[tor-dev] The Torouter and the DreamPlug

Jacob Appelbaum jacob at appelbaum.net
Tue Jun 7 22:36:45 UTC 2011

On Tue, Jun 7, 2011 at 2:55 PM, Runa Sandvik <runa.sandvik at gmail.com> wrote:

> On 7 Jun 2011, at 22:00, Jacob Appelbaum <jacob at appelbaum.net> wrote:
> > On 06/07/2011 01:28 PM, Andrew Lewman wrote:
> >> On Tue, 7 Jun 2011 21:08:48 +0100
> >> "Runa A. Sandvik" <runa.sandvik at gmail.com> wrote:
> >>>> Vidalia is not designed to control or configure a Tor process that
> >>>> it did not start.
> >>>
> >>> I have tested this, and it works just fine. The question is; are we
> >>> happy with something that works, even if it's being used in a way that
> >>> it was not designed for?
> >>
> >> Vidalia was designed to do this from the start, which is why it uses
> >> tcp/ip instead of some ephermeral file descriptor locally.  The
> >> connection between their vidalia and the tor process is in plaintext.
> >> That should be the concern.
> >>
> >
> > Yes, it should be SSL/TLS, as I've previously suggested, if we're going
> > to use that as the controller.
> Any idea about how we can do this between Vidalia and a Tor process? Would
> stunnel be useful in this case?
Vidalia needs to run a TLS server on whatever port it opens. Tor would need
to know how to communicate with a TLS control port. I believe that it would
be an interesting problem to try to authenticate the certificate of the
remote Tor and actually one that could be solved without too much issue.

> We would also need a way for users to easily change the hashed password. I
> can't remember if this is a feature that is already present in Vidalia.
Yes, we do need a way to change the password. We will also need a way to
reset the password if the user is locked out of the control port. I
generally think that this means we'll need a web UI... :-)

> > I still think that a web interface isn't that big of a deal if we're
> > just shipping Debian...
> >
> > We just need to get a list of requirements and them hammer it out.
> It's not a big deal, but it will take more time to get the Torouter ready.
> If Vidalia can do what we want, why not use it? The user experience might be
> a bit better with a web interface, though.
Well, I see a number of issues. One of the main issues is that you cannot
safely connect to Vidalia over a network until TLS support is added to both
Vidalia and Tor. Another is authentication of that connection. Yet another
is that it will be extremely confusing for a user who doesn't understand
what Vidalia does or why they'd need it.

I think the best thing is to make an autoconfiguring device with a web UI;
we can easily rate limit Tor to something reasonable and make it a middle
node by default. In all cases it stands alone and simply plugging it into a
wall (power/ethernet) will provide more capacity to the network if the OR
port is reachable (ala tor-fw-helper + tor + init.d scripts to start Tor on

Adding Vidalia to the mix seems like a nice to have but I don't think it's
currently up to the task...

All the best,
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.torproject.org/pipermail/tor-dev/attachments/20110607/47d883e4/attachment.htm>

More information about the tor-dev mailing list