1
00:00:03,471 --> 00:00:04,471
rc3 preroll music
2
00:00:07,943 --> 00:00:14,598
Herald: Our next speakers are Gus and GeKo
from the Tor project. They both came on
3
00:00:14,598 --> 00:00:19,952
onto the project. A couple have been
working with the project for a long time
4
00:00:19,952 --> 00:00:25,641
now, and a couple of years ago, they both
came on as employees. Gus, as the team
5
00:00:25,641 --> 00:00:30,761
leader, as the community lead of the
project and Georg as the network team
6
00:00:30,761 --> 00:00:36,005
leader, who has been working on improving
the health of the network and making sure
7
00:00:36,005 --> 00:00:41,883
that bad relays are removed. Give them all
a great round of applause from home and
8
00:00:41,883 --> 00:00:49,621
welcome to the stage, guys. Take it away.
9
00:00:49,621 --> 00:00:54,480
Georg: Hello, everyone, hello. This is
Georg from the Tor project, and I have got
10
00:00:54,480 --> 00:01:02,400
with me today to talk about the State of
the Onion, a yearly thing, and we are
11
00:01:02,400 --> 00:01:08,480
really happy to be here at the CCC and
think about providing an update, what we
12
00:01:08,480 --> 00:01:13,280
did, what we are excited about next year
and what is basically in the pipeline.
13
00:01:14,000 --> 00:01:20,160
Before we start, assuming we have some
folks watching this talk, wondering what
14
00:01:20,160 --> 00:01:26,160
this Tor thing is? We thought about
picking them up, getting them up to speed
15
00:01:26,160 --> 00:01:31,520
and talking about what we are actually
talking about here. So, Tor is concerned
16
00:01:31,520 --> 00:01:37,280
with the online anonymity and censorship
circumvention. It's referred to as free
17
00:01:37,280 --> 00:01:42,560
software, and we actually have an open
network of relay operators and relays and
18
00:01:42,560 --> 00:01:49,120
operated by volunteers. But that's not the
only meaning of Tor. You find you are as
19
00:01:49,120 --> 00:01:55,280
well, you know, in a community of
researchers, developers, users, and you
20
00:01:55,280 --> 00:02:02,720
mentioned relay operators. As a project.
We are a US 501c3 nonprofit organization.
21
00:02:03,840 --> 00:02:11,760
So, that's the different notions of Tor
you might encounter. So, what is actually
22
00:02:11,760 --> 00:02:17,120
the Tor design? How does it help with the
anonymity goal or censorship circumvention
23
00:02:17,120 --> 00:02:23,360
goal? So, I assume you have two parties
who want to communicate over the internet,
24
00:02:24,720 --> 00:02:32,400
and they want particular. Alice wants to
hide the location of their IP address, so
25
00:02:32,400 --> 00:02:36,720
they can connect directly to Bob because
that would be obvious where they are
26
00:02:36,720 --> 00:02:44,960
coming from. So, they try to get their
traffic through multiple relays. So, no
27
00:02:44,960 --> 00:02:51,680
single relay can actually betray Alice
here and find out now what Alice is up to,
28
00:02:51,680 --> 00:02:59,708
or actually, where she is coming from. So,
what Alice is doing, or actually Alice's
29
00:02:59,708 --> 00:03:07,386
Tor-client on her machine is picking a
path through the network where through
30
00:03:07,386 --> 00:03:14,121
relays mentioned here with R1, R2 and R3
before she's finally reaching Bob. So,
31
00:03:14,121 --> 00:03:23,138
this looks like some something like this
here, and at the end, Alice is asking the
32
00:03:23,138 --> 00:03:32,050
exit relay or relay three on this slide to
connect to Bob, and then they can talk to
33
00:03:32,050 --> 00:03:39,448
each other. That's the basic underlying
concept of Tor. Then there's the problem
34
00:03:39,448 --> 00:03:47,168
that we sometimes see censorship in the
wild, which means that adversaries trying
35
00:03:47,168 --> 00:03:53,653
to prevent Alice from actually reaching
the Tor-Network and so that she can
36
00:03:53,653 --> 00:03:59,348
benefit from the privacy properties that
the Network is providing. And in this
37
00:03:59,348 --> 00:04:07,167
case, the direct connection to the cloud
above there with the public relays as
38
00:04:07,167 --> 00:04:13,772
presented. And what Alice needs to do is
to connect to so-called bridges, which are
39
00:04:13,772 --> 00:04:19,307
nonpublic relays in this case, which
bridge work as a first hop. And then she
40
00:04:19,307 --> 00:04:24,521
is picking the usual remaining two hops
before connecting to Bob. So, this is a
41
00:04:24,521 --> 00:04:32,400
rough idea of how Tor is trying to prevent
censorship. Or to bypass censorship to be
42
00:04:32,400 --> 00:04:40,280
more correctly and which will play a role
in the coming slides because we talk a
43
00:04:40,280 --> 00:04:47,558
bunch about censorship, work we do and
have done and want to do. So, that's
44
00:04:47,558 --> 00:04:53,840
basically Tor in a nutshell. That's there
are many more things to Tor, but that's
45
00:04:53,840 --> 00:04:59,737
hopefully enough to understand what the
following updates are about. So, if you
46
00:04:59,737 --> 00:05:06,800
recall the previous slides, that was
basically trying to provide privacy at the
47
00:05:06,800 --> 00:05:12,996
network layer for users hiding the IP
addresses. But as we know, the web, in
48
00:05:12,996 --> 00:05:17,945
particular browsers, are large beasts, and
that's by far not enough anymore to
49
00:05:17,945 --> 00:05:22,940
guarantee any meaningful privacy on the
internet because of all of the tracking
50
00:05:22,940 --> 00:05:28,992
mechanisms and arrays of fingerprint
users. So, a couple of years ago, we
51
00:05:28,992 --> 00:05:36,532
essentially started to provide a tool
called Tor Browser, which is essentially a
52
00:05:36,532 --> 00:05:43,508
fork of Firefox and has dozens of patches
on top of that. So, we can actually
53
00:05:43,508 --> 00:05:50,154
provide the privacy guarantees we think
are important. And this tool got some, you
54
00:05:50,154 --> 00:05:56,051
know, some meaningful updates over the
year. And one of these is that we
55
00:05:56,051 --> 00:06:02,776
overhauled the Tor connection experience.
Some of you who are already familiar with
56
00:06:02,776 --> 00:06:09,902
Tor browser, know about this weird modal
dialog popping up once. This is (virtual)
57
00:06:09,902 --> 00:06:17,292
browser, which was, up until the Tor
browser 10.5, the default way of
58
00:06:17,292 --> 00:06:23,810
connecting to the tunnel broker program,
the Tor browser. And this is gone because
59
00:06:23,810 --> 00:06:28,052
that's a really weird experience if you
have any other browser, what is happening
60
00:06:28,052 --> 00:06:32,942
once you started? You get a browser window
and then start searching or typing or
61
00:06:32,942 --> 00:06:38,496
whatever. You never get any modal dialog,
which is a UX experience, which is not
62
00:06:38,496 --> 00:06:44,757
really the best. So we fixed that. There's
no modal dialog during startup anymore,
63
00:06:44,757 --> 00:06:50,347
and there are easy ways to an easy way to
connect automatically now. So, you don't
64
00:06:50,347 --> 00:06:55,487
even see this particular sort of screen
anymore, or was giving you much smoother
65
00:06:55,487 --> 00:07:03,805
experience for your Tor browser usage,
which is pretty exciting. Then we finally
66
00:07:03,805 --> 00:07:10,360
deployed Snowflake, which is a means for
helping censored users on the internet,
67
00:07:10,360 --> 00:07:17,857
which is, you know, kind of next, next,
next-level step in the arms race against
68
00:07:17,857 --> 00:07:25,360
censors. And this has been in the works
for a couple of years and has been testing
69
00:07:25,360 --> 00:07:31,070
for months in our alpha release series and
finally made it earlier this year and
70
00:07:31,070 --> 00:07:39,520
stable. And you can see in this on this
graph how the usage grew over time,
71
00:07:39,520 --> 00:07:47,501
starting with the initial launch and the
stable series at the beginning of July
72
00:07:47,501 --> 00:07:56,200
this year. You see, there's a continually
growing numbers of snowflake users you see
73
00:07:56,200 --> 00:08:03,235
at the right side, the despite up and
down, and we'll talk about this a bit
74
00:08:03,235 --> 00:08:08,010
later. But it's a growth, and we can see
this, and we can hear the feedback for
75
00:08:08,010 --> 00:08:16,924
users. So, what you can help is. Running
snowflakes, how this was going to work is
76
00:08:16,924 --> 00:08:22,129
a thing Gus will explain later on. But
that's already a thing you can try to
77
00:08:22,129 --> 00:08:27,896
remember and getting out of this talk, so
you can help censored users. Um, yeah,
78
00:08:27,896 --> 00:08:35,002
that's two of the high notes for this year
for the next year and upcoming years, we
79
00:08:35,002 --> 00:08:40,575
plan to make it even easier to help
censored users around the world, for
80
00:08:40,575 --> 00:08:46,240
instance, by faster updating the D4
bridges. we ship with the Tor browser.
81
00:08:46,240 --> 00:08:52,705
Usually, what's happening right now is
that once we want to bundle new bridges to
82
00:08:52,705 --> 00:08:57,952
Tor browser, we have to have a new
release, which is pretty cumbersome and
83
00:08:57,952 --> 00:09:03,512
slow, and we want to make this faster that
you can keep your Tor browser but get
84
00:09:03,512 --> 00:09:10,192
updated bridges if there are any available
which we can ship. And then we continue
85
00:09:10,192 --> 00:09:17,087
working on the general idea of just
helping users bypassing the censorship,
86
00:09:17,087 --> 00:09:21,836
though they should have a button like "I
am censored" and then Tor browser should
87
00:09:21,836 --> 00:09:27,545
figure out everything it needs to provide
working bridges for the user and the
88
00:09:27,545 --> 00:09:34,644
particular region where they are. That's
the kind of the golden standard we want to
89
00:09:34,644 --> 00:09:41,789
get to. So, this will be pretty exciting
work then for another project, actually a
90
00:09:41,789 --> 00:09:47,588
multi-year project, which we recently
started, I want you to give an update. The
91
00:09:47,588 --> 00:09:53,780
Tor browser thing is pretty cool in the
sense that you have an app, and then you
92
00:09:53,780 --> 00:10:02,330
have per app settings kind per app means
of providing privacy properties, but
93
00:10:02,330 --> 00:10:07,602
particularly on Mobile, where you have
kind of dozens or hundreds of apps. It's
94
00:10:07,602 --> 00:10:14,653
pretty cumbersome if it's usable or
possible at all to configure. Every app to
95
00:10:14,653 --> 00:10:20,691
every app to use Tor as a proxy, so what
we want, or we actually want to what you
96
00:10:20,691 --> 00:10:27,752
just want on mobile at least, is a way to
him to route all safe traffic and specific
97
00:10:27,752 --> 00:10:35,282
safe applications through Tor. You don't
want to configure this per app, though.
