[tor-project] Anti-censorship team meeting notes, 2023-06-01
Itchy Onion
itchyonion0518 at protonmail.com
Thu Jun 1 17:23:45 UTC 2023
Hey everyone!
Here are our meeting logs:
http://meetbot.debian.net/tor-meeting/2023/tor-meeting.2023-06-01-15.58.log.html
And our meeting pad:
------------------------------------------------------------------------------------
THIS IS A PUBLIC PAD
------------------------------------------------------------------------------------
Anti-censorship
--------------------------------
Next meeting: Thursday, June 1 16:00 UTC
Weekly meetings, every Thursday at 16:00 UTC, in #tor-meeting at OFTC
(channel is logged while meetings are in progress)
== Goal of this meeting ==
Weekly check-in about the status of anti-censorship work at Tor.
Coordinate collaboration between people/teams on anti-censorship at the Tor Project and Tor community.
== Links to Useful documents ==
Our anti-censorship roadmap:
Roadmap: https://gitlab.torproject.org/groups/tpo/anti-censorship/-/boards
The anti-censorship team's wiki page:
https://gitlab.torproject.org/tpo/anti-censorship/team/-/wikis/home
Past meeting notes can be found at:
https://lists.torproject.org/pipermail/tor-project/
Tickets that need reviews: from sponsors, we are working on:
All needs review tickets:
https://gitlab.torproject.org/groups/tpo/anti-censorship/-/merge_requests?scope=all&utf8=%E2%9C%93&state=opened&assignee_id=None
Sponsor 96 <-- meskio, shell, onyinyang, cohosh
https://gitlab.torproject.org/groups/tpo/-/milestones/24
Sponsor 139 <-- hackerncoder, irl, joydeep, meskio, emmapeel working on it
https://pad.riseup.net/p/sponsor139-meeting-pad
== Announcements ==
== Discussion ==
Report of TLS-in-DTLS detection and throttling in China that affects Snowflake
https://github.com/net4people/bbs/issues/255
Padding the first client→server send is reported to disrupt the packet size signature and avoid throttling
https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snowflake/-/issues/40251#note_2906723
https://gitlab.torproject.org/dcf/snowflake/-/commit/01ac0373a887c63a325aad7949fe53861af4d7a7
The reporter on BBS says it started happening to them (in a non-Snowflake WebRTC proxy) around 2023-05-14. We have measurements of high packet loss rates in China from 2023-03-20, at least.
https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snowflake/-/issues/40251#note_2887929
shelikhoo will run packet loss tests with the padding patch and report the results
Research about designing an armored bridge line sharing URL format
https://gitlab.torproject.org/tpo/anti-censorship/team/-/issues/126
we will not include forward error correction
shelikhoo will do a test implementation (updated, discuss again)
Update on Analysis of speed deficiency of Snowflake in China, 2023 Q1 https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snowflake/-/issues/40251#note_2883879
after a lot of research the proposed solution is to enable datagram transport on webrtc to deal with the packet loss situation
that will convert webrtc into an unreliable channel, and snowflake will add reliability with kcp
(maybe related to the first topic?)
== Actions ==
== Interesting links ==
Large oscillations in relay users in China the past 6 weeks:
https://people.torproject.org/~dcf/metrics-country.html?start=2023-03-01&end=2023-05-31&country=cn
== Reading group ==
We will discuss "" on
Questions to ask and goals to have:
What aspects of the paper are questionable?
Are there immediate actions we can take based on this work?
Are there long-term actions we can take based on this work?
Is there future work that we want to call out in hopes that others will pick it up?
== Updates ==
Name:
This week:
- What you worked on this week.
Next week:
- What you are planning to work on next week.
Help with:
- Something you need help with.
