tor-project August 2020

tor-project@lists.torproject.org

6 participants
13 discussions

Tor's Bug Smash Fund: Fundraising Campaign
by Al Smith 17 Sep '20

17 Sep '20

Hello Tor! Today, the Tor Project is launching our second annual Bug Smash Fund,[1] a month-long fundraising campaign (7/31 - 8/31). The goal of the Bug Smash Fund campaign is to raise unrestricted funds that we allocate to finding and fixing bugs / doing maintenance / and addressing issues that aren’t flashy or exciting for most funders, but totally necessary for the health of Tor and all of the third party apps that rely on Tor to provide privacy, security, and anonymity to their users. Unrestricted funding, like what we’re raising for the Bug Smash Fund, is key for the Tor Project to improve our agility and stop relying on the slow, piecemeal process of grant funding in order to accomplish our goals and respond to emergent issues. Last year during our first Bug Smash Fund campaign, we raised $86,081 that we used to close 74 tickets.[2] In 2019, we were able to allocate all of the donations we raised in-person at DEF CON to the Bug Smash Fund. That was about $40,000. As we all know, this year is different, and it will be a big stretch to meet or exceed the amount we raised last year without this event. So your help to amplify this campaign could really help make this campaign a success. How to help: -- Tweet about the Bug Smash Fund using the #TorBugSmash and a link to our launch blog post. Here are some suggested posts.[3] -- Quote tweet @torproject posts about the Bug Smash Fund with your own take about why unrestricted funds are so important for the health of Tor. -- Forward this email to those who might be able to amplify the campaign. Activities in August to support the Bug Smash Fund campaign: -- Hosting a second PrivChat event featuring stories about smashing bugs in software development on (date tbd) -- Sharing regularly on social media and engaging our friends to amplify the campaign -- Sending two emails to previous donors who have not made a donation in the last 90 days -- Promoting a new cryptocurrency campaign on Blockchair: https://blockchair.com/donut/tor-project If you have any questions about or ideas for the Bug Smash Fund campaign, please email me or Isabela or grants(a)torproject.org, we would be happy to talk about it. Happy Friday, Al [1] https://blog.torproject.org/tor-bug-smash-fund-2020 [2] https://blog.torproject.org/tor-bug-smash-fund-2019-final-update [3] https://pad.riseup.net/p/OiWVPFGPw7I9vnX7MnN2 -- Al Smith (they/them) Fundraising • Communications The Tor Project

1 2

User experience team monthly meeting on September 1st
by Antonela Debiasi 28 Aug '20

28 Aug '20

Hi! We will be having the User Experience team meeting on September 1st in #tor-meeting on OFTC.[*] I'll share the key highlights around Babatunde's ICFP report: "Understanding the use of tools during Internet censorship in Africa: Cameroon, Nigeria, Uganda, and Zimbabwe as case studies." Also, we will have some space for an open floor so feel free to list yourself in the pad. https://pad.riseup.net/p/1D8sK8Zy74b_0qclC97I-ux-team-monthly-2020-keep Remember, the User Experience team meetings are willing to cultivate an open space for discussions around ethical user research, user interface design, and user experience, meanwhile building privacy-enhancing products. I hope to see you around! Peace and love, A [*] https://gitlab.torproject.org/tpo/ux/team/-/wikis/home -- Antonela Debiasi UX Team Lead torproject.org @antonela E2330A6D1EB5A0C8

1 0

You're invited: Tor's PrivChat | Friday 8/28 @ 17:00 UTC
by Al Smith 27 Aug '20

27 Aug '20

Hello Tor, The Tor Project's second edition of PrivChat (https://torproject.org/privchat) is taking place next Friday, August 28, and you're invited. PrivChat is a fundraising event series held to raise donations for the Tor Project. Through PrivChat, we bring you important information related to what is happening in tech, human rights, and internet freedom by convening experts for a chat with our community. *What: *PrivChat | The Good, the Bad, and the Ugly of Censorship Circumvention *When: *August 28 @ 1:00pm Eastern, 10:00am Pacific, 17:00 UTC *Where:* The Tor Project's YouTube channel (https://www.youtube.com/watch?v=aOOChyMCZH4)   *// The Good, the Bad, and the Ugly of Censorship Circumvention //* Every year, internet censorship increases globally. From network level blocking to nation-wide internet blackouts, governments and private companies have powerful tools to restrict information and stop connection between people. Many people, groups, and organizations are doing innovative work to study, measure, and fight back against internet censorship--and they are helping millions of people connect more regularly and safely to the internet. Despite these successes, we're faced with well-funded adversaries that have billions of dollars to spend on censorship mechanisms, and the arms race is ongoing. The second edition of PrivChat with Tor will be about the Good, the Bad and the Ugly that is happening in the front lines of censorship circumvention. In a world where censorship technology is increasingly sophisticated and bought and sold between nations, so is our creativity to measure it and build tools to bypass it, as well as the willingness of people to fight back. But is it enough? What are the barriers facing the people and organizations fighting for internet freedom? *// Host //* Cory Doctorow Electronic Frontier Foundation, MIT *// **Participants**//* Felicia Anthonio Campaigner, #KeepItOn Lead at Access Now Vrinda Bhandari Of Counsel - Litigation, Internet Freedom Foundation Cecylia Bocovich Developer, The Tor Project Arturo Filastò Project Lead & Engineer, OONI *PrivChat is free to attend.* If you get value out of these events and you like Tor, please consider becoming a monthly donor. Reliable, predictable support is the best way to ensure Tor remains strong and stable. Our goal with PrivChat is to build a two-way support system. You will get access to information from leading minds thinking about and working on privacy, technology, and human rights. And the Tor Project will be more agile in our development as a result of your support, allowing us to respond more rapidly to increasing surveillance and censorship threats (and host more PrivChats)! Cheers, Al -- Al Smith (they/them) Fundraising • Communications The Tor Project

1 1

Anti-censorship meeting notes, 27 Aug 2020
by Philipp Winter 27 Aug '20

27 Aug '20

Hi all, Here are our meeting minutes: http://meetbot.debian.net/tor-meeting/2020/tor-meeting.2020-08-27-16.00.html And here is our meeting pad: Anti-censorship work meeting pad -------------------------------- Next meeting: Thursday August 27th 16:00 UTC Weekly meetings, every Thursday at 16:00 UTC, in #tor-meeting at OFTC (channel is logged while meetings are in progress). == Goal of this meeting == Weekly checkin about the status of anti-censorship work at Tor. Coordinate collaboration between people/teams on anti-censorship at Tor. == Links to Useful documents == * Our anti-censorship roadmap: * Roadmap: https://gitlab.torproject.org/groups/tpo/anti-censorship/-/boards * The anti-censorship team's wiki page: * https://gitlab.torproject.org/tpo/anti-censorship/team/-/wikis/home * Past meeting notes can be found at: * https://lists.torproject.org/pipermail/tor-project/ * Tickets that need reviews: from sponsors we are working on: * All needs review tickets: https://gitlab.torproject.org/groups/tpo/anti-censorship/-/merge_requests?s… * Sponsor 30 * https://gitlab.torproject.org/groups/tpo/-/milestones/4 * https://gitlab.torproject.org/groups/tpo/-/milestones/7 * https://gitlab.torproject.org/groups/tpo/-/milestones/5 * https://gitlab.torproject.org/groups/tpo/-/milestones/6 * Sponsor 28 * must-do tickets: https://gitlab.torproject.org/groups/tpo/-/milestones/10 * possible tickets: https://gitlab.torproject.org/groups/tpo/-/issues?scope=all&utf8=%E2%9C%93&… * Anti-censorship related tickets that we want other teams to fix: * https://pad.riseup.net/p/tor-anti-censorship-tickets-keep <-- it will be moved into gitlab with TPO labels * Public bug-reporting pad: * https://pad.riseup.net/p/tor-anti-censorship-bugs-keep == Announcements == * Snowflake CDN cost was $0.01 in July, same as in June. Started a table of costs. * https://gitlab.torproject.org/tpo/anti-censorship/team/-/wikis/Snowflake-co… == Discussion == * The deadline for the next stable version of Tor Browser is early September * Babatunde's research - Peer Reviews? * There's a report in the anonymous bug report pad, a failure to bootstrap Snowflake on Android https://pad.riseup.net/p/tor-anti-censorship-bugs-keep == Actions == * == Interesting links == * https://www.torproject.org/privchat/ 2020-08-28 17:00 UTC "the Good, the Bad, and the Ugly of Censorship Circumvention" == Reading group == * We will discuss "Turbo Tunnel" on Aug 20 Aug 27 * PDF: https://www.bamsoftware.com/papers/turbotunnel/turbotunnel.pdf * Web version: https://www.bamsoftware.com/papers/turbotunnel/ * Questions to ask and goals to have: * What aspects of the paper are questionable? * Are there immediate actions we can take based on this work? * Are there long-term actions we can take based on this work? * Is there future work that we want to call out, in hopes that others will pick it up? == Updates == Name: This week: - What you worked on this week. Next week: - What you are planning to work on next week. Help with: - Something you need help with. phw: This week (2020-08-27): * Experimented with a streaming interface between our new BridgeDB and its distributors. * Attended a meeting with TunnelBear. * Onionperf & exitmap work. * Wrapped up blog post on challenges, priorities, and progress in our work. Next week: * Help with: * cecylia (cohosh): last updated 2020-08-27 Last week: - deployed snowflake#40008 - started snowflake measurements in china to track performance and censorship attempts (snowflake#32657) - continuous monitoring of NAT situation - prep for being away next month - meeting with tunnel bear This week: - Away Needs help with: - still need a review of fix for snowflake#21314 (snowflake!9) juggy : This week: - Got very basic "suggested readings" list up and running here : https://jugheadjones10.github.io/anti-censorship-reading/ Next week: - Keep studying BridgeDB to write architectural overview Help with: - Open issues here (https://github.com/jugheadjones10/anti-censorship-reading ) for papers/resources/readings that you think might be useful for newcomers arlolra: 2020-06-11 Last week: - Next week: - follow ups to #33365 - start on #31201 Help with: - dcf: 2020-08-27 Last week: - started a discussion on where to move the metrics timeline https://lists.torproject.org/pipermail/metrics-team/2020-August/001155.html - did Azure CDN bookkeeping - tried again to figure out sharing access for #30510 - made a patch to add licenses of kcp-go and smux https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/issues/4… - archived snowflake-webextension-0.4.1 Next week: - review snowflake client inactivity https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… - populate the new metrics timeline repo https://gitlab.torproject.org/tpo/metrics/timeline Help with: Antonela: 2020-08-27 This week: - Wrapping Babatunde's research on the use of circumvention tools during internet censorship in Africa. Wrapping Personas for s30 with it. For september: - We are planning interviews with users in China to run our bridges discovery issues script in real time. We discussed to include TBA + snowflake as a task for users to run over a week or two and report back. https://gitlab.torproject.org/tpo/ux/research/-/issues/4 - I still have bridges.tpo to lektor issue open - More work on UX/UI for TB 10.0/10.5 - Review Salmon related tickets (im late with it!) agix:2020-08-27 Last week: -Nothing to add for last week Next week: - Help with: - hanneloresx: 2020-08-27 Last week: Reviewed and translated blog post on challenges, priorities, and progress in Tor anti-censorship Next week: - Start on #33727 - Continue investigating and respond to comments on #32117 Help with: - thymbahutymba: 2020-04-02 Last week: - CI/CD pipeline for multiarch docker images, which has a problem with the apt tor version even though the apt repository have been changed into the Dockerfile. Next week: Help with: HashikD: 2020-08-27 This week: - GSoC blog Next week: - Away on exams Help with: -

