#tor-dev log

15:00:21 <asn> #startmeeting SponsorR
15:00:21 <MeetBot> Meeting started Tue Jun  2 15:00:21 2015 UTC.  The chair is asn. Information about MeetBot at http://wiki.debian.org/MeetBot.
15:00:21 <MeetBot> Useful Commands: #action #agreed #help #info #idea #link #topic.
15:00:27 <asn> Hello friends.
15:00:31 <asn> Who is around?
15:00:34 * dgoulet 
15:01:03 * syverson is
15:01:04 <asn> karsten is probably busy in the US, or flying there currently.
15:01:20 <asn> hello all
15:01:33 <asn> ok let's start with status reports as always
15:01:59 <asn> During past week, I mainly worked on non-SposnorR tasks
15:02:14 <asn> mainly guard security, bug bounties, and guardfraction.
15:02:23 <asn> i looked a bit at #15744 and some new graphs that karsten prepared
15:02:24 <asn> but not much,.
15:02:57 <asn> also worked with our SoP students.
15:03:00 <asn> and that's that from me :)
15:03:05 <asn> who wants to go next?
15:03:08 <dgoulet> oh yeah where is DonnchaC ? lol
15:03:22 <asn> not sure. i think we have a meeting tomorrow.
15:03:41 <asn> kernelcorn seems busy writing code.
15:03:44 <ohmygodel> hi sponsor r
15:03:49 <asn> hello ohmygodel
15:03:53 <asn> you haven't missed anything
15:03:56 <dgoulet> asn: I'm asking because he didn't reply to the meeting schedule email :(
15:03:57 <dgoulet> anyway
15:04:06 <asn> dgoulet: oh
15:04:24 <asn> who next? :)
15:04:41 * dgoulet can go
15:04:59 <asn> dgoulet: go!
15:05:13 <asn> dgoulet: sent a mail to the donncha meeting thread . in case he missed it.
15:05:51 <dgoulet> non sponsorR work last week, mainly reviewing nickm's ticket, with karsten's help we moved the hs health logging to csv so we can start graph, it's been running non stop for weeks now, we have lots of data point so I'm expecting starting answering questions soon! :)
15:06:16 <ohmygodel> dgoulet what stats does the health service gather
15:06:19 <dgoulet> I'm currently finishing a branch that fixes 3 SponsorR tickets and will bring more
15:06:46 <dgoulet> that's about it
15:06:53 <dgoulet> ohmygodel: I can tell you after the status report
15:06:56 <ohmygodel> ok thx
15:07:09 <asn> ok let's keep this topic then.
15:07:14 <asn> who wants to go next?
15:07:17 * ohmygodel can go
15:07:20 <asn> please
15:07:36 <ohmygodel> i have started running a relay
15:07:40 <ohmygodel> an exit relay
15:07:47 <asn> #idea  what stats does the health service gather
15:07:55 <ohmygodel> we are also planning to deploy PrivEx on it
15:08:25 <ohmygodel> to be a port of the PrivEx deployment that Tariq Elahi and Ian Goldberg are running at Waterloo
15:08:49 <ohmygodel> it is set up to collect counts of visits (well, DNS resolutions) to a whitelist of censored sites
15:09:15 <asn> aha
15:09:18 <asn> interesting
15:09:21 <ohmygodel> i am interested in using this system to collect the sensitive HS stats that we have been blocked from gathering
15:09:42 <asn> do you hope to evaluate privex through this experiment?
15:09:53 <ohmygodel> yes exactly
15:10:04 <ohmygodel> PrivEx has some drawbacks: it can only gather counts, and data can easily be destroyed by a single malicious relay
15:10:17 <ohmygodel> however, it is a way to start getting some statistics soon
15:10:22 <asn> does it work so far?
15:10:27 <ohmygodel> and we can work on better protocols as well (e.g. SMC)
15:10:38 <ohmygodel> Tariq tells me it works
15:10:47 <asn> interesting!
