- tor-project - lists.torproject.org

Anti-censorship team meeting notes, 2022-12-01
by meskio 01 Dec '22

01 Dec '22

Hey everyone! Here are our meeting logs: http://meetbot.debian.net/tor-meeting/2022/tor-meeting.2022-12-01-15.58.html And our meeting pad: Anti-censorship work meeting pad -------------------------------- Next meeting: Thursday Dec 08 16:00 UTC Weekly meetings, every Thursday at 16:00 UTC, in #tor-meeting at OFTC (channel is logged while meetings are in progress) == Goal of this meeting == Weekly check-in about the status of anti-censorship work at Tor. Coordinate collaboration between people/teams on anti-censorship at the Tor Project and Tor community. == Links to Useful documents == * Our anti-censorship roadmap: * Roadmap: https://gitlab.torproject.org/groups/tpo/anti-censorship/-/boards * The anti-censorship team's wiki page: * https://gitlab.torproject.org/tpo/anti-censorship/team/-/wikis/home * Past meeting notes can be found at: * https://lists.torproject.org/pipermail/tor-project/ * Tickets that need reviews: from sponsors we are working on: * All needs review tickets: * https://gitlab.torproject.org/groups/tpo/anti-censorship/-/merge_requests?s… * Sponsor 28 * must-do tickets: https://gitlab.torproject.org/groups/tpo/-/milestones/10 * possible tickets: https://gitlab.torproject.org/groups/tpo/-/issues?scope=all&utf8=%E2%9C%93&… * Sponsor 96 * https://gitlab.torproject.org/groups/tpo/-/milestones/24 == Announcements == * == Discussion == * Tor Browser multi-locale * TB 12.0 bundles all locales in the installer, this affect gettor * the release will happen early next week * Reported as offline in metrics, some bridges are online and running https://gitlab.torproject.org/tpo/anti-censorship/team/-/issues/112 * they miss the 'running' flag, something is happening in the bridge authority * (Re)license webtunnel as MIT license: https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/webt… * we all agree MIT is a good license of this project * webtunnel is waiting for review from the application team to be included in TB alpha * https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/merge_re… * we'll need small changes in the UI so users can request webtunnel bridges or use the default ones == Actions == == Interesting links == * == Reading group == * We will discuss "Measuring DoT/DoH Blocking Using OONI Probe: a Preliminary Study" on Dec 1 * https://www.ndss-symposium.org/ndss-paper/auto-draft-123/ * https://www.ndss-symposium.org/wp-content/uploads/dnspriv21-02-paper.pdf * Questions to ask and goals to have: * What aspects of the paper are questionable? * Are there immediate actions we can take based on this work? * Are there long-term actions we can take based on this work? * Is there future work that we want to call out in hopes that others will pick it up? == Updates == Name: This week: - What you worked on this week. Next week: - What you are planning to work on next week. Help with: - Something you need help with. cecylia (cohosh): last updated 2022-11-24 Last week: - wrote a fix to make go fmt CI more verbose (snowflake!122) This week: - continue work on conjure client - more work on reputation-based bridge dist - fixup snowflake!108 Needs help with: dcf: 2022-12-01 Last week: Next week: - disable non-WireGuard SSH access to snowflake-02 https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… - migrate goptlib to gitlab https://gitlab.torproject.org/tpo/anti-censorship/team/-/issues/86#note_282… - try Conjure PT development version https://forum.torproject.net/t/tor-dev-introducing-a-conjure-pt-for-tor/4429 - document recent performance optimizations in Snowflake bridge installation guide - make the number of KCP state machines a command-line option https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… Help with: - review of remaining snowflake-server performance improvements - https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… - https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… meskio: 2022-12-01 Last week: - investigate gettor freeze (rdssy#129) - add support for multi-locale Tor Browser in gettor (rdsys#136) - check the number of migrated bridges to the new obfs4 - upload a new version of snowlfake proxy docker image - document the use of ephemeral ports on the docker image (docker-snowflake-proxy!7) - review uTLS fix (snowflake!124) Next week: - add localization support to rdsys Shelikhoo: 2022-12-01 Last Week: - [Merge Request Awaiting] Add SOCKS5 forward proxy support to snowflake (snowflake!64) - [Discussion & Deployment] Rollout of Distributed Snowflake Support - [Coding & Deployment] Proposal: Centralized Probe Result Collector (anti-censorship/team#54) - [Research] HTTPT Planning https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/http… - [Merge Request] Get Webtunnel to build together with tor browser (Continue) - [Merge Request] fix "utls RoundTripper does not work when it is supposed to use HTTP/1" Next Week: - [Research] WebTunnel planning (Continue) - [Coding] More Reliable Raw Log Upload For log collector Itchy Onion: 2022-11-24 Last week: - continue working on snowflake in RACE; it passes one of the integration tests, but fails the second one with heavier load - worked on "Abbreviate `ice` list in bridge lines" (interruptted by RACE test results) This week: - continue working on snowflake in RACE; trying to cut down the number of times snowflake peers establish connection bc it's expensive (right now multiple connections are needed for messages between the same hosts) - review some MRs -- meskio | https://meskio.net/ -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- My contact info: https://meskio.net/crypto.txt -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Nos vamos a Croatan.