1 0

OONI Monthly Report: July 2020
by Maria Xynou 27 Aug '20

27 Aug '20

Hello, Throughout July 2020, the OONI team worked on the following sprints: * Sprint 16 - Neon (1st July 2020 - 5th July 2020) * Sprint 17 - Θέτις (6th July 2020 - 19th July 2020) * Sprint 18 - Colomber (20th July 2020 - 31st July 2020) Our work can be tracked through the various OONI GitHub repositories: https://github.com/ooni Highlights are shared in this report below. ## OONI Probe mobile app In July 2020 we released: * OONI Probe Mobile 2.5.1 on Android (https://github.com/ooni/probe-android/releases/tag/v2.5.1) and iOS (https://github.com/ooni/probe-ios/releases/tag/v2.5.1) * OONI Probe Mobile 2.5.2 on Android (https://github.com/ooni/probe-android/releases/tag/v2.5.2) and iOS (https://github.com/ooni/probe-ios/releases/tag/v2.5.2) The OONI Probe Mobile 2.5.1 release automatically deletes uploaded measurements (creating more local storage space) and enables users to stop a test while it’s running. The OONI Probe Mobile 2.5.2 release ships the WhatsApp, Facebook Messenger, and middlebox tests rewritten in golang. ## Adding support for configuring push notifications As part of our ongoing efforts to add support for configuring push notifications, we: * Implemented countly on iOS: https://github.com/ooni/probe/issues/1209 * Implemented countly on Android: https://github.com/ooni/probe/issues/1208 ## OONI Probe desktop app Throughout July 2020, we continued to make progress on improving the OONI Probe desktop app, as documented through the following pull requests: https://github.com/ooni/probe-desktop/pull/164 https://github.com/ooni/probe-desktop/pull/163 https://github.com/ooni/probe-desktop/pull/162 https://github.com/ooni/probe-desktop/pull/161 https://github.com/ooni/probe-desktop/pull/159 We also created mockups for new settings to be included in the OONI Probe desktop app. See: https://github.com/ooni/probe/issues/1225 ## Making the OONI Probe apps rely entirely on the golang engine We now have all OONI Probe tests written in golang! As part of our work on making the OONI Probe apps rely entirely on the golang engine, we: * Rewrote the OONI WhatsApp experiment in Go: https://github.com/ooni/probe-engine/issues/55 * Rewrote the OONI Facebook Messenger experiment in Go: https://github.com/ooni/probe-engine/issues/736 * Removed the “All endpoints” option in the WhatsApp test: https://github.com/ooni/probe/issues/1226 * Discussed how to improve the web interface of WhatsApp measurements: https://github.com/ooni/probe-engine/issues/740 * Rewrote the OONI HTTP Invalid Request Line experiment in Go: https://github.com/ooni/probe-engine/issues/761 * Rewrote the OONI HTTP Header Field Manipulation experiment in Go: https://github.com/ooni/probe-engine/issues/763 * Rewrote the OONI Web Connectivity experiment in Go: https://github.com/ooni/probe-engine/issues/776 * Rewrote our SNI blocking experiment using urlgetter: https://github.com/ooni/probe-engine/issues/684 * Updated to the latest version of probe-cli/probe-engine: https://github.com/ooni/probe/issues/1178 As mentioned previously, we shipped WhatsApp, Facebook Messenger, and middlebox tests rewritten in golang as part of the OONI Probe Mobile 2.5.2 release. ## Expanding OONI Probe measurement methodologies As part of our ongoing efforts to improve and expand upon our measurement methodologies, we enabled the measurement of private Tor bridges and wrote an integration test, as documented through the following tickets: https://github.com/ooni/probe-engine/issues/721 and https://github.com/ooni/probe-engine/issues/629. We also worked on investigating and remediating TLS false positives: https://github.com/ooni/probe-engine/issues/769 ## URL prioritization We wrote an analysis script to add coverage metrics for URL prioritization (https://github.com/ooni/backend/issues/425). This is implemented in the following pull request: https://github.com/ooni/pipeline/pull/319 This script will be used to monitor test list improvements (https://github.com/ooni/backend/issues/418). ## Data analysis and pipeline work necessary for extracting per site metrics We made progress on implementing API endpoints for returning top-level measurement metadata: https://github.com/ooni/backend/issues/341 ## Improving our server infrastructure Throughout July 2020, we made important progress on improving the monitoring of our infrastructure. We created an analysis tool (“analysis runbook”) that runs a number of threads to monitor the slow query summary and more. We also built a grafana dashboard to receive alerts based on the monitoring of our infrastructure. See: https://github.com/ooni/backend/wiki/Runbooks:Analysis We also worked on setting up a new database host in Amsterdam: https://github.com/ooni/backend/issues/400 ## Testing and quality assurance We implemented our own ASN database on the backend. This involved investigations around data quality, automated generation and testing, and deploying the ASN database in the pipeline and using it when processing measurements. This work is tracked here: https://github.com/ooni/backend/issues/406 We also: * Worked on repairing a broken CI build in Measurement Kit: https://github.com/measurement-kit/measurement-kit/issues/1926 * Improved upon oonimkall: https://github.com/ooni/probe-engine/issues/816 * Made sure we compiled a static miniooni for Linux so that it could be run from any recent Linux distribution without worrying about the libc ABI: https://github.com/ooni/probe-engine/issues/815 * Set up automatic, periodic CI runs: https://github.com/ooni/probe-engine/issues/819 * Improved upon the OONI HTTP Header Field Manipulation test: https://github.com/ooni/probe-engine/issues/821 * Wrote quality assurance tests for the OONI instant messaging and middlebox experiments: https://github.com/ooni/probe-engine/issues/829 * Fixed a bug related to certain tests not running: https://github.com/ooni/probe/issues/1233 * Fixed a bug in the OONI Telegram test: https://github.com/ooni/probe-engine/issues/827 * Backported the Telegram test bugfix to a stable branch: https://github.com/ooni/probe-engine/issues/828 Following a series of improvements, we released Measurement Kit v0.10.12: https://github.com/ooni/probe-engine/issues/809 ## Updated OONI Data Policy On 22nd July 2020, we released the 1.4.0 version of the OONI Data Policy. The updated OONI Data Policy is available here: https://ooni.org/about/data-policy The latest version (1.4.0) of the OONI Data Policy includes the following changes: * We now use our own ASN database (following the changes to MaxMind's license). * You can no longer opt out of submitting country code information (e.g. "IT" for Italy), as this significantly limits the value of measurements (i.e. we have no idea where a test was run). * We use a self-hosted analytics platform on our websites and OONI Probe apps to better understand how our apps are used, improve our understanding of user needs, improve OONI tools, and better serve