- tor-project - lists.torproject.org

OONI Monthly Report: July 2022
by Maria Xynou 19 Oct '22

19 Oct '22

Hello, These days we're primarily supported by the DRL, which is why we do quarterly reporting. That said, we'd like to share monthly updates from the OONI team with the community, hence our July 2022 report shared below. I'll also follow-up to share our August and September 2022 reports. *# OONI Monthly Report: July 2022* Throughout July 2022, the OONI team worked on the following sprints: * Sprint 69 (1st-17th July 2022) * Sprint 70 (18th-31st July 2022) Our work can be tracked through the various OONI GitHub repositories: https://github.com/ooni Highlights are shared in this report below. *## Launched new Test Lists Editor* In July 2022, OONI launched a new Test Lists Editor: https://test-lists.ooni.org/ The Test Lists Editor enables the public to review and contribute to the Citizen Lab test lists ( https://github.com/citizenlab/test-lists/tree/master/lists) without a GitHub account. Their contributions automatically end up as pull requests on the Citizen Lab test list repository, which means they'd still be peer-reviewed. We also published a blog post which provides a brief user guide and shares information about the Test Lists Editor: https://ooni.org/post/2022-test-lists-editor/ *## Updated the OONI Data Policy* In preparation for the launch of the new Test Lists Editor ( https://test-lists.ooni.org/) we updated the OONI Data Policy to include a new section ("OONI web services") that mentions that we do not store email addresses (used to send login links for OONI accounts), and which shares the providers (and their data policies) that we use for deploying web services (https://github.com/ooni/ooni.org/pull/1198) The updated OONI Data Policy is available here: https://ooni.org/about/data-policy *## OONI Probe Mobile* In July 2022, we released OONI Probe Mobile 3.7.0 for: * Android: https://github.com/ooni/probe-android/releases/tag/v3.7.0 * iOS: https://github.com/ooni/probe-ios/releases/tag/v3.7.0 This release includes: * New Vanila Tor experiment; * Automated testing of experimental tests; * In-app language selection; * Support for sharing a link to the OONI Probe app; * Measurement engine synced with OONI Probe CLI 3.15.2; * Bug fixes and improvements. While working towards the OONI Probe Mobile 3.7.0 release, we also: * Fixed a bug that prevented the VPN warning from appearing when running an OONI Run link (https://github.com/ooni/probe-ios/pull/496) * Worked towards improving the app performance when loading and showing measurements (https://github.com/ooni/probe/issues/2150) * Fixed a bug that affected storage usage ( https://github.com/ooni/probe/issues/2149) * Worked towards improving the pagination of test results ( https://github.com/ooni/probe/issues/1430) * Updated the measurement-log retention policy ( https://github.com/ooni/probe/issues/2162) * Worked on a prototype of the OONI Probe app using flutter, which will allow us to have a shared codebase between the OONI Probe mobile and desktop apps. *## OONI Run* In an attempt to meet community needs (particularly those of researchers performing custom testing), we designed and implemented a minimal version of the next generation version of OONI Run (“OONI Run v2”) that enables community members to run OONI Run links without backend support ( https://github.com/ooni/probe-cli/pull/844) We made this functionality available to miniooni users with the goal of enabling community members to start experimenting with this new OONI Run version ( https://github.com/ooni/probe/issues/2184) and share feedback which can support further development and design decisions. Based on community requests, we also introduced a command line flag which enables users to repeat a measurement every given number of seconds (until OONI Run v2 has support for repeating the measurement with a schedule): https://github.com/ooni/probe-cli/pull/819 As part of our plan for incrementally releasing a new version of OONI Run ( https://run.ooni.io/) we started updating the specification for the new version of OONI Run based on our experimental miniooni-based deployment ( https://github.com/ooni/spec/pull/249) *## Expanding censorship measurement methodologies* We worked on data quality improvements to OONI measurements. Specifically, we improved the way in which the Web Connectivity test helper works, by using a single, independent HTTP Client per test helper request, to avoid hitting the limit of maximum connections per HTTP Client ( https://github.com/ooni/probe/issues/2182) We supported our Google Summer of Code (GSoC) student in developing a TLS middlebox experiment (https://github.com/ooni/probe-cli/pull/817) and experimented around improving how we perform DNS resolution to enable the opportunistic measurement of DoH endpoints ( https://github.com/ooni/probe-cli/pull/846) We also reviewed the work of an OTF Information Controls Research Fellow that we’re currently hosting ( https://github.com/ooni/minivpn/pull/10, https://github.com/ooni/minivpn/pull/12) *## OONI Explorer* As part of our work on