- tor-project - lists.torproject.org

DEMO day is happening on March 23rd at 1600 UTC
by Gaba 23 Mar '22

23 Mar '22

Hi! The DEMO day for this month will happen on March 23rd at 1600 UTC. I will send the link for the BBB room a few hours before the event. What is a Demo Day? ------------------- An hour long session at Tir Project's all hands meeting where different people present 5 minutes ideas, tools, hacking or anything that they think it may be interesting for the Tor community. Presenters will have 5 to 8 minutes and people can ask questions via text in the pad for 3 minutes. For this month we will have: - Guardian Project: with Orbot for iOS https://orbot.app - Anarcat: Undertime - Dealing with the nightmare of timezone and time changes on the commandline in Python. - Shelikhoo: V2Ray - V2Ray is one of the external proxies one can use to connect to Tor network. It can help user bypass some of the most restrictive censorship here on this planet. Combined with Tor it help user to browse Internet freely, speedy and anonymously. Here is short demo of V2Ray and how to use it to connect to Tor. - Hiro: Metrics Dashboard. - Rhatto: Onionprobe - Jim: Using Shadow @ Tor - To test and tune tor's new congestion control algorithm, we've been using the [shadow] simulator to evaluate the performance of proposed changes. I'll begin by showing how to set up and run a tiny simulation with a web server and a client, and then show how we incrementally build up from there to push-button realistic Tor simulations run in Gitlab CI. [shadow]: https://shadow.github.io/ - PieroV: New censorship circumvention in about:connect in the Tor Browser. - Richard: update about Blueprint work on Gosling and show off some very hello world functionality. -- pronouns she/her/they GPG Fingerprint EE3F DF5C AD91 643C 21BE 8370 180D B06C 59CA BD19

1 1

Network Team - Upcoming tor.git 0.4.7.5-alpha release - March 2022
by David Goulet 23 Mar '22

23 Mar '22

Greetings, Network team will be releasing on Friday (March 25th, 2022) a new alpha (0.4.7.5-alpha) and likely the last one of the 0.4.7.x series. We've reached a point where we are very happy with the state of congestion control with regards to code stability and protocol parameters. https://gitlab.torproject.org/tpo/core/torspec/-/blob/main/proposals/324-rt… If all goes well, we expect to go onto the release candidate in few weeks and then finally onto a stable around end of April (famous last words)! Upcoming versions: - 0.4.7.5-alpha @network-team: It is _now_ a good time to start reviewing changes/ files: https://gitlab.torproject.org/tpo/core/tor/-/tree/main/changes Last, we've asked the dirauth to recommend these versions few minutes ago. Cheers! David -- bO2GGRweZied5CndmqgrdYdQYdSDW6hcScOCr/c8Xig=

