[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

[or-cvs] r12673: Add start of TODO list (and move old one out of the way) (in torpedo/trunk: . docs src)



Author: sjm217
Date: 2007-12-04 15:29:13 -0500 (Tue, 04 Dec 2007)
New Revision: 12673

Added:
   torpedo/trunk/docs/TODO
   torpedo/trunk/src/todo
Removed:
   torpedo/trunk/todo
Log:
Add start of TODO list (and move old one out of the way)

Added: torpedo/trunk/docs/TODO
===================================================================
--- torpedo/trunk/docs/TODO	                        (rev 0)
+++ torpedo/trunk/docs/TODO	2007-12-04 20:29:13 UTC (rev 12673)
@@ -0,0 +1,61 @@
+###
+### Plans for USB Tor bundle
+### Steven J. Murdoch <http://www.cl.cam.ac.uk/users/sjm217/>
+###
+
+Vidalia modifications
+---------------------
+
+- Vidalia now recognizes when Tor has created a circuit. Use this to
+  trigger starting Firefox.
+- When Firefox exits, cleanly shut down Vidalia
+
+- Make Vidalia start and stop Polipo too
+
+Firefox modifications
+---------------------
+
+- Produce new branding so we don't infringe on the Mozilla trademarks
+- Get FirefoxPortable building
+
+- Eventually try to remove NSIS dependency for FirefoxPortable and
+  move any necessary code into Vidalia
+
+- Investigate how to programmatically add extensions and modify
+  preference files (partially complete).
+  Adding them to user.js will override user modifications (sometimes
+  not good).
+  Adding them to all.js is better, but entries must be sorted (are
+  there other constraints?)
+
+- Decide what preferences to set and what extensions to pre-install
+  [ xB use this: http://archives.seul.org/or/talk/Nov-2007/msg00227.html ]
+
+- Tailor error messages so are more appropriate to Tor (e.g. point out
+  dangers when submitting forms to non-HTTPS URLs)
+
+General
+-------
+
+- Use process monitor to watch filesystem activity:
+  http://www.microsoft.com/technet/sysinternals/utilities/processmonitor.mspx
+
+- If we can't make a static build of Vidalia, produce a small
+  executable to launch Vidalia (so the top level folder doesn't have
+  random DLLs lying around)
+
+- If we can make a static build of Vidalia, make it look for the
+  config file in a different directory
+
+Questions to ask
+----------------
+
+- Is looking like IE (as ToaST does) good for security
+
+- Is having a splash screen likely to attract unwanted attention
+
+- How big can USB Tor be on disk/when downloaded
+
+- Should we cache directory information on the USB device/hard disk
+
+- How much of a worry is wearing out the flash

Copied: torpedo/trunk/src/todo (from rev 12669, torpedo/trunk/todo)
===================================================================
--- torpedo/trunk/src/todo	                        (rev 0)
+++ torpedo/trunk/src/todo	2007-12-04 20:29:13 UTC (rev 12673)
@@ -0,0 +1,88 @@
+############# TOR on a stick ##############
+
+Requirements for the first version:
+- Non-dataleaking browser with SOCKS_V5
+- thin web proxy
+- Chat client.
+- software installation.
+- not expecting any USB dumping software on the host, nor expecting
+any sort of surveillance programs to be sitting there.
+- User attitude towards TOR: I don't need to know I am actually using TOR.
+on a url should open the page in the correct browser.
+
+Requirements in the longer run: 
+- Directory caching.  
+- move away from SOCKS5 assumption, consider capturing winsock
+requests throught sockscap or winpcap and pointing them all to TOR.
+
+
+
+
+
+Documentation
+
+Build Process
+
+Project tracking
+
+
+
+
+---------------------------------------------
+To do list ( in decreasing order of priority )
+
+1) Firefox changes:
+   - source baseline portable firefox.
+   - list1: appropriate features
+   - list2: inappropriate features and call trace examination.
+   - disable list2 and iterate.
+
+2) Installation: How do we get the firefox on USB to be the one that
+is used. possible approaches:   
+   - study DMA access methods, look at Maximillian's DMA ipod attack code.
+   - nsi
+
+3) Usability features
+- Making the browser look different from standard firefox. Torpark
+does a decent job at this, it might be an idea to borrow UI features
+from there.
+- TOR button.
+- Inputs from Peter Gutmann's defcon talk.
+- Inputs from Roger and others.
+   
+4) Thin proxy:
+   evaluate polipo. 
+   
+5) Chat client
+   Google talk? It seems to have proxy support.
+   Scatterchat/Gaim is another alternative (probably better).
+
+------------------------------------------------------
+Delivery 1:
+
+What we have: A utility that detects the drive letter of the usb disk
+
+what we need: 
+
+1) A config utility that is automatically started, when the usb disk
+is mounted written using shell scripts or in C.  The job of this is to
+make firefox, vidalia, polipo/privoxy and Tor happy to start.
+
+2) An install program that installs Tor, firefox, vidalia,
+polipo/privoxy, and gaim on the usb disk.
+
+Completion date: Next weekend, 22 October 2006
+
+-------------------------------------------------------
+Components
+
+######## Install
+1) Multiple language support.
+2) Target directory should reside on a usb drive.
+3) Prevent multiple versions of install running at the same time.
+4) 
+
+
+####### Configuration
+1) Close firefox. Leave proxy and Tor running if they are already running.
+2) 
\ No newline at end of file

