[tor-project] Anti-censorship team meeting notes, 2022-02-03
meskio
meskio at torproject.org
Thu Feb 3 17:13:56 UTC 2022
Hey everyone!
Here are our meeting logs:
http://meetbot.debian.net/tor-meeting/2022/tor-meeting.2022-02-03-16.00.html
And our meeting pad:
Anti-censorship work meeting pad
--------------------------------
Next meeting: Thursday February 3rd 16:00 UTC
Weekly meetings, every Thursday at 16:00 UTC, in #tor-meeting at OFTC (channel is logged while meetings are in progress)
== Goal of this meeting ==
Weekly checkin about the status of anti-censorship work at Tor.
Coordinate collaboration between people/teams on anti-censorship at Tor.
== Links to Useful documents ==
Our anti-censorship roadmap:
Roadmap: https://gitlab.torproject.org/groups/tpo/anti-censorship/-/boards
The anti-censorship team's wiki page:
https://gitlab.torproject.org/tpo/anti-censorship/team/-/wikis/home
Past meeting notes can be found at:
https://lists.torproject.org/pipermail/tor-project/
Tickets that need reviews: from sponsors we are working on:
All needs review tickets: https://gitlab.torproject.org/groups/tpo/anti-censorship/-/merge_requests?scope=all&utf8=%E2%9C%93&state=opened&assignee_id=None
Sponsor 30
https://gitlab.torproject.org/groups/tpo/-/milestones/4
https://gitlab.torproject.org/groups/tpo/-/milestones/7
https://gitlab.torproject.org/groups/tpo/-/milestones/5
https://gitlab.torproject.org/groups/tpo/-/milestones/6
Sponsor 28
must-do tickets: https://gitlab.torproject.org/groups/tpo/-/milestones/10
possible tickets: https://gitlab.torproject.org/groups/tpo/-/issues?scope=all&utf8=%E2%9C%93&state=opened&label_name%5b%5d=Sponsor%2028&milestone_title=None
== Announcements ==
== Discussion ==
snowflake bridge is now switched back from staging to production
https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snowflake/-/issues/40095#note_2774428
load balancing is effective - the bridge is now using all its CPU resources effectively, and is no longer bottlenecked on tor
as a consequence, the bridge is providing about twice as much bandwidth as before (now 20 MB/s, from 10 MB/s)
however, it is now at the limit of its CPU capability, and will not be able to go faster than it does now
for the 6 days the staging server was in use, it was going even faster, up to 30 MB/s.
there's no obvious low-hanging fruit in the snowflake-server CPU profile
https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snowflake/-/issues/40086#note_2773087
profiling extor-static-cookie could be worthwhile
== Actions ==
== Interesting links ==
== Reading group ==
We will discuss "Weaponizing Middleboxes for TCP Reflected Amplification" on 2022-02-17
https://censorbib.nymity.ch/#Bock2021b
Questions to ask and goals to have:
What aspects of the paper are questionable?
Are there immediate actions we can take based on this work?
Are there long-term actions we can take based on this work?
Is there future work that we want to call out, in hopes that others will pick it up?
== Updates ==
Name:
This week:
- What you worked on this week.
Next week:
- What you are planning to work on next week.
Help with:
- Something you need help with.
