#tor-dev log

16:59:10 <nickm> #startmeeting weekly network team meeting
16:59:10 <MeetBot> Meeting started Mon May 16 16:59:10 2016 UTC.  The chair is nickm. Information about MeetBot at http://wiki.debian.org/MeetBot.
16:59:10 <MeetBot> Useful Commands: #action #agreed #help #info #idea #link #topic.
16:59:13 <nickm> hello happy tor friends!
16:59:27 <nickm> I spent most of the last week in montreal, talking about hidden service stuff and hacking.
17:00:00 <Yawning> hi
17:00:07 <nickm> I've instituted a passive-aggressive code review enforcement plan in which I marked all previously needs_review items as review-group-1, and then declared that I would not feel obliged to review or merge anything till all of review-group-1 was reviewed.
17:00:08 <isabela> oi
17:00:24 <nickm> I've also reviewed and merged a lot of stuff.  This feels way better than begging for review.
17:00:40 <nickm> Merging some of that stuff has snowed me under with trying to make jenkins pass again.
17:00:58 <nickm> Then I'm planning to finish my leftover items from last month (!) and then implement the ed25519 link handshake at last.
17:00:59 <isis> hey hey :)
17:01:25 <xvzx> heya isis
17:01:46 <nickm> Oh, and today I talked with our friend Ben who works on uProxy about getting the PT stuff we talked about at valencia done.  The next step is to figure out which tasks have somebody who cares enough to make them happen.
17:02:01 <nickm> I hope to use this step to declare most of the ideas Not Our Problem in a way that leaves Ben and Brandon and everybody happy.
17:02:20 <nickm> I worry that I've already described 12 days of work. But who knows, could turn out fine.
17:02:23 <nickm> Excelsior!
17:02:27 <nickm> Any questions for me?
17:02:47 <Yawning> yeah, how much of the pt stuff will be my problem
17:03:23 <isabela> me wonders too, how much is our problem?
17:03:26 <nickm> zero I hope.
17:03:47 <Yawning> mmk
17:04:05 <nickm> Definitely, nothing that won't benefit us.
17:04:21 <Yawning> I worked on basket2.  It is probably at minimum viable product state, and I'm using it right now.
17:04:34 <Yawning> It still needs debugging, documentation (entirely non-exisitent) and review
17:04:49 <Yawning> and is missing some stuff I wanted to support (stubbed out)
17:04:51 <armadev> (why 12 days?)
17:05:09 <Yawning> and could use better link obfuscation than "basically what obfs4 does but better"
17:05:16 <isabela> nickm: this is great i will add this not to my log of work we are doing on pt to report later if you have anything (link etc) or at least comments on those tasks that you have generated to help triage
17:05:23 <isabela> nickm: stuff like this i can use in the report
17:05:50 <nickm> ok. you can use "nick met with ben"
17:06:02 <Yawning> (there is also "basically what basket does" as an option, but it's baltatnly obvious since it's targetted at a different adversary model, and guzzles bandwidth)
17:06:05 <isabela> Yawning: what is basket2?
17:06:10 <Yawning> obfs5
17:06:20 <isabela> ahh
17:06:28 <Yawning> if people think th ename is confusing I'll change it, but
17:06:33 <isabela> are these docs in that git link u gave me?
17:06:36 <Yawning> yes
17:06:39 <isabela> cool
17:06:41 <ncl> why do the versions keep starting at 2
17:06:44 <Yawning> it works, I'm using it
17:06:50 <Yawning> ncl: it doesn't?
17:07:03 <ncl> oh
17:07:10 <Yawning> https://github.com/yawning/basket
17:07:12 <ncl> (it was a joke isis made at that one talk)
17:07:13 <Yawning> there was a basket
17:07:17 <isis> nickm: was some of the stuff that broke jenkins stuff that i okayed during review?
