Einige Dinge, die jeder tun kann

  1. Bitte überlege dir, einen Server zu betreiben, damit das Netzwerk weiter wächst.
  2. Erzähl es deinen Freunden! Bringe sie dazu, auch Server zu betreiben. Bringe sie dazu, auch versteckte Services zu betreiben. Bringe sie dazu, es wieder ihren Freunden zu erzählen.
  3. Wenn du die Ziele von Tor magst, bitte nimm dir einen Moment Zeit, um für das Projekt zu spenden. Wir sind auch auf der Suche nach weiteren Sponsoren — wenn du Firmen, NGOs oder andere Organisationen kennst, die Anonymität, Privatsphäre und die Sicherheit der Kommunikation schätzen, dann lass sie von uns wissen.
  4. Wir suchen nach weiteren guten Beispielen für Nutzer von Tor oder von Anwendungsfällen. Falls du Tor für ein bestimmtes Szenario verwendest und uns davon erzählen möchtest, freuen wir uns, darüber zu hören.

unterstützende Anwendungen

  1. Wir brauchen mehr und bessere Methoden, um DNS-Abfragen abzufangen, damit diese nicht an einen lokalen Beobachter dringen, während wir versuchen, anonym zu bleiben. (Dies passiert, weil die Anwendung selbst DNS-Anfragen stellt, anstatt diese über Tor zu leiten.).
    • Wir sollten das Programm dsocks von Dug Song patchen, so dass es das Kommando mapaddress von der Controllerschnittstelle nutzt. Somit verschwenden wir nicht einen gesamten Round-trip innerhalb von Tor, um die Auflösung vor der Verbindung zu machen.
    • Wir müssen unser torify-Skript so umgestalten, dass es erkennt, welches tsocks oder dsocks installiert ist und dieses dann richtig aufruft. Das bedeutet wahrscheinlich, dass deren Schnittstellen vereinheitlicht werden müssen und führt wahrscheinlich dazu, dass Code zwischen beiden geteilt werden muss oder dass eines komplett nicht mehr benutzt wird.
  2. Leute, die einen Server betreiben, teilen uns immer wieder mit, dass sie BandwidthRate in Abhängigkeit von der Uhrzeit setzen wollen. Anstatt das direkt in Tor zu implementieren, sollten wir lieber ein kleines Skript haben, das über die Torschnittstelle spricht und ein setconf macht, um die Änderungen herbeizuführen. Natürlich würde es durch Cron ausgeführt oder es schläft eine bestimmte Zeit und macht dann die Änderungen. Kann das jemand für uns schreiben und wir packen das dann nach contrib? Das wäre eine gute Möglichkeit für den Tor GUI Wettbewerb.
  3. Wenn wir gerade bei Geolocation sind, wäre es schön, wenn jemand eine Karte anfertigt, die die Standorte der Torserver anzeigt. Bonuspunkte gibt es, wenn es sich bei Änderungen am Netzwerk auf den neuesten Stand bringt. Der leichteste Weg, um dies zu erreichen, wäre alle Daten zu Google zu schicken und diese machen dann die Karte für uns. Wie sehr beeinflusst dies die Privatsphäre und haben wir noch andere gute Optionen?

Tor-Botschafter

  1. Baue ein Communitylogo unter einer Creative Commons Lizenz, das alle benutzen und verändern dürfen
  2. Mache eine Präsentation die weltweit für Talks und Diskusionen über Tor verwendet werden kann.
  3. Dreh ein Video über deine positiven Einsätze von Tor. Es haben schon ein paar auf Seesmic angefangen.
  4. Entwickle ein Poster oder ein Set von Postern rund um ein Thema wie z.B. "Freiheit dank Tor!"

Dokumentation

  1. Bitte hilf Matt Edman mit der Dokumentation und HOWTOs für seinen Vidalia.
  2. Kommentiere und dokumentiere unsere Liste von Programmen, die durch Tor geroutet werden können.
  3. Wir brauchen bessere Dokumentation für Programme, die dynamisch in Verbindungen eingreifen und diese durch Tor schicken. Für Linux und Windows scheinen tsocks (Linux), dsocks (BSD), und freecap gute Kandidaten.
  4. Wir haben eine riesige Liste potentiell nützlicher Programme, die eine Schnittstelle zu Tor haben. Welche sind in welchen Situationen gut? Bitte hilf uns, diese zu testen und dokumentiere die Ergebnisse.
  5. Hilf, die Webseite und die Dokumentation in andere Sprachen zu übersetzen. Schaue dir die Richtlinien zur Übersetzung an, wenn du gern helfen möchtest. Wir brauchen auch Leute, um die Seiten in Arabisch oder Farsi zu übersetzen. Einen Überblick gibt es bei der Statusseite der Übersetzungen.

Die untenstehenden Angaben wurden in der Originalsprache belassen. Da diese sich ausschließlich auf Bewerber beziehen, die ausreichende Englischkenntnisse besitzen.

Good Coding Projects

You may find some of these projects to be good Google Summer of Code 2009 ideas. We have labelled each idea with how useful it would be to the overall Tor project (priority), how much work we expect it would be (effort level), how much clue you should start with (skill level), and which of our core developers would be good mentors. If one or more of these ideas looks promising to you, please contact us to discuss your plans rather than sending blind applications. You may also want to propose your own project idea which often results in the best applications.

  1. Tor Browser Bundle for Linux/Mac OS X
    Priority: High
    Effort Level: High
    Skill Level: Medium
    Likely Mentors: Steven, Andrew
    The Tor Browser bundle incorporates Tor, Firefox, and the Vidalia user interface (and optionally Pidgin IM). Components are pre-configured to operate in a secure way, and it has very few dependencies on the installed operating system. It has therefore become one of the most easy to use, and popular, ways to use Tor on Windows.
    However, there is currently no comparable package for Linux and Mac OS X, so this project would be to implement Tor Browser Bundle for these platforms. This will involve modifications to Vidalia (C++), possibly Firefox (C) then creating and testing the launcher on a range of operating system versions and configurations to verify portability.
    Students should be familiar with application development on one or preferably both of Linux and Mac OS X, and be comfortable with C/C++ and shell scripting.
    Part of this project could be usability testing of Tor Browser Bundle, ideally amongst our target demographic. That would help a lot in knowing what needs to be done in terms of bug fixes or new features. We get this informally at the moment, but a more structured process would be better.
  2. Translation wiki for our website
    Priority: High
    Effort Level: Medium
    Skill Level: Medium
    Likely Mentors: Jacob
    The Tor Project has been working over the past year to set up web-based tools to help volunteers translate our applications into other languages. We finally hit upon Pootle, and we have a fine web-based translation engine in place for Vidalia, Torbutton, and Torcheck. However, Pootle only translates strings that are in the "po" format, and our website uses wml files. This project is about finding a way to convert our wml files into po strings and back, so they can be handled by Pootle.
  3. Help track the overall Tor Network status
    Priority: Medium to High
    Effort Level: Medium
    Skill Level: Medium
    Likely Mentors: Karsten, Roger
    It would be great to set up an automated system for tracking network health over time, graphing it, etc. Part of this project would involve inventing better metrics for assessing network health and growth. Is the average uptime of the network increasing? How many relays are qualifying for Guard status this month compared to last month? What's the turnover in terms of new relays showing up and relays shutting off? Periodically people collect brief snapshots, but where it gets really interesting is when we start tracking data points over time.
    Data could be collected from the Tor Network Scanners in TorFlow, from the server descriptors that each relay publishes, and from other sources. Results over time could be integrated into one of the Tor Status web pages, or be kept separate. Speaking of the Tor Status pages, take a look at Roger's Tor Status wish list.
  4. Improving Tor's ability to resist censorship
    Priority: Medium to High
    Effort Level: Medium
    Skill Level: High
    Likely Mentors: Nick, Roger, Steven
    The Tor 0.2.0.x series makes significant improvements in resisting national and organizational censorship. But Tor still needs better mechanisms for some parts of its anti-censorship design. For example, current Tors can only listen on a single address/port combination at a time. There's a proposal to address this limitation and allow clients to connect to any given Tor on multiple addresses and ports, but it needs more work. Another anti-censorship project (far more difficult) is to try to make Tor more scanning-resistant. Right now, an adversary can identify Tor bridges just by trying to connect to them, following the Tor protocol, and seeing if they respond. To solve this, bridges could act like webservers (HTTP or HTTPS) when contacted by port-scanning tools, and not act like bridges until the user provides a bridge-specific key.
    This project involves a lot of research and design. One of the big challenges will be identifying and crafting approaches that can still resist an adversary even after the adversary knows the design, and then trading off censorship resistance with usability and robustness.
  5. Tuneup Tor!
    Priority: Medium to High
    Effort Level: Medium to High
    Skill Level: High
    Likely Mentors: Nick, Roger, Mike, Karsten
    Right now, Tor relays measure and report their own bandwidth, and Tor clients choose which relays to use in part based on that bandwidth. This approach is vulnerable to attacks where relays lie about their bandwidth; to address this, Tor currently caps the maximum bandwidth it's willing to believe any relay provides. This is a limited fix, and a waste of bandwidth capacity to boot. Instead, Tor should possibly measure bandwidth in a more distributed way, perhaps as described in the "A Tune-up for Tor" paper by Snader and Borisov. One could use current testing code to double-check this paper's findings and verify the extent to which they dovetail with Tor as deployed in the wild, and determine good ways to incorporate them into their suggestions Tor network without adding too much communications overhead between relays and directory authorities.
  6. Improving Polipo on Windows
    Priority: Medium to High
    Effort Level: Medium
    Skill Level: Medium
    Likely Mentors: Martin
    Help port Polipo to Windows. Example topics to tackle include: 1) the ability to asynchronously query name servers, find the system nameservers, and manage netbios and dns queries. 2) manage events and buffers natively (i.e. in Unix-like OSes, Polipo defaults to 25% of ram, in Windows it's whatever the config specifies). 3) some sort of GUI config and reporting tool, bonus if it has a systray icon with right clickable menu options. Double bonus if it's cross-platform compatible. 4) allow the software to use the Windows Registry and handle proper Windows directory locations, such as "C:\Program Files\Polipo"
  7. Implement a torrent-based scheme for downloading Thandy packages
    Priority: Medium to High
    Effort Level: High
    Skill Level: Medium to High
    Likely Mentors: Martin, Nick
    Thandy is a relatively new software to allow assisted updates of Tor and related software. Currently, there are very few users, but we expect Thandy to be used by almost every Tor user in the future. To avoid crashing servers on the day of a Tor update, we need new ways to distribute new packages efficiently, and using libtorrent seems to be a possible solution. If you think of other good ideas, great - please do let us know!
    We also need to investigate how to include our mirrors better. If possible, there should be an easy way for them to help distributing the packages.
  8. Tor Controller Status Event Interface
    Priority: Medium
    Effort Level: Medium
    Skill Level: Low to Medium
    Likely Mentors: Matt
    There are a number of status changes inside Tor of which the user may need to be informed. For example, if the user is trying to set up his Tor as a relay and Tor decides that its ports are not reachable from outside the user's network, we should alert the user. Currently, all the user gets is a couple log messages in Vidalia's 'message log' window, which they likely never see since they don't receive a notification that something has gone wrong. Even if the user does actually look at the message log, most of the messages make little sense to the novice user.
    Tor has the ability to inform Vidalia of many such status changes, and we recently implemented support for a couple of these events. Still, there are many more status events the user should be informed of and we need a better UI for actually displaying them to the user.
    The goal of this project then is to design and implement a UI for displaying Tor status events to the user. For example, we might put a little badge on Vidalia's tray icon that alerts the user to new status events they should look at. Double-clicking the icon could bring up a dialog that summarizes recent status events in simple terms and maybe suggests a remedy for any negative events if they can be corrected by the user. Of course, this is just an example and one is free to suggest another approach.
    A person undertaking this project should have good UI design and layout and some C++ development experience. Previous experience with Qt and Qt's Designer will be very helpful, but are not required. Some English writing ability will also be useful, since this project will likely involve writing small amounts of help documentation that should be understandable by non-technical users. Bonus points for some graphic design/Photoshop fu, since we might want/need some shiny new icons too.
  9. Improve our unit testing process
    Priority: Medium
    Effort Level: Medium
    Skill Level: Medium
    Likely Mentors: Nick, Roger
    Tor needs to be far more tested. This is a multi-part effort. To start with, our unit test coverage should rise substantially, especially in the areas outside the utility functions. This will require significant refactoring of some parts of Tor, in order to dissociate as much logic as possible from globals.
    Additionally, we need to automate our performance testing. We've got buildbot to automate our regular integration and compile testing already (though we need somebody to set it up on Windows), but we need to get our network simulation tests (as built in TorFlow) updated for more recent versions of Tor, and designed to launch a test network either on a single machine, or across several, so we can test changes in performance on machines in different roles automatically.
  10. Help revive an independent Tor client implementation
    Priority: Medium
    Effort Level: High
    Skill Level: Medium to High
    Likely Mentors: Karsten, Nick
    Reanimate one of the approaches to implement a Tor client in Java, e.g. the OnionCoffee project, and make it run on Android. The first step would be to port the existing code and execute it in an Android environment. Next, the code should be updated to support the newer Tor protocol versions like the v3 directory protocol. Further, support for requesting or even providing Tor hidden services would be neat, but not required.
    A prospective developer should be able to understand and write new Java code, including a Java cryptography API. Being able to read C code would be helpful, too. One should be willing to read the existing documentation, implement code based on it, and refine the documentation when things are underdocumented. This project is mostly about coding and to a small degree about design.
  11. New Torbutton Features
    Priority: Medium
    Effort Level: High
    Skill Level: High
    Likely Mentors: Mike
    There are several good feature requests on the Torbutton Flyspray section. In particular, Integrating 'New Identity' with Vidalia, ways of managing multiple cookie jars/identities, preserving specific cookies when cookies are cleared, better referrer spoofing, correct Tor status reporting, and "tor://" and "tors://" urls are all interesting features that could be added.
    This work would be independent coding in Javascript and the fun world of XUL, with not too much involvement in the Tor internals.
  12. New Thandy Features
    Priority: Medium
    Effort Level: Medium
    Skill Level: Medium to High
    Likely Mentors: Martin
