tor-project

tor-project@lists.torproject.org

9 participants
2403 discussions

UX Team meeting moved to Monday 24th
by Duncan R. 13 Feb '25

13 Feb '25

Hello friends, As Monday 17th is a US holiday, and I’ll be AFK on Tuesday, the UX Team meeting has been postponed until the following Monday instead. Thanks, D

1 0

Anti-censorship team meeting notes, 2025-02-13
by onyinyang 13 Feb '25

13 Feb '25

1 Hey everyone! 1 2 Here are our meeting logs: 3 http://meetbot.debian.net/tor-meeting/2025/tor-meeting.2025-02-13-16.00.html 4 5 And our meeting pad: 6 7 Anti-censorship work meeting pad 8 -------------------------------- 9 Anti-censorship 10 -------------------------------- 11 12 Next meeting: Thursday,Feb 27 16:00 UTC 13 Facilitator: shelikhoo 14 ^^^(See Facilitator Queue at tail) 15 16 Weekly meetings, every Thursday at 16:00 UTC, in #tor-meeting at OFTC 17 (channel is logged while meetings are in progress) 18 19 This week's Facilitator: onyinyang 20 21 == Goal of this meeting == 22 23 Weekly check-in about the status of anti-censorship work at Tor. 24 Coordinate collaboration between people/teams on anti-censorship at the Tor Project and Tor community. 25 26 27 == Links to Useful documents == 28 * Our anti-censorship roadmap: 29 * Roadmap:https://gitlab.torproject.org/groups/tpo/anti-censorship/-/boards 30 * The anti-censorship team's wiki page: 31 * https://gitlab.torproject.org/tpo/anti-censorship/team/-/wikis/home 32 * Past meeting notes can be found at: 33 * https://lists.torproject.org/pipermail/tor-project/ 34 * Tickets that need reviews: from projects, we are working on: 35 * All needs review tickets: 36 * https://gitlab.torproject.org/groups/tpo/anti-censorship/-/merge_requests?s… 37 * Project 158 <-- meskio working on it 38 * https://gitlab.torproject.org/groups/tpo/anti-censorship/-/issues/?label_na… 39 40 41 == Announcements == 42 43 * No meeting February 20th. There is FOCI at the same time 44 * https://foci.community/ 45 * snowflake-graphs proxy CSV files (client-match.csv, proxy-country.csv, proxy-nat-type.csv, proxy-type.csv) are available again. (Working around a bad descriptor that had prevented updates since 2024-08.) 46 * https://gitlab.torproject.org/dcf/snowflake-graphs/-/commit/089e0af01aa6383… 47 48 == Discussion == 49 50 * moderation of mailing lists to prevent spam 51 * https://lists.torproject.org/mailman3/hyperkitty/list/anti-censorship-team@… 52 * we agree to moderate new subscribers and remove the moderation flag on first post if is not spam 53 * Whether to switch to debian fork of golang for CI 54 * https://gitlab.torproject.org/tpo/tpa/team/-/issues/42014#note_3159983 55 * The problem is sporadic CI failures due to container rate limits. 56 * The rate limit problem has been fixed, for the anti-censorship team at least, by maintaining our own mirror of container images: 57 https://gitlab.torproject.org/tpo/anti-censorship/duplicatedcontainerimages/ 58 * tpo/tpa/team#42014 is a request to have the admin team take on the responsibility of mirroring those container images. 59 * The admin team prefers that we use their existing Debian images that contain golang, rather than take on a new set of container mirrors. 60 * shelikhoo has a distaste for Debian-based images, stemming from past experience with excessive patching and slow updates. shelikhoo prefers either to build our own golang from source (possibly on a Debian-based image), or else use a binary release of golang. 61 * Debian patches to golang: https://sources.debian.org/patches/golang-1.19/1.19.13-1~bpo11%2B1/ 62 * So the trilemma is: 1. extra maintenance for the anti-censorship team (duplicatedcontainerimages), 2. extra maintenance for the admin team, or 3. using the admin team–maintained images which shelikhoo does not want to use. 63 * The resolution is #1: keep using our own mirror at our own maintenance expense. 64 * TPA provides golang containers based on oldstable, stable, testing and sid versions of golang 65 * golang version in debian might be different than the official one 66 * we'll keep using our mirrors of containers 67 * Would we like to support WASM version of proxy? 