15:58:08 <cohosh> #startmeeting tor anti-censorship meeting 15:58:08 <MeetBot> Meeting started Thu Mar 11 15:58:08 2021 UTC. The chair is cohosh. Information about MeetBot at http://wiki.debian.org/MeetBot. 15:58:08 <MeetBot> Useful Commands: #action #agreed #help #info #idea #link #topic. 15:58:13 <cohosh> hey everyone 15:58:24 <cohosh> here is our meeting pad: https://pad.riseup.net/p/tor-anti-censorship-keep 15:58:39 <cohosh> there's not much on the agenda for today 15:59:08 <dcf1> someone has helpfully translated the public bug-reporting pad to Chinese https://pad.riseup.net/p/tor-anti-censorship-bugs-keep 15:59:41 <dcf1> hanneloresx: are you here? can you say if the translation is any good? I will put the English back, but if the Chinese is fine, might as well keep it as well 15:59:42 <cohosh> oh nice! 16:00:15 <hanneloresx> the translation is great 16:00:40 <dcf1> thanks for checking 16:01:11 <hanneloresx> no prob 16:01:59 <cohosh> anybody need help or reviews for anything? 16:02:21 <dcf1> cohosh: I have some of your issues in my inbox waiting for attention 16:02:27 <dcf1> notably snowflake!30 16:02:34 <cohosh> ah thanks! 16:02:50 <cohosh> yeah i'm interested in your thoughts on that issue since it is related to turbotunnel 16:03:32 <dcf1> about https://gitlab.torproject.org/tpo/anti-censorship/censorship-analysis/-/issues/40002#note_2728512 16:03:52 <dcf1> were the bridge lines you sent obfs4 or vanilla? If vanilla, the problem may not be enumeration but active probing 16:04:00 <cohosh> we gave both 16:04:10 <cohosh> none of the vanilla bridges were blocked 16:04:21 <cohosh> only default and email distributed obfs4 bridges are blocked 16:04:27 <cohosh> and tor relays 16:04:40 <dcf1> hmm interesting 16:04:42 <cohosh> so we think it's specifically not dpi or active probing 16:04:46 <agix> hi 16:05:06 <cohosh> yeah, and actually only one email distributed bridge wasn't blocked and it was created at the end of february 16:05:13 <cohosh> agix: hi! 16:05:38 <cohosh> so i sent a few more bridge lines to check to see if we can pin down when the enumeration happened (if it did) 16:05:56 <cohosh> yeah this is really interesting 16:06:35 <cohosh> also the blocking itself looks unusal to me. do we know of more blocked that happens at the last ACK of the TCP handshake? 16:06:42 <cohosh> no RST or FIN packets 16:06:49 <dcf1> yeah that is familiar from something else 16:06:52 <cohosh> just everything disappears 16:06:54 <cohosh> ah ok 16:07:04 <dcf1> maybe the recent ESNI block in China was like that, server->client? 16:08:46 <cohosh> cool, maybe we can figure out what hardware/software the censors are using 16:08:49 <dcf1> er, I mean, if I understand correctly the situation in Belarus, the connection is blocked only after the server's SYN/ACK (which arrives at the client) 16:08:55 <cohosh> yup 16:09:46 <cohosh> with enumerating the bridges from the email bucket in bridgedb 16:10:02 <cohosh> it makes sense in some ways that that would be the distributor they go for 16:10:17 <cohosh> if they blocke bridges.torproject.org they might not think to enumerate those 16:10:50 <cohosh> and it's probably more difficult to write a script to enumerate moat bridges because of the CAPTCHA 16:11:38 <cohosh> all you need is a email address and a script that gets bridges like once a day and you're pretty much undetectable 16:11:45 <cohosh> *a gmail adress 16:13:48 <cohosh> anyway, i'm curious to see what happens 16:15:03 <cohosh> i wonder if we should put more effort into distributing private bridges in belarus 16:15:23 <cohosh> moat bridges still work and that's our most popular distributor 16:16:03 <cohosh> i'm also looking into the snowflake situation in china 16:16:21 <cohosh> it has become unusable and i'm not sure yet whether that's because of performance or if snowflake IPs are getting blocked 16:16:28 <cohosh> hopefully i'll have an udpate next week :) 16:17:06 <dcf1> yeah it's really hard to say 16:18:37 <cohosh> any other discussion for this week? 16:21:10 <cohosh> okay i'll end the meeting here 16:21:13 <cohosh> thanks everyone 16:21:17 <cohosh> #endmeeting