improving OONI Explorer, we worked on: * Adding support for localization (https://github.com/ooni/explorer/pull/705 ); * Implementing domain-centric pages ( https://github.com/ooni/explorer/pull/762) * Maintenance, package upgrades, and fixing security vulnerabilities; * Improving the SEO of the Measurement Aggregation Toolkit (MAT). *## OONI backend* In July 2022, we continued to work on the migration to the Clickhouse database. This involved a series of backend tasks including the testing and switching to more API entry points, numerous configuration changes, and end-to-end testing of the processing of measurements. We fixed various bugs in the fastpath, including the handling of the measurement start time. We worked on the reprocessing of legacy measurements, which involved the deletion of old legacy measurements from the fastpath pipeline table, fixing a bug and adding metrics for the fetching of measurements across API hosts, and improving upon JSONL tables, among many other backend tasks ( https://github.com/ooni/api/pull/297) We improved the API performance by enabling gzip compression of measurements. We created internal dashboards to monitor and test the new ASN-based URL prioritization system (https://github.com/ooni/api/pull/293) We also worked on improvements to the new test helper ( https://github.com/ooni/pipeline/pull/392) and performed security updates to the infrastructure. *## Interviewing Community Coordinator candidates* In July 2022, we carried out and completed the second (and final) round of interviews for the OONI Community Coordinator position ( https://ooni.org/post/2022-job-opening-ooni-community-coordinator/) We were thrilled to have received applications from (and to have the opportunity to meet) many strong candidates. Based on both rounds of interviews, we decided to hire Elizaveta Yachmeneva for the OONI Community Coordinator position (who joined the OONI team in August 2022). *## Test list updates* In July 2022, we updated the test list for the Philippines to include websites that were reportedly blocked ( https://github.com/citizenlab/test-lists/pull/1022) *## New blocks emerged in Indonesia* On 29th July 2022, new blocks emerged in Indonesia. We shared relevant OONI data (and findings) with the #KeepItOn advocacy community. Specifically, the blocked services included: * PayPal: https://explorer.ooni.org/chart/mat?probe_cc=ID&test_name=web_connectivity&… * Yahoo: https://explorer.ooni.org/chart/mat?probe_cc=ID&test_name=web_connectivity&… * Steam: https://explorer.ooni.org/chart/mat?probe_cc=ID&test_name=web_connectivity&… * Origin: https://explorer.ooni.org/chart/mat?probe_cc=ID&test_name=web_connectivity&… * Epic Games: https://explorer.ooni.org/chart/mat?probe_cc=ID&test_name=web_connectivity&… * Dota2: https://explorer.ooni.org/chart/mat?probe_cc=ID&test_name=web_connectivity&… In many of the above cases, we were able to automatically confirm the blocks based on the IP returned from DNS resolution. In other cases, we were able to confirm the blocks because they were implemented through an HTTP middlebox serving a blockpage ( https://explorer.ooni.org/measurement/20220731T055038Z_webconnectivity_ID_4… ). To encourage further testing of the blocked services, we shared an OONI Run link with the #KeepItOn community. *## OONI citations### Digital Defenders Partnership publication* Digital Defenders Partnership published a guide (in Spanish) describing how to document internet blockages and circumvent internet censorship. This publication, which cites OONI and describes OONI tools, is available here: https://www.digitaldefenders.org/wp-content/uploads/2022/09/2207-ISG_final-… *### OPTIMA report on the impact of internet shutdowns on women in Uganda* Sandra Aceng published a research report (as part of Internews’ OPTIMA project) which documents the impact of internet shutdowns on women in Uganda. This study makes use of OONI data collected from Uganda around the country’s 2021 elections. The report is available here: https://preparepreventresist.org/wp-content/uploads/2022/07/Impact-of-Shutd… *## Community activities### OONI training session for journalists in Kenya* On 28th July 2022, OONI’s Maria facilitated an OONI training session for journalists in Kenya. The workshop involved introducing participants to OONI tools and data for investigating internet censorship in Kenya and around the world. *### OONI Community Meeting* On 26th July 2022, we hosted the monthly OONI Community Meeting on our Slack channel (https://slack.ooni.org/) during which we discussed the following topics: 1) Using OONI Explorer to group measurements by region 2) Request for community feedback: Do users want to have the option to delete specific measurements manually or automatically? 3) Request for community feedback on write/erase cycle limits *## Userbase* In July 2022, 47,752,189 OONI Probe measurements were collected from 2,892 ASNs in 167 countries around the world. This information can also be found through our measurement stats on OONI Explorer (see chart on “monthly coverage worldwide”): https://explorer.ooni.org/ ~ OONI team.

