- tor-project - lists.torproject.org

Anti-censorship team meeting notes, 2025-06-12
by onyinyang 12 Jun '25

12 Jun '25

Hey everyone! Here are our meeting logs: http://meetbot.debian.net/tor-meeting/2025/tor-meeting.2025-06-12-16.01.html And our meeting pad: Anti-censorship work meeting pad -------------------------------- Anti-censorship -------------------------------- Next meeting: Thursday, June 19 16:00 UTC Facilitator: shelikhoo ^^^(See Facilitator Queue at tail) Weekly meetings, every Thursday at 16:00 UTC, in #tor-meeting at OFTC (channel is logged while meetings are in progress) This week's Facilitator: onyinyang == Goal of this meeting == Weekly check-in about the status of anti-censorship work at Tor. Coordinate collaboration between people/teams on anti-censorship at the Tor Project and Tor community. == Links to Useful documents == * Our anti-censorship roadmap: * Roadmap:https://gitlab.torproject.org/groups/tpo/anti-censorship/-/boards * The anti-censorship team's wiki page: * https://gitlab.torproject.org/tpo/anti-censorship/team/-/wikis/home * Past meeting notes can be found at: * https://lists.torproject.org/pipermail/tor-project/ * Tickets that need reviews: from projects, we are working on: * All needs review tickets: * https://gitlab.torproject.org/groups/tpo/anti-censorship/-/merge_requests?s… * Project 158 <-- meskio working on it * https://gitlab.torproject.org/groups/tpo/anti-censorship/-/issues/?label_na… == Announcements == * == Discussion == * learning from the CDN77 outage * https://gitlab.torproject.org/tpo/anti-censorship/team/-/issues/161 * exposing snowflake rendezvous options in the transport selection menu * (to make it easy for someone to activate ampcache, for example, without editing bridge lines and without downloading an update) * we could bake the rendezvous option into the transport name in the dropdown menu, e.g. snowflake-cdn77, snowflake-google-amp, snowflake-amazon-sqs, ... * this could take just a couple of weeks to deploy * possible caveat: circumvention settings may rely on specific transport name labels. E.g., circumvention settings calls meek "meek-azure". * a transport-specific configuration UI (allowing to edit all options, not just the rendezvous method) would take much longer, on the order of months * and would need discussion with the UX team about whether it's even a good idea to present that sort of interface * consensus is to proceed with multiple transport labels * let's diversify our domain fronts * maybe configure some ampcache bridge by default * no ampcache bridge for now, but try to get it included as one of the rendezvous options as discussed above * was there monitoring in place that could have detected it earlier? (we noticed it about 2h after it happened) * we could add an alert in prometheus, for example check for a large drop in the number of requests (such as is visible in the graph at https://gitlab.torproject.org/tpo/anti-censorship/team/-/issues/161#note_32…) * netlify is set up now, should we move moat to it, so that snowflake rendezvous and moat are not coupled with regard to failures? * netlify for our use case seems free * 100 GB/month * moat last month used 25.1 GB (seems ok) * snowflake rendezvous used 92.4 GB (that's pretty close to being billable) * moat domain front is not that easy to change: it requires a new TB release * any way to test it before deploying it fully? * alpha only, for a while? * meskio will create an issue * what do we do with moat bridges * https://gitlab.torproject.org/tpo/anti-censorship/rdsys/-/issues/233 * we stopped distributing moat bridges 8 months ago (with the deactivation of BridgeDB) * operators of those bridges talk about their not being used * they could be reassigned to another distributor or be used for some other purpose * but there exists the risk that they are already blocking in China and Russia * during the 2021 Tor blocking incident in Russia, meskio checked and most moat bridges were blocked there, whereas bridges of other distributors were not blocked to the same degree * a query is pending with trinity to assess the actual usage level of moat bridges * ggus suggests reassigning half of bridges to telegram, half to circumvention settings * it is so decided, meskio will work on it * also need to notify bridge operators who have manually set their bridges to moat distribution, so they can change it * distribute webtunnel bridges over telegram * https://gitlab.torproject.org/tpo/anti-censorship/team/-/issues/158 * currently: webtunnel distributed only through https and settings * community team reports user satisfaction with the telegram distributor, asks if it is possible to distribute webtunnel bridges there * a required first step is to configure rdsys to start collecting (new) webtunnel bridges for the telegram distributor * can't start distributing them until there is a sufficient number * start collecting webtunnel bridges on rdsys and see what happens? (whether there appear enough of them?) * it's also possible to temporarily increase the probability that new bridges get assigned to telegram (the probability distribution is defined by us) * either just new webtunnel bridges, or any kind of bridge (i.e. obfs4 or webtunnel) * probability ratios are not tied to transports, it's not currently possible to increase the ratio just for webtunnel * issue assigned to onyinyang == Actions == == Interesting links == * https://opencollective.com/censorship-circumvention/projects/snowflake-dail… * Snowflake usage in Turkmenistan remains elevated, though not as high as before. * https://ntc.party/t/huge-increase-in-snowflake-users-from-turkmenistan-sinc… * Asked on NTC about Snowflake users in Turkmenistan. * One user points to InviZible Pro (https://invizible.net/en/) which agrees with https://gitlab.torproject.org/tpo/community/support/-/issues/40098#note_319… * https://theodorsm.net/FOCI25 * "Fingerprint-resistant DTLS for usage in Snowflake". (draft) accepted paper to FOCI 25. Condensed master thesis of theodorsm and some further analysis. * Camera-ready deadline 2025-06-22 * Key takeaways: * covert-dtls is stable when mimicking DTLS 1.2 handshakes, while the randomization approach— though more resistant to fingerprinting — tends to be less stable. * Chrome webextensions are more unstable than standalone proxies * covert-dtls should be integrated in Snowflake proxies as they produce the ClientHello messages during the DTLS handshake. * Chrome randomizes the order of extension list. * Firefox uses DTLS 1.3 by default in WebRTC. * A prompt adoption of DTLS 1.3 in both Snowflake and covert-dtls is needed to keep up with browsers * The evolution of