Anti-censorship issueshttps://gitlab.torproject.org/groups/tpo/anti-censorship/-/issues2022-12-01T18:05:43Zhttps://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/conjure/-/issues/21Pass client command line args in as SOCKS args2022-12-01T18:05:43ZCecylia BocovichPass client command line args in as SOCKS argsThis allows us to move configuration from the `ClientTransportPlugin` line to the `Bridge` line.This allows us to move configuration from the `ClientTransportPlugin` line to the `Bridge` line.Ship Conjure in Alpha versions of Tor BrowserCecylia BocovichCecylia Bocovichhttps://gitlab.torproject.org/tpo/anti-censorship/rdsys/-/issues/138add webtunnel support2022-12-13T17:07:00Zmeskiomeskio@torproject.orgadd webtunnel supportWe have new PT, let's distribute bridges with that PT.We have new PT, let's distribute bridges with that PT.Sponsor 96: Rapid Expansion of Access to the Uncensored Internet through Tor in China, Hong Kong, & Tibetmeskiomeskio@torproject.orgmeskiomeskio@torproject.orghttps://gitlab.torproject.org/tpo/anti-censorship/censorship-analysis/-/issues/40037Censorship analysis idea for Coverage of Attention List UDP Traffic Censorshi...2022-12-13T17:04:40ZshelikhooCensorship analysis idea for Coverage of Attention List UDP Traffic Censorship in IranBased on the [previous](https://gitlab.torproject.org/tpo/anti-censorship/censorship-analysis/-/issues/40036) research, Iran has a 3 level censorship for UDP traffic. However, we are still in the dark about how widespread this kind of ce...Based on the [previous](https://gitlab.torproject.org/tpo/anti-censorship/censorship-analysis/-/issues/40036) research, Iran has a 3 level censorship for UDP traffic. However, we are still in the dark about how widespread this kind of censorship is.
Here is the idea about this experiment:
1. traceroute to a host with udp packet to determine hops to reach the remote host
2. send a non-censored udp packet at reachable ttl - 1 and see if there is a icmp ttl exhausted response
3. send a censored udp packet at reachable ttl - 1 from the same source port to the same destination port and see if there is a icmp ttl exhausted response
4. send a non-censored udp packet at reachable ttl - 1 from the same source port to the same destination port and see if there is a icmp ttl exhausted response
5. repeat this process a few times for each host and repeat for every host on internet
if the remote is impacted by compete udp block, then
1. icmp ping at step 1 would work
2. 2, 3, 4 step does not receive an icmp reply
if the remote is impacted by partial udp block, then
1. icmp ping at step 1 would work
2. 2 step receive an icmp reply
3. 3,4 step does not receive an icmp reply
if the remote is not impacted by udp block, then
1. icmp ping at step 1 would work
2. 2, 3, 4 step receive icmp replyhttps://gitlab.torproject.org/tpo/anti-censorship/team/-/issues/110do we have licenses on every repo of the team?2023-07-25T11:38:30Zmeskiomeskio@torproject.orgdo we have licenses on every repo of the team?Every sowftware repo should have:
* LICENSE
* AUTHORS
* [CONTRIBUTING](https://gitlab.com/anarcat/ecdysis/-/blob/main/CONTRIBUTING.rst)?
* READMEEvery sowftware repo should have:
* LICENSE
* AUTHORS
* [CONTRIBUTING](https://gitlab.com/anarcat/ecdysis/-/blob/main/CONTRIBUTING.rst)?
* READMEmeskiomeskio@torproject.orgmeskiomeskio@torproject.orghttps://gitlab.torproject.org/tpo/anti-censorship/gettor-project/OnionSproutsBot/-/issues/49Replace "[...] so we sent it to you instantly" text2022-12-06T01:58:25Zn0tooseReplace "[...] so we sent it to you instantly" textOnionSproutsBot does not ask the user which locale-specific version of the Tor Browser they want to download, as new (alpha, aka. stable in the future) releases will ship *every* locale. However, as it was very likely that an internation...OnionSproutsBot does not ask the user which locale-specific version of the Tor Browser they want to download, as new (alpha, aka. stable in the future) releases will ship *every* locale. However, as it was very likely that an international user may have been the first to download a specific version (if we are to assume that there is an even distribution in demand between every country, which is not that realistic and excludes that specific populations tend to request the same file repeatedly over a smaller period of time), it felt like a nice idea to tell the user "Hey, this could've gone a lot slower, but we are super awesome and did that already for you.".
