- tor-project - lists.torproject.org

Rhatto's Monthly Status Report, October 2023
by rhatto 01 Nov '23

01 Nov '23

Hi all :) This is my monthly status report for October 2023 with the main relevant activities I have done during the period. ## 0. Research ### Onion Plan * Renamed section "Roadmaps" to "Scenarios", since The Onion Plan is not an authoritative instance for defining roadmaps. Instead, it merely produces research studies and scenarios: https://tpo.pages.torproject.net/onion-services/onionplan * Started to work again on Onion Discovery, trying to draft a plan for it. More info about discovery is available at https://tpo.pages.torproject.net/onion-services/onionplan/proposals/usabili… https://tpo.pages.torproject.net/onion-services/onionplan/scenarios/discove… * Other minor improvements. ### Tor Browser Quality Assurance for Onion Services * Did a presentation during the Applications Team meetup: https://gitlab.torproject.org/tpo/applications/team/-/wikis/Goteburg-2023-M… * Ongoing QA activities. ## 1. Development ### Onionbalance * Basic maintenance, including contact info update, fixing the GitHub mirror, adding GitLab CI and other improvements to avoid bit rotting: https://gitlab.torproject.org/tpo/onion-services/onionbalance/activity ### Onion MkDocs * General enhancements: https://gitlab.torproject.org/rhatto/onion-mkdocs/activity ## 2. Support ### Maintenance * Ongoing sponsored work with deployment, maintenance and monitoring of Onion Services. ## 3. Organization Time spent (from the total available for Tor-related work): | Category | Percentage |---------------|------------ | Research | 44 | Development | 6 | Support | 13 | Organization | 37 |---------------|------------ | Total | 100 -- Silvio Rhatto pronouns he/him

1 0

PieroV's Monthly Status Report, October 2023
by Pier Angelo Vendrame 01 Nov '23

01 Nov '23

Hi everyone! Here is my status report for October 2023. We have finally released Tor Browser 13.0. I prepared that release, and writing its changelog took me a surprising amount of time. The changes it contains are numerous; we hope you enjoy them! It's also the first release not to have Torbutton as a backend, and I've written a blog post about that [0]. In addition to that, in the first half of the month, I've been doing last-minute fixes, such as some preferences that we missed [1], a way to allow using Tor Browser with Tor set as a proxy but without connecting to the control port [2], fixed a build problem of Android that happened only with the release channel [3], and a few more. Speaking of Android, I also helped to find a way to improve its building time when we run our reproducible builds [4]. Then, I worked a little to make the DLL blocklist file obey the portable mode [5]. We haven't merged my proposed MR because it relied on Win32 APIs, but we might use std::filesystem instead to work around certain limitations. I haven't done that in the first place because Firefox used to disable it in libc++, but it has been enabled in Firefox 116, and we might do the same to our 115 ESR and revisit the patch. Last week, we were at the Mullvad offices for a team meeting. It was a very productive week, and we've taken a lot of notes. We've already published a first draft [6], but we might have to go back to it and do some more formatting and add any missing information. Finally, I've started hacking on Android because we want to bring the connection assist there as well. My dream is to unify our code base and handle both desktop and Android. It helps feature parity, it reduces the maintenance time, and in case of bugs, we can fix them on all our platforms at once. I'm not sure we'll do it for the front end eventually (there have been some discussions about that [7]), but even doing it only for the back end would be a great help. I've already managed to hook up a Tor daemon to the TorProvider I worked on last Summer and also to plumb the creation of a lyrebird instance for the domain fronting proxy. So, I'd expect it to be feasible, even though it'll take a while to create a polished patch. I plan to keep working on Android a little bit. I've done the first exploration because I implemented the desktop part, so I know very well, but I might pass it to someone else. Then, I might go back to Mullvad Browser packaging changes. Best, Pier [0] https://blog.torproject.org/torbutton-retired/ [1] https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/41496 [2] https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/42160 [3] https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/issues/4… [4] https://gitlab.torproject.org/tpo/applications/rbm/-/issues/40062 [5] https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/42163 [6] https://gitlab.torproject.org/tpo/applications/team/-/wikis/Goteburg-2023-M… [7] https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/41188

1 0

Online Tor's Hackweek - Nov 6th to Nov 19th, 2023
by Tyler Corn 31 Oct '23

31 Oct '23

Hi everyone 🙂 More friendly reminders about Hackweek (happening Nov 6th - 9th): (1) Like Pavel mentioned, don't forget to add your Hackweek project proposal to the issue queue in Gitlab this week (see Rhatto's Aug. 30 email below); (2) If you don't have a Hackweek documentation project proposal, you can join someone else's proposed project; (3) Next week's All Hands Meeting (November 1st) - (after the Finance Update) each Hackweek project proposer will have about 5 minutes to present their submitted project and everyone will have a chance to ask questions; and (4) Project proposers - be thinking about where your group will be meeting (BBB room?) during Hackweek (on Nov. 6th) and what time folks will start working on the projects. Thanks everyone! Best, Tyler On 8/30/2023 11:13 AM, rhatto wrote: Hi! The Tor Project and Tor community is going to be gathering online from November 6th to November 9th this year for a 4 days hackweek. ## About This is a call for projects for whoever wants to participate, put together a team and hack through one working week with us. In the context of this hackweek, a project is anything related to Tor documentation that you can work with other people in 4 days. It could be improving the documentation for a project, a tutorial or could also be a cartoon, a screencast or anything that do not necessary requires coding skills. You will work on this project during 4 days with other people in your team. This is an opportunity to discuss how documentation is working or not in your projects, as well as thinking, proposing, researching and testing solutions. Documentation is very important for any free software project as it is the way for people to start understanding the work we are doing, the way they can use our tools and start contributing with it. In the next All-Hands following the Hackweek we are going to have a demo in a Big Blue Button's room where your team will present the work you did through the hackweek. ## Timeline This will be the timeline for the hackweek this year: * Until Monday, November 6th: * Send hackweek project proposals to this issue queue: https://gitlab.torproject.org/tpo/community/hackweek/-/issues (please use the "Proposal" issue template for the ticket Description). * Before hackweek begins, start looking for other people to join your team. * In order to join a proposal you liked, subscribe yourself to it's ticket. * Wednesday, November 1st - 16:00 UTC: All-Hands session prior to the Hackweek were people/teams will present their project proposals for other people to join their team if they want to. * Monday, November 6th: Hackweek begins. People start working on whatever they want related to documentation. By this time, you should have a few members of your team already identified. Hack hack hack hack... in whatever way you organize yourself. We will have the room #tor in irc.oftc.net to discuss general hackweek things. * Thursday, November 9th: Hackweek ends. * Wednesday, November 15th - 16:00 UTC: Each team presents the work they did in the All-Hands session happening after the Hackweek. ## Projects The updated list of projects will be available at https://gitlab.torproject.org/tpo/community/hackweek/-/issues. Each project can have one pad (you can usehttps://pad.riseup.net) and also use it's ticket to add all information that people need to add themselves to that project. ## References For best practices on documentation, we recommend the following material: * Diátaxis, "The Grand Unified Theory of Documentation": https://diataxis.fr/ * How to pick up a project with an audit: https://bluesock.org/~willkg/blog/dev/auditing_projects.html cheers, -- Silvio Rhatto pronouns he/him

1 1

Tor Browser Meeting Cancelled 2023-10-30
by richard 27 Oct '23

27 Oct '23

Hey Everyone, I think we've met enough for one week, so let's cancel our meeting next week and think about things that are not browser related. The next meeting will be the following week, 2023-11-06 at 1500 UTC in OFTC IRC per usual. best, -richard

