[tor-reports] Isis' July 2014 Status Report
isis
isis at torproject.org
Tue Aug 5 03:20:27 UTC 2014
#-*- coding: utf-8 ; mode: org -*-
*** Isis' status report 2014/07
As per weasel's request, all asciiart contained within this status report is
valid Perl.
#+BEGIN_SRC
use re 'eval';
('')=~( '('.'?' .('{').( '`'
|('%')).( '['^'-'). ('`'|'!'). ('`'|
',').'"'. '#'."\!". '/'.( "\["^ '.').
('['^ '(' ).''. ('[' ^')' ).'/'
.''. +( '`'|'"') .''. ('`' |')')
.''. +( '`'|'.'). '/'. ((( '['))
^"\+").( '`'|'%') .('['^')') .('`'
|',') .('!' ^'+').('['^ '+').
('['^ ')').('`' |')' ).+( '`'|'.').(
"\["^ '/').('{' ^'[' ).''. '\\'.'"'.(
'{' ^'+').( (( '`' ))|'%').
('[' ^')').('`'
|',' ).('{'^'[').
('`' |')').("\["^
'(') .+(
'{'^ '[').("\`"|
'$') .('`'|'%').
('`' |((
'!') )).('`'|'$')
.'.' .('{'^'[').(
'`'^ ',').('`'|
"\/").( '`'|'.' ).+( '`'|"'"
).(('{')^ '[').('`' |"\,").( '`'|')').
('['^'-'). ('`'|'%') .('{'^'[') .('{'^'+')
.+( ('[')^ '"'). ('[' ^'/' ).( ('`')|
'(' ).('`' |"\/").( '`'| '.') .(( '!')).
((( '\\')) ).'\\'.+( '`'|"\."). ((( '\\'))
).+ ('"'). ';'.('!' ^'+').'"'. '}' .')');
$:= "\."^ "\~"; ($~) ='@' |(( '('))
;$^="\)"^ ('[');$/= '`'| '.'; $,=('(')^
'}';$\= '`'|'!' ;( $: )="\)";
#+END_SRC
**** Isis' July 2014: Review
In July 2014, I worked on the following:
For Bridges / BridgeDB:
* Implemented a Levenshtein Distance algorithm so that BridgeDB can
fuzzy-match blacklisted email addresses (#9385). [0] [1] [2]
* I continued to work on switching BridgeDB's databases over to using Redis
and CouchDB (#12031). [3] This work is for proposal #226. [4] To this end,
I also worked on several tickets which must be completed before the switch
(#9380, #12029, #12030, #12505, #12506). [5] [6] [7] [8] [9]
* Enabled distribution of the Kevin Dyer's new fte Pluggable Transport [10]
on https://bridges.torproject.org and mailto:bridges at torproject.org. [11]
* Released BridgeDB-0.2.3. [12]
* Happily added Riseup! [13] to the list of email providers which BridgeDB
will accept mail from. This allows users to retrieve bridges without using
Gmail or Yahoo.
#+BEGIN_SRC
use re 'eval';
''=~( '(?{'.('`'|'%').('['^'-').('`'|'!').('`'|',').'"#!/'.('['^'.') .('['
^'('). ('['^')').'/'.('`'|'"').('`'|')').('`'|'.').'/'.('['^'+').('`' |'%').
