git.schokokeks.org
Repositories
Help
Report an Issue
tor-webwml.git
Code
Commits
Branches
Tags
Suche
Strukturansicht:
9a3a84b5d
Branches
Tags
bridges
docs-debian
jobs
master
press-clips
tor-webwml.git
getinvolved
en
volunteer.wml
Bug 18544: Adding Günes and Nicolas to the mentors list
Georg Koppen
commited
9a3a84b5d
at 2016-03-15 17:21:51
volunteer.wml
Blame
History
Raw
## translation metadata # Revision: $Revision$ # Translation-Priority: 4-optional #include "head.wmi" TITLE="Tor: Volunteer" CHARSET="UTF-8" <div id="content" class="clearfix"> <div id="breadcrumbs"> <a href="<page index>">Home » </a> <a href="<page getinvolved/volunteer>">Volunteer</a> </div> <div id="maincol"> <!-- PUT CONTENT AFTER THIS TAG --> <h1>A few things everyone can do now:</h1> <ol> <li>Please consider <a href="<page docs/tor-doc-relay>">running a relay</a> to help the Tor network grow.</li> <li>Tell your friends! Get them to run relays. Get them to run hidden services. Get them to tell their friends.</li> <li>If you like Tor's goals, please <a href="<page donate/donate>">take a moment to donate to support further Tor development</a>. We're also looking for more sponsors — if you know any companies, NGOs, agencies, or other organizations that want anonymity / privacy / communications security, let them know about us.</li> <li>We're looking for more <a href="<page about/torusers>">good examples of Tor users and Tor use cases</a>. If you use Tor for a scenario or purpose not yet described on that page, and you're comfortable sharing it with us, we'd love to hear from you.</li> </ol> <a id="Documentation"></a> <h2><a class="anchor" href="#Documentation">Documentation</a></h2> <ol> <li>Help translate the <!-- web page and --> documentation into other languages. See the <a href="<page getinvolved/translation>">translation guidelines</a> if you want to help out. We especially need Arabic or Farsi translations, for the many Tor users in censored areas.</li> <li>Evaluate and document <a href="<wiki>doc/TorifyHOWTO">our list of programs</a> that can be configured to use Tor.</li> <li>We have a huge list of <a href="<wiki>doc/SupportPrograms">potentially useful programs that interface with Tor</a>. Which ones are useful in which situations? Please help us test them out and document your results.</li> </ol> <a id="Advocacy"></a> <h2><a class="anchor" href="#Advocacy">Advocacy</a></h2> <ol> <li>Monitor some of our <a href="https://lists.torproject.org/cgi-bin/mailman/listinfo">public mailing lists</a>, like <a href="https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk">tor-talk</a>, <a href="https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays">tor-relays</a>, <a href="https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev">tor-dev</a>, or <a href="https://lists.torproject.org/cgi-bin/mailman/listinfo/tbb-dev">tbb-dev</a>, and summarize noteworthy exchanges into articles for <a href="https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-news">Tor Weekly News</a>.</li> <li>Create a presentation that can be used for various user group meetings around the world.</li> <li>Create a video about the positive uses of Tor, what Tor is, or how to use it. Some have already started on <a href="https://media.torproject.org/video/">Tor's Media server</a>, <a href="http://www.howcast.com/videos/90601-How-To-Circumvent-an-Internet-Proxy">Howcast</a>, and <a href="http://www.youtube.com/thetorproject">YouTube</a>.</li> <li>Create a poster around a theme, such as "Tor for Freedom!"</li> <li>Create a t-shirt design that incorporates "<a href="https://check.torproject.org/">Congratulations! You are using Tor!</a>" in any language.</li> <li>Spread the word about Tor at a symposium or conference and use these <a href="https://media.torproject.org/misc/2015-03-tor-brochure/">Tor brochures</a> in PDF and ODG format and translated to at least ten different languages as conversation starter.</li> </ol> <a id="gsoc"></a> <h2><a class="anchor" href="#gsoc">Google Summer of Code</a></h2> <p> Tor is also taking part in this year's <a href="https://summerofcode.withgoogle.com/">Google Summer of Code</a>! To apply but you need to be either <a href="https://developers.google.com/open-source/gsoc/faq#what_are_the_eligibility_requirements_for_participation">a present student or just graduated</a>. <b>See our page for <a href="<page about/gsoc>">Google Summer of Code</a> for more information.</b> </p> <a id="Projects"></a> <h2><a class="anchor" href="#Projects">Projects</a></h2> <p> Below are a list of Tor related projects we're developing and/or maintaining. Most discussions happen on IRC so if you're interested in any of these (or you have a project idea of your own), then please <a href="<page about/contact>#irc">join us in #tor-dev</a>. Don't be shy to ask questions, and don't hesitate to ask even if the main contributors aren't active at that moment. </p> <p> For a presentation summarizing many of these projects see... </p> <div id="ecosystem_presentation"> <a href="https://www.youtube.com/watch?v=fb6iqZcQsSg">Tor Ecosystem</a> (<a href="https://media.torproject.org/video/2013-11-t3am-damian-johnson.mp4">mp4</a>, <a href="https://svn.torproject.org/svn/projects/presentations/2013-11-t3am-tor-ecosystem.pdf">slides</a>) </div> <br /></br /> <table id="projects"> <tr> <th>Name</th> <th>Category</th> <th>Language</th> <th>Activity</th> <th>Contributors</th> </tr> <tr> <td><a href="#project-tor">Tor</a></td> <td>Core</td> <td>C</td> <td>Heavy</td> <td>nickm, athena, arma</td> </tr> <tr> <td><a href="#project-torbrowser">Tor Browser</a></td> <td>Bundle</td> <td>Javascript, XUL, Scripting</td> <td>Heavy</td> <td>mikeperry, Pearl Crescent</td> </tr> <tr> <td><a href="#project-httpseverywhere">HTTPS Everywhere</a></td> <td>Browser Add-on</td> <td>Javascript</td> <td>Heavy</td> <td>pde, mikeperry</td> </tr> <tr> <td><a href="#project-nyx">Nyx</a></td> <td>User Interface</td> <td>Python, Curses</td> <td>Heavy</td> <td>atagar</td> </tr> <tr> <td><a href="#project-orbot">Orbot</a></td> <td>User Interface</td> <td>Java</td> <td>Moderage</td> <td>n8fr8</td> </tr> <tr> <td><a href="#project-tails">Tails</a></td> <td>OS image</td> <td>Sys Admin</td> <td>Heavy</td> <td><a href="https://tails.boum.org/">#tails</a></td> </tr> <tr> <td><a href="#project-torramdisk">tor-ramdisk</a></td> <td>OS image</td> <td>Sys Admin</td> <td>Light</td> <td>blueness</td> </tr> <tr> <td><a href="#project-torsocks">Torsocks</a></td> <td>Usability</td> <td>C</td> <td>Light</td> <td>David Goulet</td> </tr> <tr> <td><a href="#project-tormessenger">Tor Messenger</a></td> <td>Bundle</td> <td>JavaScript, XUL, Scripting</td> <td>Heavy</td> <td>arlolra, boklm, sukhe</td> </tr> <tr> <td><a href="#project-torbirdy">TorBirdy</a></td> <td>Browser Add-on</td> <td>JavaScript</td> <td>Light</td> <td>sukhe</td> </tr> <tr> <td><a href="#project-obfsproxy">Obfsproxy</a></td> <td>Client Add-on</td> <td>Python</td> <td>None</td> <td>asn</td> </tr> <tr> <td><a href="#project-flash-proxy">Flash Proxy</a></td> <td>Client Add-on</td> <td>Python, JavaScript, Go</td> <td>Light</td> <td>dcf, infinity0, Arlo Breault</td> </tr> <tr> <td><a href="#project-shadow">Shadow</a></td> <td>Simulator</td> <td>C, Python</td> <td>Heavy</td> <td>robgjansen</td> </tr> <tr> <td><a href="#project-chutney">Chutney</a></td> <td>Simulator</td> <td>Python</td> <td>Light</td> <td>nickm</td> </tr> <tr> <td><a href="#project-stem">Stem</a></td> <td>Library</td> <td>Python</td> <td>Heavy</td> <td>atagar</td> </tr> <tr> <td><a href="#project-txtorcon">Txtorcon</a></td> <td>Library</td> <td>Python, Twisted</td> <td>Light</td> <td>meejah</td> </tr> <tr> <td><a href="#project-tlsdate">Tlsdate</a></td> <td>Utility</td> <td>C</td> <td>None</td> <td>ioerror</td> </tr> <tr> <td><a href="#project-metrics">Metrics</a></td> <td>Client Service</td> <td>Java</td> <td>Moderate</td> <td>karsten</td> </tr> <tr> <td><a href="#project-atlas">Atlas</a></td> <td>Client Service</td> <td>JavaScript</td> <td>None</td> <td></td> </tr> <tr> <td><a href="#project-globe">Globe</a></td> <td>Client Service</td> <td>JavaScript</td> <td>None</td> <td></td> </tr> <tr> <td><a href="#project-compass">Compass</a></td> <td>Client Service</td> <td>Python</td> <td>None</td> <td></td> </tr> <tr> <td><a href="#project-onionoo">Onionoo</a></td> <td>Backend Service</td> <td>Java</td> <td>Light</td> <td>karsten</td> </tr> <tr> <td><a href="#project-exitmap">ExitMap</a></td> <td>Backend Service</td> <td>Python</td> <td>Light</td> <td>phw</td> </tr> <tr> <td><a href="#project-doctor">DocTor</a></td> <td>Backend