Here is an early brainstorming list of the scope for our future anti-censorship team. Let us know if we left out a critical category. And of course once we have actual team members I expect they will take this initial roadmap and do something even smarter than this list. :)
(1) BridgeDB: - Automated monitoring - Understand current usage patterns, consider improving the design Don't get obfs4 bridges blocked by other transports (#28655)
(2) Pluggable Transports: - Improve the PT interface with Tor, to pass logs etc (#25502) [with network team] - Tor Browser can use other circumvention tools as proxies (#28556) [with browser team] - Specific PTs: Maintain obfs4proxy (like fixing the iat bug that let Kazakhstan block it) Snowflake Httpsproxy Marionette Domain front through community sites - Talk to research groups to keep in touch about their PT research work
(3) Improve Tor user experience for users in censored / crappy networks: - Gettor: automated monitoring and automated updates. Improve UX. - Understanding and reducing client time to bootstrap [with network team] and other parameters that are tuned poorly for slow networks
(4) Understand Tor censorship: - Tor Browser network testing mode (#23839, #28531) [with browser team] - Reachability scanning for the default (shipped in Tor Browser) bridges [with ooni] - Understand bridge load and bridge blocking (e.g. fix user counting bugs that are making our Turkey count wrong) [with network / metrics teams]
(5) Help users use bridges: - Help NGOs get their users on bridges (#28015, #28526) - Tor Browser *automates* picking the right PTs [with browser team]
(6) Community outreach and integration: [with community team] - [Initial list of outreach partner NGOs elided for now, since some of them have opsec needs to keep their people safe]
Does (4) encompass understanding what it is that adversaries key off of to block Tor? (e.g. is it IP address, IP+Port, fixed byte strings.... If it is IP, how frequently is it updated, etc)
-tom On Wed, 19 Dec 2018 at 06:34, Roger Dingledine arma@mit.edu wrote:
Here is an early brainstorming list of the scope for our future anti-censorship team. Let us know if we left out a critical category. And of course once we have actual team members I expect they will take this initial roadmap and do something even smarter than this list. :)
(1) BridgeDB:
- Automated monitoring
- Understand current usage patterns, consider improving the design Don't get obfs4 bridges blocked by other transports (#28655)
(2) Pluggable Transports:
- Improve the PT interface with Tor, to pass logs etc (#25502) [with network team]
- Tor Browser can use other circumvention tools as proxies (#28556) [with browser team]
- Specific PTs: Maintain obfs4proxy (like fixing the iat bug that let Kazakhstan block it) Snowflake Httpsproxy Marionette Domain front through community sites
- Talk to research groups to keep in touch about their PT research work
(3) Improve Tor user experience for users in censored / crappy networks:
- Gettor: automated monitoring and automated updates. Improve UX.
- Understanding and reducing client time to bootstrap [with network team] and other parameters that are tuned poorly for slow networks
(4) Understand Tor censorship:
- Tor Browser network testing mode (#23839, #28531) [with browser team]
- Reachability scanning for the default (shipped in Tor Browser) bridges [with ooni]
- Understand bridge load and bridge blocking (e.g. fix user counting bugs that are making our Turkey count wrong) [with network / metrics teams]
(5) Help users use bridges:
- Help NGOs get their users on bridges (#28015, #28526)
- Tor Browser *automates* picking the right PTs [with browser team]
(6) Community outreach and integration: [with community team]
- [Initial list of outreach partner NGOs elided for now, since some of them have opsec needs to keep their people safe]
tor-project mailing list tor-project@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-project
Looks like a good overview. I'd like to see two other pieces fit in there somehow:
* Encrypted SNI for domain fronting * getting the code deployable on all the platforms Tor supports
The latter means having people available with the requisite skill sets for deploying things on Windows, macOS, Android, etc. I think it needs to be on the roadmap because it can be a surprising amount of work, and that work can be dramatically reduced based on early choices. For example, Python is easy on GNU/Linux and macOS, but a poor choice on Windows and Android.
.hc
Roger Dingledine:
Here is an early brainstorming list of the scope for our future anti-censorship team. Let us know if we left out a critical category. And of course once we have actual team members I expect they will take this initial roadmap and do something even smarter than this list. :)
(1) BridgeDB:
- Automated monitoring
- Understand current usage patterns, consider improving the design Don't get obfs4 bridges blocked by other transports (#28655)
(2) Pluggable Transports:
- Improve the PT interface with Tor, to pass logs etc (#25502) [with network team]
- Tor Browser can use other circumvention tools as proxies (#28556) [with browser team]
- Specific PTs: Maintain obfs4proxy (like fixing the iat bug that let Kazakhstan block it) Snowflake Httpsproxy Marionette Domain front through community sites
- Talk to research groups to keep in touch about their PT research work
(3) Improve Tor user experience for users in censored / crappy networks:
- Gettor: automated monitoring and automated updates. Improve UX.
- Understanding and reducing client time to bootstrap [with network team] and other parameters that are tuned poorly for slow networks
(4) Understand Tor censorship:
- Tor Browser network testing mode (#23839, #28531) [with browser team]
- Reachability scanning for the default (shipped in Tor Browser) bridges [with ooni]
- Understand bridge load and bridge blocking (e.g. fix user counting bugs that are making our Turkey count wrong) [with network / metrics teams]
(5) Help users use bridges:
- Help NGOs get their users on bridges (#28015, #28526)
- Tor Browser *automates* picking the right PTs [with browser team]
(6) Community outreach and integration: [with community team]
- [Initial list of outreach partner NGOs elided for now, since some of them have opsec needs to keep their people safe]
tor-project mailing list tor-project@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-project
Hello,
On 12/19/18 6:34 AM, Roger Dingledine wrote:
- Specific PTs: Maintain obfs4proxy (like fixing the iat bug that let Kazakhstan block it)
I ostensibly still maintain the codebase (for lack of anyone better doing so). If there's clear indication of what's broken, I'll fix this, but no one has told me anything.
I suggest adding:
7) Fix long standing issues with the PT (and related components) that stem from core tor.
- Un-bitrot the Bridge Guard branch that's floating around, and deploy it.
- Figure out how to allow bridges to run without a public OR port while being part of BridgeDB (along with the fancy new monitoring from (1).
Regards,
Roger Dingledine:
Here is an early brainstorming list of the scope for our future anti-censorship team. Let us know if we left out a critical category. And of course once we have actual team members I expect they will take this initial roadmap and do something even smarter than this list. :)
I see automated monitoring, but will automatic bridge discovery be added to this list as well?
Another note: While I was working on a project today, I realized if you have a fresh consensus, you can connect directly to the network in Iran and the connection is noticeably faster.
I wonder if anyone has done any work on only fetching the network consensus over PTs whenever it needs to be downloaded instead of having them acting as the guard.
-- Nima 0X58C4B928A3E218F6 | @mrphs
"I disapprove of what you say, but I will defend to the death your right to say it" --Evelyn Beatrice Hall
Nima Fatemi:
Roger Dingledine:
Here is an early brainstorming list of the scope for our future anti-censorship team. Let us know if we left out a critical category. And of course once we have actual team members I expect they will take this initial roadmap and do something even smarter than this list. :)
I see automated monitoring, but will automatic bridge discovery be added to this list as well?
I'd like to second that! There is a lot of low hanging fruit for making bridges automatically discoverable, and it could really make it a lot easier to connect via bridges.
.hc
Roger Dingledine:
Here is an early brainstorming list of the scope for our future anti-censorship team. Let us know if we left out a critical category. And of course once we have actual team members I expect they will take this initial roadmap and do something even smarter than this list. :)
[...]
Thanks for working on this list.