1 0

PieroV's Monthly Status Report, November 2022
by Pier Angelo Vendrame 01 Dec '22

01 Dec '22

Hi everyone! Here is my status report for November 2022. At the beginning of the month, I attended the Reproducible Build 2022 Summit in Venice [0]. I discovered a lot of new stuff there, and hopefully, we might apply some to Tor Browser, too. Then, for the rest of the month, I mostly worked on refinements to Tor Browser 12.0 series. One of the most important features I have worked on is improving the experience with the multi-lingual builds. For example, I have implemented a notification to explain to the user why Tor Browser chose that language, with a button to go directly to the language preferences [1]. I have also fixed a few bugs introduced by the tor-launcher refactor [2][3]. I also managed to get yet another patch upstreamed to Firefox [4]. I had another important task, too: reviewing the profile files with our custom Firefox configuration [5]. I removed some old settings, added new ones, and tried to add missing links to our bug tracker for the ones that we already had. I hope this will help us with future documentation and review work. Finally, I helped to prepare some releases and to verify the reproducibility of the ones we released. We should be very close to 12.0 becoming stable: we are very excited about it, and we would love to get any feedback. So, please, consider downloading [6] the fifth alpha of 12.0 (we are publishing it later today) and giving it a test ride 😄️. Thank you very much, Pier [0] https://reproducible-builds.org/events/venice2022/ [1] https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/41378 [2] https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/41436 [3] https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/41429 [4] https://phabricator.services.mozilla.com/D161264 [5] https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/40783 [6] https://www.torproject.org/download/alpha/

