15:58:23 #startmeeting tor anti-censorship meeting 15:58:23 here is our meeting pad: https://pad.riseup.net/p/tor-anti-censorship-keep 15:58:23 feel free to add what you've been working on and put items on the agenda 15:58:23 Meeting started Thu Dec 8 15:58:23 2022 UTC. The chair is shelikhoo. Information about MeetBot at http://wiki.debian.org/MeetBot. 15:58:23 Useful Commands: #action #agreed #help #info #idea #link #topic. 15:58:26 Hi~ 15:58:27 Hi~ 15:58:48 Oh this time I started the meeting at the exact second(seems to me) 15:59:13 XD 15:59:19 hello everybody 16:01:24 I won't be at next Tuesday's team sync meeting, but I don't have a lot of urgent things to discuss... AFK reachable over signal until next Wednesday for a personal vacation... 16:01:59 nice, vacations :) 16:02:10 I have few announcements 16:02:17 yes! 16:02:55 we have an outreachy intern, working on extending gettor to more IM/social media platforms, you'll see cece around in our communications channels 16:04:20 another announcement I have is that as usually we'll be AFK for new year break, there will not be meetings neither Dec 29 or Jan 5, we'll resume the meetings January 12 16:05:41 ohh, I see in the announcement's list that snowflake-02 is life with the new TB version, amazing 16:05:57 yes 16:05:58 great! it is finally here! 16:06:02 let's see how the load of the broker goes with the doubling of connections 16:06:17 ^~^ 16:06:26 we expect snowflake-02 to get about 50% of the Tor Browser traffic, which is maybe less than half of all snowflake traffic. 16:06:43 I think there are actually more snowflake users on Orbot than on Tor Browser. 16:06:59 ohh 16:07:12 should we talk with orbot people to inclue snoflake-02? 16:07:23 or let's wait a bit to see how it goes with TB 12? 16:07:35 yes we should, no rush though I think 16:07:46 yes. we could start chatting with them 16:08:10 but no need to push that on priority todo list 16:08:23 we have regular meetings with them because of sponsor 96, we can mention it in the next one (in January) 16:08:51 ok 16:09:14 I'll add it to the agenda of that meeting so I don't forget 16:10:53 anything more on this topic? 16:11:05 not from me 16:11:07 we can move on to the next topic: make obfs4 distinguishability reports public? 16:11:39 right, we postponed the original date of November 15 to give time for Tor Browser releases and bridge operators to upgrade 16:12:37 is it ok to make those issues public, or are we still waiting on anything? 16:12:42 did we run the scan again to determine as of now how many of them are upgraded? 16:13:13 I was waiting to make sure at least 50% are upgraded, so we have some certainty that most users get at least one bridge upgraded 16:13:20 https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/obfs4/-/issues/40008#note_2857416 16:13:43 last week we were not too far from it 16:14:20 I was thinking on sending a second round of emails to bridge operators asking to upgrade (to the ones that hasn't upgraded) 16:14:44 the last time the delivery to gmail addresses failed, I hope this is going to be fixed very soon 16:14:50 ohh 16:14:55 but maybe I'm blocking it without need 16:15:12 I think it doesn't matter much one way or another, just don't want it to sit forever. 16:15:20 delivery fail, as gmail detects it as spam, our sysadmins are working hard to fix it (see tor-project emails about it) 16:16:12 dcf1: I agree, let's not sit on it for ever, let me do a final push for bridges to upgrade and let's make it public 16:16:28 how do you feel about doing it as soon as we come back from the new year's break? January 7? 16:16:33 ok 16:16:37 +1 16:16:38 or I'm ok being convinced to do it now 16:16:46 I just prefer not to do it just before going AFK 16:16:59 let's do it after we return to work next year 16:17:24 sounds good, I'll change the deadline of the ticket 16:17:41 and sorry for pushing it back for so long 16:17:51 no apology necessary 16:17:59 :) 16:17:59 it is no one's fault 16:18:14 okay, anything more on this topic? 