    Additional capabilities are needed for assisted updates of all the Tor related software for Windows and other operating systems. Some of the features to consider include: 1) Integration of the MeTooCrypto Python library for authenticated HTTPS downloads. 2) Adding a level of indirection between the timestamp signatures and the package files included in an update. See the "Thandy attacks / suggestions" thread on or-dev. 3) Support locale specific installation and configuration of assisted updates based on preference, host, or user account language settings. Familiarity with Windows codepages, unicode, and other character sets is helpful in addition to general win32 and posix API experience and Python proficiency.
  13. Simulator for slow Internet connections
    Priority: Medium
    Effort Level: Medium
    Skill Level: Medium
    Likely Mentors: Steven
    Many users of Tor have poor-quality Internet connections, giving low bandwidth, high latency, and high packet loss/re-ordering. User experience is that Tor reacts badly to these conditions, but it is difficult to improve the situation without being able to repeat the problems in the lab.
    This project would be to build a simulation environment which replicates the poor connectivity so that the effect on Tor performance can be measured. Other components would be a testing utility to establish what are the properties of connections available, and to measure the effect of performance-improving modifications to Tor.
    The tools used would be up to the student, but dummynet (for FreeBSD) and nistnet (for Linux) are two potential components on which this project could be built. Students should be experienced with network programming/debugging and TCP/IP, and preferably familiar with C and a scripting language.
  14. An Improved and More Usable Network Map in Vidalia
    Priority: Low to Medium
    Effort Level: Medium
    Skill Level: Medium
    Likely Mentors: Matt
    One of Vidalia's existing features is a network map that shows the user the approximate geographic location of relays in the Tor network and plots the paths the user's traffic takes as it is tunneled through the Tor network. The map is currently not very interactive and has rather poor graphics. Instead, we implemented KDE's Marble widget such that it gives us a better quality map and enables improved interactivity, such as allowing the user to click on individual relays or circuits to display additional information. We want to add the ability for users to click on a particular relay or a country containing one or more Tor exit relays and say, "I want my connections to exit from here."
    This project will first involve getting familiar with Vidalia and the Marble widget's API. One will then integrate the widget into Vidalia and customize Marble to be better suited for our application, such as making circuits clickable, storing cached map data in Vidalia's own data directory, and customizing some of the widget's dialogs.
    A person undertaking this project should have good C++ development experience. Previous experience with Qt and CMake is helpful, but not required.
  15. Bring moniTor to life
    Priority: Low
    Effort Level: Medium
    Skill Level: Low to Medium
    Likely Mentors: Karsten, Jacob
    Implement a top-like management tool for Tor relays. The purpose of such a tool would be to monitor a local Tor relay via its control port and include useful system information of the underlying machine. When running this tool, it would dynamically update its content like top does for Linux processes. This or-dev post might be a good first read.
    A person interested in this should be familiar with or willing to learn about administering a Tor relay and configuring it via its control port. As an initial prototype is written in Python, some knowledge about writing Python code would be helpful, too. This project is one part about identifying requirements to such a tool and designing its interface, and one part lots of coding.
  16. Torbutton equivalent for Thunderbird
    Priority: Low
    Effort Level: High
    Skill Level: High
    Likely Mentors: Mike
    We're hearing from an increasing number of users that they want to use Thunderbird with Tor. However, there are plenty of application-level concerns, for example, by default Thunderbird will put your hostname in the outgoing mail that it sends. At some point we should start a new push to build a Thunderbird extension similar to Torbutton.
  17. Intermediate Level Network Device Driver
    Priority: Low
    Effort Level: High
    Skill Level: High
    Likely Mentors: Martin
    The WinPCAP device driver used by Tor VM for bridged networking does not support a number of wireless and non-Ethernet network adapters. Implementation of a intermediate level network device driver for win32 and 64bit would provide a way to intercept and route traffic over such networks. This project will require knowledge of and experience with Windows kernel device driver development and testing. Familiarity with Winsock and Qemu would also be helpful.
  18. Improve Tor Weather
    Priority: Medium
    Effort Level: Medium
    Skill Level: Medium
    Likely Mentors: Jake, Roger
    Tor weather is a tool that allows signing up to receive notifications via email when the tracked Tor relay is down. Currently, it isn't really useful for people who use the hibernation feature of Tor, or for those who have to shut down their relay regularly. During the project, Tor weather could be extended to allow more flexible configurations. Other enhancements are also possible: Weather could send out warnings when your relay runs an out-of-date version of Tor, or when its observed bandwith drops below a certain value. It might also be a nice tool that allows for checking whether your relay has earned you a T-Shirt, or sending reminders to directory authorities that their keys are about to expire. Be creative, and consider how the above project to track overall network status can help you get your job done more quickly! See also its README and TODO.
  19. Bring up new ideas!
    Don't like any of these? Look at the Tor development roadmap for more ideas. Some of the current proposals might also be short on developers.