98
00:10:35,282 --> 00:10:41,680
That's that's not the way to go. That's a
pretty "VPN" like functionality to do. I
99
00:10:41,680 --> 00:10:48,720
put "VPN" in quotes here because that's
kind of a working, you know, concept we
100
00:10:48,720 --> 00:10:56,537
would probably want to come up with the
better term at the final product, because
101
00:10:56,537 --> 00:11:03,703
VPN is kind of tainted and people have
particular understandings of what this
102
00:11:03,703 --> 00:11:11,103
means. VPN is, and you have kind of a new
tool here which was trying to fill the
103
00:11:11,103 --> 00:11:17,716
niche and provide better guarantees than
regular VPNs do. So, we want probably come
104
00:11:17,716 --> 00:11:22,900
up with a different term. But that's
pretty close from the functionality point
105
00:11:22,900 --> 00:11:29,840
of view. What we want to do and the bonus
points here as well are that, We can
106
00:11:29,840 --> 00:11:36,025
easily expand our censorship circumvention
means to the whole device and don't have
107
00:11:36,025 --> 00:11:41,172
to deal with that on a per app basis,
either. The work is done with our friends
108
00:11:41,172 --> 00:11:46,320
from the Guardian project and the LEAP
Encryption Access Project, which is
109
00:11:46,320 --> 00:11:50,632
exciting, and we plan to have this
available on Android first, likely
110
00:11:50,632 --> 00:11:58,136
starting in 2023. Maybe already at the end
of next year, we'll see. As I said, it's a
111
00:11:58,136 --> 00:12:08,914
multi-year project spanning different
teams at Tor. It's using Arti the new rust
112
00:12:08,914 --> 00:12:14,280
based (talk line) we are currently
writing. So, that's a pretty exciting
113
00:12:14,280 --> 00:12:20,761
project, and we hope you make serious
progress over next year. So let me leave
114
00:12:20,761 --> 00:12:26,232
the application part right now and talk a
bit about what we could call network
115
00:12:26,232 --> 00:12:30,954
health. The one of the points which
frequently comes up, which is important,
116
00:12:30,954 --> 00:12:39,016
is our work in the bad relay area. All the
dealing with malicious relays remains hard
117
00:12:39,016 --> 00:12:43,848
with our limited resources. We removed,
for instance, several large groups of
118
00:12:43,848 --> 00:12:49,200
actually relays in early 2021 and used
this actually as kind of a wake-up call to
119
00:12:49,200 --> 00:12:54,880
seriously invest in this area, which means
writing new scanners for detecting
120
00:12:54,880 --> 00:13:02,641
malicious behavior and do a better
monitoring for malicious behavior at the
121
00:13:02,641 --> 00:13:07,600
network. And I think over the year. I'm
confident to say that we actually are
122
00:13:07,600 --> 00:13:12,400
going to have a safer Tor network and
compared with previous years, I think it's
123
00:13:12,400 --> 00:13:18,251
fair to say as well that we right now have
a safer Tor network as well compared to
124
00:13:18,251 --> 00:13:25,070
what we had in the previous year. So, that
is exciting progress. Worth mentioning
125
00:13:25,070 --> 00:13:32,477
here, but that's not enough, right? So,
what we actually want to do to provide an
126
00:13:32,477 --> 00:13:40,349
even safer experience and tackling the the
the problem of malicious relays more at
127
00:13:40,349 --> 00:13:47,560
the core, is leveraging trust in our relay
community, helping with those problems.
128
00:13:47,560 --> 00:13:53,368
And the key points to take away here is
that is. It mixed approach in the sense
129
00:13:53,368 --> 00:13:59,360
that we have technical tools helping, that
really work. But as well this is a social
130
00:13:59,360 --> 00:14:06,041
approach, which is important here because
we can't solve the problem of malicious
131
00:14:06,041 --> 00:14:15,876
relays on the technical means alone. And
this is the thing we take into account
132
00:14:15,876 --> 00:14:21,920
right now already started successfully, I
think with experiments, for instance, we
133
00:14:21,920 --> 00:14:28,080
removed like three weeks ago, two large
groups of relays which we deemed to be
134
00:14:28,080 --> 00:14:35,200
malicious, which were perfectly configured
from a configuration perspective. Then all
135
00:14:35,200 --> 00:14:41,520
the my family settings, and they had a
contact info information side, which was
136
00:14:41,520 --> 00:14:46,960
supposed to be non-spoofable. So, they did
all the technical parts right, but still,
137
00:14:47,520 --> 00:14:52,720
once we start to contact them and tried to
talk to them, it was pretty clear they
138
00:14:52,720 --> 00:14:57,200
were very likely malicious, and we removed
them quickly from the network, which
139
00:14:57,200 --> 00:15:02,080
showed us once more that there's a social
component here too, which is important.
