- tor-project - lists.torproject.org

Monthly Localization Hangout Tomorrow from 12UTC onwards
by emma peel 16 Sep '21

16 Sep '21

Just a note to remind you that..... Tomorrow we hang out! Every 3rd Friday of the month the Tor L10n Team meets to translate together, share tricks, have fun while translating, meet fellow translators, and find out about the l10n priorities for the Tor Project. Come join us on the Localization Hangout, from Noon UTC, on the #tor-l10n channel in OFTC. (you can also use Element https://element.io/ to connect: #tor-l10n:matrix.org) More information: https://gitlab.torproject.org/tpo/community/l10n/-/wikis/Monthly-Tor-Locali… emmapeel localization coordinator tor project

1 0

Anti-censorship meeting notes, 2021 September 16
by meskio 16 Sep '21

16 Sep '21

Hi everyone! Here are our meeting logs: http://meetbot.debian.net/tor-meeting/2021/tor-meeting.2021-09-16-15.59.html and our meeting pad: Anti-censorship work meeting pad -------------------------------- Next meeting: Thursday September 16th 16:00 UTC Weekly meetings, every Thursday at 16:00 UTC, in #tor-meeting at OFTC (channel is logged while meetings are in progress) == Goal of this meeting == Weekly checkin about the status of anti-censorship work at Tor. Coordinate collaboration between people/teams on anti-censorship at Tor. == Links to Useful documents == Our anti-censorship roadmap: Roadmap: https://gitlab.torproject.org/groups/tpo/anti-censorship/-/boards The anti-censorship team's wiki page: https://gitlab.torproject.org/tpo/anti-censorship/team/-/wikis/home Past meeting notes can be found at: https://lists.torproject.org/pipermail/tor-project/ Tickets that need reviews: from sponsors we are working on: All needs review tickets: https://gitlab.torproject.org/groups/tpo/anti-censorship/-/merge_requests?s… Sponsor 30 https://gitlab.torproject.org/groups/tpo/-/milestones/4 https://gitlab.torproject.org/groups/tpo/-/milestones/7 https://gitlab.torproject.org/groups/tpo/-/milestones/5 https://gitlab.torproject.org/groups/tpo/-/milestones/6 Sponsor 28 must-do tickets: https://gitlab.torproject.org/groups/tpo/-/milestones/10 possible tickets: https://gitlab.torproject.org/groups/tpo/-/issues?scope=all&utf8=%E2%9C%93&… == Announcements == Job opening on the anti-censorship team: https://www.torproject.org/about/jobs/software-developer-anticensorship-2/ \o/ == Discussion == https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… any idea what this "go.mod" warning is about? updated goptlib to add a go.mod and checking with the reporter if it fixes the problem == Actions == == Interesting links == https://ntc.party/t/tls-youtube/1311 TLS filter on youtube.com in Russia == Reading group == We will discuss "BlindTLS: Circumventing TLS-based HTTPS censorship" on 2021-09-23 https://dl.acm.org/doi/10.1145/3473604.3474564 Questions to ask and goals to have: What aspects of the paper are questionable? Are there immediate actions we can take based on this work? Are there long-term actions we can take based on this work? Is there future work that we want to call out, in hopes that others will pick it up? == Updates == Name: This week: - What you worked on this week. Next week: - What you are planning to work on next week. Help with: - Something you need help with. cecylia (cohosh): last updated 2021-09-09 Last week: - provided usecase for v3 service worker implementation of RTCPeerConnection - https://github.com/w3c/webextensions/issues/72#issuecomment-912675268 - https://github.com/w3c/webrtc-extensions/issues/77#issuecomment-912667886 - finished up and merged rdsys#38 - sponsor 28 scrimmage work - hiring tasks - started work on snowflake library v2 API changes (snowflake#40063) This week: - Away next week Needs help with: arlolra: 2021-08-12 Last week: - Migrate to v3 of the webextension manifest Next week: - Maybe get back to snowflake-webext #10 - Write up the pitch for our use case for supporting creating PeerConnections in background service workers https://github.com/w3c/webrtc-extensions/issues/77 Help with: - dcf: 2021-09-16 Last week: - snowflake bookkeeping https://gitlab.torproject.org/tpo/anti-censorship/team/-/wikis/Snowflake-co… - added a go.mod file to goptlib, released v1.2.0 https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… - replied to a ticket about Snowflake connection problems with a suggestion to enable logs https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… - replied re SCTP pluggable transport https://lists.torproject.org/pipermail/anti-censorship-team/2021-September/… - reviewed Snowflake client lib cleanup https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… Next week: - identify cause and fix for the goptlib go.mod issue https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… Help with: agix:2021-07-15 Last week: -Off due to final exams Next week: -Work on bridgebox for rdsys -More research on httpt #4 Help with: - hanneloresx: 2021-3-4 Last week: - Submitted MR for bridgestrap issue #14 Next week: - Finish bridgestrap #14 - Find new issue to work on Help with: - maxb: 2021-07-15 Last week: - Opened https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… re: utls for broker negotiation - Worked on github.com/max-b/nat-testing for https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… - Added a snowflake-proxy-no-nat and a snowflake-client-no-nat to help with debugging - Successfully making connections from snowflake-client and snoflake-client-no-nat through the snowflake-proxy-no-nat, but not having any success with the snowflake-proxy (with nat). - Added a local dockerized STUN server Next week: - Use wireshark to figure out the difference between successful snowflake-proxy-no-nat and unsuccessful snowflake-proxy-nat - Work on implementing different NAT types, particularly in a way that's conducive to automatic testing - Add testing wrapper w/ "pass/fail" conditions meskio: 2021-09-16 Last week: - implement censorship snapsot available on moat (bridgedb#40025) - review Clean up and document Snowflake client package (snowflake!56) - look at bridgedb smtp errors (bridgedb#12627) Next week: - deploy censorship snapshot as part of rdsys (rdsys#61) - work on bridgedb and rdsys connection (rdsys#12) Help with: - -- meskio | https://meskio.net/ -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- My contact info: https://meskio.net/crypto.txt -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Nos vamos a Croatan.

