[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: TOR in Java?



Java is extremely insecure, as has already been demonstrated by the applet DNS leak and client IP leak issues.
~Andrew

Nick Mathewson wrote:
On Thu, Oct 06, 2005 at 08:21:20PM +0200, Oliver S. wrote:
  
I think that TOR-servers don't need to be that performant as their
usage is currently and will in future be very uncommon. So it would
be easier to deveop TOR in Java (or maybe even C#?). This would also
reduce the probability of security-issues like buffer-overflows (may-
be it would be even possible to go back the TOR-chain through chai-
ned buffer-overflows, i.e. BOs that go from one gate in the chain
from the previous).
What do you think of my idea.
    

I think your idea is a fine one for somebody's spare time; we always
need more implementations for the Tor protocol, and Java is a popular
choice these days.  You might want to start with the code from the
Java Anon Proxy people; I don't know their current status here, but
for a while, they had a working Tor *client* written in Java.  Of
course, a server is significantly more complicated, so there would be
a lot more work.

As for the performance issue: you are completely wrong about Tor
servers not needing CPU; at reasonable bandwidth, the requirements are
high.  Fortunately, most of the CPU is used for AES, DH, and RSA, all
of which any sane implementation will implement in native code, so one
might stand a chance of having a compatible implementation of the Tor
protocol written in a less performance critical language.

In other words:  if you want to clone Tor in Java, feel free!  We look
forward to your work.

Note, however, that I keep talking about "compatible implementations"
here.  Tor is 49 thousand lines right now[1], and we're trying to
strengthen incrementally it all the time.  Throwing out the
implementation that we've been working on for the last four years and
starting again from scratch is not likely to work for us.

As for the rest of this thread: language choice is a classical
bike-shed problem[2].  Please, tread lightly, and consider whether
what you're saying needs to be said.  If you're worried about Java:
there's no risk we'll switch the main Tor implementation to it in the
foreseeable future.  If you want Java: great, get some programmers
together and bang out an implementation.

[1] Tor has about 37.6 klines of code, and 11.4 klines of comments.
[2] On bikesheds: http://www.unixguide.net/freebsd/faq/16.19.shtml

yrs,