all the .fi pages were miss...
Roger Dingledine authored 16 years ago
|
1) ## translation metadata
2) # Based-On-Revision: 15123
3) # Last-Translator: djhasis(at)gmail.com
4)
5) #include "head.wmi" TITLE="Tor: Auta" CHARSET="UTF-8"
6)
7) <div class="main-column">
8)
9) <!-- PUT CONTENT AFTER THIS TAG -->
10) <h2>A few things everyone can do now:</h2>
11) <ol>
12) <li>Please consider <a href="<page docs/tor-doc-relay>">running
13) a relay</a> to help the Tor network grow.</li>
14) <li>Tell your friends! Get them to run relays. Get them to run hidden
15) services. Get them to tell their friends.</li>
16) <li>If you like Tor's goals, please <a href="<page donate>">take a moment
17) to donate to support further Tor development</a>. We're also looking
18) for more sponsors — if you know any companies, NGOs, agencies,
19) or other organizations that want anonymity / privacy / communications
20) security, let them know about us.</li>
21) <li>We're looking for more <a href="<page torusers>">good examples of Tor
22) users and Tor use cases</a>. If you use Tor for a scenario or purpose not
23) yet described on that page, and you're comfortable sharing it with us,
24) we'd love to hear from you.</li>
25) </ol>
26)
27) <a id="Usability"></a>
28) <h2><a class="anchor" href="#Usability">Supporting Applications</a></h2>
29) <ol>
30) <li>We need more good ways to intercept DNS requests so they don't "leak" their
31) request to a local observer while we're trying to be anonymous. (This
32) happens because the application does the DNS resolve before going to
33) the SOCKS proxy.)</li>
34) <li>Tsocks/dsocks items:
35) <ul>
36) <li>We need to <a
37) href="https://wiki.torproject.org/noreply/TheOnionRouter/TSocksPatches">apply
38) all our tsocks patches</a> and maintain a new fork. We'll host it if
39) you want.</li>
40) <li>We should patch Dug Song's "dsocks" program to use Tor's
41) <i>mapaddress</i> commands from the controller interface, so we
42) don't waste a whole round-trip inside Tor doing the resolve before
43) connecting.</li>
44) <li>We need to make our <i>torify</i> script detect which of tsocks or
45) dsocks is installed, and call them appropriately. This probably means
46) unifying their interfaces, and might involve sharing code between them
47) or discarding one entirely.</li>
48) </ul>
49) </li>
50) <li>People running relays tell us they want to have one BandwidthRate
51) during some part of the day, and a different BandwidthRate at other
52) parts of the day. Rather than coding this inside Tor, we should have a
53) little script that speaks via the <a href="<page gui/index>">Tor
54) Controller Interface</a>, and does a setconf to change the bandwidth
55) rate. There is one for Unix and Mac already (it uses bash and cron),
56) but Windows users still need a solution.
57) </li>
58) <li>Tor can <a
59) href="https://wiki.torproject.org/noreply/TheOnionRouter/TorFAQ#ChooseEntryExit">exit
60) the Tor network from a particular exit node</a>, but we should be able
61) to specify just a country and have something automatically pick. The
62) best bet is to fetch Blossom's directory also, and run a local Blossom
63) client that fetches this directory securely (via Tor and checking its
64) signature), intercepts <tt>.country.blossom</tt> hostnames, and does
65) the right thing.</li>
66) <li>Speaking of geolocation data, somebody should draw a map of the Earth
67) with a pin-point for each Tor relay. Bonus points if it updates as the
68) network grows and changes. Unfortunately, the easy ways to do this involve
69) sending all the data to Google and having them draw the map for you. How
70) much does this impact privacy, and do we have any other good options?</li>
71) </ol>
72)
73) <a id="Documentation"></a>
74) <h2><a class="anchor" href="#Documentation">Documentation</a></h2>
75) <ol>
76) <li>Please help Matt Edman with the documentation and how-tos for his
77) Tor controller,
|
change the vidalia index page
Roger Dingledine authored 15 years ago
|
78) <a href="<page vidalia/index>">Vidalia</a>.</li>
|
all the .fi pages were miss...
Roger Dingledine authored 16 years ago
|
79) <li>Evaluate and document
80) <a href="https://wiki.torproject.org/wiki/TheOnionRouter/TorifyHOWTO">our
81) list of programs</a> that can be configured to use Tor.</li>
82) <li>We need better documentation for dynamically intercepting
83) connections and sending them through Tor. tsocks (Linux), dsocks (BSD),
84) and freecap (Windows) seem to be good candidates, as would better
85) use of our new TransPort feature.</li>
86) <li>We have a huge list of <a href="https://wiki.torproject.org/noreply/TheOnionRouter/SupportPrograms">potentially useful
87) programs that interface to Tor</a>. Which ones are useful in which
88) situations? Please help us test them out and document your results.</li>
89) <li>Help translate the web page and documentation into other
90) languages. See the <a href="<page translation>">translation
91) guidelines</a> if you want to help out. We especially need Arabic or
92) Farsi translations, for the many Tor users in censored areas.</li>
93) </ol>
94)
95) <a id="Coding"></a>
96) <a id="Summer"></a>
97) <a id="Projects"></a>
98) <h2><a class="anchor" href="#Projects">Good Coding Projects</a></h2>
99)
100) <p>
101) You may find some of these projects to be good <a href="<page
102) gsoc>">Google Summer of Code 2008</a> ideas. We have labelled each idea
103) with how useful it would be to the overall Tor project
104) (priority), how much work we expect it would be (effort level), how much
105) clue you should start with (skill level), and which of our <a href="<page
106) people>#Core">core developers</a> would be good mentors. There are plenty
107) of other good ideas to work on too — see for example the <a
|
omnibus update of s/svnsand...
Andrew Lewman authored 14 years ago
|
108) href="<gittree>doc/spec/proposals/">current proposals</a> list, or
|
all the .fi pages were miss...
Roger Dingledine authored 16 years ago
|
109) just make up your own ideas.