the OONI community. You can opt out of our use of analytics by disabling the collection of app usage statistics in the OONI Probe app settings (and you can opt out of our use of analytics on ooni.org and explorer.ooni.org by unchecking the opt-out box at the end of our Data Policy). * In our Data Policy, we have added a section on the collection of app usage statistics. * In our Data Policy, we have added a section where we disclose what information we will collect if you opt in to push notifications. * OONI measurements are openly published by default, but we will not publish data related to app analytics and push notification support (which is securely stored separately from the public measurement metadb). ## Report on network performance in Northern Italy amid the COVID-19 pandemic We collaborated with M-Lab on the publication of a research report that shares measurement observations on network performance in Northern Italy during the peak of the COVID-19 pandemic. This report is available here: https://ooni.org/post/2020-network-performance-covid19-italy/ In summary, we found: * Significant increase in the number of NDT tests run per day around the beginning of Italy’s nationwide lockdown (which started on 10th March 2020); * Reduced NDT download and upload speed results during the nationwide lockdown in Italy (between March 2020 to May 2020); * Improved NDT download and upload speed results from early May 2020 onwards, when the Italian government gradually started to lift the strict lockdown measures. As the available measurements suggest that there may be a correlation between increased internet use and reduced network performance, they highlight the need to invest in internet infrastructure that is more robust and sustainable in the long-term. They also highlight the need for more longitudinal measurements collected from more stable vantage points to improve our understanding of network performance issues. OONI’s Simone also collaborated with M-Lab on a blog post that introduces ndt7, which is available here: https://www.measurementlab.net/blog/ndt7-introduction/#ndt7-introduction ## Internet Measurement Village 2020 recap blog post Throughout June 2020, up until 3rd July 2020, we hosted the first Internet Measurement Village (IMV), an online community event aimed at sharing skills, knowledge, and resources on internet measurement. As all the IMV sessions were live-streamed and will continue to live on the OONI YouTube channel (https://www.youtube.com/c/OONIorg), we hope that these recordings will serve as a valuable resource on internet measurement for the internet freedom community. In July 2020, we published a blog post to provide a recap of the Internet Measurement Village 2020 and to share the slides and video recordings of each presentation. This blog post is available here: https://ooni.org/post/2020-imv-slides-recordings/ ## Statement in support of the OTF In July 2020, we published a second statement in support of the OTF amid recent developments (our first statement is available here: https://ooni.org/post/2020-06-19-save-internet-freedom-support-the-open-tec…). In our statement, titled “Support the OTF: Support a Free and Open Internet”, we share our experience working with the OTF, and discuss how they have played a crucial role in supporting the fight against internet censorship worldwide. This statement is available here: https://ooni.org/post/2020-support-otf/ ## Created a new OONI partnerships page We created a new page for the OONI website which features all of our partners, shares their work, and the projects and/or research reports that we have collaborated on. This work is available here: https://github.com/ooni/ooni.org/pull/528 We will publish this page once it has been reviewed and approved by all of our partners. ## Collaboration with Netalitica As part of our ongoing collaboration with Netalitica, we continued to review their test list updates. In July 2020, we reviewed the updates to the Ethiopian, South African, and Thai test lists and shared feedback. We also reviewed and shared feedback on the Netalitica updates to the Algerian, Iraqi, Indonesian, and Zimbabwean test lists. ## Data analysis As part of our partnership with Azerbaijan Internet Watch, we analyzed all OONI measurements collected from Azerbaijan between 1st January 2020 to 31st July 2020, based on which we produced relevant charts and wrote a report. We also performed data analysis for an OTF Information Controls Fellow (https://github.com/ooni/ooni.org/issues/552) examining internet censorship in Myanmar through the use of OONI Probe. Based on this analysis, we produced a CSV file and several charts for the research fellow. ## Community activities ### NetGain Partnership webinar On 8th July 2020, OONI’s Maria was invited to participate in the NetGain Partnership online event, specifically in the webinar titled “Surging Demand and the Global Internet Infrastructure”. Information about the webinar is available here: https://www.netgainpartnership.org/events/covid19/global-infrastructure As part of her participation in this webinar, Maria presented OONI’s work and discussed how increased internet use during the COVID-19 pandemic was correlated with decreased network performance (based on NDT measurement analysis). ### RightsCon Online 2020 The OONI team attended RightsCon 2020, which took place entirely online between 27th-31st July 2020. As part of our participation, we attended many sessions, as well as the meetup of the KeepItOn campaign. On 29th July 2020, OONI’s Maria co-facilitated the following session along with Rama and Alberto from CAIDA: “Investigating internet shutdowns with open data”. As part of this session, Maria introduced participants to OONI for measuring the blocking of websites and apps, while Rama and Alberto introduced participants to IODA for measuring internet outages. Maria was also on the RightsCon Online Program Committee, which involved reviewing session proposals and providing advice for the “Network Connectivity and Internet Shutdowns” track. ### Kill Switch Podcast On 30th July 2020, OONI’s Maria was invited to speak on Access Now’s Kill Switch podcast (https://www.volume.africa/kill-switch) that discussed internet shutdowns around the world. As part of her participation in the podcast, Maria discussed OONI and its role in the KeepItOn campaign. The podcast (Episode 4: “The Fight to Get Back Online”) is available here: https://player.captivate.fm/episode/61ad48c6-c67b-42ec-b8ca-9191915ec746 ## Userbase In July 2020, 7,567,361 OONI Probe measurements were collected from 5,765 networks in 209 countries around the world. This information can also be found through our measurement stats on OONI Explorer (see chart on “monthly coverage worldwide”): https://explorer.ooni.org/ ~ The OONI team. -- Maria Xynou Research & Partnerships Director Open Observatory of Network Interference (OONI) https://ooni.org/ PGP Key Fingerprint: 2DC8 AFB6 CA11 B552 1081 FBDE 2131 B3BE 70CA 417E

