- tor-project - lists.torproject.org

OONI Monthly Report: October 2018
by Maria Xynou 16 Nov '18

16 Nov '18

Hello Tor world, In October 2018, the OONI team co-published a new research report, in collaboration with DefendDefenders, examining Uganda's social media tax through the analysis of network measurements. We wrote new OONI Probe nettest specifications, improved our heuristics for semi-automated blockpage and blockserver detection, completed a list of improvements to the monitoring of OONI services, and released a private internal beta of the revamped OONI Probe mobile pps. We also facilitated an OONI workshop at MozFest and participated at the OTF Summit. ## Report on Uganda's Social Media Tax In collaboration with our Ugandan partners, DefendDefenders, we co-published a new research report tited: "Uganda's Social Media Tax through the lens of network measurements". Our joint report is available here: https://ooni.io/post/uganda-social-media-tax/ As part of our latest study, we examine the blocking of social media & circumvention tools across ISPs in Uganda through the analysis of OONI network measurements. Over the last months, we have published the following 5 research reports (in collaboration with our partners): 1. The State of Internet Censorship in Venezuela: https://ooni.torproject.org/post/venezuela-internet-censorship/ 2. The State of Internet Censorship in Egypt: https://ooni.torproject.org/post/egypt-internet-censorship/ 3. South Sudan: Measuring internet censorship in the world's youngest nation: https://ooni.torproject.org/post/south-sudan-censorship/ 4. Mali: Social media disruptions amid 2018 presidential election? https://ooni.torproject.org/post/mali-disruptions-amid-2018-election/ 5. Uganda's Social Media Tax through the lens of network measurements: https://ooni.io/post/uganda-social-media-tax/ More research studies are available on our website: https://ooni.torproject.org/post/ ## Revamping OONI Probe mobile apps Both Android and iOS apps have been implemented based on improvements to Measurement Kit and the finalized design and copy. We released a private internal beta to further test and polish the apps. Relevant pull requests include: * https://github.com/ooni/probe-ios/pull/187 * https://github.com/ooni/probe-ios/pull/186 * https://github.com/ooni/probe-ios/pull/185 * https://github.com/ooni/probe-ios/pull/184 * https://github.com/ooni/probe-android/pull/159 We are now preparing for a public beta release of the apps. ## Research and write specifications for new OONI Probe nettests We wrote specifications for a series of techniques that we plan on using in next generation OONI Probe nettests. These techniques will allow us to collect more rich network measurement data, further reduce the number of false positives in measurements and confirm, with a higher level of confidence, incidents of internet censorship. Our new nettest specifications are available via the following pull request: https://github.com/ooni/spec/pull/118 ## Implementation of semi-automated blockpage and blockserver detection We have added SimHash support (https://en.wikipedia.org/wiki/SimHash) to enable the semi-automated blockpage and blockserver detection. When several unrelated URLs present a similar page, this usually means that the page is either a common web-server error page or a blockpage. Human intelligence is still required to distinguish anti-DDoS service provider captcha pages from generic "403 Forbidden" web-server errors and a "genuine" blockpage. We therefore added support for SimHash to use it as the first approximation of webpage similarity, to avoid pair-wise comparision of hundreds of millions of webpages stored in the OONI dataset. See: https://github.com/ooni/pipeline/pull/124 We also added support for the partial re-processing of data, to avoid processing the whole dataset when the list of known blockpages changes. See: https://github.com/ooni/pipeline/commit/a86e4fe42dec869b02618ba2c3e28281205… ## Improvements to the monitoring of OONI services To detect issues with our infrastructure earlier and to therefore minimise downtime and be more responsive to incidents, we have done several improvements to monitoring. We have completed all activities the aimed at improving the monitoring of OONI services, listed in the following issue: https://github.com/ooni/sysadmin/issues/226 ## Community activities ### Community meeting We held a community meeting on Slack (https://slack.openobservatory.org/) on Wednesday, 24th October 2018. As part of the meeting, the OONI team provided updates on what we worked on during the past month. We also addressed community questions pertaining to running OONI Probe on Linux and Raspberry Pis. ### OONI Probe workshop at MozFest OONI's Elio traveled to London to facilitate an OONI Probe workshop at Mozilla Festival (https://twitter.com/mozTechSpeakers/status/1056851429766414336) This provided a great opportunity to engage more community members with OONI's work. ### OTF Summit OONI's Maria traveled to Taiwan to participate at the OTF Summit (29th & 30th October) and the Open Internet Day (31st October 2018). This provided an opportunity to connect with community members, learn more about their projects, and brainstorm on potential avenues for collaboration. ## Userbase In October 2018, OONI Probe was run 391,014 times from 5,062 different vantage points in 214 countries around the world. This information can also be found through our stats: https://api.ooni.io/stats ~ The OONI team. -- Maria Xynou Research & Partnerships Director Open Observatory of Network Interference (OONI) https://ooni.torproject.org/ PGP Key Fingerprint: 2DC8 AFB6 CA11 B552 1081 FBDE 2131 B3BE 70CA 417E

