- tor-project - lists.torproject.org

Moving on
by Joshua Gay 14 Apr '17

14 Apr '17

Hello, I wanted to let you all know that in the near future, Tor Project will be starting the process of finding a new Communications Director. Unfortunately, I was unable to do the job, and so I will be stepping down from my role when my replacement is hired. But, until then, I will be continuing to help with press inquiries as well as wrapping-up and sharing some of the work (research, planning, etc) that I began. While I am sad that things didn't work, it was my sincere pleasure to have met and worked with many of you and I am grateful for having been given the opportunity to help Tor Project. If you have any questions or would like my help on something (proofread a blog post?), please don't hesitate to ask! My email address is <joshuagay(a)riseup.net>, and I will also continue to lurk on IRC (jgay) in #tor-project and elsewhere. Best, Josh

1 0

Network team meeting notes from 10 April 2017
by Nick Mathewson 13 Apr '17

13 Apr '17

Hi! Our meeting transcript is at http://meetbot.debian.net/tor-dev/2017/tor-dev.2017-04-10-16.59.html Below are the status reports from this week ======== Nick: * reviewed code, merged a bunch * worked on consensus diff stuff (more). Now I have a labeled storage system that can manage consensuses and make diffs in worker threads. Next up is actually putting things there as they arrive; actually launching the "build a diff" stuff, and the tests. * This week, planning to try to get consensus diff code ready for some kind of review by end of week. * Mostly off IRC next week; going on trip with family (kid is on a school break) ASN says: - Worked on the recent onion address and ed25519 threads that started in [tor-dev], and tried to figure out which things are worth doing. I opened two action item threads: https://lists.torproject.org/pipermail/tor-dev/2017-April/012164.html https://lists.torproject.org/pipermail/tor-dev/2017-April/012163.html I'd appreciate feedback from Ian (at least) before I proceed here. Ian still hasn't replied but I suspect he will just do it later. Otherwise, I'll ping him. - Worked some more on prop279 (Name System API). - Started working on an API for setting up e2e crypto on rendezvous circuits which is meant to be used by clients and services (#21859). This week: - Engage more with the ed25519/onion address tor-dev threads I posted above. - Think more of the size of HS descriptors and about the recent solutions proposed in #21693. - Continue e2e circuit work on #21859. - Revise HS ntor branch based on nick's latest review. - Figure out GSoC. AHF says: - Helped review #21869 for Nick. - Had an Amsterdam follow-up meeting with Karsten + Samdney regarding Sponsor4 efforts impact on the metrics team. See: https://pad.riseup.net/p/chikeuBN1OUh - Merged various fixes to proposal #278 (from `ahf/prop-278-fixes` on Gitlab). - Build tool fixing and testing patches for lzma2/zstd code landing (bug #21662 + 21663) Other stuff: - Getting more into Rust. - Looked at GSoC proposals. Doesn't look like there was any submissions for the IPv6 proposal though. - Wrote an email to the tor-relays to hear if tor-fw-helper is used by anybody: so far only one person have replied that they are using it. - Reviewed issues #21841, #21842 - Bug triaging task: not many new issues on trac. This week: - Finishing off the remaining assigned issues for the current sponsor4 efforts. - Figure out if the compression API can do what we want it to do: storagedir, directory connections, xxx - Discuss with Nick about doing additional measurements and compare it to the measurements we did in early March. - I'm off for some of Thursday and Friday (easter holidays in Denmark). Catalyst is out this week. pastly says: Not much that Tor would care about yet - got scheduler switching via function pointers and a torrc option working - removed more testing-only code - currently debugging an issue with the kist scheduler that is difficult to reproduce - plan is to add a new type of cell to signal lots of extra debugging on the circuit - this code will only ever be ran in Shadow dgoulet says: - Worked on implementing mandatory ed25519 cert as link specifier for intro point in #20657 (prop224 service). - Wrote prop224 patch and code for #21871. - With #21871, finalize the introduction point legacy support for prop224 in #20657. - Implemented INTRODUCE replay cache support in #20657. - Reviewed #16861 this morning. All my comments are in the Gitlab. - Moved code out of #20657 massive development branch for early upstream inclusion. Every ticket about it have been put as child of #21888. - Fixed couple of 031 tickets as well. - This week will be resolving ticket in 031 and continue #20657 with service upload descriptor code and unit tests. Mike: - Most of my week last week was spent preparing for and meeting with Mozilla - This week I will look over the #16861 review. - Some time may be consumed by taxes :/

