WEBVTT
00:00:03.471 --> 00:00:04.471
rc3 preroll music
00:00:07.943 --> 00:00:14.598
Herald: Our next speakers are Gus and GeKo
from the Tor project. They both came on
00:00:14.598 --> 00:00:19.952
onto the project. A couple have been
working with the project for a long time
00:00:19.952 --> 00:00:25.641
now, and a couple of years ago, they both
came on as employees. Gus, as the team
00:00:25.641 --> 00:00:30.761
leader, as the community lead of the
project and Georg as the network team
00:00:30.761 --> 00:00:36.005
leader, who has been working on improving
the health of the network and making sure
00:00:36.005 --> 00:00:41.883
that bad relays are removed. Give them all
a great round of applause from home and
00:00:41.883 --> 00:00:49.621
welcome to the stage, guys. Take it away.
00:00:49.621 --> 00:00:54.480
Georg: Hello, everyone, hello. This is
Georg from the Tor project, and I have got
00:00:54.480 --> 00:01:02.400
with me today to talk about the State of
the Onion, a yearly thing, and we are
00:01:02.400 --> 00:01:08.480
really happy to be here at the CCC and
think about providing an update, what we
00:01:08.480 --> 00:01:13.280
did, what we are excited about next year
and what is basically in the pipeline.
00:01:14.000 --> 00:01:20.160
Before we start, assuming we have some
folks watching this talk, wondering what
00:01:20.160 --> 00:01:26.160
this Tor thing is? We thought about
picking them up, getting them up to speed
00:01:26.160 --> 00:01:31.520
and talking about what we are actually
talking about here. So, Tor is concerned
00:01:31.520 --> 00:01:37.280
with the online anonymity and censorship
circumvention. It's referred to as free
00:01:37.280 --> 00:01:42.560
software, and we actually have an open
network of relay operators and relays and
00:01:42.560 --> 00:01:49.120
operated by volunteers. But that's not the
only meaning of Tor. You find you are as
00:01:49.120 --> 00:01:55.280
well, you know, in a community of
researchers, developers, users, and you
00:01:55.280 --> 00:02:02.720
mentioned relay operators. As a project.
We are a US 501c3 nonprofit organization.
00:02:03.840 --> 00:02:11.760
So, that's the different notions of Tor
you might encounter. So, what is actually
00:02:11.760 --> 00:02:17.120
the Tor design? How does it help with the
anonymity goal or censorship circumvention
00:02:17.120 --> 00:02:23.360
goal? So, I assume you have two parties
who want to communicate over the internet,
00:02:24.720 --> 00:02:32.400
and they want particular. Alice wants to
hide the location of their IP address, so
00:02:32.400 --> 00:02:36.720
they can connect directly to Bob because
that would be obvious where they are
00:02:36.720 --> 00:02:44.960
coming from. So, they try to get their
traffic through multiple relays. So, no
00:02:44.960 --> 00:02:51.680
single relay can actually betray Alice
here and find out now what Alice is up to,
00:02:51.680 --> 00:02:59.708
or actually, where she is coming from. So,
what Alice is doing, or actually Alice's
00:02:59.708 --> 00:03:07.386
Tor-client on her machine is picking a
path through the network where through
00:03:07.386 --> 00:03:14.121
relays mentioned here with R1, R2 and R3
before she's finally reaching Bob. So,
00:03:14.121 --> 00:03:23.138
this looks like some something like this
here, and at the end, Alice is asking the
00:03:23.138 --> 00:03:32.050
exit relay or relay three on this slide to
connect to Bob, and then they can talk to
00:03:32.050 --> 00:03:39.448
each other. That's the basic underlying
concept of Tor. Then there's the problem
00:03:39.448 --> 00:03:47.168
that we sometimes see censorship in the
wild, which means that adversaries trying
00:03:47.168 --> 00:03:53.653
to prevent Alice from actually reaching
the Tor-Network and so that she can
00:03:53.653 --> 00:03:59.348
benefit from the privacy properties that
the Network is providing. And in this
00:03:59.348 --> 00:04:07.167
case, the direct connection to the cloud
above there with the public relays as
00:04:07.167 --> 00:04:13.772
presented. And what Alice needs to do is
to connect to so-called bridges, which are
00:04:13.772 --> 00:04:19.307
nonpublic relays in this case, which
bridge work as a first hop. And then she
00:04:19.307 --> 00:04:24.521
is picking the usual remaining two hops
before connecting to Bob. So, this is a
00:04:24.521 --> 00:04:32.400
rough idea of how Tor is trying to prevent
censorship. Or to bypass censorship to be
00:04:32.400 --> 00:04:40.280
more correctly and which will play a role
in the coming slides because we talk a
00:04:40.280 --> 00:04:47.558
bunch about censorship, work we do and
have done and want to do. So, that's
00:04:47.558 --> 00:04:53.840
basically Tor in a nutshell. That's there
are many more things to Tor, but that's
00:04:53.840 --> 00:04:59.737
hopefully enough to understand what the
following updates are about. So, if you
00:04:59.737 --> 00:05:06.800
recall the previous slides, that was
basically trying to provide privacy at the
00:05:06.800 --> 00:05:12.996
network layer for users hiding the IP
addresses. But as we know, the web, in
00:05:12.996 --> 00:05:17.945
particular browsers, are large beasts, and
that's by far not enough anymore to
00:05:17.945 --> 00:05:22.940
guarantee any meaningful privacy on the
internet because of all of the tracking
00:05:22.940 --> 00:05:28.992
mechanisms and arrays of fingerprint
users. So, a couple of years ago, we
00:05:28.992 --> 00:05:36.532
essentially started to provide a tool
called Tor Browser, which is essentially a
00:05:36.532 --> 00:05:43.508
fork of Firefox and has dozens of patches
on top of that. So, we can actually
00:05:43.508 --> 00:05:50.154
provide the privacy guarantees we think
are important. And this tool got some, you
00:05:50.154 --> 00:05:56.051
know, some meaningful updates over the
year. And one of these is that we
00:05:56.051 --> 00:06:02.776
overhauled the Tor connection experience.
