/299$37c3-talk-12040

Hallo Du!
Bevor du loslegst den Talk zu transkribieren, sieh dir bitte noch einmal unseren Style Guide an: https://wiki.c3subtitles.de/de:styleguide. Solltest du Fragen haben, dann kannst du uns gerne direkt fragen oder unter https://webirc.hackint.org/#irc://hackint.org/#subtitles oder https://rocket.events.ccc.de/channel/subtitles oder https://chat.rc3.world/channel/subtitles erreichen.
Bitte vergiss nicht deinen Fortschritt im Fortschrittsbalken auf der Seite des Talks einzutragen.
Vielen Dank für dein Engagement!

Hey you!
Prior to transcribing, please look at your style guide: https://wiki.c3subtitles.de/en:styleguide. If you have some questions you can either ask us personally or write us at https://webirc.hackint.org/#irc://hackint.org/#subtitles or https://rocket.events.ccc.de/channel/subtitles or https://chat.rc3.world/channel/subtitles .
Please don't forget to mark your progress in the progress bar at the talk's website.
Thank you very much for your commitment!

======================================================================

[Music]
and please give a warm Round of Applause for Roger
[Applause]
dingledine okay hi everybody is the microphone working sounds like it is excellent how many people here know how tour works or uh have Run tour tour browser awesome great how many people here know words like Bridges and pluggable transports bunch of hands also perfect okay so I'm going to talk a little bit uh about the intro to tour for those who didn't raise their hands I'll try to get through that quickly and then I'm going to talk about uh intro DET tour and censorship and try to get through that quickly and then talk about what has happened in Russia over the past few years what's happened in Iran uh last year and what's happened in turkistan this year and then we'll talk about uh policy uh and political questions that come from that okay so tour is a free software project tour is a nonprofit uh one of the fun things about tour is the community of people all around the world uh any City you go to these days has a university where professors are doing uh tore research and there are grad students interested in this uh we have somewhere between 2 million and 8 million daily users it's an anonymity system so it's a bit hard to tell exactly how many we have and we're part of larger ecosystems the internet Freedom world the free software World censorship research anonymity research so big picture we've got Alice here she's trying to get to some website like Bob and do it safely uh there are a bunch of places the attacker can be maybe the attacker watching Alice's local network uh maybe it's Starbucks or somebody running the Wi-Fi here uh they're trying to learn what Alice is doing or maybe the attacker uh is inside the network deuts Telecom NSA something like that uh and they're trying to learn which alyses went to which Bobs or maybe the attacker is on The Bob side maybe it's CNN and they want to know who their users are uh or maybe it's somebody watching Wikileaks trying to figure out who's connecting to it so these are all the the the types of attacks that we thin
k about uh in terms of an anonymity system um and encryption is important you should use encryption but even when you're using encryption people watching you get to learn uh who you talk to how how long you talk uh when you talk things like that uh when the CIA tries to attack things they're not trying to break the encryption these days they build the social graph of uh this person talks to this person so let's break into his house and uh install something on his laptop so encryption is good but it's not enough and another way of looking at that is Communications metadata not too many years ago there was creepy NSA dude with his phrase we kill people based on metadata so the the the goal of tour is to uh protect not just the contents of your Communications but the metadata of your Communications as well so another way of looking at that I actually only use the word anonymity when I'm talking to other researchers when I'm talking to my parents I tell them I'm working on a privacy system anonymity I'm not sure but privacy is an important thing for the world to have when I'm talking to companies I work on communication security because they don't care about privacy privacy is dead but communication security is important to have and when I'm talking to governments I work on traffic analysis resistant communication networks and again it's the same system but telling governments you got an anonymity system they don't want that privacy why would we want that security we've got lots of that oh traffic analysis resistance yes we we do need that so part of the the fun of this is to get all those us users into the same anonymity set so you have the Egyptian activist and the German BN guy and uh the cancer survivor all in the same uh anonymity set so they blend together and then there's another category we're going to talk a lot about today which is the reachability side for human rights where I want to reach BBC and my local network doesn't let me do it okay so how do you buil
d one of these the easy answer is a big centralized system like a VPN where all the connections come in and then they get proxied to somewhere else and the first problem there is what happens if that Central Point is evil and they're actually turns out they do log turns out they do uh give their logs out who knows it's hard to hard to tell these things in a centralized system but it's worse than that what if the centralized system is completely honest it's still one point where a bunch of connections come in bunch of connections come out so if you can do traffic analysis on that to match up this Alice to that Bob that's bad news so the goal of tour is to distribute the trust over multiple relays so there's no single point in the system that knows which Alice talked to which Bob so it isn't about privacy by promise I know who you I know what you're doing but I promise I won't tell it's about privacy by Design or privacy by by construction where the actual system separates who gets to know what about what's going on and we've been growing in terms of bandwidth over the past many years and the graph looks like this every time just with different dates at the bottom uh another piece that's important uh which we'll we can talk about afterwards tour itself is the anonymity layer I was talking about it tries to hide your IP address but there's another layer the application layer uh where cookies and fonts and uh application versions and all the stuff inside browsers we need to deal with that also so tour browser takes care of the second half of the Privacy uh piece and then the last point to think about uh is the transparency we are a free software project uh of course we give you design documents and specifications and source code and uh to explain this is what we meant to build this is why we built it that way this is what we built uh and also we say uh hi I'm Roger I wrote Tor uh we are publicly identified people and that uh transparency is important for building commun
