getinvolved/en/volunteer.wml (ea85be4e8) - tor-webwml.git

volunteer.wml

## translation metadata
# Revision: $Revision$
# Translation-Priority: 4-optional

#include "head.wmi" TITLE="Tor: Volunteer" CHARSET="UTF-8"
<div id="content" class="clearfix">
 <div id="breadcrumbs">
 <a href="<page index>">Home &raquo; </a>
 <a href="<page getinvolved/volunteer>">Volunteer</a>
 </div>
 <div id="maincol">
 
 <h1>A few things everyone can do now:</h1>
 <ol>
 <li>Please consider <a href="<page docs/tor-doc-relay>">running
 a relay</a> to help the Tor network grow.</li>
 <li>Do you have an Amazon account? Are you willing to spend up to $3 a
 month? Then spin up your own Tor <a href="<page
 docs/bridges>">bridge</a> in less than 10 minutes with <a
 href="https://cloud.torproject.org/">tor cloud</a>!</li>
 <li>Tell your friends! Get them to run relays. Get them to run hidden
 services. Get them to tell their friends.</li>
 <li>If you like Tor's goals, please <a href="<page donate/donate>">take a moment
 to donate to support further Tor development</a>. We're also looking
 for more sponsors &mdash; if you know any companies, NGOs, agencies,
 or other organizations that want anonymity / privacy / communications
 security, let them know about us.</li>
 <li>We're looking for more <a href="<page about/torusers>">good examples of Tor
 users and Tor use cases</a>. If you use Tor for a scenario or purpose not
 yet described on that page, and you're comfortable sharing it with us,
 we'd love to hear from you.</li>
 </ol>

<a id="Documentation"></a>
 <h2><a class="anchor" href="#Documentation">Documentation</a></h2>
 <ol>
 <li>Help translate the

 documentation into other
 languages. See the <a href="<page getinvolved/translation>">translation
 guidelines</a> if you want to help out. We especially need Arabic or
 Farsi translations, for the many Tor users in censored areas.</li>
 <li>Evaluate and document
 <a href="<wiki>doc/TorifyHOWTO">our
 list of programs</a> that can be configured to use Tor.</li>
 <li>We have a huge list of <a
 href="<wiki>doc/SupportPrograms">potentially useful
 programs that interface to Tor</a>. Which ones are useful in which
 situations? Please help us test them out and document your results.</li>
 </ol>

<a id="Advocacy"></a>
 <h2><a class="anchor" href="#Advocacy">Advocacy</a></h2>
 <ol>
 <li>Monitor some of our <a 
 href="https://lists.torproject.org/cgi-bin/mailman/listinfo">public mailing 
 lists</a>, like <a 
 href="https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk">tor-talk</a>, <a 
 href="https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays">tor-relays</a>, <a 
 href="https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev">tor-dev</a>, or <a 
 href="https://lists.torproject.org/cgi-bin/mailman/listinfo/tbb-dev">tbb-dev</a>, 
 and summarize noteworthy exchanges into articles for <a 
 href="https://lists.torproject.org/cgi-bin/mailman/listinfo">Tor 
 Weekly News</a>.</li>
 <li>Create a presentation that can be used for various user group
meetings around the world.</li>
 <li>Create a video about the positive uses of Tor, what Tor is,
 or how to use it. Some have already started on <a
 href="https://media.torproject.org/video/">Tor's Media server</a>,
 <a
 href="http://www.howcast.com/videos/90601-How-To-Circumvent-an-Internet-Proxy">Howcast</a>,
 and <a href="http://www.youtube.com/thetorproject">YouTube</a>.</li>
 <li>Create a poster, or a set of posters, around a theme,
 such as "Tor for Freedom!"</li>
 <li>Create a t-shirt design that incorporates "<a
 href="https://check.torproject.org/">Congratulations! You are using
 Tor!</a>" in any language.</li>
 </ol>

<!--
 <a id="gsoc"></a>
 <h2><a class="anchor" href="#gsoc">Google Summer of Code</a></h2>

Tor is also taking part in this year's <a
 href="https://www.google-melange.com/gsoc/homepage/google/gsoc2013">Google
 Summer of Code</a>! The criteria for this is a little different - either
 gender can apply but you need to be either <a
 href="https://www.google-melange.com/gsoc/document/show/gsoc_program/google/gsoc2013/help_page#2._Whos_eligible_to_participate_as_a">a
 present student or just graduated</a>.

As mentioned above if you're eligible for either program then please apply
 for both! Google Summer of Code is a far, far larger program for us than
 OPW so your chances of being applied that way are considerably better.

See our page for <a href="<page about/gsoc>">Google Summer of Code</a>
 for more information.
 
-->

<a id="Projects"></a>
 <h2><a class="anchor" href="#Projects">Projects</a></h2>

Below are a list of Tor related projects we're developing and/or
 maintaining. Most discussions happen on IRC so if you're interested in any
 of these (or you have a project idea of your own), then please <a
 href="<page about/contact>#irc">join us in #tor-dev</a>. Don't be shy
 to ask questions, and don't hesitate to ask even if the main contributors
 aren't active at that moment.

For a presentation summarizing many of these projects see...

<div id="ecosystem_presentation">
 <a href="https://media.torproject.org/video/2013-11-t3am-damian-johnson.mp4">Tor Ecosystem</a> (<a href="https://svn.torproject.org/svn/projects/presentations/2013-11-t3am-tor-ecosystem.pdf">slides</a>)
 </div>

<table id="projects">
 <tr>
 <th>Name</th>
 <th>Category</th>
 <th>Language</th>
 <th>Activity</th>
 <th>Contributors</th>
 </tr>

<tr>
 <td><a href="#project-tor">Tor</a></td>
 <td>Core</td>
 <td>C</td>
 <td>Heavy</td>
 <td>nickm, athena, arma</td>
 </tr>

<tr>
 <td>*<a href="#project-orchid">Orchid</a></td>
 <td>Core</td>
 <td>Java</td>
 <td>Moderate</td>
 <td>bleidl</td>
 </tr>

<tr>
 <td><a href="#project-torbrowser">Tor Browser</a></td>
 <td>Bundle</td>
 <td>C, Scripting</td>
 <td>Moderate</td>
 <td>mikeperry, Erinn</td>
 </tr>

<tr>
 <td><a href="#project-torbutton">Torbutton</a></td>
 <td>Browser Add-on</td>
 <td>Javascript</td>
 <td>Moderate</td>
 <td>mikeperry</td>
 </tr>

<tr>
 <td><a href="#project-httpseverywhere">HTTPS Everywhere</a></td>
 <td>Browser Add-on</td>
 <td>Javascript</td>
 <td>Heavy</td>
 <td>pde, mikeperry</td>
 </tr>

<tr>
 <td><a href="#project-vidalia">Vidalia</a></td>
 <td>User Interface</td>
 <td>C++, Qt</td>
 <td>None</td>
 <td>chiiph</td>
 </tr>

<tr>
 <td><a href="#project-arm">Arm</a></td>
 <td>User Interface</td>
 <td>Python, Curses</td>
 <td>Light</td>
 <td>atagar</td>
 </tr>

<tr>
 <td><a href="#project-orbot">Orbot</a></td>
 <td>User Interface</td>
 <td>Java</td>
 <td>Light</td>
 <td>n8fr8</td>
 </tr>

<tr>
 <td><a href="#project-tails">Tails</a></td>
 <td>OS image</td>
 <td>Sys Admin</td>
 <td>Heavy</td>
 <td><a href="https://tails.boum.org/">#tails</a></td>
 </tr>

<tr>
 <td><a href="#project-torramdisk">tor-ramdisk</a></td>
 <td>OS image</td>
 <td>Sys Admin</td>
 <td>None</td>
 <td>blueness</td>
 </tr>

<tr>
 <td>*<a href="#project-torouter">Torouter</a></td>
 <td>OS image</td>
 <td>Sys Admin</td>
 <td>None</td>
 <td>ioerror</td>
 </tr>

<tr>
 <td><a href="#project-torsocks">Torsocks</a></td>
 <td>Usability</td>
 <td>C</td>
 <td>Light</td>
 <td>ioerror, nickm</td>
 </tr>

<tr>
 <td><a href="#project-torbirdy">TorBirdy</a></td>
 <td>Browser Add-on</td>
 <td>JavaScript</td>
 <td>Heavy</td>
 <td>Sukhbir (sukhe)</td>
 </tr>

<tr>
 <td><a href="#project-obfsproxy">Obfsproxy</a></td>
 <td>Client Add-on</td>
 <td>Python</td>
 <td>Moderate</td>
 <td>asn</td>
 </tr>

<tr>
 <td><a href="#project-flash-proxy">Flash Proxy</a></td>
 <td>Client Add-on</td>
 <td>Python, JavaScript, Go</td>
 <td>Heavy</td>
 <td>dcf, infinity0, aallai, jct</td>
 </tr>

<tr>
 <td><a href="#project-shadow">Shadow</a></td>
 <td>Simulator</td>
 <td>C, Python</td>
 <td>Heavy</td>
 <td>robgjansen</td>
 </tr>

<tr>
 <td><a href="#project-stem">Stem</a></td>
 <td>Library</td>
 <td>Python</td>
 <td>Heavy</td>
 <td>atagar</td>
 </tr>

<tr>
 <td><a href="#project-txtorcon">Txtorcon</a></td>
 <td>Library</td>
 <td>Python, Twisted</td>
 <td>Moderate</td>
 <td>meejah</td>
 </tr>

<tr>
 <td><a href="#project-tlsdate">Tlsdate</a></td>
 <td>Utility</td>
 <td>C</td>
 <td>Moderate</td>
 <td>ioerror</td>
 </tr>

<tr>
 <td><a href="#project-metrics">Metrics</a></td>
 <td>Client Service</td>
 <td>Java</td>
 <td>Moderate</td>
 <td>karsten</td>
 </tr>

<tr>
 <td><a href="#project-atlas">Atlas</a></td>
 <td>Client Service</td>
 <td>JavaScript</td>
 <td>Light</td>
 <td>hellais, karsten</td>
 </tr>

