#tor-meeting log

16:00:00 <shelikhoo> #startmeeting tor anti-censorship meeting
16:00:00 <shelikhoo> here is our meeting pad: https://pad.riseup.net/p/r.9574e996bb9c0266213d38b91b56c469
16:00:00 <shelikhoo> editable link available on request
16:00:00 <MeetBot> Meeting started Thu Jun 19 16:00:00 2025 UTC.  The chair is shelikhoo. Information about MeetBot at http://wiki.debian.org/MeetBot.
16:00:00 <MeetBot> Useful Commands: #action #agreed #help #info #idea #link #topic.
16:00:07 <shelikhoo> hi~hi~
16:00:39 <shelikhoo> this meeting bot used to have clock drift, but this seems fixed now
16:01:15 <meskio> hello
16:01:33 <meskio> :)
16:01:48 <meskio> I just realize I totally forgot about our reading group and I haven't read the paper
16:02:05 <meskio> too many things happening in the last two weeks
16:02:18 <dcf1> I didn't read it either.
16:02:29 <cohosh> let's postpone the discussion
16:02:49 <shelikhoo> okay... fine with me
16:02:53 <meskio> we can push it for next week
16:03:33 <cohosh> did anyone reach out to the authors?
16:03:58 <shelikhoo> I appreciate this postpone. now I have time to try if length of tcp header for first data packet on windows is usually 20 bytes
16:04:20 <meskio> :D
16:04:21 <cohosh> :)
16:04:27 <dcf1> shelikhoo: ^_^
16:04:39 <dcf1> That's one of the things I talked to the authors about.
16:05:59 <shelikhoo> yes... maybe I could also try android and iOS...
16:07:17 <shelikhoo> anyway let's start with the first topic
16:07:23 <shelikhoo> Move netlify-reflactor to team namespace
16:07:23 <shelikhoo> https://gitlab.torproject.org/shelikhoo/netlify-reflector/
16:07:31 <shelikhoo> this topic is from me
16:07:50 <shelikhoo> now we have a repo with what we are deploying on netlify
16:08:05 <shelikhoo> and test show that configuration is working in russia
16:08:20 <shelikhoo> and we are about to use it in staging or testing
16:08:46 <shelikhoo> it is a good time to move this to team namespace
16:09:05 <shelikhoo> so long as we are in general happy with its content
16:09:39 <meskio> I've submited the change to use netlify for moat in TorBrowser alpha: https://gitlab.torproject.org/tpo/applications/tor-browser/-/merge_requests/1539
16:10:10 <shelikhoo> yes, thanks meskio
16:10:24 <morganava> (and merged, should be in the next alpha in a few weeks)
16:10:31 <meskio> shelikhoo: I can do a review of the README and the rest of the content and give you feedback if I find something to improve
16:10:46 <meskio> I think is fine to move it already and we can always do fixes on top if I have feedback
16:10:52 <meskio> morganava: thanks :)
16:11:21 <shelikhoo> yes! I will move it soon, without blocked by your review
16:11:29 <meskio> +1
16:11:37 <shelikhoo> okay we can move to the next topic
16:11:48 <shelikhoo> Iran network shutdown
16:12:01 <meskio> I added it
16:12:22 <shelikhoo> yes, I think most of us has some context about it already
16:12:28 <meskio> :)
16:12:46 <meskio> I'm not sure I have productive topics to bring for it, but I think it was needed to have the space
16:13:11 <meskio> right now it seems to be almost total blackout in Iran, so we might not be able to do much for now
16:13:42 <meskio> there are rummors of some VPS provider with connection to the rest of the internet, but I'm not sure which
16:13:58 <shelikhoo> yes, the primary issue is that our vantage point is offline
16:14:26 <shelikhoo> and we are unable to test how the network would work
16:14:36 <dcf1> people are reporting that weirdly api.github.com (140.82.121.6) is still reachable, which is how they're posting on the BBS thread, using the github app
16:14:49 <shelikhoo> although we could try if residential proxies are still working
16:14:56 <meskio> we should make a github PT :P
16:15:17 <dcf1> also, some say that www.google.com is now reachable (which is also visible in the past few hours in the IODA graph), and there must be related reachable domains if they are able to browse the search results
16:16:04 <dcf1> if www.google.com is working, then an AMP cache tunnel might work (i.e. https://repo.or.cz/champa.git). I'm trying to get testers to run some curl commands to see if it may work.
