tor-project November 2022

tor-project@lists.torproject.org

15 participants
17 discussions

minutes from the sysadmin meeting
by Antoine Beaupré 08 Nov '22

08 Nov '22

Here's your monthly dose of sysadmin news! # Roll call: who's there and emergencies anarcat, gaba, kez, lavamind # Dashboard review We did our normal per-user check-in: * https://gitlab.torproject.org/groups/tpo/-/boards?scope=all&utf8=%E2%9C%93&… * https://gitlab.torproject.org/groups/tpo/-/boards?scope=all&utf8=%E2%9C%93&… * https://gitlab.torproject.org/groups/tpo/-/boards?scope=all&utf8=%E2%9C%93&… ... and briefly reviewed the general dashboards: * https://gitlab.torproject.org/tpo/tpa/team/-/boards/117 * https://gitlab.torproject.org/groups/tpo/web/-/boards * https://gitlab.torproject.org/groups/tpo/tpa/-/boards We need to rethink the web board triage, as mentioned in the last point of this meeting. # TPA-RFC-42: 2023 roadmap Gaba brought up a few items we need to plan for, and schedule: * donate page rewrite (kez) * sponsor9: * self-host discourse (Q1-Q2 < june 2023) * RT and cdr.link evaluation (Q1-Q2, gus): "improve our frontdesk tool by exploring the possibility of migrating to a better tool that can manage messaging apps with our users" * download page changes (kez? currently blocked on nico) * weblate transition (CI changes pending, lavamind following up) * developer portal (dev.torproject.org), in Hugo, from ura.design ([tpo/web/dev#6][]) Those are tasks that either TPA will need to do themselves or assist other people in. Gaba also went through the work planned for 2023 in general to see what would affect TPA. We then discussed anarcat's roadmap proposal ([TPA-RFC-42][]): * do the bookworm upgrades, this includes: * puppet server 7 * puppet agent 7 * plan would be: * Q1-Q2: deploy new machines with bookworm * Q1-Q4: upgrade existing machines to bookworm * email services migration (e.g. execute TPA-RFC-31, still need to decide the scope, proposal coming up) * possibly retire schleuder (e.g. execute TPA-RFC-41, currently waiting for feedback from the community council) * complete the cymru migration (e.g. execute TPA-RFC-40) * retire gitolite/gitweb (e.g. execute TPA-RFC-36) * retire SVN (e.g. execute TPA-RFC-11) * monitoring system overhaul (TPA-RFC-33) * deploy a Puppet CI * e.g. make the Puppet repo public, possibly by removing private content and just creating a "graft" to have a new repository without old history (as opposed to rewriting the entire history, because then we don't know if we have confidential stuff in the old history) * there are disagreements on whether or not we should make the repository public in the first place, as it's not exactly "state of the art" puppet code, which could be embarrassing * there's also a concern that we don't need CI as long as we don't have actual tests to run (but it's also kind of pointless to have CI without tests to run...), but for now we already have the objective of running linting checks on push ([tpo/tpa/team#31226][]) * plan for summer vacations [tpo/web/dev#6]: https://gitlab.torproject.org/tpo/web/dev/-/issues/6 [TPA-RFC-42]: https://gitlab.torproject.org/tpo/tpa/team/-/issues/40924 [tpo/tpa/team#31226]: https://gitlab.torproject.org/tpo/tpa/team/-/issues/31226 # Web team organisation Postponed to next meeting. anarcat will join Gaba's next triage session with gus to see how that goes. # Metrics of the month * hosts in Puppet: 95, LDAP: 95, Prometheus exporters: 163 * number of Apache servers monitored: 29, hits per second: 715 * number of self-hosted nameservers: 6, mail servers: 10 * pending upgrades: 0, reboots: 4 * average load: 0.64, memory available: 4.61 TiB/5.74 TiB, running processes: 736 * disk free/total: 32.50 TiB/92.28 TiB * bytes sent: 363.66 MB/s, received: 215.11 MB/s * planned bullseye upgrades completion date: 2022-11-01 * [GitLab tickets][]: 175 tickets including... * open: 0 * icebox: 144 * backlog: 17 * next: 4 * doing: 7 * needs review: 1 * needs information: 2 * (closed: 2934) [Gitlab tickets]: https://gitlab.torproject.org/tpo/tpa/team/-/boards Upgrade prediction graph lives at: https://gitlab.torproject.org/tpo/tpa/team/-/wikis/howto/upgrades/bullseye/ Now also available as the main Grafana dashboard. Head to <https://grafana.torproject.org/>, change the time period to 30 days, and wait a while for results to render. # Number of the month: 12 Progress on bullseye upgrades mostly flat-lined at 12 machines since August. We actually have three *less* bullseye servers now, down to 83 from 86. -- Antoine Beaupré torproject.org system administration