browsers’ fingerprints had no noticeable effect on Snowflake’s number of daily users over the last year. * Even with a sharp drop in the amount of proxies, it does not seem to affect the number of Snowflake users. * Browser extensions make Snowflake resistant to ClientHello fingerprinting. * Standalone proxies can serve more Snowflake clients per volunteer than webextensions. * We need metrics on which types of proxies are actually being matched and successfully used by clients. == Reading group == * We will discuss "A Wall Behind A Wall: Emerging Regional Censorship in China (Henan firewall)" on June 19 * https://gfw.report/publications/sp25/en/ * Questions to ask and goals to have: * What aspects of the paper are questionable? * Are there immediate actions we can take based on this work? * Are there long-term actions we can take based on this work? * Is there future work that we want to call out in hopes that others will pick it up? == Updates == Name: This week: - What you worked on this week. Next week: - What you are planning to work on next week. Help with: - Something you need help with. cecylia (cohosh): 2025-06-12 Last week: - responded to cdn77 outage - updated SQS costs https://gitlab.torproject.org/tpo/anti-censorship/team/-/wikis/Snowflake-co… This week: - follow up on snowflake rendezvous failures - take a look at potential snowflake orbot bug - https://github.com/guardianproject/orbot-android/issues/1183 dcf: 2025-06-12 Last week: - assisted with the CDN77 temporary outage issue https://gitlab.torproject.org/tpo/anti-censorship/team/-/issues/161 Next week: - open issue to have snowflake-client log whenever KCPInErrors is nonzero https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… - parent: https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… Help with: meskio: 2024-06-12 Last week: - staging server is distributing bridges and sends emails (rdsys#219) - servers upgrade to trixie, onbasca broke, but the rest is fine - CDN77 outrage - update telegram distributor config Next week: - steps towards a rdsys in containers (rdsys#219) - investigate why we don't distribute webtunnel bridges over https some days (rdsys#262) Shelikhoo: 2024-06-12 Last Week: - [Testing] Unreliable+unordered WebRTC data channel transport for Snowflake rev2 (cont.)( https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… ) testing environment setup/research - Snowfalke Staging Server Experiment - Emergency fix of CDN77 https://gitlab.torproject.org/tpo/anti-censorship/team/-/issues/161#note_32… - Merge request reviews Next Week/TODO: - Merge request reviews - Support the Testing of domain fronting sites ( https://gitlab.torproject.org/tpo/anti-censorship/connectivity-measurement/… ) (cont.) - [Merge Request] Add Domain Fronting Testing Support to logcollector ( https://gitlab.torproject.org/tpo/anti-censorship/connectivity-measurement/… ) onyinyang: 2025-06-12 Last week(s): - Completed implementation of conjure DNS registrar - using the min transport https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/conj… - Started looking into unresolved lox issues, signalling channel library Next week: Switch back to some of these: As time allows: - review Tor browser Lox integration https://gitlab.torproject.org/tpo/applications/tor-browser/-/merge_requests… - add TTL cache to lox MR for duplicate responses: https://gitlab.torproject.org/tpo/anti-censorship/lox/-/merge_requests/305 - Work on outstanding milestone issues: - key rotation automation Later: pending decision on abandoning lox wasm in favour of some kind of FFI? https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/43096) - add pref to handle timing for pubkey checks in Tor browser - add trusted invitation logic to tor browser integration: https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/42974 - improve metrics collection/think about how to show Lox is working/valuable - sketch out Lox blog post/usage notes for forum (long term things were discussed at the meeting!): - brainstorming grouping strategies for Lox buckets (of bridges) and gathering context on how types of bridges are distributed/use in practice Question: What makes a bridge usable for a given user, and how can we encode that to best ensure we're getting the most appropriate resources to people? 1. Are there some obvious grouping strategies that we can already consider? e.g., by PT, by bandwidth (lower bandwidth bridges sacrificed to open-invitation buckets?), by locale (to be matched with a requesting user's geoip or something?) 2. Does it make sense to group 3 bridges/bucket, so trusted users have access to 3 bridges (and untrusted users have access to 1)? More? Less? theodorsm: 2025-06-12 Last weeks: - Applying for funding from NLnet to implement DTLS 1.3 in Pion. Got through the first round. - Writing paper for FOCI: continuation of master thesis about reducing distinguishability of DTLS in Snowflake by implementing covert-dtls, further analysis of collected browser fingerprint and stability test of covert-dtls in snowflake proxies. Draft: https://theodorsm.net/FOCI25 - Key takeaways: * covert-dtls is stable when mimicking DTLS 1.2 handshakes, while the randomization approach— though more resistant to fingerprinting — tends to be less stable. * Chrome webextensions are more unstable than standalone proxies * covert-dtls should be integrated in Snowflake proxies as they produce the ClientHello messages during the DTLS handshake. * Chrome randomizes the order of extension list. * Firefox uses DTLS 1.3 by default in WebRTC. * A prompt adoption of DTLS 1.3 in both Snowflake and our fingerprint-resistant library is needed to keep up with browsers * The evolution of browsers’ fingerprints had no noticeable effect on Snowflake’s number of daily users over the last year. * Even with a sharp drop in the amount of proxies, it does not seem to affect the number of Snowflake users. * Browser extensions make Snowflake resistant to ClientHello fingerprinting. * Standalone proxies can serve more Snowflake clients per volunteer than webextensions. * We need metrics on which types of proxies are actually being matched and successfully used by clients. Next weeks: - Getting paper camera ready. - Fix merge conflicts in MR (https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow…) Help with: - Should we do user testing of covert-dtls? Facilitator Queue: meskio shelikhoo onyinyang 1. First available staff in the Facilitator Queue will be the facilitator for the meeting 2. After facilitating the meeting, the facilitator will be moved to the tail of the queue -- --- onyinyang GPG Fingerprint 3CC3 F8CC E9D0 A92F A108 38EF 156A 6435 430C 2036

