- tor-project - lists.torproject.org

Monthly status report for irl
by Iain Learmonth 05 Jan '22

05 Jan '22

Hi, This is my monthly status report for work completed in December 2021. I am developing a framework for deploying obfs4 bridges in public and private clouds using orchestration tools, with the specific use case being that bridges must be easily destroyable and creatable such that if they are blocked in target networks they can be quickly deployed to a new unblocked location. Between Sponsor 96 and Sponsor 125, there are currently 39 dynamic bridges running. These bridges are distributed either by moat (Sponsor 96) or by Telegram (Sponsor 125). In next month’s update I hope to have some real numbers on the number of users per-country these bridges are supporting though currently there is no easy way to get this information. Some of these bridges are seeing more than 300 average connected users and load balancing may need to be considered once there is more data available. The initial development focussed on two modules for deploying bridges with Terraform on two cloud providers, one using an Openstack API: * https://github.com/sr2c/terraform-hcloud-tor-bridge * https://github.com/sr2c/terraform-openstack-tor-bridge Two new modules have since been added to support the creation of a torrc configuration file natively within Terraform and to generate a ContactInfo string that is compliant with ContactInfo Information Sharing Specification version 2: * https://github.com/sr2c/terraform-null-torrc * https://github.com/sr2c/terraform-null-contactinfo Over the winter holiday, we worked to keep our pool of Telegram bridges updated with accessible bridges, deploying new bridges as required and decommissioning old bridges as they are no longer used. Thanks to others I worked with in the Tor team that gave up some of their holiday time to keep the free and open Internet accessible to those that wouldn’t otherwise have access! This month I plan to generate metrics on the use of these dynamic bridges to inform how many we should be running and provide insight into country-level blocking. The Terraform modules will also continue to see improvements as I move away from the “provisioner” hack and instead use cloud-init to provision the bridges more reliably. Thanks, Iain. -- Iain Learmonth (he/him) SR2 Communications Limited Phone: +44 (0)1224 900 202 | Email: irl(a)sr2.uk<mailto:irl@sr2.uk>

1 0

Community Team meeting notes - 2021-12-20
by gus 28 Dec '21

28 Dec '21

Hi, Here are our meeting logs: http://meetbot.debian.net/tor-meeting/2021/tor-meeting.2021-12-20-13.59.log… ## Tor Community Team meeting pad Next meeting: Monday, January 10, 2022 - 1400 UTC. Weekly meetings, every Monday at 14:00 UTC, in #tor-meeting at OFTC (channel is logged while meetings are in progress) ## Goal of this meeting Weekly checkin about the status of Community Team work at Tor. ## Links to Useful documents * Looking for volunteers: https://forum.torproject.net/t/looking-for-volunteers-to-contribute-to-the-… * Russia graphs: - Direct connections: https://metrics.torproject.org/userstats-relay-country.html?start=2021-09-2… - Bridge users: https://metrics.torproject.org/userstats-bridge-country.html?start=2021-09-… ## Discussion * Discuss policy for approving threads as 'resolved' on the forum: - rule zero: if the question is answered in Support.tpo or other Tor documentation, then you can tick as resolved. - rule one: OP replies saying that your solution works. - rule two: in doubt, ask others about if the solution works. * Relay Operators Survey: - https://gitlab.torproject.org/tpo/community/relays/-/issues/28 - https://survey.torproject.org/index.php/459487 * (update) User support in Russian ## Updates Name: Last week: - What you worked on last week. This week: - What you are you planning to work on this week. Help with: - Something you need help with. Joydeep: Last week: - User Support work with priority to .ru users This week: - User Support work with priority to .ru users (contd.) - RRF meeting Gus: This week: - Interviewing ECC and OnionSRE applicants - Helping on .ru support - Wrapping up S96 activities for this year - Following up Outreachy tasks - Meeting with Gaba to discuss and plan the Rapid Response Fund Help with: - Something you need help with. Miko: Last week: - Started the Tor Relay Operators survey https://gitlab.torproject.org/tpo/community/relays/-/issues/27 - Created a checklist under this ticket to track progress This week: - Planning UX interviews for Relay Operators https://gitlab.torproject.org/tpo/community/relays/-/issues/28 - Wrapping up the course on Gamification - Will publish a report on Gamification (what I learnt) emmapeel: Last week: - Update translations in the websites - Looked onto fixing the translation stats (no luck) - irc support for new bridge users This week: - Weblate move specs - Fix translation checks and stats HackerNCoder: Last week: - Setup tor.invidious.site This week: - keep up to date on blocking of mirror - getting an understanding of discourse moderation -- The Tor Project Community Team Lead

1 0

Broken U2F token in Tor Browser with latest Gitlab update
by Georg Koppen 23 Dec '21

23 Dec '21

Hello! Tor Browser disables by default WebAuthn which has been fine with our Gitlab instance so far (but does not work so well with our forum) if you use a token like a Yubikey. However, this does no longer work with the latest Gitlab update it seems, which we picked up automatically yesterday: """ WebAuthn (supported, but disabled by default, since GitLab 13.4) is now enabled by default. Users can now use Touch ID on Apple devices as a second authentication factor, as long as their browser supports it. This also eliminates error messages seen in browsers that are deprecating U2F in favor of WebAuthn. """ So, if you have such a token enabled (as I do) and suddenly can't log into our Gitlab anymore you can test your recovery code setup (hehe) and then finally think about flipping the `security.webauth.webauthn` to `true` as you would need to do anyway if you want to log into our forum with your token enabled. Hope this helps, Georg

1 0

Anti-censorship meeting notes, 2021 December 16
by meskio 16 Dec '21

16 Dec '21

Hi everyone! Here are our meeting logs: http://meetbot.debian.net/tor-meeting/2021/tor-meeting.2021-12-16-15.59.html and our meeting pad: Anti-censorship work meeting pad -------------------------------- Next meeting: Thursday January 6th 16:00 UTC Weekly meetings, every Thursday at 16:00 UTC, in #tor-meeting at OFTC (channel is logged while meetings are in progress) == Goal of this meeting == Weekly checkin about the status of anti-censorship work at Tor. Coordinate collaboration between people/teams on anti-censorship at Tor. == Links to Useful documents == Our anti-censorship roadmap: Roadmap: https://gitlab.torproject.org/groups/tpo/anti-censorship/-/boards The anti-censorship team's wiki page: https://gitlab.torproject.org/tpo/anti-censorship/team/-/wikis/home Past meeting notes can be found at: https://lists.torproject.org/pipermail/tor-project/ Tickets that need reviews: from sponsors we are working on: All needs review tickets: https://gitlab.torproject.org/groups/tpo/anti-censorship/-/merge_requests?s… Sponsor 30 https://gitlab.torproject.org/groups/tpo/-/milestones/4 https://gitlab.torproject.org/groups/tpo/-/milestones/7 https://gitlab.torproject.org/groups/tpo/-/milestones/5 https://gitlab.torproject.org/groups/tpo/-/milestones/6 Sponsor 28 must-do tickets: https://gitlab.torproject.org/groups/tpo/-/milestones/10 possible tickets: https://gitlab.torproject.org/groups/tpo/-/issues?scope=all&utf8=%E2%9C%93&… == Announcements == New default bridge in TorBrowser: https://metrics.torproject.org/rs.html#details/3D98E4E19BDBBF2047DDAC7892B3… == Discussion == Current status in Russia meek-azure now unblocked? seems to be working https://ntc.party/t/ooni-reports-of-tor-blocking-in-certain-isps-since-2021… Moat is no longer distributing old bridges in Russia https://gitlab.torproject.org/tpo/anti-censorship/team/-/issues/47#note_276… The new Telegram bot's bridges were all blocked but one we need more mirrors of *.torproject.org as they get blocked snowflake bridge has doubled its clients https://metrics.torproject.org/rs.html#details/5481936581E23D2D178105D44DB6… the DTLS fingerprint fix seems to work The new bridge obfs4 deusexmachina is already blocked (from 11.0.2, released 2021-12-08) There is an article saying that an organization is petitioning to have Tor Browser removed from the Google and Apple app stores in Russia https://m.gazeta.ru/social/news/2021/12/14/n_17011309.shtml Further Snowflake fingerprint fixes anyone working on adding ALPN support to DTLS Client Hello? https://github.com/pion/dtls/issues/408 dcf will upgrade the standalone proxies we operate meskio will upgrade the docker image need updates for the debian package and freebsd port as well next meeting Thursday 6 January 2022 we have now 2k bridges https://metrics.torproject.org/networksize.html?start=2017-09-17&end=2021-1… == Actions == == Interesting links == https://eyedeekay.github.io/blizzard/ Snowflake proxy plugin for I2P == Reading group == We will discuss "Meteor: Cryptographically Secure Steganography for Realistic Distributions" on 2022-01-?? https://dl.acm.org/doi/10.1145/3460120.3484550 Questions to ask and goals to have: What aspects of the paper are questionable? Are there immediate actions we can take based on this work? Are there long-term actions we can take based on this work? Is there future work that we want to call out, in hopes that others will pick it up? == Updates == Name: This week: - What you worked