1 0

August 2020 Tor DEMO Day - call for presenters
by Antonela Debiasi 25 Aug '20

25 Aug '20

............................................ ██████ .███████ ███ ...███ .██████ .███████ ██ ██ ██ ████ .████ ██ ██ ██ ██ ..██ █████ ..██ ████ ██ ██ ...██ ███████ ██ ..██ ██ ..██ ██ ██ ██ ...██ ██ ██████ ███████ ██ . .██ ██████ ███████ ............................................ Hello Tor, Last month we started running monthly Tor Demos during our All Hands. At this time, we want to extend the invitation to our broad community! The August Demo Day will be on Wednesday, August 26th, at 16UTC. The pad is here https://pad.riseup.net/p/tor-monthly-hall-demos-august-2020-keep Please add your topic and name at the end of the pad to be part of the lineup. I hope to see you there! A Why? ---- - We want to spice up our remote working routine and also break the silos between teams. - The first edition was a success and we want to share this experience with the broad Tor community!. How? ---- - We will call for presenters. - The agenda will be set before the meeting and will be shared with tor-project. - We want 5 to 8 minutes length presentations. We will handle questions at the end of all presentations. - Slides are allowed but not mandatory. You may share your screen or a pre-recorded video if that makes you less anxious. - We like the adrenaline of the live presentations, but if they wish, presenters can share pre-recorded videos with us. They should be sent a few hours in advance and will be lined up and shared with assistants during the session. Who? ---- - Anyone who wants to share what they have been hacking on. It doesn't need to be a finished feature but a work in progress. It can be small like a Tor Browser feature or something you have been hacking around Tor not officially. - Presenters have 5 to 8 minutes. People can ask questions via text in the pad for 3 minutes. - Antonela will moderate at this time. We can rotate this role. Where? ------ During the All Hands Meeting. The room will be shared a few days before the meeting. When? ----- During the All Hands Meeting on Wednesday AUGUST 26TH at 16 UTC Agenda ------------------------------ d[-_-]b dj resident @mikeperry ------------------------------ - 5 min for the presentation - 3 min for questions Questions will be written in text in the pad in any time during the presentation. Presenter will answer them in audio. -- Antonela Debiasi UX Team Lead @antonela E2330A6D1EB5A0C8 https://torproject.org

