tor-project October 2021

tor-project@lists.torproject.org

10 participants
19 discussions

minutes from the sysadmin meeting
by Antoine Beaupré 12 Oct '21

12 Oct '21

Hi! TPA had a meeting again, so here are the minutes! # Roll call: who's there and emergencies anarcat, gaba, kez, lavamind # OKRs and 2022 roadmap Each team has been establishing their own Objectives and Key Results (OKRs), and it's our turn. Anarcat has made a draft of five OKRs that will be presented at the October 20th all hands meeting. We discussed switching to this process for 2022 and ditch the previous roadmap process we had been using. The OKRs would then become a set of objectives for the first half of 2022 and be reviewed mid-year. The concerns raised were that the OKRs lack implementation details (e.g. linked tickets) and priorities (ie. "Must have", "Need to have", "Non-objectives"). Anarcat argued that implementation details will be tracked in GitLab Milestones linked from the OKRs. Priorities can be expressed by ordering the Objectives in the list. We observed that the OKRs didn't have explicit objectives for the web part of TPA, and haven't found a solution to the problem yet. We have tried adding an objective like this: > Integrate web projects into TPA > > 1. TPA is triaging the projects lego, ...? > 2. increase the number of projects that deploy from GitLab > 3. create and use gitlab-ci templates for all web projects ... but then realised that this should actually happen in 2021-Q4. At this point we ran out of time. anarcat submitted [TPA-RFC-13][] to followup. [TPA-RFC-13]: https://gitlab.torproject.org/tpo/tpa/team/-/wikis/policy/tpa-rfc-13-okrs-f… # Can we add those projects under TPA's umbrella? Make sure we have maintainers for, and that those projects are triaged: - lego project (? need to find a new maintainer, kez/lavamind?) - research (Roger, mike, gus, chelsea, tariq, can be delegated) - civicrm (OpenFlows, and anarcat) - donate (OpenFlows, duncan, and kez) - blog (lavamind and communications) - newsletter (anarcat with communications) - documentation Not for tpa: - community stays managed by gus - tpo stays managed by gus - support stays managed by gus - manual stays managed by gus - styleguides stays managed by duncan - dev still being developed - tor-check : arlo is the maintainer The above list was reviewed between gaba and anarcat before the meeting, and this wasn't explicitly reviewed during the meeting. # Dashboard triage Delegated to the star of the weeks. # Other discussions Those discussion points were added during the meeting. ## post-mortem of the week We had a busy two weeks, go over how the emergencies went and how we're doing. We unfortunately didn't have time to do a voice check-in on that, but we will do one at next week's checkin. ## Q4 roadmap review We discussed re-reviewing the priorities for Q4 2022, because there was some confusion that the OKRs would actually apply there; they do not: the previous work we did on prioritizing Q4 still stands and this point doesn't need to be discussed. # Next meeting We originally discussed bringing those points back on Tuesday oct 19th, 19:00 UTC, but after clarification it is not required and we can meet next month as usual which, according to the Nextcloud calendar, would be Monday November 1st, 17:00UTC, which equivalent to: 10:00 US/Pacific, 13:00 US/Eastern, 14:00 America/Montevideo, 18:00 Europe/Paris. # Metrics of the month ## Numbers and tickets * hosts in Puppet: 91, LDAP: 94, Prometheus exporters: 145 * number of Apache servers monitored: 28, hits per second: 147 * number of Nginx servers: 2, hits per second: 2, hit ratio: 0.82 * number of self-hosted nameservers: 6, mail servers: 7 * pending upgrades: 2, reboots: 0 * average load: 0.82, memory available: 3.63 TiB/4.54 TiB, running processes: 592 * bytes sent: 283.86 MB/s, received: 169.12 MB/s * planned bullseye upgrades completion date: ??? * [GitLab tickets][]: 156 tickets including... * open: 0 * icebox: 127 * backlog: 13 * next: 7 * doing: 4 * needs information: 5 * needs review: 0 * (closed: 2438) [Gitlab tickets]: https://gitlab.torproject.org/tpo/tpa/team/-/boards Compared to last month, we have reduced our backlog and kept "next" and "doing" quite tidy. Our "needs information" is growing a bit too much to my taste, not sure how to handle that growth other than to say: if TPA puts your ticket in the "needs information" state, it's typically that you need to do something before it gets resolved. ## Bullseye upgrades We started tracking bullseye upgrades! The upgrade prediction graph now lives at: https://gitlab.torproject.org/tpo/tpa/team/-/wikis/howto/upgrades/bullseye#… I concede it looks utterly ridiculous right now, and the linear predictor gives ... "suspicious" results: anarcat@angela:bullseye(master)$ make predict-os refresh predict-os predict graph -o predict.png --path data.csv --source buster /home/anarcat/bin/predict-os:123: RankWarning: Polyfit may be poorly conditioned date = guess_completion_time(records, args.source, now) suspicious completion time in the past, data may be incomplete: 1995-11-09 completion time of buster major upgrades: 1995-11-09 In effect, we have not *upgraded* a single box to bullseye, but we have created 4 new machines, and those are all running bullseye. An interesting data point: about two years ago, we had 79 machines (compared to 91 today), 1 running jessie (remember the old `check.tpo`?), 38 running stretch, and 40 running buster. We never quite completed the stretch upgrade (we still have one left!), but we reached that around a year ago. So, in two years, we added 12 new machines to the fleet, for an average of a new machine every other month. If we look at the buster upgrade process, we will completely miss the summer milestone, when Debian buster will reach EOL itself. But do not worry, we do have a plan, stay tuned! -- Antoine Beaupré torproject.org system administration

