tor-project

tor-project@lists.torproject.org

16 participants
2324 discussions

Tor Browser Meeting moved to 2023-02-07
by Richard Pospesel 06 Feb '23

06 Feb '23

Hey All, Since most of us are unavailable today, let's move the Tor Browser weekly meeting to tomorrow (Tuesday 2023-02-07) in #tor-meeting on OFTC IRC. best, -Richard

1 0

major outage at Hetzner
by Antoine Beaupré 04 Feb '23

04 Feb '23

Hi, We are witnessing a large outage at our main service provider, Hetzner. According to the information we have gathered so far, four switches (4!) have failed and that affects four (yes, again, 4!) of the servers in the 8-node cluster. Many services are down. We have not made a full inventory yet, but the mail server is currently up so I'm using this time to send this notification while we decide on short-term mitigations. We hope this outage to be resolved shortly, but we do not have an ETA. Stay tuned. a. PS: and yes, that affects the mechanics behind status.torproject.org so we don't have an update on that site just yet. We have a backup plan for that, but we never drilled for it, so it could take a while to setup. -- Antoine Beaupré torproject.org system administration

2 2

Joydeep's Monthly Status Report for January 2023
by Joydeep Sen Gupta 03 Feb '23

03 Feb '23

Hello everyone! Here are my updates from January 2023. In total, I resolved 1275 tickets across our email, telegram and signal user support channels. Most of my work last month has been around helping users in regions where Tor is censored. There has been another massive uptick in user requests from China. I have been working with users to get feedback, help them use pluggable transports and troubleshoot Tor. On Tor Browser front, we had one major stable release and with that some post-release user support work. I received a few reports of users on Apple Silicon-based Macs unable to fetch Tor Browser updates[1] since Tor Browser 12. The issue is resolved in the latest update i.e. 12.0.2. I also made a small update to the documentation about our GetTor distributor in the Tor Browser Manual[2]. Now, a quick overview of our user support channels: Timeline: 01 - 31 January 2023 # Frontdesk tickets created: 816 tickets resolved: 1461 Most frequent tickets by numbers: 1. 308 RT Tickets - Private Bridge requests from China 2. 96 RT Tickets - How to use a Tor Bridge in Russia 3. 59 RT Tickets - Circumventing censorship with Tor in Iran 4. 9 RT Tickets - Unable to update to 12.0.1 on Apple Silicon-based Mac[1] # Telegram and Signal Support channel (cdr.link) tickets resolved: 650 The most frequent tickets we received have been about: 1. 195 tickets: Circumventing censorship in Russia 2. 166 tickets: Circumventing censorship in Iran 3. 92 tickets: Circumventing censorship in Turkmenistan 4. 19 tickets - Circumventing censorship in China # Tor Forum Most popular topics in the Support category (in terms of number of views): 1. "Changing operating system changes browser fingerprints?" [3] 2. "Wanted to run something like tor network in china"[4] 3. "Road from restricted to unrestircted!"[5] 4. "Do Snowflake Proxies Reveal Tor Traffic to ISP?"[6] 5. "Snowflake standalone proxy in Docker: How to make NAT unrestricted?"[7] Thanks, -- Joydeep [1]: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/issues/4… [2]: https://gitlab.torproject.org/tpo/web/manual/-/issues/138 [3]: https://forum.torproject.net/t/changing-operating-system-changes-browser-fi… [4]: https://forum.torproject.net/t/wanted-to-run-something-like-tor-network-in-… [5]: https://forum.torproject.net/t/road-from-restricted-to-unrestircted/6409/ [6]: https://forum.torproject.net/t/do-snowflake-proxies-reveal-tor-traffic-to-i… [7]: https://forum.torproject.net/t/snowflake-standalone-proxy-in-docker-how-to-…

1 0

Nina’s Monthly status report for January’23
by Nina 03 Feb '23

03 Feb '23

Hi! This is my report for January, 2023. In that month, I resolved 770 tickets: On Telegram (@TorProjectSupportBot) - 464 On RT (frontdesk@tpo) - 306 On January'23, I worked on user support, mostly but not exclusively focusing on Russian-speaking users. The main directions of my communication with users were: - Sharing bridges and troubleshooting around bridges; - Gathering user feedback regarding the new TB versions 12.0.1 and 12.0.2; - Finding the working ways of censorship circumvention and getting feedback on working and not working solutions. @raya and I also started to work on the educational campaign to expand the understanding of the Tor Browser features and use it for censorship circumvention and avoidance of surveillance. In January, I got several complaints from OPPO/Realme phone users [1] with a "Proxy Server Refused Connection" error. I've spotted a Mac-related bug [2], which fortunately does not persist after 12.0.2 release. [1] https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/41289 [2] https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/41336#n…