1 0

[Proposal] Social Contract
by Alison 11 Apr '17

11 Apr '17

Hi everyone, Last year we wrote a Social Contract with a set of promises to our users about our standards for making Tor. When we agreed on this document, we didn't have a formal set of voting guidelines [1] in place. Now that we have those, I'd like us to officially ratify the Social Contract according to our voting procedure. I am opening up the Social Contract proposal (attached) for discussion. Please first read the voting guidelines linked below, then give your feedback on the proposal in this thread. You may also create a new proposal for discussion. The discussion phase will run until 10 April. Please do not wait until the last minute to give substantive feedback. After the discussion phase, I'll initiate a vote. Alison [1] https://gitweb.torproject.org/community/policies.git/tree/voting.txt

7 18

new mailing list and IRC for Global South discussions
by Alison 11 Apr '17

11 Apr '17

Hi all, We have two new communication channels for discussing all things Tor in the Global South: a mailing list [1] and an IRC channel, which is #tor-south on OFTC. If you aren't sure how to use IRC, here are some instructions [2]. These channels were borne out of two discussions [3][4] at the Amsterdam Meeting about building community in the Global South, aka the majority world. Please join us if you're interested in working on that! Thanks to sukhe for creating the mailing list and ilv for creating the IRC channel (at least, I think it was you, since you're op!). Alison [1] https://lists.torproject.org/cgi-bin/mailman/listinfo/global-south [2] https://wiki.mozilla.org/IRC. These instructions are for a Mozilla IRC server, so instead of irc.mozilla.org you'll use OFTC. The OFTC server addresses are: irc.oftc.net:6667 (alternative ports: 6668-6670, 7000) or irc.oftc.net:6697 for SSL (alternative port: 9999) (SSL is recommended). [3] https://trac.torproject.org/projects/tor/wiki/org/meetings/2017Amsterdam/No… [4] https://trac.torproject.org/projects/tor/wiki/org/meetings/2017Amsterdam/No…

2 1

SHA2017: Who is coming?
by Nurmi, Juha 10 Apr '17

10 Apr '17

Hi, I am going to SHA2017 this summer. Who is coming? Shall we have a meeting there? Regards, Juha

2 1

Tails report for March, 2017
by intrigeri 10 Apr '17

10 Apr '17

Hi, the report about Tails activity in March is online: https://tails.boum.org/news/report_2017_03/ Spoiler alert: the "Reproducible Builds" section includes amazing news. Due to popular demand, an HTML version is attached, for your offline reading pleasure :) Cheers, -- intrigeri

1 0

Notes from April 6 2017 Vegas team meeting
by Karsten Loesing 10 Apr '17

10 Apr '17

Notes for April 6 2017 meeting: Nick: 1) Network team continuing post-meeting: stuff's ok. 2) new tor-0.3.0.5-rc released; stable should be soon. 3) +1 on isabela's team meeting idea 4) + lots on doing _something_ to get more teamwise coordination. These meetings aren't doing that. 5) Nick's kid on spring break week-after-next; Nick will be offline more than usual Georg: 1) We made progress towards our transition to ESR52; there are first nightly builds available for testing; the announcement went to tbb-dev: https://lists.torproject.org/pipermail/tbb-dev/2017-April/000501.html 2) There was quite some interest in Amsterdam to get micropayment tools integrated into Tor Browser; we should have a position on that and a plan 3) Who is triaging user experience issues on trac (linda?) (the ux team?) (nobody?)? <- currently it seems "nobody" is the answer but Isabela is looking for a better solution Karsten: 1) Resolving remaining issues of OnionPerf deployment. 2) Simulating improved directory-request statistics for user number estimates. 3) Wrote down objectives and key results (OKRs) for Q2/2017. https://trac.torproject.org/projects/tor/wiki/org/teams/MetricsTeam#Objecti… Shari: 1) Heading to San Francisco for quick trip to meet with Mozilla. 2) Job description for grantwriter position was posted today. 3) Plans to talk with flexlibris next week about Global South stuff that came up at the Tor meeting. 4) Working with Jon to finalize dates for Montreal meeting so we can solicit input and start making plans. Isabela; 1) ISC project is over - submitted final report to them and will work on a blog post about our work at orfox - loop the team in it as well 2) Following up with SIDA, OTF proposals (that are in process) 3) working on march report for sponsor4 and build a spreadsheet for sponsor4 progress track 4) trying to finish the user growth strategy update - want to send to vegas leads for feedback first and then to internal 5) My goal right now is to get each team to build a roadmap and to think of dependencies they have with other teams and by when they would need those. Once we have that, my next step will be to figure out dependencies between teams. 6) I am off on Friday April 14.

