tor-project January 2022

tor-project@lists.torproject.org

14 participants
24 discussions

Community Team meeting notes - January 31, 2022
by gus 31 Jan '22

31 Jan '22

Hi, Here's our meeting log: http://meetbot.debian.net/tor-meeting/2022/tor-meeting.2022-01-31-13.59.log… And our meeting pad: Next meeting: Monday, February 7, 2022 - 1400 UTC Weekly meetings, every Monday at 14:00 UTC, in #tor-meeting at OFTC (channel is logged while meetings are in progress) ## Goal of this meeting Weekly checkin about the status of Community Team work at Tor. ## Links to Useful documents * Event: Tor Relay Operator meetup February 5: https://forum.torproject.net/t/tor-relays-relay-operators-meetup-fosdem/182… ## Discussion * (update) Team roadmap and OKrs: https://gitlab.torproject.org/tpo/community/team/-/wikis/home * Gamification project weekly update: - Schedule interviews this week and next week - Review interview questions: https://pad.riseup.net/p/cVs1OfnGyclGgXRbWhEe * Telegram support channel: * https://gitlab.torproject.org/tpo/community/support/-/issues/40059 * Tor Training in Brazil and Mexico (March-2022) ## Updates Gus: This week: - S30 - organizing tor training in Brazil and Mexico - Writing miko's outreachy 3rd feedback - Onboarding new Onion SRE person - Promoting FOSDEM Relay Operator Meetup: https://forum.torproject.net/t/tor-relays-relay-operators-meetup-fosdem/182… - Outreachy: following up relay operators interviews. - Publishing the bridges campaign blog post this week! - Moving the training slides to markdown/lektor. - Monitoring telegram bridges health: https://gitlab.torproject.org/tpo/community/support/-/issues/40054 Help with: - Something you need help with. Joydeep: This week: - TBA Alpha (https://forum.torproject.net/t/new-alpha-release-tor-browser-11-5a3-android…) support and testing. General user support tasks on RT and forum - FOSDEM Relay Operators Meetup - RRF Meeting Miko: Last week: - Ideation: discussed a few ideas for relay operator gamification https://gitlab.torproject.org/tpo/community/relays/-/issues/30 This week: - UX Survey insights are out: https://gitlab.torproject.org/tpo/community/relays/-/issues/31 - 2 more insight reports underway (qualitative) - Starting with personas for relay operators - Starting mockups for the relay operator portal (tentatively calling it a "portal") Help with: - Setting up UX interviews with relay operators - Reviewing interview drafts, sending out interview agendas to relay operators https://pad.riseup.net/p/cVs1OfnGyclGgXRbWhEe Nina: Last week: - Start of the support using our channel on Telegram - Translations - User support via RT This week: - Templates update emmapeel: Last week: - L10n previews - l10n rapid response funds - sponsor 9 extension - update translations in transifex This week: - l10n previews - weblate -- The Tor Project Community Team Lead

