16:00:23 #startmeeting tor anti-censorship meeting 16:00:23 here is our meeting pad: https://pad.riseup.net/p/r.9574e996bb9c0266213d38b91b56c469 16:00:23 editable link available on request 16:00:23 Meeting started Thu Dec 12 16:00:23 2024 UTC. The chair is shelikhoo. Information about MeetBot at http://wiki.debian.org/MeetBot. 16:00:23 Useful Commands: #action #agreed #help #info #idea #link #topic. 16:00:27 hi~hi~ 16:00:48 hi 16:01:37 hello! 16:04:03 dcf1: I see "open issue to disable /debug endpoint on snowflake broker" is in your todo. I would like to let you know that with the new nginx reverse proxy, this url is no longer accessible to users 16:04:40 let's start with the discussion topic 16:04:42 Ok to turn off the old snowflake broker now? https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snowflake/-/issues/40412 16:04:55 hmm, I'm sure I tested /debug while playing with the azure setup this week, and it worked. 16:05:25 I think maybe azure is directly connect to the old broker 16:05:38 oh, you're right, that makes sense 16:05:40 and not actually sending traffic to the new broker? 16:05:51 oh is it still using the bamsoftware broker domain? 16:06:00 yes, it is. I hadn't thought of that. 16:06:07 this could explain why there is a spike of fee 16:06:24 because there is a lot of retry with failed requests 16:06:31 Let me log in and change that in the azure config, that would have some client&proxies still using the old broker 16:06:37 we should either disable or amend the azure config 16:07:00 Also I'll update the snowflake-broker.bamsoftare.com DNS record. 16:07:32 I'm sorry for not thinking of that. 16:07:59 the new broker is not configured to acquire certificate for the snowflake-broker.bamsoftare.com domain yet 16:08:06 It's only been this week that I've got an idea of who might still be using snowflake-broker.azureedge.net (onionwrapper) https://lists.torproject.org/mailman3/hyperkitty/list/anti-censorship-team@lists.torproject.org/message/NLECLBHRZUXHP5U5EXLQQFQDSV6ZJE5P/ 16:08:41 You're right, with a cert it doesn't make sense, but I'll update the CDN configuration anyway. 16:09:24 anyway, I suggest to remove the record when we shutdown the old broker, as the ip could get recycled 16:10:04 I think it is in general okay to maybe shutdown but not delete the instance for a week, before deleting the instance 16:10:32 to see if there is anything still depended on it 16:11:02 Then I can proceed with shutting down the old broker? I'll do that right after the meeting. 16:11:31 yes, let shutdown it and not delete it 16:11:38 for the time being 16:12:44 anything more on this topic? 16:12:59 no 16:13:12 okay let's move to the next topic 16:13:14 what was that censorship alerts mailing list? 16:13:14 https://lists.torproject.org/mailman3/postorius/lists/anti-censorship-alerts.lists.torprojec 16:13:51 cohosh: I saw this question in your section, is that what you mean? 16:14:07 https://gitlab.torproject.org/tpo/tpa/team/-/issues/41907#note_3139973 16:14:22 I think there is some ongoing issue with the new mailing list system 16:14:24 dcf1: i'm not sure, that link fails for me 16:14:34 shelikhoo: no this is something different from that 16:14:38 https://lists.torproject.org/mailman3/postorius/lists/anti-censorship-alerts.lists.torproject.org/ 16:14:51 ^^^ updated link 16:14:56 i was wondering about the mailing list that some researchers made to use tor metrics to warn about potential censorship events 16:15:13 oh I know the one you are thinking of 16:15:19 sorry for bad copy and paste... 16:15:58 no worries, i'm still getting used to the new url and didn't recognize it XD 16:16:06 https://arxiv.org/abs/1507.05819 "On Identifying Anomalies in Tor Usage with Applications in Detecting Internet Censorship" 16:16:19 yes that is exactly what i was looking for 16:16:32 There is a link for a mailing list somewhere. I seem to recall that when I looked for it recently it was offline, but I'm not sure. 16:16:33 thank you 16:17:07 that's fine, the explanation of how they did it is the most useful part anyway 16:17:23 quoted replay for "I'm sorry for not thinking of that." <<< no worry... it is fine 16:17:44 (shell try to stop myself to regret to not reply that message with no worry...) 