1 1

Anti-censorship meeting notes, 20 Aug 2020
by Philipp Winter 20 Aug '20

20 Aug '20

Hi all, Here are our meeting minutes: http://meetbot.debian.net/tor-meeting/2020/tor-meeting.2020-08-20-15.59.html And here is our meeting pad: Anti-censorship work meeting pad -------------------------------- Next meeting: Thursday August 20th 16:00 UTC Weekly meetings, every Thursday at 16:00 UTC, in #tor-meeting at OFTC (channel is logged while meetings are in progress). == Goal of this meeting == Weekly checkin about the status of anti-censorship work at Tor. Coordinate collaboration between people/teams on anti-censorship at Tor. == Links to Useful documents == * Our anti-censorship roadmap: * Roadmap: https://gitlab.torproject.org/groups/tpo/anti-censorship/-/boards * The anti-censorship team's wiki page: * https://gitlab.torproject.org/tpo/anti-censorship/team/-/wikis/home * Past meeting notes can be found at: * https://lists.torproject.org/pipermail/tor-project/ * Tickets that need reviews: from sponsors we are working on: * All needs review tickets: https://gitlab.torproject.org/groups/tpo/anti-censorship/-/merge_requests?s… * Sponsor 30 * https://gitlab.torproject.org/groups/tpo/-/milestones/4 * https://gitlab.torproject.org/groups/tpo/-/milestones/7 * https://gitlab.torproject.org/groups/tpo/-/milestones/5 * https://gitlab.torproject.org/groups/tpo/-/milestones/6 * Sponsor 28 * must-do tickets: https://gitlab.torproject.org/groups/tpo/-/milestones/10 * possible tickets: https://gitlab.torproject.org/groups/tpo/-/issues?scope=all&utf8=%E2%9C%93&… * Anti-censorship related tickets that we want other teams to fix: * https://pad.riseup.net/p/tor-anti-censorship-tickets-keep <-- it will be moved into gitlab with TPO labels * Public bug-reporting pad: * https://pad.riseup.net/p/tor-anti-censorship-bugs-keep == Announcements == * == Discussion == * Cool stuff happens in anti-censorship-team-land, and we have a twitter audience who would love to learn about them. So one of the items to consider periodically should be: is there something compelling to tweet about? This period includes Belarus, ESNI, Turbotunnel video, more. * Brainstorm ways to learn more about Tor blocking in Belarus. == Actions == * == Interesting links == * Spike in Tor [bridge] usage in Belarus: https://www.reddit.com/r/europe/comments/i82v45/surge_in_tor_activity_from_… * https://labs.ripe.net/Members/alun_davies/our-first-glance-at-the-belarus-o… * https://blog.qrator.net/en/what-happening-BY_86/ * Non-bridge usage decreased: * https://people.torproject.org/~dcf/metrics-country.html?start=2020-05-01&en… * Psiphon usage greatly increased: * https://psix.ca/d/nyi8gE6Zk/regional-overview?orgId=2&var-region=BY * https://archive.is/HoUDm * GFW has stopped blocking connections from Tor exits? (Tor users can access China-based destinations again now?) * https://github.com/net4people/bbs/issues/43#issuecomment-673544223 == Reading group == * We will discuss "Turbo Tunnel" on Aug 20 Aug 27 * PDF: https://www.bamsoftware.com/papers/turbotunnel/turbotunnel.pdf * Web version: https://www.bamsoftware.com/papers/turbotunnel/ * Questions to ask and goals to have: * What aspects of the paper are questionable? * Are there immediate actions we can take based on this work? * Are there long-term actions we can take based on this work? * Is there future work that we want to call out, in hopes that others will pick it up? == Updates == Name: This week: - What you worked on this week. Next week: - What you are planning to work on next week. Help with: - Something you need help with. phw: This week (2020-08-20): * Spent most of my time working on BridgeDB reimplementation. * https://gitlab.torproject.org/tpo/anti-censorship/bridgedb/-/issues/32900 * Experimented with Salmon implementation. * https://gitlab.torproject.org/tpo/anti-censorship/bridgedb/-/issues/31873 * Brainstormed privacy-preserving features with cohosh. * Onionperf & exitmap work. * Drafted blog post on challenges, priorities, and progress in our work. * Let me know and I'll send you a draft! One needs a blog account to look at it :/ * Various bridgestrap performance and reliability improvements. * Deployed a new set of 10k CAPTCHAs on BridgeDB, just to see if it would affect presumed-to-be bots. Next week: * Help with: * cecylia (cohosh): last updated 2020-08-20 Last week: - deployed webext#13 - performed more measurements for snowflake#33666 - updated snowflake stats to include NAT types (snowflake#40008) - commented on salmon implementation progress (bridgedb#31873) - performed throughput measurements on restricted and unrestricted NAT topologies (snowflake#32545) - implemented simple round robin multiplex across proxies (#25723) - suggested improvement in Docker networking setup for proxy docker (snowflake#40002) This week: - perform measurements on throughput improvements of (snowflake#25723) - avoid double delays from ReconnectTimeout (snowflake#34080) - strategize on where to go next for snowflake NAT issues - continue working on NAT test suite (snowflake#25595) - continue with GetTor + BridgeDB refactor - look at snowflake#40004 Needs help with: - review of fix for snowflake#21314 (snowflake!9) - review of fix for snowflake#40008 (snowflake!10) - review of and feedback on snowflake#25723 (snowflake!11) juggy : This week: - Got very basic "suggested readings" list up and running here : https://jugheadjones10.github.io/anti-censorship-reading/ Next week: - Keep studying BridgeDB to write architectural overview Help with: - Open issues here (https://github.com/jugheadjones10/anti-censorship-reading ) for papers/resources/readings that you think might be useful for newcomers arlolra: 2020-06-11 Last week: - Next week: - follow ups to #33365 - start on #31201 Help with: - dcf: 2020-08-19 (will be absent 2020-08-20) Last week: Next week: - review snowflake client inactivity https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… - try again with the CDN invitation link for #30510 - add licenses of kcp-go and smux (tor-browser-build#40031) - start metrics-team thread on finding a new home for the Metrics Timeline Help with: Antonela: 2020-07-23 Last week: - (S28) Snowflake Android App UI https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… - (S30) Making bridges.tpo looks like tpo.org https://gitlab.torproject.org/tpo/anti-censorship/bridgedb/-/issues/34322 - (S30) Planning activities for the user group in HK (happening next week): - Run emma https://gitlab.torproject.org/tpo/ux/research/-/blob/master/scripts%20and%2… - Discovery issues with Bridges flow - working on the script https://gitlab.torproject.org/tpo/ux/research/-/issues/4 This week: - (S28) Review Snowflake Android App UI - (S30) Working on making bridges.tpo work with lektor - (S30) Sent Get Bridges User Research to the group in HK. Will meet them on Friday. Final script: https://gitlab.torproject.org/tpo/ux/research/-/issues/4 agix:2020-08-20 Last week: -Read the Turbotunnel paper Next week: - Help with: - hanneloresx: 2020-08-20 Last week: Read the Turbotunnel paper Next week: - Start on #33727 - Continue investigating and respond to comments on #32117 Help with: - thymbahutymba: 2020-04-02 Last week: - CI/CD pipeline for multiarch docker images, which has a problem with the apt tor version even though the apt repository have been changed into the Dockerfile. Next week: Help with: HashikD: 2020-08-13 This week: - Working on application UI #11 - MR on Animation change #18 Next week: - Further work on ticket #11 - Work on Network checks if time permits #16 Help with: -

1 0

Metrics meeting this Thursday August 20 at 15UTC
by Gaba 18 Aug '20

18 Aug '20

Hi! We are re-starting the metrics meetings this Thursday at 15UTC in #tor-meeting in irc.oftc.net see you there! cheers, gaba -- she/her are my pronouns GPG Fingerprint EE3F DF5C AD91 643C 21BE 8370 180D B06C 59CA BD19