1 0

OONI Monthly Report: August 2021
by Maria Xynou 12 Oct '21

12 Oct '21

Hello, These days we're primarily supported by the DRL, which is why we do quarterly reporting. That said, we'd like to share monthly updates from the OONI team with the community, hence our August 2021 report shared below. I'll follow-up to share our September 2021 report. *# OONI Monthly Report: August 2021* Throughout August 2021, the OONI team worked on the following sprints: * Sprint 45 - Antarctic Krill (2nd - 15th August 2021) * Sprint 46 - Happy Oyster (16th - 29th August 2021) Our work can be tracked through the various OONI GitHub repositories: https://github.com/ooni Highlights are shared in this report below. *## Published research report on the blocking of LGBTIQ websites in six countries* In collaboration with the Citizen Lab and OutRight Action International, we co-published a new research report, "No Access: LGBTIQ Website Censorship in Six Countries", which examines the blocking of LGBTIQ websites in Indonesia, Malaysia, Iran, Russia, Saudi Arabia, and the United Arab Emirates (UAE). The report is available on each of our websites: * OONI: https://ooni.org/post/2021-no-access-lgbtiq-website-censorship-six-countrie… * Citizen Lab: https://citizenlab.ca/2021/08/no-access-lgbtiq-website-censorship-in-six-co… * OutRight Action International: https://outrightinternational.org/content/no-access-lgbtiq-website-censorsh… Download the full (203-page) report here: https://ooni.org/documents/2021-lgbtiq-website-censorship-report/2021-lgbti… We adopted a mixed methods research approach, combining OONI network measurement analysis with interviews and literature research. The timeframe that we selected for OONI data analysis was June 1, 2016 to July 31, 2020. To examine the impact of online LGBTIQ censorship, OutRight Action International and the Citizen Lab interviewed LGBTIQ communities in the six countries. Our research report received the following press coverage: https://www.openlynews.com/i/?id=3ff85ecb-ac2a-4a84-a451-876598f90a4f https://www.reuters.com/article/idUSL8N2Q23D4 https://www.freewebturkey.com/dunyada-sansur-gundemi-28-agustos-3-eylul/ https://www.opendemocracy.net/en/5050/tech-firms-facilitating-censorship-of… https://www.gaytimes.co.uk/life/invisible-and-silenced-lgbtq-online-content… https://76crimes.com/2021/09/15/how-online-censors-muzzle-queer-voices-in-r… *## Published research report on social media blocks amid Zambia’s 2021 election* We published a new research report titled: "Zambia: Social media blocked amid 2021 general elections". The report is available here: https://ooni.org/post/2021-zambia-social-media-blocks-amid-elections/ In the report, we share OONI data (and technical observations) on the blocking of WhatsApp, Twitter, and Facebook amid Zambia's 2021 general election. *## Academic paper on internet censorship in Myanmar published by FOCI* In collaboration with the Center for Applied Internet Data Analysis (CAIDA) of UC San Diego, Kentik, and other researchers from UC San Diego and the University of Michigan, we co-authored an academic research paper titled: “A multi-perspective view of Internet censorship in Myanmar”. We submitted this paper to the ACM SIGCOMM 2021 Workshop on Free and Open Communications on the Internet (FOCI 2021), who published our paper on 27th August 2021: https://dl.acm.org/doi/10.1145/3473604.3474562 Our paper can be read through the following link: https://www.ramapad.com/papers/myanmar_foci21_cr.pdf Ramakrishna Padmanabhan (CAIDA, UC San Diego) presented the paper at the FOCI 2021 workshop ( https://conferences.sigcomm.org/sigcomm/2021/workshop-foci.html) and published a video presentation which summarizes our findings: https://www.youtube.com/watch?v=ABcswfBO2RY As part of our work on this paper, we analyzed OONI measurements collected from Myanmar between 1st February 2021 to 30th April 2021, building upon our previous research report on Myanmar ( https://ooni.org/post/2021-myanmar-internet-blocks-and-outages/). Notably, we found two cases of collateral damage caused by IP blocks in Myanmar. Based on our analysis, we contributed to the writing of the paper, and helped produce relevant charts. *## OONI blog post for TunnelBear Tales blog series* We had the opportunity to write about OONI as part of the TunnelBear Tale blog series. On 3rd August 2021, TunnelBear published our blog post (“TunnelBear tales: OONI”), which is the form of an interview. In this blog post, we discuss how OONI came to be, why people run OONI Probe, the role of network measurement in the fight for internet freedom, community stories, and what is needed to further support the censorship measurement community. Our blog post for TunnelBear is available here: https://www.tunnelbear.com/blog/tunnelbear-tales-ooni/ *## Published blog post on mining OONI data* To enable community members to access and analyze OONI data, we published a blog post which explains the various ways (S3 bucket, PostgreSQL database, OONI API, OONI Explorer) through which you can access raw OONI measurement data. This blog post (“Mining OONI data”) is available here: https://ooni.org/post/mining-ooni-data/ *## Published blog post on a brief introduction to OONI* To enable new community members to learn about OONI, we published a blog post which provides a gentle introduction to OONI, some basics about how the internet works, and how OONI Probe detects blocking. This blog post (“A brief introduction to OONI”) is available here: https://ooni.org/post/brief-introduction-to-ooni/ *## Expanding OONI censorship measurement methodologies* In August 2021, we started working on rewriting our flagship experiment (Web Connectivity) for measuring the blocking of websites. We first released the Web Connectivity test 5 years ago ( https://ooni.org/post/web-connectivity/), and it has served us quite well in measuring the blocking of websites worldwide (https://ooni.org/reports/). But internet censorship has evolved over the last years (for example, SNI based filtering is increasingly being observed), requiring us to rethink (and rewrite) how we measure the accessibility of websites. Some of the main improvements (https://github.com/ooni/probe/issues/1714) we would like to make to the Web Connectivity experiment include: * QUIC support * TLS parroting * Using both the DNS of the local resolver and that of the test helper * Reducing the number of false positives by changing the logic by which measurements are run To incorporate such changes, we have decided to re-write our website measurement experiment entirely from scratch. Our