<tr>
 <td><a href="#project-globe">Globe</a></td>
 <td>Client Service</td>
 <td>JavaScript</td>
 <td>Heavy</td>
 <td>Christian</td>
 </tr>

<tr>
 <td><a href="#project-compass">Compass</a></td>
 <td>Client Service</td>
 <td>Python</td>
 <td>Light</td>
 <td>gsathya, karsten, cwacek</td>
 </tr>

<tr>
 <td><a href="#project-onionoo">Onionoo</a></td>
 <td>Backend Service</td>
 <td>Java, Python</td>
 <td>Moderate</td>
 <td>karsten, gsathya</td>
 </tr>

<tr>
 <td><a href="#project-doctor">DocTor</a></td>
 <td>Backend Service</td>
 <td>Python</td>
 <td>Light</td>
 <td>atagar</td>
 </tr>

<tr>
 <td><a href="#project-weather">Weather</a></td>
 <td>Client Service</td>
 <td>Python</td>
 <td>None</td>
 <td>kaner</td>
 </tr>

<tr>
 <td><a href="#project-gettor">GetTor</a></td>
 <td>Client Service</td>
 <td>Python</td>
 <td>None</td>
 <td>kaner</td>
 </tr>

<tr>
 <td><a href="#project-torcheck">TorCheck</a></td>
 <td>Client Service</td>
 <td>Go</td>
 <td>Moderate</td>
 <td>Arlo</td>
 </tr>

<tr>
 <td><a href="#project-bridgedb">BridgeDB</a></td>
 <td>Backend Service</td>
 <td>Python</td>
 <td>Light</td>
 <td>kaner, nickm</td>
 </tr>

<tr>
 <td><a href="#project-ooni-probe">Ooni Probe</a></td>
 <td>Scanner</td>
 <td>Python</td>
 <td>Moderate</td>
 <td>hellais, isis, ioerror</td>
 </tr>

<tr>
 <td><a href="#project-torps">TorPS</a></td>
 <td>Backend Service</td>
 <td>Python</td>
 <td>Light</td>
 <td>Aaron Johnson</td>
 </tr>

<tr>
 <td><a href="#project-torflow">TorFlow</a></td>
 <td>Backend Service</td>
 <td>Python</td>
 <td>None</td>
 <td>aagbsn, mikeperry</td>
 </tr>

<tr>
 <td>*<a href="#project-torbel">TorBEL</a></td>
 <td>Backend Service</td>
 <td>Python</td>
 <td>None</td>
 <td>Sebastian</td>
 </tr>

<tr>
 <td><a href="#project-tor2web">Tor2web</a></td>
 <td>Client Service</td>
 <td>Python</td>
 <td>Moderate</td>
 <td>evilaliv3, hellais</td>
 </tr>

<tr>
 <td><a href="#project-anonbib">Anonbib</a></td>
 <td>Website</td>
 <td>Python</td>
 <td>Light</td>
 <td>arma, nickm</td>
 </tr>

</table>

* Project is still in an alpha state.

<a id="project-tor"></a>
 <h3>Tor (<a href="https://gitweb.torproject.org/tor.git">code</a>, <a
 href="https://trac.torproject.org/projects/tor/report/12">bug
 tracker</a>)</h3>

Central project, providing the core software for using and participating in
 the Tor network. Numerous people contribute to the project to varying
 extents, but the chief architects are Nick Mathewson and Roger Dingledine.

Project Ideas: 
 <a href="#torCleanup">Tor Codebase Cleanup</a> 
 <a href="#improveTorTestCoverage">Improve test coverage in Tor</a> 
 <a href="#useMoreCores">Have the Tor daemon use more cores</a> 
 <a href="#improveHiddenServices">Help improve Tor hidden services</a> 
 <a href="#consensusDiffs">Implement consensus diffs</a> 
 <a href="#improvedDnsSupport">Improved DNS support for Tor</a> 
 <a href="#torSandboxing">Help improve Tor sandboxing</a>

<a id="project-orchid"></a>
 <h3><a href="https://github.com/subgraph/Orchid">Orchid</a> (<a
 href="https://github.com/subgraph/Orchid">code</a>, <a
 href="https://github.com/subgraph/Orchid/issues">bug
 tracker</a>)</h3>

Java implementation of Tor and successor to <a href="http://onioncoffee.sourceforge.net/">OnionCoffee</a>.

<a id="project-torbrowser"></a>
 <h3><a href="<page projects/torbrowser>">Tor Browser Bundle</a> (<a
 href="https://gitweb.torproject.org/torbrowser.git">code</a>, <a
 href="https://trac.torproject.org/projects/tor/query?status=accepted&status=assigned&status=needs_review&status=new&status=reopened&component=Tor+bundles/installation&order=priority">bug
 tracker</a>, <a href="https://www.torproject.org/projects/torbrowser/design/">design doc</a>)</h3>

The Tor Browser Bundle is an easy-to-use portable package of Tor, Vidalia,
 Torbutton, and a Firefox fork preconfigured to work together out of
 the box. It contains a modified copy of Firefox that aims to resolve the
 privacy and security issues in mainline version.

Project Ideas: 
 <a href="#panopticlick">Panopticlick</a>

<a id="project-torbutton"></a>
 <h3><a href="<page docs/torbutton/index>">Torbutton</a> (<a
 href="https://gitweb.torproject.org/torbutton.git">code</a>, <a
 href="https://trac.torproject.org/projects/tor/query?status=accepted&status=assigned&status=needs_review&status=new&status=reopened&component=Torbutton&order=priority">bug
 tracker</a>)</h3>

Firefox addon that addresses many of the client-side threats to browsing
 the Internet anonymously. Mike has since continued to adapt it to new
 threats, updated versions of Firefox, and possibly <a
 href="https://blog.torproject.org/blog/google-chrome-incognito-mode-tor-and-fingerprinting">Chrome
 as well</a>.

<a id="project-httpseverywhere"></a>
 <h3><a href="https://www.eff.org/https-everywhere">HTTPS Everywhere</a> (<a
 href="https://gitweb.torproject.org/https-everywhere.git">code</a>, <a
 href="https://trac.torproject.org/projects/tor/report/19">bug
 tracker</a>)</h3>

HTTPS Everywhere is a Firefox and Chrome extension that encrypts
 your communications with many major websites, making your browsing
 more secure.

<a id="project-vidalia"></a>
 <h3><a href="<page projects/vidalia>">Vidalia</a> (<a
 href="https://gitweb.torproject.org/vidalia.git">code</a>, <a
 href="https://trac.torproject.org/projects/tor/query?status=accepted&status=assigned&status=needs_review&status=new&status=reopened&component=Vidalia&order=priority">bug
 tracker</a>)</h3>

The most commonly used user interface for Tor. Matt Edman started the
 project in 2006 and brought it to its current stable state. Development
 slowed for several years, though Tomás Touceda has since taken the
 lead with pushing the project forward.

<a id="project-arm"></a>
 <h3><a href="https://www.atagar.com/arm/">Arm</a> (<a
 href="https://gitweb.torproject.org/arm.git">code</a>, <a
 href="https://trac.torproject.org/projects/tor/query?status=accepted&status=assigned&status=needs_review&status=new&status=reopened&component=arm&order=priority">bug
 tracker</a>)</h3>

The anonymizing relay monitor (arm) is a terminal status monitor for Tor,
 intended for command-line aficionados, ssh connections, and anyone with a
 tty terminal. This works much like top does for system usage, providing
 real time statistics for bandwidth, resource usage, connections, and quite
 a bit more.

<a id="project-orbot"></a>
 <h3><a href="https://guardianproject.info/apps/orbot/">Orbot</a> (<a
 href="https://gitweb.torproject.org/orbot.git">code</a>, <a
 href="https://trac.torproject.org/projects/tor/query?status=accepted&status=assigned&status=needs_review&status=new&status=reopened&component=Orbot&order=priority">bug
 tracker</a>)</h3>

Provides Tor on the Android platform. The project is under active 
 development, updates to latest Tor releases, and working to stay up to 
 date with all changes in Android and mobile threats.

Project Ideas: 
 <a href="#orbotVPN">Orbot Android VPN</a> 
 <a href="#orfox">Orfox - Firefox/Gecko-based Android Browser for Tor</a>

<a id="project-tails"></a>
 <h3><a href="https://tails.boum.org/">The Amnesic Incognito Live System</a> (<a
 href="https://git-tails.immerda.ch/tails/">code</a>, <a
 href="https://labs.riseup.net/code/projects/tails">bug
 tracker</a>)</h3>

The Amnesic Incognito Live System is a live CD/USB distribution
 preconfigured so that everything is safely routed through Tor and leaves no
 trace on the local system. This is a merger of the Amnesia and <a
 href="http://www.anonymityanywhere.com/incognito/">Incognito</a> projects,
 and still under very active development.

<a id="project-torramdisk"></a>
 <h3><a href="http://opensource.dyc.edu/tor-ramdisk">Tor-ramdisk</a> (<a
 href="https://gitweb.torproject.org/tor-ramdisk.git">code</a>, <a
 href="http://opensource.dyc.edu/tor-ramdisk-documentation">documentation</a>)</h3>

Tor-ramdisk is a uClibc-based micro Linux distribution whose sole
 purpose is to securely host a Tor server purely in RAM.

<a id="project-torouter"></a>
 <h3><a
 href="<wiki>doc/Torouter">Torouter</a> (<a
 href="https://gitweb.torproject.org/torouter.git">code</a>, <a
 href="https://trac.torproject.org/projects/tor/query?status=accepted&status=assigned&status=needs_review&status=new&status=reopened&component=Torouter&order=priority">bug
 tracker</a>)</h3>

Project to provide an easy-to-use, embedded Tor instance for routers. This
 had high activity in late 2010, but has since been rather quiet.

<a id="project-torsocks"></a>
 <h3>Torsocks (<a
 href="https://gitweb.torproject.org/torsocks.git">code</a>, <a
 href="https://trac.torproject.org/projects/tor/query?status=accepted&status=assigned&status=needs_review&status=new&status=reopened&component=Torify&order=priority">bug
 tracker</a>)</h3>

Utility for adapting other applications to work with Tor. Development has
 slowed and compatibility issues remain with some platforms, but it's
 otherwise feature complete.

