- tor-project - lists.torproject.org

Nina’s Monthly Status Report: March 2024
by Nina 04 Apr '24

04 Apr '24

Hi! Below is my March’24 report! In March, I resolved 571 tickets: On Telegram (@TorProjectSupportBot) - 405 On RT (frontdesk@tpo) - 154 On WhatsApp (+447421000612) - 11 and on Signal (+17787431312) - 1. My main focus remains the same - I help Russian-speaking users use Tor Browser and circumvent internet censorship; I also test and report bugs that users find and share with me. There were presidential elections in March in Russia, so to prepare for the event, I reviewed and improved existing user support templates we use on Frondesk, Telegram, WhatsApp, Signal, and the guide in Russian in the Torforum. Also, at the beginning of March, I helped to find an issuewith Snowflakefront domains[1] and prepared a workaroundtemplatein Russianto help users fix the problem manually before the problem was solved in aTor Browseremergency release [2]. I reportedthe issue of Tor Browser for macOS not working after being downloaded from our telegram bot (https://t.me/ <https://t.me/gettor_bot>gettor_bot <https://t.me/gettor_bot>) by gathering users' feedback and testing myself [3]. [1] https://gitlab.torproject.org/tpo/anti-censorship/team/-/issues/135 [2] https://blog.torproject.org/new-release-tor-browser-13011/ [3] https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/issues/4…

1 0

cohosh's monthly status report, March 2024
by Cecylia Bocovich 03 Apr '24

03 Apr '24

Hi! This is my status report for contract work done in March 2024. # Snowflake development The major updates to Snowflake I worked on this month were reviewing an deploying some SQS rendezvous fixes and improvements, and updates to our distributed bridge lines to account for an issue with the front domain we were using. There were also some fixes to the Shadow integration tests. These were rolled out in v2.9.2 - SQS queue work - https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… - https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… - https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… - https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… - shadow integration fixes - https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… - https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… - released snowflake v2.9.2 - https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… # Snowflake web extension We've been updating our publishing process since Mozilla modified the review procedure for their addon store. This has required several back-and-forth discussions with reviewers and some modifications to our packaging preparation. - https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… - https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… - https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… # Reputation-based bridge distribution Our implementation of Lox is undergoing some improvements and fixes as we encounter bugs from its deployment. The major changes from me this month were some refactoring for code quality, more and an overhaul of the encrypted bridge table. - https://gitlab.torproject.org/tpo/anti-censorship/lox/-/merge_requests/143 - https://gitlab.torproject.org/tpo/anti-censorship/lox/-/merge_requests/144 - https://gitlab.torproject.org/tpo/anti-censorship/lox/-/merge_requests/147 # Domain fronting At the very beginning of the month, we had an issue with the front domain we were using for most of our anti-censorship tools and services: https://gitlab.torproject.org/tpo/anti-censorship/team/-/issues/135 Addressing this issue required various updates to recover. - https://gitlab.torproject.org/tpo/applications/tor-browser/-/merge_requests… - https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/merge_re… - set up new domain fronting accounts for meek and conjure - coordinated with a new meek bridge operator and debugged their setup # Conjure Mainly just did some bridge maintenance and added an IP to the bridge config for a moved station.

1 0

Rhatto's Monthly Status Report, March 2024
by rhatto 01 Apr '24

01 Apr '24

Hi all :) This is my monthly status report for March 2024 with the main relevant activities I have done during the period. ## 0. Research * Tor Browser Quality Assurance for Onion Services (TB .onion QA) - 2024.Q1: * In the 2024.Q1 period, the TB .onion QA had the following output: * 9 Tor Browser versions were formally tested. * No serious issues were found affecting onionsites. * A few minor issues were identified and need further investigation or be reported to the browser team. * Versions tested ranged from 13.09 to 13.0.13 and from 13.5a3 to 13.5a6. * Did some internal Onion Planning. ## 1. Development * The Onion Services Ecosystem documentation is now available at the Community Portal: https://community.torproject.org/onion-services/ecosystem An alternative URL is still available at https://tpo.pages.torproject.net/onion-services/ecosystem Details at https://gitlab.torproject.org/tpo/onion-services/ecosystem/-/issues/1 * Onionspray. * Released the 1.6.1 version: * https://lists.torproject.org/pipermail/tor-announce/2024-March/000313.html * https://forum.torproject.org/t/onionspray-release-1-6-1/12083 * Onionspray Log Parser: * Renamed eotk-log-parser to onionspray-log-parser: https://gitlab.torproject.org/tpo/onion-services/onionspray-log-parser/-/is… * Added support for aggregating page hits with the same circuit ID. * Launched version 1.0.0 (nothing special with this number, it just means that there was a backward-incompatible change from previous versions). ## 2. Support * Ongoing sponsored work with deployment, maintenance and monitoring of Onion Services. * Did some other support related to setting up Onion Services. ## 3. Organization Time spent (from the total available for Tor-related work): | Category | Percentage |---------------|------------ | Research | 21 | Development | 2 | Support | 54 | Organization | 23 |---------------|------------ | Total | 100 -- Silvio Rhatto pronouns he/him

