#tor-meeting log

15:58:41 <meskio> #startmeeting tor anti-censorship meeting
15:58:41 <MeetBot> Meeting started Thu Aug 25 15:58:41 2022 UTC.  The chair is meskio. Information about MeetBot at http://wiki.debian.org/MeetBot.
15:58:41 <MeetBot> Useful Commands: #action #agreed #help #info #idea #link #topic.
15:58:45 <meskio> hello everybody!
15:58:48 <meskio> here is our meeting pad: https://pad.riseup.net/p/tor-anti-censorship-keep
15:58:52 <meskio> feel free to add what you've been working on and put items on the agenda
15:58:53 <cohosh> hi
15:59:26 <shelikhoo> hi~
16:00:18 <itchyonion> hello
16:01:08 <meskio> I kept two points from last week in the agenda to see if we have something to talk about them or we can skip them
16:01:22 <meskio> anything to talk about the snowflake manifest v3?
16:01:57 <cohosh> i don't have an update, my plan is still to get the badge-helper extension into better shape and then email tor-dev and tor-anticensorship about it
16:02:25 <cohosh> oh we did hear that brave is considering extending support for v2 in their browser
16:02:36 <cohosh> (which is based on chromium)
16:03:12 <meskio> cool, thanks for taking care of it
16:03:29 <meskio> about the other topic I kept: snowflake in turkmenistan
16:03:50 <meskio> today I deployed the changes in circumvention settings to provide a custom snowflake bridge for TM
16:04:03 <meskio> using azure and a selection of stun servers
16:04:12 <meskio> let's see if users grow with that change
16:04:25 <cohosh> the stun servers are actually same set that are the default elsewhere
16:04:32 <meskio> we've heard some reports of fastly working in TM, but maybe our domain name is blocked there
16:04:34 <cohosh> just using their alternate port
16:04:54 <meskio> ahh, cool, do those stun servers allow for multiple ports?
16:05:12 <cohosh> they all implement rfc 5780 which requires two ip addresses and two ports
16:05:40 <meskio> I see, cool
16:05:44 <cohosh> it seems like AGTS (one of the ISPs in tm) is only blocking port 3478, not 3479
16:06:30 <cohosh> this line still doesn't work in the other major ISP in tm though :/
16:06:50 <cohosh> TM Telecom
16:08:07 <meskio> :(
16:08:22 <cohosh> we've tried a few things in https://gitlab.torproject.org/tpo/anti-censorship/censorship-analysis/-/issues/40024
16:10:49 <meskio> yep, let's keep trying things
16:11:16 <meskio> or start exploring other options, maybe we can somehow curate the bridges we distribute to TM so they are in IP ranges that are not blocked
16:11:34 <shelikhoo> do we have a way to test if a IP is blocked in TM?
16:11:52 <shelikhoo> is that block bidirectional by IP?
16:11:55 <shelikhoo> or?
16:12:06 <meskio> it looks like the block is not bidirectional
16:12:09 <ggus> no, it's not bidirectional
16:12:36 <ggus> meskio: we have found some obfs4 bridges in US that are not blocked in TM
16:13:07 <ggus> and we're sharing on frontdesk with users in the country
16:13:24 <meskio> nice
16:14:37 <shelikhoo> if this block is not bidirectional, how does it work on UDP traffics?
16:16:03 <meskio> I have no idea
16:16:16 <shelikhoo> then there is only one way to find out
16:16:26 <meskio> :)
16:17:10 <meskio> anything else on this topic?
16:17:37 <shelikhoo> nothing from me
16:17:46 <meskio> cool
16:17:54 <meskio> I see there is a proposal for a reading group
16:17:59 <dcf1> that is mine
16:18:31 <dcf1> you may be aware back in 2019 I had a Chinese paper (from 2015) translated into English
16:18:40 <dcf1> the paper is on meek traffic classification
16:18:41 <dcf1> https://www.bamsoftware.com/papers-of-others/Tan2015a/Tan2015a.en.html
16:19:24 <dcf1> it turns out there is this whole parallel world of researchers, in China and elsewhere, writing about censorship and circumvention, but from the other side, you might say
16:19:58 <dcf1> the paper linked on the pad (https://ieeexplore.ieee.org/document/9020938 for the record) is another example of these, I think
16:20:18 <dcf1> it's about classifying Tor traffic with various PTs
16:20:54 <dcf1> I am thinking it would be a good idea to begin getting acquainted with this other world, and this paper is pretty recent and on-topic for this team
16:21:08 <meskio> does the other side means censor/GFW connected?
