Hey everyone! Here are our meeting logs: http://meetbot.debian.net/tor-meeting/2024/tor-meeting.2024-05-30-16.00.html
And our meeting pad:
Anti-censorship
--------------------------------
Next meeting: Thursday, June 6 16:00 UTC
Facilitator: shelikhoo
^^^(See Facilitator Queue at tail)
Weekly meetings, every Thursday at 16:00 UTC, in #tor-meeting at OFTC
(channel is logged while meetings are in progress)
This week's Facilitator: meskio
== Goal of this meeting ==
Weekly check-in about the status of anti-censorship work at Tor.
Coordinate collaboration between people/teams on anti-censorship at the Tor
Project and Tor community.
== Links to Useful documents ==
* Our anti-censorship roadmap:
*
Roadmap:https://gitlab.torproject.org/groups/tpo/anti-censorship/-/boards
* The anti-censorship team's wiki page:
*
https://gitlab.torproject.org/tpo/anti-censorship/team/-/wikis/home
* Past meeting notes can be found at:
* https://lists.torproject.org/pipermail/tor-project/
* Tickets that need reviews: from sponsors, we are working on:
* All needs review tickets:
*
https://gitlab.torproject.org/groups/tpo/anti-censorship/-/merge_requests?scope=all&utf8=%E2%9C%93&state=opened&assignee_id=None
* Sponsor 96 <-- meskio, shell, onyinyang, cohosh
*
https://gitlab.torproject.org/groups/tpo/-/milestones/24
* Sponsor 150 <-- meskio working on it
*
https://gitlab.torproject.org/groups/tpo/anti-censorship/-/issues/?label_name%5B%5D=Sponsor%20150
== Announcements ==
*
== Discussion ==
* Add nginx rate limiting to address "TTP-03-001 WP1: Snowflake broker
vulnerability"
*
https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snowflake/-/issues/40329
* It will be applied once we move the broker
https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snowflake/-/issues/40349
* shelikhoo will apply the changes into the nginx of the new
broker, it will take effect as soon as we migrate to it
* Is the broker migration ready to apply yet?
https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snowflake/-/issues/40349
* dcf can change the VM memory configuration, then someone
needs to contact TPA to ask them to change a DNS record
* Example of asking for a DNS change:
https://gitlab.torproject.org/tpo/tpa/team/-/issues/40716
* Caveat: we will have to use the same Let's Encrypt account as
the old broker, because of CAA records:
*
https://gitlab.torproject.org/tpo/tpa/team/-/issues/41462
*
https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snowflake/-/issues/40319
* https://gitlab.torproject.org/dcf/autocert-account-id
== Actions ==
== Interesting links ==
*
== Reading group ==
* We will discuss "Communication Breakdown: Modularizing Application
Tunneling for Signaling Around Censorship" on May 30
* https://petsymposium.org/popets/2024/popets-2024-0027.php
* Questions to ask and goals to have:
* What aspects of the paper are questionable?
* Are there immediate actions we can take based on this
work?
* Are there long-term actions we can take based on this
work?
* Is there future work that we want to call out in
hopes that others will pick it up?
== Updates ==
Name:
This week:
- What you worked on this week.
Next week:
- What you are planning to work on next week.
Help with:
- Something you need help with.
cecylia (cohosh): 2024-05-30
Last week:
- tor meeting
- s152 final and monthly reports
- commented on mv3 migration issue
This week:
- take a look at snowflake web and webext translations and best
practices
- get around to backlog of MR reviews
- make changes to Lox encrypted bridge table
-
https://gitlab.torproject.org/tpo/anti-censorship/lox/-/merge_requests/147
- follow up on reported SQS errors
- update wasm-bindgen fork to fix some bugs and hopefully upstream
changes
Needs help with:
dcf: 2024-05-30
Last week:
Next week:
- review snowflake unreliable+unordered data channels rev2
https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snowflake/-/merge_requests/315
- open issue to have snowflake-client log whenever KCPInErrors
is nonzero
https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snowflake/-/issues/40262#note_2886018
- parent:
https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snowflake/-/issues/40267
- open issue to disable /debug endpoint on snowflake broker
- move snowflake-02 to new VM
Help with:
- tell me when to restart the brokers for
https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snowflake/-/issues/40349
meskio: 2023-05-30
Last week:
- back from tormeeting and catching up
- plan rdsys deployment to replace BridgeDB (tpa/team#41613)
- look at onbasca issues failing to test bridges (onbasca#171)
- map existing monit alerts into prometheus blackbox exporter (not
pushed yet)
Next week:
- use safeprom in rdsys (rdsys#203)
- add prometheus metrics to replace bridgedb metrics in rdsys
(rdsys#188)
Shelikhoo: 2024-05-30
Last Week:
- [Merge Request Waiting] Add Container Image Mirroring from Tor Gitlab
to Docker
Hub(https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snowflake/-/merge_requests/280)
- [Merge Request Waiting] Snowflake Performance
Improvement rev2
(https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snowflake/-/merge_requests/315)
- Chrome Manifest V3 transition research
- Vantage point maintaince
- merge request processing
- Merge request reviews
Next Week/TODO:
- Merge request reviews
onyinyang: 2023-05-30
Last week(s):
- continued key rotation implementation
- Fixed bug in blockage_migration protocol
Next week:
- Work on outstanding milestone issues:
https://gitlab.torproject.org/tpo/anti-censorship/lox/-/milestones/1#tab-issues
- prepare for end to end testing of the Lox system with
browser integration
Later:
- begin implementing some preliminary user feedback mechanism
to identify bridge blocking based on Vecna's work
- improve metrics collection/think about how to show Lox is
working/valuable
- sketch out Lox blog post/usage notes for forum
(long term things were discussed at the meeting!):
https://pad.riseup.net/p/tor-ac-community-azaleas-room-keep
- brainstorming grouping strategies for Lox buckets (of
bridges) and gathering context on how types of bridges are distributed/use in
practice
Question: What makes a bridge usable for a given user,
and how can we encode that to best ensure we're getting the most appropriate
resources to people?
1. Are there some obvious grouping strategies
that we can already consider?
e.g., by PT, by bandwidth (lower
bandwidth bridges sacrificed to open-invitation buckets?), by locale (to be
matched with a requesting user's geoip or something?)
2. Does it make sense to group 3
bridges/bucket, so trusted users have access to 3 bridges (and untrusted users
have access to 1)? More? Less?
theodorsm: 2023-05-16
Last weeks:
- Pion dtls have merged my PR for hooking of client
hellos, server hellos and certificate request
(https://github.com/pion/dtls/pull/631).
- Quick test with my mimicking library
(https://github.com/theodorsm/covert-dtls) with snowflake: promising results
- Writing for my thesis
Next weeks:
- Add hook to pion/webrtc so it can be used in
snowflake.
- Further test and validate mimicked client hello with
snowflake.
- Add randomized fingerprint
- Writing my thesis
- Might explore some stateful attacks/fingerprints
Help with:
Facilitator Queue:
shelikhoo onyinyang meskio
1. First available staff in the Facilitator Queue will be the facilitator for
the meeting
2. After facilitating the meeting, the facilitator will be moved to the tail of
the queue
--
meskio | https://meskio.net/
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
My contact info: https://meskio.net/crypto.txt
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
Nos vamos a Croatan.
signature.asc
Description: signature
_______________________________________________ tor-project mailing list [email protected] https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-project