1 0

This Friday: Tor Localization Hangout!
by emma peel 19 Oct '22

19 Oct '22

Fellow translators: This Friday we hangout! Every 3rd Friday of the month the Tor L10n Team meets to translate together, share tricks, have fun while translating, meet fellow translators, and more. This Friday we will have a look at the weblate interface, tricks to translate easily, how the glossary works, and any topics you bring as well! More information: https://community.torproject.org/localization/hangouts/

1 0

New Tor t-shirt, canvas tote bag + all donations being matched 1:1
by Al Smith 14 Oct '22

14 Oct '22

Hi Tor people! I’m excited to announce that from now until the end of the year, all donations to the Tor Project <https://torproject.org> (a 501(c)(3) nonprofit) will be matched, 1:1, by Friends of Tor <https://blog.torproject.org/powered-by-privacy> (up to $100,000). That means if you donate $25, it becomes $50, for example.* * This is part of our annual fundraiser <https://blog.torproject.org/powered-by-privacy/>, the time during the year where we raise the important resources needed to power Tor. For your donation, you can receive some pretty great Tor swag: stickers (new designs included!), t-shirts (new!), hoodies, and this year, a new canvas tote bag. You can get one or all of these gifts by making a donation to the Tor Project at https://donate.torproject.org. Thanks for making Tor possible! Other ways to make a gift: * *Can you make a recurring commitment?* Set up a monthly donation <https://torproject.org/donate/donate-bp1-pbp>. * *Do you have a company or organization that uses Tor or believes in Tor?* Become a member <https://torproject.org/about/membership>. * *Does your company match donations made by employees?* Make a donation and file the paperwork with your organization so they match your gift. * *Do you have cryptocurrency to give?* We can accept donations in ten different coins <https://donate.torproject.org/cryptocurrency>. * *None of these options fit? *Spread the word! Cheers, Al -- Al Smith (they/them) Fundraising Director The Tor Project

