- tor-project - lists.torproject.org

OONI Monthly Report: July 2024
by Maria Xynou 06 Sep '24

06 Sep '24

Hello, This email shares OONI's monthly report for July 2024. *# OONI Monthly Report: July 2024* Throughout July 2024, the OONI team’s work can be tracked through the various OONI GitHub repositories: https://github.com/ooni Highlights are shared in this report below. *## New partnership with Indonesia’s Southeast Asia Freedom of Expression Network (SAFEnet)* In July 2024, we established a new partnership with Indonesia’s Southeast Asia Freedom of Expression Network (SAFEnet): https://safenet.or.id/ We published a page to feature SAFEnet’s work on our Partner pages: https://ooni.org/partners/safenet/ Through our partnership with SAFEnet, we aim to collaborate on measuring internet censorship in Indonesia. *## Publication of OONI Partner Gathering 2024 Report* We published a report on the OONI Partner Gathering 2024: a 2-day event hosted in Kuala Lumpur, Malaysia, which brought our partners from Asia and the Middle East together to exchange skills and knowledge on internet censorship research. Read the report here: https://ooni.org/post/2024-ooni-partner-gathering-report/ In May 2024, we hosted the OONI Partner Gathering with the goal of strengthening regional and global collaborations on censorship measurement research and advocacy. The event included 45 individuals from 30 countries. Specifically, the participants included OONI partners from Southeast Asia, South Asia, East Asia, Central Asia, and the Middle East, some OONI partners who work internationally, as well as the OONI team. Why Malaysia? We developed a script which identified Malaysia as a visa-friendly location for our participants. We also loved the fact that this data finding coincided with the base of our long-term partner, Sinar Project! Based on partner feedback which shaped the agenda, the OONI Partner Gathering included a diverse set of 25 censorship-related sessions -- ranging from advocacy and litigation to research and data analysis. View the detailed Agenda here: https://ooni.org/documents/OONI-Partner-Gathering-Agenda.pdf As part of the event, we had the opportunity to exchange experiences, skills and knowledge, to improve our understanding of local challenges and community needs, and to collect invaluable feedback. We have documented the partner feedback here: https://ooni.org/post/2024-ooni-partner-gathering-report/#partner-feedback We expect such feedback to inform the improvement of OONI tools! As an outcome of the OONI Partner Gathering, we also expect to see increased use of OONI tools & data in support of research and advocacy over the next years! We share more details on the outcomes of the event here: https://ooni.org/post/2024-ooni-partner-gathering-report/#outcomes Huge thanks to our partners for their invaluable feedback and participation! You made the event an unforgettable experience for us all. Warm thanks to the Ford Foundation and Luminate for supporting the OONI Partner Gathering 2024 and making this event possible! We aim to host additional OONI Partner Gathering events for our partners in Africa and Latin America over the next few years. *## Published new reports on the OONI Censorship Findings page### Report on the blocking of Al Jazeera in Israel* On 4th July 2024, we published a report on the blocking of Al Jazeera in Israel: https://explorer.ooni.org/findings/62771144901 This report shares relevant OONI data and an interpretation of the measurement findings. *### Report on the blocking of Facebook in Bangladesh* On 18th July 2024, we published a report on the blocking of Facebook in Bangladesh amid student protests: https://explorer.ooni.org/findings/45013413801 This report shares relevant OONI data and an interpretation of the measurement findings. *### Report on the blocking of DuckDuckGo in Indonesia* On 30th July 2024, we published a report on the blocking of the DuckDuckGo search engine in Indonesia: https://explorer.ooni.org/findings/282511010901 This report shares relevant OONI data and an interpretation of the measurement findings. *## Release of the OONI Test Lists Editor in 9 languages* In July 2024, we released our Test Lists Editor ( https://test-lists.ooni.org/) in 9 new languages: Arabic, Burmese, French, German, Khmer, Portuguese, Russian, Spanish, and Turkish. By adding such localization support to the Test Lists Editor, many more community members around the world can now more easily contribute to websites for censorship testing. We thank the Localization Lab community ( https://www.localizationlab.org/) for the translations! *## OONI Probe Mobile* Building on our proof of concept that we worked on in previous months, we took the next step in our multi-platform project. The goal of this is to unify how we build our applications across mobile and desktop to make it more efficient for us to build and maintain them. We will start with focusing on our Android and iOS applications first. You can see our repository for this work here: https://github.com/ooni/probe-multiplatform/issues The specific tasks we started include: * Building up a project backlog; * Working on tooling and instrumentation set up ( https://github.com/ooni/probe-multiplatform/pulls?q=is%3Apr+is%3Aclosed+) * Iterating on PoC to finalize approaches for specific features ( https://github.com/ooni/ooni.org/issues/1535) We also fixed a crash reported by the community https://github.com/ooni/probe/issues/2750 *## OONI Run* As part of our work on creating the next generation version of OONI Run (“OONI Run v2”), we continued our efforts with QA testing for the Android version of the new OONI Probe app that will include both an improved UI and support for new OONI Run links. We addressed several bugs and UI improvements: https://github.com/ooni/probe/issues/2756 We also took steps to ensure that OONI Run v2 links would also work on iOS, since we are prioritizing releasing OONI Run v2 on Android first: https://github.com/ooni/run/issues/182 In preparation for the upcoming launch of OONI Run v2, we edited the copy in the strings for the OONI Run v2 web interface, as well as the copy in the new strings for OONI Probe Mobile. We also tested OONI Run v2 extensively. *## OONI Design System* We wrapped up the changes required to migrate from Styled System to TailwindCSS. The changes included removing a lot of redundant components and replacing them with utility classes instead, and replacing old styles with tailwind utility classes for the remaining components: https://github.com/ooni/design-system/pull/175 *## OONI Explorer* We fully integrated the updated ooni-components (design system implementation), we fully removed redundant components (replaced with TailwindCSS utility classes), and we replaced Styled Components with TailwindCSS styling: https://github.com/ooni/explorer/pull/947 *## Automating censorship detection and characterization based on OONI measurements* In July 2024, OONI’s Arturo visited the Oxford Internet Institute – with whom we have a research collaboration (https://ooni.org/partners/glitch/) – to exchange knowledge and ideas with researchers on advancing OONI’s data analysis techniques. This led to exploring some other approaches in terms of analyzing OONI data through Bayesian network based techniques ( https://github.com/ooni/data/issues/84) and we worked on these techniques throughout August 2024. We also made progress on getting the OONI data pipeline ready for a production deployment. Specifically, we: * Added support for running the temporal workflows in temporal cloud: https://github.com/ooni/data/issues/78 * Fixed a bug related to parsing the new network_events data format, which was affecting our ability to process web_connectivity 0.5 and tor tests: https://github.com/ooni/data/issues/80 * Implemented several other code quality improvements: https://github.com/ooni/data/pull/79 *## OONI Backend* We worked on porting the OONI Findings API to our new pattern, as well as migrating it to Postgresql. Additionally, we got started on porting the Measurements API to the new pattern: https://github.com/ooni/backend/pull/862 https://github.com/ooni/backend/issues/814 We worked on setting up integration tests for a framework to allow us to A/B test our improved APIs more effectively ( https://github.com/ooni/backend/issues/856) We finalized our CloudHSM set up for managing certificates related to our desktop application ( https://github.com/ooni/devops/issues/55) We also shut down unneeded droplets we weren’t using on DigitalOcean ( https://github.com/ooni/devops/issues/64) *## Hiring process for OONI Junior Backend Developer job opening* Throughout July 2024, we reviewed applications submitted for our OONI Junior Backend Developer job opening ( https://ooni.org/post/2024-job-opening-ooni-backend-developer/) As part of this process, we tracked applications, followed up with applicants, and interviewed shortlisted candidates. *## Research report on internet censorship in Kazakhstan* Based on the analysis of OONI measurements ( https://github.com/ooni/backend/issues/846) we worked on writing a research report on internet censorship in Kazakhstan. We worked on this research report in collaboration with our partner, Internet Freedom Kazakhstan (https://ooni.org/partners/ifkz) Throughout July 2024, we completed the necessary research and writing of all sections of the research report. We aim to publish this research report in September 2024. ## Published designed PDFs for research reports on internet censorship in Russia and Iran Thanks to support from the Open Technology Fund (OTF) User Experience & Discovery Lab (UXD Lab), Ura Design (https://ura.design/) created designed PDFs for two of our research reports: Technical multi-stakeholder report on Internet shutdowns: The case of Iran amid autumn 2022 protests: https://ooni.org/documents/OONI-Iran-multi-stakeholder-report.pdf New blocks emerge in Russia amid war in Ukraine: An OONI network measurement analysis: https://ooni.org/documents/OONI-Report-New-blocks-emerge-in-Russia-amid-war… By designing PDF copies of the above 2 research reports, Ura Design helped ease the accessibility of the findings and support their dissemination and long-term impact. We therefore thank Ura Design and the OTF for these designs! *## Community use of OONI data* *### FOCI 2024 paper on automated DNS tampering detection using machine learning* A FOCI 2024 paper was published which applies supervised and unsupervised models to recent global DNS measurement data collected by OONI. This paper is available here: https://www.petsymposium.org/foci/2024/foci-2024-0008.pdf *### Other OONI citations in FOCI 2024 papers* OONI was also cited in the following FOCI 2024 papers: https://www.petsymposium.org/foci/2024/foci-2024-0007.pdf https://www.petsymposium.org/foci/2024/foci-2024-0006.pdf https://www.petsymposium.org/foci/2024/foci-2024-0012.pdf *### Tehran E-Commerce Association Report* In July 2024, the Tehran E-Commerce Association published a report on the “Quality of Internet in Iran”, which makes use of OONI data. Their report is available here: https://etchamber.ir/wp-content/uploads/2024/07/Internet-Quality-Report-v3.… *### News article by Bangladesh’s Prothom Alo on the Facebook block* Bangladesh’s Prothom Alo media outlet published a news article on the blocking of Facebook in Bangladesh, citing OONI data. Their article is available here: https://www.prothomalo.com/bangladesh/h4uzv1zi9f *## Community activities### FOCI 2024* On 15th July 2024, OONI’s Arturo attended the Free and Open Communications on the Internet (FOCI) 2024 Summer Workshop in Bristol, UK ( https://foci.community/foci24.html#2024-summer-program) The event included the presentation of numerous academic papers on internet censorship research, including some that cite OONI data (as mentioned previously). As part of his participation, Arturo served as the session chair for the sessions on “Censorship Circumvention Strategies”. He also generally serves on the FOCI Program Committee. *### OONI Community Meeting* On 30th July 2024, we hosted the monthly OONI Community Meeting on our Slack channel (https://slack.ooni.org/) As part of this meeting, we discussed the outcomes of the OONI Partner Gathering 2024 and the possibility of hosting similar sessions online for the broader OONI community. We also discussed plans for OONI’s new Social Media Censorship Alert System, research based on OONI data, and how to contribute fingerprints for censorship detection. *## Measurement coverage* In July 2024, 58,294,513 OONI Probe measurements were collected from 2,996 networks in 173 countries around the world. This information can also be found through our measurement stats on OONI Explorer (see chart on “monthly coverage worldwide”): https://explorer.ooni.org/ ~ OONI team.

