format the paragraphs correctly, remove dead projects.
Andrew Lewman

Andrew Lewman commited on 2010-11-09 04:46:00
Zeige 1 geänderte Dateien mit 92 Einfügungen und 374 Löschungen.

... ...
@@ -51,10 +51,10 @@
51 51
     <ol>
52 52
     <li>Create a <a href="https://trac.torproject.org/projects/tor/wiki/CommunityLogos">community logo</a> under a Creative Commons license that all can use and modify</li>
53 53
     <li>Create a presentation that can be used for various user group meetings around the world</li>
54
-    <li>Create a video about the positive uses of Tor, what Tor is, or how
55
-    to use it.  Some have already
56
-    started on <a href="http://media.torproject.org/video/">Tor's Media
57
-    server</a>, <a
54
+    <li>Create a video about the positive uses of Tor, what Tor is,
55
+    or how to use it.  Some have already started on <a
56
+    href="http://media.torproject.org/video/">Tor's Media server</a>,
57
+    <a
58 58
     href="http://www.howcast.com/videos/90601-How-To-Circumvent-an-Internet-Proxy">Howcast</a>,
59 59
     and <a href="http://www.youtube.com/thetorproject">Youtube</a>.</li> 
60 60
     <li>Create a poster, or a set of posters, around a theme,
... ...
@@ -82,7 +82,7 @@
82 82
     <ol>
83 83
     
84 84
     <li>
85
-    <b>Tor Browser Bundle for Mac OS X</b>
85
+    <b>Audit Tor Browser Bundles for data leaks</b>
86 86
     <br>
87 87
     Priority: <i>High</i>
88 88
     <br>
... ...
@@ -91,36 +91,20 @@
91 91
     Skill Level: <i>Medium</i>
92 92
     <br>
93 93
     Likely Mentors: <i>Steven, Erinn, Jacob, Andrew</i>
94
-    <br>
95
-    The Tor Browser Bundle incorporates Tor, Firefox, Polipo, and the Vidalia
94
+    <p>The Tor Browser Bundle incorporates Tor, Firefox, Polipo, and the Vidalia
96 95
     user interface (and optionally the <a href="http://pidgin.im/">Pidgin</a>
97 96
     Instant Messaging client). Components are pre-configured to operate in a
98 97
     secure way, and it has very few dependencies on the installed operating
99 98
     system. It has therefore become one of the most easy to use, and popular,
100
-    ways to use Tor on Windows.
101
-    <br>
102
-    However, there is currently no released package for Mac OS X, so this project
103
-    would be to implement Tor Browser Bundle for OS X. This will involve
104
-    modifications to Vidalia (C++), possibly Firefox (C) then creating and testing
105
-    the launcher on a range of operating system versions and configurations to
106
-    verify portability.  Some work on this was completed as part of the Google
107
-    Summer of Code 2009. Another part of this project is to identify all of the
108
-    traces left behind by using a Tor Browser Bundle on Mac OS X or Linux.
109
-    Developing ways to stop, counter, or remove these traces is a final step.
110
-    <br>
111
-    Students should be familiar with application development on one or
112
-    preferably both of Linux and Mac OS X, and be comfortable with C/C++
113
-    and shell scripting.
114
-    <br>
115
-    Part of this project could be usability testing of Tor Browser Bundle,
116
-    ideally amongst our target demographic.  That would help a lot in knowing
117
-    what needs to be done in terms of bug fixes or new features. We get this
118
-    informally at the moment, but a more structured process would be better.
119
-    <br>
120
-    A beta version of the Tor Browser Bundle has been released for GNU/Linux, but
121
-    work is still required for the Tor IM Browser bundle. Work is currently being
122
-    done on the Mac OS X version as well. If you would like to help extend or do
123
-    security auditing for either (or both) of these, please contact Erinn.
99
+    ways to use Tor on Windows.</p>
100
+    <p>This project is to identify all of the traces left behind by
101
+    using a Tor Browser Bundle on Windows, Mac OS X, or Linux.  Developing
102
+    ways to stop, counter, or remove these traces is a final step.</p>
103
+    <p>Students should be familiar with operating system analysis,
104
+    application development on one or preferably Windows, Linux,
105
+    and Mac OS X, and be comfortable with C/C++ and shell scripting.</p>
106
+    <p>If you would like to help extend or do security auditing for
107
+    TBB, please contact Erinn.</p>
124 108
     </li>
125 109
     
126 110
     <li>
... ...
@@ -133,69 +117,22 @@
133 117
     Skill Level: <i>Medium</i>
134 118
     <br>
135 119
     Likely Mentors: <i>Karsten, Roger</i>
136
-    <br>
137
-    It would be great to set up an automated system for tracking network
120
+    <p>It would be great to set up an automated system for tracking network
138 121
     health over time, graphing it, etc. Part of this project would involve
139 122
     inventing better metrics for assessing network health and growth. Is the
140 123
     average uptime of the network increasing? How many relays are qualifying
141 124
     for Guard status this month compared to last month? What's the turnover
142 125
     in terms of new relays showing up and relays shutting off? Periodically
143 126
     people collect brief snapshots, but where it gets really interesting is
144
-    when we start tracking data points over time.
145
-    <br>
146
-    Data could be collected from the Tor Network Scanners in <a
127
+    when we start tracking data points over time.</p>
128
+    <p>Data could be collected from the Tor Network Scanners in <a
147 129
     href="https://svn.torproject.org/svn/torflow/trunk/README">TorFlow</a>, from
148 130
     the server descriptors that each relay publishes, and from other
149 131
     sources. Results over time could be integrated into one of the <a
150 132
     href="https://torstatus.blutmagie.de/">Tor Status</a> web pages, or be
151 133
     kept separate. Speaking of the Tor Status pages, take a look at Roger's
152 134
     <a href="http://archives.seul.org/or/talk/Jan-2008/msg00300.html">Tor
153
-    Status wish list</a>.
154
-    </li>
155
-    
156
-    <li>
157
-    <b>Rewrite TorDNSEL, this time with a spec!</b>
158
-    <br>
159
-    Priority: <i>High</i>
160
-    <br>
161
-    Effort Level: <i>Medium</i>
162
-    <br>
163
-    Skill Level: <i>Medium</i>
164
-    <br>
165
-    Likely Mentors: <i>Mike, Roger, Sebastian, Damian</i>
166
-    <br>
167
-    The <a href="<page projects/tordnsel>">Tor DNS Exit List</a> is an
168
-    unmaintained Haskell
169
-    program that serves three purposes. First, it provides an rbl-style DNS
170
-    interface for people to look up whether a given IP address is (or has
171
-    recently been) a Tor exit relay. Second, it actively builds circuits over
172
-    the Tor network and connects back to itself, to learn the actual exit
173
-    IP address of each relay &mdash; some Tor relays exit from a different
174
-    address than they advertise in their descriptor. Third, it exports a <a
175
-    href="http://exitlist.torproject.org/exitAddresses">set of conclusions</a>
176
-    so that <a href="https://check.torproject.org/">check.torproject.org</a>
177
-    can guess for you whether your browser is configured to point to Tor.
178
-    <br>
179
-    This project would make use of <a
180
-    href="https://svn.torproject.org/svn/torflow/trunk/README">TorFlow</a>,
181
-    a set of Python scripts to interact with Tor,
182
-    to figure out how our Tor Exit Checker should actually work, and then
183
-    build it &mdash; probably in Python since Torflow is in Python. The main
184
-    goal is to reduce false positives as much as possible, by making sure
185
-    that it learns about new relays as soon as possible, making sure that
186
-    the testing phase concludes quickly, and making sure the answers get
187
-    passed to the Check script quickly. As a bonus, we should standardize
188
-    (specify) the format of the exitAddresses file, and rewrite the <a
189
-    href="https://svn.torproject.org/svn/check/trunk/cgi-bin/TorBulkExitList.py">Tor
190
-    Bulk Exit List</a> script to use that file rather than its current <a
191
-    href="https://bugs.torproject.org/flyspray/index.php?do=details&id=1019">horrible
192
-    DNS hacks</a>. As an extra bonus, we should work with Freenode, OFTC,
193
-    and/or other IRC networks to make sure that the scripts we offer are
194
-    actually the scripts they want, in terms of accurately identifying which
195
-    of their users are coming from the Tor network.
196
-    <br>
197
-    You can fetch the <a href="git://git.torproject.org/git/tordnsel">latest
198
-    tordnsel</a> via git.
135
+    Status wish list</a>.</p>
199 136
     </li>
200 137
     
201 138
     <li>
... ...
@@ -208,14 +145,12 @@
208 145
     Skill Level: <i>High</i>
209 146
     <br>
210 147
     Likely Mentors: <i>Roger, Nick, Steven</i>
211
-    <br>
212
-    The Tor 0.2.1.x series makes <a
148
+    <p>The Tor 0.2.1.x series makes <a
213 149
     href="<svnprojects>design-paper/blocking.html">significant
214 150
     improvements</a> in resisting national and organizational censorship.
215 151
     But Tor still needs better mechanisms for some parts of its
216
-    anti-censorship design.
217
-    <br>
218
-    One huge category of work is adding features to our <a
152
+    anti-censorship design.</p>
153
+    <p>One huge category of work is adding features to our <a
219 154
     href="http://gitweb.torproject.org//bridgedb.git?a=tree">bridgedb</a>
220 155
     service (Python). Tor aims to give out <a href="<page docs/bridges>">bridge
221 156
     relay addresses</a> to users that can't reach the Tor network
... ...
@@ -225,78 +160,19 @@
225 160
     blog post on the topic</a> as an overview, and then look at <a
226 161
     href="http://archives.seul.org/or/dev/Dec-2009/msg00000.html">Roger's
227 162
     or-dev post</a> from December for more recent thoughts &mdash; lots of
228
-    design work remains.
229
-    <br>
230
-    If you want to get more into the guts of Tor itself (C), a more minor problem
163
+    design work remains.</p>
164
+    <p>If you want to get more into the guts of Tor itself (C), a more minor problem
231 165
     we should address is that current Tors can only listen on a single
232 166
     address/port combination at a time. There's
233 167
     <a href="<gitblob>doc/spec/proposals/118-multiple-orports.txt">a
234 168
     proposal to address this limitation</a> and allow clients to connect
235 169
     to any given Tor on multiple addresses and ports, but it needs more
236
-    work.
237
-    <br>
238
-    This project could involve a lot of research and design. One of the big
170
+    work.</p>
171
+    <p>This project could involve a lot of research and design. One of the big
239 172
     challenges will be identifying and crafting approaches that can still
240 173
     resist an adversary even after the adversary knows the design, and
241
-    then trading off censorship resistance with usability and robustness.
242
-    </li>
243
-    
244
-    <!--<li>
245
-    <b>Tuneup Tor!</b>
246
-    <br>
247
-    Priority: <i>Medium to High</i>
248
-    <br>
249
-    Effort Level: <i>Medium to High</i>
250
-    <br>
251
-    Skill Level: <i>High</i>
252
-    <br>
253
-    Likely Mentors: <i>Nick, Roger, Mike, Karsten</i>
254
-    <br>
255
-    Right now, Tor relays measure and report their own bandwidth, and Tor
256
-    clients choose which relays to use in part based on that bandwidth.
257
-    This approach is vulnerable to
258
-    <a href="http://freehaven.net/anonbib/#bauer:wpes2007">attacks where
259
-    relays lie about their bandwidth</a>;
260
-    to address this, Tor currently caps the maximum bandwidth
261
-    it's willing to believe any relay provides.  This is a limited fix, and
262
-    a waste of bandwidth capacity to boot.  Instead,
263
-    Tor should possibly measure bandwidth in a more distributed way, perhaps
264
-    as described in the
265
-    <a href="http://freehaven.net/anonbib/author.html#snader08">"A Tune-up for
266
-    Tor"</a> paper
267
-    by Snader and Borisov. One could use current testing code to
268
-    double-check this paper's findings and verify the extent to which they
269
-    dovetail with Tor as deployed in the wild, and determine good ways to
270
-    incorporate them into their suggestions Tor network without adding too
271
-    much communications overhead between relays and directory
272
-    authorities.
273
-    </li>-->
274
-    
275
-    <li>
276
-    <b>Improving Polipo on Windows</b>
277
-    <br>
278
-    Priority: <i>Medium to High</i>
279
-    <br>
280
-    Effort Level: <i>Medium</i>
281
-    <br>
282
-    Skill Level: <i>Medium</i>
283
-    <br>
284
-    Likely Mentors: <i>Chris</i>
285
-    <br>
286
-    Help port <a
287
-    href="http://www.pps.jussieu.fr/~jch/software/polipo/">Polipo</a> to
288
-    Windows. Example topics to tackle include:
289
-    <ol><li> the ability to asynchronously query name servers, find the
290
-    system nameservers, and manage netbios and dns queries.</li>
291
-    <li> manage events and buffers natively (i.e. in Unix-like OSes,
292
-    Polipo defaults to 25% of ram, in Windows it's whatever the config
293
-    specifies).</li>
294
-    <li> some sort of GUI config and reporting tool, bonus if it has a
295
-    systray icon with right clickable menu options. Double bonus if it's
296
-    cross-platform compatible.</li>
297
-    <li> allow the software to use the Windows Registry and handle proper
298
-    Windows directory locations, such as "C:\Program Files\Polipo"</li>
299
-    </ol>
174
+    then trading off censorship resistance with usability and
175
+    robustness.</p>
300 176
     </li>
301 177
     
