On Sunday 02 November 2014 11:52:48 Aymeric Vitte wrote: > > Yeah I guess we are less "marketing oriented" perhaps even to a fault. Anonabox definitely kicked up more interest than Cloak have done so far. > I don't know how anonabox did to attract so many people so quickly, I > guess they have some contacts in the press and blogs, this campaign was > something like an organized "gang" attack, unfortunatley this might have > rendered people skeptical now for your campaign. And he just managed - sort of - to do it again. This time he has resurfaced in Indiegogo claiming to use PORTAL (the OpenWrt version hasn't been updated for 2 years so I am not sure why he think that will make it better). > > The enclosure design has not been finalized but we do have an idea and a designer working on it and Adrian have just changed the image to show the first rendering. Do check it out if you feel like it - I think the "stealth look'n'feel) is quite cool. Size wise it will be smaller than a TP-Link MR3020. > Maybe you should highlight it more in the presentation, so potential > backers see it right away, as well as a simple drawing showing how to > connect to the box easily, suggestions... There is a new 3D rendering which will be uploaded today. > >> And probably you know already the drawdbacks of such approach, > > I am aware of some but I am also quite sure there are some I haven't considered, so input is appreciated. > > I think the hardest part is to make non-technical users aware that a Tor router can only do so much. Their behavior using such a router is just as important (or more). I think the only approach is proper documentation. > > The trick is to find a balance and I guess that is what I personally hope to find by discussing it here. If a general consensus over a reasonable list of ports that are routed through Tor could be reached that would be great. > > HTTPS you say. What about for example XMPP, IMAP etc? > The balance is not easy to find I think, as everybody knows anonymizing > you wrongly will lead to the contrary. > The rule could be "everything that is using SSL", if not the exit nodes > can MITM you Problem is that would require protocol inspection and that is probably a bit outside the real of possibility for a processor of the size we imagine in the Cloak. I think the best approach is to close everything by default and then have a whitelist of well defined ports that is well documented - including the possible dangers. > >> Potential applications (among tons of possible ones) see the links > >> below: node-Tor (Cloak with a much smaller package), Peersm > >> clients/bridges  (permanent background processes in the box, like > >> bittorrent clients in ISP boxes), torrent-live (find/block/track > >> monitoring spies + maintain a real time blocklist bittorrent client) > > My personal expertise is networking and embedded Linux and I would be happy to run some tests on this and/or participate in any projects getting something like this going. > Interesting, that's cool that you did consider it and shows that the > project is not only about packaging Tor is some small hw, I don't know > with what apps you did test it but probably some optimization can be > made for the gc issues, and the whole nodejs might not be required, I > will contact you off the list to see what can be done (if you have time > of course, probably busy by the campaign right now) Let's move that one off-list, but I'll be happy to discuss any ideas you might have. -- Lars Boegild Thomsen https://reclaim-your-privacy.com Jabber/XMPP: lth@xxxxxxxxxxxxxxxxxxxxxxxx
Description: This is a digitally signed message part.
-- tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk