[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
[or-cvs] r12673: Add start of TODO list (and move old one out of the way) (in torpedo/trunk: . docs src)
Author: sjm217
Date: 2007-12-04 15:29:13 -0500 (Tue, 04 Dec 2007)
New Revision: 12673
Added:
torpedo/trunk/docs/TODO
torpedo/trunk/src/todo
Removed:
torpedo/trunk/todo
Log:
Add start of TODO list (and move old one out of the way)
Added: torpedo/trunk/docs/TODO
===================================================================
--- torpedo/trunk/docs/TODO (rev 0)
+++ torpedo/trunk/docs/TODO 2007-12-04 20:29:13 UTC (rev 12673)
@@ -0,0 +1,61 @@
+###
+### Plans for USB Tor bundle
+### Steven J. Murdoch <http://www.cl.cam.ac.uk/users/sjm217/>
+###
+
+Vidalia modifications
+---------------------
+
+- Vidalia now recognizes when Tor has created a circuit. Use this to
+ trigger starting Firefox.
+- When Firefox exits, cleanly shut down Vidalia
+
+- Make Vidalia start and stop Polipo too
+
+Firefox modifications
+---------------------
+
+- Produce new branding so we don't infringe on the Mozilla trademarks
+- Get FirefoxPortable building
+
+- Eventually try to remove NSIS dependency for FirefoxPortable and
+ move any necessary code into Vidalia
+
+- Investigate how to programmatically add extensions and modify
+ preference files (partially complete).
+ Adding them to user.js will override user modifications (sometimes
+ not good).
+ Adding them to all.js is better, but entries must be sorted (are
+ there other constraints?)
+
+- Decide what preferences to set and what extensions to pre-install
+ [ xB use this: http://archives.seul.org/or/talk/Nov-2007/msg00227.html ]
+
+- Tailor error messages so are more appropriate to Tor (e.g. point out
+ dangers when submitting forms to non-HTTPS URLs)
+
+General
+-------
+
+- Use process monitor to watch filesystem activity:
+ http://www.microsoft.com/technet/sysinternals/utilities/processmonitor.mspx
+
+- If we can't make a static build of Vidalia, produce a small
+ executable to launch Vidalia (so the top level folder doesn't have
+ random DLLs lying around)
+
+- If we can make a static build of Vidalia, make it look for the
+ config file in a different directory
+
+Questions to ask
+----------------
+
+- Is looking like IE (as ToaST does) good for security
+
+- Is having a splash screen likely to attract unwanted attention
+
+- How big can USB Tor be on disk/when downloaded
+
+- Should we cache directory information on the USB device/hard disk
+
+- How much of a worry is wearing out the flash
Copied: torpedo/trunk/src/todo (from rev 12669, torpedo/trunk/todo)
===================================================================
--- torpedo/trunk/src/todo (rev 0)
+++ torpedo/trunk/src/todo 2007-12-04 20:29:13 UTC (rev 12673)
@@ -0,0 +1,88 @@
+############# TOR on a stick ##############
+
+Requirements for the first version:
+- Non-dataleaking browser with SOCKS_V5
+- thin web proxy
+- Chat client.
+- software installation.
+- not expecting any USB dumping software on the host, nor expecting
+any sort of surveillance programs to be sitting there.
+- User attitude towards TOR: I don't need to know I am actually using TOR.
+on a url should open the page in the correct browser.
+
+Requirements in the longer run:
+- Directory caching.
+- move away from SOCKS5 assumption, consider capturing winsock
+requests throught sockscap or winpcap and pointing them all to TOR.
+
+
+
+
+
+Documentation
+
+Build Process
+
+Project tracking
+
+
+
+
+---------------------------------------------
+To do list ( in decreasing order of priority )
+
+1) Firefox changes:
+ - source baseline portable firefox.
+ - list1: appropriate features
+ - list2: inappropriate features and call trace examination.
+ - disable list2 and iterate.
+
+2) Installation: How do we get the firefox on USB to be the one that
+is used. possible approaches:
+ - study DMA access methods, look at Maximillian's DMA ipod attack code.
+ - nsi
+
+3) Usability features
+- Making the browser look different from standard firefox. Torpark
+does a decent job at this, it might be an idea to borrow UI features
+from there.
+- TOR button.
+- Inputs from Peter Gutmann's defcon talk.
+- Inputs from Roger and others.
+
+4) Thin proxy:
+ evaluate polipo.
+
+5) Chat client
+ Google talk? It seems to have proxy support.
+ Scatterchat/Gaim is another alternative (probably better).
+
+------------------------------------------------------
+Delivery 1:
+
+What we have: A utility that detects the drive letter of the usb disk
+
+what we need:
+
+1) A config utility that is automatically started, when the usb disk
+is mounted written using shell scripts or in C. The job of this is to
+make firefox, vidalia, polipo/privoxy and Tor happy to start.
+
+2) An install program that installs Tor, firefox, vidalia,
+polipo/privoxy, and gaim on the usb disk.
+
+Completion date: Next weekend, 22 October 2006
+
+-------------------------------------------------------
+Components
+
+######## Install
+1) Multiple language support.
+2) Target directory should reside on a usb drive.
+3) Prevent multiple versions of install running at the same time.
+4)
+
+
+####### Configuration
+1) Close firefox. Leave proxy and Tor running if they are already running.
+2)
\ No newline at end of file
Deleted: torpedo/trunk/todo
===================================================================
--- torpedo/trunk/todo 2007-12-04 20:00:50 UTC (rev 12672)
+++ torpedo/trunk/todo 2007-12-04 20:29:13 UTC (rev 12673)
@@ -1,88 +0,0 @@
-############# TOR on a stick ##############
-
-Requirements for the first version:
-- Non-dataleaking browser with SOCKS_V5
-- thin web proxy
-- Chat client.
-- software installation.
-- not expecting any USB dumping software on the host, nor expecting
-any sort of surveillance programs to be sitting there.
-- User attitude towards TOR: I don't need to know I am actually using TOR.
-on a url should open the page in the correct browser.
-
-Requirements in the longer run:
-- Directory caching.
-- move away from SOCKS5 assumption, consider capturing winsock
-requests throught sockscap or winpcap and pointing them all to TOR.
-
-
-
-
-
-Documentation
-
-Build Process
-
-Project tracking
-
-
-
-
----------------------------------------------
-To do list ( in decreasing order of priority )
-
-1) Firefox changes:
- - source baseline portable firefox.
- - list1: appropriate features
- - list2: inappropriate features and call trace examination.
- - disable list2 and iterate.
-
-2) Installation: How do we get the firefox on USB to be the one that
-is used. possible approaches:
- - study DMA access methods, look at Maximillian's DMA ipod attack code.
- - nsi
-
-3) Usability features
-- Making the browser look different from standard firefox. Torpark
-does a decent job at this, it might be an idea to borrow UI features
-from there.
-- TOR button.
-- Inputs from Peter Gutmann's defcon talk.
-- Inputs from Roger and others.
-
-4) Thin proxy:
- evaluate polipo.
-
-5) Chat client
- Google talk? It seems to have proxy support.
- Scatterchat/Gaim is another alternative (probably better).
-
-------------------------------------------------------
-Delivery 1:
-
-What we have: A utility that detects the drive letter of the usb disk
-
-what we need:
-
-1) A config utility that is automatically started, when the usb disk
-is mounted written using shell scripts or in C. The job of this is to
-make firefox, vidalia, polipo/privoxy and Tor happy to start.
-
-2) An install program that installs Tor, firefox, vidalia,
-polipo/privoxy, and gaim on the usb disk.
-
-Completion date: Next weekend, 22 October 2006
-
--------------------------------------------------------
-Components
-
-######## Install
-1) Multiple language support.
-2) Target directory should reside on a usb drive.
-3) Prevent multiple versions of install running at the same time.
-4)
-
-
-####### Configuration
-1) Close firefox. Leave proxy and Tor running if they are already running.
-2)
\ No newline at end of file