Service</td> <td>Python</td> <td>Light</td> <td>atagar</td> </tr> <tr> <td><a href="#project-weather">Weather</a></td> <td>Client Service</td> <td>Python</td> <td>None</td> <td>kaner</td> </tr> <tr> <td><a href="#project-gettor">GetTor</a></td> <td>Client Service</td> <td>Python</td> <td>Light</td> <td>ilv</td> </tr> <tr> <td><a href="#project-torcheck">TorCheck</a></td> <td>Client Service</td> <td>Go</td> <td>None</td> <td>Arlo</td> </tr> <tr> <td><a href="#project-bridgedb">BridgeDB</a></td> <td>Backend Service</td> <td>Python</td> <td>Light</td> <td>isis</td> </tr> <tr> <td><a href="#project-ooni-probe">Ooni Probe</a></td> <td>Scanner</td> <td>Python</td> <td>Moderate</td> <td>hellais, aagbsn</td> </tr> <tr> <td><a href="#project-torps">TorPS</a></td> <td>Backend Service</td> <td>Python</td> <td>None</td> <td>Aaron Johnson</td> </tr> <tr> <td><a href="#project-torflow">TorFlow</a></td> <td>Backend Service</td> <td>Python</td> <td>None</td> <td>aagbsn</td> </tr> <tr> <td><a href="#project-tor2web">Tor2web</a></td> <td>Client Service</td> <td>Python</td> <td>Heavy</td> <td>evilaliv3, hellais</td> </tr> <tr> <td><a href="#project-anonbib">Anonbib</a></td> <td>Website</td> <td>Python</td> <td>Light</td> <td>arma, nickm</td> </tr> </table> <sub> * Project is still in an alpha state. </sub> <br /><br /> <a id="project-tor"></a> <h3>Tor (<a href="https://gitweb.torproject.org/tor.git">code</a>, <a href="https://trac.torproject.org/projects/tor/report/12">bug tracker</a>)</h3> <p> Central project, providing the core software for using and participating in the Tor network. Numerous people contribute to the project to varying extents, but the chief architects are Nick Mathewson and Roger Dingledine. </p> <p> <b>Project Ideas:</b><br /> <i><a href="#improveHiddenServices">Help improve Tor hidden services</a></i> </p> <a id="project-torbrowser"></a> <h3><a href="<page projects/torbrowser>">Tor Browser</a> (<a href="https://gitweb.torproject.org/tor-browser.git">code</a>, <a href="https://trac.torproject.org/projects/tor/query?status=accepted&status=assigned&status=needs_review&status=new&status=reopened&component=Torbutton&component=Tor+Launcher&component=Tor+Browser&component=Tor+bundles%2Finstallation&col=id&col=summary&col=status&col=owner&col=type&col=priority&col=milestone&order=priority">bug tracker</a>, <a href="https://www.torproject.org/projects/torbrowser/design/">design doc</a>)</h3> <p> Tor Browser is an easy-to-use, portable package of Tor, HTTPS-Everywhere, NoScript, TorLauncher, Torbutton, and a Firefox fork, all preconfigured to work together out of the box. The modified copy of Firefox aims to resolve the privacy and security issues in mainline version. </p> <p> <b>Project Ideas:</b><br /> <i><a href="#panopticlick">Panopticlick</a></i><br /> </p> <a id="project-httpseverywhere"></a> <h3><a href="https://www.eff.org/https-everywhere">HTTPS Everywhere</a> (<a href="https://gitweb.torproject.org/https-everywhere.git">code</a>, <a href="https://trac.torproject.org/projects/tor/report/19">bug tracker</a>)</h3> <p> HTTPS Everywhere is a Firefox and Chrome extension that encrypts your communications with many major websites, making your browsing more secure. </p> <a id="project-nyx"></a> <h3><a href="https://www.atagar.com/arm/">Nyx</a> (<a href="https://gitweb.torproject.org/nyx.git">code</a>, <a href="https://trac.torproject.org/projects/tor/query?status=accepted&status=assigned&status=needs_review&status=new&status=reopened&component=arm&order=priority">bug tracker</a>)</h3> <p> Nyx (previously <i>arm</i>) is a terminal status monitor for Tor intended for command-line aficionados, ssh connections, and anyone with a tty terminal. This works much like top does for system usage, providing real time statistics for bandwidth, resource usage, connections, and quite a bit more. </p> <p> <b>Project Ideas:</b><br /> <i><a href="#expand_nyx">Expand Nyx</a></i> </p> <a id="project-orbot"></a> <h3><a href="https://guardianproject.info/apps/orbot/">Orbot</a> (<a href="https://gitweb.torproject.org/orbot.git">code</a>, <a href="https://trac.torproject.org/projects/tor/query?status=accepted&status=assigned&status=needs_review&status=new&status=reopened&component=Orbot&order=priority">bug tracker</a>)</h3> <p> Provides Tor on the Android platform. The project is under active development, updates to latest Tor releases, and working to stay up to date with all changes in Android and mobile threats. </p> <a id="project-tails"></a> <h3><a href="https://tails.boum.org/">The Amnesic Incognito Live System</a> (<a href="https://git-tails.immerda.ch/tails/">code</a>, <a href="https://labs.riseup.net/code/projects/tails">bug tracker</a>, <a href="https://tails.boum.org/doc">documentation</a>, <a href="https://tails.boum.org/contribute/design/">design</a>, <a href="https://tails.boum.org/contribute">contribute</a>)</h3> <p> The Amnesic Incognito Live System is a live CD/USB distribution preconfigured so that everything is safely routed through Tor and leaves no trace on the local system. This is a merger of the Amnesia and <a href="http://www.anonymityanywhere.com/incognito/">Incognito</a> projects, and still under very active development. </p> <a id="project-torramdisk"></a> <h3><a href="http://opensource.dyc.edu/tor-ramdisk">Tor-ramdisk</a> (<a href="https://gitweb.torproject.org/tor-ramdisk.git">code</a>, <a href="http://opensource.dyc.edu/tor-ramdisk-documentation">documentation</a>)</h3> <p> Tor-ramdisk is a uClibc-based micro Linux distribution whose sole purpose is to securely host a Tor server purely in RAM. </p> <a id="project-torsocks"></a> <h3>Torsocks (<a href="https://gitweb.torproject.org/torsocks.git">code</a>, <a href="https://trac.torproject.org/projects/tor/query?status=accepted&status=assigned&status=needs_review&status=new&status=reopened&component=Torify&order=priority">bug tracker</a>)</h3> <p> Utility for adapting other applications to work with Tor. Development has slowed and compatibility issues remain with some platforms, but it's otherwise feature complete. </p> <a id="project-tormessenger"></a> <h3><a href="https://trac.torproject.org/projects/tor/wiki/doc/TorMessenger">Tor Messenger</a> (<a href="https://gitweb.torproject.org/tor-messenger-build.git">code</a>, <a href="https://trac.torproject.org/projects/tor/query?status=!closed&component=Tor+Messenger">bug tracker</a>)</h3> <p> Tor Messenger is a cross-platform chat program that aims to be secure by default and sends all of its traffic over Tor. </p> <a id="project-torbirdy"></a> <h3>TorBirdy (<a href="https://gitweb.torproject.org/torbirdy.git">code</a>, <a href="https://trac.torproject.org/projects/tor/wiki/torbirdy/dev">bug tracker</a>)</h3> <p> TorBirdy is Torbutton for Thunderbird and related Mozilla mail clients. </p> <a id="project-obfsproxy"></a> <h3><a href="<page projects/obfsproxy>">Obfsproxy</a> (<a href="https://gitweb.torproject.org/pluggable-transports/obfsproxy.git">code</a>, <a href="https://trac.torproject.org/projects/tor/query?status=accepted&status=assigned&status=needs_review&status=new&status=reopened&component=Pluggable+transport&order=priority">bug tracker</a>)</h3> <p> A proxy that shapes Tor traffic, making it harder for censors to detect and block Tor. This has both a C and python implementation. </p> <a id="project-flash-proxy"></a> <h3><a href="https://crypto.stanford.edu/flashproxy/">Flash Proxy</a> (<a href="https://gitweb.torproject.org/flashproxy.git">code</a>, <a href="https://trac.torproject.org/projects/tor/query?status=accepted&status=assigned&status=needs_information&status=needs_review&status=needs_revision&status=new&status=reopened&component=Flashproxy">bug tracker</a>)</h3> <p> Pluggable transport using proxies running in web browsers to defeat address-based blocking. </p> <a id="project-chutney"></a> <h3>Chutney (<a href="https://gitweb.torproject.org/chutney.git">code</a>, <a href="https://trac.torproject.org/projects/tor/query?status=accepted&status=assigned&status=needs_information&status=needs_review&status=needs_revision&status=new&status=reopened&component=Chutney">bug tracker</a>)</h3> <p> Integration test suite that spawns a local tor network, checking the interactions of its components. </p> <a id="project-shadow"></a> <h3><a href="https://shadow.cs.umn.edu/">Shadow</a> (<a href="https://github.com/shadow">code</a>, <a href="https://github.com/shadow/shadow/issues">bug tracker</a>)</h3> <p> Shadow is a discrete-event network simulator that runs the real Tor software as a plug-in. Shadow is open-source software that enables accurate, efficient, controlled, and