Here are our meeting logs:
And our meeting pad:
Anti-censorship work meeting pad
THIS IS A PUBLIC PAD
Next meeting: Thursday, May 4 16:00 UTC
Weekly meetings, every Thursday at 16:00 UTC, in #tor-meeting at OFTC
(channel is logged while meetings are in progress)
== Goal of this meeting ==
Weekly check-in about the status of anti-censorship work at Tor.
Coordinate collaboration between people/teams on anti-censorship at the Tor Project and Tor community.
== Links to Useful documents ==
\* Our anti\-censorship roadmap: \* Roadmap: https://gitlab.torproject.org/groups/tpo/anti-censorship/-/boards \* The anti\-censorship team's wiki page: \* https://gitlab.torproject.org/tpo/anti-censorship/team/-/wikis/home \* Past meeting notes can be found at: \* https://lists.torproject.org/pipermail/tor-project/ \* Tickets that need reviews: from sponsors, we are working on: \* All needs review tickets: \* https://gitlab.torproject.org/groups/tpo/anti-censorship/-/merge_requests?scope=all&utf8=%E2%9C%93&state=opened&assignee_id=None \* Sponsor 96 \* https://gitlab.torproject.org/groups/tpo/-/milestones/24 \* Sponsor 139 <\-\- hackerncoder, irl, joydeep, meskio, emmapeel working on it \* https://pad.riseup.net/p/sponsor139-meeting-pad
== Announcements ==
- We will not have a meeting on IRC next week, next meeting will be at May 4
== Discussion ==
\* Update on Analysis of speed deficiency of Snowflake in China, 2023 Q1 https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snowflake/-/issues/40251#note_2883879 \* after a lot of research the proposed solution is to enable datagram transport on webrtc to deal with the packet loss situation \* that will convert webrtc into an unreliable channel, and snowflake will add reliablity with kcp \* \(NO update from shell @ Apr 20\) \* goptlib now lives in gitlab\.torproject\.org
== Actions ==
== Interesting links ==
== Reading group ==
\* We will discuss "Lox: Protecting the Social Graph in Bridge Distribution" on 2023 May 18 \* https://cypherpunks.ca/~iang/pubs/lox-popets23.pdf \* Questions to ask and goals to have: \* What aspects of the paper are questionable? \* Are there immediate actions we can take based on this work? \* Are there long\-term actions we can take based on this work? \* Is there future work that we want to call out in hopes that others will pick it up?
== Updates ==
- What you worked on this week.
- What you are planning to work on next week.
- Something you need help with.
cecylia (cohosh): last updated 2023-04-20
- Some FOCI stuff
- reviewed snowflake-webext!63
- reviewed some library update MRs
- Tor meeting
Needs help with:
- did a haproxy security upgrade on snowflake-01 and snowflake-01 bridges Restart snowflake bridges for haproxy CVE-2023-0836 (#40268) · Issues · The Tor Project / Anti-censorship / Pluggable Transports / Snowflake · GitLab
- moved goptlib from git.torproject.org to gitlab.torproject.org [tor-dev] goptlib moved to gitlab.torproject.org
- analyzed the rate of client_ip reporting since the release of snowflake-webext-0.7.2 WS.makeWebsocket ignores params (i.e. `client_ip`), losing country statistics (#82) · Issues · The Tor Project / Anti-censorship / Pluggable Transports / Snowflake WebExtension · GitLab
- open issue to have snowflake-client log whenever KCPInErrors is nonzero Deploy snowflake-server for QueuePacketConn buffer reuse fix (#40260) (#40262) · Issues · The Tor Project / Anti-censorship / Pluggable Transports / Snowflake · GitLab
- parent: Improve bug discovery process (#40267) · Issues · The Tor Project / Anti-censorship / Pluggable Transports / Snowflake · GitLab
- open issue to disable /debug endpoint on snowflake broker
- update PTs to use goptlib from gitlab.tpo
- distribute bridges in rdsys even if there fewer than requested in the hashring (rdsys#162)
- add webtunnel support to BridgeDB (rdsys#142)
- [Merge Request Awaiting] Add SOCKS5 forward proxy support to snowflake (snowflake!64)
- [Research] HTTPT Planning Add HTTPT as a pluggable transport to Tor Browser (#1) · Issues · The Tor Project / Anti-censorship / Pluggable Transports / HTTPT · GitLab
- [Merge Request] container image for webtunnel (Add Container Support for Server (!7) · Merge requests · The Tor Project / Anti-censorship / Pluggable Transports / WebTunnel · GitLab) (Done)
- reviewing moving to goptlib to gitlab PRs
- consider propagating 2FA everywhere, maybe, at the April Tor Meeting (TPA-RFC-53: consider propagating 2FA everywhere, maybe at the April Tor Meeting (#41083) · Issues · The Tor Project / TPA / TPA team · GitLab) (prepare (and give) training for 2FA with security keys in CR (#41125) · Issues · The Tor Project / TPA / TPA team · GitLab)
Next Week: \- \[Research\] WebTunnel planning \(Continue\) \- Try to find a place to host another vantage point \- logcollector alert system \- webtunnel document for proxy operator \- Costa Rica Meetup\!\!\!
- worked on handling `gone resources` in a more appropriate way for Lox as outlined here: Reasonable and effective integration with rdsys (#7) · Issues · The Tor Project / Anti-censorship / Lox / lox-overview · GitLab
\- work on implementing metrics to check on flickering resources and ratios observed \- work on marking as \`gone\`, failing/low\-bandwidth resources that are no longer distributed \- worked on presentation for Lox overview and discussing more challenging problems of Lox that could benefit from AC team brainstorming: This week: \- Tor meeting \-If time \(and functionality above is in place\): \- If a bridge is \`gone\` due to bandwidth issues or descriptors not being published, replace them with working bridges in Lox\-\-this will have implications for syncing with rdsys but first things first :\) \(long term\) \- brainstorming grouping strategies for Lox buckets \(of bridges\) and gathering context on how types of bridges are distributed/use in practice\. Question: What makes a bridge useable for a given user, and how can we encode that to best ensure we're getting the most appropriate resources to people? 1\. Are there some obvious grouping strategies that we can already consider? e\.g\., by pt, by bandwidth \(lower bandwidth bridges sacrified to open\-invitation buckets?\), by locale \(to be matched with a requesting user's geoip or something?\) 2\. Does it make sense to group 3 bridges/bucket, so trusted users have access to 3 bridges \(and untrusted users have access to 1\)? More? Less?
Itchy Onion: 2023-04-13
- Experimenting with additional SDP tests after discussion on MR #141 (Check candidates exist in SDP offer and answer (!141) · Merge requests · The Tor Project / Anti-censorship / Pluggable Transports / Snowflake · GitLab)
- Learning about rdsys
- Started working on #110 (treat unknown bridge distribution request as "none")
- (py-)ooni-exporter torsf (snowflake)
- (py-)ooni-exporter web_connectivity
- work on "bridgetester"?
- how does Iran block bridges