[tor-project] Anti-censorship team meeting notes, 2023-01-26

Hey everyone!

Here are our meeting logs:

And our meeting pad:

Anti-censorship work meeting pad



Anti-censorship team meeting pad

Next meeting: Thursday, February 2 16:00 UTC

Weekly meetings, every Thursday at 16:00 UTC, in #tor-meeting at OFTC
(channel is logged while meetings are in progress)

== Goal of this meeting ==

Weekly check-in about the status of anti-censorship work at Tor.
Coordinate collaboration between people/teams on anti-censorship at the Tor Project and Tor community.

== Links to Useful documents ==

 \* Our anti\-censorship roadmap:
     \* Roadmap: https://gitlab.torproject.org/groups/tpo/anti-censorship/-/boards
 \* The anti\-censorship team's wiki page:
     \* https://gitlab.torproject.org/tpo/anti-censorship/team/-/wikis/home
 \* Past meeting notes can be found at:
     \* https://lists.torproject.org/pipermail/tor-project/
 \* Tickets that need reviews:  from sponsors, we are working on:
     \* All needs review tickets:
         \* https://gitlab.torproject.org/groups/tpo/anti-censorship/-/merge_requests?scope=all&utf8=%E2%9C%93&state=opened&assignee_id=None
     \* Sponsor 28
         \* must\-do tickets: https://gitlab.torproject.org/groups/tpo/-/milestones/10
         \* possible tickets: https://gitlab.torproject.org/groups/tpo/-/issues?scope=all&utf8=%E2%9C%93&state=opened&label_name%5b%5d=Sponsor%2028&milestone_title=None
     \* Sponsor 96
         \* https://gitlab.torproject.org/groups/tpo/-/milestones/24
     \* Sponsor 139 <\-\- hackerncoder, irl, joydeep, meskio, emmapeel working on it
         \* https://pad.riseup.net/p/sponsor139-meeting-pad

== Announcements ==

== Discussion ==
* ln5 asks: does the anti-censorship team want a paid-for host to run STUN/TURN servers on? This is something that could be made part of a grant/fund request.
* A server we run ourselves is, in principle, easy to block. The intent is either (not fully sure at this point):
* Run a server that is open to the public, so that there are collateral users besides just Snowflake users.
* Run a server just for Snowflake, and let it be blocked by the censors that know to block it, simply to reduce load on the other servers we use, in the places where it does not get blocked. (Like the default obfs4 bridges, which are also easy to block, but are not in many places.)
* Not a lot of excitement for either idea, since connecting to a distinguished STUN/TURN server is a protocol identification risk.
* Suggestion is to run a public STUN/TURN server, but only for Snowflake, and only for proxies (not clients), so that it does not become an identifier for clients.
* Proxies-only would work for STUN, but if it were TURN, the connection would still be identifiable by censors (because both the proxy and client would relay through the same TURN IP address).
* Will ask ln5 and cohosh for more context.

 \* snowflake fallback from domain fronting to amp cache, how/whether/when/etc to implement \(https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snowflake/-/issues/40250)
     \* arma is going to check how hard would be to change c\-tor to only connect to two bridges instead of all of them at once\. So maybe we can duplicate bridges with domain fronting and amp cache
     \* we need to check the consecuences of using amp cache, and if we are ok having half of our users using it

 \* use ampcache for snowflake in IR?
     \* https://gitlab.torproject.org/tpo/anti-censorship/team/-/issues/115
     \* https://gitlab.torproject.org/tpo/anti-censorship/rdsys-admin/-/merge_requests/13
     \* our domain front for both snowflake and circumvention settings is blocked in Iran
     \* that will mean configuring amp cache in Circumvention Settings, the people that will get this configuration will still be able to use domain fronting to access snowflake, but they will keep

== Actions ==

 \* We should make a ticket for pion to cache its stun answers when possible, because right now it surprises us by asking way more stun questions than it actually needs to\.
 \* We might want to be able to spin up our own stun servers, on our own ip/port, for debugging\. We should talk to TPA about that goal at some point \(not urgent\)\.
 \* Roger will look more at https://gitlab.torproject.org/tpo/core/tor/-/issues/40578 \("only contact the first few working bridges on your bridge list" and plan to have a sense of whether it will be an easy hack or a hard one, for next week\.

