Hello,

Thanks everyone for joining the Tor Relay Operator Meetup on January.

Our next meetup will happen on **March 2nd** at 1900 UTC. 
I'll send an invitation to the mailing list and collect topics for the
agenda.

cheers,
Gus

# Notes - Relay Operator Meetup - January, 27th, 2024

## Announcements

* EOL 0.4.7.x removal

Tor 0.4.7.x is approaching the end-of-life (EOL). In February, The Network 
Health and Community teams will start the usual work to contact operators to 
upgrade.
If you're running a relay or a bridge, please upgrade.

- Announcement: 
https://forum.torproject.org/t/tor-relays-psa-tor-0-4-7-reaches-end-of-life-eol-on-2024-01-31/11157
- Metrics: Relays running 0.4.7.x: 
https://metrics.torproject.org/rs.html#aggregate/version
- We will track 0.4.7.x removal here: 
https://gitlab.torproject.org/tpo/network-health/team/-/issues/344
- Relay EOL Policy: 
https://gitlab.torproject.org/tpo/network-health/team/-/wikis/Relay-EOL-policy

* Tor University Challenge update - https://toruniversity.eff.org/

EFF video: https://mastodon.social/@eff/111881185422639945

Two further links for those who want to keep informed:
- 
https://www.eff.org/deeplinks/2023/11/tor-university-challenge-first-semester-report-card
- https://gitlab.torproject.org/tpo/community/outreach/-/issues/40054

Next step, we just got accepted to do a presentation at TNC, which is the 
annual NREN conference in Europe.
We will present in June alongside Switch, the Swiss NREN.

Q: Who's a good person to contact at a university?
A: Good people to reach at universities are (a) professors, (b) librarians and 
(c) student security clubs. See also https://toruniversity.eff.org/students/

## Tor Relay Operator Community Policies

We launched a new website with the Tor Project Community Policies and we have a 
section for Tor Relay Operators Policies. 
Check out: https://community.torproject.org/policies/

### 001 - Process for new policies for relay operators

Last year we wrote a meta proposal: 
https://community.torproject.org/policies/relays/001-community-relay-operator-process/
 
It explains how to submit a proposal of policy to the relay operators community.

Basically, it's a three steps process:
 - Step 1: Submit your draft following the meta proposal format.
 - Step 2: Discussion and consensus
 - Step 3: Policy and Implementation

Example: Restrict contact information field to email address (and make it 
mandatory): https://gitlab.torproject.org/tpo/community/policies/-/issues/17
Discussion: 
https://lists.torproject.org/pipermail/tor-relays/2023-October/021358.html 

## Upcoming elections in 2024 and online censorship

- 2024: the year of Democracy! :) 

More than 65 elections happening this year (General, Presidential, Prime 
Minister, National Assembly, local elections…).
We wrote a blog post "Defend Internet Freedom with Tor in 2024 elections 
season": 
https://blog.torproject.org/2024-defend-internet-freedom-during-elections/

It would be great if you could run bridges and Tor Snowflake during the whole 
year, however, if you don't have enough resources, running a bridge the week 
before the elections of these countries can help many users to circumvent 
censorship. 

 - Azerbaijan (7th February): 
https://ooni.org/post/2023-azerbaijan-internet-censorship/
 - Pakistan (8th February): 
https://ooni.org/post/2023-pakistan-blocks-wikipedia-and-dw/  
 - Indonesia (14th February): https://github.com/net4people/bbs/issues/316 
 - Belarus (25th February): https://github.com/net4people/bbs/issues/72 
 - Cambodia and Senegal (25th February)
 - Iran (1st March)
 - Russia (17th March)
 - India (April, TBA)
 - Elections (partial list): https://gitlab.torproject.org/-/snippets/196 or 
https://www.accessnow.org/campaign/2024-elections-and-internet-shutdowns-watch/

