- tor-project - lists.torproject.org

Anti-censorship team meeting notes, 2024-08-22
by Shelikhoo 22 Aug '24

22 Aug '24

Hey everyone! Here are our meeting logs: http://meetbot.debian.net/tor-meeting/2024/tor-meeting.2024-08-22-16.00.html And our meeting pad: Anti-censorship work meeting pad -------------------------------- Anti-censorship -------------------------------- Next meeting: Thursday, August 29 16:00 UTC Facilitator: meskio ^^^(See Facilitator Queue at tail) Weekly meetings, every Thursday at 16:00 UTC, in #tor-meeting at OFTC (channel is logged while meetings are in progress) This week's Facilitator: shelikhoo == Goal of this meeting == Weekly check-in about the status of anti-censorship work at Tor. Coordinate collaboration between people/teams on anti-censorship at the Tor Project and Tor community. == Links to Useful documents == * Our anti-censorship roadmap: * Roadmap:https://gitlab.torproject.org/groups/tpo/anti-censorship/-/boards * The anti-censorship team's wiki page: * https://gitlab.torproject.org/tpo/anti-censorship/team/-/wikis/home * Past meeting notes can be found at: * https://lists.torproject.org/pipermail/tor-project/ * Tickets that need reviews: from projects, we are working on: * All needs review tickets: * https://gitlab.torproject.org/groups/tpo/anti-censorship/-/merge_requests?s… * Project 158 <-- meskio working on it * https://gitlab.torproject.org/groups/tpo/anti-censorship/-/issues/?label_na… == Announcements == * == Discussion == - Snowflake debian package is outdated: - Is there a plan for updates? If AC-Team wants to increase the number of snowflake standalone proxies, we need to maintain deb packages. Should we start a call for maintainers? If so, what are the requirements? - MR: https://gitlab.torproject.org/tpo/web/community/-/merge_requests/386/diffs Please note that every new string added to the community portal is localized. If this is a temporary issue, I don't think it worth merging it. (gus) - we do plan to update it but it will take some months, there will be work as part of P146 * https://github.com/eyedeekay/blizzard/ "Blizzard: The I2P Snowflake donor Plugin" * should we ask them to use a diferent identifier than "standalone" to find them in the stats? * meskio will open an issue on their side to ask them to use a different name * https://github.com/eyedeekay/blizzard/issues/5 * meskio has archived https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… * hasn't being updated in 3 years * no complains for now * PT binary size updates * https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/42607 * Remove conjure from android as a last resort * Manifest V3 Deployment pending, will proceed on next week == Actions == == Interesting links == == Reading group == * We will discuss "Bridging Barriers: A Survey of Challenges and Priorities in the Censorship Circumvention Landscape" on Aug 22, 2024 * PDF at https://www.usenix.org/conference/usenixsecurity24/presentation/xue-bridging * Questions to ask and goals to have: * What aspects of the paper are questionable? * Are there immediate actions we can take based on this work? * Are there long-term actions we can take based on this work? * Is there future work that we want to call out in hopes that others will pick it up? == Updates == Name: This week: - What you worked on this week. Next week: - What you are planning to work on next week. Help with: - Something you need help with. cecylia (cohosh): 2024-08-22 Last week: - worked with applications team on reducing PT binary size - https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… - https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/merge_re… - lots of reviews and gitlab todo items - ttp grant writing for conjure work This week: - finish backlog of reviews and todo items - take a look at snowflake web and webext translations and best practices - make changes to Lox encrypted bridge table - https://gitlab.torproject.org/tpo/anti-censorship/lox/-/merge_requests/147 Needs help with: dcf: 2024-08-22 Last week: - presented Snowflake research at USENIX Security 2024 https://www.usenix.org/conference/usenixsecurity24/presentation/bocovich https://www.bamsoftware.com/talks/snowflake-usenix2024/ - commented on exposing pollInterval in snowflake proxy API https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… - linked past "anti-fraud" issue to recent GFWeb research https://gitlab.torproject.org/tpo/anti-censorship/censorship-analysis/-/iss… - commented on adjusting copy buffer size in snowflake proxy https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… - sent email to authors to try and resolve obfs4/lyrebird naming confusion https://lists.torproject.org/pipermail/anti-censorship-team/2024-August/000… Next week: - open issue to have snowflake-client log whenever KCPInErrors is nonzero https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… - parent: https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… - open issue to disable /debug endpoint on snowflake broker - move snowflake-02 to new VM Help with: - tell me when to restart the brokers for https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… meskio: 2023-08-22 Last week: - deploy email distributors in rdsys in parallel with BridgeDB (rdsys#187) - test our new deployments - test ipv6 and webtunnel fake descriptors in rdsys-test (rdsys!365) - restart onionsprouts bot and investigate why it was not working (onionsproutsbot#62) - archive snowflake-mobile repo (snowflake-mobile#23) - investigate why gettor is not updating github and gitlab (rdsys#189) Next week: - don't distribute blocked-in bridges in moat and https (rdsys#204) - gettor updater should send links to github/gitlab (rdsys#189) Shelikhoo: 2024-08-22 Last Week: - Chrome Manifest V3 transition: https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… - Merge request reviews Next Week/TODO: - Merge request reviews - Release Manifest V3 onyinyang: 2023-08-22 Last week(s): - continue with key rotation integration work Next week: - continue with key rotation integration work - collect issues and TODOs for all Lox work that needs to be done before deployment - add trusted invitation logic to tor browser integration: https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/42974 - Work on outstanding milestone issues: in particular: https://gitlab.torproject.org/tpo/anti-censorship/lox/-/issues/69 - key rotation automation Later: - begin implementing some preliminary user feedback mechanism to identify bridge blocking based on Vecna's work - improve metrics collection/think about how to show Lox is working/valuable - sketch out Lox blog post/usage notes for forum (long term things were discussed at the meeting!): https://pad.riseup.net/p/tor-ac-community-azaleas-room-keep - brainstorming grouping strategies for Lox buckets (of bridges) and gathering context on how types of bridges are distributed/use in practice Question: What makes a bridge usable for a given user, and how can we encode that to best ensure we're getting the most appropriate resources to people? 1. Are there some obvious grouping strategies that we can already consider? e.g., by PT, by bandwidth (lower bandwidth bridges sacrificed to open-invitation buckets?), by locale (to be matched with a requesting user's geoip or something?) 2. Does it make sense to group 3 bridges/bucket, so trusted users have access to 3 bridges (and untrusted users have access to 1)? More? Less? theodorsm: 2024-08-22 Last weeks: - Expose hooks in pion/webrtc library Next weeks: - Update Snowflake to use latest pion upstream releases (DTLS: v3 and WebRTC: beta v4) - Test Snowflake fork with covert-dtls - Condensing thesis into paper Help with: - Feedback on thesis Facilitator Queue: meskio onyinyang shelikhoo 1. First available staff in the Facilitator Queue will be the facilitator for the meeting 2. After facilitating the meeting, the facilitator will be moved to the tail of the queue