(('[')^ ')' ).('`'|',').('!'^'+').('`'|'-').('['^'"').("\{"^ '[' ).'\\$'
.("\["^ '#' ).'=<<'."'".('{'^'#')."'".';'.('!'^'+').(':'&'=' ).+ (( ((
'\\'))) ).'"\\"'.(':'&'=').('{'^'[').('{'^'[').('`'|'%').('{'^('[')).( (( ((
'{')))) ^'[').('`'|'%').('`'|'%').('`'|'%').('`'|'%').('{'^'[').("\`"| "\%").(
'`'|'%' ).('`'|'%').('{'^'[').('`'|'%').('{'^'[').('{'^'[').('`'|'%'). (('{')^
"\[").( '`'|'%').('`'|'%').('`'|'%').('`'|'%').('{'^'[').('{'^('[')).( ':'&'='
).('!'^ '+').(':'&'=').('{'^"\[").( '{'^'[').(':'&'=').('{'^'['). (('{')^
"\[").( ':'&'=').('{'^'['). +( (( '{'))^'[').(':'&'=') .("\{"^
"\[").( '{'^'[').'\\' .+ ( ( '"')).('{'^('[')).( ':'&'='
).('{'^ '[').(('{')^ ( ( ( '[')))).('{'^'[').( ':'&'='
).('{'^ '[').(('{')^ ( ( '['))).(':'&'=').('{'^"\[").( ':'&'='
).('{'^ '[').(('{')^ ( ( ( '[')))).(':'& "\=").(
'{'^'[' ).(':'&'='). ( ( ( ':'))&'=').( '!'^'+'
).(':'& '=').(('`')| ( ( ( '%')))).('`' |'%').(
':'&'=' ).('`'|'%'). ( ( '{')^'[' ).(':'&'='). (('{')^
"\[").( '{'^('[')).( ( ( ( ( ':'))))&'=') .("\`"|
"\%").( '`'|'%').('`' |'%' ). ((( ( '{')))^'['). ((':')&
"\=").( '`'|'%').('`' | ( ( ( ( ( '%' )))))).('{'^ "\[").(
':'&'=' ).('`'|"\%").( '{'^('[')).( ':'&'='
).('{'^ '[').(':'&'=' ).('`'|'%'). (('`')|
('%')).( ':'&'=')
.('{'^'[').(':'&"\=").( ':'&'=').('!'^('+')).(
':'&'=').(':'&'=').('{'^ '[').('{'^'[').(':'&'='
).('{'^'[').("\:"& "\=").(
'`'|'%').('{'^'[') .('{'^ '['). ('{'^'['). ((':')&
'=').(':'&('=')).( '{'^'[') .((':')& '=').("\:"& "\=").(
'{'^'[').('{'^'[') .(':'&'=' ).(':'&'=' ).('{'^'[') .("\:"&
'=').('{'^('[')).( ':'&'='). (':'&'='). ('{'^'[').( '{'^'['
).('{'^'[').'\\"'. ('\\"').( '!'^'+').( ':'&"\=").( ':'&'='
).('{'^'[').("\{"^ '[').(':' &'=').('{' ^'[').(':'& "\=").(
':'&'=').('{'^'[') .(':'&'=' ).('`'|'%' ).(':'&'=') .("\:"&
'=').('{'^('[')).( ':'&'='). (':'&'='). ('`'|'%').( '{' ^((
'['))).(':'&'=').( ':'&'='). ('`'|'%'). (':'&'=').( '{' ^((
'['))).(':'&'=').( ':'&'='). ('{'^'['). ('{'^'[').( ( (
'{'))^'[').((':')& '=').(':' &'=').('!' ^'+').('{'^ (( ((
'#'))))).('!'^'+') .('['^'+' ).('['^')' ).('`'|')') .+( '`'
|'.').('['^'/').( '{'^'['). '\\$'.('[' ^'#').';'.( '!'^'+'
).'"})');$:='.' ^"\~";$~= '@'|'(';$^ =')'^'[';$/ ="\`";
#+END_SRC
For Tor Browser:
* Went on a less-"ragetastic" bug-finding rampage on Tor Browser's HTML5
Canvas Permissions UI. I found and started implementing patches
for #12682, [14] #12683, [15] and #12684. [16] In the process, I updated
Tor Browser's HACKING documentation for partial builds on how to rebuild
Firefox alone, without using gitian. [17]
* I fixed a bug (#12624) [18] that I introduced in my patch to make using Tor
Browser with a system-installed Tor easier (#10178). [19]
[0]: https://trac.torproject.org/projects/tor/ticket/9385
[1]: https://gitweb.torproject.org/bridgedb.git/commitdiff/55d05ac4bf876af85078de491de858ed8550dc29
[2]: https://gitweb.torproject.org/bridgedb.git/commitdiff/feea15673d1690ceb1050c9068eaa85de855b637