1 0

upcoming change in mailing lists configurations
by Antoine Beaupré 14 Sep '21

14 Sep '21

Hi, TL;DR: we are going to enable DMARC workarounds on Mailman mailing lists, which should improve deliverability. You may need to change your mailbox filters. # What is happening? We are going to change the configuration of all Mailman mailing lists to set the `dmarc_moderation_action` to `Munge From`. This will change the `From` header of outgoing email from mailing lists (such as this one) from, say: From: "Antoine Beaupré" <anarcat(a)torproject.org> .. to something like: From: Antoine Beaupre via tor-project <tor-project(a)lists.torproject.org> # Why are we doing this? This is because some email providers comply with the DMARC standard. To give an example, say provider example.com says that only them is allowed to send email from that domain and a user(a)example.com sends an email to one of our mailing lists. It's possible that this email then ends up at provider user(a)test.test, which, when it looks at the DMARC policy, decides to refuse the email because example.com doesn't allow lists.torproject.org to impersonate it. The net effect of this is that user(a)test.test will not get the email (at best) or (at worst!) get unsubscribed from the mailing list even though their email provider is actually complying with the email standard. A longer discussion of this happened in the issue tracker, here: https://gitlab.torproject.org/tpo/tpa/team/-/issues/19914 # When? This change will be performed in one week. Tests have been going since August 24th on the tor-relays@ lists and it has actually solved issues there, while not causing any other problems. # How? TPA will actually change the configuration on all lists, in the backend. List admins wishing their list to be excluded can notify us by replying to this email or opening a ticket in the TPA issue tracker, as usual: https://gitlab.torproject.org/tpo/tpa/team/-/issues/new A. -- Antoine Beaupré torproject.org system administration