== Interesting links ==

== Reading group ==

 \* We will discuss "" on
     \* Questions to ask and goals to have:
         \* What aspects of the paper are questionable?
         \* Are there immediate actions we can take based on this work?
         \* Are there long\-term actions we can take based on this work?
         \* Is there future work that we want to call out in hopes that others will pick it up?

== Updates ==

This week:
- What you worked on this week.
Next week:
- What you are planning to work on next week.
Help with:
- Something you need help with.

cecylia (cohosh): last updated 2023-01-26
Last week:
- FOCI workshop prep
- some progress on rust library for rdsys backend
- Cecylia Bocovich / rdsys-backend-api · GitLab
This week:
- wrap up conjure documentation and write an announcement asking for testers
- finish rust library for rdsys backend
- continue working on lox client integration in Tor Browser
- take a look at the dead on arrival rotating bridge problem
- Dynamic Bridges Dead on Arrival in China, 2023 Q1 (#8) · Issues · The Tor Project / Anti-censorship / Connectivity Measurement / logcollector-admin · GitLab
Needs help with:

dcf: 2023-01-19
Last week:
- made merge request to bring sample snowflake client torrc up to date Bring client torrc up to date with Tor Browser fc89e8b1 (!132) · Merge requests · The Tor Project / Anti-censorship / Pluggable Transports / Snowflake · GitLab
- more review on abbreviating ice specifications Parse ICE servers with pion/ice library function (!127) · Merge requests · The Tor Project / Anti-censorship / Pluggable Transports / Snowflake · GitLab
- promoted the patch to remove Hello Verify Request and asked for testing Second Snowflake bridge available for testing - #11 by tango - Censorship circumvention methods & software - NTC In case Snowflake rendezvous gets blocked - #25 by tango - Censorship circumvention methods & software - NTC
- hacking on snowflake-graphs to do per-country graphs
Next week:
- migrate goptlib to gitlab migrate away from git.torproject.org (#86) · Issues · The Tor Project / Anti-censorship / Team · GitLab
- try Conjure PT development version [tor-dev] Introducing a Conjure PT for Tor
Help with:

meskio: 2023-01-26
Last week:
- give support to bridgesanner (rdsys#143)
- review gettor whatsapp implementation (rdsys!66)
- investigate the situation of meek in uzbekistan (censorship-analysis#40031)
- write S96 report
- prepare a Circumvention Settings configuration with ampcache for IR (rdsys-admin!13)
- explore snowflake proxy docker options to avoid using the host network (docker-snowflake-proxy#11)
Next week:
- implement bridgescanner needs (rdsys#143)

Shelikhoo: 2023-01-26
Last Week:
- [Merge Request Awaiting] Add SOCKS5 forward proxy support to snowflake (snowflake!64)
- [Discussion & Deployment] Rollout of Distributed Snowflake Support
- [Coding & Deployment] Proposal: Centralized Probe Result Collector (anti-censorship/team#54)
- [Research] HTTPT Planning Add HTTPT as a pluggable transport to Tor Browser (#1) · Issues · The Tor Project / Anti-censorship / Pluggable Transports / HTTPT · GitLab
- reply a lot of tickets
- [Merge Request] Automated Container Image Building in Continuous integration (Automated Container Image Building in Continuous integration (!2) · Merge requests · The Tor Project / Anti-censorship / Connectivity Measurement / probeobserver · GitLab)
Next Week:
- [Research] WebTunnel planning (Continue)
- push the chunked upload raw data upload change to vantage points
- research snowflake's performance issue in China

Itchy Onion: 2023-1-26
Last week:
- Investigate whether stun over TLS is beneficial to us (issues#40240)
- Looking at options for standalone proxy runners to specify an interface (issue#40108)
This week:
- Lunar New Year break
- Continue working on issue #40108 (standalone proxy bind specific IP)
- Review MRs

hackerncoder: 2023-01-12
last week:
- figure out what makes ooni-exporter put all reports from a country in either success or failure (I still don't know why. But I got it to work)
Next week:
- getting ooni-exporter to work with torsf (snowflake)
- work on monitoring bridges health

cece: 2022-12-22
This week:
- working on creating a dummy WhatsApp bot
Next week:
- My bot is not yet working as expected s still trying to figure that out
Help with:
- resources