Nick Mathewson commited on 2008-03-12 02:41:41
Zeige 1 geänderte Dateien mit 41 Einfügungen und 20 Löschungen.
... | ... |
@@ -22,7 +22,7 @@ services. Get them to tell their friends.</li> |
22 | 22 |
<a id="Usability"></a> |
23 | 23 |
<h2><a class="anchor" href="#Usability">Supporting Applications</a></h2> |
24 | 24 |
<ol> |
25 |
-<li>We need good ways to intercept DNS requests so they don't "leak" their |
|
25 |
+<li>We need more good ways to intercept DNS requests so they don't "leak" their |
|
26 | 26 |
request to a local observer while we're trying to be anonymous. (This |
27 | 27 |
happens because the application does the DNS resolve before going to |
28 | 28 |
the SOCKS proxy.)</li> |
... | ... |
@@ -396,7 +396,7 @@ to prevent Tor information leakage. |
396 | 396 |
</li> |
397 | 397 |
|
398 | 398 |
<li> |
399 |
-<b>Improving our ability to be resistant to censorship</b> |
|
399 |
+<b>Improving Tor's ability to resist censorship</b> |
|
400 | 400 |
<br /> |
401 | 401 |
Priority: <i>High</i> |
402 | 402 |
<br /> |
... | ... |
@@ -406,16 +406,23 @@ Skill Level: <i>High</i> |
406 | 406 |
<br /> |
407 | 407 |
Likely Mentors: <i>Nick</i> |
408 | 408 |
<br /> |
409 |
-Tor needs even better censorship resistance mechanisms. There are |
|
410 |
-several mechanisms that can help. Tor should be able to |
|
411 |
-<a href="<svnsandbox>doc/spec/proposals/118-multiple-orports.txt">listen |
|
412 |
-on multiple |
|
413 |
-addresses and ports</a>, and allow clients to connect to all of them. |
|
414 |
-Tor relays and |
|
409 |
+The Tor 0.2.0.x series makes <a |
|
410 |
+href="<svnsandbox>doc/design-paper/blocking.html">significant |
|
411 |
+improvements</a> in resisting national and organizational censorship. |
|
412 |
+But Tor still needs bettere mechanisms for some parts of its |
|
413 |
+anti-censorship design. For example, current Tors can only listen on a |
|
414 |
+single address/port combination at a time. There's |
|
415 |
+<a href="<svnsandbox>doc/spec/proposals/118-multiple-orports.txt">a |
|
416 |
+proposal to address this limitation</a>, and allow clients to connect |
|
417 |
+to any given Tor on multiple addresses and ports, but it needs more |
|
418 |
+work. Another anti-censorship project (far more difficult) is to try |
|
419 |
+to make Tor more scanning-resistant. Right now, an adversary can identify |
|
415 | 420 |
<a href="<svnsandbox>doc/spec/proposals/125-bridges.txt">Tor bridges</a> |
416 |
-should be able to |
|
417 |
-<a href="<svnsandbox>doc/design-paper/blocking.html#tth_sEc9.3">appear like |
|
418 |
-a webserver</a> (HTTP or HTTPS) when contacted by port-scanning tools. |
|
421 |
+just by trying to connect to them, following the Tor protocol, and |
|
422 |
+seeing if they respond. To solve this, bridges could |
|
423 |
+<a href="<svnsandbox>doc/design-paper/blocking.html#tth_sEc9.3">act like |
|
424 |
+webservers</a> (HTTP or HTTPS) when contacted by port-scanning tools, |
|
425 |
+and not act like bridges until the user provides a bridge-specific key. |
|
419 | 426 |
<br /> |
420 | 427 |
This project involves a lot of research and design. One of the big |
421 | 428 |
challenges will be identifying and crafting approaches that can still |
... | ... |
@@ -434,11 +441,17 @@ Skill Level: <i>Medium to High</i> |
434 | 441 |
<br /> |
435 | 442 |
Likely Mentors: <i>Nick</i> |
436 | 443 |
<br /> |
437 |
-Tor should make better use of the more recent features of Niels Provos's |
|
438 |
-Libevent library. Libevent already provides HTTP and socket buffers; |
|
439 |
-Tor's code for those could be replaced. We'll need to improve libevent's |
|
440 |
-code as needed — in particular to add good openssl support on top of |
|
441 |
-libevent's buffer abstraction. |
|
444 |
+Tor should make better use of the more recent features of Niels |
|
445 |
+Provos's <a href="http://monkey.org/~provos/libevent/">Libevent</a> |
|
446 |
+library. Tor already, uses Libevent for its low-level asynchronous IO |
|
447 |
+calls, and could also use Libevent's increasingly good implementations |
|
448 |
+of network buffers, and of HTTP. This wouldn't be simply a matter of |
|
449 |
+replacing Tor's internal calls with calls to Libevent: instead, we'll |
|
450 |
+need to refactor Tor's to use Libevent calls that do not follow the |
|
451 |
+same models as Tor's existing backends. Also, we'll need to add |
|
452 |
+missing functionality to Libevent as needed — most difficult likely |
|
453 |
+will be adding OpenSSL support on top of Libevent's buffer abstraction. |
|
454 |
+Also tricky will be adding rate-limiting to Libevent. |
|
442 | 455 |
</li> |
443 | 456 |
|
444 | 457 |
<li> |
... | ... |
@@ -452,13 +465,21 @@ Skill Level: <i>Medium to High</i> |
452 | 465 |
<br /> |
453 | 466 |
Likely Mentors: <i>Nick, Roger, Mike</i> |
454 | 467 |
<br /> |
455 |
-Tor should possibly measure bandwidth in a distributed way, as in the |
|
468 |
+Right now, Tor servers measure and report their own bandwidth, and Tor |
|
469 |
+clients choose which servers to use in part based on that bandwidth. |
|
470 |
+This approach is vulnerable to attacks where servers lie about their |
|
471 |
+abandwidth; to address this, Tor currently caps the maximum bandwidth |
|
472 |
+it's willing to believe any server provides. This is a limited fix, and |
|
473 |
+a waste of bandwidth capacity to boot. Instead, |
|
474 |
+Tor should possibly measure bandwidth in a more distributed way, perhaps |
|
475 |
+as described in the |
|
456 | 476 |
<a href="http://freehaven.net/anonbib/">"A Tuneup for Tor"</a> paper |
457 | 477 |
by Snader and Borisov. A student could use current testing code to |
458 | 478 |
double-check this paper's findings and verify the extent to which they |
459 |
-dovetail with Tor in the wild, and determine good ways to incorporate them |
|
460 |
-into the Tor network without adding undesirable n^2 traffic properties |
|
461 |
-at the directory authorities. |
|
479 |
+dovetail with Tor as deployed in the wild, and determine good ways to |
|
480 |
+incorporate them into their suggestions Tor network without adding too |
|
481 |
+much communications overhead between servers and directory |
|
482 |
+authorities. |
|
462 | 483 |
</li> |
463 | 484 |
|
464 | 485 |
<!-- |
465 | 486 |