Some of you who are already familiar with
00:06:02.776 --> 00:06:09.902
Tor browser, know about this weird modal
dialog popping up once. This is (virtual)
00:06:09.902 --> 00:06:17.292
browser, which was, up until the Tor
browser 10.5, the default way of
00:06:17.292 --> 00:06:23.810
connecting to the tunnel broker program,
the Tor browser. And this is gone because
00:06:23.810 --> 00:06:28.052
that's a really weird experience if you
have any other browser, what is happening
00:06:28.052 --> 00:06:32.942
once you started? You get a browser window
and then start searching or typing or
00:06:32.942 --> 00:06:38.496
whatever. You never get any modal dialog,
which is a UX experience, which is not
00:06:38.496 --> 00:06:44.757
really the best. So we fixed that. There's
no modal dialog during startup anymore,
00:06:44.757 --> 00:06:50.347
and there are easy ways to an easy way to
connect automatically now. So, you don't
00:06:50.347 --> 00:06:55.487
even see this particular sort of screen
anymore, or was giving you much smoother
00:06:55.487 --> 00:07:03.805
experience for your Tor browser usage,
which is pretty exciting. Then we finally
00:07:03.805 --> 00:07:10.360
deployed Snowflake, which is a means for
helping censored users on the internet,
00:07:10.360 --> 00:07:17.857
which is, you know, kind of next, next,
next-level step in the arms race against
00:07:17.857 --> 00:07:25.360
censors. And this has been in the works
for a couple of years and has been testing
00:07:25.360 --> 00:07:31.070
for months in our alpha release series and
finally made it earlier this year and
00:07:31.070 --> 00:07:39.520
stable. And you can see in this on this
graph how the usage grew over time,
00:07:39.520 --> 00:07:47.501
starting with the initial launch and the
stable series at the beginning of July
00:07:47.501 --> 00:07:56.200
this year. You see, there's a continually
growing numbers of snowflake users you see
00:07:56.200 --> 00:08:03.235
at the right side, the despite up and
down, and we'll talk about this a bit
00:08:03.235 --> 00:08:08.010
later. But it's a growth, and we can see
this, and we can hear the feedback for
00:08:08.010 --> 00:08:16.924
users. So, what you can help is. Running
snowflakes, how this was going to work is
00:08:16.924 --> 00:08:22.129
a thing Gus will explain later on. But
that's already a thing you can try to
00:08:22.129 --> 00:08:27.896
remember and getting out of this talk, so
you can help censored users. Um, yeah,
00:08:27.896 --> 00:08:35.002
that's two of the high notes for this year
for the next year and upcoming years, we
00:08:35.002 --> 00:08:40.575
plan to make it even easier to help
censored users around the world, for
00:08:40.575 --> 00:08:46.240
instance, by faster updating the D4
bridges. we ship with the Tor browser.
00:08:46.240 --> 00:08:52.705
Usually, what's happening right now is
that once we want to bundle new bridges to
00:08:52.705 --> 00:08:57.952
Tor browser, we have to have a new
release, which is pretty cumbersome and
00:08:57.952 --> 00:09:03.512
slow, and we want to make this faster that
you can keep your Tor browser but get
00:09:03.512 --> 00:09:10.192
updated bridges if there are any available
which we can ship. And then we continue
00:09:10.192 --> 00:09:17.087
working on the general idea of just
helping users bypassing the censorship,
00:09:17.087 --> 00:09:21.836
though they should have a button like "I
am censored" and then Tor browser should
00:09:21.836 --> 00:09:27.545
figure out everything it needs to provide
working bridges for the user and the
00:09:27.545 --> 00:09:34.644
particular region where they are. That's
the kind of the golden standard we want to
00:09:34.644 --> 00:09:41.789
get to. So, this will be pretty exciting
work then for another project, actually a
00:09:41.789 --> 00:09:47.588
multi-year project, which we recently
started, I want you to give an update. The
00:09:47.588 --> 00:09:53.780
Tor browser thing is pretty cool in the
sense that you have an app, and then you
00:09:53.780 --> 00:10:02.330
have per app settings kind per app means
of providing privacy properties, but
00:10:02.330 --> 00:10:07.602
particularly on Mobile, where you have
kind of dozens or hundreds of apps. It's
00:10:07.602 --> 00:10:14.653
pretty cumbersome if it's usable or
possible at all to configure. Every app to
00:10:14.653 --> 00:10:20.691
every app to use Tor as a proxy, so what
we want, or we actually want to what you
00:10:20.691 --> 00:10:27.752
just want on mobile at least, is a way to
him to route all safe traffic and specific
00:10:27.752 --> 00:10:35.282
safe applications through Tor. You don't
want to configure this per app, though.