1 0

March 2017 Transifex report
by Colin Childs 10 Apr '17

10 Apr '17

Hi everyone, Below is the monthly Transifex report for March, 2017: ### Report Attached are daily, weekly and monthly translation graphs. The Y axis is "source words". 13.70K source words 3,222 collaborators 154 languages 42 Project resources 8 languages at 100% completion (across all 42 project resources): Bulgarian (bg) Chinese (Taiwan) (zh_TW) French (fr) French (Canada) (fr_CA) Norwegian Bokmål (nb) Portuguese (pt) Spanish (es) Vietnamese (vi) -- Colin Childs Tor Project https://www.torproject.org Twitter: @Phoul

1 0

SponsorR March 2017 report
by George Kadianakis 08 Apr '17

08 Apr '17

Hello, here is the March 2017 report for SponsorR: - Lots of progress on the implementation of the service-side of prop224: https://trac.torproject.org/projects/tor/ticket/20657 and we also made an implementation plan for the client-side coding and splitted it into tickets: https://trac.torproject.org/projects/tor/ticket/17242 - Wrote a blog post on the onion address UX and how to improve their usability: https://blog.torproject.org/blog/cooking-onions-names-your-onions - Some more improvements to the prop224 spec: https://lists.torproject.org/pipermail/tor-dev/2017-March/011966.html - Discussed possible improvements to the encoding of onion addresses to make them more resistant to phishing: https://lists.torproject.org/pipermail/tor-dev/2017-March/012030.html https://lists.torproject.org/pipermail/tor-dev/2017-March/012029.html - Discussed additional security verifications that might need to happen to onion addresses: https://lists.torproject.org/pipermail/tor-dev/2017-March/012015.html - Continued progress on the Name System API proposal. It's now in torspec as proposal 279, and it also received some more feedback on the mailing list: https://lists.torproject.org/pipermail/tor-dev/2017-March/012077.html https://lists.torproject.org/pipermail/tor-dev/2017-March/012020.html

1 0

Fwd: [Netfreedom] Request for help: International Developer Survey
by Shari Steele 08 Apr '17

08 Apr '17

> "2. Share the survey with your networks and encourage them to pass it > along. We would like to get a diverse range of developers to take the > survey.” > Begin forwarded message: > > From: s2e(a)seamustuohy.com > Subject: [Netfreedom] Request for help: International Developer Survey > Date: April 5, 2017 at 7:41:21 AM PDT > To: netfreedom(a)lists.cymru.com > > Hello all, > > In the Guardian Project <https://guardianproject.info/>'s current work with > the FDroid <https://f-droid.org/> community to make it a secure, > streamlined, and verifiable app distribution channel for high-risk > environments we have started to become more aware of the challenges and > risks facing software developers who build software in around the world. > > There are a wealth of resources available on how to support and collaborate > with high-risk users. Unsurprisingly, we could not find any guidance on how > to support and collaborate with developers where the internet is heavily > monitored and/or filtered, let alone developers who might be at risk > because of the software they develop. > > We have started conducting research on developers from a range of closed > and closing spaces. We hope that the results of this research will help > international software projects and organizations better understand and > respond to the unique needs of different international developer > communities. > > Part of this user research was the development of the challenges.tech survey > <https://challenges.tech/> which will be used to help us form a better > understanding of the challenges international developers face, their > motivations, and their priorities. With the help of the Localization Lab > <https://www.localizationlab.org/> we have translated this survey into > Chinese, Spanish, Farsi, French, and Russian. > > We have two requests: > > 1. If you are a developer take this survey <https://www.challenges.tech/> > (It takes about 10 minutes.) > 2. Share the survey with your networks and encourage them to pass it > along. We would like to get a diverse range of developers to take the > survey. > > *https://challenges.tech* <https://challenges.tech> > > We will close down the survey in a month (End of April). We will then replace the > challenges.tech website with the aggregated survey results. We will also > publicly share the overall results our research on the Guardian Project > <https://guardianproject.info/> website in a research report. We hope that > this report will help international organizations and software development > projects understand and respond to the unique needs of different > international developer communities. > > Best, > s2e > > -- > seamus tuohy > Principal Consultant | Prudent Innovation > s2e(a)prudentinnovation.org > PGP: 36AC 272E B7CF EDD5 F907 E488 B619 3EC7 3CF0 7AA7 > _______________________________________________ > Netfreedom mailing list > Netfreedom(a)lists.cymru.com > https://lists.cymru.com/mailman/listinfo/netfreedom

1 0