15:58:41 #startmeeting tor anti-censorship meeting 15:58:41 Meeting started Thu Aug 25 15:58:41 2022 UTC. The chair is meskio. Information about MeetBot at http://wiki.debian.org/MeetBot. 15:58:41 Useful Commands: #action #agreed #help #info #idea #link #topic. 15:58:45 hello everybody! 15:58:48 here is our meeting pad: https://pad.riseup.net/p/tor-anti-censorship-keep 15:58:52 feel free to add what you've been working on and put items on the agenda 15:58:53 hi 15:59:26 hi~ 16:00:18 hello 16:01:08 I kept two points from last week in the agenda to see if we have something to talk about them or we can skip them 16:01:22 anything to talk about the snowflake manifest v3? 16:01:57 i don't have an update, my plan is still to get the badge-helper extension into better shape and then email tor-dev and tor-anticensorship about it 16:02:25 oh we did hear that brave is considering extending support for v2 in their browser 16:02:36 (which is based on chromium) 16:03:12 cool, thanks for taking care of it 16:03:29 about the other topic I kept: snowflake in turkmenistan 16:03:50 today I deployed the changes in circumvention settings to provide a custom snowflake bridge for TM 16:04:03 using azure and a selection of stun servers 16:04:12 let's see if users grow with that change 16:04:25 the stun servers are actually same set that are the default elsewhere 16:04:32 we've heard some reports of fastly working in TM, but maybe our domain name is blocked there 16:04:34 just using their alternate port 16:04:54 ahh, cool, do those stun servers allow for multiple ports? 16:05:12 they all implement rfc 5780 which requires two ip addresses and two ports 16:05:40 I see, cool 16:05:44 it seems like AGTS (one of the ISPs in tm) is only blocking port 3478, not 3479 16:06:30 this line still doesn't work in the other major ISP in tm though :/ 16:06:50 TM Telecom 16:08:07 :( 16:08:22 we've tried a few things in https://gitlab.torproject.org/tpo/anti-censorship/censorship-analysis/-/issues/40024 16:10:49 yep, let's keep trying things 16:11:16 or start exploring other options, maybe we can somehow curate the bridges we distribute to TM so they are in IP ranges that are not blocked 16:11:34 do we have a way to test if a IP is blocked in TM? 16:11:52 is that block bidirectional by IP? 16:11:55 or? 16:12:06 it looks like the block is not bidirectional 16:12:09 no, it's not bidirectional 16:12:36 meskio: we have found some obfs4 bridges in US that are not blocked in TM 16:13:07 and we're sharing on frontdesk with users in the country 16:13:24 nice 16:14:37 if this block is not bidirectional, how does it work on UDP traffics? 16:16:03 I have no idea 16:16:16 then there is only one way to find out 16:16:26 :) 16:17:10 anything else on this topic? 16:17:37 nothing from me 16:17:46 cool 16:17:54 I see there is a proposal for a reading group 16:17:59 that is mine 16:18:31 you may be aware back in 2019 I had a Chinese paper (from 2015) translated into English 16:18:40 the paper is on meek traffic classification 16:18:41 https://www.bamsoftware.com/papers-of-others/Tan2015a/Tan2015a.en.html 16:19:24 it turns out there is this whole parallel world of researchers, in China and elsewhere, writing about censorship and circumvention, but from the other side, you might say 16:19:58 the paper linked on the pad (https://ieeexplore.ieee.org/document/9020938 for the record) is another example of these, I think 16:20:18 it's about classifying Tor traffic with various PTs 16:20:54 I am thinking it would be a good idea to begin getting acquainted with this other world, and this paper is pretty recent and on-topic for this team 16:21:08 does the other side means censor/GFW connected? 