00:10:35.282 --> 00:10:41.680
That's that's not the way to go. That's a
pretty "VPN" like functionality to do. I
00:10:41.680 --> 00:10:48.720
put "VPN" in quotes here because that's
kind of a working, you know, concept we
00:10:48.720 --> 00:10:56.537
would probably want to come up with the
better term at the final product, because
00:10:56.537 --> 00:11:03.703
VPN is kind of tainted and people have
particular understandings of what this
00:11:03.703 --> 00:11:11.103
means. VPN is, and you have kind of a new
tool here which was trying to fill the
00:11:11.103 --> 00:11:17.716
niche and provide better guarantees than
regular VPNs do. So, we want probably come
00:11:17.716 --> 00:11:22.900
up with a different term. But that's
pretty close from the functionality point
00:11:22.900 --> 00:11:29.840
of view. What we want to do and the bonus
points here as well are that, We can
00:11:29.840 --> 00:11:36.025
easily expand our censorship circumvention
means to the whole device and don't have
00:11:36.025 --> 00:11:41.172
to deal with that on a per app basis,
either. The work is done with our friends
00:11:41.172 --> 00:11:46.320
from the Guardian project and the LEAP
Encryption Access Project, which is
00:11:46.320 --> 00:11:50.632
exciting, and we plan to have this
available on Android first, likely
00:11:50.632 --> 00:11:58.136
starting in 2023. Maybe already at the end
of next year, we'll see. As I said, it's a
00:11:58.136 --> 00:12:08.914
multi-year project spanning different
teams at Tor. It's using Arti the new rust
00:12:08.914 --> 00:12:14.280
based (talk line) we are currently
writing. So, that's a pretty exciting
00:12:14.280 --> 00:12:20.761
project, and we hope you make serious
progress over next year. So let me leave
00:12:20.761 --> 00:12:26.232
the application part right now and talk a
bit about what we could call network
00:12:26.232 --> 00:12:30.954
health. The one of the points which
frequently comes up, which is important,
00:12:30.954 --> 00:12:39.016
is our work in the bad relay area. All the
dealing with malicious relays remains hard
00:12:39.016 --> 00:12:43.848
with our limited resources. We removed,
for instance, several large groups of
00:12:43.848 --> 00:12:49.200
actually relays in early 2021 and used
this actually as kind of a wake-up call to
00:12:49.200 --> 00:12:54.880
seriously invest in this area, which means
writing new scanners for detecting
00:12:54.880 --> 00:13:02.641
malicious behavior and do a better
monitoring for malicious behavior at the
00:13:02.641 --> 00:13:07.600
network. And I think over the year. I'm
confident to say that we actually are
00:13:07.600 --> 00:13:12.400
going to have a safer Tor network and
compared with previous years, I think it's
00:13:12.400 --> 00:13:18.251
fair to say as well that we right now have
a safer Tor network as well compared to
00:13:18.251 --> 00:13:25.070
what we had in the previous year. So, that
is exciting progress. Worth mentioning
00:13:25.070 --> 00:13:32.477
here, but that's not enough, right? So,
what we actually want to do to provide an
00:13:32.477 --> 00:13:40.349
even safer experience and tackling the the
the problem of malicious relays more at
00:13:40.349 --> 00:13:47.560
the core, is leveraging trust in our relay
community, helping with those problems.
00:13:47.560 --> 00:13:53.368
And the key points to take away here is
that is. It mixed approach in the sense
00:13:53.368 --> 00:13:59.360
that we have technical tools helping, that
really work. But as well this is a social
00:13:59.360 --> 00:14:06.041
approach, which is important here because
we can't solve the problem of malicious
00:14:06.041 --> 00:14:15.876
relays on the technical means alone. And
this is the thing we take into account
00:14:15.876 --> 00:14:21.920
right now already started successfully, I
think with experiments, for instance, we
00:14:21.920 --> 00:14:28.080
removed like three weeks ago, two large
groups of relays which we deemed to be
00:14:28.080 --> 00:14:35.200
malicious, which were perfectly configured
from a configuration perspective. Then all
00:14:35.200 --> 00:14:41.520
the my family settings, and they had a
contact info information side, which was
00:14:41.520 --> 00:14:46.960
supposed to be non-spoofable. So, they did
all the technical parts right, but still,
00:14:47.520 --> 00:14:52.720
once we start to contact them and tried to
talk to them, it was pretty clear they
00:14:52.720 --> 00:14:57.200
were very likely malicious, and we removed
them quickly from the network, which
00:14:57.200 --> 00:15:02.080
showed us once more that there's a social
component here too, which is important.