on this week. Next week: - What you are planning to work on next week. Help with: - Something you need help with. cecylia (cohosh): last updated 2021-12-09 Last week: - preliminary dump of snowflake shadow simulation scripts (needs more documentation and cleanup) - https://gitlab.torproject.org/cohosh/snowflake-simulation - hooked up our reachability measurements to grafana - s28 PI meeting - handled snowflake probe test outage (responded to alert) - snowflake DTLS fingerprinting fixes - DTLS fix: https://github.com/pion/dtls/pull/407 - Tor Browser MR: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/merge_re… - bump version of Snowflake in Tor Browser - https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/merge_re… This week: - finish documenting and cleaning up shadow simulation scripts - use these snowflake + shadow scripts to do more performance testing - ensure everything is in place for end of phase II for s28 - https://gitlab.torproject.org/tpo/anti-censorship/team/-/milestones/1 - follow up on Snowflake DTLS fingerprinting work Needs help with: arlolra: 2021-08-12 Last week: - Migrate to v3 of the webextension manifest Next week: - Maybe get back to snowflake-webext #10 - Write up the pitch for our use case for supporting creating PeerConnections in background service workers https://github.com/w3c/webrtc-extensions/issues/77 Help with: - dcf: 2021-12-16 Last week: - had a talk about push notifications https://gitlab.torproject.org/tpo/anti-censorship/team/-/issues/45 - posted an analysis of the quantity of BridgeDB captcha images https://lists.torproject.org/pipermail/anti-censorship-team/2021-December/t… Next week: - upgrade standalone snowflake proxies for the new DTLS fingerprint Help with: agix:2021-11-25 Last week: - More work on gettor for twitter Next week: - Continue to work on gettor-twitter Help with: - hanneloresx: 2021-3-4 Last week: - Submitted MR for bridgestrap issue #14 Next week: - Finish bridgestrap #14 - Find new issue to work on Help with: - maxb: 2021-09-23 Last week: - Worked on https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… re: utls for broker negotiation - Had conversation with someone about upstream utls http round tripper https://github.com/refraction-networking/utls/pull/74 - Too busy with work :/ Next week: - _Really_ want to get a PR for utls round tripper meskio: 2021-12-16 Last week: - russia censorship fires - rotate blocked bridges in telegram bot - implement BridgeDB country bridge blocklist and block nonworking moat bridges in russia (team#47) - review BridgeDB mock clean up (bridgedb!29) - review docker-obfs4-bridge change the nickname (docker-obfs4-bridge!6) - merge docker-snowflake-proxy improvements (docker-snowflake-proxy!3) - DRL implementors meeting Next week: - metrics bridge distributor metrics for rdsys (rdsys#67) Shelikhoo: 2021-12-16 Last Week: - [Merge Request Awaiting] Add SOCKS5 forward proxy support to snowflake(snowflake!64) - [Merge Request Awaiting] Multi-arch docker image support with Dockerfile refactor for probetest(probetest!1) - [Merge Request] Add Google backend support for gettor updater - [Merge Request] Add callbacks in the client for key events during snowflake connections(snowflake#40076) - [Merge Request Review] Default to the main branch and cache go modules - [Investigate] Random Like Stream Blocking on Certain IDC from gfw_report - [Investigate] Implement metrics to measure snowflake churn(snowflake#34075) - [Investigate] [Russia] Some ISPs are blocking Tor - [Discussion] Proposal: Support for Dynamic IP obfs4 bridges with unattended proxy information update(aka "Subscription") - [Discussion] Implement metrics to measure snowflake churn(snowflake#34075) - [Discussion] Proposal: Push Notification Based Signaling Channel - [Discussion] Proposal: HTTP(S) Download Test(bridgestrap#30) Next Week: - [Discussion] Designing the Container Layout for rdsys - [Discussion] Proposal: Support for Dynamic IP obfs4 bridges with unattended proxy information update(aka "Subscription") - [Discussion] Implement metrics to measure snowflake churn(snowflake#34075) - [Discussion] Proposal: Push Notification Based Signaling Channel - [Investigate] rdsys Deployment Environment HackerNCoder: 2021-12-16 This week: Last/done: Setup web mirror on tor.encryptionin.space Next: Get (new VPs with) new IP and setup new web mirror on new domain -- meskio | https://meskio.net/ -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- My contact info: https://meskio.net/crypto.txt -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Nos vamos a Croatan.