Deleted: torpedo/trunk/todo
===================================================================
--- torpedo/trunk/todo	2007-12-04 20:00:50 UTC (rev 12672)
+++ torpedo/trunk/todo	2007-12-04 20:29:13 UTC (rev 12673)
@@ -1,88 +0,0 @@
-############# TOR on a stick ##############
-
-Requirements for the first version:
-- Non-dataleaking browser with SOCKS_V5
-- thin web proxy
-- Chat client.
-- software installation.
-- not expecting any USB dumping software on the host, nor expecting
-any sort of surveillance programs to be sitting there.
-- User attitude towards TOR: I don't need to know I am actually using TOR.
-on a url should open the page in the correct browser.
-
-Requirements in the longer run: 
-- Directory caching.  
-- move away from SOCKS5 assumption, consider capturing winsock
-requests throught sockscap or winpcap and pointing them all to TOR.
-
-
-
-
-
-Documentation
-
-Build Process
-
-Project tracking
-
-
-
-
----------------------------------------------
-To do list ( in decreasing order of priority )
-
-1) Firefox changes:
-   - source baseline portable firefox.
-   - list1: appropriate features
-   - list2: inappropriate features and call trace examination.
-   - disable list2 and iterate.
-
-2) Installation: How do we get the firefox on USB to be the one that
-is used. possible approaches:   
-   - study DMA access methods, look at Maximillian's DMA ipod attack code.
-   - nsi
-
-3) Usability features
-- Making the browser look different from standard firefox. Torpark
-does a decent job at this, it might be an idea to borrow UI features
-from there.
-- TOR button.
-- Inputs from Peter Gutmann's defcon talk.
-- Inputs from Roger and others.
-   
-4) Thin proxy:
-   evaluate polipo. 
-   
-5) Chat client
-   Google talk? It seems to have proxy support.
-   Scatterchat/Gaim is another alternative (probably better).
-
-------------------------------------------------------
-Delivery 1:
-
-What we have: A utility that detects the drive letter of the usb disk
-
-what we need: 
-
-1) A config utility that is automatically started, when the usb disk
-is mounted written using shell scripts or in C.  The job of this is to
-make firefox, vidalia, polipo/privoxy and Tor happy to start.
-
-2) An install program that installs Tor, firefox, vidalia,
-polipo/privoxy, and gaim on the usb disk.
-
-Completion date: Next weekend, 22 October 2006
-
--------------------------------------------------------
-Components
-
-######## Install
-1) Multiple language support.
-2) Target directory should reside on a usb drive.
-3) Prevent multiple versions of install running at the same time.
-4) 
-
-
-####### Configuration
-1) Close firefox. Leave proxy and Tor running if they are already running.
-2) 
\ No newline at end of file