1 1

Anti-censorship meeting notes, 2021 September 9
by Cecylia Bocovich 09 Sep '21

09 Sep '21

Hey everyone! Here are our meeting logs: http://meetbot.debian.net/tor-meeting/2021/tor-meeting.2021-09-09-16.00.html and our meeting pad: Anti-censorship work meeting pad -------------------------------- Next meeting: Thursday September 9th 16:00 UTC Weekly meetings, every Thursday at 16:00 UTC, in #tor-meeting at OFTC (channel is logged while meetings are in progress) == Goal of this meeting == Weekly checkin about the status of anti-censorship work at Tor. Coordinate collaboration between people/teams on anti-censorship at Tor. == Announcements == Job opening on the anti-censorship team: https://www.torproject.org/about/jobs/software-developer-anticensorship-2/ \o/ == Discussion == - what's going wrong with these connection failures? - https://bugs.torproject.org/tpo/anti-censorship/pluggable-transports/snowfl… - could just be getting unlucky with non-working proxies, and reaching the SOCKS timeout - will ask them to enable the snowflake-client log - is it ok to change the IP address of a bridge periodically (e.g. once per year)? - https://lists.torproject.org/pipermail/tor-relays/2021-August/019788.html - it's ok, bridgedb will start distributing the new IP address (existing users of the bridge lose access) - bridges are assigned to pools based on a hash of the fingerprint; is it possible for a bridge to fall into the manual, human-distributed pool that way? or are all those bridges hand-selected? == Actions == == Interesting links == Blocking of DNS/DoH/DoT servers of Google/Cloudflare/OpenDNS in Russia, begins today(?) https://github.com/net4people/bbs/issues/81 https://ntc.party/t/doh-dns-google/1225 Disruptions of BitTorrent and WireGuard in Russia last week https://github.com/net4people/bbs/issues/76#issuecomment-915544316 https://github.com/net4people/bbs/issues/83 https://ntc.party/t/an-open-encyclopedia-of-internet-censorship-persian/1223 == Reading group == We will discuss "BlindTLS: Circumventing TLS-based HTTPS censorship" on 2021-09-23 https://dl.acm.org/doi/10.1145/3473604.3474564 Questions to ask and goals to have: What aspects of the paper are questionable? Are there immediate actions we can take based on this work? Are there long-term actions we can take based on this work? Is there future work that we want to call out, in hopes that others will pick it up? == Updates == Name: This week: - What you worked on this week. Next week: - What you are planning to work on next week. Help with: - Something you need help with. cecylia (cohosh): last updated 2021-09-09 Last week: - provided usecase for v3 service worker implementation of RTCPeerConnection - https://github.com/w3c/webextensions/issues/72#issuecomment-912675268 - https://github.com/w3c/webrtc-extensions/issues/77#issuecomment-912667886 - finished up and merged rdsys#38 - sponsor 28 scrimmage work - hiring tasks - started work on snowflake library v2 API changes (snowflake#40063) This week: - Away next week Needs help with: arlolra: 2021-08-12 Last week: - Migrate to v3 of the webextension manifest Next week: - Maybe get back to snowflake-webext #10 - Write up the pitch for our use case for supporting creating PeerConnections in background service workers https://github.com/w3c/webrtc-extensions/issues/77 Help with: - dcf: 2021-09-09 Last week: - fixed meek-client test errors https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/meek… - commented on goptlib go.mod issue https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… Next week: - identify cause and fix for the goptlib go.mod issue https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… - reply to Alexander Mages re SCTP pluggable transport https://lists.torproject.org/pipermail/anti-censorship-team/2021-August/000… - suggest enabling logs in https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… Help with: agix:2021-07-15 Last week: -Off due to final exams Next week: -Work on bridgebox for rdsys -More research on httpt #4 Help with: - hanneloresx: 2021-3-4 Last week: - Submitted MR for bridgestrap issue #14 Next week: - Finish bridgestrap #14 - Find new issue to work on Help with: - maxb: 2021-07-15 Last week: - Opened https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… re: utls for broker negotiation - Worked on github.com/max-b/nat-testing for https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… - Added a snowflake-proxy-no-nat and a snowflake-client-no-nat to help with debugging - Successfully making connections from snowflake-client and snoflake-client-no-nat through the snowflake-proxy-no-nat, but not having any success with the snowflake-proxy (with nat). - Added a local dockerized STUN server Next week: - Use wireshark to figure out the difference between successful snowflake-proxy-no-nat and unsuccessful snowflake-proxy-nat - Work on implementing different NAT types, particularly in a way that's conducive to automatic testing - Add testing wrapper w/ "pass/fail" conditions meskio: 2021-09-09 Last week: - snowflake debian package (snowflake#19409) - failed gitlab uploader implementation for gettor in rdsys (rdsys#43) - start censorship snapsot available on moat (bridgedb#40025) - review networkstatus documents for running flag in rdsys (rdsys!14) Next week: - implement censorship snapsot available on moat (bridgedb#40025) - add more providers to gettor (rdsys#43) Help with: -

