tor-project

tor-project@lists.torproject.org

9 participants
2404 discussions

PieroV's Monthly Status Report, November 2024
by Pier Angelo Vendrame 02 Dec '24

02 Dec '24

Hi everyone! Here is my status report for November 2024. November was a short month for us, as we took a team break to rest a bit after the big 14.0 release and because of the holidays. For most of the month, I investigated how to remove Lox's WASM blob and instead integrate the Lox Rust crate in the browser build system [0]. Also, I checked the various options for exposing this integration crate to JavaScript, as the front end will remain in that language. This work will hopefully help us also when switching to Arti in the browser. We've also discussed the future changes for the Tor daemon integration in the browser, and I had to review a major refactor made by Henry [1], which took me some time. Apart from that, I rebased our 128-based channels (14.0 and 14.5), fixed the release preparation script to take the needs of the legacy channel into account [2], and made other similar fixes [3]. Also, I signed a release (13.5.10) for the first time. We decided to allow more people to sign to be more responsive under some circumstances and to spread the load on the team. Then, towards the end of the month, I resumed the work on anti-fingerprinting. I evaluated Thorin's proposal to abandon `font.system.whitelist` in favor of font visibility, which would bring us closer to Firefox [4]. While doing so, I found a problem with the changes I made to the FontConfig configuration file the previous month [5]. Finally, I proposed a fix for a conflict between the OpenSSL 3.0.x we ship with the tor daemon, and OpenSSL 3.2.x, required by a transitive dependency, which prevented the browser from starting in some systems [6]. If you have the same problem, deleting our libcrypto (form `TorBrowser/Tor`) should work, but we'll provide a proper fix in our next update. Best, Pier [0] https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/43096 [1] https://gitlab.torproject.org/tpo/applications/tor-browser/-/merge_requests… [2] https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/issues/4… [3] https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/merge_re… [4] https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/43322 [5] https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/43330 [6] https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/43326

1 0

Moving gitlab to our Dallas cluster on Thursday 2024-11-28
by Gabriel Filion 29 Nov '24

29 Nov '24

Hello, Additionally to the mail server switch on Monday, we're planning to move/migrate the gitlab server from our Falkenstein-based cluster to the one in Dallas. This move will be happening on Thursday november 28th starting at 18:00 UTC. The disks for the gitlab server are fairly sizeable so the transfer could be taking a long time. Our current estimates are that it could take about 18 hours to transfer. We will try launching an operation to zero out empty parts of the disk volumes before starting the transfer in the hopes that it could give the transfer a boost. So the transfer will most likely take gitlab offline until the next day, friday 29th, at which time we'll make sure that the service is coming back online properly. If there's any issue during the outage, please reach out to us via IRC or email, but not through gitlab issues since this last one will obviously be offline at that time. For status updates, see: https://status.torproject.org/issues/2024-11-28-gitlab-migration/ Cheers!