1 0

Anti-censorship team meeting notes, 2023-10-26
by meskio 26 Oct '23

26 Oct '23

Hey everyone! Here are our meeting logs: http://meetbot.debian.net/tor-meeting/2023/tor-meeting.2023-10-26-15.57.html And our meeting pad: Anti-censorship -------------------------------- Next meeting: Thursday, Nov 2 16:00 UTC Facilitator: shelikhoo Weekly meetings, every Thursday at 16:00 UTC, in #tor-meeting at OFTC (channel is logged while meetings are in progress) This week's Facilitator: meskio == Goal of this meeting == Weekly check-in about the status of anti-censorship work at Tor. Coordinate collaboration between people/teams on anti-censorship at the Tor Project and Tor community. == Links to Useful documents == * Our anti-censorship roadmap: * Roadmap: https://gitlab.torproject.org/groups/tpo/anti-censorship/-/boards * The anti-censorship team's wiki page: * https://gitlab.torproject.org/tpo/anti-censorship/team/-/wikis/home * Past meeting notes can be found at: * https://lists.torproject.org/pipermail/tor-project/ * Tickets that need reviews: from sponsors, we are working on: * All needs review tickets: * https://gitlab.torproject.org/groups/tpo/anti-censorship/-/merge_requests?s… * Sponsor 96 <-- meskio, shell, onyinyang, cohosh * https://gitlab.torproject.org/groups/tpo/-/milestones/24 * Sponsor 150 <-- meskio working on it * https://gitlab.torproject.org/groups/tpo/anti-censorship/-/issues/?label_na… == Announcements == == Discussion == * Fastly to block domain fronting in February 2024 https://lists.torproject.org/pipermail/anti-censorship-team/2023-October/00… * azure is closing domain front support next month * there are some alternatives to domain fronting we could use (ampcache or tapdance), but it might be trickier to integrate with moat * cohosh will investigate if cnd77, netlify or akamai are alternatives we could use * let's stress tests ampcache using it in one of our default bridges * we can add metrics to the broker to know if the clients come from ampcache or domain front * don't reject unrestricted client if there are no restricted proxies * https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… * we'll merge it, it should not affect our deployment == Actions == == Interesting links == * webtunnel testers call out: * https://forum.torproject.org/t/call-for-testers-webtunnel-a-new-way-to-bypa… * blog post of the sponsor 30 code audit * https://blog.torproject.org/security-audit-report-tor-browser-ooni/ * New paper PTPerf: On the Performance Evaluation of Tor Pluggable Transports: https://dl.acm.org/doi/10.1145/3618257.3624817 == Reading group == * We will discuss "On Precisely Detecting Censorship Circumvention in Real-World Networks" on November 9 * https://www.robgjansen.com/publications/precisedetect-ndss2024.html * Questions to ask and goals to have: * What aspects of the paper are questionable? * Are there immediate actions we can take based on this work? * Are there long-term actions we can take based on this work? * Is there future work that we want to call out in hopes that others will pick it up? == Updates == Name: This week: - What you worked on this week. Next week: - What you are planning to work on next week. Help with: - Something you need help with. cecylia (cohosh): 2023-10-26 Last week: - reviewed duplication fix for lox-distributor (lox!42) - deployed lox distributor, finally :) (rdsys#167) - updated rdsys survival guide - https://gitlab.torproject.org/tpo/anti-censorship/team/-/wikis/Survival-Gui… - reviewed snowflake outbound proxy support (snowflake!200) - opened issue for regression in client since !182 - https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… - rebased lox tor browser UX integration to continue working on that This week: - fix snowflake regression (snowflake#40301) - lox tor browser UX integration - follow up on conjure reliability issues - visualize and write up some snowflake shadow simulation results Needs help with: dcf: 2023-10-26 Last week: Next week: - revise encapsulation.ReadData redesign to return an error in the case of a short buffer https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… - open issue to have snowflake-client log whenever KCPInErrors is nonzero https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… - parent: https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… - open issue to disable /debug endpoint on snowflake broker Before EOY 2023: - move snowflake-02 to new VM Help with: meskio: 2023-10-26 Last week: - test the whatsapp bot (rdsys#147) - investiage a failure on telegram bot, was on applications side (onionsproutsbot#54) - some lox merge request reviews (lox!62 !68) Next week: - set up staging server for rdsys (rdsys#170) Shelikhoo: 2023-10-26 Last Week: - [Merge Request Merged] Add SOCKS5 forward proxy support to snowflake (snowflake!64) (continue) (https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow…) - Work on snowflake performance improvement - Finialize alert for log collector https://gitlab.torproject.org/tpo/tpa/prometheus-alerts/-/merge_requests/37… - [Merge Request Reviews] lots of... Next Week/TODO: - Write Tor Spec for Armored URL (continue) - Work on snowflake performance improvement - Merge request reviews onyinyang: 2023-10-26 Last week(s): - Finalized a bunch of existing MRs including zkp crate fixes - these are now merged into lox! - Added to metrics, nearly finished This week: - Finish up metrics - Add functionality to handle blocked bridges in a single location for MVP - Start work on telegram distributor bot for Lox - Fix flakey test if time (long term things were discussed at the meeting!): https://pad.riseup.net/p/tor-ac-community-azaleas-room-keep - brainstorming grouping strategies for Lox buckets (of bridges) and gathering context on how types of bridges are distributed/use in practice Question: What makes a bridge usable for a given user, and how can we encode that to best ensure we're getting the most appropriate resources to people? 1. Are there some obvious grouping strategies that we can already consider? e.g., by PT, by bandwidth (lower bandwidth bridges sacrificed to open-invitation buckets?), by locale (to be matched with a requesting user's geoip or something?) 2. Does it make sense to group 3 bridges/bucket, so trusted users have access to 3 bridges (and untrusted users have access to 1)? More? Less? -- meskio | https://meskio.net/ -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- My contact info: https://meskio.net/crypto.txt -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Nos vamos a Croatan.

1 0

Anti-censorship team meeting notes, 2023-10-19
by onyinyang 19 Oct '23

19 Oct '23

