#tor-meeting log

16:15:53 <shelikhoo> #startmeeting tor anti-censorship meeting
16:15:53 <shelikhoo> here is our meeting pad: https://pad.riseup.net/p/r.9574e996bb9c0266213d38b91b56c469
16:15:53 <shelikhoo> feel free to add what you've been working on and put items on the agenda
16:15:53 <shelikhoo> the read-write link for meeting pad can be requested via direct message
16:15:53 <MeetBot> Meeting started Thu Apr 18 16:15:53 2024 UTC.  The chair is shelikhoo. Information about MeetBot at http://wiki.debian.org/MeetBot.
16:15:53 <MeetBot> Useful Commands: #action #agreed #help #info #idea #link #topic.
16:16:11 <meskio> hello
16:16:13 <theodorsm> Hi:)
16:17:03 <onyinyang[m]> Hello!
16:17:05 <shelikhoo> I see I was the one hosting the last meeting in absentia
16:17:10 <shelikhoo> in the pad
16:17:29 <shelikhoo> so maybe I should actually host it this time
16:17:47 <meskio> :)
16:18:38 <meskio> I'm a bit lost on who's turn it is, but I think I did host the last one
16:19:06 <shelikhoo> we should have something like a queue in the pad
16:19:27 <shelikhoo> and once someone hosted the meeting, will be move to the tail of the queue
16:19:51 <shelikhoo> and the first one available in the queue will host the meeting
16:20:10 <meskio> I think that was the idea of the 'Facilitator/this week facilitator', but I think is confusing
16:20:20 <onyinyang> the queue is already sort of there, since there's only 3 of us >.<
16:21:23 <shelikhoo> yes, it is more clear to make it explicit, since the mental queue was immediately corrupted when someone afk
16:21:42 <meskio> I think you should give it a try to improve it
16:21:55 <shelikhoo> yes!
16:22:04 <shelikhoo> anyway, let's start the discussion
16:22:12 <shelikhoo> Latest snowflake addon reviewer feedback requires a consent prompt for the collection of personal data
16:22:12 <shelikhoo> https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snowflake-webext/-/issues/89
16:22:21 <shelikhoo> I think this is from cohosh?
16:22:30 <cohosh> i must have added it a few weeks ago
16:22:36 <cohosh> it's been implemented now
16:22:53 <cohosh> the good news is, our extension is back on the mozilla addon store :)
16:22:55 <shelikhoo> yes, I see there was email about new signature required
16:23:05 <shelikhoo> yes, I see there was email about new signature format required
16:23:25 <meskio> \o/
16:23:31 <cohosh> right, i want to upload a new version soon anyway and can take care of that then
16:24:38 <shelikhoo> yes... thanks for taking care of that!
16:24:45 <onyinyang> yay!
16:25:03 <shelikhoo> I will move to interesting link part
16:25:06 <shelikhoo> Snowflake support in Greatfire Envoy (using their own proxies and bridge as I understand)
16:25:06 <shelikhoo> https://github.com/greatfire/envoy/pull/63
16:25:31 <dcf1> Envoy is a library that implements a bunch of circumvention techniques
16:25:44 <dcf1> Including meek and Snowflake
16:26:30 <dcf1> When I learned that there are third-party users of Snowflake, I thought that perhaps it could explain some unexplained features in our graphs, such as when we see a sudden recovery of users on snowflake-02 after a domain fronting change for example
16:26:51 <dcf1> But my current understanding is that Envoy is using its own bridge and its own proxies, which is interesting in itself
16:26:59 <dcf1> I'm planning to get in touch with them to learn more
16:27:14 <meskio> ohh, interesting, are they using it without Tor?