68 * https://gitlab.torproject.org/WofWca/snowflake/-/compare/main...wasm?from_p… 69 * we could replace the javascript logic of the webextension with the WASM version of the standalone proxy. Removing the need to duplicate functionallity in two languages 70 * When compiled to WASM, Pion acts as a wrapper around the browser's own WebRTC API (i.e. Pion doesn't craft its own DTLS records etc.). So it may be possible to keep browser protocol fingerprints the way they are already. 71 * https://github.com/pion/webrtc/blob/v4.0.9/examples/README.md#webassembly "Pion WebRTC can be used when compiled to WebAssembly, also known as WASM. In this case the library will act as a wrapper around the JavaScript WebRTC API." 72 73 for Feb 27: 74 * Should we user test snowflake with covert-dtls? It is difficult to force Snowflake client to become the DTLS client: https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… 75 * "After some debugging, reading the pion webrtc source code, and referencing RFC 5763 (DTLS-SRTP framework) I realized why hook was never triggered. The Snowflake client will almost always become the server in the DTLS handshake as sends the SDP Offer every time. According to the RFC, only the offer can decide who becomes the client or server." 76 77 == Actions == 78 79 == Interesting links == 80 81 * https://opencollective.com/censorship-circumvention/projects/snowflake-dail… 82 * https://opencollective.com/censorship-circumvention/projects/snowflake-dail… 83 * €3,917.57 snowflake-01 bandwidth expenses in 2024 84 85 == Reading group == 86 87 * We will discuss "Identifying VPN Servers through Graph-Represented Behaviors" on February 27 88 * https://dl.acm.org/doi/10.1145/3589334.3645552 89 * https://dl.acm.org/doi/pdf/10.1145/3589334.3645552 90 * https://github.com/chenxuStep/VPNChecker 91 * Questions to ask and goals to have: 92 * What aspects of the paper are questionable? 93 * Are there immediate actions we can take based on this work? 94 * Are there long-term actions we can take based on this work? 95 * Is there future work that we want to call out in hopes that others will pick it up? 96 97 == Updates == 98 Name: 99 This week: 100 - What you worked on this week. 101 Next week: 102 - What you are planning to work on next week. 103 Help with: 104 - Something you need help with. 105 106 cecylia (cohosh): 2025-02-13 107 Last week: 108 - supported conjure work 109 - reviewed snowflake!315 110 - helped debug and and give feedback on snowflake website 111 - updated our jasmine tests for snowflake-webext CI (snowflake-webext#112) 112 - responded to emails on SQS rendezvous 113 - commented on onionperf + python3.13 issue (onionperf#40051) 114 - finally closed out the meek bridge handover issue (team#133) 115 - updated team#142 with recent proxy count graphs and closed it 116 - other random reviews and todos 117 This week: 118 - support conjure work 119 - debug SQS rendezvous 400 errors 120 - take a look at potential snowflake orbot bug 121 - https://github.com/guardianproject/orbot-android/issues/1183 122 - maybe do some lox work 123 124 dcf: 2025-02-13 125 Last week: 126 - snowflake azure CDN bookkeeping https://gitlab.torproject.org/tpo/anti-censorship/team/-/wikis/Snowflake-co… 127 - decommissioned the snowflake-broker.azureedge.net CDN profile https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… 128 - decommissioned the old snowflake broker VPS instance https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… 129 - verified documentation fix for snowflake-broker journalctl command https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… 130 Next week: 131 - open issue to have snowflake-client log whenever KCPInErrors is nonzero https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… 132 - parent: https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… 133 - open issue to disable /debug endpoint on snowflake broker 134 Help with: 135 136 meskio: 2024-02-13 137 Last week: 138 - long discussions around rdsys in containers (rdsys#219) 139 - debug why webtunnel in lyrebird is not accepting https proxy (lyrebird#40024) 140 - fix moat so it will distribute webtunnel bridges in russia (rdsys#256) 141 - bring backward compatibility on the moat captcha API (rdsys!480) 142 Next week: 143 - steps towards a rdsys in containers (rdsys#219) 144 145 Shelikhoo: 2024-02-13 146 Last Week: 147 - [Refine] Unreliable+unordered WebRTC data channel transport for Snowflake rev2 (cont.)