On 15 Nov 2015, at 16:47, Abhiram Chintangal <abhiram.chintangal@gmail.com> wrote:

Hello,

I have been planning on learning more about tors code base for sometime now. Luckily, I might have some freetime for the next two weeks and I am hoping to put it to good use.

After digging through tickets labelled as "easy" on trac, #16846 seemed like a decent cadidate for to me. There was some discussion on trac about the security impact of adding the feature, but that was three months ago.

I was wondering if anyone could shed more light on it.

#16846 is "Include sizeof(void *) in your extrainfo."

It's not ready to be implemented, it needs more thought / discussion.

The security concerns on the ticket have not changed in the last 3 months - identifying each relay's architecture would allow relays to be targeted for attacks that are more likely to succeed on their architecture. (In particular, 32-bit i386 tor builds typically have fewer protections due to lack of processor features.) We might need to rethink how to collect the total number of 32- and 64- bit platforms in aggregate form, rather than adding it to the extrainfo descriptor.

If you choose a ticket that's marked easy, and is non-controversial (that is, it has no negative security implications), patches will be more likely to be accepted.

You could try one of the following:

Tor should leave its own fingerprint out of its family line
(filtering the list of MyFamily fingerprints to exclude any digests where router_digest_is_me(digest) is true)
https://trac.torproject.org/projects/tor/ticket/17065

Add AccountingRule in and out
(add additional AccountingRule options that only measure traffic in or out)
https://trac.torproject.org/projects/tor/ticket/15989

Tor should warn users when traveling backwards through time
(refactoring common code out of connection_dir_client_reached_eof and or_state_load)
https://trac.torproject.org/projects/tor/ticket/17188

clear_status_flags_on_sybil might want to clear more flags
(future-proof this function by zeroing out the entire structure, then copying the flags we know we want)
https://trac.torproject.org/projects/tor/ticket/16849

Tim

Tim Wilson-Brown (teor)

teor2345 at gmail dot com
PGP 968F094B

teor at blah dot im
OTR CAD08081 9755866D 89E2A06F E3558B7F B5A9D14F