git.schokokeks.org
Repositories
Help
Report an Issue
tor-webwml.git
Code
Commits
Branches
Tags
Suche
Strukturansicht:
fc897f610
Branches
Tags
bridges
docs-debian
jobs
master
press-clips
tor-webwml.git
getinvolved
en
volunteer.wml
Dropping alpha flag from stem
Damian Johnson
commited
fc897f610
at 2012-12-03 03:07:53
volunteer.wml
Blame
History
Raw
## translation metadata # Revision: $Revision$ # Translation-Priority: 4-optional #include "head.wmi" TITLE="Tor: Volunteer" CHARSET="UTF-8" <div id="content" class="clearfix"> <div id="breadcrumbs"> <a href="<page index>">Home » </a> <a href="<page getinvolved/volunteer>">Volunteer</a> </div> <div id="maincol"> <!-- PUT CONTENT AFTER THIS TAG --> <h1>A few things everyone can do now:</h1> <ol> <li>Please consider <a href="<page docs/tor-doc-relay>">running a relay</a> to help the Tor network grow.</li> <li>Do you have an Amazon account? Are you willing to spend up to $3 a month? Then spin up your own Tor <a href="<page docs/bridges>">bridge</a> in less than 10 minutes with <a href="https://cloud.torproject.org/">tor cloud</a>!</li> <li>Tell your friends! Get them to run relays. Get them to run hidden services. Get them to tell their friends.</li> <li>If you like Tor's goals, please <a href="<page donate/donate>">take a moment to donate to support further Tor development</a>. We're also looking for more sponsors — if you know any companies, NGOs, agencies, or other organizations that want anonymity / privacy / communications security, let them know about us.</li> <li>We're looking for more <a href="<page about/torusers>">good examples of Tor users and Tor use cases</a>. If you use Tor for a scenario or purpose not yet described on that page, and you're comfortable sharing it with us, we'd love to hear from you.</li> </ol> <a id="Documentation"></a> <h2><a class="anchor" href="#Documentation">Documentation</a></h2> <ol> <li>Help translate the web page and documentation into other languages. See the <a href="<page getinvolved/translation>">translation guidelines</a> if you want to help out. We especially need Arabic or Farsi translations, for the many Tor users in censored areas.</li> <li>Evaluate and document <a href="<wiki>doc/TorifyHOWTO">our list of programs</a> that can be configured to use Tor.</li> <li>We have a huge list of <a href="<wiki>doc/SupportPrograms">potentially useful programs that interface to Tor</a>. Which ones are useful in which situations? Please help us test them out and document your results.</li> </ol> <a id="Advocacy"></a> <h2><a class="anchor" href="#Advocacy">Advocacy</a></h2> <ol> <li>Create a presentation that can be used for various user group meetings around the world.</li> <li>Create a video about the positive uses of Tor, what Tor is, or how to use it. Some have already started on <a href="https://media.torproject.org/video/">Tor's Media server</a>, <a href="http://www.howcast.com/videos/90601-How-To-Circumvent-an-Internet-Proxy">Howcast</a>, and <a href="http://www.youtube.com/thetorproject">YouTube</a>.</li> <li>Create a poster, or a set of posters, around a theme, such as "Tor for Freedom!".</li> <li>Create a t-shirt design that incorporates "Congratulations! You are using Tor!" in any language.</li> </ol> <a id="opw"></a> <h2><a class="anchor" href="#opw">Outreach Program for Women</a></h2> <p> Several organisations, including Tor, are taking part in the <a href="https://live.gnome.org/OutreachProgramForWomen">2013 Outreach Program for Women</a>. This is a mentoring program similar to <a href="https://www.google-melange.com/gsoc/homepage/google/gsoc2012">Google Summer of Code</a> targeted at getting more women involved in open source. </p> <p> The program runs from January 2 through April 2, 2013. The application deadline is December 3, 2012 and it is best to start as early as possible preparing your application. Like GSoC the program involves a stipend so, if you're a woman interested in fighting surveillance and censorship around the world then let us know! </p> <p> To apply... </p> <ol> <li>Read up on the <a href="https://live.gnome.org/OutreachProgramForWomen">outreach program</a>.</li> <li>Look over our projects and task ideas below. If nothing there strikes your fancy then feel free to make one of your own.</li> <li>Join the <a href="https://www.torproject.org/about/contact.html.en#irc">#tor-dev irc channel</a> and introduce yourself!</li> <li>Contact the maintainer of the project that you're interested in contributing to, and talk with them about how to get started. Maintainers are listed in the table below. Note that you need to submit a patch or contribute in some way before you can apply to the program.</li> <li><a href="https://live.gnome.org/OutreachProgramForWomen#Send_in_an_Application">Send your application</a> to opw-list@gnome.org. Please be available and responsive throughout the application period so we can work with you on improving it.</li> </ol> <a id="Projects"></a> <h2><a class="anchor" href="#Projects">Projects</a></h2> <p> Below are a list of Tor related projects we're developing and/or maintaining. Most discussions happen on IRC so if you're interested in any of these (or you have a project idea of your own), then please <a href="<page about/contact>#irc">join us in #tor-dev</a>. Don't be shy to ask questions, and don't hesitate to ask even if the main contributors aren't active at that moment. </p> <table id="projects"> <tr> <th>Name</th> <th>Category</th> <th>Language</th> <th>Activity</th> <th>Contributors</th> </tr> <tr> <td><a href="#project-tor">Tor</a></td> <td>Core</td> <td>C</td> <td>Heavy</td> <td>nickm, arma, Sebastian</td> </tr> <tr class="alt"> <td>*<a href="#project-jtor">JTor</a></td> <td>Core</td> <td>Java</td> <td>None</td> <td>bleidl</td> </tr> <tr> <td><a href="#project-tbb">TBB</a></td> <td>Usability</td> <td>Sys Admin</td> <td>Moderate</td> <td>Erinn</td> </tr> <tr class="alt"> <td><a href="#project-tails">Tails</a></td> <td>Usability</td> <td>Sys Admin</td> <td>Heavy</td> <td><a href="https://tails.boum.org/">#tails</a></td> </tr> <tr> <td><a href="#project-torsocks">Torsocks</a></td> <td>Usability</td> <td>C</td> <td>Heavy</td> <td>ioerror, nickm</td> </tr> <tr class="alt"> <td>*<a href="#project-torouter">Torouter</a></td> <td>Usability</td> <td>Sys Admin</td> <td>Light</td> <td>ioerror</td> </tr> <tr> <td><a href="#project-vidalia">Vidalia</a></td> <td>User Interface</td> <td>C++, Qt</td> <td>Light</td> <td>chiiph</td> </tr> <tr class="alt"> <td><a href="#project-arm">Arm</a></td> <td>User Interface</td> <td>Python, Curses</td> <td>Light</td> <td>atagar</td> </tr> <tr> <td><a href="#project-orbot">Orbot</a></td> <td>User Interface</td> <td>Java</td> <td>Moderate</td> <td>n8fr8, ioerror</td> </tr> <tr class="alt"> <td><a href="#project-torbutton">Torbutton</a></td> <td>Browser Add-on</td> <td>Javascript</td> <td>Moderate</td> <td>mikeperry</td> </tr> <tr> <td><a href="#project-torbirdy">TorBirdy</a></td> <td>Browser Add-on</td> <td>JavaScript</td> <td>Heavy</td> <td>Sukhbir (sukhe), ioerror</td> </tr> <tr class="alt"> <td><a href="#project-obfsproxy">Obfsproxy</a></td> <td>Client Add-on</td> <td>C</td> <td>Moderate</td> <td>nickm, asn</td> </tr> <tr> <td><a href="#project-flash-proxy">Flash Proxy</a></td> <td>Client Add-on</td> <td>Python, JavaScript, Go</td> <td>Moderate</td> <td>dcf, aallai, jct</td> </tr> <tr class="alt"> <td>*<a href="#project-thandy">Thandy</a></td> <td>Updater</td> <td>Python</td> <td>Light</td> <td>chiiph, Erinn, nickm</td> </tr> <tr> <td>*<a href="#project-ooni-probe">Ooni Probe</a></td> <td>Scanner</td> <td>Python</td> <td>Moderate</td> <td>hellais, isis, ioerror</td> </tr> <tr class="alt"> <td><a href="#project-shadow">Shadow</a></td> <td>Experimentation</td> <td>C, Python</td> <td>Moderate</td> <td>robgjansen</td> </tr> <tr> <td><a href="#project-torctl">TorCtl</a></td> <td>Library</td> <td>Python</td> <td>None</td> <td>aagbsn</td> </tr> <tr class="alt"> <td><a href="#project-stem">Stem</a></td> <td>Library</td> <td>Python</td> <td>Heavy</td> <td>atagar, neena</td> </tr> <tr> <td><a href="#project-tlsdate">Tlsdate</a></td> <td>Utility</td> <td>C</td> <td>Heavy</td> <td>ioerror</td> </tr> <tr class="alt"> <td><a href="#project-metrics">Metrics</a></td> <td>Client Service</td> <td>Java</td> <td>Heavy</td> <td>karsten</td> </tr> <tr> <td><a href="#project-atlas">Atlas</a></td> <td>Client Service</td> <td>JavaScript</td> <td>Moderate</td> <td>hellais</td> </tr> <tr class="alt"> <td><a href="#project-torstatus">TorStatus</a></td> <td>Client Service</td> <td>Python, Django</td> <td>None</td> <td></td> </tr> <tr> <td><a href="#project-compass">Compass</a></td> <td>Client Service</td> <td>Python</td> <td>Heavy</td> <td>gsathya, karsten</td> </tr> <tr class="alt"> <td><a href="#project-weather">Weather</a></td> <td>Client Service</td> <td>Python</td> <td>None</td> <td>kaner</td> </tr> <tr> <td><a href="#project-gettor">GetTor</a></td> <td>Client Service</td> <td>Python</td> <td>None</td> <td>kaner</td> </tr> <tr class="alt"> <td><a href="#project-torcheck">TorCheck</a></td> <td>Client Service</td> <td>Python, Perl</td> <td>None</td> <td>ioerror</td> </tr> <tr> <td><a href="#project-onionoo">Onionoo</a></td> <td>Backend Service</td> <td>Java, Python</td> <td>Moderate</td> <td>karsten, gsathya</td> </tr> <tr class="alt"> <td><a href="#project-bridgedb">BridgeDB</a></td> <td>Backend Service</td> <td>Python</td> <td>None</td> <td>kaner, nickm</td> </tr> <tr> <td><a href="#project-torflow">TorFlow</a></td> <td>Backend Service</td> <td>Python</td> <td>None</td> <td>aagbsn</td> </tr> <tr class="alt"> <td>*<a href="#project-torbel">TorBEL</a></td> <td>Backend Service</td> <td>Python</td> <td>None</td> <td>Sebastian</td> </tr> </table> <sub> * Project is still in an alpha state. </sub> <br /><br /> <a id="project-tor"></a> <h3>Tor (<a href="https://gitweb.torproject.org/tor.git">code</a>, <a href="https://trac.torproject.org/projects/tor/query?status=accepted&status=assigned&status=needs_review&status=new&status=reopened&component=Tor+Client&component=Tor+Relay&component=vidalia&order=priority">bug tracker</a>)</h3> <p> Central project, providing the core software for using and participating in the Tor network. Numerous people contribute to the project to varying extents, but the chief architects are Nick Mathewson and Roger Dingledine. </p> <p> <b>Project Ideas:</b><br /> <i><a href="#limitCapabilities">Run With Limited Capabilities</a></i><br /> <i><a href="#torCleanup">Tor Codebase Cleanup</a></i><br /> <i><a href="#httpsImersonation">HTTPS Server Impersonation</a></i><br /> <i><a href="#chutneyExpansion">Make Chutney Do More, More Reliably</a></i> </p> <a id="project-jtor"></a> <h3><a href="https://github.com/brl/JTor/wiki">JTor</a> (<a href="https://github.com/brl/JTor">code</a>, <a href="https://github.com/brl/JTor/issues">bug tracker</a>)</h3> <p> Java implementation of Tor and successor to <a href="http://onioncoffee.sourceforge.net/">OnionCoffee</a>. This project isn't yet complete, and has been inactive since Fall 2010. </p> <a id="project-tbb"></a> <h3><a href="<page projects/torbrowser>">Tor Browser Bundle</a> (<a href="https://gitweb.torproject.org/torbrowser.git">code</a>, <a href="https://trac.torproject.org/projects/tor/query?status=accepted&status=assigned&status=needs_review&status=new&status=reopened&component=Tor+bundles/installation&order=priority">bug tracker</a>)</h3> <p> The Tor Browser Bundle is an easy-to-use portable package of Tor, Vidalia, and Firefox preconfigured to work together out of the box. This is actively being worked on by Erinn Clark. </p> <!