[tor-project] Anti-censorship meeting notes, 2021 August 19

[Cecylia Bocovich]

Hi everyone!

Here are our meeting logs:

http://meetbot.debian.net/tor-meeting/2021/tor-meeting.2021-08-19-16.00.html

and our meeting pad:

Anti-censorship work meeting pad
--------------------------------

Next meeting: Thursday August 19th 16:00 UTC

Weekly meetings, every Thursday at 16:00 UTC, in #tor-meeting at OFTC
(channel is logged while meetings are in progress)

== Goal of this meeting ==

Weekly checkin about the status of anti-censorship work at Tor.
Coordinate collaboration between people/teams on anti-censorship at Tor.


== Announcements ==

    Job opening on the anti-censorship team:
https://www.torproject.org/about/jobs/software-developer-anticensorship-2/
\o/


== Discussion ==

- v3 of the webext manifest doesn't support creating peerconnections in
the background
    - last time:
    	- we will present our need to
https://github.com/w3c/webrtc-extensions/issues/77 to encourage them to
permit WebRTC in service workers
    - no updates this week: cohosh will take over drafting a comment for
the linked issue

- Tor and obfs4/meek blocking in TM:
https://gitlab.torproject.org/tpo/community/support/-/issues/40030
    - last time:
    	-
https://metrics.torproject.org/userstats-relay-country.html?start=2021-05-14&end=2021-08-19&country=tm&events=off
    	- ggus found a volunteer to help with testing. obfs4, meek-azure,
and snowflake did not work; a private obfs4 bridge worked.
    	- http://emma.mhgb.net/ was not reachable, so ggus set up a mirror
at http://emma.gus.computer/
    - our tester is having difficulty installing a recent Tor browser on
an old Windows computer
    - will ask to install ooniprobe
    - cohosh will ask OONI (arturo and maria) for contacts in TM

- Snowflake reporting its own connection failures and sending messages
to tor logs
    -
https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snowflake/-/issues/40062
    - useful for diagnosing failures to connect, by users or our own
testing, without having to enable the snowflake-client log file
    - e.g. using PT protocol LOG or STATUS messages

- Ukraine is experiencing an increase in relay users
    - https://metrics.torproject.org/userstats-relay-country.html?country=ua
    - in the past this was due to a browser bundling tor for
anti-blocking purposes
    -
https://gitlab.torproject.org/tpo/anti-censorship/censorship-analysis/-/issues/22369


== Interesting links ==

    USENIX Security 2021 papers
https://www.usenix.org/conference/usenixsecurity21/technical-sessions

    "Domain Shadowing: Leveraging Content Delivery Networks for Robust
Blocking-Resistant Communications"
https://www.usenix.org/conference/usenixsecurity21/presentation/wei

    "How Great is the Great Firewall? Measuring China's DNS Censorship"
https://www.usenix.org/conference/usenixsecurity21/presentation/hoang

    "Balboa: Bobbing and Weaving around Network Censorship"
https://www.usenix.org/conference/usenixsecurity21/presentation/rosen

    "Weaponizing Middleboxes for TCP Reflected Amplification"
https://www.usenix.org/conference/usenixsecurity21/presentation/bock

    "Defeating DNN-Based Traffic Analysis Systems in Real-Time With
Blind Adversarial Perturbations"
https://www.usenix.org/conference/usenixsecurity21/presentation/nasr


== Reading group ==

    We will discuss "" on


    Questions to ask and goals to have:

    What aspects of the paper are questionable?

    Are there immediate actions we can take based on this work?

    Are there long-term actions we can take based on this work?

    Is there future work that we want to call out, in hopes that others
will pick it up?


== Updates ==

Name:
    This week:
        - What you worked on this week.
    Next week:
        - What you are planning to work on next week.
    Help with:

         - Something you need help with.


cecylia (cohosh): last updated 2021-08-19
Last week:
    - hiring tasks for ac team and network team
    - 3 full days of s28 integration/scrimmage prep x_x
    - checked on censorship measurement tests
    - looked in TM blocking of Tor bridges (support#40030)
    - parse SOCKS args for Snowflake (snowflake#40059)
This week:
    - more hiring and s28 meetings
    - censorship measurement tests and tools
    - help the browser team with tor's autoconnect feature
    - reviews
        - rdsys!11
        - snowflake!52 followup
        - snowflake#25595 followup
    - follow up on OONI tor tests
    - lots of miscellaneous gitlab TODOs
Needs help with:


arlolra: 2021-08-12

    Last week:

    - Migrate to v3 of the webextension manifest

    Next week:

    - Maybe get back to snowflake-webext #10

    - Write up the pitch for our use case for supporting creating
PeerConnections in background service workers
https://github.com/w3c/webrtc-extensions/issues/77

    Help with:

    -


dcf: 2021-08-19

    Last week:

    - snowflake CDN bookkeeping
https://gitlab.torproject.org/tpo/anti-censorship/team/-/wikis/Snowflake-costs

    - posted a summary of the Turkmenistan situation
https://ntc.party/t/recent-drop-in-tor-users-from-turkmenistan-testers-wanted/1192
https://gitlab.torproject.org/tpo/community/support/-/issues/40030

    Next week:

    Help with:


agix:2021-07-15

    Last week:

    -Off due to final exams

    Next week:

    -Work on bridgebox for rdsys

    -More research on httpt #4

    Help with:

    -

maxb: 2021-07-15

    Last week:

    - Opened
https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snowflake/-/issues/40054
re: utls for broker negotiation

    - Worked on github.com/max-b/nat-testing for
https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snowflake/-/issues/25595


    - Added a snowflake-proxy-no-nat and a snowflake-client-no-nat to
help with debugging

    - Successfully making connections from snowflake-client and
snoflake-client-no-nat through the snowflake-proxy-no-nat, but not
having any success with the snowflake-proxy (with nat).

    - Added a local dockerized STUN server

    Next week:

    - Use wireshark to figure out the difference between successful
snowflake-proxy-no-nat and unsuccessful snowflake-proxy-nat

    - Work on implementing different NAT types, particularly in a way
that's conducive to automatic testing

    - Add testing wrapper w/ "pass/fail" conditions


meskio: 2021-08-19

    Last week:

    - catch up after 3 weeks AFK (still in process)

    - debug bridgestrap CollecTor metrics and why are not produced
(bridgestrap#22)

    - review bridgestrap fix to test only uncached bridges (bridgestrap!11)

    - review bridgedb parse X-Forwarded-For header properly (bridgedb!21)

    - review snowflake SOCKS arguments (snowflake!53)

    Next week:

    - make bridgestrap CollecTor metrics resistant to restarts
(bridgestrap#22)

    - change bridgedb to send obfs4 bridges by default over email
(bridgedb#50)

    - gettor in rdsys architecture documentation (rdsys#44)

    - make a proposal for duplicated tests in bridgestrap CollecTor
metrics (bridgestrap#23)

    Help with:

    -