140
00:15:02,960 --> 00:15:07,520
And this will be the priority for the
network health team, not only for the
141
00:15:07,520 --> 00:15:11,520
team. I mean, yes, the community team
involved as well, and other teams too. But
142
00:15:11,520 --> 00:15:18,080
it would be important for the Tor project
in 2022. And what this means at the end,
143
00:15:18,080 --> 00:15:23,680
you know, taking trust into account is not
set yet. That could be the idea that we
144
00:15:24,400 --> 00:15:29,040
say, OK, we have here a large group of
trusted relays, and they get more traffic
145
00:15:29,040 --> 00:15:37,440
to see a lot more traffic to see from uses
compared to the non-trusted group. This
146
00:15:37,440 --> 00:15:41,040
has performance implications and many
other implications, which we need to
147
00:15:41,040 --> 00:15:46,800
explore in detail. Starting this year, but
more next year, and probably for the
148
00:15:46,800 --> 00:15:53,600
coming years, which actually brings me to
my final point for my part, which is
149
00:15:53,600 --> 00:15:58,320
talking to you a bit about Tor performance
and the work we did this year and what's
150
00:15:58,320 --> 00:16:04,400
coming up next. So, if you look at these
and this graph of those two graphs, you
151
00:16:04,400 --> 00:16:10,800
see a growing gap between the bandwidth,
which is virtualized on the network and
152
00:16:10,800 --> 00:16:16,080
the actually used bandwidth over the
years, starting from, you know, kind of
153
00:16:16,080 --> 00:16:24,640
2011 and continuing up until today. This
is kind of counterintuitive because one of
154
00:16:24,640 --> 00:16:31,040
the things we usually get, as, kind of
most of the most important complaint, is
155
00:16:31,040 --> 00:16:37,520
that Tor is slow? So, so what's the issue
here? If you have so much kind of surplus
156
00:16:37,520 --> 00:16:41,920
bandwidth, but it's not getting used, but
on the other hand, users are complaining
157
00:16:41,920 --> 00:16:47,680
Tor is slow. So, we have a project which
is trying to solve those problems. We
158
00:16:47,680 --> 00:16:54,320
think that a big part of this equation is
coming up in that good congestion control
159
00:16:54,320 --> 00:16:58,640
for the Tor Network, which was lacking so
far. So, that we have an overall better
160
00:16:58,640 --> 00:17:04,560
bandwidth usage. And this could be
implemented this year, which is exciting,
161
00:17:04,560 --> 00:17:10,480
and will be deployed next year. And we
hopefully see not this growing gap
162
00:17:10,480 --> 00:17:18,000
anymore, but a shrinking gap.
Additionally, one thing we sorely missed
163
00:17:18,000 --> 00:17:22,880
was feedback for relay operators, whether
their relays are doing well, whether they
164
00:17:22,880 --> 00:17:29,680
are overloaded and whether they can
improve settings and make the proper
165
00:17:29,680 --> 00:17:36,160
modifications. So, we implemented a series
of kind of warnings or triggers which
166
00:17:36,880 --> 00:17:41,920
relay operators can monitor and we from
the Tor Project side can monitor as well.
167
00:17:42,480 --> 00:17:50,480
And then we can ping relay operators and
helping them figure out their stuff and
168
00:17:50,480 --> 00:17:56,800
getting those issues fixed. Resolving the
overload they see on their relays and
169
00:17:58,480 --> 00:18:07,760
planned for 2022 as well is that we start
to do better load balancing by figuring
170
00:18:07,760 --> 00:18:14,800
out which relays are seriously overloaded
and moving traffic from them back to less
171
00:18:14,800 --> 00:18:19,440
overloaded relays, giving an overall
better performance and user experience for
172
00:18:19,440 --> 00:18:26,320
all users. So, I think that's all I had to
say from my side. Thanks for listening and
173
00:18:26,320 --> 00:18:32,470
our Gus will pick this up.
Gus: Thank you, Georg. So, hello. This is
174
00:18:32,470 --> 00:18:40,509
Gus from the Tor project. And today I will
talk a little bit about the Community Team
175
00:18:40,509 --> 00:18:49,680
and our work on the Tor community, so we
will cover the new user support forum, our
176
00:18:49,680 --> 00:18:55,955
new gamification project. The "run a
bridge" campaign that we started last
177
00:18:55,955 --> 00:19:04,308
month, and we are also going to talk about
the Tor censorship in Russia. So, for the
178
00:19:04,308 --> 00:19:12,382
third forum, we at the beginning of this
year, we start to think about having a
179
00:19:12,382 --> 00:19:19,910
place where people can ask questions. That
is not the mailing list. So, in 2021, what
180
00:19:19,910 --> 00:19:26,605
looks like a support forum? You know how
where users can do questions and receive
181
00:19:26,605 --> 00:19:32,287
help. So, email and use of the
communication are nice, are cool and
182
00:19:32,287 --> 00:19:37,076
important because people in certain
regions, they can access this resource.
183
00:19:37,076 --> 00:19:43,390
They can send an email from Iran, from
China, from Russia now, and they can
184
00:19:43,390 --> 00:19:49,401
access our documentation. But you are
thinking about, are there other ways to
185
00:19:49,401 --> 00:19:54,240
reach out to this community to find
places, to find a way, for them to
186
00:19:54,240 --> 00:20:00,366
communicate and ask questions? So, part of
GS plan is to,..., The first part of this
187
00:20:00,366 --> 00:20:06,315
plan is to have a Tor forum, so people can
access this information and ask questions
188
00:20:06,315 --> 00:20:12,353
on your support forum. That's friendly,
and you can store an app on your phone and
189
00:20:12,353 --> 00:20:18,181
contact and talk with others. And later,
we'll talk about the second part of this
190
00:20:18,181 --> 00:20:24,973
plan. So, we launched the Tor Forum
jazzier in October, and it has been very
191
00:20:24,973 --> 00:20:32,348
nice, and I invite everyone to join our
forum. The other project that we are doing
192
00:20:32,348 --> 00:20:37,309
in the community team is the gamification
project for relay operators. So, the idea
193
00:20:37,309 --> 00:20:42,556
is to understand what, what are the
motivations, how we can incentivize better
194
00:20:42,556 --> 00:20:48,217
the Tor network, how we can grow, the Tor
network, basically, or why people are
195
00:20:48,217 --> 00:20:54,011
stopping children relays. So, we are doing
this as part of our internship, and Nico
196
00:20:54,011 --> 00:20:59,440
is our intern, and she is doing this work,
and we have a survey online, so people can
197
00:20:59,440 --> 00:21:06,707
ask some questions and give feedback about
their experience, running relays. And last
198
00:21:06,707 --> 00:21:13,816
month in November, we launched our
campaign to get more bridges and in as far
199
00:21:13,816 --> 00:21:19,320
as ... Well, Bridges are very important
for users, living in censored countries.
