tor-webwml.git

1) <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">
2) 
3) <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en">
4) <head>

5)   <title>Tor: Volunteer</title>

6)   <meta name="Author" content="Roger Dingledine" />
7)   <meta http-equiv="content-type" content="text/html; charset=ISO-8859-1" />
8)   <link rel="stylesheet" type="text/css" href="stylesheet.css" />
9)   <link rel="shortcut icon" type="image/x-icon" href="/favicon.ico" />
10) </head>
11) <body>
12) 
13) <!-- TITLE BAR & NAVIGATION -->
14) 

15) <div class="center">
16) 

17) <table class="banner" border="0" cellpadding="0" cellspacing="0">
18)     <tr>
19)         <td class="banner-left"></td>
20)         <td class="banner-middle">
21)             <a href="index.html">Home</a>

22)           | <a href="overview.html">Overview</a>

23)           | <a href="download.html">Download</a>
24)           | <a href="documentation.html">Docs</a>

25)           | <a href="support.html">Support</a>

26)           | <a href="faq.html">FAQs</a>

27)           | <a class="current">Volunteer</a>

28)           | <a href="developers.html">Developers</a>
29)           | <a href="research.html">Research</a>
30)           | <a href="people.html">People</a>
31)         </td>

32) 	<td class="banner-right">

33) 		<a href="/"><img src="/images/en.png" alt="English" /></a>
34) 		<a href="/index.it.html"><img src="/images/it.png" alt="Italiano" /></a>
35) 		<a href="/index.de.html"><img src="/images/de.png" alt="Deutsch" /></a> 

36) 	</td>

37)     </tr>
38) </table>
39) 
40) <!-- END TITLE BAR & NAVIGATION -->
41) 
42) <div class="main-column">
43) 
44) <!-- PUT CONTENT AFTER THIS TAG -->
45)     <h2>Six things everyone can do now:</h2>
46)     <ol>
47)     <li> We need users like you to try Tor out, and let the Tor developers know about bugs you find or features you don't find.</li>

48)     <li> Please consider <a href="/cvs/tor/doc/tor-doc-server.html">running a server</a> to help the Tor network grow.</li>

49)     <li> We especially need people with Windows programming skills to run an exit server on Windows, to help us debug.</li>

50)     <li> Run a <a href="/cvs/tor/doc/tor-hidden-service.html">Tor hidden service</a> and put interesting content on it.</li>

51)     <li> Tell your friends! Get them to run servers. Get them to run hidden services. Get them to tell their friends.</li>

52)     <li> Consider joining the <a href="http://secure.eff.org/tor">Electronic Frontier Foundation</a>. More EFF donations means more freedom in the world, including more Tor development.</li>

53)     </ol>
54) 
55) <h2>Coding Challenges</h2>
56) <ul>

57) <li>Currently Tor ships with its own AES, since when we started OpenSSL
58) had missing/broken AES support. But now that it's gotten more mainstream,
59) we should change things so we only use our bundled AES if OpenSSL doesn't
60) support it natively.</li>
61) <li>Because Tor servers need to store-and-forward each cell they handle,
62) high-bandwidth Tor servers end up using dozens of megabytes of memory
63) just for buffers. We need better heuristics for when to shrink/expand
64) buffers. Maybe this should be modelled after the Linux kernel buffer
65) design, where you have many smaller buffers that link to each other,
66) rather than monolithic buffers?</li>
67) <li>How do ulimits work on Win32, anyway? We're having problems
68) especially on older Windowses with people running out of file
69) descriptors, connection buffer space, etc. (We should handle
70) WSAENOBUFS as needed, look at the MaxConnections registry entry,
71) look at the MaxUserPort entry, and look at the TcpTimedWaitDelay
72) entry. We may also want to provide a way to set them as needed. See <a

