#ooni log

16:02:47 <hellais> #startmeeting OONI gathering 2016-10-10
16:02:47 <MeetBot> Meeting started Mon Oct 10 16:02:47 2016 UTC.  The chair is hellais. Information about MeetBot at http://wiki.debian.org/MeetBot.
16:02:47 <MeetBot> Useful Commands: #action #agreed #help #info #idea #link #topic.
16:02:51 <hellais> so here we start
16:03:00 <darkk> mmmm
16:03:05 <agrabeli> hellos
16:03:23 <darkk> meeting reminder template should be updated :)
16:03:30 <darkk> https://lists.torproject.org/pipermail/ooni-dev/2016-October/000467.html -- 17:00 UTC
16:04:54 <agrabeli> darkk: yeah you're right, it should be 16:00 UTC
16:05:06 <landers> here
16:05:12 <sbs> hello!
16:05:12 <hellais> oh my, you right
16:05:53 <hellais> anyways, do we have any topics we would like to be discussing this week?
16:06:41 <agrabeli> just a note to everyone: today we'll be publishing the Zambia report (finally), so please keep an eye out for that :)
16:06:58 <sbs> agrabeli: epic!
16:09:51 * hellais **crickets**
16:10:29 <agrabeli> hellais: lol
16:11:09 <agrabeli> so since we don't have a fixed agenda today, does anyone perhaps have a question they would like to ask?
16:11:23 <darkk> crickets have already been frozen by General Frost here :)
16:11:38 <landers> agrabeli: on the ooni blog?
16:12:35 <agrabeli> landers: I meant in general (in relation to all OONI things), but if you have any questions related to the zambia report, please share them (though the report will be published within the next 2 hours)
16:12:49 <landers> ah i meant is that where the zambia thing will be
16:13:31 <agrabeli> landers: https://github.com/TheTorProject/ooni-web/pull/70
16:14:03 <landers> ah i should be following that repo!
16:14:14 <agrabeli> landers: the zambia report will be published under the blog section of OONI's website
16:14:19 <sbs> darkk: lol
16:18:42 <agrabeli> so a general question: what relationship would you like OONI to have with the Tor Project? I'm having a meeting with Tor's Community Team about this this week, and one of the ideas we will be discussing relates to a Rapid Response Program, where we have some sort of censorship alert system that we feed to Tor, so that they can promote the usage of tor when censorship events occur.
16:19:43 <agrabeli> I don't think we'll be creating this alert system over the next few months (that would probably require a lot of improvements to our pipeline and data analysis capabilities first), but this is just one idea on how OONI and Tor can work together. Any other ideas, suggestions, thoughts?
16:21:42 <darkk> we probably don't have ooni-probe latency good enough to give an alert within hours after the incident takes place, but we have some expertise. Q: does this expertise matter?
16:21:44 * agrabeli **crickets**
16:22:06 <agrabeli> oops sorry darkk
16:22:39 <agrabeli> darkk: yeah, ideally we would foster this collaboration once we can provide alerts in near real-time
16:22:54 <agrabeli> so ideally, with a latency of less than an hour
16:22:58 <hellais> darkk: well I think that in general even a turnaround time of 36 hours (as we currently have with our pipeline) is still better than what Tor is currently relying on.
16:23:13 <hellais> I mean how they learn about outages at the moment is very ad-hoc and not structured at all
16:23:34 <sbs> agrabeli: without taking into account technical issues (which are being commented by others) I'd say this is a very good thing to do
16:23:46 <darkk> hellais: does not tor rely on social media? :)
16:23:50 <hellais> it's either because somebody shows up on IRC lamenting that Tor doesn't work in their country after it not working for various days, or after somebody notices some weird spike in the tor metrics data (which anyways has a latency of 48 hours)
16:24:23 <hellais> darkk: less than you would think, and that is also something that I think currently is quite ad-hoc and not very well structured
16:24:36 <sbs> my understanding is that, to better measure whether tor is working we need to write better tor tests for ooni-probe, right or wrong?
16:25:04 <hellais> I think one thing that we could do to facilitate this effort is create some deck that includes the tor related tests and enable it by default in all probesx
16:25:05 <darkk> tor is only part of the story
16:25:10 <hellais> sbs: yes, that is part of it
16:25:31 <agrabeli> sbs: indeed. though I don't think this would only concern the blocking of tor, but also the blocking of other sites and services, where Tor might want to promote tor for circumvention
16:25:51 <darkk> people do not need tor, they need facebook, twitter, instagram and github
16:25:55 <hellais> I took some notes on some of the things to do on this front here: https://github.com/TheTorProject/ooni-probe/issues/615 and https://github.com/TheTorProject/ooni-probe/issues/614
16:26:19 <agrabeli> darkk: agreed, which is why this collaboration would expand beyond the blocking of tor
16:27:08 <agrabeli> anyhow, does anyone have any wishlists in regards to potential collaboration with Tor?
16:27:14 <sbs> darkk: yes, that is true
16:28:06 <sbs> agrabeli: another way in which we could cooperate with tor is by continuing work on the mobile space, hellais and I had interesting discussions with nathan in seattle withr espect to that
16:28:27 <agrabeli> sbs: indeed!
