[tor-dev] [Otter/Cute] What's Cute in APAF

Fabio Pietrosanti (naif) lists at infosecurity.ch
Thu Oct 10 20:39:13 UTC 2013


I'd like to suggest several changes to the implementation strategy for Cute:

* Cute should be an "application" and it must not be for any reason a
virtual machine that's a nerdy/geeky things.
   An application has to be distributed trough Mac App Stores, Ubuntu
App Stores, Windows App Stores.

* Cute should not have multiple process running (only a single process,
no LAMP that's difficult to be maintained)

* Cute's Wordpress must use SQLite backend (to keep it selfcontained)

* Wordpress should run over a secure Python sandbox
  Assuming the use of APAF, wordpress must be run using php-cgi, with a
sandboxed profie from Twisted

* Use Tor2web for "Edge Cache Nodes", without using other piece of software
   It just need to implement caching with


Il 10/10/13 2:02 PM, Michele Orrù ha scritto:
> Dear Team,
> For completeness' sake I am attaching to this email the report I wrote
> week in order to summarize what the project APAF is about, and what
there is in
> common between it and the Otter/Cute proposal.
> Eventually, feel free to add it to the trac page.
> After reading ["Cute" design and challenges], though, I think the
report lacks
> an exhaustive description of APAF's threat model.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.torproject.org/pipermail/tor-dev/attachments/20131010/f8d1254f/attachment-0001.html>

More information about the tor-dev mailing list