Roger Dingledine commited on 2006-01-28 05:10:02
Zeige 1 geänderte Dateien mit 11 Einfügungen und 33 Löschungen.
... | ... |
@@ -6,14 +6,10 @@ |
6 | 6 |
<div class="main-column"> |
7 | 7 |
|
8 | 8 |
<!-- PUT CONTENT AFTER THIS TAG --> |
9 |
-<h2>Six things everyone can do now:</h2> |
|
9 |
+<h2>Four things everyone can do now:</h2> |
|
10 | 10 |
<ol> |
11 |
-<li> We need users like you to try Tor out, and let the Tor developers |
|
12 |
-know about bugs you find or features you don't find.</li> |
|
13 | 11 |
<li> Please consider <a href="<cvssandbox>tor/doc/tor-doc-server.html">running |
14 | 12 |
a server</a> to help the Tor network grow.</li> |
15 |
-<li> Run a <a href="<cvssandbox>tor/doc/tor-hidden-service.html">Tor hidden |
|
16 |
-service</a> and put interesting content on it.</li> |
|
17 | 13 |
<li> Take a look at the <a href="<page gui/index>">Tor GUI Competition</a>, and |
18 | 14 |
come up with ideas or designs to contribute to making Tor's interface |
19 | 15 |
and usability better. Free T-shirt for each submission!</li> |
... | ... |
@@ -29,14 +25,16 @@ services. Get them to tell their friends.</li> |
29 | 25 |
<a id="Installers"></a> |
30 | 26 |
<h2><a class="anchor" href="#Installers">Installers</a></h2> |
31 | 27 |
<ol> |
32 |
-<li>Extend our NSIS-based Windows installer to include Privoxy. Include |
|
33 |
-a preconfigured config file to work well with Tor. We might also want |
|
34 |
-to include FreeCap -- is it stable enough and useful enough to be |
|
35 |
-worthwhile?</li> |
|
28 |
+<li>Matt Edman has written a <a |
|
29 |
+href="http://freehaven.net/~edmanm/torcp/download.html">NSIS-based |
|
30 |
+Windows installer bundle that |
|
31 |
+includes Privoxy and TorCP</a>. Can you help make it more stable and |
|
32 |
+featureful? |
|
33 |
+</li> |
|
36 | 34 |
<li>Develop a way to handle OS X uninstallation |
37 | 35 |
that is more automated than telling people to |
38 | 36 |
<a href="<cvssandbox>tor/doc/tor-doc-osx.html#uninstall">manually remove |
39 |
-each file</a>.</li> |
|
37 |
+each file</a>. It needs to have a way to click it into action.</li> |
|
40 | 38 |
<li>Our <a href="<cvssandbox>tor/tor.spec.in">RPM spec file</a> |
41 | 39 |
needs a maintainer, so we can get back to the business of writing Tor. If |
42 | 40 |
you have RPM fu, please help out.</li> |
... | ... |
@@ -98,7 +96,7 @@ confusions about the documentation so we can clean it up.</li> |
98 | 96 |
<li>Help translate the web page and documentation into other |
99 | 97 |
languages. See the <a href="<page translation>">translation |
100 | 98 |
guidelines</a> if you want to help out. We also need people to help |
101 |
-maintain the existing (Italian and German) translations.</li> |
|
99 |
+maintain the existing Italian, French, and Swedish translations.</li> |
|
102 | 100 |
<li>Investigate privoxy vs. freecap vs. sockscap for win32 clients. Are |
103 | 101 |
there usability or stability issues that we can track down and |
104 | 102 |
resolve, or at least inform people about?</li> |
... | ... |
@@ -109,8 +107,8 @@ Controller</a>?</li> |
109 | 107 |
href="http://wiki.noreply.org/wiki/TheOnionRouter/TorifyHOWTO">document |
110 | 108 |
a list of programs</a> that can be routed through Tor.</li> |
111 | 109 |
<li>We need better documentation for dynamically intercepting |
112 |
-connections and sending them through Tor. tsocks (Linux) and freecap |
|
113 |
-(Windows) seem to be good candidates.</li> |
|
110 |
+connections and sending them through Tor. tsocks (Linux), dsocks (BSD), |
|
111 |
+and freecap (Windows) seem to be good candidates.</li> |
|
114 | 112 |
<li>We have a huge list of <a href="<page support>">potentially useful |
115 | 113 |
programs that interface to Tor</a>. Which ones are useful in which |
116 | 114 |
situations? Please help us test them out and document your results.</li> |
... | ... |
@@ -126,14 +124,6 @@ other scrubbing web proxies that are more secure?</li> |
126 | 124 |
<li>tsocks appears to be unmaintained: we have submitted several patches |
127 | 125 |
with no response. Can somebody volunteer to start maintaining a new |
128 | 126 |
tsocks branch? We'll help.</li> |
129 |
-<li>Some popular clients that people use with Tor |
|
130 |
-include <a href="http://gaim.sourceforge.net/">Gaim</a> |
|
131 |
-and <a href="http://www.xchat.org/">xchat</a>. These |
|
132 |
-programs support socks, but they don't support <a |
|
133 |
-href="http://wiki.noreply.org/noreply/TheOnionRouter/TorFAQ#SOCKSAndDNS">socks4a |
|
134 |
-or socks5-with-remote-dns</a>. Please write a patch for them and submit |
|
135 |
-it to the appropriate people. Let us know if you've written the patch |
|
136 |
-but you're having trouble getting it accepted.</li> |
|
137 | 127 |
<li>Right now the hidden service descriptors are being stored on just a few |
138 | 128 |
directory servers. This is bad for privacy and bad for robustness. To get |
139 | 129 |
more robustness, we're going to need to make hidden service descriptors |
... | ... |
@@ -177,8 +167,6 @@ look at the MaxUserPort entry, and look at the TcpTimedWaitDelay |
177 | 167 |
entry. We may also want to provide a way to set them as needed. See <a |
178 | 168 |
href="http://bugs.noreply.org/flyspray/index.php?do=details&id=98">bug |
179 | 169 |
98</a>.)</li> |
180 |
-<li>Encrypt identity keys on disk, and implement passphrase protection |
|
181 |
-for them. Right now they're just stored in plaintext.</li> |
|
182 | 170 |
<li>Patches to Tor's autoconf scripts. First, we'd like our configure.in |
183 | 171 |
to handle cross-compilation, e.g. so we can build Tor for obscure |
184 | 172 |
platforms like the Linksys WRTG54. Second, we'd like the with-ssl-dir |
... | ... |
@@ -229,16 +217,6 @@ much traffic of what sort of distribution is needed before the adversary |
229 | 217 |
is confident he has won? Are there scenarios (e.g. not transmitting much) |
230 | 218 |
that slow down the attack? Do some traffic padding or traffic shaping |
231 | 219 |
schemes work better than others?</li> |
232 |
-<li>The "run two servers and wait attack": Tor clients pick a new path |
|
233 |
-periodically. If the adversary runs an entry and an exit, eventually some |
|
234 |
-Alice will build a circuit that begins and ends with his nodes. The |
|
235 |
-current Tor threat model assumes the end-to-end traffic confirmation attack |
|
236 |
-is trivial, and instead aims to limit the chance that the adversary will |
|
237 |
-be able to see both sides of a circuit. One way to help this is |
|
238 |
-<a href="http://freehaven.net/anonbib/#wright03">helper |
|
239 |
-nodes</a> -- Alice picks a small set of entry nodes and uses them always. |
|
240 |
-But in reality, Tor nodes disappear sometimes. So it would seem that the |
|
241 |
-attack continues, albeit slower than before. How much slower?</li> |
|
242 | 220 |
<li>The "routing zones attack": most of the literature thinks of |
243 | 221 |
the network path between Alice and her entry node (and between the |
244 | 222 |
exit node and Bob) as a single link on some graph. In practice, |
245 | 223 |