Roger Dingledine commited on 2008-03-12 01:32:09
Zeige 1 geänderte Dateien mit 160 Einfügungen und 100 Löschungen.
... | ... |
@@ -95,7 +95,7 @@ Farsi translations, for the many Tor users in censored areas.</li> |
95 | 95 |
<p> |
96 | 96 |
You may find some of these projects to be good <a href="<page |
97 | 97 |
gsoc>">Google Summer of Code 2008</a> ideas. We have labelled each idea |
98 |
-with how important it is to the overall Tor project to get this started |
|
98 |
+with how useful it would be to the overall Tor project |
|
99 | 99 |
(priority), how much work we expect it would be (effort level), how much |
100 | 100 |
clue you should start with (skill level), and which of our <a href="<page |
101 | 101 |
people>#Core">core developers</a> would be good mentors. |
... | ... |
@@ -114,7 +114,7 @@ Skill Level: <i>High</i> |
114 | 114 |
<br /> |
115 | 115 |
Likely Mentors: <i>Matt, Jacob</i> |
116 | 116 |
<br /> |
117 |
-We're in need of a good updating framework. |
|
117 |
+We're in need of a good authenticated-update framework. |
|
118 | 118 |
Vidalia already has the ability to notice when the user is running an |
119 | 119 |
outdated or unrecommended version of Tor, using signed statements inside |
120 | 120 |
the Tor directory information. Currently, Vidalia simply pops |
... | ... |
@@ -138,7 +138,7 @@ an existing one) and test it. |
138 | 138 |
<br /> |
139 | 139 |
A student undertaking this project should have good C++ development |
140 | 140 |
experience. Previous experience with Qt is helpful, but not required. The |
141 |
-student should also have a basic understanding of common security |
|
141 |
+student should also have a good understanding of common security |
|
142 | 142 |
practices, such as package signature verification. Good writing ability |
143 | 143 |
is also important for this project, since a vital step of the project |
144 | 144 |
will be producing a design document for others to review and discuss |
... | ... |
@@ -220,7 +220,8 @@ to be able to change Tor's configuration (torrc) even though it is |
220 | 220 |
located in <code>/etc/tor/torrc</code> and thus immutable. The best |
221 | 221 |
idea we've come up with so far is to feed Tor a new configuration via |
222 | 222 |
the ControlSocket when Vidalia starts, but that's bad because Tor starts |
223 |
-with a different configuration than the user wants. The second best idea |
|
223 |
+each boot with a different configuration than the user wants. The second |
|
224 |
+best idea |
|
224 | 225 |
we've come up with is for Vidalia to write out a temporary torrc file |
225 | 226 |
and ask the user to manually move it to <code>/etc/tor/torrc</code>, |
226 | 227 |
but that's bad because users shouldn't have to mess with files directly. |
... | ... |
@@ -242,8 +243,8 @@ Skill Level: <i>Medium</i> |
242 | 243 |
Likely Mentors: <i>Matt, Roger</i> |
243 | 244 |
<br /> |
244 | 245 |
There are a number of status changes inside Tor of which the user may need |
245 |
-to be informed. For example, if the user is trying to set up a Tor |
|
246 |
-relay and Tor decides the user's relay is not reachable from outside |
|
246 |
+to be informed. For example, if the user is trying to set up his Tor as a |
|
247 |
+relay and Tor decides that its ports are not reachable from outside |
|
247 | 248 |
the user's network, we should alert the user. Currently, all the user |
248 | 249 |
gets is a couple log messages in Vidalia's 'message log' window, which they |
249 | 250 |
likely never see since they don't receive a notification that something |
... | ... |
@@ -274,7 +275,7 @@ design/Photoshop fu, since we might want/need some shiny new icons too. |
274 | 275 |
</li> |
275 | 276 |
|
276 | 277 |
<li> |
277 |
-<b>A Translation Wiki</b> |
|
278 |
+<b>Translation Wiki</b> |
|
278 | 279 |
<br /> |
279 | 280 |
Priority: <i>High</i> |
280 | 281 |
<br /> |
... | ... |
@@ -284,24 +285,28 @@ Skill Level: <i>Medium</i> |
284 | 285 |
<br /> |
285 | 286 |
Likely Mentors: <i>Jacob</i> |
286 | 287 |
<br /> |
287 |
-We need a way to edit and translate sections of the website — |
|
288 |
-possibly resulting in a patch for the official svn tree. The current |
|
289 |
-"cost" of publication of website changes is quite high even for English |
