15:58:41 <meskio> #startmeeting tor anti-censorship meeting 15:58:41 <MeetBot> Meeting started Thu Aug 25 15:58:41 2022 UTC. The chair is meskio. Information about MeetBot at http://wiki.debian.org/MeetBot. 15:58:41 <MeetBot> Useful Commands: #action #agreed #help #info #idea #link #topic. 15:58:45 <meskio> hello everybody! 15:58:48 <meskio> here is our meeting pad: https://pad.riseup.net/p/tor-anti-censorship-keep 15:58:52 <meskio> feel free to add what you've been working on and put items on the agenda 15:58:53 <cohosh> hi 15:59:26 <shelikhoo> hi~ 16:00:18 <itchyonion> hello 16:01:08 <meskio> I kept two points from last week in the agenda to see if we have something to talk about them or we can skip them 16:01:22 <meskio> anything to talk about the snowflake manifest v3? 16:01:57 <cohosh> i don't have an update, my plan is still to get the badge-helper extension into better shape and then email tor-dev and tor-anticensorship about it 16:02:25 <cohosh> oh we did hear that brave is considering extending support for v2 in their browser 16:02:36 <cohosh> (which is based on chromium) 16:03:12 <meskio> cool, thanks for taking care of it 16:03:29 <meskio> about the other topic I kept: snowflake in turkmenistan 16:03:50 <meskio> today I deployed the changes in circumvention settings to provide a custom snowflake bridge for TM 16:04:03 <meskio> using azure and a selection of stun servers 16:04:12 <meskio> let's see if users grow with that change 16:04:25 <cohosh> the stun servers are actually same set that are the default elsewhere 16:04:32 <meskio> we've heard some reports of fastly working in TM, but maybe our domain name is blocked there 16:04:34 <cohosh> just using their alternate port 16:04:54 <meskio> ahh, cool, do those stun servers allow for multiple ports? 16:05:12 <cohosh> they all implement rfc 5780 which requires two ip addresses and two ports 16:05:40 <meskio> I see, cool 16:05:44 <cohosh> it seems like AGTS (one of the ISPs in tm) is only blocking port 3478, not 3479 16:06:30 <cohosh> this line still doesn't work in the other major ISP in tm though :/ 16:06:50 <cohosh> TM Telecom 16:08:07 <meskio> :( 16:08:22 <cohosh> we've tried a few things in https://gitlab.torproject.org/tpo/anti-censorship/censorship-analysis/-/issues/40024 16:10:49 <meskio> yep, let's keep trying things 16:11:16 <meskio> or start exploring other options, maybe we can somehow curate the bridges we distribute to TM so they are in IP ranges that are not blocked 16:11:34 <shelikhoo> do we have a way to test if a IP is blocked in TM? 16:11:52 <shelikhoo> is that block bidirectional by IP? 16:11:55 <shelikhoo> or? 16:12:06 <meskio> it looks like the block is not bidirectional 16:12:09 <ggus> no, it's not bidirectional 16:12:36 <ggus> meskio: we have found some obfs4 bridges in US that are not blocked in TM 16:13:07 <ggus> and we're sharing on frontdesk with users in the country 16:13:24 <meskio> nice 16:14:37 <shelikhoo> if this block is not bidirectional, how does it work on UDP traffics? 16:16:03 <meskio> I have no idea 16:16:16 <shelikhoo> then there is only one way to find out 16:16:26 <meskio> :) 16:17:10 <meskio> anything else on this topic? 16:17:37 <shelikhoo> nothing from me 16:17:46 <meskio> cool 16:17:54 <meskio> I see there is a proposal for a reading group 16:17:59 <dcf1> that is mine 16:18:31 <dcf1> you may be aware back in 2019 I had a Chinese paper (from 2015) translated into English 16:18:40 <dcf1> the paper is on meek traffic classification 16:18:41 <dcf1> https://www.bamsoftware.com/papers-of-others/Tan2015a/Tan2015a.en.html 16:19:24 <dcf1> it turns out there is this whole parallel world of researchers, in China and elsewhere, writing about censorship and circumvention, but from the other side, you might say 16:19:58 <dcf1> the paper linked on the pad (https://ieeexplore.ieee.org/document/9020938 for the record) is another example of these, I think 16:20:18 <dcf1> it's about classifying Tor traffic with various PTs 16:20:54 <dcf1> I am thinking it would be a good idea to begin getting acquainted with this other world, and this paper is pretty recent and on-topic for this team 16:21:08 <meskio> does the other side means censor/GFW connected? 