Add tails project idea
Damian Johnson

Damian Johnson commited on 2016-03-15 17:09:32
Zeige 1 geänderte Dateien mit 82 Einfügungen und 0 Löschungen.


Resurrecting a project from commit 186b0b6 anonym and asn would like to mentor
this year.
... ...
@@ -1443,6 +1443,88 @@ implementation.
1443 1443
     well as collect information about the occurrence of these type of attacks.
1444 1444
     </p>
1445 1445
     </li>
1446
+
1447
+    <a id="tailsServer"></a>
1448
+    <li>
1449
+    <b>Tails server: Self-hosted services behind Tails-powered Tor hidden services</b>
1450
+    <br>
1451
+    Likely Mentors: <i>anonym, George (asn)</i>
1452
+    <p>Let's talk about group collaboration, communication and data sharing
1453
+    infrastructure, such as chat servers, wikis, or file repositories.</p>
1454
+    <p>Hosting such data and infrastructure <b>in the cloud</b> generally
1455
+    implies to trust the service providers not to disclose content, usage or
1456
+    users location information to third-parties. Hence, there are many threat
1457
+    models in which cloud hosting is not suitable.</p>
1458
+    <p>Tor partly answers the <b>users location</b> part; this is great, but
1459
+    <b>content</b> is left unprotected.</p>
1460
+    <p>There are two main ways to protect such content: either to encrypt it
1461
+    client-side (<b>security by design</b>), or to avoid putting it into
1462
+    untrusted hands in the first place.</p>
1463
+    <p>Cloud solutions that offer security by design are rare and generally
1464
+    not mature yet. The <b>Tails server</b> project is about exploring the
1465
+    other side of the alternative: avoiding to put private data into
1466
+    untrusted hands in the first place.</p>
1467
+    <p>This is made possible thanks to Tor hidden services, that allow users
1468
+    to offer location-hidden services, and make self-hosting possible in
1469
+    many threat models. Self-hosting has its own lot of problems, however,
1470
+    particularly in contexts where the physical security of the hosting
1471
+    place is not assured. Combining Tor hidden services with Tails'
1472
+    amnesia property and limited support for persistent encrypted data
1473
+    allows to protect content, to a great degree, even in such contexts.</p>
1474
+    <p>In short, setting up a new Tails server would be done by:</p>
1475
+
1476
+    <ol style="list-style-type: decimal">
1477
+      <li>Alice plugs a USB stick into a running desktop Tails system.</li>
1478
+      <li>Alice uses a GUI to easily configure the needed services.</li>
1479
+      <li>Alice unplugs the USB stick, that now contains encrypted services
1480
+      configuration and data storage space.</li>
1481
+      <li>Alice plugs that USB stick (and possibly a Tails Live CD) into the
1482
+      old laptop that was dedicated to run Tails server.</li>
1483
+      <li>Once booted, Alice enters the encryption passphrase either
1484
+      directly using the keyboard or through a web interface listening on the
1485
+      local network.</li>
1486
+      <li>Then, Bob can use the configured services once he gets a hold on
1487
+      the hidden service address. (The <b>petname system for Tor hidden
1488
+      services</b> project would be very complementary to this one, by the
1489
+      way.)</li>
1490
+    </ol>
1491
+
1492
+    <p>Tails server should content itself with hardware that is a bit old
1493
+    (such as a PIII-450 laptop with 256MB of RAM) and/or half broken (e.g.
1494
+    non-functional hard-disk, screen or keyboard).</p>
1495
+    <p>The challenges behind this project are:</p>
1496
+
1497
+    <ul>
1498
+      <li>Design and write the services configuration GUI [keywords: edit
1499
+      configuration files, upgrade between major Debian versions,
1500
+      debconf].</li>
1501
+      <li>How to create the hidden service key? [keywords: Vidalia, control
1502
+      protocol].</li>
1503
+      <li>Adapt the Tails boot process to allow switching to &quot;server
1504
+      mode&quot; when appropriate.</li>
1505
+      <li>Add support, to the Tails persistence setup process, for asking an
1506
+      encryption passphrase without X, and possibly with a broken keyboard
1507
+      and/or screen [keywords: local network, SSL/TLS?, certificate?].</li>
1508
+    </ul>
1509
+
1510
+    <p>This project can easily grow quite large, so the first task would
1511
+    probably be to clarify what it would need to get an initial (minimal
1512
+    but working) implementation ready to be shipped to users.</p>
1513
+    <p>This project does not require to be an expert in one specific field,
1514
+    but it requires to be experienced and at ease with a large scope of
1515
+    software development tools, processes, and operating system knowledge.</p>
1516
+    <p>Undertaking this project requires in-depth knowledge of Debian-like
1517
+    systems (self-test: do the "dpkg conffile" and "debconf preseeding"
1518
+    words sound new to your ear?); the Debian Live persistence system
1519
+    being written in shell, being at ease with robust shell scripting is
1520
+    a must; to end with, at least two pieces of software need to be
1521
+    written from scratch (a GUI and a webapp): the preferred languages for
1522
+    these tasks would be Python and Perl. Using Behaviour Driven
1523
+    Development methods to convey expectations and acceptance criteria
1524
+    would be most welcome.</p>
1525
+    <p>For more information see https://tails.boum.org/todo/server_edition/</p>
1526
+    </li>
1527
+
1446 1528
 <!--
1447 1529
     <a id=""></a>
1448 1530
     <li>
1449 1531