73) href="http://bugs.noreply.org/flyspray/index.php?do=details&id=98">bug

74) 98</a>.)</li>
75) <li>Encrypt identity keys on disk, and implement passphrase protection
76) for them. Right now they're just stored in plaintext.</li>

77) <li>Implement reverse DNS (already specified)</li>
78) <li>Make configure.in handle cross-compilation</li>
79) <li>Have NULL_REP_IS_ZERO_BYTES default to 1.</li>
80) <li>Make with-ssl-dir disable search for ssl.</li>
81) <li>Implement preservation of reputation through reboots for clients and dirservers. </li>
82) <li>Add in support egd or other non-OS-integrated strong entropy sources.</li>
83) <li>Implement a way to get autoconf to install things into ~/.tor.</li>
84) <li>Change server descriptors to declare log level.</li>
85) <li>Add in support for clients to avoid servers that are too loggy based upon user configuration of acceptable log level.</li>

86) <li>Separate node discovery from routing to allow neat extensions.  [Goodell?]
87) 

88) <ul>

89) <li>Add SetServerStatus control event to adjust verified/running status of nodes.</li>
90) <li>Add NoDownload config option to prevent regular directory downloads from happening.</li>

91) </ul>

92) </li>
93) 

94) <li>Choosing exit node by meta-data, e.g. country.</li>

95) <li>Use cpuworker for more heavy lifting.
96) 

97) <ul>

98) <li>Signing (and verifying) hidserv descriptors</li>
99) <li>Signing (and verifying) intro/rend requests</li>
100) <li>Signing (and verifying) router descriptors</li>
101) <li>Signing (and verifying) directories</li>
102) <li>Doing TLS handshake (this is very hard to separate out, though)</li>

103) </ul></li>
104) 

105) <li>Buffer size pool: allocate a maximum size for all buffers, not a maximum size for each buffer. So we don't have to give up as quickly (and kill the thickpipe!) when there's congestion.</li>
106) <li>Add alternative versions of crypto.c and tortls.c to use libnss or libgcrypt+gnutls.</li>
107) <li>Extend our NSIS-based windows installer to include FreeCap and/or Privoxy.</li>
108) <li>Develop a way to handle OS X installation and uninstallation.</li>

109) <li>Develop a GUI or other controller program, to do configuration, etc.  See our <a href="/cvs/tor/doc/control-spec.txt">control specification</a> for details, and the rudimentary demonstration <a href="/cvs/tor/contrib/TorControl.py">Python control script</a>. 
110) 

111) <ul>

112) <li>Design an interface for the control program. You can use any license you want, but we'd recommend 3-clause BSD or maybe GPL; and we can only help out if your license conforms to the <a href="http://www.debian.org/social_contract.html#guidelines">DFSG</a>.</li>

113) <li>Periodically people running servers tell us they want to have one

114)     BandwidthRate during some part of the day, and a different
115)     BandwidthRate at other parts of the day. Rather than coding this
116)     inside Tor, we should have a little script that speaks via the Tor
117)     Controller Interface, and does a setconf to change the bandwidth
118)     rate. Perhaps it would run out of cron, or perhaps it would sleep
119)     until appropriate times and then do its tweak (that's probably more

120)     portable). Can somebody write one for us and we'll put it into

121)     <a href="/cvs/tor/contrib/">tor/contrib/</a>?</li>

122) </ul></li>
123) 

124) <li>Integrate a good (portable, fast, clean, BSD-free) asynchronous DNS library so we don't have to keep forking DNS worker threads to do gethostbyname.</li>
125) </ul>
126) 
127) <h2>Documentation Challenges</h2>
128) <ul>
129) <li>Write server instructions for OSX and Windows operators.</li>

130) <li>Improve and clarify the wiki entry on <a href="http://wiki.noreply.org/noreply/TheOnionRouter/TorFAQ#ServerForFirewalledClients">port forwarding</a>.</li>