1 0

User Support Report for May 2025
by ebanam 05 Jun '25

05 Jun '25

Hello everyone, Starting this month the Community team will publish one report with all updates related to our user support activities. # Summary of updates from user support ## Farsi-speaking user support - Haidi worked on localized user support for Farsi-speaking users which included but was not limited to helping users to troubleshoot, gather feedback and help with instructions to use censorship circumvention methods in Tor Browser Desktop and Android and other Tor powered apps (like Orbot and Onion Browser). * 36 tickets in total * 2 tickets on email * 34 tickets on Telegram ## Russian-speaking user support - Nina worked on reviewing, answering and processing feedback from Google Play Store comments and localized user support for Russian-speaking users which included but was not limited to helping users with instructions to use censorship circumvention methods in Tor Browser Desktop and Android and other Tor powered apps (like Orbot, Onion Browser, Tails), troubleshoot and gather user feedback. * 1138 tickets in total * 244 tickets on email * 892 tickets on Telegram * 2 tickets on Signal ## General user support - ebanam worked on Tor Browser user support related tasks prior to and after Tor Browser releases; documentation for the upcoming Tor VPN android client[0]; updated user-facing documentation in the Tor Browser User Manual and some small updates to the Support Portal and helping users in regions where Tor is censored which included but was not limited to helping users with instructions to use censorship circumvention methods that work best, troubleshoot, censorship analysis and gathering user feedback. * 708 tickets in total * 571 tickets on email * 119 tickets on Telegram * 5 tickets on WhatsApp * 13 tickets on Signal That's it for the summary, following is a more detailed report about the tickets our user support team worked on last month. # Frontdesk (email user support channel) * 844(↑) RT tickets created * 848(↑) RT tickets resolved Tickets by topics and numbers: 1. 398(↑) tickets: instructions to circumvent censorship for Chinese speaking users. 2. 244(↑) tickets: circumventing censorship in Russian speaking countries. 3. 79(↑) tickets: help with troubleshooting existing Tor Browser install on Desktop (Windows, macOS and Linux). 4. 7(↓) tickets: help with installing Tor Browser on Desktop. 5. 5(↑) tickets: help with troubleshooting existing Tor Browser install on Android. 6. 5(↑) tickets: reports of websites blocking Tor connections. 7. 3(↑) tickets: users seeing a "proxy refused" error when visiting websites on Tor Browser for Android using Samsung devices.[1] 8. 2(↑) tickets: circumventing censorship with Tor in Farsi. 9. 2(↑) tickets: queries from Tor relay operators. 10. 1(↓) ticket: reports of fake apps on iOS AppStore masquerading as official Tor Browser. 11. 1(↓) ticket: questions about onion services and how to access them. 12. 1(↑) ticket: question about contributing to Tor. 13. 1(-) ticket: helping users on iOS, using Onion Browser or Orbot, to use censorship circumvention methods. 14. 1(↑) ticket: help with using Snowflake with Tor to circumvent censorship. 15. 1(-) ticket: help with instructions to use bridges with Orbot. 16. 1(↑) ticket: false positive with anti-virus software when using Tor Browser. 17. 1(↑) ticket: Tor Forum account deletion request. # Telegram, WhatsApp and Signal user support channels * 1128(↑) tickets resolved Breakdown: * 1103(↑) tickets on Telegram * 9(↓) tickets on WhatsApp * 16(↓) tickets on Signal Tickets by topics and numbers: 1. 892(↑) tickets: circumventing censorship in Russian speaking countries. 2. 40(↓) tickets: instructions to circumvent censorship for Chinese speaking users. 3. 34(↓) tickets: circumventing censorship with Tor in Farsi. 4. 22(↑) tickets: helping users on iOS, using Onion Browser or Orbot, to use censorship circumvention methods. 5. 18(↑) tickets: instructions to use WebTunnel pluggable transport with Tor Browser. 6. 17(↑) tickets: help with troubleshooting Tor Browser Android. 7. 17(↑) tickets: instructions on how to get Tor Browser binaries from GetTor. 8. 11(-) tickets: help with troubleshooting Tor Browser Desktop on Windows, macOS and Linux. 9. 7(↑) tickets: help with instructions to use bridges with Tails. 10. 5(↑) tickets: help with instructions to use bridges with Orbot. 11. 3(↓) tickets: questions about onion services and how to access them. 12. 3(↑) tickets: users seeing a "proxy refused" error when visiting websites on Tor Browser for Android using Samsung devices. 13. 2(↑) tickets: reports of fake apps on iOS AppStore masquerading as official Tor Browser. 14. 1(↑) ticket: help with using Snowflake with Tor to circumvent censorship. # Highlights from the Tor Forum * General questions about verifying Tor Browser GPG signature.[2] * Tor Browser and false positives with anti-virus software.[3] * Bridges website hitting an error while fetching bridges with WebTunnel pluggable transport.[4] * Discussion about using Onion Browser and Orbot on iOS.[5] # Highlights from Google Play Store * Tor Browser for Android had a Google Play rating of 4.407 (↓0.009) stars in May, lower as compared to April 25. * In May, Tor Browser for Android (TBA) received 699 (↑74) new reviews. With the total count of reviews for the app standing at 62,556. * Tor Browser for Android Alpha (TBA - Alpha) had a rating of 4.198 (↓0.015) stars in May, lower as compared to April 25. * In May, Tor Browser for Android Alpha (TBA - Alpha) received 33 (↓12) new reviews. With the total count of reviews for the app standing at 8,574. Last month, the major complaints we got about Tor Browser for Android were related to Tor Browser's browsing speed[6]. We got over 40 comments about the browser being extremely slow from users who are not located in regions where Tor is censored. Note: (↑), (↓) and (-) are indicating if the number of tickets we received for these topics have been increasing, decreasing or have been the same from the previous month respectively. Thanks! -- ebanam (on behalf of the Community Team) [0]: https://gitlab.torproject.org/tpo/web/support/-/issues/370 [1]: https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/42714 [2]: https://forum.torproject.org/t/verifying-tor-browser-some-general-questions… [3]: https://forum.torproject.org/t/malware-infected-version-of-tor/18877 [4]: https://forum.torproject.org/t/cant-get-webtunnel-bridges/18803 [5]: https://forum.torproject.org/t/what-is-the-most-secure-way-to-use-onion-bro… [6]: https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/43841