17:07:40 <nickm> Yes, but I missed it too:
17:07:53 <Yawning> my plans are to write documentation, finish up the stuff that's stubbed out that I want but most people won't use
17:07:54 <nickm> windows doesn't have truncate(3), so when we merged my tests that used them, we broke windows compilation
17:07:57 <nickm> no biggie
17:08:02 <isis> oops :(
17:08:05 <isis> sorry about that
17:08:09 <nickm> fixed in 9abd7b8f90c6803e28529aa41c6da9601d1c9d01
17:08:12 <Yawning> unless there are more pressing things that require my attention
17:08:15 <nickm> no worries
17:08:17 <asn> o/
17:08:30 <Yawning> past that probably revisit my MT link handshake crypto branch or something
17:08:42 <asn> (hello from a small cafe with no wifi. me, special and dgoulet are connected through a small mobile phone.)
17:09:01 <Yawning> willscott has looked over some of the basket2 code/design
17:09:11 <Yawning> and had questions but I think my design choices are correct
17:09:14 <isis> ncl: there was also an obfs[1] iirc, but we never used it because it was just the PoC PT, iirc
17:09:34 <Yawning> any questions, comments or "no you should be doing something else"?
17:10:01 <nickm> Yawning: please help with code reviews too!
17:10:18 <armadev> good thinking
17:10:25 <Yawning> (nb: adding more link obfuscation is forward compatible since it's negotiated entirely dynamically)
17:11:07 <isis> last week, i reviewed #16794 #18956 #17158
17:11:14 <nickm> yay review
17:11:21 <isis> and i patched #11966
17:11:37 <nickm> as promised, /me won't look at #11966 till review-group-1 is empty :)
17:11:52 <armadev> i have an opinion on #11966, and will say it once i'm done with my review-group-1 ticket
17:12:06 * asn can go next
17:12:15 <Yawning> (guess not)
17:12:26 <isis> i had two interviews with the press, with CNN and the Intercept, which required a bunch of going back and forth between lawyers and journalists and talking with ailanthus and such
17:12:47 <isis> and i did a bit more debugging work on #7144, but didn't get very far
17:13:21 <isis> armadev: yay, thanks!
17:13:42 <asn> Hello. During the past week, I attended the hidden service hackfest in
17:13:45 <asn> Montreal. Did lots of stuff on prop224 and prop250. Blog post coming soon.
17:13:47 <asn> Today and tomorrow I plan to focus on code reviews, catching up with email,
17:13:50 <asn> writing the montreal hackfest blog post, and talking with kate about it.
17:13:51 <asn> EOF. Next?
17:14:36 <isis> oh, i also responded to a bunch of stuff and had more discussions concerning proposed PQ handshakes, and replied to more things on the thread
17:14:41 <isis> that's it for me
17:15:01 <nickm> one question since my PQ-friends are all here:
17:15:23 <isis> asn: i'm excited to hear what came of the onion service hackfest
17:15:49 <nickm> my guess is that we will see a whole pile of incremental improvements over the next several years, and if we spec sometyhing today we will have a better option in a year.  Am I much wrong?
17:16:01 <isis> no, that is correct
17:16:09 * isabela mostly worked on organizing grant proposals strategy and getting some pending tasks done with accounting.. this week i hope to get the points migrated to numbers and publishe reports on how things are going related to release etc
17:16:26 <isabela> i will also send an invite to a meeting to only talk about this stuff
17:16:30 <asn> isis: good to hear :) i should have a blog post ready for you in the next 2 days.
17:16:41 <isabela> and i wrote a blog post on whastapp+brazuka land
17:16:42 <isabela> done
17:17:32 <isis> nickm: léo, peter, and i also have a better handshake that at some point léo needs to explain to me the math because it's really weird sounding to me, and then i need to try to figure out a security reduction, then write a paper, then implement and benchmark it.