16:18:37 I said january 7, but that is a saturday, will do monday 9 :) 16:18:41 nothing else from me 16:19:00 let's move to does ajax.aspnetcdn.com still work in turkmenistan?? 16:19:19 we don't yet have access to turkmenistan's network environment 16:19:21 I added that, because AFAIK we use that for snowflake in TM, isn't it? 16:19:30 I was checking that 16:19:49 mmm, no cdn.sstatic.net, maybe I'm wrong 16:20:10 dig @95.85.120.6 ajax.aspnetcdn.com 16:20:14 dig @95.85.120.6 cdn.sstatic.net 16:20:21 neither of these gets DNS injection for me just now 16:20:27 so my question is because in our 'interesting links' section there is a mention about ajax.aspnetcdn.com being blocked in russia 16:20:32 we use that one for meek 16:20:42 but I see is not used for anything else 16:21:07 dcf1: nice, I guess we don't need to do anything there 16:21:38 meek is not working in russia, but there are other options and we've being planning to retire meek, hopefully we don't need to do anything with this 16:21:43 curl --connect-to ::telecom.tm: http://ajax.aspnetcdn.com/ 16:21:47 curl --connect-to ::telecom.tm: https://ajax.aspnetcdn.com/ 16:22:04 these also are not getting injection 16:22:13 https://github.com/net4people/bbs/issues/80#issuecomment-906533865 16:22:46 curl --connect-to ::telecom.tm: http://cdn.sstatic.net/ 16:22:49 curl --connect-to ::telecom.tm: https://cdn.sstatic.net/ 16:22:51 also seem ok 16:23:01 :) 16:23:40 I recall we did change the snowflake configuration in TM at some point and I thought we were using azure, but it looks like we dont, good 16:24:43 I don't have anything else on this topic 16:25:04 okay anything more we wants to discuss in this meeting? 16:25:18 I have something brief :-) 16:25:28 yes! please! 16:26:17 I'm working with nrl and with you on sponsor 28 work -- we are working on PT that hopefully has fewer distinguishability issues than obfs4 16:26:46 I'm hoping to attend these meetings more frequently to keep y'all updated about what we're up to 16:27:25 pretty cool, can we already see something on this PT? is it an evolution of obfs4 or something totally new? 16:28:05 but I just had one quick question for now: we were hoping to code the PT to be comptabile with both the current C tor client and with a future arti client... if we use the current PT spec, do you think we will be forward compatibile with the arti client? or are there planned changes to the api? 16:28:43 My guess is whatever is in arti 1.1.0 (the version with client PT support) is pretty close to final 16:28:58 meskio: we're working on a paper currently, so the design is somewhat still changing, but the idea is to have protocol flows look encrypted, but with more protocol strucuture than obfs4 currently has (ie not uniformly random in every packet) 16:28:59 the current pt spec: https://gitweb.torproject.org/torspec.git/tree/pt-spec.txt is already implemented in arti 16:29:04 I haven't tried it myself but they say they have tested with with existing PTs not specifically coded for arti 16:29:14 and the plan is to keep compatibility with it 16:29:18 oh, ok, awesome :-) 16:29:35 there are some details on how to run a PT in arti here: https://gitlab.torproject.org/tpo/core/arti/-/issues/333 16:29:41 (is in my queue of things to try :) 16:30:03 thanks, that's very helpful! 16:30:12 rwails: thanks for working on this, is going to be very useful :) 16:30:47 \o/ 16:30:52 'not uniformly random in every packet' sounds useful seeing that some censors are starting to block fully random traffic 16:31:06 yes, that's a large part of the motivation 16:31:11 :) 16:31:58 I'll love to see the paper when is public, we should add it to our reading group 16:32:16 I think that's all on that though, thanks again. working on it over the holiday break, so maybe I'll have something nice to say next meeting 16:32:30 sure! we can probably send some things in advance of publication, too 16:32:40 yes! I will be happy to try this tool once it is available.., 16:32:40 :) 16:32:50 thanks for working on this! 16:33:56 okay, anything more on this topic? 16:34:11 not from me 16:34:13 or anything more we wants to discuss in this meeting? 16:34:52 #endmeeting