Metrics timeline workshop

Led by David Fifield.

The dream behind the metrics timeline is to one day add annotations to Tor Metrics graphs—so when a graph shows a sudden drop in users from Belarus, for example, there will also be an annotation and a link to what we know about the cause. Basically, to put the metrics graphs in context and aid people in interpreting them.

In the metrics timeline workshop, we will work on expanding the coverage of the metrics timeline, in three ways:

  1. Mining other data sources (such as this list of blocking orders from Brazil) for relevant events and transcribing them into the metrics timeline.
  2. Visually examining graphs for apparent anomalies and adding them to the "Unknown" category for later investigation.
  3. Researching the entries in the "Unknown" category to find any possible explanations.

WTF/IRC workshop

Led by Colin Childs (and preferably 1 sysadmin)

The idea behind this workshop is to get as many people as possible connected to IRC in a persistent way. We have a number of people who could benefit from being persistently connected to IRC via screen/irssi or a bouncer. If we made this a "WTF" session (like our mailing list by the same name), we could have more than one "leader" able to assist people with issues they are encountering.

pastly should be a part of this as he has started running a bouncer and 1+ Tor person is using it. Can/should it be hosted on Tor infrastructure? What's expected of him? Should it be scrapped for something better? He has questions like that.

User testing pipeline workshop (Global south, trainers, and activists, please come!)

Led by Linda Lee (and Isabela Bagueros in spirit).

The purpose of this workshop is to start dialogue with people who interact with everyday users, especially users not in North America/Europe. The UX team wants to systematically and regularly get user feedback to improve Tor Browser. But we need trainers and organizational allies to help us. Linda will share her vision about how user testing can be made feasible, and open the discussion to talk about what to test, how often to test, where to test, etc.

Scanning Tor Network

Facilitated by David Stainton and Meejah

  • network partitions
  • very high latency
  • inter relay bandwidth
  • bad exits
  • bad onion service DHT member

Discussion of existing network scanners and future improvements. How to collaborate on development (e.g. currently source code is mostly-seekrit).

Encouraging Tor integration by third parties

(Facilitated by Arthur)

What can be done to make Tor more practical to bundle into existing software maintained by third parties? For example, can we create a "Tor client" build so that the Tor client is small enough to deliver with any app? Should we make it possible to run multiple instance of Tor? What kind of documentation or setup scripts could help? And what can we do to communicate more with companies and organizations that produce third-party software?

Here are some kinds of software we could discuss:

  • Web browsers (e.g., Firefox, Brave, Facebook Mobile, ...)
  • Web servers (Apache, nginx, caddy, ...)
  • Web hosting services
  • Messaging/email apps (Thunderbird, Instantbird, Signal, ...)
  • File sharing/storage
  • Operating systems
  • Cryptocurrency clients (Zcash)
  • Other
  • I (meejah) have integrated Tor support into and

Onions Everywhere


The best way to combat rotten onions is to make many, many more tasty onions! Work as continued on many fronts to develop Onion Hidden Service-based peer-to-peer applications for chat, messaging, file sharing and Internet of Things devices. The good news is that it mostly works today, and will work better with Next-Generation Onion Services. However, there is more work to do related to reachability, usability and scalability, all in the context of portable, battery-powered, mobile network connected devices. We can use this time to talk about Briar Project (out in public beta now: and PhoneyPot (alpha: as two examples of mobile apps that utilize onion-based services.

Onions on Apples

(mtigas, n8fr8)

We'll talk through the work done on the new Onion Browser 2.0 (public beta now: for iOS, and the progress on Tor as an iOS/OSX VPN via the iCepa project ( We'll also touch on the status of Pluggable Transports libraries, and support for Rust and Go cross-compiling.

Tor Latin America

(ilv, ?)

The idea is to work in a "communications plan" for Latin America between organizations in the region and the Tor Project. Derechos Digitales got a grant for promoting the use of Tor, the setup of more exit relays, the generation of technical and non-technical content in Spanish (including graphics) amongst other things, and we'd like to do this in collaboration with the Tor people. Some concrete results that will be great to have after the meeting are:

  • Coordination for reviewing the technical content and the graphical material.
  • Steps for creating and maintaining communication channels for the Spanish speaking audience.
  • A plan for promoting the setup of new relays in the region.

It will also be great to continue the discussion about having a Tor meeting in Latin America.

Tor at Defcon



Tor and the Law

Lex is happy to facilitate a workshop on legal issues related to Tor or just help build legal literacy if there are clear needs defined by the group (borders? search and seizure? passwords? silence?) folks feel like this would be useful. Tamir (CIPPIC) may also be in town, so the two of them could potentially organize something together, but could also just be resource people and around to collaborate and troubleshoot if that's more helpful.

Bandwidth Authorities

teor / Network Team

Tor's relay bandwidth measurement depends on some really old, clunky code. Let's make plans to get it working better. (We might have this session on the team day instead.)

Testing (Core) Tor


We keep finding bugs in Tor - let's try to catch them earlier!

We can:

  • work out what we test well
  • find the gaps in our testing
  • make plans to test better, test early and test often

(We might have this session on the team day instead.)

Future Tor Network Measurements


There are lots of ideas for what we can measure in the Tor network.

Let's catch up on what's happened recently, and make plans for the next year or so:

  • What measurements has Tor added recently?
  • What will Tor measure next?
  • What do we want to be measuring over the next few years?
  • What do we need to do now to make that happen?

OONI / Metrics Interactions


There are several potential ways in which Tor experiences and OONI can be mutually beneficial.

Lets find areas for interaction that both sides are excited about pursuing. Potentially things like:

  • OONI data used to indicate when bridges should be proactively suggested on browser startup
  • Navigation failures can prompt users to run OONI to diagnose the problem
  • Tor metrics / OONI data mashup

Thinking Differently About Funding Tor


Receiving funding from individuals and foundations gives us a lot of freedom to focus on the things that are most important to us, but it requires thinking differently about how we report and manage our time. We're in a transition period right now, and we should talk about what this new funding model means in practical terms for people working on Tor. This isn't a discussion about potential funding sources. It's a discussion about how we need to shift our own thinking about how we describe our work.

Update from the Community Council

Community Council

The Community Council will give an update on what they're working on, including priorities like crafting internal policies and procedures. They'll also take questions from participants and solicit feedback on a stable version of one of their policies.

Writing the Code of Conduct


We'll talk about the current draft of the code of conduct and make additions and changes as needed.

Tor Exit Blocking & CDNs


We're going to talk about the existing research on exit blocking, traffic shaping and content discrimination by CDNs and blocklists. We'll try to formulate strategies (both technological and policy-based) to rectify the situation, and look at novel approaches such as the blind signature captcha bypass addon.

Last modified 75 minutes ago Last modified on Sep 20, 2017, 12:43:20 AM