110) </p>
111)
112) <ol>
113)
114) <li>
115) <b>Tor Exit Scanner improvements</b>
116) <br />
117) Priority: <i>High</i>
118) <br />
119) Effort Level: <i>High</i>
120) <br />
121) Skill Level: <i>High</i>
122) <br />
123) Likely Mentors: <i>Mike</i>
124) <br />
125) Applications as of 1 Apr 00:00 UTC: <i>5</i>
126) <br />
127) The Tor exit node scanner 'SoaT', part of the <a
|
omnibus update of s/svnsand...
Andrew Lewman authored 14 years ago
|
128) href="<gittree>torflow/">Torflow project</a>, makes connections out
|
all the .fi pages were miss...
Roger Dingledine authored 16 years ago
|
129) of each Tor exit node and compares the content it gets back with what it
130) "should" get back. The goal is to notice misconfigured, broken, and even
131) malicious exit relays. Alas, the code is
132) currently written in rather rickety perl and relies on MD5sums of
133) entire documents in order to determine if exit nodes are modifying
134) content. The problem with this is threefold: 1) Perl sucks at life.
135) 2) The scanner can't verify pages that are dynamic, and attackers can
136) focus malicious content injection on only those dynamic pages. 3)
137) Pages change after a while (or based on GeoIP) and begin generating
138) false positives.
139) <br />
140) Ideally, soat.pl would be reimplemented in a sane language with a
141) robust html parser library (since the rest of Torflow is in Python
142) that would be nice, but it is not required), and calculate signatures only for
143) tags and content likely to be targeted by a malicious attacker (script
144) tags, object links, images, css). It should also be robust in the face of
145) changes to content outside of Tor, and ultimately even GeoIP localized
146) content.
147) <br />
148) This scanner would likely be run by the Directory Authorities and
149) report its results to the control port via the AuthDirBadExit config
150) setting.
151) <br />
152) </li>
153)
154) <li>
155) <b>Tor Node Scanner improvements</b>
156) <br />
157) Priority: <i>High</i>
158) <br />
159) Effort Level: <i>Medium to High</i>
160) <br />
161) Skill Level: <i>Medium to High</i>
162) <br />
163) Likely Mentors: <i>Mike</i>
164) <br />
165) Applications as of 1 Apr 00:00 UTC: <i>1</i>
166) <br />
167) Similar to the exit scanner (or perhaps even during exit scanning),
168) statistics can be gathered about the reliability of nodes. Nodes that
169) fail too high a percentage of their circuits should not be given
170) Guard status. Perhaps they should have their reported bandwidth
171) penalized by some ratio as well, or just get marked as Invalid. In
172) addition, nodes that exhibit a very low average stream capacity but
173) advertise a very high node bandwidth can also be marked as Invalid.
174) Much of this statistics gathering is already done, it just needs to be
175) transformed into something that can be reported to the Directory
176) Authorities to blacklist/penalize nodes in such a way that clients
177) will listen.
178) <br />
179) In addition, these same statistics can be gathered about the traffic
180) through a node. Events can be added to the <a
181) href="https://www.torproject.org/svn/torctl/doc/howto.txt">Tor Control
182) Protocol</a> to
183) report if a circuit extend attempt through the node succeeds or fails, and
184) passive statistics can be gathered on both bandwidth and reliability
185) of other nodes via a node-based monitor using these events. Such a
186) scanner would also report information on oddly-behaving nodes to
187) the Directory Authorities, but a communication channel for this
188) currently does not exist and would need to be developed as well.
189) </li>
190)
191) <li>
192) <b>Help track the overall Tor Network status</b>
193) <br />
194) Priority: <i>High</i>
195) <br />
196) Effort Level: <i>Medium</i>
197) <br />
198) Skill Level: <i>Medium</i>
199) <br />
200) Likely Mentors: <i>Roger, Nick, Mike</i>
201) <br />
202) It would be great to set up an automated system for tracking network
203) health over time, graphing it, etc. Part of this project would involve
204) inventing better metrics for assessing network health and growth. Is the
205) average uptime of the network increasing? How many relays are qualifying
206) for Guard status this month compared to last month? What's the turnover
207) in terms of new relays showing up and relays shutting off? Periodically
208) people collect brief snapshots, but where it gets really interesting is
209) when we start tracking data points over time.
210) <br />
211) Data could be collected from the "Tor Node Scanner" item above, from
212) the server descriptors that each relay publishes, and from other
213) sources. Results over time could be integrated into one of the <a
214) href="https://torstatus.blutmagie.de/">Tor Status</a> web pages, or be
215) kept separate. Speaking of the Tor Status pages, take a look at Roger's
216) <a href="http://archives.seul.org/or/talk/Jan-2008/msg00300.html">Tor
217) Status wish list</a>.
218) </li>
219)
220) <li>
221) <b>Tor path selection improvements</b>
222) <br />
223) Priority: <i>High</i>
224) <br />
225) Effort Level: <i>Low to Medium</i>
226) <br />
227) Skill Level: <i>High</i>
228) <br />
229) Likely Mentors: <i>Roger, Nick, Mike</i>
230) <br />
231) Applications as of 1 Apr 00:00 UTC: <i>3</i>
232) <br />
233) Some simple improvements can be made to Tor's path selection to vastly
234) improve Tor speed. For instance, some of the (unofficial) <a
235) href="http://wiki.noreply.org/noreply/TheOnionRouter/FireFoxTorPerf">Tor
236) Performance Recommendations</a> on the wiki are to increase the number of
237) guards and decrease the CircuitBuildTimeout. Ideally, the client would
238) <a href="http://archives.seul.org/or/talk/Feb-2008/msg00012.html">learn
239) these values by gathering statistics on circuit construction
240) time</a> (and/or using values gained from Torflow), and set the timeouts
241) low enough such that some high percentile (75%, 90%, 1-stddev?) of
242) circuits succeed, yet extremely slow nodes are avoided. This would
243) involve some statistics gathering+basic research, and some changes to
244) Tor path selection code.
245) <br />
246) In addition, to improve path security, some elements from the <a
247) href="http://www.torproject.org/svn/trunk/doc/spec/proposals/115-two-hop-paths.txt">Two
248) Hop Paths proposal</a> could be done as part of this (since it will
249) likely touch the same code anyways), regardless of the adoption of
250) that proposal. In particular, clients probably should avoid guards that
251) seem to fail an excessive percentage of their circuits through them,
252) and non-firewalled clients should issue a warning if they are only able
253) to connect to a limited set of guard nodes. See also
254) <a href="http://archives.seul.org/or/dev/Feb-2008/msg00003.html">this
255) or-dev post</a>.
256) </li>
257)
258) <li>
259) <b>Translation Wiki</b>
260) <br />
261) Priority: <i>High</i>
262) <br />
263) Effort Level: <i>Medium</i>
264) <br />
265) Skill Level: <i>Medium</i>
266) <br />
267) Likely Mentors: <i>Jacob</i>
268) <br />
269) We need a way to edit and translate sections of the website. Currently
270) the website is made up of a bunch of <a href="<svnwebsite>en/">wml
271) files</a>, and <a href="<page translation>">translators</a> fetch these
272) wml files, translate them in an editor, and either send us the translation
273) or use svn to commit them back. The current "cost" of publication of
274) website changes is quite high even for English language users. For a
275) single word change or any type of
276) minor change, the page may never be corrected or translated. It would
277) be nice to have a wiki that was specifically geared towards translation
278) and would somehow track the upstream (English) versions to indicate when
279) a fresh translation is needed, like our current
280) <a href="<page translation-status>">translation status page</a>. This
281) seems mostly like a job for a wiki
282) integrator or wiki software author. Certainly the person would need to
283) be interested in human languages and translation. They should at least
284) be minimally familiar with what Tor is; but they would not have to interact
285) with the software, only the documentation and the website.
286) </li>
287)
288) <li>
289) <b>Better Debian/Ubuntu Packaging for Tor+Vidalia</b>
290) <br />
291) Priority: <i>High</i>
292) <br />
293) Effort Level: <i>Medium</i>
294) <br />
295) Skill Level: <i>Medium</i>
296) <br />
297) Likely Mentors: <i>Peter, Matt</i>
298) <br />
299) Applications as of 1 Apr 00:00 UTC: <i>1</i>
300) <br />
301) Vidalia currently doesn't play nicely on Debian and Ubuntu with the
302) default Tor packages. The current Tor packages automatically start Tor
303) as a daemon running as the debian-tor user and (sensibly) do not have a
|
omnibus update of s/svnsand...
Andrew Lewman authored 14 years ago
|
304) <a href="<gitblob>doc/spec/control-spec.txt">ControlPort</a> defined
|
all the .fi pages were miss...
Roger Dingledine authored 16 years ago
|
305) in the default torrc. Consequently, Vidalia will try
306) to start its own Tor process since it could not connect to the existing
307) Tor, and Vidalia's Tor process will then exit with an error message
308) the user likely doesn't understand since Tor cannot bind its listening
309) ports — they're already in use by the original Tor daemon.
310) <br />
311) The current solution involves either telling the user to stop the
312) existing Tor daemon and let Vidalia start its own Tor process, or
313) explaining to the user how to set a control port and password in their
314) torrc. A better solution on Debian would be to use Tor's ControlSocket,
315) which allows Vidalia to talk to Tor via a Unix domain socket, and could
316) possibly be enabled by default in Tor's Debian packages. Vidalia can
317) then authenticate to Tor using filesystem-based (cookie) authentication
318) if the user running Vidalia is also in the debian-tor group.
319) <br />
320) This project will first involve adding support for Tor's ControlSocket
321) to Vidalia. The student will then develop and test Debian and Ubuntu
322) packages for Vidalia that conform to Debian's packaging standards and
323) make sure they work well with the existing Tor packages. We can also
324) set up an apt repository to host the new Vidalia packages.
325) <br />
326) The next challenge would be to find an intuitive usable way for Vidalia
327) to be able to change Tor's configuration (torrc) even though it is
328) located in <code>/etc/tor/torrc</code> and thus immutable. The best
329) idea we've come up with so far is to feed Tor a new configuration via
330) the ControlSocket when Vidalia starts, but that's bad because Tor starts
331) each boot with a different configuration than the user wants. The second
332) best idea
333) we've come up with is for Vidalia to write out a temporary torrc file
334) and ask the user to manually move it to <code>/etc/tor/torrc</code>,
335) but that's bad because users shouldn't have to mess with files directly.
336) <br />
337) A student undertaking this project should have prior knowledge of
338) Debian package management and some C++ development experience. Previous
339) experience with Qt is helpful, but not required.
340) </li>
341)
342) <li>
343) <b>Improving Tor's ability to resist censorship</b>
344) <br />
345) Priority: <i>High</i>
346) <br />
347) Effort Level: <i>High</i>
348) <br />
349) Skill Level: <i>High</i>
350) <br />
351) Likely Mentors: <i>Nick</i>
352) <br />
353) The Tor 0.2.0.x series makes <a
|
Now that the design paper w...
Steven Murdoch authored 14 years ago
|
354) href="<svnprojects>design-paper/blocking.html">significant
|
all the .fi pages were miss...
Roger Dingledine authored 16 years ago
|
355) improvements</a> in resisting national and organizational censorship.
356) But Tor still needs better mechanisms for some parts of its
357) anti-censorship design. For example, current Tors can only listen on a
358) single address/port combination at a time. There's
|
omnibus update of s/svnsand...
Andrew Lewman authored 14 years ago
|
359) <a href="<gitblob>doc/spec/proposals/118-multiple-orports.txt">a
|
all the .fi pages were miss...
Roger Dingledine authored 16 years ago
|
360) proposal to address this limitation</a> and allow clients to connect
361) to any given Tor on multiple addresses and ports, but it needs more
362) work. Another anti-censorship project (far more difficult) is to try
363) to make Tor more scanning-resistant. Right now, an adversary can identify
|
omnibus update of s/svnsand...