|
290 |
-language users. They need to check out our template files, translate them, |
|
291 |
-and send us the translation. For a single word change or any type of |
|
288 |
+We need a way to edit and translate sections of the website. Currently |
|
289 |
+the website is made up of a bunch of <a href="<svnsandbox>website/en/">wml |
|
290 |
+files</a>, and <a href="<page translation>">translators</a> fetch these |
|
291 |
+wml files, translate them in an editor, and either send us the translation |
|
292 |
+or use svn to commit them back. The current "cost" of publication of |
|
293 |
+website changes is quite high even for English language users. For a |
|
294 |
+single word change or any type of |
|
292 | 295 |
minor change, the page may never be corrected or translated. It would |
293 | 296 |
be nice to have a wiki that was specifically geared towards translation |
294 | 297 |
and would somehow track the upstream (English) versions to indicate when |
295 |
-a fresh translation is needed. This seems mostly like a job for a wiki |
|
298 |
+a fresh translation is needed, like our current |
|
299 |
+<a href="<page translation-status>">translation status page</a>. This |
|
300 |
+seems mostly like a job for a wiki |
|
296 | 301 |
integrator or wiki software author. Certainly the person would need to |
297 | 302 |
be interested in human languages and translation. They should at least |
298 |
-be minimally familiar with what Tor is but would not have to interact |
|
299 |
-with the software, only the documentation on the website. |
|
303 |
+be minimally familiar with what Tor is; but they would not have to interact |
|
304 |
+with the software, only the documentation and the website. |
|
300 | 305 |
</li> |
301 | 306 |
|
302 | 307 |
<li> |
303 | 308 |
<b>Improvements on our active browser configuration tester</b> - |
304 |
-<a href="https://check.torproject.org">https://check.torproject.org</a> |
|
309 |
+<a href="https://check.torproject.org/">https://check.torproject.org/</a> |
|
305 | 310 |
<br /> |
306 | 311 |
Priority: <i>Medium</i> |
307 | 312 |
<br /> |
... | ... |
@@ -309,24 +314,30 @@ Effort Level: <i>Low</i> |
309 | 314 |
<br /> |
310 | 315 |
Skill Level: <i>Low to Medium</i> |
311 | 316 |
<br /> |
312 |
-Likely Mentors: <i>Jacob</i> |
|
317 |
+Likely Mentors: <i>Jacob, Steven</i> |
|
313 | 318 |
<br /> |
314 | 319 |
We currently have a functional web page to detect if Tor is working. It |
315 | 320 |
is has a few places where it falls short. It requires improvements with |
316 | 321 |
regard to default languages and functionality. It currently only responds |
317 | 322 |
in English. In addition, it is a hack of a perl script that should have |
318 | 323 |
never seen the light of day. It should probably be rewritten in python |
319 |
-with multi-lingual support in mind. It currently uses the Tor DNS exit |
|
320 |
-list and should continue to do so in the future. It may result in certain |
|
324 |
+with multi-lingual support in mind. It currently uses the <a |
|
325 |
+href="http://exitlist.torproject.org/">Tor DNS exit list</a> |
|
326 |
+and should continue to do so in the future. It currently result in certain |
|
321 | 327 |
false positives and these should be discovered, documented, and fixed |
322 | 328 |
where possible. Anyone working on this project should be interested in |
323 | 329 |
DNS, basic perl or preferably python programming skills and will have |
324 | 330 |
to interact minimally with Tor to test their code. |
331 |
+<br /> |
|
332 |
+If you want to make the project more exciting |
|
333 |
+and involve more design and coding, take a look at <a |
|
334 |
+href="<svnsandbox>doc/spec/proposals/131-verify-tor-usage.txt">proposal |
|
335 |
+131-verify-tor-usage.txt</a>. |
|
325 | 336 |
</li> |
326 | 337 |
|
327 | 338 |
<li> |
328 | 339 |
<b>Improvements on our DNS Exit List service</b> - |
329 |
-<a href="http://exitlist.torproject.org">http://exitlist.torproject.org</a> |
|
340 |
+<a href="http://exitlist.torproject.org/">http://exitlist.torproject.org/</a> |
|
330 | 341 |
<br /> |
331 | 342 |
Priority: <i>Medium</i> |
332 | 343 |
<br /> |
... | ... |
@@ -336,10 +347,11 @@ Skill Level: <i>Low</i> |
