done by end-of-week. * Make sure you are in touch with everybody with whom you are doing work for the next releases * Remember to fill up the 'actual point' field when you close a ticket. We need those to calculate velocity. * Add planned PTO to the calendar https://storm.torproject.org/shared/ISA5L5nH0Xu88iqSCx9ZjCXYSMKOBTdbUeWarbd… * Check other's people call for help in their entries. ------------------------------- ---- 5 March 2019 ------------------------------- == Announcements == - The master branch is now 0.4.1.x; 0.4.0 development will continue in maint-0.4.0. - No more backports to 0.3.3; support ends on Thursday! - US DST begins this coming Sunday; let's be careful for schedules next week [catalyst: are we going to follow US DST for the Monday meetings as we have before?] yes -- previously decided that Monday meetings move with US DST; see https://trac.torproject.org/projects/tor/wiki/org/teams/NetworkTeam == Discussion == === Review Assignments === We need to prioritize sbws's reviews this month as Juga is wrapping up their work in March. When we assign reviews, can we skip people who are on leave? Before we go on leave, can we give away our reviews? === Recommended Versions === Are these okay for versions to recommend in the directory: 0.2.9: 0.2.9.14 and later on clients; 0.2.9.15 and later on relays 0.3.3: no versions 0.3.4: only 0.3.4.10 and later, because of #28912 and #28245. 0.3.5: only 0.3.5.7 and later, because of #28912 and #28973. 0.4.0: 0.4.0.1-alpha and 0.4.0.2-alpha. ? In particular, I am claiming that TROVE-2019-001 and #29175 are not critical enough to make us unrecommend affected versions in the consensus. Is that right? -NM teor says: #29175 seems ok, your socks port should not be open to the world. For TROVE-2019-001, maybe relays and onion services should upgrade? Relay ops are reporting that it fixes memory usage issues. === Getting Help === What's the best way to get other people to help me with blockers? For example, backports are really slow due to Appveyor. I put a fix in #29601 on Thursday last week, and asked if someone to review it on IRC. Should I ask a specific person on IRC? Or is there a better contact method? === Fixing IPv6-only network failures === Tor clients don't work on IPv6-only networks, and it's starting to affect more users (#29641). There are config options that switch a client to prefer IPv6, but they aren't on by default. (If they are set the wrong way for the current network, they interact badly with the 0.3.0 guard code, because they cause too many connection failures.) When can we spend some time on getting tor clients working on IPv6-only networks? === Tor Meeting === - Brainstorming Tor meeting invites - is there anyone that we're working with a lot that we want to make sure is invited? === Policy planning === == Recommended links == == Updates == NOTE NEW FORMAT! Name: Week of XYZ (planned): - What you planned for last week. Week of XYZ (actual): - What you did last week. Week of ABC (planned): - What you're planning to do this week. Help with: - Something you may need help with. PLEASE DO NOT BULK-DELETE THE OLD ENTRIES! Leave the "Planned" parts! Leave the parts for last week and this week! gaba (possible offline or lurking): Week of 02/25 (actual): - continue on https://gitlab.com/gabelula/tor-documentation-processes - track sponsors & update roadmaps on wiki for each sponsor Week of 03/04 (planned): - processes https://gitlab.com/gabelula/tor-documentation-processes - I will be offline the last 2 weeks of March but still reachable by signal. teor: (online!) Week of 25 Feb (planned): Roadmap Coding (3 days per week): - Plan my coding tasks after trimming Sponsor V Other: - Make Sponsor V smaller (24 points) - must be done before I start new coding tasks! - Send out release capacity meeting time - Blocked: Merge some merge_ready tickets - Blocked: Stable maintainer triage and merges - Leave admin (deferred) - Large reviews (deferred) Week of 25 Feb (actual): Roadmap Coding (3 days per week): - Get bandwidth counters working (#29019 and children) Other: - Release capacity meeting prep / revised proposed tickets process - Email backlog: draft proposal and policy comments, admin, etc. - 7/9 assigned reviews, including sbws reviews, and small reviews - Did some extra reviews (#29280, #28525, #26288, #29500) - Made Sponsor V smaller, and re-planned roadmap coding - CI/Coverity rotation: Fixed some urgent CI bugs (#29530, #29599, #29601) - Work out merge process, set up merge environment - Do some backport merges (#29145, #29599, #25116, #25113, #24903) - Clear out 033-backport, because 0.3.3 is no longer supported Week of 4 Mar (planned): Roadmap Coding (3 days per week): - Bandwidth stats for PrivCount: #29019, #17036, #29005 Roadmap Reviews: - nickm's chutney CI tickets Other: - Update merge scripts to remove 033 - Large reviews - Put the merge policy on the wiki - Triage my email - Leave admin - Blocked: Stable maintainer triage and merges Week of 4 Mar (actual): Roadmap Coding (3 days per week): - Bandwidth stats for PrivCount: #29019, #17036, #29005 Reviews: - 9/10 assigned reviews - Added a comment to #23588 explaining the extra work that needs to be done before I can review it. Other: - Bugfixes for #28656, #29643 - Revised #29640, #23576 - Ticket herding and opening bugfix tickets - Updated my user page, so the tickets are in priority order - Un-assigned a bunch of tickets that I won't be doing in the next 2 months Blocked: - Intermittent CI failures: #29500, #29693, #29437 Help with: Nick: Week of 25 Feb (planned) - Respond to ADL folks - Lots of email - More reviews: catch up - Discuss merging policy - Work on map_anon test breakage (29534) - Chutney CI work Week of 25 Feb (actual): - Reviews, merges - Answer lots of email - Work on policy proposals - Various CI&Chutney tickets: 29712, 29618, 29583 - Bugfix for map_anon test (29534?) Week of 4 March (planned)P: - Come up with a list of recommended versions - Reviews, merges. There are some big branches here, so I'll need longer than usual - Update my rup.py example code for the latest prop295 - Find some 040-must items to finish - Next steps on CI (ask teor) - Next steps on pubsub (pending catalyst review) dgoulet (missing meeting): Week of 25 Feb (actual) - Proposal changes with teor on #26288. Code was put in needs_review. - BridgeDB tickets. The majority is in needs_review waiting on sysrqb. - Worked on the git maintenance scripts. - Reviews and open couple tickets. Week of 4 Mar (planned) - AFK. Mike (likely will miss meeting) Week of 2/25 (planned) - Discuss #29494 ideas with dgoulet - Hopefully start on #28780 - Investigate potential vanguards false positive Week of 2/25 (actual): - Discussed #29494 ideas with dgoulet; pondered - Worked on scalability mails & pad - Mails with researchers - Investigated #29500 Week of 3/04 (planned): - Finish #29204 and #29494 - More research and scaling mails catalyst: week of 02/25 (2019-W09) (planned): - expense reporting (probably for reals because various statements have closed with posted transactions that were previously pending) - reviews - proof of concept of adapting some bootstrap reporting code to pubsub as part of #28226 review week of 02/25 (2019-W09) (actual): - reviews - some progress on POC adapting bootstrap reporting to pubsub - more review comments on pubsub - got some updates from dgoulet about what's needed to make a bridgedb release, including one open issue that already has a ticket open - medical bureaucracy week of 03/04 (2019-W10) (planned): - reviews - finish up commenting on pubsub - expense reporting - make some progress on #28925 (distinguish proxy vs PT in bootstrap) if pubsub stuff works out well juga (offline): Week 25 Feb (planned): - Merge pending tickets in 1.0 milestone - Release sbws 1.0.3 - Test all the children to Monitor relays that are not measured by each sbws instance (#28547) in the public network and fix them if need it Week 25 Feb (actual): - Merge pending tickets in 1.0 milestone - Test new master in the public network - Create debian package - Test debian package in the public network - Moved to 1.1 milestone tickets not that prioritary - Revisions - Wored on Timeout waiting for measurements (#28864, #28865) - Planned March Week 4 March (plan): - Release sbws 1.0.3 - Test all the children to Monitor relays that are not measured by each sbws instance (#28547) in the public network and fix them if need it Needs help with: - strategy to work with several branches that touch same code without ending in git merge/rebase pain? (to talk tomorrow in irc?) - note: additionally, sometimes i need to work on several tickets at the same time to test them all together asn: Week of 02/18 (planned): - Move towards finishing up #29298 after getting Mike's feedback. - Discuss more about WTF-PAD future. - Start looking into roadmap task #29221. - Do reviews. - If time permits, read Tim's response to "walking onions" thread wrt onion services. Week of 02/18 (actual): - Did revisions on #29298 after Mike's review. I think this is probs ready after a final review and a squash. - Discussed onionbalance proposal with dgoulet and Nick. Interesting developments I need to write down. - Discussed merge policy. - Discussed [tor-researchers] mailing list processes with Iain and Chelsea. - Did reviews. Week of 02/25 (planned): - Get #29298 merged. - Do roadmap item #29221. - Start scoping down open 040-must bugfixes like #29527 and #28970. - Write down the onionbalance v3 discussion. Help with: - Mike can you handle the appveyor #29500 bug? ahf: Week of 2/25 (planned) Sponsor 19: - Update Broker.markdown with Cohosh's comments on #28848 and close it. - Continue work on #29207. - Work with Cohosh on the Marionette bridge instance for the application team (#26920) - Talk with Kat and Gaba about Report #2 Misc: - Solve bootstrap-with-PT cancelling crash on Windows on #29562 - Try to reproduce asn/mikeperry's issue from #29500 on Windows Week of 2/25 (actually) Sponsor 19: - Finished #28848 together with cohosh. - Manage to get cohosh's docker testing environment up and running (#29489) - Continued work on #29207. Misc: - Fixed bootstrap-with-PT cancelling crash issue on Windows on #29562 - Spend some time trying to reproduce #29500, but without success. Gave up in the end. - Second review of David's authenticated sendme work in #26288 Week of 3/5 (planned) Sponsor 19: - Finish #29207 - Talk with cohosh, gaba, and kat about Report #2 Misc: - End of month stuff: Harvest