Andrew Lewman authored 14 years ago
|
364) <a href="<gitblob>doc/spec/proposals/125-bridges.txt">Tor bridges</a>
|
all the .fi pages were miss...
Roger Dingledine authored 16 years ago
|
365) just by trying to connect to them, following the Tor protocol, and
366) seeing if they respond. To solve this, bridges could
|
Now that the design paper w...
Steven Murdoch authored 14 years ago
|
367) <a href="<svnprojects>design-paper/blocking.html#tth_sEc9.3">act like
|
all the .fi pages were miss...
Roger Dingledine authored 16 years ago
|
368) webservers</a> (HTTP or HTTPS) when contacted by port-scanning tools,
369) and not act like bridges until the user provides a bridge-specific key.
370) <br />
371) This project involves a lot of research and design. One of the big
372) challenges will be identifying and crafting approaches that can still
373) resist an adversary even after the adversary knows the design, and
374) then trading off censorship resistance with usability and robustness.
375) </li>
376)
377) <li>
378) <b>Tor/Polipo/Vidalia Auto-Update Framework</b>
379) <br />
380) Priority: <i>Medium</i>
381) <br />
382) Effort Level: <i>High</i>
383) <br />
384) Skill Level: <i>High</i>
385) <br />
386) Likely Mentors: <i>Matt, Jacob</i>
387) <br />
388) We're in need of a good authenticated-update framework.
389) Vidalia already has the ability to notice when the user is running an
390) outdated or unrecommended version of Tor, using signed statements inside
391) the Tor directory information. Currently, Vidalia simply pops
392) up a little message box that lets the user know they should manually
393) upgrade. The goal of this project would be to extend Vidalia with the
394) ability to also fetch and install the updated Tor software for the
395) user. We should do the fetches via Tor when possible, but also fall back
396) to direct fetches in a smart way. Time permitting, we would also like
397) to be able to update other
398) applications included in the bundled installers, such as Polipo and
399) Vidalia itself.
400) <br />
401) To complete this project, the student will first need to first investigate
402) the existing auto-update frameworks (e.g., Sparkle on OS X) to evaluate
403) their strengths, weaknesses, security properties, and ability to be
404) integrated into Vidalia. If none are found to be suitable, the student
405) will design their own auto-update framework, document the design, and
406) then discuss the design with other developers to assess any security
407) issues. The student will then implement their framework (or integrate
408) an existing one) and test it.
409) <br />
410) A student undertaking this project should have good C++ development
411) experience. Previous experience with Qt is helpful, but not required. The
412) student should also have a good understanding of common security
413) practices, such as package signature verification. Good writing ability
414) is also important for this project, since a vital step of the project
415) will be producing a design document for others to review and discuss
416) with the student prior to implementation.
417) </li>
418)
419) <li>
420) <b>An Improved and More Usable Network Map in Vidalia</b>
421) <br />
422) Priority: <i>Medium</i>
423) <br />
424) Effort Level: <i>Medium</i>
425) <br />
426) Skill Level: <i>Medium to High</i>
427) <br />
428) Likely Mentors: <i>Matt</i>
429) <br />
430) One of Vidalia's existing features is a network map that shows the user
431) the approximate geographic location of relays in the Tor network and
432) plots the paths the user's traffic takes as it is tunneled through the
433) Tor network. The map is currently not very interactive and has rather
434) poor graphics. Instead, we would like to leverage KDE's Marble widget
435) that gives us a better quality map and enables improved interactivity,
436) such as allowing the user to click on individual relays or circuits to
437) display additional information. We might also consider adding the ability
438) for users to click on a particular relay or a country containing one or
439) more Tor exit relays and say, "I want my connections to foo.com to exit
440) from here."
441) <br />
442) This project will first involve the student getting familiar with Vidalia
443) and the Marble widget's API. The student will then integrate the widget
444) into Vidalia and customize Marble to be better suited for our application,
445) such as making circuits clickable, storing cached map data in Vidalia's
446) own data directory, and customizing some of the widget's dialogs.
447) <br />
448) A student undertaking this project should have good C++ development
449) experience. Previous experience with Qt and CMake is helpful, but not
450) required.
451) </li>
452)
453) <li>
454) <b>Tor Controller Status Event Interface</b>
455) <br />
456) Priority: <i>Medium</i>
457) <br />
458) Effort Level: <i>Medium</i>
459) <br />
460) Skill Level: <i>Medium</i>
461) <br />
462) Likely Mentors: <i>Matt, Roger</i>
463) <br />
464) There are a number of status changes inside Tor of which the user may need
465) to be informed. For example, if the user is trying to set up his Tor as a
466) relay and Tor decides that its ports are not reachable from outside
467) the user's network, we should alert the user. Currently, all the user
468) gets is a couple log messages in Vidalia's 'message log' window, which they
469) likely never see since they don't receive a notification that something
470) has gone wrong. Even if the user does actually look at the message log,
471) most of the messages make little sense to the novice user.
472) <br />
473) Tor has the ability to inform Vidalia of many such status changes, and
474) we recently implemented support for a couple of these events. Still,
475) there are many more status events the user should be informed of and we
476) need a better UI for actually displaying them to the user.
477) <br />
478) The goal of this project then is to design and implement a UI for
479) displaying Tor status events to the user. For example, we might put a
480) little badge on Vidalia's tray icon that alerts the user to new status
481) events they should look at. Double-clicking the icon could bring up a
482) dialog that summarizes recent status events in simple terms and maybe
483) suggests a remedy for any negative events if they can be corrected by
484) the user. Of course, this is just an example and the student is free to
485) suggest another approach.
486) <br />
487) A student undertaking this project should have good UI design and layout
488) and some C++ development experience. Previous experience with Qt and
489) Qt's Designer will be very helpful, but are not required. Some
490) English writing ability will also be useful, since this project will
491) likely involve writing small amounts of help documentation that should
492) be understandable by non-technical users. Bonus points for some graphic
493) design/Photoshop fu, since we might want/need some shiny new icons too.