1 0

UX team monthly meeting notes - March 22nd
by nah＠riseup.net 22 Mar '22

22 Mar '22

Hello everyone, Thanks to everyone who made it to today's UX Team meeting! We’re looking forward to seeing you all again next week. Here are the minutes: http://meetbot.debian.net/tor-meeting/2022/tor-meeting.2022-03-22-16.59.log… Also, find below the minutes for all meetings in the previous weeks. == User Experience Team Meeting == UX Team meetings happen every Tuesday at 1700 UTC in #tor-meeting on OFTC. Here are the logs from our meeting on March 1st: http://meetbot.debian.net/tor-meeting/2022/tor-meeting.2022-03-01-16.59.log… Here are the logs from our meeting on March 8th: http://meetbot.debian.net/tor-meeting/2022/tor-meeting.2022-03-08-16.59.log… Here are the logs from our last meeting on March 15th: https://meetbot.debian.net/tor-meeting/2022/tor-meeting.2022-03-15-16.59.lo… == Useful links == About the UX Team: https://gitlab.torproject.org/tpo/ux/team UX repository: https://gitlab.torproject.org/tpo/ux UX roadmap: https://www.figma.com/file/n4ETd0cUkcfj3KyclJQnt3/UX-Team-Planning?node-id=… UX kanban: https://gitlab.torproject.org/groups/tpo/-/boards?scope=all&utf8=%E2%9C%93&… Team kanban: https://gitlab.torproject.org/groups/tpo/-/boards?scope=all&label_name[]=UX… --------------------------- Tuesday March 22nd 17:00 UTC --------------------------- == What projects are we working on? == S9 - Usability and Community Intervention on Support for Democracy and Human Rights https://gitlab.torproject.org/groups/tpo/-/issues?scope=all&utf8=%E2%9C%93&… S30 - Empowering Communities in the Global South to Bypass Censorship https://gitlab.torproject.org/groups/tpo/-/issues?scope=all&utf8=%E2%9C%93&… S96 – Rapid Expansion of Access to the Uncensored Internet through Tor in China, Hong Kong, & Tibet https://gitlab.torproject.org/groups/tpo/-/milestones/24 S101 - Tor VPN Client for Android https://gitlab.torproject.org/groups/tpo/-/milestones/32 S123 - Tor Secure Access Package for USAGM https://gitlab.torproject.org/groups/tpo/-/milestones/34 == Announcements == Tor Browser 11.0.9 for desktop: https://blog.torproject.org/new-release-tor-browser-1109/ == Agenda == Evergreen items: 1. Announcements 📣 2. Weekly planning 📅 3. Check-in with user support 💬 Discussion items for this week only: 4. <add your item here!> == Weekly planning == Note: Please highlight anything you'd like to discuss below in **bold** Duncan/donuts Last week (actual): - AFK on Monday - Supported dev work on about:rulesets (HTTPS-E deprecation) in tor-browser#40458 - Continued testing the most recent about:preferences#connection build in tor-browser#40774 - Started iterating on the design of about:preferences#connection in tor-browser#40782 This week (planned): - Finish next iteration of about:preferences#connection in tor-browser#40782 - Start and finish design QA of current torconenct build in tor-browser#40773 - Send a reminder about the tor-qa survey; potentially close it soon Near future (backlog): - Start work on additional designs for S96 (torconnect) - Would like to take a look at the telegram bot's UX for S125, time-permitting - S101 continuation Nah Last week (actual): - started s30 trainings and collected feedback - coordinating activities with s30 partners - scheduled s9 interviews: for this week and next week - recruiting users for s101 interviews - created a survey for s30 feedback collection This week (planned): - s30 trainings and feedback on tuesday, thursday and saturday - start scheduling usability testing/interview for s30 - card sorting (features survey) planning for s101 - interviews planning for 101 - s9 interview on thursday - schedule more s9 interviews - meet with user research volunteer on thursday - reading list: Measuring accessibility of popular websites while using Tor https://repository.tudelft.nl/islandora/object/uuid%3Ae9ead224-e7eb-46df-b9… Nicob Last week (actual): - Developed and finished assets for mystery swag bag campaign https://gitlab.torproject.org/tpo/operations/communications/-/issues/48#not… - Developed ruleset concepts and sketches (this part of the project has since been paused so work won’t continue at this time) - Worked on bridge illustrations, waiting for review https://gitlab.torproject.org/tpo/anti-censorship/bridgedb/-/issues/34322#n… - Sent out nah's limesurvey for sticker poll - Worked on creative applications for comms 22 art direction - Started moodboarding process for Annual Report art direction This week (planned): - Start hi-fi design for USAGM landing page https://gitlab.torproject.org/tpo/onion-support/-/issues/29#note_2789281 - Continue moodboarding for Annual Report - Continue creative applications for comms 22 art direction Imauri - Can assist in research scoping, planning, execution. Last week: - Would like to assist in tactical research efforts for any of the following projects: - O2.0 - Telegram Bridge Bot - community.torproject.org usability aduit - torproject.org usability audit This week: Meeting with Nah & Duncan this Thrusday (3/24) to assign and prioritize research Joydeep ref. Check-in with User Support - contd. user reports of https://gitlab.torproject.org/tpo/applications/fenix/-/issues/40212 - summary of the bug: https://gitlab.torproject.org/tpo/applications/fenix/-/issues/40212#note_27… (tl;dr blocked until TBA 11.0.10 release) updates for users: https://forum.torproject.net/t/new-release-tor-browser-11-0-8-android/2527/3 == Open Call for User Research == Find out how to contribute to the UX team: https://community.torproject.org/user-research/how-to-volunteer/ Thanks everyone! -- Nah User Researcher