repeatable Tor experimentation. For another simulator, see <a href="http://crysp.uwaterloo.ca/software/exptor/">ExperimenTor</a>. </p> <a id="project-stem"></a> <h3><a href="https://stem.torproject.org/">Stem</a> (<a href="https://gitweb.torproject.org/stem.git">code</a>, <a href="https://trac.torproject.org/projects/tor/wiki/doc/stem/bugs">bug tracker</a>)</h3> <p> Python controller library for scripts and controller applications using Tor. </p> <p> <b>Project Ideas:</b><br /> <i><a href="#descriptor_parsing_in_go">Stem Descriptor Parsing in Go</a></i> </p> <a id="project-txtorcon"></a> <h3><a href="https://txtorcon.readthedocs.org">Txtorcon</a> (<a href="https://github.com/meejah/txtorcon">code</a>, <a href="https://github.com/meejah/txtorcon/issues">bug tracker</a>)</h3> <p> Twisted-based asynchronous Tor control protocol implementation. Includes unit-tests, examples, state-tracking code and configuration abstraction. Used by OONI and APAF. </p> <p> <b>Project Ideas:</b><br /> <i><a href="#txtorcon_use_txaio">Convert txtorcon to use txaio</a></i><br /> <i><a href="#txtorcon_use_pytest">Convert txtorcon to py.test</a></i> </p> <a id="project-tlsdate"></a> <h3>Tlsdate (<a href="https://github.com/ioerror/tlsdate">code</a>)</h3> <p> tlsdate: secure parasitic rdate replacement </p> <p> tlsdate sets the local clock by securely connecting with TLS to remote servers and extracting the remote time out of the secure handshake. Unlike ntpdate, tlsdate uses TCP, for instance connecting to a remote HTTPS or TLS enabled service, and provides some protection against adversaries that try to feed you malicious time information. </p> <a id="project-metrics"></a> <h3><a href="https://metrics.torproject.org/">Metrics</a> (code: <a href="https://gitweb.torproject.org/metrics-db.git">db</a>, <a href="https://gitweb.torproject.org/metrics-web.git">web</a>)</h3> <p> Processing and analytics of consensus data, provided to users via the metrics portal. This has been under active development for several years by Karsten Loesing. See also <a href="https://gitweb.torproject.org/torperf.git">TorPerf</a>. </p> <a id="project-atlas"></a> <h3><a href="https://atlas.torproject.org/">Atlas</a> (<a href="https://gitweb.torproject.org/atlas.git">code</a>)</h3> <p> Atlas is a web application to discover Tor relays and bridges. It provides useful information on how relays are configured along with graphics about their past usage. </p> <p> This is the spiritual successor to <a href="https://gitweb.torproject.org/torstatus.git">TorStatus</a>, the <a href="https://svn.torproject.org/svn/torstatus/trunk/">original codebase</a> for which was written in PHP, and rewritten by students from Wesleyan as Django. </p> <a id="project-globe"></a> <h3><a href="http://globe.rndm.de/">Globe</a> (<a href="https://github.com/makepanic/globe">code</a>, <a href="https://github.com/makepanic/globe/issues">bug tracker</a>)</h3> <p> Globe is a web application that allows you to search for Tor relays and bridges. It gives you a detailed overview of properties and configurations of a relay or bridge. </p> <a id="project-compass"></a> <h3><a href="https://compass.torproject.org/">Compass</a> (<a href="https://gitweb.torproject.org/compass.git">code</a>, <a href="https://trac.torproject.org/projects/tor/query?status=accepted&status=assigned&status=needs_review&status=new&status=reopened&component=Compass&order=priority">bug tracker</a>)</h3> <p> Compass is a web and command line application that filters and aggregates the Tor relays based on various attributes. </p> <a id="project-onionoo"></a> <h3><a href="https://onionoo.torproject.org/">Onionoo</a> (<a href="https://gitweb.torproject.org/onionoo.git">code</a>, <a href="https://trac.torproject.org/projects/tor/query?status=accepted&status=assigned&status=needs_review&status=new&status=reopened&component=Onionoo&order=priority">bug tracker</a>)</h3> <p> Onionoo is a JSON based protocol to learn information about currently running Tor relays and bridges. </p> <a id="project-exitmap"></a> <h3><a href="http://www.cs.kau.se/philwint/spoiled_onions/">ExitMap</a> (<a href="https://github.com/NullHypothesis/exitmap">code</a>, <a href="https://github.com/NullHypothesis/exitmap/issues">bug tracker</a>)</h3> <p> Scanner for the Tor network by Philipp Winter to detect malicious and misconfigured exits. For more information about how it works see his <a href="http://www.cs.kau.se/philwint/spoiled_onions/pets2014.pdf">Spoiled Onions</a> research paper. </p> <p> <b>Project Ideas:</b><br /> <i><a href="#exitmap_improvements">Exitmap Improvements</a></i> </p> <a id="project-doctor"></a> <h3>DocTor (<a href="https://gitweb.torproject.org/doctor.git">code</a>, <a href="https://trac.torproject.org/projects/tor/query?status=accepted&status=assigned&status=needs_review&status=new&status=reopened&component=DocTor&order=priority">bug tracker</a>)</h3> <p> DocTor is a notification service that monitors newly published descriptor information for issues. This is primarily a service to help the tor directory authority operators, but it also checks for a handful of other issues like sybil attacks. </p> <a id="project-weather"></a> <h3><a href="https://trac.torproject.org/projects/tor/wiki/org/roadmaps/Weather">Weather</a> (<a href="https://gitweb.torproject.org/weather.git">code</a>, <a href="https://trac.torproject.org/projects/tor/query?status=accepted&status=assigned&status=needs_review&status=new&status=reopened&component=Tor+Weather&order=priority">bug tracker</a>)</h3> <p> Provides automatic notification to subscribed relay operators when their relay's unreachable. This underwent a rewrite by the <a href="http://hfoss.wesleyan.edu/">Wesleyan HFOSS team</a>, which went live in early 2011. </p> <a id="project-gettor"></a> <h3><a href="https://trac.torproject.org/projects/tor/wiki/org/roadmaps/GetTor">GetTor</a> (<a href="https://gitweb.torproject.org/gettor.git">code</a>, <a href="https://trac.torproject.org/projects/tor/query?status=accepted&status=assigned&status=needs_review&status=new&status=reopened&component=GetTor&order=priority">bug tracker</a>)</h3> <p> E-mail autoresponder providing Tor's packages over SMTP. This has been relatively unchanged for quite a while. </p> <a id="project-torcheck"></a> <h3><a href="https://trac.torproject.org/projects/tor/wiki/org/roadmaps/TorCheck">TorCheck</a> (<a href="https://gitweb.torproject.org/check.git">code</a>, <a href="https://trac.torproject.org/projects/tor/query?status=accepted&status=assigned&status=needs_review&status=new&status=reopened&component=Tor+Check&order=priority">bug tracker</a>)</h3> <p> Site for determining if the visitor is using Tor or not. </p> <a id="project-bridgedb"></a> <h3><a href="https://trac.torproject.org/projects/tor/wiki/org/roadmaps/BridgeDB">BridgeDB</a> (<a href="https://gitweb.torproject.org/bridgedb.git">code</a>, <a href="https://trac.torproject.org/projects/tor/query?status=accepted&status=assigned&status=needs_review&status=new&status=reopened&component=BridgeDB&order=priority">bug tracker</a>)</h3> <p> Backend bridge distributor, handling the various pools they're distributed in. This was actively developed until Fall of 2010. </p> <a id="project-ooni-probe"></a> <h3><a href="https://ooni.torproject.org/">Ooni Probe</a> (<a href="https://gitweb.torproject.org/ooni-probe.git">code</a>, <a href="https://trac.torproject.org/projects/tor/query?status=accepted&status=assigned&status=needs_review&status=new&status=reopened&component=Ooni&order=priority">bug tracker</a>)</h3> <p> Censorship scanner, checking your local connection for blocked or modified content. </p> <a id="project-torps"></a> <h3>TorPS</a> (<a href="https://github.com/torps/torps">code</a>)</h3> <p> The Tor Path Simulator (TorPS) is a tool for efficiently simulating path selection in Tor. It chooses circuits and assigns user streams to those circuits in the same way that Tor does. TorPS is fast enough to perform thousands of simulations over periods of months. </p> <a id="project-torflow"></a> <h3><a href="https://trac.torproject.org/projects/tor/wiki/org/roadmaps/TorFlow">TorFlow</a> (<a href="https://gitweb.torproject.org/torflow.git">code</a>, <a href="https://trac.torproject.org/projects/tor/query?status=accepted&status=assigned&status=needs_review&status=new&status=reopened&component=Torflow&order=priority">bug tracker</a>)</h3> <p> Library and collection of services for actively monitoring the Tor network. These include the Bandwidth Scanners (measuring throughput of relays) and SoaT (scans for malicious or