1 1

Anti-censorship team meeting notes, 2024-11-28
by Shelikhoo 28 Nov '24

28 Nov '24

Hey everyone! Here are our meeting logs: http://meetbot.debian.net/tor-meeting/2024/tor-meeting.2024-11-28-16.00.html And our meeting pad: Anti-censorship work meeting pad -------------------------------- Anti-censorship -------------------------------- Next meeting: Thursday, December 05 16:00 UTC Facilitator: onyinyang ^^^(See Facilitator Queue at tail) Weekly meetings, every Thursday at 16:00 UTC, in #tor-meeting at OFTC (channel is logged while meetings are in progress) This week's Facilitator: shelikhoo == Goal of this meeting == Weekly check-in about the status of anti-censorship work at Tor. Coordinate collaboration between people/teams on anti-censorship at the Tor Project and Tor community. == Links to Useful documents == * Our anti-censorship roadmap: * Roadmap:https://gitlab.torproject.org/groups/tpo/anti-censorship/-/boards * The anti-censorship team's wiki page: * https://gitlab.torproject.org/tpo/anti-censorship/team/-/wikis/home * Past meeting notes can be found at: * https://lists.torproject.org/pipermail/tor-project/ * Tickets that need reviews: from projects, we are working on: * All needs review tickets: * https://gitlab.torproject.org/groups/tpo/anti-censorship/-/merge_requests?s… * Project 158 <-- meskio working on it * https://gitlab.torproject.org/groups/tpo/anti-censorship/-/issues/?label_na… == Announcements == == Discussion == (old) * Snowflake blocking in Russia November 2024 * https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… * No apparent difference in DTLS handshakes between proxies that continue working and proxies that stop working. * Reports say that some proxies stop working, but only after transferring some traffic. * Hard to test because we can't easily control the proxy. It would be a good idea to set up a small test deployment to afford us more experimental control. * cohosh will work on that. * Traffic analysis fingerprinting? An old padding patch: https://github.com/net4people/bbs/issues/255#issuecomment-1566227484\ (New Nov 21) * Snowflake blocking in Russia November 2024 * Restored copy-paste signaling (manual without broker) to be able to control the proxy connection. * https://gitlab.torproject.org/cohosh/snowflake/-/commit/a4a574a4584332fc282… * Still blocked with a new proxy: therefore likely some kind of protocol fingerprinting, not proxy enumeration. * https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… * Still blocked with client-side padding patch as well. * https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… * theodorsm's covertDTLS fork https://gitlab.torproject.org/theodorsm/snowflake/-/tree/covert-dtls-test * Snowflake broker transition * Next monday 2024-11-25 there will be a DNS switch from the current broker to the new broker primary. * https://gitlab.torproject.org/tpo/tpa/team/-/issues/41878 (new Nov 28) * Broker Transition Anomaly * (added by non-Tor member WofWca): Evaluate [the plan for "Multi-Pool Matching Support"](https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snowflake/-/issues/40156#note_3132445)? * Snowflake blocking in Russia seems to have stopped == Actions == == Interesting links == * == Reading group == * We will discuss "" on * * Questions to ask and goals to have: * What aspects of the paper are questionable? * Are there immediate actions we can take based on this work? * Are there long-term actions we can take based on this work? * Is there future work that we want to call out in hopes that others will pick it up? == Updates == Name: This week: - What you worked on this week. Next week: - What you are planning to work on next week. Help with: - Something you need help with. cecylia (cohosh): 2024-11-28 Last week: - followed up on the snowflake blocking in Russia - helped debug and recover from the snowflake broker upgrade - caught up a bit on reviews - fixed the logging of the new proxy event (snowflake#40413) - started looking at alerts for censorship events (snowflake#40416) This week: - alerts for censorship events (snowflake#40416) - keep looking at snowflake blocking in Russia - take care of review backlog - finish snowflake dependency upgrades that were causing problems - take a look at snowflake web and webext translations and best practices - make changes to Lox encrypted bridge table - https://gitlab.torproject.org/tpo/anti-censorship/lox/-/merge_requests/147 Needs help with: - what was that censorship events mailing list? dcf: 2024-11-21 Last week: - released goptlib v1.6.0 https://lists.torproject.org/mailman3/hyperkitty/list/anti-censorship-team@… Next week: - comment on updates to unreliable snowflake transport https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… - open issue to have snowflake-client log whenever KCPInErrors is nonzero https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… - parent: https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… - open issue to disable /debug endpoint on snowflake broker Help with: meskio: 2024-11-28 Last week: - investigate why the metrics of the new broker were not arriving to prometheus (tpa/team#41902) - try to upgrade snowflake gitlab CI to debian stable and fail (for now) - multiple grant writting work (logic model, reviews, ...) - reports for grants fun - WIP: update snowflake proxy debian package (snowflake#40414) Next week: - update snowflake proxy debian package (snowflake#40414) Shelikhoo: 2024-11-28 Last Week: - [Pending] snowflake broker update/reinstall(cont.): https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… - [Awaiting Review] Unreliable+unordered WebRTC data channel transport for Snowflake rev2 (cont.)( https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… ) improvements - Vantage point deployment in Iran - Snowflake new broker deployment - Merge request reviews Next Week/TODO: - Merge request reviews - Work on finishing snowflake container release(and fix the comments) - Incorrectly flattened container image with "pull" command https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… onyinyang: 2024-11-21 Last week(s): - working on refactor of Lox (library) protocols to improve issuing efficiency as described in: https://eprint.iacr.org/2024/1552.pdf - WIP MR: https://gitlab.torproject.org/tpo/anti-censorship/lox/-/merge_requests/284 - Adjusted dependencies to line up with non-wasm browser integration for: https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/43096): - https://gitlab.torproject.org/tpo/anti-censorship/lox/-/merge_requests/283 - Updating renovate bot to ignore these dependencies (and maybe others) - Fixed up wasm changes in https://gitlab.torproject.org/tpo/anti-censorship/lox/-/merge_requests/271 Next week: - Fix up Troll-patrol MR - Deploy test distributor - Continue work on improving issuer efficiency in Lox protocols - update lox protocols to return duplicate responses for an already seen request - Work on outstanding milestone issues: in particular: https://gitlab.torproject.org/tpo/anti-censorship/lox/-/issues/69 - key rotation automation Later: pending decision on abandoning lox wasm in favour of some kind of FFI? https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/43096): - add pref to handle timing for pubkey checks in Tor browser - add trusted invitation logic to tor browser integration: https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/42974 - improve metrics collection/think about how to show Lox is working/valuable - sketch out Lox blog post/usage notes for forum (long term things were discussed at the meeting!): - brainstorming grouping strategies for Lox buckets (of bridges) and gathering context on how types of bridges are distributed/use in practice Question: What makes a bridge usable for a given user, and how can we encode that to best ensure we're getting the most appropriate resources to people? 1. Are there some obvious grouping strategies that we can already consider? e.g., by PT, by bandwidth (lower bandwidth bridges sacrificed to open-invitation buckets?), by locale (to be matched with a requesting user's geoip or something?) 2. Does it make sense to group 3 bridges/bucket, so trusted users have access to 3 bridges (and untrusted users have access to 1)? More? Less? theodorsm: 2024-10-24 Last weeks: - Adjusting to post-student life - Testing out beta releases of pion dtls and webrtc Next weeks: - Update Snowflake to use latest pion upstream releases - Test Snowflake fork with covert-dtls - Condensing thesis into paper Help with: - Feedback on thesis Facilitator Queue: onyinyang meskio shelikhoo 1. First available staff in the Facilitator Queue will be the facilitator for the meeting 2. After facilitating the meeting, the facilitator will be moved to the tail of the queue