new experiment is tentatively called “Websteps”, and throughout August 2021, we wrote a series of design documents to describe this new experiment. These (currently internal) design documents for our new Websteps experiment include: * High-level description of the Websteps experiment * Evaluation criteria * Underlying library: Data format and algorithms library * Prototype: Where to find a code prototype and how to use it * Data format: Specification of measurements data format * Example measurements: How measurements look like with specific errors * Known-data quality issues We started off by reviewing these documents internally in our team. Based on internal review, we made a series of iterations and improvements. The next steps of the review process involve sharing these documents with certain community members (who have relevant expertise), and eventually sharing them publicly to encourage public review and feedback. The new websteps experiment depends on the use of a new type of test-helper which assists it in performing discovery of the testing targets and is also used as a baseline for comparison. We wrote a specification for this new test helper in the ooni/spec repo: https://github.com/ooni/spec/pull/219 In August 2021, we also reviewed the pull requests by Google Summer of Code (GSoC) student Kathrin Elmenhorst, who added support for using the utls library for TLS parroting (https://github.com/ooni/probe-cli/pull/442). She also worked with us on implementing a prototype for the new Websteps experiment (https://github.com/ooni/probe-cli/pull/432) and fixed a bug in it (https://github.com/ooni/probe-cli/pull/447). *## OONI Probe Mobile* We worked on identifying the priorities and next steps for the development of the OONI Probe mobile app. To this end, we went through community feedback (through tickets and internal documents) to identify feature requests, bug reports, and other areas that need improvement. Based on this, we wrote an internal document where we map out the priorities and next steps for the development of OONI Probe Mobile over the next 6 months, based on which we opened relevant tickets. *## OONI Run* Based on community feedback, we worked on making some improvements to the OONI Run (https://run.ooni.io/) platform. In particular, we worked on ensuring that HTTPS is used as the default prefix when URLs are added to the platform, that the HTTPS prefix is not duplicated when URLs are pasted in bulk, and we added a note informing users that they can copy-paste multiple URLs into the platform. This work is tracked here: https://github.com/ooni/run/pull/74 *## OONI Probe Desktop* We made progress on improving the end-to-end testing of the OONI Probe Desktop app. Specifically, tests were added for ensuring that the onboarding process, the dashboard, settings, and the test results screens work as expected: https://github.com/ooni/probe-desktop/pull/243 We also worked on implementing a fix to a bug that led to the autorun settings not being preserved across updates: https://github.com/ooni/probe-desktop/pull/237 *## OONI backend* In August 2021, we worked on the following OONI backend activities: * Developed beta quality data analysis capabilities for pluggable transport tests: https://github.com/ooni/ooni.org/issues/766 * Added support to the OONI API for displaying PT measurements: https://github.com/ooni/ooni.org/issues/771 * API: Searched and fetched measurements by uid in addition to rid/input (fixes issues around paging and rid/input collision): https://github.com/ooni/api/pull/263 * Monitored the growth of unattended OONI Probe runs and test list coverage * Investigated an odd decrease in the number of received measurements from OONI Probe Android and unattended OONI Probe desktop runs, and added new metrics to our internal dashboard. * Tested the URL prioritization backend: https://github.com/ooni/backend/issues/418 * Fixed URL prioritization and added end-to-end testing: https://github.com/ooni/api/pull/264 * Added support for using the new OONI measurement data format in s3 for end-to-end testing * Created admin accounts for our test-list web UI * Prioritized the testing of the GRP Citizen Lab category code in Zambia in response to the blocking of social media (amid elections) * Looked into OONI API logs to detect popular queries that take a long time to run (heavy hitters) * Deployed Nginx caching * Worked on improvements to the system used to predict the expected measurement volume from the API * Experimented with different database indexes on our fastpath table * Worked on updating our fast-path pipeline * Worked on updating the logic used to populate the counter tables which are used for performing aggregation queries (counters_table_updater) *## Google Summer of Code (GSoC)* Throughout the summer of 2021, we had the opportunity to host two Google Summer of Code (GSoC) students: Kathrin Elmenhorst and Shivam Shekhar. Between June 2021 to August 2021, Kathrin worked with us on developing OONI Probe network experiments ( https://community.torproject.org/gsoc/ooni-probe-experiments/), while Shivam worked with us on developing integration and unit tests for the OONI Probe desktop app (https://community.torproject.org/gsoc/ooni-probe-testing/ ). In August 2021, Kathrin and Shivam completed their GSoC projects with us, and we submitted a review of their performance. Overall, we were thrilled to work with Kathrin and Shivam, and we thank them for their excellent contributions to OONI projects! *## Test list updates* In August 2021, we made a minor update to the Citizen Lab test lists for Cuba and Venezuela. In particular, we added a site (to both lists) which tracks fake news in Venezuela, but which was reportedly blocked in Cuba. Pull request: https://github.com/citizenlab/test-lists/pull/814 *## Community activities### OONI Community Meeting* On 31st August 2021, we hosted the monthly OONI Community Meeting on our Slack channel (https://slack.ooni.org/), during which we discussed the following topics: 1. Tor usage in Turkmenistan is decreasing. How can we increase OONI Probe testing of Tor in Turkmenistan? 2. Preparing for Russia’s upcoming 2021 election: Measurement and advocacy. 3. Reviewing the test list for Afghanistan in accordance with possible new regulations. *## Userbase* In August 2021, 13,304,893 OONI Probe measurements were collected from 4,938 AS networks in 194 countries around the world. This information can also be found through our measurement stats on OONI Explorer (see chart on “monthly coverage worldwide”): https://explorer.ooni.org/ ~ OONI team.

