#tor-meeting log

15:58:48 <itchyonion> #startmeeting tor anti-censorship meeting
15:58:48 <MeetBot> Meeting started Thu Jan 19 15:58:48 2023 UTC.  The chair is itchyonion. Information about MeetBot at http://wiki.debian.org/MeetBot.
15:58:48 <MeetBot> Useful Commands: #action #agreed #help #info #idea #link #topic.
15:59:01 <itchyonion> here is our meeting pad: https://pad.riseup.net/p/tor-anti-censorship-keep
15:59:01 <itchyonion> feel free to add what you've been working on and put items on the agenda
15:59:08 <itchyonion> hello
15:59:08 <shelikhoow> Hi~
16:00:20 <itchyonion> First top of today is an announcement
16:00:22 <itchyonion> Brave Browser has support for bridges and incorporate the snowflake extension
16:00:24 <itchyonion> https://brave.com/tor-bridges/
16:01:20 <itchyonion> anything we want to add to this?
16:01:50 <itchyonion> Ok, onto discussions.
16:01:57 <itchyonion> Topic 1:
16:01:57 <itchyonion> Enable snowflake-02 in Orbot?
16:01:57 <itchyonion> Last meeting, we were to bring it up with Guardian Project at the 2022-01-17 (Tuesday) S96 meeting.
16:02:48 <itchyonion> I think we discussed this last week. Is there some new development over the last week?
16:03:09 <shelikhoo> yes, we did discuss this with them during the S96 meeting
16:03:42 <shelikhoo> and they agreed on working it, while meskio and shell offered help if needed
16:03:59 <shelikhoo> that's all from me
16:04:04 <dcf1> thank you
16:04:14 <shelikhoo> no problem~
16:04:16 <itchyonion> Thanks. Sounds like it should be good for now
16:04:35 <itchyonion> Next topic:
16:04:36 <itchyonion> ln5 asks: does the anti-censorship team want a paid-for host to run TURN servers on? This is something that could be made part of a grant/fund request.
16:05:02 <shelikhoo> I think it would be easily blocked..
16:05:10 <dcf1> I don't knw the full context of this question; apparently ln5 has been in discussion with cohosh about it
16:05:38 <dcf1> shelikhoo: I am not sure, but I think the intent is to run it as public service for anyone, not just Snowflake. Otherwise I agree, it would be easily blocked.
16:06:01 <dcf1> ln5 wanted to be at the meeting today to say more but could not make it
16:06:36 <shelikhoo> if it is run for anyone, it will have the same or worse issue when it comes to funding as in the case of meek
16:06:49 <dcf1> For anyone who doesn't know, ln5 is Linus Nordberg, with whom I run the snowflake-01 bridge, one of the people on the "Snowflake Daily Operations" project https://opencollective.com/censorship-circumvention/projects/snowflake-daily-operations
16:07:22 <dcf1> shelikhoo: that's the idea, I think there is an opportunity to pay for such a thing
16:08:19 <dcf1> I think the question is: if the host came with adequate hardware and fully paid for, would the team find it useful to have a TURN server
16:08:24 <shelikhoo> yes... I don't know a lot about funding...
16:08:28 <dcf1> But I must admit I am not sure of all the details
16:08:33 <itchyonion> For snowflake specificly, turn would only be useful if we run out of snowflake peers that are NAT compatible (which is unlikely), right?
16:09:01 <shelikhoo> when there is a spike of usage, like when there is protest in iran, that do happens
16:09:17 <shelikhoo> but it is not typically the case
16:09:18 <itchyonion> we briefly discuseed STUN vs TURN in one of the team sync meetings about issue#40240
16:09:22 <dcf1> Actually, I am reading a different email, and perhaps I am mistaken about the intention
16:09:59 <dcf1> It may be more about providing a few extra STUN or TURN servers, even if easily blocked, to reduce load on the other ones we use.
16:11:00 <dcf1> In the same way that the default obfs4 bridges are heavily used in some countries, even though they are in principle easy to block
16:11:23 <shelikhoo> I think we could have it, and let proxy, not client use it
16:11:43 <dcf1> Maybe we need to get more input from cohosh and ln5
16:11:57 <itchyonion> agree
16:12:03 <shelikhoo> the issue with a dedicated STUN server run by us is that censor can see what ip users connect to
16:12:45 <shelikhoo> if a user send a packet to a server used by us, then it might be something that allow censor to know what software the user is using
16:13:05 <shelikhoo> this won't be a concern if it is the proxy that is using it
16:13:07 <shelikhoo> over
16:15:36 <dcf1> Ok, that's a good observation.
16:18:00 <dcf1> Thanks, I will report the points of this discussion.
16:18:31 <itchyonion> Can the proxy already use it? Or do we need to make changes?
16:19:06 <shelikhoo> if the proxy use a TURN setup by us, it is still observable by censor...
16:19:16 <shelikhoo> since the client would then connect to TURN
16:19:53 <itchyonion> hi ln5
16:19:57 <dcf1> shelikhoo: yes, I think that's correct
16:20:02 <shelikhoo> yes...
16:20:37 <itchyonion> oh I thought you were talking about STUN server
16:21:06 <dcf1> ln5 said TURN specifically when he asked me to put it on the agenda, but it may encompass STUN as well.
16:21:13 <ln5[m]> I'm only almost here , sorry
16:21:44 <ln5[m]> Yeah STUN is much easier (cheaper) so I said TURN but should've said STUN/TURN
16:23:19 <ln5[m]> For context, cohosh mentioned in another thread that maybe (!) something like rolling ports and possibly addresses could be useful for eg TM and I thought I'd ask here too
16:26:23 <itchyonion> More stun servers definitely won't hurt.
16:26:57 <itchyonion> but maybe we should wait for cohosh to see if she has something else in mind. I didn't see the thread discussing it
16:27:55 <itchyonion> anything we want to add to this discussion?
16:28:00 <shelikhoo> nothing from me~
16:28:45 <itchyonion> #endmeeting