- Tor Bridge guides: obfs4: 
https://community.torproject.org/relay/setup/bridge/ 
- WebTunnel bridge: https://community.torproject.org/relay/setup/webtunnel/
- Snowflake standalone guides (Debian, Docker, FreeBSD, compile from source): 
https://community.torproject.org/relay/setup/snowflake/ 
- Script made by Emerald Onion to manage obfs4 bridges: 
https://github.com/emeraldonion/bridge-management 

Related, the video for Roger's CCC talk is now published:
https://media.ccc.de/v/37c3-12040-tor_censorship_attempts_in_russia_iran_turkmenistan
Or YouTube: https://www.youtube.com/watch?v=g5ZiBYR-1MM

## Status of ddos (Network Health / Network Team)

See: https://forum.torproject.org/t/new-kind-of-attack/11122

Q: Is there a profile available yet on DOS targeted relays (guard/exit status) 
and whether they are losing particular flags? Also any timing information?
A: No (to both) --GeKo

## Tor Metrics issues (wrong first seen date)

Surprise bug in the metrics portal where it is assigning the wrong 'first seen' 
date to relays. 
https://gitlab.torproject.org/tpo/network-health/metrics/relay-search/-/issues/40024
We hope to get it fixed next week. It's not doing damage except for all of the 
alarm and irritation and confusion it is generating.

## Upcoming torservers.net meetup for non-profits running relays. 

Contact Stefan Leibi [ste...@torservers.net] if you are running a non-profit 
and have not been contacted by me today.

## Tor Q&A 

* Q: Who decides who is a [Directory 
Authority](https://metrics.torproject.org/rs.html#search/flag:authority)?

The current directory authorities decide by consensus. One challenge with 
adding more directory authorities is that the coordination work to add or 
remove one scales poorly with more of them, so while in theory we want a bunch 
because of improved trust, in practice 10 or so is the limit. (Performance 
bottlenecks are mostly resolved by the 'fallbackdir' design, so now it's only a 
trust question, not a bandwidth question mostly.)

* Q: Who is currently running an authority and why do we trust them?

You can see the current list at 
https://gitlab.torproject.org/tpo/core/tor/-/blob/main/src/app/config/auth_dirs.inc?ref_type=heads
 -- this is a list of IPs. The question is who is operating the relays? Yep! 
There are eight v3 directory authority operators currently: Roger, weasel, 
sebastian, alex, linus, andreas, stefani, micah. We don't hide the list, but 
also we haven't been good on docs at that level. Better to find us at a Tor dev 
meeting / hacker conference and meet us in person! See also 
https://support.torproject.org/about/key-management/ for a related question.

* Q: Who choose the current operators?

We have accumulated them over the past two decades, using the cypherpunks / 
remailer community as the initial trust root.
As for 'why do we trust them', trust is a complicated topic, so the first 
thought is, trust them to do what? Their hourly votes are public and archived 
at https://collector.torproject.org/

  
* Q: What's the status of bandwidth scanners?
 
 They are running and doing their job. All bandwidth authorities switched over 
from TorFlow to sbws; we plan to replace that with onbasca at some point.
  
* Q: What happened with FlashFlow? (prop316) 
https://gitlab.torproject.org/tpo/core/torspec/-/blob/main/proposals/316-flashflow.md

> ahf (who cannot make this meeting): there was an unfinished implementation of 
> this, but we did not think it was worthwhile to finish due to its complexity 
> and because of improvements in the general bw scanning space thanks to sbws. 
> We may want to look into this again in the future.
  
* Q: Could relays be explicitly recommended to use common TCP ports for their 
ORPort (such as 21 and 8080) instead of 9001 in case 443 isn't available? For 
instance, my university blocks TCP on most ports but 21 and 8080 are still open.
A: Interesting! Because most places that filter ports leave 443 open. 