1 0

UX team monthly meetings notes, October 12th
by Duncan Larsen-Russell 12 Oct '21

12 Oct '21

1 0

(fyi) Outreachy contribution period (December 2021 - March 2022)
by gus 12 Oct '21

12 Oct '21

Hi, The Community team submitted a new Outreachy[1] project:"Mapping values and motivations of the Tor network's relay operators". You can read the complete project here[2]. The contribution period started this week and you will see some applicants on IRC during this month. You can help redirecting them to #tor-www channel and/or teaching them how to configure Element/matrix client, so they can follow up our discussions. cheers, Gus [1] Outreachy: https://www.outreachy.org/ [2] https://gitlab.torproject.org/tpo/community/team/-/issues/46 -- The Tor Project Community Team Lead

1 0

OONI Monthly Report: July 2021
by Maria Xynou 12 Oct '21

12 Oct '21

Hello, Hope you're all doing well. These days we're primarily supported by the DRL, which is why we do quarterly reporting. That said, we'd like to share monthly updates from the OONI team with the community, hence our July 2021 report shared below. I'll also follow-up to share our August and September 2021 reports. *# OONI Monthly Report: July 2021* Throughout July 2021, the OONI team worked on the following sprints: * Sprint 43 - Confused Kraken (5th - 18th July 2021) * Sprint 44 - Dancing Sirens (19th - 31st July 2021) Our work can be tracked through the various OONI GitHub repositories: https://github.com/ooni Highlights are shared in this report below. *## Published research report on media censorship in Azerbaijan* In collaboration with Azerbaijan Internet Watch, we co-published a new research report titled: "Media censorship in Azerbaijan through the lens of network measurement". Our report is available through the following sites: * OONI: https://ooni.org/post/2021-azerbaijan/ * Azerbaijan Internet Watch: https://www.az-netwatch.org/news/media-censorship-in-azerbaijan-through-the… As part of our analysis of OONI measurements collected from Azerbaijan between January 2020 to May 2021, we found: ** Blocking of independent news media and circumvention tool websites. *Throughout the testing period, several independent news media and circumvention tool sites presented HTTP failures caused by connection timeouts. This suggests the potential use of Deep Packet Inspection (DPI) by ISPs in Azerbaijan. ** Attempts to block Tor and Psiphon.* ISPs in Azerbaijan attempted to block Tor and Psiphon amid the 2020 Nagorno-Karabakh war. However, both attempts appear to have been quite ineffective, as these tools have built-in circumvention fallback options. Tor Metrics also show a spike in usage during this period. ** Temporary blocking of social media amid 2020 Nagorno-Karabakh war.* Between September 2020 to November 2020, several social media websites presented the same HTTP failures (as news media and circumvention tool sites), while the testing of WhatsApp and Telegram presented signs of TLS level interference. ** Variance of censorship across networks.* ISPs in Azerbaijan appear to be adopting similar censorship techniques. However, censorship varies from network to network, as different ISPs block different websites and apps at different moments in time. *## Hosted a 3-day online OONI Partner Training* Between 5th-7th July 2021, we organized and hosted a 3-day online OONI Partner Training for our partners from 9 countries in Asia and the Middle East (https://ooni.org/partners). The event also included participants from international organizations, Reporters Without Borders and Human Rights Watch. Overall, 45 participants from 23 digital rights organizations attended this 3-day OONI Partner Training. To ensure a safe, friendly, and pleasant experience for all during the training, we asked all participants to adhere to OONI’s Code of Conduct ( https://github.com/ooni/ooni.org/blob/master/CODE_OF_CONDUCT.md) and to follow the Chatham House Rule on Privacy ( https://www.chathamhouse.org/about-us/chatham-house-rule). The goal of the OONI Partner Training was to share knowledge and skills on OONI’s censorship measurement tools, dataset, and methodologies to enable their use as part of research and advocacy efforts. We also aimed to collect feedback on how to improve OONI tools to better serve community needs. The event was facilitated entirely online (over Zoom), and entailed two 1.5 hour sessions per day (over 3 days). We facilitated the following 6 sessions as part of the 3-day OONI Partner Training: 1) Information Controls Around the World 2) Introduction to Internet Censorship 3) Using the OONI Probe Apps 4) Using OONI Run to coordinate censorship testing 5) Using OONI Explorer to find censorship measurement data 6) Interpreting OONI data We published a blog post which shares further information about the training sessions and overall event: https://ooni.org/post/ooni-partner-training-2021/ At the end of the 3-day training, we shared a post-training survey ( https://forms.gle/n62ktvcfD1u7DgPMA) with all participants to collect their feedback on how to improve future OONI training events. To support ongoing learning, we shared a Resources document ( https://ooni.org/documents/2021-ooni-partner-training-resources/ooni-resour…) with participants that includes OONI-related resources, as well as other resources (on censorship circumvention, digital security, monitoring internet connectivity shutdowns, and other censorship measurement platforms) that participants expressed interest in. We also shared OONI training slides ( https://docs.google.com/presentation/d/1mpoB_ObjMH0EWQhyZRpKWnwl5PUHf-Sa5PK…) that they can use (and customize) to facilitate OONI workshops for their communities. In July 2021, we issued OONI certificates for participants who attended our 2 OONI Partner Training events ( https://ooni.org/post/ooni-partner-training-2021/). *## Blocking of social media in Cuba amid protests* On 12th July 2021, Cuba started blocking access to online social media services amid anti-government protests. On the same day, we reported on the blocking of the WhatsApp, Telegram and Signal apps based on real-time data collected from Cuba: https://twitter.com/OpenObservatory/status/1414622433156476930 OONI data on the blocking of WhatsApp, Telegram, and Signal in Cuba is available through the following links: * Signal: https://explorer.ooni.org/search?until=2021-07-13&since=2021-06-12&probe_cc… * Telegram: https://explorer.ooni.org/search?until=2021-07-13&since=2021-06-12&probe_cc… * WhatsApp: https://explorer.ooni.org/search?until=2021-07-13&since=2021-06-12&probe_cc… The blocking of the Signal Private Messenger App in Cuba was detected based on OONI’s new Signal test (https://ooni.org/nettest/signal), which