200
00:21:19,320 --> 00:21:25,003
This is how they are going to connect to
the Tor network. So, our plan was to have
201
00:21:25,003 --> 00:21:33,092
200 new obfs4 bridges. obfs4 is a
pluggable transport that can obfuscate
202
00:21:33,092 --> 00:21:43,389
your Tor connection. And we, ... so the
plan was 200 new bridges and the campaign
203
00:21:43,389 --> 00:21:52,539
staffs at now are at 947 new running
Bridges. 847 new obfs4 bridges, and the
204
00:21:52,539 --> 00:22:02,328
network size about from 1200 to 2000 new
bridges overall. So, the campaign was a
205
00:22:02,328 --> 00:22:11,298
real success and we ... and you can see on
the graph here on the screen how the
206
00:22:11,298 --> 00:22:19,851
campaign changed the course of the network
size here. And so, this campaign started
207
00:22:19,851 --> 00:22:27,843
in November and December, a situation just
happened. So, at the beginning of
208
00:22:27,843 --> 00:22:34,681
December, we received a lot of users
asking for support in Russia and what it
209
00:22:34,681 --> 00:22:40,488
was not? Well, we usually have some users
asking for help, but this time was
210
00:22:40,488 --> 00:22:46,921
different. We received, like a lot of user
support requests, basically emails asking
211
00:22:46,921 --> 00:22:53,052
for Tor bridges, and that was very strange
because we didn't know anything happening.
212
00:22:53,052 --> 00:22:58,624
So, we start to investigate with OONI
which is the "Open Observatory of Network
213
00:22:58,624 --> 00:23:04,760
Interference" to understand what was
happening. So, we start to see some
214
00:23:04,760 --> 00:23:12,230
anomalies on the Tor net in Russia,
basically blocking not just our website,
215
00:23:12,230 --> 00:23:19,634
but also the Tor network and not only the
Tor network, but also some Tor bridges.
216
00:23:19,634 --> 00:23:25,969
And that was like, ... we started to look
into that to understand what was
217
00:23:25,969 --> 00:23:33,195
happening. So, we start to collect
information, and we put together (...)
218
00:23:33,195 --> 00:23:39,496
Ticket and a few days later, we received
an email from Russian authorities saying
219
00:23:39,496 --> 00:23:45,379
that they were going to block the
Torproject domain, and basically, failed
220
00:23:45,379 --> 00:23:51,660
to give us a reason, and we didn't
understand what was happening, so we, ...
221
00:23:51,660 --> 00:24:00,537
I'm going to skip the lawyer part and the
reason that they are blocking the Tor
222
00:24:00,537 --> 00:24:05,600
project website and I will focus on what
they are actually doing and how that is
223
00:24:05,600 --> 00:24:11,600
impacting the Tor network and the Tor
community. So, Russia is the second-
224
00:24:11,810 --> 00:24:17,840
largest country of Tor users, after users
in the United States, Russia, Germany,
225
00:24:17,840 --> 00:24:24,160
Netherlands and other countries that are
the top 10 top 20 countries that are using
226
00:24:24,160 --> 00:24:32,680
Tor. In the end, as we start to look at
the metrics and see that the numbers of
227
00:24:32,680 --> 00:24:39,760
our users were decreasing in December. And
we also saw that the bridge users also
228
00:24:39,760 --> 00:24:44,880
increasing. So, you can see clearly the
impact of the censorship on just a graph
229
00:24:44,880 --> 00:24:50,640
here and just a graph is available on the
metrics portal too. So, the summary here
230
00:24:50,640 --> 00:24:55,520
is, well, On December 1st, the Russian
authorities they blocked Tor Directory
231
00:24:55,520 --> 00:25:00,000
Authorities. So if you have Tor followed
on your computer, you cannot bootstrap
232
00:25:00,000 --> 00:25:06,000
Tor. They block Tor Browser Bridges. So if
you have Tor browser installed, you cannot
233
00:25:06,000 --> 00:25:10,992
use these bridges. They also block a
domain fronting with Azure. So if you try
234
00:25:10,992 --> 00:25:15,800
to bypass censorship, that was not going
to work. They also blocked Snowflake,
235
00:25:15,800 --> 00:25:20,990
which we will talk about a little bit
later. And they also blocked a bunch of
236
00:25:20,990 --> 00:25:27,740
Tor bridges in different internet
providers. So, it depends on where you are
237
00:25:27,740 --> 00:25:33,886
in Russia, you can use Tor. But in other
places, that was going to be more
238
00:25:33,886 --> 00:25:39,098
complicated. And the only way to bypass
the censorship at the time on December 1st
239
00:25:39,098 --> 00:25:44,430
was to use a bridge from
https://bridges.torproject.org or from our
240
00:25:44,430 --> 00:25:50,510
email. And so, we start to fight the
censorship, we launched our Telegram bot
241
00:25:50,510 --> 00:25:55,726
that you can get a bridge and that the
bridges is not blocked in Russia. And we
242
00:25:55,726 --> 00:26:00,043
tasked these bridges on all of these
points on Russia to see if they are
243
00:26:00,043 --> 00:26:05,120
blocked, if they are blocked we ask for
relay operator to hold that IP address.