Other Coding and Design related ideas

  1. Tor relays don't work well on Windows XP. On Windows, Tor uses the standard select() system call, which uses space in the non-page pool. This means that a medium sized Tor relay will empty the non-page pool, causing havoc and system crashes. We should probably be using overlapped IO instead. One solution would be to teach libevent how to use overlapped IO rather than select() on Windows, and then adapt Tor to the new libevent interface. Christian King made a good start on this in the summer of 2007.
  2. We need to actually start building our blocking-resistance design. This involves fleshing out the design, modifying many different pieces of Tor, adapting Vidalia so it supports the new features, and planning for deployment.
  3. We need a flexible simulator framework for studying end-to-end traffic confirmation attacks. Many researchers have whipped up ad hoc simulators to support their intuition either that the attacks work really well or that some defense works great. Can we build a simulator that's clearly documented and open enough that everybody knows it's giving a reasonable answer? This will spur a lot of new research. See the entry below on confirmation attacks for details on the research side of this task — who knows, when it's done maybe you can help write a paper or three also.
  4. Tor 0.1.1.x and later include support for hardware crypto accelerators via OpenSSL. It has been lightly tested and is possibly very buggy. We're looking for more rigorous testing, performance analysis, and optimally, code fixes to openssl and Tor if needed.
  5. Perform a security analysis of Tor with "fuzz". Determine if there are good fuzzing libraries out there for what we want. Win fame by getting credit when we put out a new release because of you!
  6. Tor uses TCP for transport and TLS for link encryption. This is nice and simple, but it means all cells on a link are delayed when a single packet gets dropped, and it means we can only reasonably support TCP streams. We have a list of reasons why we haven't shifted to UDP transport, but it would be great to see that list get shorter. We also have a proposed specification for Tor and UDP — please let us know what's wrong with it.
  7. We're not that far from having IPv6 support for destination addresses (at exit nodes). If you care strongly about IPv6, that's probably the first place to start.
  8. We need a way to generate the website diagrams (for example, the "How Tor Works" pictures on the overview page from source, so we can translate them as UTF-8 text rather than edit them by hand with Gimp. We might want to integrate this as an wml file so translations are easy and images are generated in multiple languages whenever we build the website.
  9. How can we make the Incognito LiveCD easier to maintain, improve, and document?

