[tor-project] Anti-censorship team monthly report: November 2020

[Philipp Winter]

Hi everyone,

Here's our monthly progress in anti-censorship:

Snowflake
---------

* Worked on getting Snowflake working for Onion Browser for iOS.
  https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snowflake/-/issues/40018
  https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snowflake/-/issues/40021
  https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snowflake/-/issues/40023

* Set up and debugged a remote probe test to determine NAT compatibility
  of Snowflakes.
  https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snowflake/-/issues/40013

* Modified the NAT type classifications of Snowflake clients to
  distribute proxies more evenly.
  https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snowflake/-/issues/40022

* Created a patch that orders Snowflake's "snowflake-ips" metrics line
  by the number of requests.
  https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snowflake/-/issues/40011

Rdsys
-----

* Created a page that shows a bridge's test result.  This allows
  operators to check if their pluggable transports work correctly.  You
  can query your bridge status by visiting:
  https://bridges.torproject.org/status?id=FINGERPRINT
  Note that the status page currently only tells you the status of your
  bridge's obfs2, obfs3, obfs4, and scramblesuit.
  https://gitlab.torproject.org/tpo/anti-censorship/rdsys/-/issues/10
  Also, the service is still experimental and occasionally offline.

* Made it possible to look up a bridge's status by providing its hashed
  fingerprint.
  https://gitlab.torproject.org/tpo/anti-censorship/rdsys/-/issues/28

* Finished documentation on rdsys's design and architecture.  You can
  take a look at it here:
  https://gitlab.torproject.org/tpo/anti-censorship/rdsys/-/blob/master/doc/architecture.md
  https://gitlab.torproject.org/tpo/anti-censorship/rdsys/-/issues/16

* Researched libraries to do i18n for rdsys.  The library go-i18n seems
  to check all of our boxes.
  https://gitlab.torproject.org/tpo/anti-censorship/rdsys/-/issues/11

* Filed an issue to get a Transifex resource to do i18n for rdsys.
  https://gitlab.torproject.org/tpo/community/l10n/-/issues/40009

* Made rdsys pool bridgestrap requests to make the interaction between
  both services more efficient.
  https://gitlab.torproject.org/tpo/anti-censorship/rdsys/-/issues/24

* Made rdsys's supported resources configurable.  This is important
  because some bridge operators set up adventurous things like their own
  meek, and we don't want to distribute those.
  https://gitlab.torproject.org/tpo/anti-censorship/rdsys/-/issues/29

Salmon
------

* Spent some time on our privacy-preserving Salmon modifications but
  haven't yet managed to come up with a clean implementation.  More work
  is needed.
  https://gitlab.torproject.org/tpo/anti-censorship/rdsys/-/issues/21

Bridgestrap
-----------

* Made bridgestrap export metrics that are now scraped by our Prometheus
  instance.  The raw metrics are publicly accessible at:
  https://bridges.torproject.org/bridgestrap-metrics
  https://gitlab.torproject.org/tpo/anti-censorship/bridgestrap/-/issues/4

* Deployed bridgestrap on polyanthum, the host on which BridgeDB and
  rdsys run.
  https://gitlab.torproject.org/tpo/anti-censorship/bridgestrap/-/issues/5

* Finally merged our SETCONF-based rework of how bridgestrap does its
  testing.
  https://gitlab.torproject.org/tpo/anti-censorship/bridgestrap/-/issues/3

* Added a field to bridgestrap's test result that informs the requester
  when a bridge was last tested.
  https://gitlab.torproject.org/tpo/anti-censorship/bridgestrap/-/issues/6

* Spent some time debugging why the number of functional bridges
  decreases as we test more bridges in parallel.  More work is needed.
  https://gitlab.torproject.org/tpo/anti-censorship/bridgestrap/-/issues/7

* Made bridgestrap's cache timeout configurable.
  https://gitlab.torproject.org/tpo/anti-censorship/bridgestrap/-/issues/8

Other
-----

* Cecylia presented the anti-censorship team's yearly progress as part
  of our State Of The Onion presentation:
  https://www.youtube.com/watch?v=IyWyTypRGWQ

* Added a new obfs4 default bridge.  Thanks to Louis-Philippe Véronneau
  for operating the bridge!
  https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/40212

* Brainstormed ways to stream bridge updates from Serge (our bridge
  authority) to polyanthum (the host where rdsys and bridgestrap are running).
  https://gitlab.torproject.org/tpo/anti-censorship/bridgestrap/-/issues/9

* Updated monit configuration to make it monitor Snowflake's probetest
  service and bridgestrap.

* Worked with Gus to ask a few folks to run emma in countries that we
  believe block some aspects of Tor.

* Philipp is going to review submissions for the DNSPRIVACY 2021
  workshop.
  https://dnspriv21.hotcrp.com

* Sponsor 28 scrimmage and PI meeting.