1 0

OONI Monthly Report: June 2024
by Maria Xynou 06 Sep '24

06 Sep '24

Hello, This email shares OONI's monthly report for June 2024. *# OONI Monthly Report: June 2024* Throughout June 2024, the OONI team’s work can be tracked through the various OONI GitHub repositories: https://github.com/ooni Highlights are shared in this report below. *## Published Job Opening for OONI Junior Backend Developer* In June 2024, we published a new job opening for a Junior Backend Developer: https://ooni.org/post/2024-job-opening-ooni-backend-developer/ We are looking for a dedicated backend developer to join our team to work on our backend components and infrastructure, and to provide OONI data analysis support for our research efforts. Following the publication of the job opening, we started to receive many applications and we allocated team resources towards reviewing incoming applications. *## Published OONI Community Interview with Tawanda Mugari (Digital Society of Africa)* In June 2024, we published a new OONI Community Interview with Tawanda Mugari, the Co-Founder and Geek in Chief of Digital Society of Africa ( https://digitalsociety.africa/) You can watch Tawanda’s interview and learn about his work here: https://ooni.org/post/2024-interview-with-tawanda-mugari/ Through the OONI Community Interview series, we aim to share the amazing work of our partners, highlighting the different ways through which they make use of OONI tools and data. You can find more OONI Community Interviews through our YouTube channel: https://www.youtube.com/watch?v=Pam2UQoZ1qM&list=PL1sH9kYR-16nlPlFT-RDBs8O0… *## OONI Probe Mobile* In June 2024, we released OONI Probe 3.8.8 on Android ( https://github.com/ooni/probe-android/releases/tag/v3.8.8) and iOS ( https://github.com/ooni/probe-ios/releases/tag/v3.8.8) We also released version 3.8.8 of the News Media Scan app, which included support for OONI Run V2 functionality so that Deutsche Welle can maintain their list of test URLs. We also worked on fixing the following bugs on OONI Probe iOS: https://github.com/ooni/probe/issues/2710 https://github.com/ooni/probe/issues/2744 *## OONI Run* After completing the work for the News Media Scan app, we turned our attention back to our implementation of OONI Run v2. We started working on the iOS implementation of the new dashboard view: https://github.com/ooni/ooni.org/issues/1512 https://github.com/ooni/ooni.org/issues/1516 https://github.com/ooni/ooni.org/issues/1514 We also fixed the following bugs and addressed feedback during our internal beta testing round: https://github.com/ooni/run/issues/180 https://github.com/ooni/probe/issues/2756 Additionally, we discussed how we want to handle backwards compatibility for v1 OONI Run links, once we launch v2. We decided that v1 links will have an intermediary page before launching the mobile application which will encourage users to migrate to v2 before a specific date ( https://github.com/ooni/run/issues/183) *## OONI Probe CLI* Notably, we merged the OpenVN experiment, implemented by Ain Ghazal as part of their OTF ICFP fellowship with us: https://github.com/ooni/probe-cli/pull/1585 This experiment allows OONI Probe users to measure OpenVPN blocking. Further information about the experiment is available in the specification: https://github.com/ooni/spec/blob/master/nettests/ts-040-openvpn.md *## Creating a methodology for measuring throttling* We revised our plan for performing the A/B testing to make sure that Web Connectivity v0.5 produces the same results as v0.4 in terms of top-level metrics (i.e., the “blocked” and “accessible” values and the resulting colors shown by OONI Explorer). Between 11th to 13th June 2024, we traveled to Atlanta, USA, to participate in the first Open Measurement Gathering: a 3-day event (hosted at Georgia Tech) that brought the OONI, IODA, Censored Planet, M-Lab and Cloudflare Radar teams together to share skills, knowledge, and methods on network measurement. As part of this event, we co-facilitated a session with IODA on “Existing and new methods for measuring throttling”. During this session, we shared details of our methods, and learned details of the new methods that IODA are developing for measuring cases of throttling. While our approaches and methods for measuring throttling are very different (and look at different types of throttling), they are very complementary, and we identified opportunities for future collaboration. *## Expanding OONI’s testing model to support richer testing input* We have successfully expanded our testing model to support richer testing input: https://github.com/ooni/probe-cli/pulls?q=label%3A2024-06-richer-input+is%3… In June 2024, we refactored the OONI Probe engine to improve its internal representation of richer input and to enable each experiment to define its own richer testing input structure ( https://github.com/ooni/probe-cli/pull/1615) This refactoring change enabled us to reduce the entailed complexity by moving richer testing input around. In turn, this lower complexity enabled us to read richer testing input from experiment-specific APIs, as well as from OONI Run v2 descriptors. We merged the OpenVPN experiment (developed by Ain Ghazal as part of their ICFP fellowship with OONI) with full support for using richer testing input (https://github.com/ooni/probe-cli/pull/1585) We also published a document which provides details of our design choices for supporting richer testing input, the refactoring of the OONI Probe engine to enable richer testing input, our implementation of richer testing input through the OpenVPN experiment, as well as our implementation of other related improvements. This document also lists next steps for potential future work: https://github.com/ooni/probe-cli/blob/master/docs/design/dd-008-richer-inp… *## OONI Explorer* As part of the effort to update our design system implementation, we updated most of the components to use Tailwind CSS (instead of previously used styled-system and styled-components): https://github.com/ooni/explorer/pull/947 *## General backend work* We added IPv6 support to ooni-backendproxy and other AWS based deployments, allowing us to migrate DigitalOcean-based test helpers to the new deployment strategy: https://github.com/ooni/devops/pull/61 *## Automating censorship detection and characterization based on OONI measurements* Notably, we merged a large area of work related to: Optimizing the performance of the table writers for observations; Refactoring of the observation data model. Details on what was done are available through the following pull request description: https://github.com/ooni/data/pull/74 Between 11th to 13th June 2024, we also presented and shared our new pipeline (https://github.com/ooni/data) and data analysis advancements with internet measurement experts as part of our participation at the Open Measurement Gathering in Atlanta, USA. This enabled us to gather feedback from experts working on similar problems (such as Censored Planet). Quite similarly, we continued to collect feedback for the improvement of our data analysis methods through meetings with internet measurement experts at the Oxford Internet Institute. *## Data analysis for upcoming research report* As part of an upcoming research report on internet censorship in Kazakhstan, we analyzed OONI measurements collected from Kazakhstan over the past year. We completed this data analysis in June 2024, and further details about the analysis are available here: https://github.com/ooni/backend/issues/846 *## Test list updates* In response to the adoption of an LGBT propaganda law in Georgia, we updated the Georgian test list to include the websites of LGBTQ+ organizations: https://github.com/citizenlab/test-lists/pull/1739 Based on the statement of the Russian Ministry of Foreign Affairs ( https://www.mid.ru/ru/foreign_policy/news/1959391/) we added 80 foreign news media websites (whose services were suspended in Russia) to the Russian test list: https://github.com/citizenlab/test-lists/pull/1744 We also reviewed and merged community contributions to the following test lists: * Vietnam, Malaysia: https://github.com/citizenlab/test-lists/pull/1745 * Belarus: https://github.com/citizenlab/test-lists/pull/1738 * South Korea: https://github.com/citizenlab/test-lists/pull/1700 * Brazil: https://github.com/citizenlab/test-lists/pull/1701 * Cambodia: https://github.com/citizenlab/test-lists/pull/1699 * Slovenia: https://github.com/citizenlab/test-lists/pull/1697 * Other: https://github.com/citizenlab/test-lists/pull/1705 *## Call for LGBTQ website testing during Pride Month* LGBTQ websites are blocked in many countries around the world. Similarly to previous years, we made a call to action to encourage the OONI Probe testing of LGBTQ websites during Pride Month (and beyond) through our social media channels: https://x.com/OpenObservatory/status/1806284856998936597, https://mastodon.social/@ooni/112688417530827272 The threads through the above links: * Include a call for OONI Probe testing of LGBTQ websites (which we previously collected in collaboration with OutRight International); * Encourage people to contribute LGBTQ websites for ongoing monitoring/testing through our Test Lists Editor; * Share our previous reports documenting the blocking of LGBTQ websites based on OONI data; * Share links for ongoing OONI Probe testing and for monitoring the blocking of LGBTQ websites worldwide based on real-time OONI data. *## Outreach Kit with new illustrations* In June 2024, we updated the materials of the OONI Outreach Kit with the new illustrations created by Ura Design: https://github.com/ooni/ooni.org/pull/1569 *## Community use of OONI data### ISOC Pulse blog post on internet disruptions in Kenya* In June 2024, ISOC published a blog post documenting the internet disruptions in Kenya amid protests: https://pulse.internetsociety.org/blog/kenya-internet-disrupted-amidst-prot… Their blog post cites OONI data, includes OONI data charts and encourages readers in Kenya to run OONI Probe to contribute more measurements. *## Community activities### Ford Foundation Retreat* Between 3rd-5th June 2024, OONI’s Maria attended the Ford Foundation Tech & Society Retreat in Nebraska City, USA. As part of her participation, Maria co-facilitated a session on partner engagement, and facilitated a session which provided a live demo on using OONI Explorer to investigate internet censorship. *### Open Measurement Gathering* Between 11th-13th June 2024, OONI’s Jessie, Maria, Maja, and Simone traveled to Atlanta, USA, to participate in the first Open Measurement Gathering (OMG): a 3-day event which brought internet measurement projects together to exchange skills and knowledge on measuring and reporting on internet censorship globally ( https://x.com/OpenObservatory/status/1803734336300032218) This event was hosted by IODA at Georgia Tech, organized in collaboration with M-Lab, and supported by the Open Technology Fund. The participants included team members from the following organizations/projects: IODA, M-Lab, Censored Planet, Cloudflare, and OONI. As part of our participation in this event, we: * Presented OONI’s measurement methodologies and tools (“OONI Measurement 101” session); * Presented OONI’s open dataset and methods for interpreting the data (“OONI Data Dive” session); * Co-facilitated a session on methodologies for measuring cases of throttling; * Facilitated a session on strengthening collaboration on research and reporting on internet censorship. We thank the Open Technology Fund for supporting this event, and we thank IODA, M-Lab, Censored Planet and Cloudflare for the valuable insights and discussions! *### OONI Partner Quarterly Meeting* On 25th June 2024, we hosted the first OONI Partner Quarterly Meeting (a private video meeting with our partners) to gather feedback and discuss the future of the Partnership Program with the OONI Partner Network. During the call, we agreed to host similar calls every quarter to share updates from the community, share OONI updates, and to discuss partner needs. *### OONI Community Meeting* On 25th June 2024, we hosted the monthly OONI Community Meeting on our Slack channel (https://slack.ooni.org/) As part of this meeting, we gathered feedback from the community on the structure of OONI’s documentation and received a request to update the structure of the community documents and educational materials. We also discussed the possibility of hosting open training sessions for the OONI community. *## Measurement coverage* In June 2024, 54,898,348 OONI Probe measurements were collected from 2,825 networks in 173 countries around the world. This information can also be found through our measurement stats on OONI Explorer (see chart on “monthly coverage worldwide”): https://explorer.ooni.org/ ~ OONI team.

