[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

[or-cvs] r9820: ask santa for five new ponies (website/trunk/en)

To: or-cvs@xxxxxxxxxxxxx
Subject: [or-cvs] r9820: ask santa for five new ponies (website/trunk/en)
From: arma@xxxxxxxx
Date: Thu, 15 Mar 2007 00:03:02 -0400 (EDT)
Delivered-to: archiver@seul.org
Delivered-to: or-cvs-outgoing@seul.org
Delivered-to: or-cvs@seul.org
Delivery-date: Thu, 15 Mar 2007 00:03:13 -0400
Reply-to: or-talk@xxxxxxxxxxxxx
Sender: owner-or-cvs@xxxxxxxxxxxxx

Author: arma
Date: 2007-03-15 00:03:00 -0400 (Thu, 15 Mar 2007)
New Revision: 9820

Modified:
   website/trunk/en/volunteer.wml
Log:
ask santa for five new ponies


Modified: website/trunk/en/volunteer.wml
===================================================================
--- website/trunk/en/volunteer.wml	2007-03-15 03:15:34 UTC (rev 9819)
+++ website/trunk/en/volunteer.wml	2007-03-15 04:03:00 UTC (rev 9820)
@@ -103,6 +103,9 @@
 
 <a id="Coding"></a>
 <h2><a class="anchor" href="#Coding">Coding and Design</a></h2>
+<p>Want to spend your Google Summer of Code working on Tor? Great. More
+details coming soon. In the mean time, see if any of these ideas catch
+your eye.</p>
 <ol>
 <li>Tor servers don't work well on Windows XP. On
 Windows, Tor uses the standard <tt>select</tt> system
@@ -120,11 +123,41 @@
 design, where we have many smaller buffers that link to each other,
 rather than monolithic buffers?</li>
 <li>We need an official central site to answer "Is this IP address a Tor
-server?" questions. This should provide several interfaces, including
+exit server?" questions. This should provide several interfaces, including
 a web interface and a DNSBL-style interface. It can provide the most
 up-to-date answers by keeping a local mirror of the Tor directory
-information. Bonus points if it does active testing through each exit
-node to find out what IP address it's really exiting from.</li>
+information. The tricky point is that being an exit server is not a
+boolean: so the question is actually "Is this IP address a Tor exit
+server that can exit to my IP address:port?" The DNSBL interface
+will probably receive hundreds of queries a minute, so some smart
+algorithms are in order. Bonus points if it does active testing through
+each exit node to find out what IP address it's really exiting from.</li>
+<li>It would be great to have a LiveCD that includes the latest
+versions of Tor, Polipo or Privoxy, Firefox, Gaim+OTR, etc. There are
+two challenges here: first is documenting the system and choices well
+enough that security people can form an opinion on whether it should be
+secure, and the second is figuring out how to make it easily maintainable,
+so it doesn't become quickly obsolete like AnonymOS. Bonus points if
+the CD image fits on one of those small-form-factor CDs.</li>
+<li>Related to the LiveCD image, we should work on an intuitively secure
+and well-documented USB image for Tor and supporting applications. A
+lot of the hard part here is deciding what configurations are secure,
+documentating these decisions, and making something that is easy to
+maintain going forward.</li>
+<li>We need to actually start building our <a href="<page
+documentation>#DesignDoc">blocking-resistance design</a>. This involves
+fleshing out the design, modifying many different pieces of Tor, working
+on a <a href="http://vidalia-project.net/";>GUI</a> that's intuitive,
+and planning for deployment.</li>
+<li>We need a flexible simulator framework for studying end-to-end
+traffic confirmation attacks. Many researchers have whipped up ad hoc
+simulators to support their intuition either that the attacks work
+really well or that some defense works great. Can we build a simulator
+that's clearly documented and open enough that everybody knows it's
+giving a reasonable answer? This will spur a lot of new research.
+See the entry <a href="#Research">below</a> on confirmation attacks for
+details on the research side of this task &mdash; who knows, when it's
+done maybe you can help write a paper or three also.</li>
 <li>We need a measurement study of <a
 href="http://www.pps.jussieu.fr/~jch/software/polipo/";>Polipo</a>
 vs <a href="http://www.privoxy.org/";>Privoxy</a>. Is Polipo in fact
@@ -132,16 +165,13 @@
 results the same on both Linux and Windows? Related, does Polipo handle
 more web sites correctly than Privoxy, or vice versa? Are there stability
 issues on any common platforms, e.g. Windows?</li>
-<li>It would be great to have a LiveCD that includes the latest
-versions of Tor, Polipo or Privoxy, Firefox, Gaim+OTR, etc. There are
-two challenges here: first is documenting the system and choices well
-enough that security people can form an opinion on whether it should be
-secure, and the second is figuring out how to make it easily maintainable,
-so it doesn't become quickly obsolete like AnonymOS. Bonus points if
-the CD image fits on one of those small-form-factor CDs.</li>
+<li>Related on the above, would you like to help port <a
+href="http://www.pps.jussieu.fr/~jch/software/polipo/";>Polipo</a> so it
+runs stably and efficiently on Windows?</li>
 <li>We need a distributed testing framework. We have unit tests,
 but it would be great to have a script that starts up a Tor network, uses
 it for a while, and verifies that at least parts of it are working.</li>
+<!--
 <li>Right now the hidden service descriptors are being stored on just a
 few directory servers. This is bad for privacy and bad for robustness. To
 get more robustness, we're going to need to make hidden service
@@ -156,6 +186,7 @@
 into giving out fake ones. Second, any reliable distributed storage
 system will do, as long as it allows authenticated updates, but as far
 as we know no implemented DHT code supports authenticated updates.</li>
+-->
 <li>Tor 0.1.1.x and later include support for hardware crypto accelerators
 via
 OpenSSL. Nobody has ever tested it, though. Does somebody want to get
@@ -171,7 +202,8 @@
 href="http://wiki.noreply.org/noreply/TheOnionRouter/TorFAQ#TransportIPnotTCP";>list
 of reasons why we haven't shifted to UDP transport</a>, but it would
 be great to see that list get shorter. We also have a proposed <a
-href="<svnsandbox>doc/tor-spec-udp.txt">specification for Tor and
+href="<svnsandbox>doc/spec/proposals/100-tor-spec-udp.txt">specification
+for Tor and
 UDP</a> &mdash; please let us know what's wrong with it.</li>
 <li>We're not that far from having IPv6 support for destination addresses
 (at exit nodes). If you care strongly about IPv6, that's probably the

Prev by Author: [or-cvs] r9819: typo in error message led to breaking the protocol. also poi (tor/trunk/src/or)
Next by Author: [or-cvs] r9821: admit the existence of blocking.pdf and related media. ask f (website/trunk/en)
Previous by thread: [or-cvs] r9819: typo in error message led to breaking the protocol. also poi (tor/trunk/src/or)
Next by thread: [or-cvs] r9821: admit the existence of blocking.pdf and related media. ask f (website/trunk/en)
Index(es):
- Author
- Thread