16:00:20 <Shelikhoo[mds]> #startmeeting tor anti-censorship meeting
16:00:20 <MeetBot> Meeting started Thu Apr 30 16:00:20 2026 UTC.  The chair is Shelikhoo[mds]. Information about MeetBot at https://wiki.debian.org/MeetBot.
16:00:20 <MeetBot> Useful Commands: #action #agreed #help #info #idea #link #topic.
16:00:20 <Shelikhoo[mds]> here is our meeting pad: https://pad.riseup.net/p/r.9574e996bb9c0266213d38b91b56c469
16:00:20 <Shelikhoo[mds]> editable link available on request
16:00:30 <GeKo> hi!
16:00:32 <meskio[mds]> hello
16:00:44 <cohosh> hi!
16:00:48 <Shelikhoo[mds]> hi~hi~
16:00:56 <onyinyang[mds]> hello! o/
16:01:21 <M4i_un[mds]> hello
16:02:07 <Shelikhoo[mds]> we can start with the first topic now. I will not send the email digest until much later today to allow everyone to update their status.
16:02:09 <Shelikhoo[mds]> Network Health is working on an anomaly detection system (P183)
16:02:09 <Shelikhoo[mds]> https://censorbib.nymity.ch/pdf/Wright2018a.pdf
16:02:09 <Shelikhoo[mds]> https://gitlab.torproject.org/tpo/network-health/tor_anomalies
16:02:09 <Shelikhoo[mds]> will discuss next week (Apr 30)
16:02:19 <GeKo> okay
16:02:39 <Shelikhoo[mds]> yes, this topic is from geko
16:02:50 <GeKo> i've prepared a pad for that to give you a bit more background info: https://pad.riseup.net/p/project183_anomalies
16:03:27 <GeKo> so, we have this anomalies detection project in network health land which is pretty broad
16:04:05 <GeKo> a core part of it is trying to find algorithms allowing us to detect anomalies in the network quickly
16:04:10 <GeKo> and getting us notified about them
16:04:27 <GeKo> this covers anomalies in bridge users and other parts as well
16:04:47 <GeKo> i've added what we did so far and what is still in the pipeline
16:04:57 <GeKo> and some questions below
16:05:24 <GeKo> most importantly to us, i think, is if the a-c team has something it would like to see happen in this area
16:05:35 <GeKo> we could still try to find time for that, e.g.
16:05:57 <meskio[mds]> I think this is going to be a very useful project
16:06:11 <meskio[mds]> I think the visualizations will be very useful
16:06:20 <GeKo> yeah
16:06:21 <meskio[mds]> and maybe to be able to have in the same page multiple visualizations
16:06:37 <GeKo> we hope we have something better than the current "censorship event page" :)
16:06:54 <meskio[mds]> I find dcf's website very useful: https://people.torproject.org/~dcf/metrics-country.html
16:07:00 <GeKo> not just alghorithm-wise but plain visualization-wise as well
16:07:09 <meskio[mds]> I guess this is more a requests for the webportal 2.0 :P
16:07:40 <GeKo> good requests, though, as that will happen in objective 5
16:08:02 <cohosh> i see you've linked wright's 2018 work and danezis's 2011 work on censorship anomaly detection
16:08:07 <cohosh> are you comparing those two?
16:08:13 <GeKo> yeah, that website done by dcf is a good one
16:08:22 <GeKo> wright did that in their paper
16:08:37 <cohosh> oh i see
16:08:42 <GeKo> we don't do anything beyond that but follow their argument that the detection rate of anomalies is better
16:08:43 <Shelikhoo[mds]> I was thinking about regional disconnection, where the internet restriction was applied on a city level rather than state or national level
16:08:44 <cohosh> ah we use danezis' now
16:08:56 <cohosh> yeah that makes sense
16:08:58 <GeKo> and hence we think about using wright's instead
16:09:05 <GeKo> on the website 2.0
16:09:37 <Shelikhoo[mds]> while national level censorship get media coverage and a lot of attention that could be documented with traditional methods
16:09:46 <GeKo> Shelikhoo[mds]: yeah, i don't think that we are at a point yet, where we a) have that data available
16:09:55 <GeKo> and b) can do something useful with that
16:09:59 <meskio[mds]> Shelikhoo: the problem of regional based is that relays/bridges provide country metrics, but not regional
16:10:05 <Shelikhoo[mds]> yes, thanks GeKo (IRC) !