15:10:48 <ohmygodel> we havent gotton our PrivEx node set up yet
15:10:51 <asn> ah ok
15:10:54 <ohmygodel> we just got the relay up
15:10:57 <asn> ok
15:11:02 <ohmygodel> so that is one thing
15:11:10 <ohmygodel> another thing im looking at is bandwidth scanning
15:11:29 <ohmygodel> we spent a lot of time evaluating a relays-measure-relays approach (PeerFlow)
15:11:40 <asn> ya
15:11:40 <ohmygodel> im going to spend a little time looking at how good bandwidth scanning could be
15:11:46 <ohmygodel> both for security and for performance
15:12:10 <ohmygodel> ok thats it from me
15:12:21 <asn> what do you mean "could be"?
15:12:30 <asn> is this different research than peerflow?
15:12:31 <ohmygodel> if you designed a better scanning protocol
15:12:36 <asn> aha
15:12:40 <asn> ideally?
15:12:41 <ohmygodel> its evaluating a different approach that uses trusted BWAuths
15:12:44 <asn> theoretically?
15:12:49 <asn> ok
15:13:06 <asn> btw, this might be irrelevant to you
15:13:09 <asn> but there is this new trend
15:13:09 <ohmygodel> well, how good we can figure out how to make it anyway
15:13:37 <asn> where people run (the old) bwauths and then send their result to the dirauths
15:13:40 <asn> who actually use them
15:13:59 <ohmygodel> wasnt that always how it worked ?
15:13:59 <asn> that is, splitting the dirauth / bwauth responsibility
15:14:12 <asn> well, i think so far the dirauths were running the bwauths
15:14:31 <asn> now, tom ritter is going to run a bwauth and send his bwauth file to mike perry (for example)
15:14:44 <ohmygodel> ok. i believe that they were always separate processes communicating by scp’ing measurement files.
15:14:49 <asn> yep
15:14:51 <ohmygodel> yeah, i have been watching those threads
15:14:51 <asn> ack
15:14:52 <ohmygodel> thx
15:14:54 <asn> so you are aware!
15:14:55 <asn> perfect
15:15:00 <asn> ok, who wants to go next?
15:15:25 * syverson can go
15:15:28 <asn> syverson: pklease
15:15:43 <syverson> Since we haven't been meeting, I'll note that I presented genuine onion work with Griffin at Oakland two weeks ago.
15:15:43 <syverson> Got invited to write up a version of that for a special issue of IEEE S&P magazine today.
15:15:43 <syverson> Meeting Richard Barnes of Mozilla/Let's Encrypt tomorrow to talk about authentication and .onions.
15:15:43 <syverson> Been debating more about terminology. My current favorite simplex onion services and duplex onion services. Will write this into the wiki.
15:15:44 <syverson> Talked to Aaron, Rob and our intern Pierce about PrivEx and related plans.
15:15:45 <syverson> Plan to start joining on simplex onion Tor proposal etc. this week.
15:15:48 <syverson> Also write my talk for 18F in a few weeks.
15:15:49 <syverson> Also started making (the usual nightmare) travel arrangements to teach a Tor course at SAC Summer School in August.
15:15:52 <syverson> Done
15:16:30 <asn> interesting!
15:16:40 <asn> simplex onion Tor proposal, is the "direct onion services" thing right?
15:16:48 <syverson> Yes.
15:16:50 <asn> ack
15:17:03 <dgoulet> ahah SOS is fun
15:17:14 <syverson> And DOS.
15:17:15 <ohmygodel> fwiw, i now personally prefer “open onion services” :-D
15:17:39 <asn> oh my.
15:17:52 <asn> what a hard name pick!
15:18:00 <asn> where is SAC summer school?
15:18:05 <syverson> I vote not to discuss this now, even though I broached it.
15:18:15 <syverson> Sackville New Brunswick
15:18:28 <asn> right on
15:18:29 <asn> enjoy!
15:18:40 <asn> ok, so that's all for status reports?
15:18:46 <asn> move to discussion phase?
15:18:48 <dgoulet> go
15:18:51 <asn> ok
15:18:52 <asn> so let's talk about:
15:18:54 <nickm> somebody link me to the privex code?
15:19:09 <asn> - HS health stats
15:19:16 <asn> - HS meeting on July DC
15:19:21 <asn> - <?>
15:20:03 <ohmygodel> git://git-crysp.uwaterloo.ca/privex
15:20:08 <asn> ok these two topics i guess
15:20:15 <asn> dgoulet: wanna tell us about HS health stats?