1 0

Job Announcement - Director of Engineering
by Erin Wyatt 28 Jan '22

28 Jan '22

Hello, everyone! We have a new job opening for a Director of Engineering: https://www.torproject.org/about/jobs/director-of-engineering/ Please help us spread the word. Thank you! Erin Wyatt Director of People Operations (she/her) ewyatt(a)torproject.org PGP: 35E7 2A9F 6655 45F9 2CB6 6624 BA0C 9400 F80F 91CE https://www.torproject.org <https://www.torproject.org/> http://2gzyxa5ihm7nsggfxnu52rck2vv4rvmdlkiu3zzui5du4xyclen53wid.onion/ ------------------------------------ >8 January 28, 2022 The Tor Project is seeking a Director of Engineering. This newly created position is the most senior engineering role at the organization, reporting directly to the Executive Director. The position will require deep technical expertise and the ability to lead in a geographically dispersed environment. (Most people keep hours between Central European and American Pacific time.) The Director of Engineering role presents an opportunity for an individual who is passionate about privacy and Internet freedom to guide the engineering aspects of the Tor network, Tor Browser and other applications. Our technology helps millions of people around the world, across mobile and desktop platforms, to securely and freely access the Internet. Our teams are composed of talented people who are passionate about our mission to advance human rights and freedoms by creating and deploying free and open-source anonymity and privacy technologies. Our product decisions are directly connected to our engineering efforts, so the Director of Engineering will be working with both our engineering teams and product manager. Our collective efforts are presently focused on four fronts: Applications, Tor Network (core tor), Network Health, and Censorship Circumvention. You will be joining The Tor Project at a unique moment in the project’s history, as we are laying the foundation for Tor to scale and continue to grow. You will be working with all these teams, supporting them in executing a long-term vision and strategy. The Tor Project has a strong culture of transparency and democratic processes. We are looking for a Director of Engineering who shares these values to lead our teams and help Tor to continue to provide the most private and secure way to access the Internet. Academic degrees are great, but not required if you have the right experience! Further, if you feel that you meet most of these requirements or could meet them with a little time and support, we would love to hear from you! This is a full-time and permanently remote position. Salary for this position is $150,000 USD (negotiable) and there is voluntary opt-in salary transparency for employees and contractors. <applewebdata://7C080C49-82E0-49D7-B510-29E8444F1085#the-job>The job: Work with the teams and individuals working on Tor Network, Network Health, Censorship Circumvention, and Applications. Empower and support team leads, and guide decisions on technical strategy. Guide product strategy and drive alignment across teams, crafting team coordination to build features that touch all areas and work across all supported platforms. Work with teams supporting the development of their roadmaps and long-term strategy for the Tor network and applications. Identify and execute on opportunities to improve operational excellence of the teams. Build a trusted partnership with our Project Manager. Build a trusted partnership with our Community Team lead to coordinate efforts as necessary. (Community is a very important part of Tor.) Coordinate with the Fundraising and Communication teams for media or funder requests and/or events. Interact with our funders and/or partner organizations from the Internet Freedom Community, business organizations that are part of Tor’s Membership Program, and potential future collaboration partners. Support the ED’s in exploring a sustainability strategy for the expansion of the Tor network. <applewebdata://7C080C49-82E0-49D7-B510-29E8444F1085#your-skills-and-experience>Your skills and experience: 8+ years of professional experience working with product and engineering teams. 4+ years of leadership experience with teams of 30+people, including hiring, managing, and developing talent. Significant experience with anonymity and privacy online, and network security. Experience mentoring and developing product and engineering teams. Initiative to push projects forward and knowledge of when to involve others. Past demonstrable success defining, articulating, and executing on the strategic vision for a team with a keen focus on user needs. Excellent personal and professional communication skills. Experience building cross-platform applications. Ability to work productively and collaboratively with a diverse group of colleagues from around the globe. Comfort working with privacy-preserving metrics to evaluate objectives. <applewebdata://7C080C49-82E0-49D7-B510-29E8444F1085#how-to-apply>How to Apply To apply, submit a cover letter, your CV/resume in PDF format to job-direng at torproject dot org with "Director of Engineering" in the subject line. In your cover letter, please include the reason you want to work at the Tor Project, your experience as it relates to the job description, and where you heard about this job. <applewebdata://7C080C49-82E0-49D7-B510-29E8444F1085#about-the-tor-project>About The Tor Project The Tor Project's workforce is smart, committed, and hard working. We currently have a paid and contract staff of around 37 developers and operational support people, plus many volunteers who contribute to our work and thousands of volunteers who run relays. The Tor Project is funded in part by government research and development grants, and in part by individual, foundation, and corporate donations. Tor is for everyone, and we are actively working to build a team that represents people from all over the world - people from diverse ethnic, national, and cultural backgrounds; people from all walks of life. We encourage people subject to systemic bias to apply, including people of color, indigenous people, LGBTQIA+ people, women, and any other person who is part of a group that is underrepresented in tech. The Tor Project has a strong culture of transparency and democratic processes, and long-standing community guidelines and cultural norms. Our community is committed to creating an inclusive and welcoming environment. Please read more here: Our Code of Conduct: https://gitweb.torproject.org/community/policies.git/tree/code_of_conduct.t… <https://gitweb.torproject.org/community/policies.git/tree/code_of_conduct.t…> Our Social Contract: https://gitweb.torproject.org/community/policies.git/tree/social_contract.t… <https://gitweb.torproject.org/community/policies.git/tree/social_contract.t…> Our Statement of Values: https://gitweb.torproject.org/community/policies.git/tree/statement_of_valu… <https://gitweb.torproject.org/community/policies.git/tree/statement_of_valu…> The Tor Project has a competitive benefits package, including a generous PTO policy, 16 paid holidays per year (including the week between Christmas and New Year's, when the office is closed), and flexible work schedule. Insurance benefits vary by employment status and country of residence. The Tor Project, Inc. is an equal opportunity, affirmative action employer.