1 0

Anti-censorship team meeting notes, 2022-10-13
by Shelikhoo 13 Oct '22

13 Oct '22

Hey everyone! Here are our meeting logs: http://meetbot.debian.net/tor-meeting/2022/tor-meeting.2022-10-13-15.58.html <http://meetbot.debian.net/tor-meeting/2022/tor-meeting.2022-03-31-15.59.html> And our meeting pad: Anti-censorship work meeting pad -------------------------------- ------------------------------------------------------------------------------------ THIS IS A PUBLIC PAD ------------------------------------------------------------------------------------ Anti-censorship work meeting pad -------------------------------- Next meeting: Thursday Oct 20 16:00 UTC Weekly meetings, every Thursday at 16:00 UTC, in #tor-meeting at OFTC (channel is logged while meetings are in progress) == Goal of this meeting == Weekly check-in about the status of anti-censorship work at Tor. Coordinate collaboration between people/teams on anti-censorship at the Tor Project and Tor community. == Links to Useful documents == * Our anti-censorship roadmap: * Roadmap: https://gitlab.torproject.org/groups/tpo/anti-censorship/-/boards * The anti-censorship team's wiki page: * https://gitlab.torproject.org/tpo/anti-censorship/team/-/wikis/home * Past meeting notes can be found at: * https://lists.torproject.org/pipermail/tor-project/ * Tickets that need reviews: from sponsors we are working on: * All needs review tickets: * https://gitlab.torproject.org/groups/tpo/anti-censorship/-/merge_requests?s… * Sponsor 28 * must-do tickets: https://gitlab.torproject.org/groups/tpo/-/milestones/10 * possible tickets: https://gitlab.torproject.org/groups/tpo/-/issues?scope=all&utf8=%E2%9C%93&… * Sponsor 96 * https://gitlab.torproject.org/groups/tpo/-/milestones/24 == Announcements == * snowflake-01 transferred 1.17 PB of Tor user data in the six months between 2022-04-08 and 2022-10-08 * users with annotated events https://share.riseup.net/#JWQAl-2UMIyak9FeP6OJ8A * bandwidth https://share.riseup.net/#qpzsTgHxfG0Ar-JrDRfQEg * New release v1.1.3 of uTLS * https://github.com/refraction-networking/utls/releases/tag/v1.1.3 * supports more and more recent TLS parrots * from https://github.com/net4people/bbs/issues/129#issuecomment-1276774330 == Discussion == * Snowflake Enable Distributed Snowflake Support at broker src shell * https://gitlab.torproject.org/tpo/anti-censorship/team/-/issues/95 * old proxies were rejected starting monday of this week * everything seems smooth, we saw a drop in polls as expected, but we still seem to be mostly in capacity and it looks worth it to move forward. * plan to make a community announcement about the rejection of old proxies * Iran: * Anything (resources, work, support) that may be needed to help circumvent censorship in Iran right now? * There are multiple reports of snowflake not working in Iran in some ISPs, but so far we didn't receive a more detailed report. * Should we try out new PTs? dnstt, etc? * Get snowflake in Tor Browser updated to support utls * meskio will explore if orbot has support for uTLS in snowflake or if that could be added to be able to see if uTLS solves the problem of snowflaked * telegram download bot * apart from a minor issue that needed a one-line fix, launch went well * external contributors have also participated * heavy focus on building new features (especially android builds without downloads.json), which in turn either requires a lot of refactoring * lots of issues concerning third-party libraries again, most bug reports/feature requests have been made to upstream developers * logging has been replaced with aiologger to protect the bot from "hugs of death" * aiologger does not show dates in files. hacky solution: obtain the date when methods of the logger are called, maintainers are not very active * we depend on undocumented behavior. After doing research, it seems OK here * are new versions with regressions OK? * translations * a recent change in how exceptions are communicated to the user has pushed the readiness of translations back * will be expanded once development (mostly) stagnates * existing translations will not be touched until that happens * comments are still a TODO * new experimental gettor backend * authored in go, could potentially be merged together with rdsys * makes sharing large files through platforms with download limits under 100 MB (unless if you pay, or not) possible (by splitting them and providing the users with an app to put it back together) * relies on commands like the other gettor implementations * uses mongodb as a backend * android versions work too * currently private * built-in bridgdes vs 'settings' pool: do we need more built-in obfs4 bridges? -------NEW TOPIC BELOW----------- * Release a new version of snowflake webext proxy src shell * loss of bandwidth at snowflake-01 bridge * dynamics are the same as at the time of 2022-10-06 meeting * the cause of the loss of bridge bandwidth is still unknown