Anti-censorship team report: September 2020
Tor's anti-censorship team writes monthly reports to keep the world updated on its progress. This blog post summarizes the anti-censorship work we got done in September 2020. Let us know if you have any questions or feedback!
Snowflake
- Merged a contribution from Peter Gerber to consider more IP address ranges local, for the purpose of stripping from SDP offers sent to the broker.
Rdsys
-
Built an HTTP streaming API between rdsys's backend and its distributors that allows distributors to receive resource updates (e.g. a bridge changing its IP address) in real-time.
-
Implemented a registration API that allows standalone-proxies (i.e. without a corresponding Tor bridge) to register themselves:
https://gitlab.torproject.org/tpo/anti-censorship/rdsys/-/issues/4 -
Added lots of unit tests. Rdsys's domain logic is 72.1% tested.
-
Experimented with reCAPTCHA support in rdsys. We could port BridgeDB's HTTPS distributor to rdsys and replace our Gimp-generated CAPTCHAs with Google's reCAPTCHA. To prevent exposing our users to Google, we would have to set up a reverse proxy, so Google only gets to see our machine's IP address. This is possible but messy to build.
-
Started brainstorming Salmon's user interface; in particular how we can best integrate it in Tor Browser:
https://gitlab.torproject.org/tpo/anti-censorship/rdsys/-/issues/7 -
Started writing up rdsys's design and architecture. The goal is to eventually publish a technical blog post that discusses how we built rdsys.
Bridgestrap
-
Wrapped up a "minimum viable product" of bridgestrap:
https://gitlab.torproject.org/tpo/anti-censorship/trac/-/issues/31874 -
Filed issues to improve how bridgestrap spawns a Tor instance to test bridges:
https://gitlab.torproject.org/tpo/anti-censorship/bridgestrap/-/issues/1
https://gitlab.torproject.org/tpo/anti-censorship/bridgestrap/-/issues/2
https://gitlab.torproject.org/tpo/anti-censorship/bridgestrap/-/issues/3
Miscellaneous
-
Our infrastructure monitoring daemon's emails started getting rejected by Gandi's spam filter. We reported the issue and Gandi fixed it shortly after.
-
Read the HTTPT paper as part of our reading group and filed several issues that summarise what's necessary to deploy HTTPT as our next pluggable transport:
https://github.com/net4people/bbs/issues/50
https://censorbib.nymity.ch/#Frolov2020b
https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/… -
Filed an issue to improve our terminology around bridges:
https://gitlab.torproject.org/tpo/anti-censorship/rdsys/-/issues/8 -
Brainstormed how Tor Browser could detect censorship:
https://gitlab.torproject.org/tpo/applications/tor-browser-spec/-/issue…
Outreach
-
Philipp will present rdsys in a lightning talk at the Pluggable Transport Implementer's Meeting on Oct 13:
https://www.pluggabletransports.info/ptim2020/ -
Published a blog post about Hashik's experience as one of Tor's GSoC'20 students:
https://blog.torproject.org/gsoc-2020-snowflake-proxy-mobile -
Recorded a brief video that summarises Tor's anti-censorship work for a class at the University of Michigan.
Comments
Please note that the comment area below has been archived.
Recorded a brief video that…
Is the video going to be released publicly or no?
No it won't. It's just a…
No it won't. It's just a subset of other recent presentations like:
https://www.youtube.com/watch?v=g6xEfNHkFKY
https://www.youtube.com/watch?v=aOOChyMCZH4
Snowflake became extremely…
Snowflake became extremely slow for me these last months, I don't know if it's because more and more people are using it. I get 60kb/s from most snowflakes, only with a luck I can get on a snowflake with 400kb/s (these figures are what i get from opening Nyx and seeing the download bandwidth)
I think it's because of…
I think it's because of latency, some snowflakes might just be far from you *AND* from the snowflake bridge (in netherlands IIRC, no longer following dev after they switched to gitlab), it would be better if they had different snowflake bridges that connect to the snowflakes based on information from the broker about geoip (geoip is not perfect but better than the status quo)
but at least we might see the double channels soon which might help
The post is too technical…
The post is too technical for me to grasp even the gist, but this caught my eye:
> replace our Gimp-generated CAPTCHAs with Google's reCAPTCHA
My instinctive reaction is:
noooooo!
Is this perhaps another example of Google's money pushing Tor devs to consider something which potentially endangers Tor users but which has some obscure benefit to Google?
No. The Gimp CAPTCHAs easy…
No. The Gimp CAPTCHAs easy to solve and reCAPTCHA isn't. That's all there is to it.
Will you be using the…
Will you be using the noscript version of reCAPTCHA? The Javascript version records your mouse movement and fingerprints your browser.
@Phillip Winter: is that…
@Phillip Winter: is that true?
I am more worried than ever about TP mandating Google badness.
As I mentioned before, we're…
As I mentioned before, we're not married to the idea of using reCAPTCHA. We would only use reCAPTCHA if it's possible to embed it in a privacy-preserving way. That may very well be impossible, in which case we wouldn't deploy it.
The noscript (Javascript…
The noscript (Javascript-free) fallback version of reCAPTCHA v2 can be safely proxied. Google deleted all references to it on their online documentation but it's still supported. Configuration instructions in the link below.
https://web.archive.org/web/20181002010303/https://developers.google.co…
Can't use anything with…
Can't use anything with Google captcha they want javascript enabled and everything. Talk about censorship! Make your own captcha using AI that doesn't require Google or something? But ah yes, Google already 'winning' the 'quantum race'.
Can you at least look into…
Can you at least look into alternatives for reCAPTCHA like the one Cloudflare recently moved to (hcaptcha or whatever its name is)?
Absolutely, thanks for the…
Absolutely, thanks for the tip. For what it's worth, we haven't made up our mind on how to build a new HTTPS distributor. I was simply experimenting with reCAPTCHA to get a sense of how one could deploy it.
Please give strong…
Please give strong preference to a "captcha" solution which is done on-site, not ported to some third-party company, certainly not to Alphabet.
and reCAPTCHA isn't [easy]. …
Think again: https://anti-captcha.com/
There are bots for solving…
There are bots for solving Google captcha also such as https://addons.mozilla.org/en-US/firefox/addon/buster-captcha-solver/ but then they block Tor and want your personal data or something. That'll do it. I just avoid anything with Google captcha now, and then they win with their censorship.
In my experience, reCAPTCHA…
In my experience, reCAPTCHA is hard to solve even for humans.
@ Phillip Winter: My…
@ Phillip Winter:
My experience with Google CAPTCHAS is very discouraging. Sites which use them seem to always just demand capture after capture after capture, but apparently Google never has any intention of passing a Tor user, they just make us suffer needlessly and keep the door slammed in our face. This is very bad because we are not doing anything wrong.
+1
+1
One could reason that more…
One could reason that more refreshes and longer delays produce more permutations of one user's circuits for them to fingerprint and geolocate the user.
hello is a salmon client…
hello is a salmon client planned for people who run headless servers?
The Salmon client is for…
The Salmon client is for users and will run in Tor Browser.
I can't believe trying to…
I can't believe trying to implementing google's recaptcha is even being floated as a possibility it is more than feasible to create a captcha that isn't easily beaten by automation
But maybe i overestimated the Tor team since the "captcha" on this blog is 1+0=
I don't mind the occasional…
I don't mind the occasional condescending comment as long as it's backed by a good argument. This, however, is just backseat engineering.
Please dont use Google's…
Please dont use Google's captcha, its terrible for privacy.
Why not use something like the math question captcha, or hcaptcha? There are several alternatives to Google's captchas out there