[tor-project] Anti-censorship team meeting notes, 2022-01-27

meskio meskio at torproject.org
Thu Jan 27 16:42:59 UTC 2022


Hey everyone!

Here are our meeting logs:

http://meetbot.debian.net/tor-meeting/2022/tor-meeting.2022-01-27-15.59.html

And our meeting pad:

Anti-censorship work meeting pad
--------------------------------

Next meeting: Thursday January 27th 16:00 UTC

Weekly meetings, every Thursday at 16:00 UTC, in #tor-meeting at OFTC (channel is logged while meetings are in progress)

== Goal of this meeting ==

Weekly checkin about the status of anti-censorship work at Tor.
Coordinate collaboration between people/teams on anti-censorship at Tor.

== Links to Useful documents ==

    Our anti-censorship roadmap:

    Roadmap: https://gitlab.torproject.org/groups/tpo/anti-censorship/-/boards

    The anti-censorship team's wiki page:

    https://gitlab.torproject.org/tpo/anti-censorship/team/-/wikis/home

    Past meeting notes can be found at:

    https://lists.torproject.org/pipermail/tor-project/

    Tickets that need reviews:  from sponsors we are working on:

    All needs review tickets: https://gitlab.torproject.org/groups/tpo/anti-censorship/-/merge_requests?scope=all&utf8=%E2%9C%93&state=opened&assignee_id=None

    Sponsor 30

    https://gitlab.torproject.org/groups/tpo/-/milestones/4

    https://gitlab.torproject.org/groups/tpo/-/milestones/7

    https://gitlab.torproject.org/groups/tpo/-/milestones/5

    https://gitlab.torproject.org/groups/tpo/-/milestones/6

    Sponsor 28

    must-do tickets: https://gitlab.torproject.org/groups/tpo/-/milestones/10

    possible tickets: https://gitlab.torproject.org/groups/tpo/-/issues?scope=all&utf8=%E2%9C%93&state=opened&label_name%5b%5d=Sponsor%2028&milestone_title=None


== Announcements ==



== Discussion ==

    no news about obfs4 security fixes, needs to be looked into

    Tor Browser will update first: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/issues/40416

    status of snowflake load balancing upgrade

    https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snowflake/-/issues/40095#note_2772325

    currently staging bridge is handling almost all the traffic

    plan to do the upgrade on the production bridge today or tomorrow

    then switch the DNS back next week

    our metrics are low, the current hypothesis is that the counts are coming from only one of the instances

    plan to prevent onion key rotation by making the key files read-only

    will try profiling on the staging bridge to help reduce CPU usage of snowflake-server https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snowflake/-/issues/40086

    test deployment of rdsys + bridgedb

    next week, will be available to @torproject.org email addresses

    aim for production in February

    Hetzner networking issue, shall we add it to the timeline

    Find more details of the incident and if it has affected any parts of the Tor network 

    bridgedb and many bridges are in hetzner


== Actions ==


== Interesting links ==



== Reading group ==

    We will discuss "Meteor: Cryptographically Secure Steganography for Realistic Distributions" on 2022-02-03

    https://dl.acm.org/doi/10.1145/3460120.3484550

    https://eprint.iacr.org/2021/686

    https://meteorfrom.space/

    Questions to ask and goals to have:

    What aspects of the paper are questionable?

    Are there immediate actions we can take based on this work?

    Are there long-term actions we can take based on this work?

    Is there future work that we want to call out, in hopes that others will pick it up?


== Updates ==

Name:
    This week:
        - What you worked on this week.
    Next week:
        - What you are planning to work on next week.
    Help with:

         - Something you need help with.


anadahz: 2022-01-27

    Last weeek:

    - Increase timeout check cycles for default-bridge-felix-1 and default-bridge-felix-2 as they have been generating too many alerts: https://gitlab.torproject.org/tpo/anti-censorship/monit-configuration/-/merge_requests/1


cecylia (cohosh): last updated 2022-01-27

    Last week:

    - filed shadow bug: https://github.com/shadow/shadow/issues/1869
    - lots of reviews
    - roadmapping and documentation writing
    - sponsor reports
    - reached out to default bridge operators about down or unreliable bridges
    - helped with deployment of bridge-port-scan fixes

    This week:

    - more reviews
    - finish documenting and cleaning up shadow simulation scripts
    - use these snowflake + shadow scripts to do more performance testing
    - start looking at what is needed for a tapdance/conjure PT
    - write up more documentation

    Needs help with:


dcf: 2022-01-27

    Last week:

    - set up load balanced staging bridge for snowflake, monitored its switchover from the production bridge https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snowflake/-/issues/40095 https://forum.torproject.net/t/tor-relays-how-to-reduce-tor-cpu-load-on-a-single-bridge/1483/16

    Next week:

    - test the read-only file idea for preventing onion key rotation https://forum.torproject.net/t/tor-relays-how-to-reduce-tor-cpu-load-on-a-single-bridge/1483/16

    - upgrade the snowflake production bridge for load balancing https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snowflake/-/issues/40095

    - switch snowflake DNS records back to the production bridge https://gitlab.torproject.org/tpo/tpa/team/-/issues/40602

    - before switching over, enable profiling on the staging bridge for https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snowflake/-/issues/40086

    Help with:


agix: 2021-01-13

    Last week:

    - Busy with work on Censored Planet

    Next week:

    - Continue work on gettor-twitter

    Help with:

    -


arlolra: 2022-01-20

    Last week:

    - [added 2022-01-20 by dcf] ALPN support for pion DTLS https://github.com/pion/dtls/pull/415

    Next week:

    - Figure out where in pion/webrtc ALPN should be configured and used

    - Maybe add Chacha20Poly1305 to pion/dtls

    https://github.com/pion/dtls#planned-features

    https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snowflake/-/issues/40014#note_2764731

    Help with:

    - 


maxb: 2021-09-23

    Last week:

    - Worked on https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snowflake/-/issues/40054 re: utls for broker negotiation

    - Had conversation with someone about upstream utls http round tripper https://github.com/refraction-networking/utls/pull/74

    - Too busy with work :/

    Next week:

    - _Really_ want to get a PR for utls round tripper


meskio: 2022-01-27

    Last week:

    - select the type of bridges distributed by each distributor (rdsys#63)

    - add a third pool to the telegram bot (team#53)

    - rdsys/bridgedb setup coordination with tpa (tpa/team#40581)

    - update gettor links (gettor#85)

    - implement country block mechanism for rdsys and bridgedb (bridgedb#40036)

    Next week:

    - test deployment for the new rdsys/bridgedb setup (rdsys#12)

    - make easier to test bridgedb ater rdsys change (bridgedb#40034)

    - check whats up with obfs4 security fixes


Shelikhoo: 2022-01-27
   Last Week:
       - [Merge Request Awaiting] Add SOCKS5 forward proxy support to snowflake(snowflake!64)
       - [Merge Request Awaiting] Privacy preserving stats in Snowflake standalone proxy(snowflake#40079, snowflake!72)
       - [Merge Request Done] Add Google backend support for gettor updater(rdsys!19)
       - [Merge Request Done] Add callbacks in the client for key events during snowflake connections(snowflake#40076)

      - [Discussion] Implement metrics to measure snowflake churn(snowflake#34075)

      - [Discussion] Proposal: Support for Dynamic IP obfs4 bridges with unattended proxy information update(aka "Subscription")

      - [Discussion] Proposal: Push Notification Based Signaling Channel

      - [Discussion] Proposal: Centralized Probe Result Collector(anti-censorship/team#54)

      - [Investigate] Is there a better moat/snowflake SNI than cdn.sstatic.net? (snowflake#40068)

      - [Investigate] Multi-instance Load Balanced Tor - Snowflake Deployment

      - [Investigate] China "Anti-Fraud" Webpage Redirection Censorship(censorship-analysis#40026)

   Next Week:
       - [Discussion] Designing the Container Layout for rdsys
       - [Discussion] Implement metrics to measure snowflake churn (snowflake#34075)
       - [Discussion] Proposal: Push Notification Based Signaling Channel
       - [Merge Request] Privacy preserving stats in Snowflake standalone proxy(snowflake#40079, snowflake!72)
       - [Merge Request Review] Configure what distributor does distribute each resource type
       - [Discussion] Proposal: Centralized Probe Result Collector(anti-censorship/team#54)
       - [Investigate] uTLS for broker negotiation

HackerNCoder: 2021-12-16
This week:
    Last/done:
        Setup web mirror on tor.encryptionin.space
    Next:
        Get (new VPs with) new IP and setup new web mirror on new domain

hanneloresx: 2021-3-4

    Last week: 

    - Submitted MR for bridgestrap issue #14

    Next week:

    - Finish bridgestrap #14

    - Find new issue to work on

    Help with:

    - 



-- 
meskio | https://meskio.net/
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
 My contact info: https://meskio.net/crypto.txt
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
Nos vamos a Croatan.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: signature
URL: <http://lists.torproject.org/pipermail/tor-project/attachments/20220127/ed320dde/attachment.sig>


More information about the tor-project mailing list