Firstly, a note of caution: I am not affiliated with the Tor project.
Scott Bennett:
Duncan dguthrie@posteo.net wrote:
In theory hot-patching kernels is a great idea.
However, they're technically not loading a new kernel. Something like kexec in theory lets one load a new kernel.
Furthermore, these hot-patching programs usually only support Linux. If we want to increase the diversity of the Tor network, as we most certainly should, then we need more BSD relays, so these hot-patching programs don't cut it.
The tor project has made the point that OS diversity is important,
but it has failed to show the courage of its conviction. It commits great effort to maintain a "safe" tor browser for the OS for which tor relays currently abound, yet still offers no version of that browser to entice *BSD, Solaris, MINIX, or other OS users to run tor relays. Instead, such users are apparently expected either to use clearly unsafe browsers or to run VMs of other than their native OS to run a safe browser. The tor community is thus very lucky for what diversity of relay OS currently exists.
If I may, the point of diversifying the network is *not* to "entice" BSD/Solaris/MINIX users, the number of which, even compared to Linux, which is quite low, is astonishingly small. I'd argue more effort should actually be put into hardening Tor Browser for Windows, as it is on Linux that much of the hardening efforts are currently being focused, unfortunately.
The point is that as it stands, serious bugs that affect Linux currently affect the entirety of the Tor network. As a mono-culture, this could cause problems in the future, especially as the network expands. This is an issue for client users too, certainly. However, it is not clear that there would be a benefit to providing builds to operating systems with a very low number of users. I'm sure there are people using BeOS or Plan 9 which want to use Tor Browser, after all. They can always compile it from source if they wish (whether it would run is another matter, but that is work that would take away from helping a greater number of users).
That being said, there is in fact the very good TorBSD project which provides Tor Browser builds for OpenBSD. I do not know what the situation with FreeBSD is, but that provides a Linux compatibility layer, which I've heard Tor Browser works with. Here it is: http://torbsd.github.io/
I've pointed this problem out several times, but to the best of my
memory, none of the tor developers has ever responded on this issue.
Scott Bennett, Comm. ASMELG, CFIAG
- Internet: bennett at sdf.org *xor* bennett at freeshell.org *
*--------------------------------------------------------------------*
- "A well regulated and disciplined militia, is at all times a good *
- objection to the introduction of that bane of all free governments *
- -- a standing army." *
- -- Gov. John Hancock, New York Journal, 28 January 1790 *
Best, Duncan