( https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… ) improvements 148 - [Invesgate]Add support for using a proxy to connect to the PTs(https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/… 149 - Merge request reviews 150 Next Week/TODO: 151 - Merge request reviews 152 - [Refine] Unreliable+unordered WebRTC data channel transport for Snowflake rev2 (cont.)( https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… ) improvements 153 - [Deploy] Remove domain snowflake-broker.bamsoftware.com from snowflake broker's ACME tool 154 - [Fix] Add support for using a proxy to connect to the PTs(https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/… 155 156 onyinyang: 2025-02-13 157 Last week(s): 158 - continued work on ampcache registration method for conjure 159 - WIP MR: https://github.com/cohosh/conjure/pull/1 160 Next week: 161 - finish up ampcache registration method (sqs on hold for now) 162 - Begin work on either obfs4 transport or decoy registration option 163 - FOCI 164 - add TTL cache to lox MR for duplicate responses: 165 https://gitlab.torproject.org/tpo/anti-censorship/lox/-/merge_requests/305 166 As time allows: 167 - Continue work on implementing issuer efficiency for check-blockage and trust-promotion protocols 168 - Work on outstanding milestone issues: 169 - key rotation automation 170 171 Later: 172 pending decision on abandoning lox wasm in favour of some kind of FFI? https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/43096): 173 - add pref to handle timing for pubkey checks in Tor browser 174 - add trusted invitation logic to tor browser integration: 175 https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/42974 176 - improve metrics collection/think about how to show Lox is working/valuable 177 - sketch out Lox blog post/usage notes for forum 178 179 (long term things were discussed at the meeting!): 180 - brainstorming grouping strategies for Lox buckets (of bridges) and gathering context on how types of bridges are distributed/use in practice 181 Question: What makes a bridge usable for a given user, and how can we encode that to best ensure we're getting the most appropriate resources to people? 182 1. Are there some obvious grouping strategies that we can already consider? 183 e.g., by PT, by bandwidth (lower bandwidth bridges sacrificed to open-invitation buckets?), by locale (to be matched with a requesting user's geoip or something?) 184 2. Does it make sense to group 3 bridges/bucket, so trusted users have access to 3 bridges (and untrusted users have access to 1)? More? Less? 185 186 theodorsm: 2025-02-13 187 Last weeks: 188 - Debugging Tor Build with covert-dtls: https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… 189 Next weeks: 190 - Update covert-dtls to handle new DTLS extensions in recent browsers 191 - Write instructions on how to configure covert-dtls with snowflake client 192 - Fix merge conflicts in MR (https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow…). 193 - Condensing thesis into paper (on hold) 194 Help with: 195 - Test stability of covert-dtls in snowflake 196 197 198 199 Facilitator Queue: 200 onyinyang shelikhoo meskio 201 1. First available staff in the Facilitator Queue will be the facilitator for the meeting 202 2. After facilitating the meeting, the facilitator will be moved to the tail of the queue ~ ~ ~ ~ -- --- onyinyang GPG Fingerprint 3CC3 F8CC E9D0 A92F A108 38EF 156A 6435 430C 2036