1 0

Reminder: planned maintenance on Hetzner network december 3rd 3:30 UTC
by Gabriel Filion 26 Nov '24

26 Nov '24

Hello all, I'm sending a reminder about this since the last communication about it was more than a month ago. Hetzner is planning to perform maintenance on their networking equipment next week, on December 3rd between 3:30 and 5:30 UTC. This is something that the TPA team does not have control over. We can expect some network outage for all hosts at Hetzner during that time (which is just a handful of our servers). None of our hosts will reboot during that time, they will just momentarily lose network connectivity. More details can be seen on status.torproject.org and the maintenance announcement was already planned as soon as we got the notice from Hetzner. The announcement lists the services which can be expected to have an outage: https://status.torproject.org/issues/2024-12-03-hetzner-router-maintenance/ Thanks all for your understanding, LeLutin for TPA

1 0

Anti-censorship team meeting notes, 2024-11-21
by Shelikhoo 21 Nov '24

21 Nov '24

Hey everyone! Here are our meeting logs: http://meetbot.debian.net/tor-meeting/2024/tor-meeting.2024-11-21-16.00.html And our meeting pad: Anti-censorship work meeting pad -------------------------------- Anti-censorship -------------------------------- Next meeting: Thursday, November 28 16:00 UTC Facilitator: onyinyang ^^^(See Facilitator Queue at tail) Weekly meetings, every Thursday at 16:00 UTC, in #tor-meeting at OFTC (channel is logged while meetings are in progress) This week's Facilitator: shelikhoo == Goal of this meeting == Weekly check-in about the status of anti-censorship work at Tor. Coordinate collaboration between people/teams on anti-censorship at the Tor Project and Tor community. == Links to Useful documents == * Our anti-censorship roadmap: * Roadmap:https://gitlab.torproject.org/groups/tpo/anti-censorship/-/boards * The anti-censorship team's wiki page: * https://gitlab.torproject.org/tpo/anti-censorship/team/-/wikis/home * Past meeting notes can be found at: * https://lists.torproject.org/pipermail/tor-project/ * Tickets that need reviews: from projects, we are working on: * All needs review tickets: * https://gitlab.torproject.org/groups/tpo/anti-censorship/-/merge_requests?s… * Project 158 <-- meskio working on it * https://gitlab.torproject.org/groups/tpo/anti-censorship/-/issues/?label_na… == Announcements == == Discussion == (old) * Snowflake blocking in Russia November 2024 * https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… * No apparent difference in DTLS handshakes between proxies that continue working and proxies that stop working. * Reports say that some proxies stop working, but only after transferring some traffic. * Hard to test because we can't easily control the proxy. It would be a good idea to set up a small test deployment to afford us more experimental control. * cohosh will work on that. * Traffic analysis fingerprinting? An old padding patch: https://github.com/net4people/bbs/issues/255#issuecomment-1566227484 * on monday shelikhoo will start the move to the new broker * WebTunnel Server utility command interface * for certificate pinning we need to generate a hash of the certificate chain * there is no standard tooling for that, we need to extend webtunnel to do that * lets add a -gen-cert-fp flag (New Nov 21) * Snowflake blocking in Russia November 2024 * Restored copy-paste signaling (manual without broker) to be able to control the proxy connection. * https://gitlab.torproject.org/cohosh/snowflake/-/commit/a4a574a4584332fc282… * Still blocked with a new proxy: therefore likely some kind of protocol fingerprinting, not proxy enumeration. * https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… * Still blocked with client-side padding patch as well. * https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… * theodorsm's covertDTLS fork https://gitlab.torproject.org/theodorsm/snowflake/-/tree/covert-dtls-test * Snowflake broker transition * Next monday 2024-11-25 there will be a DNS switch from the current broker to the new broker primary. * https://gitlab.torproject.org/tpo/tpa/team/-/issues/41878 * expired cdn77 alerts * https://lists.torproject.org/mailman3/hyperkitty/list/anti-censorship-alert… == Actions == == Interesting links == * https://github.com/doxx/darkflare * TCP over CDN. using cloudflare to tunnel traffic, the client does HTTP requests. * https://www.youtube.com/watch?v=rZYfrj2iqYE&list=PLbRoZ5Rrl5ldQ2K_dpmPKHEyR… * Snowflake conference presentation from Usenix Security 2024 == Reading group == * We will discuss "" on * * Questions to ask and goals to have: * What aspects of the paper are questionable? * Are there immediate actions we can take based on this work? * Are there long-term actions we can take based on this work? * Is there future work that we want to call out in hopes that others will pick it up? == Updates == Name: This week: - What you worked on this week. Next week: - What you are planning to work on next week. Help with: - Something you need help with. cecylia (cohosh): 2024-11-21 Last week: - simplified the bridge_blocked function in lox (lox!277) - improved clean up function and tests (lox!281) - grant stuff - iptproxy rewrite now released - fixup for snowflake transport in lyrebird - lox reviews - tried some Snowflake experiments from the vantage point in Russia (snowflake#40407) This week: - keep looking at snowflake blocking in Russia - take care of review backlog - finish snowflake dependency upgrades that were causing problems - take a look at snowflake web and webext translations and