1 0

February 2019 report for the Tor Browser team
by Georg Koppen 08 Mar '19

08 Mar '19

Hello! In February the Tor Browser team made two releases, 8.0.6 and 8.5a8, mainly to pick up a security bugfix for Firefox[1]. Apart from that we worked on four major projects during the month: 1) Getting Tor Browser for Android ready for the next big alpha milestone: we got pluggable transport support working[2] and are currently finalizing our new UI[3]. With a bit of luck we can even test the enhanced Tor Onion Proxy Library (TOPL) in our next alpha as well, which will finally allow us to drop Orbot as a dependency.[4] 2) Integrating Tor Launcher into tor-browser[5]: this is basically done and awaiting review and further testing in upcoming alphas. The tighter integration into the browser code itself will allow us an easier transition to the next major Firefox release and removing Tor Launcher from the extension signing exceptions. 3) Cross-compiling our Linux 32-bit bundles on 64-bit machines[6]: we faced out-of-memory scenarios on some build machines when compiling 32-bit Linux bundles. They should be gone now with the cross-compilation. This is especially important for our switch to the next Firefox ESR which will very likely require even more resources to build Tor Browser. 4) Redesign of our security controls[7]: we like to make our security slider easier accessible and integrate it more into Tor Browser while we restructure our toolbar[8]. A patch for this feature is under review and will hopefully be available in the next alpha for further testing. The full list of tickets closed by the Tor Browser team in February is accessible using the `TorBrowserTeam201902` keyword in our bug tracker.[9] In March we'll continue polishing Tor Browser for Android, preparing a first stable release. This will be Tor Browser 8.5 which we hopefully get out at the end of the month. We have a number of tickets on our radar for that major release, which are still open, and that can get queried with the `tbb-8.5` keyword.[10] We'll see how far we get with those. Apart from release preparations we plan to finish our work on getting our testsuite[11] back into a usable shape and to work on our new mingw-w64/clang-based toolchain for Windows cross-compilation.[12] All tickets on our radar for this month can be seen with the `TorBrowserTeam201903` keyword in our bug tracker.[13] Georg [1] https://googleprojectzero.blogspot.com/2019/02/the-curious-case-of-convexit… [2] https://bugs.torproject.org/28802 [3] https://bugs.torproject.org/28329 [4] https://bugs.torproject.org/27609 and child tickets [5] https://bugs.torproject.org/28044 [6] https://bugs.torproject.org/26323 [7] https://bugs.torproject.org/25658 [8] https://gitweb.torproject.org/tor-browser-spec.git/tree/proposals/101-secur… [9] https://trac.torproject.org/projects/tor/query?status=closed&keywords=~TorB… [10] https://trac.torproject.org/projects/tor/query?status=!closed&keywords=~tbb… [11] https://bugs.torproject.org/27105 and child tickets [12] https://bugs.torproject.org/28716 [13] https://trac.torproject.org/projects/tor/query?status=accepted&status=assig…

1 0

Notes from March 7 2019 Vegas team meeting
by Karsten Loesing 08 Mar '19

08 Mar '19

Notes for March 7 2019 meeting: Georg: 1) Dev meeting invites Steph: 1) Answered questions for the internet health report. 2) Preparing for Libreplanet panel and booth. 3) Taking part in a small campaign for the 30th birthday of the web with the Web Foundation 4) Will be trying to raise money for an Outreachy intern to help with comms 5) Preparing for website launch. Reviewing illos. 6) Submitted application to be a def con vendor 7) Onion services inquiry 8) Blog comment policy done and live 9) International Womens Day prep Antonela: 1) Reviewing 8.5 Release, Security Settings, Onboarding, TBA Network Settings 2) Organizing IFF, TBA user testing script, accommodation, etc 3) Working on Personas with dunqan 4) Working on tpo.org with Hiro 5) Debriefing India and Indonesia travels with Pili and Caroline 6) Reviewing Community team's SOI, UX Team roadmap, tickets triage, end of month duties 7) Coordinating with Jon for printing outreach material Sarah: 1) Fundraising for Outreachy internship sponsorship. 2) Doing a soft launch of new acceptance of additional cryptocurrencies. If you know any enthusiasts who might want to donate, we have wallets now for several - just ping me. New webpage should launch next week. 3) Grants team is finishing a DRL SOI for training work in Brazil, India, and Mexico. Also a separate proposal for training work in Costa Rica. 4) Almost done with the Fundraising Team wiki: https://trac.torproject.org/projects/tor/wiki/org/teams/FundraisingTeam 5) Met with PM from Media Democracy Fund. 6) Connecting with folks at PayPal about problems using PayPal to donate on Tor Browser. Mike: 1) Padding, vanguards dev work 2) tor-scaling discussions Nick: 1) Many of the network team are going on leave some time soon; our rate of progress will go down a bit. 2) Much progress on 0.4.1 3) About to unrecommend a bunch of older releases in the consensus 4) Feedback on blog policy: On the most recent announcement, we were not successful on doing daily check-ins, nor were we able to give every comment a reply. Comments are now closed on that announcement (after 2 weeks). Sue: 1) Audit is done and Financial Statement is complete [Can you send this to me for the state registrations? - Sarah][Yes, will do] 2) Still have to do the 990 (tax return) for the six month period 1/1/18 - 6/30/18 3) Slugging through pile of stuff that has been piling up during this audit process 4) General invoicing, payroll and disbursement stuff Erin: 1) scheduling interviews for Browser and OONI devs 2) onboarding sysadmin 3) prepping for Isa being in the office next week 4) general HR stuff isabela: 1) writing blog post for International Women's Day 2) reviewing proposals that are going out on monday 3) writing 'ED update letter' to the community 4) working on next fy budget and board book docs (next board meeting will be on march 25th) Pili: 1) Helping with DRL SOI for Community Team 2) Started UX ticket triage with Antonela 3) Finished off the last of the Team vision exercises with the Browser team last week. 4) Collected dev-meeting invite suggestions from the Browser, Community and UX teams. 5) Outreachy 6) Fought with a couple of raspberry pis, onionshare and video compression tools 7) Gettor meeting Karsten: 1) Finished integration tests for metrics-web that already found their first bug. 2) Made progress on our last remaining technical report for Sponsor 13. 3) Started an exit list specification as first step to rewrite TorDNSEL. 4) Met for our monthly team retrospective. Gaba: 1) ooni hiring follow up 2) tor scaling coordination 3) onionperf/metrics checkin 4) outreachy follow up on fundraising campaign