1 0

Anti-censorship team meeting notes, 2022-03-17
by meskio 17 Mar '22

17 Mar '22

Hey everyone! Here are our meeting logs: http://meetbot.debian.net/tor-meeting/2022/tor-meeting.2022-03-17-15.59.html And our meeting pad: Anti-censorship work meeting pad -------------------------------- Next meeting: Thursday March 24th 16:00 UTC Weekly meetings, every Thursday at 16:00 UTC, in #tor-meeting at OFTC (channel is logged while meetings are in progress) == Goal of this meeting == Weekly checkin about the status of anti-censorship work at Tor. Coordinate collaboration between people/teams on anti-censorship at Tor. == Links to Useful documents == * Our anti-censorship roadmap: * Roadmap: https://gitlab.torproject.org/groups/tpo/anti-censorship/-/boards * The anti-censorship team's wiki page: * https://gitlab.torproject.org/tpo/anti-censorship/team/-/wikis/home * Past meeting notes can be found at: * https://lists.torproject.org/pipermail/tor-project/ * Tickets that need reviews: from sponsors we are working on: * All needs review tickets: https://gitlab.torproject.org/groups/tpo/anti-censorship/-/merge_requests?s… * Sponsor 30 * https://gitlab.torproject.org/groups/tpo/-/milestones/4 * https://gitlab.torproject.org/groups/tpo/-/milestones/7 * https://gitlab.torproject.org/groups/tpo/-/milestones/5 * https://gitlab.torproject.org/groups/tpo/-/milestones/6 * Sponsor 28 * must-do tickets: https://gitlab.torproject.org/groups/tpo/-/milestones/10 * possible tickets: https://gitlab.torproject.org/groups/tpo/-/issues?scope=all&utf8=%E2%9C%93&… == Announcements == * We have a new developer in the Anti Censorship team: Itchy Onion == Discussion == * dnstt bridges * the guardian project is working on dnstt for iOS/android * https://github.com/tladesignz/IPtProxy/commit/e2ce9d113c412f9baa436f641a61d… * can we add support for dnstt into rdsys/bridgedb and the rest of tor infra? * anadahz will create an issue to work on it * setup instructions: https://pad.riseup.net/p/WraKJFLJ54lxKLeSeYKF == Actions == == Interesting links == * https://www.dw.com/en/how-to-circumvent-state-internet-censorship-in-russia… == Reading group == * We will discuss "..." on * Questions to ask and goals to have: * What aspects of the paper are questionable? * Are there immediate actions we can take based on this work? * Are there long-term actions we can take based on this work? * Is there future work that we want to call out, in hopes that others will pick it up? == Updates == Name: This week: - What you worked on this week. Next week: - What you are planning to work on next week. Help with: - Something you need help with. anadahz: 2022-01-27 Last week: - Increase timeout check cycles for default-bridge-felix-1 and default-bridge-felix-2 as they have been generating too many alerts: https://gitlab.torproject.org/tpo/anti-censorship/monit-configuration/-/mer… cecylia (cohosh): last updated 2022-03-17 (here but distracted) Last week: - worked on setting up a dev environment for conjure - https://github.com/refraction-networking/conjure/wiki/Environment-Setup - some reviews This week: - continued work on conjure PT - continue to monitor snowflake broker stats Needs help with: dcf: 2022-03-17 (will miss 2022-03-17 meeting) Last week: - restarted snowflake broker and bridge for Dirty Pipe vulnerability