-- <p> <b>Project Ideas:</b><br /> <i><a href="#auditTBB">Audit Tor Browser Bundles for data leaks</a></i><br /> <i><a href="#usabilityTesting">Usability testing of Tor</a></i> </p> --> <a id="project-tails"></a> <h3><a href="https://tails.boum.org/">The Amnesic Incognito Live System</a> (<a href="http://git.immerda.ch/?p=amnesia.git;a=summary">code</a>, <a href="https://tails.boum.org/bugs/">bug tracker</a>)</h3> <p> The Amnesic Incognito Live System is a live CD/USB distribution preconfigured so that everything is safely routed through Tor and leaves no trace on the local system. This is a merger of the Amnesia and <a href="http://www.anonymityanywhere.com/incognito/">Incognito</a> projects, and still under very active development. </p> <!-- <p> <b>Project Ideas:</b><br /> <i><a href="#tailsHiddenServicePetnames">Petname system for Tor hidden services</a></i><br /> <i><a href="#tailsServer">Tails server: Self-hosted services behind Tails-powered Tor hidden services</a></i> </p> --> <a id="project-torsocks"></a> <h3><a href="http://code.google.com/p/torsocks/">Torsocks</a> (<a href="https://gitweb.torproject.org/torsocks.git">code</a>, <a href="https://trac.torproject.org/projects/tor/query?status=accepted&status=assigned&status=needs_review&status=new&status=reopened&component=Torify&order=priority">bug tracker</a>)</h3> <p> Utility for adapting other applications to work with Tor. Development has slowed and compatibility issues remain with some platforms, but it's otherwise feature complete. </p> <!-- <p> <b>Project Ideas:</b><br /> <i><a href="#torsocksForOSX">Make torsocks/dsocks work on OS X</a></i> </p> --> <a id="project-torouter"></a> <h3><a href="<wiki>doc/Torouter">Torouter</a> (<a href="https://trac.torproject.org/projects/tor/query?status=accepted&status=assigned&status=needs_review&status=new&status=reopened&component=Torouter&order=priority">bug tracker</a>)</h3> <p> Project to provide an easy-to-use, embedded Tor instance for routers. This had high activity in late 2010, but has since been rather quiet. </p> <a id="project-vidalia"></a> <h3><a href="<page projects/vidalia>">Vidalia</a> (<a href="https://gitweb.torproject.org/vidalia.git">code</a>, <a href="https://trac.torproject.org/projects/tor/query?status=accepted&status=assigned&status=needs_review&status=new&status=reopened&component=Vidalia&order=priority">bug tracker</a>)</h3> <p> The most commonly used user interface for Tor. Matt Edman started the project in 2006 and brought it to its current stable state. Development slowed for several years, though Tomás Touceda has since taken a lead with pushing the project forward. </p> <!-- <p> <b>Project Ideas:</b><br /> <i><a href="#vidaliaStatusEventInterface">Tor Controller Status Event Interface for Vidalia</a></i><br /> <i><a href="#vidalia-hidden-service-panel">Torrc plugin and improved hidden service configuration panel</a></i> </p> --> <a id="project-arm"></a> <h3><a href="http://www.atagar.com/arm/">Arm</a> (<a href="https://gitweb.torproject.org/arm.git">code</a>, <a href="https://trac.torproject.org/projects/tor/query?status=accepted&status=assigned&status=needs_review&status=new&status=reopened&component=arm&order=priority">bug tracker</a>)</h3> <p> Command-line monitor for Tor. This has been under very active development by its author, Damian Johnson, since early 2009 to make it a better general-purpose controller for *nix environments. </p> <!-- <p> <b>Project Ideas:</b><br /> <i><a href="#armClientMode">Client Mode Use Cases for Arm</a></i><br /> <i><a href="#armGui">GUI for Arm</a></i> </p> --> <a id="project-orbot"></a> <h3><a href="https://guardianproject.info/apps/orbot/">Orbot</a> (<a href="https://gitweb.torproject.org/orbot.git">code</a>, <a href="https://trac.torproject.org/projects/tor/query?status=accepted&status=assigned&status=needs_review&status=new&status=reopened&component=Orbot&order=priority">bug tracker</a>)</h3> <p> Provides Tor on the Android platform. This was under very active development up through Fall 2010, after which things have been quiet. </p> <!-- <p> <b>Project Ideas:</b><br /> <i><a href="#orbot-torbutton">TorButton for Mobile Firefox 4 or Custom Browser on Android</a></i><br /> <i><a href="#orbot-userInterface">Build a better user interface for Orbot</a></i><br /> <i><a href="#orbot-optimisation">Core Tor mobile optimisation</a></i> </p> --> <a id="project-torbutton"></a> <h3><a href="<page torbutton/index>">Torbutton</a> (<a href="https://gitweb.torproject.org/torbutton.git">code</a>, <a href="https://trac.torproject.org/projects/tor/query?status=accepted&status=assigned&status=needs_review&status=new&status=reopened&component=Torbutton&order=priority">bug tracker</a>)</h3> <p> Firefox addon that addresses many of the client-side threats to browsing the Internet anonymously. Mike has since continued to adapt it to new threats, updated versions of Firefox, and possibly <a href="https://blog.torproject.org/blog/google-chrome-incognito-mode-tor-and-fingerprinting">Chrome as well</a>. </p> <a id="project-torbirdy"></a> <h3>TorBirdy (<a href="https://github.com/ioerror/torbirdy">code</a>, <a href="https://trac.torproject.org/projects/tor/wiki/torbirdy/dev">bug tracker</a>)</h3> <p> TorBirdy is Torbutton for Thunderbird and related Mozilla mail clients. </p> <p> <b>Project Ideas:</b><br /> <i><a href="#improveTorbirdy">Improving TorBirdy</a></i><br /> </p> <a id="project-obfsproxy"></a> <h3><a href="https://gitweb.torproject.org/obfsproxy.git/tree/HEAD:/doc">Obfsproxy</a> (<a href="https://gitweb.torproject.org/obfsproxy.git">code</a>, <a href="https://trac.torproject.org/projects/tor/query?status=accepted&status=assigned&status=needs_review&status=new&status=reopened&component=Pluggable+transport&order=priority">bug tracker</a>)</h3> <p> A proxy that shapes Tor traffic, making it harder for censors to detect and block Tor. </p> <!-- <p> <b>Project Ideas:</b><br /> <i><a href="#obfsproxy-new-transports">New and innovative pluggable transports</a></i><br /> <i><a href="#obfsproxy-scanning-measures">Defensive bridge active scanning measures</a></i><br /> <i><a href="#obfsproxy-fuzzer">Fuzzer for the Tor protocol</a></i> </p> --> <a id="project-flash-proxy"></a> <h3><a href="https://crypto.stanford.edu/flashproxy/">Flash Proxy</a> (<a href="https://gitweb.torproject.org/flashproxy.git">code</a>, <a href="https://trac.torproject.org/projects/tor/query?status=accepted&status=assigned&status=needs_information&status=needs_review&status=needs_revision&status=new&status=reopened&component=Flashproxy">bug tracker</a>)</h3> <p> Pluggable transport using proxies running in web browsers to defeat address-based blocking. </p> <a id="project-thandy"></a> <h3>Thandy (<a href="https://gitweb.torproject.org/thandy.git">code</a>)</h3> <p> Updater for Tor. The project began in the Summer of 2008 but wasn't completed. Recently interest in it has been rekindled and many aspects of its design (including the language it'll be in) are currently in flux. </p> <a id="project-ooni-probe"></a> <h3>Ooni Probe (<a href="https://gitweb.torproject.org/ooni-probe.git">code</a>, <a href="https://trac.torproject.org/projects/tor/query?status=accepted&status=assigned&status=needs_review&status=new&status=reopened&component=Ooni&order=priority">bug tracker</a>)</h3> <p> Censorship scanner, checking your local connection for blocked or modified content. </p> <a id="project-shadow"></a> <h3><a href="https://shadow.cs.umn.edu/">Shadow</a> (<a href="https://github.com/shadow">code</a>, <a href="https://github.com/shadow/shadow/issues">bug tracker</a>)</h3> <p> Shadow is a discrete-event network simulator that runs the real Tor software as a plug-in. Shadow is open-source software that enables accurate, efficient, controlled, and repeatable Tor experimentation. </p> <a id="project-torctl"></a> <h3>TorCtl (<a href="https://gitweb.torproject.org/pytorctl.git">code</a>, <a href="https://trac.torproject.org/projects/tor/query?status=accepted&status=assigned&status=needs_review&status=new&status=reopened&component=Torctl&order=priority">bug tracker</a>)</h3> <p> Python bindings and utilities for using the Tor control port. It has been stable for several years, with only minor revisions. </p> <a id="project-stem"></a> <h3><a href="https://stem.readthedocs.org/en/latest/index.html">Stem</a> (<a href="https://gitweb.torproject.org/stem.git">code</a>, <a href="https://trac.torproject.org/projects/tor/wiki/doc/stem/bugs">bug tracker</a>)</h3> <p> Python controller library with a similar scope to TorCtl, but with better testing, documentation, and API. This project is not yet feature complete. </p> <p> <b>Project Ideas:</b><br /> <i><a href="#stemUsability">Stem Usability Improvements</a></i> </p> <a id="project-tlsdate"></a> <h3>Tlsdate (<a href="https://github.com/ioerror/tlsdate">code</a>)</h3> <p> tlsdate: secure parasitic rdate replacement </p> <p> tlsdate sets the local clock by securely connecting with TLS to remote servers and extracting the remote time out of the secure handshake. Unlike ntpdate, tlsdate uses TCP, for instance connecting to a remote HTTPS or TLS enabled service, and provides some protection against adversaries that try to feed you malicious time information. </p> <a id="project-metrics"></a> <h3><a href="https://metrics.torproject.org/">Metrics</a> (code: <a href="https://gitweb.torproject.org/metrics-db.git">db</a>, <a href="https://gitweb.torproject.org/metrics-utils.git">utils</a>, <a href="https://gitweb.torproject.org/metrics-web.git">web</a>, <a href="https://trac.torproject.org/projects/tor/query?status=accepted&status=assigned&status=needs_review&status=new&status=reopened&component=Metrics&order=priority">bug tracker</a>)</h3> <p> Processing