Hey everyone!
Here are our meeting logs:
http://meetbot.debian.net/tor-meeting/2025/tor-meeting.2025-03-20-16.01.html
And our meeting pad:
Anti-censorship work meeting pad
···
--------------------------------
Anti-censorship
--------------------------------
Next meeting: Thursday,March, 27 16:00 UTC
Facilitator: meskio
^^^(See Facilitator Queue at tail)
Weekly meetings, every Thursday at 16:00 UTC, in #tor-meeting at OFTC
(channel is logged while meetings are in progress)
This week's Facilitator: shelikhoo
== Goal of this meeting ==
Weekly check-in about the status of anti-censorship work at Tor.
Coordinate collaboration between people/teams on anti-censorship at the Tor Project and Tor community.
== Links to Useful documents ==
* Our anti-censorship roadmap:
* Roadmap:https://gitlab.torproject.org/groups/tpo/anti-censorship/-/boards
* The anti-censorship team's wiki page:
* https://gitlab.torproject.org/tpo/anti-censorship/team/-/wikis/home
* Past meeting notes can be found at:
* The tor-project Archives
* Tickets that need reviews: from projects, we are working on:
* All needs review tickets:
* https://gitlab.torproject.org/groups/tpo/anti-censorship/-/merge_requests?scope=all&utf8=✓&state=opened&assignee_id=None
* Project 158 <-- meskio working on it
* https://gitlab.torproject.org/groups/tpo/anti-censorship/-/issues/?label_name[]=Project%20158
== Announcements ==
\*
== Discussion ==
Mar 20 New:
* Snowflake Staging Server & rdsys containerization
* TPA supported system doesn't allow to have more than one domain name per branch in a staging server
* snowflake needs two: broker and server
* shelikhoo is experiments with k8s + terraform
* shelikhoo will keep working on this since there is no overall rejection to this design
== Actions ==
== Interesting links ==
\* https://github.com/doudoulong/Minecruft-PT/blob/main/README.md#tor-browser-traffic-tunneling
== Reading group ==
\* We will discuss "Differential Degradation Vulnerabilities in Censorship Circumvention Systems" on April 3
\* https://arxiv.org/abs/2409.06247
\* Questions to ask and goals to have:
\* What aspects of the paper are questionable?
\* Are there immediate actions we can take based on this work?
\* Are there long\-term actions we can take based on this work?
\* Is there future work that we want to call out in hopes that others will pick it up?
== Updates ==
Name:
This week:
- What you worked on this week.
Next week:
- What you are planning to work on next week.
Help with:
- Something you need help with.
cecylia (cohosh): 2025-03-20
Last week:
- found and fixed cause of sqs rendezvous errors (snowflake#40363)
- implemented better timeouts at broker for client offers (snowflake#40449)
- lower proxy answerTimeout for web-based proxies (snowflake-webext#115)
- remove bad relay pattern log message and default-relay-pattern option for broker (snowflake#40454)
- followed up on Snowflake rendezvous errors in general (snowflake#40447)
- tagged and released snowflake proxy v2.11.0
- confirmed fixes for domain fronting issues on old android versions (lyrebird#40012)
- opened issue to update PTs in Tor Browser (tor-browser-build#41299)
- released snowflake-webext 0.9.3
This week:
- support conjure work
- follow up on snowflake rendezvous failures
- reduce/remove use of mutexes for broker metrics (snowflake#40458)
- take a look at potential snowflake orbot bug
- [BUG] 20% CPU overhead in kindness mode · Issue #1183 · guardianproject/orbot-android · GitHub
- maybe do some lox work
dcf: 2025-03-20
Last week:
- archived a Kazakhstan URL blocklist https://gitlab.torproject.org/tpo/anti-censorship/censorship-analysis/-/issues/40059#note_3174734
Next week:
- archive snowflake-webextension-0.9.3
- open issue to have snowflake-client log whenever KCPInErrors is nonzero https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snowflake/-/issues/40262#note_2886018
- parent: https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snowflake/-/issues/40267
Help with:
meskio: 2024-03-20
Last week:
- build rdsys containers in the CI (rdsys#219)
- stop distributing dysfunctional bridges (team#156)
- downgrade lyrebird to use go 1.22 (lyrebird#40026)
- release lyrebird 0.6.0
- test covertdtls MR proxy (snowflake!448)
- debug dependency proxy for snowflake (snowflake!522)
Next week:
- steps towards a rdsys in containers (rdsys#219)
Shelikhoo: 2024-03-20
Last Week:
- [Testing] Unreliable+unordered WebRTC data channel transport for Snowflake rev2 (cont.)( https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snowflake/-/merge_requests/315 ) testing environment setup/research
- Snowflake Staging Server Discussion(https://gitlab.torproject.org/tpo/tpa/team/-/issues/42080)
- Snowfalke Staging Server Experiment
- Merge request reviews
Next Week/TODO:
- Merge request reviews
- [Testing] Unreliable+unordered WebRTC data channel transport for Snowflake rev2 (cont.)( https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snowflake/-/merge_requests/315 ) improvements
- Snowfalke Staging Server Experiment
onyinyang: 2025-03-13
Last week(s):
- continued work on ampcache registration method for conjure
- WIP MR: Adding AMP Cache registrar to conjure by onyiny-ang · Pull Request #1 · cohosh/conjure · GitHub
- https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/conjure/-/merge_requests/34/diffs
- lox issuer efficiency merged!
Next week:
- HACS/Zkproofs/OSCW/RWC
- finish up ampcache registration method
- Begin work on decoy registration option
- review Tor browser Lox integration
- https://gitlab.torproject.org/tpo/applications/tor-browser/-/merge_requests/1300
- add TTL cache to lox MR for duplicate responses:
https://gitlab.torproject.org/tpo/anti-censorship/lox/-/merge_requests/305
As time allows:
- Work on outstanding milestone issues:
- key rotation automation
Later:
pending decision on abandoning lox wasm in favour of some kind of FFI? https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/43096):
\- add pref to handle timing for pubkey checks in Tor browser
\- add trusted invitation logic to tor browser integration:
https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/42974
- improve metrics collection/think about how to show Lox is working/valuable
- sketch out Lox blog post/usage notes for forum
\(long term things were discussed at the meeting\!\):
\- brainstorming grouping strategies for Lox buckets \(of bridges\) and gathering context on how types of bridges are distributed/use in practice
Question: What makes a bridge usable for a given user, and how can we encode that to best ensure we're getting the most appropriate resources to people?
1\. Are there some obvious grouping strategies that we can already consider?
e\.g\., by PT, by bandwidth \(lower bandwidth bridges sacrificed to open\-invitation buckets?\), by locale \(to be matched with a requesting user's geoip or something?\)
2\. Does it make sense to group 3 bridges/bucket, so trusted users have access to 3 bridges \(and untrusted users have access to 1\)? More? Less?
theodorsm: 2025-03-06
Last weeks:
- Implementing key_share extension support in covert-dtls
- Implementing mimicking DTLS 1.3 extensions
- Debugging Tor Build with covert-dtls: https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snowflake/-/merge_requests/448#note_3158883
Next weeks:
- Update MR with new covert-dtls version.
- Write instructions on how to configure covert-dtls with snowflake client
- Fix merge conflicts in MR (https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snowflake/-/merge_requests/448).
- Condensing thesis into paper (on hold)
Help with:
- Test stability of covert-dtls in snowflake
Facilitator Queue:
meskio onyinyang shelikhoo
1. First available staff in the Facilitator Queue will be the facilitator for the meeting
2. After facilitating the meeting, the facilitator will be moved to the tail of the queue