[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: [tor-dev] Potential projects for SponsorR (Hidden Services)
Roger Dingledine wrote:
h) Back to the community again. There have recently appeared a few
messaging protocols that are inherently using HSes to provide link
layer confidentiality and anonymity [1]. Examples include Pond,
Ricochet and TorChat.
There are also a fair few IRC and XMPP servers floating around
onionland (and soon to be many more via Stormy). I'm also really
curious what the impact that Pond would have on the HS landscape if it
become popular. Right now, there are probably only a handful of people
who run their own independent Pond HS, but that could change.
There's also onionshare, which creates hidden services as-needed --
which are typically discarded after sharing a single file one time.
It might be worth researching these use cases to see how well Tor
supports them and how they can be supported better (or whether they
are a bad idea entirely).
Yes. My guess is that it's lightweight to establish a circuit with each
of your friends, and then when it goes away you try to reestablish it
and if you fail then your friend is probably gone. And my guess is that
it's heavyweight to try rendezvousing with each of your friends every
5 minutes to see if they're still there.
We should put up some guidelines for eco-friendly use of hidden
services
in this situation.
Scott Ainslie and I came to the conclusion that two one-way video
conversations over hidden services is a pretty decent replacement for
Skype etc[2]. At a really crude level, this can be achieved using
gstreamer (maybe with FreeNote[1]) and then sharing the hidden service
addresses with each other. Some assembly required, obviously. It's my
undying wish that someone create a proof-of-concept app for this using
gtk or kivy or something.
== Opt-in HS indexing service ==
The question of whether this has to be built-in is a fine one to
explore. I bet we'd get more people doing it if it were just a torrc
option that you can uncomment. But it also seems inherently less safe,
since it might mean more publishings by your Tor than the human would
do.
It would definitely get more opt-ins than if there were additional
steps. There's a measure of informed consent there, because if you are
opting in intentionally, then you are saying that you want your hidden
service publicized. Any given person running a library or art project
might think "Oh nobody cares about my hidden service" and not bother
going through additional steps, but would be perfectly happy to have
more people look at their work.
The question, to me, is how to frame the torrc option so as to make
sure people know it's optional.
- #8902 Rumors that hidden services have trouble scaling to 100
concurrent connections
I've been curious about this ticket for a while, and happy to
structure&run a follow-up test on a controlled server. Since the
original problem was with an IRC server, it makes sense to set one up
for the purposes of a test, and then set up a secondary machine for
'user' connections and an extra monitoring point.
I suspect that there are other factors that might have influenced that
report. Could it be an issue with one of the intermediary points?
There certainly *seem* to be tons of people using the OFTC hidden
service, but that could be perception (ie, still <100 concurrent users).
What useful projects/tickets did I forget here?
1) We should identify and describe the great use cases of hidden
services,
especially the ones that are not of the form "I want to run a website
that the man wants to shut down."
One thing that is interesting: in practice, onionshare (RetroShare et
al) winds up being easier than trying to share a file with a friend
using third-party services. Particularly for large-ish files or
something where you want some measure of privacy (ohai dropbox), sending
it to a third-party and then making it available to your friend and then
deleting/hiding it again is a little annoying. (And there are of course
privacy and cost tradeoffs with this as well).
People like to set up private IRC & Jabber chats to chat without
attracting trolls and spambots, and get an extra layer of encryption
from Tor.
What sorts of hidden service examples are we missing from the world
that
we'd really like to see, and that would help everybody understand the
value and flexibility of hidden services?
Along these lines would be fleshing out the "hidden service challenge"
idea I've been kicking around, where as a follow-up to the EFF relay
challenge, we challenge everybody to set up a novel hidden service. We
would somehow need to make it so people didn't just stick their current
website behind a hidden service -- or maybe that would be an excellent
outcome?
This could be fun. =) We could put out a blog post when Stormy
reaches 1.0 about this too.
there is a lot of, shall we call it, dark matter in hidden service
space. What are some safe ways we can improve our knowledge of this
other 95% of the space?
:3 http://i.imgur.com/5pXuSFf.png
6) In general, anything that falls under the umbrella of "better
understanding hidden services and their role in society" is fair game
here. So far we've mostly emphasized the technical part of
understanding
them, which makes sense because we're mostly a technical organization.
But we should think about whether there are steps we can take on the
social side. And I think our funder will be sympathetic to "oh and we
took these steps to improve the chance that hidden services will be
used
for good" too.
In other news, I plan at some point to write up a blog post explaining
who the funder is and what exactly we're doing (and not doing!) for
them.
A few more things have to fall into place first though.
I'd be happy to work on this more as well =) There are some good ways
to discuss hidden services -- even outside of the easier pitches like
whistleblower protection, hidden services are really awesome and need
more positive attention from the outside non-hardcore-nerd world.
best,
Griffin
== Such References ==
[1] https://github.com/ioerror/freenote
[2] Where'd he run off to?
--
"I believe that usability is a security concern; systems that do
not pay close attention to the human interaction factors involved
risk failing to provide security by failing to attract users."
~Len Sassaman
_______________________________________________
tor-dev mailing list
tor-dev@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev