tor-project

tor-project@lists.torproject.org

17 participants
2325 discussions

UX team meeting tomorrow, August 3rd
by Duncan Russell 02 Aug '21

02 Aug '21

Hi everyone! Our next User Experience team meeting will be held tomorrow on Tuesday August 3rd at 1400 UTC in #tor-meeting.* During this meeting we'll share an update on the UX team’s ongoing work across key projects, and collaborate on the questions we’d like to ask participants in our upcoming tree testing of the new forum’s proposed structure. If you'd like to get involved please feel free to add your items to the pad: https://pad.riseup.net/p/1D8sK8Zy74b_0qclC97I-ux-team-monthly-2020-keep <https://pad.riseup.net/p/1D8sK8Zy74b_0qclC97I-ux-team-monthly-2020-keep> Remember, User Experience team meetings are an open space for discussion around ethical user research, user interface design and the user experience of privacy-enhancing products. See you soon! Duncan [*] https://gitlab.torproject.org/tpo/ux/team/-/wikis/home <https://gitlab.torproject.org/tpo/ux/team/-/wikis/home> *** Duncan Larsen-Russell Product Manager & UX Team Lead duncan(a)torproject.org

1 0

metrics-lib 2.18.0 released
by Iain R. Learmonth 30 Jul '21

30 Jul '21

Hi, I have released metrics-lib 2.18.0. This release is particularly exciting as it contains contributions from 3 seperate developers, this codebase is getting some attention! metrics-lib, which also goes by the name DescripTor, is a Java API that fetches Tor descriptors from a variety of sources like cached descriptors and directory authorities/mirrors. The DescripTor API is useful to support statistical analysis of the Tor network data and for building services and applications. This release is the sum of over 9 years of development, with the latest changes: * Medium changes - Expose overload-ratelimits and overload-fd-exhausted fields in ExtraInfoDescriptor. (hiro) - OnionPerfAnalysisConverter discards circuits marked as filtered. (acute) - Adds BridgestrapStats to parse metrics from bridgestrap. (irl) You can find the release at: https://dist.torproject.org/metrics-lib/2.18.0/ You can find the sources at: https://gitlab.torproject.org/tpo/metrics/library/-/tree/metrics-lib-2.18.0 Thanks, Iain.

1 0

Job opening: Software Developer for the Tor Browser and VPN
by Erin Wyatt 30 Jul '21

30 Jul '21

Hello again, everyone! We also need your help attracting qualified candidates for our Browser/VPN position. If you know someone who might be interested in this job or if you know of a job board or mailing list that would be fitting and appropriate, please share it for us! Thank you! :) Software Developer for the Browser/Applications Team - Two (2) positions (https://www.torproject.org/about/jobs/software-engineer-applications-team/ <https://www.torproject.org/about/jobs/software-engineer-applications-team/>) Cheers, Erin Wyatt Director of People Operations ewyatt(a)torproject.org <mailto:ewyatt@torproject.org> PGP: 35E7 2A9F 6655 45F9 2CB6 6624 BA0C 9400 F80F 91CE https://www.torproject.org <https://www.torproject.org/> http://expyuzz4wqqyqhjn.onion/ <http://expyuzz4wqqyqhjn.onion/> --------------------------------------------->8 # Software Engineers for Applications Team (Browser and VPN) The Tor Project, Inc., a 501(c)(3) nonprofit organization advancing human rights and freedoms by creating and deploying free and open source anonymity and privacy technologies, is seeking two experienced developers to work on the Applications team. Our Applications Team's main project is the Tor Browser but we have plans to develop other apps in the near future. We are looking for two (2) full-time developers to join our team to help us with both Tor Browser development and mobile app development. These two positions share a core set of skills, but each has its own set of specific skills as well. However, regardless of whether you have all of one set of skills or a combination of the two sets, please apply! Further, if you feel that you meet several of the requirements, or could meet them with a little support, we would love to hear from you. The team coordinates both synchronously and asynchronously via IRC, email, bug trackers, and some voice meetings. A personal commitment to free and open source software, good communication and documentation skills, and passion for contributing to the greater good are all essential. These are full-time, remote positions. ## The Jobs: ### Browser: • Evaluate and audit recent changes in Firefox, and understand how that affects Tor Browser users • Support maintaining Tor Browser on top of recent versions of Firefox • Improve Tor Browser’s security, privacy, and anonymity properties • Collaborate with Mozilla and directly improve Firefox • Simplify and improve Tor Browser's current protections • Support the continuous integration testing framework and tests • Improve Tor Browser's web compatibility ### Android Application Developer: • Support maintaining Tor Browser on Android • Improving Tor integration into Android apps • Improve Tor usability on Android • Collaborate with Guardian Project and other partners • Support Orbot improvements and similar app functionality Our main codebases are a combination of multiple components that make Tor Browser (https://gitlab.torproject.org/tpo/applications/tor-browser/-/wikis/Codebases). For a more detailed understanding of the full breadth and depth of the work you'd be doing, have a look at The Design and Implementation of the Tor Browser, especially The Design Requirements section at https://spec.torproject.org/torbrowser-design#DesignRequirements. ### Requirements -- Technical Abilities/Experience: • Advanced skills in writing C++ (11 or later) and JavaScript. • Be comfortable working remotely with a geographically distributed team. • Experience interacting with users and other developers online, including experience being confronted with differing ideas and opinions, while maintaining a high level of professionalism. • Familiarity with distributed version control systems, including Git. • Familiarity with compiling software for the Android platform. ### Preferred qualifications: • Familiarity and/or experience with writing add-ons and/or patches for Mozilla Firefox or other web browsers. • Familiarity with writing C and Rust. • Familiarity with writing Kotlin or Java. • Be familiar with web technologies and how the web works, especially • the same-origin model and web tracking. Familiarity with browser fingerprinting defenses • Familiarity with Firefox's internal architecture, including its use of multiple processes and sandboxing. • Know enough about networking to be able to visualize what HTTP 1.1 looks like on the wire while encapsulated within Tor's network protocol. • Android development experience, especially involving low-level networking like the VpnService. Salary for this position is $100k USD and there is voluntary opt-in salary transparency for employees and contractors. ## How to Apply To apply, submit a cover letter, your CV/resume (including three professional references), and a link to a code sample or some non-trivial software project you have significantly contributed to. In your cover letter, please include the reason you want to work at the Tor Project. IMPORTANT: Please email application materials in PDF format to job-browser at torproject dot org with "Applications Developer" in the subject line. ## About The Tor Project The Tor Project's workforce is smart, committed, and hard working. We currently have a paid and contract staff of around 24 developers and operational support people, plus many thousands of volunteers who contribute to our work. The Tor Project is funded in part by government research and development grants, and in part by individual, foundation, and corporate donations. Tor is for everyone, and we are actively working to build a team that represents people from all over the world - people from diverse ethnic, national, and cultural backgrounds; people from all walks of life. We encourage people subject to systemic bias to apply, including people of color, indigenous people, LGBTQIA+ people, women, and any other person who is part of a group that is underrepresented in tech. The Tor Project has a competitive benefits package, including a generous PTO policy, 16 paid holidays per year (including the week between Christmas and New Year's, when the office is closed), and flexible work schedule. Insurance benefits vary by employment status and country of residence. The Tor Project, Inc., is an equal opportunity, affirmative action employer.

1 0

Jobs announcement - Software Developers (Anti-Censorship, Browser, and Android/VPN)
by Erin Wyatt 30 Jul '21

