- tor-dev - lists.torproject.org

Can we stop sanitizing nicknames in bridge descriptors?
by Karsten Loesing 06 Jun '12

06 Jun '12

Hi everybody, we're discussing in #5684 whether we can stop sanitizing nicknames in the bridge descriptors that we publish here: https://metrics.torproject.org/data.html#bridgedesc The sanitizing process is described here: https://metrics.torproject.org/formats.html#bridgedesc When we started making sanitized bridge descriptors available on the metrics website we replaced all contained nicknames with "Unnamed". The reason was that "bridge nicknames might give hints on the location of the bridge if chosen without care; e.g. a bridge nickname might be very similar to the operators' relay nicknames which might be located on adjacent IP addresses." This was an easy decision back then, because we didn't use the nickname for anything. This has changed with #5629 where we try to count EC2 bridges which all have a similar nickname. So, while we don't have that information, there'd now be a use for it. Another advantage of having bridge nicknames would be that they're easier to look up in a status website like Atlas (which doesn't support searching for bridges yet). We should re-consider whether it still makes sense to sanitize nicknames in bridge descriptors or not. Regarding the reasoning above, couldn't an adversary just scan adjacent IP addresses of all known relays, not just the ones with similar nicknames? And are we giving away anything else with the nicknames? It would be great to get some feedback here whether leaving nicknames in the sanitized descriptors is a terrible idea, and if so, why. If nobody objects within the next, say, two weeks, I'm going to make an old tarball from 2008 available with original nicknames. And if nobody screams, I'll provide the remaining tarballs containing original nicknames another two weeks later. Thanks! Karsten

5 21

Stats on Amazon bridges
by SiNA Rabbani 06 Jun '12

06 Jun '12

Dear Team, I need to get a count of all the Amazon Tor images running bridges. The reason I need this data is so I can follow-up with acessnow.org about the campaign they are running at: https://www.globalproxycloud.net/ How should I go about that data? All the best, SiNA -- First they ignore you, then they laugh at you, then they fight you, then you win ~ Mahatma Gandhi

2 1

[GSoC]Tails-server
by jvoisin 06 Jun '12

06 Jun '12

Hello, the "community bonding period" is over for quite some time now, but as I have previously said in my application, I (unfortunately) won't be able to start my GSoC until the 8th of June. So far, I managed to build Tails in a virtual machine, in a tmpfs, using a proxy (to avoid spamming Debian's mirrors); but also using vagrant[1]. It takes me only a couple of minutes to build Tails on my machine, which is a good news. About the testing environment now: It seems like liveCD testing is not something that interest people very much. The autotesting repo[3] of debian-live is a 404, and even if it wasn't, the documentation is lacking. The "mainstream way" for doing system-wide/vm/liveCD tests is autotest[4], but it seems completely overkill to me. This is why I am currently playing around with lettuce[2], a nice Python-powered BDD tool. Hopefully, my next status update will be more consistent/interesting. Have a nice day 1. https://tails.boum.org/contribute/build/#index1h1 2. http://lettuce.it/ 3. http://git.debian.org/?p=debian-live/autotesting.git 4. http://autotest.github.com/ -- jvoisin

2 1

Stegotorus now available from gitweb.torproject.org
by Zack Weinberg 05 Jun '12

05 Jun '12

On Mon, Jun 4, 2012 at 8:21 AM, Zack Weinberg <zackw(a)panix.com> wrote: > For the moment, the source tree is visible on Github: > <https://github.com/zackw/stegotorus>. It is likely to move to > gitweb.torproject.org hosting in the near future. You can now clone {git,https}://git.torproject.org/stegotorus.git . Be warned that due to a couple of very large files, a clone requires approximately 350MB of disk space and 140MB transferred over the network. (The troublesome files are unlikely to change in the near future, so this is a one-time cost.) You should also assume that all documentation is out of date until further notice. Patches are welcome. The TODO list currently exists only in my head, but I'll be getting that updated in-repo Real Soon. zw

2 3

use sphinx on stem
by Beck Chen 05 Jun '12

05 Jun '12

Hi Damian, I explored sphinx and tried it on stem these days, and it seemed pretty handy. I think a good way to produce nice documentation for stem is to create a page for each module manually, write an introduction by hand, and use autoclass / autofunction / autoexception in the autodoc extension to create API docs. automodule seems too general and does not work well with module's docstring in stem since it is not written in reST format, so I don't like it. What do you suggest? And how's your progress now? Cheers, Beck

