- tor-project - lists.torproject.org

Anti-censorship team meeting notes, 2023-12-07
by Shelikhoo 07 Dec '23

07 Dec '23

Hey everyone! Here are our meeting logs: http://meetbot.debian.net/tor-meeting/2023/tor-meeting.2023-12-07-15.57.html And our meeting pad: Anti-censorship work meeting pad -------------------------------- Anti-censorship -------------------------------- Next meeting: Thursday, Dec 14 16:00 UTC Facilitator: cohosh Weekly meetings, every Thursday at 16:00 UTC, in #tor-meeting at OFTC (channel is logged while meetings are in progress) This week's Facilitator: shelikhoo == Goal of this meeting == Weekly check-in about the status of anti-censorship work at Tor. Coordinate collaboration between people/teams on anti-censorship at the Tor Project and Tor community. == Links to Useful documents == * Our anti-censorship roadmap: * Roadmap:https://gitlab.torproject.org/groups/tpo/anti-censorship/-/boards * The anti-censorship team's wiki page: * https://gitlab.torproject.org/tpo/anti-censorship/team/-/wikis/home * Past meeting notes can be found at: * https://lists.torproject.org/pipermail/tor-project/ * Tickets that need reviews: from sponsors, we are working on: * All needs review tickets: * https://gitlab.torproject.org/groups/tpo/anti-censorship/-/merge_requests?s… * Sponsor 96 <-- meskio, shell, onyinyang, cohosh * https://gitlab.torproject.org/groups/tpo/-/milestones/24 * Sponsor 150 <-- meskio working on it * https://gitlab.torproject.org/groups/tpo/anti-censorship/-/issues/?label_na… == Announcements == == Discussion == will wait for cohosh to be around: * manifest v3 deprecation in browsers and snowflake webextension * https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… * https://developer.chrome.com/blog/resuming-the-transition-to-mv3/ * google chrome will stop supporting mv2 June 2024 * will the snowflake webextension stop working? do we want to do something? or just recommend firefox? == Actions == == Interesting links == * == Reading group == * We will discuss "NetShuffle: Circumventing Censorship with Shuffle Proxies at the Edge" on December 14 * https://www.cs-pk.com/papers/3/ * Questions to ask and goals to have: * What aspects of the paper are questionable? * Are there immediate actions we can take based on this work? * Are there long-term actions we can take based on this work? * Is there future work that we want to call out in hopes that others will pick it up? == Updates == Name: This week: - What you worked on this week. Next week: - What you are planning to work on next week. Help with: - Something you need help with. cecylia (cohosh): 2023-11-09 Last week: - conjure bridge maintenance - caught a bug in safelog library - https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… - caught problem with domain front in conjure - https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/conj… This week: - lox tor browser UX integration - lox distributor testing - look into alternative domain fronting providers Needs help with: dcf: 2023-11-30 Last week: - did some review of SQS rendezvous merge request https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… - answered a question about AMP cache rendezvous in China https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… Next week: - open issue to have snowflake-client log whenever KCPInErrors is nonzero https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… - parent: https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… - open issue to disable /debug endpoint on snowflake broker Before EOY 2023: - move snowflake-02 to new VM Help with: meskio: 2023-12-07 Last week: - prepare and give a talk in the Open Source Security Summit - grant writing - investigate gettor telegram not distributing android apks, was a bug on the TB release - break down rdsys staging server and fill up the disk with logs Next week: - prepare settings anti-listing logic to be reused by HTTP distributor (rdsys#181) - setup rdsys staging server (rdsys#170) Shelikhoo: 2023-12-07 Last Week: - Work on snowflake performance improvement (WIP): https://gitlab.torproject.org/shelikhoo/snowflake/-/tree/dev-speedwithudp?r… Now udp-like transport is slightly faster than tcp-like ready for a review of its draft - Merge request reviews Next Week/TODO: - Write Tor Spec for Armored URL (continue) - Work on snowflake performance improvement (WIP): https://gitlab.torproject.org/shelikhoo/snowflake/-/tree/dev-speedwithudp?r… - Merge request reviews onyinyang: 2023-11-30 Last week(s): - Finished up remaining docs tasks for crates.io publishing -published all relevant Lox crates to crates.io - SOTO anti-censorship team presentation preparation - looked into Telegram bot - attempted hyper upgrade, many breaking changes so this will take some work This week: - continue Telegram bot dev - attempt hyper upgrade again - Splintercon (long term things were discussed at the meeting!): https://pad.riseup.net/p/tor-ac-community-azaleas-room-keep - brainstorming grouping strategies for Lox buckets (of bridges) and gathering context on how types of bridges are distributed/use in practice Question: What makes a bridge usable for a given user, and how can we encode that to best ensure we're getting the most appropriate resources to people? 1. Are there some obvious grouping strategies that we can already consider? e.g., by PT, by bandwidth (lower bandwidth bridges sacrificed to open-invitation buckets?), by locale (to be matched with a requesting user's geoip or something?) 2. Does it make sense to group 3 bridges/bucket, so trusted users have access to 3 bridges (and untrusted users have access to 1)? More? Less?

1 0

ebanam's monthly status report and user support report for November 2023
by ebanam 06 Dec '23

06 Dec '23

Hello everyone! During the hackweek, I worked on reviewing and updating documentation as part of the project to clean up and improve entries on our Support Portal[0]. For Tor Browser, I worked on user support post-release(s) and handled a couple of bug reports of Tor Browser not working with Windows 7[1], issues with 'New Identity' in Tor Browser[2] and Tor circuit not shown when the bridge line doesn't contain the fingerprint[3], respectively. I worked with users in regions where Tor is censored, assisting with using pluggable transports, investigating Tor logs and collecting some general user feedback and handled some more tickets in light of our ongoing year-end campaign; questions including but not limited to downloading and installing Tor Browser, about letterboxing in Tor Browser, contributing and volunteering and reports of websites blocking Tor traffic. Following is a thorough breakdown of tickets our user support team handled in November: # Frontdesk (email support channel) * 630(↓) RT tickets created * 710(↓) RT tickets resolved Tickets by numbers: 1. 285(↑) RT tickets: private bridge requests from Chinese speaking users. 2. 189(↑) RT tickets: circumventing censorship in Russian speaking countries. 3. 6(↓) RT tickets: circumventing censorship with Tor in Farsi. 4. 5 RT tickets: reports of websites blocking Tor traffic. 5. 4 RT tickets: reports of apps on iOS App Store masquerading as Tor Browser. 6. 2 RT tickets: questions on how to download and install Tor Browser. 7. 2(↓) RT tickets: Tor Browser 13 does not work with Windows 7[1] 8. 2 RT tickets: Issue with 'New Identity' on Tor browser[2] 9. 2 RT tickets: The circuit display is not shown when the bridge line doesn't contain the node fingerprint[3] Highlighting some other topics we received a single RT ticket for: 10. Help setting up onion service 11. What does 'onionize' in the search bar on about:tor mean? 12. Question about volunteering and contributing 13. Question about letterboxing in Tor Browser[4] 14. Help with using bridges with little-t-tor. 15. Tor Browser crashes when extensions popups are opened with Wayland enabled[5] 16. Instructions to refresh Tor Browser signing key[6] 17. Can I access video conferencing platforms over Tor Browser? # Telegram, WhatsApp and Signal Support channel * 559(↓) tickets resolved Breakdown: * 532(↓) tickets on Telegram * 19(↓) tickets on WhatsApp * 8(↓) tickets on Signal Tickets by numbers: 1. 327(↓) tickets: circumventing censorship in Russian speaking countries. 2. 47(↑) tickets: private bridge requests from Chinese speaking users. 3. 42(↑) tickets: circumventing censorship with Tor in Farsi. 4. 3(↑) tickets: "Proxy Server Refused Connection" bug not related to the bootstrapping or using it as a default browser on Tor Browser Android[7] 5. 3 tickets: Queries about the correct Tor app to download for iOS (Onion Browser + Orbot) 6. 2 tickets: Queries about onionsites not available (these particular onion sites are offline) Highlighting some other topics we received a single ticket for: 7. Help with setting up onion service. 8. Help with GetTor bot on Telegram. 9. Question about some images not visible on Tor Browser (because of HTML5 canvas fingerprinting is blocked in Tor Browser) 10. Question about Letterboxing in Tor Browser 11. Help with setting up Tor Project's Debian package repository on Debian-based linux[8] # Highlights from the Tor Forum 1. "(Tor Browser) V13.0.1 Locked Settings and Startup Homepage"[9] 2. Explain what "onionize" in the new Tor Browser homepage does[10] 3. Static Firefox theme and can it affect browser fingerprint?[11] Thanks! e. Note: (↑), (↓) and (-) are indicating if the number of tickets we received for these topics have been increasing, decreasing or have been the same from the previous month respectively. [0]: https://gitlab.torproject.org/tpo/community/hackweek/-/issues/17 [1]: https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/42179 [2]: https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/42244 [3]: https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/42180 [4]: https://support.torproject.org/tbb/maximized-torbrowser-window/ [5]: https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/42306 [6]: https://support.torproject.org/tbb/how-to-verify-signature/ [7]: https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/41289 [8]: https://support.torproject.org/apt/tor-deb-repo/ [9]: https://forum.torproject.org/t/v13-0-1-locked-settings-and-startup-homepage… [10]: https://forum.torproject.org/t/onionize-site-explanation/10352 [11]: https://forum.torproject.org/t/static-theme-browser-fingerprints-question/1…

1 0

Nina’s Monthly Status Report: November 2023
by Nina 06 Dec '23

06 Dec '23

Hi! This is my November’23 report! In November, I resolved 582 tickets: On Telegram (@TorProjectSupportBot) - 382 On RT (frontdesk@tpo) - 194 On WhatsApp (+447421000612) - 5 and on Signal (+17787431312) - 1. The most common issues I dealt with were: 1. Censorship circumvention: finding a working bridge or way for usersto circumvent censorship; 2. Troubleshooting issues related to using antivirus software while running Tor Browser on Windows; 3. macOS users and some OS-specific bugs. Although not developed by The Tor Project, in November there was an increased number of tickets from the iOS users of Orbot. In this period,I reported an issue with https://t.me/ <https://t.me/gettor_bot>gettor_bot <https://t.me/gettor_bot>(Telegram) [1]. With the help of Tor Browser users I also reported a bug with adding the wrong bridge line affecting macOSand Linux users [2] and macOS-related issues when opening .dmg files causing warnings [3]. For the Hackweek, I contributed to the clarification of the instructions for our Support portal on how to verify Tor Browser's signature[4], added auser support entryabout censorship circumvention for Russian users[5],and wrote another support entry instructionsfor users to test if Tor is blocked withOONI probe[6]. [1] https://gitlab.torproject.org/tpo/anti-censorship/gettor-project/OnionSprou… [2] https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/42299#n… [3] https://gitlab.torproject.org/tpo/anti-censorship/gettor-project/OnionSprou… [4] https://gitlab.torproject.org/tpo/web/support/-/issues/148#note_2962125 [5] https://support.torproject.org/censorship/connecting-from-russia/ [6] https://support.torproject.org/censorship/how-to-check-if-tor-is-blocked-us…

1 0

cohosh's monthly status report, November 2023
by Cecylia Bocovich 05 Dec '23

05 Dec '23

Hi! This is my status report for contract work done in November 2023. # Reputation-based bridge distribution We deployed a Lox distributor for rdsys in production for testing purposes. The distributor does not currently receive an allocation of bridges from the distributor as we are currently testing the invitation and reputation functionality of the Lox server. Most of the work done this month has been on continuing client-side integration and finding and fixing bugs with the distributor. - Coordinated with applications team on client-side integration https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/42036 - Worked on squashing lox distributor bugs https://gitlab.torproject.org/tpo/anti-censorship/lox/-/issues/40 # Snowflake - Caught a bug in the log scrubber https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… - Released version 2.8.0 of Snowflake https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… - Dependency management - Reviewed SQS rendezvous merge request https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… # Conjure - Conjure bridge maintenance - Updated bridge configuration to allow connections from a new station https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/conj… - Investigated a potential issue with the front domain used for registration https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/conj… - Met with Conjure developers and talked about the deployment of more Conjure stations # Domain Fronting Alternatives - Looked for cloud providers that offer domain fronting - Looked for good potential front domains for working cloud providers