1 0

Anti-censorship team meeting notes, 2024-08-15
by onyinyang 19 Aug '24

19 Aug '24

Hey everyone! Sorry for the delay in getting the meeting notes sent out from Thursday. Here are our meeting logs: http://meetbot.debian.net/tor-meeting/2024/tor-meeting.2024-08-15-16.00.html And our meeting pad: Anti-censorship work meeting pad -------------------------------- Anti-censorship -------------------------------- Next meeting: Thursday, August 22 16:00 UTC Facilitator: shelikhoo ^^^(See Facilitator Queue at tail) Weekly meetings, every Thursday at 16:00 UTC, in #tor-meeting at OFTC (channel is logged while meetings are in progress) This week's Facilitator: onyinyang == Goal of this meeting == Weekly check-in about the status of anti-censorship work at Tor. Coordinate collaboration between people/teams on anti-censorship at the Tor Project and Tor community. == Links to Useful documents == * Our anti-censorship roadmap: * Roadmap:https://gitlab.torproject.org/groups/tpo/anti-censorship/-/boards * The anti-censorship team's wiki page: * https://gitlab.torproject.org/tpo/anti-censorship/team/-/wikis/home * Past meeting notes can be found at: * https://lists.torproject.org/pipermail/tor-project/ * Tickets that need reviews: from projects, we are working on: * All needs review tickets: * https://gitlab.torproject.org/groups/tpo/anti-censorship/-/merge_requests?s… * Project 158 <-- meskio working on it * https://gitlab.torproject.org/groups/tpo/anti-censorship/-/issues/?label_na… == Announcements == * == Discussion == == Actions == == Interesting links == * It's important to choose good function names – you never know when one will be immortalized in print! * https://cs.uwaterloo.ca/~dbarrada/papers/kon_sec24.pdf#page=8 * "We also added a /add handler to the proxy's HTTP server to enable direct reception of SDP offers from clients, using the existing makePeerConnectionFromOffer function for client connection." * makePeerConnectionFromOffer has been there since 2017: https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… * https://github.com/unknown-cstdio/iceball "A fork of snowflake that works as standalone proxy hosted in spot vm" * https://github.com/xvzc/SpoofDPI * https://github.com/eyedeekay/blizzard/ "Blizzard: The I2P Snowflake donor Plugin" == Reading group == * We will discuss "Bridging Barriers: A Survey of Challenges and Priorities in the Censorship Circumvention Landscape" on Aug 22, 2024 * PDF at * https://lists.torproject.org/pipermail/anti-censorship-team/attachments/202… * Questions to ask and goals to have: * What aspects of the paper are questionable? * Are there immediate actions we can take based on this work? * Are there long-term actions we can take based on this work? * Is there future work that we want to call out in hopes that others will pick it up? == Updates == Name: This week: - What you worked on this week. Next week: - What you are planning to work on next week. Help with: - Something you need help with. cecylia (cohosh): 2024-08-08 Last week: - reviewed snowflake mv3 changes - checked on snowflake proxy counts - https://gitlab.torproject.org/tpo/anti-censorship/team/-/issues/142 - looked into logged pion library errors This week: - take a look at snowflake web and webext translations and best practices - make changes to Lox encrypted bridge table - https://gitlab.torproject.org/tpo/anti-censorship/lox/-/merge_requests/147 Needs help with: dcf: 2024-08-10 Last week: - opened minor issue for chaning error messages from %v to %w https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… - reviewed snowflake unreliable+unordered data channels rev2 https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… - snowflake azure CDN bookkeeping https://gitlab.torproject.org/tpo/anti-censorship/team/-/wikis/Snowflake-co… Next week: - open issue to have snowflake-client log whenever KCPInErrors is nonzero https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… - parent: https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… - open issue to disable /debug endpoint on snowflake broker - move snowflake-02 to new VM Help with: - tell me when to restart the brokers for https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… meskio: 2023-08-15 Last week: - partially AFK - tag a new rdsys version 0.13 - find issues with rdsys and tag 0.13.1 (rdsys!357) - deploy https distributor (rdsys#214) - prepare and give a talk about S96 Next week: - deploy email distributors in rdsys in parallel with BridgeDB (rdsys#187) - test our new deployments Shelikhoo: 2024-08-01 Last Week: - Chrome Manifest V3 transition: https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… - Merge request review - Merge request reviews Next Week/TODO: - Merge request reviews - (AFK: DWebCamp) - Usenix Security Conference onyinyang: 2023-08-15 Last week(s): - vacation - continued with key rotation integration work Next week: - continue with key rotation integration work - add trusted invitation logic to tor browser integration: https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/42974 - Work on outstanding milestone issues: in particular: https://gitlab.torproject.org/tpo/anti-censorship/lox/-/issues/69 - key rotation automation Later: - begin implementing some preliminary user feedback mechanism to identify bridge blocking based on Vecna's work - improve metrics collection/think about how to show Lox is working/valuable - sketch out Lox blog post/usage notes for forum (long term things were discussed at the meeting!): https://pad.riseup.net/p/tor-ac-community-azaleas-room-keep - brainstorming grouping strategies for Lox buckets (of bridges) and gathering context on how types of bridges are distributed/use in practice Question: What makes a bridge usable for a given user, and how can we encode that to best ensure we're getting the most appropriate resources to people? 1. Are there some obvious grouping strategies that we can already consider? e.g., by PT, by bandwidth (lower bandwidth bridges sacrificed to open-invitation buckets?), by locale (to be matched with a requesting user's geoip or something?) 2. Does it make sense to group 3 bridges/bucket, so trusted users have access to 3 bridges (and untrusted users have access to 1)? More? Less? theodorsm: 2024-08-15 Last weeks: Next weeks: - Update Snowflake to use latest pion upstream releases (DTLS: v3 and WebRTC: beta v4) - Test Snowflake fork with covert-dtls - Condensing thesis into paper Help with: - Feedback on thesis Facilitator Queue: onyinyang shelikhoo meskio 1. First available staff in the Facilitator Queue will be the facilitator for the meeting 2. After facilitating the meeting, the facilitator will be moved to the tail of the queue -- --- onyinyang GPG Fingerprint 3CC3 F8CC E9D0 A92F A108 38EF 156A 6435 430C 2036