1 0

Applications Team Meeting Cancelled Next Week
by Morgan 13 Feb '25

13 Feb '25

Hi everyone, Next Monday is a US holiday, so we will cancel our weekly IRC meeting. The next one will be Monday February 24 (2025-02-24) at 1600 UTC in #tor-meeting. best, -morgan

1 0

minutes from the sysadmins
by Antoine Beaupré 10 Feb '25

10 Feb '25

Hi! We had our monthly meeting today, and here are the minutes. # Roll call: who's there and emergencies anarcat, groente, lavamind, lelutin and zen # Dashboard review Normal per-user check-in: - <https://gitlab.torproject.org/groups/tpo/-/boards?scope=all&utf8=%E2%9C%93&…> - <https://gitlab.torproject.org/groups/tpo/-/boards?scope=all&utf8=%E2%9C%93&…> - <https://gitlab.torproject.org/groups/tpo/-/boards?scope=all&utf8=%E2%9C%93&…> - <https://gitlab.torproject.org/groups/tpo/-/boards?scope=all&utf8=%E2%9C%93&…> - <https://gitlab.torproject.org/groups/tpo/-/boards?scope=all&utf8=%E2%9C%93&…> General dashboards: - <https://gitlab.torproject.org/tpo/tpa/team/-/boards/117> - <https://gitlab.torproject.org/groups/tpo/web/-/boards> - <https://gitlab.torproject.org/groups/tpo/tpa/-/boards> # FYI: tpo/tpa/tails/sysadmin moved to tpo/tpa/tails-sysadmin Just that. # February capacity review We reviewed the "everything everwhere all the time" capacity spreadsheet and confirmed the various people's allocations for February: - anarcat: coordination, security policy, pgBackRest, MinIO backups - groente: email wrap up, start work on a plan for merging authentication services - lavamind: Puppet packaging and deployments, rdsys contenainerization, GitLab MinIO migration - lelutin: Prometheus phase B, MinIO backups - zen: Tails' Bitcoin retirement, LimeSurvey merge, Icinga retirement plan, Puppet merge plan proposal # g10k decision we're going to go ahead with the original g10k control repo plan (no git modules, no monorepo, yes Puppetfile, yes git/package hashes), this will require replacing the current environments deployment hook provided by the puppet module and investigating how to deploy the environments with g10k directly. # Next meeting March 3rd, as per regular scheduling. # Metrics of the month * hosts in Puppet: 90, LDAP: 90, Prometheus exporters: 584 * number of Apache servers monitored: 33, hits per second: 609 * number of self-hosted nameservers: 6, mail servers: 90 * pending upgrades: 0, reboots: 84 * average load: 1.17, memory available: 3.26 TiB/5.11 TiB, running processes: 238 * disk free/total: 58.89 TiB/142.92 TiB * bytes sent: 475.80 MB/s, received: 304.62 MB/s * [GitLab tickets][]: 257 tickets including... * open: 1 * icebox: 156 * needs information: 4 * backlog: 21 * next: 16 * doing: 6 * needs review: 11 * (closed: 3919) [Gitlab tickets]: https://gitlab.torproject.org/tpo/tpa/team/-/boards We do not have an upgrade prediction graph as there are no major upgrades in progress. -- Antoine Beaupré torproject.org system administration

