Hey everyone!
Here are our meeting logs:
http://meetbot.debian.net/tor-meeting/2022/tor-meeting.2022-01-20-15.59.html
And our meeting pad:
Anti-censorship work meeting pad
···
--------------------------------
Next meeting: Thursday January 20th 16:00 UTC
Weekly meetings, every Thursday at 16:00 UTC, in #tor-meeting at OFTC (channel is logged while meetings are in progress)
== Goal of this meeting ==
Weekly checkin about the status of anti-censorship work at Tor.
Coordinate collaboration between people/teams on anti-censorship at Tor.
== Announcements ==
== Discussion ==
resume posting weekly meeting notes?
no strong feeling either way, but cohosh will resume because our discussion notes are worth saving
Kazakhstan shutdown
shutdown ended 2022-01-11, and nothing new noticed since then
China "Anti-Fraud" Webpage Redirection Censorship China "Anti-Fraud" Webpage Redirection Censorship (#40026) · Issues · The Tor Project / Anti-censorship / censorship-analysis · GitLab
Reply from censored planet: China "Anti-Fraud" Webpage Redirection Censorship (#40026) · Issues · The Tor Project / Anti-censorship / censorship-analysis · GitLab
currently have no access to an affected vantage point
RIPE Atlas?
want to be able to test a large custom list of domains, to find out (1) which are being blocked, and (2) whether the blocklist is the same in different networks in China
snowflake bridge load balancing migration next week?
dcf can set up a server with adequate resources and the same keys
change DNS to use this staging server while we make configuration changes on the main server
change DNS back when finished
eclips.is (Greenhost) is having issues, a VPS with similar resources is $100–200 / month, not a problem if only used for staging for a week or so
whom to contact about changing snowflake.torproject.net DNS records?
snowflake.bamsoftware.com and snowflake.freehaven.net are already CNAMEs for snowflake.torproject.net, so we only need to change the one
The Tor Project / TPA / TPA team · GitLab
good idea to set a short TTL before making the change
still don't now what to do about onion key rotation, short of patching tor, or hacking LastRotatedOnionKey in the state file
Copy TLS keys in addition to Tor's keys
Reading group?
2022-02-03
== Actions ==
== Interesting links ==
https://fightcensorship.tech/ Icarus Project, an online repository for documented Internet censorship circumvention techniques and methods
Prepare, Prevent, Resist - Information Saves Lives | Internews The OPTIMA Internet Shutdowns Advocacy Workflow
== Reading group ==
We will discuss "Meteor: Cryptographically Secure Steganography for Realistic Distributions" on 2022-02-03
https://dl.acm.org/doi/10.1145/3460120.3484550
Questions to ask and goals to have:
What aspects of the paper are questionable?
Are there immediate actions we can take based on this work?
Are there long-term actions we can take based on this work?
Is there future work that we want to call out, in hopes that others will pick it up?
== Updates ==
Name:
This week:
- What you worked on this week.
Next week:
- What you are planning to work on next week.
Help with:
- Something you need help with.