1 0

The new blog comment policy is live
by Stephanie A. Whited 05 Mar '19

05 Mar '19

Hi everyone, Thanks to all who helped with this. The new blog comment policy is live and in effect. Guidelines for commenters can be found on each blog post, and guidelines for authors / moderators are on the wiki: https://trac.torproject.org/projects/tor/wiki/doc/community/blog-comment-po… Best, Steph -- Stephanie A. Whited Communications Director The Tor Project IRC: stephw PGP Key ID: 39A876AD <https://pgp.mit.edu/pks/lookup?op=get&search=0x6D6B72C339A876AD>

1 0

January and February 2019 report and March 2019 plans for the metrics team
by Karsten Loesing 04 Mar '19

04 Mar '19

Hello Tor, hello world! Below you'll find the highlights of Tor metrics team work done in January and February 2019 as well as a few expected highlights for the current month, March 2019. On behalf of the Tor metrics team, Karsten January and February 2019: Held an in-person meeting in Brussels to make plans with other teams and to make a new roadmap for the next six months [1]. [1] https://storm.torproject.org/shared/TsgBadLSfM8uh_aftPjxmR_rm0a8E-4UQ2HEa_l… Performed a one-off analysis of existing OnionPerf measurements with special focus on slow runs, timeouts, and failures [2, 3]. [2] https://people.torproject.org/~karsten/volatile/onionperf-metrics-2019-02-0… [3] https://people.torproject.org/~karsten/volatile/onionperf-metrics-2019-02-2… Started drafting guidelines for adding data to Tor Metrics [4]. [4] https://bugs.torproject.org/29315 Presented Tor Metrics at FOSDEM 2019 [5]. A transcript of the presentation is also available [6]. [5] https://fosdem.org/2019/schedule/event/monitoring_anon/ [6] https://iain.learmonth.me/blog/2019/2019w064/ Continued to document considerations for privacy-preserving safe measurements of live networks [7] to be included in an IETF Internet Draft on the topic [8]. [7] https://github.com/irl/draft-safe-internet-measurement/issues [8] https://datatracker.ietf.org/doc/draft-learmonth-pearg-safe-internet-measur… Took ownership of OnionPerf development. The canonical repository is now hosted on git.tpo [9] and is mirrored to GitHub [10] to accept pull requests (and to later run CI). [9] https://gitweb.torproject.org/onionperf.git/ [10] https://github.com/torproject/onionperf Added a "single-shot" mode to OnionPerf to enable easier testing during development and towards use in CI environments [11]. [11] https://github.com/torproject/onionperf/pull/1 Improved test coverage for OnionPerf [12]. [12] https://github.com/torproject/onionperf/pull/4 Added support for testing v3 onion service performance in OnionPerf [13]. [13] https://github.com/torproject/onionperf/commit/c8b0fc22809900ee35938ee7f89e… Continued working on second report for Sponsor13 [14, 15] [14] https://bugs.torproject.org/29648 [15] https://bugs.torproject.org/29649 Ported the research portal content to a Hugo static site [16] and deployed a staging version for feedback [17]. [16] https://bugs.torproject.org/26838 [17] https://research-staging.torproject.org/ Established a new research@tpo alias [18] to allow for external researchers to contact Tor people that manage the Research Portal/Mailing List. [18] https://bugs.torproject.org/29557 March 2019: Add integration tests [19] for the data-processing modules powering the Tor Metrics website. [19] https://bugs.torproject.org/29425 Write a specification document for exit lists [20]. [20] https://bugs.torproject.org/29624 Replace advertised bandwidth distribution graphs by consensus weight distribution graphs [21]. [21] https://bugs.torproject.org/29330 Presenting Tor Metrics at the Scottish Networking Event [22] on the 12th March. [22] http://scone.cs.st-andrews.ac.uk/wiki/ Attending IETF 104 and presenting the above Internet Draft on safe measurement [23]. [23] https://www.ietf.org/how/meetings/104/