was shipped in April 2021. Our new Signal test also contributes ongoing measurements on the blocking of the Signal app in Iran ( https://explorer.ooni.org/search?until=2021-07-30&since=2021-06-30&probe_cc…) and China ( https://explorer.ooni.org/search?until=2021-07-30&since=2021-06-30&probe_cc…), among other countries. We recently added support to our backend for the adjustment of URL priorities (as part of URL prioritization work). This allows us to specify in which countries certain URLs should have higher priority for testing and empowers us to dynamically adjust these in response to censorship events. Following the social media blockade in Cuba, we bumped up the priority of the GRP (Social Media) category code (from the Citizen Lab test lists: https://github.com/citizenlab/test-lists/blob/master/lists/00-LEGEND-new_ca…) on 14th July 2021 for Cuba. This enabled us to detect (and collect measurements on) the temporary blocking of facebook.com in Cuba ( https://explorer.ooni.org/search?until=2021-07-30&since=2021-06-30&probe_cc…). It also enabled us to detect (and collect measurements on) the blocking of tiktok.com in Cuba ( https://explorer.ooni.org/search?until=2021-07-30&since=2021-06-30&probe_cc…). Following the prioritization of URLs from this category, we were able to collect a total of 960 measurements for the GRP category code from Cuba. OONI’s response to the recent social media censorship events in Cuba has received the following press coverage: https://www.nbcnews.com/tech/tech-news/cubans-protest-government-cracks-int… https://www.wsj.com/articles/internet-powered-mass-protests-in-cuba-then-th… https://cpj.org/2021/07/journalists-detained-and-harassed-internet-disrupte… Cuban organization, YucaByte, published a report documenting the censorship events in Cuba amid the protests (citing OONI data): https://www.yucabyte.org/2021/07/12/11j-internet-cuba/ *## OONI Probe Mobile* We released OONI Probe Android 3.2.0 ( https://github.com/ooni/probe-android/releases/tag/v3.2.0) and OONI Probe iOS 3.2.0 (https://github.com/ooni/probe-ios/releases/tag/v3.2.0). This release includes: * A reminder encouraging users to enable automated testing * A badge to indicate that a proxy is being used * Support for minimizing a running test * Support for validating URLs shared via OONI Run ( https://github.com/ooni/probe-android/pull/443) * Font size fix on iPhone SE ( https://github.com/ooni/probe-ios/commit/8f3fcf90b286e7e9ffee18c4b8ea223f2f… ) These features were added to encourage users to enable automated testing and contribute measurements regularly. In response to community requests, we also added a badge to indicate that a proxy is being used, and we added support for minimizing a running test (enabling users to make use of other features of the OONI Probe app while a test is running). *## OONI Probe Desktop* We released OONI Probe Desktop 3.5.2: https://github.com/ooni/probe-desktop/releases/tag/v3.5.2 This release fixed a critical bug in autoupdate which prevented downloading and installing updates. In July 2021, we provided mentorship to Google Summer of Code (GSoC) student Shivam Shekhar, who worked on implementing end-to-end tests for OONI Probe Desktop. In particular, he implemented tests for the code responsible for running the OONI Probe command line tool ( https://github.com/ooni/probe-desktop/pull/231). Moreover, tests were implemented for several UI components as part of the following pull request: https://github.com/ooni/probe-desktop/pull/229 *## Progress on browser-based OONI Probe* We made some progress on the browser based implementation of OONI Probe. Specifically, we integrated React into the project so that we can reuse the existing components we developed for web based projects (see: https://github.com/ooni/probe-web/commit/a9da79b9384f7f496bb3278a4a00cacc39…). We also did some research into how to tweak the fetch API calls so that we minimise the amount of sensitive data transmitted to the measured web hosts (see: https://github.com/ooni/probe-web/commit/5bf0ba41a9e2464da070ba21f4463ddce2… ). *## Expanding OONI censorship measurement methodologies* We looked into alternative TLS stacks that we could use for performing measurements, but potentially also for communicating with our backend services. This was prompted by the fact that we have noticed that some countries (such as Iran) will implement blocking of all TLS connections that present a specific fingerprint. In particular, we looked into https://github.com/refraction-networking/utls and researched how we could go about integrating it into the OONI codebase, as well as what work would be necessary to update it to the latest version of the golang TLS library. This work is documented through the following ticket: https://github.com/ooni/probe/issues/1702 In July 2021, we provided mentorship to Google Summer of Code (GSoC) student Kathrin Elmenhorst, with whom we collaborated on making several improvements to how errors are handled inside of our measurement engine. Specifically, we ensured that it’s possible to accurately map more classes of errors to OONI error strings, as documented through the following ticket: https://github.com/ooni/probe/issues/1505 We also made some progress on comparing the new golang-written Web Connectivity test helper to the old python-based one. The goal of this comparison is to determine how well-suited the new test helper is at replacing the legacy one and if, in doing the switch from one to the other, we are introducing any inaccuracies in the resulting measurements. *## Created mockups for new OONI Probe Snowflake test results* We implemented mockups for displaying the test results of our new Snowflake pluggable transport test inside of OONI Probe. This has been tracked as part of the following issue: https://github.com/ooni/ooni.org/issues/759 *## Research on whether to ship PTs as a separate binary* We carried out research to explore whether to ship pluggable transports as separate binaries or link them with the ooniprobe binary. Based on this research, we wrote an internal document which explains our design choices, PT spec considerations, and conclusions. In the end, we chose to integrate our new Snowflake experiment into ooniprobe as a Go library leveraging version 2 of the pluggable-transports specification: https://github.com/ooni/ooni.org/issues/765 *## OONI backend* In July 2021, we worked on the following OONI backend activities: * Fixed certbot nginx configuration bug (server/port overlap) * Made improvements to the API rate limiting system and developed new integration tests to ensure it’s working as expected: https://github.com/ooni/api/pull/256 * Added support for the global prioritized