1 0

Anti-censorship team meeting notes, 2022-01-27
by meskio 27 Jan '22

27 Jan '22

Hey everyone! Here are our meeting logs: http://meetbot.debian.net/tor-meeting/2022/tor-meeting.2022-01-27-15.59.html And our meeting pad: Anti-censorship work meeting pad -------------------------------- Next meeting: Thursday January 27th 16:00 UTC Weekly meetings, every Thursday at 16:00 UTC, in #tor-meeting at OFTC (channel is logged while meetings are in progress) == Goal of this meeting == Weekly checkin about the status of anti-censorship work at Tor. Coordinate collaboration between people/teams on anti-censorship at Tor. == Links to Useful documents == Our anti-censorship roadmap: Roadmap: https://gitlab.torproject.org/groups/tpo/anti-censorship/-/boards The anti-censorship team's wiki page: https://gitlab.torproject.org/tpo/anti-censorship/team/-/wikis/home Past meeting notes can be found at: https://lists.torproject.org/pipermail/tor-project/ Tickets that need reviews: from sponsors we are working on: All needs review tickets: https://gitlab.torproject.org/groups/tpo/anti-censorship/-/merge_requests?s… Sponsor 30 https://gitlab.torproject.org/groups/tpo/-/milestones/4 https://gitlab.torproject.org/groups/tpo/-/milestones/7 https://gitlab.torproject.org/groups/tpo/-/milestones/5 https://gitlab.torproject.org/groups/tpo/-/milestones/6 Sponsor 28 must-do tickets: https://gitlab.torproject.org/groups/tpo/-/milestones/10 possible tickets: https://gitlab.torproject.org/groups/tpo/-/issues?scope=all&utf8=%E2%9C%93&… == Announcements == == Discussion == no news about obfs4 security fixes, needs to be looked into Tor Browser will update first: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/issues/4… status of snowflake load balancing upgrade https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… currently staging bridge is handling almost all the traffic plan to do the upgrade on the production bridge today or tomorrow then switch the DNS back next week our metrics are low, the current hypothesis is that the counts are coming from only one of the instances plan to prevent onion key rotation by making the key files read-only will try profiling on the staging bridge to help reduce CPU usage of snowflake-server https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… test deployment of rdsys + bridgedb next week, will be available to @torproject.org email addresses aim for production in February Hetzner networking issue, shall we add it to the timeline Find more details of the incident and if it has affected any parts of the Tor network bridgedb and many bridges are in hetzner == Actions == == Interesting links == == Reading group == We will discuss "Meteor: Cryptographically Secure Steganography for Realistic Distributions" on 2022-02-03 https://dl.acm.org/doi/10.1145/3460120.3484550 https://eprint.iacr.org/2021/686 https://meteorfrom.space/ Questions to ask and goals to have: What aspects of the paper are questionable? Are there immediate actions we can take based on this work? Are there long-term actions we can take based on this work? Is there future work that we want to call out, in hopes that others will pick it up? == Updates == Name: This week: - What you worked on this week. Next week: - What you are planning to work on next week. Help with: - Something you need help with. anadahz: 2022-01-27 Last weeek: - Increase timeout check cycles for default-bridge-felix-1 and default-bridge-felix-2 as they have been generating too many alerts: https://gitlab.torproject.org/tpo/anti-censorship/monit-configuration/-/mer… cecylia (cohosh): last updated 2022-01-27 Last week: - filed shadow bug: https://github.com/shadow/shadow/issues/1869 - lots of reviews - roadmapping and documentation writing - sponsor reports - reached out to default bridge operators about down or unreliable bridges - helped with deployment of bridge-port-scan fixes This week: - more reviews - finish documenting and cleaning up shadow simulation scripts - use these snowflake + shadow scripts to do more performance testing - start looking at what is needed for a tapdance/conjure PT - write up more documentation Needs help with: dcf: 2022-01-27 Last week: - set up load balanced staging bridge for snowflake, monitored its switchover from the production bridge https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… https://forum.torproject.net/t/tor-relays-how-to-reduce-tor-cpu-load-on-a-s… Next week: - test the read-only file idea for preventing onion key rotation https://forum.torproject.net/t/tor-relays-how-to-reduce-tor-cpu-load-on-a-s… - upgrade the snowflake production bridge for load balancing https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… - switch snowflake DNS records back to the production bridge https://gitlab.torproject.org/tpo/tpa/team/-/issues/40602 - before switching over, enable profiling on the staging bridge for https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… Help with: agix: 2021-01-13 Last week: - Busy with work on Censored Planet Next week: - Continue work on gettor-twitter Help with: - arlolra: 2022-01-20 Last week: - [added 2022-01-20 by dcf] ALPN support for pion DTLS https://github.com/pion/dtls/pull/415 Next week: - Figure out where in pion/webrtc ALPN should be configured and used - Maybe add Chacha20Poly1305 to pion/dtls https://github.com/pion/dtls#planned-features https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… Help with: - maxb: 2021-09-23 Last week: - Worked on https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… re: utls for broker negotiation - Had conversation with someone about upstream utls http round tripper https://github.com/refraction-networking/utls/pull/74 - Too busy with work :/ Next week: - _Really_ want to get a PR for utls round tripper meskio: 2022-01-27 Last week: - select the type of bridges distributed by each distributor (rdsys#63) - add a third pool to the telegram bot (team#53) - rdsys/bridgedb setup coordination with tpa (tpa/team#40581) - update gettor links (gettor#85) - implement country block mechanism for rdsys and bridgedb (bridgedb#40036) Next week: - test deployment for the new rdsys/bridgedb setup (rdsys#12) - make easier to test bridgedb ater rdsys change (bridgedb#40034) - check whats up with obfs4 security fixes Shelikhoo: 2022-01-27 Last Week: - [Merge Request Awaiting] Add SOCKS5 forward proxy support to snowflake(snowflake!64) - [Merge Request Awaiting] Privacy preserving stats in Snowflake standalone proxy(snowflake#40079, snowflake!72) - [Merge Request Done] Add Google backend support for gettor updater(rdsys!19) - [Merge Request Done] Add callbacks in the client for key events during snowflake connections(snowflake#40076) - [Discussion] Implement metrics to measure snowflake churn(snowflake#34075) - [Discussion] Proposal: Support for Dynamic IP obfs4 bridges with unattended proxy information update(aka "Subscription") - [Discussion] Proposal: Push Notification Based Signaling Channel - [Discussion] Proposal: Centralized Probe Result Collector(anti-censorship/team#54) - [Investigate] Is there a better moat/snowflake SNI than cdn.sstatic.net? (snowflake#40068) - [Investigate] Multi-instance Load Balanced Tor - Snowflake Deployment - [Investigate] China "Anti-Fraud" Webpage Redirection Censorship(censorship-analysis#40026) Next Week: - [Discussion] Designing the Container Layout for rdsys - [Discussion] Implement metrics to measure snowflake churn (snowflake#34075) - [Discussion] Proposal: Push Notification Based Signaling Channel - [Merge Request] Privacy preserving stats in Snowflake standalone proxy(snowflake#40079, snowflake!72) - [Merge Request Review] Configure what distributor does distribute each resource type - [Discussion] Proposal: Centralized Probe Result Collector(anti-censorship/team#54) - [Investigate] uTLS for broker negotiation HackerNCoder: 2021-12-16 This week: Last/done: Setup web mirror on tor.encryptionin.space Next: Get (new VPs with) new IP and setup new web mirror on new domain hanneloresx: 2021-3-4 Last week: - Submitted MR for bridgestrap issue #14 Next week: - Finish bridgestrap #14 - Find new issue to work on Help with: - -- meskio | https://meskio.net/ -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- My contact info: https://meskio.net/crypto.txt -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Nos vamos a Croatan.