30 Jul '21

Hey everyone, We have three new job openings! • Software Developer for the Anti-Censorship Team - One (1) position (https://www.torproject.org/about/jobs/software-developer-anticensorship-2/ <https://www.torproject.org/about/jobs/software-developer-anticensorship-2/>) • Software Developer for the Browser/Applications Team - Two (2) positions (https://www.torproject.org/about/jobs/software-engineer-applications-team/ <https://www.torproject.org/about/jobs/software-engineer-applications-team/>) Job descriptions are pasted below. Please help us spread the word! Thanks! :) Cheers, Erin Wyatt Director of People Operations ewyatt(a)torproject.org PGP: 35E7 2A9F 6655 45F9 2CB6 6624 BA0C 9400 F80F 91CE https://www.torproject.org http://expyuzz4wqqyqhjn.onion/ --------------------------------------------->8 # Software Engineers for Applications Team (Browser and VPN) The Tor Project, Inc., a 501(c)(3) nonprofit organization advancing human rights and freedoms by creating and deploying free and open source anonymity and privacy technologies, is seeking two experienced developers to work on the Applications team. Our Applications Team's main project is the Tor Browser but we have plans to develop other apps in the near future. We are looking for two (2) full-time developers to join our team to help us with both Tor Browser development and mobile app development. These two positions share a core set of skills, but each has its own set of specific skills as well. However, regardless of whether you have all of one set of skills or a combination of the two sets, please apply! Further, if you feel that you meet several of the requirements, or could meet them with a little support, we would love to hear from you. The team coordinates both synchronously and asynchronously via IRC, email, bug trackers, and some voice meetings. A personal commitment to free and open source software, good communication and documentation skills, and passion for contributing to the greater good are all essential. These are full-time, remote positions. ## The Jobs: ### Browser: • Evaluate and audit recent changes in Firefox, and understand how that affects Tor Browser users • Support maintaining Tor Browser on top of recent versions of Firefox • Improve Tor Browser’s security, privacy, and anonymity properties • Collaborate with Mozilla and directly improve Firefox • Simplify and improve Tor Browser's current protections • Support the continuous integration testing framework and tests • Improve Tor Browser's web compatibility ### Android Application Developer: • Support maintaining Tor Browser on Android • Improving Tor integration into Android apps • Improve Tor usability on Android • Collaborate with Guardian Project and other partners • Support Orbot improvements and similar app functionality Our main codebases are a combination of multiple components that make Tor Browser (https://gitlab.torproject.org/tpo/applications/tor-browser/-/wikis/Codebases). For a more detailed understanding of the full breadth and depth of the work you'd be doing, have a look at The Design and Implementation of the Tor Browser, especially The Design Requirements section at https://spec.torproject.org/torbrowser-design#DesignRequirements. ### Requirements -- Technical Abilities/Experience: • Advanced skills in writing C++ (11 or later) and JavaScript. • Be comfortable working remotely with a geographically distributed team. • Experience interacting with users and other developers online, including experience being confronted with differing ideas and opinions, while maintaining a high level of professionalism. • Familiarity with distributed version control systems, including Git. • Familiarity with compiling software for the Android platform. ### Preferred qualifications: • Familiarity and/or experience with writing add-ons and/or patches for Mozilla Firefox or other web browsers. • Familiarity with writing C and Rust. • Familiarity with writing Kotlin or Java. • Be familiar with web technologies and how the web works, especially • the same-origin model and web tracking. Familiarity with browser fingerprinting defenses • Familiarity with Firefox's internal architecture, including its use of multiple processes and sandboxing. • Know enough about networking to be able to visualize what HTTP 1.1 looks like on the wire while encapsulated within Tor's network protocol. • Android development experience, especially involving low-level networking like the VpnService. Salary for this position is $100k USD and there is voluntary opt-in salary transparency for employees and contractors. ## How to Apply To apply, submit a cover letter, your CV/resume (including three professional references), and a link to a code sample or some non-trivial software project you have significantly contributed to. In your cover letter, please include the reason you want to work at the Tor Project. IMPORTANT: Please email application materials in PDF format to job-browser at torproject dot org with "Applications Developer" in the subject line. ## About The Tor Project The Tor Project's workforce is smart, committed, and hard working. We currently have a paid and contract staff of around 24 developers and operational support people, plus many thousands of volunteers who contribute to our work. The Tor Project is funded in part by government research and development grants, and in part by individual, foundation, and corporate donations. Tor is for everyone, and we are actively working to build a team that represents people from all over the world - people from diverse ethnic, national, and cultural backgrounds; people from all walks of life. We encourage people subject to systemic bias to apply, including people of color, indigenous people, LGBTQIA+ people, women, and any other person who is part of a group that is underrepresented in tech. The Tor Project has a competitive benefits package, including a generous PTO policy, 16 paid holidays per year (including the week between Christmas and New Year's, when the office is closed), and flexible work schedule. Insurance benefits vary by employment status and country of residence. The Tor Project, Inc., is an equal opportunity, affirmative action employer. --------------------------------------------->8 # Software Developer for Anti-Censorship Team The Tor Project, Inc., a 501(c)(3) nonprofit organization advancing human rights and freedoms by creating and deploying free and open source anonymity and privacy technologies, is seeking an experienced Software Developer to take our anti-censorship work to the next level. This role will work on the anti-censorship technologies at Tor. A personal commitment to free and open source software and the application of advanced programming skills for the greater good is essential. This is a full-time remote position. ## Job Requirements This developer position will be an integral part of our Anti-Censorship Team. Main responsibilities for this position are: • Continue development of our bridge distribution system, pluggable transports, and other anti-censorship technologies. • Required qualifications: • Familiarity with Internet security and censorship circumvention technologies in China and other censored countries. • Experience with designing, implementing, testing, and reviewing complex codebases (ideally in Go). • Ability to work in a self-directed and independent way. • Comfortable with working remotely, across time zones. • Strong familiarity with computer science fundamentals. • Preferred qualifications: • Experience and intuition about censorship in China, including knowing how best to reach Chinese internet user communities to discuss circumvention approaches. • Familiarity with reading research papers and turning research ideas into prototypes. • Understanding of the Tor pluggable transport ecosystem and the censorship circumvention research space. • Past contributions to and familiarity with the practices of free software projects. • Passion and dedication to Internet freedom is an added plus. • Proficient at reading and writing Simplified Chinese. Salary for this position is $100k USD and there is voluntary opt-in salary transparency for employees and contractors. ## To Apply To apply, submit a cover letter, your CV/resume (including three professional references), and a link to a code sample or some non-trivial software project you have significantly contributed to. In your cover letter, please include the reason you want to work at the Tor Project. IMPORTANT: Please email application materials in plain text or PDF format, if possible, to job-anticensor at torproject dot org with "Anti-Censorship Developer" in the subject line. ## About The Tor Project The Tor Project's workforce is smart, committed, and hard working. We currently have a paid and contract staff of around 24 developers and operational support people, plus many thousands of volunteers who contribute to our work. The Tor Project is funded in part by government research and development grants, and in part by individual, foundation, and corporate donations. Tor is for everyone, and we are actively working to build a team that represents people from all over the world - people from diverse ethnic, national, and cultural backgrounds; people from all walks of life. We encourage people subject to systemic bias to apply, including people of color, indigenous people, LGBTQIA+ people, women, and any other person who is part of a group that is underrepresented in tech. The Tor Project has a competitive benefits package, including a generous PTO policy, 16 paid holidays per year (including the week between Christmas and New Year's, when the office is closed), and flexible work schedule. Insurance benefits vary by employment status and country of residence. The Tor Project, Inc., is an equal opportunity, affirmative action employer.

1 1

Anti-censorship meeting notes, 2021 July 29
by Cecylia Bocovich 29 Jul '21

29 Jul '21

Hi everyone, Here are our meeting logs: http://meetbot.debian.net/tor-meeting/2021/tor-meeting.2021-07-29-16.00.html and the our meeting pad: Anti-censorship work meeting pad -------------------------------- Next meeting: Thursday July 29th 16:00 UTC Weekly meetings, every Thursday at 16:00 UTC, in #tor-meeting at OFTC (channel is logged while meetings are in progress) == Goal of this meeting == Weekly checkin about the status of anti-censorship work at Tor. Coordinate collaboration between people/teams on anti-censorship at Tor. == Announcements == Job opening on the anti-censorship team: https://www.torproject.org/about/jobs/software-developer-anticensorship-2/ \o/ == Discussion == snowflake rendezvous now uses fastly rather than azure (tpo/anti-censorship/pluggable-transports/snowflake!33); why are there still charges accruing for azure? https://gitlab.torproject.org/tpo/anti-censorship/team/-/wikis/Snowflake-co… it's possible that orbot or some other snowflake users are still configured with azure just checked and orbot uses fastly https://gitlab.torproject.org/dcf/snowflake/-/pipelines/9956 is a failed pipeline; is it a known bug? yes, https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… == Actions == == Interesting links == == Reading group == We will discuss "" on Questions to ask and goals to have: What aspects of the paper are questionable? Are there immediate actions we can take based on this work? Are there long-term actions we can take based on this work? Is there future work that we want to call out, in hopes that others will pick it up? == Updates == Name: This week: - What you worked on this week. Next week: - What you are planning to work on next week. Help with: - Something you need help with. cecylia (cohosh): last updated 2021-07-29 Last week: - filed a shadow issue for syscalls needed by Go - https://github.com/shadow/shadow/issues/1540 - updated snowflake!48 - took a look at the masque specifications - https://datatracker.ietf.org/doc/draft-ietf-masque-connect-udp/ - debugged issues with snowflake badge (snowflake-webext#28) - hiring committee tasks - s28 scrimmage this week - looked at Tor reachability in Iran This week: - more work on snowflake documentation (snowflake#40031) - help the browser team with tor's autoconnect feature - reviews - snowflake!50 - rdsys!11 - snowflake!52 Needs help with: - review of snowflake-webext!20 dcf: 2021-07-29 Last week: - wrote more documentation for snowflake AMP cache feature https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… - made sample Tor Browser builds using AMP cache https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… - made a merge request to remove the unused uniuri dependency from Tor Browser https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/merge_re… Next week: Help with: - review of snowflake AMP cache rendezvous (no rush) https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… maxb: 2021-07-15 Last week: - Opened https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… re: utls for broker negotiation - Worked on github.com/max-b/nat-testing for https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… - Added a snowflake-proxy-no-nat and a snowflake-client-no-nat to help with debugging - Successfully making connections from snowflake-client and snoflake-client-no-nat through the snowflake-proxy-no-nat, but not having any success with the snowflake-proxy (with nat). - Added a local dockerized STUN server Next week: - Use wireshark to figure out the difference between successful snowflake-proxy-no-nat and unsuccessful snowflake-proxy-nat - Work on implementing different NAT types, particularly in a way that's conducive to automatic testing - Add testing wrapper w/ "pass/fail" conditions meskio: 2021-07-22 Last week: - submit the "final" gettor rdsys integration (rdsys!11 rdsys#32) - report number of clients on the snowflake webextension (snowflake-webext!19) - Wait pollInterval in snowflake between proxy offers (snowflake#40055 snowflake!51) - link anti-censorship doc from the TPA wiki (team#4) - review snowflake README clean ups (snowflake!49) - looking up at issues with bridgestrap tests and CollecTor (bridgestrap#20) - fixes in mutex usage in bridgestrap collector metrics (bridgestrap!10) Next week: - AFK for the next 3 weeks Help with: -

1 0

Anti-censorship meeting notes, 2021 July 22
by Cecylia Bocovich 22 Jul '21

22 Jul '21

Hey everyone! Here are our meeting logs: http://meetbot.debian.net/tor-meeting/2021/tor-meeting.2021-07-22-15.59.html and our meeting pad: Anti-censorship work meeting pad -------------------------------- Next meeting: Thursday July 22nd 16:00 UTC Weekly meetings, every Thursday at 16:00 UTC, in #tor-meeting at OFTC (channel is logged while meetings are in progress) == Goal of this meeting == Weekly checkin about the status of anti-censorship work at Tor. Coordinate collaboration between people/teams on anti-censorship at Tor. == Announcements == Job opening on the anti-censorship team: https://www.torproject.org/about/jobs/software-developer-anticensorship-2/ \o/ == Discussion == == Actions == == Interesting links == == Reading group == We will discuss "" on Questions to ask and goals to have: What aspects of the paper are questionable? Are there immediate actions we can take based on this work? Are there long-term actions we can take based on this work? Is there future work that we want to call out, in hopes that others will pick it up? == Updates == Name: This week: - What you worked on this week. Next week: - What you are planning to work on next week. Help with: - Something you need help with. cecylia (cohosh): last updated 2021-07-22 Last week: - worked on automated reachability scripts (censorship-analysis#40018) - hiring meetings - reviewed snowflake-webext!19 - checked on snowflake probe measurements in china (snowflake#32657) - set up snowflake + obfs4 probes in turkey (censorship-analysis#40007) - in-progress review of rdsys!11 This week: - continue reviewing rdsys!11 - more work on snowflake performance (snowflake#40026) - more work on snowflake documentation (snowflake#40031) - look at snowflake!50 Needs help with: dcf: 2021-07-22 Last week: - merge request for snowflake AMP cache rendezvous https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… - commented on KCP/smux buffer size increase https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… - filed issue about standalone snowflake proxy reconnecting quickly https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… - snowflake CDN bookkeeping https://gitlab.torproject.org/tpo/anti-censorship/team/-/wikis/Snowflake-co… Next week: Help with: - review of snowflake AMP cache rendezvous (no rush) https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… maxb: 2021-07-15 Last week: - Opened https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… re: utls for broker negotiation - Worked on github.com/max-b/nat-testing for https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… - Added a snowflake-proxy-no-nat and a snowflake-client-no-nat to help with debugging - Successfully making connections from snowflake-client and snoflake-client-no-nat through the snowflake-proxy-no-nat, but not having any success with the snowflake-proxy (with nat). - Added a local dockerized STUN server Next week: - Use wireshark to figure out the difference between successful snowflake-proxy-no-nat and unsuccessful snowflake-proxy-nat - Work on implementing different NAT types, particularly in a way that's conducive to automatic testing - Add testing wrapper w/ "pass/fail" conditions meskio: 2021-07-22 Last week: - submit the "final" gettor rdsys integration (rdsys!11 rdsys#32) - report number of clients on the snowflake webextension (snowflake-webext!19) - Wait pollInterval in snowflake between proxy offers (snowflake#40055 snowflake!51) - link anti-censorship doc from the TPA wiki (team#4) - review snowflake README clean ups (snowflake!49) - looking up at issues with bridgestrap tests and CollecTor (bridgestrap#20) - fixes in mutex usage in bridgestrap collector metrics (bridgestrap!10) Next week: - AFK for the next 3 weeks Help with: -

1 0

Job announcement - Rust Developers (two openings)
by Erin Wyatt 21 Jul '21

21 Jul '21

Hi everyone! We have a two new open positions on the Network Team for Rust developers: https://www.torproject.org/about/jobs/rust-dev/ <https://www.torproject.org/about/jobs/rust-dev/>. The job description is pasted below. Please help us spread the word! Thank you! :) Cheers, Erin Wyatt Director of People Operations ewyatt(a)torproject.org PGP: 35E7 2A9F 6655 45F9 2CB6 6624 BA0C 9400 F80F 91CE https://www.torproject.org http://expyuzz4wqqyqhjn.onion/ ——————————————————————>8 # Internet Freedom Nonprofit Seeks Rust Developer July 20, 2021 The Tor Project, Inc., a 501(c)(3) nonprofit organization advancing human rights and freedoms by creating and deploying free and open source anonymity and privacy technologies, is seeking two experienced Rust developers to be a part of the Network Team. These developers will be an integral part of a small team that develops and maintains the networking software at the core of the Tor network, keeping it secure and improving it for the future. (Over the past 15 years, we've been developing the Tor implementation in C; but the time has finally come to migrate to Rust.) The team coordinates both synchronously and asynchronously via IRC, email, bug trackers, and some voice meetings. A personal commitment to free and open source software, good communication and documentation skills, and passion for contributing to the greater good are all essential. This is a full-time, remote position. Salary for this position is $90k - $110k USD, depending on experience, and there is voluntary opt-in salary transparency for employees and contractors. ## Summary In this role, you will: • Help design, develop, and improve (Arti)[https://blog.torproject.org/announcing-arti], our Rust implementation of the Tor protocol. • Help other team members improve their Rust skills. • Collaborate with other Tor teams to integrate Arti in their workflows. • Contribute to other free, open-source Rust projects as needed, especially to ones that Arti depends on. Required Technical Skills and Experience • Familiarity with the Rust programming language, and with system design in Rust. • Strong remote work and time management skills. • Good communication and documentation skills. • Enthusiasm for teaching and learning within a distributed team. ## Preferred Qualifications (These are good to have, but not required!) • Experience with async/await programming in Rust. • Experience with portable, cross-platform coding. (We work on Unix, OSX, Windows, iOS, and Android, and we're aiming to expand to WASM.) • Experience with developing large software projects, keeping them maintainable and flexible over time. • Experience with API design and documentation. • Familiarity with privacy, network programming, distributed systems, security, and cryptography. • Familiarity with FOSS software engineering practices. • Familiarity with C (for reading old tor code). • Experience with reading and writing technical specifications. Academic degrees are great, but not required if you have the right experience! If you feel that you meet several of these requirements or could meet them with a little support, we would love to hear from you. ## How to Apply To apply, submit a cover letter, your CV/resume (including three professional references), and a link to a code sample or some non-trivial software project you have significantly contributed to. In your cover letter, please include the reason you want to work at the Tor Project. IMPORTANT: Please email application materials in PDF format to job-network at torproject dot org with "Network Developer" in the subject line. ## About The Tor Project The Tor Project's workforce is smart, committed, and hard working. We currently have a paid and contract staff of around 28 developers and operational support people, plus many thousands of volunteers who contribute to our work. The Tor Project is funded in part by government research and development grants, and in part by individual, foundation, and corporate donations. Tor is for everyone, and we are actively working to build a team that represents people from all over the world - people from diverse ethnic, national, and cultural backgrounds; people from all walks of life. We encourage people subject to systemic bias to apply, including people of color, indigenous people, LGBTQIA+ people, women, and any other person who is part of a group that is underrepresented in tech. The Tor Project has a competitive benefits package, including a generous PTO policy, 16 paid holidays per year (including the week between Christmas and New Year's, when the office is closed), and flexible work schedule. Insurance benefits vary by employment status and country of residence. The Tor Project, Inc. is an equal opportunity, affirmative action employer.