302 178
     <li>
... ...
@@ -309,37 +185,33 @@
309 185
     Skill Level: <i>Low to Medium</i>
310 186
     <br>
311 187
     Likely Mentors: <i>Matt</i>
312
-    <br>
313
-    There are a number of status changes inside Tor of which the user may need
188
+    <p>There are a number of status changes inside Tor of which the user may need
314 189
     to be informed. For example, if the user is trying to set up his Tor as a
315 190
     relay and Tor decides that its ports are not reachable from outside
316 191
     the user's network, we should alert the user. Currently, all the user
317 192
     gets is a couple log messages in Vidalia's 'message log' window, which they
318 193
     likely never see since they don't receive a notification that something
319 194
     has gone wrong. Even if the user does actually look at the message log,
320
-    most of the messages make little sense to the novice user.
321
-    <br>
322
-    Tor has the ability to inform Vidalia of many such status changes, and
195
+    most of the messages make little sense to the novice user.</p>
196
+    <p>Tor has the ability to inform Vidalia of many such status changes, and
323 197
     we recently implemented support for a couple of these events. Still,
324 198
     there are many more status events the user should be informed of and we
325
-    need a better UI for actually displaying them to the user.
326
-    <br>
327
-    The goal of this project then is to design and implement a UI for
199
+    need a better UI for actually displaying them to the user.</p>
200
+    <p>The goal of this project then is to design and implement a UI for
328 201
     displaying Tor status events to the user. For example, we might put a
329 202
     little badge on Vidalia's tray icon that alerts the user to new status
330 203
     events they should look at. Double-clicking the icon could bring up a
331 204
     dialog that summarizes recent status events in simple terms and maybe
332 205
     suggests a remedy for any negative events if they can be corrected by
333 206
     the user. Of course, this is just an example and one is free to
334
-    suggest another approach.
335
-    <br>
336
-    A person undertaking this project should have good UI design and layout
207
+    suggest another approach.</p>
208
+    <p>A person undertaking this project should have good UI design and layout
337 209
     and some C++ development experience. Previous experience with Qt and
338 210
     Qt's Designer will be very helpful, but are not required. Some
339 211
     English writing ability will also be useful, since this project will
340 212
     likely involve writing small amounts of help documentation that should
341 213
     be understandable by non-technical users. Bonus points for some graphic
342
-    design/Photoshop fu, since we might want/need some shiny new icons too.
214
+    design/Photoshop fu, since we might want/need some shiny new icons too.</p>
343 215
     </li>
344 216
     
345 217
     <li>
... ...
@@ -352,21 +224,19 @@
352 224
     Skill Level: <i>Medium</i>
353 225
     <br>
354 226
     Likely Mentors: <i>Nick, Erinn</i>
355
-    <br>
356
-    Tor needs to be far more tested. This is a multi-part effort. To start
227
+    <p>Tor needs to be far more tested. This is a multi-part effort. To start
357 228
     with, our unit test coverage should rise substantially, especially in
358 229
     the areas outside the utility functions. This will require significant
359 230
     refactoring of some parts of Tor, in order to dissociate as much logic
360
-    as possible from globals.
361
-    <br>
362
-    Additionally, we need to automate our performance testing. We've got
231
+    as possible from globals.</p>
232
+    <p>Additionally, we need to automate our performance testing. We've got
363 233
     buildbot to automate our regular integration and compile testing already
364 234
     (though we need somebody to set it up on Windows),
365 235
     but we need to get our network simulation tests (as built in <a
366 236
     href="https://svn.torproject.org/svn/torflow/trunk/README">TorFlow</a>)
367 237
     updated for more recent versions of Tor, and designed to launch a test
368 238
     network either on a single machine, or across several, so we can test
369
-    changes in performance on machines in different roles automatically.
239
+    changes in performance on machines in different roles automatically.</p>
370 240
     </li>
371 241
     