17:17:49 <isis> nickm: it's probably maybe roughly twice as fast, and twice as small as newhope
17:17:58 * isis waves hands in the air vaguely
17:18:43 <isis> nickm: what are your thoughts on waiting for something better versus doing the doable thing now?
17:19:13 <nickm> Oh, minor thing: wrt the SIDH page on wikipedia: somebody who does math stuff should confirm whether or not "communting" (note spelling) is a word, and correct it if it isn't.
17:19:56 <isis> i'm assuming they meant "commuting"
17:20:09 <nickm> isis: We have an in-progress proposal for improving and strengthening our crypto. So doing that work as paid work woudl be better than doing it free, if we expect to have a decision soon.
17:20:25 <nickm> isis: speaking from a technical pov otoh, I think doing our best soon, and better later, would be cool
17:20:57 <nickm> I assume "commuting" too, but I don't know enough algebra terms to be 100% sure there is no such thing as a "communting isogeny".
17:21:17 <Yawning> hm
17:21:56 <xvzx> commuting is correct
17:21:58 <isis> that's not very encouraging that the wikipedia page for SIDH says "non-communting isogenies" lol
17:22:42 <Yawning> if we wait for a perfect handshake to appear
17:22:47 <Yawning> we will end up with no handshake
17:22:47 <armadev> (or leave the wikipedia page broken and dead, since they don't let us edit it)
17:22:48 * nickm pronounces "communting" to rhyme with bunting and hunting
17:23:02 <Yawning> if we wait for a perfect annonymity net to appear, we wouldn't have tor either
17:23:08 <nickm> Yawning: true on both counts
17:23:19 <nickm> OTOH, if we tried to build Tor in 1985, we'd be SOL
17:23:27 <isis> this post is a pretty good introduction to SIDH, imo: https://www.lvh.io/posts/supersingular-isogeny-diffie-hellman-101.html
17:23:35 <nickm> #item https://www.lvh.io/posts/supersingular-isogeny-diffie-hellman-101.html
17:23:40 <nickm> cool
17:23:40 <xvzx> hunting commutation :P
17:23:45 <nickm> anybody else to check in?
17:24:06 <special> dgoulet says that 250 is going well
17:24:09 <nickm> Yawning: I think that now-ish is the right time to be thinking about PQ stuff
17:24:24 <Yawning> "it's too slow to be usable, the MIT license is in a docx file, and needs at least 5 more years of cryptanalysis, therefor it sucks" is a shorter introduction to SIDH
17:24:33 <special> I spent all of last week on hidden services things, editing 224, hsdir code, code review, etc. This week I want to get the 224 hsdir code more finalized.
17:25:08 <mikeperry> I am here. I will get to my review ticket this week. last week was mostly sandboxing study
17:25:24 <mikeperry> speaking of which, how hard would a named-pipe implementation of #12585 be? is that a nightmare?
17:25:32 <nickm> nope
17:25:36 <isis> Yawning: also that :)  but yeah, i meant more like "if one was curious, here's a description" rather than "THIS IS TOTALLY A THING EVERYONE NEEDS TO UNDERSTAND ASAP"
17:25:52 <mikeperry> nickm: for windows, I mean
17:26:42 <nickm> oh.
17:26:47 <Yawning> er
17:26:56 <Yawning> aren't named pipes like, pipes?
17:26:58 <isis> do we have any point system for "this is how many review points people should rack up in one month"?
17:27:01 <nickm> somewhere between "godawful" and "godfuckingawful"
17:27:06 <Yawning> (don't you need a different pipe per connection?)
17:27:11 <isabela> isis: yes
17:27:20 <isabela> isis: oh not for review
17:27:25 <isabela> isis: good thing tho
17:27:31 <Yawning> (multiple writer, single reader seems nightmarish)
17:27:34 <nickm> mikeperry: the issue is that in windows, there are "sockets" and "not sockets", and mixing them gives you fubar behavior.
17:27:53 <nickm> unless you use IOCP everywhere
17:27:54 <Yawning> per MS: "The pipe server must create multiple pipe instances to efficiently handle multiple clients simultaneously."
