Damian Johnson commited on 2016-03-15 17:09:32
Zeige 1 geänderte Dateien mit 82 Einfügungen und 0 Löschungen.
Resurrecting a project from commit 186b0b6 anonym and asn would like to mentor this year.
... | ... |
@@ -1443,6 +1443,88 @@ implementation. |
1443 | 1443 |
well as collect information about the occurrence of these type of attacks. |
1444 | 1444 |
</p> |
1445 | 1445 |
</li> |
1446 |
+ |
|
1447 |
+ <a id="tailsServer"></a> |
|
1448 |
+ <li> |
|
1449 |
+ <b>Tails server: Self-hosted services behind Tails-powered Tor hidden services</b> |
|
1450 |
+ <br> |
|
1451 |
+ Likely Mentors: <i>anonym, George (asn)</i> |
|
1452 |
+ <p>Let's talk about group collaboration, communication and data sharing |
|
1453 |
+ infrastructure, such as chat servers, wikis, or file repositories.</p> |
|
1454 |
+ <p>Hosting such data and infrastructure <b>in the cloud</b> generally |
|
1455 |
+ implies to trust the service providers not to disclose content, usage or |
|
1456 |
+ users location information to third-parties. Hence, there are many threat |
|
1457 |
+ models in which cloud hosting is not suitable.</p> |
|
1458 |
+ <p>Tor partly answers the <b>users location</b> part; this is great, but |
|
1459 |
+ <b>content</b> is left unprotected.</p> |
|
1460 |
+ <p>There are two main ways to protect such content: either to encrypt it |
|
1461 |
+ client-side (<b>security by design</b>), or to avoid putting it into |
|
1462 |
+ untrusted hands in the first place.</p> |
|
1463 |
+ <p>Cloud solutions that offer security by design are rare and generally |
|
1464 |
+ not mature yet. The <b>Tails server</b> project is about exploring the |
|
1465 |
+ other side of the alternative: avoiding to put private data into |
|
1466 |
+ untrusted hands in the first place.</p> |
|
1467 |
+ <p>This is made possible thanks to Tor hidden services, that allow users |
|
1468 |
+ to offer location-hidden services, and make self-hosting possible in |
|
1469 |
+ many threat models. Self-hosting has its own lot of problems, however, |
|
1470 |
+ particularly in contexts where the physical security of the hosting |
|
1471 |
+ place is not assured. Combining Tor hidden services with Tails' |
|
1472 |
+ amnesia property and limited support for persistent encrypted data |
|
1473 |
+ allows to protect content, to a great degree, even in such contexts.</p> |
|
1474 |
+ <p>In short, setting up a new Tails server would be done by:</p> |
|
1475 |
+ |
|
1476 |
+ <ol style="list-style-type: decimal"> |
|
1477 |
+ <li>Alice plugs a USB stick into a running desktop Tails system.</li> |
|
1478 |
+ <li>Alice uses a GUI to easily configure the needed services.</li> |
|
1479 |
+ <li>Alice unplugs the USB stick, that now contains encrypted services |
|
1480 |
+ configuration and data storage space.</li> |
|
1481 |
+ <li>Alice plugs that USB stick (and possibly a Tails Live CD) into the |
|
1482 |
+ old laptop that was dedicated to run Tails server.</li> |
|
1483 |
+ <li>Once booted, Alice enters the encryption passphrase either |
|
1484 |
+ directly using the keyboard or through a web interface listening on the |
|
1485 |
+ local network.</li> |
|
1486 |
+ <li>Then, Bob can use the configured services once he gets a hold on |
|
1487 |
+ the hidden service address. (The <b>petname system for Tor hidden |
|
1488 |
+ services</b> project would be very complementary to this one, by the |
|
1489 |
+ way.)</li> |
|
1490 |
+ </ol> |
|
1491 |
+ |
|
1492 |
+ <p>Tails server should content itself with hardware that is a bit old |
|
1493 |
+ (such as a PIII-450 laptop with 256MB of RAM) and/or half broken (e.g. |
|
1494 |
+ non-functional hard-disk, screen or keyboard).</p> |
|
1495 |
+ <p>The challenges behind this project are:</p> |
|
1496 |
+ |
|
1497 |
+ <ul> |
|
1498 |
+ <li>Design and write the services configuration GUI [keywords: edit |
|
1499 |
+ configuration files, upgrade between major Debian versions, |
|
1500 |
+ debconf].</li> |
|
1501 |
+ <li>How to create the hidden service key? [keywords: Vidalia, control |
|
1502 |
+ protocol].</li> |
|
1503 |
+ <li>Adapt the Tails boot process to allow switching to "server |
|
1504 |
+ mode" when appropriate.</li> |
|
1505 |
+ <li>Add support, to the Tails persistence setup process, for asking an |
|
1506 |
+ encryption passphrase without X, and possibly with a broken keyboard |
|
1507 |
+ and/or screen [keywords: local network, SSL/TLS?, certificate?].</li> |
|
1508 |
+ </ul> |
|
1509 |
+ |
|
1510 |
+ <p>This project can easily grow quite large, so the first task would |
|
1511 |
+ probably be to clarify what it would need to get an initial (minimal |
|
1512 |
+ but working) implementation ready to be shipped to users.</p> |
|
1513 |
+ <p>This project does not require to be an expert in one specific field, |
|
1514 |
+ but it requires to be experienced and at ease with a large scope of |
|
1515 |
+ software development tools, processes, and operating system knowledge.</p> |
|
1516 |
+ <p>Undertaking this project requires in-depth knowledge of Debian-like |
|
1517 |
+ systems (self-test: do the "dpkg conffile" and "debconf preseeding" |
|
1518 |
+ words sound new to your ear?); the Debian Live persistence system |
|
1519 |
+ being written in shell, being at ease with robust shell scripting is |
|
1520 |
+ a must; to end with, at least two pieces of software need to be |
|
1521 |
+ written from scratch (a GUI and a webapp): the preferred languages for |
|
1522 |
+ these tasks would be Python and Perl. Using Behaviour Driven |
|
1523 |
+ Development methods to convey expectations and acceptance criteria |
|
1524 |
+ would be most welcome.</p> |
|
1525 |
+ <p>For more information see https://tails.boum.org/todo/server_edition/</p> |
|
1526 |
+ </li> |
|
1527 |
+ |
|
1446 | 1528 |
<!-- |
1447 | 1529 |
<a id=""></a> |
1448 | 1530 |
<li> |
1449 | 1531 |