336 | 347 |
<br /> |
337 | 348 |
Likely Mentors: <i>Jacob, Tup</i> |
338 | 349 |
<br /> |
339 |
-The exitlist software is written by our fabulous anonymous |
|
350 |
+The <a href="http://p56soo2ibjkx23xo.onion/">exitlist software</a> |
|
351 |
+is written by our fabulous anonymous |
|
340 | 352 |
contributer Tup. It's a DNS server written in Haskell that supports part of our <a |
341 | 353 |
href="https://www.torproject.org/svn/trunk/doc/contrib/torel-design.txt">exitlist |
342 |
-design document</a>. Currently, it's functional and it is used by |
|
354 |
+design document</a>. Currently, it is functional and it is used by |
|
343 | 355 |
check.torproject.org and other users. The issues that are outstanding |
344 | 356 |
are mostly aesthetic. This wonderful service could use a much better |
345 | 357 |
website using the common Tor theme. It would be best served with better |
... | ... |
@@ -361,24 +373,26 @@ Effort Level: <i>Medium</i> |
361 | 373 |
<br /> |
362 | 374 |
Skill Level: <i>Medium</i> |
363 | 375 |
<br /> |
364 |
-Likely Mentors: <i>Jacob, Mike</i> |
|
376 |
+Likely Mentors: <i>Jacob, Mike, Greg</i> |
|
365 | 377 |
<br /> |
366 |
-The Tor project currently lacks a solid test to ensure that a |
|
367 |
-user has a properly configured web browser. It should test for as |
|
378 |
+The Tor project currently lacks a solid test suite to ensure that a |
|
379 |
+user has a properly and safely configured web browser. It should test for as |
|
368 | 380 |
many known issues as possible. It should attempt to decloak the |
369 | 381 |
user in any way possible. Two current webpages that track these |
370 |
-kinds of issues are run by Greg and HD Moore. Greg keeps a nice <a |
|
382 |
+kinds of issues are run by Greg Fleischer and HD Moore. Greg keeps a nice <a |
|
371 | 383 |
href="http://pseudo-flaw.net/tor/torbutton/">list of issues along |
372 | 384 |
with their proof of concept code, bug issues, etc</a>. HD Moore runs |
373 | 385 |
the <a href="http://metasploit.com/research/projects/decloak/">metasploit |
374 |
-decloak website</a>. A person interested in attacking Tor could start |
|
386 |
+decloak website</a>. A student interested in defending Tor could start |
|
375 | 387 |
by collecting as many workable and known methods for decloaking a |
376 |
-Tor user. The person should be familiar with the common pitfalls but |
|
388 |
+Tor user. (<a href="https://torcheck.xenobite.eu/">This page</a> may |
|
389 |
+be helpful as a start.) The student should be familiar with the common |
|
390 |
+pitfalls but |
|
377 | 391 |
possibly have new methods in mind for implementing decloaking issues. The |
378 | 392 |
website should ensure that it tells a user what their problem is. It |
379 | 393 |
should help them to fix the problem or direct them to the proper support |
380 |
-channels. The person should be closely familiar with using Tor and how |
|
381 |
-to prevent Tor leakage. |
|
394 |
+channels. The student should be closely familiar with using Tor and how |
|
395 |
+to prevent Tor information leakage. |
|
382 | 396 |
</li> |
383 | 397 |
|
384 | 398 |
<li> |
... | ... |
@@ -388,15 +402,25 @@ Priority: <i>High</i> |
388 | 402 |
<br /> |
389 | 403 |
Effort Level: <i>High</i> |
390 | 404 |
<br /> |
391 |
-Skill Level: <i>Medium to High</i> |
|
405 |
+Skill Level: <i>High</i> |
|
392 | 406 |
<br /> |
393 |
-Likely Mentors: <i>Roger</i> |
|
407 |
+Likely Mentors: <i>Nick</i> |
|
394 | 408 |
<br /> |
395 | 409 |
Tor needs even better censorship resistance mechanisms. There are |
396 |
-several mechanisms that can help. Tor should be able listen on multiple |
|
397 |
-addresses and ports, and allow clients to connect to all of them. |
|
398 |
-Tor should be able to appear like a webserver (HTTP or HTTPS) when |
|
399 |
-contacted by port-scanning tools. |
|
410 |
+several mechanisms that can help. Tor should be able to |
|
411 |
+<a href="<svnsandbox>doc/spec/proposals/118-multiple-orports.txt">listen |
|
412 |
+on multiple |
|
413 |
+addresses and ports</a>, and allow clients to connect to all of them. |
|
414 |
+Tor relays and |
|
415 |
+<a href="<svnsandbox>doc/spec/proposals/125-bridges.txt">Tor bridges</a> |
|
416 |
+should be able to |
|
417 |