00:15:02.960 --> 00:15:07.520
And this will be the priority for the
network health team, not only for the
00:15:07.520 --> 00:15:11.520
team. I mean, yes, the community team
involved as well, and other teams too. But
00:15:11.520 --> 00:15:18.080
it would be important for the Tor project
in 2022. And what this means at the end,
00:15:18.080 --> 00:15:23.680
you know, taking trust into account is not
set yet. That could be the idea that we
00:15:24.400 --> 00:15:29.040
say, OK, we have here a large group of
trusted relays, and they get more traffic
00:15:29.040 --> 00:15:37.440
to see a lot more traffic to see from uses
compared to the non-trusted group. This
00:15:37.440 --> 00:15:41.040
has performance implications and many
other implications, which we need to
00:15:41.040 --> 00:15:46.800
explore in detail. Starting this year, but
more next year, and probably for the
00:15:46.800 --> 00:15:53.600
coming years, which actually brings me to
my final point for my part, which is
00:15:53.600 --> 00:15:58.320
talking to you a bit about Tor performance
and the work we did this year and what's
00:15:58.320 --> 00:16:04.400
coming up next. So, if you look at these
and this graph of those two graphs, you
00:16:04.400 --> 00:16:10.800
see a growing gap between the bandwidth,
which is virtualized on the network and
00:16:10.800 --> 00:16:16.080
the actually used bandwidth over the
years, starting from, you know, kind of
00:16:16.080 --> 00:16:24.640
2011 and continuing up until today. This
is kind of counterintuitive because one of
00:16:24.640 --> 00:16:31.040
the things we usually get, as, kind of
most of the most important complaint, is
00:16:31.040 --> 00:16:37.520
that Tor is slow? So, so what's the issue
here? If you have so much kind of surplus
00:16:37.520 --> 00:16:41.920
bandwidth, but it's not getting used, but
on the other hand, users are complaining
00:16:41.920 --> 00:16:47.680
Tor is slow. So, we have a project which
is trying to solve those problems. We
00:16:47.680 --> 00:16:54.320
think that a big part of this equation is
coming up in that good congestion control
00:16:54.320 --> 00:16:58.640
for the Tor Network, which was lacking so
far. So, that we have an overall better
00:16:58.640 --> 00:17:04.560
bandwidth usage. And this could be
implemented this year, which is exciting,
00:17:04.560 --> 00:17:10.480
and will be deployed next year. And we
hopefully see not this growing gap
00:17:10.480 --> 00:17:18.000
anymore, but a shrinking gap.
Additionally, one thing we sorely missed
00:17:18.000 --> 00:17:22.880
was feedback for relay operators, whether
their relays are doing well, whether they
00:17:22.880 --> 00:17:29.680
are overloaded and whether they can
improve settings and make the proper
00:17:29.680 --> 00:17:36.160
modifications. So, we implemented a series
of kind of warnings or triggers which
00:17:36.880 --> 00:17:41.920
relay operators can monitor and we from
the Tor Project side can monitor as well.
00:17:42.480 --> 00:17:50.480
And then we can ping relay operators and
helping them figure out their stuff and
00:17:50.480 --> 00:17:56.800
getting those issues fixed. Resolving the
overload they see on their relays and
00:17:58.480 --> 00:18:07.760
planned for 2022 as well is that we start
to do better load balancing by figuring
00:18:07.760 --> 00:18:14.800
out which relays are seriously overloaded
and moving traffic from them back to less
00:18:14.800 --> 00:18:19.440
overloaded relays, giving an overall
better performance and user experience for
00:18:19.440 --> 00:18:26.320
all users. So, I think that's all I had to
say from my side. Thanks for listening and
00:18:26.320 --> 00:18:32.470
our Gus will pick this up.
Gus: Thank you, Georg. So, hello. This is
00:18:32.470 --> 00:18:40.509
Gus from the Tor project. And today I will
talk a little bit about the Community Team
00:18:40.509 --> 00:18:49.680
and our work on the Tor community, so we
will cover the new user support forum, our
00:18:49.680 --> 00:18:55.955
new gamification project. The "run a
bridge" campaign that we started last
00:18:55.955 --> 00:19:04.308
month, and we are also going to talk about
the Tor censorship in Russia. So, for the
00:19:04.308 --> 00:19:12.382
third forum, we at the beginning of this
year, we start to think about having a
00:19:12.382 --> 00:19:19.910
place where people can ask questions. That
is not the mailing list. So, in 2021, what
00:19:19.910 --> 00:19:26.605
looks like a support forum? You know how
where users can do questions and receive
00:19:26.605 --> 00:19:32.287
help. So, email and use of the
communication are nice, are cool and
00:19:32.287 --> 00:19:37.076
important because people in certain
regions, they can access this resource.
00:19:37.076 --> 00:19:43.390
They can send an email from Iran, from
China, from Russia now, and they can
00:19:43.390 --> 00:19:49.401
access our documentation. But you are
thinking about, are there other ways to
00:19:49.401 --> 00:19:54.240
reach out to this community to find
places, to find a way, for them to
00:19:54.240 --> 00:20:00.366
communicate and ask questions? So, part of
GS plan is to,..., The first part of this
00:20:00.366 --> 00:20:06.315
plan is to have a Tor forum, so people can
access this information and ask questions
00:20:06.315 --> 00:20:12.353
on your support forum. That's friendly,
and you can store an app on your phone and
00:20:12.353 --> 00:20:18.181
contact and talk with others. And later,
we'll talk about the second part of this
00:20:18.181 --> 00:20:24.973
plan. So, we launched the Tor Forum
jazzier in October, and it has been very
00:20:24.973 --> 00:20:32.348
nice, and I invite everyone to join our
forum. The other project that we are doing
00:20:32.348 --> 00:20:37.309
in the community team is the gamification
project for relay operators. So, the idea
00:20:37.309 --> 00:20:42.556
is to understand what, what are the
motivations, how we can incentivize better
00:20:42.556 --> 00:20:48.217
the Tor network, how we can grow, the Tor
network, basically, or why people are
00:20:48.217 --> 00:20:54.011
stopping children relays. So, we are doing
this as part of our internship, and Nico
00:20:54.011 --> 00:20:59.440
is our intern, and she is doing this work,
and we have a survey online, so people can
00:20:59.440 --> 00:21:06.707
ask some questions and give feedback about
their experience, running relays. And last
00:21:06.707 --> 00:21:13.816
month in November, we launched our
campaign to get more bridges and in as far
00:21:13.816 --> 00:21:19.320
as ... Well, Bridges are very important
for users, living in censored countries.