Hey everyone! Here are our meeting logs: http://meetbot.debian.net/tor-meeting/2023/tor-meeting.2023-10-19-15.59.html And our meeting pad: Anti-censorship work meeting pad -------------------------------- ------------------------------------------------------------------------------------ THIS IS A PUBLIC PAD ------------------------------------------------------------------------------------ Anti-censorship -------------------------------- Next meeting: Thursday, Oct 26 16:00 UTC Facilitator: meskio Weekly meetings, every Thursday at 16:00 UTC, in #tor-meeting at OFTC (channel is logged while meetings are in progress) This week's Facilitator: onyinyang == Goal of this meeting == Weekly check-in about the status of anti-censorship work at Tor. Coordinate collaboration between people/teams on anti-censorship at the Tor Project and Tor community. == Links to Useful documents == * Our anti-censorship roadmap: * Roadmap: https://gitlab.torproject.org/groups/tpo/anti-censorship/-/boards * The anti-censorship team's wiki page: * https://gitlab.torproject.org/tpo/anti-censorship/team/-/wikis/home * Past meeting notes can be found at: * https://lists.torproject.org/pipermail/tor-project/ * Tickets that need reviews: from sponsors, we are working on: * All needs review tickets: * https://gitlab.torproject.org/groups/tpo/anti-censorship/-/merge_requests?s… * Sponsor 96 <-- meskio, shell, onyinyang, cohosh * https://gitlab.torproject.org/groups/tpo/-/milestones/24 * Sponsor 150 <-- meskio working on it * https://gitlab.torproject.org/groups/tpo/anti-censorship/-/issues/?label_na… == Announcements == * A poll to set a date for a 'Future of PTs' voice conversation * https://www.systemli.org/poll/#/poll/YRRF8K19Bq/evaluation?encryptionKey=e1… * Times in UTC == Discussion == (Oct 12) * Armored Bridge line Spec(Oct-19: let's discuss again) https://gitlab.torproject.org/tpo/anti-censorship/team/-/issues/126#note_29… * the spec is ready to review * we'll discuss it next week * examples of bridgelines and their encoding will be handy * currently is not possible with goptlib to publish non-ascii bridgelines, we seem to be safe to assume ASCII bridgelines * SmethodArgs calls encodeSmethodArgs, which does not do anything to escape non-ASCII bytes, then the line function calls argIsSafe to check the encoded line for non-ASCII before allowing it to be printed https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/gopt… https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/gopt… https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/gopt… * we'll use brdg.es as domain name for urls * snowflake broker restart(deployment) needed, and deletion of ip-count-mask key https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… * shelikhoo will tag a snowflake version and deploy it * v2.7.0 has been deployed https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… * still need destruction of ip masking key https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… == Actions == == Interesting links == * "On Precisely Detecting Censorship Circumvention in Real-World Networks" * https://www.robgjansen.com/publications/precisedetect-ndss2024.html * develops new classifiers for Snowflake rendezvous and data transfer, among other things * "Covertness Analysis of Snowflake Proxy Request" * https://ieeexplore.ieee.org/document/10152736 * https://github.com/Xanole/SnowDT * "TorKameleon: Improving Tor's Censorship Resistance With K-anonymization and Media-based Covert Channels" * https://arxiv.org/abs/2303.17544 * https://github.com/AfonsoVilalonga/TorKameleon * https://restoreprivacy.com/torkameleon-strengthening-tor-against-deanonymiz… * uses WebRTC Encoded Transforms for efficient encoding of data into WebRTC media streams (rather than data channels), which we have discussed before for Snowflake: * https://lists.torproject.org/pipermail/anti-censorship-team/2023-February/0… * https://github.com/AfonsoVilalonga/TorKameleon/blob/c6ef7116043dfd74701ddb6… * const transformStream = new TransformStream * https://github.com/AfonsoVilalonga/TorKameleon/blob/c6ef7116043dfd74701ddb6… * if (encodedFrame instanceof RTCEncodedVideoFrame && enconding.length > 0) == Reading group == * We will discuss "On Precisely Detecting Censorship Circumvention in Real-World Networks" on November 9 * https://www.robgjansen.com/publications/precisedetect-ndss2024.html * Questions to ask and goals to have: * What aspects of the paper are questionable? * Are there immediate actions we can take based on this work? * Are there long-term actions we can take based on this work? * Is there future work that we want to call out in hopes that others will pick it up? == Updates == Name: This week: - What you worked on this week. Next week: - What you are planning to work on next week. Help with: - Something you need help with. cecylia (cohosh): 2023-10-19 Last week: - reviewed lox!51 - commented on snowflake!187 - commented on conjure#28 - attended meeting on PT-tor integration This week: - deploy lox distributor - follow up on conjure reliability issues - visualize and write up some snowflake shadow simulation results Needs help with: dcf: 2023-10-19 Last week: - commented on tor incorrectly reporting PT metrics since 0.4.8.4 https://gitlab.torproject.org/tpo/core/tor/-/issues/40871#note_2954288 - closed an obsolete uTLS-in-Snowflake issue https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… - commented on reported "Unexpectedly high use successes counts" with snowflake-02 https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/42161#n… - read some new snowflake-related papers (see Interesting Links) Next week: - revise encapsulation.ReadData redesign to return an error in the case of a short buffer https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… - open issue to have snowflake-client log whenever KCPInErrors is nonzero https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… - parent: https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… - open issue to disable /debug endpoint on snowflake broker Before EOY 2023: - move snowflake-02 to new VM Help with: meskio: 2023-10-19 Last week: - look at win7 lyrebrid crash in Tor Browser (tor-browser#42179) - debug renovate bot issues in rdsys and snowflake (snowflake!199) - deploy the latest onionsproutsbot and update translations (onionsproutsbot#53) - review lox rdsys integration (lox-rs!24) - write Sponsor 96 report - fail to get a phone number to register the whatsapp bot Next week: - test the whatsapp bot (rdsys#147) Shelikhoo: 2023-10-12 Last Week: - [Merge Request] Add SOCKS5 forward proxy support to snowflake (snowflake!64) (continue): proceed to rebase (https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow…) - [Merge Request Done] Refine argument error processing in WebTunnel server(https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transpor… - [Merge Request Done] Release Snowflake 2.7.0(https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transport… - [Deployment] Snowflake Broker Deployment 23-10-16 (https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow…) - [Merge Request Reviews] lots of... Next Week/TODO: - Write Tor Spec for Armored URL (continue) - Begin to work on snowflake performance improvement - Merge request reviews onyinyang: 2023-10-19 Last week(s): - Continued with metrics - Added functionality for a MAX_DAILY_BRIDGES (the number of bridges that can be distributed each day) - Found some bugs in static-resources MR and updated it after review This week: - Hopefully finish up metrics work - Start work on telegram distributor bot for Lox - Add functionality to handle blocked bridges in a single location for MVP (long term things were discussed at the meeting!): https://pad.riseup.net/p/tor-ac-community-azaleas-room-keep - brainstorming grouping strategies for Lox buckets (of bridges) and gathering context on how types of bridges are distributed/use in practice Question: What makes a bridge usable for a given user, and how can we encode that to best ensure we're getting the most appropriate resources to people? 1. Are there some obvious grouping strategies that we can already consider? e.g., by PT, by bandwidth (lower bandwidth bridges sacrificed to open-invitation buckets?), by locale (to be matched with a requesting user's geoip or something?) 2. Does it make sense to group 3 bridges/bucket, so trusted users have access to 3 bridges (and untrusted users have access to 1)? More? Less? -- --- onyinyang GPG Fingerprint 3CC3 F8CC E9D0 A92F A108 38EF 156A 6435 430C 2036

