[tor-project] Anti-censorship team meeting notes, 2022-06-16
Shelikhoo
shelikhoo at torproject.org
Thu Jun 16 17:17:23 UTC 2022
Hey everyone!
Here are our meeting logs:
http://meetbot.debian.net/tor-meeting/2022/tor-meeting.2022-06-16-15.59.html
<http://meetbot.debian.net/tor-meeting/2022/tor-meeting.2022-03-31-15.59.html>
And our meeting pad:
Anti-censorship work meeting pad
--------------------------------
Next meeting: Thursday June 23rd 16:00 UTC
Weekly meetings, every Thursday at 16:00 UTC, in #tor-meeting at OFTC
(channel is logged while meetings are in progress)
== Goal of this meeting ==
Weekly check-in about the status of anti-censorship work at Tor.
Coordinate collaboration between people/teams on anti-censorship at Tor.
== Links to Useful documents ==
* Our anti-censorship roadmap:
* Roadmap:
https://gitlab.torproject.org/groups/tpo/anti-censorship/-/boards
* The anti-censorship team's wiki page:
*
https://gitlab.torproject.org/tpo/anti-censorship/team/-/wikis/home
* Past meeting notes can be found at:
* https://lists.torproject.org/pipermail/tor-project/
* Tickets that need reviews: from sponsors we are working on:
* All needs review tickets:
https://gitlab.torproject.org/groups/tpo/anti-censorship/-/merge_requests?scope=all&utf8=%E2%9C%93&state=opened&assignee_id=None
* Sponsor 28
* must-do tickets:
https://gitlab.torproject.org/groups/tpo/-/milestones/10
* possible tickets:
https://gitlab.torproject.org/groups/tpo/-/issues?scope=all&utf8=%E2%9C%93&state=opened&label_name%5b%5d=Sponsor%2028&milestone_title=None
* Sponsor 96
* https://gitlab.torproject.org/groups/tpo/-/milestones/24
== Announcements ==
* Distributed Snowflake, IP Change Rate Measurement is ready for
merge src Shell
* Shell will handle the merge
* Will wait for a day when others are online to do the deployment
* Will deploy both new features at once
== Discussion ==
* What is the status of adjusting snowflake (pion) DTLS signature
to avoid blocking in Russia? (Based on offset of supported_groups
extension.)
*
https://gitlab.torproject.org/tpo/anti-censorship/censorship-analysis/-/issues/40030#note_2804998
* https://github.com/pion/dtls/pull/474
* https://ntc.party/t/webrtc/2174/21
*
https://gitlab.torproject.org/tpo/community/support/-/issues/40050
(generally)
* UDP packets matching the pattern
`^\x16\xfe[\xfd\xff].{X}\x00\x1d\x00\x17\x00\x18` are getting blocked,
where X is a small number of enumerated byte offsets, and
\x00\x1d\x00\x17\x00\x18 is the supported_groups extension. One of the
offsets happens to match where pion/dtls places the extension in its
Client Hello.
* Concise description of the current situation: snowflake
connections are blocked when either peer in the connection is Pion-based
(e.g. snowflake-client or proxy-go) and takes the role of the DTLS client.
* Put another way, the connection is ok if: the proxy is a
browser proxy (not proxy-go) and snowflake-client operates as a DTLS
server, not client
* Pull request 474 has the risk of creating a new, even more
distinctive fingerprint
* So does altering the offset of supported_groups without
changing other aspects of the fingerprint
* One idea is to make a patch or fork of pion/dtls with either
pull request 474 or some other change that alters the offset, then ask
people to test it
*
https://gitweb.torproject.org/builders/tor-browser-build.git/commit/?id=7ffd69a21b8a408a2be9cfdbe7401e1a7f974310
is a past temporary fork for a fingerprinting fix
*
https://archive.org/details/snowflake-ru_snowflake_fix-20211208-ae7cc478fd34
is the resulting bundle that we asked people to test
* Shell will create a ticket for releasing a version of
Snowflake/TorBrowser with patch applied
== Actions ==
== Interesting links ==
== Reading group ==
* We will discuss "Even Censors Have a Backup: Examining China's
Double HTTPS Censorship Middleboxes" on June 23
* https://dl.acm.org/doi/10.1145/3473604.3474559
* Questions to ask and goals to have:
* What aspects of the paper are questionable?
* Are there immediate actions we can take based on this work?
* Are there long-term actions we can take based on this work?
* Is there future work that we want to call out in hopes
that others will pick it up?
== Updates ==
Name:
This week:
- What you worked on this week.
Next week:
- What you are planning to work on next week.
Help with:
- Something you need help with.
cecylia (cohosh): last updated 2022-06-16 (will miss meeting)
Last week:
- conjure station-side changes
- updated conjure test environment using cloud-init vms
This week:
- continued work on conjure PT
- continue snowflake maintenance tasks
Needs help with:
dcf: 2022-06-16
Last week:
- snowflake CDN bookkeeping
https://gitlab.torproject.org/tpo/anti-censorship/team/-/wikis/Snowflake-costs
- commented on dnstt pluggable transport client
https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/trac/-/issues/40001#note_2811603
- commented on restarts for snowflake probetest
https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snowflake/-/issues/40147#note_2812079
Next week:
- look at STATUS VERSION proposal
https://gitlab.torproject.org/tpo/core/torspec/-/merge_requests/63
Help with:
meskio: 2022-06-02
Last week:
- use systemd to run bridgedb (team#72)
- update debian package for snowflake (snowflake#40143)
- don't use entropy in snowflake tests (snowflake!96)
- contact cymru about their builtin bridges, as they have
an old version of obfs4proxy
Next week:
- start working on gettor (rdsys#105)
Shelikhoo: 2022-06-16
Last Week:
- [Merge Request] Add Distributed Snowflake Server Support
(snowflake!87)
- [Merge Request] Distributed Snowflake Bridges (Javascript ver.)
(snowflake-webext!29)
- [Merge Request] Implement metrics to measure snowflake churn
(https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snowflake/-/issues/34075)
(snowflake!95)
- [Merge Request Awaiting] Add SOCKS5 forward proxy support to
snowflake (snowflake!64)
- [Discussion & Deployment] Migrating Controlling git repo to
Tor Gitlab Instance (shelikhoo/LogCollectorAncillary#5) <- awaiting/blocked
- [Research & Discussion] Discussion about the possibility of
adding PT support to V2Ray to serve the role of HTTPT
(https://gitlab.torproject.org/tpo/anti-censorship/team/-/issues/82)
- [Investigate] China "Anti-Fraud" Webpage Redirection
Censorship (censorship-analysis#40026): update the research based on
updated ooni result
Next Week:
- [Deployment] Snowflake Broker
- [Coding & Deployment] Proposal: Centralized Probe Result
Collector (anti-censorship/team#54)
- [Research & Coding] WebSocket + CDN Based Probe Control
Connection Forwarder (shelikhoo/LogCollectorAncillary#3)
- [Investigate] China "Anti-Fraud" Webpage Redirection
Censorship (censorship-analysis#40026): update the research based on
updated ooni result
Itchy Onion: 2022-06-16
Last week:
- ongoing debugging s28 issues 81 (snowflake crashes in
stree-testing)
- taking over part of testing snowflake
This week:
- ongoing debugging s28 issues 81, fixing a leaking file
descriptor issue
- taking over part of testing snowflake
-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_signature
Type: application/pgp-signature
Size: 833 bytes
Desc: OpenPGP digital signature
URL: <http://lists.torproject.org/pipermail/tor-project/attachments/20220616/33553299/attachment.sig>
More information about the tor-project
mailing list