ities uh and of course every time I say that there's somebody who says uh oh haha the anonymity people are talking about transparency haha uh the point is privacy is about choice and we choose to be transparent in order to have you uh understand what the tour Community is and be part of the tour community and that's how we build trust okay so that was crash course on tour uh for the next side Let's uh give you the crash course on censorship resistance and uh the pluggable transport where okay so the first arms race cat and mouse game we're in uh the tour network is made up of 8,000 relays around the world and those IP addresses are publicly listed so at the beginning China could just grab the whole list block them it's done you can't get to tour uh so the fix for this is what we call Bridge relays where they're not in a big public list and then the the arms race becomes how do we give out Bridges to the people who need them one at a time without letting the adversary learn all of them so that turns out to be a hard problem but it's at least better than the first one and the other piece of this is not just finding IP addresses and blocking them but blocking by protocol by by using deep packet inspection to learn uh I'm not going to allow bit torrent I'm not going to allow https uh whatever the sensor chooses to block by protocol so the fix that we have for that uh originally Tor tried to look like uh Firefox talking to aache we are doing encrypted web browsing everybody should allow encrypted web browsing uh turns out looking exactly like that is really hard so uh we tried that to to fine-tune things for a while but eventually we ended up with uh let's modularize this so we've got a bunch of different transports that take care of blending in and making you not get blocked and then the transports deal with reachability and tour deals with the anonymity privacy uh traffic analysis resistance side of things so there are a couple of pluggable transports that have worked
pretty well over the past few years and I'll talk more about them uh in action in a bit the first one is obs4 so basically it just adds another layer of encryption on top of whatever the protocol is so there are no recognizable headers and the idea is that when you're running your protocol classifier it pops out bit torrent htps uh web RTC video W get whatever it pops out and for OBS 4 it pops out I don't know and the goal of this is the sensor needs to decide for all of the I don't knows do I block them all because there's going to be a long tail of weird protocols and allowing that long tail means that we go through and blocking that long tail means that you block whatever protocol the new startup made last week um and in this case this works really well in places like China because when you block the long tail of unclassifiable things the firewall help desk actually gets a lot of phone calls saying hey my thing stopped working can you fix it so that's that's one One Transport that's been working another one that's been working is called snowflake the idea for snowflake is to transform your traffic into web RTC the idea is you'll look like video chat uh and a lot of places allow video chat through so the other cool thing about snowflake because it uses web RTC browsers can do web RTC natively so snowflake extensions in Firefox and chrome and brave and so on uh let you become a snowflake volunteer just by adding something to your browser you don't have to apt get install tour and then know how to edit a text file and so on uh so that uh variety of volunteers that we get means first of all we have a lot of them so we can uh change how we give them out but also they change a lot because your browser is on a different IP address today than it was yesterday okay another plugable transport that has been useful in the past is based on domain fronting how many people here know the word domain fronting I see uh some hands but me many fewer hands than I saw before great oka
y so the idea for domain fronting is I want to connect to some uh hugely popular cloud service like uh Google cloud or Azure or something like that and I'm going to do a an https connection and on the outside in the server name indicator I will list a very popular uh domain that they'll hopefully they will not be willing to block once I've done the TLs connection inside the encryption then I send a host header for a different domain and all of these uh Cloud providers up until recently uh allowed you to do that where you you're you're using encryption to get to one domain but you're actually reaching a different website underneath and that means from the sensors perspective they see you talking to uh stack exchange or something like that which they are willing to let through uh and then underneath that you're talking to a tour proxy that sends your traffic into the tour Network so one downside here is uh if you're actually using Google Google cloud or Amazon Cloud they charge you way too much uh so we don't want to put all of the tour traffic through this but you can use it as a signaling Channel or as a last option uh but the basic idea is there's a domain that is too big to fail and hopefully they won't block it and we can act like that that okay and then some other uh the last thing you need to know about the censorship side of things is how do we match up users to Bridges and there's a service called Bridge DB that breaks bridges into different buckets and each bucket makes you exercise some new scarce resource like you have to come up with from a new uh sl16 on the Internet or a new gmail address or solve a Capa uh and the goal of this is to separate these so if China gets really good at having a lot of addresses that's not enough they also have to have a lot of Gmail addresses and be good at solving captas and so on so the part of the goal of that is to to to have a way to give Bridge addresses to the users who need them without letting the the adversary easil
y learn all of them and snowflake has something similar to bridg DB called the broker where the clients uh Connect using domain fronting to the broker and the volunteer snowflakes also connect to the broker and it pairs uh users who are censored with volunteers who want to help them get into tour so far so good great okay so that was uh the crash course on everything I'm talking about here let's talk about uh what's happened over the past couple of years so our story starts uh at the end of December 2021 in Russia where in the same day Russia ended up blocking all of the public relays by IP address they ended up blocking the Azure domain fronting mechanism that we had they ended up blocking a bunch of the OBS Four Bridges the ones that were easiest to find uh they blocked some other ones that were harder to find and they blocked snowflake by protocol and they rolled all of this out uh basically in the same day and we uh we had to piece together what was actually happening a couple of days after that they sent us a letter to hetner in Russian basically saying your website is evil and we're going to block it and we didn't really know what to do with that so after a while they blocked it so that's the beginning of the story and you can see the graph of uh number of people connecting uh directly to relays without using Bridges or plugable transports uh and over the course of uh a day or so uh quite a few people uh stopped being able to use tour but there's a corresponding graph of over that same time period uh many people were able to switch over to using Bridges uh in order to continue using torque in terms of how they block snowflake in particular it was a protocol it was a DPI level block where uh we were sending a certain TLS extension in both directions and actually uh normal places that do TLS only send that extension uh from the the client's side not the server side so that was something that you could see in the TLs handshake and they decided to block that we ac
