- tor-project - lists.torproject.org

OONI Monthly Report: November 2022
by Maria Xynou 11 Jan '23

11 Jan '23

Hello, Below I share OONI's status report for November 2022. *# OONI Monthly Report: November 2022* Throughout November 2022, the OONI team worked on the following sprints: * Sprint 77 (1st-6th November 2022) * Sprint 78 (7th-20th November 2022) * Sprint 79 (21st-30th November 2022) Our work can be tracked through the various OONI GitHub repositories: https://github.com/ooni Highlights are shared in this report below. *## Technical multi-stakeholder research report on Internet shutdowns in Iran* In collaboration with IODA, M-Lab, Cloudflare, Kentik, Censored Planet, ISOC, and Article19, OONI published a new research report: "Technical multi-stakeholder report on Internet shutdowns: The case of Iran amid autumn 2022 protests". Read the report here: https://ooni.org/post/2022-iran-technical-multistakeholder-report/ This report combines multiple measurement datasets in an attempt to investigate the internet shutdown events in Iran over the past months amid protests. We consider this a particularly important research report, as it’s likely the first ever report that combines so many internet measurement datasets in investigating a case study. Specifically, we provide data and analysis on the following in Iran: * Mobile network outages * Regional outages * HTTP/3 and QUIC traffic drop * IPv6 disruption on Irancell * Increased blocking of encrypted DNS * Impact on internet speed tests * Blocking of WhatsApp, Instagram, Skype, Linkedin, and Viber * Blocking of Google Play Store and Apple App Store * Blocking of browser extension repositories ISOC also shared their analysis on examining the economic impact of the shutdowns. We provide a summary of the key findings here: https://ooni.org/post/2022-iran-technical-multistakeholder-report/#summary-… ISOC also published a blog post about the report: https://pulse.internetsociety.org/blog/technical-multistakeholder-report-on… *## OONI Team Meeting* Between 2nd-4th November 2022, we organized and hosted a 3-day OONI Team Meeting in Rome, Italy. This was the first in-person OONI Team Meeting since the start of the COVID-19 pandemic. Unfortunately not everyone was able to join us in person in Rome, and so we facilitated a hybrid meeting, with some participants in person, and others joining us remotely online. In addition to OONI’s 9 team members, the meeting also included the 2 OTF Information Controls Research Fellows (Ain Ghazal and Gurshabad Grover) that we’re currently hosting. During this 3-day meeting, we improved our roadmaps and discussed strategic priorities and implementation details for many new systems we’ll be building over the next few years. Specifically, the 3-day OONI Team Meeting included the following sessions: * Time for reflection * Community needs and priorities * Expanding OONI’s testing model to support richer testing input * Incrementally integrating Websteps into Web Connectivity LTE * Measuring the blocking of VPNs * Research on Internet censorship in South Asia and analysis of “failed” measurements * Creating a methodology for measuring throttling: Next steps * Automating the detection and characterization of censorship * Creating a Social Media Censorship Alert System * Presenting thematic censorship findings on OONI Explorer * Creating a Censorship Incident Reporting Platform * Aligning the anomaly calculations between the pipeline, Explorer, and probe * Handling of HTTP response bodies in measurements * Triage and prioritization of issues * Roadmapping sessions * Fundraising priorities During the OONI Team Meeting, we also had an OONI-themed cake to celebrate OONI’s 10th Anniversary together ( https://ooni.org/post/ooni-in-2022/images/01.png) After the 3-day OONI Team Meeting, we had a “team bonding day” together in Rome. *## Organizing OONI’s 10th Anniversary* In preparation for OONI’s 10th Anniversary (on 5th December 2022), we worked towards organizing live-streamed events and creating multimedia content to mark the important milestone. In November 2022, we published a blog post which invites the internet freedom community to attend 2 live-streamed events for OONI’s 10th Anniversary: https://ooni.org/post/10th-ooniversary-events/ Throughout November 2022, we interviewed 11 OONI community members and worked with a videographer on creating a video that highlights how OONI has been useful to the internet freedom community. We also wrote a script for an animation that provides a timeline of key OONI highlights from the past 10 years, and we worked with animators on producing an animation. Both the community video and animation were scheduled for publication around OONI’s 10th Anniversary in early December 2022. *## OONI Probe Mobile* In November 2022, we released OONI Probe Android 3.7.2 ( https://github.com/ooni/probe-android/releases/tag/v3.7.2) with bug fixes and improvements. We worked towards ensuring that flutter implementations are updated properly on all platforms and we started making progress on unsupported platforms (https://github.com/ooni/probe-cli/pull/880) We also worked on triaging issues reported in Sentry. *## OONI Run* We edited the copy on the OONI Run platform: https://github.com/ooni/run/pull/118 *## OONI Probe CLI* We released OONI Probe CLI 3.16.4 ( https://github.com/ooni/probe-cli/releases/tag/v3.16.4) and v3.16.5 ( https://github.com/ooni/probe-cli/releases/tag/v3.16.5) to fix issues with the Signal nettest caused by Signal changing the certification authority it uses to authenticate its endpoints. Additionally, we started merging ooniprobe (the official command line client) and miniooni (the research command line client) by abstracting common functionality into shared Go packages to be used by both tools. This work is documented through the following pull requests: https://github.com/ooni/probe-cli/pull/979 and https://github.com/ooni/probe-cli/pull/982. Notably, we added support to ooniprobe for a `--proxy` command line argument, thus facilitating the use of circumvention tools (such as tor): https://github.com/ooni/probe-cli/pull/981 We also made the code that communicates with the Web Connectivity Test Helper more reliable by trying all the available Test Helpers, rather than just using the first one returned by the backend API. This work is available through the following pull request: https://github.com/ooni/probe-cli/pull/980 *## OONI Probe Desktop* We released OONI Probe Desktop 3.8.2 which includes Signal nettest fixes from OONI Probe CLI: https://github.com/ooni/probe-desktop/releases/tag/v3.8.2 *## Published an OONI Probe Desktop screencast* To enable community members worldwide to use OONI Probe, we created an OONI Probe Desktop screencast which we published on our YouTube channel. Our OONI Probe Desktop screencast is available here: https://www.youtube.com/watch?v=tLDVpyHFsW0 *## Russian translation of