tor-webwml.git

@@ -347,17 +347,13 @@ meetings around the world.</li>

     and still under very active development.

     </p>

-    <!--

     <p>

     <b>Project Ideas:</b><br />

-    <i><a href="#tailsStartMenu">Custom GDM3 startup menu, aka.

-    tails-greeter</a></i><br />

-    <i><a href="#tailsMetadataAnonymizing">Meta-data anonymizing toolkit for

-    file publication</a></i><br />

-    <i><a href="#tailsDebianLive">Improve Debian Live support for

-    persistence</a></i>

+    <i><a href="#tailsHiddenServicePetnames">Petname system for Tor hidden

+    services</a></i><br />

+    <i><a href="#tailsServer">Tails server: Self-hosted services behind

+    Tails-powered Tor hidden services</a></i>

     </p>

-    -->

     <a id="project-torsocks"></a>

     <h3><a href="http://code.google.com/p/torsocks/">Torsocks</a> (<a

@@ -862,6 +858,49 @@ meetings around the world.</li>

     robustness.</p>

     </li>

+    <a id="tailsHiddenServicePetnames"></a>

+    <li>

+    <b>Petname system for Tor hidden services</b>

+    <br>

+    Priority: <i>Medium</i>

+    <br>

+    Effort Level: <i>High</i>

+    <br>

+    Skill Level: <i>High</i>

+    <br>

+    Likely Mentors: <i>ague</i>

+    <p>Tor provides hidden services. These services are only reachable through

+    Tor itself, and provide greater anonymity both for the providers of the

+    service and for its users.</p>

+    <p>One current downside of Tor hidden services is that they are addressed

+    using 80-bit base32-encoded addresses such as "v2cbb2l4lsnpio4q.onion".

+    These addresses are hard to remember; this makes them hard to use

+    within amnesic environment like Tails.</p>

+    <p>The project is to implement a petname system for Tor hidden services:

+    a way for users or providers of Tor hidden services to add a simple

+    'nickname' to a central database. Users could then query this central

+    database to retrieve a full hidden service address by giving

+    a nickname.</p>

+    <p>Adding petnames to the database could be done using a web interface or

+    automated fetch like those described in the <a

+    href="https://gitweb.torproject.org/torspec.git/blob/HEAD:/proposals/ideas/xxx-onion-nyms.txt">".onion

+    nym system&quot; proposal</a>.</p>

+    <p>Querying the database could be done using a web interface, a REST API and

+    a DNS interface.</p>

+    <p>In order not to grow indefinitely, the software should make regular tests to

+    see if hidden services are still reachable and, depending on the last time

+    a nickname was accessed, cleanup the database as necessary.</p>

+    <p>The software should allow a distributed, fault-tolerant setup.

+    All nodes should have a synchronized copy of the database, should be

+    ready to answer queries and should coordinate the tests for hidden

+    service availability.</p>

+    <p>The resulting codebase must be easy to deploy: it should not be hard to

+    setup new databases.</p>

+    <p>It is expected that the volunteer will be using Behaviour Driven

+    Development methods. Either in Ruby using Cucumber and RSpec, or in

+    Python using similar tools.</p>

+    </li>

+    

     <a id="stemPathsupport"></a>

     <li>

     <b>Stem PathSupport Capabilities</b>

@@ -919,6 +958,93 @@ meetings around the world.</li>

       be TorBEL.</p></li>

     </ol>

+    <a id="tailsServer"></a>

+    <li>

+    <b>Tails server: Self-hosted services behind Tails-powered Tor hidden services</b>