1 0

minutes from the sysadmin meeting
by Antoine Beaupré 09 Sep '21

09 Sep '21

Hi! I'm back from vacation, so we're meeting again! Here are the minutes from the meeting held yesterday. # Roll call: who's there and emergencies anarcat, kez, lavamind, gaba No emergencies. # Milestones for TPA projects Question: we're going to use the milestones functionality to sort large projects in the roadmap, which projects should go in there? We're going to review the roadmap before finishing off the other items on the checklist, if anything. Many of those are a little too vague to have clear deadlines and objective tasks. But we agree that we want to use milestones to track progress in the roadmap. Milestones may be created outside of the TPA namespace if we believe they will affect other projects (e.g. Jenkins). Milestones will be linked from the Wiki page for tracking. # Roadmap review Quarterly roadmap review: review priorities of the [2021 roadmap][] to establish *everything* that we will do this year. Hint: this will require making hard choices and postponing a certain number of things to 2022. [2021 roadmap]: https://gitlab.torproject.org/tpo/tpa/team/-/wikis/roadmap/2021 We did this in three stages: * Q3: what we did (or did not) do last quarter (and what we need to bring to Q4) * Q4: what we'll do in the final quarter * Must have: what we really need to do by the end of the year (really the same as Q4 at this point) ## Q3 We're reviewing Q3 first. Vacations and onboarding happened, and so did making a plan for the blog. Removed the "improve communications/monitoring" item: it's too vague and we're not going to finish it off in Q4. We kept the RT stuff, but moved it to Q4. ## Q4 review * blog migration is going well, we added the discourse forum as an item in the roadmap * the gitolite/gitweb retirement plan was removed from Q4, we're postponing to 2022 * jenkins migration is going well. websites are the main blocker. anarcat is bottomlining it, jerome will help with the webhook stuff, migrating status.tpo and then blog.tpo * moving the [email submission server ticket][] to the end of the list, as it is less of a priority than the other things * we're not going to fix [btcpayserver hosting][] yet, but we'll need to [pay for it][] * kez' projects were not listed in the roadmap so we've added them: * donate react.js rewrite * rewrite bridges.torproject.org templates as part of Sponsor 30's project [email submission server ticket]: https://gitlab.torproject.org/tpo/tpa/team/-/issues/30608 [btcpayserver hosting]: https://gitlab.torproject.org/tpo/tpa/team/-/issues/33750 [pay for it]: https://gitlab.torproject.org/tpo/tpa/team/-/issues/40303 ## Must have review * **email delivery improvements**: postponed to 2022, in general, and will need a tighter/clearer plan, including [mail standards][] * we keep that at the top of the list, "continued email improvements", next year * **service retirements**: SVN/fpcentral will be retired! * **scale GitLab with ongoing and surely expanding usage**. this happened: * we resized the VM (twice?) and provided more runners, including the huge shadow runner * we can deploy runners with very specific docker configurations * we discussed implementing a better system for caching (shared caching) and artifacts (an object storage system with minio/s3, which could be reused by gitlab pages) * scaling the runners and CI infrastructure will be a priority in 2022 * **provide reliable and simple continuous integration services**: working well! jenkins will be retired! * **fixing the blog**: happening * **improve communications and monitoring** * moving root@ and noise to RT is still planned * Nagios is going to require a redesign in 2022, even if just for upgrading it, because it is a breaking upgrade. maybe rebuild a new server with puppet or consider replacing with Prometheus + alert manager [mail standards]: https://gitlab.torproject.org/tpo/tpa/team/-/issues/40363 # Triage Go through the [web][] and [TPA team board][] and: 1. reduce the size of the Backlog 2. establish correctly what will be done next [web]: https://gitlab.torproject.org/tpo/tpa/team/-/boards/117 [TPA team board]: https://gitlab.torproject.org/groups/tpo/web/-/boards *Discussion postponed to next weekly check-in.* # Routine tasks review A number of routine tasks have fallen by the wayside during my vacations. Do we want to keep doing them? I'm thinking of: 1. monthly reports: super useful 2. weekly office hours: also useful, maybe do a reminder? 3. "star of the weeks" and regular triage, also provides an interruption shield: does not work so well because two people are part-time. other teams do triage with gaba once a week, half an hour. important to rotate to share the knowledge. a triage-howto page would be helpful to have on the wiki to make rotation as seamless as possible (see [ticket 40382][]) [ticket 40382]: https://gitlab.torproject.org/tpo/tpa/team/-/issues/40382 # Other discussions No other discussion came up during the meeting. # Next meeting In one month, usual time, to be scheduled. # Metrics of the month * hosts in Puppet: 88, LDAP: 91, Prometheus exporters: 142 * number of Apache servers monitored: 28, hits per second: 145 * number of Nginx servers: 2, hits per second: 2, hit ratio: 0.82 * number of self-hosted nameservers: 6, mail servers: 7 * pending upgrades: 15, reboots: 0 * average load: 0.33, memory available: 3.39 TiB/4.26 TiB, running processes: 647 * bytes sent: 277.79 MB/s, received: 166.01 MB/s * [GitLab tickets][]: ? tickets including... * open: 0 * icebox: 119 * backlog: 17 * next: 6 * doing: 5 * needs information: 3 * needs review: 0 * (closed: 2387) [Gitlab tickets]: https://gitlab.torproject.org/tpo/tpa/team/-/boards # Ticket analysis | date | open | icebox | backlog | next | doing | closed | delta | sum | new | spill | |------------|------|--------|---------|------|-------|--------|-------|------|------|-------| | 2020-11-18 | 1 | 84 | 32 | 5 | 4 | 2119 | NA | 2245 | NA | NA | | 2020-12-02 | 0 | 92 | 20 | 9 | 8 | 2130 | 11 | 2259 | 14 | -3 | | 2021-01-19 | 0 | 91 | 20 | 12 | 10 | 2165 | 35 | 2298 | 39 | -4 | | 2021-02-02 | 0 | 96 | 18 | 10 | 7 | 2182 | 17 | 2313 | 15 | 2 | | 2021-03-02 | 0 | 107 | 15 | 9 | 7 | 2213 | 31 | 2351 | 38 | -7 | | 2021-04-07 | 0 | 106 | 22 | 7 | 4 | 2225 | 12 | 2364 | 13 | -1 | | 2021-05-03 | 0 | 109 | 15 | 2 | 2 | 2266 | 41 | 2394 | 30 | 11 | | 2021-06-02 | 0 | 114 | 14 | 2 | 1 | 2297 | 31 | 2428 | 34 | -3 | | 2021-09-07 | 0 | 119 | 17 | 6 | 5 | 2397 | 100 | 2544 | 116 | -16 | |------------|------|--------|---------|------|-------|--------|-------|------|------|-------| | mean | 0.1 | 102.0 | 19.2 | 6.9 | 5.3 | NA | 30.9 | NA | 33.2 | -2.3 |    We have knocked out an average of 33 tickets per month during the vacations, which is pretty amazing. Still not enough to keep up with the tide, so the icebox is still filling up. Also note that there are 3 tickets ("Needs review") that are not listed in the last month. Legend: * date: date of the report * open: untriaged tickets * icebox: tickets triaged in the "icebox" ("stalled") * backlog: triaged, planned work for the "next" iteration (e.g. "next month") * next: work to be done in the current iteration or "sprint" (e.g. currently a month, so "this month") * doing: work being done right now (generally during the day or week) * closed: completed work * delta: number of new closed tickets from last report * sum: total number of tickets * new: tickets created since the last report * spill: difference between "delta" and "new", whether we closed more or less tickets than were created -- Antoine Beaupré torproject.org system administration