best practices - make changes to Lox encrypted bridge table - https://gitlab.torproject.org/tpo/anti-censorship/lox/-/merge_requests/147 Needs help with: dcf: 2024-11-21 Last week: - released goptlib v1.6.0 https://lists.torproject.org/mailman3/hyperkitty/list/anti-censorship-team@… Next week: - comment on updates to unreliable snowflake transport https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… - open issue to have snowflake-client log whenever KCPInErrors is nonzero https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… - parent: https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… - open issue to disable /debug endpoint on snowflake broker Help with: meskio: 2024-11-21 Last week: - investigate OnionSproutsBot freeze (onionsproutsbot#68) - distribute windows7 TorBrowser installers in OnionSproutsBot (onionsproutsbot#64) - fix OnionSproutsBot locale deployment so all locales appear (onionsproutsbot#60) - multiple grant writting work (reviews, risks assesments, ...) - WIP on snowflake proxy package for debian (snowflake#40414) Next week: - update snowflake proxy debian package (snowflake#40414) Shelikhoo: 2024-11-21 Last Week: - [Pending] snowflake broker update/reinstall(cont.): https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… - [Awaiting Review] Unreliable+unordered WebRTC data channel transport for Snowflake rev2 (cont.)( https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… ) improvements - [Awaiting Input] Review CI: fix `latest` container image tag. https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… - Request to update domain snowflake-broker.torproject.net with correct CAA record (https://gitlab.torproject.org/tpo/tpa/team/-/issues/41878) - Rapid response fund for webtunnel dynamic bridges ( https://gitlab.torproject.org/tpo/operations/proposals/-/issues/88 ) - Choosing next provider target(s) for Rapid Response Funded Dynamic Bridges ( https://gitlab.torproject.org/tpo/community/relays/-/issues/106 ) - Merge request reviews Next Week/TODO: - Merge request reviews - Work on finishing snowflake container release(and fix the comments) - Vantage point deployment in Iran - Snowflake broker deployment onyinyang: 2024-11-21 Last week(s): - working on refactor of Lox (library) protocols to improve issuing efficiency as described in: https://eprint.iacr.org/2024/1552.pdf - WIP MR: https://gitlab.torproject.org/tpo/anti-censorship/lox/-/merge_requests/284 - Adjusted dependencies to line up with non-wasm browser integration for: https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/43096): - https://gitlab.torproject.org/tpo/anti-censorship/lox/-/merge_requests/283 - Updating renovate bot to ignore these dependencies (and maybe others) - Fixed up wasm changes in https://gitlab.torproject.org/tpo/anti-censorship/lox/-/merge_requests/271 Next week: - Fix up Troll-patrol MR - Deploy test distributor - Continue work on improving issuer efficiency in Lox protocols - update lox protocols to return duplicate responses for an already seen request - Work on outstanding milestone issues: in particular: https://gitlab.torproject.org/tpo/anti-censorship/lox/-/issues/69 - key rotation automation Later: pending decision on abandoning lox wasm in favour of some kind of FFI? https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/43096): - add pref to handle timing for pubkey checks in Tor browser - add trusted invitation logic to tor browser integration: https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/42974 - improve metrics collection/think about how to show Lox is working/valuable - sketch out Lox blog post/usage notes for forum (long term things were discussed at the meeting!): - brainstorming grouping strategies for Lox buckets (of bridges) and gathering context on how types of bridges are distributed/use in practice Question: What makes a bridge usable for a given user, and how can we encode that to best ensure we're getting the most appropriate resources to people? 1. Are there some obvious grouping strategies that we can already consider? e.g., by PT, by bandwidth (lower bandwidth bridges sacrificed to open-invitation buckets?), by locale (to be matched with a requesting user's geoip or something?) 2. Does it make sense to group 3 bridges/bucket, so trusted users have access to 3 bridges (and untrusted users have access to 1)? More? Less? theodorsm: 2024-10-24 Last weeks: - Adjusting to post-student life - Testing out beta releases of pion dtls and webrtc Next weeks: - Update Snowflake to use latest pion upstream releases - Test Snowflake fork with covert-dtls - Condensing thesis into paper Help with: - Feedback on thesis Facilitator Queue: onyinyang meskio shelikhoo 1. First available staff in the Facilitator Queue will be the facilitator for the meeting 2. After facilitating the meeting, the facilitator will be moved to the tail of the queue

1 0

Switching mail servers on Monday 2024-11-25
by groente 21 Nov '24

21 Nov '24

Hey everyone, On November 25st 2024, starting at 11:00 UTC, we will be switching to new mail servers for receiving and forwarding mail sent to torproject.org. If all goes well, there will be no downtime and deliverability to external providers like gmail will improve. If all does not go well, please reach out on IRC or file an issue on Gitlab, do not mail TPA since e-mail may obviously not be reliable. For more details on how to get in touch and how to report e-mail problems, see: https://gitlab.torproject.org/tpo/tpa/team/-/wikis/support For status updates, see: https://status.torproject.org/issues/2024-11-25-switching-mail-servers/ Fingers crossed :) x, groente

