[tor-project] Anti-censorship team meeting notes, 2023-03-23

• THIS IS A PUBLIC PAD

Anti-censorship

Next meeting: Thursday, March 23 16:00 UTC

Weekly meetings, every Thursday at 16:00 UTC, in #tor-meeting at OFTC
(channel is logged while meetings are in progress)

== Goal of this meeting ==

Weekly check-in about the status of anti-censorship work at Tor.
Coordinate collaboration between people/teams on anti-censorship at the Tor Project and Tor community.

== Links to Useful documents ==

• Our anti-censorship roadmap:

• Roadmap: https://gitlab.torproject.org/groups/tpo/anti-censorship/-/boards

• The anti-censorship team’s wiki page:

• https://gitlab.torproject.org/tpo/anti-censorship/team/-/wikis/home

• Past meeting notes can be found at:

• https://lists.torproject.org/pipermail/tor-project/

• Tickets that need reviews: from sponsors, we are working on:

• All needs review tickets:

• https://gitlab.torproject.org/groups/tpo/anti-censorship/-/merge_requests?scope=all&utf8=%E2%9C%93&state=opened&assignee_id=None

• Sponsor 96

• https://gitlab.torproject.org/groups/tpo/-/milestones/24

• Sponsor 139 ← hackerncoder, irl, joydeep, meskio, emmapeel working on it

• https://pad.riseup.net/p/sponsor139-meeting-pad

== Announcements ==

== Discussion ==

• renovate bot to update dependencies on our projects

• https://gitlab.torproject.org/tpo/tpa/renovate-cron

• there have been complaints that some dependencies of snowflake are outdated

• https://github.com/tladesignz/IPtProxy/issues/45

• https://gitlab.torproject.org/tpo/anti-censorship/team/-/issues/122

• (x/net and x/crypto dependencies were incidentally updated in a recent pion update: https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snowflake/-/merge_requests/137, but not to the currently most recent version)

• currently being used in rdsys, could enable for other projects by request

== Actions ==

• update the x/net and x/crypt libraries in snowflake and obfs4

• https://gitlab.torproject.org/tpo/anti-censorship/team/-/issues/122

== Interesting links ==

• https://github.com/guardianproject/orbot/releases/tag/17.0.0-BETA-2-tor.0.4.7.11

• https://github.com/guardianproject/orbot/commit/c3f6ee18f17770a5904ad19c3cd24b9c8dcb3885#diff-6da94c8e7d86d1c396305c45d7ab2f787830efa8580d100aa10707c26011f288

• 2023-03-15 Orbot for Android v17 BETA 2 released with snowflake-02 bridge

• snowflake-02 metrics: https://metrics.torproject.org/rs.html#details/91DA221A149007D0FD9E5515F5786C3DD07E4BB0 (multiply by 12)

== Reading group ==

• We will discuss “” on

• Questions to ask and goals to have:

• What aspects of the paper are questionable?

• Are there immediate actions we can take based on this work?

• Are there long-term actions we can take based on this work?

• Is there future work that we want to call out in hopes that others will pick it up?

== Updates ==

Name:
This week:

• What you worked on this week.
  Next week:

• What you are planning to work on next week.
  Help with:

• • Something you need help with.

cecylia (cohosh): last updated 2023-03-23
Last week(s):

• Lox tor browser integration work in progress
• https://gitlab.torproject.org/tpo/anti-censorship/team/-/issues/116
• created a fork of wasm-bindgen that generates javascript bindings for the lox client that are compatible with internal browser modules
• looked into enabling wasm target for rust in tbb
• https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/issues/40818
• Lox distributor work
• debugged some async problems with the rdsys-backend-api library
• helped set up new meek bridge for users in TM
  This week:
• continue Lox tor browser integration
• catch up on snowflake-webext issues and MRs
  Needs help with:

dcf: 2023-03-23

• Last week:

• • wrote up ideas about partially reliable and/or unordered WebRTC data channels in snowflake https://lists.torproject.org/pipermail/anti-censorship-team/2023-March/000286.html
• • wrote notes on RFC 8828 which gives guidance on handling private IP address ICE candidates https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snowflake/-/issues/19026#note_2887175
• • wrote notes on STUN fingerprinting and STUN over DTLS (RFC 7350) https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snowflake/-/issues/40240#note_2888750
• • sketched a plan for providing bridge capacity for Turkmenistan https://gitlab.torproject.org/tpo/anti-censorship/censorship-analysis/-/issues/40029#note_2888125
• • wrote a merge request to fix a minor PT initialization bug in snowflake-server https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snowflake/-/merge_requests/143
• • made the necessary changes to make nf_conntrack changes persistent on the snowflake bridges, and restarted them both https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snowflake/-/issues/40259#note_2888175
• • contributed thoughts about how to share a pool of snowflake proxies with other circumvention projects

