#tor-meeting log

20:00:31 <ahf> #startmeeting anti-censorship checkin 2019/03/28
20:00:31 <MeetBot> Meeting started Thu Mar 28 20:00:31 2019 UTC.  The chair is ahf. Information about MeetBot at http://wiki.debian.org/MeetBot.
20:00:31 <MeetBot> Useful Commands: #action #agreed #help #info #idea #link #topic.
20:00:35 <ahf> hello everyone
20:00:46 <cohosh> hi
20:00:51 <ahf> our pad is at https://pad.riseup.net/p/tor-censorship-2019-keep - it was down earlier so let's do updates
20:00:57 <uniqx> hi
20:01:20 <ahf> o/ uniqx
20:01:23 <catalyst> hi
20:01:54 * arma1 is nearby. trying to stay afloat in the logistics items that i'm doing now that i'm back in nyc
20:02:37 <ahf> let's start with snowflake roadmap
20:02:45 <ahf> https://storm.torproject.org/shared/OdNtwrtRrqklh76l4PfcngBbQFDbjv_jRroj0WeSY0B
20:03:00 * sysrqb lurks
20:03:05 <ahf> i think it looks right?
20:03:20 <cohosh> yes i think so
20:03:33 <cohosh> 21315 is sort of in progress
20:03:42 <cohosh> there we go
20:03:59 <ahf> and #21304 seems to still be in review
20:04:13 <ahf> yes
20:04:16 <ahf> cool!
20:04:19 <cohosh> yup we've done one round of reviewing and now it's in review again
20:04:26 <dcf1> I plan to re-reivew #21304 this week
20:04:34 <cohosh> thanks!
20:04:38 <ahf> awesome
20:04:48 <ahf> gettor, i think we skip
20:05:08 <ahf> https://storm.torproject.org/grain/wTcdAfPCjooEoAnRQYcHBr/ any changes to the bridgedb roadmap?
20:06:20 <catalyst> ahf: not that i know of. though maybe i should move the release task to backlog
20:06:26 <ahf> gah, storm is slow for me today
20:06:50 <catalyst> me too
20:07:18 <ahf> when i add a filter nothing happens except the "in progress" one becomes empty
20:07:52 <cohosh> is the overall roadmap synced automatically to the snowflake one? it looks like no
20:08:01 <ahf> cohosh: nope :-/
20:08:10 <ahf> catalyst: hm, which ticket is this?
20:08:13 <ahf> the release task
20:08:38 <ahf> ah, #29276
20:08:58 <ahf> i see it in the backlog i think
20:09:15 <catalyst> ahf: i just moved it :)
20:09:34 <catalyst> (after storm finally woke up for me)
20:10:01 <ahf> ah
20:10:03 <ahf> thanks
20:10:25 * ahf tries to apply the PT filter
20:10:45 <ahf> ok, that one looks like we haven't updated it in a while :-)
20:11:08 <ahf> #29272 should go into 'done', right cohosh?
20:11:09 <_hc> hi all, I actually managed to remember this time slot today :-)  kids are sleeping...
20:11:16 <ahf> _hc: o/
20:11:33 <ahf> cohosh: or maybe in progress, i guess?
20:11:58 <cohosh> yeah i'd say done for now
20:12:21 <ahf> moved it over to done now
20:12:24 <ahf> cool!
20:12:26 <cohosh> we can open new tickets if we want to do something with it
20:12:43 <ahf> yeah, i think that is a good idea
20:13:15 <ahf> hm, kat5 have a needs help with entry with gettor
20:13:49 <ahf> but i also see an item with syncing with hiro next week about it, i think that is the best option right now. i don't know the roadmap for gettor
20:13:56 * catalyst opened a few tickets about gettor but that was a long time ago
20:14:17 <ahf> but i could imagine hiro being very busy with getting the shiny new website into shape right now and is usually not around for these meetings
20:15:03 <ahf> i see some items from dcf1. i think we should get #29863 into the roadmap if it isn't already
20:15:46 <ahf> and ugh, #29875 looks like another PT regression
20:15:57 <ahf> i wonder if they used one of the alpha tor browser releases :-/
20:16:00 <cohosh> was #29863 dependent on moving the snowflake broker to a TPA machine?