1 0

Re: [tor-project] Are you going to 37c3 in Hamburg?
by Q Misell 05 Dec '23

05 Dec '23

Hi all, I've published a self-organised-session on the congress wiki for a Tor meetup at 37C3: https://e.as207960.net/w4bdyj/lw7a3gag If anyone would like to present anything during the meetup let me know. Thanks, Q Misell ------------------------------ Any statements contained in this email are personal to the author and are not necessarily the statements of the company unless specifically stated. AS207960 Cyfyngedig, having a registered office at 13 Pen-y-lan Terrace, Caerdydd, Cymru, CF23 9EU, trading as Glauca Digital, is a company registered in Wales under № 12417574 <https://find-and-update.company-information.service.gov.uk/company/12417574>, LEI 875500FXNCJPAPF3PD10. ICO register №: ZA782876 <https://ico.org.uk/ESDWebPages/Entry/ZA782876>. UK VAT №: GB378323867. EU VAT №: EU372013983. Turkish VAT №: 0861333524. South Korean VAT №: 522-80-03080. AS207960 Ewrop OÜ, having a registered office at Lääne-Viru maakond, Tapa vald, Porkuni küla, Lossi tn 1, 46001, trading as Glauca Digital, is a company registered in Estonia under № 16755226. Estonian VAT №: EE102625532. Glauca Digital and the Glauca logo are registered trademarks in the UK, under № UK00003718474 and № UK00003718468, respectively.

1 0

Rhatto's Monthly Status Report, November 2023
by rhatto 04 Dec '23

04 Dec '23

Hi all :) This is my monthly status report for November 2023 with the main relevant activities I have done during the period. ## 0. Research * Analysis about RFC 7686 and transparent proxies: https://lists.torproject.org/pipermail/tor-dev/2023-November/014862.html * Tor Browser Quality Assurance for Onion Services: ongoing activities. ## 1. Development * Worked in many Hackweek projects, and here's the mini-report: https://rhatto.pages.torproject.net/presentations/2023/hackweek/report/ ## 2. Support * Ongoing sponsored work with deployment, maintenance and monitoring of Onion Services. ## 3. Organization Time spent (from the total available for Tor-related work): | Category | Percentage |---------------|------------ | Research | 19 | Development | 41 | Support | 12 | Organization | 28 |---------------|------------ | Total | 100 -- Silvio Rhatto pronouns he/him

1 0

PieroV's Monthly Status Report, November 2023
by Pier Angelo Vendrame 01 Dec '23

01 Dec '23

Hi everyone! Here is my status report for November 2023. During most of the month, I've worked on experimenting with porting the tor integration refactors I wrote last Summer and the connection assist to Android. In particular, I experimented with the plumbing mechanisms between our JS code and the Java code of the Android parts of Firefox Android. I've had promising results, and I've opened a MR [0] to merge them to our main codebase, even though they will be initially gated in the nightly channel. On the second week of November, at Tor, we had a hack week about writing documentation. My proposal [1] was to create a graphical visualization of the dependencies between the various projects in tor-browser-build and to add a readme file to each project. I also contributed to some wiki pages created by other members of the applications team. In addition to that, I worked on smaller issues, such as enabling portable mode for the DLL blocklist [2], updating our build containers to Debian bookworm [3], fixing a warning on our .dmgs [4], rebasing our alphas to Firefox 115.5.0esr and more. Finally, I realized I'd written a few scripts on several occasions, and I scattered them through various GitLab comments. Therefore, I gathered them in a personal repository [5]. They're not refined, but maybe some might be useful again in the future. Cheers, Pier [0] https://gitlab.torproject.org/tpo/applications/tor-browser/-/merge_requests… [1] https://gitlab.torproject.org/tpo/community/hackweek/-/issues/25 [2] https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/42163 [3] https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/issues/4… [4] https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/issues/4… [5] https://gitlab.torproject.org/pierov/lazy-scripts