1 0

more minutes from the sysadmin meeting: 2025 roadmap
by Antoine Beaupré 18 Nov '24

18 Nov '24

Hi! So TPA had another meeting, and this time, we've made a roadmap! For your convenience, a cleaned up copy is in: https://gitlab.torproject.org/tpo/tpa/team/-/wikis/roadmap/2025 Otherwise here are our minutes: # Roll call: who's there and emergencies anarcat, groente, lelutin, zen # Dashboard review ## Normal per-user check-in * https://gitlab.torproject.org/groups/tpo/-/boards?scope=all&utf8=%E2%9C%93&… * https://gitlab.torproject.org/groups/tpo/-/boards?scope=all&utf8=%E2%9C%93&… * https://gitlab.torproject.org/groups/tpo/-/boards?scope=all&utf8=%E2%9C%93&… * https://gitlab.torproject.org/groups/tpo/-/boards?scope=all&utf8=%E2%9C%93&… * https://gitlab.torproject.org/groups/tpo/-/boards?scope=all&utf8=%E2%9C%93&… # Tails merge 2025 roadmap In the previous meeting, we found consensus on a general plan. Now we nailed down the things we actually do in 2025 in the [Tails merge timeline][]. [Tails merge timeline]: https://gitlab.torproject.org/tpo/tpa/team/-/wikis/policy/tpa-rfc-73-tails-… We made those changes: - move monitoring up to 2025: retire tails' icinga! - start thinking about authentication in 2025, start brainstorming about next steps Otherwise adopt the timeline as proposed for 2025. # 2025 roadmap brainstorm Throw ideas in the air and see what sticks about what we're going to do in 2025. Following, of course, priorities established in the Tails roadmap. ## Tails: What we promised OTF For Tails: - [B.2: Keep infrastructure up-to-date and secure][] [B.2: Keep infrastructure up-to-date and secure]: https://nc.torproject.net/s/eAa88JwNAxL5AZd?path=%2FGrants%2FOTF%2F2024%20-… > As in Year 1, this will involve the day-to-day work needed to keep the > infrastructure we use to develop and distribute Tails up-to-date. This > includes our public website, our development servers for automatic builds > and tests, the translation platform used by volunteers to translate Tails, > the repositories used for our custom Debian packages and reproducible > builds, etc. Progressively over Year 2 of this contract with OTF, as Tails > integrates within the Tor Project, our sysadmins will also start maintaining > non-Tails-specific infrastructure and integrate internal services offered by > Tails within Tor’s sysadmin workflow TL;DR: maintenance work. Very few hours allocated for sysadmin work in that project. ## TPA We made a roadmap based on a brain dump from anarcat in [tpo/tpa/team#41821][]: [tpo/tpa/team#41821]: https://gitlab.torproject.org/tpo/tpa/team/-/issues/41821 - Web things already scheduled this year, postponed to 2025 - Improve websites for mobile - Create a plan for migrating the gitlab wikis to something else - Improve web review workflows, reuse the donate-review machinery for other websites (new) - Make a plan for SVN, consider keeping it - MinIO in production, moving GitLab artifacts, and collector to object storage, also for network-health team (contact @hiro) (Q1 2025) - [Prometheus phase B][]: inhibitions, self-monitoring, merge the two servers, authentication fixes and (new) autonomous delivery - Debian trixie upgrades during freeze - Puppet CI (see also merge with Tails below) - Possibly take over USAGM s145 from @rhatto if he gets funded elsewhere - Development environment for anti-censorship team (contact @meskio), AKA "rdsys containers" ([tpo/tpa/team#41769][]) - Possibly more hardware resources for apps team (contact @morganava) - Tails 2025 merge roadmap, from the [Tails merge timeline][] - Puppet repos and server: - [Upgrade Tor's Puppet Server to Puppet 7][] - Upgrade and converge Puppet modules - Implement commit signing - EYAML (keep) - Puppet server (merge) - Bitcoin (retire) - LimeSuvey (merge) - Website (merge) - Monitoring (migrate) - Come up with a plan for authentication [Upgrade Tor's Puppet Server to Puppet 7]: tpo/tpa/team#41819 [tpo/tpa/team#41769]: https://gitlab.torproject.org/tpo/tpa/team/-/issues/41769 [Prometheus phase B]: https://gitlab.torproject.org/groups/tpo/tpa/-/milestones/14 Removed items: - Evaluate replacement of lektor and create a clear plan for migration: performance issues are being resolved, and we're building a new lektor site (download.tpo!), so we propose to keep Lektor for the forseeable future - [TPA-RFC-33-C][], high availability moved to later, we moved autononmous delivery to Phase B [TPA-RFC-33-C]: https://gitlab.torproject.org/groups/tpo/tpa/-/milestones/15#tab-issues -- Antoine Beaupré torproject.org system administration