372 242
     <li>
... ...
@@ -379,8 +249,7 @@
379 249
     Skill Level: <i>Medium to High</i>
380 250
     <br>
381 251
     Likely Mentors: <i>Bruce, Nathan</i>
382
-    <br>
383
-    Others are currently working on Tor clients for Java, Android, and Maemo
252
+    <p>Others are currently working on Tor clients for Java, Android, and Maemo
384 253
     environments.  The first step is to get a handle on the current state of
385 254
     the project in which you are interested in helping; <a
386 255
     href="http://github.com/brl/JTor">Tor for Java</a>,
... ...
@@ -388,15 +257,15 @@
388 257
     , or <a href="<page docs/N900>">Tor for Maemo</a>. Check out the
389 258
     repository and familiarize yourself
390 259
     with the source code.  Further, support for requesting or even providing
391
-    Tor hidden services would be neat, but not required.
392
-    <br>
393
-    A prospective developer should be able to understand and write new Java
260
+    Tor hidden services would be neat, but not required.</p>
261
+    <p>A prospective developer should be able to understand and write new Java
394 262
     code, including a Java cryptography API. Being able to read C code would be helpful,
395 263
     too. One should be willing to read the existing documentation,
396 264
     implement code based on it, and refine the documentation
397 265
     when things are underdocumented. This project is mostly about coding and
398
-    to a small degree about design.
266
+    to a small degree about design.</p>
399 267
     </li>
268
+
400 269
     <li>
401 270
     <b>More on Orbot &amp; Android OS-specific development</b>
402 271
     <br/>
... ...
@@ -408,84 +277,49 @@
408 277
     Skill Level: <i>Medium to High</i>
409 278
     <br>
410 279
     Likely Mentors: <i>Nathan</i>
411
-    <br>
412
-    
413
-    <b>Android Java UI work:</b> Improved home screen to show better statistics about data transferred (up/down), number of circuits connected, quality of connection and so on. The "Tether Wifi" Android application is a good model to follow in how it shows a realtime count of bytes transferred as well as notifications when wifi client connect. In addition, better display/handling of Tor system/error messages would also be very helpful. Finally, the addition of a wizard or tutorial walkthrough for novice users to explain to them exactly what or what is not anonymized or protected would greatly improve the likelihood they will use Orbot correctly.
414
-    <br/><br/>
415
-    
416
-    <b>Android Java OS/Core app work:</b> Better system-wide indicator either via the notification bar, "Toast" pop-up dialogs or some other indicator that an application's traffic is indeed moving through Orbot/Tor. For instance, right now you need to first go to a torcheck web service to ensure your browser is routing via Tor. Orbot should be able to notify you that circuits are being opened, used, etc. The aforementioned data transfer tracker might provide this type of awareness as well.
417
-    
418
-    <br/><br/>
419
-    <b>Android Java Library/Community Outreach work:</b> We need to package a simple library for use with third-party application to easily enable them to support "Torification" on non-root devices (aka w/o transparent proxying). This library should include a wrapper for the Apache HTTPClient library, a utility class for detecting the state of Orbot connectivity, and other relevant/useful things an Android app might need to anonymize itself. This work would include the creation of the library, documentation, and sample code. Outreach or effort to implement the library within other open-source apps would follow.
420
-    
421
-    <br/><br/>
422
-    <b>Android OS/C/Linux work:</b> The port of Tor to Android is basically a straight cross-compile to Linux ARM. There has been no work done in looking the optimization of Tor within a mobile hardware environment, on the ARM processor or other Android hardware, or on mobile networks. It should be noted, that even without optimization, Tor is handling the mobile network environment very well, automatically detecting change in IP addresses, reconnecting circuits, etc across switching from 2G to 3G to Wifi, and so forth. 
280
+    <p><b>Android Java UI work:</b> Improved home screen to show better
281
+    statistics about data transferred (up/down), number of circuits
282
+    connected, quality of connection and so on. The "Tether Wifi"
283
+    Android application is a good model to follow in how it shows
284
+    a realtime count of bytes transferred as well as notifications
285
+    when wifi client connect. In addition, better display/handling
286
+    of Tor system/error messages would also be very helpful. Finally,
287
+    the addition of a wizard or tutorial walkthrough for novice
288
+    users to explain to them exactly what or what is not anonymized
289
+    or protected would greatly improve the likelihood they will use
290
+    Orbot correctly.</p>
291
+    
292
+    <p><b>Android Java OS/Core app work:</b> Better system-wide
293
+    indicator either via the notification bar, "Toast" pop-up dialogs
294
+    or some other indicator that an application's traffic is indeed
295
+    moving through Orbot/Tor. For instance, right now you need to
296
+    first go to a torcheck web service to ensure your browser is
297
+    routing via Tor. Orbot should be able to notify you that circuits
298
+    are being opened, used, etc. The aforementioned data transfer
299
+    tracker might provide this type of awareness as well.</p>
300
+    
301
+    <p><b>Android Java Library/Community Outreach work:</b> We need
302
+    to package a simple library for use with third-party application
303
+    to easily enable them to support "Torification" on non-root
304
+    devices (aka w/o transparent proxying). This library should
305
+    include a wrapper for the Apache HTTPClient library, a utility
306
+    class for detecting the state of Orbot connectivity, and other
307
+    relevant/useful things an Android app might need to anonymize
308
+    itself. This work would include the creation of the library,
309
+    documentation, and sample code. Outreach or effort to implement
310
+    the library within other open-source apps would follow.</p>
311
+    
312
+    <p><b>Android OS/C/Linux work:</b> The port of Tor to Android
313
+    is basically a straight cross-compile to Linux ARM. There has
314
+    been no work done in looking the optimization of Tor within a
315
+    mobile hardware environment, on the ARM processor or other
316
+    Android hardware, or on mobile networks. It should be noted,
317
+    that even without optimization, Tor is handling the mobile
318
+    network environment very well, automatically detecting change
319
+    in IP addresses, reconnecting circuits, etc across switching
320
+    from 2G to 3G to Wifi, and so forth.</p>
423 321
     </li>
424 322
     