244
00:26:05,120 --> 00:26:10,523
So, Tor Bridges are working, and we are
checking if they are checking in,
245
00:26:10,523 --> 00:26:17,556
recording if they are working. That are
community also fought back and that our
246
00:26:17,556 --> 00:26:23,860
committee spin up like more than 400 new
Tor bridges in just a few days. I mean, we
247
00:26:23,860 --> 00:26:32,014
have amazing volunteers translating Tor
user support guides in Russian, and doing
248
00:26:32,014 --> 00:26:38,668
after the first block on December 1st. The
anti-censorship thing also provide a fix
249
00:26:38,668 --> 00:26:45,296
for snowflake, and just fix what's
available on Tor browser, the last
250
00:26:45,296 --> 00:26:51,522
release. So, you can see onto the graph
that Snowflake was around like less than
251
00:26:51,522 --> 00:26:59,045
2000 users, but after December, you can
see it take a while, but then such
252
00:26:59,045 --> 00:27:04,859
increase the number of snowflake users,
basically because of Russia. And you can
253
00:27:04,859 --> 00:27:12,728
see just a graph here. There's a decrease
here, is because the server crashed after
254
00:27:12,728 --> 00:27:19,057
too many users. So, we fixed the server,
and we start to get more users. So, if you
255
00:27:19,057 --> 00:27:24,440
want to help people inside this country,
you can run a Tor bridge, or you can run a
256
00:27:24,440 --> 00:27:31,425
snowflake proxy and that that will be very
helpful for Tor users in Russia. And a new
257
00:27:31,425 --> 00:27:38,280
update, during Christmas, we also had a
new round of censorship in Russia. More
258
00:27:38,280 --> 00:27:45,514
bridges were blocked between December 23
and 24. We are going to reach out to relay
259
00:27:45,514 --> 00:27:51,360
operators, and we are going to contact
them and say, OK, you need to rotate your
260
00:27:51,360 --> 00:27:56,561
IP address if you want to get back in the
game and fight censorship. And we are
261
00:27:56,561 --> 00:28:02,906
going to do that and just (check) if
snowflake is working fine, and we have
262
00:28:02,906 --> 00:28:09,548
been working with doing the other support
with Russian users. And we already
263
00:28:09,548 --> 00:28:16,130
answered more than 1300 Help requests
since December 1st. Just for comparison,
264
00:28:16,130 --> 00:28:24,482
we resolved 1400 support tickets between
January and November. So, in one month, we
265
00:28:24,482 --> 00:28:32,114
already have more user support request
from Russia than, you know, in 12 months,
266
00:28:32,114 --> 00:28:39,840
basically. So, uh, so I will do a call
here for the international community to
267
00:28:39,840 --> 00:28:45,659
spin up a Tor bridge or run a snowflake
proxy. If you can't, if you cannot run a
268
00:28:45,659 --> 00:28:51,687
bridge, you can donate to relay
associations. If you cannot donate, you
269
00:28:51,687 --> 00:28:58,143
can help and teach our users about Tor
bridges. Or you can help localize Tor in
270
00:28:58,143 --> 00:29:03,588
Russian. Or you can do. We can apply
pressure like if you are part of a digital
271
00:29:03,588 --> 00:29:08,732
rights organization or your organization
and help us to make pressure on the
272
00:29:08,732 --> 00:29:15,532
Russian government. And stand up and start
(a directory) like Edward Snowden did and
273
00:29:15,532 --> 00:29:22,144
publish messages calling the Russian
government to stop blocking Tor. How to
274
00:29:22,144 --> 00:29:29,280
get involved. We are available on our IRC
and Matrix channels. You can join us, our
275
00:29:29,280 --> 00:29:35,383
mailing list. They are public and you can
see what we are talking, and you can help.
276
00:29:35,383 --> 00:29:41,484
You can also join the Tor Forum and you
can contribute on GitLab. And for next
277
00:29:41,484 --> 00:29:46,411
year, we are going to improve. We are
going to continue to improve our user
278
00:29:46,411 --> 00:29:52,289
support tools for users living in censored
countries or regions. So one of our ideas
279
00:29:52,289 --> 00:29:59,455
is to provide a Telegram chat channel, so
users can communicate and have and get
280
00:29:59,455 --> 00:30:04,323
user support on Telegram. We are going to
continue to develop the Tor relay
281
00:30:04,323 --> 00:30:10,129
gamification project, and continue to
organize our trainings in the global
282
00:30:10,129 --> 00:30:16,120
south, in Latin America and Africa, and
organize relay operators meetups. Today we
283
00:30:16,120 --> 00:30:24,225
are going to have our relay operator meet-
up at 10:00 p.m. German time. And the link
284
00:30:24,225 --> 00:30:28,188
you can find on the Tor relay mailing
list. And also, if you search on Twitter,
285
00:30:28,188 --> 00:30:37,265
on social media, you can also find that,
um. And today we just covered some topics
286
00:30:37,265 --> 00:30:43,721
from the state of the onion. One month
ago, we did a huge presentation like two
287
00:30:43,721 --> 00:30:50,435
and a half hours about anti-censorship
from the rising UX SysAdmin team and many
288
00:30:50,435 --> 00:30:57,720
other updates about Arti, about virtual or
non deprecation and many other topics. And
289
00:30:57,720 --> 00:31:04,400
you can watch that on YouTube. So, I think
that's it from my side, and we are open
290
00:31:04,400 --> 00:31:07,997
for more questions.
291
00:31:07,997 --> 00:31:12,105
Herald: Thank you so much, guys. Like
obviously, Tor is a really important
292
00:31:12,105 --> 00:31:16,995
project and that's honestly great to see
how dedicated you are to basically helping
293
00:31:16,995 --> 00:31:21,520
everyone. I was actually. Now we're going
to go on to the question, and I was
294
00:31:21,520 --> 00:31:26,720
actually wondering something myself before
we head over to taking the ones coming in
295
00:31:26,720 --> 00:31:32,066
from the internet. Basically, I as far as
I understand like when you working with
296
00:31:32,066 --> 00:31:36,240
bridges and making sure to like, avoid
this censorship and everything like as far
297
00:31:36,240 --> 00:31:41,004
as I understand, an important tool in this
process are the meek-bridges where you use
298
00:31:41,004 --> 00:31:46,248
huge cloud providers to basically mask
traffic to Tor. It's like regular HTTPS
299
00:31:46,248 --> 00:31:51,709
website traffic. Does that not work in the
case of Russia or like what does the
300
00:31:51,709 --> 00:31:57,423
attack threat situation look like at the
moment? And that's the landscape.