00:21:19.320 --> 00:21:25.003
This is how they are going to connect to
the Tor network. So, our plan was to have
00:21:25.003 --> 00:21:33.092
200 new obfs4 bridges. obfs4 is a
pluggable transport that can obfuscate
00:21:33.092 --> 00:21:43.389
your Tor connection. And we, ... so the
plan was 200 new bridges and the campaign
00:21:43.389 --> 00:21:52.539
staffs at now are at 947 new running
Bridges. 847 new obfs4 bridges, and the
00:21:52.539 --> 00:22:02.328
network size about from 1200 to 2000 new
bridges overall. So, the campaign was a
00:22:02.328 --> 00:22:11.298
real success and we ... and you can see on
the graph here on the screen how the
00:22:11.298 --> 00:22:19.851
campaign changed the course of the network
size here. And so, this campaign started
00:22:19.851 --> 00:22:27.843
in November and December, a situation just
happened. So, at the beginning of
00:22:27.843 --> 00:22:34.681
December, we received a lot of users
asking for support in Russia and what it
00:22:34.681 --> 00:22:40.488
was not? Well, we usually have some users
asking for help, but this time was
00:22:40.488 --> 00:22:46.921
different. We received, like a lot of user
support requests, basically emails asking
00:22:46.921 --> 00:22:53.052
for Tor bridges, and that was very strange
because we didn't know anything happening.
00:22:53.052 --> 00:22:58.624
So, we start to investigate with OONI
which is the "Open Observatory of Network
00:22:58.624 --> 00:23:04.760
Interference" to understand what was
happening. So, we start to see some
00:23:04.760 --> 00:23:12.230
anomalies on the Tor net in Russia,
basically blocking not just our website,
00:23:12.230 --> 00:23:19.634
but also the Tor network and not only the
Tor network, but also some Tor bridges.
00:23:19.634 --> 00:23:25.969
And that was like, ... we started to look
into that to understand what was
00:23:25.969 --> 00:23:33.195
happening. So, we start to collect
information, and we put together (...)
00:23:33.195 --> 00:23:39.496
Ticket and a few days later, we received
an email from Russian authorities saying
00:23:39.496 --> 00:23:45.379
that they were going to block the
Torproject domain, and basically, failed
00:23:45.379 --> 00:23:51.660
to give us a reason, and we didn't
understand what was happening, so we, ...
00:23:51.660 --> 00:24:00.537
I'm going to skip the lawyer part and the
reason that they are blocking the Tor
00:24:00.537 --> 00:24:05.600
project website and I will focus on what
they are actually doing and how that is
00:24:05.600 --> 00:24:11.600
impacting the Tor network and the Tor
community. So, Russia is the second-
00:24:11.810 --> 00:24:17.840
largest country of Tor users, after users
in the United States, Russia, Germany,
00:24:17.840 --> 00:24:24.160
Netherlands and other countries that are
the top 10 top 20 countries that are using
00:24:24.160 --> 00:24:32.680
Tor. In the end, as we start to look at
the metrics and see that the numbers of
00:24:32.680 --> 00:24:39.760
our users were decreasing in December. And
we also saw that the bridge users also
00:24:39.760 --> 00:24:44.880
increasing. So, you can see clearly the
impact of the censorship on just a graph
00:24:44.880 --> 00:24:50.640
here and just a graph is available on the
metrics portal too. So, the summary here
00:24:50.640 --> 00:24:55.520
is, well, On December 1st, the Russian
authorities they blocked Tor Directory
00:24:55.520 --> 00:25:00.000
Authorities. So if you have Tor followed
on your computer, you cannot bootstrap
00:25:00.000 --> 00:25:06.000
Tor. They block Tor Browser Bridges. So if
you have Tor browser installed, you cannot
00:25:06.000 --> 00:25:10.992
use these bridges. They also block a
domain fronting with Azure. So if you try
00:25:10.992 --> 00:25:15.800
to bypass censorship, that was not going
to work. They also blocked Snowflake,
00:25:15.800 --> 00:25:20.990
which we will talk about a little bit
later. And they also blocked a bunch of
00:25:20.990 --> 00:25:27.740
Tor bridges in different internet
providers. So, it depends on where you are
00:25:27.740 --> 00:25:33.886
in Russia, you can use Tor. But in other
places, that was going to be more
00:25:33.886 --> 00:25:39.098
complicated. And the only way to bypass
the censorship at the time on December 1st
00:25:39.098 --> 00:25:44.430
was to use a bridge from
https://bridges.torproject.org or from our
00:25:44.430 --> 00:25:50.510
email. And so, we start to fight the
censorship, we launched our Telegram bot
00:25:50.510 --> 00:25:55.726
that you can get a bridge and that the
bridges is not blocked in Russia. And we
00:25:55.726 --> 00:26:00.043
tasked these bridges on all of these
points on Russia to see if they are
00:26:00.043 --> 00:26:05.120
blocked, if they are blocked we ask for
relay operator to hold that IP address.