1 0

Tor's annual fundraising campaign launches today 💜
by Al Smith 16 Oct '23

16 Oct '23

Hello Tor world! Today is the launch of our annual year-end fundraising campaign. If you’ve been a Tor supporter for a while, you probably know that this is the moment we add a new message to about:tor, a banner to the torproject.org sites, and use our social channels to highlight how your support empowers people all over the world to exercise their right to privacy. This year we’re keeping our message simple: *if you value the privacy that Tor provides to yourself or to other people, please make a donation.* Support from the community ensures that the Tor Project remains strong on an organizational level, and that the ecosystem of Tor services and tools continue to reach the people who need privacy online the most. Please check out our latest campaign here: https://blog.torproject.org/2023-fundraiser-make-a-donation-to-Tor/ The newest Tor t-shirt here: https://donate.torproject.org And spread the word! Thank you for the ongoing support. Al -- Al Smith (they/them) Fundraising Director The Tor Project My working hours may not be your working hours. If I message you outside of your working hours, know that I do not expect an immediate response and that I support your right to disconnect.

1 0

OONI Monthly Report: September 2023
by Maria Xynou 16 Oct '23

16 Oct '23

Hello, This email shares OONI's monthly report for September 2023. *# OONI Monthly Report: September 2023* Throughout September 2023, the OONI team worked on the following sprints: * Sprint 99 (1st - 10th September 2023) * Sprint 100 (11th - 24th September 2023) * Sprint 101 (25th - 30th September 2023) Our work can be tracked through the various OONI GitHub repositories: https://github.com/ooni Highlights are shared in this report below. *## New research collaboration* In September 2023, we formed a new research collaboration with the GLITCH Research Interest Group (https://glitch.oii.ox.ac.uk/) at the Oxford Internet Institute, a department of the University of Oxford. This involves collaboration on the GLITCH Dashboard (on the interdisciplinary study of information controls) and the exchange of knowledge and expertise on Internet censorship. *## Published report on Grindr blocking in Jordan* In collaboration with My Kali Magazine, we published a new report on the blocking of Grindr in Jordan ("Grindr blocked in Jordan: Shrinking LGBTQ spaces"). Read the report here: https://ooni.org/post/2023-jordan-blocks-grindr/ Our report shares OONI data on the ongoing blocking of Grindr in Jordan. As of 8th August 2023, OONI data shows that access to Grindr (both the website and app) is blocked by means of TLS interference. According to Grindr, the block impacts their public health strategy as their Grindr for Equality program has played an important role in addressing the HIV epidemic in Jordan. *## OONI Probe Mobile* Throughout September 2023, we worked on improvements to the OONI Probe mobile app. Specifically, on OONI Probe iOS, we worked on bug fixes related to upload buttons (https://github.com/ooni/probe/issues/2487) and displaying the “upload measurement” toast ( https://github.com/ooni/probe/issues/2511) On OONI Probe Android, we worked on supporting the optional grouping of results ( https://github.com/ooni/probe-android/pull/613) and addressing a dashboard glitch (https://github.com/ooni/probe-android/pull/612) We also worked on addressing the inconsistent handling of empty OONI Run links on Android and iOS (https://github.com/ooni/probe/issues/2514) In preparation for the launch (October 2023), we worked on final improvements to the “News Media Scan” Android app that we have been developing in collaboration with Deutsche Welle (DW). *## Published OONI Probe user guides in Vietnamese* Thanks to Nathan Tran, the OONI Probe user guides are now available in Vietnamese! The Vietnamese user guides are available below: * OONI Probe Mobile: https://ooni.org/vi/support/ooni-probe-mobile/ * OONI Probe Desktop: https://ooni.org/vi/support/ooni-probe-desktop/ *## Translation of OONI documentation* Thanks to Nathan Tran, the OONI Frequently Asked Questions (FAQ) documentation is now available in Vietnamese: https://ooni.org/vi/support/faq/ Thanks to our Senegalese partner, Computech Institute ( https://ooni.org/partners/computech/) the OONI Risks documentation is now available in French: https://ooni.org/fr/about/risks/ *## OONI Run* As part of our work on creating the next generation version of OONI Run (“OONI Run v.2”), we continued working on adding UI support to OONI Probe Android for displaying OONI Run v.2 link descriptors based on the API ( https://github.com/ooni/probe-android/pull/582) We also added core support for OONI Run v.2 to OONI Probe iOS ( https://github.com/ooni/probe-ios/pull/533) As part of this, we added support for fetch descriptors, save/update descriptors, and for a run descriptor with existing test suites for running tests ( https://github.com/ooni/probe/issues/2471) *## OONI Probe CLI* We continued working towards facilitating A/B comparison of Web Connectivity v0.4 and Web Connectivity v0.5. To this end, we adapted all the v0.4 QA tests, which previously used the Jafar tool, to use the new netem QA framework. We are now well positioned to compare v0.4 and v0.5 in complex censorship scenarios and make sure there are no regressions ( https://github.com/ooni/probe/issues/2525, https://github.com/ooni/probe/issues/1803) The changes to OONI Probe CLI as part of this work can be found here: https://github.com/ooni/probe-cli/compare/f0f9b5f7...2051a2d3 We redesigned how OONI Probe communicates with the OONI backend and the Web Connectivity Test Helpers (THs) to increase reliability and performance. Specifically, we created a specific TLS and HTTPS network stack for performing these operations that relies on the concept of “beacons”. A beacon is a known-in-advance IP address that allows communicating with the backend or the THs and with which OONI Probe can use arbitrary SNI values. Refactoring OONI Probe CLI to add support for beacons touched upon several areas of the implementation. Roughly speaking, we can divide this work into four major activities: 1) Creating a custom TLS dialer and HTTP/HTTPS stack for communicating with backends and test helpers to avoid mixing measuring-specific and operational concerns; 2) Recognizing that the availability of a custom stack for these interactions opens up nearly for free the possibility of using HTTP/HTTPS proxies for OONI Probe; 3) Adapting the custom TLS dialer and HTTP/HTTPS stack to have a more complex notion of what it should connect to, which is more complex than just knowing domain names and the resulting IP addresses, and includes several “tactics” where each tacting may incorporate knowledge from DNS lookups, prior knowledge about well-known IP addresses, alternative SNIs to use, and knowledge about what OONI Probe knows to be working well; 4) Recognising that some properties of the new TLS dialer may, in the future, cause issues with our probe-IP-address scrubbing policy, and proactively applying changes to be sure that we are not going to include any IPv4 or IPv6 addresses and endpoints into the HTTP body and HTTP header value of submitted OONI measurements. A more detailed description of this work is available here: https://github.com/ooni/probe/issues/2531#issuecomment-1743087781 *## Creating a Censorship Incident Reporting Platform* As part of our ongoing work on the (new) Censorship Incident Reporting Platform, we refactored the code (https://github.com/ooni/explorer/pull/862) and moved the new components to our component library ( https://github.com/ooni/design-system/pull/163) We tested the latest version of the platform to identify further opportunities for improvements. We also continued to make progress on identifying censorship events (along with relevant OONI data) to be published as reports on the platform once launched. *## OONI backend* We began adding support for the compression of measurements ( https://facebook.github.io/zstd/) uploaded in the API. This will significantly improve the measurement submission speed and reduce the impact of the probe on slow networks. This is especially useful for OONI Probe users running tests in environments with poor network performance. We cleaned up a significant amount of disk space on the backend host by removing query logs. We also created a Jupyter notebook to better investigate high query load on the database. The txexitmap tool has been extended to integrate with OONI’s infrastructure (support ClickHouse, generate metrics and alerts ,etc). We started updating the backend hosts, CI and development containers to Debian Bookworm. This is expected to provide security and performance benefits and newer libraries and tools. *### Enabling circumvention* Following the blocking of OONI in China in July 2023 ( https://ooni.org/post/2023-china-blocks-ooni/) we have been working towards boosting circumvention support and making OONI Probe more resilient to blocking. As part of this process, we have been evaluating many options (each with different trade-offs). We prepared an internal design document describing a probe bootstrap process using STUN. This will increase the reliability of the probes on highly censored networks and provide a method for circumvention. We started deploying the forwarding of "OONI bridges" that provide circumvention in the event that OONI services are blocked by means of SNI-based or DNS-based filtering, simplifying the process of probe bootstrap and measurement submission. They also provide better reliability for the test helpers by doing active load balancing. We tested load balancing in Nginx and Haproxy and selected the latter. *## New ECH experiment contributed to OONI by CIS India* In September 2023, Divyank Katira from CIS India ( https://ooni.org/partners/cis-india/) published a blog post describing the new Encrypted Client Hello (ECH) blocking experiment that they contributed to OONI last year: https://cis-india.org/internet-governance/blog/detecting-encrypted-client-h… We worked towards integrating this experiment as part of the experimental suite of the OONI Probe apps: https://github.com/ooni/probe-cli/pull/1217 *## OONI Community Interviews* We have an “OONI Community Interviews” series on our YouTube channel ( https://www.youtube.com/watch?v=Pam2UQoZ1qM&list=PL1sH9kYR-16nlPlFT-RDBs8O0…) where we publish video interviews with OONI community members to highlight their important work, and the ways through which they use OONI tools and data. In September 2023, we continued working on creating several new video interviews with OONI community members. This involved drafting relevant interview questions, filming the interviews, and working with a videographer to edit the footage. *## Preparing for upcoming OONI trainings in the DRC and Thailand* In preparation for a week-long OONI training for human rights defenders and journalists in the DRC, we coordinated with the training organizers on creating a detailed training agenda that meets the needs of the participants. We provided live demos of the OONI tools that will be taught as part of the training, in order to enable live translation during the upcoming training programme. We also prepared and shared relevant OONI resources and reading materials for the participants. Similarly, we also prepared a detailed training agenda, related workshop slides and hands-on exercises for our upcoming OONI training programme in Thailand. *## Planning the OONI Team Meeting 2023* In September 2023, we continued working on required logistical planning for the 2023 OONI Team Meeting and we continued to solicit team feedback for the sessions of the meeting. *## Planning the OONI Partner Gathering 2024* In September 2023, we continued to work on fundraising efforts required for hosting the next OONI Partner Gathering in May 2024. *## Rapid response efforts### Blocking of TikTok and Google Play Store in Azerbaijan* On 19th September 2023 (amid the military offensive in Nagorno-Karabakh), TikTok users in Azerbaijan reported that they were unable to use the platform. On the same day, we reported on Twitter that the user reports were corroborated by OONI data collected from Azerbaijan, which showed that access to TikTok was blocked on at least 2 networks in the country ( https://twitter.com/OpenObservatory/status/1704160713256628716) We followed-up to share that in addition to TikTok, OONI data also showed the blocking of the Google Play Store in Azerbaijan amid the conflict ( https://twitter.com/OpenObservatory/status/1704475063867642269) We shared all relevant OONI data with advocates from the #KeepItOn campaign ( https://www.accessnow.org/campaign/keepiton/) *## Community activities### Global Gathering 2023* Between 15th-17th September 2023, OONI’s Maria and Arturo traveled to Portugal to attend Team CommUNITY’s Global Gathering event ( https://wiki.digitalrights.community/index.php?title=Global_Gathering) At the Global Gathering, we participated in the 3-day Summit (during which we collected community feedback on our upcoming Censorship Alert System) and we hosted an OONI booth for outreach purposes. *### Advocacy Assembly Internet Shutdown Mentored Training Program* On 21st September 2023, OONI’s Elizaveta hosted a session for the participants of the Advocacy Assembly Internet Shutdown Mentored Training Program (https://advocacyassembly.org/en/news/236) As part of this session, she addressed all the OONI-related questions of the training programme participants. *### FIFAfrica 2023* Between 26th September to 2nd October 2023, OONI’s Norbel and Arturo traveled to Tanzania to participate in the FIFAfrica 2023 conference (one of the largest annual digital rights conferences in Africa). Information about the conference is available here: https://internetfreedom.africa/ On 26th September 2023, we facilitated a session (“Measuring Internet censorship with OONI tools and data”) as part of the Internet Shutdowns Academy FIFAfrica 2023 workshop ( https://twitter.com/uproar_fyi/status/1706972250157539551) On the same day, we also facilitated an OONI workshop as part of the Tor Training Academy (https://twitter.com/zaituni_njovu/status/1706742476596236331) As part of our participation at the main FIFAfrica 2023 conference, we facilitated the following 2 sessions: * Using OONI Run to coordinate the testing of website censorship (28th September 2023): https://whova.com/embedded/session/rWwmoMGALzfjDBkAPdWzA1K4LxMjt38D6BmWiph4… * Measure All The Things! Using Open Data to Investigate Internet Shutdowns, A Primer on Network Interference Research (29th September 2023): https://whova.com/embedded/session/rWwmoMGALzfjDBkAPdWzA1K4LxMjt38D6BmWiph4… *### OONI Community Meeting* On 26th September 2023, we hosted the monthly OONI Community Meeting on our Slack channel (https://slack.ooni.org/) during which we discussed the following topics: 1) Updates from the OONI team 2) Discussion on recommended reading materials in the field of network measurement and how to gain deeper knowledge on the impacts of internet censorship *## Measurement coverage* In September 2023, 61,542,643 OONI Probe measurements were collected from 3,012 networks in 175 countries around the world. This information can also be found through our measurement stats on OONI Explorer (see chart on “monthly coverage worldwide”): https://explorer.ooni.org/ ~ OONI team.