16:27:19 <dcf1> I think so
16:28:56 <shelikhoo> It was nice to see snowflake getting more adoption
16:29:02 <meskio> yeah
16:29:28 <shelikhoo> although the fragmentation of proxy pool seems inevitable
16:29:38 <dcf1> I also learned that Lantern's snowflake-like has a badge on the front page of China Digital Times https://chinadigitaltimes.net/
16:30:11 <dcf1> I don't know, Lantern has told me they designed their proxy pool to be reusable, perhaps there is a way for multiple projects to share one pool of proxies.
16:31:19 <shelikhoo> yes, I hope that will be true one day
16:32:06 <cohosh> oh cool, is the globe a visualization of where connected clients are?
16:32:19 <shelikhoo> yes, it is
16:32:40 <shelikhoo> they showcased that to me in person
16:32:55 <shelikhoo> about that globe displaying where is the client
16:33:47 <shelikhoo> anything more we would like to discuss about this topic?
16:34:12 <meskio> not from me
16:34:16 <shelikhoo> "Snowflake Anonymous Network Traffic Identification" January 2024
16:34:16 <shelikhoo> https://link.springer.com/chapter/10.1007/978-981-99-9247-8_40
16:34:16 <shelikhoo> Research from China, too recent to have been referenced in the Snowflake paper
16:34:16 <shelikhoo> Corresponding author Xu Dawei also has a paper on secure rendezvous using a blockchain https://link.springer.com/chapter/10.1007/978-3-031-15777-6_14
16:34:30 <shelikhoo> any summary about this paper
16:34:32 <shelikhoo> ?
16:34:37 <dcf1> I found this paper randomly, I haven't read it yet.
16:34:45 <dcf1> I'm going to try to get a PDF today.
16:35:10 <shelikhoo> okay, maybe we can have a look and have a discussion about it soon.
16:35:27 <meskio> :)
16:35:47 <shelikhoo> I have learnt not to comment on a paper without reading it in full..
16:36:05 <shelikhoo> anything more we would like to discuss in this meeting?
16:36:16 <cohosh> does anyone remember what IP address assignment scheme we settled on for bridges with local addresses?
16:36:29 <cohosh> i was looking through old meeting notes but couldn't find the discussion
16:36:37 <dcf1> theodorsm: there's an issue that maybe could benefit from your attention: tpo/anti-censorship/pluggable-transports/snowflake#40357
16:36:53 <dcf1> theodorsm: you more than anyone would be in a position to know whether there is DTLS 1.3 in the wild
16:37:16 <cohosh> this is for bridges like meek and snowflake where we give an address in the 192.0.2.0/24 range
16:37:19 <meskio> I did close this issue, but happy to reopen it if we want to work on it
16:37:40 <theodorsm> 1.3 support is not being worked on AFAIK in the Pion lib
16:37:40 <dcf1> meskio: I think it was appropriate to close it. But theodorsm might have some insight.
16:38:17 <theodorsm> I don't think there is a golang lib out there that supports 1.3 properly
16:38:46 <dcf1> theodorsm: my question is more whether current browsers support DTLS 1.3
16:38:58 <dcf1> If they do not, there's no point in Snowflake using DTLS 1.3 in any case
16:39:29 <theodorsm> Ahh, yes. Chromium kinda support it, but I haven't seen it being used.
16:40:00 <theodorsm> When I have captured webrtc traffic in chromium and firefox, I have newer encountered 1.3
16:40:02 <dcf1> cohosh: tpo/applications/tor-browser-build#40624 could be the lead you are looking for
16:40:40 <cohosh> dcf1: yep, that's it. thanks!
16:41:14 <meskio> we should document that somewhere in the team wiki
16:41:33 <cohosh> yeah i can take care of that when i update rdsys-admin
16:41:42 <meskio> thanks
16:42:06 <shelikhoo> yeah, I think as anti-censorship tool, we don't always wants to use something new, as it would make censorship more likely to block it
16:42:34 <shelikhoo> okay, anything more we would like to discuss in this meeting?
16:43:18 <meskio> not from me
16:43:20 <shelikhoo> #endmeeting