- tor-project - lists.torproject.org

Felicia's Montly Status Report, August 2024
by Priscila 05 Sep '24

05 Sep '24

Hi, This is my first status report since joining TPI on August 12th. As I'm still getting up to speed, I may have missed some details, but I'll ensure more comprehensive reports in the future. During August, my primary focus was familiarizing myself with Figma libraries, addressing minor issues, and studying Acorn, Mozilla’s design system. Here are some key activities: * Attended onboarding meetings from August 12th to August 19th; * Set up accounts and passwords; * Resolved minor issues in GitLab, such as updating the bridge-emoji background: https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/42698#n… Since then, I’ve been concentrating on: * Tasks related to Figma, UI and design system, aligning Tor Browser’s UI elements with those of Firefox; * Addressing small UI-related issues. Cheers, — Felicia (she/her)

1 0

Anti-censorship team meeting notes, 2024-09-05
by Shelikhoo 05 Sep '24

05 Sep '24

Hey everyone! Here are our meeting logs: http://meetbot.debian.net/tor-meeting/2024/tor-meeting.2024-09-05-16.00.html And our meeting pad: Anti-censorship work meeting pad -------------------------------- Anti-censorship -------------------------------- Next meeting: Thursday, September 12 16:00 UTC Facilitator: onyinyang ^^^(See Facilitator Queue at tail) Weekly meetings, every Thursday at 16:00 UTC, in #tor-meeting at OFTC (channel is logged while meetings are in progress) This week's Facilitator: shelikhoo == Goal of this meeting == Weekly check-in about the status of anti-censorship work at Tor. Coordinate collaboration between people/teams on anti-censorship at the Tor Project and Tor community. == Links to Useful documents == * Our anti-censorship roadmap: * Roadmap:https://gitlab.torproject.org/groups/tpo/anti-censorship/-/boards * The anti-censorship team's wiki page: * https://gitlab.torproject.org/tpo/anti-censorship/team/-/wikis/home * Past meeting notes can be found at: * https://lists.torproject.org/pipermail/tor-project/ * Tickets that need reviews: from projects, we are working on: * All needs review tickets: * https://gitlab.torproject.org/groups/tpo/anti-censorship/-/merge_requests?s… * Project 158 <-- meskio working on it * https://gitlab.torproject.org/groups/tpo/anti-censorship/-/issues/?label_na… == Announcements == * == Discussion == * (empty) == Actions == == Interesting links == * https://www.bamsoftware.com/talks/wac7-fep/ * dcf's recent talk (45 min) "How cryptography relates to Internet censorship circumvention" == Reading group == * We will discuss "SpotProxy: Rediscovering the Cloud for Censorship Circumvention " on September 12 * https://www.cs-pk.com/sec24-spotproxy-final.pdf * https://censorbib.nymity.ch/#Kon2024b * Questions to ask and goals to have: * What aspects of the paper are questionable? * Are there immediate actions we can take based on this work? * Are there long-term actions we can take based on this work? * Is there future work that we want to call out in hopes that others will pick it up? == Updates == Name: This week: - What you worked on this week. Next week: - What you are planning to work on next week. Help with: - Something you need help with. cecylia (cohosh): 2024-08-29 Last week: - went through massive todo backlog - dealt with breaking changes in KCP library - answered a bunch of Lox questions for integration work - cleared out review backlog This week: - take a look at snowflake web and webext translations and best practices - make changes to Lox encrypted bridge table - https://gitlab.torproject.org/tpo/anti-censorship/lox/-/merge_requests/147 Needs help with: dcf: 2024-09-05 Last week: Next week: - archive snowflake webextension v0.9.0 (manifest V3) - comment as requested on kcp v5.6.17 upgrade - open issue to have snowflake-client log whenever KCPInErrors is nonzero https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… - parent: https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… - open issue to disable /debug endpoint on snowflake broker - move snowflake-02 to new VM Help with: - tell me when to restart the brokers for https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… meskio: 2023-08-29 Last week: - don't distribute blocked-in bridges in moat and https (rdsys#204) - plan switch from BridgeDB to rdsys (rdsys#218) Next week: - add ipversion subscription to rdsys - be ready for the BridgeDB switch Shelikhoo: 2024-09-05 Last Week: - snowflake broker update/reinstall - Review fix: extension not starting after browser restart( https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… ) - Research: respond to YSA-2024-03 (YubiKey < 5.7 side-channel attack on ECC private keys) (https://gitlab.torproject.org/tpo/tpa/team/-/issues/41744) - Release Snowflake Webext(again) - Merge request reviews Next Week/TODO: - Merge request reviews - snowflake broker update/reinstall: https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… onyinyang: 2023-08-29 Last week(s): - continued with key rotation integration work - collected issues and TODOs for all Lox work that needs to be done before deployment Next week: - finish up key rotation integration work - add pref to handle timing for pubkey checks in Tor browser - update lox protocols to return duplicate responses for an already seen request - add trusted invitation logic to tor browser integration: https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/42974 - Work on outstanding milestone issues: in particular: https://gitlab.torproject.org/tpo/anti-censorship/lox/-/issues/69 - key rotation automation Later: - begin implementing some preliminary user feedback mechanism to identify bridge blocking based on Vecna's work - improve metrics collection/think about how to show Lox is working/valuable - sketch out Lox blog post/usage notes for forum (long term things were discussed at the meeting!): https://pad.riseup.net/p/tor-ac-community-azaleas-room-keep - brainstorming grouping strategies for Lox buckets (of bridges) and gathering context on how types of bridges are distributed/use in practice Question: What makes a bridge usable for a given user, and how can we encode that to best ensure we're getting the most appropriate resources to people? 1. Are there some obvious grouping strategies that we can already consider? e.g., by PT, by bandwidth (lower bandwidth bridges sacrificed to open-invitation buckets?), by locale (to be matched with a requesting user's geoip or something?) 2. Does it make sense to group 3 bridges/bucket, so trusted users have access to 3 bridges (and untrusted users have access to 1)? More? Less? theodorsm: 2024-08-22 Last weeks: - Expose hooks in pion/webrtc library Next weeks: - Update Snowflake to use latest pion upstream releases (DTLS: v3 and WebRTC: beta v4) - Test Snowflake fork with covert-dtls - Condensing thesis into paper Help with: - Feedback on thesis Facilitator Queue: onyinyang meskio shelikhoo 1. First available staff in the Facilitator Queue will be the facilitator for the meeting 2. After facilitating the meeting, the facilitator will be moved to the tail of the queue (This message is unsigned as my email client is having some issues....)