testing of popular social media URLs: https://github.com/ooni/backend/issues/507 * Added support for the prioritized testing of the GRP Citizen Lab category code in Cuba * Worked on the test helper rotation tool which automatically deploys on cloud infrastructure machines for running backend infrastructure. These are rotated automatically on a periodic basis: https://github.com/ooni/backend/issues/496 * As part of the development of the rotating test helpers, we also did a major rework to how TLS certificates are generated. Specifically we integrated it with DNS and certbot and deployed it to production. * Test with probes on test API. * API: Deployed test.ooni domains in CORS: https://github.com/ooni/api/pull/259 * API: Switched URL submission to account_id: https://github.com/ooni/api/pull/260 * Reprocessed legacy measurements and created JSONL files * Monitored measurement coverage by unattended runs * Updated internal ASN coverage charts * Developed charts that make predictions on the expected measurement volume based on the submission API. We have these charts implemented in our internal backend dashboards and have configured alerts to notify us if the expected measurement volume falls below a certain threshold. * Implemented support for running end-to-end integration tests of the API and fastpath on our continuous integration platform. Through this setup we can ensure that a large part of the backend infrastructure is working as expected and that the API and fastpath are run on real OONI measurement data: https://github.com/ooni/api/pull/258. * Refactored scripts to run tests on different environments *## Building a web platform for test list updates* We deployed the private beta of our new web platform for test list updates to production (https://test-lists.ooni.org/login). We worked on fixing issues reported as part of internal team testing of the platform ( https://github.com/ooni/test-lists-ui/pull/2). We also shared the private beta with a few community members to collect their feedback, based on which we worked on further improvements, which are documented as issues here: https://github.com/ooni/test-lists-ui/issues Once the private beta is further polished, we will share it more extensively to collect further community feedback before launching the platform. *## Collaboration with Netalitica* Netalitica researchers continued to do excellent work in reviewing and updating more Citizen Lab test lists. In July 2021, we reviewed their updates to the test lists for India and Burundi and shared feedback for improvements. *## Test list updates* In July 2021, we contributed updates to the following Citizen Lab test lists: * Russia: https://github.com/citizenlab/test-lists/pull/805 * Ethiopia: https://github.com/citizenlab/test-lists/pull/804 * Armenia: https://github.com/citizenlab/test-lists/pull/803 *## New partnership with Internet Society (ISOC)* In July 2021, we established a new partnership with Internet Society (ISOC). As part of this partnership, OONI is now a data partner ( https://pulse.internetsociety.org/partners) for ISOC’s Pulse project on Internet shutdowns: https://pulse.internetsociety.org/shutdowns As a data partner, we will provide ISOC with relevant OONI data in support of their Pulse project which maps internet shutdowns around the world. *## Community activities### Zaina Foundation Internet Shutdown Training* On 12th and 13th July 2021, Zaina Foundation organized and facilitated an Internet Shutdown Training for human rights defenders in Tanzania. One of the core objectives of this training was to train coalition members on OONI censorship measurement methodologies and to explore OONI data. As part of this training, Zaina Foundation facilitated the following 2 OONI workshops: 1) Introduction to OONI Probe and OONI Explorer 2) OONI practical session Following the training, Zaina Foundation shared community feedback with us and coordinated with local communities on translating OONI Probe to Swahili. *### OONI presentation at the Nexa Center for Internet and Society* On 28th July 2021, OONI’s Arturo presented OONI at the Nexa Center for Internet and Society of the Polytechnic University of Turin. As part of his presentation, Arturo provided OONI updates on the state of internet censorship worldwide in 2020. Information about the event is available here: https://nexa.polito.it/lunch-90 The presentation can be viewed through the following link: https://www.youtube.com/watch?v=fO53FLTu4a8 *### Access Now webinar on internet shutdowns* On 30th July 2021, OONI’s Maria presented OONI as part of Access Now’s webinar titled: “#KeepItOn during an internet shutdown: How to measure, document, and circumvent network interference”. In particular, she discussed how OONI’s tools and data can be used for measuring partial internet shutdowns (involving the blocking of websites and apps). This webinar was live-streamed on YouTube: https://youtu.be/aFIBrRXKm2E *### OONI documentation in Farsi* Iranian community members created detailed and comprehensive documentation which explains OONI tools and methodologies in Farsi. This documentation is available here: https://wikicensorship.github.io/fa/docs/measure-internet-censorship/OONI/ The Farsi documentation covers the following areas: * Investigate Internet censorship through the OONI probe * How Websites Test Works * Directly enter custom addresses in the application * Create a custom test list * Analysis of results * Simple analysis of results * Advanced results analysis * Diagnosis of sanctions * Internal breaker setting only for backend connection * Data mining in OONI results data *### OONI Probe video tutorial in Spanish* Our Bolivian partners, Fundación Internet Bolivia ( https://ooni.org/partners/fundacion-internet-bolivia.org/), created a video tutorial in Spanish where they present OONI and explain OONI Probe, providing a live demo of using the tool. This is available here: https://peertube.tv/videos/watch/e6991978-a3d7-4718-b688-482a9a4de525 *### OONI Community Meeting* On 27th July 2021, we hosted the monthly OONI Community Meeting on our Slack channel (https://slack.ooni.org/), during which we discussed the following topics: 1) New web platform for updating the Citizen Lab test lists: Request for community feedback 2) Adding Signal under instant messaging tests for Debian/Ubuntu OONI Probe users 3) Backend proxy for OONI Probe Desktop and OONI Probe CLI *## Userbase* In July 2021, 13,522,345 OONI Probe measurements were collected from 4,969 AS networks in 195 countries around the world. This information can also be found through our measurement stats on OONI Explorer (see chart on “monthly coverage worldwide”): https://explorer.ooni.org/ ~ OONI team.

