- tor-project - lists.torproject.org

restarting Tor Browser release meetings
by Gaba 04 May '21

04 May '21

Hi! We are starting to meet again to discuss releases of Tor Browser. The next meeting will be on May 4th at 19UTC in irc.oftc.net #tor-meeting The pad for this meetings is at http://kfahv6wfkbezjyg4r6mlhpmieydbebr5vkok5r34ya464gqz6c44bnyd.onion/p/tor… cheers, gaba -- pronouns she/her/they GPG Fingerprint EE3F DF5C AD91 643C 21BE 8370 180D B06C 59CA BD19

2 1

minute details from the sysadmin
by Antoine Beaupré 03 May '21

03 May '21

As with the previous month, I figured I would show a sign of life here and try to keep you up to date with what's happening in sysadmin-land, even though we're not having regular meetings. I'm still experimenting with structure here, and this is totally un-edited, so please bear with me. # Important announcements You might have missed this: * Jenkins will be retired in December 2021, and it's time to move your jobs away * if you want old Trac wiki redirects to go to the right place, do let us know, see [ticket 40233][] * we do not have ARM 32 builders anymore, the last one was shut down recently ([ticket 32920][]) and they had been removed from CI (Jenkins) anyways before that. the core team is looking at alternatives for building Tor on armhf in the future, see [ticket 40347][] * we have setup a Prometheus Alertmanager during the hack week, which means we can do alerting based on Prometheus metrics, see the [altering documentation][] for more information As usual, if you have any questions, comments, or issues, please do contact us following this "how to get help" procedure: <https://gitlab.torproject.org/tpo/tpa/team/-/wikis/policy/tpa-rfc-2-support…> Yes, that's a terrible URL. Blame GitLab. :) [altering documentation]: https://gitlab.torproject.org/tpo/tpa/team/-/wikis/howto/prometheus#alerting [ticket 40347]: https://gitlab.torproject.org/tpo/core/tor/-/issues/40347 [ticket 32920]: https://gitlab.torproject.org/tpo/tpa/team/-/issues/32920 [ticket 40233]: https://gitlab.torproject.org/tpo/tpa/team/-/issues/40233 # Crash of the month Your sysadmin crashed a Ganeti node, creating a split-brain scenario ([ticket 40229][]). He would love to say that was planned and a routine exercise to test the documentation but (a) it wasn't and (b) the document had to be made up as he went, so that was actually a stressful experience. Remember kids: never start a migration before the weekend or going to bed unless you're willing and ready to stay up all night (or weekend). [ticket 40229]: https://gitlab.torproject.org/tpo/tpa/team/-/issues/40229 # Metrics of the month * hosts in Puppet: 86, LDAP: 89, Prometheus exporters: 140 * number of Apache servers monitored: 28, hits per second: 147 * number of Nginx servers: 2, hits per second: 2, hit ratio: 0.86 * number of self-hosted nameservers: 6, mail servers: 7 * pending upgrades: 1, reboots: 0 * average load: 0.68, memory available: 2.00 TiB/2.77 TiB, running processes: 552 * bytes sent: 