Network team meeting pad, 23 October 2017
Welcome to our meeting! Every monday at 1700 UTC on #tor-meeting on OFTC. (This channel is logged while meetings are in progress.)
Want to participate? Awesome! Here's what to do:
1. If you have updates, enter them below, under your name.
2. If you see anything you want to talk about in your updates, put them in boldface!
3. Show up to the IRC meeting and say hi!
Note the meeting location: #tor-meeting on OFTC!
for background.)
Meeting notes from last week:
Announcements:
* Remember, this meeting is 1700 UTC, no matter what local time is. Watch for daylight saving changes in October or November.
Discussion topics:
* Do we want to plan a hackfest in 2018? I sent some options to the list. (teor)
* Do we want/need any additional proposals for guard-discovery other than Prop247 updates?
(See the SponsorV page for lists of guard discovery tickets and a rough roadmap - this
should help us decide)
* Notes from network team working sessions- is there a place to find these?
[I still have the notes from the Firefox-uplifting-TB-patches-and-eventually-maybe-shipping-tor-in-private-browsing-mode meeting, and I've forgotten to type them up. I'll do that this morning and send to notes@. —isis]
[note that you can also probably just photograph them and send them to notes@, if you run out of time to type. -nm]
Updates: (Please use boldface to indicate discussion topics)
teor (offline):
Last week:
- - I keep seeing "Attempt to open a stream on first hop of circuit" warnings in chutney in recent master and 0.3.2, anyone know why? (#24011)
- [NM: dgoulet notes that we removed the AllowSingleHopExits option recently. Could that be at fault?]
- Proposed moving IPv6 ORPorts to the microdesc consensus (prop#283, #20916 and children), and discussed the draft proposal with the dir-auth list
- Tried to help arthuredelstein diagnose Tor Browser connection timeouts: we think it's caused by overloaded exits, which probably needs some bandwidth authorities to change location, or more bandwidth authorities (#21394)
- Ripped out buggy IPv6-specific v3 single onion service code, but kept support for IPv4 v3 single onion services (#23820)
- We want to reduce relay bandwidth stats intervals, to make client guards harder to find using these stats (#23856)
- More fun with missing microdescriptors! (#21969 and children)
- Post-travel admin
- Experimental PrivCount deployments, bug fixes, and feature development
This week:
- Experimental PrivCount onion service client descriptor fetches, intro and rend failure counts
- Nudge the prop#283 thread, and once we're sure we want it, get the code reviewed
mikeperry (offline - biological timezone and sleep issues):
Last Week:
- Recovering from illness, slowly but surely.
[NM: Poked asn, teor, armadev about this.]
This week:
- Finishing up #23100 and #23114 (basically they need tests and asn had some trac comments as well).
- If time/energy, start writing an experiment plan for the prop247 performance simulator.
Nick:
Last Week:
- Six releases. Whee!
- Reviewed and merged a bunch
- Including the protover-in-rust code!
- - Are the doc/HACKING/*Rust.md documents up-to-date?
- CK: I am planning on reviewing these this week to fix up anything that isn't
- [ I'm also happy to go over them. —isis]
- Met with Isabela for roadmapping, planning, catch up
- Helped a little with modularization proposal
- worked on hsdescv3 fuzzing a little
This week:
- Wrap up october tasks; plan more about november. (Remember the roadmap?)
- Review and merge more stability fixes for <= 0.3.2
- Write two or three proposals/design docs:
- Improved APIs for control on mobile/embedded systems
- Privcount with shamir-style secret splitting (if somebody can help figure out the math)
- Ed25519 ID -> Consensus proposal
- Coordinate w/ other teams on roadmap dependency issues
- Follow up to Tim's n-t-s email.
komlo (offline):
Last week:
- - Helped with the protover-in-rust merge!
This week:
- Work on fixing up some post-review improvements (#24029 and #24032)
haxxpop:
- - Try to learn Rust and contribute something
- - Maybe, I will take a look on fuzzing some http request
Tabish:
This week:
-Try to figure out how tor works and look at some easy tickets to find an interesting one.
ahf:
Last week:
Sponsor 8:
- Reviewed ticket #23845, #23848, and #23900.
- Meeting with Isabela + Nick about the modularization proposal.
- Looked into simpleperf again with some more luck. Some sample reports can be seen at
- Rebased my Orbot repository with Nathan's recent changes to upstream Orbot.
- Opened #24061 (master) + #24062, #24063, #24064 and #24065 to track S8 performance work and added them to
milestone spreadsheet.
Misc:
- Random small catch ups from notes from Montreal.
This week:
Sponsor 8:
- Profiling of memory + CPU + battery baseline, discuss results and
figure out where we should dive in first in November (#24065).
- Update build instructions and hopefully get someone else to try it out.
Sponsor 4:
- Look into Nick's review in #22275 that got lost in all the BornHack stress in August/September.
Misc:
- Bug triage duty.
- End of the month tasks: Harvest + Montreal reimbursement.
dgoulet:
Last week:
- Worked on all my assigned 032 tickets which was most of my week.
- Investigated the possible reasons on why we've lost ~500 Running relays
in the network. I didn't want to exclude a tor bug.
- Did some scheduler design work, no code yet. (#23993)
- Writing an email for tor-dev@ that should go out soon about the state of
connection/channel/scheduler for us to understand better the problem we
are facing with the scheduler subsystem.
This week:
- Continue the work on 032 tickets and hopefully review some!
- More progress for the scheduler work (#23993) because it might not be
that small and 033 merge window is open!
- Need to tackle the HS circuit timeout situation basically write down
current state and discuss at least with Mike what to fix or change.
catalyst:
last week (2017-W43):
- HackerOne triage
- we might want to refine our HackerOne policy somewhat
- reviewing #23816 (jittered backoff)
- reviewing #23532 (add_laplace_noise())
this week (2017-W44):
- follow up on some HackerOne stuff
- more review of #23816 and #23532
- how hard do we want to investigate why 0.2.9 seems not to be vulnerable to the #20532 bridge bypass?
- [NM: If we are fairly sure that the bypass doesn't happen, let's ascribe it to the big guard rewrite in 0.3.0]
isis:
last week:
- reviewed/patched #18329 and #23594, so BridgeDB will now not distribute bridges that request not to be distributed
- looked into an issue with some bridges not marked running (#23958)
- started a patch for #16564 to keep bridges (with a "bridge-distribution-request" server descriptor line) out of the consensus
- signed up for Tor's HackerOne
* would someone be willing to answer some questions about triage?
* there's TB bugs in there, do we triage those? is there another account for TB?
* there's non-security bugs in there, do i just make normal tickets for those?
* how does giving people credit for finding bugs work? do i just credit them for any bug, even if it's not a vuln?
this week:
- getting integration tests for moat to pass (#15957)
- - more roadmap, making tickets, triaging
Isabela:
Last week:
- submitted the modularization proposal
- met with Nick to talk about the team roadmap - specially november and december tasks.
This week:
- working with team leads on inter-team roadmap sharing - will send emails on this later today
- sponsor8 report for august and september