1 0

PieroV's Monthly Status Report, March 2024
by Pier Angelo Vendrame 01 Apr '24

01 Apr '24

Hi everyone, here is my status report for March 2024. This month, I continued the rebase on the Firefox Rapid Release channel. I've arrived on par with mozilla-beta, i.e., I have a branch based on Firefox 125b, and I'm following that channel. I'm trying to rebase my branch onto each beta tag. I've also fixed the various build and runtime errors, and the branch can be built and used (even though this is seriously discouraged as it hasn't been reviewed and we haven't done our audit work yet). However, this is quite reassuring because it reduces the uncertainty of our ESR transition work. I've opened an issue [0] to document this process and all the conflicts I had to merge manually, both trivial and non-trivial. At a certain point, while working on this task, I implemented a script that act as a helper for our usual rebase review procedures [1]. I'm sure it has a lot of margin for improvement, but it should handle our most common cases. My idea is to use it also for the script to perform continuous automatic rebases of our branches. I wrote a proof of concept in 30 minutes, but nothing was ready for production and/or publication. Still, I'm very excited by the possibilities of automation we could implement. Apart from that, I worked on refactoring our TorConnect module [2]. I started it to fix an issue detected by the linter we've had for one year and a half [3]. It was not trivial to fix, and eventually, I ended up reorganizing the whole file, even though the contents haven't changed much. At the end of the month, I also opened another merge request specifically for error handling [4]. Together, they should hopefully help the further Android developments other apps team members are working on. Finally, I worked on some issues about fingerprinting vectors and helped with our March releases. Best, Pier [0] https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/42441 [1] https://gitlab.torproject.org/pierov/lazy-scripts/-/blob/main/diff-of-diffs… [2] https://gitlab.torproject.org/tpo/applications/tor-browser/-/merge_requests… [3] https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/41114 [4] https://gitlab.torproject.org/tpo/applications/tor-browser/-/merge_requests…