425
-    <!--<li>
426
-    <b>New Torbutton Features</b>
427
-    <br>
428
-    Priority: <i>Medium</i>
429
-    <br>
430
-    Effort Level: <i>High</i>
431
-    <br>
432
-    Skill Level: <i>High</i>
433
-    <br>
434
-    Likely Mentors: <i>Mike</i>
435
-    <br/>
436
-    There are several <a
437
-    href="https://bugs.torproject.org/flyspray/index.php?tasks=all&amp;project=5&amp;type=2">good
438
-    feature requests</a> on the Torbutton Flyspray section. In particular, <a
439
-    href="https://bugs.torproject.org/flyspray/index.php?do=details&amp;id=523">Integrating
440
-    'New Identity' with Vidalia</a>,
441
-    <a href="https://bugs.torproject.org/flyspray/index.php?do=details&amp;id=940">ways of
442
-    managing multiple cookie jars/identities</a>, <a
443
-    href="https://bugs.torproject.org/flyspray/index.php?do=details&amp;id=637">preserving
444
-    specific cookies</a> when cookies are cleared,
445
-    <a
446
-    href="https://bugs.torproject.org/flyspray/index.php?do=details&amp;id=524">better
447
-    referrer spoofing</a>, <a
448
-    href="https://bugs.torproject.org/flyspray/index.php?do=details&amp;id=564">correct
449
-    Tor status reporting</a>, and <a
450
-    href="https://bugs.torproject.org/flyspray/index.php?do=details&amp;id=462">"tor://"
451
-    and "tors://" urls</a> are all interesting
452
-    features that could be added.
453
-    <br>
454
-    This work would be independent coding in Javascript and the fun world of <a
455
-    href="http://www.mozilla.org/keymaster/gatekeeper/there.is.only.xul">XUL</a>,
456
-    with not too much involvement in the Tor internals.
457
-    </li>-->
458
-    
459
-    <!-- <li>
460
-    <b>New Thandy Features</b>
461
-    <br>
462
-    Priority: <i>Medium</i>
463
-    <br>
464
-    Effort Level: <i>Medium</i>
465
-    <br>
466
-    Skill Level: <i>Medium to High</i>
467
-    <br>
468
-    Likely Mentors: <i>Martin</i>
469
-    <br>
470
-    Additional capabilities are needed for assisted updates of all the Tor
471
-    related software for Windows and other operating systems. Some of the
472
-    features to consider include:
473
-    <ol>
474
-    <li> Integration of the <a
475
-    href="http://chandlerproject.org/Projects/MeTooCrypto">MeTooCrypto
476
-    Python library</a>
477
-    for authenticated HTTPS downloads.</li>
478
-    <li> Adding a level of indirection
479
-    between the timestamp signatures and the package files included in an
480
-    update. See the "Thandy attacks / suggestions" thread on or-dev.</li>
481
-    <li> Support locale specific installation and configuration of assisted
482
-    updates based on preference, host, or user account language settings.
483
-    Familiarity with Windows codepages, unicode, and other character sets
484
-    is helpful in addition to general win32 and posix API experience and
485
-    Python proficiency.</li>
486
-    </ol>
487
-    </li> -->
488
-    
489 323
     <li>
490 324
     <b>Simulator for slow Internet connections</b>
491 325
     <br>
... ...
@@ -568,56 +402,6 @@
568 402
     push to build a Thunderbird extension similar to Torbutton.
569 403
     </li>
570 404
     
