The Tor Project issueshttps://gitlab.torproject.org/groups/tpo/-/issues2023-11-18T20:49:24Zhttps://gitlab.torproject.org/tpo/tpa/team/-/issues/40616consider reducing artifacts disk space usage in tpo/core/debian/tor2023-11-18T20:49:24Zanarcatconsider reducing artifacts disk space usage in tpo/core/debian/torhi @weasel!
gitlab-02 has been running out of disk space lately and we have identified that the [core tor Debian package builds](https://gitlab.torproject.org/tpo/core/debian/tor/) are using a significant chunk of this (27\.5 GB, about ...hi @weasel!
gitlab-02 has been running out of disk space lately and we have identified that the [core tor Debian package builds](https://gitlab.torproject.org/tpo/core/debian/tor/) are using a significant chunk of this (27\.5 GB, about 10% of the disk usage).
we're looking to see if we can reduce artifacts retention in various projects (see https://gitlab.torproject.org/tpo/tpa/team/-/issues/40615 for details). could you see if you could reduce that period in your .gitlab-ci.yml file?
alternatively, maybe reduce the frequency of the [scheduled pipeliens](https://gitlab.torproject.org/tpo/core/debian/tor/-/pipeline_schedules). in particular I wonder why it's necessary to build the same tags (0.3.5, 0.4.5, 0.4.6) daily...
thanks!Jérôme Charaouilavamind@torproject.orgJérôme Charaouilavamind@torproject.orghttps://gitlab.torproject.org/tpo/tpa/team/-/issues/41139gitlab-02 low on disk space2023-11-18T20:49:23ZKezgitlab-02 low on disk spacenagios is warning about disk usage on gitlab-02
```
Filesystem Size Used Avail Use% Mounted on
udev 7.8G 0 7.8G 0% /dev
tmpfs ...nagios is warning about disk usage on gitlab-02
```
Filesystem Size Used Avail Use% Mounted on
udev 7.8G 0 7.8G 0% /dev
tmpfs 1.6G 596K 1.6G 1% /run
/dev/sdd1 30G 16G 12G 58% /
tmpfs 7.9G 948K 7.9G 1% /dev/shm
tmpfs 5.0M 0 5.0M 0% /run/lock
tmpfs 7.9G 0 7.9G 0% /tmp
/dev/mapper/vg_gitlab--02-var--opt 197G 171G 18G 91% /var/opt
/dev/mapper/vg_gitlab--02_hdd-gitlab--backup 295G 21G 274G 8% /srv/gitlab-backup
/dev/mapper/vg_gitlab--02_hdd-gitlab--shared 275G 159G 103G 61% /srv/gitlab-shared
tmpfs 1.6G 0 1.6G 0% /run/user/0
```
the `/var/opt` partition is the problematic disk here. that disk has pretty consistent usage and doesn't change much, but yesterday it jumped from 87% used to 81% used, and that's what triggered the nagios check. i think adding another 10G to the disk would be good. it silences the check and gives us a buffer for when that disk's usage spikesanarcatanarcathttps://gitlab.torproject.org/tpo/web/donate-static/-/issues/135Civi-automated thank-you messages include outdated tweet content2023-11-17T18:30:15Zal smithCivi-automated thank-you messages include outdated tweet contentHi!
I believe one or more of the automated thank-you emails that Civi handles is sending out a) outdated copy that encourages folks to post on social with the following (_"Let's resist the surveillance pandemic. Use a mask, use Tor. Joi...Hi!
I believe one or more of the automated thank-you emails that Civi handles is sending out a) outdated copy that encourages folks to post on social with the following (_"Let's resist the surveillance pandemic. Use a mask, use Tor. Join me and donate to @torproject: https://donate.torproject.org #UseAMaskUseTor"_) or b) [this link](https://twitter.com/intent/tweet?text=Let%27s%20resist%20the%20surveillance%20pandemic.%20Use%20a%20mask%2C%20use%20Tor.%20Join%20me%20and%20donate%20to%20%40torproject%3A%20https%3A//donate.torproject.org%20%23UseAMaskUseTor) or c) both.
You can see the following examples of folks who have tweeted this content:
- https://x.com/rommeltoledo/status/1714480706741527006
- https://twitter.com/search?q=%20Let%27s%20resist%20the%20surveillance%20pandemic.%20Use%20a%20mask%2C%20use%20Tor.%20Join%20me%20and%20donate%20to%20%40torproject%3A%20https%3A%2F%2Fdonate.torproject.org%20%23UseAMaskUseTor%20&src=typed_query&f=live
Because these are the emails that are sent by Civi in the weird alt setup (e.g. tpo/web/civicrm#104, tpo/web/civicrm#69), I cannot confirm which emails they are.