1 0

Anti-censorship team meeting notes, 2025-06-05
by meskio 05 Jun '25

05 Jun '25

Hey everyone! Here are our meeting logs: http://meetbot.debian.net/tor-meeting/2025/tor-meeting.2025-06-05-16.00.html And our meeting pad: Anti-censorship -------------------------------- Next meeting: Thursday, June 12 16:00 UTC Facilitator: onyinyang ^^^(See Facilitator Queue at tail) Weekly meetings, every Thursday at 16:00 UTC, in #tor-meeting at OFTC (channel is logged while meetings are in progress) This week's Facilitator: meskio == Goal of this meeting == Weekly check-in about the status of anti-censorship work at Tor. Coordinate collaboration between people/teams on anti-censorship at the Tor Project and Tor community. == Links to Useful documents == * Our anti-censorship roadmap: * Roadmap:https://gitlab.torproject.org/groups/tpo/anti-censorship/-/boards * The anti-censorship team's wiki page: * https://gitlab.torproject.org/tpo/anti-censorship/team/-/wikis/home * Past meeting notes can be found at: * https://lists.torproject.org/pipermail/tor-project/ * Tickets that need reviews: from projects, we are working on: * All needs review tickets: * https://gitlab.torproject.org/groups/tpo/anti-censorship/-/merge_requests?s… * Project 158 <-- meskio working on it * https://gitlab.torproject.org/groups/tpo/anti-censorship/-/issues/?label_na… == Announcements == * == Discussion == * Adding more snowflake builtin bridge options * https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/43842 * Orbot exposes 3 different snowflake rendezvous methods (domain fronting, ampcache, sqs). Unlike Tor Browser, users can configure a rendezvous method themselves by choosing from a menu. In Tor Browser, the rendezvous method can only change via Circumvention Settings, or by manually entering a bridge line (the latter of which hardly anyone does). * Circumvention Settings is unavailable if domain fronting is unusable or blocked. * But because of cost considerations, it may not be a good idea to expose SQS as an easily configurable and appealing option at this point. Rather ramp up slowly. * SQS is more expensive than other methods. Only a small fraction of total rendezvouses in May 2025, but cost 8 USD. * SQS cost thread: https://lists.torproject.org/mailman3/hyperkitty/list/anti-censorship-team@… * If you want to track SQS costs in the same place: https://gitlab.torproject.org/tpo/anti-censorship/team/-/wikis/Snowflake-co… * Exposing "snowflake-google" (ampcache) and "snowflake-cdn77" (domain fronting) as user-visible options in Tor Browser could be a good idea though. * Like we used to have meek-google, meek-amazon, etc. * (dcf thought once about having a custom control panel for each known transport, e.g. for obfs4 it might have a selector for the iat-mode; for snowflake it would have a dropdown of rendezvous options. Something like that is what we're approximating when we encode one or more of the options into the "transport name".) == Actions == == Interesting links == * A Wall Behind A Wall: Emerging Regional Censorship in China (Henan firewall) * https://gfw.report/publications/sp25/en/ * https://github.com/ban6cat6/aparecium * "Aparecium is a proof-of-concept tool designed to detect TLS camouflage protocols, specifically ShadowTLS v3 and REALITY, by exploiting their handling of TLS 1.3 post-handshake messages." * Has nice explanation and diagrams of ShadowTLS and REALITY. * Snowflake users in Turkmenistan remain elevated through May 2025 * https://metrics.torproject.org/userstats-bridge-combined.html?start=2025-03… * snowflake is now the default option in Circumvention Settings: * https://gitlab.torproject.org/tpo/anti-censorship/rdsys-admin/-/merge_reque… == Reading group == * We will discuss "A Wall Behind A Wall: Emerging Regional Censorship in China (Henan firewall)" on June 19 * https://gfw.report/publications/sp25/en/ * Questions to ask and goals to have: * What aspects of the paper are questionable? * Are there immediate actions we can take based on this work? * Are there long-term actions we can take based on this work? * Is there future work that we want to call out in hopes that others will pick it up? == Updates == Name: This week: - What you worked on this week. Next week: - What you are planning to work on next week. Help with: - Something you need help with. cecylia (cohosh): 2025-06-04 Last week: - rewrote snowflake broker metrics (snowflake#40458, snowflake!574) - wrote conjure bridge installation guide (conjure# 47) - https://gitlab.torproject.org/tpo/anti-censorship/team/-/wikis/Conjure-Brid… - merged censorship settings update (rdsys-admin!39) - deployed circumvention settings change - opened a PR to fix a potential crash in orbot's Ask Tor code - https://github.com/guardianproject/orbot-android/pull/1317 - updated conjure client to work with cdn77 domain fronts now that the fix is deployed (conjure#49) - worked on some scripts to generate country and rendezvous method plots for client polls (snowflake#40464) - opened issue to add more than one snowflake builtin to tor browser - https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/43842 - did accounting of SQS in snowflake This week: - follow up on snowflake rendezvous failures - take a look at potential snowflake orbot bug - https://github.com/guardianproject/orbot-android/issues/1183 dcf: 2025-06-05 Last week: Next week: - open issue to have snowflake-client log whenever KCPInErrors is nonzero https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… - parent: https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… Help with: meskio: 2024-06-05 Last week: - test email service on the staging server (rdsys#219) - help upgrade gettor telegram bot server to trixie - AFK time Next week: - steps towards a rdsys in containers (rdsys#219) - investigate why we don't distribute webtunnel bridges over https some days (rdsys#262) Shelikhoo: 2024-05-29 Last Week: - [Testing] Unreliable+unordered WebRTC data channel transport for Snowflake rev2 (cont.)( https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… ) testing environment setup/research - Snowfalke Staging Server Experiment - Support the Testing of domain fronting sites ( https://gitlab.torproject.org/tpo/anti-censorship/connectivity-measurement/… ) (cont.) - [Merge Request] Add Domain Fronting Testing Support to logcollector ( https://gitlab.torproject.org/tpo/anti-censorship/connectivity-measurement/… ) - Merge request reviews Next Week/TODO: - Merge request reviews (Away until June 10) onyinyang: 2025-05-29 Last week(s): - Attempted to get conjure DNS registrar working - encountering errors for both conjure and gotapdance cli with DNS registrar https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/conj… - hoping for an update: https://github.com/refraction-networking/conjure/issues/293 - Completed staleness check for conjure bufferedconn https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/conj… - phantombox improvement Next week: - Continue improvements for phantombox testing environment - Test DNS/Decoy registrar in phantombox Switch back to some of these: As time allows: - review Tor browser Lox integration https://gitlab.torproject.org/tpo/applications/tor-browser/-/merge_requests… - add TTL cache to lox MR for duplicate responses: https://gitlab.torproject.org/tpo/anti-censorship/lox/-/merge_requests/305 - Work on outstanding milestone issues: - key rotation automation Later: pending decision on abandoning lox wasm in favour of some kind of FFI? https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/43096) - add pref to handle timing for pubkey checks in Tor browser - add trusted invitation logic to tor browser integration: https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/42974 - improve metrics collection/think about how to show Lox is working/valuable - sketch out Lox blog post/usage notes for forum (long term things were discussed at the meeting!): - brainstorming grouping strategies for Lox buckets (of bridges) and gathering context on how types of bridges are distributed/use in practice Question: What makes a bridge usable for a given user, and how can we encode that to best ensure we're getting the most appropriate resources to people? 1. Are there some obvious grouping strategies that we can already consider? e.g., by PT, by bandwidth (lower bandwidth bridges sacrificed to open-invitation buckets?), by locale (to be matched with a requesting user's geoip or something?) 2. Does it make sense to group 3 bridges/bucket, so trusted users have access to 3 bridges (and untrusted users have access to 1)? More? Less? theodorsm: 2025-04-10 Last weeks: - fixing bugs in covert-dtls, only mimic DTLS 1.2 - Running proxy with covert-dtls - MR covert-dtls: https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… Next weeks: - Write instructions on how to configure covert-dtls with snowflake client (are we going to run a user test?) - Fix merge conflicts in MR (https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow…) - Condensing thesis into paper Help with: - Test stability of covert-dtls in snowflake Facilitator Queue: meskio shelikhoo onyinyang 1. First available staff in the Facilitator Queue will be the facilitator for the meeting 2. After facilitating the meeting, the facilitator will be moved to the tail of the queue -- meskio | https://meskio.net/ -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- My contact info: https://meskio.net/crypto.txt -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Nos vamos a Croatan.