<a id="project-torbirdy"></a>
 <h3>TorBirdy (<a
 href="https://github.com/ioerror/torbirdy">code</a>, <a
 href="https://trac.torproject.org/projects/tor/wiki/torbirdy/dev">bug
 tracker</a>)</h3>

TorBirdy is Torbutton for Thunderbird and related Mozilla mail clients.

Project Ideas: 
 <a href="#makeTorbirdyBetter">Make TorBirdy Better</a>

<a id="project-obfsproxy"></a>
 <h3><a href="<page projects/obfsproxy>">Obfsproxy</a> (<a
 href="https://gitweb.torproject.org/pluggable-transports/obfsproxy.git">code</a>,
 <a href="https://trac.torproject.org/projects/tor/query?status=accepted&status=assigned&status=needs_review&status=new&status=reopened&component=Pluggable+transport&order=priority">bug
 tracker</a>)</h3>

A proxy that shapes Tor traffic, making it harder for censors to detect and
 block Tor. This has both a C and python implementation.

Project Ideas: 
 <a href="https://trac.torproject.org/projects/tor/wiki/doc/PluggableTransports#Helpneeded">Various coding tasks</a> 
 <a href="#betterPluggableTransports">Build Better Pluggable Transports</a>

<a id="project-flash-proxy"></a>
 <h3><a href="https://crypto.stanford.edu/flashproxy/">Flash Proxy</a> (<a
 href="https://gitweb.torproject.org/flashproxy.git">code</a>, <a
 href="https://trac.torproject.org/projects/tor/query?status=accepted&status=assigned&status=needs_information&status=needs_review&status=needs_revision&status=new&status=reopened&component=Flashproxy">bug
 tracker</a>)</h3>

Pluggable transport using proxies running in web browsers to defeat
 address-based blocking.

<a id="project-shadow"></a>
 <h3><a href="https://shadow.cs.umn.edu/">Shadow</a> (<a
 href="https://github.com/shadow">code</a>, <a
 href="https://github.com/shadow/shadow/issues">bug
 tracker</a>)</h3>

Shadow is a discrete-event network simulator that runs the real
 Tor software as a plug-in. Shadow is open-source software that enables
 accurate, efficient, controlled, and repeatable Tor experimentation.
 For another simulator, see <a
 href="http://crysp.uwaterloo.ca/software/exptor/">ExperimenTor</a>.

<a id="project-stem"></a>
 <h3><a href="https://stem.torproject.org/">Stem</a> (<a
 href="https://gitweb.torproject.org/stem.git">code</a>, <a
 href="https://trac.torproject.org/projects/tor/wiki/doc/stem/bugs">bug
 tracker</a>)</h3>

Python controller library for scripts and controller applications using
 Tor.

Project Ideas: 
 <a href="#txtorcon-stemIntegration">Txtorcon/Stem Integration</a> 
 <a href="#relayWebPanel">Relay Web Status Panel</a>

<a id="project-txtorcon"></a>
 <h3><a href="https://txtorcon.readthedocs.org">Txtorcon</a> (<a
 href="https://github.com/meejah/txtorcon">code</a>, <a
 href="https://github.com/meejah/txtorcon/issues">bug tracker</a>)</h3>

Twisted-based asynchronous Tor control protocol implementation. Includes
 unit-tests, examples, state-tracking code and configuration abstraction.
 Used by OONI and APAF.

Project Ideas: 
 <a href="#txtorcon-stemIntegration">Txtorcon/Stem Integration</a>

<a id="project-tlsdate"></a>
 <h3>Tlsdate (<a href="https://github.com/ioerror/tlsdate">code</a>)</h3>

tlsdate: secure parasitic rdate replacement

tlsdate sets the local clock by securely connecting with TLS to remote
 servers and extracting the remote time out of the secure handshake. Unlike
 ntpdate, tlsdate uses TCP, for instance connecting to a remote HTTPS or TLS
 enabled service, and provides some protection against adversaries that try
 to feed you malicious time information.

<a id="project-metrics"></a>
 <h3><a href="https://metrics.torproject.org/">Metrics</a> (code: <a
 href="https://gitweb.torproject.org/metrics-db.git">db</a>, <a
 href="https://gitweb.torproject.org/metrics-utils.git">utils</a>, <a
 href="https://gitweb.torproject.org/metrics-web.git">web</a>)</h3>

Processing and analytics of consensus data, provided to users via the
 metrics portal. This has been under active development for several years by
 Karsten Loesing. See also <a
 href="https://gitweb.torproject.org/torperf.git">TorPerf</a>.

<a id="project-atlas"></a>
 <h3><a href="https://atlas.torproject.org/">Atlas</a> (<a
 href="https://gitweb.torproject.org/atlas.git">code</a>)</h3>

Atlas is a web application to discover Tor relays and bridges. It provides
 useful information on how relays are configured along with graphics about
 their past usage.

This is the spiritual successor to <a
 href="https://gitweb.torproject.org/torstatus.git">TorStatus</a>, the <a
 href="https://svn.torproject.org/svn/torstatus/trunk/">original
 codebase</a> for which was written in PHP, and rewritten by students from
 Wesleyan as Django.

<a id="project-globe"></a>
 <h3><a href="http://globe.rndm.de/">Globe</a> (<a
 href="https://github.com/makepanic/globe">code</a>, <a
 href="https://github.com/makepanic/globe/issues">bug tracker</a>)</h3>

Globe is a web application that allows you to search for Tor relays and
 bridges. It gives you a detailed overview of properties and configurations
 of a relay or bridge.

<a id="project-compass"></a>
 <h3><a href="https://compass.torproject.org/">Compass</a> (<a
 href="https://gitweb.torproject.org/compass.git">code</a>, <a
 href="https://trac.torproject.org/projects/tor/query?status=accepted&status=assigned&status=needs_review&status=new&status=reopened&component=Compass&order=priority">bug
 tracker</a>)</h3>

Compass is a web and command line application that filters and
 aggregates the Tor relays based on various attributes.

<a id="project-onionoo"></a>
 <h3><a href="https://onionoo.torproject.org/">Onionoo</a> (<a
 href="https://gitweb.torproject.org/onionoo.git">code</a>,
 <a href="https://trac.torproject.org/projects/tor/query?status=accepted&status=assigned&status=needs_review&status=new&status=reopened&component=Onionoo&order=priority">bug tracker</a>)</h3>

Onionoo is a JSON based protocol to learn information about currently
 running Tor relays and bridges.

<a id="project-doctor"></a>
 <h3>DocTor (<a
 href="https://gitweb.torproject.org/doctor.git">code</a>, <a
 href="https://trac.torproject.org/projects/tor/query?status=accepted&status=assigned&status=needs_review&status=new&status=reopened&component=DocTor&order=priority">bug
 tracker</a>)</h3>

DocTor is a notification service that monitors newly published descriptor
 information for issues. This is primarily a service to help the tor
 directory authority operators, but it also checks for a handful of other
 issues like sybil attacks.

<a id="project-weather"></a>
 <h3><a href="https://trac.torproject.org/projects/tor/wiki/org/roadmaps/Weather">Weather</a> (<a
 href="https://gitweb.torproject.org/weather.git">code</a>, <a
 href="https://trac.torproject.org/projects/tor/query?status=accepted&status=assigned&status=needs_review&status=new&status=reopened&component=Tor+Weather&order=priority">bug
 tracker</a>)</h3>

Provides automatic notification to subscribed relay operators when their
 relay's unreachable. This underwent a rewrite by the <a
 href="http://hfoss.wesleyan.edu/">Wesleyan HFOSS team</a>, which went live
 in early 2011.

Project Ideas: 
 <a href="#rewriteWeather">Rewrite Tor Weather</a>

<a id="project-gettor"></a>
 <h3><a href="https://trac.torproject.org/projects/tor/wiki/org/roadmaps/GetTor">GetTor</a> (<a
 href="https://gitweb.torproject.org/gettor.git">code</a>, <a
 href="https://trac.torproject.org/projects/tor/query?status=accepted&status=assigned&status=needs_review&status=new&status=reopened&component=GetTor&order=priority">bug
 tracker</a>)</h3>

E-mail autoresponder providing Tor's packages over SMTP. This has been
 relatively unchanged for quite a while.

Project Ideas: 
 <a href="#revamp_gettor">Revamp GetTor</a>

<a id="project-torcheck"></a>
 <h3><a href="https://trac.torproject.org/projects/tor/wiki/org/roadmaps/TorCheck">TorCheck</a> (<a
 href="https://gitweb.torproject.org/check.git">code</a>, <a
 href="https://trac.torproject.org/projects/tor/query?status=accepted&status=assigned&status=needs_review&status=new&status=reopened&component=Tor+Check&order=priority">bug
 tracker</a>)</h3>

Site for determining if the visitor is using Tor or not.

<a id="project-bridgedb"></a>
 <h3><a href="https://trac.torproject.org/projects/tor/wiki/org/roadmaps/BridgeDB">BridgeDB</a> (<a
 href="https://gitweb.torproject.org/bridgedb.git">code</a>, <a
 href="https://trac.torproject.org/projects/tor/query?status=accepted&status=assigned&status=needs_review&status=new&status=reopened&component=BridgeDB&order=priority">bug
 tracker</a>)</h3>

Backend bridge distributor, handling the various pools they're distributed
 in. This was actively developed until Fall of 2010.

Project Ideas: 
 <a href="#newBridgedbDistributor">New BridgeDB Distributor</a>

<a id="project-ooni-probe"></a>
 <h3><a href="https://ooni.torproject.org/">Ooni Probe</a> (<a
 href="https://gitweb.torproject.org/ooni-probe.git">code</a>, <a
 href="https://trac.torproject.org/projects/tor/query?status=accepted&status=assigned&status=needs_review&status=new&status=reopened&component=Ooni&order=priority">bug
 tracker</a>)</h3>

Censorship scanner, checking your local connection for blocked or modified
 content.