misconfigured exit nodes). SoaT was last actively developed in the Summer of 2010, and the Bandwidth Scanners a few months later. Both have been under active use since then, but development has stopped. </p> <a id="project-tor2web"></a> <h3><a href="https://www.tor2web.org">Tor2web</a> (<a href="https://github.com/globaleaks/tor2web-3.0/wiki">code</a>)</h3> <p> Tor2web allows Internet users to browse websites running in <a href="<page docs/hidden-services>">Tor hidden services</a>. It trades user anonymity for usability by allowing anonymous content to be distributed to non-anonymous users. </p> <a id="project-anonbib"></a> <h3><a href="http://freehaven.net/anonbib/">Anonymity Bibliography</a> (<a href="https://gitweb.torproject.org/anonbib.git">code</a>)</h3> <p> Anonbib is a list of important papers in the field of anonymity. It's also a set of scripts to generate the website from Latex (bibtex). If we're missing any important papers, please let us know! </p> <a id="Coding"></a> <a id="Summer"></a> <h2><a class="anchor" href="#Coding">Project Ideas</a></h2> <p> You may find some of these projects to be good ideas for <a href="<page about/gsoc>">Google Summer of Code</a>. We have labelled each idea with which of our <a href="<page about/corepeople>">core developers</a> would be good mentors. If one or more of these ideas looks promising to you, please <a href="<page about/contact>">contact us</a> to discuss your plans rather than sending blind applications. You may also want to propose your own project idea — which often results in the best applications. </p> <ol> <a id="improveHiddenServices"></a> <li> <b>Help improve Tor hidden services</b> <br> Language: <i>C</i> <br> Likely Mentors: <i>George (asn), David Goulet (dgoulet)</i> <br><br> <p> We're working on a revamp of the entire Tor hidden service design to improve the security and reliability of the hidden service system. </p> <p> This is a big project: see <a href="https://gitweb.torproject.org/torspec.git/tree/proposals/224-rend-spec-ng.txt">proposal 224</a> for the latest design. Are you interested in implementing some part of that? </p> <p> This is a very ambitious project, so we're deliberately not suggesting particular sub-topics. If you're interested in participating, try to read and understand the <a href="https://gitweb.torproject.org/torspec.git/tree/rend-spec.txt">existing design</a> and the design proposal for the new design, and then talk to us about what part you want to work on. </p> <p> As part of the application process for this project, please contribute a nontrivial patch to Tor -- ideally, one that will affect some part of the codebase that you want to work on. </p> </li> <a id="exitmap_improvements"></a> <li> <b>Exitmap Improvements</b> <br> Language: <i>Python</i> <br> Likely Mentors: <i>Philipp (phw)</i> <br><br> <p> The Tor Project makes use of the Python tool <a href="https://gitweb.torproject.org/user/phw/exitmap.git/">Exitmap</a> to systematically scan for malicious and misbehaving exit relays. Once such a relay is found, it is assigned the BadExit flag which prevents clients from selecting the relay as last hop in their circuit. </p> <p> Exitmap supports scanning modules which implement a specific scan over exit relays. Examples are the DNS module which checks for DNS poisoning or the patching check module which looks out for tampered file downloads. </p> <p> This project is meant to extend exitmap in several ways. First, it should be made fully autonomous. That means that exitmap should be able to run in the background, periodically fetch new relay descriptors, and have a smart algorithm which keeps scanning all exit relays periodically. Second, exitmap should be able to emulate some user interaction and dynamically "explore" the web in order to detect tampering. Third, unit tests should be added for existing and new code in order to make the code base more robust. </p> </li> <a id="expand_nyx"></a> <li> <b>Expand Nyx</b> <br> Language: <i>Python</i> <br> Likely Mentors: <i>Damian (atagar)</i> <br><br> <p> Nyx (previously known as <a href="https://www.atagar.com/arm/">arm</a>) is an ncurses monitor that provides Tor relay operators... </p> <ul> <li><a href="https://www.atagar.com/arm/images/screenshot_page1_full.png">bandwidth graphs and event log</a></li> <li><a href="https://www.atagar.com/arm/images/screenshot_page2_full.png">connections</a></li> <li><a href="https://www.atagar.com/arm/images/screenshot_page3_full.png">user's torrc</a></li> <li><a href="https://www.atagar.com/arm/images/screenshot_configPanel_full.png">config editor</a></li> </ul> <p> Nyx is presently under development in preparation for its next release. If you like python, terminals, and collaborating on an active codebase this just might be the project for you! </p> <p> Proposals should involve a grab-bag of moderately small improvements you'd like to make. You're encouraged to brainstorm ideas of their own but here's a few to get ya started... </p> <ul> <li>Bring back the <a href="https://www.atagar.com/arm/images/screenshot_interpretor_full.png">interpreter panel</a>. This panel was dropped when refactoring Nyx, but it would be a neat component to bring back. You can <a href="https://gitweb.torproject.org/nyx.git/tree/src/cli/interpretorPanel.py?h=release">find old code for it in the history</a> and Stem (the library backing Nyx) has a much improved <a href="https://stem.torproject.org/tutorials/down_the_rabbit_hole.html">variant of this we can leverage</a>. This task would involve writing the curses code around Stem's interpreter functions.</li> <li>Windows support. Like most curses applications Nyx doesn't run natively on Windows. We've had dozens of users request this and <a href="https://trac.torproject.org/projects/tor/wiki/doc/arm#Windows">it should be possible</a>. This would involve supporting PDCurses and expanding Stem to be able to query the cpu/memory usage of the tor process.</li> <li>Unit testing! Nyx has <a href="https://gitweb.torproject.org/nyx.git/tree/test">started adding tests</a> but it's still very minimal. Achieving any substantial code coverage will require us to figure out how to unit test curses components.</li> <li>Onionoo provides additional relay information that could enrich our connection panel such as geoip and rdns. Trick is that at present we can only query it on a per-relay basis which would leak our connections (no-go for security). However, if we could get information about all relays in bulk it would sidestep this. For some old thoughts on this see <a href="https://trac.torproject.org/projects/tor/wiki/doc/arm#CircuitDetails">here</a>.</li> <li>Relay setup wizard. Our last release had this (screenshots: <a href="https://www.atagar.com/transfer/tmp/arm_wizard1.png">1</a>, <a href="https://www.atagar.com/transfer/tmp/arm_wizard2.png">2</a>, <a href="https://www.atagar.com/transfer/tmp/arm_wizard3.png">3</a>). This has been removed because including it directly in Nyx confused users, but we might want to resurrect it as a separate <i>setup-tor-relay</i> command.</li> <li><a href="https://trac.torproject.org/projects/tor/ticket/18499">Improved dialog</a> for selecting events to log.</li> <li>... and more! Again, don't hesitate to propose ideas of your own.</li> </ul> <p> <b>As part of your application for this project please get your hands wet with the codebase by contributing patches for <a href="https://gitweb.torproject.org/nyx.git">Nyx</a> and <a href="https://stem.torproject.org/faq.html#how-do-i-get-started">Stem</a>!</b> </p> </li> <a id="descriptor_parsing_in_go"></a> <li> <b>Stem Descriptor Parsing in Go</b> <br> Language: <i>Go, Python</i> <br> Likely Mentors: <i>Damian (atagar), Philipp (phw)</i> <br><br> <p> Tor consists of two parts: the application and a distributed network of a few thousand volunteer relays. Information about these relays is public, and made up of documents called <b><a href="https://stem.torproject.org/tutorials/mirror_mirror_on_the_wall.html#what-is-a-descriptor">descriptors</a></b>. We have <a href="https://stem.torproject.org/tutorials/mirror_mirror_on_the_wall.html#are-there-any-other-parsing-libraries">three libraries capable of reading these documents</a>... </p> <ul> <li><b><a href="https://stem.torproject.org/">Stem</a></b> (Python)</li> <li><b><a href="https://gitweb.torproject.org/metrics-lib.git/">Metrics-lib</a></b> (Java)</li> <li><b><a href="https://gitweb.torproject.org/user/phw/zoossh.git/">Zoossh</a></b> (Go)</li> </ul> <p> Stem is the most feature rich but slowest, and conversely Zoossh is fastest but limited. But what if Stem used CFFI bindings to do the heavy lifting in Go? Could we unify these libraries, getting the feature set of Stem with the performance of Zoossh? </p> <p> <b>Applicants should be familiar with both Python and Go. As part of your application for this project please write a demo CFFI binding for Stem as a proof of concept.