16:00:26 <onyinyang> #startmeeting tor anti-censorship meeting
16:00:26 <MeetBot> Meeting started Thu May 16 16:00:26 2024 UTC.  The chair is onyinyang. Information about MeetBot at http://wiki.debian.org/MeetBot.
16:00:26 <MeetBot> Useful Commands: #action #agreed #help #info #idea #link #topic.
16:00:26 <onyinyang> hello everyone!
16:00:26 <onyinyang> here is our meeting pad: [https://pad.riseup.net/p/r.9574e996bb9c0266213d38b91b56c469](https://pad.riseup.net/p/r.9574e996bb9c0266213d38b91b56c469)
16:00:45 <shelikhoo> hi~
16:00:47 <theodorsm> Hi!
16:00:48 <meskio> hello
16:03:07 <ggus> o/
16:03:59 <meskio> maybe we don't have much to discuss today
16:04:10 <meskio> I guess everybody is preparing for the tormeeting next week
16:04:14 <onyinyang> I don't think so, just some interesting links it looks like
16:05:09 <shelikhoo> I was literally packing my backpack before the meeting...
16:05:13 <onyinyang> dcf1, did you want to say anything about the links that I think you shared?
16:05:19 <onyinyang> also hi vecna!!
16:05:20 <meskio> mmm, other telegram channels handing bridges
16:05:42 <vecna> hi!
16:06:21 <dcf1> jmwample mentioned he was working on a Rust-based pluggable transports library in a previous meeting; there is a version online now https://github.com/jmwample/ptrs
16:06:23 <meskio> I wonder why will people set those up if we already run one "official" channel for that
16:06:34 <ggus> these telegram channels are old
16:06:38 <dcf1> theodorsm can maybe comment on covertDTLS
16:07:01 <meskio> ggus: ahh, true, now I remember, from before we had our own one
16:07:39 <ggus> meskio: they feel it's a good way to cotrnibute with their community
16:07:53 <theodorsm> Yes, covertDTLS is my WIP library for extending pion/dtls to hook the handshake and do mimicking/randomization
16:08:32 <meskio> dcf1: this is exciting, we should look more into this ptrs, will be really useful to integrate into arti
16:08:49 <theodorsm> CovertDTLS also contains a workflow that freshly generates handshakes/fingerprint from the nightly version of chrome and firefox on Ubuntu
16:09:25 <meskio> theodorsm: wow, nice work, how far is this from being usable?
16:09:49 <dcf1> theodorsm: by my reading of https://github.com/pion/dtls/pull/631, it seems like pion/dtls didn't want to take on the burden of maintaining fingerprints, but they integrated a hook to permit fingerprint manipulation?
16:10:35 <theodorsm> meskio: thanks! I have to expose the hook API in pion/webrtc for it to be usable for snowflake dcf1: yes, the hook API just got merged
16:11:11 <theodorsm> The mimicking implementation is done in covertDTLS, using the hooks.
16:11:36 <shelikhoo> nice, I think the hook approach is a nice balance...
16:11:40 <dcf1> One note from experience: the greatest bang for the buck (most benefit with least maintenance effort) is the RandomizedALPN fingerprint. So a randomized fingerprint is a good priority, if it saves time in establishing mimicking fingerprints.
16:12:11 <dcf1> RandomizedALPN is all we've used in snowflake-client by default for more than a year now. https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/merge_requests/540
16:12:39 <theodorsm> dcf1: thanks, yes I want to implement som randomization. I guess it's really affective if censors are blacklisting and not whitelisting
16:13:07 <dcf1> a good rule of thumb is: to a first approximation, all censors are blacklisting
16:14:06 <theodorsm> I have done some testing with snowflake, and I cannot find any fingerprint with my field-based fingerprinting tool. I am unsure about stability tho, as unsupported ciphers might be chosen
16:14:27 <dcf1> not to say that building infrastructure for acquiring and integrating real-world fingerprints isn't useful, it's just a higher ratio of effort/benefit.
16:16:41 <shelikhoo> practically another approach is to use a real browser to send the webrtc traffic and send the content to client
16:16:54 <shelikhoo> but this would be much harder to deploy for sure
16:19:24 <onyinyang> thanks for sharing these links dcf1, this is really awesome work.
16:19:37 <onyinyang> ggus, I see that you added a discussion point
16:19:44 <dcf1> onyinyang: what was the TechSoup panel? https://www.youtube.com/watch?v=w3QVkw7Beqc Looks like you presented on Snowflake?
16:19:45 <onyinyang> - 0.4.7.x bridges removal (2024-05-16: 500 bridges running EOL): https://metrics.torproject.org/rs.html#search/type:bridge%20version:0.4.7%20
16:20:20 <ggus> yesss
16:20:49 <ggus> one sec
16:21:05 <onyinyang> dcf1, yes. It was last week. Tor was asked to give a presentation about Snowflake for TechSoup's securing the future panel
16:21:29 <onyinyang> so I talked about Snowflake and the other panelists were Freedom of the Press Foundation, Quiet and EFF
16:21:37 <ggus> we're planning to ask serge dir auth to upgrade to 0.4.8.11 after the dev meeting. serge will reject ~500 bridges. wdyt? should we wait more or?
16:21:53 <meskio> thank you dcf1 I was looking for the link to share that presentation :D
16:21:55 <ggus> we (NH + community teams) already contacted all operators
16:22:15 <ggus> (0.4.7.x relays were rejected some time ago)
16:22:29 <meskio> ggus: looks like 408 bridges now, so maybe your contacting has helped some bridges to upgrade
16:22:51 <gman999> whenever you tell me ggus...
16:23:18 <ggus> meskio: can we poke irl to upgrade to 0.4.8?
16:23:21 <meskio> is ~20% of the current bridges
16:23:31 <onyinyang> meskio, I guess that counts as an interesting link ^-^;; heh
16:24:09 <ggus> meskio: yeah, but bridge acquisition and retention is difficult.
16:24:16 <meskio> ggus: I think irl is being AFK latelly, but we can poke acosta and see if something can be done there
16:24:50 <meskio> I think is not the end of the world if we loose 20% of the bridges, those are old bridges and probably blocked in most places...
16:25:26 <dcf1> (Tor version number as a coarse measurement of bridge churn...)
16:25:51 <meskio> I'll poke acosta about their bridges
16:26:39 <ggus> acute?
16:26:44 <ggus> ok!
16:26:52 <meskio> yes, acute, my head
16:27:22 <meskio> dcf1: I've being wondering about the bridge churn, one day will be nice to make some graphs using the metrics
16:27:47 <shelikhoo> or we could have network address churn
16:27:56 <shelikhoo> as the bridges are blocked by their address
16:27:59 <shelikhoo> not fingerprint
16:28:06 <ggus> why people prefer to run public relays instead of bridges
16:28:28 <meskio> shelikhoo: yes, but we don't have historical data of the addresses
16:28:33 <meskio> we do of the fingerprints
16:28:39 <shelikhoo> yes...
16:31:16 <onyinyang> I think that is all we have for this week
16:31:27 <onyinyang> is there anything else anyone would like to mention before I end the meeting?
16:31:35 <shelikhoo> eof
16:31:58 <meskio> I don't have anything else
16:32:19 <onyinyang> Just as a reminder, there will be no meeting next week since several people are travelling for the Tor dev meeting. We will resume on the 30th
16:32:47 <onyinyang> safe travels to everyone travelling :)
16:33:03 <onyinyang> #endmeeting