1 0

Tor Browser team meeting notes, 4 Mar 2019
by Georg Koppen 04 Mar '19

04 Mar '19

Hi all! We just had a short weekly meeting and I wanted to share the meeting notes, as usual. The IRC log can be found at: http://meetbot.debian.net/tor-meeting2/2019/tor-meeting2.2019-03-04-18.29.l… and the items from our pad are: Discussion: - next releases (GeKo: we won't get to another alpha release before the Firefox security bugfix release on 3/19, alas :( ) mcs and brade: Last week: - Posted patches for #28044 (Integrate Tor Launcher into tor-browser). - Posted a patch for #29627 (Moat: add support for obfsproxy's meek_lite). - Reviewed patch for #29120 (media.cache_size causes some media to load extremely slowly). - Debugged #29535 (Context menu does not open on New Tab). - Provided some feedback for #27484 (Onboarding: unintuitive not-navigation buttons). - Helped with triage of incoming bugs. This week/soon: - For #28044, revise proposal 102 to take into account intrigeri’s comments as well as some things we learned during implementation. - Fix #29445 (Tor Browser is denying ESR policies.json) - Investigate #29630 (TorBrowser creates empty directory in "/tmp”) - Begin work on #29440 (Update about:tor when Tor Browser is updated). - Investigate #27484 comment:13 (DDG onboarding doorhanger disappears after tab switch). - Review the Firefox updater security audit report. sysrqb: Last week: some release prep Worked on F-Droid release process Worked on TBA UI improvements and crash (28329) BridgeDB admin TOPL integration and OrbotService This week: Finish next iteration of TBA bootstrapping UI Some BridgeDB patch reviews Helping with TBA PT integration (if needed) sisbell: Last week(s): - 29575 - Create tor-browser-build for Firefox with TOPL libraries: Resolved duplicate class problems. Transitive use of class files is OK. Transitive use of resources is a problem (meaning an embedded dependency aar of an embedded dependency) . I believe I finally have a solution (see below, Next Week same issue). - Testing of tor-android-service. Latest code is not passing bootstrap complete message correctly to UI. This is largely cosmetic but needs to be resolved. - responded to sysrqb code review comments. Opened issues at TOPL project for tracking. - Investigated building of tor for Android. Looked into and prototyped use of ndk-build for tor dependencies: openssl and libevent. This Week: - 29575: To resolve missing resource issues, I’m going to put orbot and tor-android-service and topl into the local artifact repo as part of the Firefox build, rather than the mobile/android/app. I believe gradle treats repo transitive resources differently. I’m also going to put dependent projects aar libraries as compileOnly scope (provided) so that we are guaranteed to only have one copy. - Create new branch with latest changes to tor-browser-build - More testing - Resolve open issues at TOPL I'd like to move most of the resources from tor-android-service to orbot app, since tor-android-service doesn't use them. (GeKo: We should talk to the guardianproject folks about that; sisbell will write an email to nathan and hans outlining where we are and where we are heading towards to keep them in the loop) boklm: Last week: - finished patch for #26323 (Build 32bit Linux bundles on 64bit systems) - worked on some patches for #27137 (tbb-testsuite: fix the navigation-timing, performance-observer, resource-timing, user-timing tests) - looked at CVs of browser developer candidates This week: - continue work on #27137 and testsuite - work on #25623 (Disable network during build) - some reviews pili: Last week: - Tor Browser Release meeting - Tor Browser Vision Brainstorm Pt II - Browser dev hiring CV pre-screening This week: - Still trying (and so far failing) to take an easy week after India - Write up Browser Vision Brainstorm notes - Start writing Sponsor 8 (TBA) final report antonela: Last week: - reviewed #28329 - TBA UX/UI network settings - reviewed #27484 - Onboarding navigation This week: - pili and I will triage ux-team labeled tickets \o/ - review TBA and TB sec settings pospeselr: Last week: - reviewed browser dev cvs - #25658 work - macos build for anto - initial tor-browser patch for this ready today This week: - #25658 tor-browser patch later today - #25658 tor-button patch - code reviews - #29120 ready for uplift now GeKo: Last week: - wrote some patches for mobile related issues which I encountered while reviewing #28329: #29632, #29633, and a patch for pluggable transport/bridge support on mobile (#28802) - reviewed #29210 and #28329 (still ongoing) and #28685 - work related to job application This week: - finish reviewing #28329, reviewing as much as I can to get into the next alpha - begin of the month team admin stuff Georg

1 0

Notes from February 28 2019 Vegas team meeting
by Karsten Loesing 01 Mar '19

01 Mar '19

Notes for February 28 2019 meeting: Pili: 1) Finishing off Browser, Community and UX teams' Vision exercises 2) Organising India Feedback and User Testing materials 3) Working on Outreachy application 4) Following up after GSoC rejection and preparing to improve next year's application 5) Brainstorming dev meeting invites with teams 6) Tor Browser hiring pre-screening and organising feedback gathering 7) Reviewed Hiring at Tor process document 8) Helped with a couple of SOIs for Community team 9) Might try to take half days next week to recover from India and will probably just attend meetings Steph: 1) Preparing Def Con vendor application. 2) Answering questions for Mozilla’s Internet Health Report. 3) Latest newsletter went out yesterday. 4) Prep for LibrePlanet. 5) Inquiries. 6) Working on Outreachy application with Pili. 7) Preparing for website launch, reviewing illos. Gaba: 1) Metrics team: - Discussed sponsors/funding for metrics team 2) OONI - Looked at CVs for hiring backend developer 3) Network team - calculating capacity - gathering dev policies 4) Anti-censorship team - kat's report 5) Setting up meeting for discussion on priorities around scaling Sarah: 1) Working on e-appeal for Outreachy sponsorship. No luck securing funds from past major donors. 2) Writing new welcome email. 3) Finishing Fundraising Team Wiki. 4) Dealing with bad actors testing cards on donate page. 5) Working with Giant Rabbit to make changes to the donate page. 6) Met with Pia from Open Collective. We will keep this on our radar as an option for crowdfunding. 7) Grants team is working on two SOIs for DRL as well as follow-up for a couple other proposals that have advanced to the next round of consideration. Sue: 1) Financial Audit is complete, report sent to Board for review and comment 2) Invoicing for NYU and Upenn 3) General payroll and disbursement processing Nick: 1) New releases came out last week 2) Working on CI stuff to get integration tests running 3) We're experimenting with new merge policies, to see what happens when we have more people merging code isabela: 1) finished reviewing the auditor report w/ sue 2) invitation process for dev meeting - asked Alison to help and 'do her thing' :) as she has done this process a bunch of times 3) Added some new 1:1s to my schedule :) if you want to have one too please reach out! 4) Writing ED quarterly update 5) Doing 'money machine' team tasks: review documentation of our processes, follow up w/ Sida, and proposals drafting. 6) Working on FY budget for july 2019 - june 2020 7) will be in seattle for the week of March 11 and will be in full vacation mode :) for 2 weeks in november (7-21) (GeKo: yay, vacation!) Karsten: 1) We're planning to replace advertised bandwidth distribution graphs with consensus weight distribution graphs to reduce maintenance effort (#29330). If somebody wants to suggest a better plan, please do so soon! Before we move on we'll check whether consensus weight and consumed bandwidth are proportional. Erin: 1) Back from vacation. Playing catch-up. 2) Working on browser dev and OONI dev recruiting 3) Coordinating w/ Linus to onboard new sysadmin. Announcement soon. 4) Other HR stuff. Mike: 1) Sponsor2 work 2) Tor scalability discussions 3) Research discussions Georg: 1) Where are we with our blog policy? Can we announce it officially (if we have not) and make sure it takes effect? 2) Hiring policies 3) Sue: could you get back to me regarding my mail with the payment question for my vacation? Yes, will do. (GeKo: thanks) Alison: 1) Working on LFI application review 2) Gus and emma are in Indonesia 3) Working on website materials Antonela: 1) Finished Outreach Material - https://share.riseup.net/#sn028ht41RD--vTGPPzTCA 2) Coordinating with Arturo and Elio OONI Explorer next steps 3) OTF approved, UX team roadmap updates 4) Working on Personas with dunqan 5) Working on https://github.com/torproject/tpo/issues with hiro 6) Coordinated user research for Thailand with emmapeel and ggus, debriefing India with pili and caroline 7) Reviewing TBA for next alpha release

