From art at torproject.org  Wed Apr  5 15:41:49 2017
From: art at torproject.org (=?UTF-8?Q?Arturo_Filast=c3=b2?=)
Date: Wed, 5 Apr 2017 15:41:49 +0000
Subject: [ooni-talk] ooniprobe 2.2.0 is out!
Message-ID: <edfa0678-8cb2-b97b-c74e-b0492774a198@torproject.org>

Hello Oonitarians!

We are excited to announce the release of the latest version of ooniprobe!

Some of the features that are part of this new release include:

* Major improvements to the web user interface

* Support Spanish, French, Italian, English and Hindi

* Addition of a new Instant Messaging test for Telegram

* Progress indicator for ongoing measurements

You can find the full changelog here:
https://github.com/TheTorProject/ooni-probe/releases/tag/v2.2.0

Currently the 2.2.0 can be found in pypi and installed with pip by running:

$ pip install ooniprobe

We are also in the process of updating homebrew and debian packages and
we will let you know when those are out with instructions on how to upgrade.

Happy probing!

~ Arturo


From andz at torproject.org  Mon Apr 10 08:59:00 2017
From: andz at torproject.org (Vasilis)
Date: Mon, 10 Apr 2017 08:59:00 +0000
Subject: [ooni-talk] Reminder for weekly OONI IRC meeting: Monday 2017-04-10,
 16:00 UTC in #ooni
Message-ID: <554eeadd-17d5-95b3-a04b-424cfcd52fe2@torproject.org>

Hello everyone,

This is a reminder for today's weekly OONI IRC meeting.

It will happen as usual on the #ooni IRC channel (irc.oftc.net) at
16:00 UTC.

Meeting times around the world:
https://www.timeanddate.com/worldclock/fixedtime.html?iso=20170410T16

In case that you have no IRC client you can join via the web from:
https://kiwiirc.com/client/irc.oftc.net/ooni

Everybody is welcome to join us and bring their questions and feedback.

Please use the meeting agenda pad if you want to propose any topics:
https://pad.riseup.net/p/ooni-irc-pad

You can always find previous meeting logs at:
http://meetbot.debian.net/ooni/


~Vasilis
-- 
Fingerprint: 8FD5 CF5F 39FC 03EB B382 7470 5FBF 70B1 D126 0162
Pubkey: https://pgp.mit.edu/pks/lookup?op=get&search=0x5FBF70B1D1260162

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 801 bytes
Desc: OpenPGP digital signature
URL: <http://lists.torproject.org/pipermail/ooni-talk/attachments/20170410/7105b59b/attachment.sig>

From sjcjonker at sjc.nl  Sat Apr 15 08:30:02 2017
From: sjcjonker at sjc.nl (Stijn Jonker)
Date: Sat, 15 Apr 2017 10:30:02 +0200
Subject: [ooni-talk] False positives how to correct?
Message-ID: <2AD2CBB6-B8F7-42F3-9853-CD14F97FC098@sjc.nl>

Hi Talk & Operator lists,

First of all apologies for cross posting, I would assume this better firsts the operators list; however that seems such a low volume list, I thought maybe talk would be better. When the ooniprobe app was released for IOS I decided to run it, but the manual triggering made my participation somewhat low.

However despite no RPM's being available, I decided to add ooniprobe to my Tor relay as well. It was a little tricky getting it to work with the Tor running. But now I'm faced with some false positives on the reports and no clear way where to look or check for fixes as they are not actually blocked or filtered.

For the Tor check itself I get: "Evidence of possible censorship / Tor version 0.2.9.10 appears to be blocked." But when I check the Tor "tcp connect" then it's about 50% hit / miss ratio. Even the normal "Web connectivity" fails for https://mail.yahoo.com but when I'm checking manually;
> [root at tornode ~]# curl https://mail.yahoo.com
> <!doctype html public "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">

It seems just fine.

Maybe it's all due to the fact I'm not running ooniprobe as root but as an unprivileged user. This kind of brings me to the next thing. Documentation, I have found the wiki, tickets on Tor's Trac and Issues on github, but it's not clear to me where to find more documentation. The installation guide on the ooni portal doesn't mention whether one should be running as root, or actually suggests not to.