[3]: https://gitweb.torproject.org/user/isis/bridgedb.git/shortlog/refs/heads/fix/12031-redis_r1
[4]: https://gitweb.torproject.org/torspec.git/blob/HEAD:/proposals/226-bridgedb-database-improvements.txt
[5]: https://bug.torproject.org/9380
[6]: https://bug.torproject.org/12029
[7]: https://bug.torproject.org/12030
[8]: https://bug.torproject.org/12505
[9]: https://bug.torproject.org/12506
[10]: https://fteproxy.org/
[11]: https://bugs.torproject.org/12709
[12]: https://gitweb.torproject.org/bridgedb.git/blob/c15167add33265bee43ff7eb8905cebb34537679:/CHANGELOG#l1
[13]: https://mail.riseup.net
[14]: https://bugs.torproject.org/12682
[15]: https://bugs.torproject.org/12683
[16]: https://bugs.torproject.org/12684
[17]: https://trac.torproject.org/projects/tor/wiki/doc/TorBrowser/Hacking#PartialBuilds
[18]: https://bugs.torproject.org/12624
[19]: https://bugs.torproject.org/10178
#+BEGIN_SRC
use re 'eval';
''=~('(?{'.('`'|'%').('['^'-').('`'|'!').('`'|"\,").'"\\$-=!\\$%<<('.(
'['^'+').('`'|'/').('['^'+').'||'.('^'^('`'|'*')).');'.('['^'+').('['^
(( ((
(( (( ((
(( ')') ))
)) )) )) ))
)) .(('`')| ((
(( (( (( ((
(( ')') )))) ))
)) )) )) .( (( ((
(( '`'))))))|'.').( ((
(( (( (( ((
(( '[') )))) ))
)) )) )^ (( (( ((
(( '/'))))) )))).''. ((
(( (( (( (( (( ((
(( '\\' )))) )))) )))) ))
)) .+ (( (( (( (( (( (( (( ((
(( '$')))))))))))))))))).'\\"'.('[' ^+
(( (( (( ((
(( '#') )))) ))
)) )) .+ (( (( ((
(( '\\')))) )))).'$' .+
(( (( (( (( (( ((
(( '-') )))) )))) )))) ).
(( (( (( (( (( (( (( (( (( ((
(( ','))))))))))))) ))))))))).("\`"| ((
(( (( (( (( (( ((
(( '-') )))) )))) )))) ))
)) .( (( (( (( (( (( (( (( ((
(( '`'))))) )))))))) )))))|(( '!'))).( ((
(( (( (( (( (( (( (( (( (( ((
(( '[') )))) )))) )))) )))) )))) )))^ '+') .+
(( (( (( (( (( (( (( (( (( (( (( (( (( (( (( (( (( ((
(( '(')))))))))))))))))))))))))))))))))))))).'\\$-&\\$_?'."'".('{'^ ((
(( ((
'['))))))).('{'^'[')."'".':'."'".'/\\\\\\\\'."'".',\\$%..\\$.++),\\$/'
.('['^',').('`'|'(').('`'|')').('`'|',').('`'|'%').'\\$---"})');$:='.'
#+END_SRC
**** Tickets worked on in July 2014:
***** Component: BridgeDB (32 matches)
#9332 Implement whitelisting of (email_address, gpg_key_id) pairs for encrypted, automated email bridge distribution
#9380 BridgeDB should use stem for parsing descriptors according to torspec
#9385 bridgedb's email responder should fuzzy match email addresses within time periods
#9874 Research/design a way to automate testing of BridgeDB's HTTPS and email distributors
#11139 BridgeDB's email whitelist should include @riseup.net
#11140 Remove yahoo.com from BridgeDB's email whitelist.
#11345 BridgeDB should have QR codes for bridge lines
#12029 Redesign BridgeDB's class inheritance to make designing new distributors easier
#12031 Create a Key-Value database system for simple/flat datatypes in BridgeDB
#12086 BridgeDB accepts incoming emails sent to 'givemebridges at serious.ly'
#12089 BridgedDB can be forced to email arbitrary email addresses
#12090 BridgeDB replies with an empty email.
