Here are our meeting logs:
And our meeting pad:
Next meeting: Thursday, Nov 2 16:00 UTC
Weekly meetings, every Thursday at 16:00 UTC, in #tor-meeting at OFTC
(channel is logged while meetings are in progress)
This week's Facilitator: meskio
== Goal of this meeting ==
Weekly check-in about the status of anti-censorship work at Tor.
Coordinate collaboration between people/teams on anti-censorship at the
Tor Project and Tor community.
== Links to Useful documents ==
* Our anti-censorship roadmap:
* The anti-censorship team's wiki page:
* Past meeting notes can be found at:
* The tor-project Archives
* Tickets that need reviews: from sponsors, we are working on:
* All needs review tickets:
Merge requests · Anti-censorship · GitLab
* Sponsor 96 <-- meskio, shell, onyinyang, cohosh
Sponsor 96: Rapid Expansion of Access to the Uncensored Internet through Tor in China, Hong Kong, & Tibet · The Tor Project · GitLab
* Sponsor 150 <-- meskio working on it
Issues · Anti-censorship · GitLab
== Announcements ==
== Discussion ==
* Fastly to block domain fronting in February 2024
[anti-censorship-team] Fastly to block domain fronting in February 2024
* azure is closing domain front support next month
* there are some alternatives to domain fronting we could use (ampcache or tapdance), but it might be trickier to integrate with moat
* cohosh will investigate if cnd77, netlify or akamai are alternatives we could use
* let's stress tests ampcache using it in one of our default bridges
* we can add metrics to the broker to know if the clients come from ampcache or domain front
* don't reject unrestricted client if there are no restricted proxies
* improvement(broker): don't reject unrestricted client if there are no restricted proxies (!187) · Merge requests · The Tor Project / Anti-censorship / Pluggable Transports / Snowflake · GitLab
* we'll merge it, it should not affect our deployment
== Actions ==
== Interesting links ==
* webtunnel testers call out:
* Call for Testers: WebTunnel, a new way to bypass censorship with Tor Browser
* blog post of the sponsor 30 code audit
* Putting Censorship Circumvention to the Test: Security Audit Findings | The Tor Project
* New paper PTPerf: On the Performance Evaluation of Tor Pluggable Transports: PTPerf: On the Performance Evaluation of Tor Pluggable Transports | Proceedings of the 2023 ACM on Internet Measurement Conference
== Reading group ==
* We will discuss "On Precisely Detecting Censorship Circumvention in Real-World Networks" on November 9
* On Precisely Detecting Censorship Circumvention in Real-World Networks | robgjansen.com
* Questions to ask and goals to have:
* What aspects of the paper are questionable?
* Are there immediate actions we can take based
on this work?
* Are there long-term actions we can take based
on this work?
* Is there future work that we want to call out
in hopes that others will pick it up?
== Updates ==
- What you worked on this week.
- What you are planning to work on next week.
- Something you need help with.
cecylia (cohosh): 2023-10-26
- reviewed duplication fix for lox-distributor (lox!42)
- deployed lox distributor, finally (rdsys#167)
- updated rdsys survival guide
- Rdsys Survival Guide · Wiki · The Tor Project / Anti-censorship / Team · GitLab
- reviewed snowflake outbound proxy support (snowflake!200)
- opened issue for regression in client since !182
- Non-fronted connections to the broker no longer work since 9fdfb3d1b53e9113422a7a2816b2a9af4450b4ac (#40301) · Issues · The Tor Project / Anti-censorship / Pluggable Transports / Snowflake · GitLab
- rebased lox tor browser UX integration to continue working on that
- fix snowflake regression (snowflake#40301)
- lox tor browser UX integration
- follow up on conjure reliability issues
- visualize and write up some snowflake shadow simulation results
Needs help with:
- revise encapsulation.ReadData redesign to return an error in
the case of a short buffer
- open issue to have snowflake-client log whenever KCPInErrors
- open issue to disable /debug endpoint on snowflake broker
Before EOY 2023:
- move snowflake-02 to new VM
- test the whatsapp bot (rdsys#147)
- investiage a failure on telegram bot, was on applications side (onionsproutsbot#54)
- some lox merge request reviews (lox!62 !68)
- set up staging server for rdsys (rdsys#170)
- [Merge Request Merged] Add SOCKS5 forward proxy support to snowflake
(Add SOCKS5 forward proxy support(Redoed) (!200) · Merge requests · The Tor Project / Anti-censorship / Pluggable Transports / Snowflake · GitLab)
- Work on snowflake performance improvement
- Finialize alert for log collector Add Logcollector Alert Rules (!37) · Merge requests · The Tor Project / TPA / prometheus-alerts · GitLab
- [Merge Request Reviews] lots of...
- Write Tor Spec for Armored URL (continue)
- Work on snowflake performance improvement
- Merge request reviews
- Finalized a bunch of existing MRs including zkp crate fixes
- these are now merged into lox!
- Added to metrics, nearly finished
- Finish up metrics
- Add functionality to handle blocked bridges in a single
location for MVP
- Start work on telegram distributor bot for Lox
- Fix flakey test if time
(long term things were discussed at the meeting!):
- brainstorming grouping strategies for Lox
buckets (of bridges) and gathering context on how types of bridges are
distributed/use in practice
Question: What makes a bridge usable for a
given user, and how can we encode that to best ensure we're getting the
most appropriate resources to people?
1. Are there some obvious grouping
strategies that we can already consider?
e.g., by PT, by bandwidth (lower
bandwidth bridges sacrificed to open-invitation buckets?), by locale (to
be matched with a requesting user's geoip or something?)
2. Does it make sense to group 3
bridges/bucket, so trusted users have access to 3 bridges (and untrusted
users have access to 1)? More? Less?