1 0

Anti-censorship meeting notes, 2021 July 15
by Cecylia Bocovich 15 Jul '21

15 Jul '21

Hey everyone, Here are our meeting logs: http://meetbot.debian.net/tor-meeting/2021/tor-meeting.2021-07-15-16.00.html and our meeting pad: Anti-censorship work meeting pad -------------------------------- Next meeting: Thursday July 15th 16:00 UTC Weekly meetings, every Thursday at 16:00 UTC, in #tor-meeting at OFTC (channel is logged while meetings are in progress) == Goal of this meeting == Weekly checkin about the status of anti-censorship work at Tor. Coordinate collaboration between people/teams on anti-censorship at Tor. == Announcements == Tor Browser 10.5 released with Snowflake. https://blog.torproject.org/new-release-tor-browser-105 Peep the charts 👀 https://metrics.torproject.org/rs.html#details/5481936581E23D2D178105D44DB6… https://metrics.torproject.org/userstats-bridge-transport.html?start=2021-0… Job opening on the anti-censorship team: https://www.torproject.org/about/jobs/software-developer-anticensorship-2/ == Discussion == Snowflake usage metrics after stable release How's the performance in places that are geographically far from the bridge? Is the spike globally distributed or centered on certain countries? Today's bridge-stats: bridge-stats-end 2021-07-14 17:36:29 (86400 s) bridge-ips us=552,ru=456,by=336,cn=216,ir=168,de=144,gb=120,in=88,fr=80,br=72,it=64,ca=48,dz=48,tr=48,nl=40,at=32,... == Actions == == Interesting links == snowflake-client.exe in TB 10.5 detected as malware https://lists.torproject.org/pipermail/tor-talk/2021-July/045752.html https://www.reddit.com/r/TOR/comments/of1gu3/windows_defender_latest_tor_br… https://gitlab.torproject.org/tpo/web/support/-/issues/237 == Reading group == We will discuss "" on Questions to ask and goals to have: What aspects of the paper are questionable? Are there immediate actions we can take based on this work? Are there long-term actions we can take based on this work? Is there future work that we want to call out, in hopes that others will pick it up? == Updates == Name: This week: - What you worked on this week. Next week: - What you are planning to work on next week. Help with: - Something you need help with. cecylia (cohosh): last updated 2021-07-15 Last week: - reviewed snowflake!47 - finished moat shim (bridgedb#32276) - bridgestrap reviews - bumped version of snowflake - updated snowflake proxy Docker image - attended some of PETS - deployed changes to snowflake.tp.o (snowflake-webext!18) - looked into snowflake performance tuning as a result of dcf's email - https://lists.torproject.org/pipermail/anti-censorship-team/2021-July/00018… - opened https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… - did some cleaning up of Snowflake repository READMEs (snowflake!49) This week: - followup review for rdsys!11 - more work on snowflake documentation (snowflake#40031) - check and maintain snowflake censorhsip measurements (snowflake#32657) - start work on a Conjure PT for Tor Needs help with: - review snowflake!48 (kcp + smux parameter tuning) - review of snowflake!49 arlolra: 2021-07-08 Last week: - More snowflake!39 Next week: - Maybe get back to snowflake-webext #10 Help with: - dcf: 2021-07-15 Last week: Next week: - AMP cache rendezvous for snowflake https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… - look at KCP/smux buffer size increase https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… Help with: agix:2021-07-15 Last week: -Off due to final exams Next week: -Work on bridgebox for rdsys -More research on httpt #4 Help with: - hanneloresx: 2021-3-4 Last week: - Submitted MR for bridgestrap issue #14 Next week: - Finish bridgestrap #14 - Find new issue to work on Help with: - maxb: 2021-07-15 Last week: - Opened https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… re: utls for broker negotiation - Worked on github.com/max-b/nat-testing for https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… - Added a snowflake-proxy-no-nat and a snowflake-client-no-nat to help with debugging - Successfully making connections from snowflake-client and snoflake-client-no-nat through the snowflake-proxy-no-nat, but not having any success with the snowflake-proxy (with nat). - Added a local dockerized STUN server Next week: - Use wireshark to figure out the difference between successful snowflake-proxy-no-nat and unsuccessful snowflake-proxy-nat - Work on implementing different NAT types, particularly in a way that's conducive to automatic testing - Add testing wrapper w/ "pass/fail" conditions meskio: 2021-07-15 Last week: - fix bridgestrap CollecTor bug so it properly reports if bridges are functional (bridgestrap!8) - short bridgestrap CollecTor metrics by the hashed fingerprint to don't reveal information (bridgestrap!9) - deploy bridgestrap with CollecTor metrics - report number of connected clients from snowflake webext to the broker (snowlfake-webext!19) - gettor rdsys integration (rdsys!11 rdsys#32) - document our server setup in TPA wiki Next week: - submit the "final" gettor rdsys integration (rdsys!11 rdsys#32) Help with: -