131) <li>Document how to do exit node caching: tie into squid or other caching web proxy.</li>
132) <li>Help maintain this website; code, content, css, overall layout,</li>
133) <li>Help with documentation </li>
134) <li>Help consolidate documentation.  We may have too much documentation.  It's spread out too far and duplicates itself in places. </li>

135) <li>Help translate the web page and documentation into other languages.  See the <a href="translation.html">translation guidelines</a> if you want to help out. (Examples: <a href="http://membres.lycos.fr/geolemalin/anonymat_garantit.htm">French</a> , <a href="http://tor.freesuperhost.com/">Persian</a> and <a href="http://www.gamevn.com/forum/showthread.php?t=103346">Vietnamese</a>.)</li>

136) <li>If you know a question that should go on <a
137) href="http://wiki.noreply.org/wiki/TheOnionRouter/TorFAQ">the FAQ Wiki</a>, please
138) add it and answer it.</li>

139) <li>If you know the answer to a <a href="http://wiki.noreply.org/wiki/TheOnionRouter/TorFAQ">Wiki question</a> in the "unanswered FAQs" list, please answer it. </li>
140) <li>Take a look at <a
141) href="http://wiki.noreply.org/wiki/TheOnionRouter/SquidProxy">Martin's
142) Squid and Tor page</a>, and update it to reflect Tor's <a
143) href="http://tor.eff.org/tor-manual.html">RedirectExit</a> config option. </li>

144) <li>Update website to include the country flags for each language into which the website has been translated.</li>

145) </ul>
146) 
147) <h2>Testing Challenges</h2>
148) <ul>
149) <li>Test out why some of our tor servers have dns resolvers that resolve

150) unknown addresses to 127.0.0.1.
151) 

152) <ul>

153) <li>Identify the servers that experience this issue. </li>
154) <li>Identify how to cause and repair the issue in BIND, DJBDNS, or
155) whatever daemon the misconfigured servers use.</li>

156) </ul></li>
157) 

158) <li>Figure out how to setup web proxy gateways to let normal people
159) browse hidden services.  (This has been done a few times, but nobody has
160) sent us code.)</li>
161) <li>Investigate privoxy vs. freecap for win32 clients</li>

162) <li>Evaluate, create, and <a href="http://wiki.noreply.org/wiki/TheOnionRouter/TorifyHOWTO">document a list of programs</a> that work with Tor.  </li>

163) <li>Perform a security analysis of Tor with <a href="http://en.wikipedia.org/wiki/Fuzz_testing">"fuzz"</a>". Determine if there good libraries out there for what we want. Win fame by getting credit when we put out a new release because of you!</li>

164) <li>Website volume fingerprinting attacks (<a href="http://freehaven.net/anonbib/#back01">Back et al</a>, <a href="http://freehaven.net/anonbib/#hintz02">Hintz</a>). Defenses include a large cell size, <a href="http://freehaven.net/anonbib/#timing-fc2004">defensive dropping</a>, etc. How well does each approach work?</li>

165) <li>The end-to-end traffic confirmation attack. We need to study
166) long-range dummies more, along with traffic shaping. How much traffic of
167) what sort of distribution is needed before the adversary is confident he
168) has won?</li>
169) <li>Determine what sensitive info squeaks by privoxy. </li>
170) <li>Deteremine if there are other html scrubbers that are better than
171) privoxy.</li>
172) </ul>
173) 
174) <h2>Research Challenges</h2>
175) <ul>

176) <li>Arranging membership management for independence.
177) 

178) <ul>

179) <li>Sybil defenses without having a human bottleneck.</li>
180) <li>How to gather random sample of nodes.</li>
181) <li>How to handle nodelist recommendations.</li>
182) <li>Consider incremental switches: a p2p tor with only 50 users has
183) different anonymity properties than one with 10k users, and should be
184) treated differently.</li>

185) </ul></li>
186) 