1 0

Anti-censorship team meeting notes, 2024-03-28
by Shelikhoo 28 Mar '24

28 Mar '24

Hey everyone! Here are our meeting logs: https://paste.debian.net/1312310/ And our meeting pad: Anti-censorship work meeting pad -------------------------------- Anti-censorship -------------------------------- Next meeting: Thursday, Apr 04 16:00 UTC Facilitator: onyingyang Weekly meetings, every Thursday at 16:00 UTC, in #tor-meeting at OFTC (channel is logged while meetings are in progress) This week's Facilitator: shelikhoo == Goal of this meeting == Weekly check-in about the status of anti-censorship work at Tor. Coordinate collaboration between people/teams on anti-censorship at the Tor Project and Tor community. == Links to Useful documents == * Our anti-censorship roadmap: * Roadmap:https://gitlab.torproject.org/groups/tpo/anti-censorship/-/boards * The anti-censorship team's wiki page: * https://gitlab.torproject.org/tpo/anti-censorship/team/-/wikis/home * Past meeting notes can be found at: * https://lists.torproject.org/pipermail/tor-project/ * Tickets that need reviews: from sponsors, we are working on: * All needs review tickets: * https://gitlab.torproject.org/groups/tpo/anti-censorship/-/merge_requests?s… * Sponsor 96 <-- meskio, shell, onyinyang, cohosh * https://gitlab.torproject.org/groups/tpo/-/milestones/24 * Sponsor 150 <-- meskio working on it * https://gitlab.torproject.org/groups/tpo/anti-censorship/-/issues/?label_na… == Announcements == == Discussion == * Latest snowflake addon reviewer feedback requires a consent prompt for the collection of personal data * https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… == Actions == == Interesting links == * == Reading group == * We will discuss "" on * * Questions to ask and goals to have: * What aspects of the paper are questionable? * Are there immediate actions we can take based on this work? * Are there long-term actions we can take based on this work? * Is there future work that we want to call out in hopes that others will pick it up? == Updates == Name: This week: - What you worked on this week. Next week: - What you are planning to work on next week. Help with: - Something you need help with. cecylia (cohosh): 2024-03-28 Last week: - debugged some issues with conjure and added a new station to the allowed-ips at the server - set up new domain fronting accounts for meek and conjure - updated torrc files - worked on some shadow network model updates - resumed work on adding a consent prompt for the snowflake addon - https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… This week: - address latest review comments for snowflake addon - work on reproducing some reported SQS errors and open a public issue for it - update wasm-bindgen fork to fix some bugs and hopefully upstream changes - tor-browser-build updates for lox wasm + bindings generation Needs help with: dcf: 2024-03-21 Last week: - reviewed a snowflake-webext README fix https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… - merged some missing commits from meek gitolite into gitlab https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/meek… Next week: - review draft MR for unreliable data channels https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… - open issue to have snowflake-client log whenever KCPInErrors is nonzero https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… - parent: https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… - open issue to disable /debug endpoint on snowflake broker - move snowflake-02 to new VM Help with: meskio: 2023-03-21 Last week: - captcha moat in rdsys (rdsys#182) - prometheus metrics for moat in rdsys (rdsys#124) - deploy rdsys and bridgestrap testing bridges every hour (bridgestrap#39) - fix and publish obfs4-bridge docker image for armv7 (docker-obfs4-proxy#18) - fix bugs introduced by me in bridgestrap (bridgestrap#41) Next week: - persistency for resources in rdsys (rdsys#56) Shelikhoo: 2024-03-28 Last Week: - [Merge Request Done] Add WebTunnel Client Support Integration to lyrebird (https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/lyre…) - [Merge Request WIP] Add Container Image Mirroring from Tor Gitlab to Docker Hub(https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/… - [Merge Request] Update lyrebird version to v0.2.0 https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/lyre… - [Merge Request] Rename Stable Container Tags to Latest https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… - Prepare for 3-min presentation - Prepare for the discussion session - Merge request reviews Next Week/TODO: onyinyang: 2023-03-14 Last week(s): - continued prep for HACS/DRL meeting - Sync-test rebase This week: - continue prep for HACS/DRL meeting - Attend HACS, then RWC, then DRL meeting (later things) - improve metrics collection/think about how to show Lox is working/valuable - sketch out Lox blog post/usage notes for forum - attempt hyper upgrade again (long term things were discussed at the meeting!): https://pad.riseup.net/p/tor-ac-community-azaleas-room-keep - brainstorming grouping strategies for Lox buckets (of bridges) and gathering context on how types of bridges are distributed/use in practice Question: What makes a bridge usable for a given user, and how can we encode that to best ensure we're getting the most appropriate resources to people? 1. Are there some obvious grouping strategies that we can already consider? e.g., by PT, by bandwidth (lower bandwidth bridges sacrificed to open-invitation buckets?), by locale (to be matched with a requesting user's geoip or something?) 2. Does it make sense to group 3 bridges/bucket, so trusted users have access to 3 bridges (and untrusted users have access to 1)? More? Less? theodorsm: 2023-03-14 Last weeks: - Created a setup for extracting fingerprints from DLTS handshakes and analyzed the previous webrtc/dtls data sets from https://github.com/kyle-macmillan/snowflake_fingerprintability. Found more fingerprints than presented in the original paper, but the fingerprints are not present in newer snowflake versions. - Contacted Sean DuBois at Pion, he is very supporting of the project and happy to merge features related to anti-censorsip - Started on a setup for collecting DTLS handshakes to be used for mimicking - Exploring and planning features for anti-fingerprinting techniques to implement in the Pion lib. Next weeks: - Creating a setup for generating DTLS handshakes of web-browsers with selenium/playwright. This will hopefully generate common handshakes/fingerprints Help with:

1 0

Retirement of Gitolite and GitWeb started, please migrate by end of year
by Antoine Beaupré 26 Mar '24

26 Mar '24

Hi, Gitolite (`git.torproject.org` and `git-rw.torproject.org`) and GitWeb (<https://gitweb.torproject.org>) will be fully retired within 9 to 12 months (by the end of Q2 2024). TPA will implement redirections on the web interfaces to maintain limited backwards compatibility for the old URLs. Start migrating your repositories now by following the [migration procedure][], and please complete the migration by the end of year 2023. See the full discussion in [TPA-RFC-36][]. [migration procedure]: https://gitlab.torproject.org/tpo/tpa/team/-/wikis/howto/git#how-to-migrate… [TPA-RFC-36]: https://gitlab.torproject.org/tpo/tpa/team/-/wikis/policy/tpa-rfc-36-gitoli… A. -- Antoine Beaupré torproject.org system administration