1 0

Notes from November 15 2018 Vegas team meeting
by Karsten Loesing 16 Nov '18

16 Nov '18

Notes for November 15 2018 meeting: Alison: 1) still finishing LFI round 1, working on round 2 2) creating community portal content 3) working on SIDA report Mike: 1) Sponsor2 work; still ignoring most other things. Gaba: 1) Gettor coordination for next week. 2) OONI roadmap and deadlines for MOSS. 3) Slowly receiving CVs for metrics data architect position. 4) Interviews for anti-censorship position. 5) Organizing sponsors that teams are working on. Antonela: 1) working on TB security settings - http://trac.torproject.org/25658 2) working on TBA+Orbot settings and onboarding - https://bugs.torproject.org/28329 3) the first version of our series of docs is on the wiki. Thanks pili for pushing it live and hiro for the review! https://trac.torproject.org/projects/tor/wiki/org/teams/UxTeam/Misc/Circuit… 4) met with Ciberseguras to talk about further community outreach together. 5) sent my article for the UNAM colloquium. 6) working with the community team on our new outreach material. 7) met with Helen and Pili to define our User Testing Reporting Framework. 8) planning usability research for next month in Brazil. 9) met with Duncan, a designer from Scotland who is interested on helping the UX team. 10) synced with Alex (ahf) about snowflake. 11) reviewing OONI Explorer mockups with Elio. Georg: 1) busy with getting Tor Browser for Android alpha into shape 2) writing back to the snap mail sent by Iain today (not sure what we want to do with that in particular and with our Linux situation in general yet) Nick: 1) lots of features, lots of releases, lots of coding. 2) anticensorship dev interviews seem to be going well. Arturo: 1) Preparing for a public beta release of OONI Probe mobile 2) Published a report on Uganda with our partner defend defenders: https://ooni.torproject.org/post/uganda-social-media-tax/ 3) Getting input on OONI Explorer from UX team 4) Anticensorship dev interviews Sarah: 1) Firming up YE campaign blog/email/social media schedule (will be contacting several of you to see if you are willing to author a post) 2) Finalizing language for next round of TB banners for next release 3) Met with OTF and Sida POs over the weekend Steph: 1) announced Nighat joined the board. Published blog, sent releases, shared on social 2) writing EOY campaign post, outlining others 3) making graphics from Tor Stories quotes 4) writing feedback from The Berkeley Group’s midpoint presentation 5) coordinated an interview for Isa 6) gave edits to the blog comment policy Pili: 1) Carried on with data gathering for Sponsor 9 report 2) Sent out Visual Identity Survey - Started analysing results Shari: 1) finishing my farewell blog post; should be posted later today 2) so many loose ends with the transition, which is happening this afternoon! isabela: 1) finishing transition - getting all things flipped (financial stuff) 2) reviewing YE campaign blog posts and other copies 3) catching up on visual identity exercises 4) helping on sida report a bit 5) recreating our organogram 6) did interview to spanish tve - a bit lame tho :( they were really into metrics and dark web 7) met with Sida PM and with OTF team in DC 8) reviewing 990

1 0

October 2018 User Feedback Report
by Maggie 15 Nov '18

15 Nov '18

Hey, friends! Welcome to the October 2018 user feedback report. For more information on what users and community members were talking about this month, check out the Fall 2018 User Feedback pad [1]. TL;DR: Things seem to be going smoothly! - Users aren't talking as much this month about the user agent changes. - The most common questions are related to using Tor together with a VPN (should I use both? Is it bad to use both? How can I hide the fact that I'm using Tor?). - Regarding TBA, users are largely grateful that we're developing an official Android app, and feedback is generally very positive. Ratings on the Google Play Store are high (the app is currently rated 4.3 stars), even when users are experiencing some fairly frustrating quality-of-life issues. - In offline news, Cybelle and I ran a Demystifying Tor workshop at MozFest! There was great turnout, and lots of interest in running relays. --- Now, on to the feedback! Scroll further down to see a recap of some of the MozFest session questions, a summary of Reddit posts, some points from Google Play Store reviews, a list of the most common Stack Exchange tags from the month, and a collection of some notable issues and bugs mentioned by users in October. - One of the most common points of confusion is whether people should use a VPN together with Tor to mask the fact that they're using Tor. In conversations about this on Reddit, pluggable transports are rarely mentioned. Even though we already have some information about VPNs in the FAQ, it seems that this explanation is not extensive enough, and that the information is not visible enough. I suggest that we release a blog post or a few tweets to further address this misconception. - In general, it seems like users will go to Reddit before reading the FAQ or support.torproject.org. How can we change this flow to encourage users to check Tor resources before seeking outside advice? - People always have questions about whether doing a certain thing will allow them to be fingerprinted (i.e. relative window position, adding bookmarks, etc.). Can we add a list of things to the FAQ that might allow users to be fingerprinted? We might also consider implementing more pop-up warnings when users attempt to do something that might identify them, as we currently do when users resize the browser window. - Tor is still broken for screen readers. In addition, Gesturefy (an extension that can be used as an accessibility aid) doesn't work with Tor Browser any more. These two issues are limiting Tor's accessibility, and making it so that certain users can't use Tor at all. --- Questions from the MozFest Demystifying Tor session: - Is it ever safe to run any type of relay from my home? - How can I contribute to Tor? - What are some good ways to convince people to use Tor? --- Most common questions on Reddit (r/TOR): - How can I hide the fact that I'm using Tor; or, should I use a VPN together with Tor? - (it's worth noting that these discussions rarely mention pluggable transports as a solution.) - Tor can't connect. What do I do? - People on Reddit are generally very good about troubleshooting this one. --- TBA Reviews & Feedback on Google Play Store: - People are frustrated by the current issues with copy/paste and text selection. - TBA fails to download files, causing frustration for users. - Users are requesting that we bundle Orbot and TBA into the same app. --- Most common stack exchange tags: - tor-browser-bundle - 18 asked this month - configuration - 10 asked this month - tor-install - 7 asked this month - windows - 6 asked this month - anonymity - 5 asked this month - security - 5 asked this month - tails - 5 asked this month - help - 5 asked this month - connection - 5 asked this month --- Notable bugs, fixes, & issues: #27867 - Gesturefy doesn't work with Tor Browser - (OPEN - needs more info) [2] #27256 - Text cannot be selected, copied, or pasted as usual on TBA - (OPEN - needs more info) [3] #27701 - TBA fails to download files - (OPEN) [4] #27987 - TBA disables screenshots, with no option to enable them - (OPEN) [5] #27845 - Browser window size is 1000x998 on MacOS - differs from other OSs and allows MacOS users to be differentiated - (OPEN) [6] #27813 - Tor 0.3.4.8 is leaking memory - (CLOSED - fixed in Tor 0.3.4.9) [7] --- That's it for the month of October! For the sake of brevity I've left out some other feedback, so if you want to know more, please do check out the Fall 2018 User Feedback pad [1] or reach out to me via email (waywardwyrd at riseup dot net) or IRC (wayward). Thanks for reading! I'll see you all back here next month. - Maggie (wayward) pronouns: she/they | twitter: @meochaidha <https://www.twitter.com/meochaidha> pgp: 0626 9C68 D0CC 1A5B E41B 72F2 615E B878 975C 4CDC ------ Annotations: 1. https://storm.torproject.org/shared/-vEQadBBHb8ZOzrLMMaJNrDuFK5XxJAQXcta30-… 2. https://trac.torproject.org/projects/tor/ticket/27867 3. https://trac.torproject.org/projects/tor/ticket/27256 4. https://trac.torproject.org/projects/tor/ticket/27701 5. https://trac.torproject.org/projects/tor/ticket/27987 6. https://trac.torproject.org/projects/tor/ticket/27845 7. https://trac.torproject.org/projects/tor/ticket/27813

1 0

Tails report for October 2018
by u 13 Nov '18

13 Nov '18

Hello, we just published our monthly report: https://tails.boum.org/news/report_2018_10/ Cheers! u.