15:20:39 <dgoulet> yes
15:20:56 <ohmygodel> nickm: the paper is also at <http://cacr.uwaterloo.ca/techreports/2014/cacr2014-08.pdf>. we are running the dead-simple S2 scheme
15:21:17 <ohmygodel> sorry go ahead dgoulet
15:21:21 <dgoulet> so for a start, this is currently what we are logging in csv format (here are the fields): https://paste.debian.net/hidden/5702f5f9/
15:21:53 <dgoulet> this allows us to graph the churn effect over time
15:22:10 <dgoulet> to give you an idea, currently we are testing 6 stable .onion
15:23:03 <dgoulet> over a period of 5 days, we had 10 churn event
15:23:36 <asn> what does this mean "10 churn event"?
15:23:37 <dgoulet> meaning that one HSDir was replaced by another one and we had issues getting the descriptor for x seconds
15:23:56 <dgoulet> example: 42trjykibhsn75x7iq3hyl2bhftd7gbw,E6D2E1AE957781BE0F9C4F0CEF35FA0F6D55D1D1,3g2upl4pq6kufc4m,1432997674.25173,1433020080.000893,1433020080.000893,1433021887.726652,2,1433021887.726652,NOT_FOUND
15:24:25 <ohmygodel> so youre doing descriptor lookups only
15:24:49 <asn> so "10 churn event" means that you tried X times to fetch the descriptor, and 10 times you failed to get it from the first expected HSDir?
15:24:57 <asn> over a period of 5  days
15:25:01 <dgoulet> ohmygodel: yes for now, I used to reached them with torsocks but that wasn't that reliable with an external process and expecting a result
15:25:16 <dgoulet> asn: hrm ok let me try to rephrase that
15:25:57 <dgoulet> every new consensus, we compute the desc ID and set of hsdirs responsible for it, then we launch a desc. fetch on them
15:26:09 <dgoulet> we log down the result
15:26:36 <dgoulet> after that we diff the *previous* set of hsdirs to the new one
15:26:47 <dgoulet> if there is a difference, it means we have churn so we launch a fetch on the new one
15:26:58 <dgoulet> 100% of the time, the HSDir doesn't have the descriptor
15:27:11 <dgoulet> so we retry every 15 minutes and at some point the desc. appears
15:27:21 <dgoulet> at that point, we log the event (like the line above)
15:27:58 <dgoulet> we can log more stuff, adding an analysis is easy now
15:28:33 <asn> 15:26 < dgoulet> every new consensus, we compute the desc ID and set of hsdirs responsible for it, then we launch a desc. fetch on them
15:28:36 <asn> 15:27 < dgoulet> if there is a difference, it means we have churn so we launch a fetch on the new one
15:28:41 <asn> "on the new one"?
15:28:48 <asn> do you fetch twice from the new HSDir set?
15:28:49 <dgoulet> but the main point of this initial analysis was to answer questions like Does churn happens frequently? Do we need to make HSDir more stable? Is 6 HSDir too much?
15:28:59 <asn> right
15:29:10 <dgoulet> asn: sorry launch a fetch on the old and new one
15:29:15 <dgoulet> asn: no double fetch
15:29:26 <asn> ok
15:29:26 <dgoulet> asn: kind of was confusing in my attempt to summarize :S
15:29:31 <asn> no worries
15:29:44 <asn> and you say "100% of the time the HSDir doesn't have the descriptor"
15:29:45 <asn> why is that
15:29:46 <asn> ?
15:29:55 <asn> because the HS hasn't realized the HSDir set has changed?
15:29:56 <dgoulet> the hs tool takes the latest consensus from Collector
15:30:00 <dgoulet> like by the second it's published
15:30:09 <asn> ok that makes sense
15:30:15 <dgoulet> so the HSDir and HS doesn't have that consensus
15:30:32 <asn> that makes sense
15:30:46 <asn> and did you see the graphs of karsten?
15:30:55 <asn> were they what  you expected?
15:31:19 <dgoulet> asn: yeah looked at it but I'm kind of confused by it and I need to read the R files to see what's up there, I haven't taken the time to do that yet :S
15:31:41 <asn> ok
15:31:46 <asn> i also got a bit confused
15:32:02 <asn> but i was not sure what graphs would be helkpful for this use case
15:32:16 <asn> ohmygodel: any questions about hs health?