1 0

OONI Monthly Report: August 2023
by Maria Xynou 16 Oct '23

16 Oct '23

Hello, This email shares OONI's monthly report for August 2023. *# OONI Monthly Report: August 2023* Throughout August 2023, the OONI team worked on the following sprints: * Sprint 97 (1st - 13th August 2023) * Sprint 98 (14th -27th August 2023) Our work can be tracked through the various OONI GitHub repositories: https://github.com/ooni Highlights are shared in this report below. *## New Project Manager* In August 2023, we hired an OONI Project Manager! We are thrilled that Jessie Bonisteel has joined our team. As OONI's new Project Manager, Jessie will help ensure that our projects are on track, supporting a global community measuring and fighting internet censorship. *## New partnerships* We are excited to have formed new partnerships! In August 2023, we formed partnerships with: * Computech Institute (Senegal): https://ooni.org/partners/computech/ * Internet Freedom Kazakhstan (IFKZ): https://ooni.org/partners/ifkz/ *## Published research report on censorship events in Senegal* In collaboration with Cloudflare, Access Now and Laura Schwartz-Henderson, we published a research report documenting the social media blocks and network outages in Senegal over the past 2 months. Our report is available here: https://ooni.org/post/2023-senegal-social-media-blocks/ Amid political unrest in Senegal, OONI data shows: * Blocking of WhatsApp, Facebook, Instagram, Twitter, and YouTube between 1st-7th June 2023 * Temporary blocking of TikTok between 5th-7th June 2023 * Ongoing blocking of Telegram Web (since 1st June 2023) *## Published blog post about IMC hackathon* In collaboration with Internet Society (ISOC), M-Lab and Censored Planet, we’ll be hosting a hackathon on “Network Interference using Open Data” at the upcoming Internet Measurement Conference (IMC) in Montreal, Canada, in October 2023. To encourage participation, we published a blog post about the hackathon: https://ooni.org/post/2023-imc-hackathon/ *## OONI Probe Mobile* In August 2023, we released OONI Probe Android 3.8.3 ( https://github.com/ooni/probe-android/releases/tag/v3.8.3) This release includes the latest version of OONI Probe CLI, bug fixes, and a setting that enables users to easily enable and disable all website categories (which was a community feature request). We also continued to make updates and improvements to the “News Media Scan” Android app that we have been developing in collaboration with Deutsche Welle (DW). *## OONI Probe Desktop* In August 2023, we worked on dependency upgrades and subsequent refactoring of the OONI Probe desktop app. The changes involve updated notarization process, and the use of contextBridge which improves the app’s security and UI component updates (https://github.com/ooni/probe-desktop/pull/330) *## Published OONI Probe user guides in Turkish* Thanks to Kaya Zeren, the OONI Probe user guides are now available in Turkish! The Turkish user guides are available below: * OONI Probe Mobile: https://ooni.org/tr/support/ooni-probe-mobile * OONI Probe Desktop: https://ooni.org/tr/support/ooni-probe-desktop *## OONI Run* As part of our work on creating the next generation version of OONI Run (“OONI Run v.2”), we continued working on adding UI support to OONI Probe Android for displaying OONI Run v.2 link descriptors based on the API ( https://github.com/ooni/probe-android/pull/582) Specifically, we worked on UI support for translations, the measurement result screen, automated testing of OONI Run v.2 links, and OONI Run link icons ( https://github.com/ooni/probe-android/pull/601) On the backend side, we continued to improve upon the localization versioning of OONI Run v2 by adding an archived flag ( https://github.com/ooni/backend/pull/699) and we changed the fields type ( https://github.com/ooni/backend/pull/702) We also wrote internal documentation illustrating the interactions between the UI and the API. *## OONI Probe CLI* In August 2023, we started working towards upgrading users from Web Connectivity v0.4 to v0.5 (also known as “Web Connectivity LTE”: https://github.com/ooni/probe-cli/tree/2051a2d330a63cd39d3eb44707f86378de1b… ). Web Connectivity LTE attempts to discover more ways in which the tested website is blocked. The two main changes are in the measurement algorithm and in the algorithm used to determine inside OONI Probe whether the tested website was blocked. However, Web Connectivity LTE is still part of the Web Connectivity family of tests and produces a compatible JSON measurement result. The differences between these two implementations call for drafting a plan for comparing the two implementations and ensuring that Web Connectivity LTE does not introduce regressions under the same censorship conditions. We wrote this plan, which consists of two distinct actions: 1) We will write an A/B testing tool based on netem that allows us to compare the two implementations under the same censorship conditions ( https://github.com/ooni/probe/issues/2525) 2) We will more actively use the richer testing input functionality implemented in the previous months to ensure that users use Web Connectivity LTE for limited periods of time, following up with what we did in July 2023 for users in Pakistan when investigating measurement failures occurring with Web Connectivity v0.4 ( https://github.com/ooni/backend/pull/695, https://github.com/ooni/probe/issues/2499) By switching users to Web Connectivity LTE for limited periods of time, we aim to collect data that is useful for comparing with similar measurements collected by Web Connectivity v0.4. The results of this analysis, in turn, would inform the development of further A/B tests using netem. Once we drafted this plan, we started implementing it. The initial work consisted of migrating existing tests using Jafar (the previous QA framework based on iptables) to using netem. We started working towards this direction by splitting and landing a previous prototype, and then converting individual Jafar-based tests to use netem instead. Our progress in this area is available here: https://github.com/ooni/probe-cli/compare/a040ad9a4185ba5d104fd2b88f9e69582… . We continued to prepare for OONI Probe CLI v3.18.2 and v3.19.0 releases by upgrading the C dependencies (https://github.com/ooni/probe-cli/pull/1194) and specifically upgrading OpenSSL ( https://github.com/ooni/probe-cli/pull/1191) We also triaged, mitigated and started planning to fix an issue introduced in OONI Probe CLI v3.18.0 that affects the Tor Snowflake experiment on Android devices. The gist of the issue is that upgraded dependencies negatively impacted Snowflake ability to bootstrap on new Android 11+. Further information about this issue is documented here: https://github.com/ooni/probe/issues/2529 *## OONI Explorer* In August 2023, we released OONI Explorer in Vietnamese: https://explorer.ooni.org/vi We thank the Localization Lab community (https://www.localizationlab.org/) for making OONI Explorer available in many languages, and for their ongoing OONI Explorer localization efforts ( https://explore.transifex.com/otf/ooni-explorer/) We also fixed a bug that prevented users from selecting countries on the OONI Explorer Circumvention Dashboard ( https://github.com/ooni/explorer/commit/e38c58aff54ae4418194891e9dcd742e228… ). *## Published screencast for OONI Explorer Search Tool* To enable researchers and human rights defenders to make use of OONI data, we published a screencast for the OONI Explorer Search Tool ( https://explorer.ooni.org/search) The screencast (published on our YouTube channel) is available here: https://youtu.be/7jNFqHH43x8 This screencast provides visual, step-by-step guidance on how to use the OONI Explorer Search Tool to filter OONI measurements and uncover cases of blocking. *## Creating a Censorship Incident Reporting Platform* In August 2023, we continued to work towards building a (new) Censorship Incident Reporting Platform. Specifically, we improved the field validation of the platform (https://github.com/ooni/backend/pull/710, https://github.com/ooni/backend/issues/707) and we added backend support for a new "short_description" field ( https://github.com/ooni/backend/pull/711, https://github.com/ooni/backend/issues/708) We now have a testing version of the Censorship Incident Reporting Platform, which we tested internally in an attempt to identify issues and opportunities for improvement. We also worked towards collecting information (and relevant OONI data) for all the censorship reports that we aim to publish with the launch of the platform. *## OONI backend* Following the release of OONI Probe Android 3.8.3, we noticed issues with the Tor Snowflake experiment (causing the app to crash). We therefore added backend support to annotate such measurements as “failed” ( https://github.com/ooni/backend/pull/704, https://github.com/ooni/backend/pull/705) and we reprocessed old measurements. We annotated Signal experiment measurements from outdated probes (which were resulting in false positives) as “failed” ( https://github.com/ooni/backend/issues/679) and we created an internal dashboard to investigate other possible cases that may be affecting OONI data quality. We also fixed a bug affecting the scoring of vanilla Tor measurements (https://github.com/ooni/backend/issues/608, https://github.com/ooni/backend/pull/706) We ran a set of tests on the fastpath to measure performance improvements obtained by buffering writes to the database and, notably, we reached a 25x speedup during measurement reprocessing. Based on community feedback, we added backend support to the API for filtering measurements by different experiment versions ( https://github.com/ooni/backend/issues/615) as well as by software version and engine version (https://github.com/ooni/backend/pull/703) *## Automating censorship detection and characterization based on OONI measurements* As part of our participation