[tor-project] Anti-censorship team monthly report: May 2019

Philipp Winter phw at torproject.org
Mon Jun 3 18:24:39 UTC 2019


* We submitted our "gather BridgeDB usage statistics" proposal to the
  Tor research safety board.  You can find the proposal it here:
  We are still waiting to hear back from the board.

* We filed <https://bugs.torproject.org/30441> to understand why
  BridgeDB is handing out so many offline bridges.  It looks like this
  problem is a combination of several smaller problems.  We wrote a tool
  that scans the obfs4 port of all bridges that our bridge authority
  knows about, and started contacting the operators of bridges whose
  obfs4 port was unreachable.  Have a look at the ticket for details.


* We deployed the refactored GetTor codebase:

Pluggable transports

* We built a service that allows bridge operators to scan the obfs4 port
  of their bridge.  The service is now deployed and available at
  <https://bridges.torproject.org/scan/>.  Give it a try and tell us
  what we can do better!
  - The ticket is available here: <https://bugs.torproject.org/30472>
  - The code is available here: <https://github.com/NullHypothesis/obfs4PortScan>
  - This effort is part of improving the UX of setting up an obfs4
    bridge: <https://trac.torproject.org/projects/tor/ticket/30471>.

* We revised our obfs4 setup instructions:
  - This effort is part of improving the UX of setting up an obfs4
    bridge: <https://trac.torproject.org/projects/tor/ticket/30471>.

* We assessed the HTTPS Proxy pluggable transport; i.e., understood its
  advantages, disadvantages, and what it would take to deploy it.  Our
  assessment is available at

Censorship analysis

* We are in touch with a research group that is studying the GFW's
  active probing system.  We noticed that the GFW does not probe recent
  Tor versions.  One explanation is that the cipher list in Tor's TLS
  client hello (this is what the GFW uses to identify Tor) changed.
  - See <https://bugs.torproject.org/30500> for the ticket.

* We recently saw a drastic increase of Tor users from Iran.  We don't
  yet understand the reason for this.
  - See <https://bugs.torproject.org/projects/30636> for details.


* We made progress with snowflake's WebExtension.
  - See <https://bugs.torproject.org/23888> for details.

* We started working on detailed measurements of the snowflake blocking
  in China.  We saw Google's STUN servers starting to be blocked in
  China, as well as blocking stop for individual proxies.
  - See <https://bugs.torproject.org/30368> for the ticket.

* Fixed several bugs in the client and snowflake proxy-go instances.

* Starting locally collecting geo-IP metrics on snowflake proxies.

* Fought a broker outage and implemented a fall-back mechanism for
  using snowflake certificates
  - See <https://bugs.torproject.org/30512> and


* We finished a technical report as deliverable for Sponsor 19.  The
  report provides a comprehensive overview of the state of Tor's
  anti-censorship efforts and we will soon publish it in a blog post.

* We attended the kick-off meeting for Sponsor 28.  As part of this
  project we will keep improving snowflake, improve and evaluate the
  obfs4 protocol, and extend our pluggable transport specification.
  - See the following page for Sponsor 28-related work:

More information about the tor-project mailing list