1 0

Anti-censorship team meeting notes, 2023-11-30
by meskio 30 Nov '23

30 Nov '23

Hey everyone! Here are our meeting logs: http://meetbot.debian.net/tor-meeting/2023/tor-meeting.2023-11-30-15.57.html And our meeting pad: Anti-censorship -------------------------------- Next meeting: Thursday, Dec 7 16:00 UTC Facilitator: onyinyang Weekly meetings, every Thursday at 16:00 UTC, in #tor-meeting at OFTC (channel is logged while meetings are in progress) This week's Facilitator: meskio == Goal of this meeting == Weekly check-in about the status of anti-censorship work at Tor. Coordinate collaboration between people/teams on anti-censorship at the Tor Project and Tor community. == Links to Useful documents == * Our anti-censorship roadmap: * Roadmap:https://gitlab.torproject.org/groups/tpo/anti-censorship/-/boards * The anti-censorship team's wiki page: * https://gitlab.torproject.org/tpo/anti-censorship/team/-/wikis/home * Past meeting notes can be found at: * https://lists.torproject.org/pipermail/tor-project/ * Tickets that need reviews: from sponsors, we are working on: * All needs review tickets: * https://gitlab.torproject.org/groups/tpo/anti-censorship/-/merge_requests?s… * Sponsor 96 <-- meskio, shell, onyinyang, cohosh * https://gitlab.torproject.org/groups/tpo/-/milestones/24 * Sponsor 150 <-- meskio working on it * https://gitlab.torproject.org/groups/tpo/anti-censorship/-/issues/?label_na… == Announcements == == Discussion == * as expected snowflake ampcache is not working in china * the domain used for domain front is blocked, maybe other domains will fix the problem * shelikhoo is running experiments on kcp performance with packet loss * https://jsfiddle.net/Sheilkhoo/s9kx4h8m/1/ * x=packetloss, y=delay, z=speed * tcp seems to be faster then udp here * wondering if there is some tunning possible to improve that * previous discussions on kcp tunning: * https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… * https://lists.torproject.org/pipermail/anti-censorship-team/2021-July/00017… will wait for cohosh to be around: * manifest v3 deprecation in browsers and snowflake webextension * https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… * https://developer.chrome.com/blog/resuming-the-transition-to-mv3/ * google chrome will stop supporting mv2 June 2024 * will the snowflake webextension stop working? do we want to do something? or just recommend firefox? == Actions == == Interesting links == * https://www.cs-pk.com/papers/3/ "NetShuffle: Circumventing Censorship with Shuffle Proxies at the Edge" S&P 2024 * https://petsymposium.org/popets/2024/popets-2024-0027.php "Communication Breakdown: Modularizing Application Tunneling for Signaling Around Censorship" PETS 2024 * https://splintercon.net/ "the first conference dedicated to identifying and beginning to challenge connectivity restrictions of the splinternet." * https://bitwarden.com/open-source-security-summit/ meskio giving a talk: "Bypassing Online Censorship: Open-Source Tools as a Critical Lifeline" == Reading group == * We will discuss "NetShuffle: Circumventing Censorship with Shuffle Proxies at the Edge" on December 14 * https://www.cs-pk.com/papers/3/ * Questions to ask and goals to have: * What aspects of the paper are questionable? * Are there immediate actions we can take based on this work? * Are there long-term actions we can take based on this work? * Is there future work that we want to call out in hopes that others will pick it up? == Updates == Name: This week: - What you worked on this week. Next week: - What you are