at the Chaos Communication Camp 2023 ( https://events.ccc.de/camp/2023/infos/index.html) we organized and hosted an OONI hackathon where participants were given access to the database used by the OONI data analysis tool (https://github.com/ooni/data) During the hackathon, participants were able to run queries against the database to produce novel analysis of OONI measurements ( https://docs.google.com/presentation/d/1aCmjqKOVKi2AUe1ZqOljyao9LkAo97CT5I5… ). This resulted in the collection of feedback and suggestions on how we can improve our analysis (https://pad.riseup.net/p/hack-ooni-ccc2023-keep) *## OONI data support for Freedom on the Net 2023 reports* Over the last years, we have collaborated with Freedom House researchers on providing relevant OONI data in support of their annual Freedom on the Net reports (https://freedomhouse.org/report/freedom-net) In August 2023, we received multiple questions and data requests from Freedom House researchers, and we responded by providing relevant OONI data for various country-specific Freedom on the Net 2023 reports. *## Localization of the OONI Outreach Kit* In March 2023, we published the OONI Outreach Kit ( https://ooni.org/support/ooni-outreach-kit/) to share OONI resources and materials that can be used as part of OONI community engagement efforts. In August 2023, we started working towards the localization of the OONI Outreach Kit to enable its use by more communities around the world. We drafted guidelines for the localization of the OONI Outreach Kit, which we shared with translators. In addition to coordinating with translators, we also coordinated with designers to ensure that the design of the Outreach Kit supports RTL layout. *## OONI Community Interviews* We have an “OONI Community Interviews” series on our YouTube channel ( https://www.youtube.com/watch?v=Pam2UQoZ1qM&list=PL1sH9kYR-16nlPlFT-RDBs8O0…) where we publish video interviews with OONI community members to highlight their important work, and the ways through which they use OONI tools and data. In August 2023, we worked on creating several new video interviews with OONI community members. This involved drafting relevant interview questions, filming the interviews, and working with a videographer to edit the footage. *## Planning the OONI Partner Gathering 2024* We are planning to host a 2-day event (“OONI Partner Gathering”) in May 2024, which would bring our international network of partners together to share skills and knowledge around censorship measurement. We had already done extensive research and planning in previous months, developing a script for a data-driven approach for identifying what could be the best city for the event based on various parameters (visa requirements, cost, travel time, safety index, etc.), researching related logistics, creating a participant list and related budgets. In August 2023, we made adjustments to our logistical planning and we wrote 2 versions of a Concept Note for the OONI Partner Gathering 2024 as part of our fundraising efforts. *## Planning the OONI Team Meeting 2023* In August 2023, we started working towards organizing our annual OONI Team Meeting: a 3-day event which brings the OONI team together to have in-depth discussions about projects, strategic priorities, team health, and improving roadmaps. This annual meeting is important for our team, given that we do not have a physical office and work remotely from different countries (and continents) throughout the year. Last year we hosted the 2022 OONI Team Meeting in Rome, but unfortunately some of our team members were not able to join in person due to visa issues. We have therefore decided to host the 2023 OONI Team Meeting in Nairobi, Kenya, which has looser visa requirements for all our team members (and which was identified as one of the top “visa-free” locations based on the script that we developed as part of our related research for the OONI Partner Gathering). In August 2023, we finalized the logistical planning for the 2023 OONI Team Meeting and we started collecting team feedback for the sessions of the meeting. *## Rapid response efforts### TikTok blocking in Senegal* Following protests over the sentencing of opposition leader Ousmake Sonko, the Senegalese government ordered the blocking of TikTok on 2nd August 2023 (https://twitter.com/AbdouJCisse/status/1686748294888685570) In response, we shared OONI Probe testing instructions (to ensure the testing of TikTok endpoints) with Senegalese partners, our broader community, and on Twitter ( https://twitter.com/OpenObservatory/status/1686775778455830531) To help boost the testing of TikTok, we also boosted the testing priority for TikTok in Senegal (based on our smart URL list system) and we sent a push notification to OONI Probe users in Senegal (encouraging them to run an OONI Run link for the testing of TikTok endpoints). As a result, we immediately collected and published data documenting the blocking of TikTok in Senegal on the same day (with a large spike in measurement coverage): https://explorer.ooni.org/chart/mat?probe_cc=SN&since=2023-07-03&until=2023… Similarly to the previous blocking of other social media platforms ( https://ooni.org/post/2023-senegal-social-media-blocks/) OONI data shows that access to TikTok was blocked by means of TLS interference. *### Telegram blocking in Iraq* On 5th August 2023, Iraq started blocking access to Telegram over personal data concerns. We shared relevant OONI data on Twitter ( https://twitter.com/OpenObservatory/status/1688576131157434368) as well as further information with the #KeepItOn advocacy mailing list. Specifically, OONI data shows that the Telegram block was implemented on several networks in Iraq ( https://explorer.ooni.org/chart/mat?probe_cc=IQ&since=2023-07-05&until=2023…) and that they blocked access to both the Telegram mobile app and to Telegram Web. The block appeared to be IP-based, as attempted connections to Telegram endpoints consistently failed. Kentik published a relevant blog post, citing OONI data: https://www.kentik.com/blog/iraq-blocks-telegram-leaks-blackhole-bgp-routes/ *### Grindr blocking in Jordan* On 8th August 2023, Jordan started blocking access to Grindr. We responded by sharing relevant OONI data on the block on Twitter ( https://twitter.com/OpenObservatory/status/1689674923520794627) OONI data shows that access to Grindr was blockhttps:// twitter.com/OpenObservatory/status/1689674923520794627ed by means of TLS interference on at least 5 networks in Jordan. *### OONI Run testing of The Intercept in Pakistan* Following reports that access to The Intercept may have been blocked in Pakistan, Micah Lee (The Intercept's Director of Information Security) shared an OONI Run link on Mastodon, encouraging the testing of theintercept.com in Pakistan ( https://infosec.exchange/@micahflee/110861931459869851) We also boosted the testing priority of the website in our backend to help increase relevant measurement coverage. No signs of censorship have been detected so far ( https://explorer.ooni.org/chart/mat?probe_cc=PK&since=2023-07-11&until=2023… ). *## Community use of OONI data### Sinar Project report on censorship monitoring during Malaysia’s 2023 state elections* Our partner, Sinar Project (https://ooni.org/partners/sinar-project) published a report providing an update on their censorship monitoring efforts during Malaysia’s 2023 state elections. Their report (which is based on OONI data) is available here: https://imap.sinarproject.org/news/internet-censorship-update-internet-cens… *### Press statement on news media censorship in Malaysia* In August 2023, Geramm (a press freedom movement from Malaysian) published a press statement calling on the Malaysian Communications and Multimedia Commission (MCMC) to explain the Internet regulator’s decision to block news websites. This followed the recent blocking of yet another news media website (utusantv.com) in Malaysia. Their press statement (which cites the use of OONI tools and data) is available here: https://m.facebook.com/story.php?story_fbid=pfbid029QVYcUmLt6s8je5zJctUpGfG… *## Community activities### Chaos Communication Camp 2023* Between 15th-19th August 2023, OONI’s Arturo and Maria traveled to Germany to attend the Chaos Communication Camp 2023 (CCCamp 2023), one of the largest hacker camps in the world with a digital rights focus. Information about CCCamp 2023 is available here: https://events.ccc.de/camp/2023/infos/index.html On 18th August 2023, we presented OONI and facilitated an OONI hackathon at CCCamp 2023. Below we share: * Information about the OONI presentation and hackathon: https://events.ccc.de/camp/2023/hub/camp23/de/event/internet-measurement-da… * Slides used for the presentation: https://docs.google.com/presentation/d/1aCmjqKOVKi2AUe1ZqOljyao9LkAo97CT5I5… * Pad with the hackathon challenges and participant feedback: https://pad.riseup.net/p/hack-ooni-ccc2023-keep *### MAT live demo as part of OCF’s Internet Freedom Meetup webinar* On 23rd August 2023, OONI’s Maria participated in the Open Culture Foundation’s (OCF) monthly Internet Freedom Meetup webinar ( https://ocf.tw/en/p/issues/coffeeandcircumventionen) As part of her participation, Maria provided a live demo on how to use OONI’s Measurement Aggregation Toolkit (MAT). *### OONI Community Meeting* On 29th August 2023, we hosted the monthly OONI Community Meeting on our Slack channel (https://slack.ooni.org/) during which we discussed the following topics: 1) Updates from the OONI team 2) Community feedback on push notifications (continuation of discussion from July 2023 community meeting) *## Measurement coverage* In August 2023, 62,887,269 OONI Probe measurements were collected from 3,061 networks in 174 countries around the world. This information can also be found through our measurement stats on OONI Explorer (see chart on “monthly coverage worldwide”): https://explorer.ooni.org/ ~ OONI team.