Project Ideas: 
 <a href="#censorshipAnalyzer">Develop a Censorship Analyzer</a> 
 <a href="#ooniprobePcapsSupport">Add Support for Reporting Pcaps to OoniBackend and OoniProbe</a>

<a id="project-torps"></a>
 <h3>TorPS</a> (<a href="https://github.com/torps/torps">code</a>)</h3>

The Tor Path Simulator (TorPS) is a tool for efficiently simulating
 path selection in Tor. It chooses circuits and assigns user streams to
 those circuits in the same way that Tor does. TorPS is fast enough to
 perform thousands of simulations over periods of months.

<a id="project-torflow"></a>
 <h3><a href="https://trac.torproject.org/projects/tor/wiki/org/roadmaps/TorFlow">TorFlow</a> (<a
 href="https://gitweb.torproject.org/torflow.git">code</a>, <a
 href="https://trac.torproject.org/projects/tor/query?status=accepted&status=assigned&status=needs_review&status=new&status=reopened&component=Torflow&order=priority">bug
 tracker</a>)</h3>

Library and collection of services for actively monitoring the Tor network.
 These include the Bandwidth Scanners (measuring throughput of relays) and
 SoaT (scans for malicious or misconfigured exit nodes). SoaT was last
 actively developed in the Summer of 2010, and the Bandwidth Scanners a few
 months later. Both have been under active use since then, but development
 has stopped.

<a id="project-torbel"></a>
 <h3><a
 href="https://blog.torproject.org/blog/torbel-tor-bulk-exit-list-tools">TorBEL</a> (<a
 href="https://gitweb.torproject.org/torbel.git">code</a>, <a
 href="https://trac.torproject.org/projects/tor/query?status=accepted&status=assigned&status=needs_review&status=new&status=reopened&component=TorDNSEL/TorBEL&order=priority">bug
 tracker</a>)</h3>

The Tor Bulk Exitlist provides a method of identifying if IPs belong to
 exit nodes or not. This is a replacement for TorDNSEL which is a stable
 (though unmaintained) Haskell application for this purpose. The initial
 version of TorBEL was started in GSOC 2010 but since then the project has
 been inactive.

Tor2web allows Internet users to browse websites running in <a
 href="<page docs/hidden-services>">Tor hidden services</a>. It trades
 user anonymity for usability by allowing anonymous content to be
 distributed to non-anonymous users.

<a id="project-anonbib"></a>
 <h3><a
 href="http://freehaven.net/anonbib/">Anonymity Bibliography</a> (<a
 href="https://gitweb.torproject.org/anonbib.git">code</a>)</h3>

Anonbib is a list of important papers in the field of anonymity. It's
 also a set of scripts to generate the website from Latex (bibtex). If
 we're missing any important papers, please let us know!

<a id="Coding"></a>
 <a id="Summer"></a>
 <h2><a class="anchor" href="#Coding">Project Ideas</a></h2>

You may find some of these projects to be good ideas for <a href="<page
 about/gsoc>">Google Summer of Code</a> and the <a
 href="https://live.gnome.org/OutreachProgramForWomen">Outreach Program for
 Women</a>. We have labelled each idea with how much work we expect it would
 be (effort level), how much clue you should start with (skill level),
 and which of our <a href="<page about/corepeople>">core developers</a>
 would be good mentors. If one or more of these ideas looks promising to
 you, please <a href="<page about/contact>">contact us</a> to discuss your
 plans rather than sending blind applications. You may also want to propose
 your own project idea &mdash; which often results in the best applications.

<ol>

<a id="txtorcon-stemIntegration"></a>
 <li>
 Txtorcon/Stem Integration
 
 Effort Level: Medium
 
 Skill Level: Medium
 
 Likely Mentors: meejah, Damian (atagar)
 Txtorcon is a Twisted-based Python controller library, and Stem is a
 synchronous (threaded) one, also in Python. There is no need to have
 two implementations of (at least) the protocol parsing code. This
 project would entail eliminating duplication by leveraging Stem's
 parsing in txtorcon while keeping txtorcon's API the same (or at least
 close).
 Besides this you should identify some additional tasks to improve our
 controller space across these two libraries. Some ideas are...
 <ul>
 <li>Write a tutorial for <a
 href="https://stem.torproject.org/tutorials.html">stem's tutorial
 page</a> demonstrating cross txtorcon/stem usage.</li>
 <li>Expand the txtorcon API to include functionality of <a
 href="https://gitweb.torproject.org/stem.git/blob/HEAD:/stem/control.py">stem's
 controller</a> that would be of interest to twisted users. All additions
 should include tests!</li>
 <li>Come up with some ideas of your own! We'd love to discuss them with
 you.</li>
 </ul>
 This would very likely involve changes to both libraries, although
 most would be expected to be in txtorcon. meejah is available to
 mentor txtorcon changes, and Damian (atagar) can help with Stem.
 It would help if you're already familiar with event-based programming,
 bonus points if it's Twisted.
 </li>

<a id="relayWebPanel"></a>
 <li>
 Relay Web Status Dashboard
 
 Effort Level: Medium
 
 Skill Level: Medium
 
 Likely Mentors: Damian (atagar)
 
 Relay operators presently have a couple options for monitoring the status
 of their relay: <a
 href="#project-vidalia">Vidalia</a>
 which is a gui and <a href="https://www.atagar.com/arm/">arm</a> which uses
 curses. This project would be to make a new kind of monitor specifically
 for relay operators that provides a status dashboard site on localhost.
 
 
 The interface will likely <a
 href="https://www.atagar.com/arm/screenshots.php">borrow heavily from
 arm</a>, except of course in areas where we can improve upon it. Two
 important design constraints is that a localhost controller provides a
 bigger attack surface than guis or curses, so we should be a little more
 wary of what it does. This should be a read-only controller (ie, you can't
 *do* anything to the relay) and by default not surface any sensitive
 information (such as arm's connection panel). Also take a peek at <a
 href="http://www.ntop.org/products/ntop/">ntop</a> for ideas on what we can
 do with a web interface.
 
 
 This project will likely include two parts: an AJAX site and a localhost
 daemon to fulfill those requests. <a
 href="https://stem.torproject.org/">Stem</a> is the backend of arm, and can
 be used to get everything you see in arm's interface (making it a natural
 choice for the daemon). That said, this project might entail some Stem
 improvements if we run across any gaps.
 
 
 This project has the potential for numerous users, one of which is an
 interface for <a
 href="#project-torouter">Torouter</a>.
 We should check if Torouter has any special use cases or constraints we
 should take into consideration.
 
 
 Applicants should be familiar with Python, JavaScript, and learn about
 <a href="https://stem.torproject.org/">Stem</a>. As part of your
 application for this project please make both mockups of the interface and
 a proof of concept demo application using JS to surface something with
 Stem. <a
 href="https://trac.torproject.org/projects/tor/wiki/doc/stem/bugs">Involvement
 with Stem development</a> during the application process is also a big
 plus.
 
 </li>

<a id="torCleanup"></a>
 <li>
 Tor Codebase Cleanup
 
 Effort Level: Low to High, depending on subproject chosen
 
 Skill Level: Medium to High
 
 Likely Mentors: Nick (nickm)
 
 The Tor code is almost 10 years old in places, and we haven't always had
 enough time or wisdom to write things as well as we could have. Our unit
 test coverage is shamefully low, and the dependency graph of our modules is
 shamefully convoluted . We could use refactoring and unit tests! Please
 look through the Tor source code and look for ugly or tricky code or
 dependencies -- the uglier and trickier the better -- and think about how
 you could make the code look better, read better, and (subject to testing)
 work better.

If this is for a fun side-project, it would be great for you to work on
 anything that can be made better and more tested. For an internship-level
 position, we'd hope that you could find a number of particularly tricky or
 knotty piece of the code to clean up, and aim for resolving the ugliest
 problems, not necessarily the easiest.

For a big project here, it would be great to pick one of the major
 "submodules" of Tor -- path selection, node discovery, directory authority
 operations, directory service -- and refactor its interface completely, to
 minify and codify its points of contact with the rest of Tor.

As part of your application for this project please identify one of the
 thorniest Tor functions and submit a patch refactoring it to be better. If
 you find this to be difficult then this likely isn't the project for
 you.
 
 </li>

<a id="betterPluggableTransports"></a>
 <li>
 Build Better Pluggable Transports
 
 Effort Level: Medium to High
 
 Skill Level: Medium
 
 Likely Mentors: Steven (sjmurdoch), Ximin (infinity0), George (asn)
 
 For Tor users in censored countries, we have a <a
 href="<page docs/pluggable-transports>">
 pluggable transports</a> framework that uses external programs to bypass
 censorship in different ways. Each of these have their own strengths and
 weaknesses.

We have deployed <a
 href="<page projects/obfsproxy>">obfsproxy</a>
 and <a href="http://crypto.stanford.edu/flashproxy/">flashproxy</a> bridges
 for a while, accessible using separately-installed pluggable transport
 clients. Recently, we added this client support to the main Tor Browser
 Bundle, and are adding more transports such as scramblesuit and fteproxy.

There are several possible directions for this project. Ideas include:
 <ol>
 <li>Address gaps or weaknesses in our existing pluggable transports
 <ul>
 <li>Flashproxy: Add WebRTC support to traverse NATs.</li>
 <li>Flashproxy: Improve the facilitator's resistance against DoS
 and poisoning attacks.</li>
 </ul>
 </li>
 <li>Build our pluggable transport combiner, that chains several
 transports together to take advantage of orthogonal types of blocking
 resistance.</li>
 <li>Improve the UX for selecting the appropriate pluggable transport in
 the new Tor Browser Bundle, whilst maintaining user security.</li>
 <li>Implement a new pluggable transport that resists blocking in a
 novel way.
 <ul>
 <li>Impersonate a voice-over-IP protocol</li>
 <li>Impersonate HTTP <a
 href="http://www.cs.utexas.edu/~amir/papers/parrot.pdf">sufficiently
 well</a> that traffic will go through a HTTP-only proxy</li>
 <li>Implement <a
 href="http://cacr.uwaterloo.ca/techreports/2011/cacr2011-21.pdf">scanning
 resistance</a></li>
 </ul>
 </li>
 </ol>

Applicants should be familiar with asynchronous/reactive programming, in
 particular the <a href="https://twistedmatrix.com/">Twisted framework</a>
 or something related. Most of the existing code is written in Python, with
 some parts in JavaScript and Go, so you should know at least one of these.
 You are invited to talk to us and ask questions, via our mailing lists
 or IRC. As part of your application, please contribute a patch that
 implements a small feature or fixes a bug related to this area, e.g. <a
 href="https://trac.torproject.org/projects/tor/query?status=!closed&component=Pluggable+transport">1</a>,
 <a href="https://trac.torproject.org/projects/tor/query?status=!closed&component=Obfsproxy">2</a>,
 <a href="https://trac.torproject.org/projects/tor/query?status=!closed&component=Flashproxy">3</a>.