One may even assume that it sounds kind of pretentious, but please keep in mind that I was very happy that the bot could cache versions of the same files without uploading them over and over again when I got that to work! :D
However, it may be a good idea to replace that text with something that the user actually cares about. The question is: What?
![image](/uploads/df4d2051ed0f0613308fc8eb8b2ef2b7/image.png)https://gitlab.torproject.org/tpo/anti-censorship/rdsys/-/issues/136gettor: support for multilocale Tor Browser2022-12-13T14:09:29Zmeskiomeskio@torproject.orggettor: support for multilocale Tor BrowserTB 12.0 will come with multilocale bundles.TB 12.0 will come with multilocale bundles.Sponsor 96: Rapid Expansion of Access to the Uncensored Internet through Tor in China, Hong Kong, & Tibetmeskiomeskio@torproject.orgmeskiomeskio@torproject.orghttps://gitlab.torproject.org/tpo/anti-censorship/team/-/issues/109Tor Browser 12.0 will only ship a single multi-locale bundle2022-12-13T14:06:40ZrichardTor Browser 12.0 will only ship a single multi-locale bundleThere will only be 1 version of Tor Browser per platform rather than the current 36; all locales will be bundled in a single package. Get Tor should be updated appropriately.There will only be 1 version of Tor Browser per platform rather than the current 36; all locales will be bundled in a single package. Get Tor should be updated appropriately.meskiomeskio@torproject.orgmeskiomeskio@torproject.org2022-12-16https://gitlab.torproject.org/tpo/anti-censorship/team/-/issues/107Fedora Bridge setup guide is missing a step2022-11-23T14:53:44Zqub3Fedora Bridge setup guide is missing a stepA couple of weeks ago i tried setting up a tor bridge on Fedora and i couldn't get the bridge to start, the "systemctl enable ... " part wasn't working. After some (a lot ) of googling i figured out, that you have to disable SeLinux, to ...A couple of weeks ago i tried setting up a tor bridge on Fedora and i couldn't get the bridge to start, the "systemctl enable ... " part wasn't working. After some (a lot ) of googling i figured out, that you have to disable SeLinux, to be able to start tor. Seems to me like something that should be included in the documentation.
Keep up the great work =)https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snowflake/-/issues/40236Make `test -z` more verbose so we can easily catch when it fails2022-11-17T16:28:34ZCecylia BocovichMake `test -z` more verbose so we can easily catch when it failsA few of the recent MRs have consistently failed *all* of their CI tests:
- https://gitlab.torproject.org/dcf/snowflake/-/pipelines/56708
- https://gitlab.torproject.org/dcf/snowflake/-/pipelines/56707
These MRs pass all go tests and ve...A few of the recent MRs have consistently failed *all* of their CI tests:
- https://gitlab.torproject.org/dcf/snowflake/-/pipelines/56708
- https://gitlab.torproject.org/dcf/snowflake/-/pipelines/56707
These MRs pass all go tests and vetting when run manually outside of the CI environment. It doesn't seem to matter which runner they are executed on.
Edit: figured out the problem here: `test -z "$(go fmt ./...)"` was failing, but it's silent on the CI output because it doesn't produce stderr or stdout output. Changing the purpose of this issue from debugging to making sure this doesn't confuse us again.Cecylia BocovichCecylia Bocovichhttps://gitlab.torproject.org/tpo/anti-censorship/gettor-project/OnionSproutsBot/-/issues/48Make image used in language selection screen configurable2022-12-19T15:41:17Zn0tooseMake image used in language selection screen configurablehttps://gitlab.torproject.org/tpo/anti-censorship/gettor-project/OnionSproutsBot/-/issues/471.2.0+ mysteriously hangs when users request a cached file under unknown cond...2022-12-22T10:19:39Zn0toose1.2.0+ mysteriously hangs when users request a cached file under unknown conditionsThe bot works absolutely as it should on my machine, but not in the deployed version. Requesting a cached file renders the bot completely unresponsive.The bot works absolutely as it should on my machine, but not in the deployed version. Requesting a cached file renders the bot completely unresponsive.meskiomeskio@torproject.orgmeskiomeskio@torproject.orghttps://gitlab.torproject.org/tpo/anti-censorship/gettor-project/OnionSproutsBot/-/issues/46distribute Onion Browser .ipa files2023-04-22T12:23:13Zmeskiomeskio@torproject.orgdistribute Onion Browser .ipa filesWe can fetch them from their github releases:
https://github.com/OnionBrowser/OnionBrowser/releasesWe can fetch them from their github releases:
https://github.com/OnionBrowser/OnionBrowser/releasesSponsor 139: Rapid Response Iranirlirlhttps://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snowflake/-/issues/40234Signaling through TURN2023-08-24T18:14:07ZWofWcawofwca@protonmail.comSignaling through TURNThis one is an epic.