15:32:19 <dgoulet> I don,t know either, this is why I asked karsten :)
15:32:23 <asn> otherwise we can jump to next topic?
15:32:24 <dgoulet> the master visualizator!
15:32:34 <ohmygodel> asn: nope, dgoulet explained it at the level i was looking for
15:32:58 <dgoulet> I want to crunch the data I have and come up with reachability numbers, that we can do
15:33:06 <dgoulet> % of failure, % of reachability, etc...
15:33:22 <asn> ok
15:33:27 <dgoulet> the churn is so low now that my guess it's 100% reachability....
15:33:43 <asn> ah interesting
15:34:02 <dgoulet> so we might want to jump in the IP reachability analysis after that, which shouldn't be difficult nor long at all to add tot he tool
15:34:28 <dgoulet> but that tool is also finding HSDir that don,t behave...
15:35:08 <asn> ok thx
15:35:15 <asn> so let's move to HS meeting on July as the new topic?
15:35:18 <dgoulet> yesssss
15:35:30 <asn> ok
15:35:51 <asn> ok
15:35:54 <asn> so judging by the moodle
15:36:17 <asn> i'm tempted to say that the HS meeting starts on the 9th of July
15:36:28 <asn> and goes on to 13th+
15:36:43 <asn> or maybe we could say that the meeting will be on the 9th, the 10th and the 13th?
15:36:45 * karsten arrives late to the meeting
15:36:50 <asn> so that we don't include weekends?
15:38:11 <dgoulet> could be a good idea since I think armadev wanted to go back to his home over the weekend ?
15:38:28 <ohmygodel> who is coming to thing other than sponsor r people
15:38:28 <asn> right
15:38:33 <dgoulet> I'm also fine with 5 days, we could simply have the weekends to be less crazy with work
15:38:42 <asn> dgoulet: ye
15:38:47 <dgoulet> ohmygodel: doodle has a the list of people
15:39:03 <asn> ohmygodel: special, griffin, jesse (the SoP student)
15:39:14 <asn> ohmygodel: are the non-R candidates
15:39:19 <dgoulet> mrphs also
15:39:23 <asn> yes mrphs too
15:39:26 <asn> maybe sysrqb
15:39:35 <asn> maybe we could also recruit more spontaneous people at PETS
15:39:51 <dgoulet> Runa is often around DC so maybe :)
15:40:02 <ohmygodel> i dont think i ever got a link to the doodle
15:40:07 <ohmygodel> link pls ?
15:40:12 <asn> http://doodle.com/6uanqhf6ubpv8eay62bzmkc4/admin#table
15:40:14 <ohmygodel> thx
15:40:21 <asn> i think this might be the admin link. hack everything.
15:40:28 <dgoulet> oh yeah the admin link! ahah
15:40:32 <syverson> Probably good to recruit before PETS from likely attendees.
15:40:52 <dgoulet> what about Nick Hopper? he knows 224 quite a bit
15:40:53 <asn> syverson: tbh i have not thought about the agenda at all, and hence i don't know the ideal group meeting
15:41:00 <ohmygodel> who is kernelcorn? collin anderson ?
15:41:05 <asn> *the ideal group size
15:41:09 <asn> ohmygodel: ehm. jesse victors
15:41:13 <dgoulet> ohmygodel: Collin is cda, we've met him last time in dc
15:41:14 <asn> ohmygodel: our SoP student
15:41:21 <ohmygodel> ha no way i thought he was in utah
15:41:22 <ohmygodel> cool
15:41:25 <asn> ohmygodel: that does OnioNS
15:41:41 <asn> ohmygodel: he is coming for PETS and might trail along for the meeting
15:41:56 <syverson> I don't mean recruit this week. But if you ask someone who traveled to PETS if s/he can bounce down to DC the following week, you're likely to fail.
15:42:11 <syverson> Better to ask them at least somewhat ahead of time.
15:42:16 <asn> yes that's true
15:42:27 <asn> i'm just not sure what's the ideal group size. do we need more people or less people?