1 0

LEAP is hiring for work on TorVPN
by Erin Wyatt 16 Dec '21

16 Dec '21

Hello everyone, One of our partner organizations, LEAP <https://leap.se/> (LEAP Encryption Access Project), has three open positions for work on the upcoming TorVPN: Go Developer <https://leap.se/post/2021_11_28_work_to_do/#go-application-developer-for-le…> Android Developer <https://leap.se/post/2021_11_28_work_to_do/#android-app-developer-for-leap-…> iOS Developer <https://leap.se/post/2021_11_28_work_to_do/#ios-developer-for-leap-vpn> This is a really exciting and important partnership for Tor! Please help us spread the word about these open positions. Thank you! Erin Wyatt Director of People Operations (she/her) ewyatt(a)torproject.org <mailto:ewyatt@torproject.org> PGP: 35E7 2A9F 6655 45F9 2CB6 6624 BA0C 9400 F80F 91CE https://www.torproject.org <https://www.torproject.org/> http://2gzyxa5ihm7nsggfxnu52rck2vv4rvmdlkiu3zzui5du4xyclen53wid.onion/ <http://2gzyxa5ihm7nsggfxnu52rck2vv4rvmdlkiu3zzui5du4xyclen53wid.onion/>

1 1

Monthly Localization Hangout Tomorrow Fri Dec 17th
by emma peel 16 Dec '21

16 Dec '21

ey there! I wanted to invite you to the Tor Monthly Localization Hangout tomorrow, where we discuss localization topics, priorities, best practices, and more. More information: https://community.torproject.org/localization/hangouts/ See you on #tor-l10n! emmapeel Localization Coordinator Tor Project

1 0

LEAP is hiring for work on TorVPN
by Erin Wyatt 15 Dec '21

15 Dec '21

Hello everyone, One of our partner organizations, LEAP <https://leap.se/> (LEAP Encryption Access Project), has three open positions for work on the upcoming TorVPN: Go Developer <https://leap.se/post/2021_11_28_work_to_do/#go-application-developer-for-le…> Android Developer <https://leap.se/post/2021_11_28_work_to_do/#android-app-developer-for-leap-…> iOS Developer <https://leap.se/post/2021_11_28_work_to_do/#ios-developer-for-leap-vpn> This is a really exciting and important partnership for Tor! Please help us spread the word about these open positions. Thank you! Erin Wyatt Director of People Operations (she/her) ewyatt(a)torproject.org PGP: 35E7 2A9F 6655 45F9 2CB6 6624 BA0C 9400 F80F 91CE https://www.torproject.org <https://www.torproject.org/> http://2gzyxa5ihm7nsggfxnu52rck2vv4rvmdlkiu3zzui5du4xyclen53wid.onion/

1 0

Tor Event - PrivChat #6 - Dec 15 @ 19:00 UTC
by Al Smith 15 Dec '21

15 Dec '21

Hello all, Next week, we're hosting PrivChat #6 - Privacy is a Human Right. Amidst escalating Russian censorship against Tor, this is a very timely conversation that includes an artist & activist who knows what it's like to be living in Russia and depending on Tor: *Nadya Tolokonnika, founder of Pussy Riot.* Event will be hosted by *Cindy Cohn*, ED of EFF, and Nadya will be joined by fellow panelists *Ali Gharavia* of Sida, and *Nicholas Merrill*, founder & ED of the Calyx Institute. ** * *When: *Wed, Dec 15 @ 19:00 UTC (convert to your timezone: https://www.timeanddate.com/worldclock/converter.html?iso=20211215T190000&p…) * *Where:* https://www.youtube.com/watch?v=ttQiA_GfI6s * *Details: *https://torproject.org/privchat Please share this with anyone who may be interested! Cheers, Al -- Al Smith (they/them) Fundraising Director The Tor Project https://www.torproject.org | http://2gzyxa5ihm7nsggfxnu52rck2vv4rvmdlkiu3zzui5du4xyclen53wid.onion/