1 0

Anti-censorship team meeting notes, 2022-11-24
by Shelikhoo 24 Nov '22

24 Nov '22

Hey everyone! Here are our meeting logs: http://meetbot.debian.net/tor-meeting/2022/tor-meeting.2022-11-24-15.58.html <http://meetbot.debian.net/tor-meeting/2022/tor-meeting.2022-03-31-15.59.html> And our meeting pad: Anti-censorship work meeting pad -------------------------------- Next meeting: Thursday Dec 01 16:00 UTC Weekly meetings, every Thursday at 16:00 UTC, in #tor-meeting at OFTC (channel is logged while meetings are in progress) == Goal of this meeting == Weekly check-in about the status of anti-censorship work at Tor. Coordinate collaboration between people/teams on anti-censorship at the Tor Project and Tor community. == Links to Useful documents == * Our anti-censorship roadmap: * Roadmap: https://gitlab.torproject.org/groups/tpo/anti-censorship/-/boards * The anti-censorship team's wiki page: * https://gitlab.torproject.org/tpo/anti-censorship/team/-/wikis/home * Past meeting notes can be found at: * https://lists.torproject.org/pipermail/tor-project/ * Tickets that need reviews: from sponsors we are working on: * All needs review tickets: * https://gitlab.torproject.org/groups/tpo/anti-censorship/-/merge_requests?s… * Sponsor 28 * must-do tickets: https://gitlab.torproject.org/groups/tpo/-/milestones/10 * possible tickets: https://gitlab.torproject.org/groups/tpo/-/issues?scope=all&utf8=%E2%9C%93&… * Sponsor 96 * https://gitlab.torproject.org/groups/tpo/-/milestones/24 == Announcements == * == Discussion == (OLD) * security policy * https://gitlab.torproject.org/tpo/core/team/-/wikis/NetworkTeam/SecurityPol… * we are working on a project wide security policy on how to handle security issues * the starting point is the NetworkTeam security policy, and from ACT we'll try to propose changes to addapt it to our needs. * domain fronting deprecation in azure * https://gitlab.torproject.org/tpo/anti-censorship/team/-/issues/33#note_285… * azure is going to block all domain front traffic after Nov 8 2023 * we only use it for meek * we'll discuss 6 months before the block if we can deprecate meek or need to find an alternative (NEW) [We exchanged the current progress and difficulty. The meeting summarily closed.] == Actions == == Interesting links == * https://news.ycombinator.com/item?id=33573477 * "It's been many years, and I am still angry and disappointed by Cloudflare's decision to block domain fronting and drop Lantern as a customer..." * https://github.com/aleixrodriala/wa-tunnel * HTTP Tunneling through WhatsApp == Reading group == * We will discuss "Measuring DoT/DoH Blocking Using OONI Probe: a Preliminary Study" on Dec 1 * https://www.ndss-symposium.org/ndss-paper/auto-draft-123/ * https://www.ndss-symposium.org/wp-content/uploads/dnspriv21-02-paper.pdf * Questions to ask and goals to have: * What aspects of the paper are questionable? * Are there immediate actions we can take based on this work? * Are there long-term actions we can take based on this work? * Is there future work that we want to call out in hopes that others will pick it up? == Updates == Name: This week: - What you worked on this week. Next week: - What you are planning to work on next week. Help with: - Something you need help with. cecylia (cohosh): last updated 2022-11-24 Last week: - wrote a fix to make go fmt CI more verbose (snowflake!122) This week: - continue work on conjure client - more work on reputation-based bridge dist - fixup snowflake!108 Needs help with: dcf: 2022-11-23 Last week: - reviewed merge request to make `go fmt` errors in CI more obvious https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… Next week: - disable non-WireGuard SSH access to snowflake-02 https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… - migrate goptlib to gitlab https://gitlab.torproject.org/tpo/anti-censorship/team/-/issues/86#note_282… - try Conjure PT development version https://forum.torproject.net/t/tor-dev-introducing-a-conjure-pt-for-tor/4429 - document recent performance optimizations in Snowflake bridge installation guide - make the number of KCP state machines a command-line option https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… Help with: - review of remaining snowflake-server performance improvements - https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… - https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… meskio: 2022-11-17 Last week: - send a reminderder? to all bridge operators to upgrade obfs4 - fail to deploy a new version of OnionSproutsBot and roll back - investigate gettor freeze (rdsys#129) - update snowflake (2.3.1) package in debian (snowflake#40233) - add circumvention settings for AE (team#106) - many merge requests reviews in rdsys and snowflake - work with TAILS to find a qr code setup that works for them in BridgeDB Next week: - check if we are distributing blocked bridges in moat (rdsys#80) - investigate gettor freeze (rdsys#129) Shelikhoo: 2022-11-24 Last Week: - [Merge Request Awaiting] Add SOCKS5 forward proxy support to snowflake (snowflake!64) - [Discussion & Deployment] Rollout of Distributed Snowflake Support - [Coding & Deployment] Proposal: Centralized Probe Result Collector (anti-censorship/team#54) - [Research] HTTPT Planning https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/http… - [Research] Censorship analysis for UDP traffic between Iran and rest of Internet: 2022 Q4: https://gitlab.torproject.org/tpo/anti-censorship/censorship- analysis/-/issues/40036 - [Merge Request] Add Version Output Support to Snowflake (This also shows utls client hello names) https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… (Continue) - [Coding] Get Webtunnel to build together with tor browser - Reviewed a lot of merge requests Next Week: - [Research] WebTunnel planning (Continue) - [Research] Fix vantage point summary upload in China - [Coding] Get Webtunnel to build together with tor browser(Continue) - [Coding] fix "utls RoundTripper does not work when it is supposed to use HTTP/1" https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… - Finish all the reviews (cont) Itchy Onion: 2022-11-24 Last week: - continue working on snowflake in RACE; it passes one of the integration tests, but fails the second one with heavier load - worked on "Abbreviate `ice` list in bridge lines" (interruptted by RACE test results) This week: - continue working on snowflake in RACE; trying to cut down the number of times snowflake peers establish connection bc it's expensive (right now multiple connections are needed for messages between the same hosts) - review some MRs

1 0

Tor Browser weekly meeting moved to Tuesday (2022-11-22)
by Richard Pospesel 21 Nov '22