1 0

Anti-censorship team meeting notes, 2025-02-06
by meskio 06 Feb '25

06 Feb '25

Hey everyone! Here are our meeting logs: http://meetbot.debian.net/tor-meeting/2025/tor-meeting.2025-02-06-16.00.html And our meeting pad: Anti-censorship -------------------------------- Next meeting: Thursday,Feb 13 16:00 UTC Facilitator: meskio ^^^(See Facilitator Queue at tail) Weekly meetings, every Thursday at 16:00 UTC, in #tor-meeting at OFTC (channel is logged while meetings are in progress) This week's Facilitator: shelikhoo == Goal of this meeting == Weekly check-in about the status of anti-censorship work at Tor. Coordinate collaboration between people/teams on anti-censorship at the Tor Project and Tor community. == Links to Useful documents == * Our anti-censorship roadmap: * Roadmap:https://gitlab.torproject.org/groups/tpo/anti-censorship/-/boards * The anti-censorship team's wiki page: * https://gitlab.torproject.org/tpo/anti-censorship/team/-/wikis/home * Past meeting notes can be found at: * https://lists.torproject.org/pipermail/tor-project/ * Tickets that need reviews: from projects, we are working on: * All needs review tickets: * https://gitlab.torproject.org/groups/tpo/anti-censorship/-/merge_requests?s… * Project 158 <-- meskio working on it * https://gitlab.torproject.org/groups/tpo/anti-censorship/-/issues/?label_na… == Announcements == * snowflake-broker.azureedge.net and meek-reflect.azureedge.net have stopped resolving as of 2025-02-04. https://lists.torproject.org/mailman3/hyperkitty/list/anti-censorship-team@… https://lists.torproject.org/mailman3/hyperkitty/list/anti-censorship-team@… dcf will take care of decomissioning the instance == Discussion == * snowflake with covertdtls builds - ask for testing (on Tor Forum)? * https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… * https://people.torproject.org/~cohosh/snowflake_covertdtls/ * theodorsm is debugging a possible issue where the snowflake client is rarely a DTLS client * we'll wait for it to ask others to test it * Old Debian broker 10 has been turned off. Any problems? * https://lists.torproject.org/mailman3/hyperkitty/list/anti-censorship-team@… * meskio reports no change in grafana * dcf will need to reduce the resource allocation of the new broker in order to get it under the 50 EUR/month credit. * happened 2025-02-04 17:42:52 https://lists.torproject.org/mailman3/hyperkitty/list/anti-censorship-team@… * only thing we might want to save are the snowflake-broker logs, as in previous * https://archive.org/details/snowflake-broker-logs-20190416 * https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… * shelikhoo has additional logs from a before a disk-full event once * decision: * dcf will delete the old broker VPS without saving anything from the disk image * shelikhoo will delete the local copy of the logs from before the disk-full event * Now that the broker resource allocation has been reduced for cost reasons, do we have monitoring in place to monitor the load and see how it is behaving? * https://lists.torproject.org/mailman3/hyperkitty/list/anti-censorship-team@… * ram usage is about 3258.7 of 8K * cpu is about 200% of 400% * There are small spikes in network bandwidth aligned to the start of every hour * meskio doesn't see any similar thing in grafana, like client polls are not happening hourly * on closer inspection, yes there are some spikes in client polls, per your, not as big as in the traffic graph * nginx is restarted every hour, on the hour, to check for new certificates. but that would be unlikely to affect the network. == Actions == == Interesting links == * "Identifying VPN Servers through Graph-Represented Behaviors" * https://dl.acm.org/doi/10.1145/3589334.3645552 * https://dl.acm.org/doi/pdf/10.1145/3589334.3645552 * https://github.com/chenxuStep/VPNChecker == Reading group == * We will discuss "Identifying VPN Servers through Graph-Represented Behaviors" on February 27 * https://dl.acm.org/doi/10.1145/3589334.3645552 * https://dl.acm.org/doi/pdf/10.1145/3589334.3645552 * https://github.com/chenxuStep/VPNChecker * Questions to ask and goals to have: * What aspects of the paper are questionable? * Are there immediate actions we can take based on this work? * Are there long-term actions we can take based on this work? * Is there future work that we want to call out in hopes that others will pick it up? == Updates == Name: This week: - What you worked on this week. Next week: - What you are planning to work on next week. Help with: - Something you need help with. cecylia (cohosh): 2025-02-06 (away during meeting) Last week: - followed up on let's encrypt + meek email and review - changed broker's ClientTimeout (snowflake#40446) - tested meek-azure reachability and updated some bridge lines - reviewed lox!305 - debugged and helped plan conjure work This week: - review