<a id="hsSearchEngine"></a>
 <li>
 Search Engine for Hidden Services
 
 Effort Level: Medium
 
 Skill Level: Medium
 
 Likely Mentors: George (asn)
 
 This project involves researching and developing a search engine for
 Hidden Services.

The student is expected to develop a search engine that can index
 hidden services and reply to search queries. The student should also
 develop a crawler that can search both "clear web" and hidden service
 websites to find more addresses. The student is expected to use and
 improve already existing search engine frameworks (e.g. YaCy), and not
 reinvent the wheel when it's possible.

The student should have a decent understanding of how search engines
 work, what algorithms they use, and of any related open source tools
 that are currently available.

<a id="profileUDPTransport"></a>
 <li>
 Profile UDP transport protocols
 
 Effort Level: Medium to High
 
 Skill Level: High
 
 Likely Mentors: Steven (sjmurdoch)
 
 There are <a
 href="https://research.torproject.org/techreports/datagram-comparison-2011-11-07.pdf">lots
 of options</a> as to how Tor could send its data over UDP rather than TCP,
 and some will likely perform significantly better than others. This project
 will evaluate these options, so as to decide which should be used in future
 versions of Tor. A first step will be to benchmark the various transport
 protocols being considered, in terms of performance and also code quality,
 including userspace TCP, <a
 href="https://github.com/bittorrent/libutp">&mu;TP</a>, <a
 href="http://en.wikipedia.org/wiki/Stream_Control_Transmission_Protocol">SCTP</a>
 and <a href="http://curvecp.org/">CurveCP</a>. Initially these transport
 protocols will be examined in isolation, but if the project progresses well
 one or more could be integrated in Tor.
 
 </li>

<a id="httpsEverywhereRulesetTesting"></a>
 <li>
 Incorporate Ruleset Testing into the HTTPS Everywhere release process
 
 Effort Level: Medium
 
 Skill Level: Medium
 
 Likely Mentors: Peter Eckersley (pde), Micah Lee
 
Ondrej Mikle has implemented a codebase for testing HTTPS Everywhere rulesets
by crawling pages that are affected by the ruleset (<a href="https://github.com/hiviah/https-everywhere-checker">repository</a>).

This codebase still has some rough edges that need to be smoothed over, but
once those are done it should be incorporated into the HTTPS Everywhere build
process, in order to improve the quality of our releases.
 
 </li>

<a id="censorshipAnalyzer"></a>
 <li>
 Develop a Censorship Analyzer
 
 Effort Level: Medium
 
 Skill Level: Medium to High (depends on the implemented tests)
 
 Likely Mentors: Philipp (phw)
 
Tor is documented to be blocked in <a
href="https://censorshipwiki.torproject.org">several countries</a>. Analyzing
these censorship incidents can be a tedious task; especially without access to
machines inside the censoring networks. To make analysis easier, it would be
great to have a lightweight analysis tool which can be run by censored users.
This tool would conduct a number of networking tests and figure out if and how
Tor could be blocked. The tool's final report should then somehow make it back
to the Tor project.

The theory behind this tool is already <a
href="http://www.cs.kau.se/philwint/pdf/foci2013.pdf">documented
in a research paper</a>. What we now need is code! Implementing it would first
mean getting familiar with <a href="https://ooni.torproject.org">OONI</a> and
<a href="http://twistedmatrix.com/trac/">Twisted</a>. After that, the tool
should be implemented as a number of OONI-specific networking tests.
 
 </li>

<a id="makeTorbirdyBetter"></a>
 <li>
 Make TorBirdy Better
 
 Effort Level: High
 
 Skill Level: Medium
 
 Likely Mentors: Sukhbir Singh (sukhe), Jacob Appelbaum (ioerror)
 
TorBirdy is an extension that configures Thunderbird to make connections over
the Tor anonymity network. TorBirdy has been under development for quite a
while but there are two known leaks that prevent it from being used by a wider
audience. As part of this project, you will be working on plugging the known
leaks and implementing a HTTP proxy.

Part 1: There are two patches pending with Mozilla that will plug the two known
leaks in Thunderbird where the local time is disclosed through the date and the
message-ID header. As part of your project, you will work on getting these
patches finished/reimplemented and getting them merged with Mozilla. Please
look at tickets <a
href="https://trac.torproject.org/projects/tor/ticket/6314">#6314</a> and <a
href="https://trac.torproject.org/projects/tor/ticket/6315">#6315</a> for more
information.

Part 2: TorBirdy needs a HTTP proxy or a HTTP -&gt; SOCKS5 shim. Please look at
ticket <a href="https://trac.torproject.org/projects/tor/ticket/6958">#6958</a>
for more information. Note: this has to be done using JavaScript and not using
an external proxy.

If time permits and you are awesome enough to finish the above two tasks, you
will be working on the remaining TorBirdy tickets.

Applicants should be familiar with C++ and JavaScript. As part of your
application for this project, please submit code samples for previous C++ and
JavaScript projects that you have developed or point us to projects you have
been involved with (links to a public Git/GitHub repository preferred). Prior
extension development is a big plus and will be given preference during
application ranking.

You may contact the mentors on IRC for more information. (sukhe on #tor-dev, #tor on irc.oftc.net)
 
 </li>

<a id="ooniprobePcapsSupport"></a>
 <li>
 Add Support for Reporting Pcaps to OoniBackend and OoniProbe
 
 Effort Level: Medium
 
 Skill Level: Medium
 
 Likely Mentors: Arturo (hellais), Aaron (aagbsn)
 
The feature should also add support for including only packet capture data that
is relevant to the test being run. This means that the pcap should not contain
all the data sniffed on the users machine, but only that which was generated
and intended to be received by ooniprobe.

This can probably be implemented by setting up a tun/tap device and routing all
the ooniprobe traffic through it and only capturing data sent and received from
that device. The task for the student will also be that of doing research into
what are possible strategies for doing this. <a
href="https://trac.torproject.org/projects/tor/ticket/7416">For more
information see ticket 7416.</a>
 
 </li>

<a id="orbotVPN"></a>
 <li>
 Orbot Android VPN
 
 Effort Level: Medium
 
 Skill Level: High
 
 Likely Mentors: Nathan (n8fr8)
 
Android offers the ability for any application to establish a
VPNService through which all traffic on the device is sent. We want to
implement this type of service in order to route all traffic through
the Tor network. This is a feature that will be implemented directly
into Orbot: Tor for Android if successfully implemented.

The deliverables for the project will be a working Android VPN
implementation that routes traffic through Tor, and integration of VPN
code into the Orbot app. There must also be time made for reporting on
the project through blog posts, network auditing of tracking to ensure
leakage is not occurring.

Useful links and documentation to study:

<ul>
 <li><a href="https://gitweb.torproject.org/orbot.git">Orbot</a></li>
 <li><a href="http://developer.android.com/reference/android/net/VpnService.html">Android VPNService API</a></li>
 <li><a href="https://github.com/guardianproject/OrbotVPN">Existing work on Orbot VPN</a></li>
 </ul>

Applicant should have the ability to build Orbot application from
source using Android SDK and NDK tools. A solid understanding of IP
routing, iptables, netfilter and VPN protocols would also be very
helpful. The ability to use Wireshark or other network monitoring
software to test and verify solution is something that can be taught,
but if you already know how, bonus! Finally, understanding how the
exiting Tor software can be used with various transparent proxying
configurations is a good first step to understanding this problem.
 
 </li>

<a id="orfox"></a>
 <li>
 Orfox - Firefox/Gecko-based Android Browser for Tor
 
 Effort Level: High
 
 Skill Level: Medium
 
 Likely Mentors: Nathan (n8fr8)
 
With almost 1 million downloads, our Orweb browser has been a popular
solution for easily accessing the web via Tor or any other HTTP or
SOCKS proxy, while also ensuring local data caches are cleared and
cookies are properly managed. Orweb is based on WebView, which has its
limitations unfortunately. We would like to move to a
Firefox/Fennec/GeckoView based browser, and have created a prototype
for it. Mozilla has begun releasing GeckoView as a standalone
component, as well, but it needs more testing, debugging and work on
integration into our streamlined browser app model. Our end goal is to
have a mobile browser that matches Tor Browser in terms of privacy
enhancing features and security.

The deliverables for the project are expected to be the creation of a
alpha quality release of Orfox, a GeckoView-based browser with feature
parity of Orweb browser. A bonus goal is to implement additional
features and capabilities based on Tor Browser patches for
Fennec/Mozilla core. Finally, as always, a required activity is a
network audit testing of implemented solution with write-ups, reports
posted publicly.

Useful links to review:

<ul>
 <li><a href="https://github.com/guardianproject/orfox">Orfox (gecko prototype)</a></li>
 <li><a href="https://github.com/guardianproject/orweb">Orweb (production browser on WebView)</a></li>
 <li><a href="http://starkravingfinkle.org/blog/2013/10/geckoview-embedding-gecko-in-your-android-application/">GeckoView info</a></li>
 <li><a href="<page projects/torbrowser>">Tor Browser (desktop)</a></li>
 </ul>

Applicant should have the ability to build Fennec and GeckoView
libraries from source using Android SDK and NDK. Some experince with
browser security models and threats would be a useful background to
have. Ability to do network audits to ensure browser proxying is not
leaking DNS, media streams or other network traffic, as well as tests
against common browser de-anonymizing attacks are necessary.
 