187) <li>Incentives to relay; incentives to exit.</li>
188) <li>Allowing dissidents to relay through Tor clients.</li>
189) <li>Experiment with mid-latency systems. How do they impact usability,
190)     how do they impact safety?</li>
191) <li>Understand how powerful fingerprinting attacks are, and experiment
192)     with ways to foil them (long-range padding?).</li>
193) <li>Come up with practical approximations to picking entry and exit in
194)     different routing zones.</li>
195) <li>Find ideal churn rate for helper nodes; how safe is it?</li>
196) <li>Attacking freenet-gnunet/timing-delay-randomness-arguments.</li>
197) <li>Is exiting from the middle of the circuit always a bad idea?</li>

198) <li>IPv6 support (For exit addresses)
199) 

200) <ul>

201) <li>Spec issue: if a resolve returns an IP4 and an IP6 address,
202)       which to use?</li>
203) <li>Add to exit policy code</li>
204) <li>Make tor_gethostbyname into tor_getaddrinfo</li>
205) <li>Make everything that uses uint32_t as an IP address change to use
206)       a generalize address struct.</li>
207) <li>Change relay cell types to accept new addresses.</li>
208) <li>Add flag to serverdescs to tell whether IPv6 is supported.</li>

209) </ul></li>
210) 

211) <li>patch tsocks with our current patches + gethostbyname, getpeername,
212) etc.</li>
213) <li>make freecap (or whichever) do what we want.</li>
214) <li>scrubbing proxies for protocols other than http.</li>
215) <li>We need better default privoxy configs to ship.</li>
216) <li>We need a good scrubbing HTTP proxy; privoxy is unmaintained and
217) sucky.</li>
218) <li>A DNS proxy would let unmodified socks4/socks5 apps to work
219) well.</li>
220) <li>Add SOCKS support to more applications</li>
221) <li>store hidden service information to disk: dirservers forget service
222) descriptors when they restart; nodes offering hidden services forget
223) their chosen intro points when they restart.</li>
224) <li>It's not that hard to DoS Tor servers or dirservers. Are puzzles the
225) right answer? What other practical approaches are there?</li>
226) <li>Server CPU load is high because clients keep asking to make new
227) circuits, which uses public key crypto. Possible defenses include: using
228) helper nodes (fixed entry nodes); rate limiting the number of create
229) cells handled per second; having clients retry failed extensions a few
230) times; implementing ssl sessions; and using hardware crypto when
231) available.</li>
232) <li>We fear we might not work very well when servers have asymmetric
233) bandwidth. Because Tor has separate TCP connections between each hop, if
234) the incoming bytes are arriving just fine and the outgoing bytes are all
235) getting dropped on the floor, the TCP push-back mechanisms don't really
236) transmit this information back to the incoming streams. Perhaps Tor
237) should detect when it's dropping a lot of outgoing packets, and
238) rate-limit incoming streams to regulate this itself? We need somebody
239) who's good with networks to simulate this and help design
240) solutions.</li>
241) <li>Right now the hidden service descriptors are being stored on the
242) dirservers, but any reliable distributed storage system would do (for
243) example, a DHT that allows authenticated updates). Can somebody figure
244) out our best options and decide if they're good enough?</li>
245) <li>How hard is it to patch bind or a DNS proxy to redirect requests to
246) Tor via our tor-resolve socks extension? What about to convert UDP DNS
247) requests to TCP requests and send them through Tor?</li>
248) <li>Tor provides anonymous connections, but if you want to keep multiple
249) pseudonyms in practice (say, in case you frequently go to two websites
250) and if anybody knew about both of them they would conclude it's you), we
251) don't support that well yet. We should find a good approach and

252) interface for handling pseudonymous profiles in Tor. See <a
253) href="http://archives.seul.org/or/talk/Dec-2004/msg00086.html">this
254) post</a> and <a href="http://archives.seul.org/or/talk/Jan-2005/msg00007.html">followup</a> for details.</li>