1 0

ebanam's monthly status report and user support report for August 2024
by ebanam 03 Sep '24

03 Sep '24

Hello everyone! Last month, we saw a massive uptick in user support requests coming from Russian and Chinese speaking users. To put it in numbers, we answered a little over 1100 unique user support requests across our various user support channels. This can be attributed to the latest developments[0] in Tor censorship in Russia and continued outreach work aimed towards Chinese speaking audience[1] respectively. Since a majority of these requests are from users in regions where Tor is censored, it has involved helping users to download (using mirrors and GetTor) and install Tor Browser, using censorship circumvention methods that will work best for them, gathering feedback and general troubleshooting. I dedicated some time testing the latest Tor Browser Alpha releases and answered a number of Tor Browser related user support tickets. Here's a more detailed breakdown of the tickets our user support team worked on last month: # Frontdesk (email support channel) * 762(↑) RT tickets created * 672(↑) RT tickets resolved Tickets by numbers: 1. 350(↑) RT tickets: private bridge requests from Chinese speaking users. 2. 237(↑) RT tickets: circumventing censorship in Russian speaking countries. 3. 5 RT tickets: Reports of onion services (not maintained by Tor Project) not working. We ask users to report to the respective onion service operator. 4. 3(↓) RT tickets: Circumventing censorship with Tor in Farsi. Highlighting some other topics we received questions and feedback: 5. 4 RT tickets: Help with troubleshooting Tor Browser install on Windows. 6. 3 RT tickets: Reports of websites blocking Tor. 7. 2 RT tickets: Help with installing Tor Browser install on Linux. 8. Help with installing Tor Browser on macOS. 9. Question about contributing to Tor. # Telegram, WhatsApp and Signal Support channel * 751(↑) tickets resolved Breakdown: * 734(↑) tickets on Telegram * 17(↓) tickets on WhatsApp * 0(↓) ticket on Signal Tickets by numbers: 1. 542(↑) tickets: circumventing censorship in Russian speaking countries. 2. 46(↓) tickets: circumventing censorship with Tor in Farsi. 3. 27(↑) tickets: private bridge requests from Chinese speaking users. 4. 22(↑) tickets: helping users on iOS, using Onion Browser or Orbot, to use censorship circumvention methods. Highlighting some other topics we received questions about: 5. 10(↑) tickets: instructions on how to get Tor Browser binaries from GetTor. 6. 2 tickets: Questions about what onion services are and how to access them. 7. 2 tickets: Help with troubleshooting Tor Browser install on Linux. 8. Help with troubleshooting Tor Browser install on macOS. # Highlights from the Tor Forum 1. Issues connecting to Tor with bridges from Russia.[2] 2. 'lyrebird' in Tor Browser.[3] 3. Bookmarks in Tor Browser.[4] Thanks! e. [0]: https://gitlab.torproject.org/tpo/anti-censorship/censorship-analysis/-/iss… [1]: https://github.com/torproject/tor4zh [2]: https://forum.torproject.org/t/does-anyone-have-issues-with-the-connection-… [3]: https://forum.torproject.org/t/lyrebird-can-prevent-tor-browser-from-workin… [4]: https://forum.torproject.org/t/security-hole-with-bookmarks/14266