1 0

Tor Browser Release meeting - Wednesday 14th Nov @ 19:00UTC
by Pili Guerra 13 Nov '18

13 Nov '18

Hi, Just a reminder that we’ll be having our bi-weekly Tor Browser release meeting this Wednesday (14th November) at 19:00UTC. Please come with any questions, requests and comments you may have. Here is a link to the pad: https://storm.torproject.org/shared/6z9zWh3BoyCONtyeW8EcFmL5hLhw5TNxKqR2F20… Feel free to add any comments/requests/discussion points, etc… ahead of the meeting. Everyone is welcome! Pili — Project Manager: Tor Browser, UX and Community teams pili at torproject dot org gpg 3E7F A89E 2459 B6CC A62F 56B8 C6CB 772E F096 9C45

1 0

Tor Browser team meeting notes, 12 Nov 2018
by Georg Koppen 13 Nov '18

13 Nov '18

Hi! Below are our weekly Tor Browser team meeting notes. The chat log can be found at http://meetbot.debian.net/tor-meeting/2018/tor-meeting.2018-11-12-18.58.log… and our pad entries are/were: Discussion: - Tor Browser in the Snap Store? (see Iain's mail) [GeKo will reply to it on Tue or Wed] - upcoming 1:1s - Team responsibilities restructuring - things to take over from Arthur: - annual rebase - maintaining circuit display UI - optimistic SOCKS (if I don't finish it) - adding locales - Mozilla uplift coordination - things Arthur will continue to maintain: - torpat.ch - arthuredelstein.net/exits - permissions FPI uplift (with Mozilla) - IRC presence GeKo: Last week: -Jacek worked on the Windows accessibility issue, patches are up for review/merged, see: https://bugzilla.mozilla.org/show_bug.cgi?id=1430149 and we probably can soon be testing them in our nightly builds -reviews (#25013, #28260, #27443, #26540, #22343) -worked on #27443 and #26483 (alas no time for the design doc update #25021) -helped with proposals -helped with the anti censorship position interviews -security controls redesign This Week: -More work to get TBA-a2 into shape (reviews, help with #27443, #26483 and other related bugs) -another round of looking into doc for #3600 -look again over the cubeb - audio files disk leak and reply to Mozilla dev mail -write mail regarding Tor Browser snap -hopefully getting back to updating the Tor Browser design doc (#25012) mcs and brade: Note: We will be away from work Tuesday, November 20 - Friday, November 23. Last week: - Finished #22074 (Review Firefox Developer Docs and Undocumented bugs since FF52esr). - Reviewed #28039 (Tor Browser log is not shown anymore in terminal since Tor Browser 8.5a2). - Reviewed #22343 (Save as... in the context menu results in using the catch-all circuit). This week: - #27239 (TB team feedback on jump-to-80% work) - #28196 (about:preferences#general is not properly translated anymore) tjr: * MinGW - Landed sandbox support on -central. x86/x64 builds on -central should be consistently runnable. - Working on getting mingw-clang tests running on -central https://bugzilla.mozilla.org/show_bug.cgi?id=1475994 - Uplifted a bunch of mingw-clang patches to esr60. Intend to figure out what else besides this we need to uplift and get it done. - Have a esr60 build of mingw-clang successfully building. Haven't tested if it runs yet. - Intend to harass people about uplifting nss patches to esr60, which would unblock uplifting the build jobs - Nothing is stopping us at this point to start bringing the mingw-clang toolchain into rbm; I'm just intimidated to start trying to do it. - Keeping an eye on the accessibility stuff! https://bugzilla.mozilla.org/show_bug.cgi?id=1430149 * Fuzzyfox - It's in Nightly. It would probably be easy enough to backport to esr60. - We had someone test it manually a bunch, and they found only one minor issue. https://bugzilla.mozilla.org/show_bug.cgi?id=1506295 - That said, I am less certain it is worry-free. I wanted to do some performance debugging locally. - We also don't know what level of security assurance it gives us at different levels, and how it compares with Tor's 100ms choice right now. * Emailed kinetik about cubeb audio files (https://trac.torproject.org/projects/tor/ticket/28373) - Got a response that there are temp files. I didn't fully understand his other replies. - Does anyone at Tor have the bandwidth to drive this conversation, or should I try to? [GeKo: I will get back to that one this week] * TB 8 Retrospective Followup - please help me - Tor disables the web extensions process on <platforms>. The tickets/reasons for this are <?> - [GeKo: In ESR60 this is only available on Windows (IIRC the feature landed for macOS and Linux in Firefox >= 61; The reason for this is that this breaks Torbutton/NoScript communication needed for our security slider, see: https://trac.torproject.org/projects/tor/ticket/27411] - [tjr] Okay, so it seems like the path forward for this is just integration them into the browser? Is relying on that for the next ESR a safe approach, or should I investigate these prefs and ensure they keep working in the next ESR just in case we need them? - I'm going to talk to #build folks about the rust stuff, continuing the conversation in https://bugzilla.mozilla.org/show_bug.cgi?id=1376621 and trying to build consensus among them on a path forward. I intend to propose this issue to the Tor Uplift Team (Ethan) as a 'must complete' by the next ESR. - I think it'd be good to get feedback from Mozilla on the strategy to import torbutton/torlauncher into the browser codebase. I am in a holding pattern for that waiting for tor browser proposals to be written. - I need to think about how to better communicate open mozilla bugs as we approach next ESR - I have been writing a WinDbg guide for trac for debugging mingw-clang builds with WinDbg * Other: I am considering writing a tbb-dev proposal to increase the max content processes from 4 to 999. This would increase memory consumption, especially for users with a lot of tabs. It would provide some small level of tab isolation at the process level, but only for new tabs opened, not tabs reused. The security gain contains a lot of "Well if the user does this, things are kinda better, but if they do this they're no better." So not sure if it's useful, the main draw is that it's a 4 character patch, so easy to do, just difficult to decide one. igt0: Last week: - First set of patches to #25013 (torbutton within torbrowser) - Rebased #27111 (about:tor on mobile) This week: - Finish #25013(add the necessary bits of code in tor browser) - Add banner on tor browser(#28093) - More TBA alpha2 stuff pospeselr: Last week: - Final patch for #26540 (pdfjs circuit isolation) - #3600 work ( doc could use some eyes: https://storm.torproject.org/shared/Kw99Ow0ExZFFC6FKD5CeryfVFAoAL9Z_iEVlflI… ): [GeKo: I'll give it another look this week] - Some more work on the brainstorming/design doc, circling in on a 'mix and match' solution here - Still some open questions here regarding user experience related to OAuth and cookie keying: - If you use an OAuth provider (say oauth.com) via foo.com, should the session cookie related to oauth.com be valid for other sites using that provider, or should that cookie be double-keyed to foo.com|oauth.com? My intuition is that oauth.com should not be treated as a first party in such a scenario. - Mozilla's Ehsan Akhgari has pointed me to some patches added in Firefox 64 that appear to be necessary for this work (determining whether domains have been interacted with by a user) - A bit of Athens travel planning This week: - Uplift #26540 - filed bug https://bugzilla.mozilla.org/show_bug.cgi?id=1506693 - Investigate per-sku app icons - Backporting user interaction patches from Firefox 64, adding debugging hooks for the various redirect entry points needed regardless of final solution here sysrqb: Last week: TBA+Orbot - #28051 A little S19 interview work rust audit TBA+tor-browser-build This week: Finish TBA+Orbot - #28051 TBA localization Review #26690 - TBA onion-padlock Review #25013 - move Torbutton into tor-browser boklm: Last week: - made two builds with `-Wl,-t` for #26148 (binutils update) and started looking at logs - updated and tested patches for #27265 (In some cases, rbm will download files in the wrong project directory) and #27045 (Add option for firefox incremental builds) - made patch for #28260 (Use Rust 1.28.0 to build Tor), with help from gk. This week: - look at the logs from `-Wl,-t` to try to understand the issue from #26148 - work on bringing back the testsuite sisbell: Last week: - # 27443 Firefox for Android - add test dependencies for gradle, testing various ndk versions, rust versions and API levels - # 28144 Update tor-browser for Android - Add extensions and repackage and debug sign apk, verified apk runs on device This Week: - # 28144 Add makefile for Android - # 27443 Investigate rust deltas between 1.26/1.28 [GeKo will find out the patch that fixes this for 1.28 and sisbell meanwhile tries to get #27977 in shape] pili: Last week: - DRL Proposal This week: - Carry on roadmapping... - OTF Engineering lab follow up - Tor Browser Release meeting this week! (just an announcement :) ) [19:00 UTC :) ] arthuredelstein: Last week: - Refactored/simplified patch for https://bugzil.la/1330467 (FPI for permissions); will post soon - Investigated https://trac.torproject.org/26498 (bn-BD not displayed in title bars) - Revised https://trac.torproject.org/22343 (Save As... FPI) - Started working again on https://trac.torproject.org/25555 (Optimistic SOCKS) - Revised https://trac.torproject.org/28187 (Change Tor Circuit display icon to an onion) This week/next week - Try to get something working for #25555 - See if it's possible to fix #26498 antonela: Last week: - Security Settings - Tor Browser Icon survey ended - https://trac.torproject.org/projects/tor/ticket/25702#comment:8 - when can we have it packed? [GeKo: not sure yet as we are not used to have three different icons for our release channels; pospeselr will look into the changes we'd this week] This week: - Moar Security Settings - Leading Orfox users to Tor Browser Android (27399) - Design TBA+Orbot configuration UI/UX (28329) Georg