tually figured that one out pretty quickly rolled out a fix uh and because it was a fix just on the server side the clients didn't have to change it all uh and over the course of a couple of days uh many people were able to switch back to using snowflake from inside Russia the domain fronting one was a bit more exciting so at first I was thinking okay we've got this domain it's like Ajax do aspn CDN natur or something it's someplace that serves a lot of JavaScript to the world and it's too big to fail there's no way they'd be willing to block that so I was trying to figure out how did they like did they actually decide to block that domain what's going on uh and it turn out the answer is no they blocked the IP address they blocked Azure by IP address so this is my no [ __ ] let me tell you that time we got Russia to block Azure for a day story and did they know they were doing it and they thought it was acceptable I don't know uh somebody in Azure noticed and after a day or so and rotated to a new IP address and uh and the block didn't follow so it wasn't just us that they were blocking they were blocking Skype login they were blocking everything that Azure has because Azure does geodns so everything that is azure goes to that one IP address from all of that region of the world so that was kind of exciting and the answer was at first we were thinking okay let let's switch to a new domain front let's find something that's even bigger that they'll not that they won't block uh but they blocked all of azure which solved that uh arms race right there and then azra solved it for us after wordss so the the other uh fun piece of this we put up a forum post right after that explaining uh here's how uh if you are blocked here's what you should do here's how the blocking Works here's how you can get a bridge uh here's how snowflake works and because we had recently set up our Forum on forum. tour pro.net because we were not running it uh the the services that we run are on tou
r project.org the external thirdparty services are on tour project.net tour project.net never never got blocked so our Forum worked just fine the whole time uh we got a great opportunity to interact with hundreds of thousands of people who were coming there to learn all about how to get around these things so there's there's some lesson in there somewhere uh in terms of long-term we've lost maybe uh 2third of the people who were connecting directly uh over uh using tour directly to to relays uh but at the same time we've had quite a quite a few people coming back the fun thing here is most people in Russia are using OBS 4 to get around the censorship and we'll see in a few more slides that a lot of people are using snowflake in Iran I think both of them work in both places so it's it's more of a social thing uh which one gets used where so I should also say here I am showing you uh 200,000 users lost and 40,000 users gained so we didn't it's not a one for one map but it's worse than that these user estimates are extremely uh uh uh variable extremely vague extremely ambiguous and the reason for this is uh those counts are assuming most users are online all day each day and if you're a user in Iran or Egypt or Russia or whatever you go to the Internet cafe for an hour you leave then we're way way way under counting so here's some way to visualize that uh if we assumed all of the users that we're seeing are on on line only for an hour a day it's up in the green line up at 20 million some users if we assume that every user is online all the time we're the red line down there and the blue line is the one that we actually show for these graphs so when I'm showing you these graphs uh it may the numbers might be higher by a factor of 10 uh we really don't know what the what the using of tour behavior is by various populations around the world it's a privacy system um we can talk about that later also okay so another Bridge distribution mechanism that we worked on when this
Russia thing happened was uh giving out Bridges by telegram so part of the goal there was we want to have some easy way for people to interact with us shouldn't be a website everybody's using telegram telegram has worked hard on not being blocked so we set up a a bot an auto responder where you ask us for Bridges and we send you some bridges and you could imagine the Russian sensors would do this too so turns out telegram accounts are assigned numerically so if I see your telegram name I know how long ago your account was made so the hack is if the telegram account is older than a certain amount give them these Bridges and if it's newer than a certain amount give them these Bridges
[Applause]
so so this means that the Russian censorship Ministry uh very eagerly got a bunch of new telegram accounts and signed up and I got all of our bridges and said we are satisfied we have found all the telegram Bridges but the reality is uh there are a bunch of I'll get the reality is there are a bunch of bridges like this that uh saw hundreds of users and were happily proxying uh many megabytes a second for a while until eventually somebody leaks them and they get blocked and we go to another one and also I should mention uh the importance of having people on the inside who want to tell you what's going on we got some interesting Communications from folks who run who work in the censorship Ministry in Russia and I don't want to write any yes CL excellent and I don't want to write any of the words up there because I don't want somebody using stylometry or something to guess uh which employee that was but they were telling us interesting stor stories like uh my job is to uh download tour browser and get Bridges each day and when I get a bridge I put it in a uh an Excel spreadsheet and I email it to the sensors so this is that's the world that they are living in if you're imagining some sort of high-tech automated thing uh that was not what was going on in 2021 2022 uh in Russia and I think that's still the case Okay so some other fun parts of this uh we actually got contacted I'll give you the English version of this so you can uh read the non-russian we actually got contacted by a an NGO inside Russia who said you know I think they're blocking your website illegally like there's a way that they're allowed to decide to block your domain and they didn't follow their own law we want to sue them inside Russia and I'm thinking okay I mean sure if you want to and in particular I'm thinking I I don't think you're going to succeed at this but I want to empower you to change your country from the inside because that I mean you're an NGO we're an NGO if you if this is what you w
ant to spend your time on uh go for it so we we signed a thing saying they represent us inside Russia uh and they
[Applause]