1 0

cohosh's monthly status report, August 2024
by Cecylia Bocovich 03 Sep '24

03 Sep '24

Hi! This is my status report for contract work done in August 2024. # Snowflake The big task this month was rolling out the MV3 update for the Snowflake web extension[0]. I helped review and test those changes. I also followed up on a proxy count check after we had a significant drop caused by new requirements from the Mozilla web store[1]. We had a lot of contributions to review lately, which is great, and I spent some time doing reviews and issue maintenance. There was a dependency update for the KCP library that caused one of our tests to fail[2] due to a change in whether queued writes are flushed[3]. # Reputation-based bridge distribution We're continuing work on the integration with Tor Browser. I finally got around to answering some questions on open merge requests about requirements for that[4,5], and picked up some work on maintaining our wasm-bindgen fork[6]. # Conjure I worked on writing a grant to support Conjure development and infrastructure. We're hoping to submit this as an NSF TTP. # Other An ongoing issue with pluggable transports and Tor Browser are their large binary sizes, and restrictions for Tor Browser android. As part of the Firefox 128 ESR work, we needed to explore some potential space-saving tricks for reducing PT binary sizes[7]. The results weren't as useful as we hoped, but managed to reduce binary sizes a little[8]. During the week of August 12-16 I travelled to USENIX, where we presented our work on Snowflake. [0] https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… [1] https://gitlab.torproject.org/tpo/anti-censorship/team/-/issues/142 [2] https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… [3] https://github.com/xtaci/kcp-go/issues/273 [4] https://gitlab.torproject.org/tpo/applications/tor-browser/-/merge_requests… [5] https://gitlab.torproject.org/tpo/applications/tor-browser/-/merge_requests… [6] https://gitlab.torproject.org/tpo/anti-censorship/lox/-/issues/71 [7] https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/42607 [8] https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow…

1 0

Nina’s Monthly Status Report, August 2024
by Nina 03 Sep '24

03 Sep '24

Hi! Below is my August’24 report! In August, I resolved 928 (↑341) tickets: * On Telegram (@TorProjectSupportBot) - 687 (↑260) * On RT (frontdesk@tpo) - 233 (↑88) * On WhatsApp (+447421000612) - 8 (↓5) * and on Signal (+17787431312) - 0 (↓2) The focus of my work is to help Russian-speaking users of Tor to install the browser and bypass internet censorship. In August, internet censorship in Russia became more strict, with YouTube and Signal being blocked[0], as well as many Tor bridges. So we received more tickets than usual: + 341 compared to July 24 - the growth or decrease by category can be seen above. Tor is reachable with bridgesin Russia, and I updated and posted the instructions for Russian users on the Forum [1]. We got a lot of questions from iOS users from Russia about what app they should use. Also, I helpedusers with troubleshooting and keep an eye on issues and bugs to report them to Tor developers. InAugust I submitted a copy/paste issue in Tor Browser [2],and continued to monitor the issue with Tor Browser not working on some of the Samsung devices [3]. [0] https://gitlab.torproject.org/tpo/anti-censorship/censorship-analysis/-/iss… [1] https://forum.torproject.org/t/tor-blocked-in-russia-how-to-circumvent-cens… [2] https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/43064 [3] https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/42714