1 0

Tor network team meeting notes, 12 Nov 2018
by Nick Mathewson 12 Nov '18

12 Nov '18

Hi! Logs here: http://meetbot.debian.net/tor-meeting/2018/tor-meeting.2018-11-12-17.59.html Pad contents below: = Network team meeting pad! = This week's team meeting is on Monday at 1800 UTC (1 hour later for daylight saving time) on #tor-meeting on OFTC. Welcome to our meeting! First meeting each month: Tuesday at 2300 UTC Other meetings each month: Mondays at 1800 UTC (1 hour later for daylight saving time) On #tor-meeting on OFTC. (This channel is logged while meetings are in progress.) (See https://lists.torproject.org/pipermail/tor-project/2017-September/001459.ht… for background.) Want to participate? Awesome! Here's what to do: 1. If you have updates, enter them below, under your name. 2. If you see anything you want to talk about in your updates, put them in boldface! 3. Show up to the IRC meeting and say hi! After each week's meetings, the contents of this pad will be sent to tor-project @ lists.torproject.org. After that is done, the pad can be used for the next week. == Previous notes == (Search the list archive for older notes.) 15 Oct: https://lists.torproject.org/pipermail/tor-project/2018-October/002027.html 22 Oct: https://lists.torproject.org/pipermail/tor-project/2018-October/002032.html 29 Oct: https://lists.torproject.org/pipermail/tor-project/2018-October/002036.html 6 Nov: https://lists.torproject.org/pipermail/tor-project/2018-November/002047.html == Stuff to do every week = * Let's check and update the roadmap. What's done, and what's coming up? url to roadmap: https://docs.google.com/spreadsheets/d/1Ufrun1khEo5Cwd6OwngERn829wU3W3eskdr… * Check reviewer assignments at https://docs.google.com/spreadsheets/d/1Ufrun1khEo5Cwd6OwngERn829wU3W3eskdr… * Also, let's check for things we need update on our spreadsheet! Are there important documents we should link to? Things we should archive? * Check rotations at https://trac.torproject.org/projects/tor/wiki/org/teams/NetworkTeam/TeamRot… * Let's look at proposed tickets! 0.3.5 (bugs only): https://trac.torproject.org/projects/tor/query?status=accepted&status=assig… 0.4.0: https://trac.torproject.org/projects/tor/query?status=accepted&status=assig… == Reminders == * Remember to "/me status: foo" at least once daily. * Remember that our current code reviews should be done by end-of-week. * Make sure you are in touch with everybody with whom you are doing work for the next releases * Remember to fill up actual point when you finish a task (as well as "fix" the estimate when starting the issue). * Add planned PTO to the calendar https://storm.torproject.org/shared/ISA5L5nH0Xu88iqSCx9ZjCXYSMKOBTdbUeWarbd… << Remember that priority is Sponsor 8 - roadmap is sort out by priority >> Activity O2.5 is the one we are missing and need to be done in 2 months. * Remember that you can already book the flight to Brussels for hackweek. (Ask jon & gaba if you have any question) ------------------------------- ---- 12 November 2018 ------------------------------- == Announcements == Please don't bulk-delete all the old entries from this pad any more. Instead, delete the "planned" and "actual" for the previous week, but leave the "planned" for this week in place. Please check the dates before deleting. Check other's people call for help in their entries. Nick's upcoming release plans: Starting now: Stay up to date on backports. [See spreadsheet about backport status.] Late next week, around Nov 23: TB releases with 0.3.5.4-alpha. ~Dec 3: 0.3.5.5-(rc or alpha) [Note short window from TB release!] Dec 11: TB releases again. ~Jan 2: Release 0.3.5.6-(rc or stable). Release 0.3.4.10. Release 0.3.3.11. Jan 15: Feature freeze for 0.4.0. Later in Jan: Release 0.4.0.1-alpha. Snowflake kickoff meeting on November 27th: overview and what needs to be done. == Discussion == * sponsor 8 work O2.5 (bootstrap reporting) is most important - right now working on this: catalyst, ahf, dgoulet, teor. any of you need help with it? * Please see tickets with tag "035-rc-blocker?" -- are any of them really rc blockers? Are there any other true rc blockers? https://trac.torproject.org/projects/tor/query?status=accepted&status=assig… * Is our process for "proposed" working? == Recommended links == Cool talk on communication in teams http://lenareinhard.com/do-you-read-me-better-communication-for-stronger-te… == Updates == NOTE NEW FORMAT! Name: Week of XYZ (planned): - What you planned for last week. Week of XYZ (actual): - What you did last week. Week of ABC (planned): - What you're planning to do this week. Help with: - Something you may need help with. PLEASE DO NOT BULK-DELETE THE OLD ENTRIES! Leave the "Planned" parts! Leave the parts for last week and this week! Nick: Week of 11/5 (planned): - Comment on new version of crypto thing /prop295 - Review wtf-pad design and code (waiting on status update for proposal revisions) - Meet with B Bhumiratana to chat about net privacy - Plan and possibly start working on #2149 ("extra dormant") with dgoulet - Revise or merge #28226 (messaging system) - Release 0.3.5.4-alpha? - Possibly, design for testing sustems that use pub/sub. Week of 11/5 (actual) - Implemented a python version of prop295, circulated in network team. Got comments on new version's readability. - Reviewed wtf-pad design; initial architectural review of code. - Met with B Bhumiratana (Eisenhower fellow). He said he knows Haxxpop :) - Designed #28335 ("extra dormant nouveau") with dgoulet and started coding. - Released 0.3.5.4-alpha - Wrote enhancement for checkIncludes.py (#28362) to detect circular include structures among directories. Resolved the ones we have in lib. - Merge, Reveiew, etc. - Figured out OpenSSL 1.1.1/TLS 1.3 client problem (#28245) - Rearranged 035-can / 035-must tags a bit Week of 11/12 (planned): - Send comments about prop295 draft back to Tomer et al - Triage 0.3.5 must-do vs may-do stuff. - Continue revising publish/subscribe code pending comments from Taylor #28226. - Continue work on "dormant mode" logic for #28335. Hope to finish first draft, but might pend #28226 work. - Time permitting, add more tests for myfamily memory improvements (#27359) - Plan when to do next alpha/stable releases. - Write a schedule for upcoming releases - Backports to 0.3.4 etc Want help with: Mike: week of 11/5 (planned) - New GPG subkey. Kill me. - More WTF-pad proposal updates - Vanguards release? - WTF-PAD updates, fixups, tests - Datagram paper diff for nick week of 11/5 (actual) - WTF-pad proposal disussion - WTF-PAD updates, fixups (maybe 80% of the way through code review change requests) - Highlights: Supports 65532 states now with not much addtl overhead week of 11/12 (planned) - GPG? Does anyone use it? can we agree to stop? Kidding. ;) - More WTF-PAD fixups, tests - Vanguards release? - Datagram paper diff for nick help with: ahf: Week of 11/05 (planned): Sponsor 8: - Finish #28179 and get it reviewed+landed. - Talked with HC from TGP about #28409. Sponsor 19: - Continue wrapping my head around PT tasks for s19 (mostly focusing on Snowflake). - Help UX with #27385. - Anti censorship team hire. Misc: - Review #28298. - Do reimbursements from Mexico. Week of 11/05 (actually): Sponsor 8: - Got first patches for #28179 pushed to bugs/28179. Sponsor 19: - Looked at HTTPS Proxy (for the alt. PT part of S19) - Discussed #28298 with Antonela. - Interview with two candidates. Some pre-interview meetings with technical questions, etc. - Send out email to network team about S19 kick off meeting. Misc: - Reviewed #28298. - Didn't do Mexico reimbursement... Week of 11/12 (planned): Sponsor 8: - Hook up transports.c with the code from #28179 and test that it all still works on all our platforms -- begin on #28180 with David. - Begin on #27100. Sponsor 19 - One interview this week with a candidate. - Continue looking into Snowflake. Misc: - Do the Mexico reimbursement that I keep postponing. - Book flight tickets for Brussels. asn: Week of 10/29 (planned): - Continue reviewing, refactoring and testing the WTF-PAD code. - Try to come up with a useful WTF-PAD state machine that we actually want to merge. - Do reviews. Week of 10/29 (actual): - Continue reviewing, refactoring and testing the WTF-PAD branch. Passed knowledge to Nick so that he can also do some reviewing. Found some bugs and wrote some commits to improve code. - Did reviews (#28308, #28906, #28184, #28245). - Help out with the anti-censorship team hires. Week of 11/05 (planned): - Sufficient review has happenened on the WTF-PAD branch. It's now time to start working on the TODO items and wrapping this up so that we move towards merge. Coordinate this with Mike. - Do reviews. - Continue helping with the anti-censorship team hires. Help with: - Mike we should figure out next steps to move thjis to merge. dgoulet: (offline for meeting) Week of 11/5 (planned): - Planned, review and/or work on #28335 with nickm. - Available for ahf to review #28179 and then start working on the code for #28180 (s8). - Finalize whatever s8 other tasks come up this week. Week of 11/5 (actual): - Review #28330 subsystem branch from nickm. - Ticket work on HSv3 bugs: #27841, #28184. Week of 11/12 (planned): - Holiday on November 12th. - Review #28179 important s8 ticket then move on to #28180. - Help nickm with #28335 and childs. gaba: Week of 11/5 (actual): - gettor follow up - hackweek cancel KU reservation - get into ooni work/roadmap - start looking at CVs that come up for data architect position for metrics team - several weekly meetings (ooni, metrics, fundraising, las vegas) and 1:1s - work on DRL proposal that was submitted on Friday Week of 11/12 (planned): - weekly meetings (ooni, metrics, fundraising, las vegas) and 1:1s - metrics data architect position - participate in interviews for anti-censorship team developer - ooni roadmap - gettor help with: - communicating anything about sponsor8-bootstrap help/needs and progress catalyst: week of 11/05 (2018-W45) (planned): - reviews - bug triage rotation - 0.3.5 bugfixes as needed week of 11/05 (2018-W45) (actual): - bug triage - reviewed #28229 - continued reviewing #28226 -- sent comments on msg stuff - preliminary planning for Athens meeting week of 11/12 (2018-W46) (planned): - reviews - #27167 - 0.3.5 bugfixes as needed help with: haxxpop: Week of 11/5 (planned): - Probably discuss about #28275. A lot of ideas are going through. So fun :). And I will fix it if there is something to be changed. - Write the tor-keygen man page, if I have time left. help with: teor (online!): Week of 5 Nov (planned): - Pick up a s8 bootstrap ticket, and do it - Try and make progress on the s8 chutney consensus failure bugfix tickets - Defer: Make the fallback script ignore addresses in the whitelist, so we can rebuild the fallback list - Defer: Work on PrivCount in Tor prototype - merge the crypto_rand_double() C code in #23061, and write a Rust equivalent - minor fixes to privcount_shamir - finish off the travis CI config for chutney / turn it into a config to test PrivCount in Tor Week of 5 Nov (actual): - Started "pick guards from a reasonably live consensus" (#24661), found #28319 - More admin, hackfest planning - Cleared my ticket backlog, lots of little ticket updates, code reviews - Planning for s8-bootstrap - Reviewed metrics' total consensus weight and consensus weight by flag graphs - Extensive reviews on various sbws tickets - Looked at some CVs for the metrics position - Internet Freedom Hack presentation and mentoring Week of 12 Nov (planned): - Continue to work on s8 bootstrap tickets - "pick guards from a reasonably live consensus" (#24661) - do path selection from a reasonably live consensus (#28319) - Fix the s8 chutney consensus failure bugs - Do a review of the sbws specs once a week - Defer: Make the fallback script ignore addresses in the whitelist, so we can rebuild the fallback list - Defer: Work on PrivCount in Tor prototype Week of 12 Nov (actual): - sbws spec ticket review - more admin Help with: - nickm, I would like help on how to access --RUNNING-FORKED in #28096. It seems to require an abstraction layer violation: argv is in tinytest.c, but tor code is in test_common.c. Is there some simple trick I'm missing? (So, IMO it would be okay to look at the "v" argument in main in testing_common.c: it is argv. Yes, that's a layer violation, but tinytest is under our control anyway. Alternatively, we could extend tinytest, I guess? I'll be around at the patch party time to talk more if it's helpful -nickm) juga: Week of 11/05 (planned): - tor code - continue with #21377: DirAuths should expose bwauth bandwidth files - continue with #22453: Relays should regularly do a larger bandwidth self-test - start with #26698: Authorities should put a hash of the bandwidth file in their votes - undecided on trying to start some tasks that are not priority but on which the rest of the work on bandwidth stuff might depend - Week 11/05 (actual): - Tor code - serve bandwidth files used in the votes (#21377) - include the digest of the bandwidth file in the vote (#26698) - Bandwidth File specification - correct scaling methods examples (#27690) - correct key/values (#28085) - Tor Directory Protocol specification - remove bandwidth file headers key/values (#28382) - include a "bandwidth-file" item the vote documents (#28359) - updated sbws Debian package to 1.0 - started to write about the bandwidth distribution goal problem - Week 11/19 (plan): - Tor code - Relays should regularly do a larger bandwidth self-test (#22453) - bandwidth testing circuits should be allowed to use our guards (#19009) - In a private network some relays advertise zero bandwidth-observed (#24250) - sbws - Change integration tests from bash to POSIX shell (#28106) - revisions - Help with: - anyone: review my tickets in "needs_review" :)