+<a href="<svnsandbox>doc/design-paper/blocking.html#tth_sEc9.3">appear like |
|
418 |
+a webserver</a> (HTTP or HTTPS) when contacted by port-scanning tools. |
|
419 |
+<br /> |
|
420 |
+This project involves a lot of research and design. One of the big |
|
421 |
+challenges will be identifying and crafting approaches that can still |
|
422 |
+resist an adversary even after the adversary knows the design, and |
|
423 |
+then trading off censorship resistance with usability and robustness. |
|
400 | 424 |
</li> |
401 | 425 |
|
402 | 426 |
<li> |
... | ... |
@@ -413,7 +437,7 @@ Likely Mentors: <i>Nick</i> |
413 | 437 |
Tor should make better use of the more recent features of Niels Provos's |
414 | 438 |
Libevent library. Libevent already provides HTTP and socket buffers; |
415 | 439 |
Tor's code for those could be replaced. We'll need to improve libevent's |
416 |
-code as needed; particularly, to add good openssl support on top of |
|
440 |
+code as needed — in particular to add good openssl support on top of |
|
417 | 441 |
libevent's buffer abstraction. |
418 | 442 |
</li> |
419 | 443 |
|
... | ... |
@@ -426,7 +450,7 @@ Effort Level: <i>Medium</i> |
426 | 450 |
<br /> |
427 | 451 |
Skill Level: <i>Medium to High</i> |
428 | 452 |
<br /> |
429 |
-Likely Mentors: <i>Roger</i> |
|
453 |
+Likely Mentors: <i>Nick, Roger, Mike</i> |
|
430 | 454 |
<br /> |
431 | 455 |
Tor should possibly measure bandwidth in a distributed way, as in the |
432 | 456 |
<a href="http://freehaven.net/anonbib/">"A Tuneup for Tor"</a> paper |
... | ... |
@@ -437,6 +461,7 @@ into the Tor network without adding undesirable n^2 traffic properties |
437 | 461 |
at the directory authorities. |
438 | 462 |
</li> |
439 | 463 |
|
464 |
+<!-- |
|
440 | 465 |
<li> |
441 | 466 |
<b>Improving the Tor QA process: Continuous Integration for Windows builds</b> |
442 | 467 |
<br /> |
... | ... |
@@ -470,8 +495,9 @@ our regular integration and compile testing already, |
470 | 495 |
but we need to get our network simulation tests (as built in torflow) |
471 | 496 |
updated for more recent versions of Tor, and designed to launch a test |
472 | 497 |
network either on a single machine, or across several, so we can test |
473 |
-changes in performance on machines in different roles automatically.<br /> |
|
498 |
+changes in performance on machines in different roles automatically. |
|
474 | 499 |
</li> |
500 |
+--> |
|
475 | 501 |
|
476 | 502 |
<li> |
477 | 503 |
<b>Improve our unit testing process</b> |
... | ... |
@@ -488,18 +514,20 @@ Tor needs to be far more tested. This is a multi-part effort. To start |
488 | 514 |
with, our unit test coverage should rise substantially, especially in |
489 | 515 |
the areas outside the utility functions. This will require significant |
490 | 516 |
refactoring of some parts of Tor, in order to dissociate as much logic |
491 |
-as possible from globals.<br /> |
|
517 |
+as possible from globals. |
|
518 |
+<br /> |
|
492 | 519 |
Additionally, we need to automate our performance testing. We've got |
493 |
-buildbot (except on Windows — see above) to automate our regular |
|
494 |
-integration and compile testing already, |
|
495 |
-but we need to get our network simulation tests (as built in torflow) |
|
520 |
+buildbot to automate our regular integration and compile testing already |
|
521 |
+(though we need somebody to set it up on Windows), |
|
522 |
+but we need to get our network simulation tests (as built in TorFlow: see |
|
523 |
+the "Tor Node Scanner improvements" item) |
|
496 | 524 |
updated for more recent versions of Tor, and designed to launch a test |
497 | 525 |
network either on a single machine, or across several, so we can test |
498 |
-changes in performance on machines in different roles automatically.<br /> |
|
526 |
+changes in performance on machines in different roles automatically. |
|
499 | 527 |
</li> |
500 | 528 |
|
501 | 529 |
<li> |
502 |
-<b>Help revive the Java community around Tor</b> |
|
530 |
+<b>Help revive an independent Tor client implementation</b> |
|
503 | 531 |
<br /> |
504 | 532 |
Priority: <i>Medium</i> |
505 | 533 |
<br /> |
... | ... |
@@ -507,7 +535,7 @@ Effort Level: <i>High</i> |
507 | 535 |
<br /> |
508 | 536 |
Skill Level: <i>Medium to High</i> |
509 | 537 |
<br /> |
510 |
-Likely Mentors: <i>Karsten</i> |
|
538 |
+Likely Mentors: <i>Karsten, Nick</i> |
|
511 | 539 |
<br /> |
512 | 540 |
Reanimate one of the approaches to implement a Tor client in Java, |
513 | 541 |
e.g. the <a href="http://onioncoffee.sourceforge.net/">OnionCoffee |
... | ... |
@@ -517,8 +545,9 @@ would be to port the existing code and execute it in an Android |
517 | 545 |
environment. Next, the code should be updated to support the newer Tor |
518 | 546 |
protocol versions like the <a href="<svnsandbox>doc/spec/dir-spec.txt">v3 |
519 | 547 |
directory protocol</a>. Further, support for requesting or even |
520 |
-providing Tor hidden services would be neat, but not required. The |
|
521 |
-student should be able to understand and write new Java code, including |
|
548 |
+providing Tor hidden services would be neat, but not required. |
|
549 |
+<br /> |
|
550 |
+The student should be able to understand and write new Java code, including |
|
522 | 551 |
a Java cryptography API. Being able to read C code would be helpful, |
523 | 552 |
too. The student should be willing to read the existing documentation, |
524 | 553 |
implement code based on it, and refine the documentation |
... | ... |
@@ -527,7 +556,7 @@ to a small degree about design. |
527 | 556 |
</li> |
528 | 557 |
|
529 | 558 |
<li> |
530 |
-<b>Become the PuppeTor Master</b> |
|
559 |
+<b>Automatic system tests and automatically starting private Tor networks</b> |
|
531 | 560 |
<br /> |
532 | 561 |
Priority: <i>Medium</i> |
533 | 562 |
<br /> |
... | ... |
@@ -535,7 +564,7 @@ Effort Level: <i>Medium</i> |
535 | 564 |
<br /> |
536 | 565 |
Skill Level: <i>Medium</i> |
537 | 566 |
<br /> |
538 |
-Likely Mentors: <i>Karsten, Roger</i> |
|
567 |
+Likely Mentors: <i>Karsten, Nick, Roger</i> |
|
539 | 568 |
<br /> |
540 | 569 |
Write a tool that runs automatic system tests in addition |
541 | 570 |
to the existing unit tests. The Java-based Tor simulator <a |
... | ... |
@@ -546,9 +575,11 @@ project requires to conceive a blueprint for performing system tests |
546 | 575 |
of private Tor networks, before starting to code. Typical types of |
547 | 576 |
tests range from performing single requests over the private network to |
548 | 577 |
manipulating exchanged messages and see if nodes handle corrupt messages |
549 |
-appropriately. The student should be able to obtain a good understanding |
|
578 |
+appropriately. |
|
579 |
+<br /> |
|
580 |
+The student should be able to obtain a good understanding |
|
550 | 581 |
of how Tor works and what problems and bugs could arise to design good |
551 |
-test cases. Understanding the existing Tor code and documentation is |
|
582 |
+test cases. Understanding the existing Tor code structure and documentation is |
|
552 | 583 |
vital. If PuppeTor is used, the student should also be able to understand |
553 | 584 |
and possibly extend an existing Java application. This project is partly |
554 | 585 |
about design and partly about coding. |
... | ... |
@@ -571,13 +602,14 @@ to monitor a local Tor relay via its control port and include useful |
571 | 602 |
system information of the underlying machine. When running this tool, it |
572 | 603 |
would dynamically update its content like top does for Linux processes. |
573 | 604 |
<a href="http://archives.seul.org/or/dev/Jan-2008/msg00005.html">This |
574 |
-or-dev post</a> might be a good first read. The student should be familiar |
|
605 |
+or-dev post</a> might be a good first read. |
|
606 |
+<br /> |
|
607 |
+The student should be familiar |
|
575 | 608 |
with or willing to learn about administering a Tor relay and configuring |
576 | 609 |
it via its control port. As an initial prototype is written in Python, |
577 | 610 |
some knowledge about writing Python code would be helpful, too. This |
578 |
-project is for the one part about identifying requirements to such a |
|
579 |
-tool and designing its interface; but on the other part, the project |
|
580 |
-also requires a lot of coding. |
|
611 |
+project is one part about identifying requirements to such a |
|
612 |
+tool and designing its interface, and one part lots of coding. |
|
581 | 613 |
</li> |
582 | 614 |
|
583 | 615 |
<li> |
... | ... |
@@ -589,10 +621,13 @@ Effort Level: <i>High</i> |
589 | 621 |
<br /> |
590 | 622 |
Skill Level: <i>High</i> |
591 | 623 |
<br /> |
592 |
-Likely Mentors: <i>Mike Perry</i> |
|
624 |
+Likely Mentors: <i>Mike</i> |
|
593 | 625 |
<br /> |
594 | 626 |
The Tor exit node scanner 'SoaT', part of the <a |
595 |
-href="https://www.torproject.org/svn/torflow/">Torflow project</a>, is |
|
627 |
+href="<svnsandbox>torflow/">Torflow project</a>, makes connections out |
|
628 |
+of each Tor exit node and compares the content it gets back with what it |
|
629 |
+"should" get back. The goal is to notice misconfigured, broken, and even |
|
630 |
+malicious exit relays. Alas, the code is |
|
596 | 631 |
currently written in rather rickety perl and relies on MD5sums of |
597 | 632 |
entire documents in order to determine if exit nodes are modifying |
598 | 633 |
content. The problem with this is threefold: 1) Perl sucks at life. |
... | ... |
@@ -602,8 +637,8 @@ Pages change after a while (or based on GeoIP) and begin generating |
602 | 637 |
false positives. |
603 | 638 |
<br /> |
604 | 639 |
Ideally, soat.pl would be reimplemented in a sane language with a |
605 |
-robust html parser library (since the rest of Torflow is in Python, |
|
606 |
-that would be nice, but not required), and calculate signatures only for |
|
640 |
+robust html parser library (since the rest of Torflow is in Python |
|
641 |
+that would be nice, but it is not required), and calculate signatures only for |
|
607 | 642 |
tags and content likely to be targeted by a malicious attacker (script |
608 | 643 |
tags, object links, images, css). It should also be robust in the face of |
609 | 644 |
changes to content outside of Tor, and ultimately even GeoIP localized |
... | ... |
@@ -617,18 +653,18 @@ setting. |
617 | 653 |
<li> |
618 | 654 |
<b>Tor Node Scanner improvements</b> |
619 | 655 |
<br /> |
620 |
-Priority: <i>Medium</i> |
|
656 |
+Priority: <i>High</i> |
|
621 | 657 |
<br /> |
622 | 658 |
Effort Level: <i>Medium to High</i> |
623 | 659 |
<br /> |
624 | 660 |
Skill Level: <i>Medium to High</i> |
625 | 661 |
<br /> |
626 |
-Likely Mentors: <i>Mike Perry</i> |
|
662 |
+Likely Mentors: <i>Mike</i> |
|
627 | 663 |
<br /> |
628 | 664 |
Similar to the exit scanner (or perhaps even during exit scanning), |
629 | 665 |
statistics can be gathered about the reliability of nodes. Nodes that |
630 |
-fail a certain percentage of their circuits should not be used for |
|
631 |
-Guard status, and perhaps should have their reported bandwidth |
|
666 |
+fail too high a percentage of their circuits should not be given |
|
667 |
+Guard status. Perhaps they should have their reported bandwidth |
|
632 | 668 |
penalized by some ratio as well, or just get marked as Invalid. In |
633 | 669 |
addition, nodes that exhibit a very low average stream capacity but |
634 | 670 |
advertise a very high node bandwidth can also be marked as Invalid. |
... | ... |
@@ -641,13 +677,43 @@ In addition, these same statistics can be gathered about the traffic |
641 | 677 |
through a node. Events can be added to the <a |
642 | 678 |
href="https://www.torproject.org/svn/torctl/doc/howto.txt">Tor Control |
643 | 679 |
Protocol</a> to |
644 |
-report if a circuit extend through the node succeeds or fails, and |
|
680 |
+report if a circuit extend attempt through the node succeeds or fails, and |
|
645 | 681 |
passive statistics can be gathered on both bandwidth and reliability |
646 | 682 |
of other nodes via a node-based monitor using these events. Such a |
647 | 683 |
scanner would also report information on oddly-behaving nodes to |
648 | 684 |
the Directory Authorities, but a communication channel for this |
649 | 685 |
currently does not exist and would need to be developed as well. |
650 | 686 |
</li> |
687 |
+ |
|
688 |
+<li> |
|
689 |
+<b>Help track the overall Tor Network status</b> |
|
690 |
+<br /> |
|
691 |
+Priority: <i>High</i> |
|
692 |
+<br /> |
|
693 |
+Effort Level: <i>Medium</i> |
|
694 |
+<br /> |
|
695 |
+Skill Level: <i>Medium</i> |
|
696 |
+<br /> |
|
697 |
+Likely Mentors: <i>Roger, Nick, Mike</i> |
|
698 |
+<br /> |
|
699 |
+It would be great to set up an automated system for tracking network |
|
700 |
+health over time, graphing it, etc. Part of this project would involve |
|
701 |
+inventing better metrics for assessing network health and growth. Is the |
|
702 |
+average uptime of the network increasing? How many relays are qualifying |
|
703 |
+for Guard status this month compared to last month? What's the turnover |
|
704 |
+in terms of new relays showing up and relays shutting off? Periodically |
|
705 |
+people collect brief snapshots, but where it gets really interesting is |
|
706 |
+when we start tracking data points over time. |
|
707 |
+<br /> |
|
708 |
+Data could be collected from the "Tor Node Scanner" item above, from |
|
709 |
+the server descriptors that each relay publishes, and from other |
|
710 |
+sources. Results over time could be integrated into one of the <a |
|
711 |
+href="https://torstatus.blutmagie.de/">Tor Status</a> web pages, or be |
|
712 |
+kept separate. Speaking of the Tor Status pages, take a look at Roger's |
|
713 |
+<a href="http://archives.seul.org/or/talk/Jan-2008/msg00300.html">Tor |
|
714 |
+Status wish list</a>. |
|
715 |
+</li> |
|
716 |
+ |
|
651 | 717 |
<li> |
652 | 718 |
<b>Tor path selection improvements</b> |
653 | 719 |
<br /> |
... | ... |
@@ -664,8 +730,9 @@ improve Tor speed. For instance, some of the (unofficial) <a |
664 | 730 |
href="http://wiki.noreply.org/noreply/TheOnionRouter/FireFoxTorPerf">Tor |
665 | 731 |
Performance Recommendations</a> on the wiki are to increase the number of |
666 | 732 |
guards and decrease the CircuitBuildTimeout. Ideally, the client would |
667 |
-learn these values by gathering statistics on circuit construction |
|
668 |
-time (and/or using values gained from Torflow), and set the timeouts |
|
733 |
+<a href="http://archives.seul.org/or/talk/Feb-2008/msg00012.html">learn |
|
734 |
+these values by gathering statistics on circuit construction |
|
735 |
+time</a> (and/or using values gained from Torflow), and set the timeouts |
|
669 | 736 |
low enough such that some high percentile (75%, 90%, 1-stddev?) of |
670 | 737 |
circuits succeed, yet extremely slow nodes are avoided. This would |
671 | 738 |
involve some statistics gathering+basic research, and some changes to |
... | ... |
@@ -675,11 +742,14 @@ In addition, to improve path security, some elements from the <a |
675 | 742 |
href="http://www.torproject.org/svn/trunk/doc/spec/proposals/115-two-hop-paths.txt">Two |
676 | 743 |
Hop Paths proposal</a> could be done as part of this (since it will |
677 | 744 |
likely touch the same code anyways), regardless of the adoption of |
678 |
-that proposal. In particular, clients probably should avoid guards that seem to |
|
679 |
-fail an excessive percentage of their circuits through them, and non-bridged |
|
680 |
-clients should issue a warn if they are only able to connect to a limited set |
|
681 |
-of guard nodes. |
|
745 |
+that proposal. In particular, clients probably should avoid guards that |
|
746 |
+seem to fail an excessive percentage of their circuits through them, |
|
747 |
+and non-firewalled clients should issue a warning if they are only able |
|
748 |
+to connect to a limited set of guard nodes. See also |
|
749 |
+<a href="http://archives.seul.org/or/dev/Feb-2008/msg00003.html">this |
|
750 |
+or-dev post</a>. |
|
682 | 751 |
</li> |
752 |
+ |
|
683 | 753 |
<li> |
684 | 754 |
<b>Torbutton improvements</b> |
685 | 755 |
<br /> |
... | ... |
@@ -689,9 +759,8 @@ Effort Level: <i>High</i> |
689 | 759 |
<br /> |
690 | 760 |
Skill Level: <i>High</i> |
691 | 761 |
<br /> |
692 |
-Likely Mentors: <i>Mike Perry</i> |
|
762 |
+Likely Mentors: <i>Mike</i> |
|
693 | 763 |
<br/> |
694 |
- |
|
695 | 764 |
Torbutton has a number of improvements that can be made in the post-1.2 |
696 | 765 |
timeframe. Most of these are documented as feature requests in the <a |
697 | 766 |
href="https://bugs.torproject.org/flyspray/index.php?tasks=all&project=5">Torbutton |
... | ... |
@@ -708,33 +775,24 @@ else you might think of. |
708 | 775 |
This work would be independent coding in Javascript and the fun world of <a |
709 | 776 |
href="http://www.mozilla.org/keymaster/gatekeeper/there.is.only.xul">XUL</a>, |
710 | 777 |