https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… https://gitlab.torproject.org/tpo/anti-censorship/team/-/issues/96#note_284… * shelikhoo will do a temporary reversion of the broker deployment of 2022-10-03 that rejected old proxies (https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow…) on 2022-10-17, just as a test * even though the deployment of 2022-10-03 does not quite match up in time with the bandwidth drop == Actions == == Interesting links == * https://www.digitalrights.community/blog/tools-resources-actions-to-support… == Reading group == * We will discuss "" on * * Questions to ask and goals to have: * What aspects of the paper are questionable? * Are there immediate actions we can take based on this work? * Are there long-term actions we can take based on this work? * Is there future work that we want to call out in hopes that others will pick it up? == Updates == Name: This week: - What you worked on this week. Next week: - What you are planning to work on next week. Help with: - Something you need help with. cecylia (cohosh): last updated 2022-10-13 Last week: - more work on translations of webextension and snowflake.tpo - https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… - progress on integrating conjure into tor browser - https://gitlab.torproject.org/cohosh/tor-browser-build/-/commits/conjure - bumped snowflake version in stable versions of tor browser This week: - continue Conjure work - wrap up manifest v3 candidate Needs help with: dcf: 2022-10-13 Last week: - upgraded memory capacity of broker VPS https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… - posted a request for snowflake-client logs and communicated the results https://github.com/net4people/bbs/issues/131 https://gitlab.torproject.org/tpo/anti-censorship/team/-/issues/96#note_284… - archived snowflake-webext-0.6.3 https://archive.org/details/snowflake-webextension-0.6.3 - suggested a way to include pion log messages in the snowflake-client and proxy logs https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… - checked the TLS fingerprint of Orbot on Android, found it to be the same as Tor Browser on Linux https://gitlab.torproject.org/tpo/anti-censorship/team/-/issues/96#note_284… - reviewed a `go fmt` merge request https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… - posted a research idea to calibrate user counts in metrics graphs https://gitlab.torproject.org/tpo/network-health/metrics/website/-/issues/4… - opened an issue for confusing code structure in the proxy https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… Next week: - disable non-WireGuard SSH access to snowflake-02 - migrate goptlib to gitlab https://gitlab.torproject.org/tpo/anti-censorship/team/-/issues/86#note_282… - try Conjure PT development version https://forum.torproject.net/t/tor-dev-introducing-a-conjure-pt-for-tor/4429 Help with: meskio: 2022-10-06 Last week: - deploy rdsys-gettor - investigate gettor mysterious freeze (rdsys#129) - refresh captchas for BridgeDB (still in progress) (bridgedb#40061) - update imap libraries in rdsys (rdsys!54) - update obfs4proxy package in debian (obfs4#40008) - create 'First contribution' tickets in rdsys for Outreachy - rdsys updates now signal if they are full update (rdsys!53) - a proposal to refresh builtin bridges in TB (tor-browser-build#40630) Next week: - get uTLS back on obfs4proxy meek (obfs4#40008) Shelikhoo: 2022-10-13 Last Week: - [Merge Request Awaiting] Add SOCKS5 forward proxy support to snowflake (snowflake!64) - [Discussion & Deployment] Rollout of Distributed Snowflake Support - [Coding & Deployment] Proposal: Centralized Probe Result Collector (anti-censorship/team#54) - [Research] HTTPT Planning https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/http… - [Research] Generate Charts for presention: https://gitlab.torproject.org/tpo/anti-censorship/team/-/issues/92#note_283… - [Deployment] Give shelikhoo Access to polyanthum instance (and bridge user) for the purpose of Debugging WebTunnel integration of rdsys Next Week: - [Research] WebTunnel Planning (Continue) - Generate Charts for presention: https://gitlab.torproject.org/tpo/anti-censorship/team/-/issues/92#note_283… (Continue) - [Research] Fix vantage point summary upload in China - Release New version of Snowflake WebExt - Rollout distributed snowflake(include definition of secondary bridge on broker) Itchy Onion: 2022-10-13 Last week: - testing two more RACE snowflake plugin fixes (using io.Copy() to send message and connection pool) This week: - bump snowflake plugin to version 2.3.2 - trying to trace where the message dropping happens in the snowflake library used by RACE. (I've been back and forth on this one, but now I believe message dropping and unclosed TCP sockets are not the same issue. The CI tests that are failing doesn't send that many messages for a system resource issue to kick in. I've traced the message in the plugin code, and see they are all sent to the snowflake library code without dropping. So maybe an issue with the version of snowflake lib that's used in RACE)

