[tor-project] Anti-censorship team meeting notes, 2023-04-13

Itchy Onion itchyonion0518 at protonmail.com
Mon Apr 17 15:14:28 UTC 2023 

Hey everyone!


Here are our meeting logs:


http://meetbot.debian.net/tor-meeting/2023/tor-meeting.2023-04-13-15.58.log.html



And our meeting pad: Anti-censorship work meeting pad

------------------------------------------------------------------------------------

-   THIS IS A PUBLIC PAD

------------------------------------------------------------------------------------


Anti-censorship
--------------------------------

Next meeting: Thursday, April 13 16:00 UTC

Weekly meetings, every Thursday at 16:00 UTC, in #tor-meeting at OFTC
(channel is logged while meetings are in progress)

== Goal of this meeting ==

Weekly check-in about the status of anti-censorship work at Tor.
Coordinate collaboration between people/teams on anti-censorship at the Tor Project and Tor community.

== Links to Useful documents ==


-   Our anti-censorship roadmap:

-   Roadmap: https://gitlab.torproject.org/groups/tpo/anti-censorship/-/boards

-   The anti-censorship team's wiki page:

-   https://gitlab.torproject.org/tpo/anti-censorship/team/-/wikis/home

-   Past meeting notes can be found at:

-   https://lists.torproject.org/pipermail/tor-project/

-   Tickets that need reviews: from sponsors, we are working on:

-   All needs review tickets:

-   https://gitlab.torproject.org/groups/tpo/anti-censorship/-/merge_requests?scope=all&utf8=%E2%9C%93&state=opened&assignee_id=None

-   Sponsor 96

-   https://gitlab.torproject.org/groups/tpo/-/milestones/24

-   Sponsor 139 <-- hackerncoder, irl, joydeep, meskio, emmapeel working on it

-   https://pad.riseup.net/p/sponsor139-meeting-pad


== Announcements ==


== Discussion ==


-   Update on Analysis of speed deficiency of Snowflake in China, 2023 Q1 https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snowflake/-/issues/40251#note_2883879

-   after a lot of research the proposed solution is to enable datagram transport on webrtc to deal with the packet loss situation

-   that will convert webrtc into an unreliable channel, and snowflake will add reliablity with kcp

-   (NO update from shell @ Apr 13)


== Actions ==


== Interesting links ==


-   

    



== Reading group ==


-   We will discuss "Lox: Protecting the Social Graph in Bridge Distribution" on 2023 May 18

-   https://cypherpunks.ca/~iang/pubs/lox-popets23.pdf

-   Questions to ask and goals to have:

-   What aspects of the paper are questionable?

-   Are there immediate actions we can take based on this work?

-   Are there long-term actions we can take based on this work?

-   Is there future work that we want to call out in hopes that others will pick it up?



== Updates ==

Name:
    This week:
        - What you worked on this week.
    Next week:
        - What you are planning to work on next week.
    Help with:

-        - Something you need help with.


cecylia (cohosh): last updated 2023-04-13
Last week:
    - released a new version of snowflake-webext (0.7.2)
    - added CI and renovate bot to Conjure
    - debugged wireguard setup and confirmed it works
        - https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/conjure/-/issues/15
    - fixed a bug where SOCKS handles were being leaked in Conjure
        - https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/conjure/-/issues/27
    - Added a content security policy to webextension
        - https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snowflake-webext/-/issues/80
    - Opened an upstream issue in gotapdance to restore functionality lost in a version upgrade
        - https://github.com/refraction-networking/gotapdance/issues/113
This week:
    - Lox tor browser integration
    - conjure maintenance
Needs help with:

dcf: 2023-04-13

-   Last week:

-   - posted performance measurements of a QueuePacketConn optimization and merged it https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snowflake/-/merge_requests/145#note_2894729

-   - made a graph of snowflake proxy NAT types over time, which highlights the times when probetest was failing and there was an increase in "unknown" NAT types https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snowflake/-/issues/40071#note_2895077

-   - archived snowflake-webextension-0.7.2 https://archive.org/details/snowflake-webextension-0.7.2

-   Next week:

-   - migrate goptlib to gitlab https://gitlab.torproject.org/tpo/anti-censorship/team/-/issues/86#note_2823122 (for real)

