Hey everyone!
Here are our meeting logs: http://meetbot.debian.net/tor-meeting/2024/tor-meeting.2024-02-01-15.58.html
And our meeting pad:
Anti-censorship work meeting pad -------------------------------- Anti-censorship --------------------------------
Next meeting: Thursday, February 8 16:00 UTC Facilitator: cohosh
Weekly meetings, every Thursday at 16:00 UTC, in #tor-meeting at OFTC (channel is logged while meetings are in progress)
This week's Facilitator: shelikhoo
== Goal of this meeting ==
Weekly check-in about the status of anti-censorship work at Tor. Coordinate collaboration between people/teams on anti-censorship at the Tor Project and Tor community.
== Links to Useful documents == * Our anti-censorship roadmap: * Roadmap:https://gitlab.torproject.org/groups/tpo/anti-censorship/-/boards * The anti-censorship team's wiki page: * https://gitlab.torproject.org/tpo/anti-censorship/team/-/wikis/home * Past meeting notes can be found at: * https://lists.torproject.org/pipermail/tor-project/ * Tickets that need reviews: from sponsors, we are working on: * All needs review tickets: * https://gitlab.torproject.org/groups/tpo/anti-censorship/-/merge_requests?sc... * Sponsor 96 <-- meskio, shell, onyinyang, cohosh * https://gitlab.torproject.org/groups/tpo/-/milestones/24 * Sponsor 150 <-- meskio working on it * https://gitlab.torproject.org/groups/tpo/anti-censorship/-/issues/?label_nam...
== Announcements ==
* 0.4.7.x EOL:"~964 bridges, which means roughly 45% of the advertised bridges bandwidth)" https://forum.torproject.org/t/tor-relays-psa-tor-0-4-7-reaches-end-of-life-... * PSA: Elections in Pakistan February 8th.
== Discussion ==
* Tor Browser binaries are getting too big, can we reduce the size of PTs? * TB 13.0.9 was initially rejected by Google, compressed with 7-zip as a temporary workaround. * Could possibly combine multiple Go executables into one (so as to ship only one Go runtime), similar to how IPtProxy does it. * https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/issues/13... * There's a possible difficulty in reconciling all the possibly different version numbers of the dependencies of constituent programs. * https://github.com/u-root/gobusybox * Or, instead of independent executables, can make a new unified pluggable transport client dispatcher, that decides which transports to instantiate using the normal TOR_PT_CLIENT_TRANSPORTS etc. mechanism. * Merging webtunnel + lyrebird could be a good first step (shelikhoo will create an issue to track this) * Add WebTunnel built-in bridge in TB or does it need more testing? * As a way of educating users and operators about this new PT * Discussion on the use of builtin bridges: https://gitlab.torproject.org/tpo/anti-censorship/team/-/issues/102 * First step is to find an operator * builtin bridge informal requirements: https://gitlab.torproject.org/tpo/anti-censorship/team/-/wikis/Default-Bridg...
== Actions ==
== Interesting links ==
== Reading group == * We will discuss "" on * * Questions to ask and goals to have: * What aspects of the paper are questionable? * Are there immediate actions we can take based on this work? * Are there long-term actions we can take based on this work? * Is there future work that we want to call out in hopes that others will pick it up?
== Updates == Name: This week: - What you worked on this week. Next week: - What you are planning to work on next week. Help with: - Something you need help with.
cecylia (cohosh): 2024-02-01 Last week: - Lox Tor Browser integration - finished Lox module implementation - wrote up testing documentation for code auditors - SQS rendezvous deployment - https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snowf... This week: - open issue to update snowflake version for tor browser to include SQS rendezvous - update wasm-bindgen fork to fix some bugs and hopefully upstream changes - tor-browser-build updates for lox wasm + bindings generation - rebase and try out manifest v3 patch - Conjure bridge maintenance Needs help with:
dcf: 2024-02-01 Last week: Next week: - review draft MR for unreliable data channels https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snowf... - open issue to have snowflake-client log whenever KCPInErrors is nonzero https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snowf... - parent: https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snowf... - open issue to disable /debug endpoint on snowflake broker - move snowflake-02 to new VM Help with:
meskio: 2023-12-21 Last week: - grant writing Next week:
Shelikhoo: 2024-02-01 Last Week: - HTTPS distributors in rdsys: https://gitlab.torproject.org/tpo/anti-censorship/rdsys/-/issues/191 - Inspect Snowflake Situation In China - Merge request reviews Next Week/TODO: - HTTPS distributors in rdsys: https://gitlab.torproject.org/tpo/anti-censorship/rdsys/-/issues/191 - Update WebTunnel Container Image - Inspect Snowflake Situation In China
onyinyang: 2023-02-01 Last week(s): - Bug fixing and other things that come up as lox integration is rolled out - Started writing tests to figure out problem that makes distributor hang when bridges are not working - fixing a number of things that are not working as expected with sync functiosn
This week: - Continuing with bug fixing and other things that come up as lox integration is rolled out - Finish up fixing problems with syncing functions - Make Lox invitation endpoint only accessible via telegram - attempt hyper upgrade again
(long term things were discussed at the meeting!): https://pad.riseup.net/p/tor-ac-community-azaleas-room-keep - brainstorming grouping strategies for Lox buckets (of bridges) and gathering context on how types of bridges are distributed/use in practice Question: What makes a bridge usable for a given user, and how can we encode that to best ensure we're getting the most appropriate resources to people? 1. Are there some obvious grouping strategies that we can already consider? e.g., by PT, by bandwidth (lower bandwidth bridges sacrificed to open-invitation buckets?), by locale (to be matched with a requesting user's geoip or something?) 2. Does it make sense to group 3 bridges/bucket, so trusted users have access to 3 bridges (and untrusted users have access to 1)? More? Less?
theodorsm: 2023-01-11 Last weeks: - Currently in the start phase of writing my master thesis (to be finished late june 2024) in communication technology on reducing distinguishability of DTLS. The goal is to implement a validated DTLS anti-fingerprinting library similar to uTLS (useful for Snowflake). Next weeks: - Talk with Sean DuBois about contributing to adding anti-fingerprinting capabilities to the pion library Help with: - Find recent data set of captured DTLS traffic