16:21:12 yes 16:21:17 ohh, pretty interested 16:21:19 I'm in 16:21:23 there are quite a lot of these kind paper and patent 16:21:29 I mean, perhaps, it's not totaly clear yet 16:21:47 V2Ray once got call out in one of those classification patent 16:22:06 one of the authors, Gou Gaopeng, actually has a lot of publications on related topics, such as encrypted traffic classification: https://ieeexplore.ieee.org/author/37896091100 16:22:11 i'd also like to read it, thanks for finding this dcf 16:22:55 I remember the V2ray patent, I archived it at the time, it's this one: https://patents.google.com/patent/CN109981485 16:23:11 i remember reading this as well 16:23:15 https://patents.google.com/patent/CN109981485/en for bad english translation 16:23:47 wow 16:23:50 I think there are more publications of this type, but this one on Tor PTs is a good start I think 16:24:12 sounds good 16:24:30 should we give us two weeks to read it and discuss it Sept 8? 16:24:49 look at patent: "Status Withdrawn" 16:25:06 :) 16:25:09 it is actually because it became a rather public event in china 16:25:22 and the author have no choice but to do this 16:26:23 can you sue a censor for violating a patent? 16:27:30 right now a lot of censorship equipment are produced by civilian company 16:28:03 true, and I guess they use patents to protect their research... 16:28:40 like 启明星辰(https://www.venustech.com.cn) that said to be running GFW 16:29:02 but some of the patent are just for getting points for university 16:29:31 i think I remembered at that time a lot of people suspect the claims in the patents were untrue. I don't think the details were ever published; just a brief summary 16:29:48 In china many university have research quota/horse race for staff that tied with employment 16:30:01 so they will publish a lot of paper and patents 16:30:08 the quality of those will vary 16:30:36 shelikhoo: yes, I have heard of this Venustech, CDT has a page about them: https://chinadigitaltimes.net/space/%E5%90%AF%E6%98%8E%E6%98%9F%E8%BE%B0 16:31:57 dcf1: Yes, and this kind of censorship techs are being exported... 16:33:14 i've interviewed there before (not for the GFW team); they have a lot of netsec business 16:34:45 Yeah, anyway there are quite a lot of these paper from the other side, but the quality will vary 16:35:54 cool, are we all good on discussing this paper on Sept 8? 16:36:18 Yes from me 16:36:21 +1 16:36:53 great, should we move to the next topic? 16:37:28 this is more an announcement, I have deployed new versions of bridgedb and rdsys 16:37:46 bridgedb has a new design, looking more like the rest of tor websites 16:38:06 I know the images are broken in firefox/TB and the translations everywhere, we are working on it 16:38:34 if someone sees any problem with them poke me and I'll investigate 16:39:21 anything else for today? 16:39:41 Oh just a very small update on the progress of webtunnel pt 16:39:45 [info] handle_proxy_line(): Got a line from managed proxy '/var/lib/torwebtunnel/webtunnel': (VERSION 1) 16:39:45 Aug 25 15:44:54.000 [info] handle_proxy_line(): Got a line from managed proxy '/var/lib/torwebtunnel/webtunnel': (SMETHOD webtunnel 127.0.0.1:11000 ARGS:) 16:39:45 Aug 25 15:44:54.000 [info] parse_method_line_helper(): Server transport webtunnel at 127.0.0.1:11000. 16:39:45 Aug 25 15:44:54.000 [info] handle_proxy_line(): Got a line from managed proxy '/var/lib/torwebtunnel/webtunnel': (SMETHODS DONE) 16:39:46 Aug 25 15:44:54.000 [info] handle_methods_done(): Server managed proxy '/var/lib/torwebtunnel/webtunnel' configuration completed! 16:39:48 Aug 25 15:44:54.000 [info] save_transport_to_state(): It's the first time we see this transport. Let's save its address:port 16:39:50 Aug 25 15:44:54.000 [notice] Registered server transport 'webtunnel' at '127.0.0.1:11000' 16:39:55 ^~^ 16:39:57 Okay EOF 16:40:17 ohh, cool 16:40:23 shelikhoo: nice 16:40:44 👍 16:40:46 I will try to get it running in the next week 16:40:54 reminds me of an exchange between george and arturo and one of my first dev meetings 16:41:02 "are the bits flowing?" "the bits are flowing" 16:41:13 XD 16:41:34 Yeah! 16:41:35 let the bits flow 16:43:16 I'll wait another minute, and if there is nothing more I'll close the meeting 16:44:17 #endmeeting