[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-relays] Tor Relay Operator Meetup - April 15th, 2023 at 19 UTC



Hello,

Thanks everyone who joined us in the last meetup, in April. 
Here are the meetup notes, sorry for taking a long time to send it to
the list.

We're still figuring out the next meetup date -- probably June 24 --
and we will announce officialy soon here in the list. :)

In the next weeks Tor staff will be at SIF[1] and Rightscon[2].
If you're joining these events, come to say hi!

cheers,
Gus
[1] https://stockholminternetforum.se/
[2] https://www.rightscon.org/


# Tor Relay Operator meetup - 2023-04-15 . 19.00 - 20 UTC

## Agenda

### Announcements

- Update on Censorship in Turkmenistan:
    - obfs4 bridges on residential connections + obfs4 port 80, 443, 8080
    - Paper: https://arxiv.org/abs/2304.04835
    - TMC dashboard: https://tmc.np-tokumei.net/
    - Article:
      https://globalvoices.org/2023/04/12/new-study-finds-internet-censorship-in-turkmenistan-reaches-over-122000-domains/
- Tor relays running EOL
- Tor Weather - https://weather.torproject.org 
    - `HTTP/1.1 503 Service Unavailable` womp womp.
    - Right, I'll enable the service on Monday again and, hopefully, it
      will stay available longer than the last time(s). Pretty bumpy launch :) --GeKo
- Google Summer of Code
  - We might have two network health related projects; the application
    deadline is over and we are sorting through proposals. Those are for
the relay-to-relay connectitity checking tool and the network status API
projects on: https://gitlab.torproject.org/tpo/team/-/wikis/GSoC. If we
are lucky, we get mentees for both of them, we'll see... --GeKo
- DoS update
  "Load decreased by ~80% for our servers consistently. It's quite
manageable now. Servers are mostly idling now even without all the
attacks"

- Upcoming EFF university Tor relay advocacy campaign, still taking
  shape but now with a more detailed roadmap:
    https://gitlab.torproject.org/tpo/community/relays/-/issues/67
- The Tor network has a status page! https://status.torproject.org/ --
  on this page we try to summarize critical issues about which pieces of
our infrastructure are having issues.

### (Discussion) Proposals towards a more trusted relay operator
community
https://gitlab.torproject.org/tpo/community/relays/-/issues/55

- Timeline of this process

October 2022 - January 2024

 - We called for proposals from the community (March 3 2023)
 - Work on proposals (TPO) (like meta proposal about the process and
   governance and different stake holders) (March/April)
 - Proposal evaluation (May/July)
 - Events and offline discussions with community (August/September)
 - Approving proposals after feedback from the community and figuring
   out the details of enforcement/adhering to them (September-December)
 - Proposals go live (January 2024)

### Status update on the "Bumping the 4 relays per ip to 8 relays per
ip"?
https://gitlab.torproject.org/tpo/core/tor/-/issues/40744#note_2896285:
We want to do the analysis for the bump to 4 relays per IP which won't
happen in April anymore but I try to sneak this into my May ToDo list.
Afterwards we can consider bumping the limit further in case the
analysis looks fine as expected. --GeKo
^^ I made a change to moria1 so it publishes its

AuthDirMaxServersPerAddr value in its v3 vote:
https://consensus-health.torproject.org/#consensusparams so we can know
if the dir auths are even allowing the new 4 number yet. Alas, it
appears that I am still the only dir auth using this patch.
https://gitlab.torproject.org/tpo/core/tor/-/issues/40753 seems to think
it will be in an upcoming Tor version. --Roger

### Q&A

Q: Is there a way for me to tell if my bridge is reachable from
Turkmenistan?
A: Alas we don't have an automated vantage point inside .tm. But we can
pass your bridge address to users in-country and ask them to test your
bridge. Email gus@ if you want to learn the answer! Only residential
connections are working there, so 'cloud' (data center) obfs4 bridges
probably do not work.

Q: Is it still unwise to run both a snowflake and also an obfs4 bridge
at home?
A: Correct, you should run either one or the other. The reason is that
if one of them gets your IP address blocked by a censor somewhere, then
the other one will end up blocked too.

Q: What if my IP address changes every few hours?
A: It doesn't make sense to run an obfs4 bridge in this situation,
because clients will learn about your address too late to use it. *But*,
this is a perfect situation for running a Snowflake proxy!

Q: When will we start bumping out Tor relays running 0.4.5?
A: Starting beginning of May. And bridges we will treat differently,
because they are more scarce. We might make an exception for 0.4.5
bridges that are popular.
Update:
https://forum.torproject.net/t/tor-relays-psa-tor-0-4-5-reaches-end-of-life-eol-on-2023-02-15/6338/9

Q: Re: the EFF University Relay campaign, University libraries will be
helpful here; did anything much result from the Library Freedom
Project's Tor Exit Relay Project?
(https://libraryfreedomproject.org/torexitpilotphase1/)
A: Yes, we have a few university libraries running exits right now, such
as UNC's ibiblio project. But yes you make a great point that Alison and
the LFP folks are good resources here. I will make an internal note to
remind ourselves to connect to them when the time is right.
^ It seems there are some relays running right now in the network that
are LFP-related, so an easy first step would be to label them better so
we can celebrate them more.