Research

  1. The "website fingerprinting attack": make a list of a few hundred popular websites, download their pages, and make a set of "signatures" for each site. Then observe a Tor client's traffic. As you watch him receive data, you quickly approach a guess about which (if any) of those sites he is visiting. First, how effective is this attack on the deployed Tor codebase? Then start exploring defenses: for example, we could change Tor's cell size from 512 bytes to 1024 bytes, we could employ padding techniques like defensive dropping, or we could add traffic delays. How much of an impact do these have, and how much usability impact (using some suitable metric) is there from a successful defense in each case?
  2. The "end-to-end traffic confirmation attack": by watching traffic at Alice and at Bob, we can compare traffic signatures and become convinced that we're watching the same stream. So far Tor accepts this as a fact of life and assumes this attack is trivial in all cases. First of all, is that actually true? How much traffic of what sort of distribution is needed before the adversary is confident he has won? Are there scenarios (e.g. not transmitting much) that slow down the attack? Do some traffic padding or traffic shaping schemes work better than others?
  3. A related question is: Does running a relay/bridge provide additional protection against these timing attacks? Can an external adversary that can't see inside TLS links still recognize individual streams reliably? Does the amount of traffic carried degrade this ability any? What if the client-relay deliberately delayed upstream relayed traffic to create a queue that could be used to mimic timings of client downstream traffic to make it look like it was also relayed? This same queue could also be used for masking timings in client upstream traffic with the techniques from adaptive padding, but without the need for additional traffic. Would such an interleaving of client upstream traffic obscure timings for external adversaries? Would the strategies need to be adjusted for asymmetric links? For example, on asymmetric links, is it actually possible to differentiate client traffic from natural bursts due to their asymmetric capacity? Or is it easier than symmetric links for some other reason?
  4. Repeat Murdoch and Danezis's attack from Oakland 05 on the current Tor network. See if you can learn why it works well on some nodes and not well on others. (My theory is that the fast nodes with spare capacity resist the attack better.) If that's true, then experiment with the RelayBandwidthRate and RelayBandwidthBurst options to run a relay that is used as a client while relaying the attacker's traffic: as we crank down the RelayBandwidthRate, does the attack get harder? What's the right ratio of RelayBandwidthRate to actually capacity? Or is it a ratio at all? While we're at it, does a much larger set of candidate relays increase the false positive rate or other complexity for the attack? (The Tor network is now almost two orders of magnitude larger than it was when they wrote their paper.) Be sure to read Don't Clog the Queue too.
  5. The "routing zones attack": most of the literature thinks of the network path between Alice and her entry node (and between the exit node and Bob) as a single link on some graph. In practice, though, the path traverses many autonomous systems (ASes), and it's not uncommon that the same AS appears on both the entry path and the exit path. Unfortunately, to accurately predict whether a given Alice, entry, exit, Bob quad will be dangerous, we need to download an entire Internet routing zone and perform expensive operations on it. Are there practical approximations, such as avoiding IP addresses in the same /8 network?
  6. Other research questions regarding geographic diversity consider the tradeoff between choosing an efficient circuit and choosing a random circuit. Look at Stephen Rollyson's position paper on how to discard particularly slow choices without hurting anonymity "too much". This line of reasoning needs more work and more thinking, but it looks very promising.
  7. Tor doesn't work very well when relays have asymmetric bandwidth (e.g. cable or DSL). Because Tor has separate TCP connections between each hop, if the incoming bytes are arriving just fine and the outgoing bytes are all getting dropped on the floor, the TCP push-back mechanisms don't really transmit this information back to the incoming streams. Perhaps Tor should detect when it's dropping a lot of outgoing packets, and rate-limit incoming streams to regulate this itself? I can imagine a build-up and drop-off scheme where we pick a conservative rate-limit, slowly increase it until we get lost packets, back off, repeat. We need somebody who's good with networks to simulate this and help design solutions; and/or we need to understand the extent of the performance degradation, and use this as motivation to reconsider UDP transport.
