[tor-project] Anti-censorship team meeting notes, 2022-02-03

Hey everyone!

Here are our meeting logs:

http://meetbot.debian.net/tor-meeting/2022/tor-meeting.2022-02-03-16.00.html

And our meeting pad:

Anti-censorship work meeting pad

···

--------------------------------

Next meeting: Thursday February 3rd 16:00 UTC

Weekly meetings, every Thursday at 16:00 UTC, in #tor-meeting at OFTC (channel is logged while meetings are in progress)

== Goal of this meeting ==

Weekly checkin about the status of anti-censorship work at Tor.
Coordinate collaboration between people/teams on anti-censorship at Tor.

== Links to Useful documents ==

    Our anti-censorship roadmap:

    Roadmap: Development · Boards · Anti-censorship · GitLab

    The anti-censorship team's wiki page:

    Home · Wiki · The Tor Project / Anti-censorship / Team · GitLab

    Past meeting notes can be found at:

    The tor-project Archives

    Tickets that need reviews: from sponsors we are working on:

    All needs review tickets: Merge requests · Anti-censorship · GitLab

    Sponsor 30

    Sponsor 30 - Objective 2.1 · The Tor Project · GitLab

    Sponsor 30 - Objective 2.2 · The Tor Project · GitLab

    Sponsor 30 - Objective 2.3 · The Tor Project · GitLab

    Sponsor 30 - Objective 2.4 · The Tor Project · GitLab

    Sponsor 28

    must-do tickets: Sponsor 28: Reliable Anonymous Communication Evading Censors and Repressors (RACECAR) · The Tor Project · GitLab

    possible tickets: Issues · The Tor Project · GitLab

== Announcements ==

== Discussion ==

    snowflake bridge is now switched back from staging to production

    Add load balancing to bridge (#40095) · Issues · The Tor Project / Anti-censorship / Pluggable Transports / Snowflake · GitLab

    load balancing is effective - the bridge is now using all its CPU resources effectively, and is no longer bottlenecked on tor

    as a consequence, the bridge is providing about twice as much bandwidth as before (now 20 MB/s, from 10 MB/s)

    however, it is now at the limit of its CPU capability, and will not be able to go faster than it does now

    for the 6 days the staging server was in use, it was going even faster, up to 30 MB/s.

    there's no obvious low-hanging fruit in the snowflake-server CPU profile

    Profile snowflake-server and attempt to reduce CPU usage (#40086) · Issues · The Tor Project / Anti-censorship / Pluggable Transports / Snowflake · GitLab

    profiling extor-static-cookie could be worthwhile

== Actions ==

== Interesting links ==

== Reading group ==

    We will discuss "Weaponizing Middleboxes for TCP Reflected Amplification" on 2022-02-17

    The Internet censorship bibliography

    Questions to ask and goals to have:

    What aspects of the paper are questionable?

    Are there immediate actions we can take based on this work?

    Are there long-term actions we can take based on this work?

    Is there future work that we want to call out, in hopes that others will pick it up?

== Updates ==

Name:
    This week:
        - What you worked on this week.
    Next week:
        - What you are planning to work on next week.
    Help with:

         - Something you need help with.

anadahz: 2022-01-27

    Last weeek:

    - Increase timeout check cycles for default-bridge-felix-1 and default-bridge-felix-2 as they have been generating too many alerts: Increase number of cycles for felix bridges (!1) · Merge requests · The Tor Project / Anti-censorship / monit-configuration · GitLab

cecylia (cohosh): last updated 2022-02-03
Last week:
    - deployed new version of snowflake webextension + badge
    - fixed issue with file limits at probetest (snowflake#40096)
    - Updated documentation on schleuder mailing list admin (tpa/wiki-replica!22)
    - filed issue about mailing list public key change (tpa/team#40609)
    - reviews
    - responded to ooni questions about snowflake tests (snowflake#40097)
        - https://github.com/ooni/probe/issues/2004
    - lots of meetings
This week:
    - more reviews
    - try out recent shadow bug fixes
    - work with ooni on tor related tests
    - s28 evaluation prep
    - look at what's necessary for tapdance/conjure
    - write up more documentation
Needs help with:

dcf: 2022-02-03

    Last week:

    - profiled snowflake-server on the staging bridge Profile snowflake-server and attempt to reduce CPU usage (#40086) · Issues · The Tor Project / Anti-censorship / Pluggable Transports / Snowflake · GitLab

    - found a solution to prevent onion key rotation on the load-balanced bridge: a preexisting directory at a destination path [tor-relays] How to reduce tor CPU load on a single bridge? - #22 by dcf

    - opened an issue for an assertion failure that happens when onion key rotation is prevented Non-fatal assertion !(desc_gen_reason == NULL) when rotate_onion_key fails (#40554) · Issues · The Tor Project / Core / Tor · GitLab

    - monitored the switchover from the staging snowflake bridge to production, and debugged resulting issues Add load balancing to bridge (#40095) · Issues · The Tor Project / Anti-censorship / Pluggable Transports / Snowflake · GitLab