1 0

ebanam's user support report for July 2024
by ebanam 15 Aug '24

15 Aug '24

Hello everyone! This is the user support report for the month of July. We saw another uptick in tickets from Chinese speaking users which can be attributed to the amazing outreach work[0]! Most of my work last month consisted of helping users in regions where Tor is censored which usually involves helping with instructions on how to use bridges, snowflake and other censorship circumvention methods, accessing Tor mirror sites, using GetTor as an alternative way to fetch Tor Browser binaries and general troubleshooting. As an interesting fact, July also saw more tickets coming in from email than Telegram! :) # Frontdesk (email support channel) * 546(↓) RT tickets created * 602(↑) RT tickets resolved Tickets by numbers: 1. 343(↑) RT tickets: private bridge requests from Chinese speaking users. 2. 139(↑) RT tickets: circumventing censorship in Russian speaking countries. 3. 4(↑) RT tickets: Circumventing censorship with Tor in Farsi. 4. 4 RT tickets: Reports of websites blocking Tor. 5. 4 RT tickets: 'New Identity' feature is not working in latest versions of Tor Browser for Android.[1] 6. 3 RT tickets: Questions about the banner warning users about the upcoming EOL for Win ≤8.1 and macOS ≤10.14.[2] Highlighting some other topics we received questions and feedback: 7. 3 RT tickets: Help with troubleshooting Tor Browser install on Windows. 8. Instructions and help with verifying Tor Browser's PGP signature. # Telegram, WhatsApp and Signal Support channel * 498(↓) tickets resolved Breakdown: * 476(↓) tickets on Telegram * 20(-) tickets on WhatsApp * 2(↓) ticket on Signal Tickets by numbers: 1. 286(↓) tickets: circumventing censorship in Russian speaking countries. 2. 52(↑) tickets: circumventing censorship with Tor in Farsi. 3. 23(↓) tickets: private bridge requests from Chinese speaking users. 4. 20 tickets: helping users on iOS, using Onion Browser or Orbot, to use censorship circumvention methods. Highlighting some other topics we received questions about: 5. 6 tickets: instructions on how to get Tor Browser binaries from GetTor. 6. 2 tickets: Reports of fake Tor apps in iOS App Store. 7. Help with troubleshooting Tor Browser install on macOS. # Highlights from the Tor Forum 1. Element's WebApp not working with Tor Browser.[3] 2. Importing browser data into Tor Browser.[4] e. [0]: https://github.com/torproject/tor4zh [1]: https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/42589 [2]: https://tb-manual.torproject.org/installation/#system-requirements [3]: https://forum.torproject.org/t/app-element-io-broken-after-update/13548 [4]: https://forum.torproject.org/t/not-able-to-import-browsing-data-passwords-a…

