16:08:11 #startmeeting 16:08:11 Meeting started Wed Aug 13 16:08:11 2014 UTC. The chair is asn. Information about MeetBot at http://wiki.debian.org/MeetBot. 16:08:11 Useful Commands: #action #agreed #help #info #idea #link #topic. 16:08:13 it's regarding Sponsor S (on trac) 16:08:17 #action asn should forward the financial thread to kpdyer 16:08:18 ;) 16:08:41 ok. 16:08:48 and htat's pretty much what I've been up to. 16:08:52 selimthegrim: yes I saw, mostly they were vinods though. I was just mi=oving them across. 16:08:56 ah 16:09:02 Who wants to go next? 16:09:07 i will 16:09:14 kpdyer: please 16:09:30 in regards to FTE, I've setup a bunch of new bridges 16:09:39 including ipv6 bridges 16:09:40 (https://trac.torproject.org/projects/tor/wiki/org/sponsors/SponsorS/PluggableTransports/Proposal) 16:10:09 fixing dual stack support on the bridge side is on my todo list, sorry about the current situation 16:10:22 i've also setup bridges on ports 80/8080 16:10:28 kpdyer: saw. that's nice. 16:10:30 i think i have nearly 10 fte bridges now 16:10:45 also tried to do some dns-based bridges, but i didn't convince mikeperry 16:11:04 yeah saw that argument too. 16:11:08 it's on my todo list to revisit that and properly think about the pros/cons of DNS bridges 16:11:21 yeah, i don't have a seasoned opinion on this either. 16:11:36 i'll be presenting a paper on FTE at USENIX next week 16:11:42 oh sweet :) 16:11:42 great 16:11:56 advances on the crypto/algo side 16:12:06 great 16:12:06 but they might bubble their way into the FTE PT one day 16:12:17 *might* ? 16:12:30 why not? if they are good. 16:12:36 assuming I were to use libfte, how concerned should I be with interoperability? 16:12:59 atm, the Tor PT and LibFTE implementations are not compatible 16:13:01 how's the config for fte? i'm going to try setting up a fte|websocket bridge some time 16:13:02 (eg: hypothetically, if I wanted a mobile version) 16:13:05 ah I see 16:13:20 are the differnces documented anywhere? 16:13:24 no 16:13:56 the main issue is that it will be a huge development effort to get the LibFTE work into a state that's ready for deployment 16:14:05 ah I see 16:14:21 so, would need at least a month of solid effort, unfortunately 16:14:22 but isn't libfte used somewhere already? 16:14:28 yeah, sort of 16:14:29 https://github.com/uproxy/libfte 16:14:30 isn't it deployed, that is. 16:14:42 so the hypothetical someone should crib off the tor pt implementation 16:14:44 (btw, what are the users of FTE currently? Tor, uproxy (?), anything else? 16:14:46 ) 16:14:48 lantern 16:15:05 aha 16:15:16 yeah, there's an important effort here to merge the various implementations 16:15:22 * dcf1 consults https://obfuscation.github.io/ and finds that the table is out of date. 16:15:22 that would be good for everyone 16:15:30 *nods* 16:15:36 yep 16:15:42 would merging all this mean a flag day for fteproxy bridges on the tor side? 16:15:53 no 16:15:57 kpdyer: lantern doing FTE is new? was it true during the seattle meeting? 16:15:58 Eep, and the IRC meeting info is out of date too. 16:16:02 link protocol is compatibile? 16:16:03 asn: yes 16:16:16 link protocol will be compatible eventually 16:16:20 ah I see 16:16:23 "yes" means a different thing depending on which question you answered :( 16:16:46 asn: yes, lantern was in FTE as of seattle. 16:16:49 kpdyer: ack 16:16:52 "some (FTEProxy, ...) have already been adapted to other tools (Lantern, Psiphon" 16:16:52 oops 16:16:56 dcf1: i can update the github 16:16:56 other way around 16:17:06 dcf1: soon-ish. 16:17:16 anyone else who wants to do it; please feel free to. 16:17:24 * dcf1 crowdsources github patches. 