--------------------------------
Anti-censorship work meeting pad
--------------------------------
Next meeting: Thursday April 14th 16:00 UTC
Weekly meetings, every Thursday at 16:00 UTC, in #tor-meeting at OFTC (channel is logged while meetings are in progress)
== Goal of this meeting ==
Weekly checkin about the status of anti-censorship work at Tor.
Coordinate collaboration between people/teams on anti-censorship at Tor.
== Links to Useful documents ==
* Our anti-censorship roadmap:
* Roadmap: https://gitlab.torproject.org/groups/tpo/anti-censorship/-/boards
* The anti-censorship team's wiki page:
* https://gitlab.torproject.org/tpo/anti-censorship/team/-/wikis/home
* Past meeting notes can be found at:
* https://lists.torproject.org/pipermail/tor-project/
* Tickets that need reviews: from sponsors we are working on:
* All needs review tickets: https://gitlab.torproject.org/groups/tpo/anti-censorship/-/merge_requests?scope=all&utf8=%E2%9C%93&state=opened&assignee_id=None
* Sponsor 28
* must-do tickets: https://gitlab.torproject.org/groups/tpo/-/milestones/10
* possible tickets: https://gitlab.torproject.org/groups/tpo/-/issues?scope=all&utf8=%E2%9C%93&state=opened&label_name%5b%5d=Sponsor%2028&milestone_title=None
* Sponsor 96
* https://gitlab.torproject.org/groups/tpo/-/milestones/24
== Announcements ==
* Next snowflake bridge migration scheduled for next week https://gitlab.torproject.org/tpo/tpa/team/-/issues/40716
== Discussion ==
* Nickname for second bridge site? https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snowflake/-/issues/40122
* The existing bridge site has nickname "flakey" (actually flakey1, flakey2, etc.), since the second bridge site will have a different fingerprint it should have a different nickname
* Can leave suggestions on the issue
* Discuss about cooperation with Greatfire (by serene)
* keroserene and shelikhoo had a call with Greatfire
* one of the topics discussed was collaboration regarding FreeBrowser (https://freebrowser.org/, https://github.com/greatfire/freebrowser) and Snowflake
* Some notes from the call: https://pad.riseup.net/p/greatfire-snowflake-notes
== Actions ==
*
== Interesting links ==
* Extended DNS Error provides more error codes to indicate why a DNS query failed; code 16 means "censored". (Like status code 451 in HTTP.) https://www.rfc-editor.org/rfc/rfc8914.html#section-4.17
* Ukraine-focused circumvention VPN, only unblocks a handful of sites like VK, Mail.ru
* https://zaborona.help/
* https://ntc.party/t/ukraine/2135/3
* Uses static SOCKS proxies? E.g. srv1.vpn.zaborona.help https://zaborona.help/graph.html
== Reading group ==
* We will discuss "Balboa: Bobbing and Weaving around Network Censorship" on April 7
* https://www.usenix.org/system/files/sec21-rosen.pdf
* https://censorbib.nymity.ch/#Rosen2021a
* Questions to ask and goals to have:
* What aspects of the paper are questionable?
* Are there immediate actions we can take based on this work?
* Are there long-term actions we can take based on this work?
* Is there future work that we want to call out, in hopes that others will pick it up?
== Updates ==
Name:
This week:
- What you worked on this week.
Next week:
- What you are planning to work on next week.