the OONI Probe Mobile and Desktop User Guides* We translated the OONI Probe user guides to Russian, and published the translated versions: * OONI Probe Mobile: https://ooni.org/ru/support/ooni-probe-mobile * OONI Probe Desktop: https://ooni.org/ru/support/ooni-probe-desktop *## Expanding OONI’s testing model to support richer testing input* We started refactoring work to support providing richer input to OONI Probe tests (https://github.com/ooni/ooni.org/issues/1291) This work stems from the observation that OONI experiments require input that is more complex than a URL in several cases. For example, to correctly test HTTP/3 websites we would need to know whether a website supports HTTP/3. We started off by refactoring the signature of OONI experiment’s “Run” function to simplify the changing of arguments passed to each experiment ( https://github.com/ooni/probe-cli/pull/983) without having to refactor ~30 Go packages each time. *## OONI Explorer* We continued to work on the user feedback reporting mechanism ( https://github.com/ooni/explorer/pull/790) focusing on usability aspects with the help of a UI/UX designer. In order to improve the current OONI Explorer interface and plan new features, we started conducting UX research. We added support for RTL languages and localized date formatting across OONI Explorer as part of localization work ( https://github.com/ooni/explorer/pull/805) We also fixed the back navigation on pages that include filter params in the URL ( https://github.com/ooni/explorer/pull/815) and we added support for filtering by anomalies (https://github.com/ooni/explorer/pull/816) on the Measurement Aggregation Toolkit (MAT). *## OONI backend* We started reviewing the security report from Cure53 (who conducted an independent security audit of our software) and we deployed different mitigations based on the feedback we received. We implemented Bearer Token in the API as an improvement over the previous security cookie ( https://github.com/ooni/api/pull/313) We also implemented a mitigation to a minor security issue affecting parameter validation in the API documentation path "/apidocs". We deployed a fix to hide Clickhouse error traces from the API output for improved security. We also carried out some tests to compress ooniprobe binaries using UPX. We updated the fastpath pipeline ( https://github.com/ooni/pipeline/pull/401) to support the updated version of the Signal test. *## OONI Test Lists Editor* Following the backend changes to authentication, the cookie based authentication was replaced by a Bearer Token one in the Test Lists Editor: https://github.com/ooni/test-lists-ui/pull/68 *## Automating censorship detection and characterization based on OONI measurements* We created a new data analysis tool (https://github.com/ooni/data) for exposing anomaly details of website measurements and characterizing website blocking. Some of the building blocks for designing this tool were previously applied in practice as part of our investigation into emergent website blocks in Russia ( https://ooni.org/post/2022-russia-blocks-amid-ru-ua-conflict/) where we were able to characterize the blocking methods across ISPs ( https://ooni.org/post/2022-russia-blocks-amid-ru-ua-conflict/#blocked-websi… ). The high level architecture ( https://github.com/ooni/data#architecture-overview) of this new data analysis tool is that of transforming the raw network measurements coming from OONI Probes into normalized and post-processed “Observations” ( https://github.com/ooni/data#observation-generation) These Observations are “time stamped” statements about some network condition that was observed by a particular vantage point. These observations are then in turn post-processed to generate what we call an “Experiment result” ( https://github.com/ooni/data#experimentresult-generation) which attributes to a set of observations from an individual test run a series of outcomes with an associated level of confidence. In order to reach a design that would be flexible enough to be expanded, but also performant enough to run in a reasonable amount of time, we implemented several prototype iterations of this design ( https://github.com/ooni/data/pull/15) Throughout the process we carried out benchmarks of key components to identify any performance bottlenecks, working to resolve them (https://github.com/ooni/data/issues/4) The last iteration (https://github.com/ooni/data/pull/17) based on some cursory benchmarks (https://github.com/ooni/data/pull/17#issue-1452100512) should be able to generate observations from raw OONI measurements in less than a week and re-generate all experiment results in about a day, running on a single machine. Through this data analysis tool (which anyone can run on their own computer pointing it at the raw public OONI dataset: https://github.com/ooni/data#developer-setup) it’s possible to gain a much deeper understanding about the root cause of a blocking event, and to carry out more advanced research that might not be captured by the existing analysis. The new design is an important shift in how we view results from OONI measurements and we are confident that it will allow us to characterize blocks in a much richer way. It also opens the door for empowering researchers to carry out more advanced censorship investigations using our datasets. *## Creating a Social Media Censorship Alert System* To enable human rights defenders to rapidly respond to social media blocks, we aim to create a Social Media Censorship Alert System which allows access to real-time OONI data on the blocking of major social media platforms around the world. In November 2022, we started the initial research process for designing this new platform, which involved experimenting with implementations for social media blocking event detection. Specifically, we experimented with different designs to provide lightweight event detection without impacting the backend infrastructure. As part of this initial experimentation, we applied analysis logic for issuing an “alert” when anomalies are present for selected social media targets (the initial experiment involved Twitter and Facebook). We set the thresholds for issuing “alerts” based on moving averages, as the volume and frequency of relevant measurements varies significantly from ASN to ASN, and country to country over time. Based on our experimentation, we created Jupyter Notebook charts to investigate ways to classify groups of measurements as blocking or unblocking events. *## Social media blocked in Turkey* On 13th November 2022, following the bomb explosion in Istanbul, some ISPs in Turkey blocked access to Twitter, Instagram, Facebook, and YouTube. We responded by sharing real-time OONI data collected from Turkey (along with a MAT chart), documenting the blocks: https://twitter.com/OpenObservatory/status/1591871076677701635 Our tweet was cited in articles published by: * Global Voices: https://globalvoices.org/2022/11/13/turkey-throttles-internet-access-follow… * Coda Story: https://www.codastory.com/newsletters/apple-beijing-turkey-istanbul-blast/#… *## Test list updates* In collaboration with community members, we updated the test list for Kazakhstan (https://github.com/citizenlab/test-lists/pull/1182) We also reviewed and merged updates to the test list for Malaysia ( https://github.com/citizenlab/test-lists/pull/1175) contributed by our partner, Sinar Project. *## Community use of OONI tools and data### OONI censorship measurement campaign during Malaysia’s 2022 general elections* Leading up to and during Malaysia’s 2022 elections, our partner, Sinar Project, coordinated an OONI Probe measurement campaign (using OONI Run widgets for custom testing) to monitor potential censorship events. Information about the censorship measurement campaign, along with OONI Run widgets for relevant testing (including election monitoring and political party websites, among others), was published on their website: https://sinarproject.org/digital-rights/measuring-and-detecting-network-int… Sinar Project also shared relevant OONI Probe testing instructions through this Twitter thread: https://twitter.com/sinarproject/status/1592879196610920448 *### OONI censorship measurement testing during Kazakhstan’s 2022 elections* Leading up to Kazakhstan’s 2022 elections, we collaborated with local groups on creating a custom list of websites that are most relevant to test in Kazakhstan for censorship. To enable the testing of such sites during the elections, we embedded an OONI Run widget (https://github.com/ooni/ooni.org/pull/1304) into our website: https://ooni.org/get-involved/run (the “Kazakhstan (38 URLs)” widget) We shared relevant OONI Probe testing instructions on Twitter: https://twitter.com/OpenObservatory/status/1593988313932828675 We also wrote documentation providing relevant OONI Probe testing instructions for community members in Kazakhstan. *### Global Voices blog post on the blocking of a website that digitizes books in Mexico* Global Voices published a blog post documenting the blocking of a website run by a Mexican collective that digitizes books as a political position. This post cites OONI data on the block. Their blog post is available here: https://globalvoices.org/2022/11/30/mexican-collective-pirating-books-to-ma… *## Community activities### OONI workshop for civil society in Kazakhstan* On 3rd November 2022, OONI’s Elizaveta facilitated an online OONI workshop for civil society groups in Kazakhstan. Information about the workshop is available here: https://www.facebook.com/medianetkaz/posts/pfbid02nhnfrTotir9yaeZA3EJtG64oi… *### OONI presentations at IETF 115* On 8th November 2022, OONI’s Simone presented our censorship measurements in Iran as part of the Internet Architecture Board (IAB) open meeting during IETF 115 (https://www.ietf.org/live/ietf115-iab-open/) His IAB Open presentation can be viewed here: https://www.youtube.com/watch?v=7_G6XVjlun8&t=1730s On 9th November 2022, OONI’s Simone presented our strategies for measuring the blocking and throttling of encrypted protocols (including HTTPS, DNS over HTTPS, and HTTP/3) as part of the Privacy Enhancements and Assessments Research Group (PEARG) meeting during IETF 115 ( https://datatracker.ietf.org/meeting/115/session/pearg) His PEARG presentation can be viewed here: https://www.youtube.com/watch?v=NO3pw3_hees&t=3592s *### OONI workshop for journalists in Central Asia* On 10th November 2022, OONI’s Maria facilitated an online OONI workshop for journalists in Central Asia. *### OONI presentation at State of the Onion 2022* On 16th November 2022, OONI’s Maria presented OONI highlights from 2022, as well as upcoming OONI projects for 2023 as part of the Tor Project’s annual State of the Onion event ( https://blog.torproject.org/state-of-the-onion-2022/) The live-streamed event can be viewed here: https://www.youtube.com/watch?v=O-7k0PjnBbk *### OONI presentation at DataFest 2022* On 17th November 2022, OONI’s Elizaveta presented OONI at DataFest 2022 in Tbilisi (https://www.datafest.ge/schedule) As part of this presentation, Elizaveta explained how journalists can use OONI’s Measurement Aggregation Toolkit (MAT) to investigate internet censorship around the world. *### OONI datathon at DataFest 2022* On 19th November 2022, we facilitated an OONI datathon as part of DataFest 2022 in Tbilisi ((https://www.datafest.ge/datathons) During the OONI datathon, participants worked on analyzing OONI data collected from Russia, Kazakhstan and Uzbekistan to investigate local internet censorship. *### OONI presentation at Internet Without Borders conference* On 18th November 2022, OONI’s Arturo presented censorship measurement findings from Russia as part of the Internet Without Borders conference in Paris ( https://web.archive.org/web/20221101023014/https://internetborders.net/conf… ). *### OONI hackathon at Internet Without Borders conference* On 19th November 2022, we facilitated an OONI hackathon as part of the Internet Without Borders conference in Paris ( https://internetborders.net/ooni-challenge/) During the hackathon, a participant wrote new SMTP(s), IMAP(s) ( https://github.com/ooni/probe-cli/pull/989) and bittorrent experiments ( https://github.com/ooni/probe-cli/pull/986) for OONI Probe! *### OONI workshops in Kyrgyzstan* Between 24th–26th November 2022, OONI’s Elizaveta traveled to Kyrgyzstan to facilitate 5 in-person OONI workshops for local journalists, students and civil society organizations. As part of these workshops, Elizaveta explained how they can use OONI Probe to collect internet measurements and how they can use OONI data to investigate internet censorship. *### OONI workshop in Kazakhstan by Access Now* On 18th November 2022, Access Now organized an offline event for elections observers in Kazakhstan. As part of this event, Anastasia Zhyrmont from Access Now facilitated an OONI workshop and explained how election observers can contribute to collecting internet measurements during the elections. *### OONI Community Meeting* On 29th November 2022, we hosted the monthly OONI Community Meeting on our Slack channel (https://slack.ooni.org/) during which we discussed the following topics: 1) Strategies for monitoring potential social media blocks during Indonesia's 2024 elections. Discussion of how blocks are implemented in Indonesia and improving the data quality of OONI measurements. 2) Requesting feedback on the type of materials that community members would find most useful and would like to see in the upcoming OONI Outreach Kit. *## Userbase* In November 2022, 61,907,164 OONI Probe measurements were collected from 2,851 AS networks in 166 countries around the world. This information can also be found through our measurement stats on OONI Explorer (see chart on “monthly coverage worldwide”): https://explorer.ooni.org/ ~ OONI team.

1 0

OONI Monthly Report: October 2022
by Maria Xynou 11 Jan '23

11 Jan '23

Hello, Happy New Year! We'd like to share updates from the OONI team over the last 3 months. Below I share our October 2022 report, and I'll follow-up to share our November and December 2022 reports. *# OONI Monthly Report: October 2022* Throughout October 2022, the OONI team worked on the following sprints: * Sprint 75 (1st-9th October 2022) * Sprint 76 (10th-23rd October 2022) * Sprint 77 (24th-31st October 2022) Our work can be tracked through the various OONI GitHub repositories: https://github.com/ooni Highlights are shared in this report below. *## New OONI Team member* In October 2022, Kathrin Elmenhorst joined the OONI team! Kathrin will work on improving the data quality of OONI measurements and adding support to OONI Probe for new experiments. *## Launch of Advocacy Assembly OONI training course* On 30th September 2022, Small Media’s Advocacy Assembly launched our online OONI training course ( https://advocacyassembly.org/en/courses/63/#/chapter/1/lesson/1) Following the launch, we published a blog post to share the course with our community: https://ooni.org/post/2022-ooni-training-course-advocacy-assembly/ This 90-minute free, online training course provides a deep-dive into measuring internet censorship with OONI Probe, and using OONI Explorer to access and interpret real-time OONI data collected from around the world. Designed for human rights defenders, activists, journalists, and researchers, the course includes a mix of videos, screencasts, slides, quizzes and hands-on exercises. It also features case study videos from OONI community members, and the course is available in English, Arabic, Spanish, and Farsi. *## OONI Probe Desktop* In October 2022, we released OONI Probe Desktop 3.8.1 ( https://github.com/ooni/probe-desktop/releases/tag/v3.8.1) which was supported by OONI Probe CLI 3.16.4, and which fixed an issue affecting the OONI Probe Signal test. Specifically, Signal changed their root CA, resulting in our Signal test leading to false positives globally. We documented this issue and the fix we implemented in the following ticket: https://github.com/ooni/probe/issues/2344 *## Farsi translation of OONI Probe Mobile and Desktop User Guides* Thanks to our community’s localization efforts, we published a Farsi translation of: * OONI Probe Mobile User Guide: https://ooni.org/fa/support/ooni-probe-mobile * OONI Probe Desktop User Guide: https://ooni.org/fa/support/ooni-probe-desktop *## OONI Run* As part of our work to release an improved version of OONI Run (“OONI Run v2”), we have written a specification describing the new functionality. In October 2022, we updated the specification to include more details about the descriptor format ( https://github.com/ooni/spec/pull/249#issuecomment-1286974194) *## Expanding censorship measurement methodologies* We started moving traffic generated by OONI Probe to a remote host at the TCP/IP level to flexibly implement integration testing in a censored environment. The overall idea has been documented in the following ticket: https://github.com/ooni/probe/issues/2340 The main pull request (https://github.com/ooni/probe-cli/pull/969) includes a fully working prototype. We also merged pull requests that re-introduce the TProxy functionality (https://github.com/ooni/probe-cli/pull/975) and other functionalities (https://github.com/ooni/probe-cli/pull/976) *## OONI Explorer* In October 2022, we continued working on OONI Explorer localization efforts, which involved moving hardcoded text to translation files and uploading them to Transifex in order for translators to fill in missing strings (https://github.com/ooni/explorer/pull/805) We also fixed the text alignment for languages that require RTL support ( https://github.com/ooni/ooni.org/issues/1264, https://github.com/ooni/ooni.org/pull/1269) We continued working on OONI Explorer user accounts and on the user feedback reporting mechanism, which will enable users to login and contribute feedback about each measurement ( https://github.com/ooni/explorer/pull/790) We also worked on the following OONI Explorer improvements: * Build process optimisations that result in smaller Docker image ( https://github.com/ooni/explorer/pull/807) * Replaced Babel with SWC for faster code transpilation ( https://github.com/ooni/explorer/pull/804) * Refactored the MAT filters to virtualize rows which improves the performance and memory usage when we’re showing a big list of rows ( https://github.com/ooni/explorer/pull/809) * Removed unused environment variables to reduce ambiguity ( https://github.com/ooni/explorer/pull/807) * Refactored the OONI Explorer Search page to move the API request from server side to client and improve rendering speed ( https://github.com/ooni/explorer/pull/799) Moreover, we contracted a designer to help us improve the user interface of OONI Explorer pages over the next months. *## OONI Test Lists Editor* Due to the API changes on the backend, code was refactored to only use one endpoint instead of three to retrieve data. These changes contribute to simpler code and improved performance of the Test Lists Editor: https://github.com/ooni/test-lists-ui/pull/67/ *## OONI backend* In October 2022, we worked on the following backend activities: * Made backend adjustments to annotate OONI Probe Signal measurements as “failed” as a temporary solution to an issue ( https://github.com/ooni/pipeline/pull/400) and updated the measurements in the database; * Looking into legacy-probe entry points and worked towards disabling the onion service; * Disabled the MySQL and PostgreSQL interfaces ( https://github.com/ClickHouse/ClickHouse/issues/40994) * Test list API: Added measurement summary statistics in the test list UI/API to enable review (https://github.com/ooni/api/pull/309) and added statistics from measurement feedback; * Backend changes to handle unsupported countries in test lists ( https://github.com/ooni/api/pull/310) * Wrote an internal design document to look into moving away from orchestrate for login/registration and documented the next steps; * Added a probe login metric and implemented other fixes ( https://github.com/ooni/api/pull/311) * Fixed the API aggregation time range (https://github.com/ooni/api/pull/309 ). *# Advancing OONI data analysis* We made progress on our new data analysis tool (https://github.com/ooni/data) through which we aim to automate the detection and characterization of more forms of internet censorship. Specifically, we added support for generating blocking events based on OONI Probe Signal measurements ( https://github.com/ooni/data/pull/10) we introduced a shared data directory for storing assets needed for performing analysis tasks (eg. GeoIP databases and blockpage fingerprints) ( https://github.com/ooni/data/pull/8) and we improved testing and the CLI ( https://github.com/ooni/data/pull/9) *## Published new OONI Code of Conduct* In October 2022, we published a new version of the OONI Code of Conduct (CoC): https://ooni.org/get-involved/code-of-conduct/ To help ensure a safe and inclusive environment for the global OONI community, we created a new Incident Response Committee with the goal of improving OONI’s Code of Conduct (CoC) and addressing any CoC violations when they occur. In collaboration with the Committee and based on community feedback collected from several meetings, we re-wrote and published a new version of OONI’s Code of Conduct (CoC). *## Published a survey to collect community feedback on OONI’s strategic priorities* Leading up to OONI’s 10th Anniversary (5th December 2022), we wanted to collect community feedback to help inform the development of our strategic priorities for the future. As the OONI community has always been at the heart of our work, we consider it essential that community needs continue to inform OONI’s future goals and priorities. We therefore circulated a survey to collect community feedback that can help shape OONI’s strategic priorities for the future. On 20th October 2022, we published a blog post which links to the survey: https://ooni.org/post/2022-survey-ooni-strategic-priorities/ We thank all community members for their valuable feedback! *## Test list updates* In October 2022, we discussed with Netalitica how we can improve our policies for updating test lists, with the goal of improving the quality of measurements and simplifying the workflow of researchers. Specifically, we discussed cases that involve updating URLs to HTTPS, how to handle parked domains or domains that otherwise no longer exist, and about involving researchers in the process of determining which URLs to configure for automated prioritized testing. We reviewed and merged multiple pull requests that involve updates to the Thai test list, contributed by our partner, Thai Netizen Network ( https://ooni.org/partners/thai-netizen-network/) These pull requests are the following: https://github.com/citizenlab/test-lists/pull/1152, https://github.com/citizenlab/test-lists/pull/1169, https://github.com/citizenlab/test-lists/pull/1168, https://github.com/citizenlab/test-lists/pull/1167, https://github.com/citizenlab/test-lists/pull/1166, https://github.com/citizenlab/test-lists/pull/1165. We also reviewed the pull requests contributed (via our Test Lists Editor) by community members for the test lists of France ( https://github.com/citizenlab/test-lists/pull/1125) the Global test list ( https://github.com/citizenlab/test-lists/pull/1162, https://github.com/citizenlab/test-lists/pull/1163) and several other test lists (https://github.com/citizenlab/test-lists/pull/1159) *## OONI citations### Freedom on the Net Report 2022* OONI data (and OONI research reports) are cited in the following Freedom on the Net 2022 ( https://freedomhouse.org/report/freedom-net/2022/countering-authoritarian-o…) country reports: * Iran: https://freedomhouse.org/country/iran/freedom-net/2022 * Myanmar: https://freedomhouse.org/country/myanmar/freedom-net/2022 * Malaysia: https://freedomhouse.org/country/malaysia/freedom-net/2022 * Cuba: https://freedomhouse.org/country/cuba/freedom-net/2022 * Azerbaijan: https://freedomhouse.org/country/azerbaijan/freedom-net/2022 * Colombia: https://freedomhouse.org/country/colombia/freedom-net/2022 * Ethiopia: https://freedomhouse.org/country/ethiopia/freedom-net/2022 * Italy: https://freedomhouse.org/country/italy/freedom-net/2022 * Jordan: https://freedomhouse.org/country/jordan/freedom-net/2022 * Kenya: https://freedomhouse.org/country/kenya/freedom-net/2022 * Saudi Arabia: https://freedomhouse.org/country/saudi-arabia/freedom-net/2022 * Tunisia: https://freedomhouse.org/country/tunisia/freedom-net/2022 * UAE: https://freedomhouse.org/country/united-arab-emirates/freedom-net/2022 * Uzbekistan: https://freedomhouse.org/country/uzbekistan/freedom-net/2022 * Zambia: https://freedomhouse.org/country/zambia/freedom-net/2022 *### Ranking Digital Rights Research Lab* Ranking Digital Rights (RDR) launched a new Research Lab which discusses how researchers can make use of OONI tools and data (among other resources). The RDR Research Lab is available here: https://rankingdigitalrights.org/research-lab/preparing-your-research/ *### Team CommUNITY’s publication* Team CommUNITY published a blog post (“Internet Freedom Tools, Resources & Actions to Support Iran’s Feminist Uprising”) which cites our research report on new blocks that emerged in Iran amid protests ( https://ooni.org/post/2022-iran-blocks-social-media-mahsa-amini-protests/) Team CommUNITY’s blog post is available here: https://www.digitalrights.community/blog/tools-resources-actions-to-support… *## Community activities### OTF Shutdown Getdown Event* Between 12th-14th October 2022, OONI’s Maria and Arturo traveled to Oxford to attend the OTF Shutdown Getdown event. This 3-day event brought internet measurement projects together to share skills and knowledge around measuring internet censorship and shutdowns. As part of our participation at this event, we: * Presented OONI as part of a lightning talk; * Facilitated a workshop to collect community feedback on OONI’s Measurement Aggregation Toolkit (MAT); * Facilitated a workshop to brainstorm on methods for measuring throttling; * Co-facilitated a workshop with M-Lab which aimed to introduce participants to the various measurement datasets available for investigating different aspects of internet shutdowns. *### OONI Community Meeting* On 25th October 2022, we hosted the monthly OONI Community Meeting on our Slack channel (https://slack.ooni.org/) during which we discussed the following topics: 1) Feature request: Adding support to the MAT for filtering measurements based on multiple domains 2) Upcoming 10th OONI Anniversary: Community survey and feedback for related activities 3) Test lists updates and re-thinking the test lists *### RIPE85* On 27th October 2022, OONI’s Arturo presented our research on measuring the blocking of encrypted DNS services (and how this experiment is now part of OONI Probe) at RIPE85: https://ripe85.ripe.net/ *## Userbase* In October 2022, 66,272,107 OONI Probe measurements were collected from 2,797 AS networks in 169 countries around the world. This information can also be found through our measurement stats on OONI Explorer (see chart on “monthly coverage worldwide”): https://explorer.ooni.org/ ~ OONI team.