1 0

Rhatto's Monthly Status Report, May 2025
by rhatto 04 Jun '25

04 Jun '25

Hi all :) This is my monthly status report for May 2025 with the main relevant activities I have done, was involved or are related to my work during the period: * Worked in porting a containerization and "k8sitization" patch from EOTK to Onionspray (still needs testing): https://gitlab.torproject.org/tpo/onion-services/onionspray/-/issues/68 * Onionbalance 0.2.4 uploaded to Debian trixie (thanks intrigeri and Hefee for the support!): https://gitlab.torproject.org/tpo/onion-services/onionbalance/-/issues/46 * Ongoing sponsored work with deployment, maintenance and monitoring of Onion Services. -- Silvio Rhatto pronouns he/him

1 0

sajolida's report for May 2025
by sajolida 02 Jun '25

02 Jun '25

Hi, May was short because I took 1 week off to hike volcanoes in Guatemala. Tails ===== User stories ------------ - Had a very interesting chat with John Del'Osso of PPLAAF, a whistleblowing platform in Africa, about them adopting Tails to manipulate hazardous documents received from their sources. Project 165 ----------- - Fixed the issues raised by intrigeri, jawlensky, and donuts on the upcoming improvements to the Tails website. It was really great to have complementary reviews by the 3 of them! (!2046) - Blogged about our recent audit by ROS on the previous OTF contract. https://tails.net/news/audit_by_ROS_2024/ - Clarified the design to save the language and keyboard layout on the USB stick but outside of the Persistent Storage. (#5501) https://gitlab.tails.boum.org/tails/tails/-/issues/5501 - Updated the versions of Rufus and Etcher that are served from our website for people to install Tails. (#20769) -- sajolida The Tor Project — UX Designer

1 0

PieroV's Monthly Status Report, May 2025
by Pier Angelo Vendrame 01 Jun '25

01 Jun '25

Hi everyone, Here is my status report for May 2025. It is a short one because, for half of the month, I was at an in-person meeting with the rest of the team. We will publish our notes in our wiki in the future [wiki]. Apart from that, I worked on rapid-release rebases [tor-browser#43512] for the ESR-140 transition. I rebased or reviewed several versions, which took most of my remaining time. I also prepared a first update for our toolchains in tor-browser-build [tor-browser-build!1212]. We should already be able to build reproducibly for all our desktop platforms (including Mullvad Browser for Windows, which has additional complications because of WebRTC). Android will arrive later, as Bea is working on the application-services update first. Best, Pier [wiki] https://gitlab.torproject.org/tpo/applications/wiki/-/wikis/Meetings/Gothen… [tor-browser#43512] https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/43512 [tor-browser-build!1212] https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/merge_re…

1 0

Anti-censorship team meeting notes, 2025-05-29
by Shelikhoo 29 May '25

29 May '25

Hey everyone! Here are our meeting logs: http://meetbot.debian.net/tor-meeting/2025/tor-meeting.2025-05-29-16.03.html And our meeting pad: Anti-censorship work meeting pad -------------------------------- Anti-censorship -------------------------------- Next meeting: Thursday, June 5 16:00 UTC Facilitator: meskio ^^^(See Facilitator Queue at tail) Weekly meetings, every Thursday at 16:00 UTC, in #tor-meeting at OFTC (channel is logged while meetings are in progress) This week's Facilitator: shelikhoo == Goal of this meeting == Weekly check-in about the status of anti-censorship work at Tor. Coordinate collaboration between people/teams on anti-censorship at the Tor Project and Tor community. == Links to Useful documents == * Our anti-censorship roadmap: * Roadmap:https://gitlab.torproject.org/groups/tpo/anti-censorship/-/boards * The anti-censorship team's wiki page: * https://gitlab.torproject.org/tpo/anti-censorship/team/-/wikis/home * Past meeting notes can be found at: * https://lists.torproject.org/pipermail/tor-project/ * Tickets that need reviews: from projects, we are working on: * All needs review tickets: * https://gitlab.torproject.org/groups/tpo/anti-censorship/-/merge_requests?s… * Project 158 <-- meskio working on it * https://gitlab.torproject.org/groups/tpo/anti-censorship/-/issues/?label_na… == Announcements == * == Discussion == * Happy Families https://blog.torproject.org/happy-families/ * does not solve the fundamental bridges + exits issue * there are 2 things going on * 1. Families currently ask operators to disclose the fingerprints of their other relays, that is solved by happy families * https://gitlab.torproject.org/tpo/core/tor/-/blob/36cd4a50fc9d861c6c35a0f6d… * 2. The other problem is how circuit selection works * https://gitlab.torproject.org/tpo/core/tor/-/issues/40935#note_3090023 * Tor picks exit relays first, and then picks a guard * With bridges like snowflake, conjure, and meek (i.e. publicly known bridges, where the concern about leaking fingerprints in MyFamily doesn't even apply), the client is very restricted in which entry point it can select * we have one conjure bridge and effectively one meek bridge * even though we have more than one snowflake bridge, the tor source code currently ignores family restrictions for bridges * This is a proposal for relaxed restrictions that has more recent thinking on threat models * https://spec.torproject.org/proposals/354-relaxed-restrictions.html * argues for why families and subject restrictions should not apply to circuits with bridges == Actions == == Interesting links == * == Reading group == * We will discuss "" on * Questions to ask and goals to have: * What aspects of the paper are questionable? * Are there immediate actions we can take based on this work? * Are there long-term actions we can take based on this work? * Is there future work that we want to call out in hopes that others will pick it up? == Updates == Name: This week: - What you worked on this week. Next week: - What you are planning to work on next week. Help with: - Something you need help with. cecylia (cohosh): 2025-05-29 Last week: - added documentation for new snowflake timeout metric - reviewed Conjure staleness check (conjure!45) - wrote a draft call for a Conjure bridge operator (conjure#46) - worked on removing mutexes from Snowflake broker metrics (snowflake#40458) - tested and wrote feedback on unreliable transport mode (snowflake!315) This week: - support conjure work - finish testing and give feedback on unreliable transport mode for snowflake - follow up on snowflake rendezvous failures - reduce/remove use of mutexes for broker metrics (snowflake#40458) - take a look at potential snowflake orbot bug - https://github.com/guardianproject/orbot-android/issues/1183 dcf: 2025-05-29 Last week: - opined some more on a FEP design https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/lyre… Next week: - open issue to have snowflake-client log whenever KCPInErrors is nonzero https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… - parent: https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… Help with: meskio: 2024-05-29 Last week: - test email service on the staging server (rdsys#219) - review and coordinate grants Next week: - steps towards a rdsys in containers (rdsys#219) - investigate why we don't distribute webtunnel bridges over https some days (rdsys#262) Shelikhoo: 2024-05-29 Last Week: - [Testing] Unreliable+unordered WebRTC data channel transport for Snowflake rev2 (cont.)( https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… ) testing environment setup/research - Snowfalke Staging Server Experiment - Support the Testing of domain fronting sites ( https://gitlab.torproject.org/tpo/anti-censorship/connectivity-measurement/… ) (cont.) - [Merge Request] Add Domain Fronting Testing Support to logcollector ( https://gitlab.torproject.org/tpo/anti-censorship/connectivity-measurement/… ) - Merge request reviews Next Week/TODO: - Merge request reviews (Away until June 10) onyinyang: 2025-05-29 Last week(s): - Attempted to get conjure DNS registrar working - encountering errors for both conjure and gotapdance cli with DNS registrar https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/conj… - hoping for an update: https://github.com/refraction-networking/conjure/issues/293 - Completed staleness check for conjure bufferedconn https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/conj… - phantombox improvement Next week: - Continue improvements for phantombox testing environment - Test DNS/Decoy registrar in phantombox Switch back to some of these: As time allows: - review Tor browser Lox integration https://gitlab.torproject.org/tpo/applications/tor-browser/-/merge_requests… - add TTL cache to lox MR for duplicate responses: https://gitlab.torproject.org/tpo/anti-censorship/lox/-/merge_requests/305 - Work on outstanding milestone issues: - key rotation automation Later: pending decision on abandoning lox wasm in favour of some kind of FFI? https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/43096) - add pref to handle timing for pubkey checks in Tor browser - add trusted invitation logic to tor browser integration: https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/42974 - improve metrics collection/think about how to show Lox is working/valuable - sketch out Lox blog post/usage notes for forum (long term things were discussed at the meeting!): - brainstorming grouping strategies for Lox buckets (of bridges) and gathering context on how types of bridges are distributed/use in practice Question: What makes a bridge usable for a given user, and how can we encode that to best ensure we're getting the most appropriate resources to people? 1. Are there some obvious grouping strategies that we can already consider? e.g., by PT, by bandwidth (lower bandwidth bridges sacrificed to open-invitation buckets?), by locale (to be matched with a requesting user's geoip or something?) 2. Does it make sense to group 3 bridges/bucket, so trusted users have access to 3 bridges (and untrusted users have access to 1)? More? Less? theodorsm: 2025-04-10 Last weeks: - fixing bugs in covert-dtls, only mimic DTLS 1.2 - Running proxy with covert-dtls - MR covert-dtls: https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… Next weeks: - Write instructions on how to configure covert-dtls with snowflake client (are we going to run a user test?) - Fix merge conflicts in MR (https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow…) - Condensing thesis into paper Help with: - Test stability of covert-dtls in snowflake Facilitator Queue: onyinyang meskio shelikhoo 1. First available staff in the Facilitator Queue will be the facilitator for the meeting 2. After facilitating the meeting, the facilitator will be moved to the tail of the queue