I see a bunch of people on IRC often mention that are unable to download Tor Browser or get tor packages for their distributions. The same users usually find all subdomains of torproject.org blocked. For these scenarios a better plan should be established specifically on:
- How people can access *.torproject.org website mirrors - Download and verify Tor Browser (when the canonical documentation is blocked) - Add/fix gateways to provide Tor Browser and tor packages (Signal, Telegram, Whatsapp, XMPP, support more email providers, ...) - Use alternative methods to retrieve tor packages in their distributions (for instance in Debian package apt-transport-https), common scenario of DPI/keyword blocking. - Allow user to submit an "anonymized" log report; either via a button in Tor Browser or a helper script in tor package. This will help us enormously to understand which method (combination of PT/Bridge or something else) worked (if any) in their case to bootstrap Tor.
Cheers, ~Vasilis
Hi Vasilis,
Thanks for the feedback, that’s a good list of suggestions that we can consider in future.
I see a bunch of people on IRC often mention that are unable to download Tor Browser or get tor packages for their distributions.
You're probably already aware, but it’s worth mentioning that, for people unable to download Tor Browser from the website, there is currently the gettor project (https://gettor.torproject.org/) whereby people can email gettor@torproject.org (mailto:gettor@torproject.org) including the operating system in the email body. It does not currently return the latest Tor Browser package, but it’s still better than nothing.
Unfortunately this is still on a tpo.org domain, so discovery may be somewhat challenging. Perhaps we can have some sort of smart bot on IRC that tells these users what to do? I’m not an IRC bot developer so maybe this is not a trivial task :)
- How people can access *.torproject.org website mirrors
This is something that we’ve discussed in the past but it can be tricky to provide trusted mirrors.
- Download and verify Tor Browser (when the canonical documentation is blocked)
The download links are listed here: https://github.com/TheTorProject/gettorbrowser but we should probably add some details on how to verify the download
- Allow user to submit an "anonymized" log report; either via a button in Tor
Browser or a helper script in tor package. This will help us enormously to
understand which method (combination of PT/Bridge or something else) worked (if
any) in their case to bootstrap Tor.
This could be a great new feature for Tor Browser.
I’m also adding gaba (the project manager for the anti-censorship team) to this thread so she can keep these in mind.
Thanks!
Pili
— Project Manager: Tor Browser, UX and Community teams pili at torproject dot org gpg 3E7F A89E 2459 B6CC A62F 56B8 C6CB 772E F096 9C45
On Friday, Jan 04, 2019 at 10:35 AM, Vasilis <andz@torproject.org (mailto:andz@torproject.org)> wrote: Roger Dingledine:
Here is an early brainstorming list of the scope for our future anti-censorship team. Let us know if we left out a critical category. And of course once we have actual team members I expect they will take this initial roadmap and do something even smarter than this list. :)
[...]
Thanks for working on this list.
I see a bunch of people on IRC often mention that are unable to download Tor Browser or get tor packages for their distributions. The same users usually find all subdomains of torproject.org blocked. For these scenarios a better plan should be established specifically on:
- How people can access *.torproject.org website mirrors
- Download and verify Tor Browser (when the canonical documentation is blocked)
- Add/fix gateways to provide Tor Browser and tor packages (Signal, Telegram,
Whatsapp, XMPP, support more email providers, ...)
- Use alternative methods to retrieve tor packages in their distributions (for
instance in Debian package apt-transport-https), common scenario of DPI/keyword blocking.
- Allow user to submit an "anonymized" log report; either via a button in Tor
Browser or a helper script in tor package. This will help us enormously to understand which method (combination of PT/Bridge or something else) worked (if any) in their case to bootstrap Tor.
Cheers, ~Vasilis -- Fingerprint: 8FD5 CF5F 39FC 03EB B382 7470 5FBF 70B1 D126 0162 Pubkey: https://pgp.mit.edu/pks/lookup?op=get&search=0x5FBF70B1D1260162
tor-project mailing list tor-project@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-project
On 2018-12-19 1:34 am, Roger Dingledine wrote:
Here is an early brainstorming list of the scope for our future anti-censorship team. Let us know if we left out a critical category. And of course once we have actual team members I expect they will take this initial roadmap and do something even smarter than this list. :)
Late to the party and I apologize in advance in case these things are already happening. Also, special apologies to the UX people--Tor's UX is :) and I'm not a UX person, just a user who observes and cares about UX. I'm asking on this list rather than IRC so that a lot of people can think about it at the same time.