I was thinking about https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snowflake/-/issues/22945#note_2823413 and #40164 and came up with an interesting idea.
How about we do signaling through a...This one is an epic.
I was thinking about https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snowflake/-/issues/22945#note_2823413 and #40164 and came up with an interesting idea.
How about we do signaling through a WebRTC peer connection itself? In order to avoid [leaking the peers' private data](https://w3c.github.io/webrtc-pc/#revealing-ip-addresses), let's establish the peer connection through a TURN relay initially (with the help of `iceTransportPolicy: "relay"` WebRTC option), then set `iceTransportPolicy` to `"all"` (enabling STUN and true P2P) and `restartIce()` and continue signaling (ICE trickling).
Where do we get a TURN server, you might ask? Let's host it along with the broker, I say. Of course we'll probably need some gatekeeping for it (like limiting bandwidth, connection duration, only allowing peers that have communicated with the broker, rotating passwords) so that it doesn't get overloaded by outsiders. Conveniently, [Pion also offers a powerful TURN library](https://github.com/pion/turn) ([example](https://github.com/pion/turn/blob/v2.0.8/examples/turn-server/simple/main.go)).
Biggest problem - looks like the client has to tunnel the TURN traffic through a domain-fronting HTTPS (WSS?) tunnel (or some other censorship-resistant thing (#25594 )?) because the TURN server might be blocked. I'm not sure how hard it is to achieve, but here's [an example of traffic manipulation in Pion](https://github.com/pion/webrtc/blob/v3.1.47/examples/ice-single-port/main.go), so I guess it shouldn't be super hard.
So
Pros:
* Solves #22945
* Practically Solves #40164
* Solves the verification part of #40165 because it's not two different connections, it's the same one.
* Makes the broker more future-proof because it doesn't have to process data that the proxy and the client want to exchange, it simply passes it along.
* Can allow faster bootstrapping by relaying (non-signaling) proxy-to-client data initially, before true P2P has been established.
* (maybe, need to verify) better DPI resistance due to handshake being performed in a secure (domain-fronted) channel (see https://gitlab.torproject.org/tpo/anti-censorship/censorship-analysis/-/issues/40030).
Cons:
* The broker codebase needs a major overhaul.
[Some chat logs](https://matrix.to/#/!hNphRlWKcRVXnwAWJy:matrix.org/$EWgGZ38YotRK9zhqpMjBJo98wQo1HFapnLRXqzsBSCg?via=matrix.org&via=nitro.chat&via=systemli.org) (nothing particularly important).https://gitlab.torproject.org/tpo/anti-censorship/team/-/issues/106Add UAE to the Circumvention settings API2023-03-10T16:39:01ZGusAdd UAE to the Circumvention settings APIReading the AC Team backlog, I found this [analysis interesting](https://gitlab.torproject.org/tpo/anti-censorship/censorship-analysis/-/issues/28898) and, then, I checked on OONI explorer how things are going in UAE. There are a lot of ...Reading the AC Team backlog, I found this [analysis interesting](https://gitlab.torproject.org/tpo/anti-censorship/censorship-analysis/-/issues/28898) and, then, I checked on OONI explorer how things are going in UAE. There are a lot of anomalies on OONI Circumvention charts (Tor direct connections): https://explorer.ooni.org/chart/circumvention?since=2022-10-16&until=2022-11-16&probe_cc=AE.
It's unclear if they are only blocking Dir Auths and built-in obfs4 bridges are working fine there. But, it looks like some of TB built-in bridges are working, but it needs more analysis: https://explorer.ooni.org/measurement/20221114T155834Z_tor_AE_5384_n1_yrXIidIvmfoETHYV
Maybe we should just add obfs4 bridges and Snowflake to the circumvention map API and evaluate again at the end of December.
What do you think, @meskio?meskiomeskio@torproject.orgmeskiomeskio@torproject.org2023-02-16https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snowflake-webext/-/issues/73Add an option to disable the icon badge2022-11-15T18:07:25ZLaughingManAdd an option to disable the icon badgeThe recently committed https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snowflake-webext/-/commit/b4743eb1c7c48019411e2c26b4e6e31ded836d66 added an icon badge showing the number of clients. There are a number of ext...The recently committed https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snowflake-webext/-/commit/b4743eb1c7c48019411e2c26b4e6e31ded836d66 added an icon badge showing the number of clients. There are a number of extensions showing counters in this way, so nothing unusual there. What is unusual is that Snowflake is the only extension where I've been unable to find a setting to turn the counter off. I hate such badges with a passion, so that's a problem.
Would you kindly add a setting for that?https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snowflake/-/issues/40233package version 2.3 in debian2022-11-15T17:02:18Zmeskiomeskio@torproject.orgpackage version 2.3 in debianThe current version of snowflake-proxy in debian doesn't include the support for multiple bridges. It is only present in testing and sid, but people is complaining that their proxies are not working anymore. Let's upgrade the package.The current version of snowflake-proxy in debian doesn't include the support for multiple bridges. It is only present in testing and sid, but people is complaining that their proxies are not working anymore. Let's upgrade the package.meskiomeskio@torproject.orgmeskiomeskio@torproject.orghttps://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snowflake/-/issues/40232snowflake proxy README includes an old version of ./proxy --help2023-07-29T22:27:43ZRoger Dingledinesnowflake proxy README includes an old version of ./proxy --helpIn snowflake/proxy/README, we have this section:
```
The Snowflake proxy can be run with the following options:
Usage of ./proxy:
-broker string
broker URL (default "https://snowflake-broker.torproject.net/")
-capacity uint...In snowflake/proxy/README, we have this section:
```
The Snowflake proxy can be run with the following options:
Usage of ./proxy:
-broker string
broker URL (default "https://snowflake-broker.torproject.net/")
-capacity uint
maximum concurrent clients
-keep-local-addresses
keep local LAN address ICE candidates
-log string
log filename
-relay string
websocket relay URL (default "wss://snowflake.torproject.net/")
-stun string
stun URL (default "stun:stun.stunprotocol.org:3478")
-unsafe-logging
prevent logs from being scrubbed
```
but ./proxy --help now shows more options than that:
```
Usage of ./proxy:
-allow-non-tls-relay
allow relay without tls encryption
-allowed-relay-hostname-pattern string
a pattern to specify allowed hostname pattern for relay URL. (default "snowflake.torproject.net$")
-broker string
broker URL (default "https://snowflake-broker.torproject.net/")
-capacity uint
maximum concurrent clients
-ephemeral-ports-range string
ICE UDP ephemeral ports range (format:"<min>:<max>")
-keep-local-addresses
keep local LAN address ICE candidates
-log string
log filename
-nat-retest-interval duration
the time interval in second before NAT type is retested, 0s disables retest. Valid time units are "s", "m", "h". (default 24h0m0s)
-relay string
websocket relay URL (default "wss://snowflake.bamsoftware.com/")
-stun string
STUN URL (default "stun:stun.stunprotocol.org:3478")
-summary-interval duration
the time interval to output summary, 0s disables summaries. Valid time units are "s", "m", "h". (default 1h0m0s)
-unsafe-logging
prevent logs from being scrubbed
-verbose
increase log verbosity
```
The really simple fix would be to update the README with the newer text. The more robust approach would be to stop trying to maintain the same data in both places (because it's clearly not working), and change the README to teach you how to run ./proxy --help to get the usage, and/or change it to list just the most important options.https://gitlab.torproject.org/tpo/anti-censorship/team/-/issues/105Task 4.2 Put components together as a design based on the "Salmon" reputation...2023-03-14T14:30:20ZGabagaba@torproject.orgTask 4.2 Put components together as a design based on the "Salmon" reputation bridge distribution framework, highlighting the missing and underspecified pieces.There are a few candidate systems and some details we need to fill out regardless of the system we choose. This issue tracks this initial evaluation and design phase.