1 0

Anti-censorship meeting notes, 13 Aug 2020
by Philipp Winter 17 Aug '20

17 Aug '20

Hi all, Here are our meeting minutes: http://meetbot.debian.net/tor-meeting/2020/tor-meeting.2020-08-13-16.00.html And here is our meeting pad: Anti-censorship work meeting pad -------------------------------- Next meeting: Thursday August 20th 16:00 UTC Weekly meetings, every Thursday at 16:00 UTC, in #tor-meeting at OFTC (channel is logged while meetings are in progress). == Goal of this meeting == Weekly checkin about the status of anti-censorship work at Tor. Coordinate collaboration between people/teams on anti-censorship at Tor. == Links to Useful documents == * Our anti-censorship roadmap: * Roadmap: https://gitlab.torproject.org/groups/tpo/anti-censorship/-/boards * The anti-censorship team's wiki page: * https://gitlab.torproject.org/tpo/anti-censorship/team/-/wikis/home * Past meeting notes can be found at: * https://lists.torproject.org/pipermail/tor-project/ * Tickets that need reviews: from sponsors we are working on: * All needs review tickets: https://gitlab.torproject.org/groups/tpo/anti-censorship/-/merge_requests?s… * Sponsor 30 * https://gitlab.torproject.org/groups/tpo/-/milestones/4 * https://gitlab.torproject.org/groups/tpo/-/milestones/7 * https://gitlab.torproject.org/groups/tpo/-/milestones/5 * https://gitlab.torproject.org/groups/tpo/-/milestones/6 * Sponsor 28 * must-do tickets: https://gitlab.torproject.org/groups/tpo/-/milestones/10 * possible tickets: https://gitlab.torproject.org/groups/tpo/-/issues?scope=all&utf8=%E2%9C%93&… * Anti-censorship related tickets that we want other teams to fix: * https://pad.riseup.net/p/tor-anti-censorship-tickets-keep <-- it will be moved into gitlab with TPO labels * Public bug-reporting pad: * https://pad.riseup.net/p/tor-anti-censorship-bugs-keep == Announcements == * == Discussion == * Recreated https://trac.torproject.org/projects/tor/wiki/doc/MetricsTimeline at https://gitlab.torproject.org/tpo/anti-censorship/team/-/wikis/Censorship-E… but there are some stub pages in the metrics team wiki too. We don't have edit access to that though :( how should we go forward? * Cool stuff happens in anti-censorship-team-land, and we have a twitter audience who would love to learn about them. So one of the items to consider periodically should be: is there something compelling to tweet about? This period includes Belarus, ESNI, Turbotunnel video, more. * Brainstorm ways to learn more about Tor blocking in Belarus. == Actions == * == Interesting links == * Spike in Tor [bridge] usage in Belarus: https://www.reddit.com/r/europe/comments/i82v45/surge_in_tor_activity_from_… * https://labs.ripe.net/Members/alun_davies/our-first-glance-at-the-belarus-o… * https://blog.qrator.net/en/what-happening-BY_86/ * Non-bridge usage decreased: * https://people.torproject.org/~dcf/metrics-country.html?start=2020-05-01&en… * Psiphon usage greatly increased: * https://psix.ca/d/nyi8gE6Zk/regional-overview?orgId=2&var-region=BY * https://archive.is/HoUDm * GFW has stopped blocking connections from Tor exits? (Tor users can access China-based destinations again now?) * https://github.com/net4people/bbs/issues/43#issuecomment-673544223 == Reading group == * We will discuss "Turbo Tunnel" on Aug 20 * PDF: https://www.bamsoftware.com/papers/turbotunnel/turbotunnel.pdf * Web version: https://www.bamsoftware.com/papers/turbotunnel/ * Questions to ask and goals to have: * What aspects of the paper are questionable? * Are there immediate actions we can take based on this work? * Are there long-term actions we can take based on this work? * Is there future work that we want to call out, in hopes that others will pick it up? == Updates == Name: This week: - What you worked on this week. Next week: - What you are planning to work on next week. Help with: - Something you need help with. phw: This week (2020-08-13): * Spent most of my time working on BridgeDB reimplementation. * https://gitlab.torproject.org/tpo/anti-censorship/bridgedb/-/issues/32900 * Experimented with Salmon implementation. * https://gitlab.torproject.org/tpo/anti-censorship/bridgedb/-/issues/31873 Next week: * Wrap up tpo/anti-censorship/wolpertinger#34259. Help with: * cecylia (cohosh): last updated 2020-08-13 Last week: - revised and merged NAT discovery for web proxies (snowflake-webext#13) - reviewed snowflake-mobile!11 - worked on sponsor 28 metrics reporting - read up on ESNI blocking reports - attended FOCI - implemented a fix so snowflake stops using the client's network when Tor isn't making reqests (#21314) - created snowflake#40007 to track snowflake usage/load in preparation to move to stable - gave viatsk feedback on their code for #25595 and started digging into pion's vnet project - performed measurements ahead of #25723 to track improvements in throughput - gave feedback on salmon prototype (bridgedb#31873) This week: - perform throughput measurements on different NAT topologies - start on multiplexing traffic across proxies (#25723) - continue working on NAT test suite (#25595) - continue with GetTor + BridgeDB refactor - look at snowflake#40004 Needs help with: - review of fix for #21314 (snowflake!9) juggy : This week: - Got very basic "suggested readings" list up and running here : https://jugheadjones10.github.io/anti-censorship-reading/ Next week: - Keep studying BridgeDB to write architectural overview Help with: - Open issues here (https://github.com/jugheadjones10/anti-censorship-reading ) for papers/resources/readings that you think might be useful for newcomers arlolra: 2020-06-11 Last week: - Next week: - follow ups to #33365 - start on #31201 Help with: - dcf: 2020-08-13 Last week: - reconfirmed eclips.is account https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… - reviewed test for symmetric NAT at WebExtension startup https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… Next week: - review snowflake client inactivity https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… - try again with the CDN invitation link for #30510 - add licenses of kcp-go and smux (tor-browser-build#40031) - start metrics-team thread on finding a new home for the Metrics Timeline Help with: Antonela: 2020-07-23 Last week: - (S28) Snowflake Android App UI https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… - (S30) Making bridges.tpo looks like tpo.org https://gitlab.torproject.org/tpo/anti-censorship/bridgedb/-/issues/34322 - (S30) Planning activities for the user group in HK (happening next week): - Run emma https://gitlab.torproject.org/tpo/ux/research/-/blob/master/scripts%20and%2… - Discovery issues with Bridges flow - working on the script https://gitlab.torproject.org/tpo/ux/research/-/issues/4 This week: - (S28) Review Snowflake Android App UI - (S30) Working on making bridges.tpo work with lektor - (S30) Sent Get Bridges User Research to the group in HK. Will meet them on Friday. Final script: https://gitlab.torproject.org/tpo/ux/research/-/issues/4 agix:2020-07-23 Last week: -on vacay till 08-03 Next week: - Help with: - hanneloresx: 2020-08-13 Last week: made some initial progress on #32117 Next week: - Continue investigating #32117 - Start on #33727 Help with: - thymbahutymba: 2020-04-02 Last week: - CI/CD pipeline for multiarch docker images, which has a problem with the apt tor version even though the apt repository have been changed into the Dockerfile. Next week: Help with: HashikD: 2020-08-13 This week: - Working on application UI #11 - MR on Animation change #18 Next week: - Further work on ticket #11 - Work on Network checks if time permits #16 Help with: -