Q: Does anyone know why increased inbound ORPort connection rates no
longer result in increased CPU usage on relays?
A: Hmm! There is not an obvious answer here. Maybe, if there are too
many connections then receiving another one involves a surprising amount
of work because Tor is inefficient with its data structures somehow? Or
maybe, the inbound connections used to be doing something especially
expensive and denial-of-service-y, and 'normal' Tor connections don't do
that? Let us know if you have any more hints and have any new info.

Q: Do you have an estimate of how many relay operators there are? (Or
maybe a count of "good" operators)
A: We have a count of how many *relays* there are, but that's not the
same thing. One of our upcoming plans is to build a tool for us to
annotate which relays and relay operators we 'know', which will let us
better understand how much of our relay operator community we are
already connected to. The idea isn't to accuse the un-annotated people
of being bad, but it's to have a starting point to map who we know.

Q: Are there any long-term plans to have Arti be used for relays?
A: Yes, that is on the roadmap see 
    https://gitlab.torproject.org/tpo/core/arti#roadmap
    https://blog.torproject.org/announcing-arti/
    "And then? We also want support for running a Tor Relay in Rust."
It probably won't even start until 2024, *if* our funding proposals
get approved etc. Alex and Micah are good people to ask about details
and timeline.

Q: What would it take to get an official Docker image for relays? It
would be very helpful for those of us running multiple daemons on the
same machine on high bandwidth uplinks. Currently available open source
versions each have severe limitations or bugs

Q: Could you include a dateful.com link for future events? It makes it
easier across timezones.
- Maybe an ical people can import would be nice?
Could someone provide a website that doesn't track and collect users
data?

Q: After the last meetup trinity worked on
https://gitlab.torproject.org/tpo/core/tor/-/merge_requests/698 and it
is stuck since then. What is the best way to get this moving again?
A: I (trinity) sent a reminder to dgoulet. Hopefully it will get
unstuck?

Q: Can you publish a list of events and offline meetings (including
date) that you have in mind regarding the trusted relay operator
community?
A: We try to publish a list of interesting public events on a sidebar on
https://blog.torproject.org/ but you're right that we don't have a
separate section specifically for relay operators. It is a good
suggestion -- we should try harder to organize and announce and schedule
in-person meetups at various hacker cons.

Q: Can we get metricsport documentation at some point, what is a
realistic timeframe?
https://gitlab.torproject.org/tpo/core/tor/-/issues/40762

Q: I recently tried Freedombox, which can operate over Tor. Per default
it enables relay functionality after installing the Tor app. However, if
using Tor to access Freedombox via a hidden service, this is considered
to potentially deanonymize the server location, right?
A: It is recommended to not run a relay and also an onion service,
because being a relay exposes some potential side-channel issues: people
can send traffic through your relay, and also send traffic to the onion
service, and notice congestion that correlates. So if you care enough
about the privacy of your onion service, consider not doing both. (If
you don't care much about the privacy of your onion service, it is fine
to do both.)

Q: Another issue with Freedombox, or Debian (as it is based on it) is
that Tor version is 0.4.16, which is considered obsolete. However,
adding the Debian Tor repository doesn't work either, as upgrading fails
due to missing libevent>=2.1.8 dependency. Any workaround or solution
for that?
A: Maybe you can get tor or libevent from backports? Else, the upcoming
Debian bookworm might have exactly the packages you want.


On Thu, Mar 30, 2023 at 11:04:39AM -0300, gus wrote:
> Hello,
> 
> The next Tor Relay Operator Meetup will happen on April 15th, 2023, at 19 UTC.
> 
> We're still working on the agenda, feel free to add your topics and/or
> questions on the pad:
> https://pad.riseup.net/p/tor-relay-op-meetup-april-keep
> onionsite:
> http://kfahv6wfkbezjyg4r6mlhpmieydbebr5vkok5r34ya464gqz6c44bnyd.onion/p/tor-relay-op-meetup-april-keep
> 
> WHERE
> Room link: https://tor.meet.coop/gus-og0-x74-dzn
> 
> Registration
>  
> No need for a registration or anything else, just use the room-link
> above. We will open the room 10 minutes before so you can test your mic setup.
>  
> Please share with your friends, social media and other mailing lists!
> 
> Gus
> -- 
> The Tor Project
> Community Team Lead



-- 
The Tor Project
Community Team Lead

Attachment: signature.asc
Description: PGP signature

_______________________________________________
tor-relays mailing list
tor-relays@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays