Hey everyone! Here are our meeting logs: http://meetbot.debian.net/tor-meeting/2023/tor-meeting.2023-03-02-15.58.html And our meeting pad: Anti-censorship work meeting pad -------------------------------- ------------------------------------------------------------------------------------THIS IS A PUBLIC PAD
------------------------------------------------------------------------------------ Anti-censorship -------------------------------- Next meeting: Thursday, March 9 16:00 UTC Weekly meetings, every Thursday at 16:00 UTC, in #tor-meeting at OFTC (channel is logged while meetings are in progress) == Goal of this meeting == Weekly check-in about the status of anti-censorship work at Tor.Coordinate collaboration between people/teams on anti-censorship at the Tor Project and Tor community.
== Links to Useful documents == * Our anti-censorship roadmap:* Roadmap: https://gitlab.torproject.org/groups/tpo/anti-censorship/-/boards
* The anti-censorship team's wiki page:* https://gitlab.torproject.org/tpo/anti-censorship/team/-/wikis/home
* Past meeting notes can be found at: * https://lists.torproject.org/pipermail/tor-project/ * Tickets that need reviews: from sponsors, we are working on: * All needs review tickets:* https://gitlab.torproject.org/groups/tpo/anti-censorship/-/merge_requests?scope=all&utf8=%E2%9C%93&state=opened&assignee_id=None
* Sponsor 28* must-do tickets: https://gitlab.torproject.org/groups/tpo/-/milestones/10 * possible-do tickets: https://gitlab.torproject.org/groups/tpo/-/issues?scope=all&utf8=%E2%9C%93&state=opened&label_name%5b%5d=Sponsor%2028&milestone_title=None
* Sponsor 96 * https://gitlab.torproject.org/groups/tpo/-/milestones/24* Sponsor 139 <-- hackerncoder, irl, joydeep, meskio, emmapeel working on it
* https://pad.riseup.net/p/sponsor139-meeting-pad == Announcements == == Discussion ==* Should we improve anti-censorship measures against Tor without bridges? Should we fix the fingerprints and randomize them? (ValdikSS) * Currently, proposals to make any change in C-tor are being closed in favor of Arti, which is not available in any relays yet. * Is Arti going to be implemented the same as C-tor with respect to anti-censorship of its Tor-protocol connections, or will it try better to resist blocking in its native state? * Team has not yet reviewed Anti's anti-censorship design and stance. * Old history (circa May 2012, tor 0.2.3.15) of plain tor's attempts to enhance blocking resistance (by imitating Firefox ciphersuites, etc.), before pluggable transports: https://gitlab.torproject.org/tpo/team/-/wikis/projects/Tor/TLSHistory * In Turkmenistan, huge ranges of foreign addresses are blocked, perhaps 40% of the space. Tor relays are a good resource for testing and reachability because they are all listed; unlike obfs4 for example which are only attainable in small quantities are are usually 100% blocked anyway. * But will it remain that way if the reachable Tor relays start being used on a large scale? * In Iran, there is an SNI regexp filter for the Tor client's default fake SNI of www.[a-z].com; changing .com to .net evades the filter.
* valdikss will make an issue to collect all this information. == Actions == * meskio will write a survival guide on onbasca * move the ampcache snowflake fallback forward == Interesting links ==* https://www.fortinet.com/blog/threat-research/dissecting-tor-bridges-pluggable-transport * In which the intrepid FortiNet analyst busts out OllyDbg rather than read the source code. * Workaround for server-side Tor block: https://web.archive.org/web/20221205135630/https://www.fortinet.com/blog/threat-research/dissecting-tor-bridges-pluggable-transport * Part 2: https://www.fortinet.com/blog/threat-research/dissecting-tor-bridges-pluggable-transport-part-2 * https://www.youtube.com/watch?v=kL7YCRer3To&list=PLfUWWM-POgQvGOVAk1HjP3uFKoY93_-q9&index=5
* Video for reading group paper.* https://www.youtube.com/watch?v=dbOf8U2GDZ8 Q&A video, 0:00–3:36 and 10:14–11:11 are about this paper.
== Reading group ==* We will discuss "Detecting Tor Bridge from Sampled Traffic in Backbone Networks" on March 9 * https://www.ndss-symposium.org/wp-content/uploads/madweb2021_23011_paper.pdf * https://www.youtube.com/watch?v=kL7YCRer3To&list=PLfUWWM-POgQvGOVAk1HjP3uFKoY93_-q9&index=5
* Questions to ask and goals to have: * What aspects of the paper are questionable? * Are there immediate actions we can take based on this work? * Are there long-term actions we can take based on this work?* Is there future work that we want to call out in hopes that others will pick it up?
== Updates == Name: This week: - What you worked on this week. Next week: - What you are planning to work on next week. Help with: - Something you need help with. cecylia (cohosh): last updated 2023-03-02 Last week: - Lox tor browser integration work in progress- https://gitlab.torproject.org/tpo/anti-censorship/team/-/issues/116 - Finished getting the wasm client integrated as a Tor Browser module
This week: - continue Lox tor browser integration- find a better way to generate and call wasm client in tor-browser-build
- make team repos for Lox pieces - expand client-side support for more Lox features - continue work on conjure client-side recovery Needs help with: dcf: 2023-03-02 Last week:- restarted snowflake bridges for haproxy CVE-2023-0056, CVE-2023-25725 https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snowflake/-/issues/40253 - increased tor instances from 4 to 12 on snowflake-02 https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snowflake/-/issues/40255
Next week:- migrate goptlib to gitlab https://gitlab.torproject.org/tpo/anti-censorship/team/-/issues/86#note_2823122 (for real)
Help with: meskio: 2023-02-23 Last week: - integrate onbasca into rdsys to test bridge speed (rdsys#150) - deploy onbasca in polyanthum - patch onbasca API to be easier to parse (onbasca!60)- investigate bridgestrap issue, is reporting 30% of functional bridges
Next week: - Vacation!!! Shelikhoo: 2023-03-02 Last Week:- [Merge Request Awaiting] Add SOCKS5 forward proxy support to snowflake (snowflake!64) - [Research] HTTPT Planning https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/httpt/-/issues/1 - WebTunnel @ TorBrowser mobile(https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/issues/40800, https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/merge_requests/663#note_2882700, https://gitlab.torproject.org/tpo/applications/tor-android-service/-/merge_requests/3) - Upstreaming Remove HelloVerify countermeasure (https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snowflake/-/issues/40249)
Next Week: - [Research] WebTunnel planning (Continue) - Try to find a place to host another vantage point- WebTunnel @ TorBrowser mobile(https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/merge_requests/663#note_2882700)
onyinyang: 2023-03-02 Last week: - Finished up Lox wasm bindings for Tor integration: - issue invitation - check blockage - blockage migration This week:- Working on distributor backend for Lox server (integration with rdsys)
Itchy Onion: 2023-03-02 Last week: - Holiday- Contine working on issue #40252 (NAT probetest for standalone proxy)
This week: - Finished most issue #40252 (!136)- Started looking at #40231 (Client sometimes send offer with no ICE candidates)
hackerncoder: 2023-03-02 last week: - work on monitoring bridges health Next week: - getting ooni-exporter to work with torsf (snowflake) - work on "bridgetester"? cece: 2022-12-22 This week: - working on creating a dummy WhatsApp bot Next week:- My bot is not yet working as expected s? still trying to figure that out
Help with: - resources
Attachment:
OpenPGP_signature
Description: OpenPGP digital signature
_______________________________________________ tor-project mailing list tor-project@xxxxxxxxxxxxxxxxxxxx https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-project