2 1

Anti-censorship team meeting notes, 2024-08-08
by meskio 08 Aug '24

08 Aug '24

Hey everyone! Here are our meeting logs: http://meetbot.debian.net/tor-meeting/2024/tor-meeting.2024-08-08-16.00.html And our meeting pad: Anti-censorship -------------------------------- Next meeting: Thursday, August 16 16:00 UTC Facilitator: onyinyang ^^^(See Facilitator Queue at tail) Weekly meetings, every Thursday at 16:00 UTC, in #tor-meeting at OFTC (channel is logged while meetings are in progress) This week's Facilitator: meskio == Goal of this meeting == Weekly check-in about the status of anti-censorship work at Tor. Coordinate collaboration between people/teams on anti-censorship at the Tor Project and Tor community. == Links to Useful documents == * Our anti-censorship roadmap: * Roadmap:https://gitlab.torproject.org/groups/tpo/anti-censorship/-/boards * The anti-censorship team's wiki page: * https://gitlab.torproject.org/tpo/anti-censorship/team/-/wikis/home * Past meeting notes can be found at: * https://lists.torproject.org/pipermail/tor-project/ * Tickets that need reviews: from projects, we are working on: * All needs review tickets: * https://gitlab.torproject.org/groups/tpo/anti-censorship/-/merge_requests?s… * Project 158 <-- meskio working on it * https://gitlab.torproject.org/groups/tpo/anti-censorship/-/issues/?label_na… == Announcements == * == Discussion == * https://github.com/pion/dtls/releases/tag/v3.0.0 == Actions == == Interesting links == == Reading group == * We will discuss "Bridging Barriers: A Survey of Challenges and Priorities in the Censorship Circumvention Landscape" on Aug 22, 2024 * PDF at https://lists.torproject.org/pipermail/anti-censorship-team/2024-August/000… * Questions to ask and goals to have: * What aspects of the paper are questionable? * Are there immediate actions we can take based on this work? * Are there long-term actions we can take based on this work? * Is there future work that we want to call out in hopes that others will pick it up? == Updates == Name: This week: - What you worked on this week. Next week: - What you are planning to work on next week. Help with: - Something you need help with. cecylia (cohosh): 2024-08-08 Last week: - reviewed snowflake mv3 changes - checked on snowflake proxy counts - https://gitlab.torproject.org/tpo/anti-censorship/team/-/issues/142 - looked into logged pion library errors This week: - take a look at snowflake web and webext translations and best practices - make changes to Lox encrypted bridge table - https://gitlab.torproject.org/tpo/anti-censorship/lox/-/merge_requests/147 Needs help with: dcf: 2024-08-01 Last week: - snowflake azure CDN bookkeeping https://gitlab.torproject.org/tpo/anti-censorship/team/-/wikis/Snowflake-co… - attended FOCI and PETS, had conversations with people from Raceboat, TorKameleon, FEPs - commented on PT STATUS incompatibility with Arti https://gitlab.torproject.org/tpo/core/torspec/-/issues/267#note_3054205 Next week: - review snowflake unreliable+unordered data channels rev2 https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… - open issue to have snowflake-client log whenever KCPInErrors is nonzero https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… - parent: https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… - open issue to disable /debug endpoint on snowflake broker - move snowflake-02 to new VM Help with: - tell me when to restart the brokers for https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… meskio: 2023-08-08 Last week: - distribute IPv6 bridges in rdsys (rdsys#215) - add TLS_ERROR support to bridgestrap (bridgestrap#45) - update lyrebird in Tor Browser to include IPv6 support in webtunnel (tor-browser-build!1012) - report a different implementation for snowflake client and server (snowflake!348) Next week: - deploy email and https distributors in rdsys in parallel with BridgeDB (rdsys#187 rdsys#214) Shelikhoo: 2024-08-01 Last Week: - Chrome Manifest V3 transition: https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… - Merge request review - Merge request reviews Next Week/TODO: - Merge request reviews - (AFK: DWebCamp) - Usenix Security Conference onyinyang: 2023-08-01 Last week(s): - continue with key rotation integration work - fix lastPassed issue in rdsys (or lox if Next week: - vacation - continue with key rotation integration work - add trusted invitation logic to tor browser integration: https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/42974 - Work on outstanding milestone issues: in particular: https://gitlab.torproject.org/tpo/anti-censorship/lox/-/issues/69 - key rotation automation Later: - begin implementing some preliminary user feedback mechanism to identify bridge blocking based on Vecna's work - improve metrics collection/think about how to show Lox is working/valuable - sketch out Lox blog post/usage notes for forum (long term things were discussed at the meeting!): https://pad.riseup.net/p/tor-ac-community-azaleas-room-keep - brainstorming grouping strategies for Lox buckets (of bridges) and gathering context on how types of bridges are distributed/use in practice Question: What makes a bridge usable for a given user, and how can we encode that to best ensure we're getting the most appropriate resources to people? 1. Are there some obvious grouping strategies that we can already consider? e.g., by PT, by bandwidth (lower bandwidth bridges sacrificed to open-invitation buckets?), by locale (to be matched with a requesting user's geoip or something?) 2. Does it make sense to group 3 bridges/bucket, so trusted users have access to 3 bridges (and untrusted users have access to 1)? More? Less? theodorsm: 2023-08-08 Last weeks: - Vacation Next weeks: - Update Snowflake to use latest pion upstream releases (DTLS: v3 and WebRTC: v4) - Test Snowflake fork with covert-dtls - Condensing thesis into paper Help with: - Feedback on thesis Facilitator Queue: onyinyang meskio shelikhoo 1. First available staff in the Facilitator Queue will be the facilitator for the meeting 2. After facilitating the meeting, the facilitator will be moved to the tail of the queue -- meskio | https://meskio.net/ -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- My contact info: https://meskio.net/crypto.txt -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Nos vamos a Croatan.

1 0

Rhatto's Monthly Status Report, July 2024
by rhatto 01 Aug '24

01 Aug '24

Hi all :) This is my monthly status report for July 2024 with the main relevant activities I have done or was involved during the period. ## 1. Development * Onionbalance: the v2 codebase was finally removed (thanks @federico!): https://gitlab.torproject.org/tpo/onion-services/onionbalance/-/merge_reque… ## 2. Support * Update your bookmarks! The Onion Service Ecosystem docs has a new canonical URL: https://onionservices.torproject.org Thanks gus and lavamind for support and advice for finding a new location for these docs. Details at https://gitlab.torproject.org/tpo/onion-services/ecosystem/-/issues/1 ## 3. Organization * Most of my time was used in improving workflows and on general planning. * Ongoing sponsored work with deployment, maintenance and monitoring of Onion Services. -- Silvio Rhatto pronouns he/him