21 Nov '22

Hi everyone, Some of us have some conflicts this week so we'll push the weekly Tor Browser meeting back to the 22nd at 1500 UTC in #tor-meeting on OFTC IRC. best, -Richard

1 1

Community Team monthly report - October 2022
by gus 17 Nov '22

17 Nov '22

# Community Team monthly report - October 2022 ## Localization Emmapeel is working on the migration from the translation service Transifex to Weblate. However, because some translation-sponsored work is ongoing, some projects will still be translated on Transifex until the end of the sponsor contract. You can find the Weblate migration issues in Gitlab: <https://gitlab.torproject.org/tpo/community/l10n/-/issues/?label_name%5B%5D…>. Translations stats (October 2022): - new strings translated: 13959 - strings reviewed: 8944 - edited strings: 16362 ## User support and documentation In October, the Community team dedicated a lot of time and resources on helping users from Iran and providing user feedback to the Anti-censorship Team. The main issue was snowflake block in Iran: - <https://gitlab.torproject.org/tpo/anti-censorship/team/-/issues/96> - <https://github.com/net4people/bbs/issues/131> - <https://github.com/guardianproject/orbot/issues/742> And as part of Sponsor96, we suggested a small change on Circumvention map API for China and Hong Kong Tor Browser users: <https://gitlab.torproject.org/tpo/anti-censorship/team/-/issues/99>. Frontdesk (email) - Tickets: open: 50, resolved: 766. Telegram and Signal Support channel (cdr.link) - Tickets resolved: 1475. For in depth report about Tor user support, please read Nina and Joydeep monthly reports: - https://forum.torproject.net/t/tor-project-joydeeps-monthly-status-report-f… - https://forum.torproject.net/t/tor-project-ninas-monthly-status-report-for-… Tor Browser manual got two new documentation resources: 1. How to use @GetBridgesBot on Telegram: <https://tb-manual.torproject.org/bridges>. 2. How to get help from the Tor Project: <https://tb-manual.torproject.org/support>. ## Onion Services For Sponsor123, Rhatto and Raya worked on deploying new onion services and landing pages. Number of Onion Services deployed: 18 (deployment initiated on October but finished only on early November). Number of Onionlaunchpad deployed: 5 landing pages with 2 mirrors each. Read more about the Onion Services deployment on Rhatto's monthly report: <https://lists.torproject.org/pipermail/tor-project/2022-November/003492.html>. For the 2023, Rhatto started the planning and discussion with the Onion Plan: <https://gitlab.torproject.org/tpo/onion-services/onion-support/-/wikis/Docu…>. ## Relay operators community This month we kicked-off a new sponsored project with the Network Health team: <https://gitlab.torproject.org/groups/tpo/-/milestones/44#tab-issues>. The main goal is to improve the network health, by building a trusted operator community and combating malicious relays. The coordination of this work is happening during the Network Health weekly meetings on IRC (#tor-meeting), every Monday at 1600 UTC. Because of all the protests in Iran, we saw a massive increase in the network size of snowflake proxies. Although more snowflake standalone proxies are still needed, in October, we reached a peak of more than 110k snowflake proxies. As part of our outreach campaign, you can download and print your own Snowflake stickers: <https://community.torproject.org/static/images/outreach/print/stickers/snow…>. After a long break, relay operators and the Tor Project met in October during the Tor Relay Operator Meetup. Meetup notes: <https://forum.torproject.net/t/tor-relays-invitation-join-us-tor-relay-oper…>. SR2 Communications wrote a blog post about running Dynamic Tor bridges to help users in censored regions to bypass censorship. Read more: <https://www.sr2.uk/blog/2022/dynamic-bridges/>. ## Trainings and meetups with HRDs As part of the user feedback cycle and digital security training program from Sponsor30, the UX and Community teams are planning Tor trainings in person in the first and second quarter of 2023 (Brasil, Ecuador and Mexico). This plan should be ready at December. We also planned some online Tor trainings for November with local partners in Mexico. ## Outreach - Emmapeel and Joydeep did a AMA with EngageMedia and translators from South East Asia. - This month Raya and Nina worked on Tor materials for keeping users connected during the elections in Kazakhstan #KeepItOn: <https://gitlab.torproject.org/tpo/onion-services/onion-support/-/issues/155>. - Tor Localization hangout with emmapeel and translators. - Raya talked about Onion Services and censorship resistance at EBU's Media Cybersecurity Seminar: <https://twitter.com/torproject/status/1582763907520733184>. - Giorgio Maone talked about Tor at Linux Day 2022 in Palermo, Italy <https://twitter.com/ma1/status/1583876964233801729>. - Cooper from EFF wrote an article about Snowflake: <https://www.eff.org/deeplinks/2022/10/snowflake-makes-it-easy-anyone-fight-…>. - Isabela attended Wired Next Fest 2022 (Italia) <https://twitter.com/torproject/status/1578760916773982208>. - Many articles on press about Tor Snowflake (in German): <https://netzpolitik.org/2022/irgendwas-mit-internet-foerdert-endlich-anti-z…> <https://www.heise.de/hintergrund/Internetsperren-im-Iran-So-leisten-Sie-mit…> ### Coming up next - November 18th - Tor Localization Hangout <https://blog.torproject.org/event/2022-11-18-l10n-hangout/> - November 19th @ 19 UTC - Tor Relay Operator Meetup: <https://forum.torproject.net/t/tor-relays-next-tor-relay-operator-november-…> - November 29th - Run Snowflake Proxies and Strengthen Internet Freedom (Workshop) <https://www.digitalrights.community/blog/vpn-village-2022> - (December) (invite only) Tor Meetup with digital security trainers and human rights defenders in Latin America - (December) (invite only) Tor Meetup with digital security trainers and human rights defenders in East Africa -- The Tor Project Community Team Lead