won so that was the good news they ended up uh convincing some judge that indeed the the censorship Ministry had not followed its own laws and it was important for them to to remove the blocking so that was the good news here's the not quite so good news the the orange stuff is when it didn't work the green stuff is after the judicial conclusion and then of course the censorship Ministry said sounds good we'll we'll follow our laws this time and block you the appropriate way which makes sense to me but the good news that comes after that is they started off blocking star. tour project.org afterwards they blocked www.torproject.org so bridges. tour project.org works forum. Tour all the other websites are not blocked in Russia uh as a result of that internal lawsuit so uh go them for succeeding internally uh and there's a lesson there about uh letting people fight their own fights in their country another fun thing to think about on the Russia side uh a bunch of people broke into the censorship Ministry and took a bunch of documents and put them on the Internet so if you're interested in uh looking at sketchy dodgy documents that may or may not have been planted by the Russian censorship Ministry I'm not sure uh so look at them very carefully if you do but you're the right crowd for doing that um I think the amnesty folks have been trying to look at them and maybe the citizen lab folks have been trying to look at them uh so their details about uh what they block how they go about blocking uh what they spy on things like that and I think this was the first dump but there was another much bigger dump that happened uh like earlier this year so uh the censorship Ministry is uh has has a bunch of interesting details about what it does and we this group should learn about that as well okay so where is Russia these days uh they still sometimes crawl a bunch of bridges and block them but mostly bridges last for days or weeks or more um and a lot of people are using OBS 4 wit
h telegram uh or maybe other Bridge distribution strategies or maybe they they tell their friends uh and Snowflake and meek also continue to work so the Russia story is doing pretty well except Russia in general there are some other problems going on uh there were some stories that came out recently about how the Russian government is asking the Russian Banks to check if you've paid for something that looks like a VPN and if you have then they call you up and you say what what's going on why do you need VPN why why what do you have to hide so the bank is doing the enforcement to try to discourage people uh and part of the goal of something like tour is we don't charge it's free software it's open source it's freely available uh so that you don't have to deal with the fact that your bank suddenly turns into the Secret Service uh on on the government's
[Applause]
behalf okay so that was the Russia story I'll talk a little bit more about Russia at the end but let's talk about what happened in September 2022 in Iran so here's the graph of uh people using tour directly in Iran they don't need Bridges or pluggable transports or things like that so while there were protests in the street there were a lot of people mostly on non-mobile uh networks who were trying to to be safe to reach Facebook or whatever they were trying to reach that was otherwise blocked so that was the good good version of the story so remember uh the previous graphs that I had where I'm like woohoo check out these like we had 6,000 people using snowflake in Russia so that that was awesome but that was that little corner over there with 6,000 people and we were like cool 6,000 uh and here we have hundreds of thousands of people using snowflake so that was a a pretty big uh bump and the important thing there is we found a bunch of bottlenecks while people were trying to ramp up to 6,000 that we fixed that made us ready for when the Iran thing happened and suddenly 100,000 more people wanted to use it uh and because we had worked on scaling we were ready for them so that was a pretty cool uh coincidence that happened part of the reason why a lot of people were using snowflake at the time was uh Word of Mouth Community inside Iran saying hey use this thing this thing works to get around the censorship and it's safe so we had a lot of folks uh telling their friends to be able to do that safely and uh a fun day in I think October 1 of 2022 we were the number one app in the app store in Iran and and we were the number two app in the app store in Iran for that
[Applause]
day now to be fair that was just one day and uh and and things changed after that and I'll tell you a little bit more about uh how those things changed but part of the reason why we were ready in terms of the snowflake scalability was you can see the the campaigns that we did in 2022 to try to get more more volunteers running snowflake uh and then when that happened towards the in October 2022 we were uh ready to grow even further and at this point we have uh 100,000 or more people running uh volunteer snowflake uh Bridges as either extensions in their browser or if you have an actual computer that's not behind a net that's much more useful there's a go Standalone version of snowflake uh please install it and run it and help uh help be uh part of this graph the Standalone ones are the green ones down there that are the most important and they are far fewer than 125,000 okay so that was the good news here's the the more interesting uh the the debugging side of things so at some point uh around October 5 we notice hey we're we're handling less snowflake traffic than we were before uh what's going on did they did they block us is there a bug is there like a scaling thing did something fall over uh so the first fix was uh we went to go look at the logs on on the snowflake server side and it's giving us a bunch of too many open files so we're like okay there's a bug we fixed it sounds good uh but then we fixed it and it didn't actually solve the problem The Next Step was Well it can't be Iran specific because uh we lost 70% of our users in Iran but uh but also we lost like 60% of our users in the US so it must be something about the snowflake infrastructure it can't be an Iran specific block because we lost users in a lot of different countries uh and then we were thinking okay this looks like a pretty steep drop like something something specific happened here it isn't just like an overload or a a system isn't able to keep up with things there's there's a particular lik
e 10-minute period where all the bandwidth fell off and then we were looking more and we realized even before that blocking event there's correlation between number of users in Iran and number of users in the US and number of users in Germany and it's a goip issue our goip database uh thinks that these Iranian users are in the US and Germany because goip databases are especially bad for uh countries that aren't going to buy televisions or do e-commerce and so on so uh so the reality was yes it was users in Iran that were falling off but we spent a couple of days uh being convinced that it couldn't be because uh look it's happening to a lot of countries so at that point we were talking to people in Country and one of them said uh I could connect from my PC but not my Mac so there's something going there's something going on there and uh and that that that got got us started on trying to figure it out so at that point uh some nice person gave us root on his uban Ubuntu computer in Iran and we were testing things to browser Linux Works to browser Android Works Orbot Works Orbot doesn't work wait what's going on here uh sometimes it works sometimes it doesn't work uh and the answer we finally figured out uh it inside the uh TLS handshake decision for snowflake doing domain fronting to talk to the broker uh it looks at whether you've got AES acceleration support and if it does it uses a different set of flags that are visible in the TLs handshake and the reason why we we had yes and and no was on the Ubunto computer where we ran our Android emulator it had a real CPU so it had AES acceleration so it worked for us but on an actual uh crappy Android system that doesn't have uh a good kind of CPU it ends up uh not having AES acceleration and thus it looks different from the outside so the reality uh if you had a newer version of go it also worked but if you had the old version of go and no AES acceleration uh that's what got blocked so that took us longer than it should hav
e to figure out uh but on the the other hand wow that was a weird choice for them to choose in terms of deep packet inspection in terms of of how to distinguish whether it was snowflake or not that they were blocking uh so the fix was uh there's a library called utls for go that uh tries to make your TLS connection look like a wide variety of different uh types of protocols so it knows how to look like Chrome it knows how to look like Firefox and so on so we integrated utls into snowflake so that it could do domain conf fronting to talk to the broker in a way that really Blends in we put out a new version of Orbot uh and then the person replies I can confirm this works in Iran so woohoo great we fixed it but also it took us about a week to fix it because we we had to get the Ubuntu system and so on and during that week a lot was happening in Iran that we were not a part of so fast forward to that that that was a problem that happened in October 2022 a new problem happened in September member 2023 just a few months ago uh and it wasn't a censorship event but it was just as bad so the domain front that we picked we were using fastly uh we were using uh uh part of Stack exchange as our domain that's too big to fail that domain switched from fastly to Cloud flare and so all the snowflake users were showing up at fastly being like I'm talking to stack exchange can you let me through and fast is like they're they're not even here anymore what do you why are you asking for that so so it was because the domain we had picked uh ended up not being where we thought it was going to be we were unable to all of those users were unable to connect to the snowflake broker so at that point we lost uh some number of users and um they haven't come back yet so there's another lesson to be had there so good news in the sense that snowflake Works in Iran OBS 4 Works in Iran there are tens of thousands of people who are using it uh but it's not it's not entirely good news and one way to th
ink about that is thinking about usability in terms of how this uh arms race Works uh in ter so every time the sensor does something and we fix something and they do something and we fix something that's another step that the users have to deal with they have to understand how the system works they have to say oh I need a bridge oh snowflake doesn't work let me let me try snowflake next week so every time we're doing that we're adding a burden to the user so yes uh we see a bunch of users switching from direct relay connections to using Bridges but it's not as many users so each of these steps we lose uh some people and that means that we need to slow down the arms race not just keep on taking steps and having it be a cat and mouse game okay so that was the Iran side uh let's talk about the turkistan side and uh uh and then the bigger picture so these countries that I've been talking about so far Russia and Iran they they the censorship game that we're used to it's the collateral damage game it's the one where uh they're not going to block all of Google because uh too many people would get upset so they're not willing to block certain things Turkmenistan on the other hand blocks most IP addresses they block uh hetner they block digital ocean they block ovh they block uh uh like Amazon Cloud they block most Cloud things uh they block most destination ports so like the the default stun servers that snowflake uses like the standard stun servers that everybody uses to do video chat they don't work in Turkmenistan they're blocked by destination Port so they they're playing a fundamentally different game we've been doing a couple things to try to to help anyway one of them is we found that residential addresses tend not to be blocked so if you set up an obs4 bridge on port 8080 on a like Comcast or something uh then tends to work so that's a start but uh though that community of people that we're working with uh is big enough that they tell some other people and eventuall
y uh that bridge gets noticed uh Meek works on domain fronting works on Azure uh but it doesn't scale but it's at least something for the users right now U the real challenge there so we we were trying to like understand what's going on in the country and as far as we can tell the censorship Ministry has a person there who's pleased to accept payments for you to have a real internet connection and this means that their job is to make things so shitty that if you can pay you will and that's a that's not a technical thing like that's not a thing where they're going to do a DPI thing and I'm going to change some protocol stuff that's a fundamental corruption issue where they're not only are they willing to accept collateral damage but they want it they want to to make things terrible so that if you have the money to pay the bribe you'll use it so that's a that's not a technical problem that's a policy problem I don't know what the fix is do we ask the dictator in Turkmenistan to assign a new person in charge of the censorship Ministry who will take bribes differently um we'll we'll talk a bit about sanctions so that's uh a start another example uh that's similar in a not so technical not so intentional censorship vein China is getting harder and harder to use circumvention tools not because they're blocking the circumvention tools or the vpns and so on it's because China is building more and more bandwidth inside the country compared to bandwidth outside the country and that means that if you're trying to talk outside the country you end up with 20% packet loss and that's that's just a normal thing and it causes people to say well Google can't run a good website buo is solid and fast and easy and Google is I don't know is just so flaky I just I don't even try to use it anymore so that's it's a it's a it's a form of censorship but not in the way that we're used to okay so let's talk about uh some of the other uh things that have made me upset or concerned uh while I was