16:10:16 <GeKo> but it would def be nice to dive into that at some point
16:10:29 <GeKo> and what meskio[mds] said
16:10:38 <meskio[mds]> I agree, it looks like regional based censorship is becoming more and more a thing
16:10:48 <cohosh> i'm not aware of any more recent work in this area that's specific to tor metrics
16:11:04 <cohosh> there was this somewhat adjacent paper a couple years ago at FOCI: https://www.petsymposium.org/foci/2024/foci-2024-0007.pdf
16:11:58 <GeKo> thanks
16:12:01 <meskio[mds]> something useful might be able to get a list of places where there are anomalies and some graphs of them, I guess this is part of O5
16:12:02 <cohosh> but it uses OONI/Censored Planet/ICLab data
16:12:15 <Shelikhoo[mds]> meskio: yes, I think regional level internet shutdown is what are currently insufficiently documented
16:12:18 <GeKo> meskio[mds]: yeah, that will be visualized there
16:12:19 <meskio[mds]> I'm not sure if alerts will not be too noisy and we should just start with some easy to go page
16:12:34 <GeKo> the tor_anomalies tool can already generate country-based graphs, which is pretty nice
16:13:10 <GeKo> yeah, the alert part needs def some tuning
16:13:30 <cohosh> this is maybe a dreaming big feature, but one of the first places i go when seeing weird metrics is OONI, maybe some links or autogenerated OONI plots would be a cool thing to display on the website as well
16:14:01 <cohosh> so like if there is a censorship event for snowflake in RU, an OONI plot of the STUN reachability checks or domain front URL reachability checks
16:14:12 <GeKo> meskio[mds]: we'll loop the a-c team in once we are doing the design for censorship stuff on the website 2.0
16:14:20 <GeKo> cohosh: yeah, that's the big plan
16:14:21 <cohosh> sorry if i'm straying from the objectives too much here
16:14:26 <GeKo> no, no
16:14:32 <GeKo> it's spot-on
16:14:47 <GeKo> however, we'll likely only be able to lay the groundwork for that in this project
16:14:59 <GeKo> we'll have until the end of the year for all the remaining work
16:15:28 <meskio[mds]> yes, but using that groundwork we will also find out what tools we wish on top of it
16:15:32 <cohosh> nice!
16:15:37 <GeKo> indeed
16:15:48 <meskio[mds]> BTW, this is more or less connected to P170
16:16:00 <GeKo> correct
16:16:02 <meskio[mds]> we're we are working on detecting blocked bridges and reporting them to metrics (and to rdsys)
16:16:24 <meskio[mds]> the anomalies visualization and the P170 ones will be useful side by side
16:16:32 <GeKo> alright, i won't take more of your meeting time. happy to discuss things more at any time
16:16:44 <GeKo> and we can use the pad for some async thoughts if needed
16:17:10 <GeKo> thanks for having me here today :)
16:17:12 <meskio[mds]> thank you for bringing the topic, is a nice project
16:17:35 <Shelikhoo[mds]> yes, thanks GeKo!
16:17:39 <cohosh> yeah thank you!
16:17:40 <GeKo> sure, anytime!
16:18:00 <Shelikhoo[mds]> we have an interesting link this week:
16:18:02 <Shelikhoo[mds]> https://github.com/masterking32/MasterHttpRelayVPN
16:18:02 <Shelikhoo[mds]> tunnel through https://script.google.com/, currently one of the things used in Iran
16:18:47 <meskio[mds]> I've heard is ratelimited by google so only useful for "smallish" bridges
16:19:04 <meskio[mds]> but very interesting how people is finding new ways to move data around
16:20:16 <Shelikhoo[mds]> yeah... I think it would work for Tor after bootstrap.
16:20:38 <Shelikhoo[mds]> but for downloading a lot of files, method like this won't work very well
16:20:57 <meskio[mds]> yes, more useful as a signaling channel
16:21:13 <meskio[mds]> I think I did already added it to our wiki list of options
16:21:23 <Shelikhoo[mds]> anything more we wants to discuss today? I didn't see any additional discussion topics
16:21:32 <meskio[mds]> not from me
16:22:14 <SergioSantos> I have a quick question about https://snowflake-broker.torproject.net/prometheus What's the timeframe of the stats?
16:22:14 <SergioSantos> And a thanks for cohosh for adding "bloco" there.
16:22:55 <SergioSantos> Is "HELP snowflake_rounded_proxy_answer_total The number of snowflake proxy answers, rounded up to a multiple of 8" since forever? April 28th for "bloco"s case?
16:22:59 <cohosh> SergioSantos: oh good question
16:23:43 <Shelikhoo[mds]> It is usually since last restart of the broker
16:24:12 <cohosh> yeah for counters they increase constantly until restart
16:24:13 <Shelikhoo[mds]> although if you asked me that is a bad api design by prometheus
16:24:17 <meskio[mds]> maybe this is more useful for you: https://snowflake-broker.torproject.net/metrics
16:24:23 <meskio[mds]> is those are daily counters
16:24:24 <SergioSantos> Just noticed a restart 😅
16:24:34 <cohosh> yeah haha i just restarted again now
16:24:40 <cohosh> to apply a bug fix
16:24:53 <meskio[mds]> see that each day has a 'snowflake-stats-end'...
16:26:08 <SergioSantos> Oh nice, 58 bloco IPs yesterday then
16:26:22 <meskio[mds]> nice
16:26:29 <Shelikhoo[mds]> nice!
16:27:03 <SergioSantos> We had around 70 downloads from github + google play for now. F-droid almost there. So that makes sense.