https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… - moved snowflake bridge to an interim faster server https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… - wrote OTF rapid response grant for snowflake bridge funding - helped coordinate a more permanent faster server for the snowflake bridge - wrote a summary of last week's discussion about multi-bridge snowflake https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… - snowflake CDN bookkeeping https://gitlab.torproject.org/tpo/anti-censorship/team/-/wikis/Snowflake-co… - reviewed merge request for forwarding bridge fingerprint to the broker https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… - made a patch for debugging standalone proxy that stops working https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… - opened an issue to have pt.Log scrubbed in snowflake-client https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… Next week: Help with: agix: 2021-02-10 Last week: - Continued work on gettor-twitter Next week: - Hopefully finish the task Help with: - arlolra: 2022-03-10 Last week: - Pass bridge fingerprint in SOCKS param to the broker https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… Next week: - Revise !81 - Start on the next piece of the multiple bridge design Evergreen: - Figure out where in pion/webrtc ALPN should be configured and used - Maybe add Chacha20Poly1305 to pion/dtls https://github.com/pion/dtls#planned-features https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… Help with: - maxb: 2021-09-23 Last week: - Worked on https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… re: utls for broker negotiation - Had conversation with someone about upstream utls http round tripper https://github.com/refraction-networking/utls/pull/74 - Too busy with work :/ Next week: - _Really_ want to get a PR for utls round tripper meskio: 2022-03-17 Last week: - add some untilisting mechanism to circumvention settings (rdsys#79) - be able to configure the proxy type in snowflake library (snowflake#40104) - update obfs4 bridge dockerfile to use backports (docker-obfs4-bridge!9) - review uTLS merge request (snowflake!76) Next week: - deploy circumvention settings (bridgedb#40025) - integrate telegram bot into rdsys (rdsys#77) Shelikhoo: 2022-03-10 Last Week: - [Merge Request Awaiting] Add SOCKS5 forward proxy support to snowflake (snowflake!64) - [Merge Request Awaiting] uTLS for broker negotiation (Updated) - [Coding & Deployment] Proposal: Centralized Probe Result Collector (anti-censorship/team#54) - [Deployment] Vantage Point in Vinnica, Ukraine - [Discussion] Centralized Probe Log Collection Ascension Request - [Discussion] Hosting Centralized Probe Log Collection Server on TPA managed VPS Next Week: - [Coding] Add SOCKS5 forward proxy support to snowflake (snowflake!64) - built-in DNS HackerNCoder: 2021-12-16 This week: Last/done: Setup web mirror on tor.encryptionin.space Next: Get (new VPs with) new IP and setup new web mirror on new domain hanneloresx: 2021-3-4 Last week: - Submitted MR for bridgestrap issue #14 Next week: - Finish bridgestrap #14 - Find new issue to work on Help with: - -- meskio | https://meskio.net/ -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- My contact info: https://meskio.net/crypto.txt -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Nos vamos a Croatan.