1 0

Anti-censorship team meeting notes, 2024-11-14
by meskio 14 Nov '24

14 Nov '24

Hey everyone! Here are our meeting logs: http://meetbot.debian.net/tor-meeting/2024/tor-meeting.2024-11-14-16.00.html And our meeting pad: Anti-censorship -------------------------------- Next meeting: Thursday, November 21 16:00 UTC Facilitator: shelikhoo ^^^(See Facilitator Queue at tail) Weekly meetings, every Thursday at 16:00 UTC, in #tor-meeting at OFTC (channel is logged while meetings are in progress) This week's Facilitator: meskio == Goal of this meeting == Weekly check-in about the status of anti-censorship work at Tor. Coordinate collaboration between people/teams on anti-censorship at the Tor Project and Tor community. == Links to Useful documents == * Our anti-censorship roadmap: * Roadmap:https://gitlab.torproject.org/groups/tpo/anti-censorship/-/boards * The anti-censorship team's wiki page: * https://gitlab.torproject.org/tpo/anti-censorship/team/-/wikis/home * Past meeting notes can be found at: * https://lists.torproject.org/pipermail/tor-project/ * Tickets that need reviews: from projects, we are working on: * All needs review tickets: * https://gitlab.torproject.org/groups/tpo/anti-censorship/-/merge_requests?s… * Project 158 <-- meskio working on it * https://gitlab.torproject.org/groups/tpo/anti-censorship/-/issues/?label_na… == Announcements == == Discussion == * Snowflake blocking in Russia November 2024 * https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… * No apparent difference in DTLS handshakes between proxies that continue working and proxies that stop working. * Reports say that some proxies stop working, but only after transferring some traffic. * Hard to test because we can't easily control the proxy. It would be a good idea to set up a small test deployment to afford us more experimental control. * cohosh will work on that. * Traffic analysis fingerprinting? An old padding patch: https://github.com/net4people/bbs/issues/255#issuecomment-1566227484 * let's graduate rdsys to 1.0 * is more or less stable and since some months has replaced BridgeDB completelly * next release will be 1.0 * future of the snowflake broker * https://lists.torproject.org/mailman3/hyperkitty/list/anti-censorship-team@… * we might need to start paying for the VM at elips.is from January * we can separate the broker from probetest, probetest doesn't see all clients only the proxies * the broker and the proxy are tied to the same domain name, we need first to separate them * https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… DefaultBrokerURL = "https://snowflake-broker.torproject.net/" DefaultNATProbeURL = "https://snowflake-broker.torproject.net:8443/probe" * meskio will look into funding options for the broker * on monday shelikhoo will start the move to the new broker * WebTunnel Server utility command interface * for certificate pinning we need to generate a hash of the certificate chain * there is no standard tooling for that, we need to extend webtunnel to do that * lets add a -gen-cert-fp flag == Actions == == Interesting links == * "Measuring and analyzing node families in the Tor anonymous communication network" (Chinese) by Fang Binxing et al. 2015 * https://www.infocomm-journal.com/txxb/EN/10.11959/j.issn.1000-436x.2015036 * Tor family was focused on design and given a family-level measurement of it. Based on Tor node families (over 3000) discovered from live Tor network data (from Jan. 2011 to Dec. 2012), a few characteristics of Tor node families were revealed, such as family size, bandwidth, geographical distribution as well as operators providing a few big families. The analysis validated the irreplaceable role played by family design in enhancing Tor's anonymity. Based on the measurement, security analysis showed the serious availability threat a compromised node family can cause to the Tor network. Besides, It also discussed Tor hidden families and the potential anonymity risk caused by them. == Reading group == * We will discuss "" on * * Questions to ask and goals to have: * What aspects of the paper are questionable? * Are there immediate actions we can take based on this work? * Are there long-term actions we can take based on this work? * Is there future work that we want to call out in hopes that others will pick it up? == Updates == Name: This week: - What you worked on this week. Next week: - What you are planning to work on next week. Help with: - Something you need help with. cecylia (cohosh): 2024-11-14 Last week: - released new versions of snowflake and lyrebird - reviewed Troll Patrol MR (lox!263) - debugging the partial blocking of snowflake (snowflake#40407) - meek bridge handover tasks (anti-censorship/team#133) - Debugged problem with conjure deployment (conjure#44) - Removed vod.sport1.de from censorship settings front domains - reviewed MRs This week: - work with onyinyang on revisiting Lox BridgeTable fields and methods (lox#78) - follow up on snowflake blocking as we get more vantage point data - finish snowflake dependency upgrades that were causing problems - take a look at snowflake web and webext translations and best practices - make changes to Lox encrypted bridge table - https://gitlab.torproject.org/tpo/anti-censorship/lox/-/merge_requests/147 