[tor-project] Anti-censorship team meeting notes, 2022-08-11

Hey everyone!

Here are our meeting logs:
http://meetbot.debian.net/tor-meeting/2022/tor-meeting.2022-08-11-15.58.html

And our meeting pad:

Anti-censorship work meeting pad

···

--------------------------------

Next meeting: Thursday Aug 18 16:00 UTC

Weekly meetings, every Thursday at 16:00 UTC, in #tor-meeting at OFTC
(channel is logged while meetings are in progress)

== Goal of this meeting ==

Weekly check-in about the status of anti-censorship work at Tor.
Coordinate collaboration between people/teams on anti-censorship at Tor.

== Links to Useful documents ==

  * Our anti-censorship roadmap:
    * Roadmap: Development · Boards · Anti-censorship · GitLab
  * The anti-censorship team's wiki page:
    * Home · Wiki · The Tor Project / Anti-censorship / Team · GitLab
  * Past meeting notes can be found at:
    * The tor-project Archives
  * Tickets that need reviews: from sponsors we are working on:
    * All needs review tickets:
      * Merge requests · Anti-censorship · GitLab
    * Sponsor 28
      * must-do tickets: Sponsor 28: Reliable Anonymous Communication Evading Censors and Repressors (RACECAR) · The Tor Project · GitLab
      * possible tickets: Issues · The Tor Project · GitLab
    * Sponsor 96
      * Sponsor 96: Rapid Expansion of Access to the Uncensored Internet through Tor in China, Hong Kong, & Tibet · The Tor Project · GitLab

== Announcements ==

  *

== Discussion ==

  * What is the status of adjusting snowflake (pion) DTLS signature to avoid blocking in Russia? (Based on offset of supported_groups extension.)
    * IRC Tip about Signature used to block Snowflake in Russia, 2022-May-16 (#40030) · Issues · The Tor Project / Anti-censorship / censorship-analysis · GitLab
    * Shuffle Elliptic Curves in ClientHello to circumvent Russian censorship by ValdikSS · Pull Request #474 · pion/dtls · GitHub
    * Проблемы в работе ПО использующего WebRTC - #21 by tango - Russia - NTC
    * [Russia] Some ISPs are blocking Tor (#40050) · Issues · The Tor Project / Community / Support · GitLab (generally)
    * shell have produced a TB tgz with a modified snowflake to test
      * https://people.torproject.org/~shelikhoo/dqo8apcai4/tor-browser/tor-browser-11.5a13-linux-x86_64-176893/tor-browser-linux64-11.5a13_en-US.tar.xz
    * shell will post it on ntc and tor forum
      * Testing Invitation for Tor Browser with supported_groups patch countermeasure in Snowflake to evade censorship observed in Russia - Censorship circumvention methods & software - NTC
      * (Not working???)
      * >>> Request a packet capture
      * Testing Invitation for Tor Browser with supported_groups patch countermeasure in Snowflake to evade censorship observed in Russia
      * (No reply #~#)
      * User reports that the problem now is the presence of a Hello Verify Request message
        * IRC Tip about Signature used to block Snowflake in Russia, 2022-May-16 (#40030) · Issues · The Tor Project / Anti-censorship / censorship-analysis · GitLab
    * This discussion will be moved to censorship-analysis#40030 and remove from the pad

  * Snowflake
    * Umbrel asked us: "If you push multi-architecture builds to Docker Hub after your releases automatically, it would just be super simple PR to update the version number and checksum to keep Umbrel up to date". Update Snowflake Proxy in third party Distribuation Channel: umbrel (#40169) · Issues · The Tor Project / Anti-censorship / Pluggable Transports / Snowflake · GitLab
      * we are not conforably giving gitlab access to push images to docker hub
      * but we can build binaries in the CI

(New)
  * Use azure as snowflake's fronting service: context -> Turkmenistan meek working, snowflake blocked [Turkmenistan] Number of directly connecting users is going down (#40029) · Issues · The Tor Project / Anti-censorship / censorship-analysis · GitLab Blocking of Snowflake in Turkmenistan, 2021-10-24 (#40024) · Issues · The Tor Project / Anti-censorship / censorship-analysis · GitLab src shell (conflicting evidence: https://snowflake-broker.freehaven.net/metrics shows 1 TM IP, but proxy based test show cover site reachable)
    * meskio will find who has access to meek-azure and if we can change the domain front from the circumvention settings just for TM
    * there is a merge request in tor to fix some issues connecting to Tor from TM: Set TLSv1.3 ciphers to preserve ciphersuites order (!599) · Merge requests · The Tor Project / Core / Tor · GitLab
    * most obfs4 bridges are blocked as most IP ranges are not reachable from TM

  * HTTPT discussion RFC: Add HTTPT as a pluggable transport to Tor Browser (#1) · Issues · The Tor Project / Anti-censorship / Pluggable Transports / HTTPT · GitLab src shell
    * shell will start working on that proposal

== Actions ==

== Interesting links ==

== Reading group ==

  * We will discuss "" on
    *
    * Questions to ask and goals to have:
      * What aspects of the paper are questionable?
      * Are there immediate actions we can take based on this work?
      * Are there long-term actions we can take based on this work?
      * Is there future work that we want to call out in hopes that others will pick it up?