16:17:32 blanu2 is in charge of obfuscation github i think 16:17:43 so, that leads me to my next point 16:17:48 RushingWookie: ping 16:18:05 i'm starting to wrap up on phd and have started writing my dissertation 16:18:05 Hi 16:18:29 kpdyer: aha 16:18:37 so, i am starting to consider what post-phd life will look like for me 16:18:46 :) 16:18:49 infinity0 is the only public person at https://github.com/obfuscation/. I guess the others are private? I haven't known whom to tell people to talk to when I invite them to our github group. 16:18:58 RushingWookie: PT meeting atm :) date changed from last week 16:19:09 I see, didnt notice that 16:19:10 yeah everyone has to individually set themselves as public 16:19:41 hopefully, i'll have a clear picture of what time (if any) i'll have to properly sort out these various FTE implementations 16:19:44 kpdyer: going to stick around Portland? 16:19:54 selimthegrim: maybe 16:20:11 dcf1: although it looks like everyone is an admin 16:20:15 11 members atm including a lot of people here 16:20:33 kpdyer: ok. 16:20:41 as one option, i've submitted a grant to OTF (https://www.opentechfund.org/) to properly sort out obfuscation across these various projects 16:20:55 and i have a number of other interesting paths that i may go down 16:21:08 oh, no. there's an admin "team" where everyone is a member, but we have no actual permissions to admin the obfuscation group :/ 16:21:08 so, that's why i was interested in the financial talks 16:21:39 kpdyer: the financial talks will not be that interesting, I'm afraid. 16:21:55 asn: fair enough, just want to make sure we're not duplicating efforts 16:21:59 will anyone else be at usenix? 16:22:02 absolutely 16:22:08 i'nm not going to be at usenix :( 16:22:19 roger will be, of course. 16:22:26 ok 16:22:26 * dcf1 will. 16:22:28 i bet he will have good suggestions for your funding questions. 16:22:38 asn: i'm sure he will 16:22:46 dcf1: have you got an invite to the state department event? 16:22:58 I think I got something like that. 16:23:32 I think I will do a short work-in-progress talk about domain fronting at the beginning of FOCI. 16:23:46 ok, cool 16:24:18 great 16:24:24 that's roughly it from me 16:24:24 kpdyer: are you done? :O) 16:24:28 should we proceed? 16:24:32 yep, i'm done 16:24:37 thanks 16:24:39 who next? 16:24:48 Myself, Ian, and Vinod? 16:24:54 selimthegrim: yes, go for it. 16:25:12 I stabilized the performance issues we were having last week 16:25:44 some of it is just inherent in the overhead of the new class structure, but some of it is due to our default large buffer size 16:26:05 It will be interesting to see the JavaScript patches I submit's effecfs 16:26:22 *effects which I'll be taking a closer look at later today 16:26:30 no dropped packets though at least 16:27:17 I was going over Ian and Vinod's commits as well and had a few minor points relevant to the tickets I want to finish by the 18th 16:27:31 But they can be probably hashed out over github 16:28:14 the big hurdles left are the SOCKS patch and the transparent proxy 16:28:34 ack 16:28:47 yegnev, ianamason: how is the gitian coming on Linux 16:29:35 so i just finised a streaming mjpeg module which will appear soon on github, and am now back to finalizing the gitain TBB bundles. 16:29:51 yes, I was going to ask about that content type 16:29:59 you've made a functional TBB? :) 16:30:02 today i am testing the windows and linux bundles. 16:30:21 yes the mac works fine, we demoed it at the last safer PI meeting. 16:30:37 yes all three should work. 16:30:53 hmm, im getting my new MBA this week, that should give it a workout 16:30:54 ok 16:31:24 i will get around to integrating that for the tor fork after the GSoC close date, since it's not one of the listed objectives 16:31:24 .oO(master of business administration + stegotorus?) 16:31:28 heh 16:31:31 MacBook Air 16:31:37 ah 16:31:42 courtesy of Tulane University physics dept 16:32:36 Did you guys run valgrind as a normal step or in response to functional bugs in JEL 16:32:46 selimthegrim: I added a gitian directory to the github stegotorus wuthh all the recipes. 