1 0

Joydeep's Monthly Status Report for October 2022
by Joydeep Sen Gupta 06 Nov '22

06 Nov '22

Hello everyone! These are my updates from October. Much of my work was concentrated around helping users in Iran circumvent censorship[1] and learning (and investigating) what usability and connectivity issues they were facing amidst the heavy censorship. This usually involved helping users with using pluggable transports with apps in the Tor ecosystem and investigating Tor logs to figure out if and how Tor was failing to connect. I have been able to respond to more than 500 support tickets from Iran in the last month but this is very much work in progress as internet is heavily censored in Iran right now. With the launch of the Year End Campaign, as always, we have generated a good deal of interest on our user support and discussion platforms and I have been responding to these queries. A lot of general Tor questions, questions about using Tor Browser, etc. We had 4 Tor Browser releases in the past month and I have been involved with some testing and also wrote some documentation for the Tor Browser Manual adding instructions for using the GetBridges Telegram bot[2] and a dedicated help section[3]. A quick overview of our user support channels: Timeline: 01 - 31 October 2022 # Frontdesk Tickets: open: 50 resolved: 766 Breakdown of most frequent tickets by numbers: 1. 99 RT Tickets - Circumventing Censorship with Tor in Iran. 2. 22 RT Tickets - Private Bridge requests from China[4] 3. 43 RT Tickets - How to use a Tor Bridge in Russia[5] # Telegram and Signal Support channel (cdr.link) Tickets resolved: 1475 The other most frequent ticket we received have been about: 1. 1140 tickets: Circumventing censorship in Iran. 2. 169 tickets: Circumventing censorship in Russia 3. 16 tickets - Using unlisted obfs4 bridges in China 4. 12 tickets - Questions about using Snowflake and setting up Snowflake proxies # Tor Forum Most popular topics in the Support category (in terms of no. of views): 1. "Standalone proxy - traffic relayed almost zero with restricted NAT type"[6] 2. "How can I use Snowflake with tor (service)?"[7] 3. "Why has Tor slowed down so much recently?"[8] 4. "Bookmarks in my Tor Browser"[9] 5. "Bridge or Snowflake? low RAM VPS"[10] Thanks, -- Joydeep [1]: https://forum.torproject.net/t/iran-circumventing-censorship-with-tor/4590 [2]: https://tb-manual.torproject.org/bridges/ [3]: https://gitlab.torproject.org/tpo/web/manual/-/issues/131 [4]: https://support.torproject.org/censorship/connecting-from-china/ [5]: https://forum.torproject.net/t/tor-blocked-in-russia-how-to-circumvent-cens… [6]: https://forum.torproject.net/t/standalone-proxy-traffic-relayed-almost-zero… [7]: https://forum.torproject.net/t/how-can-i-use-snowflake-with-tor-service/504… [8]: https://forum.torproject.net/t/why-has-tor-slowed-down-so-much-recently/502… [9]: https://forum.torproject.net/t/bookmarks-in-my-tor-browser/5310/7 [10]: https://forum.torproject.net/t/bridge-or-snowflake-low-ram-vps/5019/6

1 0

Cecylia's monthly status report, October 2022
by Cecylia Bocovich 05 Nov '22

05 Nov '22

Hi everyone, This is my status report for contract work done in October 2022. 1. Conjure development * Completed tor-browser-build changes needed for tor browser integration of conjure on desktop and mobile (not merged yet due to usability concerns) * wrote a guide for integrating PTs with Tor Browser builds [0] * Small client-side fixes for storing the assets directory 2. Snowflake web extension * Worked on fixes for website and extension translations * Updated polling frequency to help with proxy pool shortages * Made progress on Firefox MV3 updates * Reviewed and merged open MRs 3. Bridge reputation system * Wrote a plan for client-side development options [0] https://gitlab.torproject.org/tpo/anti-censorship/team/-/wikis/Tor-Browser-…