1 0

OONI Monthly Report: June 2021
by Maria Xynou 15 Jul '21

15 Jul '21

Hello, Throughout June 2021, the OONI team worked on the following sprints: * Sprint 40 - Manatee (1-6 June, 2021) * Sprint 41 - Trumpetfish (7-20 June, 2021) * Sprint 42 - Kujira (21-30 June, 2021) Our work can be tracked through the various OONI GitHub repositories: https://github.com/ooni Highlights are shared in this report below. *## Building a web platform for test list updates* We finalized the URL submission interface by implementing full UI and backend support for submitting URLs from a logged in account. This will allow community members who are not familiar with GitHub to contribute to the Citizen Lab test lists (through a web platform). Through the interface it is possible to propose the addition of new URLs, edit the category codes or notes of existing URLs, and to propose the deletion of existing URLs. When a set of changes is finalized, a pull request is opened on behalf of the user on GitHub and reviewers of the Citizen Lab test list repository (https://github.com/citizenlab/test-lists) are able to merge them while using the existing review workflow ( https://github.com/ooni/url-prioritization/, https://github.com/ooni/api/pull/252). *## Building a web platform for URL prioritization* We finalized the implementation of the URL prioritization frontend. This allows members of the OONI team to define priorities for the testing of certain URLs or category codes (from the Citizen Lab test lists) based on OONI’s policy for URL prioritization ( https://ooni.org/post/ooni-smart-url-list-system/). This work is documented here: https://github.com/ooni/url-prioritization/ *## Automatically confirming DNS-based censorship* We are now in a position to automatically confirm instances of DNS-based censorship (when blockpages are served)! In June 2021, we added backend support for confirming DNS-based anomalies ( https://github.com/ooni/backend/issues/517), and we added new blockpage fingerprints (both DNS and HTTP response body) to our database. This has allowed us to automatically detect and confirm the blocking of many more websites around the world. This work is tracked through the following issue: https://github.com/ooni/backend/issues/518 OONI Explorer now displays many cases of automatically confirmed DNS-based censorship from around the world. Examples include Malaysia ( https://explorer.ooni.org/search?until=2021-07-15&since=2021-06-15&probe_cc…), Thailand ( https://explorer.ooni.org/search?until=2021-07-15&since=2021-06-15&probe_cc…), Myanmar ( https://explorer.ooni.org/search?until=2021-07-15&since=2021-06-15&probe_cc…), and many other countries. *## Improvements to the OONI Measurement Aggregation Toolkit* We made progress on the development of the OONI Measurement Aggregation Toolkit (MAT). Specifically, we added support for filling in missing values inside of the charts so that multi-axis charts appear aligned properly and we added a custom tooltip component to display the breakdown of anomalies, confirmed and OK measurements in a given bar tick ( https://github.com/ooni/explorer/pull/600). *## OONI backend* We started reprocessing all OONI data using the fastpath. As part of this work we also slightly changed the way in which files are formatted in s3 based on community feedback and needs. This work is tracked through the relevant GitHub issue: https://github.com/ooni/backend/issues/357 We made several improvements to how CORS headers are being added to the OONI API responses. This work is needed in order to make the URL submission, prioritization and login UIs work properly with the backend. The relevant pull requests are the following: https://github.com/ooni/api/pull/253 and https://github.com/ooni/api/pull/255. We developed a new tool for creating rotating test helpers. This allows us to automate the process of spinning up new OONI Probe test helpers, adjusting the needed DNS configuration, setting up TLS certificates for them, and provisioning them with the required test helper code. This work has been done as part of the following pull request: https://github.com/ooni/pipeline/pull/357 We created a Debian package for the next generation Web Connectivity test helper to reduce the ratio of false positives in measurements: https://github.com/ooni/backend/issues/499 and https://github.com/ooni/probe-cli/pull/374 *## Progress on browser-based OONI Probe* We made progress in implementing the web-based OONI Probe. Specifically, we came up with a new technique for measuring URLs that does not rely on the favicon image loading trick, but rather relies on the new fetch API. By configuring the fetch API to query using the “no-cors” mode, we are able to use this as a signal to infer if a specific webpage is blocked or not ( https://github.com/ooni/probe-web/commit/50b83108866ab0b63cdf4bd3e0d05013c9…). *## Released OONI Probe iOS 3.0.0 with support for automated testing* We released OONI Probe iOS 3.0.0 with support for automated testing: https://github.com/ooni/probe-ios/releases/tag/v3.0.0 Similarly to the OONI Probe Android 3.0.0 release, the OONI Probe iOS 3.0.0 release enables users to have websites tested automatically every hour. This release also includes the new Experimental card (with OONI’s new STUN reachability test), as well as OONI backend proxy support. *## Improvements to OONI Probe Mobile* In response to community feedback, we added support for minimizing a running test. This allows users to continue using OONI Probe while a test is running (https://github.com/ooni/probe-android/pull/441). We also added a badge that indicates (in the running test screen) that a backend proxy is enabled when a test is running ( https://github.com/ooni/probe-android/pull/442). In collaboration with Bloco, we added more tests to the OONI Probe Android app. Specifically, we added tests for the data models: https://github.com/ooni/probe-android/pull/438 *## Released OONI Probe Desktop 3.5.0 with RTL support* We released OONI Probe Desktop 3.5.0 with RTL support: https://github.com/ooni/probe-desktop/releases/tag/v3.5.0 OONI Probe Desktop now supports a number of languages that use right-to-left (RTL) scripts, including Arabic and Farsi. We thank the Localization Lab community for the translations (which can be reviewed on Transifex: https://www.transifex.com/otf/ooniprobe/ ). We also released OONI Probe Desktop 3.5.1 with UX improvements and 100% translation support for Arabic and Farsi: https://github.com/ooni/probe-desktop/releases/tag/v3.5.1 *## Improvements to OONI Probe Desktop* We identified and fixed a critical bug in the auto-updater of OONI Probe Desktop which resulted in updates not being carried out properly in versions 3.5.0 and 3.5.1 (https://github.com/ooni/probe/issues/1699). The fix has been shipped in OONI Probe Desktop 3.5.2: https://github.com/ooni/probe-desktop/releases/tag/v3.5.2 We made improvements to how the header in the test lists is being displayed. Specifically, the sticky header is now using a different component which makes it appear less “jumpy” when scrolling through the view: https://github.com/ooni/probe/issues/1683 *## New onboarding screen for crash reporting* We added a new onboarding step to the OONI Probe mobile and desktop apps to enable users to opt-in to submitting crash reports to us. We hope that this will result in more users opting-in to submitting crash reports, enabling us to have more crash logs to improve the stability of the OONI Probe mobile and desktop apps. This work is documented through the following ticket: https://github.com/ooni/probe/issues/1455 *## Developing a new OONI Probe test for the Snowflake pluggable transport* We continued to make important progress towards developing and shipping a new OONI Probe test for the Snowflake pluggable transport. In June 2021, we added support for running the Snowflake pluggable transport inside of the OONI Probe engine. This work is documented through the following ticket: https://github.com/ooni/probe/issues/1565 *## Documentation on writing OONI Probe tests* To encourage community contributions of new network measurement experiments, we wrote a tutorial which explains how third party developers can write OONI Probe tests. This is tracked through the following issue: https://github.com/ooni/probe/issues/1689 As part of this documentation, we used the new OONI Probe test for the Tor Snowflake pluggable transport as an example. The code of the tutorial is real OONI Probe engine code, which means that it’s going to be tested and run as part of our continuous integration process. The entry point for the tutorial on writing OONI Probe tests can be found here: https://github.com/ooni/probe-cli/tree/master/internal/tutorial *## Test list updates* In June 2021, we contributed updates to the following Citizen Lab test lists: * Cambodia: https://github.com/citizenlab/test-lists/pull/777, https://github.com/citizenlab/test-lists/pull/782 (including URLs shared by community members) * Armenia: https://github.com/citizenlab/test-lists/pull/785 (including URLs shared by CyberHub Armenia) * Palestine and Israel: https://github.com/citizenlab/test-lists/pull/780 *## Research report on internet censorship in Azerbaijan* In collaboration with Azerbaijan Internet Watch, we worked on writing, editing, and finalizing our joint research report that examines internet censorship in Azerbaijan over the last year. Based on our analysis, we produced multiple charts (that communicate key findings), many of which were included in the final report. We coordinated with Azerbaijan Internet Watch on publishing the report in early July 2021. *## New partnership with the Centre for Internet and Society (CIS), India* We have been collaborating with India’s Centre for Internet and Society (CIS) for more than a year, having previously collaborated on a joint research publication investigating TLS blocking in India ( https://ooni.org/post/2020-tls-blocking-india/). In early June 2021, we formalized our collaboration by (signing an MoU and) establishing a partnership with the Centre for Internet and Society (CIS). We are now proud to list them on the OONI Partners page (and feature their work): https://ooni.org/partners/cis-india/ *## Planning the online OONI Partner Training events* In preparation for the online