20:16:19 <cohosh> i know anarcat mentioned they already have some tools available for this
20:16:24 <dcf1> cohosh: no, I think if we install the right prometheus package it can happen before being moved to TPA.
20:16:26 <arma1> hm 29875 sounds like geko's earlier bug where he tried to switch PTs early in tor browser startup
20:16:33 <ahf> yeah
20:16:37 <cohosh> dcf1: ah ok, i'm happy to pick that one up then
20:16:40 <ahf> it looks like the wrong component here though
20:16:46 <GeKo> ahf: yes, that's with an alpha
20:16:52 <GeKo> i reproduced it
20:16:55 <ahf> isn't this a tor problem rather than a snowflake/torbrowser launcher issue?
20:16:56 <dcf1> Although I don't know how the prometheus-node works or how it authenticates whatever is interrogating it.
20:17:08 <ahf> GeKo: ah, awesome (and hi!)
20:17:11 <arma1> ahf: my first assumption is that it would be a tor bug
20:17:15 <GeKo> arma1: it's not during start-up
20:17:23 <ahf> GeKo: shouldn't we move this one out of the snowflake component on trac?
20:17:35 <ahf> arma1: yeah, ditto
20:17:40 <GeKo> i guess to core tor, yes
20:17:55 <GeKo> (hi!)
20:17:58 <ahf> and it's a 040 issue, right?
20:18:03 <GeKo> yes
20:18:04 <ahf> it didn't happen with 35x ?
20:18:09 <cohosh> dcf1: me neither, i will look into it and talk to anarcat. do you want me to check with you before installing packages on the snowflake machines?
20:18:14 <ahf> aye /o\ i was hoping for no more PT regressions haha
20:18:20 <GeKo> i could test with 035
20:18:25 <GeKo> if that helps
20:18:27 <ahf> and then they are just hiding in the other components
20:18:33 <ahf> GeKo: if you have the time to do that, that would be awesome
20:18:50 <GeKo> i'll do it tomorrow
20:19:01 <GeKo> i can even bisect ;)
20:19:32 <dcf1> cohosh: if it's fine with you it's fine with me, if it seems obvious go ahead and do it.
20:19:40 <ahf> thanks, let's see if we should give it the 040-must mark tomorrow too then
20:19:45 <cohosh> okay thanks!
20:19:46 <GeKo> kk
20:19:58 <ahf> i have moved it over to the tor component now
20:20:13 <ahf> dcf1: thanks for bringing that one up here at the meeting, that one had gone over my head
20:20:47 <dcf1> np
20:21:01 <arma1> cohosh: extra points if you keep track of which packages you installed, so once it moves to a TPA machine, you can say "and i need these eight packages"
20:21:04 <ahf> i thiiink, that was all the "help with" on the pad? it sounds like dcf1 is going to look at #21304
20:21:25 <cohosh> arma1: cool, i will document the process and add it to the ticket
20:23:20 <ahf> ok, no more help items i think
20:23:43 <cohosh> should i summarize the conversation with NewNode?
20:23:49 <ahf> cohosh: you wanna run the newnode conversation?
20:23:50 <ahf> yeep!
20:23:53 <cohosh> cool
20:24:08 <cohosh> so a group working on something called NewNode emailed us a while back
20:24:36 <cohosh> they are just wrapping up an OTF funded project to make what understand is a mobile-based P2P CDN
20:24:56 <cohosh> and the OTF funders suggested they adapt it to be a pluggable transport
20:25:33 <cohosh> i was a bit confused at first because the connection between CDNs and a PT for Tor isn't obvious, but i had a chat with Marina from the that project today
20:25:52 <cohosh> and she mentioned that they can also route any kind of encrypted internet traffic in a P2P way
20:25:59 <dcf1> Oh I see the name Stanislav Shalunov on http://www.newnode.com/, I know who that is.