1 0

Anti-censorship team meeting notes, 2024-08-01
by Shelikhoo 01 Aug '24

01 Aug '24

Hey everyone! Here are our meeting logs: mailto:tor-project@lists.torproject.org?subject=%5Btor-project%5D%20Anti-censorship%20team%20meeting%20notes%2C%202024-08-01 And our meeting pad: Anti-censorship work meeting pad -------------------------------- Anti-censorship -------------------------------- Next meeting: Thursday, August 8 16:00 UTC Facilitator: meskio ^^^(See Facilitator Queue at tail) Weekly meetings, every Thursday at 16:00 UTC, in #tor-meeting at OFTC (channel is logged while meetings are in progress) This week's Facilitator: shelikhoo == Goal of this meeting == Weekly check-in about the status of anti-censorship work at Tor. Coordinate collaboration between people/teams on anti-censorship at the Tor Project and Tor community. == Links to Useful documents == * Our anti-censorship roadmap: * Roadmap:https://gitlab.torproject.org/groups/tpo/anti-censorship/-/boards * The anti-censorship team's wiki page: * https://gitlab.torproject.org/tpo/anti-censorship/team/-/wikis/home * Past meeting notes can be found at: * https://lists.torproject.org/pipermail/tor-project/ * Tickets that need reviews: from projects, we are working on: * All needs review tickets: * https://gitlab.torproject.org/groups/tpo/anti-censorship/-/merge_requests?s… * Project 158 <-- meskio working on it * https://gitlab.torproject.org/groups/tpo/anti-censorship/-/issues/?label_na… == Announcements == * == Discussion == * Rename Sponsor to Project * Sponsors are now named Project * currently we are working on Project 158 or P158... == Actions == == Interesting links == == Reading group == * We will discuss "Bridging Barriers: A Survey of Challenges and Priorities in the Censorship Circumvention Landscape" on Aug 22, 2024 * Questions to ask and goals to have: * What aspects of the paper are questionable? * Are there immediate actions we can take based on this work? * Are there long-term actions we can take based on this work? * Is there future work that we want to call out in hopes that others will pick it up? == Updates == Name: This week: - What you worked on this week. Next week: - What you are planning to work on next week. Help with: - Something you need help with. cecylia (cohosh): 2024-08-01 Last week: - attended FOCI and PETS This week: - review MV3 changes - take a look at snowflake web and webext translations and best practices - make changes to Lox encrypted bridge table - https://gitlab.torproject.org/tpo/anti-censorship/lox/-/merge_requests/147 Needs help with: dcf: 2024-08-01 Last week: - snowflake azure CDN bookkeeping https://gitlab.torproject.org/tpo/anti-censorship/team/-/wikis/Snowflake-co… - attended FOCI and PETS, had conversations with people from Raceboat, TorKameleon, FEPs - commented on PT STATUS incompatibility with Arti https://gitlab.torproject.org/tpo/core/torspec/-/issues/267#note_3054205 Next week: - review snowflake unreliable+unordered data channels rev2 https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… - open issue to have snowflake-client log whenever KCPInErrors is nonzero https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… - parent: https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… - open issue to disable /debug endpoint on snowflake broker - move snowflake-02 to new VM Help with: - tell me when to restart the brokers for https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… meskio: 2023-08-01 Last week: - check if lyrebird reduces size removing old PTs (it doesn't that much) (lyrebird#40016) - add dkim verification to rdsys email distributor (rdsys#211) - plan rdsys deployment replacing BridgeDB - finish the work on Sponsor 96 final report Next week: - distribute IPv6 bridges in rdsys (bridgedb#40071) Shelikhoo: 2024-08-01 Last Week: - Chrome Manifest V3 transition: https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… - Merge request review - Merge request reviews Next Week/TODO: - Merge request reviews - (AFK: DWebCamp) - Usenix Security Conference onyinyang: 2023-08-01 Last week(s): - continue with key rotation integration work - fix lastPassed issue in rdsys (or lox if Next week: - vacation - continue with key rotation integration work - add trusted invitation logic to tor browser integration: https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/42974 - Work on outstanding milestone issues: in particular: https://gitlab.torproject.org/tpo/anti-censorship/lox/-/issues/69 - key rotation automation Later: - begin implementing some preliminary user feedback mechanism to identify bridge blocking based on Vecna's work - improve metrics collection/think about how to show Lox is working/valuable - sketch out Lox blog post/usage notes for forum (long term things were discussed at the meeting!): https://pad.riseup.net/p/tor-ac-community-azaleas-room-keep - brainstorming grouping strategies for Lox buckets (of bridges) and gathering context on how types of bridges are distributed/use in practice Question: What makes a bridge usable for a given user, and how can we encode that to best ensure we're getting the most appropriate resources to people? 1. Are there some obvious grouping strategies that we can already consider? e.g., by PT, by bandwidth (lower bandwidth bridges sacrificed to open-invitation buckets?), by locale (to be matched with a requesting user's geoip or something?) 2. Does it make sense to group 3 bridges/bucket, so trusted users have access to 3 bridges (and untrusted users have access to 1)? More? Less? theodorsm: 2023-07-11 Last weeks: - Completed my master thesis (https://theodorsm.net/thesis) - Had some time off Next weeks: - Wait for pion upstream releases - Test Snowflake fork with covert-dtls - Condensing thesis into paper Help with: - Feedback on thesis Facilitator Queue: onyinyang meskio shelikhoo 1. First available staff in the Facilitator Queue will be the facilitator for the meeting 2. After facilitating the meeting, the facilitator will be moved to the tail of the queue