snowflake!315 - support conjure work - take a look at potential snowflake orbot bug - https://github.com/guardianproject/orbot-android/issues/1183 - maybe do some lox work dcf: 2025-02-06 Last week: - tracked status of snowflake-broker.azureedge.net after announced date of Edgio shutdown https://lists.torproject.org/mailman3/hyperkitty/list/anti-censorship-team@… - helped debug reported "AMP cache rendezvous doesn't work in China" https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… - commented on adding country to snowflake prometheus metrics https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… - suggested color-scheme CSS for snowflake embed (rather than a query parameter or somesuch) https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… - turned off the old Debian 10 broker, VPS still exists https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… - restarted new broker with a lower-cost configuration https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… - snowflake broker VPS bookkeeping https://gitlab.torproject.org/tpo/anti-censorship/team/-/wikis/Snowflake-co… Next week: - open issue to have snowflake-client log whenever KCPInErrors is nonzero https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… - parent: https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… - open issue to disable /debug endpoint on snowflake broker Help with: meskio: 2024-02-06 Last week: - map rdsys containers (rdsys#219) - fix the snowflake proxy prometheus coutry metrics MR (snowflake!482) - fixes for collector on bridgedb metrics (collector#40049) - remove meek azure (team#155) Next week: - steps towards a rdsys in containers (rdsys#219) - why is lyrebird not accepting https proxy (lyrebird#40024) Shelikhoo: 2024-02-06 Last Week: - [Refine] Unreliable+unordered WebRTC data channel transport for Snowflake rev2 (cont.)( https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… ) improvements - [Review] covert-dtls - Merge request reviews Next Week/TODO: - Merge request reviews - [Refine] Unreliable+unordered WebRTC data channel transport for Snowflake rev2 (cont.)( https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… ) improvements onyinyang: 2025-02-06 Last week(s): - continued work on ampcache registration method for conjure Next week: - finish up ampcache registration method (sqs on hold for now) - Begin work on either obfs4 transport or decoy registration option - add TTL cache to lox MR for duplicate responses: https://gitlab.torproject.org/tpo/anti-censorship/lox/-/merge_requests/305 As time allows: - Continue work on implementing issuer efficiency for check-blockage and trust-promotion protocols - Work on outstanding milestone issues: - key rotation automation Later: pending decision on abandoning lox wasm in favour of some kind of FFI? https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/43096): - add pref to handle timing for pubkey checks in Tor browser - add trusted invitation logic to tor browser integration: https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/42974 - improve metrics collection/think about how to show Lox is working/valuable - sketch out Lox blog post/usage notes for forum (long term things were discussed at the meeting!): - brainstorming grouping strategies for Lox buckets (of bridges) and gathering context on how types of bridges are distributed/use in practice Question: What makes a bridge usable for a given user, and how can we encode that to best ensure we're getting the most appropriate resources to people? 1. Are there some obvious grouping strategies that we can already consider? e.g., by PT, by bandwidth (lower bandwidth bridges sacrificed to open-invitation buckets?), by locale (to be matched with a requesting user's geoip or something?) 2. Does it make sense to group 3 bridges/bucket, so trusted users have access to 3 bridges (and untrusted users have access to 1)? More? Less? theodorsm: 2025-02-06 Last weeks: - Testing Tor Build with covert-dtls (troubleshooting becoming DTLS client and not seeing manipulated messages). Next weeks: - Update covert-dtls to handle new DTLS extensions in recent browsers - Write instructions on how to configure covert-dtls with snowflake client - Fix merge conflicts in MR (https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow…). - Condensing thesis into paper (on hold) Help with: - Test stability of covert-dtls in snowflake Facilitator Queue: meskio onyinyang shelikhoo 1. First available staff in the Facilitator Queue will be the facilitator for the meeting 2. After facilitating the meeting, the facilitator will be moved to the tail of the queue -- meskio | https://meskio.net/ -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- My contact info: https://meskio.net/crypto.txt -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Nos vamos a Croatan.