20:26:08 <cohosh> ah yes! cool
20:26:40 <cohosh> they're hopeing that if the system is popular for CDN purposes it will a "too big to block" but P2P system that could potentially be used for censorship resistance
20:26:47 <cohosh> that's my current understanding
20:27:17 <cohosh> at this point they wanted to reach out and introduce the project, they mentioned wanting to apply for the OTF pluggable transports funding in May i think
20:27:18 <ahf> arma1: do you know these guys ^^
20:28:04 <cohosh> and wanted to know if we are interested and would possibly show some support for the idea for the funding application (i'm not quite sure how that works)
20:28:17 <arma1> is stanislav the guy who worked on the...local wireless comms network that was big in hong kong a few years ago?
20:28:28 <cohosh> firechat?
20:28:30 <arma1> yes
20:28:39 <cohosh> yup, marina mentioned that in the call
20:28:47 <arma1> ok. then yes i have met stanislav
20:28:58 <arma1> i met him at, of all places, that fbi conference i go to
20:29:07 <arma1> he spent the whole time telling me that tor is stupid and insecure and worthless
20:29:15 <arma1> kind of a weird conversation
20:29:17 <cohosh> o.O
20:29:27 <sysrqb> #winner
20:29:46 <ahf> like, in that way or more like weird awkward nerd kind of technical discussion about all the tor issues that sometimes comes up at conferences?
20:29:49 <arma1> the generous interpretation is that he has different priorites and a different threat model
20:29:49 <dcf1> Also https://en.wikipedia.org/wiki/LEDBAT
20:30:04 <ahf> i sometimes meet people like that, and i don't think they are bad, i think they are just maybe a bit too focused on whatever it is they are doing
20:30:29 <ahf> right
20:31:15 <ahf> it sounds like maybe for now they'd be interesting to stay in contact with and/or maybe help them with something related to OTF if we can and have that knowhow? i guess we have more knowhow with those than most people do?
20:31:32 <arma1> cohosh: so eventually, if this works, we would ship a little newnode client shim in tor browser, and run a bridge on the other side of the newnode cdn?
20:32:07 <cohosh> arma1: i think so, to be honest i don't yet have a clear idea of how the NewNode system works
20:32:26 <cohosh> the white paper doesn't go into much technical detail and i haven't found a specification, just the source code
20:33:18 <cohosh> i emailed them the PT evaluation page yawning angel had made, a link to the traffic-obf mailing list, and a link to the tor pt spec
20:33:39 <dcf1> that's a good start, thanks for ambassadoring
20:33:40 <cohosh> and they emailed me a link to the code repository
20:35:18 <cohosh> np, it looks interesting. i'm not sure what support from our side would look like at this point
20:36:18 <ahf> maybe they should reach out when they have something they think we can be helpful with in different contexts?
20:37:04 <arma1> if they're only reaching out about a PT option because otf told them to, we're going to need to do most of the work
20:37:08 <cohosh> yeah perhaps, they probably know what they want from us more than we do at this point
20:37:14 <cohosh> arma1: agreed
20:37:18 <arma1> and if we can't figure out what it is they're doing, then we're not going to have much reason to do work
20:37:30 <cohosh> my impression from this reach out was that they wanted to confirm we were interested and to say hello
20:37:46 <arma1> i guess another option is that we should get that feedback loop back to the otf people, so they know what happened and what didn't happen
20:38:40 <ahf> i agree that i don't think we should be doing the development there, i also don't think that is what they want?
20:39:34 <cohosh> yeah i think they are mostly trying to be sure that if they make something we'll be open to it being used
20:40:06 <cohosh> presumably before we integrate it into like Tor Browser we'll need to know more about how it works
20:40:56 <cohosh> but it might be too early for that, i guess it depends on what they want to propose to OTF
20:41:05 <cohosh> and what kinds of deliverables OTF will hold them to
20:41:21 <ahf> i hope they don't make the "marionette mistake" with OTF
20:41:28 <ahf> and get a deliverable that says "get X into tor browser"
20:41:50 <cohosh> oof, okay, that is something we should tell them about then
20:42:08 <ahf> because that was a lot of stress i think for the marionette team(?) in those last 2 weeks or whatever it was when they started having a bit of panic
20:42:14 <ahf> and we didn't have time to look at it
20:42:24 <cohosh> yeah
20:43:05 <arma1> do we know who at otf pointed them toward us?