1 0

PieroV's Monthly Status Report, August 2024
by Pier Angelo Vendrame 02 Sep '24

02 Sep '24

Hi everyone! Here is my status report for August 2024. I spent this month almost only on tasks linked with the transition from Firefox ESR115 to ESR128. At the beginning of the month, I reviewed Dan's Android rebase. Then, after it landed, I checked for new reproducibility problems. I found only one with the license files [0]. The oss-license-plugin wasn't updated upstream this year, so it must be linked with other toolchain updates (including Java from 11 to 17 and Gradle). The solution [1] was to build and use a patched plugin that uses `TreeSet` instead of a `HashSet`. Sadly, the APK sizes grew a lot between 115 and 128. For this reason, we couldn't publish 14.0a2 and 14.0a3 on the Play Store for the x86 and x86-64 architectures [2]. During this month, Claire, cohosh from the AC team, and I spent some time investigating this. 14.0a4 should fit at least for Android x86-64. For Android x86, we might have to shave another 100-200kB if we understood how this threshold works. Another issue I worked on was a leak of regional locale data with the `Intl` API. During the rebase, we had to start specifying `RFPTarget`s, and I chose the only one handled differently without realizing it. This was a reminder of how important it is to upstream our patches whenever possible. I started the process for this one two years ago [3], but then it didn't land because it would have applied also to the browser UI. After finding a new fix that worked for us, I added a proposal to the upstream bug on a possible approach that might also work for Firefox. Another bug worth mentioning was a problem with mixed content in Onion Services [4]. The fix eventually was easy [5], but it took me quite a while to understand what was going on because it involved debugging between parent and content processes. Also, it was a great occasion to improve the Onion Sites I implemented for testing [6] and the documentation around them. While doing so, I accidentally learned that we accept self-signed certificates only if they specify subject alternative names. This new knowledge allowed me to quickly answer another issue [7] without further investigation. Finally, Mozilla is releasing Firefox 115.15 tomorrow, which is expected to be the last update for the 115 series [8]. However, it's also the last version supporting Windows 7. While we agree that people shouldn't use unsupported operating systems, we know some of our users don't have another choice. So, if eventually Mozilla decides to extend the support for Firefox 115, we might end up extending Tor Browser 13.5's life as well [9]. One of our updater changes is to check for the minimum requirements on the client side to avoid sending the OS version to our update servers. So, this month, I also simulated providing several updates to Firefox: one compatible with Windows >= 7 and one with Windows >= 10. Sadly, the updater didn't handle this case as expected, and I needed to create a patch. We will need some additional deployment steps if we actually provide the alternative update path. In this case, we will also drop the hash check on the update files (it's redundant since they are already signed) [10]. Cheers, Pier [0] https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/issues/4… [1] https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/merge_re… [2] https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/42607 [3] https://bugzilla.mozilla.org/show_bug.cgi?id=1746668 [4] https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/43013 [5] https://gitlab.torproject.org/tpo/applications/tor-browser/-/merge_requests… [6] https://gitlab.torproject.org/tpo/applications/wiki/-/wikis/Development-Inf… [7] https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/42887 [8] https://whattrainisitnow.com/release/?version=esr [9] https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/42747 [10] https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/42737

1 0

Tor Browser Weekly Meeting re-scheduled to 2024-09-03
by Morgan 29 Aug '24

29 Aug '24

Hi Everyone, 2024-09-02 is a Tor holiday, so we will reschedule our weekly meeting to 2024-09-03 at 1500 UTC in #tor-meeting on OFTC IRC. Have a good long weekend! best, -morgan