1 0

Tor Browser meeting moving to 2022-10-11
by Richard Pospesel 10 Oct '22

10 Oct '22

Hi Everyone, Tomorrow is an official Tor holiday, so we will move the Tor Browser weekly meeting to back a day to Tuesday (2022-10-11) at 1500 UTC in #tor-meeting on OFTC IRC. best, -Richard

1 0

Anti-censorship team meeting notes, 2022-10-06
by Shelikhoo 06 Oct '22

06 Oct '22

Hey everyone! Here are our meeting logs: http://meetbot.debian.net/tor-meeting/2022/tor-meeting.2022-10-06-15.58.html And our meeting pad: Anti-censorship work meeting pad -------------------------------- Next meeting: Thursday Oct 13 16:00 UTC Weekly meetings, every Thursday at 16:00 UTC, in #tor-meeting at OFTC (channel is logged while meetings are in progress) == Goal of this meeting == Weekly check-in about the status of anti-censorship work at Tor. Coordinate collaboration between people/teams on anti-censorship at the Tor Project and Tor community. == Links to Useful documents == * Our anti-censorship roadmap: * Roadmap: https://gitlab.torproject.org/groups/tpo/anti-censorship/-/boards * The anti-censorship team's wiki page: * https://gitlab.torproject.org/tpo/anti-censorship/team/-/wikis/home * Past meeting notes can be found at: * https://lists.torproject.org/pipermail/tor-project/ * Tickets that need reviews: from sponsors we are working on: * All needs review tickets: * https://gitlab.torproject.org/groups/tpo/anti-censorship/-/merge_requests?s… * Sponsor 28 * must-do tickets: https://gitlab.torproject.org/groups/tpo/-/milestones/10 * possible tickets: https://gitlab.torproject.org/groups/tpo/-/issues?scope=all&utf8=%E2%9C%93&… * Sponsor 96 * https://gitlab.torproject.org/groups/tpo/-/milestones/24 == Announcements == * == Discussion == * loss of bandwidth at snowflake-01 bridge * https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… * the cause is unknown, but it may be something outside our immediate control, like a network issue at the hosting center. operators are investigating it. * will try a reboot later today * low bandwidth at the broker could be the cause of connection failures from Iran * https://gitlab.torproject.org/tpo/anti-censorship/team/-/issues/96#note_284… * (but there are still users from Iran, still the largest single contingent) * https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… * Snowflake Enable Distributed Snowflake Support at broker src shell * https://gitlab.torproject.org/tpo/anti-censorship/team/-/issues/95 * old proxies were rejected starting monday of this week * everything seems smooth, we saw a drop in polls as expected, but we still seem to be mostly in capacity and it looks worth it to move forward. * plan to make a community announcement about the rejection of old proxies * Iran: * Anything (resources, work, support) that may be needed to help circumvent censorship in Iran right now? * There are multiple reports of snowflake not working in Iran in some ISPs, but so far we didn't receive a more detailed report. * Should we try out new PTs? dnstt, etc? * Get snowflake in Tor Browser updated to support utls * meskio will explore if orbot has support for uTLS in snowflake or if that could be added to be able to see if uTLS solves the problem of snowflake * telegram download bot * apart from a minor issue that needed a one-line fix, launch went well * external contributors have also participated * heavy focus on building new features (especially android builds without downloads.json), which in turn either requires a lot of refactoring * lots of issues concerning third-party libraries again, most bug reports/feature requests have been made to upstream developers * logging has been replaced with aiologger to protect the bot from "hugs of death" * aiologger does not show dates in files. hacky solution: obtain the date when methods of the logger are called, maintainers are not very active * we depend on undocumented behavior. after doing research, it seems OK here * are new versions with regressions OK? * translations * a recent change in how exceptions are communicated to the user has pushed the readiness of translations back * will be expanded once development (mostly) stagnates * existing translations will not be touched until that happens * comments are still a TODO * new experimental gettor backend * authored in go, could potentially be merged together with rdsys * makes sharing large files through platforms with download limits under 100 MB (unless if you pay, or not) possible (by splitting them and providing the users with an app to put it back together) * relies on commands like the other gettor implementations * uses mongodb