16:27:05 <cohosh> wow that's pretty good
16:27:12 <SergioSantos> No daily stats for answers?
16:27:20 <Shelikhoo[mds]> that's cool!
16:27:49 <cohosh> no stats for answers, those were a more recent metric to try and track down the cuase of rendezvous failures
16:28:02 <cohosh> https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snowflake/-/work_items/40447
16:28:37 <cohosh> we just implemented them for prometheus as a debugging attempt
16:29:08 <cohosh> it's harder to define what it means because an answer is only processed if the client connection hasnt timed out already
16:29:15 <SergioSantos> Thanks for the answers. I'll keep an eye on the daily IP stats then.
16:29:35 <Shelikhoo[mds]> nice! anything more we wants to discuss in this meeting?
16:29:48 <M4i_un[mds]> May I ask you one thing?
16:29:56 <Shelikhoo[mds]> please go ahead!
16:30:23 <M4i_un[mds]> At last week’s meeting, I heard that cohosh would be taking on the UAT code review. Based on the information in MeetingPad, is my understanding correct that this will begin immediately next week?
16:30:36 <cohosh> i will start reviewing the code next week
16:30:53 <cohosh> it might take a while and we have some other time-sensitive tasks to do this month
16:31:03 <cohosh> but i'll try to give you frequent updates on the issues you opened
16:31:20 <cohosh> so that you are up to date on how it's progressing
16:31:45 <M4i_un[mds]> I see. Thank you very much.
16:32:31 <cohosh> thanks for keeping up with it :)
16:32:43 <Shelikhoo[mds]> nice! thanks~
16:33:02 <Shelikhoo[mds]> anything more we would like to discuss in today's meeting?
16:33:06 <M4i_un[mds]> I’d like to share one thing: since you’ve agreed to conduct a code review, I submitted a pull request yesterday to implement WebPKI, keeping practical implementation in mind.
16:33:13 <M4i_un[mds]> oh sorry
16:33:26 <Shelikhoo[mds]> don't worry it is fine
16:33:39 <cohosh> oh okay, a pull request to your own repository or to one of ours?
16:33:44 <M4i_un[mds]> I'm not very good at English, so it's taking me a while to type this. I apologize.
16:33:54 <cohosh> no problem at all, we have plenty of time
16:33:57 <Shelikhoo[mds]> and nice work on supporting webPKI
16:34:48 <M4i_un[mds]> I believe there is a branch called “feat/wbpki” in the UAT branch, so I would appreciate it if you could check it.
16:36:48 <Shelikhoo[mds]> https://gitlab.torproject.org/41_un/uat/-/tree/feat/webpki?ref_type=heads
16:36:51 <Shelikhoo[mds]> I see it is here
16:37:03 <Shelikhoo[mds]> https://gitlab.torproject.org/41_un/uat/-/merge_requests/4
16:37:21 <cohosh> okay great
16:37:27 <Shelikhoo[mds]> and a merge request is created for it already, and the discussion can be continued asyncly there
16:37:54 <M4i_un[mds]> I have also conducted tests using self-signed certificates as before and confirmed that they work; however, since I currently do not have an environment where I can actually run WebPKI (VPS, domain, valid certificate), it is not yet clear whether WebPKI will function fully in practice.
16:37:57 <M4i_un[mds]> thank you
16:38:46 <onyinyang[mds]> I have to head out for an appointment but thanks for running the meeting @Shelikhoo ! and thanks everyone :)
16:39:01 <Shelikhoo[mds]> thanks onyinyang !
16:39:35 <M4i_un[mds]> What should I do in this case? I could rent a VPS or something similar to test it myself, but that might take a little time. (I’m currently a student and don’t have much money...)
16:40:26 <Shelikhoo[mds]> I think the reviewer can check if it actually works during the review process
16:40:28 <cohosh> M4i_un[mds]: i can probably test it out when i do the review
16:40:34 <cohosh> i have a few domains and boxes i can use
16:40:46 <Shelikhoo[mds]> you can also create your own ca for development purpose
16:41:14 <M4i_un[mds]> I see. That puts my mind at ease.
16:41:14 <Shelikhoo[mds]> https://github.com/OpenVPN/easy-rsa
16:43:01 <M4i_un[mds]> In that case, would it be okay if I asked you to verify that the WebPKI is working properly? I’ll also do my best to test it here.
16:43:27 <cohosh> yes i'll update you on the merge request
16:43:55 <M4i_un[mds]> Thank you very much for your cooperation.
16:44:46 <Shelikhoo[mds]> nice!
16:44:46 <M4i_un[mds]> That’s all I wanted to ask and share! Thank you for your time!
16:45:08 <Shelikhoo[mds]> anything more we wants to discuss in this meeting?
16:46:27 <Shelikhoo[mds]> thanks!!!!
16:46:28 <Shelikhoo[mds]> https://github.com/OpenVPN/easy-rsa
16:46:34 <Shelikhoo[mds]> #endmeeting