494) </li>
495)
496) <li>
497) <b>Improvements on our active browser configuration tester</b> -
498) <a href="https://check.torproject.org/">https://check.torproject.org/</a>
499) <br />
500) Priority: <i>Medium</i>
501) <br />
502) Effort Level: <i>Low</i>
503) <br />
504) Skill Level: <i>Low to Medium</i>
505) <br />
506) Likely Mentors: <i>Jacob, Steven</i>
507) <br />
508) Applications as of 1 Apr 00:00 UTC: <i>1</i>
509) <br />
510) We currently have a functional web page to detect if Tor is working. It
511) has a few places where it falls short. It requires improvements with
512) regard to default languages and functionality. It currently only responds
513) in English. In addition, it is a hack of a perl script that should have
514) never seen the light of day. It should probably be rewritten in python
515) with multi-lingual support in mind. It currently uses the <a
516) href="http://exitlist.torproject.org/">Tor DNS exit list</a>
517) and should continue to do so in the future. It currently result in certain
518) false positives and these should be discovered, documented, and fixed
519) where possible. Anyone working on this project should be interested in
520) DNS, basic perl or preferably python programming skills, and will have
521) to interact minimally with Tor to test their code.
522) <br />
523) If you want to make the project more exciting
524) and involve more design and coding, take a look at <a
|
omnibus update of s/svnsand...
Andrew Lewman authored 14 years ago
|
525) href="<gitblob>doc/spec/proposals/131-verify-tor-usage.txt">proposal
|
all the .fi pages were miss...
Roger Dingledine authored 16 years ago
|
526) 131-verify-tor-usage.txt</a>.
527) </li>
528)
529) <li>
530) <b>Improvements on our DNS Exit List service</b> -
531) <a href="http://exitlist.torproject.org/">http://exitlist.torproject.org/</a>
532) <br />
533) Priority: <i>Medium</i>
534) <br />
535) Effort Level: <i>Low</i>
536) <br />
537) Skill Level: <i>Low</i>
538) <br />
539) Likely Mentors: <i>Jacob, Tup</i>
540) <br />
541) The <a href="http://p56soo2ibjkx23xo.onion/">exitlist software</a>
542) is written by our fabulous anonymous
543) contributer Tup. It's a DNS server written in Haskell that supports part of our <a
544) href="https://www.torproject.org/svn/trunk/doc/contrib/torel-design.txt">exitlist
545) design document</a>. Currently, it is functional and it is used by
546) check.torproject.org and other users. The issues that are outstanding
547) are mostly aesthetic. This wonderful service could use a much better
548) website using the common Tor theme. It would be best served with better
549) documentation for common services that use an RBL. It could use more
550) publicity. A person working on this project should be interested in DNS,
551) basic RBL configuration for popular services, and writing documentation.
552) The person would require minimal Tor interaction — testing their
553) own documentation at the very least. Furthermore, it would be useful
554) if they were interested in Haskell and wanted to implement more of the
555) torel-design.txt suggestions.
556) </li>
557)
558) <li>
559) <b>Testing integration of Tor with web browsers for our end users</b>
560) <br />
561) Priority: <i>Medium</i>
562) <br />
563) Effort Level: <i>Medium</i>
564) <br />
565) Skill Level: <i>Medium</i>
566) <br />
567) Likely Mentors: <i>Jacob, Mike, Greg</i>
568) <br />
569) Applications as of 1 Apr 00:00 UTC: <i>1</i>
570) <br />
571) The Tor project currently lacks a solid test suite to ensure that a
572) user has a properly and safely configured web browser. It should test for as
573) many known issues as possible. It should attempt to decloak the
574) user in any way possible. Two current webpages that track these
575) kinds of issues are run by Greg Fleischer and HD Moore. Greg keeps a nice <a
576) href="http://pseudo-flaw.net/tor/torbutton/">list of issues along
577) with their proof of concept code, bug issues, etc</a>. HD Moore runs
578) the <a href="http://metasploit.com/research/projects/decloak/">metasploit
579) decloak website</a>. A student interested in defending Tor could start
580) by collecting as many workable and known methods for decloaking a
581) Tor user. (<a href="https://torcheck.xenobite.eu/">This page</a> may
582) be helpful as a start.) The student should be familiar with the common
583) pitfalls but
584) possibly have new methods in mind for implementing decloaking issues. The
585) website should ensure that it tells a user what their problem is. It
586) should help them to fix the problem or direct them to the proper support
587) channels. The student should be closely familiar with using Tor and how
588) to prevent Tor information leakage.
589) </li>
590)
591) <li>
592) <b>Libevent and Tor integration improvements</b>
593) <br />
594) Priority: <i>Medium</i>
595) <br />
596) Effort Level: <i>High</i>
597) <br />
598) Skill Level: <i>Medium to High</i>
599) <br />
600) Likely Mentors: <i>Nick</i>
601) <br />
602) Tor should make better use of the more recent features of Niels
603) Provos's <a href="http://monkey.org/~provos/libevent/">Libevent</a>
604) library. Tor already uses Libevent for its low-level asynchronous IO
605) calls, and could also use Libevent's increasingly good implementations
606) of network buffers and of HTTP. This wouldn't be simply a matter of
607) replacing Tor's internal calls with calls to Libevent: instead, we'll
608) need to refactor Tor to use Libevent calls that do not follow the
609) same models as Tor's existing backends. Also, we'll need to add
610) missing functionality to Libevent as needed — most difficult likely
611) will be adding OpenSSL support on top of Libevent's buffer abstraction.
612) Also tricky will be adding rate-limiting to Libevent.