anadahz: 2022-01-27
Last weeek:
- Increase timeout check cycles for default-bridge-felix-1 and default-bridge-felix-2 as they have been generating too many alerts: https://gitlab.torproject.org/tpo/anti-censorship/monit-configuration/-/merge_requests/1
cecylia (cohosh): last updated 2022-02-03
Last week:
- deployed new version of snowflake webextension + badge
- fixed issue with file limits at probetest (snowflake#40096)
- Updated documentation on schleuder mailing list admin (tpa/wiki-replica!22)
- filed issue about mailing list public key change (tpa/team#40609)
- reviews
- responded to ooni questions about snowflake tests (snowflake#40097)
- https://github.com/ooni/probe/issues/2004
- lots of meetings
This week:
- more reviews
- try out recent shadow bug fixes
- work with ooni on tor related tests
- s28 evaluation prep
- look at what's necessary for tapdance/conjure
- write up more documentation
Needs help with:
dcf: 2022-02-03
Last week:
- profiled snowflake-server on the staging bridge https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snowflake/-/issues/40086#note_2773087
- found a solution to prevent onion key rotation on the load-balanced bridge: a preexisting directory at a destination path https://forum.torproject.net/t/tor-relays-how-to-reduce-tor-cpu-load-on-a-single-bridge/1483/22
- opened an issue for an assertion failure that happens when onion key rotation is prevented https://gitlab.torproject.org/tpo/core/tor/-/issues/40554
- monitored the switchover from the staging snowflake bridge to production, and debugged resulting issues https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snowflake/-/issues/40095#note_2773704
- wrote scripts to graph multi-instance bandwidth and clients https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snowflake/-/issues/40095#note_2774428
- discovered a couple of minor bugs in snowflake-server https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snowflake/-/issues/40098 https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snowflake/-/issues/40099
Next week:
- update snowflake bridge installation and survival guides
- open an issue for metrics graphs correctly showing graphs for fingerprints with multiple instances
- start a discussion on tor-dev about alternatives for ExtORPort authentication (remove the need for extor-static-cookie)
- start a discussion on tor-dev about supported ways to disable onion key authentication
Help with:
agix: 2021-01-13
Last week:
- Busy with work on Censored Planet
Next week:
- Continue work on gettor-twitter
Help with:
-
arlolra: 2022-01-20
Last week:
- [added 2022-01-20 by dcf] ALPN support for pion DTLS https://github.com/pion/dtls/pull/415
Next week:
- Figure out where in pion/webrtc ALPN should be configured and used
- Maybe add Chacha20Poly1305 to pion/dtls
https://github.com/pion/dtls#planned-features
https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snowflake/-/issues/40014#note_2764731
Help with:
-
maxb: 2021-09-23
Last week:
- Worked on https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snowflake/-/issues/40054 re: utls for broker negotiation
- Had conversation with someone about upstream utls http round tripper https://github.com/refraction-networking/utls/pull/74
- Too busy with work :/
Next week:
- _Really_ want to get a PR for utls round tripper
meskio: 2022-02-03
Last week:
- test deployment for the new rdsys/bridgedb setup (rdsys#12)
- read the rdsys token from a file (bridgedb!33)
- fixes on country block mechanism for rdsys and bridgedb (rdsys!26)
- review bridgedb web redesign in lektor (bridgedb!31)
- feedback on the debian package for obfs4proxy (obfs4#33736)
- API rethinking for circumvention settings (bridgedb#40043 TorBrowser#40781)
Next week:
- make easier to test bridgedb ater rdsys change (bridgedb#40034)
Shelikhoo: 2022-02-03
Last Week:
- [Merge Request Awaiting] Add SOCKS5 forward proxy support to snowflake(snowflake!64)
- [Merge Request Done] Privacy preserving stats in Snowflake standalone proxy(snowflake#40079, snowflake!72)
- [Merge Request Review Done] Configure what distributor does distribute each resource type
- [Discussion] Implement metrics to measure snowflake churn(snowflake#34075)
- [Discussion] Proposal: Support for Dynamic IP obfs4 bridges with unattended proxy information update(aka "Subscription")
- [Discussion] Proposal: Push Notification Based Signaling Channel
- [Discussion] Proposal: Centralized Probe Result Collector(anti-censorship/team#54)
- [Discussion] HTTPT & Websocket(https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/httpt/-/issues/7#note_2773546)
- [Investigate] Is there a better moat/snowflake SNI than cdn.sstatic.net? (snowflake#40068)
- [Investigate] Multi-instance Load Balanced Tor - Snowflake Deployment
- [Investigate] China "Anti-Fraud" Webpage Redirection Censorship(censorship-analysis#40026)
- [Investigate] uTLS for broker negotiation
Next Week:
- [Discussion] Implement metrics to measure snowflake churn (snowflake#34075)
- [Discussion] Proposal: Push Notification Based Signaling Channel
- [Merge Request] Add verbosity switch to suppress diagnostic output(snowflake#40079, snowflake!74)
- [Discussion] Proposal: Centralized Probe Result Collector(anti-censorship/team#54)
- [Investigate] uTLS for broker negotiation
HackerNCoder: 2021-12-16
This week:
Last/done:
Setup web mirror on tor.encryptionin.space
Next:
Get (new VPs with) new IP and setup new web mirror on new domain
hanneloresx: 2021-3-4
Last week:
- Submitted MR for bridgestrap issue #14
Next week:
- Finish bridgestrap #14
- Find new issue to work on
Help with:
-
--
meskio | https://meskio.net/
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
My contact info: https://meskio.net/crypto.txt
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
Nos vamos a Croatan.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: signature
URL: <http://lists.torproject.org/pipermail/tor-project/attachments/20220203/0168920c/attachment.sig>
More information about the tor-project
mailing list