00:26:05.120 --> 00:26:10.523
So, Tor Bridges are working, and we are
checking if they are checking in,
00:26:10.523 --> 00:26:17.556
recording if they are working. That are
community also fought back and that our
00:26:17.556 --> 00:26:23.860
committee spin up like more than 400 new
Tor bridges in just a few days. I mean, we
00:26:23.860 --> 00:26:32.014
have amazing volunteers translating Tor
user support guides in Russian, and doing
00:26:32.014 --> 00:26:38.668
after the first block on December 1st. The
anti-censorship thing also provide a fix
00:26:38.668 --> 00:26:45.296
for snowflake, and just fix what's
available on Tor browser, the last
00:26:45.296 --> 00:26:51.522
release. So, you can see onto the graph
that Snowflake was around like less than
00:26:51.522 --> 00:26:59.045
2000 users, but after December, you can
see it take a while, but then such
00:26:59.045 --> 00:27:04.859
increase the number of snowflake users,
basically because of Russia. And you can
00:27:04.859 --> 00:27:12.728
see just a graph here. There's a decrease
here, is because the server crashed after
00:27:12.728 --> 00:27:19.057
too many users. So, we fixed the server,
and we start to get more users. So, if you
00:27:19.057 --> 00:27:24.440
want to help people inside this country,
you can run a Tor bridge, or you can run a
00:27:24.440 --> 00:27:31.425
snowflake proxy and that that will be very
helpful for Tor users in Russia. And a new
00:27:31.425 --> 00:27:38.280
update, during Christmas, we also had a
new round of censorship in Russia. More
00:27:38.280 --> 00:27:45.514
bridges were blocked between December 23
and 24. We are going to reach out to relay
00:27:45.514 --> 00:27:51.360
operators, and we are going to contact
them and say, OK, you need to rotate your
00:27:51.360 --> 00:27:56.561
IP address if you want to get back in the
game and fight censorship. And we are
00:27:56.561 --> 00:28:02.906
going to do that and just (check) if
snowflake is working fine, and we have
00:28:02.906 --> 00:28:09.548
been working with doing the other support
with Russian users. And we already
00:28:09.548 --> 00:28:16.130
answered more than 1300 Help requests
since December 1st. Just for comparison,
00:28:16.130 --> 00:28:24.482
we resolved 1400 support tickets between
January and November. So, in one month, we
00:28:24.482 --> 00:28:32.114
already have more user support request
from Russia than, you know, in 12 months,
00:28:32.114 --> 00:28:39.840
basically. So, uh, so I will do a call
here for the international community to
00:28:39.840 --> 00:28:45.659
spin up a Tor bridge or run a snowflake
proxy. If you can't, if you cannot run a
00:28:45.659 --> 00:28:51.687
bridge, you can donate to relay
associations. If you cannot donate, you
00:28:51.687 --> 00:28:58.143
can help and teach our users about Tor
bridges. Or you can help localize Tor in
00:28:58.143 --> 00:29:03.588
Russian. Or you can do. We can apply
pressure like if you are part of a digital
00:29:03.588 --> 00:29:08.732
rights organization or your organization
and help us to make pressure on the
00:29:08.732 --> 00:29:15.532
Russian government. And stand up and start
(a directory) like Edward Snowden did and
00:29:15.532 --> 00:29:22.144
publish messages calling the Russian
government to stop blocking Tor. How to
00:29:22.144 --> 00:29:29.280
get involved. We are available on our IRC
and Matrix channels. You can join us, our
00:29:29.280 --> 00:29:35.383
mailing list. They are public and you can
see what we are talking, and you can help.
00:29:35.383 --> 00:29:41.484
You can also join the Tor Forum and you
can contribute on GitLab. And for next
00:29:41.484 --> 00:29:46.411
year, we are going to improve. We are
going to continue to improve our user
00:29:46.411 --> 00:29:52.289
support tools for users living in censored
countries or regions. So one of our ideas
00:29:52.289 --> 00:29:59.455
is to provide a Telegram chat channel, so
users can communicate and have and get
00:29:59.455 --> 00:30:04.323
user support on Telegram. We are going to
continue to develop the Tor relay
00:30:04.323 --> 00:30:10.129
gamification project, and continue to
organize our trainings in the global
00:30:10.129 --> 00:30:16.120
south, in Latin America and Africa, and
organize relay operators meetups. Today we
00:30:16.120 --> 00:30:24.225
are going to have our relay operator meet-
up at 10:00 p.m. German time. And the link
00:30:24.225 --> 00:30:28.188
you can find on the Tor relay mailing
list. And also, if you search on Twitter,
00:30:28.188 --> 00:30:37.265
on social media, you can also find that,
um. And today we just covered some topics
00:30:37.265 --> 00:30:43.721
from the state of the onion. One month
ago, we did a huge presentation like two
00:30:43.721 --> 00:30:50.435
and a half hours about anti-censorship
from the rising UX SysAdmin team and many
00:30:50.435 --> 00:30:57.720
other updates about Arti, about virtual or
non deprecation and many other topics. And
00:30:57.720 --> 00:31:04.400
you can watch that on YouTube. So, I think
that's it from my side, and we are open
00:31:04.400 --> 00:31:07.997
for more questions.
00:31:07.997 --> 00:31:12.105
Herald: Thank you so much, guys. Like
obviously, Tor is a really important
00:31:12.105 --> 00:31:16.995
project and that's honestly great to see
how dedicated you are to basically helping
00:31:16.995 --> 00:31:21.520
everyone. I was actually. Now we're going
to go on to the question, and I was
00:31:21.520 --> 00:31:26.720
actually wondering something myself before
we head over to taking the ones coming in
00:31:26.720 --> 00:31:32.066
from the internet. Basically, I as far as
I understand like when you working with
00:31:32.066 --> 00:31:36.240
bridges and making sure to like, avoid
this censorship and everything like as far
00:31:36.240 --> 00:31:41.004
as I understand, an important tool in this
process are the meek-bridges where you use
00:31:41.004 --> 00:31:46.248
huge cloud providers to basically mask
traffic to Tor. It's like regular HTTPS
00:31:46.248 --> 00:31:51.709
website traffic. Does that not work in the
case of Russia or like what does the
00:31:51.709 --> 00:31:57.423
attack threat situation look like at the
moment? And that's the landscape.