Needs help with: dcf: 2024-11-14 Last week: -snowflake azure cdn bookkeeping https://gitlab.torproject.org/tpo/anti-censorship/team/-/wikis/Snowflake-co… - allocated resources for Debian 12 replacement snowflake broker https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… - opened issue to remember to turn off the old Debian 10 broker https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… Next week: - comment on updates to unreliable snowflake transport https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… - open issue to have snowflake-client log whenever KCPInErrors is nonzero https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… - parent: https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… - open issue to disable /debug endpoint on snowflake broker Help with: - tell me when to restart the brokers for https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… meskio: 2024-11-14 Last week: - review the status of the snowflake package dependencies (snowflake#40410) - remove race conditions in rdsys (rdsys#223) - fix email freezee in rdsys (rdsys#129) - release and deploy rdsys - inhibite ratio alerts (tpa/prometheus-alerts!60) Next week: - update snowflake proxy debian package Shelikhoo: 2024-11-14 Last Week: - [Pending] snowflake broker update/reinstall(cont.): https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… - [Awaiting Review] Unreliable+unordered WebRTC data channel transport for Snowflake rev2 (cont.)( https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… ) improvements - [Awaiting Input] Review CI: fix `latest` container image tag. https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… - Update Snowflake dependencies: https://gitlab.torproject.org/tpo/anti-censorship/connectivity-measurement/… - Update Snowflake WebExtension Domain: https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… - Logcollector anomaly investigate: https://gitlab.torproject.org/tpo/anti-censorship/censorship-analysis/-/iss… - Merge request reviews Next Week/TODO: - Merge request reviews - Work on finishing snowflake container release(and fix the comments) - Vantage point deployment in Iran - Snowflake broker deployment onyinyang: 2024-11-14 Last week(s): - Refactored MR for test distributor implementation into - https://gitlab.torproject.org/tpo/anti-censorship/lox/-/merge_requests/274 - Now this can remain in the main branch and the test distributor can be deployed with the --features test-branch flag - wasm changes will remain on the testing branch while https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/43096#n… is being sorted. - Updated lox-zkp to account for thiserror upgrade that was causing artifact issues, fixed testing in lox-zkp - working on refactor of Lox (library) protocols to improve issuing efficiency as described in: https://eprint.iacr.org/2024/1552.pdf Next week: - Fix up Troll-patrol MR - Fix up wasm changes in https://gitlab.torproject.org/tpo/anti-censorship/lox/-/merge_requests/271 - Deploy test distributor - Continue work on improving issuer efficiency in Lox protocols - update lox protocols to return duplicate responses for an already seen request - Work on outstanding milestone issues: in particular: https://gitlab.torproject.org/tpo/anti-censorship/lox/-/issues/69 - key rotation automation Later: pending decision on abandoning lox wasm in favour of some kind of FFI? https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/43096): - add pref to handle timing for pubkey checks in Tor browser - add trusted invitation logic to tor browser integration: https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/42974 - improve metrics collection/think about how to show Lox is working/valuable - sketch out Lox blog post/usage notes for forum (long term things were discussed at the meeting!): - brainstorming grouping strategies for Lox buckets (of bridges) and gathering context on how types of bridges are distributed/use in practice Question: What makes a bridge usable for a given user, and how can we encode that to best ensure we're getting the most appropriate resources to people? 1. Are there some obvious grouping strategies that we can already consider? e.g., by PT, by bandwidth (lower bandwidth bridges sacrificed to open-invitation buckets?), by locale (to be matched with a requesting user's geoip or something?) 2. Does it make sense to group 3 bridges/bucket, so trusted users have access to 3 bridges (and untrusted users have access to 1)? More? Less? theodorsm: 2024-10-24 Last weeks: - Adjusting to post-student life - Testing out beta releases of pion dtls and webrtc Next weeks: - Update Snowflake to use latest pion upstream releases - Test Snowflake fork with covert-dtls - Condensing thesis into paper Help with: - Feedback on thesis Facilitator Queue: onyinyang meskio shelikhoo 1. First available staff in the Facilitator Queue will be the facilitator for the meeting 2. After facilitating the meeting, the facilitator will be moved to the tail of the queue -- meskio | https://meskio.net/ -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- My contact info: https://meskio.net/crypto.txt -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Nos vamos a Croatan.