1 0

UX team meeting notes, January 25th
by Duncan Russell 25 Jan '22

25 Jan '22

Hello, Thanks to everyone who made it to today's UX Team meeting! We’re looking forward to seeing you all again in a week’s time on February 1st. Here are the minutes: http://meetbot.debian.net/tor-meeting/2022/tor-meeting.2022-01- <http://meetbot.debian.net/tor-meeting/2022/tor-meeting.2022-01-25-16.59.log…>25-16 <http://meetbot.debian.net/tor-meeting/2022/tor-meeting.2022-01-25-16.59.log…>.59.log.html <http://meetbot.debian.net/tor-meeting/2022/tor-meeting.2022-01-25-16.59.log…> Today we shared the study UCL are currently running on HTTPS-only modes in Tor Browser, and discussed each UX team-member's ongoing work across key projects. *** == User Experience Team Meeting == UX Team meetings happen every Tuesday at 1700 UTC in #tor-meeting on OFTC. Here are the logs from our last meeting on January 25th: http://meetbot.debian.net/tor-meeting/2022/tor-meeting.2022-01- <http://meetbot.debian.net/tor-meeting/2022/tor-meeting.2022-01-25-16.59.log…>25-16 <http://meetbot.debian.net/tor-meeting/2022/tor-meeting.2022-01-25-16.59.log…>.59.log.html <http://meetbot.debian.net/tor-meeting/2022/tor-meeting.2022-01-25-16.59.log…> == Useful links == About the UX Team: https://gitlab.torproject.org/tpo/ux/team <https://gitlab.torproject.org/tpo/ux/team> UX repository: https://gitlab.torproject.org/tpo/ux <https://gitlab.torproject.org/tpo/ux> UX roadmap: https://www.figma.com/file/n4ETd0cUkcfj3KyclJQnt3/UX-Team-Planning?node-id=… <https://www.figma.com/file/n4ETd0cUkcfj3KyclJQnt3/UX-Team-Planning?node-id=…> UX kanban: https://gitlab.torproject.org/groups/tpo/-/boards?scope=all&utf8=%E2%9C%93&… <https://gitlab.torproject.org/groups/tpo/-/boards?scope=all&utf8=%E2%9C%93&…> Team kanban: https://gitlab.torproject.org/groups/tpo/-/boards?scope=all&label_name[]=UX… <https://gitlab.torproject.org/groups/tpo/-/boards?scope=all&label_name[]=UX…> -------------------------- Tuesday January 25th 17:00 UTC -------------------------- == What projects are we working on? == S9 - Usability and Community Intervention on Support for Democracy and Human Rights https://gitlab.torproject.org/groups/tpo/-/issues?scope=all&utf8=%E2%9C%93&… <https://gitlab.torproject.org/groups/tpo/-/issues?scope=all&utf8=%E2%9C%93&…> S30 - Empowering Communities in the Global South to Bypass Censorship https://gitlab.torproject.org/groups/tpo/-/issues?scope=all&utf8=%E2%9C%93&… <https://gitlab.torproject.org/groups/tpo/-/issues?scope=all&utf8=%E2%9C%93&…> S96 – Rapid Expansion of Access to the Uncensored Internet through Tor in China, Hong Kong, & Tibet https://gitlab.torproject.org/groups/tpo/-/milestones/24 <https://gitlab.torproject.org/groups/tpo/-/milestones/24> S101 - Tor VPN Client for Android https://gitlab.torproject.org/groups/tpo/-/milestones/32 <https://gitlab.torproject.org/groups/tpo/-/milestones/32> == Announcements == * Survey on HTTPS Only Modes in Tor Browser: https://forum.torproject.net/t/survey-on-https-only-modes-in-tor-browser/18… <https://forum.torproject.net/t/survey-on-https-only-modes-in-tor-browser/18…> == Agenda == 1. Announcements 2. Weekly planning == Weekly planning == Note: Please highlight anything you'd like to discuss below in **bold** Duncan Last week (actual): - Finished nicob's onboarding - Reviewed and closed old torconenct-related tickets - Created new tickets for the next VPN objectives: https://gitlab.torproject.org/groups/tpo/-/milestones/32 <https://gitlab.torproject.org/groups/tpo/-/milestones/32> - Updated the Android VPN product brief doc - Met to discuss applications QA - Wrote draft script for tor-qa survey: ux/research#67 This week (planned): - Recap tor-browser#19850 and get it back on the roadmap - Support torconnect development - Continue prepwork for the next VPN tasks Nah Last week (actual): - Collect user feedback on community forum: https://gitlab.torproject.org/tpo/ux/research/-/issues/45 <https://gitlab.torproject.org/tpo/ux/research/-/issues/45> - Report user feedback on community forum: https://gitlab.torproject.org/tpo/ux/research/-/issues/46 <https://gitlab.torproject.org/tpo/ux/research/-/issues/46> - I was sick, so this wasn't a very productive week This week (planned): - think on ways to collaborate our User Research with other groups, and meeting with Sajolida to explore new paths in the same subject - Update User Research repository - (if have time) work on User Research Plan for volunteers - S9 proposal meeting and review - S101 review studies, use cases and features Nicob Last week (actual): - Finished final design for Vanguard blog post - Began researching similar orgs branding - Started working on a UR report template - More onboarding This week (planned): - Continue working on UR report template - Begin artwork for Data Privacy & Safer Internet days - Begin artwork for YEC wrap-up blog post == Open Call for User Research == Find out how to contribute to the UX team: https://community.torproject.org/user-research/how-to-volunteer/ <https://community.torproject.org/user-research/how-to-volunteer/> Thanks everyone! *** Duncan Larsen-Russell Product Manager & UX Team Lead duncan(a)torproject.org <mailto:duncan@torproject.org>