1 0

Anti-censorship team meeting notes, 2024-08-29
by meskio 29 Aug '24

29 Aug '24

Hey everyone! Here are our meeting logs: http://meetbot.debian.net/tor-meeting/2024/tor-meeting.2024-08-29-16.00.html And our meeting pad: Anti-censorship -------------------------------- Next meeting: Thursday, September 5 16:00 UTC Facilitator: onyinyang ^^^(See Facilitator Queue at tail) Weekly meetings, every Thursday at 16:00 UTC, in #tor-meeting at OFTC (channel is logged while meetings are in progress) This week's Facilitator: meskio == Goal of this meeting == Weekly check-in about the status of anti-censorship work at Tor. Coordinate collaboration between people/teams on anti-censorship at the Tor Project and Tor community. == Links to Useful documents == * Our anti-censorship roadmap: * Roadmap:https://gitlab.torproject.org/groups/tpo/anti-censorship/-/boards * The anti-censorship team's wiki page: * https://gitlab.torproject.org/tpo/anti-censorship/team/-/wikis/home * Past meeting notes can be found at: * https://lists.torproject.org/pipermail/tor-project/ * Tickets that need reviews: from projects, we are working on: * All needs review tickets: * https://gitlab.torproject.org/groups/tpo/anti-censorship/-/merge_requests?s… * Project 158 <-- meskio working on it * https://gitlab.torproject.org/groups/tpo/anti-censorship/-/issues/?label_na… == Announcements == * == Discussion == * what to do with moat bridges once we turn off BridgeDB? * The plan is to switch off BridgeDB on 2024-09-09. * Currently, moat bridges are reserved exclusively for moat. When rdsys stops distributing moat bridges, those bridges will get no new users. They will only have the users that already knew about them. (The "request bridge" button in Tor Browser uses moat, after the switch the button will get bridges from circumvention settings instead.) * meskio will configure rdsys so new bridges are not assigned to that distributor * meskio will monitor the usage of moat bridges to decide when to move them somewhere * During the transition period, the request bridge button will display a captcha (because Tor Browser is expecting one), but it will be a placeholder captcha: https://gitlab.torproject.org/tpo/anti-censorship/rdsys/-/issues/182 https://gitlab.torproject.org/tpo/anti-censorship/rdsys/-/blob/617c6ced3900… == Actions == == Interesting links == == Reading group == * We will discuss "SpotProxy: Rediscovering the Cloud for Censorship Circumvention " on September 12 * https://www.cs-pk.com/sec24-spotproxy-final.pdf * https://censorbib.nymity.ch/#Kon2024b * Questions to ask and goals to have: * What aspects of the paper are questionable? * Are there immediate actions we can take based on this work? * Are there long-term actions we can take based on this work? * Is there future work that we want to call out in hopes that others will pick it up? == Updates == Name: This week: - What you worked on this week. Next week: - What you are planning to work on next week. Help with: - Something you need help with. cecylia (cohosh): 2024-08-29 Last week: - went through massive todo backlog - dealt with breaking changes in KCP library - answered a bunch of Lox questions for integration work - cleared out review backlog This week: - take a look at snowflake web and webext translations and best practices - make changes to Lox encrypted bridge table - https://gitlab.torproject.org/tpo/anti-censorship/lox/-/merge_requests/147 Needs help with: dcf: 2024-08-29 Last week: - reinitialized new snowflake broker VM https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… - made minor revisions to snowflake broker installation guide https://gitlab.torproject.org/tpo/anti-censorship/team/-/wikis/Survival-Gui… Next week: - archive snowflake webextension v0.9.0 (manifest V3) - open issue to have snowflake-client log whenever KCPInErrors is nonzero https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… - parent: https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… - open issue to disable /debug endpoint on snowflake broker - move snowflake-02 to new VM Help with: - tell me when to restart the brokers for https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… meskio: 2023-08-29 Last week: - don't distribute blocked-in bridges in moat and https (rdsys#204) - plan switch from BridgeDB to rdsys (rdsys#218) Next week: - add ipversion subscription to rdsys - be ready for the BridgeDB switch Shelikhoo: 2024-08-29 Last Week: - Chrome Manifest V3 transition: https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… - Release Manifest V3 - Merge request reviews Next Week/TODO: - Merge request reviews - snowflake broker update/reinstall: https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… onyinyang: 2023-08-29 Last week(s): - continued with key rotation integration work - collected issues and TODOs for all Lox work that needs to be done before deployment Next week: - finish up key rotation integration work - add pref to handle timing for pubkey checks in Tor browser - update lox protocols to return duplicate responses for an already seen request - add trusted invitation logic to tor browser integration: https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/42974 - Work on outstanding milestone issues: in particular: https://gitlab.torproject.org/tpo/anti-censorship/lox/-/issues/69 - key rotation automation Later: - begin implementing some preliminary user feedback mechanism to identify bridge blocking based on Vecna's work - improve metrics collection/think about how to show Lox is working/valuable - sketch out Lox blog post/usage notes for forum (long term things were discussed at the meeting!): https://pad.riseup.net/p/tor-ac-community-azaleas-room-keep - brainstorming grouping strategies for Lox buckets (of bridges) and gathering context on how types of bridges are distributed/use in practice Question: What makes a bridge usable for a given user, and how can we encode that to best ensure we're getting the most appropriate resources to people? 1. Are there some obvious grouping strategies that we can already consider? e.g., by PT, by bandwidth (lower bandwidth bridges sacrificed to open-invitation buckets?), by locale (to be matched with a requesting user's geoip or something?) 2. Does it make sense to group 3 bridges/bucket, so trusted users have access to 3 bridges (and untrusted users have access to 1)? More? Less? theodorsm: 2024-08-22 Last weeks: - Expose hooks in pion/webrtc library Next weeks: - Update Snowflake to use latest pion upstream releases (DTLS: v3 and WebRTC: beta v4) - Test Snowflake fork with covert-dtls - Condensing thesis into paper Help with: - Feedback on thesis Facilitator Queue: onyinyang shelikhoo meskio 1. First available staff in the Facilitator Queue will be the facilitator for the meeting 2. After facilitating the meeting, the facilitator will be moved to the tail of the queue -- meskio | https://meskio.net/ -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- My contact info: https://meskio.net/crypto.txt -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Nos vamos a Croatan.