613) </li>
614)
615) <li>
616) <b>Tuneup Tor!</b>
617) <br />
618) Priority: <i>Medium</i>
619) <br />
620) Effort Level: <i>Medium</i>
621) <br />
622) Skill Level: <i>Medium to High</i>
623) <br />
624) Likely Mentors: <i>Nick, Roger, Mike</i>
625) <br />
626) Right now, Tor relays measure and report their own bandwidth, and Tor
627) clients choose which relays to use in part based on that bandwidth.
628) This approach is vulnerable to
629) <a href="http://freehaven.net/anonbib/#bauer:wpes2007">attacks where
630) relays lie about their bandwidth</a>;
631) to address this, Tor currently caps the maximum bandwidth
632) it's willing to believe any relay provides. This is a limited fix, and
633) a waste of bandwidth capacity to boot. Instead,
634) Tor should possibly measure bandwidth in a more distributed way, perhaps
635) as described in the
636) <a href="http://freehaven.net/anonbib/author.html#snader08">"A Tune-up for
637) Tor"</a> paper
638) by Snader and Borisov. A student could use current testing code to
639) double-check this paper's findings and verify the extent to which they
640) dovetail with Tor as deployed in the wild, and determine good ways to
641) incorporate them into their suggestions Tor network without adding too
642) much communications overhead between relays and directory
643) authorities.
644) </li>
645)
646) <!--
647) <li>
648) <b>Improving the Tor QA process: Continuous Integration for Windows builds</b>
649) <br />
650) Priority: <i>High</i>
651) <br />
652) Effort Level: <i>Medium</i>
653) <br />
654) Skill Level: <i>Medium</i>
655) <br />
656) Likely Mentors: <i>Jacob, Andrew</i>
657) <br />
658) It would be useful to have automated build processes for Windows and
659) probably other platforms. The purpose of having a continuous integration
660) build environment is to ensure that Windows isn't left behind for any of
661) the software projects used in the Tor project or its accompanying.<br />
662) Buildbot may be a good choice for this as it appears to support all of
663) the platforms Tor does. See the
664) <a href="http://en.wikipedia.org/wiki/BuildBot">wikipedia entry for
665) buildbot</a>.<br />
666) There may be better options and the person undertaking this task should
667) evaluate other options. Any person working on this automatic build
668) process should have experience or be willing to learn how to build all
669) of the respective Tor related code bases from scratch. Furthermore, the
670) person should have some experience building software in Windows
671) environments as this is the target audience we want to ensure we do not
672) leave behind. It would require close work with the Tor source code but
673) probably only in the form of building, not authoring.<br />
674) Additionally, we need to automate our performance testing for all platforms.
675) We've got buildbot (except on Windows — as noted above) to automate
676) our regular integration and compile testing already,
677) but we need to get our network simulation tests (as built in torflow)
678) updated for more recent versions of Tor, and designed to launch a test
679) network either on a single machine, or across several, so we can test
680) changes in performance on machines in different roles automatically.
681) </li>
682) -->
683)
684) <li>
685) <b>Improve our unit testing process</b>
686) <br />
687) Priority: <i>Medium</i>
688) <br />
689) Effort Level: <i>Medium</i>
690) <br />
691) Skill Level: <i>Medium</i>
692) <br />
693) Likely Mentors: <i>Nick</i>
694) <br />
695) Tor needs to be far more tested. This is a multi-part effort. To start
696) with, our unit test coverage should rise substantially, especially in
697) the areas outside the utility functions. This will require significant
698) refactoring of some parts of Tor, in order to dissociate as much logic
699) as possible from globals.
700) <br />
701) Additionally, we need to automate our performance testing. We've got
702) buildbot to automate our regular integration and compile testing already
703) (though we need somebody to set it up on Windows),
704) but we need to get our network simulation tests (as built in TorFlow: see
705) the "Tor Node Scanner improvements" item)
706) updated for more recent versions of Tor, and designed to launch a test
707) network either on a single machine, or across several, so we can test
708) changes in performance on machines in different roles automatically.
709) </li>
710)
711) <li>
712) <b>Help revive an independent Tor client implementation</b>
713) <br />
714) Priority: <i>Medium</i>
715) <br />
716) Effort Level: <i>High</i>
717) <br />
718) Skill Level: <i>Medium to High</i>
719) <br />
720) Likely Mentors: <i>Karsten, Nick</i>
721) <br />
722) Applications as of 1 Apr 00::00 UTC: <i>4</i>
723) <br />
724) Reanimate one of the approaches to implement a Tor client in Java,
725) e.g. the <a href="http://onioncoffee.sourceforge.net/">OnionCoffee
726) project</a>, and make it run on <a
727) href="http://code.google.com/android/">Android</a>. The first step
728) would be to port the existing code and execute it in an Android
729) environment. Next, the code should be updated to support the newer Tor
|
omnibus update of s/svnsand...
Andrew Lewman authored 14 years ago
|
730) protocol versions like the <a href="<gitblob>doc/spec/dir-spec.txt">v3
|
all the .fi pages were miss...
Roger Dingledine authored 16 years ago
|
731) directory protocol</a>. Further, support for requesting or even
732) providing Tor hidden services would be neat, but not required.
733) <br />
734) The student should be able to understand and write new Java code, including
735) a Java cryptography API. Being able to read C code would be helpful,
736) too. The student should be willing to read the existing documentation,
737) implement code based on it, and refine the documentation
738) when things are underdocumented. This project is mostly about coding and
739) to a small degree about design.
740) </li>
741)
742) <li>
743) <b>Automatic system tests and automatically starting private Tor networks</b>
744) <br />
745) Priority: <i>Medium</i>
746) <br />
747) Effort Level: <i>Medium</i>
748) <br />
749) Skill Level: <i>Medium</i>
750) <br />
751) Likely Mentors: <i>Karsten, Nick, Roger</i>
752) <br />
753) Applications as of 1 Apr 00:00 UTC: <i>2</i>
754) <br />
755) Write a tool that runs automatic system tests in addition
756) to the existing unit tests. The Java-based Tor simulator <a
757) href="https://svn.torproject.org/svn/puppetor/trunk/">PuppeTor</a>
758) might be a good start for starting up a private Tor network, using it
759) for a while, and verifying that at least parts of it are working. This
760) project requires to conceive a blueprint for performing system tests
761) of private Tor networks, before starting to code. Typical types of
762) tests range from performing single requests over the private network to
763) manipulating exchanged messages and see if nodes handle corrupt messages
764) appropriately.