- [x] Evaluate Lox
- Lox design assessment: https://pad.riseup.net...There are a few candidate systems and some details we need to fill out regardless of the system we choose. This issue tracks this initial evaluation and design phase.
- [x] Evaluate Lox
- Lox design assessment: https://pad.riseup.net/p/tor-lox-design-assessment
- Lox integration assessment: https://pad.riseup.net/p/tor-lox-integration-assessment-keep
- [x] Evaluate SalmonSponsor 96: Rapid Expansion of Access to the Uncensored Internet through Tor in China, Hong Kong, & TibetCecylia BocovichCecylia Bocovichhttps://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snowflake/-/issues/40231fix: client sometimes sends offer with no ICE candidates2024-03-21T20:25:28ZWofWcawofwca@protonmail.comfix: client sometimes sends offer with no ICE candidatesNot sure if it's normal.
This is what has been returned by the broker to a `/proxy` request:
```
{
"Status": "client match",
"Offer": "{\"type\":\"offer\",\"sdp\":\"v=0\\r\\no=- <SCRUBBED> <SCRUBBED> IN IP4 0.0.0.0\\r\\ns=-\\r\\nt=0...Not sure if it's normal.
This is what has been returned by the broker to a `/proxy` request:
```
{
"Status": "client match",
"Offer": "{\"type\":\"offer\",\"sdp\":\"v=0\\r\\no=- <SCRUBBED> <SCRUBBED> IN IP4 0.0.0.0\\r\\ns=-\\r\\nt=0 0\\r\\na=fingerprint:sha-256 <SCRUBBED>\\r\\na=extmap-allow-mixed\\r\\na=group:BUNDLE 0\\r\\nm=application 9 UDP/DTLS/SCTP webrtc-datachannel\\r\\nc=IN IP4 0.0.0.0\\r\\na=setup:actpass\\r\\na=mid:0\\r\\na=sendrecv\\r\\na=sctp-port:5000\\r\\na=ice-ufrag:<SCRUBBED>\\r\\na=ice-pwd:<SCRUBBED>\\r\\na=end-of-candidates\\r\\n\"}",
"NAT": "unrestricted",
"RelayURL": "wss://snowflake.torproject.net/"
}
```
Offer:
```
v=0
o=- <SCRUBBED> <SCRUBBED> IN IP4 0.0.0.0
s=-
t=0 0
a=fingerprint:sha-256 <SCRUBBED>
a=extmap-allow-mixed
a=group:BUNDLE 0
m=application 9 UDP/DTLS/SCTP webrtc-datachannel
c=IN IP4 0.0.0.0
a=setup:actpass
a=mid:0
a=sendrecv
a=sctp-port:5000
a=ice-ufrag:<SCRUBBED>
a=ice-pwd:<SCRUBBED>
a=end-of-candidates
```
As you can see, it contains no ICE candidates. Also note the `a=end-of-candidates`. My Snowflake sent an answer but connection failed.
I have noticed this twice already.
Can this be due to the fact we're trying to filter out local network ICE candidates? And maybe STUN being blocked for the clients?itchyonionitchyonionhttps://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snowflake-webext/-/issues/72perf: reuse WebRTC certificates between connections2022-11-15T18:34:01ZWofWcawofwca@protonmail.comperf: reuse WebRTC certificates between connectionsGenerating certificates takes a while, and by default (at least in browsers) they're generated for each new `RTCPeerConnection`. In Firefox generating 1000 certificates takes 4 seconds (4ms per certificate) and 100% of one CPU core for m...Generating certificates takes a while, and by default (at least in browsers) they're generated for each new `RTCPeerConnection`. In Firefox generating 1000 certificates takes 4 seconds (4ms per certificate) and 100% of one CPU core for me.
```js
(async () => {
const promises = [];
for (let i = 0; i < 1000; i++) {
arr.push(RTCPeerConnection.generateCertificate({ name: "ECDSA", namedCurve: "P-256" }))
}
await Promise.all(promises);
console.log('done');
})()
```
I don't think this affects bootstrapping performance much as in a good implementation they're generated in parallel. It's only a matter of not hogging device's resources.
Applies to the web extension as well.
Not sure how it affects privacy and security, but I don't think it should be a problem at least for proxies.