1 0

cve monthly status report -- May 2025
by Clara Engler 28 May '25

28 May '25

Hello tor-project@, the following contains the work I have done for The Tor Project, Inc. in May 2025. # Migration to Payroll Provider Starting on the 2nd of June, I will no longer be a contractor and instead be an employee. This also means that this will be the last status report of its kind from me, as it is a contractor thing. Besides this, nothing much will change though. I will continue to work for The Tor Project, Inc., only the way on how I get my salary will change. # oniux This month, the comms team and I wrote a blog post introducing oniux[1], which was well received across the internet. So far, it already made it into several distributions and the overall feedback has been very positive. Besides this, we released v0.4.0 and v0.5.0 of oniux, with v0.4.0 introducing a large change, namely implementing oniux in a capability free fashion by utilizing the concept of `user_namespaces(7)`. The v0.5.0 mostly contained bug fixes for some paper cuts that became evident after users reported them the moment the blog post became viral. # onionmasq This month, I finally merged a new integration test suite into onionmasq, which is no longer as flaky as it once was. Primarily, this change is of rather internal nature and probably not very interesting to users of the application. More interestingly however, I fixed a bug where onionmasq leaked resources on mobile devices, namely ticket #141. As always, I also performed various general maintainer tasks, such as fixing CI warnings and updating dependencies. # arti dircache Most of my work this month went into the technical design of the directory cache that will soon be implemented in arti. I did this with the help of Diziet and so far the progress is going great. Looking forward to start writing actual code very soon, as the database schema is more or less finished. Besides, this work also resulted in some changes within the specification, as reading them revealed some ambiguities which have been addressed appropriately. Thank You Clara [1]: https://blog.torproject.org/introducing-oniux-tor-isolation-using-linux-nam…

1 0

2nd batch of upgrades to Debian Trixie sarting on June 2nd
by Zen Fu 26 May '25

26 May '25

Hello, dear Tor folks! TPA plans to start the 2nd batch of system upgrades to Debian Trixie on June 2nd 2025, also known as "next week". This is the corresponding issue: https://gitlab.torproject.org/tpo/tpa/team/-/issues/42070 The 2nd batch is about systems with "moderate complexity", so we expect that each one may need more attention and take a bit longer than systems in the 1st batch. We're not sure about how long the whole batch will take, so please expect system reboots during the next weeks and kindly notify us if you detect that something is not right for a system that already has its checkbox marked. We will do the TPA machines first, and the Tails machines are scheduled a week later, but could be postponed further depnding on how things go. For your convenience, below there's a list of systems that will be upgraded in this batch. Thanks! ----------8<---------- 39 TPA machines: - anonticket-01.torproject.org - backup-storage-01.torproject.org - bacula-director-01.torproject.org - btcpayserver-02.torproject.org - bungei.torproject.org - carinatum.torproject.org - check-01.torproject.org - ci-runner-x86-02.torproject.org - ci-runner-x86-03.torproject.org - colchicifolium.torproject.org - collector-02.torproject.org - crm-int-01.torproject.org (blocked by #42169) - dangerzone-01.torproject.org - donate-01.torproject.org - donate-review-01.torproject.org - forum-01.torproject.org - gitlab-02.torproject.org (blocked by #42169) - henryi.torproject.org - materculae.torproject.org - meronense.torproject.org - metricsdb-02.torproject.org - metrics-store-01.torproject.org - onionbalance-02.torproject.org - onionoo-backend-03.torproject.org - polyanthum.torproject.org - probetelemetry-01.torproject.org - rdsys-frontend-01.torproject.org (blocked by #42169) - rdsys-test-01.torproject.org (blocked by #42169) - relay-01.torproject.org - rude.torproject.org (blocked by #42169) - survey-01.torproject.org - tbb-nightlies-master.torproject.org - tb-build-02.torproject.org - tb-build-03.torproject.org - tb-build-06.torproject.org - tb-pkgstage-01.torproject.org - tb-tester-01.torproject.org - telegram-bot-01.torproject.org - weather-01.torproject.org 17 tails servers: - apt-proxy.lizard - apt.lizard - bitcoin.lizard - bittorrent.lizard - bridge.lizard - dns.lizard - dragon.tails.net - gitlab-runner.iguana - iguana.tails.net - lizard.tails.net - mail.lizard - misc.lizard - puppet-git.lizard - rsync.lizard - teels.tails.net - whisperback.lizard - www.lizard -- Zen Fu