16:28:46 <agrabeli> for everyone else: these discussions involved the potential integration of OONI tests into Orbot
16:30:50 <agrabeli> correction: this is actually about passively monitoring network activity on the device and detecting cases of blocking for specific target apps
16:31:02 <agrabeli> (and adding this as a capability in Orbot)
16:31:45 <darkk> For example, yesterday github (dropbox, onedrive, googledrive) was blocked in Turkey, we don't know that from OONI data, but there are rumors in twitter. What can we do? Is it valuable information? How can/should TPI react?
16:32:19 <sbs> darkk: I guess, when we have orchestration, trigger measurements of those sites from our available probes
16:32:26 <agrabeli> darkk: I'm glad you pointed that out. We actually reached out to Turkey Blocks over the weekend, and asked them to run ooniprobe
16:33:27 <agrabeli> darkk: to my understanding, TPI is generally interested in promoting the usage of tor via Twitter and other social media, and I think they are brainstorming on other outreach strategies as well.
16:33:55 <agrabeli> their constraint is that often they are not in a position to monitor all cases of censorship around the world, or to respond to them on a timely manner
16:34:28 <agrabeli> I think it would make sense for OONI to assist in this regard, though we would need to first expand our probe coverage and improve our data analysis capabilities
16:35:33 <sbs> agrabeli: +1
16:39:38 <agrabeli> any other topics that you would like to discuss?
16:40:02 <agrabeli> has anyone faced any OONI work-related challenges, that you would like to talk about?
16:41:40 <sbs> Is there any news on the Berlin hackathon?
16:42:11 <darkk> sbs: actually, I have some RIPE data confirming TR blocks but I doubt that RIPE is eager to slap TR once again
16:42:34 <darkk> agrabeli: did TurkeyBlocks got anything interesting?
16:43:43 <agrabeli> sbs: it seems that we will hold an internal meeting in Berlin during the first week of November, while the open hack day will be on Saturday, 5th November. We will proceed to booking flights, accommodation, etc. asap, and coordinate with you on this via internal channels.
16:44:09 <agrabeli> darkk: I'm not sure which tests TurkeyBlocks are running, nor whether their data is publicly available.
16:44:55 <agrabeli> darkk: It seems like they are running their own tests. When we suggested that they run ooniprobe, they expressed some concerns, which we addressed - but we haven't heard from them thereater.
16:45:42 <darkk> ah, lol, I'm reading their about page: ```This particularly insidious form of censorship is difficult to detect and evades ordinary monitoring systems such as OONI``` :-D
16:46:06 <agrabeli> darkk: TurkeyBlocks claim that a number of sites were blocked over the last days, though I haven't seen any data from them.
16:46:11 <agrabeli> darkk: lol
16:46:16 <darkk> source: https://encrypt.org.uk/turkeyblocks/
16:46:52 <hellais> lol, we're just an ordinary monitoring system
16:46:57 <agrabeli> darkk: yeah, we should perhaps follow up with them and learn what magic tricks they use which are out of the ordinary :p
16:51:23 <hellais> anyways I guess we will keep you posted as the discussion goes forward.
16:51:39 <hellais> it would be cool if we could get them to start using ooniprobe to do their measurements and ideally submit them back to us
16:51:55 <hellais> they claim to have coverage into 2-3 different ISPs in turkey from "multiple vantage points"
16:52:14 <agrabeli> hellais: yeah, I have been asking them to run ooniprobe for quite some time now...
16:52:56 <hellais> something random off topic is that I applied and received 4 free software project licenses for pycharm (https://www.jetbrains.com/pycharm/)
16:53:29 <hellais> if you would like to try the IDE experience let me know and I can give you a license
16:54:00 <darkk> TurBlock claims to have custom software/hardware, so I doubt that ooniprobe will be a drop-in replacement
16:54:34 <hellais> I don't use it all the time (as I'm generally more confortable with vim for general coding), but for big refactoring tasks their assisted refactoring tools are very useful
16:55:57 <darkk> I wonder if TurkeyBlocks reveal their data & methodology, have not found anything but this photo yet -- https://www.facebook.com/TurkeyBlocks/photos/pb.767951683350992.-2207520000.1476118324./767954340017393/?type=3&theater
16:56:19 <hellais> lol
16:58:15 <hellais> do we have anything else we would like to discuss?
16:59:01 <sbs> darkk: loool
17:00:01 <darkk> the only thing I really like is "PCAP or it did not happen" motto. I'm afraid that going MK way we may occasionally forget about that.
17:01:59 <sbs> darkk: the way I see it, ooni-probe could run measurements through mk and also setup packet filtering (or mk itself could link to libpcap)
17:02:33 <hellais> darkk: we actually do have plans to add also raw packet generation and capture support to MK as well
17:04:20 <darkk> I was afraid that MK is quite centered around mobile-app use case and mobile OSes prohibit raw packets (AFAIK) so it may be limiting factor. Anyway, I see lots of useful metadata in TCP that is lost when the packet arrives to userspace, that's why I reminded about that once again.
17:04:41 <sbs> this was one of the candidate libraries: https://github.com/mfontanini/libtins
17:05:13 <sbs> darkk: I totally agree that lots of useful data is lost when you travel to userspace
17:05:56 <sbs> darkk: yes, on mobile you cannot capture etc., but the idea is that the version of MK you compile for mobile does not compile those features whereas you compile in more features for non-mobile environments
17:15:39 <sbs> is there anything else to discuss, or should we adjourn?
17:16:47 <hellais> I think we can close the meeting at this point. If needed more can be discussed off the record
17:16:51 <hellais> #endmeeting