[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
[or-cvs] r15271: Cleaned up TODO. (incognito/trunk)
Author: anonym
Date: 2008-06-15 08:44:11 -0400 (Sun, 15 Jun 2008)
New Revision: 15271
Modified:
incognito/trunk/TODO
Log:
Cleaned up TODO.
Modified: incognito/trunk/TODO
===================================================================
--- incognito/trunk/TODO 2008-06-15 12:35:32 UTC (rev 15270)
+++ incognito/trunk/TODO 2008-06-15 12:44:11 UTC (rev 15271)
@@ -15,11 +15,8 @@
- Wipe memory and reboot when USB drive is removed
If running from the USB drive and it is removed, wipe memory and reboot. If you're in a persecuted country and they are on to you, you can grab the USB and leave.
-- Mixminion on tiny
-Install mixminion on the tiny version and use Xdialog to provide UI. Needs a link in the fluxbox menu as well. The main problem here is that mixminion is a python program, and python takes too much space. There is a freeze.py in the python distribution that creates an executable that does not depends on python. Two problems with this, the result for mixminion is over 3MB and it isn't straightforward to create the executable, there are import errors when running it.
-
- Allow other resolutions than 1024x768
-Add a menu option to the boot menu to select a higher resolution, OR attempt to do monitor detection when configuring. The latest x.org server has much better auto-detection, perhaps allowing it to do more work would be better. Note that a kernel option "xres=1024x768" is available (plug in your own dimensions) and working. A boot menu option requires a custom syslinux menu which does not look too difficult.a
+The latest x.org server has much improved auto-detection, perhaps allowing it to do more work would be a good idea. Note that a kernel option "xres=1024x768" is available (plug in your own dimensions) and working.
- A less hack-ish macchanger option to boot menu
Currently there are two different cfg:s, one without (default) and one with macchanger enabled. At least there is a script which adds this hack, but it should nonetheless get a nicer solution eventually.
@@ -37,19 +34,16 @@
- Retroshare instant messenger
Might be added when out of beta. See: http://retroshare.sourceforge.net
-- Consider using hardend profile ?
+- Hardened Gentoo ?
-- Consider using grsec ?
-
- Update Incognito branded images
livecd-stage2.sh has some branding support so you can change the name. There are a few images that still have Incognito. ImageMagick scripting looks like a possible way to do this.
- Change gensplash theme to use a modified livecd-2007.0 variant?
All the "Gentoo" branding needs to be removed due to trademark restrictions.
-
- Fix virtual USB boot for read/write mode
-The CD or USB may be run in a virtual PC for computers that won't boot from removable media. USB must be run read-only due to bugs in QEMU (writable vvfat). When QEMU fixes this, we should use it.
+The CD or USB may be run in a virtual PC (Qemu) for Windows computers that won't boot from removable media. USB must be run read-only due to bugs in Qemu (writable vvfat). When Qwmu fixes this, we should use it.
See http://www.h7.dion.ne.jp/~qemu-win/HowToFloppyCdrom-en.html
- Upgrade to xorg-server 1.4 and remove xorg.conf
@@ -58,37 +52,28 @@
- Allow home dir on USB when booting from CD
Allow the home directory on a USB drive (or other media) when booting from the CD. This will require an optional menu if more than one possibility for a home directory is found.
-- Mixmaster
-Install mixmaster and mixmaster-smtp and integrate into mail clients. Remove mixminion-smtp.
+- Mixmaster ?
+Possibly install mixmaster and mixmaster-smtp and integrate with Thunderbird.
- IRC client
-KSirc isn't that user friendly. Konversation is probably better, wait for 1.1 release + make comprehensive server list incl. privacy and Tor related servers. Another option is xchat (which has end-to-end encryption support though Mircryption).
+KSirc isn't that user friendly. Konversation is probably better, wait for 1.1 release + make comprehensive server list incl. privacy and Tor related servers. Another option is xchat (which has end-to-end encryption support through Mircryption, although I'm sceptical since it apparently has no authentication at all).
- Kqemu
Badly needed for performance in qemu. The autostart should check if it's installed. If not, prompt if it should be installed (plus describe benefits). Include kqemu windows install.
- User help
-There should be an http document present on the CD detailing how the following Internet programs should be used for security: Firefox + CS Lite + NoScript + FireGPG, Konqueror (telling that Firefox is preferred), Thunderbird + Enigmail + Torbutton, Mixminion, Tork, Vidalia, Pidgin + OTR, KSirc/Konversation etc. A link to this doscumentation should be present on the desktop, Firefox and Konqueror should have it as start page.
+There should be an http document present on the CD detailing how the following Internet programs should be used for security: Firefox and extensions, Konqueror (Firefox is preferred for http(s)), Thunderbird + Enigmail + Torbutton, Mixminion, Tork, Vidalia, Pidgin + OTR, KSirc/Konversation etc. A link to this doscumentation should be present on the desktop, Firefox should have it as start page.
- Incognito config app
-A configuration program for Incognito specific things like creating USB, clearing persistent home etc.
+A configuration program for Incognito specific things like creating USB, clearing persistent home, removing the lock file preventing persistent home to be used etc.
-- Make sure that Incognito works in WMVare
-Currently there is a problem with HPET so boot freezes. Adding clock=pit on the kernel cmdline solves this, but hopefully kernel drivers will fix it without this.
-
- Make build scripts and spec files directory independent
Currently the sources must be placed in /usr/src/incognito.
-The following three TODO items are already implemented in the torbutton svn branch:
+- Add Torbutton 1.2.0 once stable, remove NoScript+CS Lite
+Torbutton is more user friendly, secure and less annoying than NoScript+CS Lite.
-- Add Torbutton, disabling Tor enable/disable in toolbar and status bar
-Torbutton is more user friendly and less annoying than NoScript+CookieCuller so if it provides a reasonable amount of protection for Tor (which it should since that's its design goal) it should replace the other two extensions when it becomes more stable.
-Also, if we setup a new http(s) proxy that is excluded from the netfiler Tor forwarding, Torbutton could be used to have firefox access the network directly, which can be necessary when ISP require logins (see below).
-
-- Handle ISP login requirement
+- Handle ISP login requirement, possibly allow Tor to be bypassed
Public networks may require a login before allowing access to the outside. Generally this is done by a transparent proxy that redirects to the login screen whenever an http request is made. A solution to this may be to add the class C network to the iptables exclusion list so the redirect won't run through Tor. The user will need to access something on the local net first though since the redirect won't happen when running through Tor. Other suggestions are welcome.
-(see entry for Torbutton for a possible solution)
-
-- Allow Tor to be bypassed
-Sometimes a direct connection to the Internet is desired. We need a way to bypass the iptables filter. Possibly another proxy process that does not go through Tor. There should be a clear indicator that we are not anonymous.
-(see entry for Torbutton for a possible solution)
+Sometimes a direct Internet connection (i.e. bypass Tor completely) is needed, though. If we setup a new http(s) proxy that is excluded from the netfiler Tor forwarding, Torbutton could be used to have Firefox somehow access the network directly, which can be necessary when ISP require logins. For example, we could make an un-toggled Torbutton give Firefox direct Internet connection, although we really want a clear, annoying indicator that we are not anonymous any longer.
+(This is implemented in the torbutton branch, except for the annoying indicator)