[tor-project] Anti-censorship team meeting notes, 2023-06-08

Mailing Lists tor-project
, ,
1

Hey everyone!

Here are our meeting logs:

http://meetbot.debian.net/tor-meeting/2023/tor-meeting.2023-06-08-16.02.html

And our meeting pad:

Anti-censorship

···

--------------------------------

Next meeting: Thursday, June 8 16:00 UTC

Weekly meetings, every Thursday at 16:00 UTC, in #tor-meeting at OFTC
(channel is logged while meetings are in progress)

== Goal of this meeting ==

Weekly check-in about the status of anti-censorship work at Tor.
Coordinate collaboration between people/teams on anti-censorship at the Tor Project and Tor community.

== Links to Useful documents ==

  * Our anti-censorship roadmap:
    * Roadmap: Development · Boards · Anti-censorship · GitLab
  * The anti-censorship team's wiki page:
    * Home · Wiki · The Tor Project / Anti-censorship / Team · GitLab
  * Past meeting notes can be found at:
    * The tor-project Archives
  * Tickets that need reviews: from sponsors, we are working on:
    * All needs review tickets:
      * Merge requests · Anti-censorship · GitLab
    * Sponsor 96 <-- meskio, shell, onyinyang, cohosh
      * Sponsor 96: Rapid Expansion of Access to the Uncensored Internet through Tor in China, Hong Kong, & Tibet · The Tor Project · GitLab
    * Sponsor 139 <-- hackerncoder, irl, joydeep, meskio, emmapeel working on it
      * Riseup Pad

== Announcements ==

== Discussion ==

From last week:
  * Report of TLS-in-DTLS detection and throttling in China that affects Snowflake
    * Potential TLS-over-DTLS blocking in China · Issue #255 · net4people/bbs · GitHub
    * Padding the first client→server send is reported to disrupt the packet size signature and avoid throttling
      * Analysis of speed deficiency of Snowflake in China, 2023 Q1 (#40251) · Issues · The Tor Project / Anti-censorship / Pluggable Transports / Snowflake · GitLab
      * Add random padding to the first client→server volley. (01ac0373) · Commits · David Fifield / Snowflake · GitLab
    * The reporter on BBS says it started happening to them (in a non-Snowflake WebRTC proxy) around 2023-05-14. We have measurements of high packet loss rates in China from 2023-03-20, at least.
      * Analysis of speed deficiency of Snowflake in China, 2023 Q1 (#40251) · Issues · The Tor Project / Anti-censorship / Pluggable Transports / Snowflake · GitLab
    * shelikhoo did run packet loss tests with the padding patch but the packet loss was not pressent from our vantage point. Could be a regional problem not affecting our machine or be gone.

NEW:
  * meek-azure deprecation
    * Meek-azure deprecation plan (#33) · Issues · The Tor Project / Anti-censorship / Team · GitLab

  * New snowflake tests from a vantage in China do not show signs of the high packet loss that was observed in March 2023
    * Analysis of speed deficiency of Snowflake in China, 2023 Q1 (#40251) · Issues · The Tor Project / Anti-censorship / Pluggable Transports / Snowflake · GitLab
    * This test was meant to evaluate whether it is a good idea to add some padding to change the traffic analysis features of the beginning of the connection, in order to resist possible TLS-in-DTLS detection: Potential TLS-over-DTLS blocking in China · Issue #255 · net4people/bbs · GitHub
    * The results were inconclusive because both the tests without and with padding showed the same low rate of packet loss, this time.
    * It is a good idea to proactively introduce some padding anyway?

  * Documents for bridge operators about how to run a webtunnel bridge
    * Riseup Pad

== Actions ==

  *

== Interesting links ==

  * 2023 May update - Open Collective (snowflake-01 only)

== Reading group ==

  * We will discuss "" on
    *
    * Questions to ask and goals to have:
      * What aspects of the paper are questionable?
      * Are there immediate actions we can take based on this work?
      * Are there long-term actions we can take based on this work?
      * Is there future work that we want to call out in hopes that others will pick it up?

== Updates ==

Name:
    This week:
        - What you worked on this week.
    Next week:
        - What you are planning to work on next week.
    Help with:
       - Something you need help with.