1 0

Survey: Understanding your use of Tor and VPNs
by Nah 12 Oct '21

12 Oct '21

Hello, We launched a survey to learn more about how and why our users use VPNs. If you're a Tor Browser user and use VPNs in any device, you can help us by answering this survey: https://survey.torproject.org/index.php/664393 (onion service available) The survey is anonymous, it has 22 questions, and shouldn't take more than 10 minutes to complete, but please take your time and answer at your own pace. Thank you very much. -- Nah UX Researcher The Tor Project

1 0

Anti-censorship meeting notes, 2021 September 30
by Cecylia Bocovich 07 Oct '21

07 Oct '21

Hi everyone! Here are our meeting notes from last week. First the meeting logs: http://meetbot.debian.net/tor-meeting/2021/tor-meeting.2021-09-30-16.00.html and the meeting pad: Anti-censorship work meeting pad -------------------------------- Next meeting: Thursday September 30th 16:00 UTC Weekly meetings, every Thursday at 16:00 UTC, in #tor-meeting at OFTC (channel is logged while meetings are in progress) == Goal of this meeting == Weekly checkin about the status of anti-censorship work at Tor. Coordinate collaboration between people/teams on anti-censorship at Tor. == Announcements == == Discussion == Using the STATUS message to send PT versions to the tor process: https://gitlab.torproject.org/tpo/core/tor/-/issues/11101 development of STATUS: https://gitlab.torproject.org/tpo/core/tor/-/issues/28181#note_2487283 https://gitweb.torproject.org/torspec.git/tree/pt-spec.txt?id=1ecf3f6658681… motivation is to put version information in the bridge extrainfo descriptor, so we know when bridge operators haven't updated assuming network team wants this, what do we do on the PT side? we could add a new PT message for the version number, or reuse the existing STATUS message STATUS is not implemented in goptlib, though if there's a documented use case and a designated key string, dcf is not averse to adding support for it consider: tor may want to require that the version message be sent during the initial negotiation; i.e., before CMETHODS DONE / SMETHODS DONE. in that case it has to be documented that the STATUS / other message will be ignored if sent later also it should be documented what happens if the version self-reporting message is sent more than once perhaps good to consult with the wider PT ecosystem ptadapter https://github.com/twisteroidambassador/ptadapter has PT 2.x already considered version reporting? adopting zoossh https://github.com/NullHypothesis/zoossh/pull/12#issuecomment-930954831 zoossh is now being used in rdsys to parse networkstatus, bridge-descriptors, etc. we need modifications to the package phw (author of zoossh) is not developing it anymore but is willing to merge our patches or let us fork it the plan for now is to send patches upstream == Actions == == Interesting links == https://lists.zx2c4.com/pipermail/wireguard/2021-September/007142.html WireGuard with obfuscation support == Reading group == We will discuss "Exploring Simple Detection Techniques for DNS-over-HTTPS Tunnels" on 2021-10-07 https://dl.acm.org/doi/10.1145/3473604.3474563 Questions to ask and goals to have: What aspects of the paper are questionable? Are there immediate actions we can take based on this work? Are there long-term actions we can take based on this work? Is there future work that we want to call out, in hopes that others will pick it up? == Updates == Name: This week: - What you worked on this week. Next week: - What you are planning to work on next week. Help with: - Something you need help with. cecylia (cohosh): last updated 2021-09-30 Last week(s): - finished some s28 work - anti-censorship/team#24 - anti-censorship/team#34 - anti-censorhsip/team#26 - added new bridges to the reachability tests we are running - revised client-side API changes (snowflake!56) - reviewed geoip standalone library (geoip!1) - reviewed snowflake proxy library (snowflake!52) This week: - continue snowflake v2 improvements - implement changes to server API - reviews - catch up on censorship-analysis measurements and work - do some snowflake simulations in shadow :) Needs help with: arlolra: 2021-08-12 Last week: - Migrate to v3 of the webextension manifest Next week: - Maybe get back to snowflake-webext #10 - Write up the pitch for our use case for supporting creating PeerConnections in background service workers https://github.com/w3c/webrtc-extensions/issues/77 Help with: - dcf: 2021-09-30 Last week: Next week: Help with: agix:2021-07-15 Last week: -Off due to final exams Next week: -Work on bridgebox for rdsys -More research on httpt #4 Help with: - hanneloresx: 2021-3-4 Last week: - Submitted MR for bridgestrap issue #14 Next week: - Finish bridgestrap #14 - Find new issue to work on Help with: - maxb: 2021-09-23 Last week: - Worked on https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… re: utls for broker negotiation - Had conversation with someone about upstream utls http round tripper https://github.com/refraction-networking/utls/pull/74 - Too busy with work :/ Next week: - _Really_ want to get a PR for utls round tripper meskio: 2021-09-30 Last week: - deploy censorship snapshot as part of rdsys (rdsys#61) - refactor snowflakes geoip code into a library (team#32) - explore zoossh as file parser (rdsys#69) Next week: - parse bridge-descriptors file and fix networkstatus parser (rdsys#69) - make bridgedb a rdsys distributor (bridgedb#40031) Help with: -