1 0

Anti-censorship team meeting notes, 2023-02-02
by meskio 02 Feb '23

02 Feb '23

Hey everyone! Here are our meeting logs: http://meetbot.debian.net/tor-meeting/2023/tor-meeting.2023-02-02-15.58.html And our meeting pad: Anti-censorship team meeting pad -------------------------------- Next meeting: Thursday, February 9 16:00 UTC Weekly meetings, every Thursday at 16:00 UTC, in #tor-meeting at OFTC (channel is logged while meetings are in progress) == Goal of this meeting == Weekly check-in about the status of anti-censorship work at Tor. Coordinate collaboration between people/teams on anti-censorship at the Tor Project and Tor community. == Links to Useful documents == * Our anti-censorship roadmap: * Roadmap: https://gitlab.torproject.org/groups/tpo/anti-censorship/-/boards * The anti-censorship team's wiki page: * https://gitlab.torproject.org/tpo/anti-censorship/team/-/wikis/home * Past meeting notes can be found at: * https://lists.torproject.org/pipermail/tor-project/ * Tickets that need reviews: from sponsors, we are working on: * All needs review tickets: * https://gitlab.torproject.org/groups/tpo/anti-censorship/-/merge_requests?s… * Sponsor 28 * must-do tickets: https://gitlab.torproject.org/groups/tpo/-/milestones/10 * possible tickets: https://gitlab.torproject.org/groups/tpo/-/issues?scope=all&utf8=%E2%9C%93&… * Sponsor 96 * https://gitlab.torproject.org/groups/tpo/-/milestones/24 * Sponsor 139 <-- hackerncoder, irl, joydeep, meskio, emmapeel working on it * https://pad.riseup.net/p/sponsor139-meeting-pad == Announcements == * == Discussion == * is there any proposal to encode bridges into human-memorable form? like a list of words? * people have trouble pasting in the bridge lines (fail to get the entire line for example), and support wants either: * something that is easier to copy and paste, or * and easy way to verify that the line was pasted correctly (visual checksum or similar) * bridgemoji are meant to serve this role * gus will open an issue for user research of different options (QR code, sequence of words, others) * snowflake fallback from domain fronting to amp cache, how/whether/when/etc to implement (https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow…) * arma is going to check how hard would be to change c-tor to only connect to two bridges instead of all of them at once. So maybe we can duplicate bridges with domain fronting and amp cache. There is a patch which implements this idea: https://gitlab.torproject.org/tpo/core/tor/-/issues/40578 But see also the caveats on https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… * we need to check the consecquences of using amp cache, and if we are ok having half of our users using it * Three possible options: * multiple bridge lines with different configurations, having multiple bridges with different fingerprint or fixing tor to allow multipe bridgelines with one fingerprint * different definitions in TB for domain-front and amp-cache so users can pick * snowflake client does control the fallback, maybe by passing flags with what to fall back to * use ampcache for snowflake in IR? * https://gitlab.torproject.org/tpo/anti-censorship/team/-/issues/115 * https://gitlab.torproject.org/tpo/anti-censorship/rdsys-admin/-/merge_reque… * our domain front for both snowflake and circumvention settings was blocked in Iran for 9 days * Packet loss resulted in performance issue for snowflake in China * https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… * snowflake fails to bootstrap in the vantage point due to packet lost * shellikhoo is investigating it * (from ahf): do we have an idea about how many C tor modifications that needs to be reviewed before s28 is wrapped up? Purely so we can plan this for take-in. for next week: * Conjure is in nightly versions of Tor Browser now, an update on how it's going and the roll out plan == Actions == * We should make a ticket for pion to cache its stun answers when possible, because right now it surprises us by asking way more stun questions than it actually needs to. * We might want to be able to spin up our own stun servers, on our own ip/port, for debugging. We should talk to TPA about that goal at some point (not urgent). * Roger will look more at