2 3

txtorcon, async Tor controller
by meejah 04 Jun '12

04 Jun '12

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Erring on the side of "release early, release often" I have put my Twisted-based (asynchronous, Python) Tor control protocol implementation online: http://readthedocs.org/docs/txtorcon/en/latest/ https://github.com/meejah/txtorcon It is MIT licensed (to match Twisted). I would certainly not consider it "done", and I made it to learn more about Twisted and Python -- criticisms, comments appreciated. Currently it has the following features (see the above-linked documentation for more, and examples): . TorControlProtocol implements the control protocol . TorState tracks the state of Tor (streams, circuits, routers, address-map), listening for updates . TorConfig provides read/write configuration access , with HS abstraction (still needs some work) . IStringAttacher, a stream-to-circuit attacher interface for new streams . launch_tor can launch slave Tor processes . integrates into Twisted's endpoints with TCPHiddenServiceEndpoint The main code is about 1600 LOC, ~4000 with tests and 25% comments (according to ohcount). There is currently 98% test coverage, if one believes code-coverage is a good metric. In the short-term, be aware that I'm planning to re-organize where things are in files. If you "import txtorcon" and use the classes like "txtorcon.TorConfig" it will all still work. Thanks for your attention, mike -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux) iQEcBAEBAgAGBQJPczCxAAoJEMJgKAMSgGmnTrEH/RG1TLbEsqALWyh5WSm1azYU 7QHx9eup+/NKUE8C6WLPGQyprTkL/snIRZZGYDdkz5grkxcsYaWaVNNtDdUTdctN KCi2E3rbzdUYHV0aN/VdoNvJdpa8H3J2dpyx4/kFmZ2Z04+VLZOqeX6ANMdYZbYv FXv37j0dnl15h+t57+65Cf5c8BVbSW50vqXUx/eHWS73BISq3LP30OV4Ut8k3Xbg IXVf1S/EFeoXxRoGfn9i4i4txeQNyQxCOX0k+fynvIGP+lFuYciSGgGJydYBIkhE 87TMJ//c1tPq41jn5prdbWRTE4mPWA5U03w35wUGrhUWSNUb+OhM6fV4vdRwq30= =ilGQ -----END PGP SIGNATURE-----

3 6

GSoC Intro: Stegotorus
by vmon 04 Jun '12

04 Jun '12

Hello Tor-devers, It is a beautiful spring/summer day and this is vmon. I m going spend my summer with you guys. You might think that I m a bit off schedule with such a late GSoCc intro, but till 2 days ago I didn't know what I was going to do this summer for tor, so I couldn't write much before. I've been using tor for a long time. I don't remember exactly when was the first time I encountered Tor but I think it was somehow through JonDo. Being behind censor, you always desperately google the word "proxy", and "Java Anonymous Proxy" came up in once. Reading more about it, lead me to Tor. So I was a Tor user for a while, when I heard of gsoc. I talked to a friend of mine who had a gsoc experience before. He told me that Tor/EFF have some slots. It was a very interesting for us as we were both frustrated with our government behavior and we wanted to do something about it. We kept submitting our idea for a while (OK, twice) and kept getting rejected. So finally, I decided to deal with our concerns in a more "tor-friendly" way. One of our concerns (which is getting more serious year after year) was that what if the government decides to close down any protocol that they don't like, and only let few common protocols, e.g. http, pass through. How useful would Tor be in such a situation? Around the same time, obfsproxy came out of no where, so I thought, one way to overcome this problem was to use obfsproxy to send tor over http. After submitting my idea, I found out that at the end of the day, it wasn't *that* original. Zack/zwol had worked on it for a year. It is called Stegotorus. However, considering, the arm-race nature of the problem and the state of development of Stegotorus, tor people (specifically asn) suggested me to polish, improve and strengthen Stegotorus, instead of re-inventing the wheel. The final obstacle, that Stegotorus wasn't open, was resolved last week and I am very excited to deliver you a strong more robust Stegotorus by the end of the summer. Zack is my primary mentor, followed by Steven (sjmurdoc1) and Roger (armadev) (according to Tor blog). I'll be sticking around #tor-dev (vmon) as much as possible and I'm happy to know, talk and learn from everyone of you. See you on #tor-dev Cheers, vmon P.S. Dear GSoC Admin, I know I'm late on my first bi-weekly update but I thought my updates makes much more sense to people, If they are proceeded by an intro. I'll send my updates shortly.

4 3

TorStatus
by Felix Ker 04 Jun '12

04 Jun '12

I'm trying to use TorStatus and it took me almost 2 hours to set everything up and able to run tns_update.pl smoothly with no error. However, I am facing a problem that Google cannot help me. [0] starting... [0] mirror? [0] connecting to Tor [0] authenticating with Tor [0] starting descriptions *The TorStatus database was not updated properly. An error has occured. I will continue to try to update, however.* It says an error has occured but I am unable to find any error logs. Anyone? ___ Best Regards, Felix Ker Mobile +65-91456635 Email felix(a)ker.sg *IMPORTANT* Find out the best ways to get my attention: http://protocol.by/felixker/

3 5

[GSoC] Vidalia - Status Report
by Feroze Naina 02 Jun '12

02 Jun '12

I have completed the prototype for Torrc and I've tested it writing a plugin. So far value(), setValue(), TorrcPath() functions are confirmed working. I've still not been able to get clear() working and the execution simple stops. I'm not sure if there is an error in the plugin or the prototype without the debugger. I'm planning on integrating QScriptEngineDebugger to help writing and testing plugins. I didn't work in the first week during exams. My commits - https://github.com/feroze/vidalia/commits/hiddenservice

1 1

[GSoC] Pluggable Transports in Python Status Report
by Brandon Wiley 01 Jun '12

01 Jun '12

Deliverable #1 for this summer’s project is this: “A library for parsing pluggable transport configuration options This will be a python library that authors of SOCKS proxies can use to integrate their proxies with Tor.” A first pass at this is available from github and pypi: http://github.com/blanu/pyptlib http://pypi.python.org/pypi/pyptlib/0.1 I tried to follow the spec very closely in developing the API. Next steps for the library are testing, improvement documentation including pydoc strings, and error checking for higher level protocol conformance, for instance the order in which proxy reply lines are output. After that, it will be time to use the library in building the pluggable transport framework. Status updates can also be read on my project blog: http://stepthreeprivacy.org/

1 0