276.43 MB/s, received: 162.75 MB/s * [GitLab tickets][]: ? tickets including... * open: 0 * icebox: 109 * backlog: 15 * next: 2 * doing: 2 * (closed: 2266) [Gitlab tickets]: https://gitlab.torproject.org/tpo/tpa/team/-/boards # Ticket analysis Here's an update of the ticket table, which we last saw in February: | date | open | icebox | backlog | next | doing | closed | delta | sum | new | spill | |------------|------|--------|---------|------|-------|--------|-------|--------|------|-------| | 2020-11-18 | 1 | 84 | 32 | 5 | 4 | 2119 | NA | 2245 | NA | NA | | 2020-12-02 | 0 | 92 | 20 | 9 | 8 | 2130 | 11 | 2259 | 14 | -3 | | 2021-01-19 | 0 | 91 | 20 | 12 | 10 | 2165 | 35 | 2298 | 39 | -4 | | 2021-02-02 | 0 | 96 | 18 | 10 | 7 | 2182 | 17 | 2313 | 15 | 2 | | 2021-03-02 | 0 | 107 | 15 | 9 | 7 | 2213 | 31 | 2351 | 38 | -7 | | 2021-04-07 | 0 | 106 | 22 | 7 | 4 | 2225 | 12 | 2364 | 13 | -1 | | 2021-05-03 | 0 | 109 | 15 | 2 | 2 | 2266 | 41 | 2394 | 30 | 11 | |------------|------|--------|---------|------|-------|--------|-------|--------|------|-------| | total | NA | NA | NA | NA | NA | NA | 147 | NA | 149 | -2 | |------------|------|--------|---------|------|-------|--------|-------|--------|------|-------| | mean | 0.1 | 97.9 | 20.3 | 7.7 | 6.0 | 2185.7 | 21.0 | 2317.7 | 21.3 | -0.3 | I added a "delta" column which shows how many additional tickets were closed since the previous period. April is our record so far, with a record of 41 tickets closed in less than 30 days, more than one ticket per day! I also added a "new" column that shows how many new tickets, in total, were created in the period. And the "spill" is the difference between the two. If positive, we're winning the ticket game, if negative, we're losing ground and more tickets are being created than we are closing. Overall, we're slightly behind (-2), but that's only because of the epic month of April. And while I'm here, I went crazy with Emacs' `orgtbl-mode` and added totals and averages. In other news, the Icebox keeps growing, which should keep us cool and breezy during the northern hemisphere summer that's coming up. ;) At least the Backlog is not growing too wildly, and the actual current queue (Next/Doing) is pretty reasonable. So things seem to be under control, but the new hiring process is taking significant time so this might upset our roadmap a little. Regardless of those numbers: don't hesitate to make new tickets! # Ticket of the month Ticket [40218][] tracks the progress of the CI migration from Jenkins to GitLab CI. Jenkins is scheduled for retirement in December 2021, and progress has been excellent, with the network team actually *asking* for the Jenkins jobs to be disabled ([ticket 40225][]) which, if it gets completed, will means the retirement of 4 virtual machines already. Exciting cleanup! [40218]: https://gitlab.torproject.org/tpo/tpa/team/-/issues/40218 [ticket 40225]: https://gitlab.torproject.org/tpo/tpa/team/-/issues/40225 -- Antoine Beaupré torproject.org system administration

1 0

Monthly Status Report from irl
by Iain R. Learmonth 02 May '21

02 May '21

Hi All, This is my monthly status report for work complete during April 2021. There was a ramp-up period as I got back into the flow of things, including reconfiguring GitLab access (with 2FA, SSH and GPG keys) and also my LDAP account. There are still some access issues to be resolved relating to uploading releases to dist.torproject.org but otherwise I am all set up now. In order to catch up on what's been happening since I last worked on Tor Metrics I read through the network-health and metrics-team mailing lists since the start of the year. Throughout this project until the end of July I am working on documenting Tor Metrics in preparation for the full time Metrics person to take over. All the documentation is being collected at: https://gitlab.torproject.org/tpo/metrics/team/-/wikis/home This is as opposed to documentation being scattered across various project wikis and repositories, as between the move from Trac wiki to GitLab and git.tpo migration to GitLab it's important to ensure that knowledge already collected isn't lost. This may not be the permanent home for the documentation but as the GitLab wiki is really just a collection of MarkDown files it's rather portable should moving it be desired. The two main articles in this documentation I have worked on so far are the Java survival guide and the CollecTor development, deployment and operation documentation. Onionoo, Exonerator, and metrics-web are all still to follow. In collaboration with acute, OnionPerf's wiki has been merged into this central wiki. In putting together a "pager playbook" for each service, I'm finding that monitoring for some features is lacking. I have spoken with anarcat about ways to improve this situation including writing simple exporters to get some monitoring data into the services Prometheus instance rather than sending emails via cron job. In addition to documentation I have three main tasks: 1. Update the GeoIP database used by Onionoo There are no Java bindings availabile for the IP Fire database that is now used in core Tor. As such we need a means of querying the file. A compact format for the file is used by core Tor, generated by a Rust tool. nickm has extended this tool to allow for AS numbers to be included in the generated file alongside country codes. I have written a parser and lookup function for metrics-lib which is included in the 2.16.0 release. This will allow for Onionoo to consume the generated GeoIP files. In order to ease access to the generated files, and not require Metrics developers to have a Rust toolchain on their machines, I have set up a scheduled CI job to generate the files: https://tpo.pages.torproject.net/metrics/geoip-data/ (it would be nice to add a date/time for the last update into this page, if anyone wants to submit a MR on the repo for that it could be an easy first contribution). 2. Updating the Metrics timeline in metrics-web I have not yet started on this task. 3. bridgestrap/rdsys/Collector/Onionoo This issue will require collaboration with the anti-censorship team. The first step here will be to get the state of bridgestrap into the Metrics pipeline, which is waiting on https://gitlab.torproject.org/tpo/anti-censorship/bridgestrap/-/issues/15. Finally, I have been around in Matrix/IRC to answer Metrics questions and on occasion to provide a little end-user support in #tor. I've been attending the weekly network health meetings and will continue to do so. If you've got any questions about anything I'm working on, just send me an email or chat on Matrix/IRC. Thanks, Iain.