 </li>

<a id="improveTorTestCoverage"></a>
 <li>
 Improve test coverage in Tor
 
 Effort Level: Medium
 
 Skill Level: Medium
 
 Likely Mentors: Nick (nickm)
 
Right now, our unit test coverage with the tests we ship is around 30%
-- only 30% of the executable lines in our source are reached by the
unit tests. Improving this test coverage could make Tor development
much more reliable.

So we need better unit tests, and we need better integration tests too.

Improving unit tests would would involve refactoring functions to be more
testable, and writing a bunch of unit tests.

Improving integratino tests would involve refactoring and improving
the "chutney" program that launches a test tor network, and writing a
bunch of tests to see what works and what doesn't work on such a
network. It could also involve writing tests using the library "<a
href="https://stem.torproject.org/">stem</a>" to script individual clients on a
Chutney network.

To get a feel for how testing works in Tor today, download Tor and
Chutney, and make sure you can build Tor and use Chutney. See how the
unit tests work by skimming some of the test code in the src/test
subdirectory. Try computing test coverage (according to the
instructions in the doc/HACKING file.

Also, have a look at the one current integration test that works on
chutney today: it is a shell script distributed with Tor as
src/test/test-tor-network.sh . We probably don't want to have all of
our integration tests be written as shell scripts, but it's interesting
to see how one works.

If working on designs for an improved or refactored Chutney, watch out for <a
href="http://www.joelonsoftware.com/articles/fog0000000018.html">"archicture
astronautics"</a>: while it's important that we have a well-designed and
maintainable Chutney architecture, it wouldn't be very useful if a good
architecture were the only outcome here: we need tests too.

As part of the application process, please contribute a patch that makes
a non-trivial improvement to chutney, and/or include a new test for some
interesting Tor function. (Please pick a function that isn't completely
easy to test.)
 
 </li>

<a id="useMoreCores"></a>
 <li>
 Have the Tor daemon use more cores
 
 Effort Level: Medium
 
 Skill Level: Medium
 
 Likely Mentors: Nick (nickm)
 
Right now, if you run a busy Tor server on a multicore computer, most of
the cores are mostly unused. We have a "cpuworker" mechanism to move
expensive computations into worker threads, but that mechanism is
currently only used for a small fraction of our cryptography. Moving
more work into the worker threads could improve performance immensely.

So it would be great to parallelize our cryptography more in order to
better handle more cores. See
<a href="https://trac.torproject.org/projects/tor/wiki/org/projects/Tor/MultithreadedCrypto">MultithreadedCrypto</a>
for some background info, and
<a href="https://trac.torproject.org/projects/tor/ticket/7572">ticket 7572</a> for some subtickets
on our tracker.

(If you're reading through the code to see how it works today, you will
also want to have a look at the new implementation for cpuworkers
described in <a href="https://trac.torproject.org/projects/tor/ticket/9682">9682</a>.)

Completing the implementation of ticket #7572 --which would move our
circuit crypto onto separate threads-- could be a good summer project.
Alternatively, moving all of the signature generation and verification
code onto the cpuworkers could be fun. In either case, you will have
some important architectural decisions to make about how to minimize
shared data between the main thread and the workers, how to avoid
race conditions between them, and how to test it all to make sure it has
no hidden failure cases.

<a id="improveHiddenServices"></a>
 <li>
 Help improve Tor hidden services
 
 Effort Level: Medium
 
 Skill Level: Medium
 
 Likely Mentors: Nick (nickm)
 
We're working on a revamp of the entire Tor hidden service design to
improve the security and reliability of the hidden service system.

This is a big project: see
<a href="https://gitweb.torproject.org/torspec.git/blob_plain/refs/heads/master:/proposals/224-rend-spec-ng.txt">proposal
224</a> for the latest design. Are you interested in implementing some
part of that?

This is a very ambitious project, so we're deliberately not suggesting
particular sub-topics. If you're interested in participating, try to
read and understand the <a
href="https://gitweb.torproject.org/torspec.git/blob_plain/refs/heads/master:/rend-spec.txt">existing
design</a> and the design proposal for the new design, and then talk to
us about what part you want to work on.

<a id="consensusDiffs"></a>
 <li>
 Implement consensus diffs
 
 Effort Level: Medium
 
 Skill Level: Medium
 
 Likely Mentors: Nick (nickm)
 
Right now, every few hours, a Tor client downloads a new signed "consensus
document" that describes the state of the network. Even though these
documents are compressed, thisstill takes almost half a megabyte.

<a
href="https://gitweb.torproject.org/torspec.git/blob_plain/refs/heads/master:/proposals/140-consensus-diffs.txt">Proposal
140</a> describes a design to save a lot of bandwidth by transferring
compressed <a href="http://en.wikipedia.org/wiki/Diff">diff</a>s instead
of transferring the entire consensus document.

That's an attractive idea, but it presents some programming challenges.
We probably don't want to ship a 'diff' and 'patch' along with Tor. Is
there a free, safe, robust implementation of one of the
good diff algorithms that we can use?

Alternatively, can we take advantage of regularities in the descriptor
format in order to generate diffs more simply?

As part of the application process for this project, please contribute a
nontrivial patch to Tor -- ideally, one that will affect some part of
the codebase that you want to work on. Make sure that your application
describes which implementations of the diff and patch algorithms you
intend to use, and that your coding samples show strong evidence that
you can do secure string manipulation in C.
 
 </li>

<a id="improvedDnsSupport"></a>
 <li>
 Improved DNS support for Tor
 
 Effort Level: Medium
 
 Skill Level: Medium
 
 Likely Mentors: Nick (nickm)
 
Right now, you can only use Tor's DNS support to look up IPv4 and IPv6
addresses, and to fetch PTR records. But DNS can do so much more!

<a
href="https://gitweb.torproject.org/torspec.git/blob_plain/refs/heads/master:/proposals/219-expanded-dns.txt">Proposal
219</a> describes some new cell types that Tor could use to support
more types of DNS over Tor.

To see how Tor implements its existing DNS lookups, start by tracing the
the connection_exit_begin_resolve() function in src/or/connection_edge.c ,
and see how we pass these requests downwards through src/or/dns.c to the
underlying resolver. It's not too complicated, but there are some
tricky parts to understand.

<a id="torSandboxing"></a>
 <li>
 Help improve Tor sandboxing
 
 Effort Level: Medium
 
 Skill Level: Medium
 
 Likely Mentors: Nick (nickm)
 
The seccomp2 mechanism on Linux lets programs improve their robustness
against unforseen bugs by running with restrictions on which system
calls they can invoke and how they can call them. This can help
security a lot.

Thanks to a GSOC student from last year, we now have seccomp2 support on
Linux, which we use to restrict the capabilities of the entire Tor
process. (For implementation details, see src/commmon/sandbox.c in the
Tor source.)

But since the restrictions are done over the whole process, all pieces
of the Tor code have permission to do things that only small parts of
the Tor program need to do. Also, since we use seccomp2, these
restrictions only work on Linux.

It would be great to instead divide the main Tor program into multiple
processes with a robust IPC mechanism and assign each process its own
minimal set of privileges; and to have this work (as best we can) on
systems that don't have seccomp2 (eg Windows, Mac).

Either of these could be a whole GSOC project.

To get started, make sure you understand the existing sandboxing code.
If you're interested in splitting Tor into multiple processes, think
about the architecture, and think about how we could reach this
architecture without completely rewriting the codebase. (Remember that
even if you're focusing on Linux, Tor still needs to work on other
operating systems.)

If you're interested in supporting more platforms, make sure you
understand and can explain what sandboxing mechansisms you want to use,
and what they're capable of. (You might want to investigate the way
that other open-source programs, like the Chrome web browser, do their
sandboxing on different platforms.)

<a id="panopticlick"></a>
 <li>
 Panopticlick
 
 Effort Level: Medium
 
 Skill Level: Medium
 
 Likely Mentors: Georg (GeKo), Mike Perry, Nicolas Vigier

The <a href="https://panopticlick.eff.org">Panopticlick project by the EFF</a>
revolutionized how people think about <a
href="https://panopticlick.eff.org/browser-uniqueness.pdf">browser
fingerprinting</a>, both by developing tests and metrics to measure browser
fingerprintability, and by crowdsourcing the evaluation and contribution of
individual browser features to overall fingerprintability.

Unfortunately, the way Panopticlick is designed <a
href="https://blog.torproject.org/blog/effs-panopticlick-and-torbutton">makes
it difficult</a> to evaluate defenses to browser fingerprinting, especially
for browsers with a relatively small userbase such as Tor Browser. This is
because any approach we take to reduce fingerprinting automatically makes our
users more distinct from the previous users who submitted their fingerprint
data to the EFF. Indeed, it is also impossible to ever expect that users of
one browser will ever be able to blend in with users of another browser
(Chrome users will always be distinguishable from Firefox users for example,
based on feature set alone).

To address this, we would like to have <a
href="https://trac.torproject.org/projects/tor/ticket/6119">our own
fingerprint test suite</a> to evaluate the fingerprintability of each browser
feature for users running a specific Tor Browser version. There are also <a
href="https://trac.torproject.org/projects/tor/query?keywords=~tbb-fingerprinting">additional
fingerprinting tests</a> we can add beyond those deployed by Panopticlick.

For this project, the student would develop a website that users can
voluntarily visit to test and record their Tor Browser fingerprint.  The user
should get feedback on how she performed and the test results should be
available in a machine readable format (e.g. JSON), broken down by Tor Browser
version.  In a second step one could think about adding more sophisticated
tests or supporting other browser vendors that might want to test the
uniformity amongst their userbase as well. Of course, results from each
browser would also need to be broken down by both browser implementation and
version, so that results would only reflect the population of that specific
implementation.

</li>

<a id="revamp_gettor"></a>
 <li>
 Revamp GetTor
 
 Effort Level: High
 
 Skill Level: Medium
 
 Likely Mentors: Sukhbir Singh (sukhe), Nima Fatemi (mrphs)
 
GetTor is a program that serves Tor bundles and related components over SMTP.
Users request the Tor Browser Bundle by sending an email to GetTor, which sends
back the bundle as email attachments. In countries where the Tor Project
website is blocked, GetTor is a convenient way for users to get access to the
bundles.

GetTor has been unmaintained for a while and needs a revamp. The main issue is
that because the Tor Browser Bundle size exceeds 25 MB, sending it through
GetTor no longer works as most email providers don't support attachments
exceeding 25 MB. To alleviate this issue, bundles are now uploaded on
cloud-based services such as Google Drive and Dropbox and links are sent
out in the email body instead of attachments. This current setup is far from
complete -- GetTor needs a lot of work to get it to a point where it can do
smart things again and do them in the right way.

As part of this project, you should:

<ul>
 <li>Have some understanding of what GetTor does in general and the current state of its operation.</li>
 <li>Come up with ideas on how to make it better.</li>
 <li>Convince us if you would like to fix the existing code or want to rewrite GetTor from scratch.</li>
 </ul>

In addition to the above points, applications should be familiar with Python.
As part of the application process, study the <a
href="https://gitweb.torproject.org/gettor.git">GetTor code</a> and submit a
patch for returning the SHA1 checksum of the package instead of the text in
sendSorrySize() in response.py. (since you cannot test the patch, as long as it
is clear that you had some idea of what you were doing, it should be fine)

Note: Please do not submit an application without talking to the mentors: #sukhe and #mrphs on IRC. IRC is preferred but if for any reason you don't want/can't use it, please email the mentors.
 
 </li>

<a id="rewriteWeather"></a>
 <li>
 Rewrite Tor Weather
 
 Effort Level: Medium
 
 Skill Level: Medium
 
 Likely Mentors: Karsten (karsten)
 
<a href="https://weather.torproject.org/">Tor Weather</a> provides an
email notification service to any users who want to monitor the status
of a Tor node. Its favorite feature is to notify relay operators when
their relay has earned them a Tor t-shirt. Tor Weather is written in
Python/Django.

The Tor Weather codebase is pretty much unmaintained these days. The
first part of this project would be to simplify the code by fetching Tor
network status data from <a
href="https://onionoo.torproject.org/">Onionoo</a> rather than running a
local tor client and keeping an own relay history database. See the
related <a
href="https://trac.torproject.org/projects/tor/wiki/doc/weather-in-2014">community
effort to rewrite Weather</a> that started in January 2014. After that,
there's a <a
href="https://trac.torproject.org/projects/tor/query?status=!closed&component=Tor+Weather">long
list of open tickets</a> to be resolved.

Ideally, the student would become the new Weather maintainer after the
summer. If that doesn't work out, the codebase should have become a lot
smaller by end of summer, so that it becomes easier to find somebody
else as new maintainer.
 
 </li>

<a id="improveStegotorus"></a>
 <li>
 Improve Stegotorus
 
 Effort Level: Medium
 
 Skill Level: Medium
 
 Likely Mentors: vmon
 
Stegotorus is a fork of obfsproxy which helps developers to write more intelligent pluggable transports which can hide easier from deep packet inspector (DPI) system.

For example, Stegotorus is equipped with a "chopper module" which takes care of following aspects:

<ol>
 <li>It randomize the packet size so it is harder for the DPI system to detect the traffic base on the distribution of the packet size.</li>
 <li>It makes sure that it only handle as much (or as less) information as the transport module can handle.</li>
 <li>Chopper is equipped with it is own acknowledge/retransmit protocol. If the censor trying to disturb the connection by dropping or disturbing some of packets, it can recover the data by sending them many times.</li>
 </ol>

More importantly, Stegotorus is coming with its own HTTP transport module which obfuscates Tor or any other encrypted traffic in HTTP content such as Javascript code or images. HTTP transport module is also written in a way which new module developers can easily add new obfuscation modules for new contents or improve current obfuscation algorithms without the need of dealing with networking aspect of the problem.

Stegotorus is written in C++. you can find the latest code <a href="https://github.com/zackw/stegotorus/tree/tor-improve">here</a>.

In this regard, Stegotorus is offering one of the most complete and sophisticated platforms for writing stealthy pluggable transports.

If you know C++ and interested in Stegotorus and excited about battling censorship, there are many ways that you can contribute to Stegotorus. Here are few important tasks. Your proposal might contain a good number of them:

<ol>
 <li>Currently Stegotorus handshake is encrypted using the symmetric secret key of the Stegotorus bridge. However, we would like to implement a totally random handshake and considering that some transports suffer badly from "bandwidth shortage", our best choice currently is to implement <a href="http://elligator.cr.yp.to/">this algorithm</a>.</li>
 <li>Stegotorus defense against active probing is to authenticate the header of the received packet. If the authentication fails Stegotorus turns into a transparent proxy. The capability of Stegotorus as a transparent proxy needs improvement and further testing.</li>
 <li>Stegotorus has a new framework for writing Steg module. However some of the Steg modules (PDF, SWF and JS) are written in the old framework, we need to refactor their code in the new framework.</li>
 <li>As writting new Steg modules in python is easier and safer, it is desirable to write an Steg module interface for Stegotorus which can accept and interact with Steg modules written in python/cython.</li>
 <li>To make detection of anomalies in the traffic harder, Stegotorus hands a noise-to-signal ratio to each Steg modules. Steg modules' algorithms need to use more intelligent way of embedding to use this ratio.</li>
 <li>Stegotorus has several parameters to tweak its behavior. Currently all these parameters are given in command line. We would like to have a config file to store these parameters as an alternative method.</li>
 <li>The general security of the code needs to be reviewed and audited for buffer overflow, memory leak etc.</li>
 <li>Steg modules for new file format for the HTTP transport are always welcome to reflect the actual traffic of the Internet.</li>
 <li>Packaging Stegotorus for windows.</li>
 <li>There is a parallel efforts to improve Stegotorus at SRI. We would like to merge the useful feature developed by SRI in our branch of Stegotorus.</li>
 <li>Stegotorus needs to support SOCKS protocol to be able to receive the initial parameters from Tor through SOCKS handshake.</li>
 </ol>

You can find a list of open issues concerning Stegotorus <a href="https://trac.torproject.org/projects/tor/query?status=accepted&status=assigned&status=needs_information&status=needs_review&status=needs_revision&status=new&status=reopened&component=Stegotorus&order=priority">here</a>.

You also can think of lots of other awesome creative ways of improving Stegotorus and include those in your proposal.
 
 </li>

<a id="newBridgedbDistributor"></a>
 <li>
 New BridgeDB Distributor
 
 Effort Level: Medium
 
 Skill Level: Medium to High
 
 Likely Mentors: isis, sysrqb
 
BridgeDB is a Twisted Python system which runs a number of servers, in order
to distribute Tor bridge relays to users in potentially censored regions. Each
of BridgeDB's Distributors uses some unique channel to communicate bridge
addresses to users, currently there is an <a href="https://bridges.torproject.org">
HTTPS Distributor</a>, and an Email Distributor. This project would involve
designing and creating a new Distributor for BridgeDB. Some ideas for new
Distributors:

<ul>
 <li>A Twitter bot which interacts with Chinese and Farsi speaking Twitter users through PMs.</li>
 <li>A distributor which uses XMPP+OTR to give bridges to users.</li>
 </ul>

It's helpful if you already have some knowledge of Twisted. As part of your
application, please submit a design for a Distributor, as well as supply a
patch for a ticket which demonstrates knowledge of Twisted and Python ―
preferably for BridgeDB, see the
<a href="https://trac.torproject.org/projects/tor/query?status=!closed&keywords=~bridgedb-gsoc-application">
'bridgedb-gsoc-application' Trac tag</a> for some examples of good tickets to
try, or contact isis or sysrqb on IRC to ask for ticket suggestions or advice.
 
 </li>

<!--
 <a id=""></a>
 <li>
 
 
 Effort Level: Medium
 
 Skill Level: Medium
 
 Likely Mentors: Damian (atagar)

</li>
-->

<li>
 Bring up new ideas!
 
 Don't like any of these? Look at the <a
 href="/press/presskit/2008-12-19-roadmap-full.pdf">Tor development
 roadmap</a> for more ideas, or just try out Tor, Vidalia, and Torbutton,
 and find out what you think needs fixing.
 Some of the <a href="<spectree>proposals">current proposals</a>
 might also be short on developers.
 </li>

</ol>

<a id="OtherCoding"></a>
 <h2><a class="anchor" href="#OtherCoding">Other Coding and Design related ideas</a></h2>
 <ol>
 <li>Tor relays don't work well on Windows XP. On
 Windows, Tor uses the standard <tt>select()</tt> system
 call, which uses space in the non-page pool. This means
 that a medium sized Tor relay will empty the non-page pool, <a
 href="<wiki>doc/WindowsBufferProblems">causing
 havoc and system crashes</a>. We should probably be using overlapped IO
 instead. One solution would be to teach <a
 href="http://www.monkey.org/~provos/libevent/">libevent</a> how to use
 overlapped IO rather than select() on Windows, and then adapt Tor to
 the new libevent interface. Christian King made a
 <a href="https://svn.torproject.org/svn/libevent-urz/trunk/">good
 start</a> on this in the summer of 2007.</li>

<li>We need to actually start building our <a href="<page
 docs/documentation>#DesignDoc">blocking-resistance design</a>. This involves
 fleshing out the design, modifying many different pieces of Tor, adapting
 <a href="<page projects/vidalia>">Vidalia</a> so it supports the
 new features, and planning for deployment.</li>

<li>We need a flexible simulator framework for studying end-to-end
 traffic confirmation attacks. Many researchers have whipped up ad hoc
 simulators to support their intuition either that the attacks work
 really well or that some defense works great. Can we build a simulator
 that's clearly documented and open enough that everybody knows it's
 giving a reasonable answer? This will spur a lot of new research.
 See the entry <a href="#Research">below</a> on confirmation attacks for
 details on the research side of this task &mdash; who knows, when it's
 done maybe you can help write a paper or three also.</li>