1 0

October 2018 report and November 2018 plans for the metrics team
by Karsten Loesing 12 Nov '18

12 Nov '18

Hello Tor, hello world! Below you'll find the highlights of Tor metrics team work done in October 2018 as well as a few expected highlights for the current month, November 2018. On behalf of the Tor metrics team, Karsten October 2018: Added a new graph to Tor Metrics that compares total consensus weights across bandwidth authorities [1, 2]. [1] https://metrics.torproject.org/totalcw.html [2] https://bugs.torproject.org/25459 Extended the graphs on Tor Browser downloads by platform [3] and by locale [4] to also show Tor Browser update pings [5]. [3] https://metrics.torproject.org/webstats-tb-platform.html [4] https://metrics.torproject.org/webstats-tb-locale.html [5] https://bugs.torproject.org/27931 Worked towards extending metrics-web's ipv6servers module to cover existing statistics on relays by flags/versions/platforms [6]. The goal is to replace some really old code and to prepare creating new graphs on relays by consensus weight and bridges by versions/platforms. [6] https://bugs.torproject.org/28116 Deployed changes to streamline percentile computation in various metrics-web modules to now use Apache Commons Math rather than custom implementations [7]. [7] https://bugs.torproject.org/26035 Released CollecTor 1.8.0 [8] with some minor fixes and improved logging to hopefully track down an issue where we were missing server descriptors. [8] https://lists.torproject.org/pipermail/tor-dev/2018-October/013493.html Improved monitoring of Onionoo uptime and freshness [9] [9] https://bugs.torproject.org/28271 November 2018: Start rewriting the CollecTor module that archives relay descriptors in Python using Stem as proof of concept. This is part of our Sponsor 13 work [10]. [10] https://trac.torproject.org/projects/tor/wiki/org/sponsors/Sponsor13 Review and deploy the extended ipv6servers metrics-web module to replace major portions of the old legacy module [11]. [11] https://bugs.torproject.org/28116 Find a Metrics Data Architect as third full-time member of the metrics team. The job description [12] will soon be distributed by the usual channels and also linked from the Tor Metrics website. [12] https://www.torproject.org/about/jobs-metrics-data-architect.html