1 0

Tomorrow: Tor Monthly Localization Hangout!
by emma peel 17 Mar '22

17 Mar '22

ey there! Remember that tomorrow we have the monthly Tor Localization Hangout! Every 3rd Friday of the month the Tor L10n Team meets to translate together, share tricks, have fun while translating, meet fellow translators, and find out about the l10n priorities for the Tor Project. NEXT HANGOUT: Friday March 18th - from 12 UTC onwards Come join us on the Localization Hangout, from Noon UTC, on the #tor-l10n channel in OFTC. (you can also use Element https://element.io/ to connect: #tor-l10n:matrix.org) At 13 UTC we will make a call on Big Blue Button: https://tor.meet.coop/emm-qmu-8o2-d2w Tomorrow we will learn about bugs, reporting, and the bugtracker! What are bugs, how to report them, interesting projects in gitlab for translators. More information: https://community.torproject.org/localization/hangouts/

1 0

minutes from the TPA meeting
by Antoine Beaupré 15 Mar '22

15 Mar '22

Hi! Here are your monthly TPA minutes, enjoy! # Roll call: who's there and emergencies anarcat, kez, lavamind, gaba are present. colchicifolium backups are broken, and we're looking into it, but that's not really an emergency, as it is definitely not new. see [issue 40650][]. [issue 40650]: https://gitlab.torproject.org/tpo/tpa/team/-/issues/40650 # TPA-RFC-15: email services We discussed the [TPA-RFC-15][] proposal. [TPA-RFC-15]: https://gitlab.torproject.org/tpo/tpa/team/-/wikis/policy/tpa-rfc-15- The lack of IMAP services is going to be a problem for some personas and should probably be considered part of the propsoal. For approval, we should first send to tor-internal for comments, then a talk at all hands in april, then isa/sue for financial approval. # Dashboard review We went through the dashboards: * https://gitlab.torproject.org/tpo/tpa/team/-/boards/117 * https://gitlab.torproject.org/groups/tpo/web/-/boards * https://gitlab.torproject.org/groups/tpo/tpa/-/boards We moved a bunch of stuff to the icebox (particularly in the gitlab-lobby and anon_ticket projects), and also made sure to assign every ~Next ticket to someone in the web team. Generally, we only looked at tickets associated with a Milestone in the web dashboard because it's otherwise too crowded. # Upcoming work parties We're going to have those work parties coming up: * ganeti gnt-chi: on Tuesday, finish setting up the gnt-chi cluster, to train people with out of band access and ipsec * bullseye upgrades: in a week or two, to upgrade a significant chunk of the fleet to bullseye, see [ticket 40662][] where we'll make a plan and send announcements [ticket 40662]: https://gitlab.torproject.org/tpo/tpa/team/-/issues/40662 # Holidays anarcat is planning some off time during the first weeks of august, do let him know if you plan to take some time off this summer. # future of media.tpo We discussed the future of media.tpo ([tpo/web/team#30][]), since it mentions rsync and could be a place to store things like assets for the blog and other sites. anarcat said we shouldn't use it as a CDN because it's really just an archive, and only a single server. if we need a place like that, we should find some other place. we should probably stop announcing the rsync service instead of fixing it, I doubt anyone is using that. [tpo/web/team#30]: https://gitlab.torproject.org/tpo/web/team/-/issues/30#note_2785843> # Other discussions We briefly talked about colchicifolium, but that will be reviewed at the next checkin. # Next meeting April 4th. # Metrics of the month * hosts in Puppet: 87, LDAP: 87, Prometheus exporters: 143 * number of Apache servers monitored: 25, hits per second: 301 * number of self-hosted nameservers: 6, mail servers: 8 * pending upgrades: 22, reboots: 1 * average load: 0.92, memory available: 4.11 TiB/5.13 TiB, running processes: 646 * disk free/total: 31.96 TiB/84.70 TiB * bytes sent: 331.59 MB/s, received: 201.29 MB/s * planned bullseye upgrades completion date: 2024-12-01 * [GitLab tickets][]: 177 tickets including... * open: 0 * icebox: 151 * backlog: 9 * next: 9 * doing: 5 * needs information: 3 * (closed: 2643) [Gitlab tickets]: https://gitlab.torproject.org/tpo/tpa/team/-/boards Upgrade prediction graph lives at: https://gitlab.torproject.org/tpo/tpa/team/-/wikis/howto/upgrades/bullseye/ Now also available as the main Grafana dashboard. Head to <https://grafana.torproject.org/>, change the time period to 30 days, and wait a while for results to render. -- Antoine Beaupré torproject.org system administration

1 0

gitolite email hook replacement
by Antoine Beaupré 15 Mar '22

15 Mar '22

Hi, As part of the procmail retirement I announce on March 1st, the email notification hook used by the old Gitolite server to notify users of new patches started breaking in odd and unpredictable ways: https://gitlab.torproject.org/tpo/tpa/team/-/issues/40653 https://gitlab.torproject.org/tpo/tpa/team/-/issues/40659 I have tried to fix this by deploying `reformail` as a `formail` replacement, but that ultimately failed as well. In the end, I deployed a newer mailing hook called "git-multimail": https://github.com/git-multimail/git-multimail After a brief test period inside TPA, all repositories have been switched over to the new hook today. You might notice a different email template. It's also possible you receive more email than before. If there's any significant problem with the new hook, do let us know in the usual place: https://gitlab.torproject.org/tpo/tpa/team/-/wikis/support There is no clear list of changes since the last hook, because the hook we were using was an in-house version with no corresponding upstream version. That said, it was fairly similar to the defunct `post-receive-email` hook, and there *is* a list of differences between git-multimail and that, which you can read here: https://github.com/git-multimail/git-multimail/blob/master/git-multimail/RE… That's about it, thank you for your attention and have a nice day, a. -- Antoine Beaupré torproject.org system administration

