[tor-project] Anti-censorship team meeting notes, 2023-06-08

meskio meskio at torproject.org
Thu Jun 8 17:24:02 UTC 2023


Hey everyone!


Here are our meeting logs:

http://meetbot.debian.net/tor-meeting/2023/tor-meeting.2023-06-08-16.02.html

And our meeting pad:

Anti-censorship
--------------------------------

Next meeting: Thursday, June 8 16:00 UTC

Weekly meetings, every Thursday at 16:00 UTC, in #tor-meeting at OFTC
(channel is logged while meetings are in progress)


== Goal of this meeting ==

Weekly check-in about the status of anti-censorship work at Tor.
Coordinate collaboration between people/teams on anti-censorship at the Tor Project and Tor community.


== Links to Useful documents ==

	* Our anti-censorship roadmap:
		* Roadmap: https://gitlab.torproject.org/groups/tpo/anti-censorship/-/boards
	* The anti-censorship team's wiki page:
		* https://gitlab.torproject.org/tpo/anti-censorship/team/-/wikis/home
	* Past meeting notes can be found at:
		* https://lists.torproject.org/pipermail/tor-project/
	* Tickets that need reviews: from sponsors, we are working on:
		* All needs review tickets:
			* https://gitlab.torproject.org/groups/tpo/anti-censorship/-/merge_requests?scope=all&utf8=%E2%9C%93&state=opened&assignee_id=None
		* Sponsor 96 <-- meskio, shell, onyinyang, cohosh
			* https://gitlab.torproject.org/groups/tpo/-/milestones/24
		* Sponsor 139 <-- hackerncoder, irl, joydeep, meskio, emmapeel working on it
			* https://pad.riseup.net/p/sponsor139-meeting-pad


== Announcements ==


== Discussion ==

>From last week:
	* Report of TLS-in-DTLS detection and throttling in China that affects Snowflake
		* https://github.com/net4people/bbs/issues/255
		* Padding the first client→server send is reported to disrupt the packet size signature and avoid throttling
			* https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snowflake/-/issues/40251#note_2906723
			* https://gitlab.torproject.org/dcf/snowflake/-/commit/01ac0373a887c63a325aad7949fe53861af4d7a7
		* The reporter on BBS says it started happening to them (in a non-Snowflake WebRTC proxy) around 2023-05-14. We have measurements of high packet loss rates in China from 2023-03-20, at least.
			* https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snowflake/-/issues/40251#note_2887929
		* shelikhoo did run packet loss tests with the padding patch but the packet loss was not pressent from our vantage point. Could be a regional problem not affecting our machine or be gone.

NEW:
	* meek-azure deprecation
		* https://gitlab.torproject.org/tpo/anti-censorship/team/-/issues/33#note_2909189

	* New snowflake tests from a vantage in China do not show signs of the high packet loss that was observed in March 2023
		* https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snowflake/-/issues/40251#note_2908665
		* This test was meant to evaluate whether it is a good idea to add some padding to change the traffic analysis features of the beginning of the connection, in order to resist possible TLS-in-DTLS detection: https://github.com/net4people/bbs/issues/255
		* The results were inconclusive because both the tests without and with padding showed the same low rate of packet loss, this time.
		* It is a good idea to proactively introduce some padding anyway?

	* Documents for bridge operators about how to run a webtunnel bridge
		* https://pad.riseup.net/p/6hiwvSWJanxml7DS299z

== Actions ==

	* 

== Interesting links ==

	* https://opencollective.com/censorship-circumvention/projects/snowflake-daily-operations/updates/2023-may-update (snowflake-01 only)


== Reading group ==

	* We will discuss "" on
		* 
		* Questions to ask and goals to have:
			* What aspects of the paper are questionable?
			* Are there immediate actions we can take based on this work?
			* Are there long-term actions we can take based on this work?
			* Is there future work that we want to call out in hopes that others will pick it up?


== Updates ==

Name:
    This week:
        - What you worked on this week.
    Next week:
        - What you are planning to work on next week.
    Help with:
	     - Something you need help with.

cecylia (cohosh): last updated 2023-06-08
Last week:
    - working on snowflake configs for shadow simulations
    - rebasing and continued work on lox client and wasm-bingen projects for tor-browser-build
This week:
    - tidy up and share shadow simulations guide for PTs
    - Lox tor browser integration
    - conjure maintenance
Needs help with:

dcf: 2023-06-08
	Last week:
		- snowflake CDN bookkeeping https://gitlab.torproject.org/tpo/anti-censorship/team/-/wikis/Snowflake-costs/diff?version_id=1a18353e270134023665aacd30267fd2ca8acc45
		- commented on the snowflake tests with and without padding in China (which did not show signs of high packet loss this time) https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snowflake/-/issues/40251#note_2909096
	Next week:
		- open issue to have snowflake-client log whenever KCPInErrors is nonzero https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snowflake/-/issues/40262#note_2886018
			- parent: https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snowflake/-/issues/40267
		- open issue to disable /debug endpoint on snowflake broker
	Help with:

meskio: 2023-06-08
   Last week:
		- fix rdsys tests (rdsys!130)
		- brainstorm on meek-azure deprecation (team#30)
		- review 'more aggresive retry for dysfunctional bridges' (rdsys!107)
   Next week:
		- add i18n support in rdsys (rdsys#11)

Shelikhoo: 2023-06-08
   Last Week:
		- [Merge Request Awaiting] Add SOCKS5 forward proxy support to snowflake (snowflake!64) (stalled)
		- [Research] HTTPT Planning https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/httpt/-/issues/1
		- Snowflake Performance Analysis (Ongoing, https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snowflake/-/issues/40251#note_2904085)
		- Research about designing an armored bridge line sharing URL format (https://gitlab.torproject.org/tpo/anti-censorship/team/-/issues/126)
		- Webtunnel Document for bridge opertaors(container setup)
   Next Week/TODO:
		- webtunnel document for proxy operator <- immediate todo
		- [Research] WebTunnel planning (Continue)
		- Try to find a place to host another vantage point
		- logcollector alert system
		- Snowflake Performance Analysis

onyinyang: 2023-06-08
	Last week:
		- Moved Lox group to a rust workspace, now everything is at: https://gitlab.torproject.org/tpo/anti-censorship/lox-rs
		- Still Adding tests Lox distributor
		- Finished up changes to rdsys:
            - more aggressive `gone` labelling: This still needs some tweaks!
	This week:
		- with the new workspace in place, lox-distributor tests are moving along
		- reorganization of things within lox-rs (i.e., moving helper files etc. into lox_utils, adding documentation, pipelines, etc.)
		- tweak the `gone` resources from rdsys so that the lox-distributor can handle them appropriately
		- Look into a more reasonable way of storing Lox library data structures:
		         - https://gitlab.torproject.org/onyinyang/lox/-/issues/2
             - https://gitlab.torproject.org/onyinyang/lox/-/issues/3
             - First change the vectors in the bridge_table to maps.
         
    (long term things were discussed at the meeting!):
	     https://pad.riseup.net/p/tor-ac-community-azaleas-room-keep
			- brainstorming grouping strategies for Lox buckets (of bridges) and gathering context on how types of bridges are distributed/use in practice.
			Question: What makes a bridge useable for a given user, and how can we encode that to best ensure we're getting the most appropriate resources to people?
				1. Are there some obvious grouping strategies that we can already consider?
				 e.g., by pt, by bandwidth (lower bandwidth bridges sacrificed to open-invitation buckets?), by locale (to be matched with a requesting user's geoip or something?)
				2. Does it make sense to group 3 bridges/bucket, so trusted users have access to 3 bridges (and untrusted users have access to 1)? More? Less?

Itchy Onion: 2023-06-08
    Last week:
    - fixed snowflake pipeline due to outdated Debian image
    - continue working on rdsys#56 implementation. Still need to do the following:
	    - finish up computing bridge distribution in Kraken
			 - does it have to be deterministic?
			 - does the disproportion have to be strictly followed
		 - finish writing tests
		 - refactor code because some functions are getting extremely long
		 - what to do with stencil package?
    This week:
    - review MRs
    - continue working on rdsys#56 implementation. Still need to do the following:
		- fixed a problem with vanilla bridges not being added properly to the database
		- still working on tests
		- adding a migaration patch (https://gitlab.torproject.org/tpo/anti-censorship/rdsys/-/issues/56#note_2908572)

hackerncoder: 2023-04-20
    last week:
        - (py-)ooni-exporter torsf (snowflake)
        - (py-)ooni-exporter web_connectivity
    Next week:
       - work on "bridgetester"?
       - how does Iran block bridges?


-- 
meskio | https://meskio.net/
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
 My contact info: https://meskio.net/crypto.txt
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
Nos vamos a Croatan.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: signature
URL: <http://lists.torproject.org/pipermail/tor-project/attachments/20230608/928bd1a9/attachment.sig>


More information about the tor-project mailing list