1 0

Tomorrow Friday 18th, Localization hangout!
by emma peel 17 Nov '22

17 Nov '22

Apologies for crossposting Fellow translators: Tomorrow we hangout! ---------------------------------------- Every 3rd Friday of the month the Tor L10n Team meets on the Localization Hangout, from Noon UTC, on the #tor-l10n channel in OFTC and matrix At 13 UTC we make a call on Big Blue Button. Tomorrow we will be testing the new multilocale Tor Browser. That's right: The same app for all locales! The first multi-locale release of Tor Browser Alpha for desktop is out. All supported languages are now included in a single bundle, and can be changed without requiring additional downloads via the Language menu in General settings. Download: https://www.torproject.org/download/alpha/ What to test: * Tor Browser Alpha should default to your system language on first launch if it matches a language we support (list of languages supported: https://support.torproject.org/tbb/tbb-37/ ). * Changing language within about:preferences#general * Any new bugs with localization in general. For more information about the hangout, please see: https://community.torproject.org/localization/hangouts/ Note: Tor Browser Alpha is an unstable version of Tor Browser and should not be used for activities that could put you at risk. Instead, please limit your use of alpha to preview new features, test their performance and provide feedback before their release.

1 0

Open Positions -- Software Developer (C Language) & Director of Strategic Communications
by Erin Wyatt 15 Nov '22

15 Nov '22

Hi everyone! We have two open positions right now, a new Software Developer (C Language) to help the Network Team with Onion Services, and a second call on the Director of Strategic Communications. Job descriptions and instructions on how to apply are available on our website: Software Developer (C Language) <https://www.torproject.org/about/jobs/software-engineer-c-developer/> Director of Strategic Communications <https://www.torproject.org/about/jobs/director-strategic-comm/> Please share these with your networks and help us spread the word. Thank you! :) Best, Erin Wyatt Director of People Operations (she/her) ewyatt(a)torproject.org PGP: 35E7 2A9F 6655 45F9 2CB6 6624 BA0C 9400 F80F 91CE https://www.torproject.org <https://www.torproject.org/> http://2gzyxa5ihm7nsggfxnu52rck2vv4rvmdlkiu3zzui5du4xyclen53wid.onion/