thinking about the Russia Iran uh Turkmenistan side of things one of them was uh rt.com ended up censored in Europe I'll talk more about that in a bit and that means because a lot of the tour exit relays are in Europe Europe you can't read rt.com over tour either because you pop out of some place in Germany or France or something and it's blocked for you there so that's that's kind of a a weird surprising thing another weird surprising thing here's a a heat map of where in the world the snowfake volunteers were in July 2022 so we see a lot of them in the US woohoo we see a lot of them in Germany thank you uh we see a lot of them in Russia and Iran and the what I think is happening there is people in those countries here install Snowflake and then you'll get around censorship so then they go and install the wrong component of snowflake they become a snowflake volunteer it's not helping them get around censorship uh it's probably not helping other people get around censorship because uh they would have a tough time reaching the rest of the tour network from them so this is a a usability thing to think about I think we partially fixed this by changing the snowflake. Tour project.org website to be very clear if if you're censored do this if you want to be a helpful person do this they are not the same thing but this is uh one of the lessons we learned along the way another fun mystery here's a graph of the number of people connecting into the tour network uh during that week that Ukraine was in the news what the heck is going on uh maybe it's a goip issue and those are actually people in Russia uh maybe those are people uh following some instructions on the internet to install Torah and try to dos the Russian websites um I don't know it's a lot of it's a lot of torque lines speaking of that uh one of the one of the things that happened uh in the US and Europe soon after the Russia invasion of Ukraine is a lot of places in the US are like I'm I'm the telephone company b
ut I'm going to turn off connections to Russia that'll show them we're going to sanction them uh and the reality is uh Hing connectivity for such uh for such situations uh ends up not doing what you want so uh a brief aside Iran had the same sort of situation so Iran wants to build their own Halal internet their own internal internet where you don't have to go to Google because we have uh an Iranian Google you don't have to go to Facebook we have an Iranian Facebook everything you need is is inside and for a while there they would block Google and people would get upset and they would say you blocked Google [ __ ] you and then Trump called up Google and said hey could you like turn off connectivity for all the people who speak farsy and a bunch of uh Western companies essentially blocked people from Iran voluntarily and that changed it to uh you blocked Google I don't like you to well Google doesn't want me anyway and the result of that is when they next block Google nobody is upset very much so we're going to see the same thing in Russia where the Telos the like the AT&T's and deuts telecoms and so on like we're going to we're going to uh turn off service for Russia and all they're doing is helping Russia build its own uh isolated internet out of this okay so that was the beginning of the sanctions rant I ended up talking to a guy in uh from Germany who was in Berlin helping to write the the censorship uh document that the EU requested so the EU ended up asking all of the countries in the EU to block rt.com Russia today.com and I don't mind blocking television channels sounds good but blocking internet websites like I thought the people who block things are the bad guys and the people who allow freedom of speech are the good guys uh what's going on here in terms of uh of Europe being excited to also Implement their own censorship regime so I I've been trying to figure out how to communicate this properly and I was so I was talking to him and I'm I'm like so why do
you like censorship so much and he's like no no no they're sanctions and I'm thinking okay well whatever word we're using like why why why is it that you're so excited to be rolling out the censorship and then I was talking to somebody from uni from the uh open Observatory of network interference and he was saying yeah Romania looked at this EU document and said oh we're supposed to block all misinformation websites so they built a multi megabyte list of URLs that they wanted to block and their reasoning was EU asked us us to do this censorship so that and it ended up blocking a like a software update website and so on uh that's not not what was supposed to happen and then I was I was uh trying to figure out more details and he's like no no no don't don't worry it's a six-month experiment and in six months we're going to reassess whether we should maintain the sanctions and I'm thinking okay so you asked people to buy install configure roll out censorship infrastructure and what in 6 months they're going to unroll it out that's not how this works so I'd like your help trying to figure out how to communicate this to people uh why is the EU so excited to make sure that all of your countries here have censorship infrastructure also and how do we communicate that this is not it's not sanctions it's censorship why do you like to censor so
[Applause]
much okay and as a last couple of thoughts uh one of the one of the weird things about the Russia story our story started in December the news started talking about Russia invading Ukraine in like February so there were months in between where Russia knew they were doing it we knew something weird was going on so looking at censorship of tour from a Global Perspective uh is an an interesting way to to try to figure out what going on in the world and what's going to be happening later so uh some things that you can do to help please run Bridges OBS 4 Bridges snowflakes public relays the eff is running a campaign right now to get relays in universities in particular so I would love to talk to you afterwards if you're connected to a university uh it doesn't have to be an exit relay whatever you can do uh one big policy question why I'm in the ethics track is how do we deal with situations like Turkmenistan where it's not a cat Mouse technical game it's a like a nation state level corruption game and there's uh uh research there's a conference in Bristol this coming July the called pets or folky uh on censorship and anonymity um and also tomorrow day three we have three different tour meetups the first one is a general Meetup I think there will be two people who are doing uh little lectures on cool stuff they've been doing in tour and we'll be around to talk to you and answer questions uh after that there's a Relay operator Meetup in the room next door so if you uh if you run a relay or you ran a relay or you want to run a relay or you don't yet know you want to run a relay we want to talk to you and uh and help answer whatever your questions are and show you that there's a community uh and then after that the folks who run the tour servers.net relay Association uh want to talk to other relay associations and people who want to help uh the German community rebuild their uh zel Funda and and other groups like that um we would love to chat with you and uh and that's the