1 0

Anti-censorship team meeting notes, 2024-08-22
by Shelikhoo 22 Aug '24

22 Aug '24

Hey everyone! Here are our meeting logs: http://meetbot.debian.net/tor-meeting/2024/tor-meeting.2024-08-22-16.00.html And our meeting pad: Anti-censorship work meeting pad -------------------------------- Anti-censorship -------------------------------- Next meeting: Thursday, August 29 16:00 UTC Facilitator: meskio ^^^(See Facilitator Queue at tail) Weekly meetings, every Thursday at 16:00 UTC, in #tor-meeting at OFTC (channel is logged while meetings are in progress) This week's Facilitator: shelikhoo == Goal of this meeting == Weekly check-in about the status of anti-censorship work at Tor. Coordinate collaboration between people/teams on anti-censorship at the Tor Project and Tor community. == Links to Useful documents == * Our anti-censorship roadmap: * Roadmap:https://gitlab.torproject.org/groups/tpo/anti-censorship/-/boards * The anti-censorship team's wiki page: * https://gitlab.torproject.org/tpo/anti-censorship/team/-/wikis/home * Past meeting notes can be found at: * https://lists.torproject.org/pipermail/tor-project/ * Tickets that need reviews: from projects, we are working on: * All needs review tickets: * https://gitlab.torproject.org/groups/tpo/anti-censorship/-/merge_requests?s… * Project 158 <-- meskio working on it * https://gitlab.torproject.org/groups/tpo/anti-censorship/-/issues/?label_na… == Announcements == * == Discussion == - Snowflake debian package is outdated: - Is there a plan for updates? If AC-Team wants to increase the number of snowflake standalone proxies, we need to maintain deb packages. Should we start a call for maintainers? If so, what are the requirements? - MR: https://gitlab.torproject.org/tpo/web/community/-/merge_requests/386/diffs Please note that every new string added to the community portal is localized. If this is a temporary issue, I don't think it worth merging it. (gus) - we do plan to update it but it will take some months, there will be work as part of P146 * https://github.com/eyedeekay/blizzard/ "Blizzard: The I2P Snowflake donor Plugin" * should we ask them to use a diferent identifier than "standalone" to find them in the stats? * meskio will open an issue on their side to ask them to use a different name * https://github.com/eyedeekay/blizzard/issues/5 * meskio has archived https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… * hasn't being updated in 3 years * no complains for now * PT binary size updates * https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/42607 * Remove conjure from android as a last resort * Manifest V3 Deployment pending, will proceed on next week == Actions == == Interesting links == == Reading group == * We will discuss "Bridging Barriers: A Survey of Challenges and Priorities in the Censorship Circumvention Landscape" on Aug 22, 2024 * PDF at https://www.usenix.org/conference/usenixsecurity24/presentation/xue-bridging * Questions to ask and goals to have: * What aspects of the paper are questionable? * Are there immediate actions we can take based on this work? * Are there long-term actions we can take based on this work? * Is there future work that we want to call out in hopes that others will pick it up? == Updates == Name: This week: - What you worked on this week. Next week: - What you are planning to work on next week. Help with: - Something you need help with. cecylia (cohosh): 2024-08-22 Last week: - worked with applications team on reducing PT binary size - https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… - https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/merge_re… - lots of reviews and gitlab todo items - ttp grant writing for conjure work This week: - finish backlog of reviews and todo items - take a look at snowflake web and webext translations and best practices - make changes to Lox encrypted bridge table - https://gitlab.torproject.org/tpo/anti-censorship/lox/-/merge_requests/147 