Hi all. Over the last few weeks I've been working on a relay setup wizard for arm. Its purpose is to make volunteering to be a relay easy, narrowing the options to those most commonly used and giving nice descriptions/defaults to encourage good configurations.
At present relay setup for new users, particularly exits, is either confusing or limited. For users doing it without a controller we have a deluge of man page options and a confusing bundle of docs. For Vidalia users, however, it's easy to become a middle hop or bridge, but the configurations it makes for exits are poor (default exit policy, no front page, no notice for how to reduce abuse complaints which probably leads Vidalia exits to be short lived...).
This wizard consists of three pages...
1. Selection for what you'd like to be http://www.atagar.com/transfer/tmp/arm_wizard1.png
2. Picking your relay options, with both descriptions of the options and why you'd want to set them http://www.atagar.com/transfer/tmp/arm_wizard2.png
3. Confirmation for the configuration it's making http://www.atagar.com/transfer/tmp/arm_wizard3.png
4. ... then in the frozen land of Nador they were forced to eat Sir Robin's minstrels. And there was much rejoicing. http://www.atagar.com/transfer/tmp/arm_wizard4.png
My not-so-humble goals for this wizard is for it to become a method we suggest on the site for setting up an exit (and maybe relays/bridges too later) so I'd appreciate some feedback! The 1.4.3 release candidate is available at... http://www.atagar.com/transfer/tmp/arm-1.4.3rc.tar.bz2
Future plans are automatic signup for Tor Weather and a "Run Tor at Startup" option (this later one is gonna be tricky, but it's vital if we want systems like laptops that frequently shut down to be meaningful relays/bridges).
Cheers! -Damian
Hi Damian,
On 7/13/11 7:01 PM, Damian Johnson wrote:
Hi all. Over the last few weeks I've been working on a relay setup wizard for arm. Its purpose is to make volunteering to be a relay easy, narrowing the options to those most commonly used and giving nice descriptions/defaults to encourage good configurations.
At present relay setup for new users, particularly exits, is either confusing or limited. For users doing it without a controller we have a deluge of man page options and a confusing bundle of docs. For Vidalia users, however, it's easy to become a middle hop or bridge, but the configurations it makes for exits are poor (default exit policy, no front page, no notice for how to reduce abuse complaints which probably leads Vidalia exits to be short lived...).
This wizard consists of three pages...
arm and this wizard look really great! :)
Just a few minor comments below...
- Selection for what you'd like to be
I wonder if the order of configurations on that page should rather be: Exit Relay - Internal Relay - Bridge - Client - Cancel. The default could still be "Internal Relay," but the order could imply to people that the higher something's in the list, the more they contribute.
Or does this wizard start automatically when arm starts? In that case, setting "Internal Relay" as the default could be problematic. If people use arm on their clients, they shouldn't be tricked into becoming a relay only because that's the default. They should know what they're doing when setting up a relay. But 90% of all users go with the default, so if "Internal Relay" is the default, they'll just pick that and hope for the best. (Ignore this comment if the wizard is explicitly called "Tor Relay Setup Wizard" and if people need to actively start it.)
Missing word: "This is a safe and easy _way_ of making the Tor network better."
- Picking your relay options, with both descriptions of the options
and why you'd want to set them http://www.atagar.com/transfer/tmp/arm_wizard2.png
I wonder if there's a short torproject.org URL containing tips for exit relay operators that you can show users here.
Again, this looks great!
Best, Karsten
Thanks, Karsten!
Or does this wizard start automatically when arm starts?
If tor is installed but not currently running on the control port then arm starts the wizard.
In that case, setting "Internal Relay" as the default could be problematic. If people use arm on their clients, they shouldn't be tricked into becoming a relay only because that's the default. They should know what they're doing when setting up a relay. But 90% of all users go with the default, so if "Internal Relay" is the default, they'll just pick that and hope for the best. (Ignore this comment if the wizard is explicitly called "Tor Relay Setup Wizard" and if people need to actively start it.)
I disagree. For the network to scale it needs some portion of its userbase to be relays. There's certainly use cases where that isn't practical (either when it's a burden or they need to hide the fact that they're using tor), but for just about anything else operating a middle-hop relay is an easy and complaint-free way of helping. I kinda like having people opt-out of being a relay since it makes them aware when they're using the network without contributing to it. Also, weren't we talking earlier about making people bridges by default in Vidalia?
That said, I'll change the default if people would rather it be something else.
Missing word: "This is a safe and easy _way_ of making the Tor network better."
Thanks, fixed
I wonder if there's a short torproject.org URL containing tips for exit relay operators that you can show users here.
Ah, I was wondering when someone would mention that. I made two simple landing pages with resources for wizard users... http://www.atagar.com/torUsageTips/ http://www.atagar.com/torExitTips/
I did it this way since... - it needed to be short urls (originally I was planning trac wikis) - I could make the site look just how I wanted, my goal being something minimal that draws eyes to the content which the dark background does - it kinda seemed fitting since this is where arm's homepage resides
However, in the long run I agree that these should be torproject.org pages (for the recognizable url, translations, and since it provides https).
Cheers! -Damian
On 7/14/11 5:52 AM, Damian Johnson wrote:
In that case, setting "Internal Relay" as the default could be problematic. If people use arm on their clients, they shouldn't be tricked into becoming a relay only because that's the default. They should know what they're doing when setting up a relay. But 90% of all users go with the default, so if "Internal Relay" is the default, they'll just pick that and hope for the best. (Ignore this comment if the wizard is explicitly called "Tor Relay Setup Wizard" and if people need to actively start it.)
