[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: [tor-talk] Roger's status report, August 2012
> Here's what I said at the beginning of August that I hoped to do:
>> - Chair the FOCI workshop at Usenix Security, and also attend the rest
>> of Usenix Security.
> Done. FOCI went really well -- we had 30-40 people there, and I think
> most of the talks were interesting.
> I've attempted to pass the torch to Jed Crandall and Joss Wright
> for next year's FOCI. But it looks like there will be some early
> stumbling blocks around whether Usenix wants to keep FOCI attached
> to Usenix Security. We'll see how that plays out.
> I spent much of my Usenix Security talking to research groups about
> setting up fast exit relays. See more about that below.
> I also talked to George Kadianakis about Tor network diversity metrics,
> and got him talking to a wide variety of other researchers for further
>> - Talk to Ralf-Philipp Weinmann about his TorScan paper (upcoming at
>> Esorics) and what we can do to address his attacks.
> I talked to him, but we didn't come to any conclusions. Most of the fixes
> are delicate and have poorly understood tradeoffs. I left him with the
> plan that he would write a Tor design proposal or two, so we can think
> through the implications.
>> - Look at Rob Jansen's performance graphs from his new Shadow
>> Try to move the performance tickets forward.
> Done. We did a bunch of huge simulations using Amazon EC2, and ended
> up finding that mysterious bugs were ruining our results. We decided
> to focus on the simplest simulation question, and try to sort out the
> bugs. You can read our saga here:
> and as of early September, we've found and/or solved some good ones. Hard
> to say how many more remain before Shadow can solve all our problems, but
> I think we're getting closer.
>> - Expand on the set of metrics by which the SponsorF Red Team will judge
>> the project's success. Specifically, I should list the anonymity attacks
>> that they shouldn't evaluate since the PETS community is already doing
>> a good job at evaluating anonymity attacks.
> Continued. You can read some of my discussions at
> George suggested that we try to turn them into a survey list of Tor
> attacks. Feel free to get that started if you like the idea.
>> - Launch the "run fast bridges for BBG" campaign, ideally by gathering
>> volunteers on tor-relays.
> We have a few fast bridges running. The real challenge here will be the
> traditional bridge distribution strategy question: we need to give them
> out to people who need them without letting the bad guy find them. We're
> trying out some not-so-automated strategies first. I think the handful
> of fast stable bridges we have should be enough for now, on the principle
> that for any strategy that doesn't tell so many people that the bad guy
> learns too, a stable 100mbit bridge can handle all the good users who
> learn about it. In parallel we should continue exploring tricks like
> Philipp Winter's brdgrd tool:
> and maybe later on we'll move on to alternate transports like Obfsproxy.
>> - Launch the "exit relays at universities" push, and send BBG a
>> for how our exit relay rollout is looking.
> We've got immediate plans from CMU and Penn that I know of, and promises
> from Georgia Tech and Michigan:
> Moritz and I wrote up
> which has so far been useful.
> Steve Bellovin at Columbia suggested that we get EFF to write a letter
> that university professors can hand to their general counsel, explaining
> what Tor is. I'm still talking to EFF people about what exactly they
> could write.
> There's also now a tor-relays-universities list as a support group for
> people trying to run exit relays at universities:
>> - Get some money to some exit relay operators, since it turns out (ha)
>> that it's harder than I expected on our side to do it in a way we'll
>> pass our audits.
> Not done. I believe Andrew met with Tor's lawyers to discuss how to
> position it so that we continue to pass our audits, etc. (Making new
> organizational and bureaucratic ways to attack Tor doesn't sound great,
> at least not until we understand them better.) I'm hoping to team up
> with a couple of other organizations so that we can give them large bulk
> grants, and they can divide the money up further. If that should be you,
> please let us know!
> I'm hoping Moritz can take charge of this topic and make it happen.
>> - Get 0.2.3.20-alpha and 0.2.3.21-alpha out.
> I got 0.2.3.20-rc out:
> Turns out 0.2.3.21-rc waited until September.
>> - Consider an 0.2.2.38 stable update.
>> - Consider an 0.2.4.1-alpha release.
> Not done, but done in September.
>> - Sort out my September travel to Germany
> Done. I'm going to Berlin next week:
> Dagstuhl after that:
> and ETH Zurich after that to do a talk at Srdjan Capkun's group on
> Sept 25.
>> and my November travel to
>> Netherlands et al.
> Still unsorted.
>> - Schedule our NSF "censorship measurement" kickoff meeting, perhaps
>> the last week of September or first of October.
> Not yet scheduled. The other PIs are overloaded with other things,
> so I guess there's no rush, so long as we're doing useful research things.
>> - Encourage Andrew to put our "project coordinator" job description up
>> and announce it.
> He's written the web page, but hasn't announced it or linked it yet. I
> guess I'll leave that timing up to him
>> - Try to take a vacation Aug 11-19.
> Done. I even managed to be on vacation for some of it.
> Here are some other things I did in August:
> - Continued a mass of personal mail threads with exit relay
> operators. Reaching out to them and talking about how to help them makes
> them like us more:
> Exit relay capacity moved from 10Gbps to just over 12Gbps in August
> (growth of 20%), and actual reported load moved from around 6.4Gbps to
> 8Gbps (growth of 25%).
> I don't think it's wise to aim to get to BBG's "125 100mbit+ exit relays"
> goal anytime soon (that would involve something like doubling or more
> the exit capacity), but we're seeing great effects so far from ramping up
> the campaign. And if George and Sathya's preliminary graphs are accurate,
> we have maintained or improved our network diversity during this time.
> - Tariq's paper on guard rotation got into WPES! I helped them revise it.
> - Turned down a pair of journal review invites because the journals are
> harming my field (aka not open-access).
> - Agreed to be on the program committee for PETS 2013:
> Though PETS is technically not open-access either (due to its publisher),
> I maintain the website so I can make sure that it is open-access in fact.
> I think that's good enough for now, but I'm pushing for more.
> - Jumped into the latest "omg Tor isn't perfect" thread:
> - Lost a weekend to what was supposed to be a routine drive replacement
> and turned into an almost complete hardware replacement for moria1,
> one of the directory authorities. Thanks again to Andrew Lewman for
> spending his weekend messing with it.
> - Helped suggest useful historical documents to seed Karsten's Tech
> Reports page:
> tor-talk mailing list
Like a boss! :D
You're insanely productive compared to me, how do you keep it up?
My productivity follows some kind of sine wave or something, 1 good day is
followed by 2 mediocre, 3 bad, and then back over again. I'd like to
reverse the order there.
Any observations? What works!
tor-talk mailing list