• Next week:

• • migrate goptlib to gitlab https://gitlab.torproject.org/tpo/anti-censorship/team/-/issues/86#note_2823122 (for real)
• • open issue to have snowflake-client log whenever KCPInErrors is nonzero https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snowflake/-/issues/40262#note_2886018
• • parent: https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snowflake/-/issues/40267

• Help with:

meskio: 2023-03-23
Last week:

• • explore how to add webtunnel to rdsys (rdsys#142)
• • add webtunnel support to bridgestrap (bridgestrap!15)
• • experiment with renovate bot in rdsys to update dependencies
• • apply to docker DSOS program (team#121)
• • rebase pt version spec (torspec!63)

Next week:

• • rdsys webtunnel support (rdsys#142)

Shelikhoo: 2023-03-16
Last Week:

• • [Merge Request Awaiting] Add SOCKS5 forward proxy support to snowflake (snowflake!64)
• • [Research] HTTPT Planning https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/httpt/-/issues/1
• • Upstreaming Remove HelloVerify countermeasure (https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snowflake/-/issues/40249)
• • Fix return nil error on unrecognized request http upgrade failure (https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/webtunnel/-/merge_requests/5)
• • consider propagating 2FA everywhere, maybe, at the April Tor Meeting (https://gitlab.torproject.org/tpo/tpa/team/-/issues/41083#note_2884138)
• • Resynchronization with Upsteamed Remove HelloVerify countermeasure (https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snowflake/-/issues/40258#note_2883726)
• • Comment on OnionShare Rebrand
• • Comment on S96 User Research Risk Assessment
• • Comment on Analysis of speed deficiency of Snowflake in China, 2023 Q1(https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snowflake/-/issues/40251)
• • Comment on enable Gitlab Container Registry( https://gitlab.torproject.org/tpo/tpa/gitlab/-/issues/89#note_2886693)
• • Add utls-imitate, utls-nosni doc to README (https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snowflake/-/merge_requests/139)
• • Review Assign an accepted bandwidth ratio to TBLinks(https://gitlab.torproject.org/tpo/anti-censorship/rdsys/-/merge_requests/78#note_2885745)
• • Review Proxy: add an option to bind to a specific address (https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snowflake/-/merge_requests/136#note_2885721)

Next Week:

• • [Research] WebTunnel planning (Continue)
• • Try to find a place to host another vantage point
• • Resynchronization with Upsteamed Remove HelloVerify countermeasure (https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snowflake/-/issues/40258#note_2883726)
• • consider propagating 2FA everywhere, maybe, at the April Tor Meeting (https://gitlab.torproject.org/tpo/tpa/team/-/issues/41083#note_2884138)
• • logcollector alter system
• • webtunnel document for proxy opertaor

onyinyang: 2023-03-23
Last week:

• Finished up most of the minimally working example of Lox server integration with rdsys

• • Identified and helped to debug async issues with rdsys-backend-api stream
• • Added more helpful comments/error handling and graceful shutdown

• https://gitlab.torproject.org/tpo/anti-censorship/lox/lox-distributor/-/merge_requests/1

This week:

• Finish up the handling of changed resources in the Lox library

• • Improve client side handling of BridgeLines?
• • Discuss next steps with cohosh

Itchy Onion: 2023-03-22
Last week:

• • Closed #40252 (NAT probetest for standalone proxy)
• • Closed #40265 (mac user reporting standalone proxy complaning about broker cert)
• • Worked on #40231 (Client sometimes send offer with no ICE candidates)

This week:

• Tested and created a potential broker security issue (#40266)

• • Stil working on #40231 – validate SDP contains candidate at the “/client” and “/answer” endpoints broke almsot all of the unit tests

hackerncoder: 2023-03-09
last week:
Next week:

• getting ooni-exporter to work with torsf (snowflake)
• ooni-exporter web_connectivity
• work on “bridgetester”?
• how does Iran block bridges

cece: 2022-12-22
This week:

• working on creating a dummy WhatsApp bot
  Next week:

• My bot is not yet working as expected s? still trying to figure that out
  Help with:

• • resources