I disagree. For the network to scale it needs some portion of its userbase to be relays. There's certainly use cases where that isn't practical (either when it's a burden or they need to hide the fact that they're using tor), but for just about anything else operating a middle-hop relay is an easy and complaint-free way of helping. I kinda like having people opt-out of being a relay since it makes them aware when they're using the network without contributing to it. Also, weren't we talking earlier about making people bridges by default in Vidalia?
I didn't follow the whole "make all users relays or bridges" discussion. But I think there are a few arguments against turning clients into relays by default:
- If people aren't really aware that they're becoming a relay, we'll end up with a lot of slow and unstable relays. I imagine there could be hundreds if not thousands of those relays if we start shipping packages with arm. This could become problematic for the directory system at some point. Sure, we could start excluding relays from the consensus that don't contribute much. But why create a problem (or making it worse) if we can avoid it?
- Another effect of surprising people by turning their clients into relays is that they might stop liking Tor. They shouldn't learn that they're contributing to something they only discovered a few hours ago, only because it eats all their bandwidth. Even worse, what if people try out Tor, use it for a bit, let it run, and learn at the end of the month that they exceeded their bandwidth quota and have to pay for it? It would be better to make them like Tor first and then ask them to give something back.
- If you make Client at position 4 the default and have three more options at positions 1 to 3 to contribute to the network, a fair amount of people will already feel bad that they don't contribute. If we can give these people an easy way to contribute to the network by re-running the wizard, we win.
- I'm not sure if making people bridges by default in Vidalia is a good idea, either. I think you're referring to the Tor proposal where clients measure if they're stable enough to be a bridge and whether they're reachable from outside and then turn into bridges automatically. I'm not a big fan of this idea, but at least it makes sure the new bridges or relays will be useful for the network. It also means people had the chance to like Tor enough to accept that they're now giving something back.
That said, I'll change the default if people would rather it be something else.
Sure, having more opinions here would be useful. This discussion isn't even arm-specific, but could apply to Vidalia or packaging in general. I'm curious what other people think, too.
Best, Karsten
On Wed, Jul 13, 2011 at 10:01:18AM -0700, Damian Johnson wrote:
- Selection for what you'd like to be
I'd suggest sticking with the name 'Non-exit' relay rather than making up a new term ('Internal Relay') that nobody else uses. Unless you want to convince everybody that non-exit relay is a bad name and we should switch? I'd be amenable to switching, but I don't think "Internal" is the right word. Which leads me to:
Your description of an exit relay may mislead people into thinking that it *only* handles exit traffic -- meaning it doesn't get connections from users.
Perhaps changing 'Connects...' to 'Also connects...' would do it?
- Picking your relay options, with both descriptions of the options
and why you'd want to set them http://www.atagar.com/transfer/tmp/arm_wizard2.png
Does "Low Relaying Ports" mean 'try to bind to 80 and 443'? Perhaps that should be 'Listen on Popular Ports'? I guess it depends if your users know what 'Low' is and what it implies.
You point to a url at atagar.com here. If your not-so-humble goals are to come true, it seems we should have a page on the website that has these pointers? Or maybe it's better as a faq entry (to avoid "omg there are so many pages how was I ever supposed to find that one")?
- Confirmation for the configuration it's making
In the comments at the very top, I'd suggest changing "restart tor" to "or restart tor", to make it clearer that any one of the three steps will accomplish the goal.
You might also want to change the comments on the Log and DirPortFrontPage lines so they show up before the config line, meaning you can actually read the comment.
- ... then in the frozen land of Nador they were forced to eat Sir
Robin's minstrels. And there was much rejoicing. http://www.atagar.com/transfer/tmp/arm_wizard4.png
Woah, your logs are in reverse order. :)
--Roger
I'd suggest sticking with the name 'Non-exit' relay rather than making up a new term ('Internal Relay') that nobody else uses. Unless you want to convince everybody that non-exit relay is a bad name and we should switch?
Sebastian had the same concern. We adopted the term "exit" and "non-exit" because we were describe ExitPolicy entries rather than relay roles. The term "non-exit" says... well, that you're not an exit but not what you are, which is providing interconnections between participants in the tor network.
Personally I think that we should be offering users the analogy that tor is a network of participants (users and middle hops) with exit points from that network out into the wider Internet. This gives a good, simple abstraction for why this last role produces abuse complaints and the former doesn't.
Though again, if I'm outnumbered on this then I'll go with the majority.
Your description of an exit relay may mislead people into thinking that it *only* handles exit traffic -- meaning it doesn't get connections from users.
True, though I don't think that we should try to include that in the description. Why do you think that this is an important detail for new relay operators to understand?
Does "Low Relaying Ports" mean 'try to bind to 80 and 443'? Perhaps that should be 'Listen on Popular Ports'? I guess it depends if your users know what 'Low' is and what it implies.
Very good idea - changed to "Use Popular Ports"
Or maybe it's better as a faq entry (to avoid "omg there are so many pages how was I ever supposed to find that one")?
I tried that for a while. Our faqs make bad landing pages and the trac urls are too long. As mentioned in my reply to Karsten I agree that this will need to become tpo pages, however I think my pages turned out very nicely so until there's tpo alternatives this doesn't strike me as a large concern.
In the comments at the very top, I'd suggest changing "restart tor" to "or restart tor", to make it clearer that any one of the three steps will accomplish the goal.
Good idea. Changed.
You might also want to change the comments on the Log and DirPortFrontPage lines so they show up before the config line, meaning you can actually read the comment.
The audience I had in mind for the comments were people hand editing the torrc, where those lines look fine (the confirmation dialog's width is only 58). Though I probably should add line wrapping...
Cheers! -Damian
-
Damian Johnson -
Karsten Loesing -
Roger Dingledine