[tor-dev] Starting on an Easy Bug #16846
Tim Wilson-Brown - teor
teor2345 at gmail.com
Sun Nov 15 10:51:16 UTC 2015
> On 15 Nov 2015, at 16:47, Abhiram Chintangal <abhiram.chintangal at gmail.com> wrote:
>
> Hello,
>
> I have been planning on learning more about tors code base for sometime now. Luckily, I might have some freetime for the next two weeks and I am hoping to put it to good use.
>
> After digging through tickets labelled as "easy" on trac, #16846 seemed like a decent cadidate for to me. There was some discussion on trac about the security impact of adding the feature, but that was three months ago.
>
> I was wondering if anyone could shed more light on it.
#16846 is "Include sizeof(void *) in your extrainfo."
It's not ready to be implemented, it needs more thought / discussion.
The security concerns on the ticket have not changed in the last 3 months - identifying each relay's architecture would allow relays to be targeted for attacks that are more likely to succeed on their architecture. (In particular, 32-bit i386 tor builds typically have fewer protections due to lack of processor features.) We might need to rethink how to collect the total number of 32- and 64- bit platforms in aggregate form, rather than adding it to the extrainfo descriptor.
If you choose a ticket that's marked easy, and is non-controversial (that is, it has no negative security implications), patches will be more likely to be accepted.
You could try one of the following:
Tor should leave its own fingerprint out of its family line
(filtering the list of MyFamily fingerprints to exclude any digests where router_digest_is_me(digest) is true)
https://trac.torproject.org/projects/tor/ticket/17065
Add AccountingRule in and out
(add additional AccountingRule options that only measure traffic in or out)
https://trac.torproject.org/projects/tor/ticket/15989
Tor should warn users when traveling backwards through time
(refactoring common code out of connection_dir_client_reached_eof and or_state_load)
https://trac.torproject.org/projects/tor/ticket/17188
clear_status_flags_on_sybil might want to clear more flags
(future-proof this function by zeroing out the entire structure, then copying the flags we know we want)
https://trac.torproject.org/projects/tor/ticket/16849
Tim
Tim Wilson-Brown (teor)
teor2345 at gmail dot com
PGP 968F094B
teor at blah dot im
OTR CAD08081 9755866D 89E2A06F E3558B7F B5A9D14F
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.torproject.org/pipermail/tor-dev/attachments/20151115/91de3d27/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 842 bytes
Desc: Message signed with OpenPGP using GPGMail
URL: <http://lists.torproject.org/pipermail/tor-dev/attachments/20151115/91de3d27/attachment.sig>
More information about the tor-dev
mailing list