OONI Partner Training events, we worked on the following activities: * Analyzed the feedback shared through the pre-training survey ( https://forms.gle/YU4TW62LrLKmCC7N9); * Created (and shared) the final agenda of the 3-day OONI Partner Training (based on feedback shared through the pre-training survey); * Created (and shared) a Resources document ( https://ooni.org/documents/2021-ooni-partner-training-resources/ooni-resour…) that includes OONI-related resources, as well as other resources (on censorship circumvention, digital security, monitoring internet connectivity shutdowns, and other censorship measurement platforms) that participants expressed interest in (as part of the pre-training survey feedback); * Created a post-training survey (https://forms.gle/n62ktvcfD1u7DgPMA) to collect participant feedback after the training program and learn how we can improve future events; * Created an online form that participants can fill out to receive OONI certificates for their participation in the OONI Partner Training; * Created relevant slides, resources, and hands-on exercises for each of the 6 training sessions of the OONI Partner Training; * Practiced the tech demos that would be provided as part of the OONI Partner Training to ensure that case studies that are relevant to participants are covered; * Logistical coordination with 112 invited participants (including those from the July 2021 OONI Partner Training). *## Hosted a 3-day online OONI Partner Training* Between 28th-30th June 2021, we organized and hosted a 3-day online OONI Partner Training for our partners from 16 countries in Africa and Latin America (https://ooni.org/partners). We also invited some of our partners who work internationally with research and advocacy organizations, as well as circumvention tool projects (Access Now, Internews, Committee to Protect Journalists, Internet Society, Netalitica, Citizen Lab, Psiphon, Tor Project, and the Localization Lab). Overall, 41 participants from 26 digital rights organizations attended this 3-day OONI Partner Training. To ensure a safe, friendly, and pleasant experience for all during the training, we asked all participants to adhere to OONI’s Code of Conduct ( https://github.com/ooni/ooni.org/blob/master/CODE_OF_CONDUCT.md) and to follow the Chatham House Rule on Privacy ( https://www.chathamhouse.org/about-us/chatham-house-rule). The goal of the OONI Partner Training was to share knowledge and skills on OONI’s censorship measurement tools, dataset, and methodologies to enable their use as part of research and advocacy efforts. We also aimed to collect feedback on how to improve OONI tools to better serve community needs. The event was facilitated entirely online (over Zoom), and entailed two 1.5 hour sessions per day (over 3 days). We facilitated the following 6 sessions as part of the 3-day OONI Partner Training: 1) Information Controls Around the World 2) Introduction to Internet Censorship 3) Using the OONI Probe Apps 4) Using OONI Run to coordinate censorship testing 5) Using OONI Explorer to find censorship measurement data 6) Interpreting OONI data Further information about the training sessions is available through our relevant blog post: https://ooni.org/post/ooni-partner-training-2021/ At the end of the 3-day training, we shared a post-training survey ( https://forms.gle/n62ktvcfD1u7DgPMA) with all participants to collect their feedback on how to improve future OONI training events. To support ongoing learning, we shared a Resources document ( https://ooni.org/documents/2021-ooni-partner-training-resources/ooni-resour…) with participants that includes OONI-related resources, as well as other resources (on censorship circumvention, digital security, monitoring internet connectivity shutdowns, and other censorship measurement platforms) that participants expressed interest in. We also shared OONI training slides ( https://docs.google.com/presentation/d/1mpoB_ObjMH0EWQhyZRpKWnwl5PUHf-Sa5PK…) that they can use (and customize) to facilitate OONI workshops for their communities. We will be issuing OONI certificates for participation in the OONI Partner Training 2021. *## Google Summer of Code (GSoC) mentorship* This summer, we have the pleasure to serve as the host organization of 2 Google Summer of Code (GSoC) students: Kathrin Elmenhorst and Shivam Shekhar (https://twitter.com/OpenObservatory/status/1399761448826507264). Starting from June 2021, Kathrin is working with us on developing OONI Probe network experiments ( https://community.torproject.org/gsoc/ooni-probe-experiments/), while Shivam is working with us on developing integration and unit tests for the OONI Probe desktop app ( https://community.torproject.org/gsoc/ooni-probe-testing/). Throughout June 2021, we offered mentorship and reviewed the pull requests of GSoC students. *## Community use of OONI data### Report on media censorship in Venezuela* On 4th June 2021, our Venezuelan partner, VEsinFiltro ( https://ooni.org/partners/venezuela-inteligente/), published a research report documenting the blocking of media websites in Venezuela. Their report is available here: https://vesinfiltro.com/noticias/2021-06-04_censura_digital/ As part of their research, they made use of OONI data ( https://twitter.com/vesinfiltro/status/1400976570160984068), along with other measurement data. *## Community activities### RightsCon 2021* We attended RightsCon Online 2021, during which we had the opportunity to speak in the following sessions: 1) Community Lab session: “Who are the perpetrators of internet shutdowns? What we documented in 2020 and beyond” (organized by Access Now’s #KeepItOn campaign), 7th June 2021 2) Strategy session: “Measuring internet disruptions during elections (and other political events)” (organized by OONI and CAIDA), 7th June 2021 3) Tech demo: “Understanding internet censorship data through OONI Explorer” (organized by OONI), 10th June 2021 4) Panel: “Confronting threats from all sides: building the anti-censorship ecosystem” (organized by Internews), 10th June 2021 5) Community Lab session: “Prepare, prevent, resist: a guide for internet shutdown advocacy strategy and resilience” (organized by Internews), 11th June 2021 In collaboration with CAIDA, we facilitated a strategy session during which we introduced participants to OONI and IODA’s tools, datasets, and methodologies for investigating internet disruptions. We explained that internet disruptions around the world tend to emerge in correlation with political events, and we discussed strategies for monitoring potential censorship events. As part of this session, we also had an opportunity to collect community feedback for the improvement of our tools and methods. We created a 10-minute OONI Explorer demo, which was uploaded on RightsCon’s online platform. During RightsCon, we facilitated a live chat during which participants brought their questions related to using OONI Explorer. We were invited by Internews to speak on their panel to discuss recent censorship events in Myanmar, the challenges associated with measuring throttling, and how community members can measure and respond to censorship events worldwide. We also participated in Internews’ community lab session, during which we briefly presented the resource we created on network measurement tools for internet shutdown advocacy. *### Paradigm Initiative’s Ayeta Digital Rights Toolkit* Our Nigerian partner, Paradigm Initiative ( https://ooni.org/partners/paradigm-initiative/), published the Ayeta Digital Rights Toolkit, which aims to address the growing need to safeguard digital rights defenders, journalists, whistle blowers, and others working with sensitive information in the global South. The Ayeta Digital Rights Toolkit is available here: https://paradigmhq.org/programs/digital-rights/ayeta/ OONI is featured as a recommended tool under the “Measuring Internet Shutdowns and Censorship” section of the Ayeta Digital Rights Toolkit: https://paradigmhq.org/wp-content/uploads/2021/04/Ayeta%20Toolkit%20-%20Eng… *### OONI outreach in Mali* In mid-June 2021, a community member (Emmanuel Vitus) led conversations on digital rights and digital security in Mali. As part of these presentations, Emmanuel introduced civil society members in Mali to OONI ( https://twitter.com/emmavitus/status/1408410588770979842), as well as to Paradigm Initiative’s Ayeta Digital Rights Toolkit and other measurement tools. *### Blocking of Twitter in Nigeria* Starting from 4th June 2021, OONI data started to show the blocking of twitter.com in Nigeria (and the block is ongoing): https://explorer.ooni.org/search?until=2021-07-15&since=2021-06-15&domain=t… In particular, OONI data shows that twitter.com is blocked on multiple AS networks in Nigeria by means of IP blocking, while some ISPs appear to be using some form of Deep Packet Inspection (DPI) on HTTPS connections ( https://twitter.com/OpenObservatory/status/1402674098644389891). We analyzed relevant OONI measurements from Nigeria and shared our analysis with our local partners. We also produced a chart that provides a per-ASN breakdown of the blocking of twitter.com in Nigeria, which we shared with Internet Society to include in their Pulse project ( https://pulse.internetsociety.org/shutdowns). *### Spanish OONI Probe CLI guide* A community member (Jacobo Nájera) wrote and published a guide in Spanish which explains how you can install and use the OONI Probe Command Line Interface (CLI): https://www.jacobo.org/sondas-ooni-desde-la-linea-de-comandos/ *### OONI Community Meeting* On 22nd June 2021, we hosted the monthly OONI Community Meeting on our Slack channel (https://slack.ooni.org/), during which we discussed the following topics: 1. Upcoming legacy probe deprecation in light of the discontinuation of v2 onion services by October 2021: Need for more community outreach and awareness raising. 2. Are there laws against performing network measurements in China? Discussion of potential risks associated with network measurement. *## Userbase* In June 2021, 11,459,826 OONI Probe measurements were collected from 5,060 AS networks in 200 countries around the world. This information can also be found through our measurement stats on OONI Explorer (see chart on “monthly coverage worldwide”): https://explorer.ooni.org/ ~ OONI team.