1 0

OONI Monthly Report: May 2024
by Maria Xynou 06 Sep '24

06 Sep '24

Hello, This email shares OONI's monthly report for May 2024. *# OONI Monthly Report: May 2024* Throughout May 2024, the OONI team’s work can be tracked through the various OONI GitHub repositories: https://github.com/ooni Highlights are shared in this report below. *## Hosted the OONI Partner Gathering 2024 in Malaysia* On 8th and 9th May 2024, we hosted an in-person OONI Partner Gathering 2024 in Kuala Lumpur, Malaysia. As part of this 2-day event, we brought our partners (primarily from Asia and the Middle East) together to exchange skills and knowledge on internet censorship research. The goal of the event was to strengthen global and regional collaborations on censorship measurement research and advocacy. The OONI Partner Gathering 2024 brought together 45 individuals from 30 countries. Specifically, the participants included OONI partners from Southeast Asia, South Asia, East Asia, Central Asia, and the Middle East ( https://ooni.org/partners) some OONI partners who work internationally, as well as the whole OONI team. The event was possible thanks to generous support from the Ford Foundation (https://www.fordfoundation.org/) and Luminate (https://www.luminategroup.com/) As part of the OONI Partner Gathering 2024, we had the following objectives: * Exchange skills, knowledge, and methodologies to empower community participation in censorship measurement research and advocacy; * Better understand local challenges and develop strategies for improving censorship measurement research around the world; * Better understand partner/community needs; * Collect community feedback to support the improvement of OONI tools and methodologies; * Strengthen partnerships and strategically define goals and priorities on the study of internet censorship in collaboration with partners. The ultimate goal of the OONI Partner Gathering 2024 was to strengthen the OONI partnership network to help ensure that internet censorship is well-documented and rapidly addressed so that the world’s most at-risk individuals – human rights defenders, journalists, activists, and marginalized people in repressive environments — have consistent and open access to the internet. The agenda included a mixture of skill-share sessions, presentations, hands-on exercises, and interactive group discussions. We included a variety of parallel sessions to accommodate more sessions in the agenda, and to encourage more active participation in smaller group discussions. To provide space for discussions on ideas and needs that may emerge during the event, we also included a slot for “unconference” style sessions. Overall, the two-day OONI Partner Gathering 2024 event included 25 sessions, 20 of which were part of the official agenda, while 5 were proposed and facilitated by participants as part of the “unconference” session slots. The sessions were facilitated by both the OONI team and our partners. Notably, 9 sessions (from the official agenda) were facilitated by 11 of our partners, who provided amazing presentations sharing their work! We thank all those who facilitated sessions and participated in note-taking, helping to ensure a dynamic, inclusive, interesting, and well-documented event. To help ensure a safe, inclusive, and welcoming environment for all participants of the OONI Partner Gathering 2024, we shared the event’s Code of Conduct (CoC) with all participants prior to the event, and we set up an Incident Response Committee (composed of two partners and two OONI team members). No CoC violations were reported. The main outcomes of the OONI Partner Gathering 2024 include: * *Deeper understanding of regional challenges and partner needs. *Throughout the sessions of the OONI Partner Gathering, we gained deeper insight into the challenges experienced by our partners. Specifically, we mapped out current and emerging digital rights threats, the challenges that our partners experience in measuring internet censorship in their countries and regions, and we gained a deeper understanding of our partners’ needs. This insight will help with informing the improvement of OONI tools, as well as with informing opportunities for collaboration, shared strategies, and future goals. * *Collection of partner feedback.* OONI tools and methods have always been informed by community feedback. Based on the documentation of partner feedback, we will improve upon our tools, methodologies, and dataset to better meet the needs of our community. We may also create new tools based on partner feedback to support censorship measurement efforts. * *Increased partner ability to lead censorship measurement efforts in their countries/regions. *Through skillshares and knowledge-shares at the event, our partners gained an improved understanding of how to use OONI tools and data. This will support their community engagement activities, expanding OONI censorship measurement coverage and the documentation of censorship events. As an outcome of their participation at the OONI Partner Gathering 2024, we expect to see our partners make greater use of OONI tools and data in support of their research and advocacy efforts. * *Strengthened partnerships.* This was the first time that we met many of our partners in person, as the COVID-19 pandemic over the last years had reduced this opportunity. As a result of sharing knowledge, skills, and meals together, we now have stronger partnerships. The challenges and needs (as identified through sessions facilitated at the OONI Partner Gathering) will inform (many of) the goals and priorities of OONI partnerships moving forward. * *New partnerships.* We strategically invited a few (regional) organizations to the OONI Partner Gathering with whom we hadn’t established a partnership (yet), but with whom we hoped to formalize a partnership given our mission alignment and the impact of their work. One of these organizations was Indonesia’s SAFEnet (who are known for having successfully litigated and advocated against the 2019 Internet shutdown in Indonesia), with whom we established a partnership in July 2024. We are also currently in the process of discussing and formalizing partnerships with prominent digital rights organizations in Central Asia. Moreover, our partners had the opportunity to learn from each other during the event and to explore opportunities for new collaborations between them. As a result of the above, we expect to see increased use of OONI tools and data in support of research and advocacy efforts aimed at monitoring and responding to censorship events in Asia and the Middle East over the next few years. At the Closing Ceremony of the event, all participants received a certificate for their participation at the OONI Partner Gathering 2024. Following the OONI Partner Gathering 2024, we shared a survey with all participants to collect their feedback on the event and to learn how we can improve future events. As part of this survey, we collected very positive feedback and participants provided a very positive evaluation of the event. Further details are available through our OONI Partner Gathering 2024 Report: https://ooni.org/post/2024-ooni-partner-gathering-report/ We thank all participants who took time out of their busy schedules to fly across the world to join us in Kuala Lumpur for the OONI Partner Gathering 2024. Thanks to their invaluable feedback and participation, they made the event an unforgettable experience for us all. We also thank the Ford Foundation and Luminate for supporting the OONI Partner Gathering 2024, believing in our mission, and making this event possible! *## OONI Team Meeting 2024 in Malaysia* Following the OONI Partner Gathering 2024 (which brought together the whole OONI team), we hosted an OONI Team Meeting Day on 10th May 2024 in Kuala Lumpur, Malaysia. As part of this meeting, we discussed OONI’s strategy, roles and responsibilities within the team, and we improved upon our roadmaps. Specifically, the OONI Team Meeting Day included the following sessions: * OONI Strategy * Roles, responsibilities, and decision making within the OONI team (Part 1) * Roles, responsibilities, and decision making within the OONI team (Part 2) * Presenting Thematic Censorship Findings on OONI Explorer and Revamping the OONI Explorer Navigation * VPN measurement update from OTF Information Controls Fellow * Roadmap updates (Part 1) * Roadmap updates (Part 2) As an outcome, we improved our roadmaps, we had important strategic discussions in person, and we discussed the next steps for some of our core projects. *## Published new report on the OONI Censorship Findings page* In May 2024, we published a report documenting the blocking of Grindr in Malaysia: https://explorer.ooni.org/findings/44213966401 OONI data suggests that Malaysia started blocking access to Grindr – the world’s largest social networking app for gay, bi, trans, and queer people – on 17th April 2024. Recent OONI data suggests that the block