https://gitlab.torproject.org/tpo/core/tor/-/issues/40578 ("only contact the first few working bridges on your bridge list") and plan to have a sense of whether it will be an easy hack or a hard one, for next week. == Interesting links == * https://en.wikipedia.org/wiki/Snowflake_(software) == Reading group == * We will discuss "" on * * Questions to ask and goals to have: * What aspects of the paper are questionable? * Are there immediate actions we can take based on this work? * Are there long-term actions we can take based on this work? * Is there future work that we want to call out in hopes that others will pick it up? == Updates == Name: This week: - What you worked on this week. Next week: - What you are planning to work on next week. Help with: - Something you need help with. cecylia (cohosh): last updated 2023-02-02 Last week: - found and fixed bug in rdsys where pruned resources weren't propagating (rdsys#151) - finished writing a rust library for rdsys backend distributors https://gitlab.torproject.org/cohosh/rdsys-backend-api - wrote up Jack's documentation for the wireguard setup between stations and bridge in Gitlab https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/conj… - partially debugged issue with conjure hanging from some stations (conjure#22) - reviewed snowflake!35 - FOCI workshop prep This week: - FOCI workshop prep - debug potential issue with some stations hanging (conjure#22) - debug wireguard setup (conjure#15) - detect and recover from conjure hangs better (conjure#23) - more work on lox integration Needs help with: dcf: 2023-02-02 Last week: - recast the Snowflake fundraising 2022 update into a form for the Tor blog https://gitlab.torproject.org/tpo/web/blog/-/merge_requests/154 - documented the roughly one-week blocking of cdn.sstatic.net in Iran https://gitlab.torproject.org/tpo/anti-censorship/team/-/issues/115 Next week: - migrate goptlib to gitlab https://gitlab.torproject.org/tpo/anti-censorship/team/-/issues/86#note_282… - try Conjure PT development version https://forum.torproject.net/t/tor-dev-introducing-a-conjure-pt-for-tor/4429 Help with: meskio: 2023-02-02 Last week: - clean up gettor locale support code - distribute android apk's in gettor (rdsys#42) - use the new tor browser pt_config.json builtin bridges in moat (rdsys#146) - give support to bridgesanner (rdsys#143) - review rdsys fix to pruned resources bug (rdsys!70) - review whatsapp gettor integration (rdsys!69) Next week: - support internationalization in rdsys (rdsys#11) Shelikhoo: 2023-02-02 Last Week: - [Merge Request Awaiting] Add SOCKS5 forward proxy support to snowflake (snowflake!64) - [Discussion & Deployment] Rollout of Distributed Snowflake Support - [Coding & Deployment] Proposal: Centralized Probe Result Collector (anti-censorship/team#54) - [Research] HTTPT Planning https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/http… - [Merge Request Done] Automated Container Image Building in Continuous integration (https://gitlab.torproject.org/tpo/anti-censorship/connectivity-measurement/…) - research snowflake's performance issue in China(https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transport… - push the chunked upload raw data upload change to vantage points Next Week: - [Research] WebTunnel planning (Continue) - Have a download link for raw vantage point packet capture files Itchy Onion: 2023-1-26 Last week: - Investigate whether stun over TLS is beneficial to us (issues#40240) - Looking at options for standalone proxy runners to specify an interface (issue#40108) This week: - Lunar New Year break - Continue working on issue #40108 (standalone proxy bind specific IP) - Review MRs hackerncoder: 2023-02-02 last week: Next week: - getting ooni-exporter to work with torsf (snowflake) - work on monitoring bridges health - work on "bridgetester"? - setting up snowflakes? cece: 2022-12-22 This week: - working on creating a dummy WhatsApp bot Next week: - My bot is not yet working as expected s still trying to figure that out Help with: - resources -- meskio | https://meskio.net/ -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- My contact info: https://meskio.net/crypto.txt -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Nos vamos a Croatan.