16:17:46 okay 16:17:53 https://censorbib.nymity.ch/#Wright2018a may be a published version 16:17:58 2018 16:19:57 "infolabe-anomalies" was the name of the mailing list and archives 16:19:59 cohosh: we've been talking to those folks more or less recently and they are up i think to work on that area with us if we want iirc 16:20:04 yeah 16:20:25 GeKo: oh awesome 16:20:44 we had some vaguely defined sponsor work that led me there, i'll reach out to you about it 16:20:54 sounds good! 16:21:46 cohosh: https://gitlab.torproject.org/tpo/network-health/team/-/issues/94 is the context fwiw 16:22:12 and joss is on that ticket as well 16:22:15 GeKo: here's the ticket on our side: https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snowflake/-/issues/40416 16:22:27 i see 16:23:27 (from 4.4 Combining Features to Identify Targeted Filtering)as I understood a censorship event could either resulting in a sharp change of amount of users... 16:24:41 so basically by calculating an rolling window of deviations, we can see whether there is a hint about network censorship events 16:25:23 okay, is there anything more we would like to discuss on this topic? 16:26:01 shelikhoo: what you are describing is perhaps more like "An anomaly-based censorship-detection system for Tor" https://research.torproject.org/techreports/detector-2011-09-09.pdf 16:26:40 Which is what drives the "censorship events" at https://metrics.torproject.org/userstats-relay-country.html and has never been particularly useful imo 16:27:08 thanks dcf1, I might need to read the paper in detail to have a better summary of it 16:28:44 E.g. https://metrics.torproject.org/userstats-relay-country.html?start=2024-09-13&end=2024-12-12&country=de&events=on 16:29:36 and yes... I think there is so many events that can trigger an change in directly connected users 16:29:55 blue dot = above expected range, red dot = below expected range. Because this anomaly detector has a hard-coded interval of 1 week, you get a negative "echo" of sharp events like the one on that graph. 16:30:29 yeah I tried it myself a bit in grad school, it's not so easy. 16:31:42 yes it seems quite noisy... 16:32:27 maybe if we got the signaling library the connectivity feedback can be built in to gather more direct data 16:32:42 heh, maybe this is a little optimistic to take it on for this project then 16:33:08 but it would needs to include user privacy concerns... 16:34:59 i might not end up pursuing this now, but the idea is to look at what we can do with our snowflake broker metrics and maybe have alerts if they drop off suddenly 16:35:12 cohosh: I think it is hard to predict the actual achievement of such effort... If I were you I would maybe draw a few charts and see if it would work.. 16:35:16 i don't have high aspirations for this iteration of it 16:35:22 There is even a dedicated page on tor metrics that counts the blue and red dots using that methodology https://metrics.torproject.org/userstats-censorship-events.html 16:37:29 yeah, anything more we would like to discuss on this topic? I feel the conclusion was this is not an easy task and more research is needed... 16:37:53 that is definitely too noisy, i think a more reasonable outcome of this something that issues an alert if polls from a country drop to like 10% of what they were over the course of a few hours 16:38:02 and go from there 16:38:40 in any case, thanks for the links, i'll read them and update the issue 16:38:50 that's all from me 16:39:01 thanks cohosh 16:39:03 the next item in today's meeting is about 16:39:11 Azure CDN from Edgio (azureedge.net) is due to be shut down as early as 2025-01-15: 16:39:29 we have previously discussed about this in this meeting 16:39:41 anything more we would like to discuss about this topic? 16:41:56 i'm unsure of whether our meek builtin bridge will stop working as a result 16:42:42 we might need to update it or make a decision to remove it as a builtin option 16:43:07 i'll follow up on that with micah 16:44:13 yes 16:44:46 anything more we would like to discuss in this meeting? 16:45:27 nothing from me 16:46:23 pkay no need to keep everyone hostage, I will end the meeting here! 16:46:23 #endmeeting