and analytics of consensus data, provided to users via the metrics portal. This has been under active development for several years by Karsten Loesing. </p> <p> <b>Project Ideas:</b><br /> <i><a href="#metricsSearch">Searchable Tor descriptor and Metrics data archive</a></i> (Python/Django?) </p> <a id="project-atlas"></a> <h3><a href="https://atlas.torproject.org/">Atlas</a> (<a href="https://gitweb.torproject.org/atlas.git">code</a>)</h3> <p> Atlas is a web application to discover Tor relays and bridges. It provides useful information on how relays are configured along with graphics about their past usage. This is the third evolution of the TorStatus application. </p> <a id="project-torstatus"></a> <h3><a href="https://trac.torproject.org/projects/tor/wiki/org/roadmaps/TorStatus">TorStatus</a> (<a href="https://gitweb.torproject.org/torstatus.git">code</a>)</h3> <p> Portal providing an overview of the Tor network, and details on any of its current relays. Though very actively used, this project has been unmaintained for a long while. The <a href="https://svn.torproject.org/svn/torstatus/trunk/">original codebase</a> was written in PHP, and students from Wesleyan wrote the new Django counterpart. </p> <a id="project-compass"></a> <h3><a href="https://compass.torproject.org/">Compass</a> (<a href="https://gitweb.torproject.org/compass.git">code</a>, <a href="https://trac.torproject.org/projects/tor/query?status=accepted&status=assigned&status=needs_review&status=new&status=reopened&component=Compass&order=priority">bug tracker</a>)</h3> <p> Compass is a web and command line application that filters and aggregates the Tor relays based on various attributes. </p> <p> <b>Project Ideas:</b><br /> <i><a href="#compassRefactoring">Compass Refactoring</a></i> </p> <a id="project-weather"></a> <h3><a href="https://trac.torproject.org/projects/tor/wiki/org/roadmaps/Weather">Weather</a> (<a href="https://gitweb.torproject.org/weather.git">code</a>, <a href="https://trac.torproject.org/projects/tor/query?status=accepted&status=assigned&status=needs_review&status=new&status=reopened&component=Tor+Weather&order=priority">bug tracker</a>)</h3> <p> Provides automatic notification to subscribed relay operators when their relay's unreachable. This underwent a rewrite by the <a href="http://hfoss.wesleyan.edu/">Wesleyan HFOSS team</a>, which went live in early 2011. </p> <a id="project-gettor"></a> <h3><a href="https://trac.torproject.org/projects/tor/wiki/org/roadmaps/GetTor">GetTor</a> (<a href="https://gitweb.torproject.org/gettor.git">code</a>, <a href="https://trac.torproject.org/projects/tor/query?status=accepted&status=assigned&status=needs_review&status=new&status=reopened&component=GetTor&order=priority">bug tracker</a>)</h3> <p> E-mail autoresponder providing Tor's packages over SMTP. This has been relatively unchanged for quite a while. </p> <a id="project-torcheck"></a> <h3><a href="https://trac.torproject.org/projects/tor/wiki/org/roadmaps/TorCheck">TorCheck</a> (<a href="https://svn.torproject.org/svn/check/trunk/">code</a>, <a href="https://trac.torproject.org/projects/tor/query?status=accepted&status=assigned&status=needs_review&status=new&status=reopened&component=Tor+Check&order=priority">bug tracker</a>)</h3> <p> Provides a simple site for determining if the visitor is using Tor or not. This has been relatively unchanged for quite a while. </p> <a id="project-onionoo"></a> <h3><a href="<page projects/onionoo>">Onionoo</a> (<a href="https://gitweb.torproject.org/onionoo.git">java codebase</a>, <a href="https://gitweb.torproject.org/pyonionoo.git">python codebase</a>)</h3> <p> Onionoo is a JSON based protocol to learn information about currently running Tor relays and bridges. </p> <a id="project-bridgedb"></a> <h3><a href="https://trac.torproject.org/projects/tor/wiki/org/roadmaps/BridgeDB">BridgeDB</a> (<a href="https://gitweb.torproject.org/bridgedb.git">code</a>, <a href="https://trac.torproject.org/projects/tor/query?status=accepted&status=assigned&status=needs_review&status=new&status=reopened&component=BridgeDB&order=priority">bug tracker</a>)</h3> <p> Backend bridge distributor, handling the various pools they're distributed in. This was actively developed until Fall of 2010. </p> <a id="project-torflow"></a> <h3><a href="https://trac.torproject.org/projects/tor/wiki/org/roadmaps/TorFlow">TorFlow</a> (<a href="https://gitweb.torproject.org/torflow.git">code</a>, <a href="https://trac.torproject.org/projects/tor/query?status=accepted&status=assigned&status=needs_review&status=new&status=reopened&component=Torflow&order=priority">bug tracker</a>)</h3> <p> Library and collection of services for actively monitoring the Tor network. These include the Bandwidth Scanners (measuring throughput of relays) and SoaT (scans for malicious or misconfigured exit nodes). SoaT was last actively developed in the Summer of 2010, and the Bandwidth Scanners a few months later. Both have been under active use since then, but development has stopped. </p> <a id="project-torbel"></a> <h3><a href="https://blog.torproject.org/blog/torbel-tor-bulk-exit-list-tools">TorBEL</a> (<a href="https://gitweb.torproject.org/torbel.git">code</a>, <a href="https://trac.torproject.org/projects/tor/query?status=accepted&status=assigned&status=needs_review&status=new&status=reopened&component=TorDNSEL/TorBEL&order=priority">bug tracker</a>)</h3> <p> The Tor Bulk Exitlist provides a method of identifying if IPs belong to exit nodes or not. This is a replacement for TorDNSEL which is a stable (though unmaintained) Haskell application for this purpose. The initial version of TorBEL was started in GSOC 2010 but since then the project has been inactive. </p> <a id="Coding"></a> <a id="Summer"></a> <h2><a class="anchor" href="#Coding">Project Ideas</a></h2> <p> You may find some of these projects to be good ideas for <a href="<page about/gsoc>">Google Summer of Code</a> and the <a href="https://live.gnome.org/OutreachProgramForWomen">Outreach Program for Women</a>. We have labelled each idea with how useful it would be to the overall Tor project (priority), how much work we expect it would be (effort level), how much clue you should start with (skill level), and which of our <a href="<page about/corepeople>">core developers</a> would be good mentors. If one or more of these ideas looks promising to you, please <a href="<page about/contact>">contact us</a> to discuss your plans rather than sending blind applications. You may also want to propose your own project idea — which often results in the best applications. </p> <ol> <!-- <a id="auditTBB"></a> <li> <b>Audit Tor Browser Bundles for data leaks</b> <br> Effort Level: <i>High</i> <br> Skill Level: <i>Medium</i> <br> Likely Mentors: <i>Jacob</i> <p>The Tor Browser Bundle incorporates Tor, Firefox, Polipo, and the Vidalia user interface (and optionally the <a href="http://pidgin.im/">Pidgin</a> Instant Messaging client). Components are pre-configured to operate in a secure way, and it has very few dependencies on the installed operating system. It has therefore become one of the most easy to use, and popular, ways to use Tor on Windows.</p> <p>This project is to identify all of the traces left behind by using a Tor Browser Bundle on Windows, Mac OS X, or Linux. Developing ways to stop, counter, or remove these traces is a final step.</p> <p>Students should be familiar with operating system analysis, application development on one or preferably all of Windows, Linux, and Mac OS X, and be comfortable with C/C++ and shell scripting.</p> <p>Since the core of this project is researching and auditing TBB this is not likely to be a good GSoC project.</p> </li> --> <!-- <a id="orbot-userInterface"></a> <li> <b>Build a better user interface for Orbot</b> <br> Effort Level: <i>Medium</i> <br> Skill Level: <i>Medium</i> <br> Likely Mentors: <i>Jake</i> <p>Improved home screen to show confirmation of connection (via a TorCheck API call), better statistics about data transferred (up/down), number of circuits connected, quality of connection and so on. The "Tether Wifi" Android application is a good model to follow in how it shows a realtime count of bytes transferred as well as notifications when wifi clients connect. In addition, better handling of Tor system and error messages would also be very helpful, include use of standard Android operating systems notifications. The addition of a wizard or tutorial walkthrough for novice users to explain to them exactly what is and what is not anonymized or protected would greatly improve the likelihood they will use Orbot correctly. All of this should work on the range of screens and device types now offered for Android, from 2" phone to 10" Tablet.</p> </li> --> <!-- <a id="armClientMode"></a> <li> <b>Client Mode Use Cases for Arm</b> <br> Effort Level: <i>High</i> <br> Skill Level: <i>Medium</i> <br> Likely Mentors: <i>Damian (atagar)</i> <p><a href="<page projects/arm>">Arm</a> is a Tor command line status monitor on *nix environments (Linux, Mac, and BSD). It functions much like top does, giving a CLI overlay of Tor's bandwidth usage, connections, configuration, log, etc. Thus far its design has been geared for Tor relay operators. However, this doesn't need to be the case. This project would be to expand and simplify arm to make it useful for Tor's client users too.</p> <p>This would include UI design, experimenting, and a lot of python hacking. Here's some ideas for client functionality arm could provide:</p> <ul> <li>A panel for client connections, showing each hop of the user's circuits with the ISP, country, and jurisdiction where those relays reside. Other interesting information would be the circuit's latency, how long its been around, and its possible exit ports. Some of this will be pretty tricky and require some experimentation to figure out what information can be fetched safely (for instance, scraping rdns and whois lookups could give hints about a relay's ISP, but we'd need to do it on all Tor relays to avoid leaking our connections to the resolver).</li> <li>Options to let the user request new circuits (the "New Identity" feature in Vidalia), select the exit country, etc.</li> <li>A panel showing Internet application and if their connections are being routed through Tor or not (giving a warning if there's leaks).</li> <li>The status of the bridges we're configured to use (ie, are they up?). This would include adding control port functionality to Tor for <a href="https://trac.torproject.org/projects/tor/ticket/2068">ticket 2068</a>.</li> <li>A one click option to set Tor to be a client, relay, or bridge. The goal would be to make it trivial for users to voluntarily contribute to the Tor network.