as a backend * android versions work too * currently private * built-in bridgdes vs 'settings' pool: do we need more built-in obfs4 bridges? == Actions == == Interesting links == * https://gitlab.torproject.org/tpo/onion-services/onion-support/-/issues/155… * Draft campaign to download Tor in Kazakhstan (preparing for elections) * https://github.com/net4people/bbs/issues/128 * The Great Firewall of China has blocked google.com and all its subdomains * https://github.com/net4people/bbs/issues/129 * Large scale blocking of TLS-based censorship circumvention tools in China == Reading group == * We will discuss "" on * * Questions to ask and goals to have: * What aspects of the paper are questionable? * Are there immediate actions we can take based on this work? * Are there long-term actions we can take based on this work? * Is there future work that we want to call out in hopes that others will pick it up? == Updates == Name: This week: - What you worked on this week. Next week: - What you are planning to work on next week. Help with: - Something you need help with. cecylia (cohosh): last updated 2022-10-06 Last week: - Published an update to the web extension that will cause unrestricted proxies to poll more often (snowflake-webext#58) - Fixed translations for snowflake.torproject.org and the extension (snowflake-webext#61) - responded to a few other issues - talked with UX and applications teams about reputation-based bridge distribution This week: - continue monitoring snowflake proxy pool and implement some improvements - resume Conjure work - wrap up manifest v3 candidate Needs help with: dcf: 2022-10-06 Last week: - more performance optimization and debugging on snowflake-01 bridge https://lists.torproject.org/pipermail/anti-censorship-team/2022-October/00… - investigated as-yet unexplained drop in bandwidth at snowflake-01 bridge https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… - archived snowflake-webext-0.6.2 https://archive.org/details/snowflake-webextension-0.6.2 Next week: - upgrade memory capacity of broker VPS https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… - disable non-WireGuard SSH access to snowflake-02 - migrate goptlib to gitlab https://gitlab.torproject.org/tpo/anti-censorship/team/-/issues/86#note_282… - try Conjure PT development version https://forum.torproject.net/t/tor-dev-introducing-a-conjure-pt-for-tor/4429 Help with: meskio: 2022-10-06 Last week: - deploy rdsys-gettor - investigate gettor misterious freezee (rdsys#129) - refresh captchas for BridgeDB (still in progress) (bridgedb#40061) - update imap libraries in rdsys (rdsys!54) - update obfs4proxy package in debian (obfs4#40008) - create 'First contribution' tickets in rdsys for Outreachy - rdsys updates now signal if they are full update (rdsys!53) - a proposal to refresh builtin bridges in TB (tor-browser-build#40630) Next week: - get uTLS back on obfs4proxy meek (obfs4#40008) Shelikhoo: 2022-10-06 Last Week: - [Merge Request Awaiting] Add SOCKS5 forward proxy support to snowflake (snowflake!64) - [Discussion & Deployment] Rollout of Distributed Snowflake Support - [Coding & Deployment] Proposal: Centralized Probe Result Collector (anti-censorship/team#54) - [Research] HTTPT Planning https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/http… - [Research] Generate Charts for presention: https://gitlab.torproject.org/tpo/anti-censorship/team/-/issues/92#note_283… - [Research] Investigate Distributed Snowflake Rollout Issue (https://gitlab.torproject.org/tpo/anti-censorship/team/-/issues/95) - [Merge Request] Add upload connection info to rdsys in WebTunnel(https://gitlab.torproject.org/tpo/anti-censorship/pluggable-trans… https://gitlab.torproject.org/tpo/tpa/team/-/issues/40920#note_2840555) - [Deployment] Setup Webtunnel at njalla VPS(https://gitlab.torproject.org/tpo/anti-censorship/team/-/issues/97) - [Deployment] Distributed Snowflake Rollout (https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow…) Next Week: - [Research] WebTunnel Planning (Continue) - Generate Charts for presention: https://gitlab.torproject.org/tpo/anti-censorship/team/-/issues/92#note_283… (Continue) - [Research] Add upload connection info to rdsys in WebTunnel - [Research] Fix vantage point summary upload in China Itchy Onion: 2022-10-06 Last week: - continue debuging message dropping issue - study why Tor's use of snowflake doesn't exhibit similar problems and tried to do something similar) This week: - continue debugging the message dropping issue -learning about how to properly trace a connection with the tools provided by RACE) - testing caching connections