remains ongoing. *## Research collaborations with partners on upcoming reports* We continued to coordinate with our partners on research efforts required for upcoming research reports. Specifically, we coordinated with our partners on extensive updates to the Citizen Lab test lists for Bangladesh and Iran. In May 2024, the updates for the test lists of Bangladesh and Iran were finalized. Specifically: * Digitally Right updated the test list for Bangladesh: https://github.com/citizenlab/test-lists/pull/1733 * Miaan Group contributed more updates to the test list for Iran: https://github.com/citizenlab/test-lists/pull/1726 *## OONI Probe Mobile* We released News Media Scan v3.8.7: https://github.com/ooni/probe-android/pull/549 Notably, this release includes localization support for French, German, Portuguese, Russian, Spanish and Turkish. *## OONI Probe Desktop* In May 2024, we released OONI Probe Desktop 3.9.6: https://github.com/ooni/probe-desktop/releases/tag/v3.9.6 The latest version makes use of OONI Probe CLI v.3.22.0. *## OONI Probe CLI* In May 2024, we released OONI Probe CLI 3.22: https://github.com/ooni/probe-cli/releases/tag/v3.22.0 We documented the interaction between OONI Probe and the “probe services” (i.e., the OONI backend APIs providing services to OONI Probe). As part of this work, we also seized the opportunity to simplify and rationalize the code: https://github.com/ooni/probe/issues/2700 We refactored the algorithm used by OONI Probe to communicate with possibly blocked probe services to prioritize the DNS results over the bridge strategy and previous knowledge about existing working strategies: https://github.com/ooni/probe/issues/2704 *## OONI Run* Throughout May 2024, we focused on delivering OONI Run v2 support for the Deutsche Welle News Media Scan application ( https://github.com/ooni/probe/issues/2733) Adding this functionality to their application will enable Deutsche Welle to independently maintain and update lists of URLs they wish to test. We focused on adding the specific functionality they required to do so, as well as on bug fixing and testing. With regards to the OONI Run v2 implementation in OONI Probe Mobile, we continued our efforts to test and fix bugs. In May 2024, we fixed the following bugs: https://github.com/ooni/run/issues/161, https://github.com/ooni/run/issues/165, https://github.com/ooni/run/issues/147, https://github.com/ooni/run/issues/151 *## OONI Explorer* In May 2024, we continued our efforts to update our design system to TailWindCSS (https://github.com/ooni/design-system/issues/174) by updating components to use the new framework ( https://github.com/ooni/design-system/pull/170) We also continued our efforts to ensure that the OONI Explorer Country pages matched recently re-designed components (https://github.com/ooni/explorer/issues/915, https://github.com/ooni/explorer/issues/914) Based on community feedback collected as part of our previous user research studies, we concluded that the new thematic censorship findings pages on OONI Explorer will focus on the following themes: * News Media: https://github.com/ooni/explorer/issues/940 * Social Media: https://github.com/ooni/explorer/issues/939 * Circumvention: https://github.com/ooni/explorer/issues/941 Community feedback also informed the ways through which information can be presented on each of these thematic pages, as well as which information to prioritize. While in Kuala Lumpur, we held a session during the OONI Team Day (10th May 2024) to further discuss our plans for both our projects on “Presenting Thematic Censorship Findings on OONI Explorer” and “Revamping the OONI Explorer Navigation”. We reviewed the mockups that had been made and we discussed the next steps. We have created the following issues to track this work: https://github.com/ooni/explorer/issues/938 https://github.com/ooni/explorer/issues/940 https://github.com/ooni/explorer/issues/941 https://github.com/ooni/explorer/issues/939 We also added simple event tracking ( https://github.com/ooni/explorer/pull/942) to the existing navigation bar so that we can better understand the top-visited pages on OONI Explorer. We will compare the data to the new navigation bar, once it is launched. *## General backend work* In May 2024, we: * Worked on porting the oonifindings API over to our new API pattern ( https://github.com/ooni/backend/issues/814) * Worked on refactoring the oonimeasurements service ( https://github.com/ooni/backend/pull/851) * Tried out a few devops PoCs to improve our devops processes ( https://github.com/ooni/devops/pull/59) *## Automating censorship detection and characterization based on OONI measurements* To help boost the performance of the new data processing pipeline, we started working on optimizing the performance of table writers and refactoring the table model: https://github.com/ooni/data/pull/72 Notably, we had the opportunity to present and share our new data analysis methods (for automating the detection and characterization of censorship) with our global network of partners and with experts from the internet measurement community. On 8th and 9th May 2024, we hosted the OONI Partner Gathering: a 2-day event in Kuala Lumpur, Malaysia, which brought OONI partners together to exchange skills and knowledge on internet censorship research and advocacy. During this event, we facilitated a session (“OONI data analysis deep dive”), as part of which we presented the OONI pipeline v5 ( https://github.com/ooni/data) and shared details of our methodological improvements for automating the detection and characterization of internet censorship based on OONI data. This enabled us to collect feedback from our partner network and to discuss how this could be useful to research and advocacy groups in highly censored environments (once the new pipeline is shipped into production). *## Community use of OONI data### Access Now’s #KeepItOn 2023 Report* In May 2024, Access Now published their annual 2023 #KeepItOn Report on Internet shutdowns around the world, which is available here: https://www.accessnow.org/wp-content/uploads/2024/05/2023-KIO-Report.pdf Many OONI reports from our Censorship Findings platform ( https://explorer.ooni.org/findings) as well as OONI research reports ( https://ooni.org/reports/) and OONI Explorer measurements ( https://explorer.ooni.org/) were cited quite extensively as part of Access Now’s (annual) #KeepItOn Report on Internet shutdowns in 2023. *## Community activities### iMAP Regional Partners Meeting in Malaysia* On 6th and 7th May 2024 (prior to the OONI Partner Gathering 2024), OONI’s Maria, Arturo, and Elizaveta participated in the iMAP Regional Partners Meeting in Kuala Lumpur, Malaysia (https://imap.sinarproject.org/) This event was organized and hosted by our partner, Sinar Project, who lead censorship measurement efforts in Southeast Asia. As part of our participation, we attended sessions that involved discussions on iMAP research reports (https://imap.sinarproject.org/reports) as well as on metadata collection for test list updates. *### Cross-Regional Convening of Digital Rights Activists in Malaysia* On 7th May 2024, OONI’s Elizaveta attended the Cross-Regional Convening of Digital Rights Activists of Central Asia and Southeast Asia that was organized by Internews in Kuala Lumpur, Malaysia. As part of this event, Elizaveta facilitated a session on documenting and researching internet censorship in Central Asia through the use of OONI tools and data. *### Countering Digital Threats to Democracy conference in Kenya* On 21st-22nd May 2024, OONI’s Elizaveta traveled to Nairobi, Kenya, to participate in the “Countering Digital Threats to Democracy” conference organized by USAID (https://events.pneumaav.com/USAID) As part of the event, Elizaveta presented OONI’s tools and work on documenting and investigating internet censorship in African countries. *### OONI workshop in Tanzania by community member* On 24th May 2024, our community member, Loveness Muhagazi (Digital Safety Consultant and author of the #Kiganjajanja online campaign) hosted an OONI training session for human rights defenders, civil society organizations and journalists in Tanzania. *### OONI Community Meeting* On 28th May 2024, we hosted the monthly OONI Community Meeting on our Slack channel (https://slack.ooni.org/) As part of this meeting, we discussed the following topics: 1) OONI Explorer user research: Does anyone have more feedback? 2) New OONI data processing pipeline v5: Testing and next steps for rolling it out in production 3) A new approach to characterize network blocking with decision trees (with an example in Russia) 4) Using soax.com for remote measurements *## Measurement coverage* In May 2024, 58,639,174 OONI Probe measurements were collected from 2,851 networks in 176 countries around the world. This information can also be found through our measurement stats on OONI Explorer (see chart on “monthly coverage worldwide”): https://explorer.ooni.org/ ~ OONI team.