1 0

OONI Monthly Report: May 2021
by Maria Xynou 15 Jul '21

15 Jul '21

Hello, Hope you're all doing well. These days we're primarily supported by the DRL, which is why we do quarterly reporting. That said, we'd like to share monthly updates from the OONI team with the community, hence our May 2021 report shared below. I'll also follow-up to share our June 2021 report. *# OONI Monthly Report: May 2021* Throughout May 2021, the OONI team worked on the following sprints: * Sprint 38 - Umbrella octopus (1-9 May, 2021) * Sprint 39 - Vaquita (10-23 May, 2021) * Sprint 40 - Manatee (24-31 May, 2021) Our work can be tracked through the various OONI GitHub repositories: https://github.com/ooni Highlights are shared in this report below. *## Released OONI Probe Android 3.0.0 with automated testing, backend proxy support, and new experimental card* We released OONI Probe Android 3.0.0 which is a major release because it includes 3 exciting new features: 1) Automated regular testing: By enabling automated testing in the settings, OONI Probe Android will test websites automatically every hour! 2) New Experimental card: Users can now run our new STUN reachability test. 3) Backend proxy support: Users can enable Psiphon or use a custom proxy through the new OONI backend proxy settings. Further information is provided below. *### Automated testing* Following the beta release in April 2021 ( https://github.com/ooni/probe/issues/1451), we made a public release of OONI Probe Android 3.0.0 with support for automated testing: https://github.com/ooni/probe-android/releases/tag/v3.0.0 Instead of having to remember to manually run OONI Probe, users can now have OONI Probe test websites automatically every hour! All they have to do is enable the "Run tests automatically" option in the new "Automated testing" setting of the OONI Probe Android app. Through these settings, users can choose whether they would prefer to have OONI Probe only run tests while they’re connected to WiFi and their phone is charging (to avoid consuming their data and battery). By enabling "automated testing", the OONI Probe Android app will test websites automatically (in the background) every hour, without requiring users to do anything. We started off with only automated website testing, but we plan to add support for automatically running other tests as well in future releases (similarly to automated testing on OONI Probe Desktop: https://ooni.org/support/ooni-probe-desktop#automated-ooni-probe-testing). To avoid over-cluttering the "Test Results" section of the app with too many test results (from automated runs), they are only made available on the OONI API (https://api.ooni.io/) and OONI Explorer ( https://explorer.ooni.org/), where they are openly published in near real-time. We strongly recommend enabling automated testing, as this will help ensure regular testing (which is crucial for detecting censorship events). *### New Experimental card* As censorship becomes more sophisticated, we need to ship new censorship detection tests faster. To this end, we added a new Experimental card in the OONI Probe Android app, where we plan to release our latest experiments. This card is meant to provide us agility in adding and removing new experiments on an ongoing basis (particularly in response to emergent censorship events). With OONI Probe Android 3.0.0, users can run our new STUN reachability test: https://github.com/ooni/spec/blob/master/nettests/ts-025-stun-reachability.… Our work on adding support for running experimental tests is documented through the following pull request and tickets: https://github.com/ooni/probe-android/pull/429, https://github.com/ooni/probe/issues/1388, https://github.com/ooni/probe/issues/1185, https://github.com/ooni/probe/issues/1473. *### Backend proxy support* In some places, such as Iran, communication to the OONI backend services is being interfered with. We have therefore added support for configuring a circumvention proxy for speaking to OONI backend services. OONI Probe Android 3.0.0 includes new backend proxy settings where users can: * Enable Psiphon (https://psiphon.ca/) * Use a custom proxy This will help with circumventing any accidental or deliberate OONI Probe blocking. Our work on this is documented through the following tickets: https://github.com/ooni/probe/issues/1469, https://github.com/ooni/probe/issues/1470, https://github.com/ooni/probe/issues/1477. *## Published a blog post on making OONI Probe Android more resilient* We published a blog post where we describe what we did to make OONI Probe Android more resilient to deliberate or accidental blocking: https://ooni.org/post/making-ooni-probe-android-more-resilient/ As part of this blog post, we explain why we decided to add backend proxy support to OONI Probe, how and why we changed our Android TLS fingerprint, and we document future improvements. *## Improvements to the code quality of OONI Probe Android* In collaboration with Bloco, we improved the way in which the OONI Probe Android app is being tested by adding UI and domain tests, as documented through the following pull requests: https://github.com/ooni/probe-android/pull/431 and https://github.com/ooni/probe-android/pull/437. We also refactored the app to make use of the dependency injection pattern: https://github.com/ooni/probe-android/pull/430 *## Added RTL support to OONI Probe Desktop* We continued to work on adding support for Right-To-Left (RTL) languages (such as Arabic and Farsi) in OONI Probe Desktop. This allows us to integrate translations (provided by the Localization Lab community) in the OONI Probe desktop app. This work is documented through the following ticket: https://github.com/ooni/probe/issues/1087 *## Prototype of browser-based OONI Probe* Community members have been requesting a browser-based version of OONI Probe that they can run. To this end, we started fleshing out a browser-based OONI Probe which allows for testing the accessibility of websites by loading the favicon of the target websites. This work is documented through the following ticket: https://github.com/ooni/ooni.org/issues/854 *## OONI Probe for Raspberry Pis* We added support for creating builds for armv7 and started publishing them on our Debian repository. This allows Raspberry Pi users to install OONI Probe CLI on their Raspberry pi devices. This is documented through the following ticket: https://github.com/ooni/probe/issues/807 *## OONI Probe Command Line Interface (CLI)* We added support to OONI Probe CLI for exposing the is_uploaded status inside of the result listing. This will allow us to expose an icon at the resulting listing level indicating that a measurement has not been uploaded and eventually support re-uploading them. This is documented through the following ticket: https://github.com/ooni/probe/issues/1457 *## Developing a new OONI Probe test for the Snowflake pluggable transport* We made progress on developing a new OONI Probe test for measuring the Snowflake pluggable transport. Specifically, we researched the feasibility of developing such a test and we started fleshing it out in probe-cli, as documented through the following tickets: https://github.com/ooni/probe-engine/issues/283 and https://github.com/ooni/probe/issues/1565. *## Building a web platform for test list updates and URL prioritization* We made progress on building a web platform that will serve two purposes: * Enabling community contributions to the Citizen Lab test lists (without a GitHub account); * Enabling the OONI team to make adjustments to URL priorities for testing. To avoid unsolicited traffic/activity, we will be issuing OONI accounts to community members so that they can login to this web platform. Once logged in, community members will be able to review the Citizen Lab test lists, add new URLs, propose the deletion or edit of existing URLs, and propose different category codes. All of this will be done through a web platform, without requiring community members to use GitHub. Once they have submitted their contributions through this web platform, pull requests will automatically be opened on the Citizen Lab test list GitHub repository (to ensure that test list contributions continue to go through the usual community review process on GitHub). The same web platform will also be used by the OONI team to adjust the testing prioritization of URLs, based on our URL prioritization policy: https://ooni.org/post/ooni-smart-url-list-system/ In May 2021, we made progress on building the URL priority management interface, the login interface, and the URL submission interface. The URL prioritization management interface is an internal tool which allows members of the OONI team to adjust the priority of URLs or of Citizen Lab category codes for testing (https://github.com/ooni/url-prioritization). Specifically, we added support to the backend and the frontend of the platform that will enable users to login. This login workflow functions by sending a one-time login token to the registered user’s email address. Once the token is presented to the backend, a cookie is registered in the user’s browser, allowing them to login to the URL submission and prioritization backend. Our work on this is documented through the following ticket: https://github.com/ooni/backend/issues/491 *## OONI Measurement Aggregation Toolkit* We made progress on OONI’s new Measurement Aggregation Toolkit ( https://explorer.ooni.org/experimental/mat) which allows us to display measurements in aggregate over any arbitrary axis (for example, measurements over time). In particular, we started adding support for creating multi-dimensional charts which allows us to display all measurements for all inputs over time. Since the charts are very large, we needed to measure the performance of various approaches to plotting them and came up with a solution that allows us to achieve acceptable performance. This performance boost was achieved through the use of a technique called windowing, where only the visible area of the chart is rendered in the browser at a given time. This work is documented through the following pull request: https://github.com/ooni/explorer/pull/579 *## OONI Explorer* We added support to OONI Explorer for displaying the reason for the anomaly (DNS, TCP/IP, HTTP-failure, HTTP-diff) in the search listing. This allows users to quickly look at the different types of anomalies that occur over time for a given search query (enabling the confirmation of censorship events and ruling out false positives). This work is tracked through the following GitHub issue: https://github.com/ooni/explorer/issues/438. We also added support for filtering the WhatsApp IM test results by anomaly (https://github.com/ooni/explorer/pull/589), and we added support for running end-to-end tests of legacy YAML measurements inside of the continuous integration of OONI Explorer ( https://github.com/ooni/explorer/pull/594). *## OONI backend* We added backend support for the scoring (i.e. marking them as anomalies or OK) of Signal experiment measurements: https://github.com/ooni/backend/issues/500 Due to the discontinuation of the Bintray service, we migrated all our internal Debian repositories away from the service and switched to using AWS S3 instead. This is documented through the following tickets: https://github.com/ooni/probe/issues/1440 and https://github.com/ooni/backend/issues/504. *## Academic research paper on internet censorship in Myanmar* In collaboration with CAIDA, Censored Planet, and other researchers, we worked on an academic research paper which investigates internet censorship in Myanmar following the February 2021 military coup. As part of this paper, we analyzed relevant OONI measurements from Myanmar and documented the blocking of websites across AS networks in the country since the coup. In collaboration with Censored Planet, we discovered several cases of collateral damage (as a result of IP blocks), which we document in the paper. Researchers from CAIDA also document the nightly internet outages in Myanmar following the coup, providing detailed analysis and new findings. We completed the writing of this paper by mid-May and submitted it to the FOCI academic journal ( http://conferences.sigcomm.org/sigcomm/2021/workshop-foci.html), where it has been approved for publication. *## Research report on internet censorship in Azerbaijan* In collaboration with Azerbaijan Internet Watch, we worked on writing a joint research report that