</b> Bonus points if you <a href="https://stem.torproject.org/faq.html#how-do-i-get-started">get your hands wet by contributing patches</a>! </p> </li> <a id="txtorcon_use_txaio"></a> <li> <b>Convert txtorcon to use txaio</b> <br> Language: <i>Python, asyncio, Twisted</i> <br> Likely Mentors: <i>meejah</i> <br><br> <p> txtorcon is currently supports only Twisted users. Re-working txtorcon to use the txaio library would allow users to choose between Twisted and asyncio for the client code. </p> <p> This would involve fairly extensive refactoring to txtorcon, as it currently makes heavy use of @inlineCallbacks which doesn't work with txaio. A prospective student should be very familiar with event-based programming in general, and be familiar with one of Twisted or asyncio. See also: https://github.com/meejah/txtorcon/issues/135 </p> </li> <a id="txtorcon_use_pytest"></a> <li> <b>Convert txtorcon to py.test</b> <br> Language: <i>Python, Twisted</i> <br> Likely Mentors: <i>meejah</i> <br><br> <p> Currently txtorcon uses the built-in "unittest" module, as well as Twisted's Deferred-respecting extensions on top. However, meejah has found py.test's "fixture" approach to be much more powerful in other situations. </p> <p> This project would be to port at least part of txtorcon's test-suite to use py.test style tests and fixtures and evaluate: are the tests easier to read? are there fewer lines of code? If so, the rest of the suite should be ported and txtorcon switched over to use py.test exclusively. </p> <p> As some of txtorcon's tests aren't very well-written, this would take a prospective student who is very strong in unit-testing knowledge. As txtorcon is event-based, familiarity with that style of programming (preferrably with Twisted) is ideal. See also: https://github.com/meejah/txtorcon/issues/136 </p> </li> <a id="coniks_in_messenger"></a> <li> <b>Implement and Integrate CONIKS for Tor Messenger</b> <br> Language: <i>C, JavaScript</i> <br> Likely Mentors: <i>Marcela (masomel), Arlo (arlolra)</i> <br><br> <p> CONIKS is an end-user key management and verification system for end-to-end secure communication services, which improves upon existing key management systems by providing both strong security and better usability using a model called key transparency. CONIKS does this by requiring providers to manage tamper-evident, publicly-auditable key directories, which contain mappings from usernames to public keys, on behalf of their users. This design makes it easier for users (both "default" users and power users) to establish trust since they don't have to worry about or even see keys, but users also don't have to trust the provider to be well-behaved because the CONIKS client can run as part of the secure messaging app and automatically check that the service provider doesn’t map spurious keys to their users' usernames, and it can verify that observed name-to-key mappings are consistent with what other clients in the system are seeing. Unlike existing key transparency solutions, CONIKS also provides strong privacy guarantees by employing cryptographic primitives for robust data obfuscation. </p> <p> The CONIKS system design, protocols, and proof-of-concept are described in great detail in the <a href="https://www.usenix.org/system/files/conference/usenixsecurity15/sec15-paper-melara.pdf">CONIKS research paper</a>, and basic reference implementations of a CONIKS key server and a CONIKS client are avialable on <a href="https://github.com/coniks-sys/coniks-ref-implementation">Github</a>. </p> <p> This project has two main components: (1) designing and implementing a CONIKS key server tailored to Tor Messenger users, and (2) building a CONIKS client which integrates with the Tor Messenger client. One challenge the applicant will face is ensuring that the key server design is efficient and scalable for large volumes of users, concurrent traffic and guarantees this scalability even as Tor Messenger's user base grows. On the client side, the main challenges will be to focus on space efficiency as well as minimizing computational overhead when implementing the CONIKS consistency checks, and determining how to best communicate CONIKS consistency check results to users in the UI. Since Tor Messenger does not hand out online identities per se, as most online communication services do (like, say, Twitter, in which each user has a unique handle), the CONIKS key server for Tor Messenger will have to map usernames from third-party communication services to the encryption keys used in Tor Messenger. One additional important challenge that the applicant will have to help address is ensuring that each such third-party username remains unique in the Tor Messenger space and that such external, third-party identities are indeed controlled by the expected user of that third-party communication service. </p> <p> Some design and implementation questions have been discussed in <a href="https://trac.torproject.org/projects/tor/ticket/17961">Ticket #17961</a>. </p> <p> The applicant should have some familiarity with well-known crypto primitives and algorithms, as well as have a basic understanding of the key transparency model. Client side integration will require some basic use of JavaScript. Consider submitting a patch for <a href="https://github.com/arlolra/ctypes-otr/issues">one of the open key verification issues</a> as part of the application process. </p> </li> <a id="panopticlick"></a> <li> <b>Panopticlick</b> <br> Likely Mentors: <i>Georg (GeKo)</i>, <i>Günes Acar</i>, <i>Nicolas (boklm)</i> <p> The <a href="https://panopticlick.eff.org">Panopticlick project by the EFF</a> revolutionized how people think about <a href="https://panopticlick.eff.org/browser-uniqueness.pdf">browser fingerprinting</a>, both by developing tests and metrics to measure browser fingerprintability, and by crowdsourcing the evaluation and contribution of individual browser features to overall fingerprintability. </p> <p> Unfortunately, the way Panopticlick is designed <a href="https://blog.torproject.org/blog/effs-panopticlick-and-torbutton">makes it difficult</a> to evaluate defenses to browser fingerprinting, especially for browsers with a relatively small userbase such as Tor Browser. This is because any approach we take to reduce fingerprinting automatically makes our users more distinct from the previous users who submitted their fingerprint data to the EFF. Indeed, it is also impossible to ever expect that users of one browser will ever be able to blend in with users of another browser (Chrome users will always be distinguishable from Firefox users for example, based on feature set alone). </p> <p> To address this, we would like to have <a href="https://trac.torproject.org/projects/tor/ticket/6119">our own fingerprint test suite</a> to evaluate the fingerprintability of each browser feature for users running a specific Tor Browser version. There are also <a href="https://trac.torproject.org/projects/tor/query?keywords=~tbb-fingerprinting">additional fingerprinting tests</a> we can add beyond those deployed by Panopticlick. </p> <p> For this project, the student would develop a website that users can voluntarily visit to test and record their Tor Browser fingerprint. The user should get feedback on how she performed and the test results should be available in a machine readable format (e.g. JSON), broken down by Tor Browser version. In a second step one could think about adding more sophisticated tests or supporting other browser vendors that might want to test the uniformity amongst their userbase as well. Of course, results from each browser would also need to be broken down by both browser implementation and version, so that results would only reflect the population of that specific implementation. </p> </li> <a id="stegotorus"></a> <li> <b>Make Stegotorus deployment ready</b> <br> Language: <i>C++</i> <br> Likely Mentors: <i>vmon</i> <br><br> <p> <a href="https://github.com/TheTorProject/stegotorus/tree/master/src">Stegotorus</a> is a PT framework which streamline the development stealthier pluggable transport. An HTTP pluggable transport is already implemented in Stegotorus framework and can be used when encrypted payloads are throttled and only