</li> <li>Menus as an alternative to hotkeys to make the interface more intuitive and usable for beginners (<a href="http://gnosis.cx/publish/programming/charming_python_6.html">example</a>).</li> <li>Look at Vidalia and TorK for ideas and solicit input from the Tor community.</li> </ul> <p> More information is available in the following sections of arm's dev notes: <a href="https://trac.torproject.org/projects/tor/wiki/doc/arm#ConnectionListingExpansion">Connection Listing Expansion</a>, <a href="https://trac.torproject.org/projects/tor/wiki/doc/arm#CircuitDetails">Circuit Details</a>, and <a href="https://trac.torproject.org/projects/tor/wiki/doc/arm#ClientModeUseCases">Client Mode Use Cases</a> </p> </li> --> <a id="compassRefactoring"></a> <li> <b>Compass Refactoring</b> <br> Effort Level: <i>Medium</i> <br> Skill Level: <i>Medium</i> <br> Likely Mentors: <i>gsathya, karsten</i> <p> Compass was first designed to be a cli app and then hacked into a web app. The codebase needs to be refactored such that the main processing code is separated from the display functions(probably into separate files) and made modular so that adding more features (<a href="https://trac.torproject.org/6612">#6612</a>) is easy. For example, the main processing logic could be in compass.py, whereas print_groups() and other display related functions could be part of a separate cli.py; web.py would also have to modified to make use of this new modular code. Bonus points for adding features to compass(<a href="https://trac.torproject.org/6619">#6619</a>, <a href="https://trac.torproject.org/6612">#6612</a>, <a href="https://trac.torproject.org/6728">#6728</a>). </p> </li> <!-- <a id="orbot-optimisation"></a> <li> <b>Core Tor mobile optimisation</b> <br> Effort Level: <i>Medium</i> <br> Skill Level: <i>High</i> <br> Likely Mentors: <i>Jake</i> <p> The existing port of Tor to Android is basically a straight cross-compile to Linux ARM. There has been no work done in looking at possible optimizations of Tor within a mobile hardware environment or on mobile networks. In addition, a number of additional Android OS APIs are available (such as wireless network status) that could be taken advantage of. </p> <p> It should be noted, that even without optimisation, Tor is handling the mobile network environment very well, automatically detecting change in IP addresses, opening circuits, etc, as the device switches from no coverage to 2G, 3G or Wifi constantly as it changes position. However, this observation of "very well", is just based on user experience, and not any detailed study of what exactly is happening, and what threats might exist because of this constantly changing network state. </p> <p> Finally, the build process needs to be moved to the Android NDK from the custom GCC toolchain we are now using, and compatibility with Android 2.3 and 3.x Honeycomb OS need to be verified. </p> <p> For more information see the <a href="https://svn.torproject.org/svn/projects/android/trunk/Orbot/BUILD">Orbot build documentation</a>. </p> </li> --> <!-- <a id="obfsproxy-scanning-measures"></a> <li> <b>Defensive bridge active scanning measures</b> <br> Effort Level: <i>High</i> <br> Skill Level: <i>High</i> <br> Likely Mentors: <i>asn</i> <p>Involves providing good answers to <a href="https://lists.torproject.org/pipermail/tor-dev/2011-November/003073.html">this thread</a> as well as concrete implementation plans for it.</p> <p>This also involves implementing proposals <a href="https://gitweb.torproject.org/torspec.git/blob/HEAD:/proposals/189-authorize-cell.txt">189</a> and <a href="https://gitweb.torproject.org/torspec.git/blob/HEAD:/proposals/190-shared-secret-bridge-authorization.txt">190</a>.</p> </li> --> <!-- <a id="firewallProbeTool"></a> <li> <b>Develop a fully automatic firewall-probing system</b> <br> Effort Level: <i>Medium to High</i> <br> Skill Level: <i>High</i> <br> Likely Mentors: <i>Robert Ransom, Jacob</i> <p>We would like to have a fully automatic firewall-probing system for blocking systems with no long-term state (i.e. firewalls that can examine each connection, but do not change their behaviour for future connections based on the traffic they have seen).</p> <p>Ideally, volunteers would only need to set up one or more test servers, and run the probe client program on a publicly accessible computer behind the firewall.</p> <p>The test tool should:</p> <ul> <li>generate packet captures on both ends (and send them out to the extent possible),</li> <li>cycle through all the SSL configurations we might want to test through a censorship device, and</li> <li>also test some other protocols to see whether they are allowed through the firewall (IMAP and other mail protocols, BitTorrent, DTLS, etc.).</li> </ul> </li> --> <!-- <a id="obfsproxy-fuzzer"></a> <li> <b>Fuzzer for the Tor protocol</b> <br> Effort Level: <i>Medium to High</i> <br> Skill Level: <i>High</i> <br> Likely Mentors: <i>asn</i> <p>Involves researching good and smart ways to fuzz stateful network protocols, and also implementing the fuzzer.</p> <p>We are mostly looking for a fuzzer that fuzzes the Tor protocol itself, and not the Tor directory protocol.</p> <p>Bonus points if it's extremely modular. Relevant research:</p> <ul> <li>PROTOS - Security Testing of Protocol Implementations</li> <li>INTERSTATE: A Stateful Protocol Fuzzer for SIP</li> <li>Detecting Communication Protocol Security Flaws by Formal Fuzz Testing and Machine Learning</li> <li>SNOOZE: Toward a Stateful NetwOrk prOtocol fuzZE</li> <li>Michal Zalewski's "bugger"</li> <li>Also look at the concepts of "model checking" and "symbolic execution" to get inspired.</li> </ul> </li> --> <a id="httpsImersonation"></a> <li> <b>HTTPS Server Impersonation</b> <br> Effort Level: <i>Medium to High</i> <br> Skill Level: <i>Medium to High</i> <br> Likely Mentors: <i>Nick (nickm)</i> <p> We have an open proposal for a way to make Tor bridges avoid censorship by impersonating an HTTPS server. Specifically, we need to hack some popular SSL "reverse proxy" (your choice) so that it relays regular web connections to an HTTP server, but certain connections to a local Tor process. <a href="https://gitweb.torproject.org/torspec.git/blob_plain/HEAD:/proposals/203-https-frontend.txt">Proposal 203</a> has a general design sketch. </p> </li> <!-- <a id="geoIPUpgrade"></a> <li> <b>Improve our GeoIP file format</b> <br> Effort Level: <i>Medium</i> <br> Skill Level: <i>Medium to High</i> <br> Likely Mentors: <i>Robert Ransom</i> <p>Currently, Tor bridges and relays read an entire IP->country database into memory from a text file during startup. We would like to distribute this database and store it on disk in a much more compact form, and perform IP->country lookups on it in its on-disk format if possible.</p> <p>We have <a href='https://trac.torproject.org/projects/tor/ticket/2506'>a sketch of a design</a> for a moderately optimized format for IPv4 GeoIP data; this project will involve both implementing the IPv4 format and designing and implementing a format for IPv6 GeoIP data.</p> <p>Since the core of this project is researching IPv6 GeoIP data and designing the IPv6 format, this is not likely to be a good GSoC project.</p> </li> --> <!-- <a id="unitTesting"></a> <li> <b>Improve our unit testing process</b> <br> Effort Level: <i>Medium</i> <br> Skill Level: <i>Medium</i> <br> Likely Mentors: <i>Nick, Erinn</i> <p>Tor needs to be tested far more thoroughly. This is a multi-part effort. To start with, our unit test coverage should rise substantially, especially in the areas outside the utility functions. This will require significant refactoring of some parts of Tor, in order to dissociate as much logic as possible from globals.</p> <p>Additionally, we need to automate our performance testing. We've got buildbot to automate our regular integration and compile testing already (though we need somebody to set it up on Windows), but we need to get our network simulation tests (as built in <a href="https://svn.torproject.org/svn/torflow/trunk/README">TorFlow</a>) updated for more recent versions of Tor, and designed to launch a test network either on a single machine, or across several, so we can test changes in performance on machines in different roles automatically.</p> </li> --> <!-- <a id="vidaliaNetworkMap"></a> <li> <b>Improved and More Usable Network Map in Vidalia</b> <br> Effort Level: <i>Medium</i> <br> Skill Level: <i>Medium</i> <br> Likely Mentors: <i>Tomás</i> <p> One of Vidalia's existing features is a network map that shows the user the approximate geographic location of relays in the Tor network and plots the paths the user's traffic takes as it is tunneled through the Tor network. The map is currently not very interactive and has rather poor graphics. Instead, we implemented KDE's Marble widget such that it gives us a better quality map and enables improved interactivity, such as allowing the user to click on individual relays or circuits to display additional information. We want to add the ability for users to click on a particular relay or a country containing one or more Tor exit relays and say, "I want my connections to exit from here." </p> <p> This project will first involve getting familiar with Vidalia and the Marble widget's API. One will then integrate the widget into Vidalia and customize Marble to be better suited for our application, such as making circuits clickable, storing cached map data in Vidalia's own data directory, and customizing some of the widget's dialogs. </p> <p> A person undertaking this project should have good C++ development experience. Previous experience with Qt and CMake is helpful, but not required. </p> </li> --> <!-- <a id="resistCensorship"></a> <li> <b>Improving Tor's ability to resist censorship</b> <br> Effort Level: <i>Medium to High</i> <br> Skill Level: <i>High</i> <br> Likely Mentors: <i>Jake, Thomas</i> <p>The Tor 0.2.1.x series makes <a href="<svnprojects>design-paper/blocking.html">significant improvements</a> in resisting national and organizational censorship. But Tor still needs better mechanisms for some parts of its anti-censorship design.</p> <p>One huge category of work is adding features to our <a href="https://gitweb.torproject.org/bridgedb.git?a=tree">BridgeDB</a> service (Python). Tor aims to give out <a href="<page docs/bridges>">bridge relay addresses</a> to users that can't reach the Tor network directly, but there's an arms race between algorithms for distributing addresses and algorithms for gathering and blocking them. See <a href="<blog>bridge-distribution-strategies">our blog post on the topic</a> as an overview, and then look at <a href="https://lists.torproject.org/pipermail/tor-dev/2009-December/000666.html">Roger's or-dev post</a> from December 2009 for more recent thoughts — lots of design work remains.