[tor-project] Anti-censorship team meeting notes, 2023-11-02

[Shelikhoo]

Hey everyone!

Here are our meeting logs:
http://meetbot.debian.net/tor-meeting/2023/tor-meeting.2023-11-02-15.57.html

And our meeting pad:

Anti-censorship work meeting pad
--------------------------------
Anti-censorship
--------------------------------

Next meeting: Thursday, Nov 2 16:00 UTC
Facilitator: shelikhoo

Weekly meetings, every Thursday at 16:00 UTC, in #tor-meeting at OFTC
(channel is logged while meetings are in progress)

This week's Facilitator: meskio


== Goal of this meeting ==

Weekly check-in about the status of anti-censorship work at Tor.
Coordinate collaboration between people/teams on anti-censorship at the
Tor Project and Tor community.


== Links to Useful documents ==

          * Our anti-censorship roadmap:
                  * 
Roadmap:https://gitlab.torproject.org/groups/tpo/anti-censorship/-/boards
          * The anti-censorship team's wiki page:
*https://gitlab.torproject.org/tpo/anti-censorship/team/-/wikis/home
          * Past meeting notes can be found at:
                  * https://lists.torproject.org/pipermail/tor-project/
          * Tickets that need reviews: from sponsors, we are working on:
                  * All needs review tickets:
*https://gitlab.torproject.org/groups/tpo/anti-censorship/-/merge_requests?scope=all&utf8=%E2%9C%93&state=opened&assignee_id=None
                  * Sponsor 96 <-- meskio, shell, onyinyang, cohosh
*https://gitlab.torproject.org/groups/tpo/-/milestones/24
                  * Sponsor 150 <-- meskio working on it
*https://gitlab.torproject.org/groups/tpo/anti-censorship/-/issues/?label_name%5B%5D=Sponsor%20150


== Announcements ==


== Discussion ==

     * Fastly to block domain fronting in February 2024 
https://lists.torproject.org/pipermail/anti-censorship-team/2023-October/000328.html
         * azure is closing domain front support next month
         * there are some alternatives to domain fronting we could use 
(ampcache or tapdance), but it might be trickier to integrate with moat
         * cohosh will investigate if cnd77, netlify or akamai are 
alternatives we could use
         * let's stress tests ampcache using it in one of our default 
bridges
         * we can add metrics to the broker to know if the clients come 
from ampcache or domain front
     * don't reject unrestricted client if there are no restricted 
proxies 
https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snowflake/-/merge_requests/187
         * we'll merge it, it should not affect our deployment
     (New: Nov 2)
     * Maybe move to use a private pad?

== Actions ==



== Interesting links ==

         * webtunnel testers call out:
                 * 
https://forum.torproject.org/t/call-for-testers-webtunnel-a-new-way-to-bypass-censorship-with-tor-browser/9855
         * blog post of the sponsor 30 code audit
                 * 
https://blog.torproject.org/security-audit-report-tor-browser-ooni/
         * New paper PTPerf: On the Performance Evaluation of Tor 
Pluggable Transports: https://dl.acm.org/doi/10.1145/3618257.3624817

== Reading group ==

         * We will discuss "On Precisely Detecting Censorship 
Circumvention in Real-World Networks" on November 9
                 * 
https://www.robgjansen.com/publications/precisedetect-ndss2024.html
                  * Questions to ask and goals to have:
                          * What aspects of the paper are questionable?
                          * Are there immediate actions we can take based
on this work?
                          * Are there long-term actions we can take based
on this work?
                          * Is there future work that we want to call out
in hopes that others will pick it up?


== Updates ==

Name:
      This week:
          - What you worked on this week.
      Next week:
          - What you are planning to work on next week.
      Help with:
               - Something you need help with.

cecylia (cohosh): 2023-11-02
     Last week:
         - continued lox integration with tor browser
             - 
https://gitlab.torproject.org/tpo/anti-censorship/lox/-/issues/34
         - Changed how proxy stats logging works
             - 
https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snowflake/-/issues/40302
         - Reviewed addition of prometheus metrics to lox
             - 
https://gitlab.torproject.org/tpo/anti-censorship/lox/-/merge_requests/63
     This week:
         - lox tor browser UX integration
         - follow up on conjure reliability issues
         - visualize and write up some snowflake shadow simulation results
     Needs help with:

dcf: 2023-11-02
     Last week:
         - snowflake CDN bookkeeping 
https://gitlab.torproject.org/tpo/anti-censorship/team/-/wikis/Snowflake-costs/diff?version_id=e7a0b706dbefe863cee1b7a5cf9281866c6d3d87
     Next week:
         - revise encapsulation.ReadData redesign to return an error in 
the case of a short buffer 
https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snowflake/-/merge_requests/154
         - open issue to have snowflake-client log whenever KCPInErrors 
is nonzero 
https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snowflake/-/issues/40262#note_2886018
             - parent: 
https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snowflake/-/issues/40267
             - open issue to disable /debug endpoint on snowflake broker
     Before EOY 2023:
         - move snowflake-02 to new VM
Help with:

meskio: 2023-10-26
     Last week:
         - test the whatsapp bot (rdsys#147)
         - investiage a failure on telegram bot, was on applications 
side (onionsproutsbot#54)
         - some lox merge request reviews (lox!62 !68)
     Next week:
         - set up staging server for rdsys (rdsys#170)

Shelikhoo: 2023-11-02
     Last Week:
                 - Work on snowflake performance 
improvement(WIP):https://gitlab.torproject.org/shelikhoo/snowflake/-/tree/dev-speedwithudp?ref_type=heads
                 - Restart broker without proxy churn measurements 
https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snowflake/-/issues/40295
                 - Merge request reviews
     Next Week/TODO:
            - Write Tor Spec for Armored URL (continue)
            - Merge request reviews

onyinyang: 2023-11-02
          Last week(s):
              - Finished up metrics
              - Added functionality to handle blocked bridges in a single
location for MVP
              - Started work on telegram distributor bot for Lox
          This week:
              - Continue work on Lox telegram bot
              - Hackweek: Docs for Lox 
https://gitlab.torproject.org/tpo/community/hackweek/-/issues/20
              - Fix flakey test if time

         (long term things were discussed at the 
meeting!):https://pad.riseup.net/p/tor-ac-community-azaleas-room-keep
                          - brainstorming grouping strategies for Lox
buckets (of bridges) and gathering context on how types of bridges are
distributed/use in practice
                          Question: What makes a bridge usable for a
given user, and how can we encode that to best ensure we're getting the
most appropriate resources to people?
                                  1. Are there some obvious grouping
strategies that we can already consider?
                                   e.g., by PT, by bandwidth (lower
bandwidth bridges sacrificed to open-invitation buckets?), by locale (to
be matched with a requesting user's geoip or something?)
                                  2. Does it make sense to group 3
bridges/bucket, so trusted users have access to 3 bridges (and untrusted
users have access to 1)? More? Less?

-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_signature
Type: application/pgp-signature
Size: 833 bytes
Desc: OpenPGP digital signature
URL: <http://lists.torproject.org/pipermail/tor-project/attachments/20231102/1b4378b8/attachment.sig>