1 0

OONI Monthly Report: July 2023
by Maria Xynou 16 Oct '23

16 Oct '23

Hello, This email shares OONI's monthly report for July 2023. *# OONI Monthly Report: July 2023* Throughout July 2023, the OONI team worked on the following sprints: * Sprint 95 (3rd - 16th July 2023) * Sprint 96 (17th - 30th July 2023) Our work can be tracked through the various OONI GitHub repositories: https://github.com/ooni Highlights are shared in this report below. *## New partnership* We are excited to have formed a new partnership with Digital Rights Lab Sudan (https://twitter.com/DRLab_Sudan) The goal of the partnership is to collaborate on the study of internet censorship in Sudan. We published a dedicated partner page for Digital Rights Lab Sudan, highlighting their important work: https://ooni.org/partners/drlab/ *## Published report on China blocking OONI* In July 2023, China started blocking access to our website (ooni.org) and censorship measurement app (OONI Probe). We published a report documenting the blocking of OONI in China with OONI data: https://ooni.org/post/2023-china-blocks-ooni/ The block appears to be implemented by means of DNS injection and TLS interference. This is the first time that we're observing a large and persistent drop in OONI measurement coverage as a result of OONI Probe blocking. The report also includes advice for circumventing the blocking of OONI Probe in China. However, running OONI Probe in China is now probably riskier. *## OONI Probe Mobile* Throughout July 2023, we worked towards the release of OONI Probe Mobile 3.8.3. As part of this, we worked on extensive QA testing for both Android ( https://github.com/ooni/probe/issues/2504) and iOS ( https://github.com/ooni/probe/issues/2509) Based on community feedback, we worked on adding functionality to OONI Probe Android to automatically test new networks ( https://github.com/ooni/probe/issues/900) We also worked on improvements to a new Android app (“News Media Scan”) that we have been developing in collaboration with Deutsche Welle over the past months. *## OONI Probe Desktop* In July 2023, we released OONI Probe Desktop 3.9.1 ( https://github.com/ooni/probe-desktop/releases/tag/v3.9.1) with the latest version of OONI Probe CLI and updated dependencies. *## OONI Run### Building OONI Run v.2* In July 2023, we added experimental support to the OONI Probe Engine for invoking the fetch API allowing a client to obtain OONI Run v2 descriptors ( https://github.com/ooni/probe-cli/pull/1176) This functionality allows the OONI Probe mobile app to start implementing OONI Run v2 ( https://github.com/ooni/probe-android/pull/582) We then worked towards adding support for running OONI Run v2 links in the OONI Probe mobile app ( https://github.com/ooni/probe/issues/2474) The general idea for this first iteration is to implement minimal functionality into the Engine and let the app do most of the work. Notably, we reached a first milestone where we have an experimental version of the OONI Probe Android app where it is possible to: * Inspect and install an OONI Run v2 link into the OONI Probe Android app dashboard; * Run such a link directly or together with other nettests; * See the results it produced reusing the view used for experimental nettests. Subsequent development milestones will focus on implementing the missing functionality (e.g., updating OONI Run v2 links) and on optimizing the implementation. We continued working on the UI improvements for the OONI Run v2 web editor ( https://github.com/ooni/run/pull/131) We also added backend support for separating the versioning of the copy (included in translations) from the nettest data (https://github.com/ooni/backend/issues/694) and we added localization support to OONI Run v.2 ( https://github.com/ooni/backend/pull/699) To enable the development of the OONI Run platform, we allowed login redirection for more domains on the API (https://github.com/ooni/backend/pull/697) *### Launch of OONI Run supporting localization* In July 2023, we launched OONI Run (https://run.ooni.io/) with support for 9 languages (beyond English): Farsi, Russian, Thai, Turkish, Chinese (Taiwan), Chinese (China), German, Portuguese (Brazil), Spanish. This work is available here: https://github.com/ooni/run/pull/132/files We thank the Localization Lab community (https://www.localizationlab.org/) for making OONI Run available in so many languages, and for their ongoing OONI Run localization efforts (https://explore.transifex.com/otf/ooni-run/) *## OONI Probe CLI* We started preparing the release of OONI Probe CLI 3.18.1, which should include (a) better support for measuring throttling with Web Connectivity LTE; (b) updated dependencies and assets. We also continued to make progress towards OONI Probe CLI v3.19.0. Following up from the work done in previous sprints, we have continued to take advantage of the netem QA framework and we have started migrating some nettests to use it for QA purposes. By using netem, we are able to exercise more censorship conditions in an easier way compared to the previous framework we used (Jafar, based on Linux and iptables). For now, we have migrated the following experiments to netem: * dnsping (https://github.com/ooni/probe-cli/pull/1177) * facebook_messenger (https://github.com/ooni/probe-cli/pull/1178) * sniblocking (https://github.com/ooni/probe-cli/pull/1179) * whatsapp (https://github.com/ooni/probe-cli/pull/1181) * telegram (https://github.com/ooni/probe-cli/pull/1182) As a result, the availability of better QA tests opens up the possibility of being more confident in rewriting these experiments to use the DSL introduced as part of the richer input error. *## Expanding OONI’s testing model to support richer testing input* We continued to work on supporting richer testing input ( https://github.com/ooni/ooni.org/issues/1291) In previous months, we worked towards writing a DSL ( https://en.wikipedia.org/wiki/Domain-specific_language) to support richer testing input (https://github.com/ooni/probe/issues/2494) in the context of our richer testing prototype (https://github.com/ooni/2023-05-richer-input) We completed this task in early July 2023 ( https://github.com/ooni/2023-05-richer-input/pull/7, https://github.com/ooni/2023-05-richer-input/pull/8) We now have a DSL that is both external and internal. The internal DSL is executable code but can also be serialized to JSON. We can read the JSON and execute it as an external DSL. We basically use the same code for both DSLs. The internal DSL uses Go generics and each stage in the measurement pipelines has specific input and output types. The external DSL wraps each internal DSL stage with a stage that performs type checking at runtime. The final DSL ( https://github.com/ooni/2023-05-richer-input/releases/tag/v0.3.0) is not Turing complete and only supports stage composition. We have primitive stages (e.g., DNS lookups, TCP connect, TLS handshake, QUIC handshake, HTTP transactions). We have stages for composing together measurement pipelines (e.g., we can compose a TCP connect operation and a TLS handshake operation). And we have primitives to compose pipelines that perform DNS lookups with pipelines that perform endpoint measurements (e.g., TCP connect, TLS handshake). Now that we have finished researching, we have also reached a better degree of clarity on what we can potentially achieve by expressing richer input using this DSL: 1) We can run code directly (internal DSL) or we can generate JSON that we can serve to OONI Probes (external DSL). By serving code to probes, we can update the definition of nettests. So, in the future, we would need less emergency releases when IM apps (such as Signal) change their testing requirements (e.g., they change the CA they use). 2) We can incrementally roll out better implementations of experiments without making new OONI Probe releases. For example, we can (easily!) add support for TLS handshakes to the Facebook Messenger nettest and run this extended version of the nettest only in a subset of probes, closely monitoring whether everything is working as intended, ready to back out the changes in case of issues, or roll out the functionality more extensively if all looks good. 3) We can support the use case of using OONI Probe for research. We (or anyone else concerned) will potentially be able to feed a specific measurement DSL pipeline to OONI Probe consisting of the operations that matter for research. For example, we can imagine serving extra follow-up tests that would run as part of the experimental suite on an opt-in basis in case there is a need to further investigate some censorship findings. To investigate the suitability of the DSL, we reimplemented the Facebook Messenger (https://github.com/ooni/2023-05-richer-input/pull/7) and RiseupVPN (https://github.com/ooni/2023-05-richer-input/pull/12) experiments. The latter, in particular, seems a good candidate to start upgrading production code to use the DSL since it is currently disabled due to concerns involving false positives. For this reason, we also sketched out an initial plan to upgrade it to use the DSL ( https://github.com/ooni/probe/issues/2502) In subsequent months, we will continue to investigate this topic, refine our implementation, engage in internal discussions, work on streamlining possible use cases and on defining a path to start rolling this feature out in production. In the meanwhile, we have started to feel more confident about the DSL implementation, as we started adding integration testing using netem (https://github.com/ooni/netem) to it ( https://github.com/ooni/2023-05-richer-input/pull/7, https://github.com/ooni/2023-05-richer-input/pull/9) *## Creating a throttling measurement methodology* Regarding measuring throttling (https://github.com/ooni/ooni.org/issues/1296) we finished improving support for measuring the download speed ( https://github.com/ooni/probe/issues/2493) As Web Connectivity LTE now implements collecting download speed samples during a