15:42:41 <asn> and i'm also a bit hesistant on becoming the organizer here :)
15:42:51 <syverson> Probably less people than we think we need ;>)
15:42:51 <dgoulet> space is kind of limited in the building we are heading to :S
15:43:15 <asn> it would still be worth discussing agenda/topics before the meeting
15:43:22 <asn> maybe we should do this with emails during the following weeks
15:43:44 <asn> so that we don't go there and be like "ah nice we are all here. now what?"
15:43:55 <dgoulet> +1
15:44:22 <asn> ohmygodel: syverson: any opinions on whether we should do it (9th, 10th, 13th) or just 9th to 13th?
15:44:40 <asn> or just 9th to 13th and mention "activity during weekend is going to be limited"
15:45:07 <ohmygodel> asn: no opinion
15:45:22 <syverson> I think we don't need to over-engineer. This can be worked out with the topics discussion. And the probably lighter load on the weekend option sounds fine.
15:45:34 <asn> syverson: ok thx
15:45:45 <asn> ok
15:45:52 <asn> i will send an email about this stuff soon then.
15:45:59 <dgoulet> asn: one more thing
15:46:32 <asn> sure
15:47:05 <dgoulet> asn: since I might stay in dc for 2weeks+, the airbnb option would be the sane one for me, did you already handled the accomodation?
15:47:26 <asn> not at all.
15:47:42 <asn> but i will stay in DC for much less than 2 weeks.
15:47:53 <dgoulet> asn: that's fine since I'll stay in the airbnb anyway :P
15:47:54 <asn> if you think it makes sense to stay in the same place, i'm very fine with it.
15:48:07 <isabela> hmm
15:48:10 <dgoulet> asn: you might prefer an hotel also, feel free to do so
15:48:17 <asn> i prefer airbnb over hotel in general
15:48:39 <dgoulet> asn: my argument for an airbnb is for a kitchen! so I can avoid restaurant every days...
15:48:41 <asn> another option would be to get an airbnb for the HS meeting for 5-6 people, and then another airbnb for you for the rest of the days.
15:48:53 <asn> but i don't really care.
15:49:00 <asn> dgoulet: yes kitchen good!
15:49:11 <dgoulet> asn: yeah this is basically what I thought but no reply on my email about it so I guess people are all set except us two
15:49:17 <dgoulet> and I kind of need to book that *soon* :)
15:49:39 <asn> ok
15:49:50 <asn> then please book!
15:49:55 <asn> should i look at the options again?
15:49:58 <asn> i can do so tonight!
15:50:03 <dgoulet> asn: yeah ideally :)
15:50:22 <asn> ok i'll check the email tonight. latest tomorrow.
15:50:23 <asn> thx
15:50:28 <dgoulet> and griffin did propose another neighborhood
15:50:31 <dgoulet> ok thanks!
15:50:44 <asn> griffin prob knows best
15:51:01 <dgoulet> I choose the closest :P very fun to walk 2 min
15:51:06 <dgoulet> and not take the rush hour subway :P
15:51:11 <asn> aha
15:51:33 <ohmygodel> dgoulet: fyi columbia heights is a 40min metro right from ballston at best
15:51:34 <dgoulet> anyway let's move that to the email thread, thx!
15:51:43 <dgoulet> ohmygodel: 40min! woa
15:51:51 <ohmygodel> yeah not at all close
15:52:25 <dgoulet> airbnb I proposed are expensive but way *LESS* than the hotel nearby so it's a win-win
15:52:30 <asn> brb
15:52:55 <dgoulet> isabela: yes ?
15:52:59 <ohmygodel> ok nice chatting with you all again
15:53:00 <dgoulet> re: 11:48 < isabela> hmm
15:53:03 <ohmygodel> im off
15:53:06 <dgoulet> ohmygodel: cheers!
15:54:25 <karsten> dgoulet: I only skimmed backlog briefly, but did you have questions about graphs?
15:54:32 <syverson> Is the meeting done?
15:54:45 <dgoulet> karsten: I will but I haven't had time to analyze it so probably will be by email :)
15:54:58 <karsten> ok.
15:55:02 <dgoulet> syverson: I think so, we covered the two talking points so I guess? :)
15:55:37 <syverson> OK. Bye for now all.
15:55:43 <dgoulet> syverson: au revoir!
15:55:46 <asn> thanks!
15:56:12 <asn> #endmeeting