</p> <p>If you want to get more into the guts of Tor itself (C), a more minor problem we should address is that current Tors can only listen on a single address/port combination at a time. There's <a href="<specblob>proposals/118-multiple-orports.txt">a proposal to address this limitation</a> and allow clients to connect to any given Tor on multiple addresses and ports, but it needs more work.</p> <p>This project could involve a lot of research and design. One of the big challenges will be identifying and crafting approaches that can still resist an adversary even after the adversary knows the design, and then trading off censorship resistance with usability and robustness.</p> </li> --> <a id="improveTorbirdy"></a> <li> <b>Improving TorBirdy</b> <br> Effort Level: <i>High</i> <br> Skill Level: <i>Medium to High</i> <br> Likely Mentors: <i>Sukhbir, Jacob</i> <p> TorBirdy is Torbutton for Thunderbird, Icedove and related Mozilla mail clients. </p> <p> TorBirdy is under active development and is available from <a href="https://trac.torproject.org/projects/tor/wiki/torbirdy">our wiki</a> and <a href="https://addons.mozilla.org/en-US/thunderbird/addon/torbirdy/">mozilla's addons site</a>. </p> <p> The goal of this project is to improve TorBirdy by: </p> <ul> <li> Writing a Thunderbird patch to plug known leaks. We have already <a href="https://bugzilla.mozilla.org/show_bug.cgi?id=776397">submitted a patch to Thunderbird</a> but we anticipate there will be much more work required before it is accepted, possibly involving rewriting the entire patch; this appears trivial, but it is not, as we are proposing a completely new privacy-safe message-ID header generation algorithm for Thunderbird. </li> <li> Implementing a JavaScript HTTP proxy (see the <a href="https://trac.torproject.org/projects/tor/ticket/6958">ticket</a>) </li> <li> Auditing TorBirdy for leaks and for use with other add-ons (as an example see its <a href="https://trac.torproject.org/projects/tor/ticket/6319">ticket</a>) </li> </ul> <p> A student undertaking this project should have some C++ and JavaScript development experience. Previous experience with Firefox/Thunderbird extension development is a plus, but not required. </p> </li> <!-- <a id="user-space-transport"></a> <li> <b>Integrating Tor with user-space transport protocol libraries</b> <br> Effort Level: <i>High</i> <br> Skill Level: <i>High</i> <br> Likely Mentors: <i>Steven</i> <p>Tor currently sends data over TCP links between nodes. <a href="http://static.usenix.org/events/sec09/tech/full_papers/reardon.pdf">Prior research</a> has indicated that this may not be optimal, and instead the role that TCP plays (congestion control and reliability) should be moved into Tor itself. This would allow a number of desirable changes, such as preventing errors on one circuit delaying another, and giving Tor control and visibility of congestion control.</p> <p>There are <a href="http://www.cl.cam.ac.uk/~sjm217/papers/tor11datagramcomparison.pdf">many ways to do this</a>, each with their own tradeoffs and difficulty of implementation. This project will be to select one (or more) option and implement it in Tor. The primary goal will be to test this modified version of Tor in simulation, but if it turns out to work well, it could be deployed in the live Tor network.</p> <p>Excellent C programming skills are needed, and knowledge of Tor internals are highly desirable.</p> </li> --> <a id="chutneyExpansion"></a> <li> <b>Make Chutney Do More, More Reliably</b> <br> Effort Level: <i>Medium to High, depending on scope of project</i> <br> Skill Level: <i>Medium</i> <br> Likely Mentors: <i>Nick (nickm)</i> <p> We have a little Python tool called <a href="https://gitweb.torproject.org/nickm/chutney.git">Chutney</a> for making small local test networks. It's small, not widely used, and not as automated as it could be. </p> <p> It would be great to see chutney extended and a set of supporting tests built to the point where we could use Chutney to exercise various Tor features as an automated integration test. </p> </li> <!-- <a id="torsocksForOSX"></a> <li> <b>Make torsocks/dsocks work on OS X</b> <br> Effort Level: <i>Medium</i> <br> Skill Level: <i>Medium</i> <br> Likely Mentors: <i>Robert Hogan</i> <p> <a href="https://code.google.com/p/torsocks/">Torsocks</a> and <a href="https://code.google.com/p/dsocks/">dsocks</a> are wrappers that will run applications, intercept their outgoing network connections, and push those connections through Tor. The goal is to handle applications that don't support proxies (or don't supporting them well). To get it right, they need to intercept many system calls. The syscalls you need to intercept on Linux differ dramatically from those on BSD. So Torsocks works fine on Linux, dsocks works ok on BSD (though it may be less maintained and thus might miss more syscalls), and nothing works well on both. First, we should patch dsocks to use Tor's <i>mapaddress</i> commands from the controller interface, so we don't waste a whole round-trip inside Tor doing the resolve before connecting. Second, we should make our <i>torify</i> script detect which of torsocks or dsocks is installed, and call them appropriately. This probably means unifying their interfaces, and might involve sharing code between them or discarding one entirely. </p> </li> --> <!-- <a id="obfsproxy-new-transports"></a> <li> <b>New and innovative pluggable transports</b> <br> Effort Level: <i>High</i> <br> Skill Level: <i>High</i> <br> Likely Mentors: <i>asn, Steven</i> <p>Not-very-smart transports like ROT13 and base64 are nice but not super interesting. Other ideas like bittorrent transports might be relevant, but you will have to provide security proofs on why they are harder to detect and block than other less-sophisticated transports.</p> <p>The whole point of this project, though, is to come up with new transports that we haven't already thought of. Be creative.</p> <p>Bonus points if your idea is interesting and still implementable through the summer period.</p> <p>More bonus points if it's implemented on top of obfsproxy, or if your implementation has a pluggable transport interface on top of it (as specified <a href="https://gitweb.torproject.org/torspec.git/blob/HEAD:/proposals/180-pluggable-transport.txt">here</a>).</p> </li> --> <!-- <a id="orbot-orlibAndOutreach"></a> <li> <b>Orbot integration library and community outreach</b> <br> Effort Level: <i>Low</i> <br> Skill Level: <i>Medium</i> <br> Likely Mentors: <i>Nathan (n8fr8)</i> <p> We need additional work on <a href="https://github.com/guardianproject/orlib">ORLib</a>, our library for use with third-party application to easily enable them to support "Torification" on non-rooted devices (i.e. w/o transparent proxying). This library includes a SOCKS client, a wrapper for the Apache HTTPClient library, a utility class for detecting the state of Orbot connectivity, and other relevant/useful things an Android app might need to anonymize itself. This work would includes direct development of the library, documentation, and sample code. Outreach or effort to implement the library within other open-source apps is also needed. </p> </li> --> <!-- <a id="tailsHiddenServicePetnames"></a> <li> <b>Petname system for Tor hidden services</b> <br> Effort Level: <i>High</i> <br> Skill Level: <i>High</i> <br> Likely Mentors: <i>ague</i> <p>Tor provides hidden services. These services are only reachable through Tor itself, and provide greater anonymity both for the providers of the service and for its users.</p> <p>One current downside of Tor hidden services is that they are addressed using 80-bit base32-encoded addresses such as "v2cbb2l4lsnpio4q.onion". These addresses are hard to remember; this makes them hard to use within amnesic environment like Tails.</p> <p>The project is to implement a petname system for Tor hidden services: a way for users or providers of Tor hidden services to add a simple 'nickname' to a central database. Users could then query this central database to retrieve a full hidden service address by giving a nickname.</p> <p>Adding petnames to the database could be done using a web interface or automated fetch like those described in the <a href="https://gitweb.torproject.org/torspec.git/blob/HEAD:/proposals/ideas/xxx-onion-nyms.txt">".onion nym system" proposal</a>.</p> <p>Querying the database could be done using a web interface, a REST API and a DNS interface.</p> <p>In order not to grow indefinitely, the software should make regular tests to see if hidden services are still reachable and, depending on the last time a nickname was accessed, cleanup the database as necessary.</p> <p>The software should allow a distributed, fault-tolerant setup. All nodes should have a synchronized copy of the database, should be ready to answer queries and should coordinate the tests for hidden service availability.</p> <p>The resulting codebase must be easy to deploy: it should not be hard to setup new databases.</p> <p>It is expected that the volunteer will be using Behaviour Driven Development methods. Either in Ruby using Cucumber and RSpec, or in Python using similar tools.</p> </li> --> <a id="limitCapabilities"></a> <li> <b>Run With Limited Capabilities</b> <br> Effort Level: <i>Medium to High</i> <br> Skill Level: <i>High</i> <br> Likely Mentors: <i>Nick (nickm)</i> <p> Many modern operating systems give a running program the ability to drop capabilities that it no longer needs, and other ways for a program to run pieces of itself in a sandbox with diminished privileges. </p> <p> We'd like to do this with Tor, to improve its resistance to attacks. The easiest areas to address would be on systems like <a href="https://lwn.net/Articles/475361/">recent Linux kernels</a> that make it easy to drop or restrict the set of syscalls that a program can invoke. That's a great project, but probably not big enough for an internship just on its own. For that, we'd want to make progress on at least multiple platforms, or look into refactoring Tor into pieces that need more privileges and pieces that don't with an eye towards sandboxing them differently. </p> <p> See tickets <a href="https://trac.torproject.org/7005">#7005</a> and <a href="https://trac.torproject.org/5219">#5219</a>, and their descendants, for more information. </p> </li> <a id="metricsSearch"></a> <li> <b>Searchable Tor descriptor and Metrics data archive</b> <br> Effort Level: <i>Medium</i> <br> Skill Level: <i>Medium</i> <br> Likely Mentors: <i>Karsten</i> <p>The <a href="https://metrics.torproject.org/data.html">Metrics data archive</a> of Tor relay descriptors and other Tor-related network data has grown to over 100G in size, bz2-compressed. We have developed two search interfaces: the <a href="https://metrics.torproject.org/relay-search.html">relay search</a> finds relays by nickname, fingerprint, or IP address in a given month; <a href="https://metrics.torproject.org/exonerator.html">ExoneraTor</a> finds whether a given IP address was a relay on a given day.