1 0

Joydeep's Monthly Status Report for December 2022
by Joydeep Sen Gupta 07 Jan '23

07 Jan '23

Hello everyone! :) Here are my updates from December. I resolved 1120 tickets via email and 203 tickets on our telegram/signal user support channel. With Tor Browser 12 release, I, along with @nina13, finished reviewing and updating[1] all of our internal support documentation, including all articles and templates we have on our Request Tracker and cdr.link support channels. I was also involved with some testing before the release. Post-release we got a few reports about false positives with anti-virus software[2] on updating to Tor Browser 12 and issue with rearranging bookmarks in Tor Browser with drag and drop not working[3]. All of these issues have been resolved with the 12.0.1 Tor Browser update. We discovered a issue[4] regarding sending emails from our email ticketing system (Request Tracker) but a big shout-out to anarcat and TPA for resolving the issue and also writing a script to resend all the emails from the affected time span. Continuing my work supporting users in Iran[5], I resolved around 180 tickets across our support channels. Now, a quick overview of our user support channels: Timeline: 01 - 31 December 2022 # Frontdesk tickets created: 936 tickets resolved: 1442 Most frequent tickets by numbers: 1. 45 RT Tickets - Private Bridge requests from China[6] 2. 40 RT Tickets - How to use a Tor Bridge in Russia[7] 3. 12 RT Tickets - Anti-virus false positives with Tor Browser 12[2] # Telegram and Signal Support channel (cdr.link) tickets resolved: 751 The most frequent tickets we received have been about: 1. 272 tickets: Circumventing censorship in Russia 2. 173 tickets: Circumventing censorship in Iran 3. 85 tickets: Circumventing censorship in Turkmenistan 4. 16 tickets - Using unlisted obfs4 bridges in China # Tor Forum Most popular topics in the Support category (in terms of number of views): 1. "Image load error (HTTP/2 403 Forbidden) on some websites (with Tor Browser)" [8] 2. "Newbie: snowflake abuse by local government?"[9] 3. "Websites blocking Tor"[10] 4. "Unable to run Tor Browser 12 for Linux after updating"[11] 5. "Problems with mega.nz (post Tor Browser 12 update)"[12] Thanks, -- Joydeep [1]: https://gitlab.torproject.org/tpo/community/support/-/issues/40096#note_286… [2]: https://forum.torproject.net/t/norton-360-antivirus-now-considers-tor-brows… [3]: https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/41520 [4]: https://gitlab.torproject.org/tpo/tpa/team/-/issues/41016 [5]: https://forum.torproject.net/t/iran-circumventing-censorship-with-tor/4590 [6]: https://support.torproject.org/censorship/connecting-from-china/ [7]: https://forum.torproject.net/t/tor-blocked-in-russia-how-to-circumvent-cens… [8]: https://forum.torproject.net/t/image-load-error-http-2-403-forbidden-on-som… [9]: https://forum.torproject.net/t/newbie-snowflake-abuse-by-local-government/5… [10]: https://forum.torproject.net/t/websites-blocking-tor/6095/ [11]: https://forum.torproject.net/t/unable-to-run-tor-browser-12-for-linux-after… [12]: https://forum.torproject.net/t/problems-with-mega-nz/5961/