1 0

Anti-censorship meeting notes, 29 April 2021
by Cecylia Bocovich 29 Apr '21

29 Apr '21

Hey everyone, Here are our meeting logs: http://meetbot.debian.net/tor-meeting/2021/tor-meeting.2021-04-29-16.00.html and our meeting pad: Anti-censorship work meeting pad -------------------------------- Next meeting: Thursday April 29th 16:00 UTC Weekly meetings, every Thursday at 16:00 UTC, in #tor-meeting at OFTC (channel is logged while meetings are in progress) == Goal of this meeting == Weekly checkin about the status of anti-censorship work at Tor. Coordinate collaboration between people/teams on anti-censorship at Tor. == Links to Useful documents == Our anti-censorship roadmap: Roadmap: https://gitlab.torproject.org/groups/tpo/anti-censorship/-/boards The anti-censorship team's wiki page: https://gitlab.torproject.org/tpo/anti-censorship/team/-/wikis/home Past meeting notes can be found at: https://lists.torproject.org/pipermail/tor-project/ Tickets that need reviews: from sponsors we are working on: All needs review tickets: https://gitlab.torproject.org/groups/tpo/anti-censorship/-/merge_requests?s… Sponsor 30 https://gitlab.torproject.org/groups/tpo/-/milestones/4 https://gitlab.torproject.org/groups/tpo/-/milestones/7 https://gitlab.torproject.org/groups/tpo/-/milestones/5 https://gitlab.torproject.org/groups/tpo/-/milestones/6 Sponsor 28 must-do tickets: https://gitlab.torproject.org/groups/tpo/-/milestones/10 possible tickets: https://gitlab.torproject.org/groups/tpo/-/issues?scope=all&utf8=%E2%9C%93&… Public bug-reporting pad: https://pad.riseup.net/p/tor-anti-censorship-bugs-keep <-- we have anonymous tickets handling now. Let's see which anti-censorship repos to include. == Announcements == Switching default git branch from master to main: https://gitlab.torproject.org/tpo/anti-censorship/team/-/issues/6 == Discussion == == Actions == April monthly report: https://pad.riseup.net/p/3v7ixS9pkbAdtS7TBxYW == Interesting links == https://gitlab.torproject.org/cohosh/censorship-analysis/-/blob/belarus/bel… == Reading group == We will discuss "Domain Shadowing: Leveraging Content Delivery Networks for Robust Blocking-Resistant Communications" on April 29th https://www.usenix.org/system/files/sec21fall-wei.pdf Questions to ask and goals to have: What aspects of the paper are questionable? Are there immediate actions we can take based on this work? Are there long-term actions we can take based on this work? Is there future work that we want to call out, in hopes that others will pick it up? == Updates == Name: This week: - What you worked on this week. Next week: - What you are planning to work on next week. Help with: - Something you need help with. cecylia (cohosh): last updated 2020-04-29 Last week: - created ticket to rename default branch to main anti-censorship/team#6 - cleaned up and added a script to plot default bridge usage metrics (censorship-analysis#40001) - maintenance of censorship-analysis repository - created several new issues for analysis tools - closed stale issues - responded to gettor outage (gettor#80) - worked on snowflake standalone Go proxy setup (snowflake#40031) - worked on Go PTv2 api (snowflake!31) - s28 prep This week: - use json for client-broker interaction (snowflake#29293) - congestion logging patches for snowflake#40026 - install our snowflake app on android and try it out for a few days - finish revision of snowflake!31 - onboard meskio - s28 prep - more work in snowflake standalone proxy documentation (snowflake#40031) Needs help with: - review of bridgedb#32276 arlolra: 2020-10-29 Last week: - Next week: - getting back up to speed - follow ups to #33365 - start on #31201 Help with: - dcf: 2021-04-29 Last week: - posted results of Turbo Tunnel security audit that affect Snowflake https://lists.torproject.org/pipermail/anti-censorship-team/2021-April/0001… - reviewed broker metrics export https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… Next week: - cooperate with switching broker messages to JSON https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… Help with: Antonela: 2020-08-27 This week: agix:2021-04-29 Last week: -Took another look at BridgeDB's #27984 and resubmitted the patch Next week: -Work on bridgebox for rdsys -More research on httpt #4 Help with: - hanneloresx: 2021-3-4 Last week: - Submitted MR for bridgestrap issue #14 Next week: - Finish bridgestrap #14 - Find new issue to work on Help with: - maxb: 2021-04-29 Last week: - Busy w/ life and new job, but been looking at https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… and working on a Docker-based network testbed POC Next week: - Really want to have a POC to show/get feedback on HashikD: 2021-01-22 This week: - Next week: - Help with: -