This is a tagline from the campaign 3 years ago, so I'd like to prioritize a fix to stop folks from sharing it.2023-10-31https://gitlab.torproject.org/tpo/core/arti/-/issues/1053HsDesc revision counters need to survive restarts2023-11-16T21:07:21ZNick MathewsonHsDesc revision counters need to survive restartsRemembered this requirement while writing a changelog: we'll need to make sure that our revision counters are montonically increasing for any single `HsBlindId`, even if Arti restarts during the time period where that ID is active.
One ...Remembered this requirement while writing a changelog: we'll need to make sure that our revision counters are montonically increasing for any single `HsBlindId`, even if Arti restarts during the time period where that ID is active.
One solution here is to persist the IDs to disk. A _bad_ solution is to use the current time offset within the time period. A better solution (which C tor uses) is to use an order-preserving-encryption scheme to ensure that the revision counter increases deterministically every second, without actually leaking the view of current time.
See appendix F for more background here.
I can hack up the OPE scheme from C tor if we go that way.
cc @gabi-250Arti: Onion service supportgabi-250gabi-250https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/42188Donations are asked repeatedly when I click New identity button2023-11-16T18:27:39ZcypherpunksDonations are asked repeatedly when I click New identity buttonDonations are asked repeatedly when I click New identity button. I already click X on the donation window and I expect it to hide from now but you insisted on displaying it over and over.Donations are asked repeatedly when I click New identity button. I already click X on the donation window and I expect it to hide from now but you insisted on displaying it over and over.richardrichardhttps://gitlab.torproject.org/tpo/core/arti/-/issues/1109Tidy up our OpenSSH key format specifications and transfer them to torspec2023-11-16T15:50:03ZIan Jacksoniwj@torproject.orgTidy up our OpenSSH key format specifications and transfer them to torspecCC @gabi-250CC @gabi-250Arti: Onion service supportIan Jacksoniwj@torproject.orgIan Jacksoniwj@torproject.orghttps://gitlab.torproject.org/tpo/core/tor/-/issues/40817Allow directory authorities to reject descriptors with EOL Tor versions2023-11-16T06:02:56ZGeorg KoppenAllow directory authorities to reject descriptors with EOL Tor versionsSo, we have the option that directory authorities recommend Tor versions but it seems there is no way right now to just set an option that blocks old Tor versions unless this is taken care of by a new Tor release. While in theory we coul...So, we have the option that directory authorities recommend Tor versions but it seems there is no way right now to just set an option that blocks old Tor versions unless this is taken care of by a new Tor release. While in theory we could try to just get those new Tor releases deployed as we decide EOL versions need to go the fact that we often need to treat bridges differently (as they are scarce) makes that route a bit cumbersome as we'd need to convince `Serge` not to update to such a new Tor version yet. Things get really complicated if we want the directory authorities to deploy a Tor security update after that as for `Serge` we'd then need a backout of the "block EOL versions" part.
In order to avoid all that hassle it would be nice to have some option directory authorities could set to block particular old Tor versions without the need for a new Tor release. That would make the whole EOL process easier for a *lot* of involved parties (right now we need to get dirauths to block all the fingerprints and then once a bunch of relay operators get back to us one by one after the upgraded their Tor version those fingerprints need to get unblocked again...).trinity-1686atrinity-1686ahttps://gitlab.torproject.org/tpo/web/tpo/-/issues/393Add 2021-2022 Audit & 990 to website2023-11-15T15:24:06Zal smithAdd 2021-2022 Audit & 990 to websiteHi!
The following documents need to be added to torproject.org/about/reports:
| year | type | title | file |
| ------ | ------ | -- | -- |
| 2022 | AUDIT | 2022 Financial Statements | [2021-2022-The_Tor_Project-AuditedFinancialState...Hi!