1 0

Nina’s Monthly Status Report, July 2024
by Nina 01 Aug '24

01 Aug '24

Hello! Below is my July’24 report! In July, I resolved 587 tickets: On Telegram (@TorProjectSupportBot) - 427 On RT (frontdesk@tpo) - 145 On WhatsApp (+447421000612) - 13 and on Signal (+17787431312) - 2. My main focus is to help Russian-speaking users get access to Tor. To do that I: 1. Share bridges and instructions. 2. Collect feedback. 3. Help with troubleshooting. 4. Monitor censorship events in the Central Asiacountries [1]. The increased internet censorship in Russia, in particular, the throttling of YouTube [2], led to an increase in the number of tickets at the end of the month. I continue to collect information on the bug with Tor Browser for Android (TBA) not working on Samsung devices [3]. In July'2024, Apple fulfilled the Roskomnadzor request to ban some VPN apps from the AppStore[4]. To prepare for their further actions, I checked the alternative ways to get and install Tor Browser for Android using F-Droid. I wrote updated instructions on how to do that. That helped to find an issue with Tor Browser for Android marked as an "anti-feature" app on the F-Droid app catalog[5] and how this make censored users life more difficult to get TBA. Also, I checked the sideloading options for iOS and Onion Browser, which are very difficult for regular users to follow. Also, I continue to reviewRussian translationsin weblate, which often helps to improve our user documentation[6]. [1] https://gitlab.torproject.org/tpo/anti-censorship/censorship-analysis/-/iss… [2] https://www.bloomberg.com/news/articles/2024-07-25/youtube-throttled-in-rus… [3]https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/42714 [4] https://therecord.media/apple-app-store-russia-vpns [5] https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/41161#n… [6] https://gitlab.torproject.org/tpo/web/manual/-/issues/173 Thanks!

1 0

PieroV's Monthly Status Report, July 2024
by Pier Angelo Vendrame 01 Aug '24

01 Aug '24

Hi everyone! Here is my status report for July 2024. I worked almost exclusively on the ESR transition also this month. I reviewed the rebased patchset more deeply to find potential runtime and logic errors caused by upstream changes or similar problems [0]. For example, upstream worked a lot on search engines, and the patch we had for providing our custom default selection broke as a result, and we had to re-implement it. Then, before the 14.0a1 release, I rebased Tor Browser and Mullvad Browser onto 128.0. After that, I switched to audits. During every ESR transition, we check all the bugs Mozilla closed to see if some need particular attention [1]. Until last year, this work was carried out only by a person. This year, we decided to spread it to all the team and have multiple persons review each Firefox version. I was assigned Firefox 116 to 119, and so far, I've reviewed 119+118 and started 117. Apart from that, I worked on the usual maintenance tasks: I rebased the 13.5 series onto 115.13.0esr for 13.5.1 at the beginning of the month, and yesterday, I rebased onto 115.14.0esr and 128.1.0esr for 13.5.2 and 14.0a2, respectively. Finally, I worked on sunsetting Windows 7 support on 14.0 [2], and I updated our pipeline to fetch Firefox's translations after they were moved to GitHub [3], as this blocked 13.5.1. Cheers, Pier [0] https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/42616 [1] https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/42757 [2] https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/issues/4… [3] https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/issues/4…