</p> <p>We'd like to have a more general search application for Tor descriptors and metrics data. There are more <a href="https://metrics.torproject.org/formats.html">descriptor types</a> that we'd like to include in the search. The search application should handle most of them and understand some semantics like what's a timestamp, what's an IP address, and what's a link to another descriptor. Users should then be able to search for arbitrary strings or limit their search to given time periods or IP address ranges. Descriptors that reference other descriptors should contain links, and descriptors should be able to say from where they are linked. The goal is to make the archive easily browsable.</p> <p>The search application shall be separate from the metrics website and shouldn't rely on the metrics website codebase. The search application will contain hourly updated descriptor data from the metrics website via rsync. Programming language and database system are not specified yet, though there's a slight preference for Python/Django and Postgres for maintenance reasons. If there are good reasons to pick something else, e.g, some NoSQL variant or some search application framework, that's fine, too. Further requirements are that lookups should be really fast and that changes to the search application can be implemented in reasonable time.</p> <p>Applications for this project should come with a design of the proposed search application, ideally with a proof-of-concept based on a subset of the available data to show that it will be able to handle the 100G+ of data.</p> </li> <!-- <a id="simulateSlowConnections"></a> <li> <b>Simulator for slow Internet connections</b> <br> Effort Level: <i>Medium</i> <br> Skill Level: <i>Medium</i> <br> Likely Mentors: <i>Nick</i> <p> Many users of Tor have poor-quality Internet connections, giving low bandwidth, high latency, and high packet loss/re-ordering. User experience is that Tor reacts badly to these conditions, but it is difficult to improve the situation without being able to repeat the problems in the lab. </p> <p> This project would be to build a simulation environment which replicates the poor connectivity so that the effect on Tor performance can be measured. Other components would be a testing utility to establish what are the properties of connections available, and to measure the effect of performance-improving modifications to Tor. </p> <p> The tools used would be up to the student, but dummynet (for FreeBSD) and nistnet (for Linux) are two potential components on which this project could be built. Students should be experienced with network programming/debugging and TCP/IP, and preferably familiar with C and a scripting language. </p> </li> --> <!-- <a id="stemPathsupport"></a> <li> <b>Stem PathSupport Capabilities</b> <br> Effort Level: <i>High</i> <br> Skill Level: <i>Medium</i> <br> Likely Mentors: <i>Damian (atagar)</i> <p><a href="https://trac.torproject.org/projects/tor/wiki/doc/stem">Stem</a> is a python controller library for tor. Like it's predecessor, <a href="#project-torctl">TorCtl</a>, it uses tor's <a href="https://gitweb.torproject.org/torspec.git/blob/HEAD:/control-spec.txt">control protocol</a> to help developers program against the tor process, enabling them to build things similar to <a href="#project-vidalia">Vidalia</a> and <a href="#project-arm">arm</a>.</p> <p>While TorCtl provided a fine first draft for this sort of functionality, it has not proved to be extensible nor maintainable. Stem is a rewrite of TorCtl with a heavy focus on testing, documentation, and providing a developer friendly API.</p> <p>At the moment stem is still very much incomplete, missing several pieces of functionality that TorCtl provides. This is a project to fix that by porting TorCtl's <a href="https://gitweb.torproject.org/pytorctl.git/blob/HEAD:/PathSupport.py">PathSupport module</a> to stem, writing tests for it, and migrate a couple clients to use it.</p> <p>PathSupport provides applications with programmatic control over how tor's circuits are built, for instance letting you exit from particular relays. This is used by projects like <a href="#project-torbel">TorBEL</a>, <a href="#project-torflow">the Bandwidth Scanners, and SoaT</a>.</p> <p>This project can be broken into three parts...</p> <ol style="list-style-type: decimal"> <li><p>Look at PathSupport's clients to figure out how it is used and come up with the API that we will use for stem. Note that the goal if this project is <b>not</b> to simply copy PathSupport, but to make it better. This task would ideally be done as part of writing the GSoC application.</p></li> <li><p>Implement the PathSupport counterpart for stem. This should be done in an incremental fashion, writing the feature, tests, and going through a code review before moving on. I'll be pretty anal about making it as good as we can during these code reviews so plan for this to take a while. ;)</p></li> <li><p>The real test of the API that you've developed will come when we use it in some real applications. Try to migrate a TorCtl client or two to stem, filling in functionality that we're missing and improving our API as we discover issues. A particularly good client to start with would be TorBEL.</p></li> </ol> <p><b> Upon reflection this is not an especially good project for this year's GSoC. You are still perfectly wecome to apply for this project, but <a href="https://trac.torproject.org/projects/tor/wiki/doc/stem">other stem related tasks</a> such as implementing a general controller, descriptor fetching, and client migrations would be better. For the discussion that lead to this see <a href="http://archives.seul.org/or/dev/Apr-2012/msg00006.html">this thread</a>. </b></p> </li> --> <a id="stemUsability"></a> <li> <b>Stem Usability Improvements</b> <br> Effort Level: <i>Medium</i> <br> Skill Level: <i>Medium</i> <br> Likely Mentors: <i>Damian (atagar)</i> <p> <a href="https://stem.readthedocs.org/en/latest/index.html">Stem</a> is a python controller library for tor. Like it's predecessor, <a href="#project-torctl">TorCtl</a>, it uses tor's <a href="https://gitweb.torproject.org/torspec.git/blob/HEAD:/control-spec.txt">control protocol</a> to help developers program against the tor process, enabling them to build things similar to <a href="#project-vidalia">Vidalia</a> and <a href="#project-arm">arm</a>. </p> <p> While TorCtl provided a fine first draft for this sort of functionality, it has not proved to be extensible nor maintainable. Stem is a rewrite of TorCtl with a heavy focus on testing, documentation, and providing a developer friendly API. </p> <p> Stem is very nearly feature complete but presently has no users. We want to change that prior to making our first release for a couple reasons... </p> <ul> <li>Make sure that we have a reasonably good API, and improve the rough edges that hurt its usability.</li> <li>Provide examples for how stem can be used.</li> </ul> <p> This project involves several tasks... </p> <ol> <li>Move stem's site to Tor's website (<a href="https://trac.torproject.org/projects/tor/ticket/7324">ticket</a>)</li> <li>Set up Piwik for our site (<a href="https://trac.torproject.org/projects/tor/ticket/7424">ticket</a>)</li> <li>Come up with a better, more developer friendly "Module Overview" for our documentation (<a href="https://stem.readthedocs.org/en/latest/api/control.html">example page</a>). For instance, it would be nice to provide interlinking between the overview and the classes/methods that it lists. This will probably involve asking for help from the <a href="http://sphinx-doc.org/">Sphinx user list</a>.</li> <li>Finally get your hands dirty using stem. We want to expand stem's <a href="https://stem.readthedocs.org/en/latest/tutorial.html">tutorial page</a> with more examples. To do this you'll want to both brainstorm some of your own and contact the <a href="https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev/">tor-dev@ email list</a> to solicit ideas. This last step is pretty open ended, so go nuts with whatever you think will improve stem's usability!</li> </ol> </li> <!-- <a id="tailsServer"></a> <li> <b>Tails server: Self-hosted services behind Tails-powered Tor hidden services</b> <br> Effort Level: <i>High</i> <br> Skill Level: <i>Medium, but wide-scoped</i> <br> Likely Mentors: <i>intrigeri, anonym</i> <p>Let's talk about group collaboration, communication and data sharing infrastructure, such as chat servers, wikis, or file repositories.</p> <p>Hosting such data and infrastructure <b>in the cloud</b> generally implies to trust the service providers not to disclose content, usage or users location information to third-parties. Hence, there are many threat models in which cloud hosting is not suitable.</p> <p>Tor partly answers the <b>users location</b> part; this is great, but <b>content</b> is left unprotected.</p> <p>There are two main ways to protect such content: either to encrypt it client-side (<b>security by design</b>), or to avoid putting it into untrusted hands in the first place.</p> <p>Cloud solutions that offer security by design are rare and generally not mature yet. The <b>Tails server</b> project is about exploring the other side of the alternative: avoiding to put private data into untrusted hands in the first place.</p> <p>This is made possible thanks to Tor hidden services, that allow users to offer location-hidden services, and make self-hosting possible in many threat models. Self-hosting has its own lot of problems, however, particularly in contexts where the physical security of the hosting place is not assured. Combining Tor hidden services with Tails' amnesia property and limited support for persistent encrypted data allows to protect content, to a great degree, even in such contexts.</p> <p>In short, setting up a new Tails server would be done by:</p> <ol style="list-style-type: decimal"> <li>Alice plugs a USB stick into a running desktop Tails system.</li> <li>Alice uses a GUI to easily configure the needed services.</li> <li>Alice unplugs the USB stick, that now contains encrypted services configuration and data storage space.