Hey everyone!
Here are our meeting logs:
http://meetbot.debian.net/tor-meeting/2023/tor-meeting.2023-03-02-15.58.html
And our meeting pad:
Anti-censorship work meeting pad
···
--------------------------------
------------------------------------------------------------------------------------
THIS IS A PUBLIC PAD
------------------------------------------------------------------------------------
Anti-censorship
--------------------------------
Next meeting: Thursday, March 9 16:00 UTC
Weekly meetings, every Thursday at 16:00 UTC, in #tor-meeting at OFTC
(channel is logged while meetings are in progress)
== Goal of this meeting ==
Weekly check-in about the status of anti-censorship work at Tor.
Coordinate collaboration between people/teams on anti-censorship at the Tor Project and Tor community.
== Links to Useful documents ==
\* Our anti\-censorship roadmap:
\* Roadmap: https://gitlab.torproject.org/groups/tpo/anti-censorship/-/boards
\* The anti\-censorship team's wiki page:
\* https://gitlab.torproject.org/tpo/anti-censorship/team/-/wikis/home
\* Past meeting notes can be found at:
\* https://lists.torproject.org/pipermail/tor-project/
\* Tickets that need reviews: from sponsors, we are working on:
\* All needs review tickets:
\* https://gitlab.torproject.org/groups/tpo/anti-censorship/-/merge_requests?scope=all&utf8=%E2%9C%93&state=opened&assignee_id=None
\* Sponsor 28
\* must\-do tickets: https://gitlab.torproject.org/groups/tpo/-/milestones/10
\* possible\-do tickets: https://gitlab.torproject.org/groups/tpo/-/issues?scope=all&utf8=%E2%9C%93&state=opened&label_name%5b%5d=Sponsor%2028&milestone_title=None
\* Sponsor 96
\* https://gitlab.torproject.org/groups/tpo/-/milestones/24
\* Sponsor 139 <\-\- hackerncoder, irl, joydeep, meskio, emmapeel working on it
\* https://pad.riseup.net/p/sponsor139-meeting-pad
== Announcements ==
== Discussion ==
\* Should we improve anti\-censorship measures against Tor without bridges? Should we fix the fingerprints and randomize them? \(ValdikSS\)
\* Currently, proposals to make any change in C\-tor are being closed in favor of Arti, which is not available in any relays yet\.
\* Is Arti going to be implemented the same as C\-tor with respect to anti\-censorship of its Tor\-protocol connections, or will it try better to resist blocking in its native state?
\* Team has not yet reviewed Anti's anti\-censorship design and stance\.
\* Old history \(circa May 2012, tor 0\.2\.3\.15\) of plain tor's attempts to enhance blocking resistance \(by imitating Firefox ciphersuites, etc\.\), before pluggable transports: https://gitlab.torproject.org/tpo/team/-/wikis/projects/Tor/TLSHistory
\* In Turkmenistan, huge ranges of foreign addresses are blocked, perhaps 40% of the space\. Tor relays are a good resource for testing and reachability because they are all listed; unlike obfs4 for example which are only attainable in small quantities are are usually 100% blocked anyway\.
\* But will it remain that way if the reachable Tor relays start being used on a large scale?
\* In Iran, there is an SNI regexp filter for the Tor client's default fake SNI of www\.\[a\-z\]\.com; changing \.com to \.net evades the filter\.
\* valdikss will make an issue to collect all this information\.
== Actions ==
\* meskio will write a survival guide on onbasca
\* move the ampcache snowflake fallback forward
== Interesting links ==
\* https://www.fortinet.com/blog/threat-research/dissecting-tor-bridges-pluggable-transport
\* In which the intrepid FortiNet analyst busts out OllyDbg rather than read the source code\.
\* Workaround for server\-side Tor block: https://web.archive.org/web/20221205135630/https://www.fortinet.com/blog/threat-research/dissecting-tor-bridges-pluggable-transport
\* Part 2: https://www.fortinet.com/blog/threat-research/dissecting-tor-bridges-pluggable-transport-part-2
\* https://www.youtube.com/watch?v=kL7YCRer3To&list=PLfUWWM-POgQvGOVAk1HjP3uFKoY93_-q9&index=5
\* Video for reading group paper\.
\* https://www.youtube.com/watch?v=dbOf8U2GDZ8 Q&A video, 0:00–3:36 and 10:14–11:11 are about this paper\.