  8. A related topic is congestion control. Is our current design sufficient once we have heavy use? Maybe we should experiment with variable-sized windows rather than fixed-size windows? That seemed to go well in an ssh throughput experiment. We'll need to measure and tweak, and maybe overhaul if the results are good.
  9. Our censorship-resistance goals include preventing an attacker who's looking at Tor traffic on the wire from distinguishing it from normal SSL traffic. Obviously we can't achieve perfect steganography and still remain usable, but for a first step we'd like to block any attacks that can win by observing only a few packets. One of the remaining attacks we haven't examined much is that Tor cells are 512 bytes, so the traffic on the wire may well be a multiple of 512 bytes. How much does the batching and overhead in TLS records blur this on the wire? Do different buffer flushing strategies in Tor affect this? Could a bit of padding help a lot, or is this an attack we must accept?
  10. Tor circuits are built one hop at a time, so in theory we have the ability to make some streams exit from the second hop, some from the third, and so on. This seems nice because it breaks up the set of exiting streams that a given relay can see. But if we want each stream to be safe, the "shortest" path should be at least 3 hops long by our current logic, so the rest will be even longer. We need to examine this performance / security tradeoff.
  11. It's not that hard to DoS Tor relays or directory authorities. Are client puzzles the right answer? What other practical approaches are there? Bonus if they're backward-compatible with the current Tor protocol.
  12. Programs like Torbutton aim to hide your browser's UserAgent string by replacing it with a uniform answer for every Tor user. That way the attacker can't splinter Tor's anonymity set by looking at that header. It tries to pick a string that is commonly used by non-Tor users too, so it doesn't stand out. Question one: how badly do we hurt ourselves by periodically updating the version of Firefox that Torbutton claims to be? If we update it too often, we splinter the anonymity sets ourselves. If we don't update it often enough, then all the Tor users stand out because they claim to be running a quite old version of Firefox. The answer here probably depends on the Firefox versions seen in the wild. Question two: periodically people ask us to cycle through N UserAgent strings rather than stick with one. Does this approach help, hurt, or not matter? Consider: cookies and recognizing Torbutton users by their rotating UserAgents; malicious websites who only attack certain browsers; and whether the answers to question one impact this answer.
  13. Right now Tor clients are willing to reuse a given circuit for ten minutes after it's first used. The goal is to avoid loading down the network with too many circuit extend operations, yet to also avoid having clients use the same circuit for so long that the exit node can build a useful pseudonymous profile of them. Alas, ten minutes is probably way too long, especially if connections from multiple protocols (e.g. IM and web browsing) are put on the same circuit. If we keep fixed the overall number of circuit extends that the network needs to do, are there more efficient and/or safer ways for clients to allocate streams to circuits, or for clients to build preemptive circuits? Perhaps this research item needs to start with gathering some traces of what connections typical clients try to launch, so you have something realistic to try to optimize.
  14. How many bridge relays do you need to know to maintain reachability? We should measure the churn in our bridges. If there is lots of churn, are there ways to keep bridge users more likely to stay connected?

Lass uns wissen, wenn du bei einem dieser Punkte Fortschritte gemacht hast.

"Tor" und das "Onion Logo" sind registrierte Warenzeichen der The Tor Project, Inc. Außer wenn es anderweitig erwähnt ist, ist der Inhalt dieser Seiten unter der Creative Commons Attribution 3.0 United States License lizensiert.

Achtung: Diese Übersetzung ist möglicherweise veraltet. Das englische Original ist auf Revision 22252 während diese Übersetzung auf 19397 basiert.

Diese Seite gibt es auch in den folgenden Sprachen: English, español, suomi, français, Italiano, 日本語 (Nihongo), Nederlands, polski, 中文(简) (Simplified Chinese).
Wie stellt man die Standardsprache ein.

Die Tor-Entwickler haben diese Übersetzung nicht auf Korrektheit geprüft. Sie könnte veraltet oder falsch sein. Die offizielle Version ist in englischer Sprache, erhältlich unter https://www.torproject.org/.

Webmaster - Letzte Änderung: Thu Mar 25 12:14:11 2010 - Zuletzt kompiliert: Wed Apr 28 23:27:53 2010