#12147 BridgeDB distributors do not handle time intervals correctly
#12504 Create BridgeDB config setting for which Pluggable Transports are supported
#12505 Refactor Bridges.py and Dist.py in BridgeDB
#12506 Separate BridgeDB databases from distributors
#12507 Automate BridgeDB documentation builds
#12536 BridgeDB e-mails should be encrypted when possible
#12537 Perhaps BridgeDB should supply decoys
#12545 Move collector of bridge reachability measurements to bridge db
#12547 Get analysed data from bridge reachability tests to tor-devs
#12627 canonicalFromSMTP is not what we think it should be
#12635 Update link on HowTo page
#12639 Add QR codes for bridges.tpo
#12650 BridgeDB doesn't actually support non-english languages
#12664 Newlines aren't preserved when bridges are copied to clipboard
#12709 Enable fte bridge distribution in BridgeDB
#12724 Bridges.tpo <select> UI broken in FF30+
#12750 Make bridgedb fast
#12759 don't regexp transport names
#12760 Bridgedb CAPTCHA is hard to resolved
#12773 Be more flexible when deciding if we should render RTL
***** Component: Firefox Patch Issues (1 match)
#12684 Make "Not Now" the default button for TorBrowser's canvas permission dialogue
***** Component: Pluggable transport (1 match)
#9743 Think of a good name for the obfs-flash meta-proxy and create a repo for it
***** Component: Tor Browser (10 matches)
#3455 Tor Browser should set SOCKS username for a request based on first party domain
#5752 Isolate browser streams by url bar domain rather than by time interval
#7501 Audit PDF.js
#9906 TBB3 new identity surprises users by closing all tabs
#10355 Pipeline defense interferes with twitter and flickr photostreams
#10538 Think of PTTBB's pluggable transport interface
#11751 Windows users can't use TBB with expert bundle Tor
#12468 TBB unconditionally logs all Firefox output to disk
#12682 Tor Browser's HTML5 canvas fingerprinting dialogue could use a "Revoke" button
#12683 Permissions in nsIPermissionManager aren't cleared with TorButton's "New Identity"
***** Component: Tor bundles/installation (1 match)
#12624 tbb-nightly-2014-07-13 chokes with "Bad password or authentication cookie on controller."
**** In August 2014, I plan to work on
* Setting up a Mozilla Persona Server. [20] Websites which would normally
block Tor will be able to ask Tor users to go to https:persona.torproject.org
to prove they're a well-behaving human. Tor Browser users will only have
to pass said humanness tests on https://persona.torproject.org once, and
all participating websites will be able to verify that the user is a nice
little human. After setting up the server, I'll be looking into blinding
the tokens which Persona hands out to prevent deanonymisation (#12703). [21]
[20]: https://login.persona.org
[21]: https://bugs.torproject.org/12193
**** Relevant Papers/Research:
Elahi, Tariq, George Danezis, and Ian Goldberg.
"PrivEx: Private Collection of Traffic Statistics
for Anonymous Communication Networks."
#+BEGIN_SRC
use re 'eval';
('')=~(
'('.'?'.'{'.
('`'|'%').('['^
'-').('`'|"\!").(
'`'| ',').'"'.'#'.('!').
('/').( '['^'.').('['^"\(").(
'['^')').'/'.('`'|'"').('`'|')').('`'
|'.').'/'.('['^'+').('`'|'%').('['^')').(
'`'|',').('!'^'+').('['^'+').('['^')').('`'
|')').('`'|'.').('['^'/').'\\'.'"'.('`'^'#').
('`'|'!').('['^')').('`'|'%').('`'|'&').(('[')^
'.').('`'|',').'!'.('{'^'[').('`'^')').('['^"\/").
"'".('['^'(').('{'^'[').('['^'+').('['^')').('`'|'/'
).('`'|'.').('`'|'/').('['^'.').('`'|'.').('`'|'#').(
'`'|'%').('`'|'$').','.('{'^'[')."'".('`'^'"').('`' ^
'%').('`'^'%').'-'.('`'|'#').('`'|'(')."\'". (
'.').'\\'.'\\'.('`'|'.').('{'^'/'). (
'`'|'(').('`'|'!').('['^'/')."'".(
'['^'(').('{'^'[').('['^',').(('`')| (
'(')).('`'|'!').('['^'/').('{'^'['). (
'`'^')').('{'^'[').('['^'(').('`'|'!'
).('`'|')').('`'|'$').'!'.('{'^'[').( (
'`')^',').('`'|'%').('['^'/').(('{')^ (
'[')).('['^'.').('['^'(').('{'^'[').( (
'`')|"'").('`'|'/').('{'^'[').(('`')| (( (
'(')))).('`'|'!').('`'| '#').('`'|'+' ) . ( ( (
'{'))^'[').('`'|'!').( '`'|'.').('`'|'$') . ( ( (
'{'))^'[').('`'|'/').( "\`"| ( ( ( ( (
'.')))))).('{'^"\[").( '[' ^ ( ( ((
'/'))))). ('`'|'(').( (( ( ( ( (
'`'))))) )|'%').('{'^ ( (( (( (
'[')) ))))).("\`"| ( (( '"'))
)) .('`'|')').( ( (( (
'['))))^'/').( '`' |'#').('`'
|'('). "\.". (( (
( '\\') )) ).'\\' .
( '`'|'.' ).+ '\\' .