== Reading group ==
\* We will discuss "Detecting Tor Bridge from Sampled Traffic in Backbone Networks" on March 9
\* https://www.ndss-symposium.org/wp-content/uploads/madweb2021_23011_paper.pdf
\* https://www.youtube.com/watch?v=kL7YCRer3To&list=PLfUWWM-POgQvGOVAk1HjP3uFKoY93_-q9&index=5
\* Questions to ask and goals to have:
\* What aspects of the paper are questionable?
\* Are there immediate actions we can take based on this work?
\* Are there long\-term actions we can take based on this work?
\* Is there future work that we want to call out in hopes that others will pick it up?
== Updates ==
Name:
This week:
- What you worked on this week.
Next week:
- What you are planning to work on next week.
Help with:
- Something you need help with.
cecylia (cohosh): last updated 2023-03-02
Last week:
- Lox tor browser integration work in progress
- Trial Lox integration (#116) · Issues · The Tor Project / Anti-censorship / Team · GitLab
- Finished getting the wasm client integrated as a Tor Browser module
This week:
- continue Lox tor browser integration
- find a better way to generate and call wasm client in tor-browser-build
- make team repos for Lox pieces
- expand client-side support for more Lox features
- continue work on conjure client-side recovery
Needs help with:
dcf: 2023-03-02
Last week:
- restarted snowflake bridges for haproxy CVE-2023-0056, CVE-2023-25725 Restart snowflake bridges for haproxy CVE-2023-0056, CVE-2023-25725 (#40253) · Issues · The Tor Project / Anti-censorship / Pluggable Transports / Snowflake · GitLab
- increased tor instances from 4 to 12 on snowflake-02 snowflake-02: increase number of tor instances from 4 to 12 (#40255) · Issues · The Tor Project / Anti-censorship / Pluggable Transports / Snowflake · GitLab
Next week:
- migrate goptlib to gitlab migrate away from git.torproject.org (#86) · Issues · The Tor Project / Anti-censorship / Team · GitLab (for real)
Help with:
meskio: 2023-02-23
Last week:
- integrate onbasca into rdsys to test bridge speed (rdsys#150)
- deploy onbasca in polyanthum
- patch onbasca API to be easier to parse (onbasca!60)
- investigate bridgestrap issue, is reporting 30% of functional bridges
Next week:
- Vacation!!!
Shelikhoo: 2023-03-02
Last Week:
- [Merge Request Awaiting] Add SOCKS5 forward proxy support to snowflake (snowflake!64)
- [Research] HTTPT Planning Add HTTPT as a pluggable transport to Tor Browser (#1) · Issues · The Tor Project / Anti-censorship / Pluggable Transports / HTTPT · GitLab
- WebTunnel @ TorBrowser mobile(WebTunnel Integration in Tor Browser mobile (#40800) · Issues · The Tor Project / Applications / tor-browser-build · GitLab, Bug 40800: Add WebTunnel Support for Tor Browser Mobile (!663) · Merge requests · The Tor Project / Applications / tor-browser-build · GitLab, Add WebTunnel support (!3) · Merge requests · The Tor Project / Applications / tor-android-service · GitLab)
- Upstreaming Remove HelloVerify countermeasure (Upstreaming Remove HelloVerify countermeasure (#40249) · Issues · The Tor Project / Anti-censorship / Pluggable Transports / Snowflake · GitLab)
Next Week:
- [Research] WebTunnel planning (Continue)
- Try to find a place to host another vantage point
- WebTunnel @ TorBrowser mobile(Bug 40800: Add WebTunnel Support for Tor Browser Mobile (!663) · Merge requests · The Tor Project / Applications / tor-browser-build · GitLab)
onyinyang: 2023-03-02
Last week:
- Finished up Lox wasm bindings for Tor integration:
- issue invitation
- check blockage
- blockage migration
This week:
- Working on distributor backend for Lox server (integration with rdsys)
Itchy Onion: 2023-03-02
Last week:
- Holiday
- Contine working on issue #40252 (NAT probetest for standalone proxy)
This week:
- Finished most issue #40252 (!136)
- Started looking at #40231 (Client sometimes send offer with no ICE candidates)
hackerncoder: 2023-03-02
last week:
- work on monitoring bridges health
Next week:
- getting ooni-exporter to work with torsf (snowflake)
- work on "bridgetester"?
cece: 2022-12-22
This week:
- working on creating a dummy WhatsApp bot
Next week:
- My bot is not yet working as expected s? still trying to figure that out
Help with:
- resources