<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
</head>
<body>
<p>Hi, it is a good idea to look for P2P in the future of Tor, but
since months ago (maybe years) Tor team seem like if they want Tor
to fail. I mean: they ask and they get more money but I can't see
where this money is going... <br>
</p>
<p>Tor and Tor Browser development is active but I feel the amount
of money they have and get is worth more than what they are doing,
they could do or hire more devs with it. I feel the development is
slow and that the Tor vulnerabilities are growing faster than Tor
fix them: from traffic analysis, to the design itself, or Hidden
Service DoS. And to add fire it seems they don't want people
helping them, I mean, I wanna help and I make proposals but they
do not answer or just say a little "ok" and do nothing more. <br>
</p>
<p>On the Browser side: it should be already using Linux Namespaces
like "Sandboxed Tor Browser" had, but they discussed this months
ago and now it is like vapor, not done and not talking about it...
They say they want to protect users, if they really wanted they
will make the sandbox right now. <br>
</p>
<p>And if they really wanted to stop Hidden Service DoS they would
have developed a simple (and temporal) fix with a PoW for
connecting to HS to stop the attacks now.</p>
<p>Sorry for this answer you didn't ask... I'm just a little angry
at the Tor team.<br>
</p>
<div class="moz-cite-prefix">El 9/1/20 a las 15:16, <a class="moz-txt-link-abbreviated" href="mailto:arj03@pm.me">arj03@pm.me</a>
escribió:<br>
</div>
<blockquote type="cite"
cite="mid:1cYgI1uAMiWYoeDfJk9Dnkv_haz-zv_K5M8TZ3wGX2VCmtDqEesi8Rn-jXf1O4AkagiyIyIme05SJFx24w6XlvvUtaBR7Hc-QZj9fx2xttQ=@pm.me">
<meta http-equiv="content-type" content="text/html; charset=UTF-8">
<div>Hi<br>
</div>
<div><br>
</div>
<div>The browser is a great platform target because it is cross
platform and with all the changes coming to browsers it is
easier and easier to write applications that can have the same
functionality as desktop applications. This includes P2P
applications and this is where I think the tor browser can
really shine, because if it would be possible to create hidden
services inside the browser, then it would be possible to build
applications where the nodes are communication directly with
each other. <br>
</div>
<div><br>
</div>
<div>I know that there are security implications of running a
browser and a hidden service in the same process. I'm wondering
if it might be possible to create this hidden service for only a
specific tab (and site)? Maybe the security could be improved
further by make it so this tab could only create tor connections
outgoing connections?<br>
</div>
<div class="protonmail_signature_block
protonmail_signature_block-empty">
<div class="protonmail_signature_block-user
protonmail_signature_block-empty"><br>
</div>
<div class="protonmail_signature_block-proton
protonmail_signature_block-empty"><br>
</div>
</div>
<div><br>
</div>
<div>These applications are already there. Shameless link[1] to
own app, which is a secure scuttlebutt (SSB) application where
messages are gossipped between peers, running in the browser.
SSB desktop clients can already run over tor, by using the
deamon as proxy so it would be quite natural fit for this.<br>
</div>
<div><br>
</div>
<div>[1]: <a href="https://github.com/arj03/ssb-browser-demo"
moz-do-not-send="true">https://github.com/arj03/ssb-browser-demo</a><br>
</div>
<br>
<fieldset class="mimeAttachmentHeader"></fieldset>
<pre class="moz-quote-pre" wrap="">_______________________________________________
tbb-dev mailing list
<a class="moz-txt-link-abbreviated" href="mailto:tbb-dev@lists.torproject.org">tbb-dev@lists.torproject.org</a>
<a class="moz-txt-link-freetext" href="https://lists.torproject.org/cgi-bin/mailman/listinfo/tbb-dev">https://lists.torproject.org/cgi-bin/mailman/listinfo/tbb-dev</a>
</pre>
</blockquote>
</body>
</html>