15:58:18 <itchyonion> #startmeeting tor anti-censorship meeting 15:58:18 <MeetBot> Meeting started Thu Mar 23 15:58:18 2023 UTC. The chair is itchyonion. Information about MeetBot at http://wiki.debian.org/MeetBot. 15:58:18 <MeetBot> Useful Commands: #action #agreed #help #info #idea #link #topic. 15:58:18 <itchyonion> here is our meeting pad: https://pad.riseup.net/p/tor-anti-censorship-keep 15:58:18 <itchyonion> feel free to add what you've been working on and put items on the agenda 15:58:26 <itchyonion> hello 15:58:45 <onyinyang[m]> hihi o/ 15:58:56 <meskio> hell 15:59:07 * arma2 supplies a vowel for meskio 15:59:08 <shelikhoo> Hi~ (I won't update the pad this time) 15:59:41 <itchyonion> shelikhoo you should be on vacation :) 15:59:55 <meskio> yes, better with an o at the end :) 16:00:08 <shelikhoo> Yes... But I reached hotel before just before meeting beginning... 16:00:30 <shelikhoo> Joining opportunistically... 16:00:38 <itchyonion> hehe 16:00:49 <hackerncoder> hello o/ 16:01:14 <itchyonion> Ok. Moving on to the first discussion point 16:01:21 <itchyonion> renovate bot to update dependencies on our projects 16:01:21 <itchyonion> https://gitlab.torproject.org/tpo/tpa/renovate-cron 16:01:40 <meskio> this is mine 16:02:03 <meskio> if you are subscribed to notifications from gitlab you might have noticed tons of merge requests in rdsys 16:02:14 <cohosh> (related to https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snowflake/-/issues/40194) 16:02:21 <meskio> I'm experimenting with micah to use renovate 16:02:40 <meskio> a bot that opens automatically merge requests for outdated libraries 16:02:53 <meskio> for now is only activated in rdsys 16:03:10 <meskio> it requires some tunning 16:03:16 <meskio> and I have only used for a day 16:03:27 <meskio> but this might be a useful tool for all our projects 16:03:58 <meskio> cohosh: yes, saw people complaining that some libraries in snowflake are outdated, this is part of the motivation 16:04:12 <meskio> -> https://github.com/tladesignz/IPtProxy/issues/45 16:04:30 <cohosh> i think this is a great idea, though i'd prefer more integration testing to go along with it 16:04:33 <shelikhoo> There is something know as dependencybot on GitHub that do similar things... 16:04:44 <cohosh> it happened once in the past that a bump to pion/webrtc broke some things in snowflake 16:05:16 <meskio> yes, this scares me a bit, we need better testing to go along, but at least to get notified that there new version of libraries might be useful 16:05:26 * cohosh nods 16:06:09 <meskio> unless that other people want to experiment with it I'll keep the bot pointed to rdsys for some weeks and report back then to see if we can extend it to other projects 16:06:24 <itchyonion> right now for rdsys, does it open a MR for every library if it's not the latest version? 16:06:35 <meskio> exactly, it does that 16:07:18 <meskio> some libraries are mayor upgrades, it does update the include but oviously doesn't know of the other changes that might be needed 16:07:33 <meskio> this can be disabled in the config, so only do minor updates 16:07:58 <itchyonion> makes sense 16:08:14 <meskio> there are bunch of knobs in the config that could be tuned, but is not amazingly clever, just do the basics 16:09:23 <meskio> BTW, the issue I'm linking from IPtProxy, we might want to update the x/net and x/crypt libraries in snowflake 16:10:18 <meskio> obfs4 is a bit trikier, but maybe is a good excuse to push forward the fork, I can do that 16:10:41 <itchyonion> ok adding to the action items 16:11:05 <cohosh> did this MR fix it? https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snowflake/-/merge_requests/137 16:11:52 <shelikhoo> Gitlab crashed? 16:12:11 <meskio> yes, not loading here, but maybe is already fixed 16:12:17 <arma2> TPA has been trying to get gitlab to resume sending emails, so, yeah it looks like it is not in a good state quite now 16:12:20 <cohosh> yes i think so 16:12:51 <itchyonion> it's loading for me 16:13:12 <shelikhoo> both library was updated in this MR 16:13:23 <arma2> (loaded for me too after several tries + waiting) 16:14:08 <meskio> that mr is using x/crypto 0.6 while there is already a 0.7 and x/net 0.7 while there is already a 0.8 16:14:40 <meskio> but is a already a bump on the version 16:15:13 <meskio> the versions we are using are from february, I guess there is no major security issues with them 16:15:49 <meskio> cool, I'll mention the fix on the snowflake side in their issue 16:16:37 <meskio> I don't have anything else on this topic 16:17:03 <itchyonion> Looks like that's the only discussion point. Before moving on to the next section, want to let people know I created https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snowflake/-/issues/40267 as a follow up to last week's meeting. While the discussion was really good last week, no action item came out of last week's meeting. We can continue the discussion in the issue. 