1 0

Tails report for July 2020
by sajolida＠pimienta.org 10 Aug '20

10 Aug '20

Tails report for July, 2020 [1] RELEASES * Tails 4.9 was released on June 28 [2]. * Tails 4.10 is scheduled for August 25 [3]. CODE * Prepared upgrade to tor 0.4.3.6 (#17835 [4]) * Researched how to cope with the fact Electrum is not installable on Buster anymore (#17828 [5]) * Improved robustness of our automated test suite * Documented some internal processes (#17571 [6], #17772 [7]) DOCUMENTATION AND WEBSITE * We documented how to use USB tethering [8] when Wi-Fi doesn't work in Tails. (#16987 [9]) * We improved our FAQ on VPN [10]. (#9145 [11]) USER EXPERIENCE * Launched a user survey about ease of use, online privacy tools, OpenPGP, and Pidgin. (#17821 [12]) We got more than 600 responses so far. Thanks a lot to everybody who participated! HOT TOPICS ON OUR HELP DESK We started the month with Tails 4.8 and many users wrote to us because of problems with the Tails Welcome Screen: * They had issues with administration passwords that had special characters [13]. * They could not access their persistent storage because changing the language on the Welcome Screen didn't change the keyboard layout [14] as usual, although it claimed to do it. These two issues were very upsetting for the users, although had easy workarounds. They are fixed in Tails 4.9 (Apologies!), but in the same time the kernel upgrade brought new issues (Re: Apologies!): * A lot of people reported the starting Tails was impossible since the upgrade to Tails 4.9 with their Intel Corporation [8086:22b0] GPU [15]. * Some people reported that their Wi-Fi adapter was not working anymore [16]. INFRASTRUCTURE * Put our translation platform [17]. back in sync' with Git * Updated our Jenkins and its plugins (tails/sysadmin/-/issues/16955 [18]) * Improved our monitoring of download mirrors * Ported detection of stalled issues/MRs to GitLab (!110 [19]) FUNDING * Our proposal to OTF on anti-censorship was paused due to their budget problems [20]. * Our joint proposal with Tor to DRL was declined but invited to submit again next year. * We applied to the Mecenat Code Lutins [21] to work on usability improvements. * We added Wordable and Exam Success as partners [22]. * We coded some A/B testing to measure the impact of a design change on our one-time and monthly donations buttons. (52a2d90a42 [23]) * We made plans to improve our donation process [24]. * We published our income statement for 2019 [25]. OUTREACH PAST EVENTS * Mexico City hackerspace RANCHO ELECTRÓNICO did a series of three virtual Tails workshops [26] on July 14 - 21 and August 4 as part of their AutoDefensa Digital [27] sessions. TRANSLATIONS ALL THE WEBSITE * fr: 82% (5350) strings translated, 8% strings fuzzy * es: 46% (3030) strings translated, 8% strings fuzzy * de: 30% (1966) strings translated, 13% strings fuzzy * it: 27% (1795) strings translated, 10% strings fuzzy * fa: 22% (1468) strings translated, 13% strings fuzzy * pt: 21% (1401) strings translated, 9% strings fuzzy CORE PAGES OF THE WEBSITE [28] * fr: 80% (1678) strings translated, 11% strings fuzzy * es: 75% (1565) strings translated, 11% strings fuzzy * it: 49% (1031) strings translated, 21% strings fuzzy * de: 49% (1025) strings translated, 22% strings fuzzy * pt: 39% (812) strings translated, 14% strings fuzzy * fa: 19% (414) strings translated, 15% strings fuzzy CORE PAGES OF THE WEBSITE FOR LANGUAGES NOT ACTIVATED ON THE WEBSITE YET * zh_TW: 25% (447) strings translated, 12% strings fuzzy * zh: 12% (224) strings translated, 6% strings fuzzy * ru: 8% (160) strings translated, 5% strings fuzzy * pl: 8% (149) strings translated, 4% strings fuzzy * tr: 8% (148) strings translated, 4% strings fuzzy * ar: 7% (132) strings translated, 5% strings fuzzy * ca: 7% (131) strings translated, 5% strings fuzzy * id: 5% (99) strings translated, 3% strings fuzzy * sr_Latn: 4% (80) strings translated, 2% strings fuzzy METRICS * Tails has been started more than 951 736 times this month. This makes 30 701 boots a day on average. How do we know this? [29] Links: ------ [1] https://tails.boum.org/news/report_2020_07/ [2] https://tails.boum.org/news/version_4.9/index.en.html [3] https://tails.boum.org/contribute/calendar/ [4] https://gitlab.tails.boum.org/tails/tails/-/issues/17835 [5] https://gitlab.tails.boum.org/tails/tails/-/issues/17828 [6] https://gitlab.tails.boum.org/tails/tails/-/issues/17571 [7] https://gitlab.tails.boum.org/tails/tails/-/issues/17772 [8] https://tails.boum.org/doc/anonymous_internet/networkmanager/index.en.html#… [9] https://gitlab.tails.boum.org/tails/tails/-/issues/16987 [10] https://tails.boum.org/support/faq/index.en.html#vpn [11] https://gitlab.tails.boum.org/tails/tails/-/issues/9145 [12] https://gitlab.tails.boum.org/tails/tails/-/issues/17821 [13] https://gitlab.tails.boum.org/tails/tails/-/issues/17792 [14] https://gitlab.tails.boum.org/tails/tails/-/issues/17794 [15] https://gitlab.tails.boum.org/tails/tails/-/issues/16447#note_153909 [16] https://gitlab.tails.boum.org/tails/tails/-/issues/17786#note_152948 [17] https://translate.tails.boum.org/ [18] https://gitlab.tails.boum.org/tails/sysadmin/-/issues/16955 [19] https://gitlab.tails.boum.org/tails/tails/-/merge_requests/110 [20] https://saveinternetfreedom.tech/ [21] https://framaforms.org/mecenat-code-lutin-2020-1589209347 [22] https://tails.boum.org/partners/index.en.html [23] https://gitlab.tails.boum.org/tails/tails/-/commit/52a2d90a42 [24] https://tails.boum.org/blueprint/donation_process/ [25] https://tails.boum.org/doc/about/finances/#2019 [26] https://ranchoelectronico.org/3era-sesion-tails/ [27] https://ranchoelectronico.org/tag/autodefensadigital/ [28] https://tails.boum.org/contribute/l10n_tricks/core_po_files.txt [29] https://tails.boum.org/support/faq/index.en.html#boot_statistics

1 0

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

tor-project August 2020