1 0

Anti-censorship team meeting notes, 2025-05-22
by onyinyang 22 May '25

22 May '25

Hey everyone! Here are our meeting logs: http://meetbot.debian.net/tor-meeting/2025/tor-meeting.2025-05-22-16.00.html And our meeting pad: Anti-censorship work meeting pad -------------------------------- Anti-censorship -------------------------------- Next meeting: Thursday, May 29 16:00 UTC Facilitator: meskio ^^^(See Facilitator Queue at tail) Weekly meetings, every Thursday at 16:00 UTC, in #tor-meeting at OFTC (channel is logged while meetings are in progress) This week's Facilitator: onyinyang == Goal of this meeting == Weekly check-in about the status of anti-censorship work at Tor. Coordinate collaboration between people/teams on anti-censorship at the Tor Project and Tor community. == Links to Useful documents == * Our anti-censorship roadmap: * Roadmap:https://gitlab.torproject.org/groups/tpo/anti-censorship/-/boards * The anti-censorship team's wiki page: * https://gitlab.torproject.org/tpo/anti-censorship/team/-/wikis/home * Past meeting notes can be found at: * https://lists.torproject.org/pipermail/tor-project/ * Tickets that need reviews: from projects, we are working on: * All needs review tickets: * https://gitlab.torproject.org/groups/tpo/anti-censorship/-/merge_requests?s… * Project 158 <-- meskio working on it * https://gitlab.torproject.org/groups/tpo/anti-censorship/-/issues/?label_na… == Announcements == * == Discussion == == Actions == == Interesting links == * https://www.financeuncovered.org/stories/british-norwegian-and-danish-gover… * Myanmar ISP Frontiir installed blocking equipment made by Chinese company Geedge Networks. * https://github.com/net4people/bbs/issues/369#issuecomment-2899187182 * https://blog.torproject.org/happy-families/ * happy families should allow bridges to be part of a family, so operators can run bridges and exit nodes == Reading group == * We will discuss "" on * Questions to ask and goals to have: * What aspects of the paper are questionable? * Are there immediate actions we can take based on this work? * Are there long-term actions we can take based on this work? * Is there future work that we want to call out in hopes that others will pick it up? == Updates == Name: This week: - What you worked on this week. Next week: - What you are planning to work on next week. Help with: - Something you need help with. cecylia (cohosh): 2025-05-15 Last week: - submitted conjure station MR to get CDN77 domain fronting working - https://github.com/refraction-networking/conjure/pull/291 - did some pair debugging - read up on the snowflake staging environment - https://gitlab.torproject.org/shelikhoo/snowflakestaging/-/issues/1 - started testing unreliable transport mode for snowflake - https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… - resumed work on snowflake metrics improvements - https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… This week: - support conjure work - finish testing and give feedback on unreliable transport mode for snowflake - follow up on snowflake rendezvous failures - reduce/remove use of mutexes for broker metrics (snowflake#40458) - take a look at potential snowflake orbot bug - https://github.com/guardianproject/orbot-android/issues/1183 dcf: 2025-05-22 Last week: Next week: - open issue to have snowflake-client log whenever KCPInErrors is nonzero https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… - parent: https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… Help with: meskio: 2024-05-22 Last week: - get a test authority and bridges working for the rdsys staging (rdsys#219) - review and coordinate grants Next week: - steps towards a rdsys in containers (rdsys#219) - investigate why we don't distribute webtunnel bridges over https some days (rdsys#262) Shelikhoo: 2024-05-22 Last Week: - [Testing] Unreliable+unordered WebRTC data channel transport for Snowflake rev2 (cont.)( https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… ) testing environment setup/research - Snowfalke Staging Server Experiment - Support the Testing of domain fronting sites ( https://gitlab.torproject.org/tpo/anti-censorship/connectivity-measurement/… ) (cont.) - Merge request reviews Next Week/TODO: - Merge request reviews - [Testing] Unreliable+unordered WebRTC data channel transport for Snowflake rev2 (cont.)( https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… ) improvements - Support the Testing of domain fronting sites ( https://gitlab.torproject.org/tpo/anti-censorship/connectivity-measurement/… ) (cont.) - Snowfalke Staging Server Experiment(Almost Done ^~^) onyinyang: 2025-05-22 Last week(s): - Attempted to get conjure DNS registrar working - encountering errors for both conjure and gotapdance cli with DNS registrar https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/conj… - Implemented staleness check for conjure bufferedconn https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/conj… Next week: - Improve phantombox testing environment - Continue testing DNS/Decoy registrar in phantombox As time allows: - review Tor browser Lox integration https://gitlab.torproject.org/tpo/applications/tor-browser/-/merge_requests… - add TTL cache to lox MR for duplicate responses: https://gitlab.torproject.org/tpo/anti-censorship/lox/-/merge_requests/305 - Work on outstanding milestone issues: - key rotation automation Later: pending decision on abandoning lox wasm in favour of some kind of FFI? https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/43096) - add pref to handle timing for pubkey checks in Tor browser - add trusted invitation logic to tor browser integration: https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/42974 - improve metrics collection/think about how to show Lox is working/valuable - sketch out Lox blog post/usage notes for forum (long term things were discussed at the meeting!): - brainstorming grouping strategies for Lox buckets (of bridges) and gathering context on how types of bridges are distributed/use in practice Question: What makes a bridge usable for a given user, and how can we encode that to best ensure we're getting the most appropriate resources to people? 1. Are there some obvious grouping strategies that we can already consider? e.g., by PT, by bandwidth (lower bandwidth bridges sacrificed to open-invitation buckets?), by locale (to be matched with a requesting user's geoip or something?) 2. Does it make sense to group 3 bridges/bucket, so trusted users have access to 3 bridges (and untrusted users have access to 1)? More? Less? theodorsm: 2025-04-10 Last weeks: - fixing bugs in covert-dtls, only mimic DTLS 1.2 - Running proxy with covert-dtls - MR covert-dtls: https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… Next weeks: - Write instructions on how to configure covert-dtls with snowflake client (are we going to run a user test?) - Fix merge conflicts in MR (https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow…) - Condensing thesis into paper Help with: - Test stability of covert-dtls in snowflake Facilitator Queue: onyinyang meskio shelikhoo 1. First available staff in the Facilitator Queue will be the facilitator for the meeting 2. After facilitating the meeting, the facilitator will be moved to the tail of the queue -- --- onyinyang GPG Fingerprint 3CC3 F8CC E9D0 A92F A108 38EF 156A 6435 430C 2036

1 0