301
00:31:57,423 --> 00:32:04,669
Gus: I can answer in two parts. The first
part is that some cloud providers, they
302
00:32:04,669 --> 00:32:12,469
don't like domain fronting. And so, Amazon
and others, they change their policy, and
303
00:32:12,469 --> 00:32:21,832
they start to block, well, not just block,
but to remove projects that were using
304
00:32:21,832 --> 00:32:29,926
domain fronting. So, the only cloud
provider that allows Tor or allow Tor to
305
00:32:29,926 --> 00:32:38,920
do that was Azure, and we had to limit the
bandwidth on that. So if you use meek-
306
00:32:38,920 --> 00:32:45,666
Azure on Tor browser, it's going to be
very slow. And one thing that we saw, just
307
00:32:45,666 --> 00:32:51,860
as the first part, like the providers,
they don't like that they were enforcing
308
00:32:51,860 --> 00:32:59,155
us to stalk, or we will remove just
support. The other thing is that the bill,
309
00:32:59,155 --> 00:33:06,571
like the cost of running a meek-Azure
bridge or a meek-Amazon bridge, but it
310
00:33:06,571 --> 00:33:15,440
that was too high and too costly. So,
snowflake is the next step here because it
311
00:33:15,440 --> 00:33:25,647
uses domain fronting to connect you to a
Tor proxy. It's not like proxy, and the
312
00:33:25,647 --> 00:33:35,440
cost will be like very cheap. So, you can
get the benefit of domain fronting, and
313
00:33:35,440 --> 00:33:42,886
you can use a lot of proxies to connect
Tor users. And that will not cost a lot of
314
00:33:42,886 --> 00:33:48,826
money for the Tor project or for Tor
users. So, that is the way to go here is
315
00:33:48,826 --> 00:33:55,560
not to look back, but look forward.Laugh
Herald: It sounds so cool. Like obviously
316
00:33:55,560 --> 00:34:01,063
it seems that this was very important and
actually hearing like some of the problems
317
00:34:01,063 --> 00:34:05,231
that you guys are facing in your fight, I
think that's very interesting for all of
318
00:34:05,231 --> 00:34:12,326
us. So questions from the audience. The
first one is that the apps that you're
319
00:34:12,326 --> 00:34:17,746
making like the question is, whether they
would make you identifiable. So basically,
320
00:34:17,746 --> 00:34:22,520
if exactly those five apps are always
calling home over the same Tor nodes, the
321
00:34:22,520 --> 00:34:28,519
question is if that if someone could link
that back to you?
322
00:34:28,519 --> 00:34:33,840
Georg: Hmm. Do you want to talk about this
Gus? Or should I?
323
00:34:33,840 --> 00:34:38,893
Gus: Go ahead.
Georg: Yeah, I think this should not be
324
00:34:38,893 --> 00:34:48,775
the case. I mean, depending on what kind
of apps you have, how they are configured
325
00:34:48,775 --> 00:34:55,774
and such and potential, you know, timing
signatures and stuff. So, that's one of
326
00:34:55,774 --> 00:35:01,964
the things we're concerned, for instance,
with Tor browser and trying to really make
327
00:35:01,964 --> 00:35:09,140
sure to break this up in the sense that
folks can't learn anything about those
328
00:35:09,140 --> 00:35:16,946
patterns you have. It's hard, in
particular, if adversaries can monitor,
329
00:35:16,946 --> 00:35:25,346
you know, exit nodes or endpoints over a
long period of time. But generally, you
330
00:35:25,346 --> 00:35:30,060
should be protected from this kind of
threat.
331
00:35:30,060 --> 00:35:39,440
Herald: Right. That makes sense. So, the
next question is that if they understand
332
00:35:39,440 --> 00:35:43,680
correctly, the Tor organization is
registered in the United States, could the
333
00:35:43,680 --> 00:35:47,600
project be in danger of any government
pressure to be discontinued, And have you
334
00:35:47,600 --> 00:35:57,840
guys have a plan to move to more neutral
countries like Switzerland or similar?
335
00:36:02,640 --> 00:36:09,840
Gus: So from my point of view, I don't
think we suffer any pressure right now
336
00:36:10,800 --> 00:36:19,120
from US government. So, I think. Would
what would you be interested? Well, one
337
00:36:19,120 --> 00:36:24,240
thing that is important is one thing is
that the Tor project and the other thing
338
00:36:24,240 --> 00:36:30,880
is the Tor network. The Tor Network is,...
we have directed authorities in different
339
00:36:30,880 --> 00:36:38,404
countries and that just to avoid this kind
of government pressure against the Tor
340
00:36:38,404 --> 00:36:49,400
network. So, I think the question would be
more like finding different ways to fund,
341
00:36:49,400 --> 00:36:59,390
..., make Tor sustainable, not just. Like
diversifying our funds, so we don't be so
342
00:36:59,390 --> 00:37:07,297
connected with a government, are one
source provider of resource. I think just
343
00:37:07,297 --> 00:37:15,600
it's happening right now. Isabella, the
executive director, has changing a lot of
344
00:37:15,600 --> 00:37:24,200
our money income. And if you look back in
the Tor history, US government was adding
345
00:37:24,200 --> 00:37:31,720
a lot of money through to the TOR project
in different by different ways, you know,
346
00:37:31,720 --> 00:37:38,758
like a human rights projects and internet
freedom projects. And just was basically
347
00:37:38,758 --> 00:37:43,854
how Tor is and was funded by U.S.
government, but not just U.S. government,
348
00:37:43,854 --> 00:37:50,298
other governments like Swedish government
too. So, I think I would be more concerned
349
00:37:50,298 --> 00:37:57,760
about the Tor directed authorities being
in just one country, and that's not true.