1 0

May 2021 Tor DEMO Day - (Open) Call for proposals
by Gaba 28 Apr '21

28 Apr '21

Hi people, We are going to have the next DEMO day in May. It is happening at the end of the month, May 26th @ 1600 UTC. Feel free to list yourself in the pad. http://kfahv6wfkbezjyg4r6mlhpmieydbebr5vkok5r34ya464gqz6c44bnyd.onion/p/tor… https://pad.riseup.net/p/tor-demo-day-may-2021-keep Tor Demo Day - May 26th 2021 =============================== Why? ---- - We want to spice up our remote working routine and also break the silos between teams. - Tor Demo Days are a success and we want to share this experience with the broad Tor community! How? ---- - We are opening the call for presenters. - The agenda will be set before the meeting and will be shared with tor-project. - We want 5 to 8 minutes length presentations. We will handle questions at the end of all presentations. - Slides are allowed, but not mandatory. You may share your screen or a pre-recorded video if that makes you less anxious. - We like the adrenaline of the live presentations, but if they wish, presenters can share pre-recorded videos with us. They should be sent a few hours in advance and will be lined up and shared with assistants during the session. - This is a place where people should feel safe to engage, share their point of view, and participate. Read our Code of Conduct: https://gitweb.torproject.org/community/policies.git/tree/code_of_conduct.t… Who? ---- - Anyone who wants to share what they have been hacking on. It doesn't need to be a finished feature but a work in progress. It can be small like a Tor Browser feature or something you have been hacking around Tor not officially. - Presenters have 5 to 8 minutes. People can ask questions via text in the pad for 3 minutes. - Gaba will moderate at this time. We need volunteers for other DEMO days in 2021. Where? ------ At our BBB instance. A public link will be shared the same day of the DEMO. When? ----- Wednesday MAY 26th at 1600 UTC Agenda ------------------------------ - 5 min for the presentation - 3 min for questions ------------------------------ Questions will be written in text on the pad in any time during the presentation. Presenters will answer them in audio. Presentations: ADD HERE THE PROPOSAL YOU HAVE FOR A SHORT PRESENTATION. _______________________________________________ tor-project mailing list tor-project(a)lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-project

1 0

Is your trac wiki legacy page obsolete? Get a redirect!
by Roger Dingledine 26 Apr '21