end of my way too many slides and I still have some time for questions so thank you and we see already two people knowing how it works with the microphones you queue up behind the microphones and then I call out the microphone number and you can also ask questions via the Internet so while people are moving around to queue up behind the microphones we will have the question from the internet first yeah thank you uh first question from the internet are you aware of any legal actions or Violence Against tour users in Russia Iran turkistan and can these users maybe get fingerprinted yeah so in General most people seem to be successfully using tour in these countries and they're doing fine like the US and Germany there are too many laws in these countries and some of them are vague a lot of the countries have laws but they don't use them but they could use them so it it's hard to to feel confident about that there were some cases in Russia where uh some people ran tour relays and they ended up attracting attention and uh and it worked out for them in the end but it took a while of of legal fighting but in General using tools like tour or vpns uh everybody's doing it and the fact that everybody's doing it is part of the safety of being able to do it so we'll see over the next year or two as Russia tries to crack down on vpn's even more are they going to make it even weirder to be the sort of person who wants a an actually free internet I'm not sure but but for now everybody's doing it which is which is why maybe it's okay and we have lots of questions so keep them short and no comments and no follow-up questions microphone number two please hi um do you know if that sudden spike in Iran has something to do with like a failure of another way to circumvent censorship CU a lot of people used to use siphon there uh so you're wondering if the spike in users in Iran is because some other circumvention tool failed and they all switch I think there are enough people in Iran tryi
ng to use the internet that there's enough to go around on all cases I it is the case that there are other circum vention tools and some of them did get blocked right about then uh but I think it was more there are a lot of people and mostly they don't do this and when they need to they do whatever they did last time and some of them did siphon last time some of them did tour last time and now a lot of people know about snowflake which means the next time something happens a lot of them are going to turn to Snowflake and then we have a question from microphone number one uh you had uh commented that a h on on the whole new user group do you have an additional explanation except for installing the wrong plug-in side of things yeah well I talked to somebody from Ukraine who was convinced that uh that these are that people in Russia are reasonable and a lot of Russia isn't blocked their isps don't choose to follow the censorship requests so it could be that there are many people in Russia who said this is important I want to help my fellow people uh the ones who are on the back kind of networks I need to help them get around censorship so it's so nothing from the state there or something like that trying to try stuff I guess yep hard to know and then we're going to hear what the internet wants to know yeah second question from the internet uh specific to one of your slides on the graphs regarding to the number of slow snake Snowflake and obf as two users what happened exactly in the beginning of 2023 yeah um so when we were fixing some so so the the question is uh the snowflake users were going up everything was going great and then at the beginning of 2023 the snowflake users in Russia disappeared and then they came back a while later and at the end of 2022 with the Iran thing we were trying to fix even more scaling issues because we were uh the snowflake bridges are handling many gigabits per second of traffic and we had so much traffic that we were trying to figure
out ways to scale better and we accidentally added a bug that made it scale worse and uh and we noticed it after a couple of weeks and fixed it but that was the result uh but as a result there were users who who used something else for that and then we have a question from microphone number three yes I have the question um there was a journalist called Yasha Lin and he was criticizing you and how do you feel about that like concerning Government funding like always erors possible the like useful idiots thing like with the opposition on Hong Kong overly relying on technology also I think he suggested that you have had an internship at the NSA um and also um some Security Professionals suggest that you shouldn't use tour browser you should use like tour plus plus Chrome how do you feel about that oo and that that the third one is easy um so let me try to answer all of them in brief uh we as an organization are transparent we do get funding from governments we've got funding from the US government the Swedish government for a little while we had funding from the German foreign Ministry uh all of that you can find in the tour financials which we publish each here so part of the goal of that is to be transparent about where not just where the money comes from but what we do with it to say say these are the projects that we have these are the outputs and to do all of that in public so that it isn't a question of of why did they want to to give us money this is a complicated uh topic that I can't answer in just 20 seconds uh but the answer to all of that is transparency for the third one don't use tour browser use your hacked together tour Plus Chrome uh that is a terrible terrible idea because of all the fixes inside tour browser at the application layer so afterwards I would be happy to tell you a bunch of uh we would call them zero days using tour and chrome but they're not zero days they're like 10 years where everybody has known about them uh and they're they're basic
ally Pro proxy bypass issues where if you use Tor and chrome you'll end up sending traffic out directly on your local network bypassing the tour proxy because chrome doesn't care so that's that's the very short version of that and then we have question from microphone number two hi uh great talk uh I have a question have any of these countries tried sabotaging uh tour from the inside for example running dogy relays or overloading in with danial service yes um running Dody relays from Russia and Iran and so on we have not seen as far as we know there is a strange arms race going on at the edges where uh some somebody somewhere is trying to run some bad relays in terms of denial of service who boy that's been a big topic over the past few years because as far as we can tell there are Russian underground Mobsters uh trying to sell drugs or whatever on the internet and there are other Russian underground Mobsters also trying to do it and they're beating on each other and the collateral damage is the tour Network so we've seen a bunch of Dos issues but I think they're unrelated to the government level policy thing that we're seeing here I think they're more related to people who are being sanctioned to the point that they want to make US Dollars somehow and this is that's how they've picked then we have a question from microphone number four um thank you for the great talk um this may be an off-topic question but since you work on privacy which messenger would you recommend to use which messenger would I recommend to use the answer used to be Ricochet back in the day when there was Ricochet development um I use signal for a bunch of things because a lot of people use signal for a bunch of things so that's a pretty good answer and we know the signal people we talked earlier about the importance of transparency and community so uh that depends on the person and what they're trying to do but use the ones that your friends want to talk to you on is is not a bad first start a