1 2

Anti-censorship team meeting notes, 2024-03-21
by meskio 21 Mar '24

21 Mar '24

Hey everyone! Here are our meeting logs: https://paste.debian.net/1311523/ (meetbot was not around) And our meeting pad: Anti-censorship -------------------------------- Next meeting: Thursday, March 28 16:00 UTC Facilitator: onyingyang Weekly meetings, every Thursday at 16:00 UTC, in #tor-meeting at OFTC (channel is logged while meetings are in progress) This week's Facilitator: meskio == Goal of this meeting == Weekly check-in about the status of anti-censorship work at Tor. Coordinate collaboration between people/teams on anti-censorship at the Tor Project and Tor community. == Links to Useful documents == * Our anti-censorship roadmap: * Roadmap:https://gitlab.torproject.org/groups/tpo/anti-censorship/-/boards * The anti-censorship team's wiki page: * https://gitlab.torproject.org/tpo/anti-censorship/team/-/wikis/home * Past meeting notes can be found at: * https://lists.torproject.org/pipermail/tor-project/ * Tickets that need reviews: from sponsors, we are working on: * All needs review tickets: * https://gitlab.torproject.org/groups/tpo/anti-censorship/-/merge_requests?s… * Sponsor 96 <-- meskio, shell, onyinyang, cohosh * https://gitlab.torproject.org/groups/tpo/-/milestones/24 * Sponsor 150 <-- meskio working on it * https://gitlab.torproject.org/groups/tpo/anti-censorship/-/issues/?label_na… == Announcements == == Discussion == * use snowflake's RoundedCounter in rdsys * https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… * duplicate the code? extract it to it's own library? import snowflake? * lets extract it to it's own library * meskio will open an issue to discuss the naming for it * Inconsistent release policy for containers between DockerHub and Gitlab * the latest in Dockerhub is the most recent stable release * the latest in Gitlab is the most recent commit on main(bleeding edge / nightly) * let's rename gitlab's latest to nightly and use latest for the latest stable image == Actions == == Interesting links == * == Reading group == * We will discuss "" on * * Questions to ask and goals to have: * What aspects of the paper are questionable? * Are there immediate actions we can take based on this work? * Are there long-term actions we can take based on this work? * Is there future work that we want to call out in hopes that others will pick it up? == Updates == Name: This week: - What you worked on this week. Next week: - What you are planning to work on next week. Help with: - Something you need help with. cecylia (cohosh): 2024-03-21 Last week: - released snowflake v2.9.2 - https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… - modified webext source prep to work with mozilla's new requirements - https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… - released version 0.7.5 of webextension - https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… - upgraded tor on conjure bridge - deployed snowflake sqs fixes - https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… - debugged some sqs errors - https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… - https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… This week: - open MR to change front domain for OONI tests (waiting on Go 1.21 support) - work on reproducing some reported SQS errors and open a public issue for it - compile a list of next-steps for lox - update wasm-bindgen fork to fix some bugs and hopefully upstream changes - tor-browser-build updates for lox wasm + bindings generation Needs help with: dcf: 2024-03-21 Last week: - reviewed a snowflake-webext README fix https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… - merged some missing commits from meek gitolite into gitlab https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/meek… Next week: - review draft MR for unreliable data channels https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… - open issue to have snowflake-client log whenever KCPInErrors is nonzero https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… - parent: https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… - open issue to disable /debug endpoint on snowflake broker - move snowflake-02 to new VM Help with: meskio: 2023-03-21 Last week: - captcha moat in rdsys (rdsys#182) - prometheus metrics for moat in rdsys (rdsys#124) - deploy rdsys and bridgestrap testing bridges every hour (bridgestrap#39) - fix and publish obfs4-bridge docker image for armv7 (docker-obfs4-proxy#18) - fix bugs introduced by me in bridgestrap (bridgestrap#41) Next week: - persistency for resources in rdsys (rdsys#56) Shelikhoo: 2024-03-21 Last Week: - [Merge Request] Add WebTunnel Client Support Integration to lyrebird (https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/lyre…) - [Merge Request WIP] Add Container Image Mirroring from Tor Gitlab to Docker Hub(https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/… - Prepare for 3-min presentation - Prepare for the discussion session - Merge request reviews(a lots of them!) Next Week/TODO: - [Research] Inspect Snowflake Situation In China - [Merge Request] Add WebTunnel Client Support Integration to lyrebird (https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/lyre…) - [Merge Request WIP] Add Container Image Mirroring from Tor Gitlab to Docker Hub(https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/… - Prepare for 3-min presentation - Prepare for the discussion session onyinyang: 2023-03-14 Last week(s): - continued prep for HACS/DRL meeting - Sync-test rebase This week: - continue prep for HACS/DRL meeting - Attend HACS, then RWC, then DRL meeting (later things) - improve metrics collection/think about how to show Lox is working/valuable - sketch out Lox blog post/usage notes for forum - attempt hyper upgrade again (long term things were discussed at the meeting!): https://pad.riseup.net/p/tor-ac-community-azaleas-room-keep - brainstorming grouping strategies for Lox buckets (of bridges) and gathering context on how types of bridges are distributed/use in practice Question: What makes a bridge usable for a given user, and how can we encode that to best ensure we're getting the most appropriate resources to people? 1. Are there some obvious grouping strategies that we can already consider? e.g., by PT, by bandwidth (lower bandwidth bridges sacrificed to open-invitation buckets?), by locale (to be matched with a requesting user's geoip or something?) 2. Does it make sense to group 3 bridges/bucket, so trusted users have access to 3 bridges (and untrusted users have access to 1)? More? Less? theodorsm: 2023-03-14 Last weeks: - Created a setup for extracting fingerprints from DLTS handshakes and analyzed the previous webrtc/dtls data sets from https://github.com/kyle-macmillan/snowflake_fingerprintability. Found more fingerprints than presented in the original paper, but the fingerprints are not present in newer snowflake versions. - Contacted Sean DuBois at Pion, he is very supporting of the project and happy to merge features related to anti-censorsip - Started on a setup for collecting DTLS handshakes to be used for mimicking - Exploring and planning features for anti-fingerprinting techniques to implement in the Pion lib. Next weeks: - Creating a setup for generating DTLS handshakes of web-browsers with selenium/playwright. This will hopefully generate common handshakes/fingerprints Help with: -- meskio | https://meskio.net/ -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- My contact info: https://meskio.net/crypto.txt -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Nos vamos a Croatan.