17:27:55 <nickm> which we don't.
17:29:20 <Yawning> since there's the experimental syscall translation layer, maybe windows will have af_unix
17:29:28 <armadev> do we know what continent teor is on now? (do we expect him here?)
17:29:39 <asn> he is still canada. but unavailable right now :(
17:29:50 <nickm> he's in north america. but we expect him only when we arrange for him to be around :)
17:29:55 <Yawning> mikeperry: COMSocket imo
17:29:59 <mikeperry> https://msdn.microsoft.com/en-us/library/windows/desktop/aa365588%28v=vs.85%29.aspx is an example pipe server
17:30:14 <mikeperry> Yawning: interesting, what is that?
17:30:17 <asn> he might appear in 15 minutes or so, or he might miss the meeting completely.
17:30:21 <Yawning> as in use COM
17:30:26 <Yawning> instead of named pipes
17:30:30 <armadev> ok
17:30:57 <mikeperry> I guess we can use any form of crazy windows IPC that doesn't require SECURITY_CAPABILITY_INTERNET_CLIENT
17:31:06 <Yawning> https://msdn.microsoft.com/en-us/library/windows/desktop/ms680573%28v=vs.85%29.aspx
17:31:47 <nickm> I'll say more about pipes on #tor-project; we're getting bogged down.
17:31:56 <mikeperry> ok
17:31:57 <mikeperry> sorry
17:32:53 <nickm> no worries
17:33:03 <nickm> any more checkins, or should we move on to discussion and weekly tasks?
17:33:06 <armadev> i'll leave my check-in here as "arma did some coding stuff last week".
17:33:33 <armadev> ("arma has some more coding stuff we plans to do this week, which is follow-ups to last week")
17:33:39 <armadev> s/we/he/
17:34:07 <asn> armadev: hey did you push all the stuff you hacked on to the internet?
17:34:12 <asn> armadev: like the hs descriptor refactoring?
17:34:28 <armadev> i think i pushed it all to the internet. what is the hs descriptor refactoring?
17:34:55 <asn> i thought you spent some time refactoring the HS descriptor structs or something.
17:34:59 <asn> but maybe im confused.
17:35:28 <armadev> ah. you mean rend-service-descriptor-t. i made one ticket, which i think teor or somebody looked at, and i have another ticket not yet made.
17:35:39 <armadev> (and no code for it)
17:35:43 <asn> ack
17:35:55 <armadev> #19022
17:36:24 <nickm> so, weekly topics.  Here are the 029-proposed tickets.
17:36:27 <Yawning> (so we're onto discussion now?)
17:36:30 <nickm> Every one we accept delays the release.
17:36:42 <nickm> Yawning: yup! got a topic?
17:36:53 <nickm> https://trac.torproject.org/projects/tor/query?status=!closed&keywords=~029-proposed
17:36:54 <Yawning> nothing that needs everyone
17:37:00 <isabela> nickm: ?
17:37:09 <isabela> delays?
17:37:16 <Yawning> if someone has a better idea for "how to do padding/delay" than "what obfs4 offers and Tamaraw" let me know
17:37:31 <isabela> ahh
17:37:48 <Yawning> (yeah I didn't end up using wtfpad because I didn't feel like writing implementations of the histogram stuff, blahblahblah w/e)
17:37:49 <isabela> sorry.. missed what your line before
17:38:09 <nickm> Yawning: My idea is "avoid doing too much work; we don't know that much about padding and delay"
17:38:26 <isabela> btw
17:38:38 <Yawning> nickm: yeah I can def punt on this
17:38:43 <isabela> release keeps increasing tickeets not decreasing tickets
17:38:58 <isabela> i am not sure if we should accept more unless is super uper urgent
17:39:29 <nickm> Yawning: the snarky version is "I am unsure we know a padding/delay method that pads anything other than our workloads or delays anything other than our release dates". :/
17:40:05 <nickm> isabela: so, I said nickm-says-yes to some items there
17:40:14 <armadev> isabela: i think nickm has sort of been following the "add it to 0.2.9 if it's got code and looks mostly ready"
17:40:18 <nickm> in particular, everything where somebody already wrong the code...