The following documents need to be added to torproject.org/about/reports:
| year | type | title | file |
| ------ | ------ | -- | -- |
| 2022 | AUDIT | 2022 Financial Statements | [2021-2022-The_Tor_Project-AuditedFinancialStatements.pdf](/uploads/fd1e5b40165038985f2c680cc89eab06/2021-2022-The_Tor_Project-AuditedFinancialStatements.pdf) |
| 2022 | IRS 990 | 2022 IRS Form 990 | [2021-2022-TheTorProject-PublicDisclosureForm990.pdf](/uploads/14af654a1116f3583028bfc4c6ac7fd7/2021-2022-TheTorProject-PublicDisclosureForm990.pdf) |Jérôme Charaouilavamind@torproject.orgJérôme Charaouilavamind@torproject.org2023-11-07https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/41734Add a `Connected` flag to indicate which built-in bridge option Tor Browser i...2023-11-14T18:34:58ZDan BallardAdd a `Connected` flag to indicate which built-in bridge option Tor Browser is currently usingLeft over bridges UX work from #41617:
* [ ] Adding a `✔ Connected` flag to indicate with built-in bridge option Tor Browser is currently using
The Figma file is ready for dev handoff here: [Figma link](https://www.figma.com/file/RS584...Left over bridges UX work from #41617:
* [ ] Adding a `✔ Connected` flag to indicate with built-in bridge option Tor Browser is currently using
The Figma file is ready for dev handoff here: [Figma link](https://www.figma.com/file/RS584DcR4emXrw1F8g3l5x/Tor-Browser-12.5?node-id=62%3A10116&t=41hhHGHnJTkIHnmo-1)henryhenryhttps://gitlab.torproject.org/tpo/tpa/team/-/issues/41394Install graphviz on tb-build-* machines2023-11-13T17:56:15ZboklmInstall graphviz on tb-build-* machinesFor using tpo/applications/rbm#40065, we need to have `dot` (from the `graphviz` package) installed on tb-build-* machines.For using tpo/applications/rbm#40065, we need to have `dot` (from the `graphviz` package) installed on tb-build-* machines.Jérôme Charaouilavamind@torproject.orgJérôme Charaouilavamind@torproject.orghttps://gitlab.torproject.org/tpo/network-health/metrics/tor-check/-/issues/40015Get rid of gitweb tor-check reference2023-11-13T15:56:22ZGeorg KoppenGet rid of gitweb tor-check referenceGeorg KoppenGeorg Koppenhttps://gitlab.torproject.org/tpo/network-health/metrics/website/-/issues/40086Populate bridgedb-metrics entry on https://metrics.torproject.org/collector.html2023-11-13T15:56:01ZGeorg KoppenPopulate bridgedb-metrics entry on https://metrics.torproject.org/collector.htmlWe have https://metrics.torproject.org/collector.html#bridgedb-metrics but there is nothing explained on how we parse or deal with those metrics. The spec for that is https://gitlab.torproject.org/tpo/anti-censorship/bridgedb/-/blob/main...We have https://metrics.torproject.org/collector.html#bridgedb-metrics but there is nothing explained on how we parse or deal with those metrics. The spec for that is https://gitlab.torproject.org/tpo/anti-censorship/bridgedb/-/blob/main/doc/bridgedb-metrics-spec.txt. We should look over our code and compare it to the spec and make sure both match and then document the steps on collector.html.Georg KoppenGeorg Koppenhttps://gitlab.torproject.org/tpo/network-health/sbws/-/issues/40179Bandwidth files in v3bw dir can't be read by a different user other than sbws...2023-11-13T15:35:49ZjugaBandwidth files in v3bw dir can't be read by a different user other than sbws userFiles inside `v3bw` have perimssions `600` and are owned by `sbws` user.
Directory `v3bw` have permissions `700` and is owned by `sbws` user.
The files in `v3bw` directory needs to be readable by either a `tor` or `rsync` users.
This is...Files inside `v3bw` have perimssions `600` and are owned by `sbws` user.
Directory `v3bw` have permissions `700` and is owned by `sbws` user.
The files in `v3bw` directory needs to be readable by either a `tor` or `rsync` users.
This issue was introduced by #40162 (pen-torproject#2)sbws: 1.8.x-finaljugajugahttps://gitlab.torproject.org/tpo/tpa/team/-/issues/41370whatsapp user in rdsys-frontend-012023-11-13T15:22:47Zmeskiomeskio@torproject.orgwhatsapp user in rdsys-frontend-01I will need a user 'whatsapp' in rdsys-frontend-01 to deploy the whatsapp gettor bot. Everybody from anti-censorship team should have sudo access to it (@cohosh, @meskio, @onyinyang and @shelikhoo).