1 0

Job Opening - Metrics Data Architect
by Erin Wyatt 09 Nov '18

09 Nov '18

Hello, everyone! We have a new open position: https://www.torproject.org/about/jobs-metrics-data-architect.html.en The job posting is available at the link above, pasted below, and attached as a PDF. Please help us spread the word by sharing, forwarding, tweeting, whatever! :) Thank you all! Have a great weekend! Cheers, Erin ————————>8————————>8————————>8 Internet Freedom Nonprofit Seeks Metrics Data Architect 7-Nov-2018 The Tor Project, Inc., a 501(c)(3) nonprofit organization advancing human rights and freedoms by creating and deploying free and open source anonymity and privacy technologies, is seeking an experienced Data Architect to take our metrics work to the next level. Tor is for everyone, and we are actively working to build a team that represents people from all over the world — people from diverse ethnic, national, and cultural backgrounds; people from all walks of life. Racial minorities, non-gender-binary people, women, and people from any group that is generally underrepresented in tech are encouraged to apply. The team: Our Metrics Team has been collecting data since 2004 to help improve the tools we build and learn more about the Tor network. For example, we monitor the number of relays and clients in the network, their respective capabilities, the number of clients connecting via bridges, fluctuations in network speed, etc. Gathering this data results in huge data archives, so we are also working to develop tools to process this data and make it available to everyone. How we achieve our goals: • Robustness (We want to avoid bugs and/or bad design decision that cause us to miss data) • Timeliness (users need up-to-date network status information) • Scalability (as the network grows, so does our data) • Transparency (our community rightly wants to know what data we're collecting) The Tor Metrics team presently consists of two full-time developers; this position will be the third. Our team works asynchronously on each person’s own schedule, but we sync regularly via Git, Trac, IRC, e-mail, and an occasional video chat. The most interesting challenge for the Metrics team is how to gather data on an anonymity system without de-anonymizing users. The job: The person in this position will work directly with helping us design and refine systems for gathering and analyzing data. The bulk of our code is written in Java, but smaller portions are written in R, Python, PostgreSQL, and JavaScript. Part of this job will be to analyze and fix bugs in our current code and review patches. We will also be migrating parts of our code from Java to Python, and the person in this position will help with that. Our main five codebases: • Collector (https://gitweb.torproject.org/collector.git/ ) • metrics-lib (https://gitweb.torproject.org/metrics-lib.git/ ) • Onionoo (https://gitweb.torproject.org/onionoo.git/ ) • Exonerator (https://gitweb.torproject.org/exonerator.git/ ) • metrics-web (https://gitweb.torproject.org/metrics-web.git/ ) Requirements: Technical abilities/experience: • Have experience finding your way into existing Java/Python/R/PostgreSQL code bases and the ability to review patches and make changes to fix bugs/smaller enhancements. • Able to identify shortcomings in our data pipeline and suggest improvements to reduce complexity and future maintenance efforts. • Experience working with Git and Trac or similar issue tracking tools. • Ability to learn quickly and can adapt to our current processes; are able to improve future processes for releasing software and operating services. • Understanding of the inherent privacy implications of gathering data in an anonymity system, the security implications of gathering metrics data from semi-trusted relays in the Tor network, and the challenges of processing large amounts of data per day (specifically performance and scalability challenges). Collaborative requirements: • Ability to work remotely 90% of the time, as most team synchronization happening via email and/or IRC. • Participation in weekly IRC meetings and monthly team video chats. • Willingness and ability to travel internationally up to four times per year, to semi-annual Tor meeting plus up to two team-internal meetings. • Language: write and speak fluent English. • Comfortable posting to a public mailing list or speaking up in a public IRC channel to ask questions, even when you think the question might be obvious or silly. Bonus skills: • Data analysis: Ability to make sense of data sets and use data analysis tools to find and visualize interesting patterns. • Open source attitude: You're accustomed to a pattern of early and frequent releases without attempting to finalize things on your own and have contributed to open source projects before. • Scientific writing: Experience writing technical reports about data findings. • Mathematics: Knowledge of basic statistics. • Networking background: Experience working with networks and measurements in the past. • You support Internet Freedom! This is a full-time position that can be done remotely/internationally or in our office in Seattle, WA. To apply, send a cover letter that includes a statement about why you want to work at the Tor Project, your CV/resume (including three professional references), and a link to a code sample or some non-trivial software project you have significantly contributed to. All documents should be in PDF format labeled with your name. Please send to job-metrics at torproject dot org with “Metrics Data Architect” in the subject line. No phone calls please! Flexible salary, depending on experience. The Tor Project has a highly competitive benefits package, including a generous PTO policy; paid holidays (including the week\ between Christmas and New Year's, when the office is closed); health, vision, dental, disability, and life insurance paid in full for employee; 401(k); and flexible work schedule. (Please note that benefits package specifics can vary slightly from country to country, but we aim to treat everyone equally.) The Tor Project's workforce is smart and committed. The Tor Project currently has a paid and contract staff of around 47 developers and operational support staff, plus many thousands of volunteers who contribute to our work. The Tor Project is funded in part by government research and development grants, and in part by individual, foundation and corporate donations. If you’re new to the Tor Project scene, are curious what our workplace culture is like, or just want to read about how fun our semi-annual meetings are, hear what our new Development Director had to say about all of it: https://blog.torproject.org/reflections-tor-meeting-newbie The Tor Project, Inc., is an equal opportunity, affirmative action employer.