1 0

OONI Monthly Report: April 2024
by Maria Xynou 06 Sep '24

06 Sep '24

Hello, Apologies for the delay in sharing OONI's previous monthly reports, and for the many upcoming reports. This email shares OONI's monthly report for April 2024. *# OONI Monthly Report: April 2024* Throughout April 2024, the OONI team’s work can be tracked through the various OONI GitHub repositories: https://github.com/ooni Highlights are shared in this report below. *## Published research report on internet censorship in Tanzania* In April 2024, we published a new research report (“Tanzania: Surge in online LGBTIQ censorship and other targeted blocks”), documenting the blocking of LGBTIQ websites and other targeted blocks in Tanzania based on the analysis of OONI data. Thanks to community member Tori Francis, who translated the report, we also published it in Swahili to reach local communities. Our research report is available in: * English: https://ooni.org/post/2024-tanzania-lgbtiq-censorship-and-other-targeted-bl… * Swahili: https://ooni.org/sw/post/2024-tanzania-lgbtiq-censorship-and-other-targeted… As part of this report, we analyzed OONI data collected from Tanzania between 1st January 2023 to 31st January 2024. Our analysis of OONI data collected from Tanzania shows: * *Blocking of many LGBTIQ websites*, including LGBTIQ social networks (such as Grindr), LGBTIQ rights sites (such as OutRight International and ILGA), LGBTIQ news and culture sites (such as Queerty), and a LGBTIQ suicide prevention site (The Trevor Project); * *Blocking of online dating websites* (such as Tinder and OKCupid); * *Targeted blocking of specific websites that defend human rights through grants and petitions* (Change.org, Global Fund for Women, GlobalGiving, Open Society Foundations); * *Targeted blocking of specific social networking sites* (Clubhouse and 4chan); * *Targeted blocking of ProtonVPN*. Our analysis reveals the extensive blocking of LGBTIQ sites, which correlates with the escalating discrimination and crackdown on LGBTIQ communities in Tanzania in recent years. Many other blocks identified as part of this study appear to be targeted, as they involve very specific websites, while other sites from the same categories (e.g. social media, human rights) were found accessible. For example, access to the Global Fund for Women website was found blocked in Tanzania, while Amnesty International's website was found accessible. Meanwhile, Tanzania recently started requiring users to report their use of VPNs. Out of tested VPNs, we only found ProtonVPN blocked in Tanzania during the analysis period. Overall, the results of our analysis show that most ISPs in Tanzania appear to implement blocks by means of TLS interference, specifically by timing out the session after the Client Hello message during the TLS handshake. As the timing of the blocks and the types of URLs blocked are (mostly) consistent across (tested) networks, ISPs in Tanzania likely implement blocks in a coordinated manner (possibly through the use of Deep Packet Inspection technology). *## Published new reports on the OONI Censorship Findings page* In April 2024, we published 2 new reports on our Censorship Findings page: * Kyrgyzstan blocked TikTok: https://explorer.ooni.org/findings/154621229001 * Senegal blocked TikTok: https://explorer.ooni.org/findings/144156914701 These reports were published in response to emergent censorship events, sharing relevant OONI data. Access to TikTok was temporarily blocked in Senegal amid political unrest, while access to TikTok was blocked in Kyrgyzstan following a government order to ban the platform. *## Research collaborations with partners on upcoming reports* We continued to coordinate with our partners on research efforts required for upcoming research reports. Specifically, we coordinated with our partners on extensive updates to the Citizen Lab test lists for Bangladesh and Iran. In April 2024, Miaan Group contributed extensive updates to the test list for Iran: https://github.com/citizenlab/test-lists/pull/1702 *## OONI Probe Mobile* In April 2024, we released OONI Probe 3.8.6 on Android ( https://github.com/ooni/probe-android/releases/tag/v3.8.6) and iOS ( https://github.com/ooni/probe-ios/releases/tag/v3.8.6) This release includes a fix for the OONI Probe Signal experiment, as well as several other bug fixes and improvements. *## OONI Probe Desktop* In April 2024, we released OONI Probe Desktop 3.9.5: https://github.com/ooni/probe-desktop/releases/tag/v3.9.5 This release contained a fix that prevents the app from being disabled on Windows and uses OONI Probe CLI v3.21.0 ( https://github.com/ooni/probe/issues/2699) *## OONI Probe CLI* We rationalized, documented, refactored, and improved the code used to communicate with the OONI backend: https://github.com/ooni/probe/issues/2700 As part of this work, we improved the code used for circumventing the blocking of the OONI backend, documented its design, and planned for future improvements: https://github.com/ooni/probe/issues/2704 *## OONI Run* As part of our work on creating the next generation version of OONI Run (“OONI Run v2”), we continued our efforts with QA testing for the Android version of the new OONI Probe app that will include both an improved UI and support for new OONI Run links. We spent time polishing the new flow that users will go through when adding OONI Run v2 links to their app dashboard, as well as ensuring that updating and removing links works as planned. You can explore related issues here: https://github.com/ooni/run/issues Additionally, we continued to test and fine-tune the admin dashboard that users will use to create, edit and manage their OONI Run v2 links. *## Documented OONI methodology for measuring throttling* In April 2024, we published documentation for our methodology on measuring throttling: https://github.com/ooni/probe-cli/pull/1546/files In previous months, we created an open methodology for measuring throttling. In line with our broader scope of work (which focuses on targeted cases of internet censorship), this methodology aims to detect cases of targeted throttling that impact specific online services (such as the throttling of Twitter/X). As part of this methodology, we measure cases of targeted throttling through the analysis of OONI Web Connectivity data (which is collected through the OONI Probe testing of URLs). Specifically, OONI’s methodology for measuring targeted cases of throttling involves the analysis of timing information during HTTPS requests in Web Connectivity data. This methodology has been successful in measuring various cases of throttling, such as those documented as part of our previous research reports on throttling cases in Kazakhstan ( https://ooni.org/post/2023-throttling-kz-elections/#throttling-of-sites) Russia ( https://ooni.org/post/2022-russia-blocks-amid-ru-ua-conflict/#twitter-throt…) and Turkey (https://ooni.org/post/2023-turkey-throttling-blocking-twitter/) Our throttling methodology is also explained in these reports. *## OONI Explorer### User research* Last month, we mentioned that we started user interviews with members of our community who use OONI Explorer (https://explorer.ooni.org/) as part of research and advocacy. The goal of these interviews was to supplement the qualitative data collected through the surveys, and to better understand how they use OONI Explorer and the challenges they encounter in discovering censorship findings through the platform. In April 2024, we completed these interviews and distilled the information and insights gathered to help us inform the next phase of several projects we have on the go. To collect community feedback for the improvement of the OONI Explorer navigation, we also did a user study ( https://twitter.com/OpenObservatory/status/1778016715940536698) Our goal through this study ( https://s900pyof.optimalworkshop.com/optimalsort/33tdoyag) was to collect community feedback on how to improve the structure of content on OONI Explorer and make it easier to navigate. All of these efforts are helping us make progress on two important projects: * Presenting thematic censorship findings on OONI Explorer * Revamping the OONI Explorer navigation *### Presenting thematic censorship findings on OONI Explorer* Based on community feedback collected as part of our user research studies, we worked with a designer