1 0

Marcos monthly status report, December 2022
by msim 07 Jan '23

07 Jan '23

Hi all :) Here's my monthly status report for December 2022 This month was effectively purely focused on Windows WebRTC things. Since Mozilla doesn't support building with mingw on a windows host, this turned out to be a very deep rabbit hole of many different possible approaches. At the beginning of the month, I did some work on my build merge request [1], but then I decided to focus on getting windows builds working, since that was my goal for this month, and also no major releases were happening that would've included the WebRTC build MR. I first tried testing out of a linux host using wine, but that very quickly fell apart, and I have little experience with wine so I decided to not pursue that any further. The first part of getting Windows host builds working was setting up a development environment. I first tried building on a linux host, copying the artefacts to a windows machine, and trying to test from there, but this didn't work, for reasons which I cant remember. However since then, I've done a lot of dev environment set up, so this may potentially be a viable approach again. The next approach I tried was building in WSL, and testing straight out of a WSL shell. I decided to do this as I was most familiar with linux environments, and WSL allows windows executables to run, which wouldn't run under wine when I tested from linux. This again failed, but this time it was because certutil.exe would fail first due to missing dlls, which was fixed very quickly, but then with `CKR_GENERAL_ERROR`, which is incredibly vague. After trying to investigate this, I deemed this approach non viable, as there were hundreds of potential code paths that could trigger this error. WSL failing, I tried to build the recommended way from firefox (except using MinGW instead of MSVC), which as I suspected before, failed again. Numerous weird issues were encountered here, such as the build system not being able to find simple tools that would normally be found when I would build with MSVC, but didn't belong to MSVC or MinGW (such as rm, tar, awk, etc) That being said, while this approach currently is far behind the WSL approach (WSL can build it, but fails to test. This approach doesn't build, yet), I'm hoping it will work out better since there won't be any cross platform weirdness that might be breaking anything. Currently this approach is failing due to various weird errors that seem to be from mach assuming I'm building from a unix like host, and not windows, but as far as I can tell these assumptions should be OK since the build happens in an MSys2 environment. The near future is focussed on getting windows builds happening, which I was hoping to have finished by the end of December but couldn't due to numerous unexpected issues. The plan for next steps as discussed with Richard is to try and get a build running with MSVC and then swap out the toolchain, and if that fails, I'll try the first approach again, but using artefacts out of tor browser build. Best, Marco [1]: https://gitlab.torproject.org/tpo/applications/tor-browser/-/merge_requests…

1 0

Nina's Monthly status report for December'22
by Nina 05 Jan '23

05 Jan '23

Hi! This is my status report for December 2022. This month, I successfully resolved 799 tickets. On Telegram (@TorProjectSupportBot) - 544 On RT (frontdesk@tpo) - 235 In December 2022, most of the requests (more than 300) came from Russia; however, there is a growing number of tickets from Turkmenistan (around 50) where Tor Browser and Orbot are the popular ways of censorship circumvention. And I also helped users from Iran and China. My focus was as usual on censorship circumvention; however, there are more questions about Tor Expert Bundle[1], I also help to navigate through the various tor-based apps and help choose the best fit for the user. In December, the Tor Project Applications team released a new version - Tor Browser 12[2], so I took part in testing it and communicating with users about its features. Before TB 12 was released, @championquizzer and I finished reviewing all the Tor user support templates. We fixed outdated information and edited templates according to the new TB release. I also helped in resolving an issue with RT [3]. [1] https://www.torproject.org/download/tor/ [2] https://blog.torproject.org/new-release-tor-browser-120/ [3] https://gitlab.torproject.org/tpo/tpa/team/-/issues/41016#note_2865428

1 0

HackerNCoder's Monthly Status Report, December 2022
by HackerNCoder 05 Jan '23

05 Jan '23

Hello! Here is what I have been working on for December 2022. Pretty much all of my time has been spent working on ooni-exporter[1], which takes data from ooni and exports it for prometheus. With some time spent looking into making an arti-based program for testing obfs4 reachability. [1] https://gitlab.torproject.org/hackerncoder/ooni-exporter -- HackerNCoder https://www.encryptionin.space Translating queer games at https://queerscriptors.org

1 0

PieroV's Monthly Status Report, December 2022
by Pier Angelo Vendrame 04 Jan '23

04 Jan '23

Hi everyone! Here is my status report for December 2022. At the beginning of the month, we of the application team released Tor Browser 12.0 stable. So, in the first week, I worked on some last-minute changes (such as some migration code to remove old language packs [0]), and I helped to release the 12.0. Then, I started migrating the remaining torbutton code from its dedicated repository to tor-browser.git [1]. We plan to refactor all this code and to better integrate it with the rest of the patch set. And we started with the localization files: previously, we kept them in torbutton.git, and we ran a script to update them at each release. Now, we keep only English in tor-browser.git, and the rest of the files are injected during the build. As a result, nightly builds will always have the latest and most updated translations [2]. While doing these changes, we also cleaned unused strings [3] and migrated the localization files from Transifex to Weblate, and I helped emmapeel with this. Another task I worked on was improving the patch that makes Tor Browser portable. In particular, my previous refactor of this patch still deleted some code that could be helpful when the standalone mode was not enabled. Some users asked us to improve this patch long ago [4]. Then, I wrote a patch for our toolchain to make it able to build the WASI sandbox and include it in Tor Browser [5]. The patch is still under review, so it was not included in 12.5a1. Finally, I helped prepare and build the first alpha from the 12.5 series. Best, Pier [0] https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/41435 [1] https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/41478 [2] https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/issues/4… [3] https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/41375 [4] https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/20497 [5] https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/issues/4…

1 0

Rhatto's Monthly Status Report, December 2022
by rhatto 04 Jan '23

04 Jan '23

Hi all :) This is my monthly status report for December 2022 with the main activities I have done during the period. ## 0. Planning Helped with team planning regarding upcoming Onion Service work. Part of this is already available at The Onion Plan: https://tpo.pages.torproject.net/onion-services/onionplan ## 1. Onion MkDocs Created Onion MkDocs, a template for Tor documentation: * https://rhatto.pages.torproject.net/onion-mkdocs * https://gitlab.torproject.org/rhatto/onion-mkdocs ## 2. EOTK Log Parser Improved scripts to fetch logs from S3 buckets at the EOTK Log Parser, a tool/library to parse anonymized NGINX access logs from EOTK instances: https://gitlab.torproject.org/tpo/onion-services/eotk-log-parser ## 3. Sponsor 123 I've also done the regular Sponsor 123 deployments, monitoring, maintenance and development. -- Silvio Rhatto pronouns he/him