26 Apr '21

Hi folks! By default the trac wiki pages redirect to the "legacy wiki" version of each page on gitlab. And that page is frozen in time from many months ago when we did the transition. Google and other search engines still have the trac pages as their favorite answers, and that means when people search for your wiki page, they end up on the frozen inaccurate legacy page. I'm trying to get this fixed, starting with the Snowflake page as a proof of concept: https://gitlab.torproject.org/tpo/tpa/team/-/issues/40233 So: does your team have a new gitlab wiki page too? Are you sick of having your users read the old broken wrong legacy wiki page? If so, please add your <old page, new page> pair as a comment to that gitlab issue (using RewriteRule style regexps if you want), and we'll try to get it fixed. (I heard there are some other possible plans for maybe making the new gitlab wiki pages more usable, more centralized, not even on gitlab at all anymore, or other ideas. That's all fine and should be compatible with this plan.) Thanks! --Roger

2 1

Anti-censorship meeting notes, 22 April 2021
by Cecylia Bocovich 22 Apr '21

22 Apr '21

Hi everyone, Here are our meeting logs: http://meetbot.debian.net/tor-meeting/2021/tor-meeting.2021-04-22-16.00.html and our meeting pad: Anti-censorship work meeting pad -------------------------------- Next meeting: Thursday April 22nd 16:00 UTC Weekly meetings, every Thursday at 16:00 UTC, in #tor-meeting at OFTC (channel is logged while meetings are in progress) == Goal of this meeting == Weekly checkin about the status of anti-censorship work at Tor. Coordinate collaboration between people/teams on anti-censorship at Tor. == Links to Useful documents == Our anti-censorship roadmap: Roadmap: https://gitlab.torproject.org/groups/tpo/anti-censorship/-/boards The anti-censorship team's wiki page: https://gitlab.torproject.org/tpo/anti-censorship/team/-/wikis/home Past meeting notes can be found at: https://lists.torproject.org/pipermail/tor-project/ Tickets that need reviews: from sponsors we are working on: All needs review tickets: https://gitlab.torproject.org/groups/tpo/anti-censorship/-/merge_requests?s… Sponsor 30 https://gitlab.torproject.org/groups/tpo/-/milestones/4 https://gitlab.torproject.org/groups/tpo/-/milestones/7 https://gitlab.torproject.org/groups/tpo/-/milestones/5 https://gitlab.torproject.org/groups/tpo/-/milestones/6 Sponsor 28 must-do tickets: https://gitlab.torproject.org/groups/tpo/-/milestones/10 possible tickets: https://gitlab.torproject.org/groups/tpo/-/issues?scope=all&utf8=%E2%9C%93&… Public bug-reporting pad: https://pad.riseup.net/p/tor-anti-censorship-bugs-keep <-- we have anonymous tickets handling now. Let's see which anti-censorship repos to include. == Announcements == The Cure53 security audit of Turbo Tunnel is over. https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… is a resource leak found by the audit. David is waiting on an upstream disclosure before publishing the report, but there is nothing much to worry about regarding Snowflake. == Discussion == Snowflake in Tor Browser 10.5 stable (mid June)? Conclusion: yes, we're going to plan to ship Snowflake enabled in Tor Browser 10.5. There are a list of things we should make sure we're in a good position to monitor so we can know how it's going. And we might shoot for a 'soft launch', i.e. put it in but ask the comms team to not make such a big deal out of it quite yet. == Actions == == Interesting links == https://gitlab.torproject.org/cohosh/censorship-analysis/-/blob/belarus/bel… == Reading group == We will discuss "Domain Shadowing: Leveraging Content Delivery Networks for Robust Blocking-Resistant Communications" on April 29th https://www.usenix.org/system/files/sec21fall-wei.pdf Questions to ask and goals to have: What aspects of the paper are questionable? Are there immediate actions we can take based on this work? Are there long-term actions we can take based on this work? Is there future work that we want to call out, in hopes that others will pick it up? == Updates == Name: This week: - What you worked on this week. Next week: - What you are planning to work on next week. Help with: - Something you need help with. cecylia (cohosh): last updated 2020-04-22 Last week: - talked to OONI about adding fallback dirs to tor test - wrote a plaintext email template for our prometheus alert manager (tpa/team#40214) - implemented a shim for Moat to parse client USERADDR (bridgedb#32276) - finished draft report on Tor blocking in Belarus (censorship-analysis#40002) - reviewed emma#4 - revised prometheus alerts for snowflake (snowflake#40024) This week: - upload scripts used for censorship-analysis#40002 - revise snowflake v2 API (snowflake#40036) - use json for client-broker interaction (snowflake#29293) - congestion logging patches for snowflake#40026 - install our snowflake app on android and try it out for a few days - deploy moat shim Needs help with: - review of bridgedb#32276 (low priority) - review of censorship-analysis#40002 (roger/gus) - review of fixes to snowflake!32 arlolra: 2020-10-29 Last week: - Next week: - getting back up to speed - follow ups to #33365 - start on #31201 Help with: - dcf: 2021-04-22 Last week: - archived snowflake-webextension-0.5.4 - checked on probetest CPU usage https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… - opened an issue for a Snowflake resource leak found by the Turbo Tunnel security audit https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… - opened an issue for a broken error check in the Snowflake server https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… - reviewed PT v2 API branch https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… Next week: - review of broker metrics export https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… Help with: Antonela: 2020-08-27 This week: agix:2021-04-22 Last week: -Been busy with university stuff for the last few weeks Next week: -Work on bridgebox for rdsys -More research on httpt #4 Help with: - hanneloresx: 2021-3-4 Last week: - Submitted MR for bridgestrap issue #14 Next week: - Finish bridgestrap #14 - Find new issue to work on Help with: - HashikD: 2021-01-22 This week: - Next week: - Help with: -