on creating wireframes and mockups of potential ways to present thematic censorship findings on OONI Explorer ( https://explorer.ooni.org/) In addition to enabling the internet freedom community to easily and quickly discover censorship findings that they care about, we aim to also ensure that information is presented in a logical fashion, building a stronger connection between the various pages and sections on OONI Explorer. *### Revamping the OONI Explorer navigation* Adding another section like the Thematic Censorship pages to OONI Explorer will require us to consider the navigation menu of the site. As is, the OONI Explorer menu is fairly crowded, and we want to ensure that we can continue to grow and expand the navigation as we grow the functionality within OONI Explorer. Based on community feedback collected as part of a user study on OONI Explorer navigation ( https://s900pyof.optimalworkshop.com/optimalsort/33tdoyag) we completed some wireframes of different options for the navigation and had several brainstorming sessions to discuss. *### Other improvements* On the development side, we began the work to update a few sections of the OONI Explorer country pages that had previously been redesigned ( https://github.com/ooni/explorer/issues/916, https://github.com/ooni/explorer/issues/914) We fixed an issue with our language drop-down menu for people using Brave browser ( https://github.com/ooni/explorer/issues/931) We also continued our work using Tailwind for our design library ( https://github.com/ooni/design-system/pull/175) *## Automating censorship detection and characterization based on OONI measurements* In April 2024, we continued to make progress towards shipping our new OONI Data Pipeline into production. Specifically, to improve maintainability going forward, we refactored OONI data into two separate packages (https://github.com/ooni/data/pull/60) * End user pip installable package to download and parse measurements; * Pipeline to perform the analysis and processing of OONI data. We also ported analysis and observation generation over to temporal and set up the production environment in the OONI devops repository ( https://github.com/ooni/data/pull/61) *## General backend/devops* In April 2024, we worked on porting the oonifindings service to our new and improved ooniapi pattern (https://github.com/ooni/backend/issues/807) We also experimented with some proof of concepts to improve our devops processes, such as re-conceptualizing codepipeline triggers, and trying weighted target groups and scheduled blue/green deployment. *## Test list updates* Following the announcement of the suspension of the broadcasting of programs from several news media outlets in Burkina Faso ( https://x.com/sergedanielinfo/status/1784676862083399728) we created a new test list for Burkina Faso with those news media websites: https://github.com/citizenlab/test-lists/pull/1714 We also added a few news media websites to the Togo test list: https://github.com/citizenlab/test-lists/pull/1715 *## Planning the OONI Partner Gathering 2024* In preparation for the upcoming OONI Partner Gathering in Malaysia in May 2024, we continued to coordinate on numerous logistics (flights, shuttle service, hotel, catering, etc.). We also continued to assist participants as needed with their travel logistics, and we continued to coordinate with designers on event-related supplies and materials. To help ensure that the OONI Partner Gathering 2024 agenda is as useful as possible to our partners, we previously shared a survey to collect their feedback. As our goal was to ensure that we create an agenda that is valuable to all participants, we requested their feedback on the types of sessions that they would find most useful, the types of skills and knowledge that they would like to learn, and the outcomes that would make their participation feel well spent. We also asked participants to propose sessions that they would like to facilitate at the event. Based on the analysis of partner feedback, we created the final agenda based on the most pressing needs, interests, and requests identified in most survey responses, while taking into account the diversity in participant backgrounds. We also coordinated with partners who expressed interest (through our survey) in facilitating sessions to include their proposed sessions in the final agenda. In April 2024 (several weeks in advance to the event), we shared the final Agenda with all OONI Partner Gathering participants. The detailed Agenda of the OONI Partner Gathering 2024 is available here: https://ooni.org/documents/OONI-Partner-Gathering-Agenda.pdf We also created an additional, internal, and more detailed agenda for our team to enable coordination and the management of logistics during the event. Prior to the event, we prepared and shared the following with participants: * Code of Conduct: https://ooni.org/documents/Information-Package-CoC-Privacy-Policy.pdf * Communication Guidelines: https://ooni.org/documents/Information-Package-Communication-Tips.pdf * Privacy Policy * OONI Partner Gathering Information Package (providing detailed information about the event, logistical details, and answers to Frequently Asked Questions (FAQ) about the event) * Facilitation guidelines (shared with all OONI Partner Gathering facilitators) * Participant list document * COVID-19 Safety Guidelines * Emergency Information document Moreover, in preparation for the OONI Partner Gathering 2024, we: * Created a dedicated OONI Partner Gathering 2024 mailing list; * Created a dedicated OONI Partner Gathering 2024 Signal group; * Created documents for note-taking during the OONI Partner Gathering sessions; * Created slides for various OONI Partner Gathering sessions; * Created certificates for each of the participants; * Ordered OONI t-shirts, banners, stickers, flyers, tote bags, and lanyards for the event; * Ordered COVID-19 masks, tests, and hand sanitizers for the event. *## Rapid response### Blocking of TikTok in Kyrgyzstan* In response to the blocking of TikTok in Kyrgyzstan, we shared relevant OONI data and information on Twitter/X: https://twitter.com/OpenObservatory/status/1782005308342055256 We subsequently published a report on our Censorship Findings page, providing further information on the blocking of TikTok in Kyrgyzstan: https://explorer.ooni.org/findings/154621229001 *## Community use of OONI data### Report on the blocking of Grindr in Malaysia* Our partner, Sinar Project, published a report documenting the blocking of Grindr in Malaysia based on OONI data: https://imap.sinarproject.org/news/internet-censorship-update-blocking-of-g… They also encouraged OONI Probe testing of Grindr in Malaysia on Twitter/X: https://twitter.com/sinarproject/status/1781287369213395291 *## Community activities### DRL Implementers Meeting 2024* Between 1st-4th April 2024, OONI’s Arturo and Jessie traveled to Washington D.C to attend the DRL Implementers Meeting 2024. As part of their participation, they facilitated sessions about community organization and governance, and communicating security risks to users. *### OONI training by Zaina Foundation for researchers in Tanzania* On 4th April 2024, our partner, Zaina Foundation ( https://ooni.org/partners/zaina-foundation/) facilitated an OONI training for researchers in Tanzania ( https://x.com/ZainaFoundation/status/1776243051339350226) OONI’s Elizaveta joined the training through remote/online participation, provided a live demo of using OONI Explorer, and addressed the questions of the participants. *### Digital Rights & Inclusion Forum (DRIF) 2024* Between 23rd-25th April 2024, OONI’s Elizaveta traveled to Accra, Ghana, to participate in the Digital Rights & Inclusion Forum (DRIF) 2024. As part of her participation, Elizaveta facilitated a session on strengthening community response to internet censorship ( https://drif.paradigmhq.org/agenda/) While in Accra, Elizaveta also shared OONI’s work as part of a TV interview with Pan African TV: https://www.facebook.com/PANAFRICANTV/videos/979923349677358 *## Measurement coverage* In April 2024, 57,990,058 OONI Probe measurements were collected from 2,887 networks in 167 countries around the world. This information can also be found through our measurement stats on OONI Explorer (see chart on “monthly coverage worldwide”): https://explorer.ooni.org/ ~ OONI team.