Help with:
- Something you need help with.
anadahz: 2022-01-27
Last week:
- Increase timeout check cycles for default-bridge-felix-1 and default-bridge-felix-2 as they have been generating too many alerts: https://gitlab.torproject.org/tpo/anti-censorship/monit-configuration/-/merge_requests/1
cecylia (cohosh): last updated 2022-03-31
Last week:
- onboarded itchy onion onto s28 tasks
- reviews
- work on conjure PT
This week:
- continued work on conjure PT
- continue to monitor snowflake broker stats
Needs help with:
dcf: 2022-04-07
Last week:
- set up the snowflake bridge's permanent server and scheduled a time for the migration https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snowflake/-/issues/40111 https://gitlab.torproject.org/tpo/tpa/team/-/issues/40716
- opened an issue for tracking the installation of a second bridge site https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snowflake/-/issues/40122
- approved last piece of forward-fingerprint patch https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snowflake/-/merge_requests/81
- posted hints about CPU profiling snowflake-webext in Chrome https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snowflake-webext/-/issues/30#note_2793352
- more correspondence with OTF about a rapid response grant for the snowflake bridge
Next week:
- look at STATUS VERSION proposal https://gitlab.torproject.org/tpo/core/torspec/-/merge_requests/63
- install second snowflake bridge site https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snowflake/-/issues/40122
Help with:
agix: 2021-02-10
Last week:
- Continued work on gettor-twitter
Next week:
- Hopefully finish the task
Help with:
-
arlolra: 2022-04-07
Last week:
- Merged the rest of snowflake !81
Next week:
- Get to snowflake-webext #10
Evergreen:
- Figure out where in pion/webrtc ALPN should be configured and used
- Maybe add Chacha20Poly1305 to pion/dtls
https://github.com/pion/dtls#planned-features
https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snowflake/-/issues/40014#note_2764731
Help with:
-
maxb: 2021-09-23
Last week:
- Worked on https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snowflake/-/issues/40054 re: utls for broker negotiation
- Had conversation with someone about upstream utls http round tripper https://github.com/refraction-networking/utls/pull/74
- Too busy with work :/
Next week:
- _Really_ want to get a PR for utls round tripper
meskio: 2022-04-07
Last week:
- document circumvention settings API (bridgedb#40043)
- accept bridge distributor request changes (rdsys#104)
- investigate bridgestrap reporting odd timing (tor#40592)
- review cross compile docker snowflake-proxy (docker-snowflake-proxy!6)
Next week:
AFK
Shelikhoo: 2022-04-07
Last Week:
- [Merge Request Awaiting] Add SOCKS5 forward proxy support to snowflake (snowflake!64)
- [Coding & Deployment] Proposal: Centralized Probe Result Collector (anti-censorship/team#54)
- [Discussion] Centralized Probe Log Collection Ascension Request
- [Discussion] Hosting Centralized Probe Log Collection Server on TPA managed VPS
- [Discussion] Bridges should report implementation versions of their pluggable transports
- [Coding] Add SOCKS5 forward proxy support to snowflake (snowflake!64) - built-in DNS
- [Coding] Distributed Snowflake Bridges - Broker(continue)
- (Reply a lot of emails)
Next Week:
- [Coding] Distributed Snowflake Bridges - Broker (continue)
Itchy Onion: 2022-04-07
Last week:
- snowflake !84
- racecar onboarding
This week:
- racecar local testing
- set up LDAP
Help with:
- upgrade to be compatible with racecar 2.1.0
HackerNCoder: 2021-12-16
This week:
Last/done:
Setup web mirror on tor.encryptionin.space
Next:
Get (new VPs with) new IP and setup new web mirror on new domain
hanneloresx: 2021-3-4
Last week:
- Submitted MR for bridgestrap issue #14
Next week:
- Finish bridgestrap #14
- Find new issue to work on
Help with:
-
ln5: 2022-03-24
Last week:
- Received hardware for a new home for snowflake.tpn; discussed OS configuration with dcf in private email
Next week:
- Install Debian 11 on new snowflake.tpn
- Possibly rack new snowflake.tpn, if I can get access and find time to do the transportation
Need help with:
- Input on urgency appreciated, for my planning
- Input on preferred CPU configuration, esp wrt HyperThreading -- lacking input before deployment in data centre, the machine will *not* have HT disabled and CPU bug mitigation will thus have to be carried out by the kernel