</li> <li>Alice plugs that USB stick (and possibly a Tails Live CD) into the old laptop that was dedicated to run Tails server.</li> <li>Once booted, Alice enters the encryption passphrase either directly using the keyboard or through a web interface listening on the local network.</li> <li>Then, Bob can use the configured services once he gets a hold on the hidden service address. (The <b>petname system for Tor hidden services</b> project would be very complementary to this one, by the way.)</li> </ol> <p>Tails server should content itself with hardware that is a bit old (such as a PIII-450 laptop with 256MB of RAM) and/or half broken (e.g. non-functional hard-disk, screen or keyboard).</p> <p>The challenges behind this project are:</p> <ul> <li>Design and write the services configuration GUI [keywords: edit configuration files, upgrade between major Debian versions, debconf].</li> <li>How to create the hidden service key? [keywords: Vidalia, control protocol].</li> <li>Adapt the Tails boot process to allow switching to "server mode" when appropriate.</li> <li>Add support, to the Tails persistence setup process, for asking an encryption passphrase without X, and possibly with a broken keyboard and/or screen [keywords: local network, SSL/TLS?, certificate?].</li> </ul> <p>This project can easily grow quite large, so the first task would probably be to clarify what it would need to get an initial (minimal but working) implementation ready to be shipped to users.</p> <p>This project does not require to be an expert in one specific field, but it requires to be experienced and at ease with a large scope of software development tools, processes, and operating system knowledge.</p> <p>Undertaking this project requires in-depth knowledge of Debian-like systems (self-test: do the "dpkg conffile" and "debconf preseeding" words sound new to your ear?); the Debian Live persistence system being written in shell, being at ease with robust shell scripting is a must; to end with, at least two pieces of software need to be written from scratch (a GUI and a webapp): the preferred languages for these tasks would be Python and Perl. Using Behaviour Driven Development methods to convey expectations and acceptance criteria would be most welcome.</p> <p>For more information see https://tails.boum.org/todo/server_edition/</p> </li> --> <a id="torCleanup"></a> <li> <b>Tor Codebase Cleanup</b> <br> Effort Level: <i>Low to High, depending on subproject chosen</i> <br> Skill Level: <i>Medium to High</i> <br> Likely Mentors: <i>Nick (nickm)</i> <p> The Tor code is almost 10 years old in places, and we haven't always had enough time or wisdom to write things as well as we could have. Our unit test coverage is shamefully low, and the dependency graph of our modules is shamefully convoluted . We could use refactoring and unit tests! Please look through the Tor source code and look for ugly or tricky code or dependencies -- the uglier and trickier the better -- and think about how you could make the code look better, read better, and (subject to testing) work better. </p> <p> If this is for a fun side-project, it would be great for you to work on anything that can be made better and more tested. For an internship-level position, we'd hope that you could find a number of particularly tricky or knotty piece of the code to clean up, and aim for resolving the ugliest problems, not necessarily the easiest. </p> <p> For a big project here, it would be great to pick one of the major "submodules" of Tor -- path selection, node discovery, directory authority operations, directory service -- and refactor its interface completely, to minify and codify its points of contact with the rest of Tor. </p> </li> <!-- <a id="vidaliaStatusEventInterface"></a> <li> <b>Tor Controller Status Event Interface for Vidalia</b> <br> Effort Level: <i>Medium</i> <br> Skill Level: <i>Low to Medium</i> <br> Likely Mentors: <i>Tomás</i> <p>There are a number of status changes inside Tor of which the user may need to be informed. For example, if the user is trying to set up his Tor as a relay and Tor decides that its ports are not reachable from outside the user's network, we should alert the user. Currently, all the user gets is a couple of log messages in Vidalia's 'message log' window, which they likely never see since they don't receive a notification that something has gone wrong. Even if the user does actually look at the message log, most of the messages make little sense to the novice user.</p> <p>Tor has the ability to inform Vidalia of many such status changes, and we recently implemented support for a couple of these events. Still, there are many more status events which the user should be informed of, and we need a better UI for actually displaying them to the user.</p> <p>The goal of this project then is to design and implement a UI for displaying Tor status events to the user. For example, we might put a little badge on Vidalia's tray icon that alerts the user to new status events they should look at. Double-clicking the icon could bring up a dialog that summarizes recent status events in simple terms and maybe suggests a remedy for any negative events if they can be corrected by the user. Of course, this is just an example and one is free to suggest another approach.</p> <p>A person undertaking this project should have good UI design and layout skills and some C++ development experience. Previous experience with Qt and Qt's Designer will be very helpful, but are not required. Some English writing ability will also be useful, since this project will likely involve writing small amounts of help documentation that should be understandable by non-technical users. Bonus points for some graphic design/Photoshop fu, since we might want/need some shiny new icons too.</p> </li> --> <!-- <a id="orbot-torbutton"></a> <li> <b>TorButton for Mobile Firefox 4 or Custom Browser on Android</b> <br> Effort Level: <i>High</i> <br> Skill Level: <i>High</i> <br> Likely Mentors: <i>Jake</i> <p>Initial work has been done on implementing a proxy-setting add-on for Firefox on Android (see <a href="https://github.com/guardianproject/ProxyMob">ProxyMob</a>), but a full port of TorButton needs to be done (dependent upon Firefox 4 port of TorButton). The other approach is to implement a custom "Tor Browser" based on Firefox or Webkit browser. See <a href="http://code.google.com/p/torora/wiki/Android">Torora</a> for progress on this so far.</p> </li> --> <!-- <a id="vidalia-hidden-service-panel"></a> <li> <b>Torrc plugin and improved hidden service configuration panel</b> <br> Effort Level: <i>Medium</i> <br> Skill Level: <i>Medium</i> <br> Likely Mentors: <i>Tomás</i> <p>Vidalia's configuration handling has changed in the alpha branch. Now every Tor option is saved in the torrc file. With that change, the Hidden Service configuration panel was removed due to its specificity and its multiple bugs.</p> <p>The idea would be to provide the new Torrc class' functionality to the Plugin Engine and with that, create a better Hidden Service configuration panel as a plugin.</p> <p>A person undertaking this project should have good UI design, layout skills and some C++ development experience. Previous experience with Qt and Qt's Designer will be very helpful, but are not required. Javascript knowledge is a plus, but it shouldn't be a problem if the person complies with the previous requirements.</p> </li> --> <!-- <a id="usabilityTesting"></a> <li> <b>Usability testing of Tor</b> <br> Effort Level: <i>Medium</i> <br> Skill Level: <i>Low to Medium</i> <br> Likely Mentors: <i>Andrew</i> <p> Especially the browser bundle, ideally amongst our target demographic. That would help a lot in knowing what needs to be done in terms of bug fixes or new features. We get this informally at the moment, but a more structured process would be better. </p> <p> Please note that since this isn't a coding project, it isn't suitable for Google Summer of Code. </p> </li> --> <a id="docUpdate"></a> <li> <b>Website and video documentation update</b> <br> Effort Level: <i>Medium</i> <br> Skill Level: <i>Medium</i> <br> Likely Mentors: <i>Runa, Karen</i> <p> Identify outdated and/or weak pages on torproject.org and re-write the documentation to appeal to a less technical, more goal-oriented audience. Create a number of 3-5 minute videos with graphically portray the written documentation. See <a href="https://trac.torproject.org/projects/tor/query?component=Website&status=new">the website tickets</a> for more information and a starting point. </p> </li> <li> <b>Bring up new ideas!</b> <br> Don't like any of these? Look at the <a href="/press/presskit/2008-12-19-roadmap-full.pdf">Tor development roadmap</a> for more ideas, or just try out Tor, Vidalia, and Torbutton, and find out what you think needs fixing. Some of the <a href="<spectree>proposals">current proposals</a> might also be short on developers. </li> </ol> <a id="OtherCoding"></a> <h2><a class="anchor" href="#OtherCoding">Other Coding and Design related ideas</a></h2> <ol> <li>Tor relays don't work well on Windows XP. On Windows, Tor uses the standard <tt>select()</tt> system call, which uses space in the non-page pool. This means that a medium sized Tor relay will empty the non-page pool, <a href="<wiki>doc/WindowsBufferProblems">causing havoc and system crashes</a>. We should probably be using overlapped IO instead. One solution would be to teach <a href="http://www.monkey.org/~provos/libevent/">libevent</a> how to use overlapped IO rather than select() on Windows, and then adapt Tor to the new libevent interface. Christian King made a <a href="https://svn.torproject.org/svn/libevent-urz/trunk/">good start</a> on this in the summer of 2007.</li> <li>We need to actually start building our <a href="<page docs/documentation>#DesignDoc">blocking-resistance design</a>. This involves fleshing out the design, modifying many different pieces of Tor, adapting <a href="<page projects/vidalia>">Vidalia</a> so it supports the new features, and planning for deployment.</li> <li>We need a flexible simulator framework for studying end-to-end traffic confirmation attacks. Many researchers have whipped up ad hoc simulators to support their intuition either that the attacks work really well or that some defense works great. Can we build a simulator that's clearly documented and open enough that everybody knows it's giving a reasonable answer? This will spur a lot of new research. See the entry <a href="#Research">below</a> on confirmation attacks for details on the research side of this task — who knows, when it's done maybe you can help write a paper or three also.