Hey everyone!
Here are our meeting logs: http://meetbot.debian.net/tor-meeting/2023/tor-meeting.2023-01-26-16.01.html
And our meeting pad:
Anti-censorship work meeting pad -------------------------------- ------------------------------------------------------------------------------------ THIS IS A PUBLIC PAD ------------------------------------------------------------------------------------
Anti-censorship team meeting pad --------------------------------
Next meeting: Thursday, February 2 16:00 UTC
Weekly meetings, every Thursday at 16:00 UTC, in #tor-meeting at OFTC (channel is logged while meetings are in progress)
== Goal of this meeting ==
Weekly check-in about the status of anti-censorship work at Tor. Coordinate collaboration between people/teams on anti-censorship at the Tor Project and Tor community.
== Links to Useful documents ==
* Our anti-censorship roadmap: * Roadmap: https://gitlab.torproject.org/groups/tpo/anti-censorship/-/boards * The anti-censorship team's wiki page: * https://gitlab.torproject.org/tpo/anti-censorship/team/-/wikis/home * Past meeting notes can be found at: * https://lists.torproject.org/pipermail/tor-project/ * Tickets that need reviews: from sponsors, we are working on: * All needs review tickets: * https://gitlab.torproject.org/groups/tpo/anti-censorship/-/merge_requests?sc... * Sponsor 28 * must-do tickets: https://gitlab.torproject.org/groups/tpo/-/milestones/10 * possible tickets: https://gitlab.torproject.org/groups/tpo/-/issues?scope=all&utf8=%E2%9C%... * Sponsor 96 * https://gitlab.torproject.org/groups/tpo/-/milestones/24 * Sponsor 139 <-- hackerncoder, irl, joydeep, meskio, emmapeel working on it * https://pad.riseup.net/p/sponsor139-meeting-pad
== Announcements == *
== Discussion == * * ln5 asks: does the anti-censorship team want a paid-for host to run STUN/TURN servers on? This is something that could be made part of a grant/fund request. * A server we run ourselves is, in principle, easy to block. The intent is either (not fully sure at this point): * Run a server that is open to the public, so that there are collateral users besides just Snowflake users. * Run a server just for Snowflake, and let it be blocked by the censors that know to block it, simply to reduce load on the other servers we use, in the places where it does not get blocked. (Like the default obfs4 bridges, which are also easy to block, but are not in many places.) * Not a lot of excitement for either idea, since connecting to a distinguished STUN/TURN server is a protocol identification risk. * Suggestion is to run a public STUN/TURN server, but only for Snowflake, and only for proxies (not clients), so that it does not become an identifier for clients. * Proxies-only would work for STUN, but if it were TURN, the connection would still be identifiable by censors (because both the proxy and client would relay through the same TURN IP address). * Will ask ln5 and cohosh for more context.
* snowflake fallback from domain fronting to amp cache, how/whether/when/etc to implement (https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snowf...) * arma is going to check how hard would be to change c-tor to only connect to two bridges instead of all of them at once. So maybe we can duplicate bridges with domain fronting and amp cache * we need to check the consecuences of using amp cache, and if we are ok having half of our users using it
* use ampcache for snowflake in IR? * https://gitlab.torproject.org/tpo/anti-censorship/team/-/issues/115 * https://gitlab.torproject.org/tpo/anti-censorship/rdsys-admin/-/merge_reques... * our domain front for both snowflake and circumvention settings is blocked in Iran * that will mean configuring amp cache in Circumvention Settings, the people that will get this configuration will still be able to use domain fronting to access snowflake, but they will keep
== Actions ==
* We should make a ticket for pion to cache its stun answers when possible, because right now it surprises us by asking way more stun questions than it actually needs to. * We might want to be able to spin up our own stun servers, on our own ip/port, for debugging. We should talk to TPA about that goal at some point (not urgent). * Roger will look more at https://gitlab.torproject.org/tpo/core/tor/-/issues/40578 ("only contact the first few working bridges on your bridge list" and plan to have a sense of whether it will be an easy hack or a hard one, for next week.
== Interesting links ==
== Reading group ==
* We will discuss "" on * * Questions to ask and goals to have: * What aspects of the paper are questionable? * Are there immediate actions we can take based on this work? * Are there long-term actions we can take based on this work? * Is there future work that we want to call out in hopes that others will pick it up?
== Updates ==
Name: This week: - What you worked on this week. Next week: - What you are planning to work on next week. Help with: - Something you need help with.
cecylia (cohosh): last updated 2023-01-26 Last week: - FOCI workshop prep - some progress on rust library for rdsys backend - https://gitlab.torproject.org/cohosh/rdsys-backend-api This week: - wrap up conjure documentation and write an announcement asking for testers - finish rust library for rdsys backend - continue working on lox client integration in Tor Browser - take a look at the dead on arrival rotating bridge problem - https://gitlab.torproject.org/tpo/anti-censorship/connectivity-measurement/l... Needs help with:
dcf: 2023-01-19 Last week: - made merge request to bring sample snowflake client torrc up to date https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snowf... - more review on abbreviating ice specifications https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snowf... - promoted the patch to remove Hello Verify Request and asked for testing https://ntc.party/t/second-snowflake-bridge-available-for-testing/3445/11 https://ntc.party/t/in-case-snowflake-rendezvous-gets-blocked/1857/25 - hacking on snowflake-graphs to do per-country graphs Next week: - migrate goptlib to gitlab https://gitlab.torproject.org/tpo/anti-censorship/team/-/issues/86#note_2823... - try Conjure PT development version https://forum.torproject.net/t/tor-dev-introducing-a-conjure-pt-for-tor/4429 Help with:
meskio: 2023-01-26 Last week: - give support to bridgesanner (rdsys#143) - review gettor whatsapp implementation (rdsys!66) - investigate the situation of meek in uzbekistan (censorship-analysis#40031) - write S96 report - prepare a Circumvention Settings configuration with ampcache for IR (rdsys-admin!13) - explore snowflake proxy docker options to avoid using the host network (docker-snowflake-proxy#11) Next week: - implement bridgescanner needs (rdsys#143)
Shelikhoo: 2023-01-26 Last Week: - [Merge Request Awaiting] Add SOCKS5 forward proxy support to snowflake (snowflake!64) - [Discussion & Deployment] Rollout of Distributed Snowflake Support - [Coding & Deployment] Proposal: Centralized Probe Result Collector (anti-censorship/team#54) - [Research] HTTPT Planning https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/httpt... - reply a lot of tickets - [Merge Request] Automated Container Image Building in Continuous integration (https://gitlab.torproject.org/tpo/anti-censorship/connectivity-measurement/p...) Next Week: - [Research] WebTunnel planning (Continue) - push the chunked upload raw data upload change to vantage points - research snowflake's performance issue in China
Itchy Onion: 2023-1-26 Last week: - Investigate whether stun over TLS is beneficial to us (issues#40240) - Looking at options for standalone proxy runners to specify an interface (issue#40108) This week: - Lunar New Year break - Continue working on issue #40108 (standalone proxy bind specific IP) - Review MRs
hackerncoder: 2023-01-12 last week: - figure out what makes ooni-exporter put all reports from a country in either success or failure (I still don't know why. But I got it to work) Next week: - getting ooni-exporter to work with torsf (snowflake) - work on monitoring bridges health
cece: 2022-12-22 This week: - working on creating a dummy WhatsApp bot Next week: - My bot is not yet working as expected s still trying to figure that out Help with: - resources