ephemeral connections are tolerated. </p> <p> The majority of work on Stegotorus is done and it can be deployed with a relatively minor improvements including: </p> <ul> <li><b>#8098 A config file file for Stegotorus</b> <p> Stegotorus needs many configuration settings specially on the bridge side. This include also the configuration required by each steg module. Currently the configuration is fed to Stegotorus as command line arguments but a file like torrc is needed so all tweaking can be read from there. </p> <p><i> Current Status and work needed to be done: The code for reading the config file is written by SRI but it is not yet used in the Stegotorus to read the config. </i></p> </li> <li><b>#8101 Debugging the transparent proxy</b> <p> Stegotorus http module uses other websites payload to hide and serve censored traffic. As such it needs to decide if the request is genuinely to the auxiliary website, in that case becomes a transparent proxy and serves the website content as requested, or if the request is actually a request to serve censored material which should be delivered to steg modules. </p> <p><i> Current Status: This is completely implemented. However, the transparent proxy sometimes crashes and need to be triaged, debugged and fixed. </i></p> </li> <li><b>#11337 refactoring the steg module code</b> <p> The http steg module code, although not essentials to the core of the Stegotorus. needs some improvement and clean up. The solution is to refactor the steg modules as children of FileStegMod. </p> <p><i> Current status and work needed to be done: This has already been done but still needs testing and refactoring before it can be reliably merge to the master branch. </i></p> </li> <li><b>#8089 Adding Elligator to Stegotorus handshake and test</b> <p> The current Stegotorus handshake is distinguishable from random byte string, which can be used to flag and detect Stegotorus traffic deterministically and need to be implemented similar to ScrambleSuite. Also because the capacity of client to server channel might be slim depending on the choice of steg module it is desirable to be implemented using Elliptic curve crypto. Hence, Elligator protocol is ideal solution for this situation. All we need is to replace Stegotorus handshake by Elligator. </p> <p><i> Current Status and work needed to be done: Elligator handshake code is included in stegotorus code base, it is only needed to be called by instead of the current handshake and be tested. </i></p> </li> <li><b>Make Stegotorus memory safe by using shared pointers</b> <p> Stegotorus has large code base and it is not written in a memory safe languages. To facilitate its audit, we need to replace (almost all) use of pointers to shared pointers. </p> <p><i> Current Status: No progress has not been done. </i></p> </li> <li><b>Security Audit and writing more unit test</b> <p> To be able to deploy Stegotorus for real world use we need to audit the code and write more unit test covering new aspects of the Stegotorus (new http transport, proxy server, Elligator handshake) </p> <p><i> Current Status: No progress has been done. </i></p> </li> <li><b>SRI branch merging</b> <p> Stegotorus has been forked from the initial development from SRI. Now that SRI is hosting Stegotorus publicly it is desirable to merge the two branches so we can benefit from both developments. </p> <p><i> Current Status: No progress has been done. </i></p> </li> <li><b>#8099 deterministic build</b> <p> To make deterministic build possible we need to build many of Stegotorus dependency from scratch. Boost library is a a huge dependency for Stegotorus to access the file system. As we are only planning to deploy Stegotorus bridges on Linux machines we can simplify such access without that dependency. By dropping such dependency, it should be straight forward to have deterministic build for Stegotorus. </p> <p><i> Current Status: No progress has been done. </i></p> </li> </ul> </li> <a id="letsEncryptClient"></a> <li> <b>Expand the OS and Server Support of the Let's Encrypt Client</b> <br> Language: <i>Python, Bash</i> <br> Likely Mentors: <i>Brad Warren (bmw)</i> <br><br> <p> <a href="https://letsencrypt.org/">Let's Encrypt</a> is a free and open certificate authority that allows its users to setup HTTPS on their web server in a matter of seconds. The project uses a new protocol called ACME to automatically perform domain validation and certificate issuance. </p> <p> The Let's Encrypt client currently works on most Unix-like OSes and is able to automatically set up HTTPS on many Apache configurations. The purpose of this project is to expand Let's Encrypt support to new systems. </p> <p> Potential targets include: </p> <ul> <li>Better OS X support including a port or Homebrew package</li> <li>A Let's Encrypt client for Windows / IIS</li> <li>Handling of more obscure Apache configurations</li> <li>Automated HTTPS configuration for other web servers such as Nginx or lighttpd</li> <li>Improved support people using shared hosting who are unable to use the full Let's Encrypt client on their server</li> </ul> </li> <a id="ahmiaSearch"></a> <li> <b>Ahmia - Hidden Service Search</b> <br> Language: <i>Python, Django</i> <br> Likely Mentors: <i>Juha Nurmi (numes), George (asn)</i> <br><br> <p> Ahmia is open-source search engine software for Tor hidden service deep dark web sites. You can test the running search engine at ahmia.fi. For more information see our <a href="https://blog.torproject.org/category/tags/ahmiafi">blog post about Ahmia's GSoC2014 development</a>. </p> <p> Ahmia is a working search engine that indexes, searches, and catalogs content published on Tor Hidden Services. Furthermore, it is an environment to share meaningful insights, statistics, insights, and news about the Tor network itself. In this context, there is a lot of work to do. </p> <p> The Ahmia web service is written using the Django web framework. As a result, the server-side language is Python. On the client-side, most of the pages are plain HTML. There are some pages that require JavaScript, but the search itself works without client-side JavaScript. </p> <p> There are several possible directions for this project, including... </p> <ol> <li>Improving the search results (very important)<br /> <ul> <li>Tweaking search algorithms</li> <li>Adjust Elasticsearch</li> <li>Enrich the data that is used to rank the search results</li> </ul> </li> <li>Improving UX and UI (very important)<br /> <ul> <li>Showing relevant knowledge</li> <li>Design the navigation and information architecture</li> <li>HTML5, CSS and Django development</li> </ul> </li> <li>Review code and infrastructure<br /> <ul> <li>Review code and fix bugs</li> <li>Writing Django test cases</li> <li>Linux configurations, automatizations</li> </ul> </li> <li>Gather statistics over time and publish them<br /> <ul> <li>Gather different kind of stats about Hidden Services</li> <li>Publish these stats using HTTP REST API</li> <li>Using this API show meaningful tables, charts and visualizations</li> </ul> </li> </ol> </li> <a id="ipHijacking"></a> <li> <b>IP hijacking detection for the Tor Network</b> <br> Likely Mentors: <i>Aaron Gibson (aagbsn)</i> <br><br> <p> <a href="https://en.wikipedia.org/wiki/IP_hijacking">IP hijacking</a> occurs when a bad actor creates false routing information to redirect Internet traffic to or through themselves. This activity is straightforward to detect, because the Internet routing tables are public information, but currently there are no public services that monitor the Tor network. The Tor Network is a dynamic set of relays, so monitoring must be Tor-aware in order to keep the set of monitored relays accurate. Additionally, consensus archives and historical Internet routing table snapshots are publicly available, and this analysis can be performed retroactively. </p> <p> The implications of IP hijacking are that Tor traffic can be redirected through a network that an attacker controls, even if the attacker does not normally have this capability - i.e. they are not in the network path. For example, an adversary could hijack the prefix of a Tor Guard relay, in order to learn who its clients are, or hijack a Tor Exit relay to tamper with requests or name resolution. </p> <p> This project comprises building a service that compares network prefixes of relays in the consensus with present and historic routing table snapshots from looking glass services such as <a href="http://routeviews.org">Routeviews</a>, or aggregators such as <a href="https://bgpstream.caida.org">Caida BGPStream</a> and then issues email alerts to the contact-info in the relay descriptor and a mailing list. Network operators are responsive to route injections, and these alerts can be used to notify network operators to take immediate action, as well as collect information about the occurrence of these type of attacks. </p> </li> <a id="tailsServer"></a> <li> <b>Tails server: Self-hosted services behind Tails-powered Tor hidden services</b> <br> Likely Mentors: <i>anonym, George (asn)</i> <p>Let's talk about group collaboration, communication and data sharing infrastructure, such as chat servers, wikis, or file repositories.