1 0

Joydeep's Monthly Status Report for September 2022
by Joydeep Sen Gupta 06 Oct '22

06 Oct '22

Hello everyone! These are my updates from September. In the past month our support channels have received a unprecedented number of user support requests from Iran. Across our official support channels - email, Telegram and Signal - we have resolved more than 4000 support tickets! With help and inputs from my fellow community team members and the localization team, I drafted a user guide on how to circumvent censorship with Tor in Iran[1]. This is very much ongoing work and we are actively monitoring the situation and will keep updating the user guide. With such large volume of support requests there have been some challenges as well. Our cdr.link (Telegram and Signal support channel) has been running into some issues with message reception and delivery through the @TorProjectSupportBot on Telegram and I have been in touch with the cdr.link support team about this (massive shout-out to them for the prompt response to this!) More details in the ticket[2]. While the questions have been mostly around using pluggable transports with Tor Browser, Orbot and Onion Browser in Iran, I have helped a number of users with instructions to verify their Tor Browser install, setting up F-Droid to download Tor Browser for Android (as a result of our main website and mirrors being blocked) and as part of our campaign[3] to run more snowflake proxies, to setup snowflake proxies for folks where internet is not censored. Apart from this, with two Tor Browser Alpha releases I have been involved with testing and overall quality assurance and added documentation about the Telegram GetTor bot to the Tor Browser Manual[4]. That pretty much sums up the highlights from last month and following are some quick stats and highlights from our official support channels. Timeline: 01 - 30 September 2022 # Frontdesk Tickets: open: 58 resolved: 1273 Breakdown of number of RT tickets received with respect to operating system: Breakdown of most frequent tickets by numbers: 1. 1059 RT Tickets - Circumventing Censorship with Tor in Iran. 2. 172 RT Tickets - Private Bridge requests from China[5] 3. 69 RT Tickets - How to use a Tor Bridge in Russia[6] # Telegram and Signal Support channel (cdr.link) tickets resolved: 2925 Most of these tickets have been about circumventing censorship in Iran. The other most frequent ticket we received have been about: 101 tickets: Circumventing censorship in Russia 9 tickets - Using unlisted obfs4 bridges in China 9 tickets - Help with setting up snowflake and other general questions about the pluggable transport # Tor Forum Most popular topics in the Support category (in terms of no. of views): 1. "Iran: Circumventing Censorship with Tor"[1] 2. "Snowflake Chrome extension doesn’t seem to be working for me"[7] 3. "Two-layered access"[8] 4. "Snowflake standalone proxy: NAT behaviour"[9] 5. "Your server has not managed to confirm reachability for its ORPort(s)"[10] Thanks, -- Joydeep [1]: https://forum.torproject.net/t/iran-circumventing-censorship-with-tor/4590 [2]: https://gitlab.torproject.org/tpo/community/support/-/issues/40092 [3]: https://twitter.com/torproject/status/1573670895696183303 [4]: https://tb-manual.torproject.org/downloading/ [5]: https://support.torproject.org/censorship/connecting-from-china/ [6]: https://forum.torproject.net/t/tor-blocked-in-russia-how-to-circumvent-cens… [7]: https://forum.torproject.net/t/snowflake-chrome-extension-doesnt-seem-to-be… [8]: https://forum.torproject.net/t/two-layered-access/4783 [9]: https://forum.torproject.net/t/snowflake-standalone-proxy-nat-behaviour/4885 [10]: https://forum.torproject.net/t/your-server-has-not-managed-to-confirm-reach…

1 0

Rhatto's Monthly Status Report, September 2022
by rhatto 06 Oct '22

06 Oct '22

Hi all :) This is my monthly status report for September 2022. Main activities during the period: 0. The Onion Plan: * Research on existing proposals for enhancing the Onion Service experience. * Results were presented during the Tor Meeting: https://gitlab.torproject.org/tpo/team/-/wikis/202209MeetingOnionPlan https://gitlab.torproject.org/tpo/team/-/wikis/202209MeetingOnionPlan/intro… * Collected feedback and started the next iteration, hopefully towards a concrete roadmap :) 1. Deployments for Sponsor 123 (Onion Launchpad landing pages and Onion Services). I would also like to thank @luciole for the work towards an Onionprobe Arch Linux package: https://gitlab.torproject.org/tpo/onion-services/onionprobe/-/issues/16 -- Silvio Rhatto pronouns he/him

1 0

Marco's Status Report September 2022
by msim 06 Oct '22

06 Oct '22

Hi o/ This month I continued the WebRTC work for Sponsor 131. To recap, S131 is base browser (tor browser, without tor), and as part of base browser, S131 wants WebRTC enabled. This month I continued debugging issues with WebRTC at runtime. Most of this testing was done with WebRTC Samples[1], and some more was done with Mozilla's test page[2]. Various weird issues were encountered, and trying to figure out what Mingw is doing that's breaking it is, well, a challenge :). Ticketed issues are visible on my fork of Tor Browser[3], and after some testing, PieroV also investigated (thanks!) and provided some super helpful information. Unfortunately, due to being busy with some other commitments, I won't be able to continue working on this until the last week of November. At some point in the near future, I will try to write some more comprehensive notes on what's breaking in case anyone wishes to have a look between now and the end of November :) All the best! -Marco [1]: https://webrtc.github.io/samples/ [2]: https://mozilla.github.io/webrtc-landing/ [3]: https://gitlab.torproject.org/msimonelli/tor-browser

1 0

Cecylia's monthly status report, September 2022
by Cecylia Bocovich 05 Oct '22

05 Oct '22

Hi everyone, This is my status report for contract work done in September 2022 1. Help with snowflake development * worked on updating the snowflake webextension for manifest v3 * answering questions on the forum * code reviews * fixed a bug in the snowflake badge where the icon doesn't turn green * worked on tuning the proxy pool for clients with restrictive NATs Cecylia

1 0