[tor-project] Anti-censorship team meeting notes, 2022-02-24

obfs4proxy is on its way to Debian testing, as soon as it hits testing we should ask acute to upload it to backports, to make it easier for server operators to upgrade

the package is expected to reach testing in <10 days

an upgrade of all obfs4 bridges will likely take time

start with the limited goal of upgrading all Tor Browser default bridges? Default Bridges · Wiki · The Tor Project / Anti-censorship / Team · GitLab

bridges currently don't report the version of the PTs they run, it would help track the progress of upgrading if they did report

Bridges should report implementation versions of their pluggable transports (#11101) · Issues · The Tor Project / Core / Tor · GitLab

Past discussion on using the PT STATUS message for version reporting:

[tor-project] Anti-censorship meeting notes, 2021 September 30

#tor-meeting log

uTLS in Snowflake Client Broker Communication

we have some concerns on the uTLS fingerprints being old and "easier" to censor

psiphon devs see uTLS working right for them

is a client side change, we can update it quickly

we don't enable uTLS by default, but make it an option from the SOCKS interface, so we can enable it by changing the bridge line from the circumvention settings

== Actions ==

== Interesting links ==

Pluggable Transports Implementer's Meeting 2021 : Free Download, Borrow, and Streaming : Internet Archive Pluggable Transports Implementers Meeting 2021 videos

== Reading group ==

We will discuss "Throttling Twitter: an emerging censorship technique in Russia" on 10 March

https://dl.acm.org/doi/pdf/10.1145/3487552.3487858

The Internet censorship bibliography

Questions to ask and goals to have:

What aspects of the paper are questionable?

Are there immediate actions we can take based on this work?

Are there long-term actions we can take based on this work?

Is there future work that we want to call out, in hopes that others will pick it up?

== Updates ==

Name:
    This week:
        - What you worked on this week.
    Next week:
        - What you are planning to work on next week.
    Help with:

- Something you need help with.

anadahz: 2022-01-27

Last week:

- Increase timeout check cycles for default-bridge-felix-1 and default-bridge-felix-2 as they have been generating too many alerts: Increase number of cycles for felix bridges (!1) · Merge requests · The Tor Project / Anti-censorship / monit-configuration · GitLab

cecylia (cohosh): last updated 2022-02-17
Last week:
    - tried out snowflake experiments in shadow's preload mode
        - golang managed processes abort in preload mode · Issue #1549 · shadow/shadow · GitHub
    - deployed snowflake server fixes
    - reached out to default bridge operators
    - finished s28 prep and documentation
    - wrote some follow up code for Snowflake event channel
        - Add connection failure events for proxy timeouts (!77) · Merge requests · The Tor Project / Anti-censorship / Pluggable Transports / Snowflake · GitLab
This week:
    - mostly afk
Needs help with:

dcf: 2022-02-24

Last week:

- further helped debug obfs4proxy-0.0.12 connection failures Proxy Client: unable to connect OR connection | warings when starting with bridges (#40804) · Issues · The Tor Project / Applications / Tor Browser · GitLab

- investigated a snowflake bridge outage and restarted the server

Next week:

- post summary of 2022-02-18 snowflake bridge outage

Help with:

agix: 2021-02-10

Last week:

- Continued work on gettor-twitter

Next week:

- Hopefully finish the task

Help with:

-

arlolra: 2022-01-20

Last week:

- [added 2022-01-20 by dcf] ALPN support for pion DTLS Implement rfc7301 by arlolra · Pull Request #415 · pion/dtls · GitHub

Next week:

- Figure out where in pion/webrtc ALPN should be configured and used

- Maybe add Chacha20Poly1305 to pion/dtls

GitHub - pion/dtls: DTLS 1.2 Server/Client implementation for Go

Make Snowflake's DTLS fingerprint more similar to popular WebRTC implementations (#40014) · Issues · The Tor Project / Anti-censorship / Pluggable Transports / Snowflake · GitLab

Help with:

-

maxb: 2021-09-23

Last week:

- Worked on uTLS for broker negotiation (#40054) · Issues · The Tor Project / Anti-censorship / Pluggable Transports / Snowflake · GitLab re: utls for broker negotiation

- Had conversation with someone about upstream utls http round tripper feat: sketch out utls http.RoundTripper by bassosimone · Pull Request #74 · refraction-networking/utls · GitHub

- Too busy with work

Next week:

- _Really_ want to get a PR for utls round tripper

meskio: 2022-02-24

Last week:

- validate opendkim headers in bridgedb (bridgedb!36)

- review concurrency problems in rdsys (rdsys#90)

- fix rdsys bridge status site, it was not reporting if they are working for non-vanilla bridges (rdsys#88)

- handle bridgedb reconnections (bridgedb!34)

- make easier to develop bridgedb with a fake rdsys (bridgedb#40034)

- coordinate the deployment of rdsys + bridgedb

Next week:

- deploy rdsys + bridgedb in production (rdsys#12)

- use rdsys bridges in circumvention settings (bridgedb#40045)

Shelikhoo: 2022-02-24
   Last Week:
       - [Merge Request Awaiting] Add SOCKS5 forward proxy support to snowflake (snowflake!64)
       - [Merge Request Done] Add verbosity switch to suppress diagnostic output (snowflake#40079, snowflake!74)
       - [Merge Request] uTLS for broker negotiation

- [Discussion] Implement metrics to measure snowflake churn (snowflake#34075)

- [Discussion] Proposal: Support for Dynamic IP obfs4 bridges with unattended proxy information update (aka "Subscription")

- [Discussion] Proposal: Push Notification Based Signaling Channel

- [Discussion] Proposal: Centralized Probe Result Collector (anti-censorship/team#54)

- [Discussion] HTTPT & Websocket (O1.3: Implement bridges with pluggable transport HTTPT support. (#7) · Issues · The Tor Project / Anti-censorship / Pluggable Transports / HTTPT · GitLab)

- [Investigate] Is there a better moat/snowflake SNI than cdn.sstatic.net? (snowflake#40068)

- [Investigate] Multi-instance Load Balanced Tor - Snowflake Deployment

- [Investigate] China "Anti-Fraud" Webpage Redirection Censorship (censorship-analysis#40026)

- [Investigate] S96 Bridge Performance

   Next Week:
       - [Discussion] Implement metrics to measure snowflake churn (snowflake#34075)
       - [Discussion] Proposal: Push Notification Based Signaling Channel
       - [Coding] Proposal: Centralized Probe Result Collector (anti-censorship/team#54)

HackerNCoder: 2021-12-16
This week:
    Last/done:
        Setup web mirror on tor.encryptionin.space
    Next:
        Get (new VPs with) new IP and setup new web mirror on new domain

hanneloresx: 2021-3-4

Last week:

- Submitted MR for bridgestrap issue #14

Next week:

- Finish bridgestrap #14

- Find new issue to work on

Help with:

-

--
meskio | https://meskio.net/
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
My contact info: https://meskio.net/crypto.txt
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
Nos vamos a Croatan.