</p> <p>Hosting such data and infrastructure <b>in the cloud</b> generally implies to trust the service providers not to disclose content, usage or users location information to third-parties. Hence, there are many threat models in which cloud hosting is not suitable.</p> <p>Tor partly answers the <b>users location</b> part; this is great, but <b>content</b> is left unprotected.</p> <p>There are two main ways to protect such content: either to encrypt it client-side (<b>security by design</b>), or to avoid putting it into untrusted hands in the first place.</p> <p>Cloud solutions that offer security by design are rare and generally not mature yet. The <b>Tails server</b> project is about exploring the other side of the alternative: avoiding to put private data into untrusted hands in the first place.</p> <p>This is made possible thanks to Tor hidden services, that allow users to offer location-hidden services, and make self-hosting possible in many threat models. Self-hosting has its own lot of problems, however, particularly in contexts where the physical security of the hosting place is not assured. Combining Tor hidden services with Tails' amnesia property and limited support for persistent encrypted data allows to protect content, to a great degree, even in such contexts.</p> <p>In short, setting up a new Tails server would be done by:</p> <ol style="list-style-type: decimal"> <li>Alice plugs a USB stick into a running desktop Tails system.</li> <li>Alice uses a GUI to easily configure the needed services.</li> <li>Alice unplugs the USB stick, that now contains encrypted services configuration and data storage space.</li> <li>Alice plugs that USB stick (and possibly a Tails Live CD) into the old laptop that was dedicated to run Tails server.</li> <li>Once booted, Alice enters the encryption passphrase either directly using the keyboard or through a web interface listening on the local network.</li> <li>Then, Bob can use the configured services once he gets a hold on the hidden service address. (The <b>petname system for Tor hidden services</b> project would be very complementary to this one, by the way.)</li> </ol> <p>Tails server should content itself with hardware that is a bit old (such as a PIII-450 laptop with 256MB of RAM) and/or half broken (e.g. non-functional hard-disk, screen or keyboard).</p> <p>The challenges behind this project are:</p> <ul> <li>Design and write the services configuration GUI [keywords: edit configuration files, upgrade between major Debian versions, debconf].</li> <li>How to create the hidden service key? [keywords: Vidalia, control protocol].</li> <li>Adapt the Tails boot process to allow switching to "server mode" when appropriate.</li> <li>Add support, to the Tails persistence setup process, for asking an encryption passphrase without X, and possibly with a broken keyboard and/or screen [keywords: local network, SSL/TLS?, certificate?].</li> </ul> <p>This project can easily grow quite large, so the first task would probably be to clarify what it would need to get an initial (minimal but working) implementation ready to be shipped to users.</p> <p>This project does not require to be an expert in one specific field, but it requires to be experienced and at ease with a large scope of software development tools, processes, and operating system knowledge.</p> <p>Undertaking this project requires in-depth knowledge of Debian-like systems (self-test: do the "dpkg conffile" and "debconf preseeding" words sound new to your ear?); the Debian Live persistence system being written in shell, being at ease with robust shell scripting is a must; to end with, at least two pieces of software need to be written from scratch (a GUI and a webapp): the preferred languages for these tasks would be Python and Perl. Using Behaviour Driven Development methods to convey expectations and acceptance criteria would be most welcome.</p> <p>For more information see https://tails.boum.org/todo/server_edition/</p> </li> <!-- <a id=""></a> <li> <b></b> <br> Language: <i>Python</i> <br> Likely Mentors: <i>Damian (atagar)</i> <br><br> <p> </p> <p> </p> </li> --> <li> <b>Bring up new ideas!</b> <br> Don't like any of these? Look at the <a href="/press/presskit/2008-12-19-roadmap-full.pdf">Tor development roadmap</a> for more ideas, or just try out Tor and Tor Browser, and find out what you think needs fixing. Some of the <a href="<spectree>proposals">current proposals</a> might also be short on developers. </li> </ol> <a id="OtherCoding"></a> <h2><a class="anchor" href="#OtherCoding">Other Coding and Design related ideas</a></h2> <ol> <li>Tor relays don't work well on Windows XP. On Windows, Tor uses the standard <tt>select()</tt> system call, which uses space in the non-page pool. This means that a medium sized Tor relay will empty the non-page pool, <a href="<wiki>doc/WindowsBufferProblems">causing havoc and system crashes</a>. We should probably be using overlapped IO instead. One solution would be to teach <a href="http://www.monkey.org/~provos/libevent/">libevent</a> how to use overlapped IO rather than select() on Windows, and then adapt Tor to the new libevent interface. Christian King made a <a href="https://svn.torproject.org/svn/libevent-urz/trunk/">good start</a> on this in the summer of 2007.</li> <li>We need a flexible simulator framework for studying end-to-end traffic confirmation attacks. Many researchers have whipped up ad hoc simulators to support their intuition either that the attacks work really well or that some defense works great. Can we build a simulator that's clearly documented and open enough that everybody knows it's giving a reasonable answer? This will spur a lot of new research. See the entry <a href="#Research">below</a> on confirmation attacks for details on the research side of this task — who knows, when it's done maybe you can help write a paper or three also.</li> <li>Tor 0.1.1.x and later include support for hardware crypto accelerators via OpenSSL. It has been lightly tested and is possibly very buggy. We're looking for more rigorous testing, performance analysis, and optimally, code fixes to OpenSSL and Tor if needed.</li> <li>Write a <a href="https://secure.wikimedia.org/wikipedia/en/wiki/Fuzz_testing">fuzzer</a> for Tor to discover security vulnerabilities. Determine if there are good fuzzing frameworks out there for what we want. Win fame by getting credit when we put out a new release because of you!</li> <li>Tor uses TCP for transport and TLS for link encryption. This is nice and simple, but it means all cells on a link are delayed when a single packet gets dropped, and it means we can only reasonably support TCP streams. We have a <a href="<page docs/faq>#TransportIPnotTCP">list of reasons why we haven't shifted to UDP transport</a>, but it would be great to see that list get shorter. We also have a proposed <a href="<specblob>proposals/100-tor-spec-udp.txt">specification for Tor and UDP</a> — please let us know what's wrong with it.</li> <li>We're not that far from having IPv6 support for destination addresses (at exit nodes). If you care strongly about IPv6, that's probably the first place to start.</li> <li>We need a way to generate the website diagrams (for example, the "How Tor Works" pictures on the <a href="<page about/overview>">overview page</a> from source, so we can translate them as UTF-8 text rather than edit them by hand with Gimp. We might want to integrate this as an wml file so translations are easy and images are generated in multiple languages whenever we build the website.