Please advice.
Thanks,
Stijn

Info about platform:
- Centos7 X86_64
- No NAT, Dualstack IPv4/IPv6
- Runs Tor as Relay version 0.2.9.10
- Ooniprobe 2.2.0 installed via pip install github.com/<..>/master.zip
- Ooniprobe (and Tor) run each as unprivileged users (other accounts)
- Host performs no other tasks/functions
- IPtables active, rule based on user: allow all outbound
- No oddities in messages,secure,audit etc.
- Not sure how to get usefull bits out of measurements.njson;
-- happy to be pointed at someplace. As maybe this has where things go wrong.



-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.torproject.org/pipermail/ooni-talk/attachments/20170415/7c39cd54/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 1495 bytes
Desc: OpenPGP digital signature
URL: <http://lists.torproject.org/pipermail/ooni-talk/attachments/20170415/7c39cd54/attachment.sig>

From andz at torproject.org  Sun Apr 23 23:23:00 2017
From: andz at torproject.org (Vasilis)
Date: Sun, 23 Apr 2017 23:23:00 +0000
Subject: [ooni-talk] [OONI-operators] False positives how to correct?
In-Reply-To: <2AD2CBB6-B8F7-42F3-9853-CD14F97FC098@sjc.nl>
References: <2AD2CBB6-B8F7-42F3-9853-CD14F97FC098@sjc.nl>
Message-ID: <dbe826f7-b3dd-8125-c6cb-b0caa7c6abeb@torproject.org>

Hi Stijn,

Stijn Jonker:
> First of all apologies for cross posting, I would assume this better firsts the operators list; however that seems such a low volume list, I thought maybe talk would be better. When the ooniprobe app was released for IOS I decided to run it, but the manual triggering made my participation somewhat low.
> 
> However despite no RPM's being available, I decided to add ooniprobe to my Tor relay as well. It was a little tricky getting it to work with the Tor running. But now I'm faced with some false positives on the reports and no clear way where to look or check for fixes as they are not actually blocked or filtered.

Just a warning: Since many websites and internet resources are using
automated IP blocklists or software that filters and bans Tor relays, it
may not be such a good idea to run ooniprobe on a Tor relay. tha could
possible explain some of the false positives that you experience with
ooniprobe.

> For the Tor check itself I get: "Evidence of possible censorship / Tor version 0.2.9.10 appears to be blocked." But when I check the Tor "tcp connect" then it's about 50% hit / miss ratio. Even the normal "Web connectivity" fails for https://mail.yahoo.com but when I'm checking manually;
>> [root at tornode ~]# curl https://mail.yahoo.com
>> <!doctype html public "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">

Can you provide any more details regarding this report?

> It seems just fine.
> 
> Maybe it's all due to the fact I'm not running ooniprobe as root but as an unprivileged user. This kind of brings me to the next thing. Documentation, I have found the wiki, tickets on Tor's Trac and Issues on github, but it's not clear to me where to find more documentation. The installation guide on the ooni portal doesn't mention whether one should be running as root, or actually suggests not to.

Do you see any warnings or error messages in your ooniprobe log file?

> Info about platform:
> - Centos7 X86_64
> - No NAT, Dualstack IPv4/IPv6
> - Runs Tor as Relay version 0.2.9.10
> - Ooniprobe 2.2.0 installed via pip install github.com/<..>/master.zip

Please note that the master git repository branch of ooniprobe may not
be production ready and could contain unexpected bugs.

> - Ooniprobe (and Tor) run each as unprivileged users (other accounts)
> - Host performs no other tasks/functions
> - IPtables active, rule based on user: allow all outbound

I hope that your IPtables rules are not interfering with what ooniprobe
tests do.

> - Not sure how to get usefull bits out of measurements.njson;
> -- happy to be pointed at someplace. As maybe this has where things go wrong.

You should start by reading the json report file (measurements.njson) by
doing something similar to this:
`python -m json.tool measurements.njson`

After finding out how an ooniprobe report file looks like you can parse
it further given that you know what you are looking for. You can find
documentation regarding the test specifications here:
https://github.com/TheTorProject/ooni-spec

Also please have a look at the developer's documentation of ooniprobe:
https://ooni.torproject.org/docs/index.html

Additionally you can also read the manual pages here:
https://github.com/TheTorProject/ooni-probe/tree/master/docs/source/manual

Hope my response has cleared up the things.

Thanks for running ooniprobe!