That said:
1. I wonder if we can use personas (personae?) for types of users we want to be sure to try to reach as part of this anti-censorship project? I pretty much only care about this because it would be good to reach them, but funders might care about this, too.
2. Can we set very (even very, very, very) conservative goals for user traffic in specific countries or for specific personas? This would be about our mindset in approaching censorship, not to increase pressure on developers, UX, or anyone else. In addition to their intrinsic use in helping to diminish censorship, user traffic goals would probably be welcomed by our funders. Perhaps we could set a few traffic goals as an experiment to start. Since there are lots of working parts to this anti-censorship plan, and some don't exist yet (I think?), maybe we could suggest conservative goals that we try to achieve when/if, say, Pluggable Transports X and Y are up and running.
When it comes to fighting censorship, quantity has a quality all its own.
Cheers,
Katie
ps: There's a population-based anti-AIDS strategy called "community viral load" -- you figure out what the total, combined amount of HIV virus is in a whole city (they did this in San Francisco) and then the whole city uses multiple strategies, like HIV prevention workshops, better treatment, more people receiving case management, etc. to try to reduce it. Lower community viral load = a healthier community with less risk of HIV transmission. (Each person with HIV may have between 0 and a few million copies of viral RNA that can be detected by tests). https://journals.plos.org/plosone/article?id=10.1371/journal.pone.0011068
(1) BridgeDB:
- Automated monitoring
- Understand current usage patterns, consider improving the design Don't get obfs4 bridges blocked by other transports (#28655)
(2) Pluggable Transports:
- Improve the PT interface with Tor, to pass logs etc (#25502) [with network team]
- Tor Browser can use other circumvention tools as proxies (#28556) [with browser team]
- Specific PTs: Maintain obfs4proxy (like fixing the iat bug that let Kazakhstan block it) Snowflake Httpsproxy Marionette Domain front through community sites
- Talk to research groups to keep in touch about their PT research work
(3) Improve Tor user experience for users in censored / crappy networks:
- Gettor: automated monitoring and automated updates. Improve UX.
- Understanding and reducing client time to bootstrap [with network team] and other parameters that are tuned poorly for slow networks
(4) Understand Tor censorship:
- Tor Browser network testing mode (#23839, #28531) [with browser team]
- Reachability scanning for the default (shipped in Tor Browser) bridges [with ooni]
- Understand bridge load and bridge blocking (e.g. fix user counting bugs that are making our Turkey count wrong) [with network / metrics teams]
(5) Help users use bridges:
- Help NGOs get their users on bridges (#28015, #28526)
- Tor Browser *automates* picking the right PTs [with browser team]
(6) Community outreach and integration: [with community team]
- [Initial list of outreach partner NGOs elided for now, since some of them have opsec needs to keep their people safe]
tor-project mailing list tor-project@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-project
Hi Kat,
Everybody is a UX person in an organization who advocate for users. So, don't apologize!
I couldn't agree more. We have a work in progress about Personas, and I'd love to have your input at the next UX meeting. We made a kind of affinity map with the people who assisted in our security training in global-south during 2018; we found similarities between them and patterns emerged that can be observed in each group.
It allowed us to close up into five Personas that we are defining nowadays. We also got a very insightful session during our Mexico City Dev Meeting. Notes are public.
Also, we are working on outreach material focused on these Personas with the invaluable collaboration of the community team.
Sometimes it is hard to find support for tools that are new in normal processes, but I'm happy to have UX people around who can remember us how important they are for sharing objectives across teams.