</li> <li>How can we make the various LiveCD/USB systems easier to maintain, improve, and document? One example is <a href="https://tails.boum.org/">The Amnesic Incognito Live System</a>. </li> <li> Another anti-censorship project is to try to make Tor more scanning-resistant. Right now, an adversary can identify <a href="<specblob>proposals/125-bridges.txt">Tor bridges</a> just by trying to connect to them, following the Tor protocol, and seeing if they respond. To solve this, bridges could <a href="<svnprojects>design-paper/blocking.html#tth_sEc9.3">act like webservers</a> (HTTP or HTTPS) when contacted by port-scanning tools, and not act like bridges until the user provides a bridge-specific key. To start, check out Shane Pope's <a href="http://dl.dropbox.com/u/37735/index.html">thesis and prototype</a>. </li> </ol> <a id="Research"></a> <h2><a class="anchor" href="#Research">Research</a></h2> <ol> <li>The "end-to-end traffic confirmation attack": by watching traffic at Alice and at Bob, we can <a href="http://freehaven.net/anonbib/#danezis:pet2004">compare traffic signatures and become convinced that we're watching the same stream</a>. So far Tor accepts this as a fact of life and assumes this attack is trivial in all cases. First of all, is that actually true? How much traffic of what sort of distribution is needed before the adversary is confident he has won? Are there scenarios (e.g. not transmitting much) that slow down the attack? Do some traffic padding or traffic shaping schemes work better than others?</li> <li>A related question is: Does running a relay/bridge provide additional protection against these timing attacks? Can an external adversary that can't see inside TLS links still recognize individual streams reliably? Does the amount of traffic carried degrade this ability any? What if the client-relay deliberately delayed upstream relayed traffic to create a queue that could be used to mimic timings of client downstream traffic to make it look like it was also relayed? This same queue could also be used for masking timings in client upstream traffic with the techniques from <a href="http://www.freehaven.net/anonbib/#ShWa-Timing06">adaptive padding</a>, but without the need for additional traffic. Would such an interleaving of client upstream traffic obscure timings for external adversaries? Would the strategies need to be adjusted for asymmetric links? For example, on asymmetric links, is it actually possible to differentiate client traffic from natural bursts due to their asymmetric capacity? Or is it easier than symmetric links for some other reason?</li> <li>Repeat Murdoch and Danezis's <a href="http://www.cl.cam.ac.uk/~sjm217/projects/anon/#torta">attack from Oakland 05</a> on the current Tor network. See if you can learn why it works well on some nodes and not well on others. (My theory is that the fast nodes with spare capacity resist the attack better.) If that's true, then experiment with the RelayBandwidthRate and RelayBandwidthBurst options to run a relay that is used as a client while relaying the attacker's traffic: as we crank down the RelayBandwidthRate, does the attack get harder? What's the right ratio of RelayBandwidthRate to actually capacity? Or is it a ratio at all? While we're at it, does a much larger set of candidate relays increase the false positive rate or other complexity for the attack? (The Tor network is now almost two orders of magnitude larger than it was when they wrote their paper.) Be sure to read <a href="http://freehaven.net/anonbib/#clog-the-queue">Don't Clog the Queue</a> too.</li> <li>The "routing zones attack": most of the literature thinks of the network path between Alice and her entry node (and between the exit node and Bob) as a single link on some graph. In practice, though, the path traverses many autonomous systems (ASes), and <a href="http://freehaven.net/anonbib/#feamster:wpes2004">it's not uncommon that the same AS appears on both the entry path and the exit path</a>. Unfortunately, to accurately predict whether a given Alice, entry, exit, Bob quad will be dangerous, we need to download an entire Internet routing zone and perform expensive operations on it. Are there practical approximations, such as avoiding IP addresses in the same /8 network?</li> <li>Other research questions regarding geographic diversity consider the tradeoff between choosing an efficient circuit and choosing a random circuit. Look at Stephen Rollyson's <a href="http://swiki.cc.gatech.edu:8080/ugResearch/uploads/7/ImprovingTor.pdf">position paper</a> on how to discard particularly slow choices without hurting anonymity "too much". This line of reasoning needs more work and more thinking, but it looks very promising.</li> <li>Tor doesn't work very well when relays have asymmetric bandwidth (e.g. cable or DSL). Because Tor has separate TCP connections between each hop, if the incoming bytes are arriving just fine and the outgoing bytes are all getting dropped on the floor, the TCP push-back mechanisms don't really transmit this information back to the incoming streams. Perhaps Tor should detect when it's dropping a lot of outgoing packets, and rate-limit incoming streams to regulate this itself? I can imagine a build-up and drop-off scheme where we pick a conservative rate-limit, slowly increase it until we get lost packets, back off, repeat. We need somebody who's good with networks to simulate this and help design solutions; and/or we need to understand the extent of the performance degradation, and use this as motivation to reconsider UDP transport.</li> <li>A related topic is congestion control. Is our current design sufficient once we have heavy use? Maybe we should experiment with variable-sized windows rather than fixed-size windows? That seemed to go well in an <a href="http://www.psc.edu/index.php/hpn-ssh/638">ssh throughput experiment</a>. We'll need to measure and tweak, and maybe overhaul if the results are good.</li> <li>Our censorship-resistance goals include preventing an attacker who's looking at Tor traffic on the wire from <a href="<svnprojects>design-paper/blocking.html#sec:network-fingerprint">distinguishing it from normal SSL traffic</a>. Obviously we can't achieve perfect steganography and still remain usable, but for a first step we'd like to block any attacks that can win by observing only a few packets. One of the remaining attacks we haven't examined much is that Tor cells are 512 bytes, so the traffic on the wire may well be a multiple of 512 bytes. How much does the batching and overhead in TLS records blur this on the wire? Do different buffer flushing strategies in Tor affect this? Could a bit of padding help a lot, or is this an attack we must accept?</li> <li>Tor circuits are built one hop at a time, so in theory we have the ability to make some streams exit from the second hop, some from the third, and so on. This seems nice because it breaks up the set of exiting streams that a given relay can see. But if we want each stream to be safe, the "shortest" path should be at least 3 hops long by our current logic, so the rest will be even longer. We need to examine this performance / security tradeoff.</li> <li>It's not that hard to DoS Tor relays or directory authorities. Are client puzzles the right answer? What other practical approaches are there? Bonus if they're backward-compatible with the current Tor protocol.</li> <li>Programs like <a href="<page docs/torbutton/index>">Torbutton</a> aim to hide your browser's UserAgent string by replacing it with a uniform answer for every Tor user. That way the attacker can't splinter Tor's anonymity set by looking at that header. It tries to pick a string that is commonly used by non-Tor users too, so it doesn't stand out. Question one: how badly do we hurt ourselves by periodically updating the version of Firefox that Torbutton claims to be? If we update it too often, we splinter the anonymity sets ourselves. If we don't update it often enough, then all the Tor users stand out because they claim to be running a quite old version of Firefox. The answer here probably depends on the Firefox versions seen in the wild. Question two: periodically people ask us to cycle through N UserAgent strings rather than stick with one. Does this approach help, hurt, or not matter? Consider: cookies and recognizing Torbutton users by their rotating UserAgents; malicious websites who only attack certain browsers; and whether the answers to question one impact this answer. </li> <li>How many bridge relays do you need to know to maintain reachability? We should measure the churn in our bridges. If there is lots of churn, are there ways to keep bridge users more likely to stay connected? </li> </ol> <p> <a href="<page about/contact>">Let us know</a> if you've made progress on any of these! </p> </div> <!-- END MAINCOL --> <div id = "sidecol"> #include "side.wmi" #include "info.wmi" </div> <!-- END SIDECOL --> </div> <!-- END CONTENT --> #include <foot.wmi>