1 0

Advisory regarding your Yubikey
by Antoine Beaupré 05 Sep '24

05 Sep '24

As some of you have already noticed, a security issue regarding the Yubikey 5 series has been released two days ago. Sadly, the Yubikeys distributed at the 2023 Tor Meeting in Costa Rica are affected. ### The issue at hand To work their magic, Yubikeys store a secret key inside them that is never supposed to leave the device. Researches at Ninjalab found out that by physically probing one of the chips inside a Yubikey, it is possible to acquire this secret key. Once an adversary has acquired such a secret key, they can use this to perform two-factor authentication and/or OpenPGP operations, as if they were the owner of the device. In practice, abusing this vulnerability is quite costly. It requires: - having physical access to your Yubikey - knowing a password(s) to one of your accounts protected by two-factor authentication (and/or your PIN if you use passkey) to get to your two-factor secret key - knowing your PIN to get to your OpenPGP secret key Nevertheless, it's not unthinkable that adversaries with sufficient resources may be targeting Torproject. ### Am I affected? - Was the Yubikey you use given to you in Costa Rica? Then yes, you are affected. - Are you using a Yubikey 5 that was purchased before May this year? Then yes, you are affected. - Are you using a Yubikey 5 that was purchased after May this year? Then you should check the firmware version to see if you are affected. Keys with firmware prior to 5.7 are affected. For instructions on how to find out which firmware your Key has, see the [Where to find YubiKey Firmware][] guide from Yubico. Command-line users can use the `ykman info` command to view the firmware version. [Where to find YubiKey Firmware]: https://support.yubico.com/hc/en-us/articles/12420838928284-Where-to-find-Y… ### What does this mean for me? The impact for you depends on what you use your Yubikey for. #### For two-factor authentication If you use your Yubikey for two-factor authentication, this attack can be used on top of a regular phishing attack to permanently break the second factor and compromise your accounts, without you noticing. #### For OpenPGP signing and decryption If you use your Yubikey for OpenPGP signing or authentication, you should check what type of key you have: - If it's an RSA key, you are not affected by this vulnerability. - If it's an elliptic curve key, and the attacker knows your PIN, this attack can be used to gain access to and make a copy of your secret key. An attacker could then forge signatures, authenticate to servers, or possibly decrypt other secrets. ### What should I do? First of all, in the wise words of Douglas Adams: don't panic. We advise you to take care of the following: - Keep using your Yubikey for two-factor authentication, it is still much safer than TOTP (e.g., google authenticator) or not having any two-factor authentication. - Do make sure you don't leave your Yubikey unattended, especially during conferences, in hotel rooms, etc. - Avoid using passkey (passwordless authentication). - Apply multi-coloured glitter nail polish on the casing of your Yubikey (yes, really) and store a photo of it. If you have reason to believe the device has been tampered with, check if the glitter is still the same. - If you use your Yubikey for OpenPGP and have an elliptic curve key, please ensure you have a strong PIN. You may consider switching to an RSA key or switching to a newer Yubikey using firmware 5.7 or higher, depending on the impact a compromise of your key may have. ### References - YubiCo advisory YSA-2024-03: https://www.yubico.com/support/security-advisories/ysa-2024-03/ - Technical paper: https://ninjalab.io/wp-content/uploads/2024/09/20240903_eucleak.pdf . ### Further questions If you have any questions about the safety of your Yubikey, please feel free to contact TPA, see: https://gitlab.torproject.org/tpo/tpa/team/-/wikis/support -- Antoine Beaupré torproject.org system administration

1 0

Felicia's Montly Status Report, August 2024
by Priscila 05 Sep '24

05 Sep '24

Hi, This is my first status report since joining TPI on August 12th. As I'm still getting up to speed, I may have missed some details, but I'll ensure more comprehensive reports in the future. During August, my primary focus was familiarizing myself with Figma libraries, addressing minor issues, and studying Acorn, Mozilla’s design system. Here are some key activities: * Attended onboarding meetings from August 12th to August 19th; * Set up accounts and passwords; * Resolved minor issues in GitLab, such as updating the bridge-emoji background: https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/42698#n… Since then, I’ve been concentrating on: * Tasks related to Figma, UI and design system, aligning Tor Browser’s UI elements with those of Firefox; * Addressing small UI-related issues. Cheers, — Felicia (she/her)

1 0

Anti-censorship team meeting notes, 2024-09-05
by Shelikhoo 05 Sep '24

05 Sep '24

Hey everyone! Here are our meeting logs: http://meetbot.debian.net/tor-meeting/2024/tor-meeting.2024-09-05-16.00.html And our meeting pad: Anti-censorship work meeting pad -------------------------------- Anti-censorship -------------------------------- Next meeting: Thursday, September 12 16:00 UTC Facilitator: onyinyang ^^^(See Facilitator Queue at tail) Weekly meetings, every Thursday at 16:00 UTC, in #tor-meeting at OFTC (channel is logged while meetings are in progress) This week's Facilitator: shelikhoo == Goal of this meeting == Weekly check-in about the status of anti-censorship work at Tor. Coordinate collaboration between people/teams on anti-censorship at the Tor Project and Tor community. == Links to Useful documents == * Our anti-censorship roadmap: * Roadmap:https://gitlab.torproject.org/groups/tpo/anti-censorship/-/boards * The anti-censorship team's wiki page: * https://gitlab.torproject.org/tpo/anti-censorship/team/-/wikis/home * Past meeting notes can be found at: * https://lists.torproject.org/pipermail/tor-project/ * Tickets that need reviews: from projects, we are working on: * All needs review tickets: * https://gitlab.torproject.org/groups/tpo/anti-censorship/-/merge_requests?s… * Project 158 <-- meskio working on it * https://gitlab.torproject.org/groups/tpo/anti-censorship/-/issues/?label_na… == Announcements == * == Discussion == * (empty) == Actions == == Interesting links == * https://www.bamsoftware.com/talks/wac7-fep/ * dcf's recent talk (45 min) "How cryptography relates to Internet censorship circumvention" == Reading group == * We will discuss "SpotProxy: Rediscovering the Cloud for Censorship Circumvention " on September 12 * https://www.cs-pk.com/sec24-spotproxy-final.pdf * https://censorbib.nymity.ch/#Kon2024b * Questions to ask and goals to have: * What aspects of the paper are questionable? * Are there immediate actions we can take based on this work? * Are there long-term actions we can take based on this work? * Is there future work that we want to call out in hopes that others will pick it up? == Updates == Name: This week: - What you worked on this week. Next week: - What you are planning to work on next week. Help with: - Something you need help with. cecylia (cohosh): 2024-08-29 Last week: - went through massive todo backlog - dealt with breaking changes in KCP library - answered a bunch of Lox questions for integration work - cleared out review backlog This week: - take a look at snowflake web and webext translations and best practices - make changes to Lox encrypted bridge table - https://gitlab.torproject.org/tpo/anti-censorship/lox/-/merge_requests/147 Needs help with: dcf: 2024-09-05 Last week: Next week: - archive snowflake webextension v0.9.0 (manifest V3) - comment as requested on kcp v5.6.17 upgrade - open issue to have snowflake-client log whenever KCPInErrors is nonzero https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… - parent: https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… - open issue to disable /debug endpoint on snowflake broker - move snowflake-02 to new VM Help with: - tell me when to restart the brokers for https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… meskio: 2023-08-29 Last week: - don't distribute blocked-in bridges in moat and https (rdsys#204) - plan switch from BridgeDB to rdsys (rdsys#218) Next week: - add ipversion subscription to rdsys - be ready for the BridgeDB switch Shelikhoo: 2024-09-05 Last Week: - snowflake broker update/reinstall - Review fix: extension not starting after browser restart( https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… ) - Research: respond to YSA-2024-03 (YubiKey < 5.7 side-channel attack on ECC private keys) (https://gitlab.torproject.org/tpo/tpa/team/-/issues/41744) - Release Snowflake Webext(again) - Merge request reviews Next Week/TODO: - Merge request reviews - snowflake broker update/reinstall: https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… onyinyang: 2023-08-29 Last week(s): - continued with key rotation integration work - collected issues and TODOs for all Lox work that needs to be done before deployment Next week: - finish up key rotation integration work - add pref to handle timing for pubkey checks in Tor browser - update lox protocols to return duplicate responses for an already seen request - add trusted invitation logic to tor browser integration: https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/42974 - Work on outstanding milestone issues: in particular: https://gitlab.torproject.org/tpo/anti-censorship/lox/-/issues/69 - key rotation automation Later: - begin implementing some preliminary user feedback mechanism to identify bridge blocking based on Vecna's work - improve metrics collection/think about how to show Lox is working/valuable - sketch out Lox blog post/usage notes for forum (long term things were discussed at the meeting!): https://pad.riseup.net/p/tor-ac-community-azaleas-room-keep - brainstorming grouping strategies for Lox buckets (of bridges) and gathering context on how types of bridges are distributed/use in practice Question: What makes a bridge usable for a given user, and how can we encode that to best ensure we're getting the most appropriate resources to people? 1. Are there some obvious grouping strategies that we can already consider? e.g., by PT, by bandwidth (lower bandwidth bridges sacrificed to open-invitation buckets?), by locale (to be matched with a requesting user's geoip or something?) 2. Does it make sense to group 3 bridges/bucket, so trusted users have access to 3 bridges (and untrusted users have access to 1)? More? Less? theodorsm: 2024-08-22 Last weeks: - Expose hooks in pion/webrtc library Next weeks: - Update Snowflake to use latest pion upstream releases (DTLS: v3 and WebRTC: beta v4) - Test Snowflake fork with covert-dtls - Condensing thesis into paper Help with: - Feedback on thesis Facilitator Queue: onyinyang meskio shelikhoo 1. First available staff in the Facilitator Queue will be the facilitator for the meeting 2. After facilitating the meeting, the facilitator will be moved to the tail of the queue (This message is unsigned as my email client is having some issues....)