1 0

Network team meeting notes from 25 Feb 2019
by teor 01 Mar '19

01 Mar '19

Hi, A reminder: Next week's team meeting is at a different time. Tuesday 5 March at 2300 UTC on #tor-meeting on OFTC. Our logs are available at http://meetbot.debian.net/tor-meeting/2019/tor-meeting.2019-02-25-17.58.html Below are the contents of our pad: = Network team meeting pad! = This week's team meeting is at Monday 25 February at 1800 UTC on #tor-meeting on OFTC. Welcome to our meeting! First meeting each month: Tuesday at 2300 UTC Other meetings each month: Mondays at 1800 UTC On #tor-meeting on OFTC. February schedule: * Monday 25 February at 1800 UTC March schedule: * Tuesday 5 March at 2300 UTC * Monday 11 March at 1800 UTC * Monday 18 March at 1800 UTC * Monday 25 March at 1800 UTC (This channel is logged while meetings are in progress.) (See https://lists.torproject.org/pipermail/tor-project/2017-September/001459.ht… for background.) Want to participate? Awesome! Here's what to do: 1. If you have updates, enter them below, under your name. 2. If you see anything you want to talk about in your updates, put them in boldface! 3. Show up to the IRC meeting and say hi! After each week's meetings, the contents of this pad will be sent to tor-project @ lists.torproject.org. After that is done, the pad can be used for the next week. == Previous notes == (Search the list archive for older notes.) 8 Jan: https://lists.torproject.org/pipermail/tor-project/2019-January/002155.html 14 Jan: https://lists.torproject.org/pipermail/tor-project/2019-January/002170.html 22 Jan: https://lists.torproject.org/pipermail/tor-project/2019-January/002184.html 11 Feb: https://lists.torproject.org/pipermail/tor-project/2019-February/002214.html 19 Feb: https://lists.torproject.org/pipermail/tor-project/2019-February/002225.html == Stuff to do every week = * Let's check and update the roadmap. What's done, and what's coming up? We're using a kanban now: https://storm.torproject.org/shared/_mx8PMGOHFBOximocl1gy3COvhLPr6k3Ja7JA1v… * Check reviewer assignments! Here are the needs-review tickets, by reviewer: https://trac.torproject.org/projects/tor/query?status=needs_review&reviewer… Here are the outstanding reviews, oldest first: https://trac.torproject.org/projects/tor/query?status=needs_review&componen… Including sbws: https://trac.torproject.org/projects/tor/query?status=needs_review&componen… * Also, let's check for things we need update on our spreadsheet! Are there important documents we should link to? Things we should archive? * Check rotations at https://trac.torproject.org/projects/tor/wiki/org/teams/NetworkTeam/TeamRot… Core Tor/sbws is now part of the bug triage, CI, and reviewer assignment roles == Reminders == * Remember to "/me status: foo" at least once daily. * Remember that our current code reviews should be done by end-of-week. * Make sure you are in touch with everybody with whom you are doing work for the next releases * Remember to fill up actual point when you finish a task (as well as update the estimate when starting the issue). * Add planned PTO to the calendar https://storm.torproject.org/shared/ISA5L5nH0Xu88iqSCx9ZjCXYSMKOBTdbUeWarbd… * Check other's people call for help in their entries. ------------------------------- ---- 25 February 2019 ------------------------------- == Announcements == - The master branch is now 0.4.1.x; 0.4.0 development will continue in maint-0.4.0. - No more backports to 0.3.3; support ends on Thursday! - Tor was not accepted for GSoC this year. == Discussion == When we assign reviews, can we skip people who are on leave? === Tor Meeting === - Brainstorming Tor meeting invites - is there anyone that we're working with a lot that we want to make sure is invited? === Policy planning === * We don't have a great way to set and adopt development/support policies. How would we feel about this: Let's have policies start out as "draft". If we think a policy could maybe work out, let's call it "experimental", post it publicly, and try it out for a limited amount of time. And then let's see whether we need to amend it or adopt it or discard it entirely based on network-team rough consensus. [leftover from last week] * Next steps with getting ourselves a merge policy? == Recommended links == == Updates == NOTE NEW FORMAT! Name: Week of XYZ (planned): - What you planned for last week. Week of XYZ (actual): - What you did last week. Week of ABC (planned): - What you're planning to do this week. Help with: • - Something you may need help with. PLEASE DO NOT BULK-DELETE THE OLD ENTRIES! Leave the "Planned" parts! Leave the parts for last week and this week! gaba: • Week of 02/19 (actual: • - look at releases estimation • - look at processes and make a proposal on decision making (so far all documentes found here https://gitlab.com/gabelula/tor-documentation-processes) • Week of 02/25 (planned): • - continue on https://gitlab.com/gabelula/tor-documentation-processes • - track sponsors & update roadmaps on wiki for each sponsor teor: (offline) Week of 18 Feb (planned): Roadmap Coding (3 days per week): - PrivCount