1 0

Cecylia's monthly status report, January 2023
by Cecylia Bocovich 02 Feb '23

02 Feb '23

1 0

Rhatto's Monthly Status Report, January 2023
by rhatto 01 Feb '23

01 Feb '23

Hi all :) This is my monthly status report for January 2023 with the main activities I have done during the period. ## 0. Onion Launchpad, a landing page helper for accessing Onion Services * Semi-automated GitHub deployments: Onion Launchpad now comes with a handy script to configure a repository and build a landing page on GitHub. More information at https://gitlab.torproject.org/tpo/onion-services/onion-launchpad#github-dep… * Analytics gathering using the Matomo API: * This is disabled by default. * Basic analytics can be sent to a backend Matomo or Clean Insights endpoint. * Gathering is opt-in through a consent UX. * Upcoming changes will include a customizable Privacy Policy URL. More information at https://gitlab.torproject.org/tpo/onion-services/onion-launchpad/-/blob/mai… * Misc fixes and enhancements. ## 2. Sponsor 123 I've also done the regular Sponsor 123 deployments, monitoring, maintenance and development. -- Silvio Rhatto pronouns he/him

1 0

PieroV's Monthly Status Report, January 2023
by Pier Angelo Vendrame 01 Feb '23

01 Feb '23

Hi everyone! Here is my status report for January 2023. This month I worked on several small tasks to polish many small details, especially on the tor-browser-build repository. For example, I removed a shim used to launch tor on Tor Browser for macOS. It was used to declare some Python 2.x compatibility variables for obfs3, so it has not been needed for a long time [0]. Another macOS task was switching our DMG installers from ISO images to HFS filesystems to show a custom volume image [1]. This was quite involved because it introduced reproducibility issues, for which I had to patch the HFS creation to use a deterministic volume UUID [2]. All were part of a parent ticket about cleaning up the "Bundle-Data" directory of Tor Browser [3]. In a somehow related topic, I reviewed how we ship extensions [4]. Moving them to the distribution directory might allow us to enable some profile repair tools if needed, or multiple profiles. On the Tor Browser side, I fixed a problem when running the browser for a long time [5]. I did not handle stdout correctly when switching from nsIProcess to Subprocess. Shoutout to the members of our community for finding the cause, and apologies for any inconvenience it caused! Then, I investigated and tried to remove some calls to home that we inherited from Firefox [6]. Finally, I went back to improving our portable profile directory patch. I feel we are reaching its final form. Best, Pier [0] https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/41569 [1] https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/issues/2… [2] https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/issues/4… [3] https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/issues/4… [4] https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/issues/4… [5] https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/41549 [6] https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/40788

1 0

UX Team Meeting cancelled today
by Duncan Larsen-Russell 31 Jan '23

31 Jan '23

Hi folks, The UX Team meeting is cancelled today due to a conflict. But fear not, we shall meet again next week on Tuesday the 7th of Feb. Thanks, Duncan