1 0

Haidi January'25 Report
by Haidi 05 Feb '25

05 Feb '25

Hi! Below is my January’25 (Period: 2025-01-01 - 2025-01-27) report! I have become more familiar with the projects, documents and internal policies of the Tor Project. In January, I resolved about 27 tickets from Farsi-speaking users: * On Telegram (@TorProjectSupportBot) - 25; * On RT (frontdesk@tpo) - 2; Reported Right-to-left lack of support issue on RT: https://gitlab.torproject.org/tpo/community/support/-/issues/40174 This is the pad link for my report : https://pad.riseup.net/p/Haidi-Report-January2025-keep Thanks, Haidi

1 0

ebanam's monthly report and user support report for January 2025
by ebanam 05 Feb '25

05 Feb '25

Hello everyone, Similar to the past few months most of my work last month focussed on helping users in regions where Tor is censored, which includes helping users with instructions to download Tor Browser binaries from GetTor and/or official mirrors, verifying Tor Browser's GPG signature, help with using censorship circumvention methods that works best for them and overall troubleshooting. We saw a massive uptick in support requests from Chinese speaking users most of which can be attributed to the backlog of tickets I had to answer coming from the holiday break. I also made some minor documentation updates, 1) updated articles for Tor Browser 13.5 legacy updates with Tor Browser 13.5.11[0], 2) Onion service documentation on the Community Portal[1]. Following is a more detailed report about the tickets our user support team worked on last month. # Frontdesk (email user support channel) * 627(↓) RT tickets created * 780(↑) RT tickets resolved Tickets by topics and numbers: 1. 425(↑) RT tickets: instructions to circumvent censorship for Chinese speaking users. 2. 191(↓) RT tickets: circumventing censorship in Russian speaking countries. 3. 11(↓) RT tickets: WebTunnel bridges campaign. 4. 5(↓) RT tickets: help with installing Tor Browser for Desktop. 5. 5(↓) RT tickets: questions about how Tor works - is my IP visible when using Tor? what application level protections I get when using Tor Browser? what are 'Security Levels' in the Tor Browser etc. 6. 5(↓) RT tickets: reports of websites blocking Tor connections. 7. 5(↑) RT tickets: questions about how one can contribute to Tor - code, documentation, localization, etc. 8. 5(↑) RT tickets: questions about onion services and how to access them. 9. 4(↑) RT tickets: circumventing censorship with Tor in Farsi. 10. 4(↓) RT tickets: help with troubleshooting existing Tor Browser install on Desktop (Windows, macOS and Linux). 11. 4(↑) RT tickets: reports of anti-virus software blocking Tor Browser (these were false alarms, see https://support.torproject.org/tbb/tbb-10/) 12. 3(↑) RT tickets: help with setting up a Snowflake proxy. 13. 3(↑) RT tickets: questions about setting up a bridge relay. 14. 3(↑) RT tickets: help with using bridges and snowflake with little-t-tor. 15. 2(↓) RT tickets: reports of a fake apps on iOS AppStore masquerading as official Tor Browser. 16. 2(↑) RT tickets: help with troubleshooting Tor Browser Android. 17. 1(↓) RT ticket: instructions to download Tor Browser 13.5 legacy for legacy operating systems. # Telegram, WhatsApp and Signal Support channel * 856(↓) tickets resolved Breakdown: * 839(↓) tickets on Telegram * 17(↓) tickets on WhatsApp * 0(↓) tickets on Signal Tickets by topics and numbers: 1. 579(↓) tickets: circumventing censorship in Russian speaking countries. 2. 30(↑) tickets: instructions to circumvent censorship for Chinese speaking users. 3. 12(↓) tickets: circumventing censorship with Tor in Farsi. 4. 14(-) tickets: helping users on iOS, using Onion Browser or Orbot, to use censorship circumvention methods. 5. 5(↓) tickets: help with troubleshooting Tor Browser Desktop on Windows, macOS and Linux. 6. 4(↓) tickets: help with instructions to use bridges with Tails. 7. 4(↑) tickets: questions about onion services and how to access them. 8. 2(-) tickets: users seeing a "proxy refused" error when visiting websites on Tor Browser for Android using Samsung devices.[2] 9. 1(↓) ticket: instructions on how to get Tor Browser binaries from GetTor. 10. 1(↓) tickets: instructions to download Tor Browser 13.5 legacy for legacyoperating systems. 11. 1(↑) ticket: question about the differences in various security levels in the Tor Browser. 12. 1(-) ticket: help with using bridges and snowflake with little-t-tor. 13. 1(↑) ticket: report of a fake app on iOS AppStore masquerading as official Tor Browser. # Highlights from the Tor Forum 1. Configuring little-t-tor to use pluggable transports.[3] 2. JavaScript and extensions / add-ons with Tor Browser.[4] Note: (↑), (↓) and (-) are indicating if the number of tickets we received for these topics have been increasing, decreasing or have been the same from the previous month respectively. best, e. [0]: https://gitlab.torproject.org/tpo/community/support/-/issues/40178 [1]: https://gitlab.torproject.org/tpo/web/community/-/merge_requests/412 [2]: https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/42714 [3]: https://forum.torproject.org/t/webtunnel-bridges-work-with-tor-browser-but-… [4]: https://forum.torproject.org/t/struggling-with-javascript-and-add-ons-in-to…

1 0

Repurposing the Global South Mailing List
by Za'atar زَعْتَر 04 Feb '25

04 Feb '25

Hello, The Global South mailing list has been quiet for some time, and the Tor community team has decided to repurpose it for Tor partners in the Global South. Moving forward, we will use it to share updates on activities such as online meetups, Privacy Resilience Grants, in-person training-of-trainers opportunities (Tor Training Academy), and more. The list will be refreshed today, Tuesday, February 4th. We invite everyone to join the Tor forum: https://forum.torproject.org/ Thank you, Za'atar