1 0

Tails report for September and October 2022
by intrigeri 14 Nov '22

14 Nov '22

Tails report for September and October 2022 <https://tails.boum.org/news/report_2022_10/> Highlights Here's a glimpse at what happened in Tails in September and October. Analyzing results of usability tests We analyzed the results of the usability tests we did in São Paulo: * first-time use <https-everywhere://lists.autistici.org/message/20221012.181235.a673efeb.en.html> * Tor Connection <https://lists.autistici.org/message/20221012.140611.7e58f067.en.html> Then we prioritized the issues identified there and planned to fix a bunch of them in the next few months. New features Our developers brought 3 major new features to beta quality: * New Persistent Storage, completely redesigned and vastly more usable * Wayland and better Unsafe Browser, for better security in depth and usability * QR code scanning for Tor bridges We will only release these features officially in Tails 5.8 (December 2022), but you cantry them already in Tails 5.8~beta1 <https://tails.boum.org/news/test_5.8-beta1/>! Donation campaign We launched our end-of-year donation campaign. Donations from passionate people like you are our most valuable source of funding because they guarantee our independence. We are a very small nonprofit and our yearly budget is ridiculously small compared to the value of Tails. Donate now <https://tails.boum.org/donate/index.en.html>to fight surveillance and censorship! Releases Tails 5.5 was released on October 17 <https://tails.boum.org/news/version_5.5/index.en.html>, including: * Update/Thunderbird/to102.3.0 <https://www.thunderbird.net/en-US/thunderbird/102.3.0/releasenotes/>. /Thunderbird/102 is a major update withmany changes to the navigation, folder icons, and address book <https://blog.thunderbird.net/2022/06/thunderbird-102-released-a-serious-upg…>. /Thunderbird/102 also includes important usability improvements to the OpenPGP feature. When composing an email, you can now see whether it will be encrypted or not. If encryption is impossible, a key assistant helps you solve key issues. Thunderbird composer window with encryption turned on and notification about a missing key and how to resolve the issue. * Always ask to configure a screen locking password when pressing Ctrl+L and no administration pasword was set. (#19090 <https://gitlab.tails.boum.org/tails/tails/-/issues/19090>) Tails 5.6 was released on October 25 <https://tails.boum.org/news/version_5.6/index.en.html>. Metrics Tails has been started more than 698 160 times in September, and 736 378 times in October. This makes 23 517 boots a day on average.