16:16:40 <meskio> shelikhoo: do you mean a two hop proxy with a local VPS in Iran?
16:17:54 <meskio> dcf1: ampcache working will be very interesting, I heard reports that some webrtc providers hosted in iran work
16:18:07 <meskio> so maybe webrtc is not totally filtered
16:18:09 <shelikhoo> meskio: I means we could use "residential proxy" service, which is usually used to crawling websites, to get a "vantage point" in Iran
16:18:19 <shelikhoo> and test what endpoints are reachable
16:18:23 <dcf1> meskio: for snowflake, sure, but you can also tunnel everything through ampcache, no webrtc, like meek
16:19:13 <meskio> true, is there ready to use ampcache proxies? or some idea to develop?
16:19:23 <dcf1> Yes it's https://repo.or.cz/champa.git :)
16:19:30 <dcf1> That's by me.
16:19:33 <meskio> ohh, wait, I didn't look the link :)
16:19:36 <meskio> nice
16:20:03 <dcf1> I haven't tried it in a bit, but maybe there's an option there.
16:21:38 <ggus> dcf1: do you have a champa server running? i can ask users to try it
16:21:56 <ggus> telegram mtproto proxies seems to work
16:21:58 * meskio was about to poke ggus :)
16:22:00 <dcf1> I don't have one running. Have the users try the curl commands first, to see if it's likely to work.
16:22:08 <dcf1> curl --header 'Host: amp-dev.cdn.ampproject.org' https://www.google.com/c/s/amp.dev/
16:22:12 <dcf1> curl --header 'Host: www-aljazeera-net.cdn.ampproject.org' https://www.google.com/c/s/www.aljazeera.net/amp/sport/2025/6/19/%d9%86%d9%82%d9%84-%d9%85%d8%a8%d8%a7%d8%a8%d9%8a-%d9%86%d8%ac%d9%85-%d8%b1%d9%8a%d8%a7%d9%84-%d9%85%d8%af%d8%b1%d9%8a%d8%af-%d8%a5%d9%84%d9%89-%d8%a7%d9%84%d9%85%d8%b3%d8%aa%d8%b4%d9%81%d9%89
16:22:31 <dcf1> Someone on BBS just posted "curl: (6) Could not resolve host: www.google.com", so maybe try just "google.com" in place of "www.google.com" as well.
16:26:03 <ggus> ok!
16:27:21 <shelikhoo> the residential proxy I am using seems not working for Iran...< HTTP/1.1 502 Bad Gateway
16:27:21 <shelikhoo> <
16:27:21 <shelikhoo> * Received HTTP code 502 from proxy after CONNECT
16:27:21 <shelikhoo> * CONNECT phase completed!
16:27:21 <shelikhoo> * Closing connection 0
16:27:23 <shelikhoo> curl: (56) Received HTTP code 502 from proxy after CONNECT
16:27:32 <shelikhoo> but maybe it is just me
16:27:49 <shelikhoo> anyway is there anything else we would like to discuss on this topic
16:28:14 <dcf1> HTTP/1.1, seems like there must be another proxy in the path, otherwise curl would give HTTP/2 with a genuine google server probably.
16:28:45 <shelikhoo> curl -v -x http:/****:12321 -L https://www.google.com/
16:29:02 <shelikhoo> yes the residential proxy provide its service as a http proxy
16:29:14 <dcf1> Oh, I see now. "HTTP code 502 from proxy"
16:29:25 <shelikhoo> so it is the residential proxy service that is returning error
16:29:37 <shelikhoo> not the remote google server
16:30:17 <meskio> it might depend a lot on the interent provider
16:31:28 <shelikhoo> yes, presently I don't know if that means a residential proxy in Iran can't connect to google
16:31:45 <shelikhoo> or this residential proxy pool can't connect to its residential proxy
16:32:01 <meskio> the second is also pretty probable, is hard to reach anything in the country
16:32:08 <shelikhoo> yes....
16:32:52 <shelikhoo> but anyway this is how the residential proxy trail ends...
16:33:23 <shelikhoo> okay... anything more we would like to discuss i on this topic?
16:34:19 <meskio> I don't have any more on this
16:36:11 <shelikhoo> anything more we would like to discuss in this meeting?
16:36:41 <shelikhoo> thanks everyone!!!
16:36:45 <shelikhoo> #endmeeting