571
-    <!--<li>
572
-    <b>Intermediate Level Network Device Driver</b>
573
-    <br>
574
-    Priority: <i>Low</i>
575
-    <br>
576
-    Effort Level: <i>High</i>
577
-    <br>
578
-    Skill Level: <i>High</i>
579
-    <br>
580
-    Likely Mentors: <i>Martin</i>
581
-    <br>
582
-    The WinPCAP device driver used by Tor VM for bridged networking does
583
-    not support a number of wireless and non-Ethernet network adapters.
584
-    Implementation of a intermediate level network device driver for win32
585
-    and 64bit would provide a way to intercept and route traffic over such
586
-    networks. This project will require knowledge of and experience with
587
-    Windows kernel device driver development and testing. Familiarity with
588
-    Winsock and Qemu would also be helpful.
589
-    </li>-->
590
-    
591
-    <li>
592
-    <b>Improve Tor Weather</b>
593
-    <br>
594
-    Priority: <i>Medium</i>
595
-    <br>
596
-    Effort Level: <i>Medium</i>
597
-    <br>
598
-    Skill Level: <i>Medium</i>
599
-    <br>
600
-    Likely Mentors: <i>Christian, Roger, Damian</i>
601
-    <br>
602
-    <a href="https://weather.torproject.org/">Tor weather</a> is a tool
603
-    that allows signing up to receive notifications via email when the
604
-    tracked Tor relay is down. Currently, it isn't really useful for
605
-    people who use the hibernation feature of Tor, or for those who
606
-    have to shut down their relay regularly. During the project, Tor
607
-    weather could be extended to allow more flexible configurations.
608
-    Other enhancements are also possible: Weather could send out warnings
609
-    when your relay runs an out-of-date version of Tor, or when its
610
-    observed bandwith drops below a certain value. It might also be a
611
-    nice tool that allows for checking whether your relay has earned
612
-    you a <a href="<page getinvolved/tshirt>">T-Shirt</a>, or sending reminders to
613
-    directory authorities that
614
-    their keys are about to expire. Be creative, and consider how the
615
-    above project to track overall network status can help you get your job
616
-    done more quickly! See also its
617
-    <a href="https://svn.torproject.org/svn/weather/trunk/README">README</a>
618
-    and <a href="https://svn.torproject.org/svn/weather/trunk/TODO">TODO</a>.
619
-    </li>
620
-    
621 405
     <li>
622 406
     <b>Improvements for Tor+Vidalia interaction on Linux/Unix platforms</b>
623 407
     <br>
... ...
@@ -668,77 +452,8 @@
668 452
     experience. Previous experience with Qt is helpful, but not required.
669 453
     </li>
670 454
     