1 0

Tails report for February 2024
by bokonon 19 Mar '24

19 Mar '24

*Tails report for February 2024* <https://tails.net/news/report_2024_02/> Highlights Despite the bonus day this year, February flew by pretty quickly! Here's what we were up to: * We ended February more resilient and collaborative than when we started. We have new tooling to make it easier to work on shared documents, and use XMPP more effectively. We also worked to strengthen our front-end services and set up the back-end infrastructre to build redundancies into our services. * In 2021 and 2022, our usability tests with human rights defenders in Mexico and Brazil <https://tails.net/news/improving_in_latam/index.en.html> prompted several improvements in the installation instructions for Tails. Fixing 16 of the identified usability issues were remaining, and we fixed them all this month. These tests, experiences, and improvements will greatly shape our future trainings. * We finished updating our website for Tails 6.0. Check out the rewritten recommendation on secure deletion <https://tails.net/doc/encryption_and_privacy/secure_deletion/index.en.html>. Releases 📢 Tails 6.0 is out <https://tails.net/news/version_6.0/index.en.html>! Tails 6.0 is the first version of Tails based on Debian 12 ("bookworm"), and is the sexiest, slickest, and sleekest Tails yet. It brings: * several important security updates: more robust error detection for the Persistent Storage, protections against malicious USB devices, and Diceware word lists in Catalan, German, Italian, Portuguese, and Spanish * some more usability features: new light modes—dark, night, and a combination of both; easier screenshoting and screencasting; and easier Gmail configuration in Thunderbird * and, updated version of most of the applications in Tails To know more, check out the Tails 6.0 release notes <https://tails.net/news/version_6.0/index.en.html> and the changelog <https://gitlab.tails.boum.org/tails/tails/-/blob/master/debian/changelog>. Thank you to everyone who helped us out by testing the release candidate <https://tails.net/news/test_6.0-rc1/>. Metrics Tails was started more than 806,714 times this month. That's a daily average of over 27,817 boots.