1 0

Anti-censorship team meeting notes, 2022-03-10
by meskio 10 Mar '22

10 Mar '22

Hey everyone! Here are our meeting logs: http://meetbot.debian.net/tor-meeting/2022/tor-meeting.2022-03-10-15.59.html And our meeting pad: Anti-censorship work meeting pad -------------------------------- Next meeting: Thursday March 17th 16:00 UTC Weekly meetings, every Thursday at 16:00 UTC, in #tor-meeting at OFTC (channel is logged while meetings are in progress) == Goal of this meeting == Weekly checkin about the status of anti-censorship work at Tor. Coordinate collaboration between people/teams on anti-censorship at Tor. == Links to Useful documents == * Our anti-censorship roadmap: * Roadmap: https://gitlab.torproject.org/groups/tpo/anti-censorship/-/boards * The anti-censorship team's wiki page: * https://gitlab.torproject.org/tpo/anti-censorship/team/-/wikis/home * Past meeting notes can be found at: * https://lists.torproject.org/pipermail/tor-project/ * Tickets that need reviews: from sponsors we are working on: * All needs review tickets: https://gitlab.torproject.org/groups/tpo/anti-censorship/-/merge_requests?s… * Sponsor 30 * https://gitlab.torproject.org/groups/tpo/-/milestones/4 * https://gitlab.torproject.org/groups/tpo/-/milestones/7 * https://gitlab.torproject.org/groups/tpo/-/milestones/5 * https://gitlab.torproject.org/groups/tpo/-/milestones/6 * Sponsor 28 * must-do tickets: https://gitlab.torproject.org/groups/tpo/-/milestones/10 * possible tickets: https://gitlab.torproject.org/groups/tpo/-/issues?scope=all&utf8=%E2%9C%93&… == Announcements == == Discussion == * (from March 11th) Reach an agreement on distributed Snowflake (Broker)|(Server) design. Shel: are you going to be workign on https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… ? What else we need to move forward on it? -- from gaba * The client telling the broker what bridge it wants to use: https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… * missing pieces: * broker having a list of known bridge fingerprints * proxies telling the broker what bridges they know about in their poll messages * might be a good next step * arlo is happy to pick this up, if it's helpful +1 * broker matching clients with proxies, considering not only NAT compatibility but bridge fingerprint * proxies will need to both (1) know how to interpret the broker's instructions as to what websocket server to connect to, and (2) know how to forward the client's requested bridge fingerprint to the websocket server. * a proxy that does not signal such support to the broker can be matched only with clients that either: do not specify a bridge fingerprint, or specify the current default 2B280B23E1107BB62ABFC40DDCC8824814F80A72 * proxies forwarding bridge fingerprint to snowflake-server intheir websocket connection * snowflake-server having its own internal mapping of bridge fingerprint -> ExtORPort address * needs a configuration file or something, can no longer come from TOR_PT_EXTENDED_SERVER_PORT environment variable since there may be more than one * Next steps: * who is doing what? * snowflake proxy auto-update? * webextensions have their usual update mechanism * docker auto-update if enabled * deb package updates * people compiling and running their own go-proxy, no updates or notifications of updates * the web badge does a page refresh (i think) == Actions == == Interesting links == * https://bsd.network/@matthieu/107900307121945165 * running snowflake proxy on OpenBSD == Reading group == * We will discuss "Throttling Twitter: an emerging censorship technique in Russia" on 17 March * https://dl.acm.org/doi/pdf/10.1145/3487552.3487858 * https://censorbib.nymity.ch/#Xue2021a * Questions to ask and goals to have: * What aspects of the paper are questionable? * Are there immediate actions we can take based on this work? * Are