1 0

Anti-censorship team meeting notes, 2023-01-26
by Shelikhoo 26 Jan '23

26 Jan '23

Hey everyone! Here are our meeting logs: http://meetbot.debian.net/tor-meeting/2023/tor-meeting.2023-01-26-16.01.html And our meeting pad: Anti-censorship work meeting pad -------------------------------- ------------------------------------------------------------------------------------ THIS IS A PUBLIC PAD ------------------------------------------------------------------------------------ Anti-censorship team meeting pad -------------------------------- Next meeting: Thursday, February 2 16:00 UTC Weekly meetings, every Thursday at 16:00 UTC, in #tor-meeting at OFTC (channel is logged while meetings are in progress) == Goal of this meeting == Weekly check-in about the status of anti-censorship work at Tor. Coordinate collaboration between people/teams on anti-censorship at the Tor Project and Tor community. == Links to Useful documents == * Our anti-censorship roadmap: * Roadmap: https://gitlab.torproject.org/groups/tpo/anti-censorship/-/boards * The anti-censorship team's wiki page: * https://gitlab.torproject.org/tpo/anti-censorship/team/-/wikis/home * Past meeting notes can be found at: * https://lists.torproject.org/pipermail/tor-project/ * Tickets that need reviews: from sponsors, we are working on: * All needs review tickets: * https://gitlab.torproject.org/groups/tpo/anti-censorship/-/merge_requests?s… * Sponsor 28 * must-do tickets: https://gitlab.torproject.org/groups/tpo/-/milestones/10 * possible tickets: https://gitlab.torproject.org/groups/tpo/-/issues?scope=all&utf8=%E2%9C%93&… * Sponsor 96 * https://gitlab.torproject.org/groups/tpo/-/milestones/24 * Sponsor 139 <-- hackerncoder, irl, joydeep, meskio, emmapeel working on it * https://pad.riseup.net/p/sponsor139-meeting-pad == Announcements == * == Discussion == * * ln5 asks: does the anti-censorship team want a paid-for host to run STUN/TURN servers on? This is something that could be made part of a grant/fund request. * A server we run ourselves is, in principle, easy to block. The intent is either (not fully sure at this point): * Run a server that is open to the public, so that there are collateral users besides just Snowflake users. * Run a server just for Snowflake, and let it be blocked by the censors that know to block it, simply to reduce load on the other servers we use, in the places where it does not get blocked. (Like the default obfs4 bridges, which are also easy to block, but are not in many places.) * Not a lot of excitement for either idea, since connecting to a distinguished STUN/TURN server is a protocol identification risk. * Suggestion is to run a public STUN/TURN server, but only for Snowflake, and only for proxies (not clients), so that it does not become an identifier for clients. * Proxies-only would work for STUN, but if it were TURN, the connection would still be identifiable by censors (because both the proxy and client would relay through the same TURN IP address). * Will ask ln5 and cohosh for more context. * snowflake fallback from domain fronting to amp cache, how/whether/when/etc to implement (https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow…) * arma is going to check how hard would be to change c-tor to only connect to two bridges instead of all of them at once. So maybe we can duplicate bridges with domain fronting and amp cache * we need to check the consecuences of using amp cache, and if we are ok having half of our users using it * use ampcache for snowflake in IR? * https://gitlab.torproject.org/tpo/anti-censorship/team/-/issues/115 * https://gitlab.torproject.org/tpo/anti-censorship/rdsys-admin/-/merge_reque… * our domain front for both snowflake and circumvention settings is blocked in Iran * that will mean configuring amp cache in Circumvention Settings, the people that will get this configuration will still be able to use domain fronting to access snowflake, but they will keep == Actions == * We should make a ticket for pion to cache its stun answers when possible, because right now it surprises us by asking way more stun questions than it actually needs to. * We might want to be able to spin up our own stun servers, on our own ip/port, for debugging. We should talk to TPA about that goal at some point (not urgent). * Roger will look more at https://gitlab.torproject.org/tpo/core/tor/-/issues/40578 ("only contact the first few working bridges on your bridge list" and plan to have a sense of whether it will be an easy hack or a hard one, for next week. == Interesting links == == Reading group == * We will discuss "" on * * Questions to ask and goals to have: * What aspects of the paper are questionable? * Are there immediate actions we can take based on this work? * Are there long-term actions we can take based on this work? * Is there future work that we want to call out in hopes that others will pick it up? == Updates == Name: This week: - What you worked on this week. Next week: - What you are planning to work on next week. Help with: - Something you need help with. cecylia (cohosh): last updated 2023-01-26 Last week: - FOCI workshop prep - some progress on rust library for rdsys backend - https://gitlab.torproject.org/cohosh/rdsys-backend-api This week: - wrap up conjure documentation and write an announcement asking for testers - finish rust library for rdsys backend - continue working on lox client integration in Tor Browser - take a look at the dead on arrival rotating bridge problem - https://gitlab.torproject.org/tpo/anti-censorship/connectivity-measurement/… Needs help with: dcf: 2023-01-19 Last week: - made merge request to bring sample snowflake client torrc up to date https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… - more review on abbreviating ice specifications https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… - promoted the patch to remove Hello Verify Request and asked for testing https://ntc.party/t/second-snowflake-bridge-available-for-testing/3445/11 https://ntc.party/t/in-case-snowflake-rendezvous-gets-blocked/1857/25 - hacking on snowflake-graphs to do per-country graphs Next week: - migrate goptlib to gitlab https://gitlab.torproject.org/tpo/anti-censorship/team/-/issues/86#note_282… - try Conjure PT development version https://forum.torproject.net/t/tor-dev-introducing-a-conjure-pt-for-tor/4429 Help with: meskio: 2023-01-26 Last week: - give support to bridgesanner (rdsys#143) - review gettor whatsapp implementation (rdsys!66) - investigate the situation of meek in uzbekistan (censorship-analysis#40031) - write S96 report - prepare a Circumvention Settings configuration with ampcache for IR (rdsys-admin!13) - explore snowflake proxy docker options to avoid using the host network (docker-snowflake-proxy#11) Next week: - implement bridgescanner needs (rdsys#143) Shelikhoo: 2023-01-26 Last Week: - [Merge Request Awaiting] Add SOCKS5 forward proxy support to snowflake (snowflake!64) - [Discussion & Deployment] Rollout of Distributed Snowflake Support - [Coding & Deployment] Proposal: Centralized Probe Result Collector (anti-censorship/team#54) - [Research] HTTPT Planning https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/http… - reply a lot of tickets - [Merge Request] Automated Container Image Building in Continuous integration (https://gitlab.torproject.org/tpo/anti-censorship/connectivity-measurement/…) Next Week: - [Research] WebTunnel planning (Continue) - push the chunked upload raw data upload change to vantage points - research snowflake's performance issue in China Itchy Onion: 2023-1-26 Last week: - Investigate whether stun over TLS is beneficial to us (issues#40240) - Looking at options for standalone proxy runners to specify an interface (issue#40108) This week: - Lunar New Year break - Continue working on issue #40108 (standalone proxy bind specific IP) - Review MRs hackerncoder: 2023-01-12 last week: - figure out what makes ooni-exporter put all reports from a country in either success or failure (I still don't know why. But I got it to work) Next week: - getting ooni-exporter to work with torsf (snowflake) - work on monitoring bridges health cece: 2022-12-22 This week: - working on creating a dummy WhatsApp bot Next week: - My bot is not yet working as expected s still trying to figure that out Help with: - resources

1 0

Jump to page:

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

tor-project