1 0

32-bit ARM builds discontinued
by Antoine Beaupré 21 Apr '21

21 Apr '21

Hi, About two weeks ago, we have disabled the last remaining build box for our poor old 32 bit ARM builds (armel and armhf). It seems like no one noticed, but we have failed to do an announcement then so I figured it was important to let people know that we do not plan on fixing that situation right now. Those machines are hard to come by (and maintain remotely) so we want to focus on the better supported ARM64 ecosystem going forward. We do support ARM 64 builds through a virtual machine provided by Linaro right now (thanks!) and would be happy to expand that capacity. Let us know if you have any ideas on that. See this ticket for details: https://gitlab.torproject.org/tpo/tpa/team/-/issues/32920 A. -- Antoine Beaupré torproject.org system administration

1 0

Job opening - Browser Developer
by Erin Wyatt 19 Apr '21

19 Apr '21

Hi everyone! We have a new job opening for a Browser Developer: https://www.torproject.org/about/jobs/tor-browser-developer/ The job description is also below in plaintext. Please help us spread the word! Thank you! :) Best, Erin Wyatt Director of People Operations ewyatt(a)torproject.org PGP: 35E7 2A9F 6655 45F9 2CB6 6624 BA0C 9400 F80F 91CE https://www.torproject.org http://expyuzz4wqqyqhjn.onion/ ———————————————————————————>8 Internet Freedom Nonprofit Seeks Browser Developer The Tor Project, Inc., a 501(c)(3) nonprofit organization advancing human rights and freedoms by creating and deploying free and open source anonymity and privacy technologies, is seeking an experienced developer to work on Tor Browser. Tor is for everyone, and we are actively working to build a team that represents people from all over the world - people from diverse ethnic, national, and cultural backgrounds; people from all walks of life. Racial minorities, non-gender-binary people, women, and people from any group that is generally underrepresented in tech are encouraged to apply. This Browser Developer will be an integral part of a small team that maintains the Tor Browser as well as other Tor applications inside the organization. The team coordinates both synchronously and asynchronously via IRC, email, bug trackers, and some voice meetings. A personal commitment to free and open source software, good communication and documentation skills, and passion for contributing to the greater good are all essential. This is a full-time, remote position. Browser Developer April 19, 2021 The Job: • Provide code review for new browser modifications, and accept code review from other team members • Evaluate and audit recent changes in Firefox, and understand how that affects Tor Browser users • Support maintaining Tor Browser on top of recent versions of Firefox • Improve Tor Browser's security, privacy, and anonymity properties • Collaborate with Mozilla and directly improve Firefox • Simplify and improve Tor Browser's current protections • Support the continuous integration testing framework and tests • Collaborate with other teams at the Tor Project, external software projects (e.g. OONI), and research groups. • Improve Tor Browser's web compatibility Our main codebases: Tor Browser is the combination of multiple codebases. Requirements -- Technical Abilities/Experience: • Advanced skills in writing C/C++, Rust and JavaScript. • Possess a solid understanding of issues surrounding secure C++ programming and reference counted memory (at least to the level of avoiding issues). • Be comfortable diving into new, unfamiliar codebases, looking for ways to alter and augment their functionality in specific, goal-oriented ways. • Be familiar with web technologies and how the web works, especially the same-origin model and web tracking. • Willingness and ability to justify and document technical decisions for a public, world-wide technical audience. • Be comfortable working remotely with a geographically distributed team. • Experience interacting with users and other developers online, including experience being confronted with differing ideas and opinions (not always in a nice manner), while maintaining a high level of professionalism. • Comfort with transparency: as a non-profit organization that develops open source software, almost everything we do is public, including your name (or at least your business name) and possibly salary information. Preferred qualifications: • Familiarity and/or experience with writing add-ons and/or patches for Mozilla Firefox or other web browsers. • Familiarity with compiling software for the Android platform. • Familiarity with browser fingerprinting defenses • Familiarity with Firefox's internal architecture, including its use of multiple processes and sandboxing. • Be intensely creative yet also ruthlessly pragmatic in your thinking. • Know enough about networking to be able to visualize what HTTP 1.1 looks like on the wire while encapsulated within Tor's network protocol. • Open-source experience: contributed significant chunks of code to multiple open-source projects in the past. • Familiarity with distributed version control systems, including Git. • Genuinely be excited about Tor and its values! For a more detailed understanding of the full breadth and depth of the work you'd be doing, have a look at The Design and Implementation of the Tor Browser, especially The Design Requirements section at https://spec.torproject.org/torbrowser-design#DesignRequirements. Academic degrees are great, but not required if you have the right experience! How to Apply To apply, submit a cover letter, your CV/resume (including three professional references), and a link to a code sample or some non-trivial software project you have significantly contributed to. In your cover letter, please include the reason you want to work at the Tor Project. IMPORTANT: Please email application materials in PDF format to job-browser at torproject dot org with "Browser Developer" in the subject line. The Tor Project's workforce is smart, committed, and hard working. We currently have a paid and contract staff of around 24 developers and operational support people, plus many thousands of volunteers who contribute to our work. The Tor Project is funded in part by government research and development grants, and in part by individual, foundation, and corporate donations. Salary for this position depends on experience and there is voluntary opt-in salary transparency for employees and contractors. The Tor Project has a competitive benefits package, including a generous PTO policy, 16 paid holidays per year (including the week between Christmas and New Year's, when the office is closed), and flexible work schedule. Insurance benefits vary by employment status and country of residence. The Tor Project, Inc. is an equal opportunity, affirmative action employer.

1 0

Anti-censorship team monthly report: March 2021
by Cecylia Bocovich 16 Apr '21

16 Apr '21

March 2021 Monthly Report Snowflake ========= * Updated domain fronting provider for the Snowflake broker https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… * Fixed our CI pipeline for Android https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… * Saw a jump in snowflake usage metrics to 300-400 simultaneous users, perhaps due to our campaign https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… * Updated Snowflake infrastructure for TROVE-2021-001 and TROVE-2021-002 https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… * Removed redundant languages from https://snowflake.torproject.org GetTor ====== * Updated bridge instructions on https://gettor.torproject.org Other ===== * Added prometheus alerts to some anti-censorship infrastructure as a part of our hackweek project https://lists.torproject.org/pipermail/anti-censorship-alerts/2021-April/00… * Added a new fleet of private bridges

1 0