there long-term actions we can take based on this work? * Is there future work that we want to call out, in hopes that others will pick it up? == Updates == Name: This week: - What you worked on this week. Next week: - What you are planning to work on next week. Help with: - Something you need help with. anadahz: 2022-01-27 Last week: - Increase timeout check cycles for default-bridge-felix-1 and default-bridge-felix-2 as they have been generating too many alerts: https://gitlab.torproject.org/tpo/anti-censorship/monit-configuration/-/mer… cecylia (cohosh): last updated 2022-03-10 Last week: - worked on setting up a dev environment for conjure - https://github.com/refraction-networking/conjure/wiki/Environment-Setup - some reviews This week: - continued work on conjure PT - continue to monitor snowflake broker stats - review rdsys!15 Needs help with: dcf: 2022-03-10 Last week: - worked on aquiring resources for better hosting for the snowflake bridge - posted summary of snowflake amp cache https://github.com/net4people/bbs/issues/109 - posted observations on multi-instance metrics graphs https://gitlab.torproject.org/tpo/network-health/metrics/onionoo/-/issues/4… - posted summary of last week's discussion about multiple snowflake bridges https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… - posted notes about IGD port forwarding https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… Next week: - review arlo's bridge fingerprint forwarding change https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… Help with: agix: 2021-02-10 Last week: - Continued work on gettor-twitter Next week: - Hopefully finish the task Help with: - arlolra: 2022-03-10 Last week: - Pass bridge fingerprint in SOCKS param to the broker https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… Next week: - Revise !81 - Start on the next piece of the multiple bridge design Evergreen: - Figure out where in pion/webrtc ALPN should be configured and used - Maybe add Chacha20Poly1305 to pion/dtls https://github.com/pion/dtls#planned-features https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… Help with: - maxb: 2021-09-23 Last week: - Worked on https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… re: utls for broker negotiation - Had conversation with someone about upstream utls http round tripper https://github.com/refraction-networking/utls/pull/74 - Too busy with work :/ Next week: - _Really_ want to get a PR for utls round tripper meskio: 2022-03-10 Last week: - use bridge-distribution-request in rdsys (rdsys#93) - use rdsys bridges in circumvention settings (bridgedb#40045) - send the right assingments.log to the metrics Next week: - add some untilisting mechanism to circumvention settings (rdsys#79) Shelikhoo: 2022-03-10 Last Week: - [Merge Request Awaiting] Add SOCKS5 forward proxy support to snowflake (snowflake!64) - [Merge Request Awaiting] uTLS for broker negotiation(Updated) - [Coding & Deployment] Proposal: Centralized Probe Result Collector (anti-censorship/team#54) - [Deployment] Vantage Point in Vinnica, Ukraine - [Discussion] Centralized Probe Log Collection Ascension Request - [Discussion] Hosting Centralized Probe Log Collection Server on TPA managed VPS Next Week: - [Coding] Add SOCKS5 forward proxy support to snowflake (snowflake!64) - built-in DNS HackerNCoder: 2021-12-16 This week: Last/done: Setup web mirror on tor.encryptionin.space Next: Get (new VPs with) new IP and setup new web mirror on new domain hanneloresx: 2021-3-4 Last week: - Submitted MR for bridgestrap issue #14 Next week: - Finish bridgestrap #14 - Find new issue to work on Help with: - -- meskio | https://meskio.net/ -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- My contact info: https://meskio.net/crypto.txt -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Nos vamos a Croatan.

