Hey everyone! Here are our meeting logs: https://meetbot.debian.net/tor-meeting/2026/tor-meeting.2026-04-09-16.00.htm... And our meeting pad: Anti-censorship work meeting pad -------------------------------- Anti-censorship -------------------------------- Next meeting: Thursday, Apr 16 16:00 UTC Facilitator:meskio ^^^(See Facilitator Queue at tail) Weekly meetings, every Thursday at 16:00 UTC, in #tor-meeting at OFTC (channel is logged while meetings are in progress) This week's Facilitator:shelikhoo == Goal of this meeting == Weekly check-in about the status of anti-censorship work at Tor. Coordinate collaboration between people/teams on anti-censorship at the Tor Project and Tor community. == Links to Useful documents ==     * Our anti-censorship roadmap:         * Roadmap:https://gitlab.torproject.org/groups/tpo/anti-censorship/-/boards     * The anti-censorship team's wiki page:         * https://gitlab.torproject.org/tpo/anti-censorship/team/-/wikis/home     * Past meeting notes can be found at:         * https://lists.torproject.org/pipermail/tor-project/     * Tickets that need reviews: from projects, we are working on:         * All needs review tickets:             * https://gitlab.torproject.org/groups/tpo/anti-censorship/-/merge_requests?sc... == Announcements ==     * == Discussion ==     * (New 04-08) Requesting feedback on broker AIMD dynamic poll interval         * Description: https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snowf...         * Simulation results: https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snowf...         * Implementation: https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snowf...  - Snowflake-targeted DTLS filtering in Russia, starting 2026-03-30 https://github.com/net4people/bbs/issues/603 == Actions ==     * == Interesting links ==     * https://www.internetsociety.org/resources/doc/2025/mandated-dns-blocking/         * "Mandated DNS blocking, often presented as a straightforward policy solution, is ineffective, harmful, and impractical. It is ineffective because it is easily circumvented by users and fails to remove targeted content, which simply reappears under new domain names. It is harmful because this blunt instrument cannot distinguish between lawful and unlawful material, leading to overblocking, fragmentation of the Internet’s global naming system, and the failure of interconnected services, including critical security protocols. Finally, it is impractical because the DNS is not bound by geography, meaning national blocking orders against global resolvers create unintended and widespread extraterritorial effects. Mandated blocking is the wrong tool for a role the DNS was never designed to play." == Reading group ==     * We will discuss "" on         *         * Questions to ask and goals to have:             * What aspects of the paper are questionable?             * Are there immediate actions we can take based on this work?             * Are there long-term actions we can take based on this work?                 *             * Is there future work that we want to call out in hopes that others will pick it up?     * Next in the Reading Group Queue:         * == Updates == Name:         This week:             - What you worked on this week.         Next week:             - What you are planning to work on next week.         Help with:             - Something you need help with. cecylia (cohosh): 2026-04-09     Last week:         - responded to blocking of snowflake in russia             - opened issue with iptproxy to enable covertdtls feature             - enabled covertdtls by default for standalone proxies (snowflake!700)             - caught up on anonymous report about blocking triggered by simultaneous connections (snowflake#40529)             - released new version of snowflake (v2.13.1)         - finished simple simulation and implementation of dynamic poll rate adjustment (snowflake#25598)             - opened draft MR for dynamic poll rate adjustment (snowflake!701)     Next week:         - keep following up with fingerprinting in Russia         - make proxy-bridge reachability checks robust to bridge outages (snowflake#40504)         - more work on letting broker inform proxies how often to poll             - have proxies honour the NextPoll message         - follow up about running shadow simulations for snowflake performance         - revisit conjure integration with lyrebird         - take a look at potential snowflake orbot bug             - https://github.com/guardianproject/orbot-android/issues/1183 dcf: 2026-04-09     Last week:         - opened an issue for snowflake proxy -covertdtls-fingerprint silent termination https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snowf...         - opened an issue to have snowflake-client log whenever KCPInErrors is nonzero https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snowf...     Next week:         - comment on dynamic poll rate adjustment https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snowf...         Help with: meskio: 2026-03-26     Last week:         - split translation strings in the telegram distributor to make it easier to translate (rdsys#299)         - stop sharing windows7 TB in Telegram gettor, as there is no releases anymore (onionsproutsbot#77)         - assignments log scrambled on our side (rdsys!638)         - grant work     Next week:         - give it a try to gorelease to produce debian packages Shelikhoo: 2026-04-09     Last Week:          - [Testing] Unreliable+unordered WebRTC data channel transport for Snowflake rev2 (cont.)( https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snowf... ) testing environment setup/research             - Merge request Reviews             - [Research] proxy pool overload and potential blocking in Iran ( https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snowf... )             - [Research] Add three NAT type buckets to the snowflake broker ( https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snowf... )             - Writing Socks5 UDP proxy for nat type simuation             - Update Snowflake STUN servers at Tor browser ( https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/merge_req... )     Next (working) Week/TODO:         - Merge request reviews         - [Deployment]Unreliable+unordered WebRTC data channel transport for Snowflake rev2 (cont.)( https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snowf... ) Building custom Tor Browser with patch applied         - Vantage point maintaince             - [Research] proxy pool overload and potential blocking in Iran ( https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snowf... )             - [Research] Add three NAT type buckets to the snowflake broker ( https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snowf... ) onyinyang: 2026-04-09     Last week(s):             - Started background work for project #170     Next week:            - Start on tasks for project #170    Switch back to some of these:        As time allows:           - Continue work on rdsys#196                 - Continue Investigating rdsys#248 i.e., why dysfunctional webtunnel bridges are being distributed                 - Troubleshooting conjure not connecting in China                         - waiting for more information from conjure authors/maintainers                 - Lox still seems to be filling up the disk on the rdsys-test server despite changes made to delete old entries, look into what's going wrong                Blog post for conjure: https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/conju...               - review Tor browser Lox integration https://gitlab.torproject.org/tpo/applications/tor-browser/-/merge_requests/...               - add TTL cache to lox MR for duplicate responses: https://gitlab.torproject.org/tpo/anti-censorship/lox/-/merge_requests/305             - Work on outstanding milestone issues:                 - key rotation automation         Later:         pending decision on abandoning lox wasm in favour of some kind of FFI? https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/43096):             - add pref to handle timing for pubkey checks in Tor browser             - add trusted invitation logic to tor browser integration: https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/42974         - improve metrics collection/think about how to show Lox is working/valuable         - sketch out Lox blog post/usage notes for forum     (long term things were discussed at the meeting!):         - brainstorming grouping strategies for Lox buckets (of bridges) and gathering context on how types of bridges are distributed/use in practice             Question: What makes a bridge usable for a given user, and how can we encode that to best ensure we're getting the most appropriate resources to people?                 1. Are there some obvious grouping strategies that we can already consider?                     e.g., by PT, by bandwidth (lower bandwidth bridges sacrificed to open-invitation buckets?), by locale (to be matched with a requesting user's geoip or something?)                 2. Does it make sense to group 3 bridges/bucket, so trusted users have access to 3 bridges (and untrusted users have access to 1)? More? Less? theodorsm: 2026-04-09         Last weeks:             - MR updating covert-dtls and improving public config API: https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snowf...             - Implementing DTLS 1.3 in pion         Next weeks:             - Implementing DTLS 1.3 in pion         Help with:             -