16:21:12 <dcf1> yes
16:21:17 <meskio> ohh, pretty interested
16:21:19 <meskio> I'm in
16:21:23 <shelikhoo> there are quite a lot of these kind paper and patent
16:21:29 <dcf1> I mean, perhaps, it's not totaly clear yet
16:21:47 <shelikhoo> V2Ray once got call out in one of those classification patent
16:22:06 <dcf1> one of the authors, Gou Gaopeng, actually has a lot of publications on related topics, such as encrypted traffic classification: https://ieeexplore.ieee.org/author/37896091100
16:22:11 <cohosh> i'd also like to read it, thanks for finding this dcf
16:22:55 <dcf1> I remember the V2ray patent, I archived it at the time, it's this one: https://patents.google.com/patent/CN109981485
16:23:11 <itchyonion> i remember reading this as well
16:23:15 <dcf1> https://patents.google.com/patent/CN109981485/en for bad english translation
16:23:47 <meskio> wow
16:23:50 <dcf1> I think there are more publications of this type, but this one on Tor PTs is a good start I think
16:24:12 <meskio> sounds good
16:24:30 <meskio> should we give us two weeks to read it and discuss it Sept 8?
16:24:49 <shelikhoo> look at patent: "Status Withdrawn"
16:25:06 <meskio> :)
16:25:09 <shelikhoo> it is actually because it became a rather public event in china
16:25:22 <shelikhoo> and the author have no choice but to do this
16:26:23 <meskio> can you sue a censor for violating a patent?
16:27:30 <shelikhoo> right now a lot of censorship equipment are produced by civilian company
16:28:03 <meskio> true, and I guess they use patents to protect their research...
16:28:40 <shelikhoo> like 启明星辰(https://www.venustech.com.cn) that said to be running GFW
16:29:02 <shelikhoo> but some of the patent are just for getting points for university
16:29:31 <itchyonion> i think I remembered at that time a lot of people suspect the claims in the patents were untrue. I don't think the details were ever published; just a brief summary
16:29:48 <shelikhoo> In china many university have research quota/horse race for staff that tied with employment
16:30:01 <shelikhoo> so they will publish a lot of paper and patents
16:30:08 <shelikhoo> the quality of those will vary
16:30:36 <dcf1> shelikhoo: yes, I have heard of this Venustech, CDT has a page about them: https://chinadigitaltimes.net/space/%E5%90%AF%E6%98%8E%E6%98%9F%E8%BE%B0
16:31:57 <shelikhoo> dcf1: Yes, and this kind of censorship techs are being exported...
16:33:14 <itchyonion> i've interviewed there before (not for the GFW team); they have a lot of netsec business
16:34:45 <shelikhoo> Yeah, anyway there are quite a lot of these paper from the other side, but the quality will vary
16:35:54 <meskio> cool, are we all good on discussing this paper on Sept 8?
16:36:18 <shelikhoo> Yes from me
16:36:21 <itchyonion> +1
16:36:53 <meskio> great, should we move to the next topic?
16:37:28 <meskio> this is more an announcement, I have deployed new versions of bridgedb and rdsys
16:37:46 <meskio> bridgedb has a new design, looking more like the rest of tor websites
16:38:06 <meskio> I know the images are broken in firefox/TB and the translations everywhere, we are working on it
16:38:34 <meskio> if someone sees any problem with them poke me and I'll investigate
16:39:21 <meskio> anything else for today?
16:39:41 <shelikhoo> Oh just a very small update on the progress of webtunnel pt
16:39:45 <shelikhoo> [info] handle_proxy_line(): Got a line from managed proxy '/var/lib/torwebtunnel/webtunnel': (VERSION 1)
16:39:45 <shelikhoo> Aug 25 15:44:54.000 [info] handle_proxy_line(): Got a line from managed proxy '/var/lib/torwebtunnel/webtunnel': (SMETHOD webtunnel 127.0.0.1:11000 ARGS:)
16:39:45 <shelikhoo> Aug 25 15:44:54.000 [info] parse_method_line_helper(): Server transport webtunnel at 127.0.0.1:11000.
16:39:45 <shelikhoo> Aug 25 15:44:54.000 [info] handle_proxy_line(): Got a line from managed proxy '/var/lib/torwebtunnel/webtunnel': (SMETHODS DONE)
16:39:46 <shelikhoo> Aug 25 15:44:54.000 [info] handle_methods_done(): Server managed proxy '/var/lib/torwebtunnel/webtunnel' configuration completed!
16:39:48 <shelikhoo> Aug 25 15:44:54.000 [info] save_transport_to_state(): It's the first time we see this transport. Let's save its address:port
16:39:50 <shelikhoo> Aug 25 15:44:54.000 [notice] Registered server transport 'webtunnel' at '127.0.0.1:11000'
16:39:55 <shelikhoo> ^~^
16:39:57 <shelikhoo> Okay EOF
16:40:17 <meskio> ohh, cool
16:40:23 <dcf1> shelikhoo: nice
16:40:44 <itchyonion> 👍
16:40:46 <shelikhoo> I will try to get it running in the next week
16:40:54 <dcf1> reminds me of an exchange between george and arturo and one of my first dev meetings
16:41:02 <dcf1> "are the bits flowing?" "the bits are flowing"
16:41:13 <meskio> XD
16:41:34 <shelikhoo> Yeah!
16:41:35 <meskio> let the bits flow
16:43:16 <meskio> I'll wait another minute, and if there is nothing more I'll close the meeting
16:44:17 <meskio> #endmeeting