with not too much involvement in the Tor internals. |
711 |
- |
|
712 |
-</li> |
|
713 |
-<li> |
|
714 |
-<b>Help track the overall Tor Network status</b> |
|
715 |
-Torstatus. Set up an automated system for tracking network health |
|
716 |
-over time, graphing it, etc. Better metrics for assessing network |
|
717 |
-health and growth. Make it short and simple. Unbloated and easy to audit. |
|
718 | 778 |
</li> |
719 | 779 |
|
720 |
-<li>vidalia and upnp</li> |
|
721 |
-<li>nymble</li> |
|
722 |
- |
|
723 | 780 |
<li> |
724 | 781 |
<b>Porting Polipo to Windows</b> |
725 | 782 |
<br /> |
726 |
-Priority: <i>High</i> |
|
783 |
+Priority: <i>Medium</i> |
|
727 | 784 |
<br /> |
728 |
-Effort Level: <i>High</i> |
|
785 |
+Effort Level: <i>Medium</i> |
|
729 | 786 |
<br /> |
730 | 787 |
Skill Level: <i>Medium to High</i> |
731 | 788 |
<br /> |
732 |
-Likely Mentors: <i>Steven, Roger</i> |
|
789 |
+Likely Mentors: <i>Andrew, Steven, Roger</i> |
|
733 | 790 |
<br /> |
734 | 791 |
Help port <a |
735 | 792 |
href="http://www.pps.jussieu.fr/~jch/software/polipo/">Polipo</a> to |
736 |
-Windows. 1) handle spaces in path names and understand the filesystem |
|
737 |
-namespace — namespace meaning where application data, personal data, |
|
793 |
+Windows. Example topics to tackle include: |
|
794 |
+1) handle spaces in path names and understand the filesystem |
|
795 |
+namespace — that is, where application data, personal data, |
|
738 | 796 |
and program data typically reside in various versions of Windows. 2) the |
739 | 797 |
ability to handle ipv6 communications. 3) the ability to asynchronously |
740 | 798 |
query name servers, find the system nameservers, and manage netbios |
... | ... |
@@ -749,7 +807,7 @@ menu options. Double bonus if it's cross-platform compatible. |
749 | 807 |
<li> |
750 | 808 |
<b>Make our diagrams beautiful and automated</b> |
751 | 809 |
<br /> |
752 |
-Priority: <i>High</i> |
|
810 |
+Priority: <i>Medium</i> |
|
753 | 811 |
<br /> |
754 | 812 |
Effort Level: <i>Low</i> |
755 | 813 |
<br /> |
... | ... |
@@ -757,10 +815,13 @@ Skill Level: <i>Low</i> |
757 | 815 |
<br /> |
758 | 816 |
Likely Mentors: <i>Andrew</i> |
759 | 817 |
<br /> |
760 |
-a way to generate the website diagrams from source, so we can translate |
|
761 |
-them as utf-8 text rather than with gimp. (svg? or imagemagick?) |
|
762 |
-integrate this with a wml file so translations are easy and images are |
|
763 |
-generated in multiple languages at web publish |
|
818 |
+We need a way to generate the website diagrams (for example, the "How |
|
819 |
+Tor Works" pictures on the <a href="<page overview>">overview page</a> |
|
820 |
+from source, so we can translate them as UTF-8 text rather than edit |
|
821 |
+them by hand with Gimp. We might want to |
|
822 |
+integrate this as an wml file so translations are easy and images are |
|
823 |
+generated in multiple languages whenever we build the website. See the |
|
824 |
+"Translation Wiki" idea above. |
|
764 | 825 |
</li> |
765 | 826 |
|
766 | 827 |
<li> |
... | ... |
@@ -776,19 +837,17 @@ Likely Mentors: <i>Anonym, Jacob, Roger</i> |
776 | 837 |
<br /> |
777 | 838 |
How can we make the <a |
778 | 839 |
href="http://anonymityanywhere.com/incognito/">Incognito LiveCD</a> |
779 |
-easier to maintain, improve, and document?</li> |
|
780 |
-<li>We need a distributed testing framework. We have unit tests, |
|
781 |
-but it would be great to have a script that starts up a Tor network, uses |
|
782 |
-it for a while, and verifies that at least parts of it are working.</li> |
|
840 |
+easier to maintain, improve, and document? |
|
841 |
+</li> |
|
783 | 842 |
|
784 | 843 |
<li> |
785 | 844 |
<b>Bring up new ideas!</b> |
786 | 845 |
<br /> |
787 | 846 |
Don't like any of these? Look at the <a |
788 | 847 |
href="<svnsandbox>doc/design-paper/roadmap-future.pdf">Tor development |
789 |
-roadmap</a> for more ideas.<br /><br /> |
|
790 |
-Don't see your idea here? We probably need it anyway! Contact |
|
791 |
-us and find out.</li> |
|
848 |
+roadmap</a> for more ideas. |
|
849 |
+</li> |
|
850 |
+ |
|
792 | 851 |
</ol> |
793 | 852 |
|
794 | 853 |
<h2><a class="anchor" href="#Coding">Coding and Design</a></h2> |
795 | 854 |