1 0

UX team monthly meetings notes, September 7th
by Duncan Larsen-Russell 07 Sep '21

07 Sep '21

Hello, Thanks everyone who made it to today's UX team monthly meeting! We're looking forward to seeing you all again in October. Here are the minutes: http://meetbot.debian.net/tor-meeting/2021/tor-meeting.2021-09-07-14.00.log… <http://meetbot.debian.net/tor-meeting/2021/tor-meeting.2021-09-07-14.00.log…> Today we reviewed the script for the UX team’s upcoming VPN user survey, which will help us determine which VPNs the community use most, why they use a VPN, and how it fits into their browsing experience. Lastly, we also discussed the August 2021 user feedback report. *** == Monthly User Experience Team Meeting == Open IRC meetings happen monthly on the first Tuesday of the month at 1400 UTC in #tor-meeting on OFTC. The next meeting will be held on Tuesday October 5th at 1400 UTC in #tor-meeting on OFTC. Here are the minutes from our most recent meetings: September 7th: http://meetbot.debian.net/tor-meeting/2021/tor-meeting.2021-09-07-14.00.log… <http://meetbot.debian.net/tor-meeting/2021/tor-meeting.2021-09-07-14.00.log…> August 3rd: http://meetbot.debian.net/tor-meeting/2021/tor-meeting.2021-08-03-13.59.log… <http://meetbot.debian.net/tor-meeting/2021/tor-meeting.2021-08-03-13.59.log…> July 13th: http://meetbot.debian.net/tor-meeting/2021/tor-meeting.2021-07-13-14.00.log… <http://meetbot.debian.net/tor-meeting/2021/tor-meeting.2021-07-13-14.00.log…> June 8th: http://meetbot.debian.net/tor-meeting/2021/tor-meeting.2021-06-08-14.00.log… <http://meetbot.debian.net/tor-meeting/2021/tor-meeting.2021-06-08-14.00.log…> -------------------------- Tuesday September 7th 14:00 UTC -------------------------- == What projects are we working on? == S9 - Usability and Community Intervention on Support for Democracy and Human Rights https://gitlab.torproject.org/groups/tpo/-/issues?scope=all&utf8=%E2%9C%93&… <https://gitlab.torproject.org/groups/tpo/-/issues?scope=all&utf8=%E2%9C%93&…> S30 - Empowering Communities in the Global South to Bypass Censorship https://gitlab.torproject.org/groups/tpo/-/issues?scope=all&utf8=%E2%9C%93&… <https://gitlab.torproject.org/groups/tpo/-/issues?scope=all&utf8=%E2%9C%93&…> S96 – Rapid Expansion of Access to the Uncensored Internet through Tor in China, Hong Kong, & Tibet https://gitlab.torproject.org/groups/tpo/-/milestones/24 <https://gitlab.torproject.org/groups/tpo/-/milestones/24> S103 – Collaborative ResistancE to Web Surveillance (CREWS) https://gitlab.torproject.org/groups/tpo/-/issues?scope=all&utf8=%E2%9C%93&… <https://gitlab.torproject.org/groups/tpo/-/issues?scope=all&utf8=%E2%9C%93&…> == Announcements == * Tor Browser 10.5.5 Release: https://blog.torproject.org/new-release-tor-browser-1055 <https://blog.torproject.org/new-release-tor-browser-1055> * Tor Browser Alpha 11.0a5 Release: https://blog.torproject.org/new-release-tor-browser-110a5 <https://blog.torproject.org/new-release-tor-browser-110a5> * Tor Browser Alpha 11.0a6 Release (Android only): https://blog.torproject.org/new-release-tor-browser-110a6 <https://blog.torproject.org/new-release-tor-browser-110a6> * Tails 4.22 Release: https://blog.torproject.org/new-release-tails-422 <https://blog.torproject.org/new-release-tails-422> * V2 Onion Services deprecation: https://status.torproject.org/issues/2021-05-6-v2-deprecation/ <https://status.torproject.org/issues/2021-05-6-v2-deprecation/> == Agenda == 1. VPN user survey: - Move "Why do you use a VPN" question earier in the branch/thread - How device-agnostic vs. Android-specific should the survey be? - If device-agnostic, include full selection of web-browsers and VPN providers - If Android specific, feature very explicit wording explaining this 2. User Feedback Report – August 2021: https://lists.torproject.org/pipermail/tor-project/2021-September/003177.ht… <https://lists.torproject.org/pipermail/tor-project/2021-September/003177.ht…> - 9 reports of confusion regarding the V2 deprecation warning: are these users on older versions of TB (and as such still see the banner on about:tor), or do these reports pertain to the V2 deprecation error screen itself? == Open Call for User Research == Find out how to contribute to the UX team: https://community.torproject.org/user-research/how-to-volunteer/ <https://community.torproject.org/user-research/how-to-volunteer/> Thanks everyone! *** Duncan Larsen-Russell Product Manager & UX Team Lead duncan(a)torproject.org <mailto:duncan@torproject.org>

1 0

Anti-censorship team monthly report: July and August 2021
by Cecylia Bocovich 07 Sep '21