-   - open issue to have snowflake-client log whenever KCPInErrors is nonzero https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snowflake/-/issues/40262#note_2886018

-   - parent: https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snowflake/-/issues/40267

-   - open issue to disable /debug endpoint on snowflake broker

-   Help with:


meskio: 2023-04-13
   Last week:

-   - configure rdsys to distribute webtunnel bridges (rdsys#142)

-   - set up a webtunnel bridge to test

-   - review and merge a bunch of renovate MRs in rdsys

-   - brainstorm on pinning TLS certs in Tor Browser for bridges.torproject.org (tpa/team#41123)

-   - review bridgestrap aggressive retry for dysfunctional bridges (bridgestrap!16)

-   - review snowflake webextension CSP (webext!66)

-   - sponsor 96 report

-   - grant application work...

   Next week:

-   - distribute webtunnel bridges in BridgeDB


Shelikhoo: 2023-04-13
   Last Week:

-   - [Merge Request Awaiting] Add SOCKS5 forward proxy support to snowflake (snowflake!64)

-   - [Research] HTTPT Planning https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/httpt/-/issues/1

-   - [Merge Request] container image for webtunnel (https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/webtunnel/-/merge_requests/7)

-   - [Research] Fix crash on launch when unexpected input was supplyed over PT protocol https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/webtunnel/-/issues/19

-   - Write S96 report

-   - Comment on S96 User Research Risk Assessment

   Next Week:

-   - [Research] WebTunnel planning (Continue)

-   - Try to find a place to host another vantage point

-   - container image for webtunnel

-   - consider propagating 2FA everywhere, maybe, at the April Tor Meeting (https://gitlab.torproject.org/tpo/tpa/team/-/issues/41083#note_2884138)

-   - logcollector altert system

-   - webtunnel document for proxy operator

-   

    


onyinyang: 2023-04-13
    Last week:
       -  worked on handling `gone resources` in a more appropriate way for Lox as outlined here: https://gitlab.torproject.org/tpo/anti-censorship/lox/lox-overview/-/issues/7#note_2894231
       - implemented a more aggressive testing schedule for failing bridgestrap resources https://gitlab.torproject.org/tpo/anti-censorship/bridgestrap/-/merge_requests/16
       - discovered that failed/low bandwidth resources are quietly marked to not be distributed and so don't show up as `gone`
       - discussed implementing metrics to check how frequently badwidth ratio causes resources to "flicker" tracked here: https://gitlab.torproject.org/tpo/anti-censorship/rdsys/-/issues/160
    This week:
        - work on implementing metrics to check on flickering resources
        - work on marking as `gone`, failing/low-bandwidth resources that are no longer distributed

       -If time (and functionality above is in place):

-   - If a bridge is `gone` due to bandwidth issues or descriptors not being published, replace them with working bridges in Lox--this will have implications for syncing with rdsys but first things first :)

-   

    


-   (long term)

-   - brainstorming grouping strategies for Lox buckets (of bridges) and gathering context on how types of bridges are distributed/use in practice.

-   Question: What makes a bridge useable for a given user, and how can we encode that to best ensure we're getting the most appropriate resources to people?

-   1. Are there some obvious grouping strategies that we can already consider?

-    e.g., by pt, by bandwidth (lower bandwidth bridges sacrified to open-invitation buckets?), by locale (to be matched with a requesting user's geoip or something?)

-   2. Does it make sense to group 3 bridges/bucket, so trusted users have access to 3 bridges (and untrusted users have access to 1)? More? Less?


Itchy Onion: 2023-04-13
    Last week:

-   - Vacation

    This week:
     - Experimenting with additional SDP tests after discussion on MR #141 (https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snowflake/-/merge_requests/141#note_2890035)
     - Learning about rdsys
     - Started working on #110 (treat unknown bridge distribution request as "none")

-   

    


hackerncoder: 2023-03-09
    last week:
    Next week:
        - getting ooni-exporter to work with torsf (snowflake)
        - ooni-exporter web_connectivity
        - work on "bridgetester"?
        - how does Iran block bridges
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.torproject.org/pipermail/tor-project/attachments/20230417/e2341892/attachment-0001.htm>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 855 bytes
Desc: OpenPGP digital signature
URL: <http://lists.torproject.org/pipermail/tor-project/attachments/20230417/e2341892/attachment-0001.sig>

More information about the tor-project mailing list