[tor-project] Anti-censorship team meeting notes, 2023-01-26
Shelikhoo
shelikhoo at torproject.org
Thu Jan 26 17:05:58 UTC 2023
Hey everyone!
Here are our meeting logs:
http://meetbot.debian.net/tor-meeting/2023/tor-meeting.2023-01-26-16.01.html
And our meeting pad:
Anti-censorship work meeting pad
--------------------------------
------------------------------------------------------------------------------------
THIS IS A
PUBLIC PAD
------------------------------------------------------------------------------------
Anti-censorship team meeting pad
--------------------------------
Next meeting: Thursday, February 2 16:00 UTC
Weekly meetings, every Thursday at 16:00 UTC, in #tor-meeting at OFTC
(channel is logged while meetings are in progress)
== Goal of this meeting ==
Weekly check-in about the status of anti-censorship work at Tor.
Coordinate collaboration between people/teams on anti-censorship at the
Tor Project and Tor community.
== Links to Useful documents ==
* Our anti-censorship roadmap:
* Roadmap:
https://gitlab.torproject.org/groups/tpo/anti-censorship/-/boards
* The anti-censorship team's wiki page:
*
https://gitlab.torproject.org/tpo/anti-censorship/team/-/wikis/home
* Past meeting notes can be found at:
* https://lists.torproject.org/pipermail/tor-project/
* Tickets that need reviews: from sponsors, we are working on:
* All needs review tickets:
*
https://gitlab.torproject.org/groups/tpo/anti-censorship/-/merge_requests?scope=all&utf8=%E2%9C%93&state=opened&assignee_id=None
* Sponsor 28
* must-do tickets:
https://gitlab.torproject.org/groups/tpo/-/milestones/10
* possible tickets:
https://gitlab.torproject.org/groups/tpo/-/issues?scope=all&utf8=%E2%9C%93&state=opened&label_name%5b%5d=Sponsor%2028&milestone_title=None
* Sponsor 96
* https://gitlab.torproject.org/groups/tpo/-/milestones/24
* Sponsor 139 <-- hackerncoder, irl, joydeep, meskio, emmapeel
working on it
* https://pad.riseup.net/p/sponsor139-meeting-pad
== Announcements ==
*
== Discussion ==
*
* ln5 asks: does the anti-censorship team want a paid-for host to
run STUN/TURN servers on? This is something that could be made part of a
grant/fund request.
* A server we run ourselves is, in principle, easy to block.
The intent is either (not fully sure at this point):
* Run a server that is open to the public, so that there
are collateral users besides just Snowflake users.
* Run a server just for Snowflake, and let it be blocked by
the censors that know to block it, simply to reduce load on the other
servers we use, in the places where it does not get blocked. (Like the
default obfs4 bridges, which are also easy to block, but are not in many
places.)
* Not a lot of excitement for either idea, since connecting to
a distinguished STUN/TURN server is a protocol identification risk.
* Suggestion is to run a public STUN/TURN server, but only for
Snowflake, and only for proxies (not clients), so that it does not
become an identifier for clients.
* Proxies-only would work for STUN, but if it were TURN,
the connection would still be identifiable by censors (because both the
proxy and client would relay through the same TURN IP address).
* Will ask ln5 and cohosh for more context.
* snowflake fallback from domain fronting to amp cache,
how/whether/when/etc to implement
(https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snowflake/-/issues/40250)
* arma is going to check how hard would be to change c-tor to
only connect to two bridges instead of all of them at once. So maybe we
can duplicate bridges with domain fronting and amp cache
* we need to check the consecuences of using amp cache, and if
we are ok having half of our users using it
* use ampcache for snowflake in IR?
*
https://gitlab.torproject.org/tpo/anti-censorship/team/-/issues/115
*
https://gitlab.torproject.org/tpo/anti-censorship/rdsys-admin/-/merge_requests/13
* our domain front for both snowflake and circumvention
settings is blocked in Iran
* that will mean configuring amp cache in Circumvention
Settings, the people that will get this configuration will still be able
to use domain fronting to access snowflake, but they will keep
== Actions ==
* We should make a ticket for pion to cache its stun answers when
possible, because right now it surprises us by asking way more stun
questions than it actually needs to.
* We might want to be able to spin up our own stun servers, on our
own ip/port, for debugging. We should talk to TPA about that goal at
some point (not urgent).
