Inicio Explorar Axuda
Iniciar sesión
sengler
/
tor-parallel-relay-conn
1
0
Fork 0
Ficheiros Incidencias 0 Pull Requests 0 Wiki
Árbore: 97dfa611d1
Ramas Etiquetas
tor-parallel...
/
doc
/
TODO.external

TODO.external 6.5 KB
Histórico Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182 
  1. $Id$
    2. 

  2. Legend:
    3. 

  3. SPEC!!  - Not specified
    4. 

  4. SPEC    - Spec not finalized
    5. 

  5. N       - nick claims
    6. 

  6. R       - arma claims
    7. 

  7. P       - phobos claims
    8. 

  8. S       - Steven claims
    9. 

  9. E       - Matt claims
    10. 

  10. M       - Mike claims
    11. 

  11. J       - Jeff claims
    12. 

  12. I       - ioerror claims
    13. 

  13. W       - weasel claims
    14. 

  14. K       - Karsten claims
    15. 

  15. C       - coderman claims
    16. 

  16.         - Not done
    17. 

  17.         * Top priority
    18. 

  18.         . Partially done
    19. 

  19.         o Done
    20. 

  20.         d Deferrable
    21. 

  21.         D Deferred
    22. 

  22.         X Abandoned
    23. 

  23. 

  24. =======================================================================
    25. 

  25. 

  26. External constraints:
    27. 

  27. 

  28. Past due:
    29. 

  29. N   - Refine proposal 158, and implement.
    30. 

  30. 

  31. For June/July:
    32. 

  32. NR  - Work more on Paul's NRL research problem.
    33. 

  33. 

  34. For March 22:
    35. 

  35. I   * Email auto-responder
    36. 

  36.       * How do we better support users with limited email
    37. 

  37.         bandwidth? Multi-part download? Teach them how to reconnect
    38. 

  38.         their gmail? Does downloading your gmail work when your network
    39. 

  39.         keeps dying?
    40. 

  40. 

  41. K   - Metrics.
    42. 

  42.       - With Mike's help, use Torflow to start doing monthly rudimentary
    43. 

  43.         performance evaluations:
    44. 

  44.         - Circuit throughput and latency
    45. 

  45.         - Measure via Broadband and dialup
    46. 

  46.       - Publish a report addressing key long-term metrics questions:
    47. 

  47.         - What metrics should we present?
    48. 

  48.         - What data are available for these metrics?
    49. 

  49.         - What data are missing, and can collect them safely? Can we
    50. 

  50.           publish them safely?
    51. 

  51.         - What systems are available to present this data?
    52. 

  52. 

  53. E   - Vidalia improvements
    54. 

  54.       - Put out a Vidalia release with the new features in it.
    55. 

  55.       - Vidalia displays by-country user summary for bridge operators
    56. 

  56. ?       - write a help page for vidalia, "what is this"
    57. 

  57. 

  58. M   - Torbutton development
    59. 

  59.       - Put out a Torbutton release with the new features in it.
    60. 

  60. 

  61. C   - Transparent interception of connections on Windows
    62. 

  62.       - Write a summary (with links) of current progress and current
    63. 

  63.         limitations.
    64. 

  64. 

  65. S   - Continue analyzing "traces" left on host machine by use of
    66. 

  66.       Tor Browser, especially once we have our new launcher and have moved
    67. 

  67.       to FF3. Write a summary of current progress, and what remains. Try
    68. 

  68.       to solve some of the low-hanging fruit.
    69. 

  69. 

  70. I   d Get a relay operator mailing list going, with a plan and supporting
    71. 

  71.       scripts and so on.
    72. 

  72. 

  73. For mid August:
    74. 

  74. 

  75. Section 0, items that didn't make it into the original roadmap:
    76. 

  76. 

  77. 0.1, installers and packaging
    78. 

  78. C . i18n for the msi bundle files
    79. 

  79. P . more consistent TBB builds
    80. 

  80. IC- get a buildbot up again. Have Linux and BSD build machines.
    81. 

  81.     (Windows would be nice but realistically will come later.)
    82. 

  82. E - Get Tor to work properly on the iPhone.
    83. 

  83. 

  84. 3.1.1, performance work.
    85. 

  85. 

  86. XXX
    87. 

  87. 

  88. 4.1, IOCP / libevent / windows / tor
    89. 

  89. N - get it working for nick
    90. 

  90. N - put out a release so other people can start testing it.
    91. 

  91. N - both the libevent buffer abstraction, and the
    92. 

  92.     tor-uses-libevent-buffer-abstraction. Unless we think that's
    93. 

  93.     unreachable for this milestone?
    94. 

  94. 

  95. 4.2.1, risks from becoming a relay
    96. 

  96. S - Have a clear plan for how users who become relays will be safe,
    97. 

  97.     and be confident that we can build this plan.
    98. 