cecylia (cohosh): last updated 2023-06-08
Last week:
    - working on snowflake configs for shadow simulations
    - rebasing and continued work on lox client and wasm-bingen projects for tor-browser-build
This week:
    - tidy up and share shadow simulations guide for PTs
    - Lox tor browser integration
    - conjure maintenance
Needs help with:

dcf: 2023-06-08
  Last week:
    - snowflake CDN bookkeeping Changes · Snowflake costs · Wiki · The Tor Project / Anti-censorship / Team · GitLab
    - commented on the snowflake tests with and without padding in China (which did not show signs of high packet loss this time) Analysis of speed deficiency of Snowflake in China, 2023 Q1 (#40251) · Issues · The Tor Project / Anti-censorship / Pluggable Transports / Snowflake · GitLab
  Next week:
    - open issue to have snowflake-client log whenever KCPInErrors is nonzero Deploy snowflake-server for QueuePacketConn buffer reuse fix (#40260) (#40262) · Issues · The Tor Project / Anti-censorship / Pluggable Transports / Snowflake · GitLab
      - parent: Improve bug discovery process (#40267) · Issues · The Tor Project / Anti-censorship / Pluggable Transports / Snowflake · GitLab
    - open issue to disable /debug endpoint on snowflake broker
  Help with:

meskio: 2023-06-08
   Last week:
    - fix rdsys tests (rdsys!130)
    - brainstorm on meek-azure deprecation (team#30)
    - review 'more aggresive retry for dysfunctional bridges' (rdsys!107)
   Next week:
    - add i18n support in rdsys (rdsys#11)

Shelikhoo: 2023-06-08
   Last Week:
    - [Merge Request Awaiting] Add SOCKS5 forward proxy support to snowflake (snowflake!64) (stalled)
    - [Research] HTTPT Planning Add HTTPT as a pluggable transport to Tor Browser (#1) · Issues · The Tor Project / Anti-censorship / Pluggable Transports / HTTPT · GitLab
    - Snowflake Performance Analysis (Ongoing, Analysis of speed deficiency of Snowflake in China, 2023 Q1 (#40251) · Issues · The Tor Project / Anti-censorship / Pluggable Transports / Snowflake · GitLab)
    - Research about designing an armored bridge line sharing URL format (Research about designing an armored bridge line sharing URL format (#126) · Issues · The Tor Project / Anti-censorship / Team · GitLab)
    - Webtunnel Document for bridge opertaors(container setup)
   Next Week/TODO:
    - webtunnel document for proxy operator <- immediate todo
    - [Research] WebTunnel planning (Continue)
    - Try to find a place to host another vantage point
    - logcollector alert system
    - Snowflake Performance Analysis

onyinyang: 2023-06-08
  Last week:
    - Moved Lox group to a rust workspace, now everything is at: The Tor Project / Anti-censorship / lox-rs · GitLab
    - Still Adding tests Lox distributor
    - Finished up changes to rdsys:
            - more aggressive `gone` labelling: This still needs some tweaks!
  This week:
    - with the new workspace in place, lox-distributor tests are moving along
    - reorganization of things within lox-rs (i.e., moving helper files etc. into lox_utils, adding documentation, pipelines, etc.)
    - tweak the `gone` resources from rdsys so that the lox-distributor can handle them appropriately
    - Look into a more reasonable way of storing Lox library data structures:
             - Ensure Lox bridge table persists in case of catastrophic failure (#2) · Issues · onyinyang / lox · GitLab
             - Make Lox Bridge Table more robust (#3) · Issues · onyinyang / lox · GitLab
             - First change the vectors in the bridge_table to maps.
         
    (long term things were discussed at the meeting!):
       Riseup Pad
      - brainstorming grouping strategies for Lox buckets (of bridges) and gathering context on how types of bridges are distributed/use in practice.
      Question: What makes a bridge useable for a given user, and how can we encode that to best ensure we're getting the most appropriate resources to people?
        1. Are there some obvious grouping strategies that we can already consider?
         e.g., by pt, by bandwidth (lower bandwidth bridges sacrificed to open-invitation buckets?), by locale (to be matched with a requesting user's geoip or something?)
        2. Does it make sense to group 3 bridges/bucket, so trusted users have access to 3 bridges (and untrusted users have access to 1)? More? Less?

Itchy Onion: 2023-06-08
    Last week:
    - fixed snowflake pipeline due to outdated Debian image
    - continue working on rdsys#56 implementation. Still need to do the following:
      - finish up computing bridge distribution in Kraken
       - does it have to be deterministic?
       - does the disproportion have to be strictly followed
     - finish writing tests
     - refactor code because some functions are getting extremely long
     - what to do with stencil package?
    This week:
    - review MRs
    - continue working on rdsys#56 implementation. Still need to do the following:
    - fixed a problem with vanilla bridges not being added properly to the database
    - still working on tests
    - adding a migaration patch (Consider persistent storage of bridge information (#56) · Issues · The Tor Project / Anti-censorship / rdsys · GitLab)

hackerncoder: 2023-04-20
    last week:
        - (py-)ooni-exporter torsf (snowflake)
        - (py-)ooni-exporter web_connectivity
    Next week:
       - work on "bridgetester"?
       - how does Iran block bridges?

--
meskio | https://meskio.net/
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
My contact info: https://meskio.net/crypto.txt
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
Nos vamos a Croatan.