Browse code

Updating 'Build Better Pluggable Transports'

Applying a patch from Ximin for the 'Build Better Pluggable Transports'
project.

Damian Johnson authored on06/02/2014 17:52:25
Showing1 changed files
... ...
@@ -240,7 +240,7 @@ meetings around the world.</li>
240 240
         <td>Client Add-on</td>
241 241
         <td>Python, JavaScript, Go</td>
242 242
         <td>Heavy</td>
243
-        <td>dcf, aallai, jct</td>
243
+        <td>dcf, infinity0, aallai, jct</td>
244 244
       </tr>
245 245
 
246 246
       <tr>
... ...
@@ -1070,25 +1070,66 @@ meetings around the world.</li>
1070 1070
     <br>
1071 1071
     Skill Level: <i>Medium</i>
1072 1072
     <br>
1073
-    Likely Mentors: <i>Steven (sjmurdoch), George (asn)</i>
1073
+    Likely Mentors: <i>Steven (sjmurdoch), Ximin (infinity0), George (asn)</i>
1074 1074
     <p>
1075
-    For Tor users in censored countries, we currently offer <a
1076
-    href="https://www.torproject.org/projects/obfsproxy.html.en">obfsproxy</a>
1077
-    bridges, which disguise Tor traffic by making it look random. This works
1078
-    for many users, but it has disadvantages: firstly it does not disguise
1079
-    packet size and secondly it looks like no real protocol. These weaknesses
1080
-    may result in obfsproxy being blocked.
1075
+    For Tor users in censored countries, we have a <a
1076
+    href="https://www.torproject.org/docs/pluggable-transports.html.en">
1077
+    pluggable transports</a> framework that uses external programs to bypass
1078
+    censorship in different ways. Each of these have their own strengths and
1079
+    weaknesses.
1081 1080
     </p>
1082 1081
 
1083 1082
     <p>
1084
-    The goal for this project will be to implement new pluggable transports,
1085
-    which resolve these weaknesses and so can be deployed if/when obfsproxy is
1086
-    blocked. Ideas for doing so include:
1087
-      <ul>
1088
-        <li>Impersonate a voice-over-IP protocol</li>
1089
-        <li>Impersonate HTTP sufficiently well that traffic will go through a HTTP-only proxy</li>
1090
-        <li>Implement <a href="http://cacr.uwaterloo.ca/techreports/2011/cacr2011-21.pdf">scanning resistance</a></a>
1091
-      </ul>
1083
+    We have deployed <a
1084
+    href="https://www.torproject.org/projects/obfsproxy.html.en">obfsproxy</a>
1085
+    and <a href="http://crypto.stanford.edu/flashproxy/">flashproxy</a> bridges
1086
+    for a while, accessible using separately-installed pluggable transport
1087
+    clients. Recently, we added this client support to the main Tor Browser
1088
+    Bundle, and are adding more transports such as scramblesuit and fteproxy.
1089
+    </p>
1090
+
1091
+    <p>
1092
+    There are several possible directions for this project. Ideas include:
1093
+      <ol>
1094
+        <li>Address gaps or weaknesses in our existing pluggable transports
1095
+          <ul>
1096
+            <li>Flashproxy: Add WebRTC support to traverse NATs.</li>
1097
+            <li>Flashproxy: Improve the facilitator's resistance against DoS
1098
+            and poisoning attacks.</li>
1099
+          </ul>
1100
+        </li>
1101
+        <li>Build our pluggable transport combiner, that chains several
1102
+        transports together to take advantage of orthogonal types of blocking
1103
+        resistance.</li>
1104
+        <li>Improve the UX for selecting the appropriate pluggable transport in
1105
+        the new Tor Browser Bundle, whilst maintaining user security.</li>
1106
+        <li>Implement a new pluggable transport that resists blocking in a
1107
+        novel way.
1108
+        <ul>
1109
+          <li>Impersonate a voice-over-IP protocol</li>
1110
+          <li>Impersonate HTTP <a
1111
+          href="http://www.cs.utexas.edu/~amir/papers/parrot.pdf">sufficiently
1112
+          well</a> that traffic will go through a HTTP-only proxy</li>
1113
+          <li>Implement <a
1114
+          href="http://cacr.uwaterloo.ca/techreports/2011/cacr2011-21.pdf">scanning
1115
+          resistance</a></li>
1116
+        </ul>
1117
+        </li>
1118
+      </ol>
1119
+    </p>
1120
+
1121
+    <p>
1122
+    Applicants should be familiar with asynchronous/reactive programming, in
1123
+    particular the <a href="https://twistedmatrix.com/">Twisted framework</a>
1124
+    or something related. Most of the existing code is written in Python, with
1125
+    some parts in JavaScript and Go, so you should know at least one of these.
1126
+    You are invited to talk to us and ask questions, via our mailing lists
1127
+    or IRC. <b>As part of your application, please contribute a patch that
1128
+    implements a small feature or fixes a bug related to this area, e.g. <a
1129
+    href="https://trac.torproject.org/projects/tor/query?status=!closed&component=Pluggable+transport">1</a>,
1130
+    <a href="https://trac.torproject.org/projects/tor/query?status=!closed&component=Obfsproxy">2</a>,
1131
+    <a href="https://trac.torproject.org/projects/tor/query?status=!closed&component=Flashproxy">3</a>.
1132
+    </b>
1092 1133
     </p>
1093 1134
 
1094 1135
     <a id="hsSearchEngine"></a>