671
-    <!--<li>
672
-    <b>Tor/Polipo/Vidalia Auto-Update Framework</b>
673
-    <br>
674
-    We're in need of a good authenticated-update framework.
675
-    Vidalia already has the ability to notice when the user is running an
676
-    outdated or unrecommended version of Tor, using signed statements inside
677
-    the Tor directory information. Currently, Vidalia simply pops
678
-    up a little message box that lets the user know they should manually
679
-    upgrade. The goal of this project would be to extend Vidalia with the
680
-    ability to also fetch and install the updated Tor software for the
681
-    user. We should do the fetches via Tor when possible, but also fall back
682
-    to direct fetches in a smart way. Time permitting, we would also like
683
-    to be able to update other
684
-    applications included in the bundled installers, such as Polipo and
685
-    Vidalia itself.
686
-    <br>
687
-    To complete this project, the student will first need to first investigate
688
-    the existing auto-update frameworks (e.g., Sparkle on OS X) to evaluate
689
-    their strengths, weaknesses, security properties, and ability to be
690
-    integrated into Vidalia. If none are found to be suitable, the student
691
-    will design their own auto-update framework, document the design, and
692
-    then discuss the design with other developers to assess any security
693
-    issues. The student will then implement their framework (or integrate
694
-    an existing one) and test it.
695
-    <br>
696
-    A person undertaking this project should have good C++ development
697
-    experience. Previous experience with Qt is helpful, but not required. One
698
-    should also have a good understanding of common security
699
-    practices, such as package signature verification. Good writing ability
700
-    is also important for this project, since a vital step of the project
701
-    will be producing a design document to review and discuss
702
-    with others prior to implementation.
703
-    </li>-->
704 455
     
705 456
     <li>
706
-    <b>Improving the Tor QA process: Continuous Integration for builds</b>
707
-    <br>
708
-    Priority: <i>Medium</i>
709
-    <br>
710
-    Effort Level: <i>Medium</i>
711
-    <br>
712
-    Skill Level: <i>Medium</i>
713
-    <br>
714
-    Likely Mentors: <i>Erinn</i>
715
-    <br>
716
-    It would be useful to have automated build processes for Windows and
717
-    probably other platforms. The purpose of having a continuous integration
718
-    build environment is to ensure that Windows isn't left behind for any of
719
-    the software projects used in the Tor project or its accompanying.<br>
720
-    Buildbot may be a good choice for this as it appears to support all of
721
-    the platforms Tor does. See the
722
-    <a href="http://en.wikipedia.org/wiki/BuildBot">wikipedia entry for
723
-    buildbot</a>.<br>
724
-    There may be better options and the person undertaking this task should
725
-    evaluate other options. Any person working on this automatic build
726
-    process should have experience or be willing to learn how to build all
727
-    of the respective Tor related code bases from scratch. Furthermore, the
728
-    person should have some experience building software in Windows
729
-    environments as this is the target audience we want to ensure we do not
730
-    leave behind. It would require close work with the Tor source code but
731
-    probably only in the form of building, not authoring.<br>
732
-    Additionally, we need to automate our performance testing for all platforms.
733
-    We've got buildbot (except on Windows &mdash; as noted above) to automate
734
-    our regular integration and compile testing already,
735
-    but we need to get our network simulation tests (as built in torflow)
736
-    updated for more recent versions of Tor, and designed to launch a test
737
-    network either on a single machine, or across several, so we can test
738
-    changes in performance on machines in different roles automatically.
739
-    </li>
740
-    
741
-    <!--<li>
742 457
     <b>Usability testing of Tor</b>
743 458
     <br>
744 459
     Priority: <i>Medium</i>
... ...
@@ -753,7 +468,7 @@
753 468
     That would help a lot in knowing what needs to be done in terms of bug
754 469
     fixes or new features. We get this informally at the moment, but a more
755 470
     structured process would be better.
756
-    </li>-->
471
+    </li>
757 472
     
758 473
     <li>
759 474
     <b>An authenticating IRC proxy</b>
... ...
@@ -865,8 +580,11 @@
865 580
     details on the research side of this task &mdash; who knows, when it's
866 581
     done maybe you can help write a paper or three also.</li>
867 582
     
868
-    <li>Tor 0.1.1.x and later include support for hardware crypto accelerators
869
-    via OpenSSL. It has been lightly tested and is possibly very buggy.  We're looking for more rigorous testing, performance analysis, and optimally, code fixes to openssl and Tor if needed.</li>
583
+    <li>Tor 0.1.1.x and later include support for hardware crypto
584
+    accelerators via OpenSSL. It has been lightly tested and is
585
+    possibly very buggy.  We're looking for more rigorous testing,
586
+    performance analysis, and optimally, code fixes to openssl and
587
+    Tor if needed.</li>
870 588
     
871 589
     <li>Perform a security analysis of Tor with <a
872 590
     href="http://en.wikipedia.org/wiki/Fuzz_testing">"fuzz"</a>. Determine
873 591