20:43:16 <arma1> might be good, now that we have two data points, to have a periodic sync with that person too
20:43:19 <arma1> (maybe it was adam?)
20:43:38 <cohosh> they didn't mention but if i had to guess i would guess adam
20:45:17 <ahf> is this around some money they have already gotten or some money they are trying to get?
20:45:26 <cohosh> this is a new proposal they are writing
20:45:49 <cohosh> they are just finishing up a previous project with otf
20:46:00 <cohosh> which i believe was NewNode as a CDN
20:46:17 <cohosh> afaik
20:46:47 <arma1> ah ok so if they are writing a proposal to otf to adapt newnode to be a pluggable transport, then ... it would sure be swell if we could understand their design
20:46:56 <arma1> and should be setting off alarm bells for them and otf if we cannot
20:47:23 <cohosh> yes agreed, i would also prefer not to have to read C code to understand the main idea
20:47:35 <ahf> +1
20:47:49 <arma1> maybe when they have an early draft of their proposal, which surely will be good at explaining what's going on, they can show it to you too
20:48:02 <arma1> ('surely')
20:48:35 <cohosh> cool, that is a good thing to mention to them
20:48:42 <cohosh> and also the marionette cautionary tale
20:49:03 <arma1> maybe point them at ptlib too
20:49:11 <arma1> and a couple of example PTs they can model their thing after
20:49:20 <cohosh> okay sounds good
20:50:10 <ahf> awesome
20:50:21 <cohosh> thanks!
20:50:23 <ahf> maybe tell them we have these meetings too if they want to come by and say hi
20:50:44 <ahf> but maybe they should tell us before, because the first 20 min. or so of these meetings are pretty useless to them i think :-S
20:52:05 <cohosh> cool
20:52:16 <ahf> cohosh: is the TPA machine thing next topic or was that solved already or?
20:52:39 <_hc> whenever there is time for a quick new topic, I'd like to introduce uniq and ask about the next Tor Meeting
20:53:24 <cohosh> ah i think there isn't any rush for moving snowflake infrastructure to TPA machines, and it will probably involve dcf1
20:53:56 <ahf> oki :-)
20:53:59 <cohosh> to deal with sorting out domians correctly
20:54:17 <ahf> cohosh: ln5 and anarcat can probably help there too
20:54:27 <ahf> _hc: cool! let's hear?
20:54:36 <arma1> yep. i'd suggest spending energy on moving to a TPA machine, rather than hacking together your own monitoring stuff, if you have energy to spend there
20:54:42 <cohosh> yes probably, i'm just thinking there are things i don't have access to that need to be modified
20:54:58 <cohosh> arma1: i think we can do the monitoring using anarcat's thing on the current setup
20:55:03 <cohosh> so these issues are a bit separate
20:55:26 <arma1> cohosh: speaking of things only dcf has access to, one of our goals in general is to make sure that every thing has at least two people who can fix it
20:55:38 <_hc> ok, first the bad news, I can't make it to Stockholm, I have a conflict :-(  but the good news is that uniq is available.
20:55:41 <arma1> so if there are things that only dcf can do, those are bugs :)
20:55:42 <_hc> He's been working with Guardian Proect for a while, and is a Tor user since 2008
20:55:59 <_hc> specifically on PTs
20:56:11 <cohosh> i have access to the snowflake machines
20:56:20 <_hc> incluuding the Android and devops sides of it.  so I think it makes sense for him to go in my place
20:56:25 <cohosh> but i think not the domain forwarding
20:56:32 <ahf> _hc: you have seen that this meeting is slightly different, right? in that i don't think we have any open days, but, i think there should still be some PT related sessions there for sure
20:56:57 <ahf> i'm not sure how it works with invitations to these meetings now
20:57:02 <ahf> i could try to figure it out
20:57:14 <_hc> I responded to Jon with that same info
20:57:45 <arma1> ahf: i think the way it works is that we go to isa and explain about the extra person, and then she juggles all the information and makes a decision
20:57:54 <arma1> i think right now we have more people-we-want-to-invite than spaces-for-humans
20:57:58 <_hc> that's my bit.  I'm happy to answer quesrions about IETF, ESNI, Android PTs, etc.