cecylia (cohosh): last updated 2023-06-01
Last week:
- revisited old snowflake shadow simulations work
- opened an issue with shadow for supporting AF_NETLINK and produced a workaround
- https://github.com/shadow/shadow/issues/2980
- updated sfnettools to work with the new verison of shadow
- opened an issue for bumping the version of rust in tor-browser-build
- worked on FOCI workshop prep
- a little bit of conjure maintenance
This week:
- tidy up and share shadow simulations guide for PTs
- Lox tor browser integration
- conjure maintenance
Needs help with:
dcf: 2023-06-01
Last week:
- commented on a second report of Avast antivirus blocking snowflake proxy connections https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snowflake-webext/-/issues/85
- commented on the latest design for unreliable data channels in snowflake https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snowflake/-/issues/40251#note_2906631
- made a patch that adds padding to attempt to work around snowflake throttling in China https://github.com/net4people/bbs/issues/255#issuecomment-1566227484 https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snowflake/-/issues/40251#note_2906723
Next week:
- open issue to have snowflake-client log whenever KCPInErrors is nonzero https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snowflake/-/issues/40262#note_2886018
- parent: https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snowflake/-/issues/40267
- open issue to disable /debug endpoint on snowflake broker
Help with:
meskio: 2023-06-01
Last week:
- fix bridgedb webtunnel implementation (rdsys#142)
- deploy rdsys, bridgestrap and bridedb with webtunnel support
- migrate missing repos from git.tpo to gitlab (team#86)
- rename obfs4 into lyrebird (lyrebird#40010)
- update BridgeDB dependencies to fix CVEs
Next week:
- add i18n support in rdsys (rdsys#11)
Shelikhoo: 2023-06-01
Last Week:
- [Merge Request Awaiting] Add SOCKS5 forward proxy support to snowflake (snowflake!64) (stalled)
- [Research] HTTPT Planning https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/httpt/-/issues/1
- Snowflake Performance Analysis (Ongoing, https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snowflake/-/issues/40251#note_2904085)
- Trying to fix vantage point (Done)
- Research about designing an armored bridge line sharing URL format (https://gitlab.torproject.org/tpo/anti-censorship/team/-/issues/126)
Next Week/TODO:
- webtunnel document for proxy operator <- immediate todo
- [Research] WebTunnel planning (Continue)
- Try to find a place to host another vantage point
- logcollector alert system
- Snowflake Performance Analysis
onyinyang: 2023-05-25
Last week:
- Added tests for Lox library and worked on doing the same for Lox distributor
- Refactored rdsys metrics changes to prevent risk of testing in deployment
- https://gitlab.torproject.org/tpo/anti-censorship/rdsys/-/merge_requests/122
- Looking into a more reasonable way of storing Lox library data structures:
- https://gitlab.torproject.org/onyinyang/lox/-/issues/2
- https://gitlab.torproject.org/onyinyang/lox/-/issues/3
- Met with Ian & Vecna (MMath student) on possible future research directions
for Lox:
- https://pad.riseup.net/p/lox-tor-stuff-keep
- Sent a follow up email to provide more info about
tooling/infrastructure that _does_ exist to inform about blocked bridges
This week:
- Still Adding tests Lox distributor
- Finish up changes to rdsys:
- metrics:
https://gitlab.torproject.org/tpo/anti-censorship/rdsys/-/merge_requests/122
- more aggressive `gone` labelling to follow that being merged
- Looking into a more reasonable way of storing Lox library data structures:
- https://gitlab.torproject.org/onyinyang/lox/-/issues/2
- https://gitlab.torproject.org/onyinyang/lox/-/issues/3
- First change the vectors in the bridge_table to maps.
(long term things were discussed at the meeting!):
https://pad.riseup.net/p/tor-ac-community-azaleas-room-keep
- brainstorming grouping strategies for Lox buckets (of bridges) and gathering context on how types of bridges are distributed/use in practice.
Question: What makes a bridge useable for a given user, and how can we encode that to best ensure we're getting the most appropriate resources to people?
1. Are there some obvious grouping strategies that we can already consider?
e.g., by pt, by bandwidth (lower bandwidth bridges sacrificed to open-invitation buckets?), by locale (to be matched with a requesting user's geoip or something?)
2. Does it make sense to group 3 bridges/bucket, so trusted users have access to 3 bridges (and untrusted users have access to 1)? More? Less?
Itchy Onion: 2023-06-01
Last week:
- Holiday
- Worked on rdsys#56 (https://gitlab.torproject.org/itchyonion/rdsys/-/tree/use-embedded-db?ref_type=heads)
- Discussed about what attributes to use to identify a single bridge (decided to use fingerprint + transport)
- Discussed about the role of the stencil package and whether we should keep using it (decided to compute bridge distribution in Kraken)
This week:
- fixed snowflake pipeline due to outdated Debian image
- continue working on rdsys#56 implementation. Still need to do the following:
- finish up computing bridge distribution in Kraken
- does it have to be deterministic?
- does the disproportion have to be strictly followed
-
- finish writing tests
- refactor code because some functions are getting extremely long
- what to do with stencil package?
hackerncoder: 2023-04-20
last week:
- (py-)ooni-exporter torsf (snowflake)
- (py-)ooni-exporter web_connectivity
Next week:
- work on "bridgetester"?
- how does Iran block bridges?
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.torproject.org/pipermail/tor-project/attachments/20230601/bd8bede9/attachment-0001.htm>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 855 bytes
Desc: OpenPGP digital signature
URL: <http://lists.torproject.org/pipermail/tor-project/attachments/20230601/bd8bede9/attachment-0001.sig>
More information about the tor-project
mailing list