download, we started preparing for making it the default Web Connectivity implementation and for retiring version v0.4. To this end, we started adding support for netem-based integration testing (https://github.com/ooni/probe-cli/pull/1170) and we backported the patch to collect download speed samples ( https://github.com/ooni/probe-cli/pull/1166) to the release/3.18 branch so that we can include this functionality in the upcoming 3.18.1 OONI Probe release. *## OONI Explorer* In July 2023, we released OONI Explorer in the following 2 additional languages: * Swahili: https://explorer.ooni.org/sw * Traditional Chinese: https://explorer.ooni.org/zh-Hant Beyond English, OONI Explorer now supports 10 languages! We thank the Localization Lab (https://www.localizationlab.org/) community for making OONI Explorer – and real-time open data on internet censorship worldwide – available in additional languages! *## Creating a Social Media Censorship Alert System* We continued to make progress towards building a Social Media Censorship Alert System (https://github.com/ooni/backend/pull/651) Based on internal review of the code, we updated the internal design document for further review. We added support for real-time notifications on Slack in the Social Media blocking event detector, along with a summary HTML page. We also created a dedicated Jupyter notebook to show a summary of recent events flagged as social media blocking alerts by our system. *## Creating a Censorship Incident Reporting Platform* In July 2023, we continued working on the UI implementation of the (new) Censorship Incident Reporting Platform ( https://github.com/ooni/explorer/pull/862) Specifically, we added form validations, we improved the layouts (also) by further expanding our component library (https://github.com/ooni/design-system/pull/163) and we added the report index view. *## Automating censorship detection and characterization based on OONI measurements* Improvements were made to how errors are handled while writing observations to the database. Specifically, support was added to dump failing rows to file and retry writing the affected row in the event of a failure ( https://github.com/ooni/data/pull/33) Through this we were able to identify some bugs in the processing of certain types of measurements and implement fixes for them. We started reaching out to third party researchers interested in using this new observation database and training them on how to use it. As part of this, we came up with a setup that allows independent researchers to connect to the database used by the OONI data analysis tool ( https://github.com/ooni/data) and run queries on the platform. *## OONI backend* We improved our Jupyter notebook that tracks test helper failures grouped by datacenter location. It detected a 1-hour long event impacting 0.th.ooni.org. The event was investigated and found to be benign. We continued ongoing work to predict the amount of incoming measurements on a per-country basis using basic machine learning in order to send alarms to the team in the event of a sudden loss of measurements. *## Published OONI Outreach Kit printing materials* In July 2023, we updated the OONI Outreach Kit to include materials designed for printing (https://github.com/ooni/ooni.org/pull/1394) The updated OONI Outreach Kit (including printing materials) is available here: https://ooni.org/support/ooni-outreach-kit/ *## Interviewed Project Manager candidates* In July 2023, we reviewed the final applications and we completed the second round of interviews for the OONI Project Manager position ( https://ooni.org/post/2023-job-opening-ooni-project-manager/) Based on these interviews, we reached a hiring decision and followed up with candidates. *## FOCI 2023 Community Award* On 10th July 2023, OONI’s Maria received the Free and Open Communications on the Internet (FOCI) 2023 Community Award, recognizing the impact of her work in the field of Internet freedom on the wider community. We dedicate this award to the whole OONI community, without whom this work would not be possible ( https://twitter.com/agrabeli_/status/1678722087953760256) *## Community use of OONI data### Report of the Tehran Electronic Commerce Association* In July 2023, the Tehran Electronic Commerce Association published a report on the low quality of the Internet in Iran, citing OONI in many pages (pages 4, 5, 6, 16, 20, 35, 37). Their report is available here: https://etchamber.ir/wp-content/uploads/2023/07/Iran-Internet-v0.9.pdf OONI was also cited in an article by Peivast (one of Iran’s largest tech outlets), discussing the findings of the report of the Tehran Electronic Commerce Association: https://peivast.com/p/170337 *### Blocking of satirical news website in Jordan* Our partner, JOSA (https://ooni.org/partners/josa/) reported on the blocking of a satirical news media website (AlHudood) in Jordan, citing OONI data: https://twitter.com/jo_osa/status/1677041740107198465 *### TEDIC’s research report examining internet shutdowns in Northern Paraguay* Our partner, TEDIC (https://ooni.org/partners/tedic/) published a new research report investigating potential disruptions to internet access in the northern zone of Paraguay. We supported this study by providing relevant OONI data analysis. Their report was published in: * Spanish: https://www.tedic.org/wp-content/uploads/2023/07/Informe-Apagones-de-Intern… * English: https://www.tedic.org/wp-content/uploads/2023/07/Internet-Shutdowns-Report-… TEDIC also published a blog post about the study in: * Spanish: https://www.tedic.org/apagones-de-internet-en-paraguay/ * English: https://www.tedic.org/en/internet-shutdowns-in-paraguay/ *### Sinar Project’s report on the blocking of MalaysiaNow* Our partner, Sinar Project, published a report documenting the blocking of MalaysiaNow in Malaysia, through the use of OONI tools and data. Their report is available here: https://imap.sinarproject.org/news/blocking-of-malaysianow-website *### Sinar Project’s report on the blocking of a website of a former Malaysian MP* Sinar Project published a report documenting the blocking of a website ( weechookeong.com) which belongs to a former Malaysian Member of Parliament. Their report makes use of OONI data, and is available here: https://imap.sinarproject.org/news/internet-censorship-update-blocking-of-w… This report received press coverage from MalaysiaNow: https://www.malaysianow.com/news/2023/07/28/online-freedom-monitor-confirms… *### EngageMedia’s Advocacy Toolkit for Civil Society Organizations* In July 2023, EngageMedia published “Addressing Internet Censorship and Content Filtering: An Advocacy Toolkit for Civil Society Organizations” which features OONI tools and resources ( https://engagemedia.org/2023/toolkit-internet-censorship/) Their toolkit is available here: https://engagemedia.org/wp-content/uploads/2023/07/GIF-Regional-Toolkit-Add… *### PhD thesis on modeling and characterizing internet censorship technologies* In July 2023, a PhD thesis (titled “Modeling and Characterization of Internet Censorship Technologies”) by Alexander Master was published (making use of OONI data): https://www.doi.org/10.25394/PGS.23666784 *### FOCI 2023 academic paper studying worldwide view of nation-state Internet censorship* In July 2023, an academic paper studying a worldwide view of nation-state Internet censorship was published and presented at FOCI 2023. This paper makes use of OONI data for its analysis. The paper is available here: https://www.petsymposium.org/foci/2023/foci-2023-0008.pdf *### Other FOCI 2023 papers citing OONI* OONI was also cited in the following FOCI 2023 papers: * “Crowdsourcing the Discovery of Server-side Censorship Evasion Strategies”: https://www.petsymposium.org/foci/2023/foci-2023-0016.pdf * "Towards a Comprehensive Understanding of Russian Transit Censorship": https://www.petsymposium.org/foci/2023/foci-2023-0012.pdf * "Detecting Network Interference Without Endpoint Participation": https://www.petsymposium.org/foci/2023/foci-2023-0010.pdf *## Community activities### FOCI 2023* On 10th July 2023, OONI’s Arturo attended the Free and Open Communications on the Internet (FOCI) 2023 in Lausanne, Switzerland. Information about the workshop is available here: https://foci.community/ *### Keynote at HotPETs 2023* On 14th July 2023, OONI’s Maria delivered a keynote (titled “The Power of Community Participation in Shaping Digital Rights Tech”) at HotPETs 2023 in Lausanne, Switzerland. Information about the workshop is available here: https://petsymposium.org/2023/hotpets.php *### OONI workshop for Legal Resource Center in South Africa* On 24th July 2023, OONI’s Elizaveta facilitated an online OONI workshop for the team members of South Africa’s Legal Resource Center ( https://lrc.org.za/) The goal of the workshop was to introduce lawyers to the use of OONI tools and data. *### OONI workshop for civil society in Zimbabwe* On 31st July 2023, OONI’s Elizaveta facilitated an online OONI workshop for civil society groups in Zimbabwe, in preparation for the country’s upcoming elections (which may trigger censorship events). *### OONI Community Meeting* On 25th July 2023, we hosted the monthly OONI Community Meeting on our Slack channel (https://slack.ooni.org/) during which we discussed the following topics: 1) Updates from the OONI team 2) IODA Update: Design Standards and Outage Severity Map ( https://ioda.inetintel.cc.gatech.edu/reports/ioda-update-designstandards-ou… ) 3) Community feedback on the thematic presentation of censorship findings on OONI Explorer 4) Community feedback on push notifications: How should OONI utilize them going forward? What would be most useful? *## Measurement coverage* In July 2023, 62,256,645 OONI Probe measurements were collected from 3,135 networks in 172 countries around the world. This information can also be found through our measurement stats on OONI Explorer (see chart on “monthly coverage worldwide”): https://explorer.ooni.org/ ~ OONI team.

1 0