20:58:25 <ahf> arma1: oh, ok. i'll talk to isa
20:59:00 <ahf> actually, _hc, next week gaba is back, so we should probably also involve her in this and figure out what PT related things we want to do at this meeting
21:00:25 <ahf> _hc: i read your IETF mail, that was very useful
21:00:32 <arma1> ahf, cohosh: oh, speaking of PT things, i have word from josh, the program manager for race, that we won't need to deal with pub review restrictions for race. this is good news.
21:00:38 <_hc> glad to hear it
21:02:05 <ahf> arma1: cool
21:02:14 <cohosh> are "pub review restrictions" that think where the govt wants to read our work before we publish it?
21:02:15 <ahf> arma1: but, so, do we have the money or what?
21:02:18 <cohosh> *that thing
21:02:30 <ahf> cohosh: yeah :-/
21:03:02 <dcf1> thanks friends, I gotta dip.
21:03:07 <ahf> dcf1: o/
21:03:17 <cohosh> dcf1: thanks!
21:03:18 <ahf> dcf1: btw, are you going to stockholm?
21:03:28 <ahf> it would be very nice to finally meet you
21:04:34 <arma1> cohosh: yes, exactly. and the workaround is to never actually do any work for them. which is kind of awkward.
21:04:47 <arma1> ahf: no, nothing is signed yet. but things are still moving forward.
21:04:50 <cohosh> yeah i was gonna ask if we'd even take money with those restrictions on it
21:05:23 <arma1> cohosh: i almost turned down the sponsor19 money, because they wouldn't get rid of the pub review requirement
21:05:36 <arma1> they eventually contacted me and suggested that perhaps we would just not have any deliverables
21:05:43 <cohosh> ahh ok
21:05:43 <arma1> and we worked out a workaround
21:05:54 <arma1> still awkward, and requires lots of trust on both sides, etc
21:06:15 <ahf> such a weird system :-S
21:06:19 <arma1> in general we want to never have to deal with that,
21:06:30 <arma1> but also i general we want to not fire our developers because we ran out of money
21:06:36 <ahf> but i guess as long as we can do some meaningful work and they think what we do is meaningful, then it's all good
21:06:39 <arma1> we all want things i guess
21:06:48 <ahf> yeah
21:07:07 <hiro> hey all I didn't know I needed to be around this meeting... can I be part of the list where you people send your updates and organise this?
21:07:30 <cohosh> hiro:  hey! i don't think we have a list :/ just a usual meeting time
21:07:31 <ahf> hiro: no, i don't think you needed to be 8) we just had a gettor item on a list
21:07:36 <hiro> ok
21:07:43 * cohosh wonders if it is even posted on the wiki
21:07:44 <ahf> hiro: but it sounds like kat5 is going to write to you next week :-)
21:07:51 <hiro> yes kat5 wrote me
21:07:53 <ahf> cohosh: i don't think we have a team page yet there
21:08:08 <hiro> well feel free to ping me a bit before hand if you want ame around
21:08:09 <arma1> oh hey, creating a team page on the wiki seems smart
21:08:12 <hiro> at this time I am finishing dinner
21:08:15 <cohosh> we have a pad: https://pad.riseup.net/p/tor-censorship-2019-keep
21:08:18 <ahf> okay, we are 8min. passed the hour and i haven't had dinner yet and it's 22 here. should we close it off?
21:08:25 <ahf> :-)
21:08:27 <cohosh> okay sounds good
21:08:33 <cohosh> thanks ahf!
21:08:40 <ahf> cool. thanks all o/ next week is exciting because phw begins on monday!
21:08:45 <cohosh> \o/
21:08:56 <ahf> #endmeeting