Cheers,
~Vasilis

-- 
Fingerprint: 8FD5 CF5F 39FC 03EB B382 7470 5FBF 70B1 D126 0162
Pubkey: https://pgp.mit.edu/pks/lookup?op=get&search=0x5FBF70B1D1260162

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 801 bytes
Desc: OpenPGP digital signature
URL: <http://lists.torproject.org/pipermail/ooni-talk/attachments/20170423/38a43d07/attachment.sig>

From maria at openobservatory.org  Mon Apr 24 14:43:24 2017
From: maria at openobservatory.org (Maria Xynou)
Date: Mon, 24 Apr 2017 16:43:24 +0200
Subject: [ooni-talk] OONI community meeting tomorrow, 25th April
Message-ID: <58FE0F0C.5000801@openobservatory.org>

Hello!

The OONI team warmly welcomes you to join us *tomorrow, 25th April 2017
at 16:00 UTC, for our monthly **community meeting**.*

We'd love to hear your thoughts and suggestions on how to improve
research on internet censorship!

Please join us on *https://slack.openobservatory.org* and add topics
that you would like to discuss as part of the meeting in this pad:
https://pad.riseup.net/p/ooni-community-meeting

If you're not able to join us tomorrow, please feel encouraged to join
us on slack any other day!

Looking forward to connecting with you soon!

All the best,

~ The OONI team.

-- 
Maria Xynou
Research and Partnerships Coordinator
Open Observatory of Network Interference (OONI)
https://ooni.torproject.org/
PGP Key Fingerprint: 2DC8 AFB6 CA11 B552 1081 FBDE 2131 B3BE 70CA 417E

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.torproject.org/pipermail/ooni-talk/attachments/20170424/caf8fd01/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 836 bytes
Desc: OpenPGP digital signature
URL: <http://lists.torproject.org/pipermail/ooni-talk/attachments/20170424/caf8fd01/attachment.sig>

From andz at torproject.org  Tue Apr 25 16:03:00 2017
From: andz at torproject.org (Vasilis)
Date: Tue, 25 Apr 2017 16:03:00 +0000
Subject: [ooni-talk] OONI at Cryptorave 2017
Message-ID: <9e06a51b-02eb-d943-ef81-aec130cae625@torproject.org>

Hello,

Together with Coding rights we are going to have a session about OONI
and also host a LATAM (Latin America) specific workshop in order to
improve the test-lists (https://github.com/citizenlab/test-lists) from
different countries at this year's Cryptorave (https://cryptorave.org/).

You are more than welcome to join us and bring your comments in real or
virtually!


The original submission (in Portuguese):

###
*Listatona OONI contra a censura na web*

*Abstract:*A Coding Rights, em parceria com o Open Observatory of
Network Interference (OONI) / Tor Project, vai promover um encontro para
expandirmos juntes a lista de sites a serem testados no Brasil e em
outros países da Latinoamérica pelas sondas do OONI, que detectam
censura, manipulação de tráfego e sinais de vigilância. Se puder, traga
seu computador com o Navegador Tor instalado!

*Description:*

O Open Observatory of Network Interference (OONI, "Observatório Aberto
de Interferência na Rede" <https://ooni.torproject.org/>) é um projeto
de software livre dentro do Tor Project que busca detectar censura na
Internet, manipulação de tráfego e sinais de vigilância ao redor do
mundo através da coleta e do processamento de medições na rede. Desde o
fim de 2012, o OONI coletou milhões de medidas de rede em mais de 90
países ao redor do mundo, jogando luz em múltiplos casos de
interferência na rede.

Graças ao projeto OONI temos dados abertos
<https://ooni.torproject.org/data/> que mostram (inclusive em uma
interface de mapa-mundi <https://explorer.ooni.torproject.org/>) quais
páginas estão bloqueadas em um determinado país. Ao escrever essa
descrição, por exemplo, a Noruega bloqueia 4 sites relacionados à
bittorrent e troca de arquivos, enquanto a China bloqueia dezenas dos
sites testados (como avaaz.org, archive.org, savetibet.org e
google.com). Com "sondas" fazendo testes diários no Brasil e uma lista
de websites abrangente, o OONI torna possível saber em menos de 24h se
algum deles vier a ser bloqueado e ter dados concretos para demonstrar o
problema e investigá-lo a fundo, além de montar um registro histórico
que pode ser usado por jornalistas e pesquisadores(as).

Uma parte importante de identificar a censura é determinar /quais/sites
testar. As sondas do OONI espalhadas pelo mundo usam listas mantida pelo
Citizen Lab, um laboratório multidisciplinar baseado na Universidade de
Toronto. As listas permitem às sondas testarem tanto sites de escopo
global (facebook.com, google.com, tumblr.com, mozilla.org...) quanto de
escopo do país onde a sonda se encontra. A lista é mantida em um
repositório git e é aberta a colaborações de quaisquer grupos e
organizações interessada em complementá-las, sendo usada não só pelo
OONI como por outros projetos de detecção e medição de censura e outros
"controles de informação".

