Anti-censorship team report: November 2020
December 07, 2020
Tor’s anti-censorship team writes monthly reports to keep the world updated on its progress. This blog post summarizes the anti-censorship work we got done in November 2020. Let us know if you have any questions or feedback!
Worked on getting Snowflake working for Onion Browser for iOS.
Set up and debugged a remote probe test to determine NAT compatability of Snowflakes.
Modified the NAT type classifications of Snowflake clients to distribute proxies more evenly.
Created a patch that orders Snowflake’s “snowflake-ips” metrics line by the number of requests.
Created a page that shows a bridge’s test result. This allows operators to check if their pluggable transports work correctly. You can query your bridge status by visiting:
Note that the status page currently only tells you the status of your bridge’s obfs2, obfs3, obfs4, and scramblesuit.
Also, the service is still experimental and occasionally offline.
Made it possible to look up a bridge’s status by providing its hashed fingerprint.
Finished documentation on rdsys’s design and architecture. You can take a look at it here:
Researched libraries to do i18n for rdsys. The library go-i18n seems to check all of our boxes.
Filed an issue to get a Transifex resource to do i18n for rdsys.
Made rdsys pool bridgestrap requests to make the interaction between both services more efficient.
Made rdsys’s supported resources configurable. This is important because some bridge operators set up adventurous things like their own meek, and we don’t want to distribute those.
- Spent some time on our privacy-preserving Salmon modifications but haven’t yet managed to come up with a clean implementation. More work is needed.
Made bridgestrap export metrics that are now scraped by our Prometheus instance. The raw metrics are publicly accessible at:
Deployed bridgestrap on polyanthum, the host on which BridgeDB and rdsys run.
Finally merged our SETCONF-based rework of how bridgestrap does its testing.
Added a field to bridgestrap’s test result that informs the requester when a bridge was last tested.
Spent some time debugging why the number of functional bridges decreases as we test more bridges in parallel. More work is needed.
Made bridgestrap’s cache timeout configurable.
Cecylia presented the anti-censorship team’s yearly progress as part of our State Of The Onion presentation:
Added a new obfs4 default bridge. Thanks to Louis-Philippe Véronneau for operating the bridge!
Brainstormed ways to stream bridge updates from Serge (our bridge authority) to polyanthum (the host where rdsys and bridgestrap are running).
Updated monit configuration to make it monitor Snowflake’s probetest service and bridgestrap.
Worked with Gus to ask a few folks to run emma in countries that we believe block some aspects of Tor.
Philipp is going to review submissions for the DNSPRIVACY 2021 workshop.
Sponsor 28 scrimmage and PI meeting.