== Updates ==

Name:
    This week:
        - What you worked on this week.
    Next week:
        - What you are planning to work on next week.
    Help with:
       - Something you need help with.

cecylia (cohosh): last updated 2022-06-30
  Last week:
    - got tor to bootstrap fully with the deployed conjure station and bridge
    - met with CU Boulder team to discuss conjure rollout plan
  This week:
    - follow up with CU Boulder team about a wireguard connection between the station and bridge
    - a few quality of life conjure issues
        - Issues · The Tor Project / Anti-censorship / Pluggable Transports / conjure · GitLab
    - draft an announcement of conjure for forum and development community mailing lists
  Needs help with:

dcf: 2022-08-04
  Last week:
    - answered some questions about snowflake polling There are gaps between polling requests for new clients (#43) · Issues · The Tor Project / Anti-censorship / Pluggable Transports / Snowflake WebExtension · GitLab Change name "Snowflake" -> "North Star" (#40158) · Issues · The Tor Project / Anti-censorship / Pluggable Transports / Snowflake · GitLab
    - snowflake CDN bookkeeping Changes · Snowflake costs · Wiki · The Tor Project / Anti-censorship / Team · GitLab
    - made a mirror of shelikhoo's tor-browser-11.5a13-snowflake-dtlslib-20220712-9d73998bca39 Creating a version of Tor Browser with patched Snowflake client that includes supported_groups censorship countermeasure (#83) · Issues · The Tor Project / Anti-censorship / Team · GitLab
    - answered a question about pluggable transports and FascistFirewall Make Snowflake recognize FascistFirewall (#40159) · Issues · The Tor Project / Anti-censorship / Pluggable Transports / Snowflake · GitLab
    - archived snowflake-webextension-0.6.1 Snowflake WebExtension 0.6.1 : The Tor Project : Free Download, Borrow, and Streaming : Internet Archive
  Next week:
    - disable non-WireGuard SSH access to snowflake-02
    - migrate goptlib to gitlab migrate away from git.torproject.org (#86) · Issues · The Tor Project / Anti-censorship / Team · GitLab
  Help with:

meskio: 2022-08-11
   Last week:
       - set upa testing environment of rdsys-gettor
       - prepare a deployment of rdsys-gettor
       - catch up after vacation
   Next week:
       - deploy moat shim-token support
       - deploy rdsys-gettor

Shelikhoo: 2022-08-04
   Last Week:
    - [Merge Request Awaiting] Add SOCKS5 forward proxy support to snowflake (snowflake!64)
    - [Discussion & Deployment] Migrating Controlling git repo to Tor Gitlab Instance (shelikhoo/LogCollectorAncillary#5)
    - [Discussion & Deployment] Rollout of Distributed Snowflake Support
    - [Coding & Deployment] Proposal: Centralized Probe Result Collector (anti-censorship/team#54)
    - [Research+Coding] Raw Probe Log Data Collection Raw Probe Log Data Collection (#1) · Issues · The Tor Project / Anti-censorship / Connectivity Measurement / logcollector · GitLab
    - [Investigate] China "Anti-Fraud" Webpage Redirection Censorship (censorship-analysis#40026): update the research based on updated ooni
    - [Merge Request Awaiting] Raw Probe Log Data Collection Raw Probe Log Data Collection (#1) · Issues · The Tor Project / Anti-censorship / Connectivity Measurement / logcollector · GitLab
    - [Research] HTTPT Planning Add HTTPT as a pluggable transport to Tor Browser (#1) · Issues · The Tor Project / Anti-censorship / Pluggable Transports / HTTPT · GitLab
    - [Deployment] Enable unprivilaged user namespace support on probetelemetry-01@ for systemd user unit isolation Enable unprivilaged user namespace support on probetelemetry-01@ for systemd user unit isolation (#40855) · Issues · The Tor Project / TPA / TPA team · GitLab
   Next Week:
    - [Investigate] China "Anti-Fraud" Webpage Redirection Censorship (censorship-analysis#40026): update the research based on updated ooni
    - [Research+Coding] Raw Probe Log Data Collection Raw Probe Log Data Collection (#1) · Issues · The Tor Project / Anti-censorship / Connectivity Measurement / logcollector · GitLab
    - [Research] HTTPT Planning(Continue)

Itchy Onion: 2022-08-11
    Last week:
        - Updated snowflake plugin for RACE 2.2.0
    This week:
        - Fixing leaking file descriptor issue

--
meskio | https://meskio.net/
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
My contact info: https://meskio.net/crypto.txt
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
Nos vamos a Croatan.

3 Likes