[tor-project] Anti-censorship team meeting notes, 2026-01-15

Mailing Lists tor-project
,
1

Hey everyone!

Here are our meeting logs:

And our meeting pad:

Anti-censorship

···

--------------------------------

Next meeting: Thursday, January 22 16:00 UTC
Facilitator: onyinyang

^^^(See Facilitator Queue at tail)

Weekly meetings, every Thursday at 16:00 UTC, in #tor-meeting at OFTC
(channel is logged while meetings are in progress)

This week's Facilitator: meskio
== Goal of this meeting ==

Weekly check-in about the status of anti-censorship work at Tor.
Coordinate collaboration between people/teams on anti-censorship at the Tor Project and Tor community.

== Links to Useful documents ==
  * Our anti-censorship roadmap:
    * Roadmap:Issue Boards · Issues by Assignee · Boards · Anti-censorship · GitLab
  * The anti-censorship team's wiki page:
    * Home · Wiki · The Tor Project / Anti-censorship / Team · GitLab
  * Past meeting notes can be found at:
    * The tor-project Archives
  * Tickets that need reviews: from projects, we are working on:
    * All needs review tickets:
      * Merge requests · Anti-censorship · GitLab
    * Project 158 <-- meskio working on it
      * Issues · Anti-censorship · GitLab

== Announcements ==

== Discussion ==

  * Add rate limiting back to broker for just /proxy endpoint for now
    * Add back rate limiting for /proxy requests at broker (#40506) · Issues · The Tor Project / Anti-censorship / Pluggable Transports / Snowflake · GitLab
    * there is not ratelimit now, as it was creating client timeout errors
    * the proposal is to bring it only for /proxy as /client is trickier to do
    * we agree on adding the rate limit
  * Conjure test network
    * tctnet · Wiki · The Tor Project / Anti-censorship / Pluggable Transports / conjure · GitLab
    * since december is down to save electricity
    * will stay down until we need it, wich will take months

== Actions ==

  *

== Interesting links ==

  *

== Reading group ==

  * We will discuss "Fingerprint-resistant DTLS for usage in Snowflake" on Feb 5
    * FOCI Proceedings — Fingerprint-resistant DTLS for usage in Snowflake
    * Questions to ask and goals to have:
      * What aspects of the paper are questionable?
      * Are there immediate actions we can take based on this work?
      * Are there long-term actions we can take based on this work?
      * Is there future work that we want to call out in hopes that others will pick it up?
  * Next in the Reading Group Queue:
    *

== Updates ==
Name:
    This week:
      - What you worked on this week.
    Next week:
      - What you are planning to work on next week.
    Help with:
      - Something you need help with.

cecylia (cohosh): 2026-01-15
  Last week:
      - Implemented bridge reachability checks for proxies (snowflake#40504)
      - Commented on How to improve user feedback about slow Tor startup through Snowflake? · Issue #75 · tladesignz/IPtProxy · GitHub
      - Fixed Conjure pipeline image URLs
      - Looked at adding rate-limiting back to the broker (snowflake#40506)
      - talked to UCSC researchers about enumeration attacks and defences
  Next week:
      - research snowflake enumeration attacks (snowflake#40396)
      - follow up on snowflake rendezvous failures (snowflake#40447)
      - revisit conjure integration with lyrebird
      - take a look at potential snowflake orbot bug
          - [BUG] 20% CPU overhead in kindness mode · Issue #1183 · guardianproject/orbot-android · GitHub

dcf: 2026-01-15
  Last week:
    - looked up some history of snowflake proxy preliminary reachability checks Proxies should not poll if they cannot reach a bridge (#40504) · Issues · The Tor Project / Anti-censorship / Pluggable Transports / Snowflake · GitLab
  Next week:
    - open issue to have snowflake-client log whenever KCPInErrors is nonzero Deploy snowflake-server for QueuePacketConn buffer reuse fix (#40260) (#40262) · Issues · The Tor Project / Anti-censorship / Pluggable Transports / Snowflake · GitLab
      - parent: Improve bug discovery process (#40267) · Issues · The Tor Project / Anti-censorship / Pluggable Transports / Snowflake · GitLab
Help with:

meskio: 2026-01-15
    Last week:
        - monitor Iran network blackout (censorship-analysis#40068)
        - write a proposal on how to handle censorship events
  Censorship Events · Wiki · The Tor Project / Anti-censorship / Team · GitLab
      - start using matrix
      - merge obfs4-bridge docker CI so it generate images and publishes them (docker-obfs4-bridge!20)
      - clean up old issues
    Next week:
        - project reports

