Hi everyone! Here are our meeting logs: http://meetbot.debian.net/tor-meeting/2021/tor-meeting.2021-08-19-16.00.html and our meeting pad: Anti-censorship work meeting pad -------------------------------- Next meeting: Thursday August 19th 16:00 UTC Weekly meetings, every Thursday at 16:00 UTC, in #tor-meeting at OFTC (channel is logged while meetings are in progress) == Goal of this meeting == Weekly checkin about the status of anti-censorship work at Tor. Coordinate collaboration between people/teams on anti-censorship at Tor. == Announcements == Job opening on the anti-censorship team: https://www.torproject.org/about/jobs/software-developer-anticensorship-2/ \o/ == Discussion == - v3 of the webext manifest doesn't support creating peerconnections in the background - last time: - we will present our need to https://github.com/w3c/webrtc-extensions/issues/77 to encourage them to permit WebRTC in service workers - no updates this week: cohosh will take over drafting a comment for the linked issue - Tor and obfs4/meek blocking in TM: https://gitlab.torproject.org/tpo/community/support/-/issues/40030 - last time: - https://metrics.torproject.org/userstats-relay-country.html?start=2021-05-14... - ggus found a volunteer to help with testing. obfs4, meek-azure, and snowflake did not work; a private obfs4 bridge worked. - http://emma.mhgb.net/ was not reachable, so ggus set up a mirror at http://emma.gus.computer/ - our tester is having difficulty installing a recent Tor browser on an old Windows computer - will ask to install ooniprobe - cohosh will ask OONI (arturo and maria) for contacts in TM - Snowflake reporting its own connection failures and sending messages to tor logs - https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snowf... - useful for diagnosing failures to connect, by users or our own testing, without having to enable the snowflake-client log file - e.g. using PT protocol LOG or STATUS messages - Ukraine is experiencing an increase in relay users - https://metrics.torproject.org/userstats-relay-country.html?country=ua - in the past this was due to a browser bundling tor for anti-blocking purposes - https://gitlab.torproject.org/tpo/anti-censorship/censorship-analysis/-/issu... == Interesting links == USENIX Security 2021 papers https://www.usenix.org/conference/usenixsecurity21/technical-sessions "Domain Shadowing: Leveraging Content Delivery Networks for Robust Blocking-Resistant Communications" https://www.usenix.org/conference/usenixsecurity21/presentation/wei "How Great is the Great Firewall? Measuring China's DNS Censorship" https://www.usenix.org/conference/usenixsecurity21/presentation/hoang "Balboa: Bobbing and Weaving around Network Censorship" https://www.usenix.org/conference/usenixsecurity21/presentation/rosen "Weaponizing Middleboxes for TCP Reflected Amplification" https://www.usenix.org/conference/usenixsecurity21/presentation/bock "Defeating DNN-Based Traffic Analysis Systems in Real-Time With Blind Adversarial Perturbations" https://www.usenix.org/conference/usenixsecurity21/presentation/nasr == Reading group == We will discuss "" on Questions to ask and goals to have: What aspects of the paper are questionable? Are there immediate actions we can take based on this work? Are there long-term actions we can take based on this work? Is there future work that we want to call out, in hopes that others will pick it up? == Updates == Name: This week: - What you worked on this week. Next week: - What you are planning to work on next week. Help with: - Something you need help with. cecylia (cohosh): last updated 2021-08-19 Last week: - hiring tasks for ac team and network team - 3 full days of s28 integration/scrimmage prep x_x - checked on censorship measurement tests - looked in TM blocking of Tor bridges (support#40030) - parse SOCKS args for Snowflake (snowflake#40059) This week: - more hiring and s28 meetings - censorship measurement tests and tools - help the browser team with tor's autoconnect feature - reviews - rdsys!11 - snowflake!52 followup - snowflake#25595 followup - follow up on OONI tor tests - lots of miscellaneous gitlab TODOs Needs help with: arlolra: 2021-08-12 Last week: - Migrate to v3 of the webextension manifest Next week: - Maybe get back to snowflake-webext #10 - Write up the pitch for our use case for supporting creating PeerConnections in background service workers https://github.com/w3c/webrtc-extensions/issues/77 Help with: - dcf: 2021-08-19 Last week: - snowflake CDN bookkeeping https://gitlab.torproject.org/tpo/anti-censorship/team/-/wikis/Snowflake-cos... - posted a summary of the Turkmenistan situation https://ntc.party/t/recent-drop-in-tor-users-from-turkmenistan-testers-wante... https://gitlab.torproject.org/tpo/community/support/-/issues/40030 Next week: Help with: agix:2021-07-15 Last week: -Off due to final exams Next week: -Work on bridgebox for rdsys -More research on httpt #4 Help with: - maxb: 2021-07-15 Last week: - Opened https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snowf... re: utls for broker negotiation - Worked on github.com/max-b/nat-testing for https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snowf... - Added a snowflake-proxy-no-nat and a snowflake-client-no-nat to help with debugging - Successfully making connections from snowflake-client and snoflake-client-no-nat through the snowflake-proxy-no-nat, but not having any success with the snowflake-proxy (with nat). - Added a local dockerized STUN server Next week: - Use wireshark to figure out the difference between successful snowflake-proxy-no-nat and unsuccessful snowflake-proxy-nat - Work on implementing different NAT types, particularly in a way that's conducive to automatic testing - Add testing wrapper w/ "pass/fail" conditions meskio: 2021-08-19 Last week: - catch up after 3 weeks AFK (still in process) - debug bridgestrap CollecTor metrics and why are not produced (bridgestrap#22) - review bridgestrap fix to test only uncached bridges (bridgestrap!11) - review bridgedb parse X-Forwarded-For header properly (bridgedb!21) - review snowflake SOCKS arguments (snowflake!53) Next week: - make bridgestrap CollecTor metrics resistant to restarts (bridgestrap#22) - change bridgedb to send obfs4 bridges by default over email (bridgedb#50) - gettor in rdsys architecture documentation (rdsys#44) - make a proposal for duplicated tests in bridgestrap CollecTor metrics (bridgestrap#23) Help with: -