1 0

Notes from November 8 2018 Vegas team meeting
by Karsten Loesing 09 Nov '18

09 Nov '18

Notes for November 8 2018 meeting: Georg: 1) Plans for making our blog more useful by dealing better with comments [alison steps up writing a first draft with help from other folks --GeKo] 2) Future vegas team meeting times Roger: -----On my near-term todo list----- 1) Continue helping Kat with sponsor19 report 2) Write follow-ups, and open trac tickets, from Taipei censorship meetings (many new ideas!) 3) Do the SponsorM final report (due this month) 4) Post a 2016 financials blog post (pending on an answer from Sue about our USG / non-USG ratio) 5) Meeting next week with some department-of-justice people to try to teach more them about the value of encryption (and why not to outlaw it). -----Things you might want to know----- 6) I signed up to potentially be on an NSF review panel in 2019, as part of service to NSF so they continue thinking kindly of us. Dates TBD (if they pick me). 7) I signed up to do a Tor talk at the KNOW 2019 conference in March, since they agreed to do a donation to Tor (woo). 8) I am officially moving to New York City, probably in January. -----Things I'm excited to see progress on----- 9) Steph: how are we doing at taking advantage of OTF's Learning Lab? [I talked to Dan and he'll ping us when it's time to get started; we'll create a post, infographic, or some other material based on one of our projects, probably usability -steph] 10) Gaba: How are we doing at coordinating with Nathan (and OTF engineering lab) on initial bootstrap from censored appstore? 11) Alison: how are we doing at a community lab proposal for bringing Tor community people to the next Tor meeting? [I think we are delaying on this one until the DRL proposal is in, so we can focus on what's most important. -RD] [yeah, I reached out to Al and am going to ping them again next week when they have finished the DRL proposal] 12) Isabela: How are we doing at setting up your internal feedback process? [I plan to work on this with Erin, create an internal communication plan etc] 13) Mike: did you actually launch the tor-researchers list? I see a bunch of pending subscription attempts. [Yes, but I did not announce it or invite anyone yet. The first couple looked spammy/randos and then I got busy with other things - Mike] 14) Geko: can we do a bug bounty status summary? how many bugs, how many bounties, how many reporters, etc? also, should we open up the bounties to more people? OTF seems keen to continue funding the bounties. [Yes, we should have a new contract more or less soonish. And, yes, a summary sounds good. How did you envision that? Just a .txt file/email to tor-project? A blog post with press/social media coverage? Or... --GeKo] [A blog post, the first of a yearly set of blog posts, would be a good first option. -RD][Fine with me. This won't happen in November, though. Should we aim for some time in December then? --GeKo] 15) Alison: status of toronto library endorsement letter? (i think you wrote a draft and then nobody responded) [and then Jon replied just to me asking for it on letterhead, and I sent it back to him signed on letterhead] 16) Erin: do we have an onboarding kit for new employees, explaining travel policies, timesheets, other policies, who to go to for help, etc? Seems like we keep almost having one. [Erin is not on this meeting] 17) Sue: are we good on assigning enough hours to sponsor19, or will the numbers not add up right? 18) Who is leading the censorship developer hiring? [It looks like Erin has started it back up. I heard from Isa that we might ask Gaba and Alex to lead it. -RD] 19) Who is leading the sysadmin hiring? [I heard from Isa that we might ask Linus to lead it. -RD] -----Other things on the edge of my plate----- 20) NYU Tor affiliation plan? [what is this? isa] 21) How are we doing at our plan to handle blog comments more consistently? [i flagged that as something to discuss on my list - Alison] Alison: 1) working on community portal outreach kits. new flyers! 2) worked on DRL proposal with others 3) coordinating LFI board meeting 4) wrapping up LFI cohort 5) organizing curriculum for next LFI cohort 6) submitted IFF CFP 7) Other stuff: LF website redesign, completing training materials for community portal (when we're finished with outreach kits), Colin is working on a Tor relay challenge and planning some relay operator meetups, and the rest of the community team will finalize sponsor9 travel for next year soon Arturo: 1) Wrote a lot of specifications for new measurement techniques to use in OONI Probe tests: https://github.com/ooni/spec/pull/118 2) Working towards a beta release of OONI Probe 2.0 3) Had an important infrastructure incident which is still being resolved: https://github.com/ooni/sysadmin/issues/24 4) Helped write the DRL proposal 5) Maria went to Taiwan for the OTF summit & several other community events Nick: 1) Two new releases out. Any chance for a TB alpha before mid-dec, so we can get users trying the latest alpha before we are planning to ship the stable? [Should be doable. Maybe in week 47 (like two weeks from nowish)? --GeKo] 2) Going to have to clamp down on what we actually fix in 0.3.5. It's time to triage out all but the most critical stuff; please be aware (and selective) when we ask for 035-must tickets. Mike: 1) Sponsor2 work Gaba: 1) Followed up on Gettor but so far not answer from ilv. Hiro offered to do the work on refactoring that needs to happen to get it back to work. I will talk with her on Monday if ilv does not answer by then. 2) Started getting into OONI to help with roadmap and work assignment. Will start participating in their roadmap and meetings. 3) Network team is working good on their way to complete work for sponsor 8 that ends on December 31st. 4) Metrics team hiring the a data architect for the team. Started receiving CVs. 5) Helped with DRL proposal. 6) Sent mail to Nathan (cced Isa) on engineering lab. It seems from the reply he gave that we need to draft a more specific proposal for him to look at. I mentioned gettor but not initial bootstrap from censored appstore.. 7) Hackweek (metrics & network) in Brussels underway. Jon is looking for a hotel to host the meetings in Brussels. Cancelled KU Leuven as it was too much back and forth for some people. 8) Interviews for anti-censorship position are coming. It will be hard to have people already volunteering on it and very good candidates to choose from. Not easy decision. 9) Roger: I sent you a mail to coordinate the SponsorM report. [right, will answer -RD] Pili: 1) Started putting together SIDA Phase 1 report 2) Helping out with DRL Proposal 3) Iterating on best way to Visual Identity Definition Project 4) Iterating on framework for user testing reports. isabela: 1) I'm working on DRL proposal 2) I had a long catch up sync with Roger 3) I will meet OTF PMs this Saturday and SIDA PM this Sunday 4) I will be in Seattle from Nov 12-16 to finalize the transition Sarah: 1) Helping with DRL proposal. 2) YE campaign - sorted out metrics confusion with Karsten and good news is that we are seeing increased traffic to the donate page over last year, but the bad news is that we are seeing fewer donations. I am working today to modify the donate page and will ping Antonela for new banner art and have Giant Rabbit implement. 3) Meeting with OTF and SIDA PMs with Isa this weekend. 4) Next week will finalize with Al postal mail letters to donors we don't have email addresses for and letter to family foundations. 5) Moving forward with allowing people to donate additional types of cryptocurrency. 6) Researching conferences and events for fundraising opportunities. Sue: 1) Working on budget and budget narrative for DRL proposal 2) Working with auditors to complete tax return by 11/15 deadline 3) Invoicing for work completed in 3Q 4) Working on completion of MA PC for 2016 Steph: 1) working on blog post and press release. 2) wrote copy for a couple more pages for the new site 3) working with The Berkeley Group on our brand study 4) submitting a panel to LibrePlanet 5) talked with Dan at OTF about Learning Lab 6) preparing for campaign blog posts 7) starting to use Tor stories gathered through our survey for promotion Antonela: 1) working on TB security settings. 2) working on TBA #28329, #27399. 3) synced with Geko and Isabela about the UX work on the DRL Proposal. 4) submitted a talk to the Open Design track in FOSDEM. 5) working with Steph and Isabela on freezing tpo.org and tpo.org/about so we can move it to translation and development. 6) working with the community team on our new outreach material. 7) a new banner iteration on the EOY campaign is live at tpo.org [I'll send you a note about donate.tpo today. I think it would help the campaign to change the TB banner before 12/11, but don't know how much work that creates for everyone. - Sarah][Noted. I think that might be doable in the same week as the alpha and probably a new Tor Browser for Android are coming out. --GeKo] Karsten: 1) Had a very useful retrospective and roadmap session with irl and gaba. 2) Created a bunch of tickets for roadmap items. 3) Discussed various graphs related to consensus weight. Shari: 1) helping with DRL proposal! 2) so many loose ends 3) Isa's in Seattle next week for the transfer of power! :)

1 0