07 Sep '21

Hi everyone, This is what we've been up to during July and August! Snowflake ========= * Adjusted Snowflake session layer parameters for better performance. https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… * Added support for an AMP cache rendezvous to Snowflake. It is not being used yet, but is available if needed as an alternative to domain fronting rendezvous. https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… * Updated the web proxy for new browser requirements. https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… * Made the Snowflake client accept configuration in the form of SOCKS arguments (in preference to command-line options). This makes it easier to control the configuration in frontends such as Tor Browser's. https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… * Assign proxies based on their client load https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… * Wait pollInterval in snowflake between proxy offers https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… * Improved Snowflake documentation and READMEs https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… BridgeDB ======== * change bridgedb to send obfs4 bridges by default over email https://gitlab.torproject.org/tpo/anti-censorship/bridgedb/-/issues/40019 * Allowed BridgeDB to see the IP address of moat clients https://gitlab.torproject.org/tpo/anti-censorship/bridgedb/-/issues/32276 rdsys ===== * Integrate GetTor into rdsys https://gitlab.torproject.org/tpo/anti-censorship/rdsys/-/issues/32 * Add GetTor documentation https://gitlab.torproject.org/tpo/anti-censorship/rdsys/-/issues/44 * Run tests in the CI https://gitlab.torproject.org/tpo/anti-censorship/rdsys/-/issues/58 Other ===== * Investigated changes in user metrics in Turkmenistan. https://gitlab.torproject.org/tpo/community/support/-/issues/40030#note_274… * Bridgestrap CollecTor metrics https://gitlab.torproject.org/tpo/anti-censorship/bridgestrap/-/issues/15 * Set up reachability probes for Tor in Turkey https://gitlab.torproject.org/tpo/anti-censorship/censorship-analysis/-/iss…

1 0

UX team meeting on September 7th
by Duncan Russell 03 Sep '21

03 Sep '21

Hi everyone! Our next User Experience team meeting will be held on Tuesday September 7th at 1400 UTC in #tor-meeting.* During this meeting we'll share an update on the UX team’s ongoing work across key projects, including the planning for our upcoming VPN user survey which will ask the community which VPNs they use, why they use a VPN, and how it fits into their browsing experience. If you'd like to get involved please feel free to add your items to the pad: https://pad.riseup.net/p/1D8sK8Zy74b_0qclC97I-ux-team-monthly-2020-keep <https://pad.riseup.net/p/1D8sK8Zy74b_0qclC97I-ux-team-monthly-2020-keep> Remember: User Experience team meetings are an open space for discussion around ethical user research, user interface design and the user experience of privacy-enhancing products. See you soon! Duncan [*] https://gitlab.torproject.org/tpo/ux/team/-/wikis/home <https://gitlab.torproject.org/tpo/ux/team/-/wikis/home> *** Duncan Larsen-Russell Product Manager & UX Team Lead duncan(a)torproject.org <mailto:duncan@torproject.org>