17:40:29 <asn> nickm: question: alex from MIT worked on ESTABLISH_INTRO. Are there other MIT sutdents working on other prpo224 cells?
17:40:30 <Yawning> nickm: the code will be releasable with documentation and review then
17:40:35 <nickm> everything where there was a bug affecting our security or correctness...
17:40:38 <nickm> asn: yhes
17:40:40 <nickm> *yes
17:40:46 <Yawning> and it will be a clear upgrade over obfs4
17:41:05 <armadev> nickm: should we be going through each 029-proposed ticket here? that was the plan right? except there are a lot of them?
17:41:07 <isabela> the thing is that
17:41:08 <asn> nickm: interesting. you know if there are tickets from the other students? or are we still waiting to hear from them?
17:41:43 <isabela> if we keep working on tickets out of the release and proposing them to be accepted when they are ready
17:41:55 <isabela> when we will work on those in the realese we prioritized during triage?
17:41:58 <nickm> asn: I should know more in a few days
17:42:00 <isabela> or is not the case?
17:42:03 <asn> nickm: ack thx
17:42:25 <teor> sorry I'm late
17:42:26 <nickm> isabela: maybe we should assign points before we make any 029/not-029 decisions?
17:42:35 <nickm> teor: welcome! We're glad you're here!
17:43:03 <nickm> isabela: I think most of the ones I like are an hour or two at most.
17:43:06 <Yawning> (oh yeah I forgot to mention I got my paperwork from accounting that I need to review/return)
17:43:09 <nickm> but I haven't checked.
17:43:26 <isabela> nickm: ok
17:43:40 <isabela> nickm: sounds good
17:43:47 <nickm> should we be using "1 point == 1 day" now, or "small/medium/large?"
17:44:13 <isabela> oh
17:44:14 <nickm> also, I am willing to just say "we delay every time we can" this release, on the theory that we have never known what it is like to defer too _many_ tickets :)
17:44:24 <isabela> on my update i said that i would like to convert to numbers this week
17:45:27 <isis> teor: o/
17:45:28 <isabela> nickm: can you explain better the 'we never know' part?
17:45:37 <nickm> isabela:
17:45:37 <nickm> okay
17:45:57 <nickm> Before, we have usally accepted way too many post-triage tickets.
17:46:05 <nickm> Sometimes, we accepted a few too many post-triage tickets.
17:46:25 <nickm> We have no experience of what it is like to accept _too few_ post-triage tickets.
17:46:51 <nickm> Maybe we are afraid of taking too few tickets in a release, because we have never tried it.
17:47:02 <isabela> to know this stuff is why we are building a capacity formula
17:47:07 <nickm> isabela: so, okay if I use numbers today? :)
17:47:20 <isabela> yes, of course
17:47:40 <armadev> is our goal to resolve all the 029-proposed tickets each week?
17:47:47 <armadev> (by resolve i mean choose in or out)
17:47:58 <nickm> armadev: it would be lovely but we don't have to
17:48:01 <armadev> ok
17:48:26 <nickm> however, I have to be a grumpy jerk about this stuff this year, since otherwise it isn't a real experiment
17:49:15 <nickm> have we got any other discussion topics?
17:49:22 <armadev> yeah, you totally should be stingy with what goes in
17:49:31 <nickm> are there any tickets marked 029-nickm-unsure where anybody wants to argue "wait this is important"?
