[OONI-operators] False positives how to correct?

Sun Apr 23 23:23:00 UTC 2017

Hi Stijn,

Stijn Jonker:
> First of all apologies for cross posting, I would assume this better firsts the operators list; however that seems such a low volume list, I thought maybe talk would be better. When the ooniprobe app was released for IOS I decided to run it, but the manual triggering made my participation somewhat low.
> 
> However despite no RPM's being available, I decided to add ooniprobe to my Tor relay as well. It was a little tricky getting it to work with the Tor running. But now I'm faced with some false positives on the reports and no clear way where to look or check for fixes as they are not actually blocked or filtered.

Just a warning: Since many websites and internet resources are using
automated IP blocklists or software that filters and bans Tor relays, it
may not be such a good idea to run ooniprobe on a Tor relay. tha could
possible explain some of the false positives that you experience with
ooniprobe.

> For the Tor check itself I get: "Evidence of possible censorship / Tor version 0.2.9.10 appears to be blocked." But when I check the Tor "tcp connect" then it's about 50% hit / miss ratio. Even the normal "Web connectivity" fails for https://mail.yahoo.com but when I'm checking manually;
>> [root at tornode ~]# curl https://mail.yahoo.com
>> <!doctype html public "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">

Can you provide any more details regarding this report?

> It seems just fine.
> 
> Maybe it's all due to the fact I'm not running ooniprobe as root but as an unprivileged user. This kind of brings me to the next thing. Documentation, I have found the wiki, tickets on Tor's Trac and Issues on github, but it's not clear to me where to find more documentation. The installation guide on the ooni portal doesn't mention whether one should be running as root, or actually suggests not to.

Do you see any warnings or error messages in your ooniprobe log file?

> Info about platform:
> - Centos7 X86_64
> - No NAT, Dualstack IPv4/IPv6
> - Runs Tor as Relay version 0.2.9.10
> - Ooniprobe 2.2.0 installed via pip install github.com/<..>/master.zip

Please note that the master git repository branch of ooniprobe may not
be production ready and could contain unexpected bugs.

> - Ooniprobe (and Tor) run each as unprivileged users (other accounts)
> - Host performs no other tasks/functions
> - IPtables active, rule based on user: allow all outbound

I hope that your IPtables rules are not interfering with what ooniprobe
tests do.

> - Not sure how to get usefull bits out of measurements.njson;
> -- happy to be pointed at someplace. As maybe this has where things go wrong.

You should start by reading the json report file (measurements.njson) by
doing something similar to this:
`python -m json.tool measurements.njson`

After finding out how an ooniprobe report file looks like you can parse
it further given that you know what you are looking for. You can find
documentation regarding the test specifications here:
https://github.com/TheTorProject/ooni-spec

Also please have a look at the developer's documentation of ooniprobe:
https://ooni.torproject.org/docs/index.html

Additionally you can also read the manual pages here:
https://github.com/TheTorProject/ooni-probe/tree/master/docs/source/manual

Hope my response has cleared up the things.

Thanks for running ooniprobe!

Cheers,
~Vasilis

-- 
Fingerprint: 8FD5 CF5F 39FC 03EB B382 7470 5FBF 70B1 D126 0162
Pubkey: https://pgp.mit.edu/pks/lookup?op=get&search=0x5FBF70B1D1260162

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 801 bytes
Desc: OpenPGP digital signature
URL: <http://lists.torproject.org/pipermail/ooni-operators/attachments/20170423/38a43d07/attachment.sig>