Hey everyone!
Here are our meeting logs:
#tor-meeting: tor anti-censorship meeting <#tor-meeting: tor anti-censorship meeting>
And our meeting pad:
Anti-censorship work meeting pad
···
--------------------------------
Next meeting: Thursday June 23rd 16:00 UTC
Weekly meetings, every Thursday at 16:00 UTC, in #tor-meeting at OFTC
(channel is logged while meetings are in progress)
== Goal of this meeting ==
Weekly check-in about the status of anti-censorship work at Tor.
Coordinate collaboration between people/teams on anti-censorship at Tor.
== Links to Useful documents ==
\* Our anti\-censorship roadmap:
\* Roadmap: https://gitlab.torproject.org/groups/tpo/anti-censorship/-/boards
\* The anti\-censorship team's wiki page:
\* https://gitlab.torproject.org/tpo/anti-censorship/team/-/wikis/home
\* Past meeting notes can be found at:
\* https://lists.torproject.org/pipermail/tor-project/
\* Tickets that need reviews: from sponsors we are working on:
\* All needs review tickets: https://gitlab.torproject.org/groups/tpo/anti-censorship/-/merge_requests?scope=all&utf8=%E2%9C%93&state=opened&assignee_id=None
\* Sponsor 28
\* must\-do tickets: https://gitlab.torproject.org/groups/tpo/-/milestones/10
\* possible tickets: https://gitlab.torproject.org/groups/tpo/-/issues?scope=all&utf8=%E2%9C%93&state=opened&label_name%5b%5d=Sponsor%2028&milestone_title=None
\* Sponsor 96
\* https://gitlab.torproject.org/groups/tpo/-/milestones/24
== Announcements ==
\* Distributed Snowflake, IP Change Rate Measurement is ready for merge src Shell
\* Shell will handle the merge
\* Will wait for a day when others are online to do the deployment
\* Will deploy both new features at once
== Discussion ==
\* What is the status of adjusting snowflake \(pion\) DTLS signature to avoid blocking in Russia? \(Based on offset of supported\_groups extension\.\)
\* https://gitlab.torproject.org/tpo/anti-censorship/censorship-analysis/-/issues/40030#note_2804998
\* https://github.com/pion/dtls/pull/474
\* https://ntc.party/t/webrtc/2174/21
\* https://gitlab.torproject.org/tpo/community/support/-/issues/40050 \(generally\)
\* UDP packets matching the pattern \`^\\x16\\xfe\[\\xfd\\xff\]\.\{X\}\\x00\\x1d\\x00\\x17\\x00\\x18\` are getting blocked, where X is a small number of enumerated byte offsets, and \\x00\\x1d\\x00\\x17\\x00\\x18 is the supported\_groups extension\. One of the offsets happens to match where pion/dtls places the extension in its Client Hello\.
\* Concise description of the current situation: snowflake connections are blocked when either peer in the connection is Pion\-based \(e\.g\. snowflake\-client or proxy\-go\) and takes the role of the DTLS client\.
\* Put another way, the connection is ok if: the proxy is a browser proxy \(not proxy\-go\) and snowflake\-client operates as a DTLS server, not client
\* Pull request 474 has the risk of creating a new, even more distinctive fingerprint
\* So does altering the offset of supported\_groups without changing other aspects of the fingerprint
\* One idea is to make a patch or fork of pion/dtls with either pull request 474 or some other change that alters the offset, then ask people to test it
\* https://gitweb.torproject.org/builders/tor-browser-build.git/commit/?id=7ffd69a21b8a408a2be9cfdbe7401e1a7f974310 is a past temporary fork for a fingerprinting fix
\* https://archive.org/details/snowflake-ru_snowflake_fix-20211208-ae7cc478fd34 is the resulting bundle that we asked people to test
\* Shell will create a ticket for releasing a version of Snowflake/TorBrowser with patch applied
== Actions ==
== Interesting links ==
== Reading group ==
\* We will discuss "Even Censors Have a Backup: Examining China's Double HTTPS Censorship Middleboxes" on June 23
\* https://dl.acm.org/doi/10.1145/3473604.3474559
\* Questions to ask and goals to have:
\* What aspects of the paper are questionable?
\* Are there immediate actions we can take based on this work?
\* Are there long\-term actions we can take based on this work?
\* Is there future work that we want to call out in hopes that others will pick it up?
== Updates ==
Name:
This week:
- What you worked on this week.
Next week:
- What you are planning to work on next week.
Help with:
- Something you need help with.
cecylia (cohosh): last updated 2022-06-16 (will miss meeting)
Last week:
- conjure station-side changes
- updated conjure test environment using cloud-init vms
This week:
- continued work on conjure PT
- continue snowflake maintenance tasks
Needs help with:
dcf: 2022-06-16
Last week:
- snowflake CDN bookkeeping Snowflake costs · Wiki · The Tor Project / Anti-censorship / Team · GitLab
- commented on dnstt pluggable transport client Add support for dnstt (#40001) · Issues · The Tor Project / Anti-censorship / Pluggable Transports / pluggable transports · GitLab
- commented on restarts for snowflake probetest Move snowflake-broker to a systemd based setup (#40147) · Issues · The Tor Project / Anti-censorship / Pluggable Transports / Snowflake · GitLab
Next week:
- look at STATUS VERSION proposal Add STATUS VERSION message for PT protcol (!63) · Merge requests · The Tor Project / Core / Tor Specifications · GitLab
Help with:
meskio: 2022-06-02
Last week:
- use systemd to run bridgedb (team#72)
- update debian package for snowflake (snowflake#40143)
- don't use entropy in snowflake tests (snowflake!96)
- contact cymru about their builtin bridges, as they have an old version of obfs4proxy
Next week:
- start working on gettor (rdsys#105)
Shelikhoo: 2022-06-16
Last Week:
- [Merge Request] Add Distributed Snowflake Server Support (snowflake!87)
- [Merge Request] Distributed Snowflake Bridges (Javascript ver.) (snowflake-webext!29)
- [Merge Request] Implement metrics to measure snowflake churn (Implement metrics to measure snowflake churn (#34075) · Issues · The Tor Project / Anti-censorship / Pluggable Transports / Snowflake · GitLab) (snowflake!95)
- [Merge Request Awaiting] Add SOCKS5 forward proxy support to snowflake (snowflake!64)
- [Discussion & Deployment] Migrating Controlling git repo to Tor Gitlab Instance (shelikhoo/LogCollectorAncillary#5) <- awaiting/blocked
- [Research & Discussion] Discussion about the possibility of adding PT support to V2Ray to serve the role of HTTPT (Discussion about the possibility of adding PT support to V2Ray to serve the role of HTTPT (#82) · Issues · The Tor Project / Anti-censorship / Team · GitLab)
- [Investigate] China "Anti-Fraud" Webpage Redirection Censorship (censorship-analysis#40026): update the research based on updated ooni result
Next Week:
- [Deployment] Snowflake Broker
- [Coding & Deployment] Proposal: Centralized Probe Result Collector (anti-censorship/team#54)
- [Research & Coding] WebSocket + CDN Based Probe Control Connection Forwarder (shelikhoo/LogCollectorAncillary#3)
- [Investigate] China "Anti-Fraud" Webpage Redirection Censorship (censorship-analysis#40026): update the research based on updated ooni result
Itchy Onion: 2022-06-16
Last week:
- ongoing debugging s28 issues 81 (snowflake crashes in stree-testing)
- taking over part of testing snowflake
This week:
- ongoing debugging s28 issues 81, fixing a leaking file descriptor issue
- taking over part of testing snowflake