s long as it's and encrypted yeah use the safe one that your friends want to talk to you on thank you the internet has a question yes the internet would like to know um do you plan to support some sort of Transport via DNS for example if everything else than DNS is blocked yes there is a pluggable transport people are working on called dnst uh it's a it's a pluggable transport that makes DNS requests and tunnels your uh your signal traffic or your tour traffic uh as though it looks like DNS and one of the cool outcomes of that is uh maybe we can all use tour uh on our trains or airplanes or something where DNS works but other things don't uh so there yes that's that's something that's under development uh and as things like OBS 4 and snowflake stop being the right answer then things like dnst might start being the right answer and then we have a question from microphone number one um so do you have any proposals when it comes to uh circumventing like this exit Noe uh censorship because I guess that like when it comes to exit notes most of them like um runs in AU or us or something and is what we see now in the case of au that if they try to collectively just want to ban things is there a kind of a yeah so that's that's a tough one uh I've been talking here about censorship of people trying to reach the tour network but what you're talking about is censorship of people trying to use tour to reach websites and the websites don't want to hear from tour users or there's something in between that's that's making it hard to do and at the beginning we said oh well let's just not let relays be exits in countries that have too much censorship uh and that that line gets blurry very quickly maybe you end up with all of your network in Iceland or something uh that probably doesn't scale one there have been people working on exit Bridges so it's a it's a it's a bunch of proxy addresses that you can use to be able to reach websites without them knowing knowing that it's tour uh t
here's a campaign that we've been hoping to start sometime to go talk to Cloud flare and aami and all the the big CDN to teach them why privacy is important uh there was a study that aami did years ago where they looked at all the people connecting over tour to macy's.com like the place where you buy clothing and they found that the uh the average connection was more likely to be malicious because there are people doing spam attacks or something but the chance that they would buy something was the same over tour as not over tour so actually those are real users that maybe you want to have and that was interesting for aami to say so I think there's there's something to be done there but we need to that's like a 10 person for five-year campaign to to make relationships and uh educational materials and so on uh so yeah that's a hard problem and a a one that is growing in importance thank good and we have more questions than we have minutes left so microphone number two uh during the IR part you promoted the running of snowflake service on computers that are not behind Nat under which conditions should one run a snowflake server and when should one run should one run an OB an Ops 4 Bridge uh for instance on a non-residential IP address OBS 4 bridges are easier to run technically because uh they're in Debian and you you edit text files and they work pretty well uh but if you're comfortable like compiling snowflake from go or you're comfortable running a Docker image for snowflake uh snowflakes tend to use more bandwidth than OBS 4 Bridges uh because they'll scale up to as much as you can uh for OBS 4 you need to be reachable from the outside so you need to do like TCP port forwarding for a snowflake it's best if you like forward entire blocks of UDP ports so that web RTC can work uh behind whatever firewall you have so they're both useful do whichever you like uh don't do both of them on one IP address because then whichever one is weaker gets you blocked and then we hav
e question for microphone number three um why wouldn't a proliferation of snowflake bridges in uh Russia and Iran um indicate enumeration of snowflake users H so you're saying maybe the sensors want to learn who the user are and so they're signing up snowflakes in their country in order and because they're in the country they're probably run by the government so the the flaw in the logic is that it's easier to get something on hetner than it is to run something inside Iran even if you're the Iranian government so that that if I were Iran and I wanted to do that I'd run a bunch of snowflakes elsewhere uh and the other the the other answer to the question of uh how bad would that be is that bad uh the goal of Torah is to prevent the the adversary from learning that this user went to that destination just learning that they're trying to use snowflake goes back to the earlier question we were talking about of uh this is an ordinary thing to do the fact that the average user in Iran is using tour to reach Facebook to look at their cat pictures is a security property it needs to be ordinary that you're using tour or you're right things go bad we only have time for one more question and that will be from the that thank you um if we look back into the year 2013 uh when the Snowden topic came up tour played a very important role and the NSA thought literally that tour stinks um do you have any indication that it still just stinks or whether or not the NSA is taking active counter measures against T yeah this is a great question and uh and the real answer is that we need a new Ed every week or two coming out with a new set of documents for uh what they've been up to lately in terms of what they learned and even back then uh the documents that we got Ed tried to bring as much as he could about Tor out the documents that we saw showed the NSA didn't know what they were doing but that doesn't mean there's not an analyst down the hall that did know what they were doing and didn't
get their documents leaked so it's hard to know what to conclude here uh I've talked to people in the n say who say that they use and rely on tour and it's got the right design and uh and it's hard for them to break that doesn't mean that much either um in terms of uh what we should be worried about in the future one of the things we're worried about is uh netf flow based traffic analysis where a growing number of countries and companies are uh collecting logs of uh when you're connected for how long how many bites got sent and uh and a growing data retention Trend around the world uh makes me nervous because maybe you have a data set here and you call up the Spanish Telco and they have a corresponding data set over here and hey maybe these do match up uh so I I would worry about that but uh if you want to help on the traffic analysis research side we'd love to have your help and pets coming up in July is the right place for that good give Roger a big round of applause thank
[Applause]
you
[Music]
la