Shelikhoo: 2026-01-08
    Last Week:
         - [Testing] Unreliable+unordered WebRTC data channel transport for Snowflake rev2 (cont.)( Draft: Unreliable+unordered WebRTC data channel transport for Snowflake rev2 (!315) · Merge requests · The Tor Project / Anti-censorship / Pluggable Transports / Snowflake · GitLab ) testing environment setup/research
       - [Merge] Add automated binary release support (Add automated binary release support (!651) · Merge requests · The Tor Project / Anti-censorship / Pluggable Transports / Snowflake · GitLab)
      - [Deploy] Cherry-pick utls chrome120 fingerprint fix ( https://gitlab.torproject.org/shelikhoo/utls-temporary/-/tree/dev-backport-v1-6-7-plus-downgrade-check-plus-aes-grease-fix-plus-chrome120paddingfix?ref_type=heads )
      - Snowflake MR for utls chrome120 fingerprint fix
      - Lyrebird MR for utls chrome120 fingerprint fix
      - Lyrebird 0.8.1 Release
    Next (working) Week/TODO:
        - Merge request reviews
        - [Deployment]Unreliable+unordered WebRTC data channel transport for Snowflake rev2 (cont.)( Draft: Unreliable+unordered WebRTC data channel transport for Snowflake rev2 (!315) · Merge requests · The Tor Project / Anti-censorship / Pluggable Transports / Snowflake · GitLab ) Building custom Tor Browser with patch applied
        - Write Report for 2025 Q4
        - Design experment for internet shutdown
        - Release new container release if necessary

onyinyang: 2026-01-15
  Last week(s):
      - Working on https distributor language selector
        - fixing some errors in the translated pages
        - does the translation work for bridges.torproject.org exist somewhere already?
    -Making it harder to inject a bridge to a specific client https://gitlab.torproject.org/tpo/anti-censorship/rdsys/-/issues/257#note_3322645
    - Added cronjob for gettor distributor
Next week:
    - Continue Investigating rdsys#248 i.e., why dysfunctional webtunnel bridges are being distributed
    - Troubleshooting conjure not connecting in China
      - waiting for more information from conjure authors/maintainers
    
      Switch back to some of these:
          As time allows:
              - Lox still seems to be filling up the disk on the rdsys-test server despite changes made to delete old entries, look into what's going wrong
               Blog post for conjure: Set up a more permanent Conjure bridge (#46) · Issues · The Tor Project / Anti-censorship / Pluggable Transports / conjure · GitLab
              - review Tor browser Lox integration Bug 43096: Move to Rust for the Lox integration (!1300) · Merge requests · The Tor Project / Applications / Tor Browser · GitLab
              - add TTL cache to lox MR for duplicate responses:
    Enable repeat responses to successful Lox requests (!305) · Merge requests · The Tor Project / Anti-censorship / lox · GitLab

    - Work on outstanding milestone issues:
      - key rotation automation
    
    Later:
    pending decision on abandoning lox wasm in favour of some kind of FFI? Consider dropping Lox's WASM (#43096) · Issues · The Tor Project / Applications / Tor Browser · GitLab):
      - add pref to handle timing for pubkey checks in Tor browser
      - add trusted invitation logic to tor browser integration:
      Lox module doesn't include trusted invitation redemption (#42974) · Issues · The Tor Project / Applications / Tor Browser · GitLab
    - improve metrics collection/think about how to show Lox is working/valuable
    - sketch out Lox blog post/usage notes for forum
    
  (long term things were discussed at the meeting!):
    - brainstorming grouping strategies for Lox buckets (of bridges) and gathering context on how types of bridges are distributed/use in practice
      Question: What makes a bridge usable for a given user, and how can we encode that to best ensure we're getting the most appropriate resources to people?
        1. Are there some obvious grouping strategies that we can already consider?
          e.g., by PT, by bandwidth (lower bandwidth bridges sacrificed to open-invitation buckets?), by locale (to be matched with a requesting user's geoip or something?)
        2. Does it make sense to group 3 bridges/bucket, so trusted users have access to 3 bridges (and untrusted users have access to 1)? More? Less?
    
theodorsm: 2026-01-15
    Last weeks:
      - MR: Add covert-dtls to proxy and client (!644) · Merge requests · The Tor Project / Anti-censorship / Pluggable Transports / Snowflake · GitLab
      - Implementing DTLS 1.3 in pion
    Next weeks:
      - Implementing DTLS 1.3 in pion
    Help with:
      -
      
Facilitator Queue:
  onyinyang shelikhoo meskio
1. First available staff in the Facilitator Queue will be the facilitator for the meeting
2. After facilitating the meeting, the facilitator will be moved to the tail of the queue

--
meskio | https://meskio.net/
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
My contact info: https://meskio.net/crypto.txt
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
Nos vamos a Croatan.