Related to your second point, I remember Roger mentioning an ideal use case: "a user uploading anonymous content using her mobile phone, in China." Every part of that sentence is hard! Having detailed user goals is helpful to define a successful scenario at the end of the project.
Again, feel you welcome to join us during our regular UX meetings. Maybe those two items are something we can wrap up together.
Thanks,
A
On 1/17/19 12:56 p. m., Kate Krauss wrote:
On 2018-12-19 1:34 am, Roger Dingledine wrote:
Here is an early brainstorming list of the scope for our future anti-censorship team. Let us know if we left out a critical category. And of course once we have actual team members I expect they will take this initial roadmap and do something even smarter than this list. :)
Late to the party and I apologize in advance in case these things are already happening. Also, special apologies to the UX people--Tor's UX is :) and I'm not a UX person, just a user who observes and cares about UX. I'm asking on this list rather than IRC so that a lot of people can think about it at the same time.
That said:
- I wonder if we can use personas (personae?) for types of users we
want to be sure to try to reach as part of this anti-censorship project? I pretty much only care about this because it would be good to reach them, but funders might care about this, too.
- Can we set very (even very, very, very) conservative goals for user
traffic in specific countries or for specific personas? This would be about our mindset in approaching censorship, not to increase pressure on developers, UX, or anyone else. In addition to their intrinsic use in helping to diminish censorship, user traffic goals would probably be welcomed by our funders. Perhaps we could set a few traffic goals as an experiment to start. Since there are lots of working parts to this anti-censorship plan, and some don't exist yet (I think?), maybe we could suggest conservative goals that we try to achieve when/if, say, Pluggable Transports X and Y are up and running.
When it comes to fighting censorship, quantity has a quality all its own.
Cheers,
Katie
ps: There's a population-based anti-AIDS strategy called "community viral load" -- you figure out what the total, combined amount of HIV virus is in a whole city (they did this in San Francisco) and then the whole city uses multiple strategies, like HIV prevention workshops, better treatment, more people receiving case management, etc. to try to reduce it. Lower community viral load = a healthier community with less risk of HIV transmission. (Each person with HIV may have between 0 and a few million copies of viral RNA that can be detected by tests). https://journals.plos.org/plosone/article?id=10.1371/journal.pone.0011068
(1) BridgeDB:
- Automated monitoring
- Understand current usage patterns, consider improving the design Don't get obfs4 bridges blocked by other transports (#28655)
(2) Pluggable Transports:
- Improve the PT interface with Tor, to pass logs etc (#25502) [with network team]
- Tor Browser can use other circumvention tools as proxies (#28556) [with browser team]
- Specific PTs: Maintain obfs4proxy (like fixing the iat bug that let Kazakhstan block it) Snowflake Httpsproxy Marionette Domain front through community sites
- Talk to research groups to keep in touch about their PT research work
(3) Improve Tor user experience for users in censored / crappy networks:
- Gettor: automated monitoring and automated updates. Improve UX.
- Understanding and reducing client time to bootstrap [with network team] and other parameters that are tuned poorly for slow networks
(4) Understand Tor censorship:
- Tor Browser network testing mode (#23839, #28531) [with browser team]
- Reachability scanning for the default (shipped in Tor Browser) bridges [with ooni]
- Understand bridge load and bridge blocking (e.g. fix user counting bugs that are making our Turkey count wrong) [with network / metrics teams]
(5) Help users use bridges:
- Help NGOs get their users on bridges (#28015, #28526)
- Tor Browser *automates* picking the right PTs [with browser team]
(6) Community outreach and integration: [with community team]
- [Initial list of outreach partner NGOs elided for now, since some of them have opsec needs to keep their people safe]
tor-project mailing list tor-project@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-project
On 2019-01-18 9:04 am, Antonela Debiasi wrote:
Hi Kate,
Everybody is a UX person in an organization who advocate for users. So, don't apologize!
I couldn't agree more. We have a work in progress about Personas, and I'd love to have your input at the next UX meeting. We made a kind of affinity map with the people who assisted in our security training in global-south during 2018; we found similarities between them and patterns emerged that can be observed in each group.