1 1

Network Team - Upcoming Releases tor.git - December 2021
by David Goulet 14 Dec '21

14 Dec '21

Greetings everyone! Network team will be releasing on Thursday a new Tor 0.4.6.x stable and 0.4.7.x alpha containing various fixes but nothing critical. One important fix is the one removing DNS timeouts from the overload general signal. You will find more details about it here: https://gitlab.torproject.org/tpo/network-health/team/-/issues/139 Another thing we would like to clarify. We are way pass our usual timeline of 6 months per stable version with regards to the 0.4.7.x series. The reason is that we've been working very hard on this new congestion control feature (prop#324) for the network that is not only very complex but takes a long time to test and simulate. And thus, we made the decision to delay 0.4.7.x first stable version until congestion control is to our standard and hopefully a wonderful thing :). The estimate for that might not be until February if all goes well but don't take my words for it. In the meantime, we'll be rolling out more alphas as important bugs need to be release. Nothing is set in stone, we regularly assess the schedule for 0.4.7. Upcoming versions: - 0.4.6.9 - 0.4.7.3-alpha @network-team: It is _now_ a good time to start reviewing changes/ files: 046: https://gitlab.torproject.org/tpo/core/tor/-/tree/release-0.4.6/changes 047: https://gitlab.torproject.org/tpo/core/tor/-/tree/main/changes Last, we've asked the dirauth to recommend these versions few minutes ago. Cheers! David -- ur/QctTmnMWK0VP2przjh2ctwvaJxNFxD0oKG8FoaYI=

1 0

Community Team meeting notes - 2021 December 06
by gus 11 Dec '21

11 Dec '21

Hello, Here are our meeting logs: http://meetbot.debian.net/tor-meeting/2021/tor-meeting.2021-12-06-13.59.html and our meeting pad: ## Tor Community Team meeting pad Next meeting: Monday, December 13, 2021 - 1400 UTC Weekly meetings, every Monday at 14:00 UTC, in #tor-meeting at OFTC (channel is logged while meetings are in progress) ## Goal of this meeting Weekly checkin about the status of Community Team work at Tor. ## Links to Useful documents * Looking for volunteers: https://forum.torproject.net/t/looking-for-volunteers-to-contribute-to-the-… ## Discussion * Bridge campaign * Some isps in Russia are blocking Tor: - Ticket: https://gitlab.torproject.org/tpo/community/support/-/issues/40050 - Translated template: https://forum.torproject.net/t/tor-blocked-in-russia-how-to-circumvent-cens… - Tweets: https://twitter.com/torproject/status/1466885338878513153 - From the user support perspective, what else we can do? - Follow up with Nathan and Josh about Link/Telegram helpdesk - https://docs.digiresilience.org/link/ * Outreachy internship kick-off: "Mapping values and motivations of the tor networks" You can read the project here: https://gitlab.torproject.org/tpo/community/team/-/issues/46 https://gitlab.torproject.org/tpo/community/relays/-/issues/26 Week 1 and 2 (Dec 6 - Dec 19): - Study: Understand Tor relays - Passive UX research: Research about relay operators' motivations, community core values, relay flags, the biggest relay families Let's track this project development in this repository: https://gitlab.torproject.org/tpo/community/relays/ ## Updates Name: This week: - What you worked on this week Help with: - Something you need help with Gus: This week: - Reviewing ECC applicants - Outreachy mentorship starts - More network health work with GeKo - Reviewing OTF fellowship project - Contact new bridge operators Joydeep This week: - User Support work - Status report - Bridges Campaign - https://gitlab.torproject.org/groups/tpo/-/boards?scope=all&utf8=%E2%9C%93&… Miko: This week: - Passive UX research - reading up on resources sent by Gus a few weeks ago -- The Tor Project Community Team Lead

1 0