1 0

User Feedback Report - August 2021
by Kulsoom Zahra 03 Sep '21

03 Sep '21

Greetings, everyone! This is a report of the work done by the Community Team in the past month and general user feedback that we've received across our official support channels. Report Period - July 31 upto 31 August, 2021 Tickets resolved in the past month: 165 Here is a list of issues which got the most attention (at least 2 tickets on RT): # Tor Browser Breakdown of number of RT tickets received with respect to operating system: Windows (10,8,7 ...all the way upto Vista) - 24 macOS - 5 Android - 8 GNU/Linux - 2 iOS - 4 (Note: This includes tickets where the user mentioned the operating system or it was evident from the issue they were running into or enclosed screenshots.) 1. 12 RT tickets - Unable to access websites; Login fails. Users also reported issues with payment on sites like eBay, PayPal etc. Regarding websites blocking Tor users, Hackhard GSoC project is tracking the top 500 websites.[1] 2. 5 RT tickets - YouTube not accessible renders the error "Our system have detected unusual traffic from your computer network". We point users to the "Basic Troubleshooting when users can't access any particular website" article (template) on the RT. 3. 5 RT tickets - "Tor Unexpectedly Exited": Failure to launch Tor Browser. We direct users to the "Seven-point basic troubleshooting" article (template) on the RT to help users. 4. 5 RT tickets - Installation Issue (OS - Windows) We ask users to make sure they've downloaded the correct version of TB depending on their Operating System 32-bit or 64-bit. [2] 5. 4 RT tickets - Fake Tor App on Apple Store. Users are being charged after installing a fake Tor Browser app on iOS. We educate users about fake apps and recommend them to solely use the Onion Browser for iOS. 6. 3 RT tickets - Cannot download files on Tor Browser for Android. Regarding this we have a ticket on our GitLab. [3] A workaround for this recurring issue is to make a new Tor connection and relaunch the download. 7. 3 RT tickets - Error "Proxy Server Refused Connection". We ask users NOT to set TBA as their default browser and point them to the article on the Support Portal. [4] 8. 2 RT tickets - Reporting bad onion sites. The Tor Project doesnot host or control onion sites, we answer users taking help from the article on our Support portal. [5] 9. 1 RT ticket - Error "RSA_get0_d could not be located in the dynamic link library tor.exe" on Windows. We have a GitLab ticket regarding this long standing issue. [6] # Onion Services 1. 9 RT tickets - v2 onion deprecation. Users were confused 'how' to upgrade v2 onions to v3. They were asking for a direct link/button to upgrade. We help users identify v2 and v3 onions, point them to the "v2 onion deprecation" article (template) on the RT and FAQ on the Support Portal. [7] # UI/UX and documentation 1. Google Play Store - In terms of user experience, reviews mostly revolve around- 'Unable to access to YouTube and other sites', 'Tor freezes', 'Can't download anything files/images', 'Tor Browser is slow', 'can't upload files' and 'too many captchas'. However, in terms of reviews we have quite a good number of 4 and 5 star ratings. 2. Tor Stack Exchange - Statistics of what the discussion has been about (6 most active tags): hidden-services- 17 questions anonymity- 12 questions security- 9 questions configuration (questions about configuring Tor software)- 6 questions tor-browser-bundle- 6 questions onion-routing - 4 questions 3. Reddit Discussions have been around: * Tor browser is Looping same exits. * Hidden Service for Minecraft * Can't access YouTube and other sites over Tor * Tor is very slow * VPN and Tor - How does using VPN decrease anonymity? * fdroid version from the guardian project not updated * Onion sites # Anti-censorship 1. 5 RT tickets - Bridges not working Tor logs revealed that it was caused by users editing their torrc file; overriding the exit nodes and 'general SOCKS server failure' errors. We educate users NOT to modify their torrc file and one gets the best security Tor can provide when they leave the route selection up to Tor. Then point them to the FAQ on the Support Portal. [8] 2. 4 RT tickets - Bridge requests We got users requesting help to connect to Tor which have been from Iran, China and other countries. We provided private bridges for them. 3. In the past month, there have been instances of censorship and internet shutdowns in countries like Iran and South Sudan. We're following up on their situation.[9] There has also been a decrease in users connecting directly to Tor from Turkmenistan. We've a ticket open to track the status. [10] If you have any suggestions, questions or want to discuss anything in detail please feel free to reach out to me and/or anyone from the Community Team! Thanks, Kulsoom IRC - kulsoom_z Links: [1]: https://gitlab.torproject.org/woswos/CAPTCHA-Monitor/-/wikis/GSoC-2021 [2]: https://www.torproject.org/download/ [3]: https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/31013 [4]: https://support.torproject.org/tbb/#tbb-32 [5]: https://support.torproject.org/abuse/remove-content-from-onion-address/ [6]: https://gitlab.torproject.org/tpo/core/tor/-/issues/33702 [7]: https://support.torproject.org/onionservices/#v2-deprecation [8]: https://support.torproject.org/tbb/#tbb-16 [9]: https://gitlab.torproject.org/tpo/community/support/-/issues/40034 [10]: https://gitlab.torproject.org/tpo/community/support/-/issues/40030