cecylia (cohosh): last updated 2022-01-20
Last week:
- commented on snowflake metrics churn
- lots of reviews
- look at obfs4 vulnerability
- documented reachability probe tests for shell
- gave shell access to probe site in china
- created MR to close NAT check peer connections snowflake-webext!25
This week:
- more reviews
- finish documenting and cleaning up shadow simulation scripts
- use these snowflake + shadow scripts to do more performance testing
Needs help with:
dcf: 2022-01-20
Last week:
- tried to reproduce the snowflake webextension disabling screen lock Lockscreen, screensaver disabled while a proxy session is active (#36) · Issues · The Tor Project / Anti-censorship / Pluggable Transports / Snowflake WebExtension · GitLab
- did brief code inspection of probetest Increase of "unknown" NAT assignments by probetest since 2021-10-25 (#40071) · Issues · The Tor Project / Anti-censorship / Pluggable Transports / Snowflake · GitLab
- disabled our standalone snowflake proxies to free up more CPU Disable standalone proxies on bridge (#40094) · Issues · The Tor Project / Anti-censorship / Pluggable Transports / Snowflake · GitLab
- set up another load-balanced snowflake bridge, this time with the same identity keys Set up a Snowflake bridge staging server (#40091) · Issues · The Tor Project / Anti-censorship / Pluggable Transports / Snowflake · GitLab [tor-relays] How to reduce tor CPU load on a single bridge? - #14 by David_Fifield
- noticed and posted about upstream obfs4 vulnerability fixes [anti-censorship-team] obfs4proxy-0.0.12 (2021-12-31) fixes the Elligator2 bug [anti-censorship-team] obfs4proxy-0.0.11 (2019-06-21) fixes active probing vulnerabilities
Next week:
- do the load balanced snowflake bridge installation again, this time on a production-capable host
Help with:
agix:2021-01-13
Last week:
- Busy with work on Censored Planet
Next week:
- Continue work on gettor-twitter
Help with:
-
arlolra: 2022-01-20
Last week:
- [added 2022-01-20 by dcf] ALPN support for pion DTLS Implement rfc7301 by arlolra · Pull Request #415 · pion/dtls · GitHub
Next week:
- Figure out where in pion/webrtc ALPN should be configured and used
- Maybe add Chacha20Poly1305 to pion/dtls
GitHub - pion/dtls: DTLS 1.2 Server/Client implementation for Go
Help with:
-
maxb: 2021-09-23
Last week:
- Worked on uTLS for broker negotiation (#40054) · Issues · The Tor Project / Anti-censorship / Pluggable Transports / Snowflake · GitLab re: utls for broker negotiation
- Had conversation with someone about upstream utls http round tripper feat: sketch out utls http.RoundTripper by bassosimone · Pull Request #74 · refraction-networking/utls · GitHub
- Too busy with work
Next week:
- _Really_ want to get a PR for utls round tripper
meskio: 2022-1-20
Last week:
- metrics bridge distributor metrics for rdsys (rdsys#67)
- don't distribute private bridges in rdsys (rdsys#84)
- plan with TPA the test deployment of bridgedb (tpa/team#40581)
- add country list to circumnvetion API (rdsys#83)
- review snowlfake's event bus (snowflake!67)
- telegram bot weekly rotation of bridges
Next week:
- select the type of bridges distributed by each distributor (rdsys#63)
- test deployment for the new rdsys/bridgedb setup (rdsys#12)
Shelikhoo: 2022-01-20
Last Week:
- [Merge Request Awaiting] Add SOCKS5 forward proxy support to snowflake(snowflake!64)
- [Merge Request Awaiting] Multi-arch docker image support with Dockerfile refactor for probetest(probetest!1)
- [Merge Request Awaiting] Add callbacks in the client for key events during snowflake connections(snowflake#40076)
- [Merge Request Pending] Privacy preserving stats in Snowflake standalone proxy(snowflake#40079)
- [Discussion] Implement metrics to measure snowflake churn(snowflake#34075)
- [Discussion] Proposal: Support for Dynamic IP obfs4 bridges with unattended proxy information update(aka "Subscription")
- [Discussion] Proposal: Push Notification Based Signaling Channel
- [Investigate] Is there a better moat/snowflake SNI than cdn.sstatic.net? (snowflake#40068)
- [Investigate] Multi-instance Load Balanced Tor - Snowflake Deployment
- [Investigate] China "Anti-Fraud" Webpage Redirection Censorship(censorship-analysis#40026)
Next Week:
- [Discussion] Designing the Container Layout for rdsys
- [Discussion] Implement metrics to measure snowflake churn(snowflake#34075)
- [Discussion] Proposal: Push Notification Based Signaling Channel
- [Discussion] rdsys Deployment Environment
- [Merge Request] Add callbacks in the client for key events during snowflake connections(snowflake#40076)
- [Discussion] Proposal: Centralized Probe Result Collector
HackerNCoder: 2021-12-16
This week:
Last/done:
Setup web mirror on tor.encryptionin.space
Next:
Get (new VPs with) new IP and setup new web mirror on new domain
hanneloresx: 2021-3-4
Last week:
- Submitted MR for bridgestrap issue #14
Next week:
- Finish bridgestrap #14
- Find new issue to work on
Help with:
-
_______________________________________________
tor-project mailing list
tor-project@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-project