1 0

Cecylia's monthly status report, December 2022
by Cecylia Bocovich 02 Jan '23

02 Jan '23

Hi everyone, This is my status report for contract work done in December 2022. # Conjure Development * debugged issues with domain front * tested out desktop and debugged android builds of the Tor Browser integration # Snowflake web extension * review and merge volunteer contributions Cecylia

1 0

Anti-censorship team meeting notes, 2022-12-22
by meskio 22 Dec '22

22 Dec '22

Hey everyone! Here is our meeting log: http://meetbot.debian.net/tor-meeting/2022/tor-meeting.2022-12-22-15.57.html And our meeting pad: Anti-censorship team meeting pad -------------------------------- Next meeting: Thursday, January 12 16:00 UTC Weekly meetings, every Thursday at 16:00 UTC, in #tor-meeting at OFTC (channel is logged while meetings are in progress) == Goal of this meeting == Weekly check-in about the status of anti-censorship work at Tor. Coordinate collaboration between people/teams on anti-censorship at the Tor Project and Tor community. == Links to Useful documents == * Our anti-censorship roadmap: * Roadmap: https://gitlab.torproject.org/groups/tpo/anti-censorship/-/boards * The anti-censorship team's wiki page: * https://gitlab.torproject.org/tpo/anti-censorship/team/-/wikis/home * Past meeting notes can be found at: * https://lists.torproject.org/pipermail/tor-project/ * Tickets that need reviews: from sponsors, we are working on: * All needs review tickets: * https://gitlab.torproject.org/groups/tpo/anti-censorship/-/merge_requests?s… * Sponsor 28 * must-do tickets: https://gitlab.torproject.org/groups/tpo/-/milestones/10 * possible tickets: https://gitlab.torproject.org/groups/tpo/-/issues?scope=all&utf8=%E2%9C%93&… * Sponsor 96 * https://gitlab.torproject.org/groups/tpo/-/milestones/24 == Announcements == * No meetings December 29 neither January 5. We'll be AFK Dec 22 - Jan 7 == Discussion == * == Actions == * == Interesting links == == Reading group == * We will discuss "" on * * Questions to ask and goals to have: * What aspects of the paper are questionable? * Are there immediate actions we can take based on this work? * Are there long-term actions we can take based on this work? * Is there future work that we want to call out in hopes that others will pick it up? == Updates == Name: This week: - What you worked on this week. Next week: - What you are planning to work on next week. Help with: - Something you need help with. cecylia (cohosh): last updated 2022-11-24 Last week: - wrote a fix to make go fmt CI more verbose (snowflake!122) This week: - continue work on conjure client - more work on reputation-based bridge dist - fixup snowflake!108 Needs help with: dcf: 2022-12-14 Last week: - snowflake CDN bookkeeping https://gitlab.torproject.org/tpo/anti-censorship/team/-/wikis/Snowflake-co… Next week: - make obfs4 distinguishability reports public - https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/obfs… - https://gitlab.torproject.org/tpo/anti-censorship/team/-/issues/91 - migrate goptlib to gitlab https://gitlab.torproject.org/tpo/anti-censorship/team/-/issues/86#note_282… - try Conjure PT development version https://forum.torproject.net/t/tor-dev-introducing-a-conjure-pt-for-tor/4429 Help with: meskio: 2022-12-22 Last week: - poke outdated bridge operators (obfs4#40008) - fix onionsproutsbot bug with journald (onionsproutsbot#47) - Circumvention Settings recommends obfs4 bridges in Russia (rdsys-admin!11) - Investigate broken descriptors (bridgedb-admin#4) Next week/after holidays: - add localization support to rdsys (rdsys#11) - publish obfs4 deofuscation bugs Shelikhoo: 2022-12-08 Last Week: - [Merge Request Awaiting] Add SOCKS5 forward proxy support to snowflake (snowflake!64) - [Discussion & Deployment] Rollout of Distributed Snowflake Support - [Coding & Deployment] Proposal: Centralized Probe Result Collector (anti-censorship/team#54) - [Research] HTTPT Planning https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/http… - [Merge Request] Update to support chunked upload of probe log(https://gitlab.torproject.org/tpo/anti-censorship/connectivity-measurem… - [Merge Request] Add Resumable Upload to Log Collector (https://gitlab.torproject.org/tpo/anti-censorship/connectivity-measurement/…) Next Week: - [Research] WebTunnel planning (Continue) Itchy Onion: 2022-12-15 Last week: - worked on RACE performance issue - [Merge Request Done] "Abbreviate `ice` list in bridge lines" - reviewed some MRs This week: - Work on the RACE performance issue - [Merge Request Done] Fix duplicate snowflake server flag - Work on adding Outbound address option to snwoflake server hackerncoder: 2022-12-22 last week: - getting ooni-exporter setup on a personal server - worked on ooni-exporter https://gitlab.torproject.org/hackerncoder/ooni-exporter Next week/after holiday: - figure out what makes ooni-exporter put all reports from a country in either success or failure - getting ooni-exporter to work with torsf (snowflake) - work on monitoring bridges health cece: 2022-12-22 This week: - working on creating a dummy WhatsApp bot Next week: - My bot is not yet working as expected s still trying to figure that out Help with: - resources -- meskio | https://meskio.net/ -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- My contact info: https://meskio.net/crypto.txt -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Nos vamos a Croatan.

1 0