planning to work on next week. Help with: - Something you need help with. cecylia (cohosh): 2023-11-09 Last week: - conjure bridge maintenance - caught a bug in safelog library - https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… - caught problem with domain front in conjure - https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/conj… This week: - lox tor browser UX integration - lox distributor testing - look into alternative domain fronting providers Needs help with: dcf: 2023-11-30 Last week: - did some review of SQS rendezvous merge request https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… - answered a question about AMP cache rendezvous in China https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… Next week: - open issue to have snowflake-client log whenever KCPInErrors is nonzero https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… - parent: https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… - open issue to disable /debug endpoint on snowflake broker Before EOY 2023: - move snowflake-02 to new VM Help with: meskio: 2023-11-30 Last week: - deploy rdsys with secret config params separated (rdsys#92) - setup rdsys staging server (rdsys#170) - make rdsys release Next week: - prepare settings anti-listing logic to be reused by HTTP distributor (rdsys#181) - setup rdsys staging server (rdsys#170) Shelikhoo: 2023-11-30 Last Week: - Work on snowflake performance improvement (WIP): https://gitlab.torproject.org/shelikhoo/snowflake/-/tree/dev-speedwithudp?r… A first glance of what a performance comparsion would look like: https://jsfiddle.net/Sheilkhoo/s9kx4h8m/1/ is it not great and udp like transport looks like slower than tcp. Maybe KCP settings need to be updated? - Updated probeobserver to support both snowflake bridges and updated communication system between China's vantage point and log collector https://gitlab.torproject.org/tpo/anti-censorship/connectivity-measurement/… - Merge request reviews Next Week/TODO: - Write Tor Spec for Armored URL (continue) - Work on snowflake performance improvement (WIP): https://gitlab.torproject.org/shelikhoo/snowflake/-/tree/dev-speedwithudp?r… - Merge request reviews onyinyang: 2023-11-30 Last week(s): - Finished up remaining docs tasks for crates.io publishing -published all relevant Lox crates to crates.io - SOTO anti-censorship team presentation preparation - looked into Telegram bot - attempted hyper upgrade, many breaking changes so this will take some work This week: - continue Telegram bot dev - attempt hyper upgrade again - Splintercon (long term things were discussed at the meeting!): https://pad.riseup.net/p/tor-ac-community-azaleas-room-keep - brainstorming grouping strategies for Lox buckets (of bridges) and gathering context on how types of bridges are distributed/use in practice Question: What makes a bridge usable for a given user, and how can we encode that to best ensure we're getting the most appropriate resources to people? 1. Are there some obvious grouping strategies that we can already consider? e.g., by PT, by bandwidth (lower bandwidth bridges sacrificed to open-invitation buckets?), by locale (to be matched with a requesting user's geoip or something?) 2. Does it make sense to group 3 bridges/bucket, so trusted users have access to 3 bridges (and untrusted users have access to 1)? More? Less? -- meskio | https://meskio.net/ -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- My contact info: https://meskio.net/crypto.txt -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Nos vamos a Croatan.