1 0

Joydeep's Monthly Status Report
by Joydeep Sen Gupta 06 Oct '21

06 Oct '21

Hello everyone! This is my monthly status report for September-October, 2021 (starting from September 15). The priorities for this month have been to continue our user support work on the official channels, namely frontdesk RT and #tor on OFTC IRC. Frontdesk stats: Timeline : 15 Sept 2021 (00:00 UTC) - 06 Oct 2021 (00:00 UTC) Total tickets created: 90 Total tickets resolved: 77 Note: We receive a lot of spam (more on that down below!) and the total number of tickets created might include some of the spammy tickets as well since we have to manually label them as 'spam'. Breakdown of number of RT tickets received with respect to operating system: Windows (10,8,7, all the way upto XP) - 10 macOS - 3 GNU/Linux - 3 Android- 7 (Note: This includes tickets where the user mentioned the operating system or it was evident from the issue they were running into and/or enclosed screenshots.) Frequent tickets (at least 2 RT tickets): 1. 18 RT Tickets - Private Bridge requests. We recently added the entry 'How to circumvent the Great Firewall and connect to Tor from China?' to the Support Portal [1] but I noticed [2] that a lot of those requests were going into spam as the subject line of the email generally consisted of non-ascii characters. We have now updated the article to suggest users to include 'private bridge' in the subject line (and it seems to be working well!). 2. 8 RT Tickets - Websites blocking Tor. We have received such complaints from users trying to access Youtube and websites using Cloudflare. 3. 4 RT Tickets - Failure to launch Tor Browser. This query is covered by the "Seven-point basic troubleshooting" article (template) on the RT. 4. 3 RT Tickets - macOS download links for Tor Browser resulting in a 404 error.[3] 5. 2 RT Tickets - Can't upload files with Tor browser on Android.[4] 6. 2 RT Tickets - Queries regarding v2 onion services deprecation. # Spam on frontdesk I aggregated some rough stats on how much spam we are getting every month and it's quite a lot. In the past few months, we have received nearly 1200 to 1300 spam tickets per month. Gus has been blocking some of the recurring spammers on the frontdesk although the stats, thus far, don't look very promising. I have requested TPA to help us improve the spam filter on frontdesk [5]. Apart from RT, I have been active on #tor IRC and other social media forums to answer support queries. If you have any suggestions, questions or want to discuss anything in detail please feel free to contact me. Thanks, -- Joydeep [1]: https://support.torproject.org/censorship/connecting-from-china/ [2]: https://gitlab.torproject.org/tpo/web/support/-/issues/261 [3]: https://gitlab.torproject.org/tpo/web/tpo/-/issues/234#note_2752838 [4]: https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/40283 [5]: https://gitlab.torproject.org/tpo/tpa/team/-/issues/40425

1 0

UX team meeting next Tuesday, October 12th
by Duncan Larsen-Russell 04 Oct '21

04 Oct '21

Hi everyone! The User Experience team meeting has been postponed this week, and will be happening on Tuesday October 12th at 1400 UTC in #tor-meeting instead.* During this meeting we'll share an update on the UX team’s ongoing work across key projects, Including a review of UX issues pertaining to the torproject.org <http://torproject.org/> website, and a brief discussion about September’s upcoming User Feedback Report. If you'd like to get involved please feel free to add your items to the pad: https://pad.riseup.net/p/1D8sK8Zy74b_0qclC97I-ux-team-monthly-2020-keep <https://pad.riseup.net/p/1D8sK8Zy74b_0qclC97I-ux-team-monthly-2020-keep> Remember, User Experience team meetings are an open space for discussion around ethical user research, user interface design and the user experience of privacy-enhancing products. See you soon! Duncan [*] https://gitlab.torproject.org/tpo/ux/team/-/wikis/home <https://gitlab.torproject.org/tpo/ux/team/-/wikis/home> *** Duncan Larsen-Russell Product Manager & UX Team Lead duncan(a)torproject.org <mailto:duncan@torproject.org>

1 0

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

tor-project October 2021