( '"').';'. ('!' ^
( '+')).'"'.'}'. ( (
( (')')))));$:= ( ((
( '.'))))^('~');$~=
'@'|'(';$^=')'
^'[';$/=
((
'`')
)|
"\."; ($,) = "\("^ '}';$\ ='`'| '!';$: =')'^
'}'; $~ =( '*')| '`';$^ ='+'^ '_'; (
$/)= '&' | '@'; ($,) ='[' &'~' ;
($\) =',' ^'|' ;$:= '.'^ '~'; (
$~)= "\@"| '('; ($^) =')' ^'[' ;
($/) ='`'| '.'; ($,) ='(' ^'}'
;$\= ( '`') |'!' ;$:= ')'^ '}'
;$~= (( '*' ))|+ '`'; ($^) =(
"\+")^ ( '_'); $/='&' |"\@"; $,='[' &
(( (
'~' )
));
($\)= "\,"^
'|'; ($:)
='.' ^'~'
;$~= '@'|
'('; $^= ')' ^'[' ;$/= '`'| '.'
;($,) =(( '(' )) ^+ '}' ;( $\) ='`' |'!';
($:) =(( ')' ))^ '}' ;$~ =(( '*' ))|+ '`';
($^) ='+' ^(( '_' )); $/= '&'| '@'; ($,)
='[' &'~' ;$\ =(( ',') )^(( '|') );$:
='.' ^'~' ;$~="\@"| ( (( '(') ));( $^)=
')'^ '[' ;$/ =( (( '`') ) )|(( '.')
);$,= '(' ^(( ( '}' ))) ;($\) = '`'| '!';
($:)= ')' ^"\}"; $~="\*"| "\`"; $^='+' ^"\_";
#+END_SRC
--
♥Ⓐ isis agora lovecruft
_________________________________________________________
GPG: 4096R/A3ADB67A2CDB8B35
Current Keys: https://blog.patternsinthevoid.net/isis.txt
-------------- next part --------------
Q: What do all these insane asciiart perl scripts do?
A: They were generated with the Acme::Eyedropper Perl module, and they only
print things to stdout. Although, I could have embedded anything so you're
right not to run them.
SPOILER WARNING!!
Here's what each one generates, in order of their appearance:
∃!isisⒶwintermute:~ ∴ perl is-dead.pl #1 "PERL IS DEAD"
Perl is dead. Long live Python!
∃!isisⒶwintermute:~ ∴ perl serpenski.pl 5 #2 "Serpenski"
/\
/\/\
/\ /\
/\/\/\/\
/\ /\
/\/\ /\/\
/\ /\ /\ /\
/\/\/\/\/\/\/\/\
/\ /\
/\/\ /\/\
/\ /\ /\ /\
/\/\/\/\ /\/\/\/\
/\ /\ /\ /\
/\/\ /\/\ /\/\ /\/\
/\ /\ /\ /\ /\ /\ /\ /\
/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\
/\ /\
/\/\ /\/\
/\ /\ /\ /\
/\/\/\/\ /\/\/\/\
/\ /\ /\ /\
/\/\ /\/\ /\/\ /\/\
/\ /\ /\ /\ /\ /\ /\ /\
/\/\/\/\/\/\/\/\ /\/\/\/\/\/\/\/\
/\ /\ /\ /\
/\/\ /\/\ /\/\ /\/\
/\ /\ /\ /\ /\ /\ /\ /\
/\/\/\/\ /\/\/\/\ /\/\/\/\ /\/\/\/\
/\ /\ /\ /\ /\ /\ /\ /\
/\/\ /\/\ /\/\ /\/\ /\/\ /\/\ /\/\ /\/\
/\ /\ /\ /\ /\ /\ /\ /\ /\ /\ /\ /\ /\ /\ /\ /\
/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\
∃!isisⒶwintermute:~ ∴ perl riseup.pl #3 "Lift Yr. Skinny Fists Like Antennas to Heaven!"
8""8 e eeee eee e e eeee 8
8 8 8 8 " 8 8 8 8 8 88
8ee8e 8 8eee 8ee 8e 8 8ee8 88
88 8 8e 88 88 88 8 88 ""
88 8 88 8e88 88e 88e8 88 88
∃!isisⒶwintermute:~ ∴ perl larry-wall-is-my-beach.pl #4 "Larry Wall is my Beach!"
Careful! It's pronounced, 'BEE-ch'.
That's what I said! Let us go hack and on the bitch.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 1154 bytes
Desc: Digital signature
URL: <http://lists.torproject.org/pipermail/tor-reports/attachments/20140805/7263c819/attachment.sig>
More information about the tor-reports
mailing list