16:32:47 when you discovered your bug 16:32:52 excellent. 16:33:22 yes I valgrind everything. I also used fortify and coverity just pennies for heaven 16:33:43 (is anyone else waiting for a status report btw? except from dcf1 ?) 16:33:54 me 16:34:46 RushingWookie: go ahead 16:35:02 ianamason: I might need your help using valgrind at some point, I had a bit of trouble integrating the ctgrind patch, but that can wait until after the 18th 16:35:13 Ok so as this is the last week of GSoC, I’ve been trying to finish up. 16:35:36 I’m still working on a pull request for deduplicating pts 16:35:49 and ive been writing some tests for fog 16:36:13 selimthegrim: valgrind on linux. mac too dodgey 16:36:21 yes, of course. 16:36:31 RushingWookie: it would also be great 16:36:37 if you could prepare some kind of document with future directions 16:36:37 by "deduplicating pts" is meant how we handle the case where one program provides more than one PT method, e.g. obfsproxys -> obfs3,scramblesuit 16:36:38 wait, the build is too dodgy or valgrind 16:36:43 ruand problems of the current architecture 16:36:46 ok 16:36:54 infinity0: yeah 16:36:58 infinity0: ack 16:37:16 ok ill stick to linux then for poking 16:37:21 asn: Yeah I’ll write a doc and send it out on the tor-dev list 16:37:37 RushingWookie: great 16:38:13 selimthegrim: valgrind on mac == dodgey. 16:38:22 quick report from me, i have to go in a few min - last week we put flashproxy in the debian ftp upload queue 16:38:23 https://ftp-master.debian.org/new.html 16:38:24 i also have to finish up passing the ServerTransportOptions to each pt. ive figured out how to do it but just need to get the format nailed down 16:38:45 #12614 16:39:06 thats about it for me 16:39:19 ah that is relevant to me as well 16:39:27 :) thanks! 16:39:28 great 16:39:36 dcf1: you want to hit us with music? 16:39:45 with *your* music? 16:39:51 With pleasure. 16:40:06 I was at Def Con last week. 16:40:15 One talk was quite PT-related. 16:40:26 I shall link to the slide where the PT discussion starts and you acn navigate with the arrow keys. 16:40:26 thegrugq's talk? 16:40:27 yeah. 16:40:29 https://www.portalmasq.com/assets/player/KeynoteDHTMLPlayer.html#24 16:40:40 Also https://www.portalmasq.com/portal-defcon.pdf. 16:41:05 It's a nice thing to look at if you like seeing your software's name in PowerPoint form. 16:41:20 ) 16:41:21 :) 16:41:36 Apart from that, the 4.0-alpha-1 release features meek over Google and meek over Amazon. 16:41:49 How it looks is: https://trac.torproject.org/projects/tor/wiki/doc/meek#Quickstart. 16:42:11 how was that talk? 16:42:20 in the abstract they talk a lot about FTE 16:42:21 I think I will write a short blog post explaining how to use it. 16:42:24 in the slides, not at all 16:42:31 The talk was good, kpdyer. 16:42:32 dcf1: great idea (wrt blog post)! 16:42:34 or, they review all PTs 16:42:53 Yes, the talk was not really related to the abstract nor the title. I suspect it changed after they got it accepted. 16:43:13 dcf1: This seems related to the talk Ryan gave at HOPE? 16:43:13 the original talk was more PT-ish? 16:43:20 I talked to one of the speakers afterward, and I emailed all three of them to invite them to this meeting and the github etc. 16:43:22 on travel routers? 16:43:36 asn, https://defcon.org/html/defcon-22/dc-22-speakers.html#Lackey. 16:43:37 dcf1: ah great 16:43:57 I'm sure there will be a video online by and by. 16:43:57 in fact I believe it _is_ the same talk. 16:44:22 Don't know selim, I wasn't at HOPE. 16:44:29 That's all from me. 16:44:53 I have a DVD of this talk, if anyone should need a copy. 16:45:09 thank you dcf1 16:45:15 anyone else waiting in line 16:45:15 ? 16:45:48 aaand I think this sums it up 16:45:54 let me shut down that useless meetbot 16:45:54 \o/ 16:45:55 #endmeeting