Thank you.I will need a user 'whatsapp' in rdsys-frontend-01 to deploy the whatsapp gettor bot. Everybody from anti-censorship team should have sudo access to it (@cohosh, @meskio, @onyinyang and @shelikhoo).
Thank you.Jérôme Charaouilavamind@torproject.orgJérôme Charaouilavamind@torproject.orghttps://gitlab.torproject.org/tpo/community/policies/-/issues/3Setup GitLab Pages for the Policies repository2023-11-12T17:56:06ZSilvio RhattoSetup GitLab Pages for the Policies repositoryWe could easily convert the text files to markdown and use something like [Onion MkDocs](https://gitlab.torproject.org/rhatto/onion-mkdocs) to render a fancy version of the policies repository.We could easily convert the text files to markdown and use something like [Onion MkDocs](https://gitlab.torproject.org/rhatto/onion-mkdocs) to render a fancy version of the policies repository.GusGushttps://gitlab.torproject.org/tpo/network-health/metrics/geoip-data/-/issues/9Get rid of gitweb reference2023-11-10T15:20:11ZGeorg KoppenGet rid of gitweb referenceGeorg KoppenGeorg Koppenhttps://gitlab.torproject.org/tpo/network-health/metrics/onionoo/-/issues/40040Get rid of gitweb reference2023-11-10T15:19:56ZGeorg KoppenGet rid of gitweb referenceGeorg KoppenGeorg Koppenhttps://gitlab.torproject.org/tpo/community/l10n/-/issues/40120Fix text direction for commands in RTL pages2023-11-09T19:11:36ZemmapeelFix text direction for commands in RTL pagesWhen we add latin characters for commands in RTL pages, they are identified as being LTR and displayed almost correctly.
Almost, because when they have neutral-direction characters, those are still layered as RTL, and so, many commands ...When we add latin characters for commands in RTL pages, they are identified as being LTR and displayed almost correctly.
Almost, because when they have neutral-direction characters, those are still layered as RTL, and so, many commands are broken and will not work if copied by the users:
![Screenshot_from_2023-10-13_10-57-49](/uploads/4993334ae16eaa0e064423d9e2e6947d/Screenshot_from_2023-10-13_10-57-49.png) ![Screenshot_from_2023-10-13_10-57-21](/uploads/d78dd206ff6c4730e9d55fb5d8b90069/Screenshot_from_2023-10-13_10-57-21.png)
If we insert UTF-8 embedded direction characters, many times they are removed because they are fishy (for example, they will be removed from the page if you edit it in the gitlab editor).
So I think we can try to solve this by giving the `<code>` style a forced LTR direction. This will probably make sense to do in lego, but I will try on one lektor before to see if it works.Jérôme Charaouilavamind@torproject.orgJérôme Charaouilavamind@torproject.orghttps://gitlab.torproject.org/tpo/core/tor/-/issues/40876Tor has extra guard connections2023-11-09T17:11:33ZMike PerryTor has extra guard connectionsWe lowered the number of directory guards to 2 in part because I suspected it was causing extra guard connections to get made and kept open, leading to fingerprinting: https://gitlab.torproject.org/tpo/network-health/team/-/issues/325
H...We lowered the number of directory guards to 2 in part because I suspected it was causing extra guard connections to get made and kept open, leading to fingerprinting: https://gitlab.torproject.org/tpo/network-health/team/-/issues/325
However, a forum user pointed out that their Tor is using 3 guards still: https://forum.torproject.org/t/tor-browser-connecting-to-3-guard-relays-simultaneously/9819
I also just checked my Tor, and it is using 4 guards...
So there definitely is some problem with Tor opening too many guard connections, and then just keeping them open for as long as it wants.Tor: 0.4.8.x-post-stableMike PerryMike Perryhttps://gitlab.torproject.org/tpo/network-health/analysis/-/issues/35Estimating fraction of reported directory-request statistics2023-11-09T15:25:42ZHiroEstimating fraction of reported directory-request statistics@dcf has reported issues with how we are estimating reported directory-request statistics in https://lists.torproject.org/pipermail/tor-dev/2022-April/014724.html.
This estimation is currently happening in the sql scripts of the metric...@dcf has reported issues with how we are estimating reported directory-request statistics in https://lists.torproject.org/pipermail/tor-dev/2022-April/014724.html.
This estimation is currently happening in the sql scripts of the metrics website: https://gitlab.torproject.org/tpo/network-health/metrics/website/-/blob/master/src/main/sql/clients/init-userstats.sql#L695
We should document how we are estimating this and why.HiroHiro