It allowed us to close up into five Personas that we are defining nowadays. We also got a very insightful session during our Mexico City Dev Meeting. Notes are public.
Tl;dr: Ranty discussion of censorship in China maybe telling you stuff you already know :)
Hi Antonela,
Thanks for your friendly note, which I read and thought a lot about. Great to hear that personas are in the works. I'm not finding the notes about them, could you possibly send me a link when you get a moment? Apologies in advance if they are somewhere obvious.
I hope one of the personas we use is this woman in China uploading video on her phone (the sentence where every part is hard, but wow if we can do it). And I hope we eventually choose user traffic goals for China, because the scale and impact of China's censorship is massive, unprecedented, and is contributing to a human rights catastrophe.
There are 800 million people on the (censored) Internet in China, over twice the entire population of the US.
I think it's useful to think about anti-censorship in more than one light simultaneously (and forgive me if I am obvious here). What are the technical challenges and goals? What are the overall anticensorship goals? If we build a useable, secure tool, and people don't use it, are we meeting our goals? I know that Antonela is focused on integrating user feedback into the project. As she knows but maybe not everyone knows, getting user uptake from people in a place like Iran (where a lot of people used an anti-censorship tool in the past few years) is much different from China, where according to Berkman-Klein Institute only 2%-3% use one.
Meanwhile, a million people in China have been rounded up recently and sent to detention camps, where they are being tortured and beaten. China's human rights situation is worsening by the day, and censorship is one of the tent poles that allows this to happen. That's why China employs and outsources hundreds of thousands of people to censor the Internet, and has invested a ton of money in machine learning for online censorship. China's internal security budget is larger than its military budget, and a lot of that is thought to go to surveillance and censorship. It's gotten even bigger in the last two years to fund the camp system.
President Xi has launched a massive propaganda campaign to support his approach, justifying it as necessary for social stability. Again, uncensored information is generally out of reach for ~98% of people who use the Internet. I was surprised to learn that people do *not* generally use VPNs in China or other tools to allow them to get through the Great Fire Wall. We probably know people who do, but it turns out that they are an extreme minority. According to a 2015 survey, only about 30% of Internet users surveyed even realized they could evade Great Firewall censorship; a mere 5% had ever tried a VPN.
Lack of information has real-world consequences in China, as it does in all censored countries. Chinese people have been prevented from having uncensored information for a generation, and that also has an effect.
Few NGOs focus on secure, anti-censorship tools in China; it's powerful that Tor is working on this. I don't mean to imply that other countries with horrific censorship problems aren't important; they are. Or that we will miraculously free people in China if our anti-censorship project works. Who knows what will happen? But censorship is at scale in China and there are currently no secure tools to compete with it. So I hope we include goals for China in the project.
Joined the UX team, which is awesome,
Katie :)
ps: There's much to read about censorship in China, but to paint the picture, a good place to start is here: the recently released report on online rights by Freedom House. They name China the "Worst abuser of Internet freedom in 2018." https://freedomhouse.org/report/freedom-net/freedom-net-2018/rise-digital-au... (The US gets bad grades, but not that bad). The report briefly notes that many of the Uyghurs who are being rounded up are caught because of their online activity opposing the program roundng them up.
Also the China-specific page: https://freedomhouse.org/report/freedom-net/2017/china
New York Times on censorship and young people in China: https://www.nytimes.com/2018/08/06/technology/china-generation-blocked-inter...
Internet users in China: https://www.forbes.com/sites/niallmccarthy/2018/08/23/china-now-boasts-more-... (this is a small sample of the crazy bad things that are happening)
tor-project@lists.torproject.org
-
Antonela Debiasi -
Hans-Christoph Steiner -
Kate Krauss -
Nima Fatemi -
Pili Guerra -
Roger Dingledine -
Tom Ritter -
Vasilis -
Yawning Angel