1 0

ebanam's monthly status report and user support report for August 2024
by ebanam 03 Sep '24

03 Sep '24

Hello everyone! Last month, we saw a massive uptick in user support requests coming from Russian and Chinese speaking users. To put it in numbers, we answered a little over 1100 unique user support requests across our various user support channels. This can be attributed to the latest developments[0] in Tor censorship in Russia and continued outreach work aimed towards Chinese speaking audience[1] respectively. Since a majority of these requests are from users in regions where Tor is censored, it has involved helping users to download (using mirrors and GetTor) and install Tor Browser, using censorship circumvention methods that will work best for them, gathering feedback and general troubleshooting. I dedicated some time testing the latest Tor Browser Alpha releases and answered a number of Tor Browser related user support tickets. Here's a more detailed breakdown of the tickets our user support team worked on last month: # Frontdesk (email support channel) * 762(↑) RT tickets created * 672(↑) RT tickets resolved Tickets by numbers: 1. 350(↑) RT tickets: private bridge requests from Chinese speaking users. 2. 237(↑) RT tickets: circumventing censorship in Russian speaking countries. 3. 5 RT tickets: Reports of onion services (not maintained by Tor Project) not working. We ask users to report to the respective onion service operator. 4. 3(↓) RT tickets: Circumventing censorship with Tor in Farsi. Highlighting some other topics we received questions and feedback: 5. 4 RT tickets: Help with troubleshooting Tor Browser install on Windows. 6. 3 RT tickets: Reports of websites blocking Tor. 7. 2 RT tickets: Help with installing Tor Browser install on Linux. 8. Help with installing Tor Browser on macOS. 9. Question about contributing to Tor. # Telegram, WhatsApp and Signal Support channel * 751(↑) tickets resolved Breakdown: * 734(↑) tickets on Telegram * 17(↓) tickets on WhatsApp * 0(↓) ticket on Signal Tickets by numbers: 1. 542(↑) tickets: circumventing censorship in Russian speaking countries. 2. 46(↓) tickets: circumventing censorship with Tor in Farsi. 3. 27(↑) tickets: private bridge requests from Chinese speaking users. 4. 22(↑) tickets: helping users on iOS, using Onion Browser or Orbot, to use censorship circumvention methods. Highlighting some other topics we received questions about: 5. 10(↑) tickets: instructions on how to get Tor Browser binaries from GetTor. 6. 2 tickets: Questions about what onion services are and how to access them. 7. 2 tickets: Help with troubleshooting Tor Browser install on Linux. 8. Help with troubleshooting Tor Browser install on macOS. # Highlights from the Tor Forum 1. Issues connecting to Tor with bridges from Russia.[2] 2. 'lyrebird' in Tor Browser.[3] 3. Bookmarks in Tor Browser.[4] Thanks! e. [0]: https://gitlab.torproject.org/tpo/anti-censorship/censorship-analysis/-/iss… [1]: https://github.com/torproject/tor4zh [2]: https://forum.torproject.org/t/does-anyone-have-issues-with-the-connection-… [3]: https://forum.torproject.org/t/lyrebird-can-prevent-tor-browser-from-workin… [4]: https://forum.torproject.org/t/security-hole-with-bookmarks/14266

1 0

cohosh's monthly status report, August 2024
by Cecylia Bocovich 03 Sep '24

03 Sep '24

Hi! This is my status report for contract work done in August 2024. # Snowflake The big task this month was rolling out the MV3 update for the Snowflake web extension[0]. I helped review and test those changes. I also followed up on a proxy count check after we had a significant drop caused by new requirements from the Mozilla web store[1]. We had a lot of contributions to review lately, which is great, and I spent some time doing reviews and issue maintenance. There was a dependency update for the KCP library that caused one of our tests to fail[2] due to a change in whether queued writes are flushed[3]. # Reputation-based bridge distribution We're continuing work on the integration with Tor Browser. I finally got around to answering some questions on open merge requests about requirements for that[4,5], and picked up some work on maintaining our wasm-bindgen fork[6]. # Conjure I worked on writing a grant to support Conjure development and infrastructure. We're hoping to submit this as an NSF TTP. # Other An ongoing issue with pluggable transports and Tor Browser are their large binary sizes, and restrictions for Tor Browser android. As part of the Firefox 128 ESR work, we needed to explore some potential space-saving tricks for reducing PT binary sizes[7]. The results weren't as useful as we hoped, but managed to reduce binary sizes a little[8]. During the week of August 12-16 I travelled to USENIX, where we presented our work on Snowflake. [0] https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… [1] https://gitlab.torproject.org/tpo/anti-censorship/team/-/issues/142 [2] https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… [3] https://github.com/xtaci/kcp-go/issues/273 [4] https://gitlab.torproject.org/tpo/applications/tor-browser/-/merge_requests… [5] https://gitlab.torproject.org/tpo/applications/tor-browser/-/merge_requests… [6] https://gitlab.torproject.org/tpo/anti-censorship/lox/-/issues/71 [7] https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/42607 [8] https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow…

1 0

Nina’s Monthly Status Report, August 2024
by Nina 03 Sep '24

03 Sep '24

Hi! Below is my August’24 report! In August, I resolved 928 (↑341) tickets: * On Telegram (@TorProjectSupportBot) - 687 (↑260) * On RT (frontdesk@tpo) - 233 (↑88) * On WhatsApp (+447421000612) - 8 (↓5) * and on Signal (+17787431312) - 0 (↓2) The focus of my work is to help Russian-speaking users of Tor to install the browser and bypass internet censorship. In August, internet censorship in Russia became more strict, with YouTube and Signal being blocked[0], as well as many Tor bridges. So we received more tickets than usual: + 341 compared to July 24 - the growth or decrease by category can be seen above. Tor is reachable with bridgesin Russia, and I updated and posted the instructions for Russian users on the Forum [1]. We got a lot of questions from iOS users from Russia about what app they should use. Also, I helpedusers with troubleshooting and keep an eye on issues and bugs to report them to Tor developers. InAugust I submitted a copy/paste issue in Tor Browser [2],and continued to monitor the issue with Tor Browser not working on some of the Samsung devices [3]. [0] https://gitlab.torproject.org/tpo/anti-censorship/censorship-analysis/-/iss… [1] https://forum.torproject.org/t/tor-blocked-in-russia-how-to-circumvent-cens… [2] https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/43064 [3] https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/42714

1 0