</li> <li>Tor 0.1.1.x and later include support for hardware crypto accelerators via OpenSSL. It has been lightly tested and is possibly very buggy. We're looking for more rigorous testing, performance analysis, and optimally, code fixes to OpenSSL and Tor if needed.</li> <li>Perform a security analysis of Tor with <a href="https://secure.wikimedia.org/wikipedia/en/wiki/Fuzz_testing">"fuzz"</a>. Determine if there are good fuzzing libraries out there for what we want. Win fame by getting credit when we put out a new release because of you!</li> <li>Tor uses TCP for transport and TLS for link encryption. This is nice and simple, but it means all cells on a link are delayed when a single packet gets dropped, and it means we can only reasonably support TCP streams. We have a <a href="<page docs/faq>#TransportIPnotTCP">list of reasons why we haven't shifted to UDP transport</a>, but it would be great to see that list get shorter. We also have a proposed <a href="<specblob>proposals/100-tor-spec-udp.txt">specification for Tor and UDP</a> — please let us know what's wrong with it.</li> <li>We're not that far from having IPv6 support for destination addresses (at exit nodes). If you care strongly about IPv6, that's probably the first place to start.</li> <li>We need a way to generate the website diagrams (for example, the "How Tor Works" pictures on the <a href="<page about/overview>">overview page</a> from source, so we can translate them as UTF-8 text rather than edit them by hand with Gimp. We might want to integrate this as an wml file so translations are easy and images are generated in multiple languages whenever we build the website.</li> <li>How can we make the various LiveCD/USB systems easier to maintain, improve, and document? One example is <a href="https://tails.boum.org/">The Amnesic Incognito Live System</a>. </li> <li> Another anti-censorship project is to try to make Tor more scanning-resistant. Right now, an adversary can identify <a href="<specblob>proposals/125-bridges.txt">Tor bridges</a> just by trying to connect to them, following the Tor protocol, and seeing if they respond. To solve this, bridges could <a href="<svnprojects>design-paper/blocking.html#tth_sEc9.3">act like webservers</a> (HTTP or HTTPS) when contacted by port-scanning tools, and not act like bridges until the user provides a bridge-specific key. To start, check out Shane Pope's <a href="http://dl.dropbox.com/u/37735/index.html">thesis and prototype</a>. </li> </ol> <a id="Research"></a> <h2><a class="anchor" href="#Research">Research</a></h2> <ol> <li>The "end-to-end traffic confirmation attack": by watching traffic at Alice and at Bob, we can <a href="http://freehaven.net/anonbib/#danezis:pet2004">compare traffic signatures and become convinced that we're watching the same stream</a>. So far Tor accepts this as a fact of life and assumes this attack is trivial in all cases. First of all, is that actually true? How much traffic of what sort of distribution is needed before the adversary is confident he has won? Are there scenarios (e.g. not transmitting much) that slow down the attack? Do some traffic padding or traffic shaping schemes work better than others?</li> <li>A related question is: Does running a relay/bridge provide additional protection against these timing attacks? Can an external adversary that can't see inside TLS links still recognize individual streams reliably? Does the amount of traffic carried degrade this ability any? What if the client-relay deliberately delayed upstream relayed traffic to create a queue that could be used to mimic timings of client downstream traffic to make it look like it was also relayed? This same queue could also be used for masking timings in client upstream traffic with the techniques from <a href="http://www.freehaven.net/anonbib/#ShWa-Timing06">adaptive padding</a>, but without the need for additional traffic. Would such an interleaving of client upstream traffic obscure timings for external adversaries? Would the strategies need to be adjusted for asymmetric links? For example, on asymmetric links, is it actually possible to differentiate client traffic from natural bursts due to their asymmetric capacity? Or is it easier than symmetric links for some other reason?</li> <li>Repeat Murdoch and Danezis's <a href="http://www.cl.cam.ac.uk/~sjm217/projects/anon/#torta">attack from Oakland 05</a> on the current Tor network. See if you can learn why it works well on some nodes and not well on others. (My theory is that the fast nodes with spare capacity resist the attack better.) If that's true, then experiment with the RelayBandwidthRate and RelayBandwidthBurst options to run a relay that is used as a client while relaying the attacker's traffic: as we crank down the RelayBandwidthRate, does the attack get harder? What's the right ratio of RelayBandwidthRate to actually capacity? Or is it a ratio at all? While we're at it, does a much larger set of candidate relays increase the false positive rate or other complexity for the attack? (The Tor network is now almost two orders of magnitude larger than it was when they wrote their paper.) Be sure to read <a href="http://freehaven.net/anonbib/#clog-the-queue">Don't Clog the Queue</a> too.</li> <li>The "routing zones attack": most of the literature thinks of the network path between Alice and her entry node (and between the exit node and Bob) as a single link on some graph. In practice, though, the path traverses many autonomous systems (ASes), and <a href="http://freehaven.net/anonbib/#feamster:wpes2004">it's not uncommon that the same AS appears on both the entry path and the exit path</a>. Unfortunately, to accurately predict whether a given Alice, entry, exit, Bob quad will be dangerous, we need to download an entire Internet routing zone and perform expensive operations on it. Are there practical approximations, such as avoiding IP addresses in the same /8 network?</li> <li>Other research questions regarding geographic diversity consider the tradeoff between choosing an efficient circuit and choosing a random circuit. Look at Stephen Rollyson's <a href="http://swiki.cc.gatech.edu:8080/ugResearch/uploads/7/ImprovingTor.pdf">position paper</a> on how to discard particularly slow choices without hurting anonymity "too much". This line of reasoning needs more work and more thinking, but it looks very promising.</li> <li>Tor doesn't work very well when relays have asymmetric bandwidth (e.g. cable or DSL). Because Tor has separate TCP connections between each hop, if the incoming bytes are arriving just fine and the outgoing bytes are all getting dropped on the floor, the TCP push-back mechanisms don't really transmit this information back to the incoming streams. Perhaps Tor should detect when it's dropping a lot of outgoing packets, and rate-limit incoming streams to regulate this itself? I can imagine a build-up and drop-off scheme where we pick a conservative rate-limit, slowly increase it until we get lost packets, back off, repeat. We need somebody who's good with networks to simulate this and help design solutions; and/or we need to understand the extent of the performance degradation, and use this as motivation to reconsider UDP transport.</li> <li>A related topic is congestion control. Is our current design sufficient once we have heavy use? Maybe we should experiment with variable-sized windows rather than fixed-size windows? That seemed to go well in an <a href="http://www.psc.edu/index.php/hpn-ssh/638">ssh throughput experiment</a>. We'll need to measure and tweak, and maybe overhaul if the results are good.</li> <li>Our censorship-resistance goals include preventing an attacker who's looking at Tor traffic on the wire from <a href="<svnprojects>design-paper/blocking.html#sec:network-fingerprint">distinguishing it from normal SSL traffic</a>. Obviously we can't achieve perfect steganography and still remain usable, but for a first step we'd like to block any attacks that can win by observing only a few packets. One of the remaining attacks we haven't examined much is that Tor cells are 512 bytes, so the traffic on the wire may well be a multiple of 512 bytes. How much does the batching and overhead in TLS records blur this on the wire? Do different buffer flushing strategies in Tor affect this? Could a bit of padding help a lot, or is this an attack we must accept?</li> <li>Tor circuits are built one hop at a time, so in theory we have the ability to make some streams exit from the second hop, some from the third, and so on. This seems nice because it breaks up the set of exiting streams that a given relay can see. But if we want each stream to be safe, the "shortest" path should be at least 3 hops long by our current logic, so the rest will be even longer. We need to examine this performance / security tradeoff.</li> <li>It's not that hard to DoS Tor relays or directory authorities. Are client puzzles the right answer? What other practical approaches are there? Bonus if they're backward-compatible with the current Tor protocol.</li> <li>Programs like <a href="<page torbutton/index>">Torbutton</a> aim to hide your browser's UserAgent string by replacing it with a uniform answer for every Tor user. That way the attacker can't splinter Tor's anonymity set by looking at that header. It tries to pick a string that is commonly used by non-Tor users too, so it doesn't stand out. Question one: how badly do we hurt ourselves by periodically updating the version of Firefox that Torbutton claims to be? If we update it too often, we splinter the anonymity sets ourselves. If we don't update it often enough, then all the Tor users stand out because they claim to be running a quite old version of Firefox. The answer here probably depends on the Firefox versions seen in the wild. Question two: periodically people ask us to cycle through N UserAgent strings rather than stick with one. Does this approach help, hurt, or not matter? Consider: cookies and recognizing Torbutton users by their rotating UserAgents; malicious websites who only attack certain browsers; and whether the answers to question one impact this answer. </li> <li>How many bridge relays do you need to know to maintain reachability? We should measure the churn in our bridges. If there is lots of churn, are there ways to keep bridge users more likely to stay connected? </li> </ol> <p> <a href="<page about/contact>">Let us know</a> if you've made progress on any of these! </p> </div> <!-- END MAINCOL --> <div id = "sidecol"> #include "side.wmi" #include "info.wmi" </div> <!-- END SIDECOL --> </div> <!-- END CONTENT --> #include <foot.wmi>