1 0

Anti-censorship meeting notes, 2021 September 2
by Cecylia Bocovich 02 Sep '21

02 Sep '21

Hi everyone! Here are our meeting logs: http://meetbot.debian.net/tor-meeting/2021/tor-meeting.2021-09-02-16.00.html and our meeting pad: Anti-censorship work meeting pad -------------------------------- Next meeting: Thursday September 2nd 16:00 UTC Weekly meetings, every Thursday at 16:00 UTC, in #tor-meeting at OFTC (channel is logged while meetings are in progress) == Goal of this meeting == Weekly checkin about the status of anti-censorship work at Tor. Coordinate collaboration between people/teams on anti-censorship at Tor. == Announcements == Job opening on the anti-censorship team: https://www.torproject.org/about/jobs/software-developer-anticensorship-2/ \o/ == Discussion == - CPU use in proxies and bridge - https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… - bridge is sitting at about 200% CPU: about 30% tor, 170% snowflake-server - might be worth doing one round of profiling? - how to profile the bridge? in production or separately? - can use snowbox as a simulation - proxies can control CPU use with -capacity option - Reading group? - we'll read "BlindTLS" https://dl.acm.org/doi/10.1145/3473604.3474564 - DocsHackathon: - Add a new support item about using Tor in China: https://gitlab.torproject.org/tpo/web/support/-/issues/210 - Merging support.torproject.org/gettor into support.torproject.org/censorship - TM censorship update - do any of our gettor endpoints work in Turkmenistan? - archive.org seems to be ok for DNS, HTTP, and HTTPS == Actions == Update the monthly report for July + August: https://pad.riseup.net/p/l7d6oBd40EQa3u7cFxIk == Interesting links == https://ntc.party/t/an-open-encyclopedia-of-internet-censorship-persian/1223 ACM FOCI 2021 papers https://dl.acm.org/doi/proceedings/10.1145/3473604 "Even Censors Have a Backup: Examining China's Double HTTPS Censorship Middleboxes" https://dl.acm.org/doi/10.1145/3473604.3474559 "Measuring QQMail's automated email censorship in China" https://dl.acm.org/doi/10.1145/3473604.3474560 "A multi-perspective view of Internet censorship in Myanmar" https://dl.acm.org/doi/10.1145/3473604.3474562 "Exploring Simple Detection Techniques for DNS-over-HTTPS Tunnels" https://dl.acm.org/doi/10.1145/3473604.3474563 "BlindTLS: Circumventing TLS-based HTTPS censorship" https://dl.acm.org/doi/10.1145/3473604.3474564 USENIX Security 2021 papers https://www.usenix.org/conference/usenixsecurity21/technical-sessions "Domain Shadowing: Leveraging Content Delivery Networks for Robust Blocking-Resistant Communications" https://www.usenix.org/conference/usenixsecurity21/presentation/wei "How Great is the Great Firewall? Measuring China's DNS Censorship" https://www.usenix.org/conference/usenixsecurity21/presentation/hoang "Balboa: Bobbing and Weaving around Network Censorship" https://www.usenix.org/conference/usenixsecurity21/presentation/rosen "Weaponizing Middleboxes for TCP Reflected Amplification" https://www.usenix.org/conference/usenixsecurity21/presentation/bock "Defeating DNN-Based Traffic Analysis Systems in Real-Time With Blind Adversarial Perturbations" https://www.usenix.org/conference/usenixsecurity21/presentation/nasr == Reading group == We will discuss "BlindTLS: Circumventing TLS-based HTTPS censorship" on 2021-09-23 https://dl.acm.org/doi/10.1145/3473604.3474564 Questions to ask and goals to have: What aspects of the paper are questionable? Are there immediate actions we can take based on this work? Are there long-term actions we can take based on this work? Is there future work that we want to call out, in hopes that others will pick it up? == Updates == Name: This week: - What you worked on this week. Next week: - What you are planning to work on next week. Help with: - Something you need help with. cecylia (cohosh): last updated 2021-09-02 Last week: - hiring tasks for ac team and network team - more s28 scrimmage work - got snowflake working in shadow - https://github.com/shadow/shadow/pull/1601 - implemented parsing of networkstatus documents for rdsys (rdsys!14) - wrote a draft plug for implementing RTCPeerConnection for v3 manifests - reviewed GetTor implementation in rdsys (rdsys!11) - reviewed snowflake!52 - couple other small reviews This week: - snowflake package documentation and API changes (snowflake#40063) - more rdsys + BridgeDB deployment work - network simulations of Snowflake with shadow - censorship measurement tests and tools - lots of miscellaneous gitlab TODOs Needs help with: - feedback on v3 plug: https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… arlolra: 2021-08-12 Last week: - Migrate to v3 of the webextension manifest Next week: - Maybe get back to snowflake-webext #10 - Write up the pitch for our use case for supporting creating PeerConnections in background service workers https://github.com/w3c/webrtc-extensions/issues/77 Help with: - dcf: 2021-09-02 Last week (since 2021-08-19): - helped review snowflake-client SOCKS args https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… - more investigation of blocking in Turkmenistan https://gitlab.torproject.org/tpo/community/support/-/issues/40030#note_274… - helped analyze go mod issue with goptlib https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… - attended pluggable transports meetup https://internetfreedomfestival.org/wiki/index.php/September_2_2021_GM Next week: - fix meek-client test errors https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/meek… - identify cause and fix for the goptlib go.mod issue https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… - reply to Alexander Mages re SCTP pluggable transport https://lists.torproject.org/pipermail/anti-censorship-team/2021-August/000… Help with: agix:2021-07-15 Last week: -Off due to final exams Next week: -Work on bridgebox for rdsys -More research on httpt #4 Help with: - hanneloresx: 2021-3-4 Last week: - Submitted MR for bridgestrap issue #14 Next week: - Finish bridgestrap #14 - Find new issue to work on Help with: - maxb: 2021-07-15 Last week: - Opened https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… re: utls for broker negotiation - Worked on github.com/max-b/nat-testing for https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… - Added a snowflake-proxy-no-nat and a snowflake-client-no-nat to help with debugging - Successfully making connections from snowflake-client and snoflake-client-no-nat through the snowflake-proxy-no-nat, but not having any success with the snowflake-proxy (with nat). - Added a local dockerized STUN server Next week: - Use wireshark to figure out the difference between successful snowflake-proxy-no-nat and unsuccessful snowflake-proxy-nat - Work on implementing different NAT types, particularly in a way that's conducive to automatic testing - Add testing wrapper w/ "pass/fail" conditions meskio: 2021-09-02 Last week: - work on the moat Censorsip snapshot (bridgedb#40025) - merge gettor implemenation (rdsys!11) - update snowflake debian package (snowflake#19409) - write gettor documentation (rdsys#44) - test fixes into snowflake (snowflake!55) - run rdsys tests in the CI (rdsys#58) - review networkstatus parser (rdsys!14) - review rearquitecture to smaller docker image for snowflake-proxy (docker-snowflake-proxy!1) - review and merge gettor updater script (gettor!17) - review snowflake Check error for calls to preparePeerConnection (snowflake!54) - review and merge obfs4 docker build for multiple archs (docker-obfs4-bridge!4) Next week: - implement censorship snapsot available on moat (bridgedb#40025) - add more providers to gettor (rdsys#43) - get the snowflake debian package reviewed by a DD (snowflake#19409) Help with: -

1 0