765) <br />
766) The student should be able to obtain a good understanding
767) of how Tor works and what problems and bugs could arise to design good
768) test cases. Understanding the existing Tor code structure and documentation is
769) vital. If PuppeTor is used, the student should also be able to understand
770) and possibly extend an existing Java application. This project is partly
771) about design and partly about coding.
772) </li>
773)
774) <li>
775) <b>Bring moniTor to life</b>
776) <br />
777) Priority: <i>Medium</i>
778) <br />
779) Effort Level: <i>Medium</i>
780) <br />
781) Skill Level: <i>Low to Medium</i>
782) <br />
783) Likely Mentors: <i>Karsten, Jacob</i>
784) <br />
785) Applications as of 1 Apr 00::00 UTC: <i>2</i>
786) <br />
787) Implement a <a href="http://www.ss64.com/bash/top.html">top-like</a>
788) management tool for Tor relays. The purpose of such a tool would be
789) to monitor a local Tor relay via its control port and include useful
790) system information of the underlying machine. When running this tool, it
791) would dynamically update its content like top does for Linux processes.
792) <a href="http://archives.seul.org/or/dev/Jan-2008/msg00005.html">This
793) or-dev post</a> might be a good first read.
794) <br />
795) The student should be familiar
796) with or willing to learn about administering a Tor relay and configuring
797) it via its control port. As an initial prototype is written in Python,
798) some knowledge about writing Python code would be helpful, too. This
799) project is one part about identifying requirements to such a
800) tool and designing its interface, and one part lots of coding.
801) </li>
802)
803) <li>
804) <b>Torbutton improvements</b>
805) <br />
806) Priority: <i>Medium</i>
807) <br />
808) Effort Level: <i>High</i>
809) <br />
810) Skill Level: <i>High</i>
811) <br />
812) Likely Mentors: <i>Mike</i>
813) <br/>
814) Torbutton has a number of improvements that can be made in the post-1.2
815) timeframe. Most of these are documented as feature requests in the <a
816) href="https://bugs.torproject.org/flyspray/index.php?tasks=all&project=5">Torbutton
817) flyspray section</a>. Good examples include: stripping off node.exit on http
818) headers, more fine-grained control over formfill blocking, improved referrer
819) spoofing based on the domain of the site (a-la <a
820) href="https://addons.mozilla.org/en-US/firefox/addon/953">refcontrol extension</a>),
821) tighter integration with Vidalia for reporting Tor status, a New Identity
822) button with Tor integration and multiple identity management, and anything
823) else you might think of.
824) <br />
825) This work would be independent coding in Javascript and the fun world of <a
826) href="http://www.mozilla.org/keymaster/gatekeeper/there.is.only.xul">XUL</a>,
827) with not too much involvement in the Tor internals.
828) </li>
829)
830) <li>
831) <b>Porting Polipo to Windows</b>
832) <br />
833) Priority: <i>Medium</i>
834) <br />
835) Effort Level: <i>Medium</i>
836) <br />
837) Skill Level: <i>Medium to High</i>
838) <br />
839) Likely Mentors: <i>Andrew, Steven, Roger</i>
840) <br />
841) Help port <a
842) href="http://www.pps.jussieu.fr/~jch/software/polipo/">Polipo</a> to
843) Windows. Example topics to tackle include:
844) 1) handle spaces in path names and understand the filesystem
845) namespace — that is, where application data, personal data,
846) and program data typically reside in various versions of Windows. 2) the
847) ability to handle ipv6 communications. 3) the ability to asynchronously
848) query name servers, find the system nameservers, and manage netbios
849) and dns queries. 4) use native regex capabilities of Windows, rather
850) than using 3rd party GNU regex libraries. 5) manage events and buffers
851) natively (i.e. in Unix-like OSes, Polipo defaults to 25% of ram, in
852) Windows it's whatever the config specifies). 6) some sort of GUI config
853) and reporting tool, bonus if it has a systray icon with right clickable
854) menu options. Double bonus if it's cross-platform compatible.
855) </li>
856)
857) <li>
858) <b>Make our diagrams beautiful and automated</b>
859) <br />
860) Priority: <i>Medium</i>
861) <br />
862) Effort Level: <i>Low</i>
863) <br />
864) Skill Level: <i>Low</i>
865) <br />
866) Likely Mentors: <i>Andrew</i>
867) <br />
868) We need a way to generate the website diagrams (for example, the "How
869) Tor Works" pictures on the <a href="<page overview>">overview page</a>
870) from source, so we can translate them as UTF-8 text rather than edit
871) them by hand with Gimp. We might want to
872) integrate this as an wml file so translations are easy and images are
873) generated in multiple languages whenever we build the website. See the
874) "Translation Wiki" idea above.
875) </li>
876)
877) <li>
878) <b>Improve the LiveCD offerings for the Tor community</b>
879) <br />
880) Priority: <i>Low</i>
881) <br />
882) Effort Level: <i>Low</i>
883) <br />
884) Skill Level: <i>Medium to High</i>
885) <br />
886) Likely Mentors: <i>Anonym, Jacob, Roger</i>
887) <br />
888) How can we make the <a
889) href="http://anonymityanywhere.com/incognito/">Incognito LiveCD</a>
890) easier to maintain, improve, and document?