Needs help with: dcf: 2024-08-22 Last week: - presented Snowflake research at USENIX Security 2024 https://www.usenix.org/conference/usenixsecurity24/presentation/bocovich https://www.bamsoftware.com/talks/snowflake-usenix2024/ - commented on exposing pollInterval in snowflake proxy API https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… - linked past "anti-fraud" issue to recent GFWeb research https://gitlab.torproject.org/tpo/anti-censorship/censorship-analysis/-/iss… - commented on adjusting copy buffer size in snowflake proxy https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… - sent email to authors to try and resolve obfs4/lyrebird naming confusion https://lists.torproject.org/pipermail/anti-censorship-team/2024-August/000… Next week: - open issue to have snowflake-client log whenever KCPInErrors is nonzero https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… - parent: https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… - open issue to disable /debug endpoint on snowflake broker - move snowflake-02 to new VM Help with: - tell me when to restart the brokers for https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… meskio: 2023-08-22 Last week: - deploy email distributors in rdsys in parallel with BridgeDB (rdsys#187) - test our new deployments - test ipv6 and webtunnel fake descriptors in rdsys-test (rdsys!365) - restart onionsprouts bot and investigate why it was not working (onionsproutsbot#62) - archive snowflake-mobile repo (snowflake-mobile#23) - investigate why gettor is not updating github and gitlab (rdsys#189) Next week: - don't distribute blocked-in bridges in moat and https (rdsys#204) - gettor updater should send links to github/gitlab (rdsys#189) Shelikhoo: 2024-08-22 Last Week: - Chrome Manifest V3 transition: https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… - Merge request reviews Next Week/TODO: - Merge request reviews - Release Manifest V3 onyinyang: 2023-08-22 Last week(s): - continue with key rotation integration work Next week: - continue with key rotation integration work - collect issues and TODOs for all Lox work that needs to be done before deployment - add trusted invitation logic to tor browser integration: https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/42974 - Work on outstanding milestone issues: in particular: https://gitlab.torproject.org/tpo/anti-censorship/lox/-/issues/69 - key rotation automation Later: - begin implementing some preliminary user feedback mechanism to identify bridge blocking based on Vecna's work - improve metrics collection/think about how to show Lox is working/valuable - sketch out Lox blog post/usage notes for forum (long term things were discussed at the meeting!): https://pad.riseup.net/p/tor-ac-community-azaleas-room-keep - brainstorming grouping strategies for Lox buckets (of bridges) and gathering context on how types of bridges are distributed/use in practice Question: What makes a bridge usable for a given user, and how can we encode that to best ensure we're getting the most appropriate resources to people? 1. Are there some obvious grouping strategies that we can already consider? e.g., by PT, by bandwidth (lower bandwidth bridges sacrificed to open-invitation buckets?), by locale (to be matched with a requesting user's geoip or something?) 2. Does it make sense to group 3 bridges/bucket, so trusted users have access to 3 bridges (and untrusted users have access to 1)? More? Less? theodorsm: 2024-08-22 Last weeks: - Expose hooks in pion/webrtc library Next weeks: - Update Snowflake to use latest pion upstream releases (DTLS: v3 and WebRTC: beta v4) - Test Snowflake fork with covert-dtls - Condensing thesis into paper Help with: - Feedback on thesis Facilitator Queue: meskio onyinyang shelikhoo 1. First available staff in the Facilitator Queue will be the facilitator for the meeting 2. After facilitating the meeting, the facilitator will be moved to the tail of the queue