00:31:57.423 --> 00:32:04.669
Gus: I can answer in two parts. The first
part is that some cloud providers, they
00:32:04.669 --> 00:32:12.469
don't like domain fronting. And so, Amazon
and others, they change their policy, and
00:32:12.469 --> 00:32:21.832
they start to block, well, not just block,
but to remove projects that were using
00:32:21.832 --> 00:32:29.926
domain fronting. So, the only cloud
provider that allows Tor or allow Tor to
00:32:29.926 --> 00:32:38.920
do that was Azure, and we had to limit the
bandwidth on that. So if you use meek-
00:32:38.920 --> 00:32:45.666
Azure on Tor browser, it's going to be
very slow. And one thing that we saw, just
00:32:45.666 --> 00:32:51.860
as the first part, like the providers,
they don't like that they were enforcing
00:32:51.860 --> 00:32:59.155
us to stalk, or we will remove just
support. The other thing is that the bill,
00:32:59.155 --> 00:33:06.571
like the cost of running a meek-Azure
bridge or a meek-Amazon bridge, but it
00:33:06.571 --> 00:33:15.440
that was too high and too costly. So,
snowflake is the next step here because it
00:33:15.440 --> 00:33:25.647
uses domain fronting to connect you to a
Tor proxy. It's not like proxy, and the
00:33:25.647 --> 00:33:35.440
cost will be like very cheap. So, you can
get the benefit of domain fronting, and
00:33:35.440 --> 00:33:42.886
you can use a lot of proxies to connect
Tor users. And that will not cost a lot of
00:33:42.886 --> 00:33:48.826
money for the Tor project or for Tor
users. So, that is the way to go here is
00:33:48.826 --> 00:33:55.560
not to look back, but look forward.Laugh
Herald: It sounds so cool. Like obviously
00:33:55.560 --> 00:34:01.063
it seems that this was very important and
actually hearing like some of the problems
00:34:01.063 --> 00:34:05.231
that you guys are facing in your fight, I
think that's very interesting for all of
00:34:05.231 --> 00:34:12.326
us. So questions from the audience. The
first one is that the apps that you're
00:34:12.326 --> 00:34:17.746
making like the question is, whether they
would make you identifiable. So basically,
00:34:17.746 --> 00:34:22.520
if exactly those five apps are always
calling home over the same Tor nodes, the
00:34:22.520 --> 00:34:28.519
question is if that if someone could link
that back to you?
00:34:28.519 --> 00:34:33.840
Georg: Hmm. Do you want to talk about this
Gus? Or should I?
00:34:33.840 --> 00:34:38.893
Gus: Go ahead.
Georg: Yeah, I think this should not be
00:34:38.893 --> 00:34:48.775
the case. I mean, depending on what kind
of apps you have, how they are configured
00:34:48.775 --> 00:34:55.774
and such and potential, you know, timing
signatures and stuff. So, that's one of
00:34:55.774 --> 00:35:01.964
the things we're concerned, for instance,
with Tor browser and trying to really make
00:35:01.964 --> 00:35:09.140
sure to break this up in the sense that
folks can't learn anything about those
00:35:09.140 --> 00:35:16.946
patterns you have. It's hard, in
particular, if adversaries can monitor,
00:35:16.946 --> 00:35:25.346
you know, exit nodes or endpoints over a
long period of time. But generally, you
00:35:25.346 --> 00:35:30.060
should be protected from this kind of
threat.
00:35:30.060 --> 00:35:39.440
Herald: Right. That makes sense. So, the
next question is that if they understand
00:35:39.440 --> 00:35:43.680
correctly, the Tor organization is
registered in the United States, could the
00:35:43.680 --> 00:35:47.600
project be in danger of any government
pressure to be discontinued, And have you
00:35:47.600 --> 00:35:57.840
guys have a plan to move to more neutral
countries like Switzerland or similar?
00:36:02.640 --> 00:36:09.840
Gus: So from my point of view, I don't
think we suffer any pressure right now
00:36:10.800 --> 00:36:19.120
from US government. So, I think. Would
what would you be interested? Well, one
00:36:19.120 --> 00:36:24.240
thing that is important is one thing is
that the Tor project and the other thing
00:36:24.240 --> 00:36:30.880
is the Tor network. The Tor Network is,...
we have directed authorities in different
00:36:30.880 --> 00:36:38.404
countries and that just to avoid this kind
of government pressure against the Tor
00:36:38.404 --> 00:36:49.400
network. So, I think the question would be
more like finding different ways to fund,
00:36:49.400 --> 00:36:59.390
..., make Tor sustainable, not just. Like
diversifying our funds, so we don't be so
00:36:59.390 --> 00:37:07.297
connected with a government, are one
source provider of resource. I think just
00:37:07.297 --> 00:37:15.600
it's happening right now. Isabella, the
executive director, has changing a lot of
00:37:15.600 --> 00:37:24.200
our money income. And if you look back in
the Tor history, US government was adding
00:37:24.200 --> 00:37:31.720
a lot of money through to the TOR project
in different by different ways, you know,
00:37:31.720 --> 00:37:38.758
like a human rights projects and internet
freedom projects. And just was basically
00:37:38.758 --> 00:37:43.854
how Tor is and was funded by U.S.
government, but not just U.S. government,
00:37:43.854 --> 00:37:50.298
other governments like Swedish government
too. So, I think I would be more concerned
00:37:50.298 --> 00:37:57.760
about the Tor directed authorities being
in just one country, and that's not true.