891) </li>
892)
893) <li>
894) <b>Rework and extend Blossom</b>
895) <br />
896) Priority: <i>Medium</i>
897) <br />
898) Effort Level: <i>Medium to High</i>
899) <br />
900) Skill Level: <i>Medium to High</i>
901) <br />
902) Likely Mentors: <i>Goodell</i>
903) <br />
904) Rework and extend Blossom (a tool for monitoring and
905) selecting appropriate Tor circuits based upon exit node requirements
906) specified by the user) to gather data in a self-contained way, with
907) parameters easily configurable by the user. Blossom is presently
908) implemented as a single Python script that interfaces with Tor using the
909) Controller interface and depends upon metadata about Tor nodes obtained
910) via external processes, such as a webpage indicating status of the nodes
911) plus publically available data from DNS, whois, etc. This project has
912) two parts: (1) Determine which additional metadata may be useful and
913) rework Blossom so that it cleanly obtains the metadata on its own rather
914) than depend upon external scripts (this may, for example, involve
915) additional threads or inter-process communication), and (2) develop a
916) means by which the user can easily configure Blossom, starting with a
917) configuration file and possibly working up to a web configuration engine.
918) Knowledge of Tor and Python are important; knowledge of
919) TCP, interprocess communication, and Perl will also be helpful. An
920) interest in network neutrality is important as well, since the
921) principles of evaluating and understanding internet inconsistency are at
922) the core of the Blossom effort.
923) </li>
924)
925) <li>
926) <b>Improve Blossom: Allow users to qualitatively describe exit nodes they desire</b>
927) <br />
928) Priority: <i>Low</i>
929) <br />
930) Effort Level: <i>Medium</i>
931) <br />
932) Skill Level: <i>Medium</i>
933) <br />
934) Likely Mentors: <i>Goodell</i>
935) <br />
936) Develop and implement a means of affording Blossom
937) users the ability to qualitatively describe the exit node that they
938) want. The Internet is an inconsistent place: some Tor exit nodes see
939) the world differently than others. As presently implemented, Blossom (a
940) tool for monitoring and selecting appropriate Tor circuits based upon
941) exit node requirements specified by the user) lacks a sufficiently rich
942) language to describe how the different vantage points are different.
943) For example, some exit nodes may have an upstream network that filters
944) certain kinds of traffic or certain websites. Other exit nodes may
945) provide access to special content as a result of their location, perhaps
946) as a result of discrimination on the part of the content providers
947) themselves. This project has two parts: (1) develop a language for
948) describing characteristics of networks in which exit nodes reside, and
949) (2) incorporate this language into Blossom so that users can select Tor
950) paths based upon the description.
951) Knowledge of Tor and Python are important; knowledge of
952) TCP, interprocess communication, and Perl will also be helpful. An
953) interest in network neutrality is important as well, since the
954) principles of evaluating and understanding internet inconsistency are at
955) the core of the Blossom effort.
956) </li>
957)
958) <li>
959) <b>Bring up new ideas!</b>
960) <br />
961) Don't like any of these? Look at the <a
|
Now that the design paper w...
Steven Murdoch authored 14 years ago
|
962) href="<svnprojects>design-paper/roadmap-future.pdf">Tor development
|
all the .fi pages were miss...
Roger Dingledine authored 16 years ago
|
963) roadmap</a> for more ideas.
964) </li>
965)
966) </ol>
967)
968) <h2><a class="anchor" href="#Coding">Coding and Design</a></h2>
969) <ol>
970) <li>Tor relays don't work well on Windows XP. On
971) Windows, Tor uses the standard <tt>select()</tt> system
972) call, which uses space in the non-page pool. This means
973) that a medium sized Tor relay will empty the non-page pool, <a
974) href="https://wiki.torproject.org/noreply/TheOnionRouter/WindowsBufferProblems">causing
975) havoc and system crashes</a>. We should probably be using overlapped IO
976) instead. One solution would be to teach <a
977) href="http://www.monkey.org/~provos/libevent/">libevent</a> how to use
978) overlapped IO rather than select() on Windows, and then adapt Tor to
979) the new libevent interface. Christian King made a
980) <a href="https://svn.torproject.org/svn/libevent-urz/trunk/">good
981) start</a> on this in the summer of 2007.</li>
982) <li>We need to actually start building our <a href="<page
983) documentation>#DesignDoc">blocking-resistance design</a>. This involves
984) fleshing out the design, modifying many different pieces of Tor, adapting
|
change the vidalia index page
Roger Dingledine authored 15 years ago
|
985) <a href="<page vidalia/index>">Vidalia</a> so it supports the
|
all the .fi pages were miss...
Roger Dingledine authored 16 years ago
|
986) new features, and planning for deployment.</li>
987) <li>We need a flexible simulator framework for studying end-to-end
988) traffic confirmation attacks. Many researchers have whipped up ad hoc
989) simulators to support their intuition either that the attacks work
990) really well or that some defense works great. Can we build a simulator
991) that's clearly documented and open enough that everybody knows it's
992) giving a reasonable answer? This will spur a lot of new research.
993) See the entry <a href="#Research">below</a> on confirmation attacks for
994) details on the research side of this task — who knows, when it's
995) done maybe you can help write a paper or three also.</li>
996) <li>Tor 0.1.1.x and later include support for hardware crypto accelerators
997) via OpenSSL. Nobody has ever tested it, though. Does somebody want to get
998) a card and let us know how it goes?</li>
999) <li>Perform a security analysis of Tor with <a
1000) href="http://en.wikipedia.org/wiki/Fuzz_testing">"fuzz"</a>. Determine
1001) if there are good fuzzing libraries out there for what we want. Win fame by
1002) getting credit when we put out a new release because of you!</li>
1003) <li>Tor uses TCP for transport and TLS for link
1004) encryption. This is nice and simple, but it means all cells
1005) on a link are delayed when a single packet gets dropped, and
1006) it means we can only reasonably support TCP streams. We have a <a
1007) href="https://wiki.torproject.org/noreply/TheOnionRouter/TorFAQ#TransportIPnotTCP">list
1008) of reasons why we haven't shifted to UDP transport</a>, but it would
1009) be great to see that list get shorter. We also have a proposed <a
|
omnibus update of s/svnsand...
Andrew Lewman authored 14 years ago
|
1010) href="<gitblob>doc/spec/proposals/100-tor-spec-udp.txt">specification
|