1 0

Community Team meeting notes - January 24 2022
by gus 25 Jan '22

25 Jan '22

Hi, Here's our meeting log: http://meetbot.debian.net/tor-meeting/2022/tor-meeting.2022-01-24-13.59.log… And our meeting pad: Next meeting: Monday, January 31, 2022 - 1400 UTC Weekly meetings, every Monday at 14:00 UTC, in #tor-meeting at OFTC (channel is logged while meetings are in progress) ## Goal of this meeting Weekly checkin about the status of Community Team work at Tor. ## Links to Useful documents * Looking for volunteers: https://forum.torproject.net/t/looking-for-volunteers-to-contribute-to-the-… ## Discussion * Outreachy - Gamification project update and next steps * User support/Telegram soft launch * RT backlog * Run a bridge campaign retrospective ## Updates Joydeep: This week: - Community Team OKRs - Testing the cdr.link user support platform - RT backlog Gus: This week: - Roadmapping with Isa and Gaba - Writing S9 new proposal - Meeting with Sajolida and TGP team about Tor trainings for S30 - Writing bridges campaign blog post and doing some logistics Miko: Last week: New resources here: UX insights, motivations and pain points https://gitlab.torproject.org/tpo/community/relays/-/issues/27 This week: - Ideation. Submitting ideas for gamification and gathering feedback (votes!) - Discussing interview prompts for Relay Operator interviews (specifically Exit Relay Ops) - Preparing an interview script for Relay Operators - Survey Analysis: Working on UX Survey analyses and observations Next week: - Picking best ideas and building mockups, understanding feasibility/viability of some features I'll pitch this week emmapeel: Last week: - Localization hangout - updates with loclab - translation previews in gitlab - emergency fund translations This week: - Translation previews in gitlab - prepare move to weblate - contact Chinese translators about support.tpo Nina: Last week: - Meetings participation - Responding to user requests (tickets) - The announcement translation - the cdr.link platform testing and discussion This week: - start of the user support via Telegram - complete the translation of the article -- The Tor Project Community Team Lead

1 0

minutes from the sysadmin meeting (OKRs edition)
by Antoine Beaupré 25 Jan '22

25 Jan '22

Hi, At our first meeting of the year, we didn't have time to complete the web team OKRs and prioritization for the first quarter, so we scheduled another meeting to do this. Here are the minutes. We might have more of those emails in the weeks to come, as we have a bunch of brainstorms and planning sessions coming up. Let me know if this is too noisy... # Roll call: who's there and emergencies anarcat, kez, lavamind, linus joined us. # 2022 Q1/Q2 web OKRs gaba and anarcat previously established a proposal for a set of OKRs for the web team, which were presented during the meeting, and copied below: ## Proposal * OKR: make the donate page easier to maintain and have it support .onion donations ([milestone 22][]) * [new lektor frontend][] * [vanilla JS rewrite][] * [we can donate through the .onion][] * OKR: make it easier for translators to contribute (almost done! not ambitious enough?) * translators can find their own copy of the website without help * bring build time to 15 minutes to accelerate feedback to translators * allow the web team to trigger manual builds for reviews * OKR: improve documentation across the organization * [launch dev.tpo][] (Q2) * "Remove outdated documentation from the header", stop pointing to dead docs * we have a plan to fix the wiki situation so that people can find and search documentation easily [milestone 22]: https://gitlab.torproject.org/groups/tpo/-/milestones/22 [new lektor frontend]: https://gitlab.torproject.org/tpo/web/donate-static/-/issues/37 [we can donate through the .onion]: https://gitlab.torproject.org/tpo/web/donate-static/-/issues/36 [vanilla JS rewrite]: https://gitlab.torproject.org/tpo/web/donate-static/-/issues/45 [launch dev.tpo]: https://gitlab.torproject.org/tpo/web/dev/-/issues/6 ## Progress update The translation CI work is already going steadily and could be finished in early Q1. We are probably going to keep prioritizing the donate page changes because if we postpone, it will be more work as updates are still happening on the current site, which means more rebasing to keep things in sync. ## Things that need to happen regardless of the OKRs We have identified some things that need to happen, regardless of the objectives. This key result, for example, was part of the "documentation" OKR, but seemed relevant to all teams anyways: * teams have less than 20 tickets across the three lists (backlog, next, doing), almost zero open (untriaged) tickets We also need to support those people as part of sponsored work: * s9 usability - Q1/Q2 * support web maintaince based on the UX feedback * Work on torproject.org usabilty issues based on user feedback * Work on community.torproject.org usabilty issues based on user feedback * Work on dev.torproject.org usabilty issues based on user feedback * phase 6 may bring more TPA work but we need to make the schedule for it with TPA * s30 - anti-censorship - Q1 * bridges.torproject.org - Q1 * s61 network performance - whole year * support the work on network simulation * s96 - china censorship - whole year * support snowflake scaling * support rdsys deployment * support moat distribution * support HTTP PT creation * support monitoring bridge health * support creation and publication of documentation * support localization * s123 - USAGM sites - Q1/Q2 * support the project on onion sites deployments * most of the work will be from February to April/May * new onion SRE and community person starting in February Non-web stuff: * resurrect bridge port scan * do not scan private IP blocks: kez talked with cohosh/meskio to get it fixed, they're okay if kez takes maintainership * make it pretty: done Some things were postponed altogether: * decide if we switch to Weblate is postponed to Q3/Q4, as we have funding then We observed that some of those tasks are already done, so we may need to think more on the longer term. On the other hand, we have a lot of work to be done on the TPA side of things, so no human cycles will be wasted. # Prioritise the two set of OKRs Next we looked at the above set of OKRs and the [2022 TPA OKRs][] to see if it was feasible to do *both*. [2022 TPA OKRs]: https://gitlab.torproject.org/tpo/tpa/team/-/wikis/roadmap/2022 Clearly, there was too much work, so we're considering ditching an OKR or two on TPA's side. Most web OKRs seem attainable, although some are for Q2 (identified above). For TPA's OKRs, anarcat's favorites are mail services and retire old services, at least come up with proposals in Q1. lavamind suggested we also prioritize the bullseye upgrades, and noted that we might not want to focus directly on RT as we're unsure of its fate. We're going to prioritise mail, retirements and upgrades. New cluster and cleanup can still happen, but we're at least pushing that to Q2. We're going to schedule work sessions to work on the mail and upgrades plans, specifically, and we're hoping to have an "upgrade work party" where we jointly work on upgrading a bunch machines at once. # Other discussions No other discussion took place. # Next meeting TPA mail plan brainstorm, 2022-01-31 15:00 UTC, 16:00 Europe/Stockholm, 10:00 Canada/Eastern -- Antoine Beaupré torproject.org system administration