1 0

Anti-censorship team meeting notes, 2024-08-15
by onyinyang 19 Aug '24

19 Aug '24

Hey everyone! Sorry for the delay in getting the meeting notes sent out from Thursday. Here are our meeting logs: http://meetbot.debian.net/tor-meeting/2024/tor-meeting.2024-08-15-16.00.html And our meeting pad: Anti-censorship work meeting pad -------------------------------- Anti-censorship -------------------------------- Next meeting: Thursday, August 22 16:00 UTC Facilitator: shelikhoo ^^^(See Facilitator Queue at tail) Weekly meetings, every Thursday at 16:00 UTC, in #tor-meeting at OFTC (channel is logged while meetings are in progress) This week's Facilitator: onyinyang == Goal of this meeting == Weekly check-in about the status of anti-censorship work at Tor. Coordinate collaboration between people/teams on anti-censorship at the Tor Project and Tor community. == Links to Useful documents == * Our anti-censorship roadmap: * Roadmap:https://gitlab.torproject.org/groups/tpo/anti-censorship/-/boards * The anti-censorship team's wiki page: * https://gitlab.torproject.org/tpo/anti-censorship/team/-/wikis/home * Past meeting notes can be found at: * https://lists.torproject.org/pipermail/tor-project/ * Tickets that need reviews: from projects, we are working on: * All needs review tickets: * https://gitlab.torproject.org/groups/tpo/anti-censorship/-/merge_requests?s… * Project 158 <-- meskio working on it * https://gitlab.torproject.org/groups/tpo/anti-censorship/-/issues/?label_na… == Announcements == * == Discussion == == Actions == == Interesting links == * It's important to choose good function names – you never know when one will be immortalized in print! * https://cs.uwaterloo.ca/~dbarrada/papers/kon_sec24.pdf#page=8 * "We also added a /add handler to the proxy's HTTP server to enable direct reception of SDP offers from clients, using the existing makePeerConnectionFromOffer function for client connection." * makePeerConnectionFromOffer has been there since 2017: https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… * https://github.com/unknown-cstdio/iceball "A fork of snowflake that works as standalone proxy hosted in spot vm" * https://github.com/xvzc/SpoofDPI * https://github.com/eyedeekay/blizzard/ "Blizzard: The I2P Snowflake donor Plugin" == Reading group == * We will discuss "Bridging Barriers: A Survey of Challenges and Priorities in the Censorship Circumvention Landscape" on Aug 22, 2024 * PDF at * https://lists.torproject.org/pipermail/anti-censorship-team/attachments/202… * Questions to ask and goals to have: * What aspects of the paper are questionable? * Are there immediate actions we can take based on this work? * Are there long-term actions we can take based on this work? * Is there future work that we want to call out in hopes that others will pick it up? == Updates == Name: This week: - What you worked on this week. Next week: - What you are planning to work on next week. Help with: - Something you need help with. cecylia (cohosh): 2024-08-08 Last week: - reviewed snowflake mv3 changes - checked on snowflake proxy counts - https://gitlab.torproject.org/tpo/anti-censorship/team/-/issues/142 - looked into logged pion library errors This week: - take a look at snowflake web and webext translations and best practices - make changes to Lox encrypted bridge table - https://gitlab.torproject.org/tpo/anti-censorship/lox/-/merge_requests/147 Needs help with: dcf: 2024-08-10 Last week: - opened minor issue for chaning error messages from %v to %w https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… - reviewed snowflake unreliable+unordered data channels rev2 https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… - snowflake azure CDN bookkeeping https://gitlab.torproject.org/tpo/anti-censorship/team/-/wikis/Snowflake-co… Next week: - open issue to have snowflake-client log whenever KCPInErrors is nonzero https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… - parent: https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… - open issue to disable /debug endpoint on snowflake broker - move snowflake-02 to new VM Help with: - tell me when to restart the brokers for https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… meskio: 2023-08-15 Last week: - partially AFK - tag a new rdsys version 0.13 - find issues with rdsys and tag 0.13.1 (rdsys!357) - deploy https distributor (rdsys#214) - prepare and give a talk about S96 Next week: - deploy email distributors in rdsys in parallel with BridgeDB (rdsys#187) - test our new deployments Shelikhoo: 2024-08-01 Last Week: - Chrome Manifest V3 transition: https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… - Merge request review - Merge request reviews Next Week/TODO: - Merge request reviews - (AFK: DWebCamp) - Usenix Security Conference onyinyang: 2023-08-15 Last week(s): - vacation - continued with key rotation integration work Next week: - continue with key rotation integration work - add trusted invitation logic to tor browser integration: https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/42974 - Work on outstanding milestone issues: in particular: https://gitlab.torproject.org/tpo/anti-censorship/lox/-/issues/69 - key rotation automation Later: - begin implementing some preliminary user feedback mechanism to identify bridge blocking based on Vecna's work - improve metrics collection/think about how to show Lox is working/valuable - sketch out Lox blog post/usage notes for forum (long term things were discussed at the meeting!): https://pad.riseup.net/p/tor-ac-community-azaleas-room-keep - brainstorming grouping strategies for Lox buckets (of bridges) and gathering context on how types of bridges are distributed/use in practice Question: What makes a bridge usable for a given user, and how can we encode that to best ensure we're getting the most appropriate resources to people? 1. Are there some obvious grouping strategies that we can already consider? e.g., by PT, by bandwidth (lower bandwidth bridges sacrificed to open-invitation buckets?), by locale (to be matched with a requesting user's geoip or something?) 2. Does it make sense to group 3 bridges/bucket, so trusted users have access to 3 bridges (and untrusted users have access to 1)? More? Less? theodorsm: 2024-08-15 Last weeks: Next weeks: - Update Snowflake to use latest pion upstream releases (DTLS: v3 and WebRTC: beta v4) - Test Snowflake fork with covert-dtls - Condensing thesis into paper Help with: - Feedback on thesis Facilitator Queue: onyinyang shelikhoo meskio 1. First available staff in the Facilitator Queue will be the facilitator for the meeting 2. After facilitating the meeting, the facilitator will be moved to the tail of the queue -- --- onyinyang GPG Fingerprint 3CC3 F8CC E9D0 A92F A108 38EF 156A 6435 430C 2036

1 0