16:17:22 <itchyonion> Ok. Moving on to interesting links: 16:17:31 <itchyonion> https://github.com/guardianproject/orbot/releases/tag/17.0.0-BETA-2-tor.0.4.7.11 16:17:31 <itchyonion> https://github.com/guardianproject/orbot/commit/c3f6ee18f17770a5904ad19c3cd24b9c8dcb3885#diff-6da94c8e7d86d1c396305c45d7ab2f787830efa8580d100aa10707c26011f288 16:17:32 <dcf1> I have in my todo list to make an issue to warn whenever KCPInErrors is nonzero 16:17:57 <itchyonion> 👍 16:18:20 <itchyonion> 2023-03-15 Orbot for Android v17 BETA 2 released with snowflake-02 bridge 16:18:20 <itchyonion> snowflake-02 metrics: https://metrics.torproject.org/rs.html#details/91DA221A149007D0FD9E5515F5786C3DD07E4BB0 (multiply by 12) 16:19:04 <shelikhoo> dcf1: I have updated analysis for snowflake, but let discuss it next week: https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snowflake/-/issues/40251 16:19:51 <itchyonion> Anything we want to discuss about the content of the links? 16:20:15 <dcf1> Currently there are more users snowflake-02 from RU than from IR, which is the opposite of snowflake-01 16:20:32 <dcf1> I'm curious to know if that will switch now that Orbot is starting to know about snowflake-02 16:20:47 <dcf1> I'm not sure if this beta release of Orbot is widely available to users yet or not 16:20:57 <meskio> we'll see when they release it, not sure how hard is for iranian users to update android apps 16:21:02 <dcf1> snowflake-01: bridge-ips ir=32552,us=13296,ru=3480,cn=1104,de=448,??=336,mu=240,... 16:21:13 <dcf1> snowflake-02: bridge-ips ru=2664,ir=1408,us=736,cn=704,??=304,de=168,by=120,fr=104,... 16:21:31 <shelikhoo> Without auto update, user often don't bother to update their app 16:21:54 <meskio> isn't playstore autoupdating? but maybe playstore is blocked in Iran... 16:22:22 <dcf1> There was a quick increase in users back in November 2022 when Orbot started releasing 16.6.3-RC-1-tor.0.4.7.10 with uTLS in snowflake 16:22:35 <shelikhoo> Play store would work with Vpn like proxy if correctly configured 16:22:51 <dcf1> so I'm not worried, I think it'll get there 16:23:02 <meskio> :) 16:23:29 <dcf1> I'm just saying since it's a beta, I don't know if it's automatically available to all users 16:24:09 <meskio> I guess no 16:26:03 <arma2> for one anecdotal data point, i succesfully used vanilla tor in uae, both on an american hotel wifi (not surprising) and on the local mobile network (a bit more interesting of a data point). but tor's websites were blocked on both. 16:26:29 <arma2> i'm not sure quite how the censorship works (i think there is no national firewall etc). but i still have some connections there if we turn out to have questions in the future. 16:26:52 <meskio> cool, we should explore options for a vantage point there 16:27:05 <arma2> i did not get any bites on the 'hey what vps should i get' question 16:27:23 <arma2> i can definitely get you a vantage point on an uncensored network, but, that is not so useful 16:27:36 <meskio> a pity 16:27:41 <shelikhoo> One possibly is host a small device in someone's home... 16:28:03 <meskio> we could start shipping around raspis :) 16:28:31 <arma2> this was arturo's strategy with ooni in ethiopia long ago. so if you move forward with that idea, ask arturo for lessons-learned :) 16:28:48 <shelikhoo> Yes! 16:29:25 <arma2> (a simpler idea is to ask people to run ooni from their homes, and then make sure ooni does the tests we need. but also, many of these people are in less-censored homes.) 16:30:35 <shelikhoo> vantage point is often used to test private bridge that is not published 16:31:14 <shelikhoo> So we need the change how long works to achieve the same goal 16:31:29 <meskio> there was some ideas around in the past of giving ooni access to some private bridges to test as vantage points 16:31:58 <meskio> but it looks like breaking our distributor model 16:33:12 <meskio> we could explore more that idea, or at least see if ooni's snowflake tests are enough for use or how to improve them 16:33:45 <itchyonion> I noticed they took out "stun:stun.stunprotocol.org" in this beta release. I think that's the one we received an email from its maintainer because of too much traffic. Hopefully this solves the issue for that person. 16:34:41 <itchyonion> Anything more on this topic? 16:34:55 <meskio> EOF 16:35:02 <arma2> eof too 16:35:03 <itchyonion> Unless I missed something, that's the last item of the meeting 16:35:54 <itchyonion> #endmeeting