1 0

Anti-censorship team meeting notes, 2024-03-14
by Shelikhoo 14 Mar '24

14 Mar '24

Hey everyone! Here are our meeting logs: http://meetbot.debian.net/tor-meeting/2024/tor-meeting.2024-03-14-15.57.html And our meeting pad: Anti-censorship work meeting pad -------------------------------- Anti-censorship -------------------------------- Next meeting: Thursday, March 21 16:00 UTC Facilitator: meskio Weekly meetings, every Thursday at 16:00 UTC, in #tor-meeting at OFTC (channel is logged while meetings are in progress) This week's Facilitator: shelikhoo == Goal of this meeting == Weekly check-in about the status of anti-censorship work at Tor. Coordinate collaboration between people/teams on anti-censorship at the Tor Project and Tor community. == Links to Useful documents == * Our anti-censorship roadmap: * Roadmap:https://gitlab.torproject.org/groups/tpo/anti-censorship/-/boards * The anti-censorship team's wiki page: * https://gitlab.torproject.org/tpo/anti-censorship/team/-/wikis/home * Past meeting notes can be found at: * https://lists.torproject.org/pipermail/tor-project/ * Tickets that need reviews: from sponsors, we are working on: * All needs review tickets: * https://gitlab.torproject.org/groups/tpo/anti-censorship/-/merge_requests?s… * Sponsor 96 <-- meskio, shell, onyinyang, cohosh * https://gitlab.torproject.org/groups/tpo/-/milestones/24 * Sponsor 150 <-- meskio working on it * https://gitlab.torproject.org/groups/tpo/anti-censorship/-/issues/?label_na… == Announcements == - Elections in Russia (March 14 - 17) == Discussion == Last week: * should we deprecate docker-snowflake-proxy? * There is now a snowflake Dockerfile for the proxy in the main snowflake repo * https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… * do we need to do something to integrate it in our release process? * yes, we will deprecated * shelikhoo will move that forward in this issue: https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… * Fastly domain fronting updates * https://github.com/net4people/bbs/issues/309 * https://gitlab.torproject.org/tpo/anti-censorship/team/-/issues/135 New: * PTs removed from ios onionbrowser because of RAM constraints * https://github.com/guardianproject/orbot/issues/1106 * snowflake-webextension still (2024-03-12) being rejected from Mozilla add-ons? https://paste.mozilla.org/Vh9jKk5g * Error: Command failed: git submodule update --init -- translation * fatal: not a git repository (or any of the parent directories): .git * https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… == Actions == == Interesting links == * https://github.com/getlantern/broflake Lantern's new Snowflake-like, uses QUIC, WASM, WebTransport == Reading group == * We will discuss "" on * * Questions to ask and goals to have: * What aspects of the paper are questionable? * Are there immediate actions we can take based on this work? * Are there long-term actions we can take based on this work? * Is there future work that we want to call out in hopes that others will pick it up? == Updates == Name: This week: - What you worked on this week. Next week: - What you are planning to work on next week. Help with: - Something you need help with. cecylia (cohosh): 2024-03-14 Last week: - reviewed Lox MRs - refactored Lox's bridge_replace function - https://gitlab.torproject.org/tpo/anti-censorship/lox/-/merge_requests/143 - improved error types for lox-library::proto::*::request functions - https://gitlab.torproject.org/tpo/anti-censorship/lox/-/merge_requests/144 - removed fixed length fields from Lox's BridgeLine struct - https://gitlab.torproject.org/tpo/anti-censorship/lox/-/merge_requests/147 - responded to mozilla addon store rejection This week: - open MR to change