1 0

Friends of Tor match gift launched
by Al Smith 28 Nov '23

28 Nov '23

Hello Tor world, *I'm very happy to share that starting today through December 31, your donation to the Tor Project will be matched 1:1.* That means that every donation, up to $75,000, will be doubled. Please spread the word! :) Blog announcement: https://blog.torproject.org/friends-of-tor-match-2023/ Twitter post: https://x.com/torproject/status/1729238115263652330 Mastodon post: https://mastodon.social/@torproject/111484468818648276 Thank you, Al -- Al Smith (they/them) Fundraising Director The Tor Project My working hours may not be your working hours. If I message you outside of your working hours, know that I do not expect an immediate response and that I support your right to disconnect.

1 1

Anti-censorship team meeting notes, 2023-11-23
by Shelikhoo 23 Nov '23

23 Nov '23

Hey everyone! Here are our meeting logs: http://meetbot.debian.net/tor-meeting/2023/tor-meeting.2023-11-23-15.58.html And our meeting pad: Anti-censorship work meeting pad -------------------------------- Anti-censorship -------------------------------- Next meeting: Thursday, Nov 30 16:00 UTC Facilitator: cohosh Weekly meetings, every Thursday at 16:00 UTC, in #tor-meeting at OFTC (channel is logged while meetings are in progress) This week's Facilitator: shelikhoo == Goal of this meeting == Weekly check-in about the status of anti-censorship work at Tor. Coordinate collaboration between people/teams on anti-censorship at the Tor Project and Tor community. == Links to Useful documents == * Our anti-censorship roadmap: * Roadmap:https://gitlab.torproject.org/groups/tpo/anti-censorship/-/boards * The anti-censorship team's wiki page: * https://gitlab.torproject.org/tpo/anti-censorship/team/-/wikis/home * Past meeting notes can be found at: * https://lists.torproject.org/pipermail/tor-project/ * Tickets that need reviews: from sponsors, we are working on: * All needs review tickets: * https://gitlab.torproject.org/groups/tpo/anti-censorship/-/merge_requests?s… * Sponsor 96 <-- meskio, shell, onyinyang, cohosh * https://gitlab.torproject.org/groups/tpo/-/milestones/24 * Sponsor 150 <-- meskio working on it * https://gitlab.torproject.org/groups/tpo/anti-censorship/-/issues/?label_na… == Announcements == == Discussion == * manifest v3 deprecation in browsers and snowflake webextension * https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… * https://developer.chrome.com/blog/resuming-the-transition-to-mv3/ * google chrome will stop supporting mv2 June 2024 * will the snowflake webextension stop working? do we want to do something? or just reommend firefox? * BridgeStatus format change * Introduced in https://gitlab.torproject.org/tpo/anti-censorship/connectivity-measurement/… * Example: https://gitlab.torproject.org/tpo/anti-censorship/connectivity-measurement/… == Actions == == Interesting links == * https://www.rfc-editor.org/info/rfc9505 A Survey of Worldwide Censorship Techniques == Reading group == * We will discuss "" on * * Questions to ask and goals to have: * What aspects of the paper are questionable? * Are there immediate actions we can take based on this work? * Are there long-term actions we can take based on this work? * Is there future work that we want to call out in hopes that others will pick it up? == Updates == Name: This week: - What you worked on this week. Next week: - What you are planning to work on next week. Help with: - Something you need help with. cecylia (cohosh): 2023-11-09 Last week: - conjure bridge maintenance - caught a bug in safelog library - https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… - caught problem with domain front in conjure - https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/conj… This week: - lox tor browser UX integration - lox distributor testing - look into alternative domain fronting providers Needs help with: dcf: 2023-11-09 Last week: - revised encapsulation.ReadData redesign to return an error in the case of a short buffer https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… - security upgrade to tor 0.4.8.8 on snowflake bridges https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… - sent emails to make contacts for uTLS-like fingerprint obfuscation in pion/dtls Next week: - open issue to have snowflake-client log whenever KCPInErrors is nonzero https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… - parent: https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… - open issue to disable /debug endpoint on snowflake broker Before EOY 2023: - move snowflake-02 to new VM Help with: meskio: 2023-11-23 Last week: - run som experiments on more frequent bridgestrap tests (bridgestrap#39) - investigate failure on rdsys integration tests (rdsys#180) - prepare a deployment of rdsys with secret config params separated (rdsys#92) - work on the rdsys staging server (rdsys#170) - organize work for Sponsor 150 Next week: - deploy rdsys with secret config params separated (rdsys#92) - setup rdsys staging server (rdsys#170) Shelikhoo: 2023-11-23 Last Week: - Work on snowflake performance improvement (WIP): https://gitlab.torproject.org/shelikhoo/snowflake/-/tree/dev-speedwithudp?r… - Updated probeobserver to support both snowflake bridges and updated communication system between China's vantage point and log collector https://gitlab.torproject.org/tpo/anti-censorship/connectivity-measurement/… - Merge request reviews Next Week/TODO: - Write Tor Spec for Armored URL (continue) - Work on snowflake performance improvement (WIP): https://gitlab.torproject.org/shelikhoo/snowflake/-/tree/dev-speedwithudp?r… - Merge request reviews onyinyang: 2023-11-23 Last week(s): - Vacation! - Hackweek: Docs for Lox https://gitlab.torproject.org/tpo/community/hackweek/-/issues/20 - Preparation for publishing Lox crates to crates.io This week: - Finishing up on remaining docs tasks for crates.io publishing - SOTO anti-censorship team presentation preparation - (long term things were discussed at the meeting!): https://pad.riseup.net/p/tor-ac-community-azaleas-room-keep - brainstorming grouping strategies for Lox buckets (of bridges) and gathering context on how types of bridges are distributed/use in practice Question: What makes a bridge usable for a given user, and how can we encode that to best ensure we're getting the most appropriate resources to people? 1. Are there some obvious grouping strategies that we can already consider? e.g., by PT, by bandwidth (lower bandwidth bridges sacrificed to open-invitation buckets?), by locale (to be matched with a requesting user's geoip or something?) 2. Does it make sense to group 3 bridges/bucket, so trusted users have access to 3 bridges (and untrusted users have access to 1)? More? Less?

1 0