1 0

Joydeep's Monthly Status Report for February 2022
by Joydeep Sen Gupta 05 Mar '22

05 Mar '22

Hello everyone! This is my monthly report for the month of February. Last month we saw a uptick in the number of requests for unlisted obfs4 bridges. This resulting in a lot of troubleshooting with the users ranging from bridge lines not being parsed by Tor because of line breaks to issues with Tor not bootstrapping because of firewalls and VPNs. With increased usage of Snowflake, I also helped a lot of users with questions about setting up a proxy, using Snowflake and other general questions about Snowflake. With the latest tor release [1], I received a few queries as to how to verify the signature. We now have the new instructions documented on the Support Portal [2]. There were three Tor Browser releases last month, namely, 11.0.5 (Android only), 11.0.6, 11.5.a4. We are still receiving a number of queries from users using macOS < 10.12 for which Tor Browser 11.0.x is not compatible [3]. And a few users raised the issue [4] about 11.0.6 Windows bundles signed with an old certificate which was reported to and fixed by the Applications Team. We maintain a set of templates on our Request Tracker to improve our workflow and easily respond to recurring queries. I reviewed and updated all of the articles that we maintain. This exercise is very important and I intend to do this every quarter at the very least. That pretty much sums up the highlights from last month and following are some quick stats and highlights from our official support channels. # Frontdesk Timeline : 01 Feb - 28 Feb 2022 Tickets: new: 38 open: 21 resolved: 852 Breakdown of number of RT tickets received with respect to operating system: (Note: This includes tickets where the user mentioned the operating system or it was evident from the issue they were running into and/or enclosed screenshots.) Windows - 6 macOS - 11 GNU/Linux - 1 Android- 4 Breakdown of most frequent tickets (at least 3 RT tickets): 1. 613 RT Tickets - How to use Tor Bridges in Russia. [5] 2. 38 RT Tickets - Private Bridge requests. This is not related to the .ru censorship but requests from Tor users in China, Iran, etc. [6] 3. 6 RT Tickets - Tor Browser 11 incompatible with older versions of macOS. [3] 4. 4 RT Tickets- How to verify little-t-tor signature? [2] 5. 3 RT Tickets - Youtube inaccessible over Tor. # Tor Forum Most popular topics (in terms of no. of views) in February: 1. "File signature could not be verified 11.0.6_en-US.exe [32-bit]". [7] 2. (Onion) Sites do not work after transfer to another server. Details: 0xF2 - dating [date] error. [8] 3. "Torrc, unit files, confusion" (conflict between the recursive function of %include and the AppArmor profile) [9] 4. "Login button (on Udemy.com) does not work". [10] 5. "High-speed relays on Windows - not great, not terrible". [11] Thanks, -- Joydeep [1]: https://forum.torproject.net/t/release-0-4-5-12-and-0-4-6-10/2024 [2]: https://support.torproject.org/little-t-tor/verify-little-t-tor/ [3]: https://forum.torproject.net/t/version-of-tor-browser-compatible-with-macos… [4]: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/issues/4… [5]: https://forum.torproject.net/t/tor-blocked-in-russia-how-to-circumvent-cens… [6]: https://support.torproject.org/censorship/connecting-from-china/ [7]: https://forum.torproject.net/t/file-signature-could-not-be-verified-11-0-6-… [8]: https://forum.torproject.net/t/sites-do-not-work-after-transfer-to-another-… [9]: https://forum.torproject.net/t/torrc-unit-files-confusion/2217 [10]: https://forum.torproject.net/t/login-button-does-not-work/2224/12 [11]: https://forum.torproject.net/t/high-speed-relays-on-windows-not-great-not-t…

1 0

Rhatto's Monthly Status Report, February 2022
by rhatto 04 Mar '22

04 Mar '22

Hi all :) This is my monthly status report for February 2022. Main activities during the period: 0. Onboarding: It was my first month at Tor and I did a bunch of onboarding & research tasks that are summarized here: https://gitlab.torproject.org/tpo/community/team/-/issues/57 2. Sponsor 123: Bootstrapping tasks, including kickoff and discovery meetings. 3. Started the Oniongroove repository as a follow up from the Onion SRE notes sent previously: https://gitlab.torproject.org/rhatto/oniongroove/ https://lists.torproject.org/pipermail/tor-project/2022-February/003288.html Draft specs are currently available at the feature/specs branch, under heavy development and soon to be rebased/merged into the main branch. When that happens, they will probably be ready for review/comments/suggestions. Please let me know if you have references and recommendations about Onion Services setup, deployment and best practices :) 4. Security policy: Assigned myself into drafting a security policy (currently in the backlog): https://gitlab.torproject.org/tpo/team/-/issues/41 I'm looking for examples and references on the topic :) -- Silvio Rhatto pronouns he/him

1 0