1 0

Anti-censorship team meeting notes, 2024-07-25
by meskio 25 Jul '24

25 Jul '24

Hey everyone! Here are our meeting logs: http://meetbot.debian.net/tor-meeting/2024/tor-meeting.2024-07-25-16.00.html And our meeting pad: Anti-censorship -------------------------------- Next meeting: Thursday, August 1 16:00 UTC Facilitator: shelikhoo ^^^(See Facilitator Queue at tail) Weekly meetings, every Thursday at 16:00 UTC, in #tor-meeting at OFTC (channel is logged while meetings are in progress) This week's Facilitator: meskio == Goal of this meeting == Weekly check-in about the status of anti-censorship work at Tor. Coordinate collaboration between people/teams on anti-censorship at the Tor Project and Tor community. == Links to Useful documents == * Our anti-censorship roadmap: * Roadmap:https://gitlab.torproject.org/groups/tpo/anti-censorship/-/boards * The anti-censorship team's wiki page: * https://gitlab.torproject.org/tpo/anti-censorship/team/-/wikis/home * Past meeting notes can be found at: * https://lists.torproject.org/pipermail/tor-project/ * Tickets that need reviews: from sponsors, we are working on: * All needs review tickets: * https://gitlab.torproject.org/groups/tpo/anti-censorship/-/merge_requests?s… * Sponsor 96 <-- meskio, shell, onyinyang, cohosh * https://gitlab.torproject.org/groups/tpo/-/milestones/24 * Sponsor 150 <-- meskio working on it * https://gitlab.torproject.org/groups/tpo/anti-censorship/-/issues/?label_na… == Announcements == * Roger wrote up his Snowflake blocking experiment notes, https://lists.torproject.org/pipermail/anti-censorship-team/2024-July/00034… -- more hackweek/experiment opportunities remain :) == Discussion == == Actions == == Interesting links == * https://arxiv.org/abs/2405.13310 "Bytes to Schlep? Use a FEP: Hiding Protocol Metadata with Fully Encrypted Protocols" * update to https://censorbib.nymity.ch/#Fenske2023a "Security Notions for Fully Encrypted Protocols" from FOCI 2023 * https://github.com/tst-race/raceboat/tree/documentation Raceboat source code * https://github.com/v2fly/v2ray-core/discussions/3096 * V2Ray has received a security audit from 7ASecurity * https://www.opentech.fund/security-safety-audits/v2ray-security-audit/ == Reading group == * We will discuss "" on * Questions to ask and goals to have: * What aspects of the paper are questionable? * Are there immediate actions we can take based on this work? * Are there long-term actions we can take based on this work? * Is there future work that we want to call out in hopes that others will pick it up? == Updates == Name: This week: - What you worked on this week. Next week: - What you are planning to work on next week. Help with: - Something you need help with. cecylia (cohosh): 2024-06-27 Last week: - snowflake-webext updates - reviewed mv3 prototype - helped onyinyang on rebasing and debugging wasm-bindgen - worked on squashing Conjure PT into lyrebird - https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/lyre… - https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/conj… This week: - take a look at snowflake web and webext translations and best practices - make changes to Lox encrypted bridge table - https://gitlab.torproject.org/tpo/anti-censorship/lox/-/merge_requests/147 Needs help with: dcf: 2024-07-11 Last week: - snowflake azure CDN bookkeeping https://gitlab.torproject.org/tpo/anti-censorship/team/-/wikis/Snowflake-co… Next week: - review snowflake unreliable+unordered data channels rev2 https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… - open issue to have snowflake-client log whenever KCPInErrors is nonzero https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… - parent: https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… - open issue to disable /debug endpoint on snowflake broker - move snowflake-02 to new VM Help with: - tell me when to restart the brokers for https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… meskio: 2023-07-25 Last week: - investigate what builtin bridges are offline and contact operators (team#141) - work on Sponsor 96 final report - ignore dots on emails on the email distributor (rdsys#208) Next week: - check if lyrebird reduces size removing old PTs (lyrebird#40016) Shelikhoo: 2024-07-25 Last Week: - Chrome Manifest V3 transition: https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… - Merge request review - S96 Report Response to feedback - Merge request reviews Next Week/TODO: - Merge request reviews - Chrome Manifest V3 transition: https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… onyinyang: 2023-07-25 Last week(s): - FOCI/PETS online - Working on tor-browser integration with updated lox-wasm binary: - switched back to building modules and using them with a downloaded Tor browser - tor-browser-build was mixing up inputs for one function which caused the module to error at load time, flipping them seems to have fixed the error - updating Lox module for key rotation logic - Identified that the lastPassed variable is not working as expected for Lox: https://gitlab.torproject.org/tpo/anti-censorship/rdsys/-/issues/209 and is probably the reason behind this issue: https://gitlab.torproject.org/tpo/anti-censorship/lox/-/milestones/1#tab-is… Next week: - continue with key rotation integration work - fix lastPassed issue in rdsys (or lox if the rdsys fix is too complicated) - Work on outstanding milestone issues: in particular: https://gitlab.torproject.org/tpo/anti-censorship/lox/-/issues/69 - key rotation automation Later: - begin implementing some preliminary user feedback mechanism to identify bridge blocking based on Vecna's work - improve metrics collection/think about how to show Lox is working/valuable - sketch out Lox blog post/usage notes for forum (long term things were discussed at the meeting!): https://pad.riseup.net/p/tor-ac-community-azaleas-room-keep - brainstorming grouping strategies for Lox buckets (of bridges) and gathering context on how types of bridges are distributed/use in practice Question: What makes a bridge usable for a given user, and how can we encode that to best ensure we're getting the most appropriate resources to people? 1. Are there some obvious grouping strategies that we can already consider? e.g., by PT, by bandwidth (lower bandwidth bridges sacrificed to open-invitation buckets?), by locale (to be matched with a requesting user's geoip or something?) 2. Does it make sense to group 3 bridges/bucket, so trusted users have access to 3 bridges (and untrusted users have access to 1)? More? Less? theodorsm: 2023-07-11 Last weeks: - Completed my master thesis (https://theodorsm.net/thesis) - Had some time off Next weeks: - Wait for pion upstream releases - Test Snowflake fork with covert-dtls - Condensing thesis into paper Help with: - Feedback on thesis Facilitator Queue: shelikhoo onyinyang meskio 1. First available staff in the Facilitator Queue will be the facilitator for the meeting 2. After facilitating the meeting, the facilitator will be moved to the tail of the queue -- meskio | https://meskio.net/ -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- My contact info: https://meskio.net/crypto.txt -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Nos vamos a Croatan.