1 0

Rhatto's Monthly Status Report, October 2022
by rhatto 04 Nov '22

04 Nov '22

Hi all :) This is my monthly status report for October 2022. Main activities during the period: 0. Documentation: * Improved documentation about Onion Services UX enhancements. Now these docs are more organized to help research and discussion: https://gitlab.torproject.org/tpo/onion-services/onion-support/-/wikis/Docu… https://gitlab.torproject.org/tpo/onion-services/onion-support/-/issues/64 * Created a small timeline to track the major changes/developments in the Onion Services technology: https://gitlab.torproject.org/tpo/onion-services/onion-support/-/wikis/Docu… I'd like to have some suggestions on what to include, with references if possible :) 1. [Onion Plan][]: * Drafted a roadmap proposal for making Onion Services easier to deploy, maintain, and advertise. * It's a follow up from the Onion Plan session from September: https://gitlab.torproject.org/tpo/team/-/wikis/202209MeetingOnionPlan * The idea is to release this plan when it's ready to gather general feedback. 2. [Onion Launchpad][], an Onion Service landing page template: * Created an automation script for deploying instances on GitLab: https://gitlab.torproject.org/tpo/onion-services/onion-launchpad/-/merge_re… 3. Usual Sponsor 123 deployments and maintenance. [Onion Plan]: https://gitlab.torproject.org/tpo/onion-services/onion-support/-/wikis/Docu… [Onion Launchpad]: https://gitlab.torproject.org/tpo/onion-services/onion-launchpad -- Silvio Rhatto pronouns he/him

1 0

Nina's Monthly status report for October'22
by Nina 04 Nov '22

04 Nov '22

Hi! This is my status report for October 2022. This month, I successfully resolved 1422 tickets. On Telegram (@TorProjectSupportBot) - 1313 On RT (frontdesk@tpo) - 109 Due to censorship events in Iran, most requests (>1000) continue coming from that country. In October, more users applied to us for assistance in connecting to Tor and troubleshooting. One hundred sixty-nine (169) Telegram requests came from Russia. Users mostly asked for bridges or assistance in cases when bridges did not work for them. Also, more than 20 requests came from Turkmenistan, where internet censorship is getting even more severe. In October, some changes were implemented to the @TorProjectSupportBot - now, it allows users to pick the country from the list. Currently on the list are Iran, China, Russia and Turkmenistan. That makes communication easier and faster. We continue getting requests from Kazakhstan users concerned about internet censorship events that can happen in November 2022, when the presidential election takes place. So we started to prepare a small campaign offering Kazakhstan users to install Tor Browser beforehand [1]. [1] https://gitlab.torproject.org/tpo/onion-services/onion-support/-/issues/155

1 0

Anti-censorship team meeting notes, 2022-11-03
by Shelikhoo 03 Nov '22

03 Nov '22

Hey everyone! Here are our meeting logs: http://meetbot.debian.net/tor-meeting/2022/tor-meeting.2022-11-03-15.58.html <http://meetbot.debian.net/tor-meeting/2022/tor-meeting.2022-03-31-15.59.html> And our meeting pad: Anti-censorship work meeting pad -------------------------------- Next meeting: Thursday Nov 10 16:00 UTC Weekly meetings, every Thursday at 16:00 UTC, in #tor-meeting at OFTC (channel is logged while meetings are in progress) == Goal of this meeting == Weekly check-in about the status of anti-censorship work at Tor. Coordinate collaboration between people/teams on anti-censorship at the Tor Project and Tor community. == Links to Useful documents == * Our anti-censorship roadmap: * Roadmap: https://gitlab.torproject.org/groups/tpo/anti-censorship/-/boards * The anti-censorship team's wiki page: * https://gitlab.torproject.org/tpo/anti-censorship/team/-/wikis/home * Past meeting notes can be found at: * https://lists.torproject.org/pipermail/tor-project/ * Tickets that need reviews: from sponsors we are working on: * All needs review tickets: * https://gitlab.torproject.org/groups/tpo/anti-censorship/-/merge_requests?s… * Sponsor 28 * must-do tickets: https://gitlab.torproject.org/groups/tpo/-/milestones/10 * possible tickets: https://gitlab.torproject.org/groups/tpo/-/issues?scope=all&utf8=%E2%9C%93&… * Sponsor 96 * https://gitlab.torproject.org/groups/tpo/-/milestones/24 == Announcements == * == Discussion == * Lantern and snowflake * lantern is working on a p2p volunteer proxy system similar to snowflake * a highly concurrent client (capable of managing many simultaneous peer connections) that could do N:M multiplexing between downstream and upstream connections * very observable so that it could send lots of status information to the UI * Distributed Snowflake Server Support will be included in Tor Browser Testing Channel(Alpha) Soon: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/merge_re… * snowflake-01 got 20% increase of usage the last 24h, after being stable for few weeks * PT args size issue: https://gitlab.torproject.org/tpo/anti-censorship/team/-/issues/104 == Actions == == Interesting links == == Reading group == * We will discuss "" on * * Questions to ask and goals to have: * What aspects of the paper are questionable? * Are there immediate actions we can take based on this work? * Are there long-term actions we can take based on this work? * Is there future work that we want to call out in hopes that others will pick it up? == Updates == Name: This week: - What you worked on this week. Next week: - What you are planning to work on next week. Help with: - Something you need help with. cecylia (cohosh): last updated 2022-11-03 Last week: - set conjure/tapdance assets directory to pt dir (conjure#11) - reviewed and merge fixed to right-adjusted langs (snowflake-webext#64) - fixed webext and badge build to only include 90%+ complete locales (snowflake-webext#62) - more progress on mozilla mv3 prep - discovered problem with webext translations (snowflake-webext#66) - reviewed and merged fix to close stale 0 byte transfer connections (snowflake-webext!54) - reviewed webext performance improvements (snowflake-webext!39) This week: - website/extension release (have to do extension translations by hand) - try again to reach out to conjure developers - start working on salmon Needs help with: dcf: 2022-11-03 Last week: - opened an issue to abbreviate `ice` specifications in snowflake bridge lines https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… - contributed information about snowflake usage and Tor Metrics graphs https://gitlab.torproject.org/tpo/network-health/metrics/analysis/-/issues/… - did some review of the presentation of right-to-left languages in the snowflake webext https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… Next week: - disable non-WireGuard SSH access to snowflake-02 https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… - migrate goptlib to gitlab https://gitlab.torproject.org/tpo/anti-censorship/team/-/issues/86#note_282… - try Conjure PT development version https://forum.torproject.net/t/tor-dev-introducing-a-conjure-pt-for-tor/4429 - break up snowflake-server performance improvements into separate merge requests https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… - document recent performance optimizations in Snowflake bridge installation guide Help with: meskio: 2022-11-03 Last week: - gettor email loop fix (rdsys#133) - gettor imap reconnection fixes (rdsys#134) - open a dicussion about PT arg passing (team#104) - send a tor-relays obfs4proxy upgrade reminder - review outreachy merge requests in rdsys Next week: - obfs4proxy 0.0.14 in Tor Browser Shelikhoo: 2022-11-03 Last Week: - [Merge Request Awaiting] Add SOCKS5 forward proxy support to snowflake (snowflake!64) - [Discussion & Deployment] Rollout of Distributed Snowflake Support - [Coding & Deployment] Proposal: Centralized Probe Result Collector (anti-censorship/team#54) - [Research] HTTPT Planning https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/http… - Rollout distributed snowflake (include definition of secondary bridge on broker) https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… - Rollout distributed snowflake (get bridgeline into tor browser) https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/merge_re… Next Week: - [Research] WebTunnel Planning (Continue) - [Research] Fix vantage point summary upload in China - Release New version of Snowflake WebExt - [Research] Censorship analysis for UDP traffic between Iran and rest of Internet: 2022 Q4: https://gitlab.torproject.org/tpo/anti-censorship/censorship-analysis/-/iss… (Continue) - Finish all the reviews Itchy Onion: 2022-11-03 Last week: - Increase the number of snowflake proxies spawned in RACE and ran it against the CI test. I was able to pass every time (6 times in total). But since Tuesday I've been having trouble starting a new deployment with Rib. I've been in talk with TwoSix but so far nothing has helped. This week: - Fixed the Rib issue. Now snowflake passes CI tests 100%.

1 0

PieroV's Monthly Status Report, October 2022
by Pier Angelo Vendrame 01 Nov '22

01 Nov '22

Hi everyone! Here is my status report for October 2022. At the beginning of the month, I continued the unification of our desktop and Android patchset [0]. We had a few errors to correct, but now we use the same branch from tor-browser.git for all our platforms. One of the immediate consequences is that the Onion-Location header is now recognized on Android, too. Starting with Tor Browser 12.0a4, you can tell Tor Browser to prefer the .onion when possible [1]. After that, I worked on multi-lingual support for Tor Browser [2]. Starting with Tor Browser 12.0a4, we will ship only one package/installer for each architecture with all the languages we support. This change will make mirroring Tor Browser much easier, slightly decrease the time to build releases, and dramatically reduce the time to sign them. Of course, 36 additional languages increase the archive size. Therefore, we tried to remove files that were not actually used, like some images and fonts in the offline copy of the manual [3]. Eventually, we even reduced the final build sizes by some hundreds of kB! For the rest of the month, I have been resolving several smaller problems, such as the bookmarks window not working on macOS [4], problems that the new tor-launcher implementation caused, improvements for the multi-lingual UX, typos, and more. We are very excited about the coming 12.0, and we would love to hear any feedback from you on the latest alphas [5]]! Thanks, Pier [0] https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/41308 [1] https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/41394 [2] https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/17400 [3] https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/issues/4… [4] https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/issues/4… [5] https://www.torproject.org/download/alpha/

1 0

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

tor-project November 2022