1 0

mailman 2 retirement imminent
by Antoine Beaupré 13 Nov '24

13 Nov '24

Hi everyone! This is hopefully (again!) my last email about Mailman 2 ever. Normally, everything should be up and running on Mailman 3. You should have everything you need there. Next week, I will be upgrading the main mail server, eugeni, where Mailman 2 was running. This will mean the final retirement of mailman 2, along with all its metadata about lists. Note that some of those things did *not* carry over to the new server. With geko, we found some bans that didn't transfer properly for example. We also also needed to approve some pending messages on tor-relays. So I've restored the service for Mailman 2, temporarily. It should now be available at: https://mailman2.torproject.org/ It's protected by a username / password, try tor-guest, with no password. Note that this service is *not* meant to be kept running like this. This is just available to pick up your remaining stuff and move it over to Mailman 3. I'm going to give this a week and then shutdown the virtual host again. Let me know if you need more time to finish those checks! Finally, note that I've decided to keep all the mailboxes (`mbox`) files from the current archives, including public *and* private archives, from current *and* retired mailing lists, archived on the new mailing list server. That way we don't have to worry about losing data on retired lists. a. -- Antoine Beaupré torproject.org system administration

1 1

minutes from the sysadmin meeting
by Antoine Beaupré 11 Nov '24

11 Nov '24

# Roll call: who's there and emergencies anarcat, gaba, groente, lavamind, lelutin, zen. There's significant noise in monitoring, but nothing that makes it worth canceling this meeting. # Dashboard review ## Normal per-user check-in Tried to make this section quick, but there were some discussions to be had: * https://gitlab.torproject.org/groups/tpo/-/boards?scope=all&utf8=%E2%9C%93&… * https://gitlab.torproject.org/groups/tpo/-/boards?scope=all&utf8=%E2%9C%93&… * https://gitlab.torproject.org/groups/tpo/-/boards?scope=all&utf8=%E2%9C%93&… * https://gitlab.torproject.org/groups/tpo/-/boards?scope=all&utf8=%E2%9C%93&… * https://gitlab.torproject.org/groups/tpo/-/boards?scope=all&utf8=%E2%9C%93&… ## General dashboards Skipped this section. * https://gitlab.torproject.org/tpo/tpa/team/-/boards/117 * https://gitlab.torproject.org/groups/tpo/web/-/boards * https://gitlab.torproject.org/groups/tpo/tpa/-/boards # Tails merge discussion Let's review the work Zen did. Our rough plan was: - confirm already identified consensus - try to establish consensus on remaining items, or at least detail controversies and blockers - establish what should be done in 2025, 2026, < 2030, > 2030 We followed the [TPA-RFC-73 Draft](https://gitlab.torproject.org/tpo/tpa/team/-/wikis/policy/tpa-rfc-73… as it was at the time the meeting started. We figured that today, we would agree on strategy (e.g. puppet merge), on the colors (e.g. which services are retired), and postpone the "what happens when" discussion. We also identified that most services above "low complexity" will require their own discussions (e.g. "how do we manage the Puppet control repo", "how do we merge weblate") that will happen later. ## Per service notes - Alternative to puppet merge: migrate services to TPA before moving Puppet, but not a good idea because some services can't be easily migrated. - registrars and colo could just depend on password store and not be otherwise changed. - website depends on powerdns - agreement of merging puppet codebases first - eyaml: merge for now, until people get familiar with both trocla and eyaml, but we probably should have a single system for this - virtualization: proposal: treat the old stuff as legacy and don't create new VMs there or make new hosts like those, if we need to replace hardware we create a ganeti box - weblate: - option 1: move the tor weblate to the self-hosted instance, need approval from emmapeel, check what reasons there were for not self-hosting - option 2: move tails translation to tor's weblate and rethink the translation workflow of tails We didn't have time to establish a 2025 plan, and postponed the rest of the discussions here. # 2025 roadmap brainstorm Throw ideas in the air and see what sticks about what we're going to do in 2025. Following, of course, priorities established in the Tails roadmap. Postponed. ## What we promised OTF For Tails: - B.2: Keep infrastructure up-to-date and secure > As in Year 1, this will involve the day-to-day work needed to keep the > infrastructure we use to develop and distribute Tails up-to-date. This > includes our public website, our development servers for automatic builds > and tests, the translation platform used by volunteers to translate Tails, > the repositories used for our custom Debian packages and reproducible > builds, etc. Progressively over Year 2 of this contract with OTF, as Tails > integrates within the Tor Project, our sysadmins will also start maintaining > non-Tails-specific infrastructure and integrate internal services offered by > Tails within Tor’s sysadmin workflow https://nc.torproject.net/s/eAa88JwNAxL5AZd?path=%2FGrants%2FOTF%2F2024%20-… For TPA: - I didn't find anything specific for TPA. https://nc.torproject.net/s/eAa88JwNAxL5AZd?path=%2FGrants%2FOTF%2F2024%20-… # Metrics of the month * hosts in Puppet: 90, LDAP: 90, Prometheus exporters: 504 * number of Apache servers monitored: 34, hits per second: 612 * number of self-hosted nameservers: 6, mail servers: 11 * pending upgrades: 0, reboots: 77 * average load: 1.03, memory available: 3.50 TiB/4.96 TiB, running processes: 321 * disk free/total: 65.69 TiB/139.85 TiB * bytes sent: 423.32 MB/s, received: 270.22 MB/s * planned bookworm upgrades completion date: 2024-10-02 * [GitLab tickets][]: 256 tickets including... * open: 2 * icebox: 162 * future: 39 * needs information: 4 * backlog: 27 * next: 11 * doing: 5 * needs review: 7 * (closed: 3760) [Gitlab tickets]: https://gitlab.torproject.org/tpo/tpa/team/-/boards Upgrade prediction graph lives at https://gitlab.torproject.org/tpo/tpa/team/-/wikis/howto/upgrades/bookworm/… Note that we have only a single "buster" machine left to upgrade after the Mailman 3 upgrade, and also hope to complete the bookworm upgrades by the end of the year. The above "in 3 weeks" date is unrealistic and will be missed. The "all time" graph was also rebuilt with histograms, making it a little more readable, with the caveat that the X axis is not to scale: https://gitlab.torproject.org/tpo/tpa/team/-/wikis/howto/upgrades/#all-time… -- Antoine Beaupré torproject.org system administration

1 0

← Newer
1
...
6
7
8
9
10
11
12
...
241
Older →

Jump to page:

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

tor-project