commit 6b4d2f149d3f6c21109757795b2e6f07052fce76 Author: Damian Johnson atagar@torproject.org Date: Sat Feb 4 16:12:04 2017 -0800
Drop 'Make Stegotorus deployment ready' project idea
Didn't hear back from vmon. --- getinvolved/en/volunteer.wml | 138 ------------------------------------------- 1 file changed, 138 deletions(-)
diff --git a/getinvolved/en/volunteer.wml b/getinvolved/en/volunteer.wml index 90f0500..166b425 100644 --- a/getinvolved/en/volunteer.wml +++ b/getinvolved/en/volunteer.wml @@ -931,144 +931,6 @@ ideas. </p> </li>
- <a id="stegotorus"></a> - <li> - <b>Make Stegotorus deployment ready</b> - <br> - Language: <i>C++</i> - <br> - Likely Mentors: <i>vmon</i> - <br><br> - <p> - <a - href="https://github.com/TheTorProject/stegotorus/tree/master/src%22%3EStegotorus</a> - is a PT framework which streamline the development stealthier pluggable - transport. An HTTP pluggable transport is already implemented in Stegotorus - framework and can be used when encrypted payloads are throttled and only - ephemeral connections are tolerated. - </p> - - <p> - The majority of work on Stegotorus is done and it can be deployed with a relatively minor improvements including: - </p> - - <ul> - <li><b>#8098 A config file file for Stegotorus</b> - <p> - Stegotorus needs many configuration settings specially on the bridge - side. This include also the configuration required by each steg module. - Currently the configuration is fed to Stegotorus as command line - arguments but a file like torrc is needed so all tweaking can be read - from there. - </p> - - <p><i> - Current Status and work needed to be done: The code for reading the - config file is written by SRI but it is not yet used in the Stegotorus - to read the config. - </i></p> - </li> - - <li><b>#8101 Debugging the transparent proxy</b> - <p> - Stegotorus http module uses other websites payload to hide and serve - censored traffic. As such it needs to decide if the request is - genuinely to the auxiliary website, in that case becomes a transparent - proxy and serves the website content as requested, or if the request is - actually a request to serve censored material which should be delivered - to steg modules. - </p> - - <p><i> - Current Status: This is completely implemented. However, the transparent proxy sometimes crashes and need to be triaged, debugged and fixed. - </i></p> - </li> - - <li><b>#11337 refactoring the steg module code</b> - <p> - The http steg module code, although not essentials to the core of the - Stegotorus. needs some improvement and clean up. The solution is to - refactor the steg modules as children of FileStegMod. - </p> - - <p><i> - Current status and work needed to be done: This has already been done - but still needs testing and refactoring before it can be reliably merge - to the master branch. - </i></p> - </li> - - <li><b>#8089 Adding Elligator to Stegotorus handshake and test</b> - <p> - The current Stegotorus handshake is distinguishable from random byte - string, which can be used to flag and detect Stegotorus traffic - deterministically and need to be implemented similar to - ScrambleSuite. Also because the capacity of client to server channel - might be slim depending on the choice of steg module it is desirable - to be implemented using Elliptic curve crypto. Hence, Elligator - protocol is ideal solution for this situation. All we need is to replace Stegotorus handshake by Elligator. - </p> - - <p><i> - Current Status and work needed to be done: Elligator handshake code is - included in stegotorus code base, it is only needed to be called by - instead of the current handshake and be tested. - </i></p> - </li> - - <li><b>Make Stegotorus memory safe by using shared pointers</b> - <p> - Stegotorus has large code base and it is not written in a memory safe - languages. To facilitate its audit, we need to replace (almost all) use - of pointers to shared pointers. - </p> - - <p><i> - Current Status: No progress has not been done. - </i></p> - </li> - - <li><b>Security Audit and writing more unit test</b> - <p> - To be able to deploy Stegotorus for real world use we need to audit the - code and write more unit test covering new aspects of the Stegotorus - (new http transport, proxy server, Elligator handshake) - </p> - - <p><i> - Current Status: No progress has been done. - </i></p> - </li> - - <li><b>SRI branch merging</b> - <p> - Stegotorus has been forked from the initial development from SRI. Now - that SRI is hosting Stegotorus publicly it is desirable to merge the - two branches so we can benefit from both developments. - </p> - - <p><i> - Current Status: No progress has been done. - </i></p> - </li> - - <li><b>#8099 deterministic build</b> - <p> - To make deterministic build possible we need to build many of - Stegotorus dependency from scratch. Boost library is a a huge - dependency for Stegotorus to access the file system. As we are only - planning to deploy Stegotorus bridges on Linux machines we can simplify - such access without that dependency. By dropping such dependency, it - should be straight forward to have deterministic build for Stegotorus. - </p> - - <p><i> - Current Status: No progress has been done. - </i></p> - </li> - </ul> - </li> - <a id="letsEncryptClient"></a> <li> <b>Expand the OS and Server Support of the Let's Encrypt Client</b>