front domain for OONI tests - deploy snowflake sqs fix - followup on web extension rejection from mozilla - compile a list of next-steps for lox - update wasm-bindgen fork to fix some bugs and hopefully upstream changes - tor-browser-build updates for lox wasm + bindings generation - Conjure bridge maintenance Needs help with: dcf: 2024-03-14 Last week: - azure CDN bookkeeping https://gitlab.torproject.org/tpo/anti-censorship/team/-/wikis/Snowflake-co… - answered a question about Snowflake proxies https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… Next week: - review draft MR for unreliable data channels https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… - open issue to have snowflake-client log whenever KCPInErrors is nonzero https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… - parent: https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… - open issue to disable /debug endpoint on snowflake broker - move snowflake-02 to new VM Help with: meskio: 2023-03-14 Last week: - make obfs4-bridge docker image work in armv7 (docker-obfs4-bridge#18) - publish bridgestrap collector metrics every hour (bridgestrap#39) - export bridge tests results on assignments.log (rdsys!280) - document new assignments.log format on the metrics website (metrics/website!71) - fix moat not distributing bridges config problem (rdsys#190) Next week: - captcha moat in rdsys Shelikhoo: 2024-03-14 Last Week: - [Merge Request Done] Remove translation for Tor Project URL https://gitlab.torproject.org/tpo/anti-censorship/rdsys/-/merge_requests/278 - Write WebTunnel Blog Post Draft - Prepare for 3-min presentation - Merge request reviews(a lots of them!) Next Week/TODO: - [Research] Inspect Snowflake Situation In China - Prepare for 3-min presentation onyinyang: 2023-03-14 Last week(s): - continued prep for HACS/DRL meeting - Sync-test rebase This week: - continue prep for HACS/DRL meeting - Attend HACS, then RWC, then DRL meeting (later things) - improve metrics collection/think about how to show Lox is working/valuable - sketch out Lox blog post/usage notes for forum - attempt hyper upgrade again (long term things were discussed at the meeting!): https://pad.riseup.net/p/tor-ac-community-azaleas-room-keep - brainstorming grouping strategies for Lox buckets (of bridges) and gathering context on how types of bridges are distributed/use in practice Question: What makes a bridge usable for a given user, and how can we encode that to best ensure we're getting the most appropriate resources to people? 1. Are there some obvious grouping strategies that we can already consider? e.g., by PT, by bandwidth (lower bandwidth bridges sacrificed to open-invitation buckets?), by locale (to be matched with a requesting user's geoip or something?) 2. Does it make sense to group 3 bridges/bucket, so trusted users have access to 3 bridges (and untrusted users have access to 1)? More? Less? theodorsm: 2023-03-14 Last weeks: - Created a setup for extracting fingerprints from DLTS handshakes and analyzed the previous webrtc/dtls data sets from https://github.com/kyle-macmillan/snowflake_fingerprintability. Found more fingerprints than presented in the original paper, but the fingerprints are not present in newer snowflake versions. - Contacted Sean DuBois at Pion, he is very supporting of the project and happy to merge features related to anti-censorsip - Started on a setup for collecting DTLS handshakes to be used for mimicking - Exploring and planning features for anti-fingerprinting techniques to implement in the Pion lib. Next weeks: - Creating a setup for generating DTLS handshakes of web-browsers with selenium/playwright. This will hopefully generate common handshakes/fingerprints Help with:

1 0

Anti-censorship team meeting notes, 2024-05-07
by onyinyang 08 Mar '24

08 Mar '24

Hey everyone! Here are our meeting logs: http://meetbot.debian.net/tor-meeting/2024/tor-meeting.2024-03-07-15.58.html And our meeting pad: Anti-censorship work meeting pad -------------------------------- Anti-censorship -------------------------------- Next meeting: Thursday, March 14 16:00 UTC Facilitator: shelikhoo Weekly meetings, every Thursday at 16:00 UTC, in #tor-meeting at OFTC (channel is logged while meetings are in progress) This week's Facilitator: onyinyang == Goal of this meeting == Weekly check-in about the status of anti-censorship work at Tor. Coordinate collaboration between people/teams on anti-censorship at the Tor Project and Tor community. == Links to Useful documents == * Our anti-censorship roadmap: * Roadmap:https://gitlab.torproject.org/groups/tpo/anti-censorship/-/boards * The anti-censorship team's wiki page: * https://gitlab.torproject.org/tpo/anti-censorship/team/-/wikis/home * Past meeting notes can be found at: * https://lists.torproject.org/pipermail/tor-project/ * Tickets that need reviews: from sponsors, we are working on: * All needs review tickets: * https://gitlab.torproject.org/groups/tpo/anti-censorship/-/merge_requests?s… * Sponsor 96 <-- meskio, shell, onyinyang, cohosh * https://gitlab.torproject.org/groups/tpo/-/milestones/24 * Sponsor 150 <-- meskio working on it * https://gitlab.torproject.org/groups/tpo/anti-censorship/-/issues/?label_na… == Announcements == - Ireland Constitution Amendment Referendum: March 8th == Discussion == From last week: * Unclear whether AWS will allow public disclosure of credentials * https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… * we are waiting for their response which is dependent on rotating credentials (at least) * cohosh will do this and try to move the conversation further afterwards New: * should we deprecate docker-snowflake-proxy? * There is now a snowflake Dockerfile for the proxy in the main snowflake repo * https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… * do we need to do something to integrate it in our release process? * yes, we will deprecated * shelikhoo will move that forward in this issue: https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… * Fastly domain fronting updates * https://github.com/net4people/bbs/issues/309 * https://gitlab.torproject.org/tpo/anti-censorship/team/-/issues/135 == Actions == == Interesting links == * https://opencollective.com/censorship-circumvention/projects/snowflake-dail… == Reading group == * We will discuss "" on * * Questions to ask and goals to have: * What aspects of the paper are questionable? * Are there immediate actions we can take based on this work? * Are there long-term actions we can take based on this work? * Is there future work that we want to call out in hopes that others will pick it up? == Updates == Name: This week: - What you worked on this week. Next week: - What you are planning to work on next week. Help with: - Something you need help with. cecylia (cohosh): 2024-03-07 Last week: - various tasks to recover from fastly issue - https://gitlab.torproject.org/tpo/anti-censorship/team/-/issues/135 - https://gitlab.torproject.org/tpo/applications/tor-browser/-/merge_requests… - https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/merge_re… - https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/42436 - coordinated with a new meek bridge operator - reviewed SQS queue reuse MR - https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… - fixed snowflake shadow integration tests - https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… - https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… This week: - open MR to change front domain for OONI tests - continue following up on AWS support case - review lox synchronization fix - compile a list of next-steps for lox - update wasm-bindgen fork to fix some bugs and hopefully upstream changes - tor-browser-build updates for lox wasm + bindings generation - Conjure bridge maintenance Needs help with: dcf: 2024-03-07 Last week: - reported a slow SQS rendezvous https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… Next week: - review draft MR for unreliable data channels https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… - open issue to have snowflake-client log whenever KCPInErrors is nonzero https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… - parent: https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… - open issue to disable /debug endpoint on snowflake broker - move snowflake-02 to new VM Help with: meskio: 2023-03-07 Last week: - deal with big collector metrics in bridgestrap (bridgestrap#41) - obfs4-bridge now has a sable UID/GID in docker (docker-obfs4-proxy#17) - export test result on the assignments.log (rdsys#177) - test bridges in bridgestrap every 3h (bridgestrap#39) - review HTTPS rdsys distributor (rdsys!260) - review client poll metrics by rendezvous method by country (snowflake!258) Next week: - distributor persistance in rdsys (rdsys#56) Shelikhoo: 2024-03-07 Last Week: - [Merge Request Done]HTTPS distributors in rdsys: https://gitlab.torproject.org/tpo/anti-censorship/rdsys/-/merge_requests/260 - [Merge Request] Remove translation for Tor Project URL https://gitlab.torproject.org/tpo/anti-censorship/rdsys/-/merge_requests/278 - Inspect Snowflake Situation In China and create ticket for that https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… - Create Issue for "Merging webtunnel + lyrebird" https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/lyre… - Write WebTunnel Blog Post Draft - Merge request reviews Next Week/TODO: - [Research] Inspect Snowflake Situation In China - Prepare for 3-min presentation onyinyang: 2023-03-07 Last week(s): - continued prep for HACS/DRL meeting - finished base64 invitation encoding This week: - continue prep for HACS/DRL meeting - improve metrics collection/think about how to show Lox is working/valuable - sketch out Lox blog post/usage notes for forum - attempt hyper upgrade again (long term things were discussed at the meeting!): https://pad.riseup.net/p/tor-ac-community-azaleas-room-keep - brainstorming grouping strategies for Lox buckets (of bridges) and gathering context on how types of bridges are distributed/use in practice Question: What makes a bridge usable for a given user, and how can we encode that to best ensure we're getting the most appropriate resources to people? 1. Are there some obvious grouping strategies that we can already consider? e.g., by PT, by bandwidth (lower bandwidth bridges sacrificed to open-invitation buckets?), by locale (to be matched with a requesting user's geoip or something?) 2. Does it make sense to group 3 bridges/bucket, so trusted users have access to 3 bridges (and untrusted users have access to 1)? More? Less? theodorsm: 2023-01-11 Last weeks: - Currently in the start phase of writing my master thesis (to be finished late june 2024) in communication technology on reducing distinguishability of DTLS. The goal is to implement a validated DTLS anti-fingerprinting library similar to uTLS (useful for Snowflake). Next weeks: - Talk with Sean DuBois about contributing to adding anti-fingerprinting capabilities to the pion library Help with: - Find recent data set of captured DTLS traffic -- --- onyinyang GPG Fingerprint 3CC3 F8CC E9D0 A92F A108 38EF 156A 6435 430C 2036

1 0