* Q: With the massive amount of snowflake proxies available, it seems like IP 
blocks would be much harder to achieve. Is there any plan to possibly recommend 
that users use snowflake over obfs4?
A: snowflake is already automatically recommended to users in some countries 
when they start Tor Browser ("Connection Assist" feature) and Orbot ("smart 
connect")
https://gitlab.torproject.org/tpo/anti-censorship/rdsys-admin/-/blob/main/conf/circumvention.json

* Q: please update the snowflake package in debian
Related: 
https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snowflake/-/issues/40105

If you want to run snowflake proxies at scale we wrote a guide on how to do it 
with Ansible (scroll a bit down) 
https://unredacted.org/guides/infrastructure/tor/how-to-run-your-own-tor-snowflake-proxy/#run-a-snowflake-proxy-on-a-linux-server

* Q: At DFRI (dfri.se) we are running some exit relays. Recently we had an idea 
that maybe we would try to apply for funding for a project that would be 
something like "managing a secure and sustainable tor exit relay setup using 
Debian, Tor, ansible, git, gpg, and so on". Now we are wondering if others have 
thoughts on this idea and if anyone here would be interesting in participating 
in such a project. Who should fund this? The idea is to apply for money from 
something like the "Open Tech Fund" (https://www.opentech.fund/) or similar.

A: Yes, this sounds great! Two thoughts: (a) coordinate with Leibi on the 
torservers.net coalitions, and (b) OTF is the place everybody goes for every 
funding idea, so they are often overloaded with proposals these days.
A: One thing this relay community would love and needs more of is workshops. 
Can you run a workshop for the relay operator community on how to scalably run 
these relays?

Q: Tor Browser doesn't work to bootstrap on an IPv6-only network. I think Tor 
is trying the ipv4 for each of its fallbackdirs and those don't work. If 
anybody lives in IPv6-only land, please help us diagnose and fix!

Q: When will the next online meetup be? Suggestion: Always announce the next 
meeting date at the current meetup so that we have these meetups on a regular 
basis. :-)
(and please link or include the previous notes, for people who missed the 
meeting)
A: Many Tor people will be at FOSDEM. We could have an in-person meetup! Let us 
know if you want to help organize that.
A: We will have the next online meetup March 2nd, @ 19 UTC


On Fri, Jan 26, 2024 at 05:13:48PM -0300, gus wrote:
> Hi,
> 
> Just a friendly reminder that we're meeting this Saturday, January
> 27th at 19 UTC.
> 
> Meetup Agenda
> -------------
> 
>  * EOL 0.4.7.x removal
>  * Tor University Challenge update https://toruniversity.eff.org/
>  * Community Policies site: https://community.torproject.org/policies/
>  * 001 - Process for new policies for relay operators
>  * Upcoming elections in 2024 and online censorship
>  * Status of DDoS
>  * Tor Metrics issues (wrong first seen date)
>  * Tor Q&A
> 
> Room link: https://tor.meet.coop/gus-og0-x74-dzn
> 
> cheers,
> Gus
> 
> On Wed, Jan 17, 2024 at 02:11:11PM -0300, gus wrote:
> > Dear Tor relay operators and volunteers,
> > 
> > Save the date: the next Tor Relay Operator Meetup will happen on
> > Saturday, January 27 at 19 UTC!
> > 
> > We're still working on the agenda for this meetup, however feel free to
> > add your topics directly to the ticket or just reply to the mailing list:
> > https://gitlab.torproject.org/tpo/community/relays/-/issues/84
> > 
> > Where:
> > Room link: https://tor.meet.coop/gus-og0-x74-dzn
> > When: January 27, 19:00 UTC
> > 
> > Tor Code of Conduct:
> > https://community.torproject.org/policies/code_of_conduct/
> > 
> > Registration
> > No need for a registration or anything else, just use the
> > room-linkabove. We will open the room 10 minutes before so you can test
> > your mic setup.
> > 
> > Please share with your friends, social media and other mailing lists!
> > 
> > cheers,
> > Gus 
> > -- 
> > The Tor Project
> > Community Team Lead
> 
> 
> 
> -- 
> The Tor Project
> Community Team Lead



-- 
The Tor Project
Community Team Lead

Attachment: signature.asc
Description: PGP signature

_______________________________________________
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Reply via email to