16:21:12 <dcf1> yes 16:21:17 <meskio> ohh, pretty interested 16:21:19 <meskio> I'm in 16:21:23 <shelikhoo> there are quite a lot of these kind paper and patent 16:21:29 <dcf1> I mean, perhaps, it's not totaly clear yet 16:21:47 <shelikhoo> V2Ray once got call out in one of those classification patent 16:22:06 <dcf1> one of the authors, Gou Gaopeng, actually has a lot of publications on related topics, such as encrypted traffic classification: https://ieeexplore.ieee.org/author/37896091100 16:22:11 <cohosh> i'd also like to read it, thanks for finding this dcf 16:22:55 <dcf1> I remember the V2ray patent, I archived it at the time, it's this one: https://patents.google.com/patent/CN109981485 16:23:11 <itchyonion> i remember reading this as well 16:23:15 <dcf1> https://patents.google.com/patent/CN109981485/en for bad english translation 16:23:47 <meskio> wow 16:23:50 <dcf1> I think there are more publications of this type, but this one on Tor PTs is a good start I think 16:24:12 <meskio> sounds good 16:24:30 <meskio> should we give us two weeks to read it and discuss it Sept 8? 16:24:49 <shelikhoo> look at patent: "Status Withdrawn" 16:25:06 <meskio> :) 16:25:09 <shelikhoo> it is actually because it became a rather public event in china 16:25:22 <shelikhoo> and the author have no choice but to do this 16:26:23 <meskio> can you sue a censor for violating a patent? 16:27:30 <shelikhoo> right now a lot of censorship equipment are produced by civilian company 16:28:03 <meskio> true, and I guess they use patents to protect their research... 16:28:40 <shelikhoo> like 启明星辰(https://www.venustech.com.cn) that said to be running GFW 16:29:02 <shelikhoo> but some of the patent are just for getting points for university 16:29:31 <itchyonion> i think I remembered at that time a lot of people suspect the claims in the patents were untrue. I don't think the details were ever published; just a brief summary 16:29:48 <shelikhoo> In china many university have research quota/horse race for staff that tied with employment 16:30:01 <shelikhoo> so they will publish a lot of paper and patents 16:30:08 <shelikhoo> the quality of those will vary 16:30:36 <dcf1> shelikhoo: yes, I have heard of this Venustech, CDT has a page about them: https://chinadigitaltimes.net/space/%E5%90%AF%E6%98%8E%E6%98%9F%E8%BE%B0 16:31:57 <shelikhoo> dcf1: Yes, and this kind of censorship techs are being exported... 16:33:14 <itchyonion> i've interviewed there before (not for the GFW team); they have a lot of netsec business 16:34:45 <shelikhoo> Yeah, anyway there are quite a lot of these paper from the other side, but the quality will vary 16:35:54 <meskio> cool, are we all good on discussing this paper on Sept 8? 16:36:18 <shelikhoo> Yes from me 16:36:21 <itchyonion> +1 16:36:53 <meskio> great, should we move to the next topic? 16:37:28 <meskio> this is more an announcement, I have deployed new versions of bridgedb and rdsys 16:37:46 <meskio> bridgedb has a new design, looking more like the rest of tor websites 16:38:06 <meskio> I know the images are broken in firefox/TB and the translations everywhere, we are working on it 16:38:34 <meskio> if someone sees any problem with them poke me and I'll investigate 16:39:21 <meskio> anything else for today? 16:39:41 <shelikhoo> Oh just a very small update on the progress of webtunnel pt 16:39:45 <shelikhoo> [info] handle_proxy_line(): Got a line from managed proxy '/var/lib/torwebtunnel/webtunnel': (VERSION 1) 16:39:45 <shelikhoo> Aug 25 15:44:54.000 [info] handle_proxy_line(): Got a line from managed proxy '/var/lib/torwebtunnel/webtunnel': (SMETHOD webtunnel 127.0.0.1:11000 ARGS:) 16:39:45 <shelikhoo> Aug 25 15:44:54.000 [info] parse_method_line_helper(): Server transport webtunnel at 127.0.0.1:11000. 16:39:45 <shelikhoo> Aug 25 15:44:54.000 [info] handle_proxy_line(): Got a line from managed proxy '/var/lib/torwebtunnel/webtunnel': (SMETHODS DONE) 16:39:46 <shelikhoo> Aug 25 15:44:54.000 [info] handle_methods_done(): Server managed proxy '/var/lib/torwebtunnel/webtunnel' configuration completed! 16:39:48 <shelikhoo> Aug 25 15:44:54.000 [info] save_transport_to_state(): It's the first time we see this transport. Let's save its address:port 16:39:50 <shelikhoo> Aug 25 15:44:54.000 [notice] Registered server transport 'webtunnel' at '127.0.0.1:11000' 16:39:55 <shelikhoo> ^~^ 16:39:57 <shelikhoo> Okay EOF 16:40:17 <meskio> ohh, cool 16:40:23 <dcf1> shelikhoo: nice 16:40:44 <itchyonion> 👍 16:40:46 <shelikhoo> I will try to get it running in the next week 16:40:54 <dcf1> reminds me of an exchange between george and arturo and one of my first dev meetings 16:41:02 <dcf1> "are the bits flowing?" "the bits are flowing" 16:41:13 <meskio> XD 16:41:34 <shelikhoo> Yeah! 16:41:35 <meskio> let the bits flow 16:43:16 <meskio> I'll wait another minute, and if there is nothing more I'll close the meeting 16:44:17 <meskio> #endmeeting