350
00:37:57,760 --> 00:38:04,388
We are in different countries and they so
far I don't I never heard any kind of
351
00:38:04,388 --> 00:38:11,801
pressure from the U.S. government against
the nonprofit, call it the Tor project.
352
00:38:11,801 --> 00:38:15,554
So, I think that it's basically, my answer
here.
353
00:38:15,554 --> 00:38:21,735
Herald: That's good to hear. And now on to
maybe a little bit lighter question, do
354
00:38:21,735 --> 00:38:29,312
Tor browser users have any chance or hope
to see less captchas in the future?
355
00:38:29,312 --> 00:38:36,720
Georg: Yeah. Yeah. I think we do have some
hope, there is, ... I mean, not just only
356
00:38:36,720 --> 00:38:45,520
hope. But we have work ongoing solving
this from different angles. The first one
357
00:38:45,520 --> 00:38:53,040
is outreach to major providers trying to
understand why they are blocking Tor or
358
00:38:53,040 --> 00:38:58,720
why they provide, captchas and working
with them to come up with solutions, which
359
00:39:00,160 --> 00:39:07,280
are not only deployable by them, but by
the wider industry. So, there is a
360
00:39:07,280 --> 00:39:12,640
knowledge gap here and then trying to,
..., based on that, trying to figure out
361
00:39:12,640 --> 00:39:19,360
how we can solve this problem. And that's
not only from , you know, policy angle,
362
00:39:19,360 --> 00:39:28,240
but we plan to look into technical means
as well. For instance. There's the idea of
363
00:39:28,240 --> 00:39:36,320
providing tokens to Tor users, so
they can, which they can spend anonymously
364
00:39:36,320 --> 00:39:42,960
at websites, for instance, and the
websites can look for that and try to
365
00:39:43,520 --> 00:39:49,840
regulate the traffic, keeping the noisy
bots out while providing good service to
366
00:39:49,840 --> 00:39:58,160
our users providing such a token. That's
another thing that won't be solved next
367
00:39:58,160 --> 00:40:04,080
year. It's a multi-year project, too. We
are a small organization, so there has to
368
00:40:04,080 --> 00:40:11,360
be some kind of prioritization. But that's
definitely on our radar and a serious
369
00:40:11,360 --> 00:40:16,720
problem for us. So, we should fix this.
Herald: Sounds like great initiatives and
370
00:40:16,720 --> 00:40:22,320
also like that going some of the way in
order to some extent legitimize the use of
371
00:40:22,320 --> 00:40:26,320
the Tor browser. Maybe not as much in
common society, but also when actually
372
00:40:26,320 --> 00:40:28,720
visiting different websites.
Georg: Yeah, exactly.
373
00:40:28,720 --> 00:40:36,320
Herald: Nice. Next up is whether you guys
are planning to figure out some kind of
374
00:40:36,320 --> 00:40:40,640
solutions for firewalls, for instance, the
corporate ones that are slowing traffic
375
00:40:40,640 --> 00:40:55,360
down.
Georg: I know, Gus, do you. Do you have
376
00:40:55,360 --> 00:41:01,760
some, you know, queries or complaints from
users for this particular issue? I'm not
377
00:41:01,760 --> 00:41:11,611
sure about that.
Gus: Yeah, I and. I just want to be a very
378
00:41:11,611 --> 00:41:15,842
specific question, I ....
Herald: It's also very fair to just say
379
00:41:15,842 --> 00:41:19,760
that it's not a problem that you've heard
a lot of complaints about,
380
00:41:19,760 --> 00:41:23,682
Georg: Right.
Gus: Yeah, sure, that's true. We I didn't
381
00:41:23,682 --> 00:41:29,567
hear about that. Like the captacha one is
a popular one, but I never heard.
382
00:41:29,567 --> 00:41:38,072
Georg: I think they're a bunch of larger
things to fry here, there. It's not really
383
00:41:38,072 --> 00:41:43,803
in our not even our top 10. So there.
Herald: Right? I guess it can also be very
384
00:41:43,803 --> 00:41:48,002
hard for you guys to like, work with
figuring out how to prioritize all the
385
00:41:48,002 --> 00:41:51,240
different initiatives and wishes that that
people have.
386
00:41:51,240 --> 00:42:01,567
Georg: Yeah, definitely.
Herald: Cool. So unfortunately, we don't
387
00:42:01,567 --> 00:42:07,080
have time for any more questions right
now, but there is a break-out room that
388
00:42:07,080 --> 00:42:13,002
people can come to, and you will answer
any further questions. For now, we are
389
00:42:13,002 --> 00:42:18,525
going to have a break on this channel
before the next talk that's going on at
390
00:42:18,525 --> 00:42:23,616
20:00, which is (in German) "Cookiebanner,
das Online-Werbe-Ökosystem und Google,
391
00:42:23,616 --> 00:42:31,027
Preisträger BigBrotherAwards 2021" For
now, thank you very much, guys. Take care
392
00:42:31,027 --> 00:42:35,686
and maybe we'll see you in the break-out
room.
393
00:42:35,686 --> 00:42:47,975
postroll music
394
00:42:47,975 --> 00:42:52,243
Subtitles created by c3subtitles.de
in the year 2021. Join, and help us!