  98.     - evaluate all the various attacks that are made possible by relaying.
    99. 

  99.       specifically, see "relaying-traffic attacks" in 6.6.
    100. 

  100.     - identify and evaluate ways to make them not a big deal
    101. 

  101.       - setting a low RelayBandwidth
    102. 

  102.       - Nick Hopper's FC08 paper suggesting that we should do a modified
    103. 

  103.         round-robin so we leak less about other circuits
    104. 

  104.       - instructing clients to disable pings in their firewall, etc
    105. 

  105.     - pick the promising ones, improve them so they're even better, and
    106. 

  106.       spec them out so we know how to build them and how much effort is
    107. 

  107.       involved in building them.
    108. 

  108. 

  109. 4.5, clients download less directory info
    110. 

  110. N - deploy proposal 158.
    111. 

  111. N - decide whether to do proposal 140. if so, construct an implementation
    112. 

  112.     plan for how we'll do it. if not, explain why not.
    113. 

  113. 

  114. 5.1, Normalize TLS fingerprint
    115. 

  115. N o write a draft list of possible attacks for this section, with
    116. 

  116.     estimates about difficulty of attack, difficulty of solution, etc
    117. 

  117. N - revisit the list and revise our plans as needed
    118. 

  118. NR- put up a blog post about the two contradictory conclusions: we can
    119. 

  119.     discuss the theory of arms races, and our quandry, without revealing
    120. 

  120.     any specific vulnerabilities. (or decide not to put up a blog post,
    121. 

  121.     and explain why not.)
    122. 

  122. 

  123. 5.5, email autoresponder
    124. 

  124. I . maintenance and keeping it running
    125. 

  125. 

  126. 5.7.2, metrics
    127. 

  127. 

  128. XXX.
    129. 

  129. 

  130. 6.2, Vidalia work
    131. 

  131. E - add breakpad support or similar for windows debugging
    132. 

  132. E o let vidalia change languages without needing a restart
    133. 

  133. E - Implement the status warning event interface started for the
    134. 

  134.     phase one deliverables.
    135. 

  135. E - Work with Steve Tyree on building a Vidalia plugin API to enable
    136. 

  136.     building Herdict and TBB plugins.
    137. 

  137. 

  138. 6.3, Node scanning
    139. 

  139. M - Steps toward automation
    140. 

  140.     - Set up email list for results
    141. 

  141.     - Map failure types to potential BadExit lines
    142. 

  142. M - Improve the ability of SoaT to mimic various real web browsers
    143. 

  143.     - randomizing user agents and locale strings
    144. 

  144.     - caching, XMLHTTPRequest, form posting, content sniffing
    145. 

  145.     - Investigate ideas like running Chrome/xulrunner in parallel
    146. 

  146. M - Other protocols
    147. 

  147.     - SSH, IMAPS, POPS, SMTPS
    148. 

  148. M - Add ability to geolocalize exit selection based on scanner location
    149. 

  149.     - Use this to rescan dynamic urls filtered by the URL filter
    150. 

  150. 

  151. 6.4, Torbutton development
    152. 

  152. M - Resolve extension conflicts and other high priority bugs
    153. 

  153. M - Fix or hack around ugly firefox bugs, especially Timezone issue.
    154. 

  154.     Definitely leaning towards "hack around" unless we see some
    155. 

  155.     level of love from Mozilla.
    156. 

  156. M - Vidalia New Nym Integration
    157. 

  157.     - Implement for Torbutton to pick up on Vidalia's NEWNYM and clear
    158. 

  158.       cookies based on FoeBud's source
    159. 

  159.     - Do this in such a way that we could adapt polipo to purge cache
    160. 

  160.       if we were so inclined
    161. 

  161. M - Write up a summary of our options for dealing with the google
    162. 

  162.     you-must-solve-a-captcha-to-search problem, and pick one as our
    163. 

  163.     favorite option.
    164. 

  164. 

  165. 6.6, Evaluate new anonymity attacks
    166. 

  166. S - relaying-traffic attacks
    167. 

  167.     - original murdoch-danezis attack
    168. 

  168.     - nick hopper's latency measurement attack
    169. 

  169.     - columbia bandwidth measurement attack
    170. 

  170.     - christian grothoff's long-circuit attack
    171. 

  171. S - client attacks
    172. 

  172.     - website fingerprinting
    173. 

  173. 

  174. 7.1, Tor VM Research, analysis, and prototyping
    175. 

  175. C . Get a working package out, meaning other people are testing it.
    176. 

  176. 

  177. 7.2, Tor Browser Bundle
    178. 

  178. I - Port to one of OS X or Linux, and start the port to the other.
    179. 

  179. I . Make it the recommended Tor download on Windows
    180. 

  180. I - Make sure it's easy to un-brand TBB in case Firefox asks us to
    181. 

  181. I - Evaluate CCC's Freedom Stick
    182. 

  182.