1 0

Anti-censorship team meeting notes, 2022-11-10
by meskio 10 Nov '22

10 Nov '22

Hey everyone! Here are our meeting logs: http://meetbot.debian.net/tor-meeting/2022/tor-meeting.2022-11-10-15.58.html And our meeting pad: Anti-censorship work meeting pad -------------------------------- Next meeting: Thursday Nov 17 16:00 UTC Weekly meetings, every Thursday at 16:00 UTC, in #tor-meeting at OFTC (channel is logged while meetings are in progress) == Goal of this meeting == Weekly check-in about the status of anti-censorship work at Tor. Coordinate collaboration between people/teams on anti-censorship at the Tor Project and Tor community. == Links to Useful documents == * Our anti-censorship roadmap: * Roadmap: https://gitlab.torproject.org/groups/tpo/anti-censorship/-/boards * The anti-censorship team's wiki page: * https://gitlab.torproject.org/tpo/anti-censorship/team/-/wikis/home * Past meeting notes can be found at: * https://lists.torproject.org/pipermail/tor-project/ * Tickets that need reviews: from sponsors we are working on: * All needs review tickets: * https://gitlab.torproject.org/groups/tpo/anti-censorship/-/merge_requests?s… * Sponsor 28 * must-do tickets: https://gitlab.torproject.org/groups/tpo/-/milestones/10 * possible tickets: https://gitlab.torproject.org/groups/tpo/-/issues?scope=all&utf8=%E2%9C%93&… * Sponsor 96 * https://gitlab.torproject.org/groups/tpo/-/milestones/24 == Announcements == * == Discussion == * spike of obfs4 usage in china * https://metrics.torproject.org/userstats-bridge-combined.html?start=2022-10… * can the change to use obfs4 by default in CN be part of that spike? https://gitlab.torproject.org/tpo/anti-censorship/team/-/issues/99 == Actions == == Interesting links == * Connection throttling in Uzbekistan since 2022-11-04? * https://ntc.party/t/twitter-tik-tok-skype/1122/35 * "we see some kind of bandwith limitations with transfering of big files in MS365 services (for example - letters in outlook without attachments receiving without problems, but if there’s some file attached - time to loading this letter increasing dramatically; same situation with Sharepoint’s instances - data in web-version of Office365 loads correctly and fast, but if we start to use desktop apps (word, excel, PBI, etc.), which retrieving information from MS servers, time to loading increasing dramatically, no matter of file size)." == Reading group == * We will discuss "Measuring DoT/DoH Blocking Using OONI Probe: a Preliminary Study" on Dec 1 * https://www.ndss-symposium.org/ndss-paper/auto-draft-123/ * https://www.ndss-symposium.org/wp-content/uploads/dnspriv21-02-paper.pdf * Questions to ask and goals to have: * What aspects of the paper are questionable? * Are there immediate actions we can take based on this work? * Are there long-term actions we can take based on this work? * Is there future work that we want to call out in hopes that others will pick it up? == Updates == Name: This week: - What you worked on this week. Next week: - What you are planning to work on next week. Help with: - Something you need help with. cecylia (cohosh): last updated 2022-11-10 Last week: - reviewed and merged snowflake-webext!56 - reviewed and merged snowflake-webext!59 - continued work to fix translations - reached out to conjure researchers about scaling issues - started reading up on reputation-based bridge distribution again This week: - website/extension release (blocked on !62) - continue work on conjure client - more work on reputation-based bridge dist Needs help with: dcf: 2022-11-10 Last week: - investigated the cause of last week's ~doubling of snowflake-01 bandwidth; seems to have been the gradual release of a version of Orbot with uTLS support for snowflake https://gitlab.torproject.org/tpo/network-health/metrics/timeline/-/commit/… - helped review styling changes in snowflake webextension https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… - posted guides on how to test the snowflake-02 bridge https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… - more review of the presentation of right-to-left languages in the snowflake webextension https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… - opened an issue for snowflake proxy failing to scrub IPv6 addresses from log when URL-encoded https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… Next week: - disable non-WireGuard SSH access to snowflake-02 https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… - migrate goptlib to gitlab https://gitlab.torproject.org/tpo/anti-censorship/team/-/issues/86#note_282… - try Conjure PT development version https://forum.torproject.net/t/tor-dev-introducing-a-conjure-pt-for-tor/4429 - break up snowflake-server performance improvements into separate merge requests https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… - document recent performance optimizations in Snowflake bridge installation guide Help with: meskio: 2022-11-10 Last week: - obfs4proxy 0.0.14 in Tor Browser - prepare SOTO 2022 presentation - update the list of blocked bridges in RU - change gettor silence alert to 6h - brainstorm on bandwith testing for bridges (onbasca#130) - fix sqlinjections on onionsproutsbot (OnionSproutsBot!22) Next week: - check if we are distributing blocked bridges in moat (rdsys#80) Shelikhoo: 2022-11-10 Last Week: - [Merge Request Awaiting] Add SOCKS5 forward proxy support to snowflake (snowflake!64) - [Discussion & Deployment] Rollout of Distributed Snowflake Support - [Coding & Deployment] Proposal: Centralized Probe Result Collector (anti-censorship/team#54) - [Research] HTTPT Planning https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/http… - [Research] Censorship analysis for UDP traffic between Iran and rest of Internet: 2022 Q4: https://gitlab.torproject.org/tpo/anti-censorship/censorship-analysis/-/iss… (Continue) - [Merge Request] Add Version Output Support to Snowflake(This also shows utls client hello names) https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… - Reviewed a lots of merge request Next Week: - [Research] WebTunnel planning (Continue) - [Research] Fix vantage point summary upload in China - Release new version of Snowflake WebExt - [Research] Censorship analysis for UDP traffic between Iran and rest of Internet: 2022 Q4: https://gitlab.torproject.org/tpo/anti-censorship/censorship-analysis/-/iss… (Continue) - Finish all the reviews Itchy Onion: 2022-11-10 Last week: - Fixed the Rib issue. Now snowflake passes CI tests 100%. - attending (parts of) RACE PI meeting remotely. This week: - some logging improvements https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… - debug RACE tests errors from stress tests -- meskio | https://meskio.net/ -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- My contact info: https://meskio.net/crypto.txt -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Nos vamos a Croatan.

1 0

State of the Onion 2022
by Gaba 08 Nov '22

08 Nov '22

Hi! We're happy to announce that the State of the Onion, a livestream event highlighting updates from onion-world over the last year, is returning this month! This year, we'll State of the Onion will be a two-part event: - Wednesday, Nov 9, State of the Onion: the Tor Project @ 17:00-18:30 UTC: https://www.youtube.com/watch?v=uSyBZ7GIzJY - Wednesday, Nov 16, State of the Onion: the Tor community @ 17:00-18:30 UTC: https://www.youtube.com/watch?v=O-7k0PjnBbk Everyone is invited to hear news, accomplishments, challenges, and next steps of all the Tor Project's teams + Tor community projects during these live events. More information about the Tor Project's event in https://blog.torproject.org/state-of-the-onion-2022/ cheers, gaba -- pronouns she/her/they GPG Fingerprint EE3F DF5C AD91 643C 21BE 8370 180D B06C 59CA BD19

1 0