1 0

Community Team meeting notes - January 19 2022
by gus 24 Jan '22

24 Jan '22

Hi, Here's our meeting log: http://meetbot.debian.net/tor-meeting/2022/tor-meeting.2022-01-19-12.59.log… And our meeting pad: ## Community Team Meeting pad Weekly meetings, every Monday at 14:00 UTC, in #tor-meeting at OFTC (channel is logged while meetings are in progress) ## Goal of this meeting Weekly checkin about the status of Community Team work at Tor. ## Links to Useful documents * Looking for volunteers: https://forum.torproject.net/t/looking-for-volunteers-to-contribute-to-the-… ## Discussion * (update) user support on Telegram: * Deployment: https://gitlab.torproject.org/tpo/tpa/team/-/issues/40578 * Planning: https://gitlab.torproject.org/tpo/community/support/-/issues/40059 * Tor translations in Chinese (S96 work) * Community Team OKrs, 1:1 and team organization ## Updates Joydeep: Last week: - Tor Browser 11.0.4 support - Reviewed one pending Gitlab ticket This week: - RRF meeting (done) - Tor Browser Alpha 11.5a2 support and testing - Montly L10n Hackathon Help with: - Gus: This week: - Sponsor9/30 training materials - Dynamic bridge health in Russia: https://gitlab.torproject.org/tpo/community/support/-/issues/40054 - Writing Bridges campaign wrap up blog post: https://gitlab.torproject.org/tpo/community/relays/-/issues/24 - Outreachy mentorship work - Meeting with ux team about user feedback collection - Meeting with sajolida to discuss S30 work in Mexico Help with: - Something you need help with. Miko: Last week: - Competitive Audit (and Report) https://gitlab.torproject.org/tpo/community/relays/-/issues/29 - blog post to understand motivations and gamification better: https://mikoing.wordpress.com/2022/01/15/what-is-fun-kids/ Next week: - Relay Operator Survey analysis report Help with: - Call for ideation - freely send your ideas about how to incentivise relay operators for their great contributions! No ideas, too wild! Nina: Last week: - Tickets from Kazakhstan (shutdown) - Bridges request and basic troubleshooting around them - Translations - articles, website - Support on #Tor User Support This week: - RRF meeting - User support on multiple channels emmapeel: Last week: - still landing from NYE, lots of backlog This week: - there are problems with our translation.git bot - translation websites previews - move to weblate - l10n hangout Help with: - I need help from tpa to fix the translation previews. -- The Tor Project Community Team Lead

1 0

Network Team - Upcoming 0.3.5.18 tor.git release - January 2022
by David Goulet 21 Jan '22

21 Jan '22

Greetings everyone! This week, the network team will release (likely on Friday) tor 0.3.5.18 (from tor.git, not arti ;) which will also be the very last version of the LTS 0.3.5.x series. On February 1st 2022, 0.3.5.x will be end-of-life and so this will close the chapter of this LTS in favor of the 0.4.5.x series as the latest LTS. You can find our release schedule here: https://gitlab.torproject.org/tpo/core/team/-/wikis/NetworkTeam/CoreTorRele… (Keep in mind that it is a best effort and not everything on that page is set in stone.) As a reminder, 0.4.7.x is still in alpha stage as we are finalizing network congestion control which is quite large and complex. We will only release a stable when we consider it ready for which we are very hopeful to be well within the first half of 2022. Keep an eye out! Upcoming version: - 0.3.5.18 @network-team: It is _now_ a good time to start reviewing changes/ files: https://gitlab.torproject.org/tpo/core/tor/-/tree/release-0.3.5/changes Last, we've asked the directory authorities to recommend this new version some minutes ago. Cheers! David -- 4+F4wjk7FBUF50LsbGBE3Mdsr5O7ugc/Fs02hg+sIf4=