examines internet censorship in Azerbaijan over the last year. The first step though was to analyze OONI measurements collected from Azerbaijan, and so we performed relevant year-long OONI data analysis (https://github.com/ooni/ooni.org/issues/851 ). Based on this data analysis, we produced multiple charts (communicating key findings) and we wrote the technical findings. *## Improving OONI Run based on community feedback* Last year, we carried out an extensive OONI Run usability study (involving both a survey and interviews with community members) to collect community feedback on how to improve the OONI Run platform (https://run.ooni.io/). Based on this study, we published a detailed report which includes all of the feedback and findings from this study ( https://ooni.org/post/2020-06-09-ooni-run-usability-study-findings/). In May 2021, we had several dedicated team meetings during which we went through all of the community feedback, opened relevant GitHub tickets, and documented the next steps (and a relevant roadmap) for improving the OONI Run platform based on community feedback. This has been quite a lengthy process because we have had to evaluate several interdependencies (with other platforms we’re currently building), as well as the feasibility of implementing many of the community feature requests. This is an ongoing process. *## Community outreach related to the discontinuation of legacy-probe* Throughout May 2021, we continued relevant community outreach efforts in relation to the upcoming discontinuation of the legacy version of ooniprobe, which relies on v2 onion services (which are being discontinued by October 2021). As legacy ooniprobe still accounts for a relatively large percentage of global OONI measurements, we have been trying to reach these users to encourage them to switch over to the OONI Probe Command Line Interface (https://ooni.org/install/cli). To this end, we have been sharing relevant information (including how to switch to OONI Probe CLI) with multiple community mailing lists and on our social media channels. We have also been reaching out to our partners and other community members, in an effort to reach legacy probe users. *## Test list updates* In May 2021, we contributed the following updates to the Citizen Lab test lists: * Israel: https://github.com/citizenlab/test-lists/pull/770 (we added Palestinian news media and human rights websites to check if they’re blocked in Israel) * Colombia: https://github.com/citizenlab/test-lists/pull/775 (we added a site which OONI data indicated was blocked, but which was not already included in the test list) *## Collaboration with Netalitica on test list updates* Netalitica researchers continued to do excellent work in reviewing and updating more Citizen Lab test lists. In May 2021, we opened a pull request based on Netalitica updates to the Malaysian test list (https://github.com/citizenlab/test-lists/pull/772) and we reviewed their updates to the Indian test list, based on which we shared feedback for further possible improvements. We also provided relevant data analysis support to Netalitica ( https://github.com/ooni/ooni.org/issues/887), sharing statistical information on how many new censorship cases were discovered following their updates to the Citizen Lab test lists. *## Created resources for OPTIMA 2.0 training program* We previously (in late 2020) supported Internews’ OPTIMA Network Measurement Training program for advocates by creating relevant OONI resources and facilitating OONI training sessions. Information about this training program is available here: https://internews.org/resource/optima-network-measurement-training/ In support of Internews’ OPTIMA 2.0 program (the continuation of the training program), we created (in May 2021) a new video recording and a relevant OONI quiz for training participants. We also created a resource on network measurement tools for internet shutdown advocacy. *## Organizing the 2 online OONI Partner Training events* In preparation for the 2 online OONI Partner Training events, we continued to do relevant organizational work. In May 2021, we sent out personal invitations to more than 100 prospect participants and we prepared a draft outline of the training sessions. To ensure that participant needs are met during the training events, we created (and shared) a pre-training survey ( https://forms.gle/YU4TW62LrLKmCC7N9) to collect participant feedback. The feedback shared through this survey helped inform the creation of the final training agenda. *## Updated the OONI Partners page* On our website, we feature all of our partners and their important work through our Partners page: https://ooni.org/partners In May 2021, we updated this page to add 2 more of our partners (with whom we’ve been collaborating closely over the last few years): * IODA: https://ooni.org/partners/ioda/ * OutRight Action International: https://ooni.org/partners/outright-action-international/ *## OONI Team Meeting Day: Strategic Planning* On 5th May 2021, we had an (online) OONI Team Meeting Day focused on strategic planning. As part of this day-long meeting, our team had the following 4 sessions: * Session 1: Time for Reflection * Session 2: Communications Strategies * Session 3: What do you want OONI to be? * Session 4: Strategic fundraising As part of these sessions (particularly sessions 2 and 4), we had the opportunity to share knowledge and skills (with the whole OONI team) gained through the Ford Foundation Communications and Financial Resilience training programs we had participated in over the last months. These sessions offered our team an opportunity to take a step back and brainstorm on big-picture strategic decisions and goals moving forward. Over the years, we generally have such team meetings on an annual or bi-annual basis. In preparation for this OONI Team Meeting Day, we prepared relevant slides, resources, and hands-on exercises to ensure that the discussions are as interactive and useful as possible. As an outcome, all of our team members gained new skills and knowledge in relation to communications and fundraising strategies, and based on our brainstorming discussions and exercises, we refined our upcoming milestones. *## Ford Foundation Financial Innovation & Resilience Training* As part of our participation in the Ford Foundation’s Financial Innovation and Resilience training program, we attended a relevant workshop on 12th May 2021, and a relevant webinar on 27th May 2021. We were offered this great opportunity because we are a grantee of the Ford Foundation, who support OONI’s community-related work. The knowledge and skills gained through this training program have helped us rethink and improve OONI’s fundraising strategies. *## Community use of OONI data### 2020 Annual Report on Digital Rights in Venezuela* On 16th May 2021, our Venezuelan partners, IPYS Venezuela ( https://ooni.org/partners/ipys-venezuela/), published their 2020 Annual Report on Digital Rights in Venezuela. As part of this report, they made use of OONI data ( https://twitter.com/VEinteligente/status/1412532307248877570). Their report is available here: https://ipysvenezuela.org/2021/05/16/32196/ *### Report on the blocking of websites in Egypt* On 24th May 2021, our Egyptian partners, Masaar - Technology and Law Community (https://ooni.org/partners/masaar/), published a research report documenting the techniques and laws around the blocking of websites in Egypt. As part of this report, they made use of OONI data. Their report is available here: https://masaar.net/en/blocking-websites-in-egypt-techniques-and-laws/ *## Community activities### Stockholm Internet Forum 2021* On 12th May 2021, OONI’s Maria participated as a speaker on a panel discussion (“#KeepItOn: Governments weaponizing Internet shutdowns”) at the Stockholm Internet Forum 2021 (https://stockholminternetforum.se/). As part of her participation on the panel, Maria presented OONI’s work and discussed how OONI has supported the advocacy efforts of the #KeepItOn campaign (https://www.accessnow.org/keepiton/) in fighting internet shutdowns around the world. *### OONI workshops at TechUp event* On 15th May 2021, OONI’s Maria facilitated 2 online OONI workshops for civil society communities in India and in the Philippines during the TechUp event, organized by the IO Foundation ( https://www.theiofoundation.org/techup/). As part of these 2 workshops, Maria presented OONI’s tools, methodologies, and dataset, and provided live demos explaining how participants can use OONI Explorer (https://explorer.ooni.org/) to track censorship events worldwide in real-time. As part of outreach efforts, we created an OONI e-booth on TechUp’s Airmeet platform. This provided OONI resources and information for civil society communities in Asia. *### Localization Lab Summit 2021* On 21st and 28th May 2021, we attended the Localization Lab Summit 2021 ( https://www.localizationlab.org/localization-summit-2021-sessions), during which we had the opportunity to meet with the Localization Lab community, learn about emerging digital rights threats around the world, and unmet community needs. We also had the opportunity to connect with funders and the developers of other internet freedom tools, and to learn more about localization needs and challenges. Given that the translation and overall localization of the OONI Probe apps is supported by the Localization Lab community, this was a very important opportunity for us to learn more about community needs and challenges, which helps inform the development and improvement of our tools. *### OONI training facilitated by Cameroonian partners* In May 2021, our Cameroonian partner, COMPSUDEV ( https://ooni.org/partners/compsudev/), collaborated with AfroLeadership ( https://afroleadership.org/) on organizing and facilitating a 2-day training event (“Building Evidence for Internet Rights Advocacy”) for civil society groups in Cameroon. As part of this training event, they facilitated OONI workshops with the goal of introducing participants to OONI’s tools, methodologies, and dataset. More specifically, they walked through the OONI Probe apps (explaining how participants can use them to measure internet censorship), demoed OONI Explorer (explaining how they can find and use OONI data as part of advocacy), and collected participant feedback. We are very grateful for these community-initiated OONI workshops! *### OONI feedback collected from civil society in Tanzania* In May 2021, Tanzania’s Zaina Foundation carried out a Feedback Collection project for several open source tools, including OONI. As part of this, they asked community members in Tanzania to share their feedback on OONI Probe and OONI Explorer. Following this project, Zaina Foundation shared with us the feedback they collected from human rights defenders in Tanzania for the improvement of OONI Probe and OONI Explorer. *### OONI guide by Fundación Karisma* Starting on 26th May 2021, OONI measurements collected from Colombia started to show: * Blocking of ghostbin.co: https://explorer.ooni.org/search?until=2021-06-02&since=2021-05-03&domain=g… * Blocking of archive.org: https://explorer.ooni.org/search?until=2021-06-02&since=2021-05-03&domain=a… To encourage further testing, our Colombian partner, Fundación Karisma ( https://ooni.org/partners/karisma-foundation/), wrote and published a short OONI guide (in Spanish): https://web.karisma.org.co/micro-guia-para-el-uso-de-ooni/. They also promoted their OONI guide (and OONI Probe testing) on their social media channels: https://twitter.com/Karisma/status/1398372339918721030 *### OONI Community Meeting* On 25th May 2021, we hosted the monthly OONI Community Meeting on our Slack channel (https://slack.ooni.org/), during which we discussed the following topics: 1. Updates regarding the new web platform for suggesting updates/edits to the Citizen Lab test lists. How shall we deal with dead URLs that still remain blocked in a given country? 2. Pluggable transport implementation in any networking system, and the current state of obfs4 support in OONI Probe. *## Userbase* In May 2021, 10,261,241 OONI Probe measurements were collected from 5,132 AS networks in 191 countries around the world. This information can also be found through our measurement stats on OONI Explorer (see chart on “monthly coverage worldwide”): https://explorer.ooni.org/ ~ OONI team.

1 0

Jump to page:

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

tor-project