1 0

Anti-censorship team meeting notes, 2024-07-11
by onyinyang 11 Jul '24

11 Jul '24

Hey everyone! Here are our meeting logs: http://meetbot.debian.net/tor-meeting/2024/tor-meeting.2024-07-11-16.00.html And our meeting pad: Anti-censorship work meeting pad -------------------------------- Anti-censorship -------------------------------- Next meeting: Thursday, July 25 16:00 UTC Facilitator: meskio ^^^(See Facilitator Queue at tail) Weekly meetings, every Thursday at 16:00 UTC, in #tor-meeting at OFTC (channel is logged while meetings are in progress) This week's Facilitator: onyinyang == Goal of this meeting == Weekly check-in about the status of anti-censorship work at Tor. Coordinate collaboration between people/teams on anti-censorship at the Tor Project and Tor community. == Links to Useful documents == * Our anti-censorship roadmap: * Roadmap:https://gitlab.torproject.org/groups/tpo/anti-censorship/-/boards * The anti-censorship team's wiki page: * https://gitlab.torproject.org/tpo/anti-censorship/team/-/wikis/home * Past meeting notes can be found at: * https://lists.torproject.org/pipermail/tor-project/ * Tickets that need reviews: from sponsors, we are working on: * All needs review tickets: * https://gitlab.torproject.org/groups/tpo/anti-censorship/-/merge_requests?s… * Sponsor 96 <-- meskio, shell, onyinyang, cohosh * https://gitlab.torproject.org/groups/tpo/-/milestones/24 * Sponsor 150 <-- meskio working on it * https://gitlab.torproject.org/groups/tpo/anti-censorship/-/issues/?label_na… == Announcements == * No meeting next week July 18, people are at PETS. == Discussion == - Censorship in Russia: - Apple blocking apps in Russia: https://github.com/net4people/bbs/issues/377 - Some fake Tor apps were affected too: https://applecensorship.com/app-store-monitor/test/Onion%20Browser - Tor bridges issue: https://ntc.party/t/%D0%B1%D0%BB%D0%BE%D0%BA%D0%B8%D1%80%D0%BE%D0%B2%D0%BA%… - Some tor web mirrors were blocked too - ticket discussing this ongoing situation in censorship-analysis: https://gitlab.torproject.org/tpo/anti-censorship/censorship-analysis/-/iss… == Actions == == Interesting links == * https://theodorsm.net/thesis * "Reducing distinguishability of DTLS for usage in Snowflake" Master thesis by Theodor Signebøen Midtlien (theodorsm) https://theodorsm.net/thesis * will be condensed into a paper in the near future which we will discuss in a reading group * https://forum.torproject.org/t/snowflake-daily-operations-june-2024-update/… == Reading group == * We will discuss "" on * Questions to ask and goals to have: * What aspects of the paper are questionable? * Are there immediate actions we can take based on this work? * Are there long-term actions we can take based on this work? * Is there future work that we want to call out in hopes that others will pick it up? == Updates == Name: This week: - What you worked on this week. Next week: - What you are planning to work on next week. Help with: - Something you need help with. cecylia (cohosh): 2024-06-27 Last week: - snowflake-webext updates - reviewed mv3 prototype - helped onyinyang on rebasing and debugging wasm-bindgen - worked on squashing Conjure PT into lyrebird - https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/lyre… - https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/conj… This week: - take a look at snowflake web and webext translations and best practices - make changes to Lox encrypted bridge table - https://gitlab.torproject.org/tpo/anti-censorship/lox/-/merge_requests/147 Needs help with: dcf: 2024-07-11 Last week: - commented on news report of Chinese involvement in VPN blocking in Myanmar https://gitlab.torproject.org/tpo/anti-censorship/censorship-analysis/-/iss… - archived snowflake-webextension-0.8.4 https://archive.org/details/snowflake-webextension-0.8.4 - upgraded OpenSSH on snowflake-02 for CVE-2024-6387 - opened an issue for pluggable transport `STATUS TYPE=version` message incompatibility with Arti https://gitlab.torproject.org/tpo/core/arti/-/issues/1488 Next week: - review snowflake unreliable+unordered data channels rev2 https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… - open issue to have snowflake-client log whenever KCPInErrors is nonzero https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… - parent: https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… - open issue to disable /debug endpoint on snowflake broker - move snowflake-02 to new VM Help with: - tell me when to restart the brokers for https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… meskio: 2023-06-11 Last week: - fix snowflake test issue double registering metrics (snowflake#40367) - report other PT versions to tor (snowflake, webtunnel) - investigate bridgestrap failures and why all bridges are dysfunciontal, it was a regression using an old tor version - write S96 final report - test lyrebird issue reporting the version (lyrebird#40018) Next week: - investigate what builtin bridges are offline (team#141) Shelikhoo: 2024-07-11 Last Week: - Chrome Manifest V3 transition: https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… - Vantage point maintaince - Merge request review - S96 Report screening - Merge request reviews Next Week/TODO: - Merge request reviews - Chrome Manifest V3 transition: https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… onyinyang: 2023-07-11 Last week(s): - Global Gathering Application - Fixed Key Rotation MR for hyper v1 - Working toward building tor-browser with lox-wasm binary to help out with integration work as needed: resolve build issues on Fedora - switched to building modules and using them with a downloaded Tor browser - ran into this and tried to fix it to no avail (so far) https://gitlab.torproject.org/tpo/anti-censorship/lox/-/issues/71 - attempted to build tor-browser on ubuntu 24.04 but ran into other issues: https://bugzilla.mozilla.org/show_bug.cgi?id=1907294 Next week: - - Work on outstanding milestone issues: https://gitlab.torproject.org/tpo/anti-censorship/lox/-/milestones/1#tab-is… in particular: https://gitlab.torproject.org/tpo/anti-censorship/lox/-/issues/69 and key rotation automation - after this bug fix is merged: https://gitlab.torproject.org/tpo/applications/tor-browser/-/merge_requests… continue with wasm-bindgen rebase fixes and updating lox for browser integration in order to prepare for end to end testing of the Lox system with browser integration Later: - begin implementing some preliminary user feedback mechanism to identify bridge blocking based on Vecna's work - improve metrics collection/think about how to show Lox is working/valuable - sketch out Lox blog post/usage notes for forum (long term things were discussed at the meeting!): https://pad.riseup.net/p/tor-ac-community-azaleas-room-keep - brainstorming grouping strategies for Lox buckets (of bridges) and gathering context on how types of bridges are distributed/use in practice Question: What makes a bridge usable for a given user, and how can we encode that to best ensure we're getting the most appropriate resources to people? 1. Are there some obvious grouping strategies that we can already consider? e.g., by PT, by bandwidth (lower bandwidth bridges sacrificed to open-invitation buckets?), by locale (to be matched with a requesting user's geoip or something?) 2. Does it make sense to group 3 bridges/bucket, so trusted users have access to 3 bridges (and untrusted users have access to 1)? More? Less? theodorsm: 2023-07-11 Last weeks: - Completed my master thesis (https://theodorsm.net/thesis) - Had some time off Next weeks: - Wait for pion upstream releases - Test Snowflake fork with covert-dtls - Condensing thesis into paper Help with: - Feedback on thesis Facilitator Queue: onyinyang meskio shelikhoo 1. First available staff in the Facilitator Queue will be the facilitator for the meeting 2. After facilitating the meeting, the facilitator will be moved to the tail of the queue -- --- onyinyang GPG Fingerprint 3CC3 F8CC E9D0 A92F A108 38EF 156A 6435 430C 2036

1 0