Hi there John - glad to have you working with Tor! We're really anxious to see where you go with this project since, as exemplified by the recent incident with PrivacyNow [0], we're currently pretty miserable about noticing and flagging bad exits.<br>
<br>Unfortunately our definition of a bad exit is pretty vague [1]:<br> "BadExit" if the router is believed to be useless as an exit node<br> (because its ISP censors it, because it is behind a restrictive<br>
proxy, or for some similar reason).<br><br>An easy place to start would be to solicit input on or-talk for a better definition and enumerable attributes we can look for. Some obvious starting ones would be ssl stripping, certificate tampering (checking for differences like the Perspectives addon [2]), and bad DNS responses. I'd imagine Scott Bennett would be glad to jump in with some more ideas. :)<br>
<br>Also, have you thought about setting up a site or blog where people can check how things are coming along? Here's what I did when doing GSoC with the SIP Communicator project: <a href="http://www.atagar.com/misc/gsocBlog/">http://www.atagar.com/misc/gsocBlog/</a><br>
<br>Again, glad to have you and looking forward to working with you this summer! -Damian<br><br>[0] <a href="http://archives.seul.org/or/talk/Apr-2010/msg00120.html">http://archives.seul.org/or/talk/Apr-2010/msg00120.html</a><br>
[1] <a href="http://gitweb.torproject.org/tor.git?a=blob_plain;hb=HEAD;f=doc/spec/dir-spec.txt">http://gitweb.torproject.org/tor.git?a=blob_plain;hb=HEAD;f=doc/spec/dir-spec.txt</a><br>[2] <a href="http://www.cs.cmu.edu/~perspectives/index.html">http://www.cs.cmu.edu/~perspectives/index.html</a><br>
<br>On Fri, Apr 30, 2010 at 9:15 PM, John M. Schanck <span dir="ltr"><<a href="mailto:jms07@hampshire.edu" target="_blank">jms07@hampshire.edu</a>></span> wrote:<br>
<div class="gmail_quote"><blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">Hi or-talk,<br>
My name is John Schanck, I'm a third year CS student at Hampshire College,<br>
and I'll be working with Tor this summer through Google Summer of Code.<br>
First, let me say how excited I am to have this opportunity - I've been<br>
following the Tor project for several years now and can think of no better<br>
place to devote my efforts. Many thanks to those of you who read my<br>
proposal, especially Mike Perry who has graciously agreed to mentor the<br>
project, and Damian and Erinn who have also offered up some of their time.<br>
<br>
I'm going to be working on improving the Snakes on a Tor (SoaT) exit<br>
scanner. For those of you not familiar with it, SoaT aims to detect<br>
malicious, misconfigured, or heavily censored exit nodes by comparing the<br>
results of queries fetched across those exits to results obtained without<br>
Tor. It's an ambitious project, originally developed by Mike Perry and<br>
crafted into its current form by Aleksei Gorney during GSoC 2008, so my<br>
goals are modest. I'm going to begin by stabilizing the existing codebase,<br>
and then work on minimizing the number of false positives generated by the<br>
current filters. If time permits I'll also begin designing new filters to<br>
handle adversaries not yet accounted for.<br>
<br>
If you'd like to talk about the project (or just say hello), you can find<br>
me on OFTC under the nickname 'susurrusus'.<br>
<br>
Cheers,<br>
<font color="#888888">John<br>
</font><br>
PS. Congratulations to the other accepted students, I look forward to<br>
meeting you and hearing about your projects :).<br>
<br>-----BEGIN PGP SIGNATURE-----<br>
Version: GnuPG v1.4.10 (GNU/Linux)<br>
<br>
iEYEAREDAAYFAkvbquAACgkQke2DTaHTnQlItQCgkFWuzOYTTA1ctpRTaa54q5Zf<br>
kmAAnR5Z8jzMOaFErAkSXyGEdtRbXbBJ<br>
=9a6k<br>
-----END PGP SIGNATURE-----<br>
<br></blockquote></div><br>