A atividade será conduzida por Lucas Teixeira, da Coding Rights, e
Vasilis Ververis, membro do OONI e desenvolvedor do Lepidopter,
distribuição GNU/Linux que permite usar facilmente Raspberry Pis como
sondas para o OONI.

METODOLOGIA

Vasilis fará uma breve introdução ao OONI. Dividiremos então as pessoas
participantes em grupos, primeiro por país e em seguida pelas 31
categorias já definidas pelo Citizen Lab para as URLs
<https://github.com/citizenlab/test-lists/blob/master/lists/00-LEGEND-new_category_codes.csv>.
A depender do número de pessoas, cada grupo pode pegar N categorias.
Buscaremos equilíbrio de gênero dentro dos grupos.

Em seguida, cada grupo preparará seu ambiente de pesquisa em um ou mais
computadores:

- Navegador: para conduzir a pesquisa em motores de busca e abrir os
sites para inspecioná-los, o Navegador Tor deve ser usado, especialmente
para categorias mais sensíveis (como "Terrorismo e Militantes" ou
"Discurso de Ódio"). Para sites menos controversos, por motivos de
velocidade ou pelo fato de alguns websites bloquearem ou dificultarem o
acesso a usuáries do Tor, um perfil limpo em modo incognito/privado do
Mozilla Firefox, Google Chrome ou outro navegador atual também poderá
ser usado.

- Dados: um documento colaborativo hospedado em um EtherCalc (ideal) ou
em um Etherpad (software mais estável) vai reunir as categorias, já
estruturadas o mais próximo possível do formato final (planilha CSV) que
os dados devem ter para que a contribuição seja enviada.

Uma vez pronto o ambiente, os grupos passarão a pesquisar e coletar URLs
de sites em sua categoria, sempre garantindo que cada URL adicionada na
lista está exatamente como aparece em um navegador comum. Se o site se
apresenta como HTTPS, então a versão em HTTPS deve estar incluída. Se o
site inclui "www" no domínio, também deve constar, etc.

Devemos buscar a maior diversidade possível nas URLs para garantir que o
viés dos testes seja o mais limitado possível. Assim, dentro de cada
categoria devemos buscar URLs que representem o melhor possível toda a
gama de websites dentro dela, seja por questões ideológicas,
tecnológicas, socioeconômicas, de gênero, etc. Vamos buscar orientar e
lembrar os grupos de não se embrenharem muito em cada parte do espectro
de sites de uma categoria, como por exemplo encher a categoria
"Religião" de sites cristãos evangélicos em detrimento de sites
católicos, umbandistas, budistas, ateus e outros.

Dito isto, é importante garantir que sites que podem ajudar a contar
histórias e montar narrativas interessantes estejam incluídos na lista.
É mais útil, por exemplo, otimizar o processo para incluir os sites de
grupos de minorias e de dissidentes políticos do que, digamos,
pornografia ou jogos de azar. Se um desses últimos for bloqueado, não
temos histórias tão interessantes pra contar, mas se sites de minorias
forem bloqueados por exemplo há muitas organizações da imprensa e da
sociedade civil que gostariam de contar essa história. É claro que é
importante incluir sites de pornografia e de jogos de azar também --
porque eles são mais prováveis de serem bloqueados e podem nos ajudar a
detectar bloqueios em outros sites -- mas vamos priorizar outras mais
relacionadas com direitos humanos e civis.

A 20-30minutos do final da atividade, vamos consolidar todas as
contribuições dos diferentes grupos e categorias em uma única
contribuição coletiva, em nome da CryptoRave 2017, para o repositório
git <https://github.com/citizenlab/test-lists>. Também faremos um teste
local com as contribuições para podermos ver como a sonda conduz os
testes sem ter que esperar o ciclo diário de testes das sondas OONI.
###

~Vasilis
-- 
Fingerprint: 8FD5 CF5F 39FC 03EB B382 7470 5FBF 70B1 D126 0162
Pubkey: https://pgp.mit.edu/pks/lookup?op=get&search=0x5FBF70B1D1260162

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 801 bytes
Desc: OpenPGP digital signature
URL: <http://lists.torproject.org/pipermail/ooni-talk/attachments/20170425/deae3715/attachment.sig>