+    <br>

+    Priority: <i>Medium</i>

+    <br>

+    Effort Level: <i>High</i>

+    <br>

+    Skill Level: <i>Medium, but wide-scoped</i>

+    <br>

+    Likely Mentors: <i>intrigeri, anonym</i>

+    <p>Let's talk about group collaboration, communication and data sharing

+    infrastructure, such as chat servers, wikis, or file repositories.</p>

+    <p>Hosting such data and infrastructure <b>in the cloud</b> generally

+    implies to trust the service providers not to disclose content, usage or

+    users location information to third-parties. Hence, there are many threat

+    models in which cloud hosting is not suitable.</p>

+    <p>Tor partly answers the <b>users location</b> part; this is great, but

+    <b>content</b> is left unprotected.</p>

+    <p>There are two main ways to protect such content: either to encrypt it

+    client-side (<b>security by design</b>), or to avoid putting it into

+    untrusted hands in the first place.</p>

+    <p>Cloud solutions that offer security by design are rare and generally

+    not mature yet. The <b>Tails server</b> project is about exploring the

+    other side of the alternative: avoiding to put private data into

+    untrusted hands in the first place.</p>

+    <p>This is made possible thanks to Tor hidden services, that allow users

+    to offer location-hidden services, and make self-hosting possible in

+    many threat models. Self-hosting has its own lot of problems, however,

+    particularly in contexts where the physical security of the hosting

+    place is not assured. Combining Tor hidden services with Tails'

+    amnesia property and limited support for persistent encrypted data

+    allows to protect content, to a great degree, even in such contexts.</p>

+    <p>In short, setting up a new Tails server would be done by:</p>

+    

+    <ol style="list-style-type: decimal">

+      <li>Alice plugs a USB stick into a running desktop Tails system.</li>

+      <li>Alice uses a GUI to easily configure the needed services.</li>

+      <li>Alice unplugs the USB stick, that now contains encrypted services

+      configuration and data storage space.</li>

+      <li>Alice plugs that USB stick (and possibly a Tails Live CD) into the

+      old laptop that was dedicated to run Tails server.</li>

+      <li>Once booted, Alice enters the encryption passphrase either

+      directly using the keyboard or through a web interface listening on the

+      local network.</li>

+      <li>Then, Bob can use the configured services once he gets a hold on

+      the hidden service address. (The <b>petname system for Tor hidden

+      services</b> project would be very complementary to this one, by the

+      way.)</li>

+    </ol>

+    

+    <p>Tails server should content itself with hardware that is a bit old

+    (such as a PIII-450 laptop with 256MB of RAM) and/or half broken (e.g.

+    non-functional hard-disk, screen or keyboard).</p>

+    <p>The challenges behind this project are:</p>

+    

+    <ul>

+      <li>Design and write the services configuration GUI [keywords: edit

+      configuration files, upgrade between major Debian versions,

+      debconf].</li>

+      <li>How to create the hidden service key? [keywords: Vidalia, control

+      protocol].</li>

+      <li>Adapt the Tails boot process to allow switching to &quot;server

+      mode&quot; when appropriate.</li>

+      <li>Add support, to the Tails persistence setup process, for asking an

+      encryption passphrase without X, and possibly with a broken keyboard

+      and/or screen [keywords: local network, SSL/TLS?, certificate?].</li>

+    </ul>

+    

+    <p>This project can easily grow quite large, so the first task would

+    probably be to clarify what it would need to get an initial (minimal

+    but working) implementation ready to be shipped to users.</p>

+    <p>This project does not require to be an expert in one specific field,

+    but it requires to be experienced and at ease with a large scope of

+    software development tools, processes, and operating system knowledge.</p>

+    <p>Undertaking this project requires in-depth knowledge of Debian-like

+    systems (self-test: do the "dpkg conffile" and "debconf preseeding"

+    words sound new to your ear?); the Debian Live persistence system

+    being written in shell, being at ease with robust shell scripting is

+    a must; to end with, at least two pieces of software need to be

+    written from scratch (a GUI and a webapp): the preferred languages for

+    these tasks would be Python and Perl. Using Behaviour Driven

+    Development methods to convey expectations and acceptance criteria

+    would be most welcome.</p>

+    <p>For more information see https://tails.boum.org/todo/server_edition/</p>

+    </li>

+    

     <a id="geoIPUpgrade"></a>

     <li>

     <b>Improve our GeoIP file format</b>