[tor-reports] OONI team status update for September 2016

Wed Oct 12 15:20:22 UTC 2016

Hello Tor people!

This is what OONI was up in September 2016.

# OONI Monthly Report: September 2016

The OONI team made steady progress in September 2016. Some highlights include
the creation of IM tests, the establishment of partnerships covering 6
additional countries and the release candidate for ooniprobe 2.0, which enables
users to run ooniprobe from a web user interface.

## Instant messaging (IM) tests

We are excited to have created two new tests which enable users to examine the
reachability of WhatsApp and Facebook Messenger. The specifications of each
test can be found through the following links:

1. WhatsApp test: https://github.com/TheTorProject/ooni-probe/pull/610

2. Facebook Messenger test: https://github.com/TheTorProject/ooni-probe/pull/610

## ooniprobe 2.0 release candidate

The release candidate of ooniprobe 2.0 is out! The latest version of our
software includes a web user interface (UI) that enables (Mac & Linux) users to
run tests with the click of a button, view the results of their measurements,
and learn how to circumvent the detected types of censorship.

Upon first installation, users are presented with a set-up wizard that includes
information about potential risks associated with the use of ooniprobe. We
acquire users' consent by requiring them to answer certain quiz questions
correctly (once they've read the relevant "Risks" documentation in the wizard)
as a prerequisite to using our software. Once users have read about risks and
answered the quiz correctly, they are then presented with configuration options
that enable them to make choices in terms of which data to share, how to upload
their measurements (via Tor hidden services, cloud-fronting, or HTTPS
collectors), and whether to have their measurements published or not.

The release candidate is currently being tested by our users and can be viewed
here: https://github.com/TheTorProject/ooni-probe/releases/tag/v2.0.0-rc.3

We expect to make a stable release in October, at which point we will announce
it through the publication of a relevant blog.

## New partnerships

We have established partnerships with local non-profit organizations covering the following 6 additional countries:

1. Uganda

2. Pakistan

3. Chad

4. Gabon

5. Chile

6. South Korea

To establish these partnerships, we signed MoUs (Memorandum of Understanding)
with local non-profit organizations that work in these countries. For security
reasons, we will not disclose the names of these specific organizations in this
document.

We distributed Raspberry Pis containing ooniprobe's distribution ("Lepidopter")
and we have already started collecting daily measurements from some of these
countries.

## Test lists

In light of our new partnerships, we updated and created new test lists
including URLs that are relevant to each partner country. These test lists
include the following:

1. Uganda: https://github.com/citizenlab/test-lists/blob/master/lists/ug.csv

2. Pakistan: https://github.com/citizenlab/test-lists/blob/master/lists/pk.csv

3. Chad: https://github.com/citizenlab/test-lists/blob/master/lists/td.csv

4. Gabon: https://github.com/citizenlab/test-lists/pull/86

5. Chile: https://github.com/citizenlab/test-lists/blob/master/lists/cl.csv

6. South Korea: https://github.com/citizenlab/test-lists/blob/master/lists/kr.csv

7. Bangladesh: https://github.com/citizenlab/test-lists/blob/master/lists/bd.csv

We will continue to update test lists on an ongoing basis, in collaboration with our new partners.

## Research

Throughout September we did research on network interferences in Zambia, Egypt,
and Ethiopia. In collaboration with one of our partners, we wrote a report
examining internet censorship during Zambia's 2016 elections. This report,
along with shorter reports covering our research in Egypt and Ethiopia, will be
published in October.

## Specification of the OONI data processing pipeline

We outlined some of the challenges we face with the current implementation of
the OONI data processing pipeline and outlined some technical solutions for the
next iteration of it:
https://github.com/TheTorProject/ooni-pipeline/blob/master/docs/pipeline-16.10.md.

We also wrote a document outlining the architecture of the current data
pipeline:
https://github.com/TheTorProject/ooni-pipeline/blob/master/docs/architecture.md.

## Events

### OONI Southeast Asia workshop

Our Malaysian partner (Sinar Project) facilitated a day-long OONI workshop (on
17th September) for organizations from Thailand, Myanmar, Cambodia, Indonesia,
and Singapore. We supported this workshop through the provision of Raspberry
Pis, which were set-up with ooniprobe's distribution ("Lepidopter") during the
workshop. As a result of this workshop, we expect to expand our partnerships
and start receiving daily measurements from the aforementioned Southeast Asian
countries.

### TorDev meeting 2016

The OONI team attended the TorDev meeting in Seattle during the last week of
September. As part of this meeting, we facilitated two sessions:

1. Examining the blocking of third-party apps

2. How to engage ooniprobe users in the most ethical way possible (i.e. how to
improve OONI's "informed consent" documentation and procedures) & how to
develop a methodology for risk assessment

The first session included a discussion about different methodologies when
testing the blocking of third-party, closed-source apps (such as WhatsApp). The
discussion concluded that testing such apps via the VPN mode of other existing
apps (such as Orbot) could be the most desirable approach.

The second session included a discussion around OONI's current methodologies
and documentation in regards to informing users about potential risks
associated to the use of ooniprobe, and in regards to acquiring user consent.
As part of this session, we received a lot of feedback on how to improve our
current documentation and approaches and going forward, we will adopt many of
them.

~ The OONI team

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 236 bytes
Desc: Message signed with OpenPGP using GPGMail
URL: <http://lists.torproject.org/pipermail/tor-reports/attachments/20161012/508ba62c/attachment.sig>