<li>Tor 0.1.1.x and later include support for hardware crypto
 accelerators via OpenSSL. It has been lightly tested and is
 possibly very buggy. We're looking for more rigorous testing,
 performance analysis, and optimally, code fixes to OpenSSL and
 Tor if needed.</li>

<li>Write a <a
 href="https://secure.wikimedia.org/wikipedia/en/wiki/Fuzz_testing">fuzzer</a>
 for Tor to discover security vulnerabilities. Determine if there
 are good fuzzing frameworks out there for what we want. Win fame by
 getting credit when we put out a new release because of you!</li>

<li>Tor uses TCP for transport and TLS for link
 encryption. This is nice and simple, but it means all cells
 on a link are delayed when a single packet gets dropped, and
 it means we can only reasonably support TCP streams. We have a <a
 href="<page docs/faq>#TransportIPnotTCP">list
 of reasons why we haven't shifted to UDP transport</a>, but it would
 be great to see that list get shorter. We also have a proposed <a
 href="<specblob>proposals/100-tor-spec-udp.txt">specification
 for Tor and
 UDP</a> &mdash; please let us know what's wrong with it.</li>

<li>We're not that far from having IPv6 support for destination addresses
 (at exit nodes). If you care strongly about IPv6, that's probably the
 first place to start.</li>

<li>We need a way to generate the website diagrams (for example, the "How
 Tor Works" pictures on the <a href="<page about/overview>">overview page</a>
 from source, so we can translate them as UTF-8 text rather than edit
 them by hand with Gimp. We might want to
 integrate this as an wml file so translations are easy and images are
 generated in multiple languages whenever we build the website.</li>

<li>How can we make the various LiveCD/USB systems easier
 to maintain, improve, and document? One example is <a
 href="https://tails.boum.org/">The Amnesic Incognito Live
 System</a>.
 </li>

<li>
 Another anti-censorship project is to try to make Tor
 more scanning-resistant. Right now, an adversary can identify <a
 href="<specblob>proposals/125-bridges.txt">Tor bridges</a>
 just by trying to connect to them, following the Tor protocol,
 and seeing if they respond. To solve this, bridges could <a
 href="<svnprojects>design-paper/blocking.html#tth_sEc9.3">act like
 webservers</a> (HTTP or HTTPS) when contacted by port-scanning tools,
 and not act like bridges until the user provides a bridge-specific key.
 To start, check out Shane Pope's <a
 href="http://dl.dropbox.com/u/37735/index.html">thesis and prototype</a>.
 </li>

</ol>

<a id="Research"></a>
 <h2><a class="anchor" href="#Research">Research</a></h2>
 <ol>
 <li>The "end-to-end traffic confirmation attack":
 by watching traffic at Alice and at Bob, we can <a
 href="http://freehaven.net/anonbib/#danezis:pet2004">compare
 traffic signatures and become convinced that we're watching the same
 stream</a>. So far Tor accepts this as a fact of life and assumes this
 attack is trivial in all cases. First of all, is that actually true? How
 much traffic of what sort of distribution is needed before the adversary
 is confident he has won? Are there scenarios (e.g. not transmitting much)
 that slow down the attack? Do some traffic padding or traffic shaping
 schemes work better than others?</li>
 <li>A related question is: Does running a relay/bridge provide additional
 protection against these timing attacks? Can an external adversary that can't
 see inside TLS links still recognize individual streams reliably?
 Does the amount of traffic carried degrade this ability any? What if the
 client-relay deliberately delayed upstream relayed traffic to create a queue
 that could be used to mimic timings of client downstream traffic to make it
 look like it was also relayed? This same queue could also be used for masking
 timings in client upstream traffic with the techniques from <a
 href="http://www.freehaven.net/anonbib/#ShWa-Timing06">adaptive padding</a>,
 but without the need for additional traffic. Would such an interleaving of
 client upstream traffic obscure timings for external adversaries? Would the
 strategies need to be adjusted for asymmetric links? For example, on
 asymmetric links, is it actually possible to differentiate client traffic from
 natural bursts due to their asymmetric capacity? Or is it easier than
 symmetric links for some other reason?</li>
 <li>Repeat Murdoch and Danezis's <a
 href="http://www.cl.cam.ac.uk/~sjm217/projects/anon/#torta">attack from
 Oakland 05</a> on the current Tor network. See if you can learn why it
 works well on some nodes and not well on others. (My theory is that the
 fast nodes with spare capacity resist the attack better.) If that's true,
 then experiment with the RelayBandwidthRate and RelayBandwidthBurst
 options to run a relay that is used as a client while relaying the
 attacker's traffic: as we crank down the RelayBandwidthRate, does the
 attack get harder? What's the right ratio of RelayBandwidthRate to
 actually capacity? Or is it a ratio at all? While we're at it, does a
 much larger set of candidate relays increase the false positive rate
 or other complexity for the attack? (The Tor network is now almost two
 orders of magnitude larger than it was when they wrote their paper.) Be
 sure to read <a href="http://freehaven.net/anonbib/#clog-the-queue">Don't
 Clog the Queue</a> too.</li>
 <li>The "routing zones attack": most of the literature thinks of
 the network path between Alice and her entry node (and between the
 exit node and Bob) as a single link on some graph. In practice,
 though, the path traverses many autonomous systems (ASes), and <a
 href="http://freehaven.net/anonbib/#feamster:wpes2004">it's not uncommon
 that the same AS appears on both the entry path and the exit path</a>.
 Unfortunately, to accurately predict whether a given Alice, entry,
 exit, Bob quad will be dangerous, we need to download an entire Internet
 routing zone and perform expensive operations on it. Are there practical
 approximations, such as avoiding IP addresses in the same /8 network?</li>
 <li>Other research questions regarding geographic diversity consider
 the tradeoff between choosing an efficient circuit and choosing a random
 circuit. Look at Stephen Rollyson's <a
 href="http://swiki.cc.gatech.edu:8080/ugResearch/uploads/7/ImprovingTor.pdf">position
 paper</a> on how to discard particularly slow choices without hurting
 anonymity "too much". This line of reasoning needs more work and more
 thinking, but it looks very promising.</li>
 <li>Tor doesn't work very well when relays have asymmetric bandwidth
 (e.g. cable or DSL). Because Tor has separate TCP connections between
 each hop, if the incoming bytes are arriving just fine and the outgoing
 bytes are all getting dropped on the floor, the TCP push-back mechanisms
 don't really transmit this information back to the incoming streams.
 Perhaps Tor should detect when it's dropping a lot of outgoing packets,
 and rate-limit incoming streams to regulate this itself? I can imagine
 a build-up and drop-off scheme where we pick a conservative rate-limit,
 slowly increase it until we get lost packets, back off, repeat. We
 need somebody who's good with networks to simulate this and help design
 solutions; and/or we need to understand the extent of the performance
 degradation, and use this as motivation to reconsider UDP transport.</li>
 <li>A related topic is congestion control. Is our
 current design sufficient once we have heavy use? Maybe
 we should experiment with variable-sized windows rather
 than fixed-size windows? That seemed to go well in an <a
 href="http://www.psc.edu/index.php/hpn-ssh/638">ssh
 throughput experiment</a>. We'll need to measure and tweak, and maybe
 overhaul if the results are good.</li>
 <li>Our censorship-resistance goals include preventing
 an attacker who's looking at Tor traffic on the wire from <a
 href="<svnprojects>design-paper/blocking.html#sec:network-fingerprint">distinguishing
 it from normal SSL traffic</a>. Obviously we can't achieve perfect
 steganography and still remain usable, but for a first step we'd like to
 block any attacks that can win by observing only a few packets. One of
 the remaining attacks we haven't examined much is that Tor cells are 512
 bytes, so the traffic on the wire may well be a multiple of 512 bytes.
 How much does the batching and overhead in TLS records blur this on the
 wire? Do different buffer flushing strategies in Tor affect this? Could
 a bit of padding help a lot, or is this an attack we must accept?</li>
 <li>Tor circuits are built one hop at a time, so in theory we have the
 ability to make some streams exit from the second hop, some from the
 third, and so on. This seems nice because it breaks up the set of exiting
 streams that a given relay can see. But if we want each stream to be safe,
 the "shortest" path should be at least 3 hops long by our current logic, so
 the rest will be even longer. We need to examine this performance / security
 tradeoff.</li>
 <li>It's not that hard to DoS Tor relays or directory authorities. Are client
 puzzles the right answer? What other practical approaches are there? Bonus
 if they're backward-compatible with the current Tor protocol.</li>
 <li>Programs like <a
 href="<page docs/torbutton/index>">Torbutton</a> aim to hide
 your browser's UserAgent string by replacing it with a uniform answer for
 every Tor user. That way the attacker can't splinter Tor's anonymity set
 by looking at that header. It tries to pick a string that is commonly used
 by non-Tor users too, so it doesn't stand out. Question one: how badly
 do we hurt ourselves by periodically updating the version of Firefox
 that Torbutton claims to be? If we update it too often, we splinter the
 anonymity sets ourselves. If we don't update it often enough, then all the
 Tor users stand out because they claim to be running a quite old version
 of Firefox. The answer here probably depends on the Firefox versions seen
 in the wild. Question two: periodically people ask us to cycle through N
 UserAgent strings rather than stick with one. Does this approach help,
 hurt, or not matter? Consider: cookies and recognizing Torbutton users
 by their rotating UserAgents; malicious websites who only attack certain
 browsers; and whether the answers to question one impact this answer.
 </li>
 <li>How many bridge relays do you need to know to maintain
 reachability? We should measure the churn in our bridges. If there is
 lots of churn, are there ways to keep bridge users more likely to stay
 connected?
 </li>
 </ol>

<a href="<page about/contact>">Let us know</a> if you've made progress on any
 of these!
 
 </div>
 
 <div id = "sidecol">
#include "side.wmi"
#include "info.wmi"
 </div>
 
</div>

#include <foot.wmi>

tor-webwml.git

Delete Onionoo project page and point to https://onionoo.torproject.org/ instead.