proof of concept (#29004 and related tickets) <-- are related tickets in the roadmap? I guess is 29027 and 27908 - unit tests for extra-info documents (#29018) Other: - Reviews - Email, IRC, and ticket backlog - Finish travel reimbursements - Ask metrics to monitor bootstrap speed (from Sponsor 8, but worth doing anyway) - If we get bad results, tweak bootstrap settings to work: - when lots of fallbacks are down, and - on networks that drop packets (deferred from Sponsor 8, we'll only do it if it is necessary) Week of 18 Feb (actual): Roadmap Coding (3 days per week): - Finished #29017 - stats bug fix, and it was merged. - Finished #29018 - a related stats bug fix, refactor, and unit tests for extra-info documents (PrivCount preparation) Other: - Finished travel reimbursements - Email backlog: draft proposal and policy comments, admin, etc. - Ticket herding - Skimmed IRC backlog Week of 25 Feb (planned): Roadmap Coding (3 days per week): - Plan my coding tasks after trimming Sponsor V Other: - Make Sponsor V smaller (24 points) - must be done before I start new coding tasks! - Send out release capacity meeting time - Blocked: Merge some merge_ready tickets - Blocked: Stable maintainer triage and merges - Leave admin (deferred) - Large reviews (deferred) Week of 25 Feb (actual): Roadmap Coding (3 days per week): - Get bandwidth counters working (#29019 and children) Other: - Send out release capacity meeting time - Email backlog: draft proposal and policy comments, admin, etc. - Revise proposed tickets process - 7/9 assigned reviews, including sbws reviews, and small reviews - Did some extra reviews (#29280, #28525) - Found some issues with the transition plan for prop289 (#26288) - Tried to help fix #29500 (circuit pad test failures) - Make Sponsor V smaller (24 points) - Re-plan roadmap coding - Fix some urgent CI bugs (#29530, #29599, #29601) - Work out merge process, set up merge environment - Do some backport merges (#29145, #29599) - Blocked: backport merges are slow, due to #29601 (needs_review) and #29500 (needs fix) Help with: - Gaba, do you want to share your release capacity calculations before the meeting? <--- oh, I didn't see this. I will share them next week. (gaba) - mikeperry, can you please fix #29500? (circuit pad test failures) The CI failures are making backports difficult. - Can someone please review #29601, so we can speed up Appveyor? Nick: • Week of 18 Feb (planned): • - Write final onionbalance-with-v3-onionservices proposal (thanks, asn and dgoulet!) • - Finish personalization proposal • - Change master to 0.4.1; create maint-0.4.0 and release-0.4.0 branches (done) • - Write proposed policy for merging stuff (done) • - Discuss proposed merge policy; make public version. • - Releases for 0.3.3 and later. • - Merge and announce fix for TROVE-2019-001 (thanks dgoulet) • - Discuss chutney+ci findings with teor. • - Update pubsub branch as needed/useful. Check in with catalyst. • - Start looking at bridge stats status for #29269 • - meet with researchers about datagrams, performance, etc. Mike, please answer the scheduling email ASAP? • - Reply to a large pile of emails • - ADL discussion • - Prop 300 • - Consensus options proposal idea • - and so much more... • - Decide what is left in 0.4.0. I need help here. • - CI / Coverity rotation: look at jenkins failures (like #29534), OSS-fuzz timeouts, etc • Week of 18 Feb (actual): • - Found a bug in v3 onion service spec conformance with asn; possibly making onionbalance-with-v3 proposal unnecessary. • - Sent Teor a draft personalization proposal; got feedback. • - Sent around proposed merging policy • - Releases for 0.3.3 and later with announcement for TROVE-2019-001 • - Worked on a chutney-and-ci plan with teor • - Discussed scheduling, datagrams, etc • - Lots of review and merging • - Worked on Jenkins failures • - Triaged 0.4.0 with dgoulet • Week of 25 Feb (planned) • - Respond to ADL folks • - Lots of email • - More reviews: catch up • - Discuss merging policy • - Work on map_anon test breakage (29534) • - Chutney CI work dgoulet: Week of 19 Feb (planned): - Adapt #26288 (prop289) to use the new fast PRNG. Wrote a bunch of unit tests as well for that branch. - Triage 0.4.0 tickets with nickm - Finalize the TROVE-2019-001. - Discussions with Mike on #29494. - Discussed with researchers cell scheduling. Week of 25 Feb (planned) - Talked with asn about OnionBalance v3. - Put #26288 in needs_review. - Help Mike finalize #29494. - BridgeDB tickets! Most important! Mike: Week of 2/18 (planned) - Get #29204 branch ready for dgoulet - Hopefully start on #28780 - Vanguards package announcementready for dgoulet Week of 2/18 (actual): - Got #29204 branch ready for dgoulet - Implemented sketch of #29494 - Tried to reproduce #29500 in wine, did not get it to trigger Week of 2/25 (planned): - Discuss #29494 ideas with dgoulet - Hopefully start on #28780 - Investigate potential vanguards false positive Need Help With: - Running unittests under Windows try to reproduce #29500 (Wine was insufficient) catalyst: week of 02/18 (2019-W08) (planned): - expense reporting - #28226 review - other reviews week of 02/18 (2019-W08) (actual): - medical bureaucracy - more review of #28226 - new ticket #29537 about intptr_t round trip issue that came up during #28226 review - some review of #29299 (sbws country) [juga, is it ok if i review by only reading through the code? i don't have an easy way to set up a test environment][juga: yes] week of 02/25 (2019-W09) (planned): - expense reporting (probably for reals because various statements have closed with posted transactions that were previously pending) - reviews - proof of concept of adapting some bootstrap reporting code to pubsub as part of #28226 review help with: - dgoulet, is there anything you need to relay to me about #29276 before you disappear? • [dgoulet: Oh.. I didn't had that ticket on my stack. So what I think needs to happen is to upgrade to latest requirements.txt, fix the issues and release. I already • have identified one issue from running my own BridgeDB with latest so should be easy.] juga: Week 18 Feb (planned): - Continue with Adapt bandwidth file classes to be compatible with stem (descriptors, etc) documents (#29057) - Work out how long it takes sbws to measure the network (#28983) - When sbws stops making progress, log a warning (#28652) - Prepare presentation for the DemoDay - Revisions Week 18 Feb (actual): - Continue with Adapt bandwidth file classes to be compatible with stem (descriptors, etc) documents (#29057) - Work out how long it takes sbws to measure the network (#28983) - When sbws stops making progress, log a warning (#28652) - Prepare presentation for the DemoDay - Merge all `needs_review` branches in a dev branch and run it in the public network Week 25 Feb (plan): - Merge pending tickets in 1.0 milestone - Release sbws 1.0.3 - Test all the children to Monitor relays that are not measured by each sbws instance (#28547) in the public network and fix them if need it asn: Week of 02/18 (planned): - Move towards finishing up #29298 after getting Mike's feedback. - Discuss more about WTF-PAD future. - Start looking into roadmap task #29221. - Do reviews. - If time permits, read Tim's response to "walking onions" thread wrt onion services. Week of 02/18 (actual): - Did revisions on #29298 after Mike's review. I think this is probs ready after a final review and a squash. - Discussed onionbalance proposal with dgoulet and Nick. Interesting developments I need to write down. - Discussed merge policy. - Discussed [tor-researchers] mailing list processes with Iain and Chelsea. - Did reviews. Week of 02/25 (planned): - Get #29298 merged. - Do roadmap item #29221. - Start scoping down open 040-must bugfixes like #29527 and #28970. - Write down the onionbalance v3 discussion. Help with: - Mike can you handle the appveyor #29500 bug? ahf: Week of 2/18 (planned) Sponsor 19: - Send feedback to Kat about Report #2. - Collect some feedback from arma & cohosh about Broker.markdown. - Begin the work on protocol changes in the Snowflake codebase together with cohosh. Week of 2/18 (actually) Sponsor 19: - Read over report #2 and noted down some issues. - Got feedback from Cohosh on #28848 (broker documentation) - Begun work on #29207 (proxy/broker protocol) - Looked into React and Material UI for Antonela's Snowflake WebExtension UI. Week of 2/25 (planned) Sponsor 19: - Update Broker.markdown with Cohosh's comments on #28848 and close it. - Continue work on #29207. - Work with Cohosh on the Marionette bridge instance for the application team (#26920) - Talk with Kat and Gaba about Report #2 Misc: - Solve bootstrap-with-PT cancelling crash on Windows on #29562 - Try to reproduce asn/mikeperry's issue from #29500 on Windows

1 0

Damian's Status Report - February 2019
by Damian Johnson 28 Feb '19

28 Feb '19

Hi all! Here's my status report for this last month (I miss the days when everyone wrote these...). https://blog.atagar.com/february2019/

1 0

Tor Browser Vision Brainstorm: Part II
by Pili Guerra 26 Feb '19

26 Feb '19

Hi everyone, We’re going to have the second part of this visioning exercise this Friday 1st March at 19:00 UTC on #tor-meeting. During the first part we discussed why we need a Tor Browser and some potential directions for the Tor Browser for the future. For this next session we will discuss our current users and how Tor Browser helps them with a view to the problems they will have in future and how we can continue serving them. We will also discuss where the Tor Browser fits into the Tor Project and what value it provides to TPI as an organisation. Additionally, on a more personal note, it would be good if everyone can think about the following questions to answer during the meeting, or even before on this thread: - why are you excited to work on Tor Browser - why you care about it - what positive change Tor Browser should bring about, and - how will Tor Browser shape the future. I’m excited to hear your views! Thanks, Pili — Project Manager: Tor Browser, UX and Community teams pili at torproject dot org gpg 3E7F A89E 2459 B6CC A62F 56B8 C6CB 772E F096 9C45

1 0