1 0

intrigeri's report, January 2025
by intrigeri 04 Feb '25

04 Feb '25

Hi, User-visible ============ I've reviewed and supported the work of my team-mates on a number of high priority user-visible improvements. User-invisible ============== Apart of the usual amount of KTLO work: - I've been coordinating the search for new maintainers for Metadata Cleaner: https://forum.torproject.org/t/metadata-cleaner-is-looking-for-a-new-co-mai… - I have automated some Git operations that were previously done manually every time we merged changes into our main development branch. - I have fixed several vulnerabilities that were found by Radically Open Security as part of their recent security audit of Tails. Sadly, some of them were similar to those found during their previous audit. We want to learn from this, stay tuned! - I created automation that ensures we won't reintroduce 1 of the types of vulnerability that were found during this audit. Team lead ========= - We, the Tails Team, have been working on our priorities for 2025 together with sajolida (UX). I'll publish a cleaned up version shortly. - I've learned how the grant reporting process works at Tor. - I've deleted or updated public documentation for Tails contributors that was made obsolete by the merge with Tor. Accounting ========== I've reviewed partial books from 1 of Tails' previous fiscal sponsors, as part of the transition to Tails' new nest, the Tor project. Cheers, -- intrigeri

1 0

Nina’s Monthly Status Report, January, 2025
by Nina 03 Feb '25

03 Feb '25

Hi! Below is my January’25 report! In January, I resolved a total of 904 tickets, a decrease of 775 from the previous month (total: 1679): - RT (frontdesk@tpo) - 191 (↓28) - Telegram (@TorProjectSupportBot) - 712 (↓747) - WhatsApp (+447421000612) - 1 (1) - Signal (+17787431312) - 0 (0). My main focus in January (and always) was supporting Russian-speaking users in bypassing internet censorship. So I shared censorship circumvention instructions, helped users resolve any issues they are facing with Tor Browser, and collected their feedback on what worked for them and what didn’t. I also took part in Tor Forum moderation and worked on reviewing Google Play Store users' reviews. For the first in the last six months, we observed a decrease in support tickets from Russian-speaking users. Despite this decrease, the number of tickets is still higher than in July-2024, when new censorship activities by Roskomnadzor were detected[1]. I created a new ticket to track censorship in Russia in 2025[2]. ## Elections in Belarus In January there were Presidential Elections in Belarus [3]. On the eve of the elections many VPN services and websites were blocked in the country [4]. It seems Tor remained accessiblewith bridges[5],however some users reported difficulties in finding working bridges. *##**Google Play Reviews for Tor Browser**(TBA)**and Tor Browser Alpha**for Android* - Tor Browser for Android (TBA) had a Google Play rating of 4.389 (↑) stars in January 2025, which is higher than in December. - Tor Browser for Android (TBA) got 774 (↑17) reviews out of 60,429 for the lifetime. - Tor Browser for Android Alpha (TBA-Alpha) app had a rating of 4.219 (↓) which is lower than in December. - In January, Tor Browser for Android (TBA-Alpha) got 37 (0) reviews out of 8,448 for the lifetime. ## Most common issues on the Google Play store reviews - “Tor Browser doesn’t work”: - often from Russian users, who are struggling to find a way to connect to Tor; - “Tor speed is too slow”: I use a template asking to refresh the Tor circuit or contact Tor Browser support. In the reviews I also encountered an issue of Tor Browserfor Androidfreezes when used on Realme GT NEO 3 smartphone[6]. [1] https://gitlab.torproject.org/tpo/anti-censorship/censorship-analysis/-/iss… [2] https://gitlab.torproject.org/tpo/anti-censorship/censorship-analysis/-/iss… [3] https://en.wikipedia.org/wiki/2025_Belarusian_presidential_election [4] https://news.zerkalo.io/life/89461.html?tg=4 [5] https://metrics.torproject.org/userstats-bridge-combined.html?start=2024-10… <https://metrics.torproject.org/userstats-bridge-combined.html?start=2024-10…> [6] https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/43444

1 0

← Newer
1
2
3
4
5
6
7
...
241
Older →

Jump to page:

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

tor-project