00:37:57.760 --> 00:38:04.388
We are in different countries and they so
far I don't I never heard any kind of
00:38:04.388 --> 00:38:11.801
pressure from the U.S. government against
the nonprofit, call it the Tor project.
00:38:11.801 --> 00:38:15.554
So, I think that it's basically, my answer
here.
00:38:15.554 --> 00:38:21.735
Herald: That's good to hear. And now on to
maybe a little bit lighter question, do
00:38:21.735 --> 00:38:29.312
Tor browser users have any chance or hope
to see less captchas in the future?
00:38:29.312 --> 00:38:36.720
Georg: Yeah. Yeah. I think we do have some
hope, there is, ... I mean, not just only
00:38:36.720 --> 00:38:45.520
hope. But we have work ongoing solving
this from different angles. The first one
00:38:45.520 --> 00:38:53.040
is outreach to major providers trying to
understand why they are blocking Tor or
00:38:53.040 --> 00:38:58.720
why they provide, captchas and working
with them to come up with solutions, which
00:39:00.160 --> 00:39:07.280
are not only deployable by them, but by
the wider industry. So, there is a
00:39:07.280 --> 00:39:12.640
knowledge gap here and then trying to,
..., based on that, trying to figure out
00:39:12.640 --> 00:39:19.360
how we can solve this problem. And that's
not only from , you know, policy angle,
00:39:19.360 --> 00:39:28.240
but we plan to look into technical means
as well. For instance. There's the idea of
00:39:28.240 --> 00:39:36.320
providing tokens to Tor users, so
they can, which they can spend anonymously
00:39:36.320 --> 00:39:42.960
at websites, for instance, and the
websites can look for that and try to
00:39:43.520 --> 00:39:49.840
regulate the traffic, keeping the noisy
bots out while providing good service to
00:39:49.840 --> 00:39:58.160
our users providing such a token. That's
another thing that won't be solved next
00:39:58.160 --> 00:40:04.080
year. It's a multi-year project, too. We
are a small organization, so there has to
00:40:04.080 --> 00:40:11.360
be some kind of prioritization. But that's
definitely on our radar and a serious
00:40:11.360 --> 00:40:16.720
problem for us. So, we should fix this.
Herald: Sounds like great initiatives and
00:40:16.720 --> 00:40:22.320
also like that going some of the way in
order to some extent legitimize the use of
00:40:22.320 --> 00:40:26.320
the Tor browser. Maybe not as much in
common society, but also when actually
00:40:26.320 --> 00:40:28.720
visiting different websites.
Georg: Yeah, exactly.
00:40:28.720 --> 00:40:36.320
Herald: Nice. Next up is whether you guys
are planning to figure out some kind of
00:40:36.320 --> 00:40:40.640
solutions for firewalls, for instance, the
corporate ones that are slowing traffic
00:40:40.640 --> 00:40:55.360
down.
Georg: I know, Gus, do you. Do you have
00:40:55.360 --> 00:41:01.760
some, you know, queries or complaints from
users for this particular issue? I'm not
00:41:01.760 --> 00:41:11.611
sure about that.
Gus: Yeah, I and. I just want to be a very
00:41:11.611 --> 00:41:15.842
specific question, I ....
Herald: It's also very fair to just say
00:41:15.842 --> 00:41:19.760
that it's not a problem that you've heard
a lot of complaints about,
00:41:19.760 --> 00:41:23.682
Georg: Right.
Gus: Yeah, sure, that's true. We I didn't
00:41:23.682 --> 00:41:29.567
hear about that. Like the captacha one is
a popular one, but I never heard.
00:41:29.567 --> 00:41:38.072
Georg: I think they're a bunch of larger
things to fry here, there. It's not really
00:41:38.072 --> 00:41:43.803
in our not even our top 10. So there.
Herald: Right? I guess it can also be very
00:41:43.803 --> 00:41:48.002
hard for you guys to like, work with
figuring out how to prioritize all the
00:41:48.002 --> 00:41:51.240
different initiatives and wishes that that
people have.
00:41:51.240 --> 00:42:01.567
Georg: Yeah, definitely.
Herald: Cool. So unfortunately, we don't
00:42:01.567 --> 00:42:07.080
have time for any more questions right
now, but there is a break-out room that
00:42:07.080 --> 00:42:13.002
people can come to, and you will answer
any further questions. For now, we are
00:42:13.002 --> 00:42:18.525
going to have a break on this channel
before the next talk that's going on at
00:42:18.525 --> 00:42:23.616
20:00, which is (in German) "Cookiebanner,
das Online-Werbe-Ökosystem und Google,
00:42:23.616 --> 00:42:31.027
Preisträger BigBrotherAwards 2021" For
now, thank you very much, guys. Take care
00:42:31.027 --> 00:42:35.686
and maybe we'll see you in the break-out
room.
00:42:35.686 --> 00:42:47.975
postroll music
00:42:47.975 --> 00:42:52.243
Subtitles created by c3subtitles.de
in the year 2021. Join, and help us!