17:49:40 <armadev> 0.2.10, aka 0.3.0, aka 1.0, will be out soon enough
17:49:43 <teor> I marked some
17:50:01 <armadev> teor marked #17945 for example
17:50:12 <nickm> isabela: there is also a volunteer-acquisition issue.  If people show up and start hacking code for us, and we don't merge it for 6 months, they are less likely to start being developers.
17:50:21 <teor> I took responsibility for #17945 because I will likely be paid to do it
17:51:05 <armadev> sounds like #17945 should stay in limbo until somebody shows up with code that looks not too complicated
17:51:09 <teor> I think we should do #18963 because it makes fallback circumvention actually work well
17:52:07 <teor> And #19045 I'd like to do because otherwise there's one special consensus every day, where if we fail, hidden services will use a predictable value
17:52:15 <armadev> #18963 is the "re-use the dir mirror that you just used" code?
17:52:16 <Yawning> so I have a discussion question
17:52:22 <nickm> Yawning: go for it!
17:52:31 <isabela> nickm: volunteers code should get special threatment on my point of view -- unless is something that would give you more work to review and get it merge that when you balance with the benefits it will bring it does not scores great points to really be worth doing
17:52:40 <nickm> yeah
17:52:41 <isabela> btw
17:52:45 <teor> (So that consensus becomes a target for bad actors and we have to avoid it in key migrations etc.)
17:52:53 <Yawning> fallback auths don't solve the "my isp is an asshole and blocks tor dir auths because they use cisco, call it spam" type issues right?
17:52:54 <isabela> last meeting we mentioned to add the actual points
17:53:01 <Yawning> for people that are opertating relays
17:53:04 <isabela> so we can measure our estimations
17:53:13 <isabela> if we are too off etc
17:53:22 <teor> Yawning: not for relays, because they have to upload to authorities. Only for clients.
17:53:27 <Yawning> "if I want to run a tor relay, I must be able to reach a majority of the dir auths"
17:53:30 <armadev> teor: #19045 is basically a change on a different thing, already scheduled for 0.2.9? so we should maybe think of it like a fix on that other already-scheduled thing?
17:53:34 <Yawning> is there anything we can do to fix this
17:53:49 <teor> armadev: yes, and yes, it's a change on the fallbacks thing
17:53:59 <Yawning> is there any reason why we *can't* allow descriptor uploads over tor for example
17:54:05 <nickm> Yawning: ah
17:54:23 <GeKo> tor browser meeting in 5 minutes
17:54:26 <teor> Yawning: well, that would work, and the code is already there
17:54:27 <Yawning> (see tor-relays@)
17:54:30 <armadev> if you're a relay and you can't reach the dir auths, you're probably not a good relay
17:54:31 <nickm> Yawning: that's our dirauth-decentralization thing. athena and I sketched some of that out. we need to break it down into little proposals
17:54:45 <armadev> (relays have to be able to reach all relays)
17:54:51 <Yawning> armadev: there was a post to tor-relays@ about
17:55:00 <Yawning> someone on a edu network being stuck behind some cisco thing
17:55:02 <isabela> !
17:55:06 <Yawning> that blacklists dirauths
17:55:13 <teor> armadev: yes, if you can't reach auths, then you might not be able to reach many other relays
17:55:22 <Yawning> (see I do read more than tor-dev@)
17:56:05 <teor> let me clarify: yes to armadev: irc://127.0.0.1:57722/#18963 is the "re-use the dir mirror that you just used" code?
17:56:13 <teor> bloddy adium leaks
17:56:18 <armadev> gosh.
17:56:25 <Yawning> https://lists.torproject.org/pipermail/tor-relays/2016-May/009247.html
17:56:39 <Yawning> I think this situation is
17:56:46 <Yawning> "fascist http transproxy"
17:56:53 <nickm> let's endmeeting here and move to #tor-project ?
17:56:53 <isabela> tor browser meeting :)
17:56:58 <teor> and #19045 is a shared random change
17:56:58 <isabela> yes
17:57:06 <teor> ok moving
17:57:09 <nickm> #endmeeting