1 1

Anti-censorship team meeting notes, 2022-01-20
by Cecylia Bocovich 20 Jan '22

20 Jan '22

Hey everyone! Here are our meeting logs: http://meetbot.debian.net/tor-meeting/2022/tor-meeting.2022-01-20-15.59.html And our meeting pad: Anti-censorship work meeting pad -------------------------------- Next meeting: Thursday January 20th 16:00 UTC Weekly meetings, every Thursday at 16:00 UTC, in #tor-meeting at OFTC (channel is logged while meetings are in progress) == Goal of this meeting == Weekly checkin about the status of anti-censorship work at Tor. Coordinate collaboration between people/teams on anti-censorship at Tor. == Announcements == == Discussion == resume posting weekly meeting notes? no strong feeling either way, but cohosh will resume because our discussion notes are worth saving Kazakhstan shutdown shutdown ended 2022-01-11, and nothing new noticed since then China "Anti-Fraud" Webpage Redirection Censorship https://gitlab.torproject.org/tpo/anti-censorship/censorship-analysis/-/iss… Reply from censored planet: https://gitlab.torproject.org/tpo/anti-censorship/censorship-analysis/-/iss… currently have no access to an affected vantage point RIPE Atlas? want to be able to test a large custom list of domains, to find out (1) which are being blocked, and (2) whether the blocklist is the same in different networks in China snowflake bridge load balancing migration next week? https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… dcf can set up a server with adequate resources and the same keys change DNS to use this staging server while we make configuration changes on the main server change DNS back when finished eclips.is (Greenhost) is having issues, a VPS with similar resources is $100–200 / month, not a problem if only used for staging for a week or so whom to contact about changing snowflake.torproject.net DNS records? snowflake.bamsoftware.com and snowflake.freehaven.net are already CNAMEs for snowflake.torproject.net, so we only need to change the one https://gitlab.torproject.org/tpo/tpa/team/ good idea to set a short TTL before making the change still don't now what to do about onion key rotation, short of patching tor, or hacking LastRotatedOnionKey in the state file Copy TLS keys in addition to Tor's keys Reading group? 2022-02-03 == Actions == == Interesting links == https://fightcensorship.tech/ Icarus Project, an online repository for documented Internet censorship circumvention techniques and methods https://internews.org/resource/optimashutdownworkflow/ The OPTIMA Internet Shutdowns Advocacy Workflow == Reading group == We will discuss "Meteor: Cryptographically Secure Steganography for Realistic Distributions" on 2022-02-03 https://dl.acm.org/doi/10.1145/3460120.3484550 https://eprint.iacr.org/2021/686 https://meteorfrom.space/ Questions to ask and goals to have: What aspects of the paper are questionable? Are there immediate actions we can take based on this work? Are there long-term actions we can take based on this work? Is there future work that we want to call out, in hopes that others will pick it up? == Updates == Name: This week: - What you worked on this week. Next week: - What you are planning to work on next week. Help with: - Something you need help with. cecylia (cohosh): last updated 2022-01-20 Last week: - commented on snowflake metrics churn - lots of reviews - look at obfs4 vulnerability - documented reachability probe tests for shell - gave shell access to probe site in china - created MR to close NAT check peer connections snowflake-webext!25 This week: - more reviews - finish documenting and cleaning up shadow simulation scripts - use these snowflake + shadow scripts to do more performance testing Needs help with: dcf: 2022-01-20 Last week: - tried to reproduce the snowflake webextension disabling screen lock https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… - did brief code inspection of probetest https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… - disabled our standalone snowflake proxies to free up more CPU https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… - set up another load-balanced snowflake bridge, this time with the same identity keys https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… https://forum.torproject.net/t/tor-relays-how-to-reduce-tor-cpu-load-on-a-s… - noticed and posted about upstream obfs4 vulnerability fixes https://lists.torproject.org/pipermail/anti-censorship-team/2022-January/00… https://lists.torproject.org/pipermail/anti-censorship-team/2022-January/00… Next week: - do the load balanced snowflake bridge installation again, this time on a production-capable host Help with: agix:2021-01-13 Last week: - Busy with work on Censored Planet Next week: - Continue work on gettor-twitter Help with: - arlolra: 2022-01-20 Last week: - [added 2022-01-20 by dcf] ALPN support for pion DTLS https://github.com/pion/dtls/pull/415 Next week: - Figure out where in pion/webrtc ALPN should be configured and used - Maybe add Chacha20Poly1305 to pion/dtls https://github.com/pion/dtls#planned-features https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… Help with: - maxb: 2021-09-23 Last week: - Worked on https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… re: utls for broker negotiation - Had conversation with someone about upstream utls http round tripper https://github.com/refraction-networking/utls/pull/74 - Too busy with work :/ Next week: - _Really_ want to get a PR for utls round tripper meskio: 2022-1-20 Last week: - metrics bridge distributor metrics for rdsys (rdsys#67) - don't distribute private bridges in rdsys (rdsys#84) - plan with TPA the test deployment of bridgedb (tpa/team#40581) - add country list to circumnvetion API (rdsys#83) - review snowlfake's event bus (snowflake!67) - telegram bot weekly rotation of bridges Next week: - select the type of bridges distributed by each distributor (rdsys#63) - test deployment for the new rdsys/bridgedb setup (rdsys#12) Shelikhoo: 2022-01-20 Last Week: - [Merge Request Awaiting] Add SOCKS5 forward proxy support to snowflake(snowflake!64) - [Merge Request Awaiting] Multi-arch docker image support with Dockerfile refactor for probetest(probetest!1) - [Merge Request Awaiting] Add callbacks in the client for key events during snowflake connections(snowflake#40076) - [Merge Request Pending] Privacy preserving stats in Snowflake standalone proxy(snowflake#40079) - [Discussion] Implement metrics to measure snowflake churn(snowflake#34075) - [Discussion] Proposal: Support for Dynamic IP obfs4 bridges with unattended proxy information update(aka "Subscription") - [Discussion] Proposal: Push Notification Based Signaling Channel - [Investigate] Is there a better moat/snowflake SNI than cdn.sstatic.net? (snowflake#40068) - [Investigate] Multi-instance Load Balanced Tor - Snowflake Deployment - [Investigate] China "Anti-Fraud" Webpage Redirection Censorship(censorship-analysis#40026) Next Week: - [Discussion] Designing the Container Layout for rdsys - [Discussion] Implement metrics to measure snowflake churn(snowflake#34075) - [Discussion] Proposal: Push Notification Based Signaling Channel - [Discussion] rdsys Deployment Environment - [Merge Request] Add callbacks in the client for key events during snowflake connections(snowflake#40076) - [Discussion] Proposal: Centralized Probe Result Collector HackerNCoder: 2021-12-16 This week: Last/done: Setup web mirror on tor.encryptionin.space Next: Get (new VPs with) new IP and setup new web mirror on new domain hanneloresx: 2021-3-4 Last week: - Submitted MR for bridgestrap issue #14 Next week: - Finish bridgestrap #14 - Find new issue to work on Help with: -