* Roger will look more at
https://gitlab.torproject.org/tpo/core/tor/-/issues/40578 ("only contact
the first few working bridges on your bridge list" and plan to have a
sense of whether it will be an easy hack or a hard one, for next week.
== Interesting links ==
== Reading group ==
* We will discuss "" on
*
* Questions to ask and goals to have:
* What aspects of the paper are questionable?
* Are there immediate actions we can take based on this work?
* Are there long-term actions we can take based on this work?
* Is there future work that we want to call out in hopes
that others will pick it up?
== Updates ==
Name:
This week:
- What you worked on this week.
Next week:
- What you are planning to work on next week.
Help with:
- Something you need help with.
cecylia (cohosh): last updated 2023-01-26
Last week:
- FOCI workshop prep
- some progress on rust library for rdsys backend
- https://gitlab.torproject.org/cohosh/rdsys-backend-api
This week:
- wrap up conjure documentation and write an announcement asking
for testers
- finish rust library for rdsys backend
- continue working on lox client integration in Tor Browser
- take a look at the dead on arrival rotating bridge problem
-
https://gitlab.torproject.org/tpo/anti-censorship/connectivity-measurement/logcollector-admin/-/issues/8
Needs help with:
dcf: 2023-01-19
Last week:
- made merge request to bring sample snowflake client torrc up
to date
https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snowflake/-/merge_requests/132
- more review on abbreviating ice specifications
https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snowflake/-/merge_requests/127
- promoted the patch to remove Hello Verify Request and asked
for testing
https://ntc.party/t/second-snowflake-bridge-available-for-testing/3445/11
https://ntc.party/t/in-case-snowflake-rendezvous-gets-blocked/1857/25
- hacking on snowflake-graphs to do per-country graphs
Next week:
- migrate goptlib to gitlab
https://gitlab.torproject.org/tpo/anti-censorship/team/-/issues/86#note_2823122
- try Conjure PT development version
https://forum.torproject.net/t/tor-dev-introducing-a-conjure-pt-for-tor/4429
Help with:
meskio: 2023-01-26
Last week:
- give support to bridgesanner (rdsys#143)
- review gettor whatsapp implementation (rdsys!66)
- investigate the situation of meek in uzbekistan
(censorship-analysis#40031)
- write S96 report
- prepare a Circumvention Settings configuration with ampcache
for IR (rdsys-admin!13)
- explore snowflake proxy docker options to avoid using the host
network (docker-snowflake-proxy#11)
Next week:
- implement bridgescanner needs (rdsys#143)
Shelikhoo: 2023-01-26
Last Week:
- [Merge Request Awaiting] Add SOCKS5 forward proxy support to
snowflake (snowflake!64)
- [Discussion & Deployment] Rollout of Distributed Snowflake
Support
- [Coding & Deployment] Proposal: Centralized Probe Result
Collector (anti-censorship/team#54)
- [Research] HTTPT Planning
https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/httpt/-/issues/1
- reply a lot of tickets
- [Merge Request] Automated Container Image Building in
Continuous integration
(https://gitlab.torproject.org/tpo/anti-censorship/connectivity-measurement/probeobserver/-/merge_requests/2)
Next Week:
- [Research] WebTunnel planning (Continue)
- push the chunked upload raw data upload change to vantage points
- research snowflake's performance issue in China
Itchy Onion: 2023-1-26
Last week:
- Investigate whether stun over TLS is beneficial to us
(issues#40240)
- Looking at options for standalone proxy runners to specify an
interface (issue#40108)
This week:
- Lunar New Year break
- Continue working on issue #40108 (standalone proxy bind
specific IP)
- Review MRs
hackerncoder: 2023-01-12
last week:
- figure out what makes ooni-exporter put all reports from a
country in either success or failure (I still don't know why. But I got
it to work)
Next week:
- getting ooni-exporter to work with torsf (snowflake)
- work on monitoring bridges health
cece: 2022-12-22
This week:
- working on creating a dummy WhatsApp bot
Next week:
- My bot is not yet working as expected s still trying to
figure that out
Help with:
- resources
-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_signature
Type: application/pgp-signature
Size: 833 bytes
Desc: OpenPGP digital signature
URL: <http://lists.torproject.org/pipermail/tor-project/attachments/20230126/e43d1776/attachment.sig>
More information about the tor-project
mailing list