    - wrote scripts to graph multi-instance bandwidth and clients Add load balancing to bridge (#40095) · Issues · The Tor Project / Anti-censorship / Pluggable Transports / Snowflake · GitLab

    - discovered a couple of minor bugs in snowflake-server snowflake_server.httpHandler.ln is not initialized, leading to panic in oneshotMode (#40098) · Issues · The Tor Project / Anti-censorship / Pluggable Transports / Snowflake · GitLab `closed` field of SnowflakeListener is never initialized (#40099) · Issues · The Tor Project / Anti-censorship / Pluggable Transports / Snowflake · GitLab

    Next week:

    - update snowflake bridge installation and survival guides

    - open an issue for metrics graphs correctly showing graphs for fingerprints with multiple instances

    - start a discussion on tor-dev about alternatives for ExtORPort authentication (remove the need for extor-static-cookie)

    - start a discussion on tor-dev about supported ways to disable onion key authentication

    Help with:

agix: 2021-01-13

    Last week:

    - Busy with work on Censored Planet

    Next week:

    - Continue work on gettor-twitter

    Help with:

    -

arlolra: 2022-01-20

    Last week:

    - [added 2022-01-20 by dcf] ALPN support for pion DTLS https://github.com/pion/dtls/pull/415

    Next week:

    - Figure out where in pion/webrtc ALPN should be configured and used

    - Maybe add Chacha20Poly1305 to pion/dtls

    https://github.com/pion/dtls#planned-features

    Make Snowflake's DTLS fingerprint more similar to popular WebRTC implementations (#40014) · Issues · The Tor Project / Anti-censorship / Pluggable Transports / Snowflake · GitLab

    Help with:

    -

maxb: 2021-09-23

    Last week:

    - Worked on uTLS for broker negotiation (#40054) · Issues · The Tor Project / Anti-censorship / Pluggable Transports / Snowflake · GitLab re: utls for broker negotiation

    - Had conversation with someone about upstream utls http round tripper https://github.com/refraction-networking/utls/pull/74

    - Too busy with work :confused:

    Next week:

    - _Really_ want to get a PR for utls round tripper

meskio: 2022-02-03

    Last week:

    - test deployment for the new rdsys/bridgedb setup (rdsys#12)

    - read the rdsys token from a file (bridgedb!33)

    - fixes on country block mechanism for rdsys and bridgedb (rdsys!26)

    - review bridgedb web redesign in lektor (bridgedb!31)

    - feedback on the debian package for obfs4proxy (obfs4#33736)

    - API rethinking for circumvention settings (bridgedb#40043 TorBrowser#40781)

    Next week:

    - make easier to test bridgedb ater rdsys change (bridgedb#40034)

Shelikhoo: 2022-02-03
   Last Week:
       - [Merge Request Awaiting] Add SOCKS5 forward proxy support to snowflake(snowflake!64)
       - [Merge Request Done] Privacy preserving stats in Snowflake standalone proxy(snowflake#40079, snowflake!72)
       - [Merge Request Review Done] Configure what distributor does distribute each resource type

      - [Discussion] Implement metrics to measure snowflake churn(snowflake#34075)

      - [Discussion] Proposal: Support for Dynamic IP obfs4 bridges with unattended proxy information update(aka "Subscription")

      - [Discussion] Proposal: Push Notification Based Signaling Channel

      - [Discussion] Proposal: Centralized Probe Result Collector(anti-censorship/team#54)

      - [Discussion] HTTPT & Websocket(O1.3: Implement bridges with pluggable transport HTTPT support. (#7) · Issues · The Tor Project / Anti-censorship / Pluggable Transports / HTTPT · GitLab)

      - [Investigate] Is there a better moat/snowflake SNI than cdn.sstatic.net? (snowflake#40068)

      - [Investigate] Multi-instance Load Balanced Tor - Snowflake Deployment

      - [Investigate] China "Anti-Fraud" Webpage Redirection Censorship(censorship-analysis#40026)

      - [Investigate] uTLS for broker negotiation

   Next Week:
       - [Discussion] Implement metrics to measure snowflake churn (snowflake#34075)
       - [Discussion] Proposal: Push Notification Based Signaling Channel
       - [Merge Request] Add verbosity switch to suppress diagnostic output(snowflake#40079, snowflake!74)
       - [Discussion] Proposal: Centralized Probe Result Collector(anti-censorship/team#54)
       - [Investigate] uTLS for broker negotiation

HackerNCoder: 2021-12-16
This week:
    Last/done:
        Setup web mirror on tor.encryptionin.space
    Next:
        Get (new VPs with) new IP and setup new web mirror on new domain

hanneloresx: 2021-3-4

    Last week:

    - Submitted MR for bridgestrap issue #14

    Next week:

    - Finish bridgestrap #14

    - Find new issue to work on

    Help with:

    -

--
meskio | https://meskio.net/
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
My contact info: https://meskio.net/crypto.txt
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
Nos vamos a Croatan.