1 0

UX team meeting notes, January 18th
by Duncan Russell 18 Jan '22

18 Jan '22

Hello, Thanks to everyone who made it to today's UX Team meeting! We’re looking forward to seeing you all again in a week’s time on January 25th. Here are the minutes: http://meetbot.debian.net/tor-meeting/2022/tor-meeting.2022-01-18-17.59.log… <http://meetbot.debian.net/tor-meeting/2022/tor-meeting.2022-01-18-17.59.log…> Today we introduced or newest team-member, announced Tor Browser’s 11.0.4’s release, and discussed our tentative plan to deprecate the UX team mailing list in favor of the forum. *** == User Experience Team Meeting == UX Team meetings happen every Tuesday at 1700 UTC in #tor-meeting on OFTC. Here are the logs from our last meeting on January 18th: http://meetbot.debian.net/tor-meeting/2022/tor-meeting.2022-01-11-16.59.log… <http://meetbot.debian.net/tor-meeting/2022/tor-meeting.2022-01-11-16.59.log…> == Useful links == About the UX Team: https://gitlab.torproject.org/tpo/ux/team <https://gitlab.torproject.org/tpo/ux/team> UX repository: https://gitlab.torproject.org/tpo/ux <https://gitlab.torproject.org/tpo/ux> UX roadmap: https://www.figma.com/file/n4ETd0cUkcfj3KyclJQnt3/UX-Team-Planning?node-id=… <https://www.figma.com/file/n4ETd0cUkcfj3KyclJQnt3/UX-Team-Planning?node-id=…> UX kanban: https://gitlab.torproject.org/groups/tpo/-/boards?scope=all&utf8=%E2%9C%93&… <https://gitlab.torproject.org/groups/tpo/-/boards?scope=all&utf8=%E2%9C%93&…> Team kanban: https://gitlab.torproject.org/groups/tpo/-/boards?scope=all&label_name[]=UX… <https://gitlab.torproject.org/groups/tpo/-/boards?scope=all&label_name[]=UX…> -------------------------- Tuesday January 18th 18:00 UTC -------------------------- == What projects are we working on? == S9 - Usability and Community Intervention on Support for Democracy and Human Rights https://gitlab.torproject.org/groups/tpo/-/issues?scope=all&utf8=%E2%9C%93&… <https://gitlab.torproject.org/groups/tpo/-/issues?scope=all&utf8=%E2%9C%93&…> S30 - Empowering Communities in the Global South to Bypass Censorship https://gitlab.torproject.org/groups/tpo/-/issues?scope=all&utf8=%E2%9C%93&… <https://gitlab.torproject.org/groups/tpo/-/issues?scope=all&utf8=%E2%9C%93&…> S96 – Rapid Expansion of Access to the Uncensored Internet through Tor in China, Hong Kong, & Tibet https://gitlab.torproject.org/groups/tpo/-/milestones/24 <https://gitlab.torproject.org/groups/tpo/-/milestones/24> S101 - Tor VPN Client for Android https://gitlab.torproject.org/groups/tpo/-/milestones/32 <https://gitlab.torproject.org/groups/tpo/-/milestones/32> == Announcements == * The UX Team welcomes our newest member: Nico (nicob)! * Tor Browser 11.0.4 Release (desktop only): https://blog.torproject.org/new-release-tor-browser-1104/ <https://blog.torproject.org/new-release-tor-browser-1104/> == Agenda == 1. Announcements 2. Weekly planning 3. UX mailing list deprecation == Weekly planning == Note: Please highlight anything you'd like to discuss below in **bold** Duncan Last week (actual): - Onboarded new team-member - Made sure the YEC is taken down on desktop and web - Tor Browser 11.0.4 launch support - Reviewed the Q4 2021 roadmap - Set up new team kanban - Split out torconenct design into three tickets: - https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/29590 <https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/29590> - https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/40780 <https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/40780> - https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/40782 <https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/40782> - Started a script for the planned tor-qa survey This week (planned): - Finish nicob's onboarding - Continue torconnect ticket wrangling - Get up to speed on the VPN project - Contribute to review of Tor QA practises - Review remote user research methodology for S9 Nah Last week (actual): - ECC meetings - meetings to brainstorm and align new project phase S9 - exploring the last VPN survey for new insights and next steps S101 - started to brainstorm use case and features for VPN - updated User Research portal website - many 1:1 to align and plan user research for this quarter This week (planned): - Collect user feedback on community forum: https://gitlab.torproject.org/tpo/ux/research/-/issues/45 <https://gitlab.torproject.org/tpo/ux/research/-/issues/45> - Report user feedback on community forum: https://gitlab.torproject.org/tpo/ux/research/-/issues/46 <https://gitlab.torproject.org/tpo/ux/research/-/issues/46> - bring more use cases and features for VPN - think on ways to collaborate our User Research with other groups, and meeting with Sajolida to explore new paths in the same subject - (if have time) work on User Research Plan for volunteers Nicob Last week (actual): - First day and onboarding! - Read through mid-point deliverable of Brand Analysis from Berkeley Group - Explored design concepts for donate page banner This week (planned): - More onboarding? - Exploring design concepts for blog post: Vanguard of Browser Privacy - Begin researching/exploring visual direction for comms 2022 - Design new wordmark & lockup for Tor browser - Read through Berkeley Group final deliverable Joydeep (championquizzer) [Community Team work] This week (planned): - user support work (priority this week: users in .ru and .kz) - Gitlab to-do/reviews: https://gitlab.torproject.org/groups/tpo/-/boards?scope=all&state=opened&as… <https://gitlab.torproject.org/groups/tpo/-/boards?scope=all&state=opened&as…> == Open Call for User Research == Find out how to contribute to the UX team: https://community.torproject.org/user-research/how-to-volunteer/ <https://community.torproject.org/user-research/how-to-volunteer/> Thanks everyone! *** Duncan Larsen-Russell Product Manager & UX Team Lead duncan(a)torproject.org <mailto:duncan@torproject.org>

1 0

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

tor-project January 2022