[tor-dev] One-Click-Publishing HS - aka "Project Cute"

SiNA Rabbani sina at redteam.io
Wed Oct 30 18:44:12 UTC 2013


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Dear List,

I have been trying to help get Project Cute which is a "point-and-click" 
hidden service blogging tool, off the ground. 
So far I have 2 documents that have come out as a result of a few IRC chats.

1) Possible use-cases:
https://trac.torproject.org/projects/tor/attachment/wiki/org/sponsors/Otter/Cute/use-cases.txt.asc

2) Working draft Design Document:
https://trac.torproject.org/projects/tor/attachment/wiki/org/sponsors/Otter/Cute/cute.txt.asc

Any comment or attention from you is very much appreciated.

All the best,
SiNA



For the sake of discussion, I am pasting the Use Case document, so you can just reply away:

This document is an attempt to list the possible users of a 
"one-click-publishing" hidden service. The goal of this effort,
is to provide developers with a set of options and features that could support
their development decisions. It is also an attempt to describe the challenges and
risks associated with anonymous content publishing

1) Activist - a single person
	This is a person with a specific message or material. Wishes to
	share some content with the world, without revealing identity.
	
	This activist/publisher can operate from a range of private and public
	places. Such as: Work, Home, School, Internet Cafe and the public library.
	
	May or may not be able to dedicate a hardware for such activities. 
	But we can assume access to to a computer that can be booted with a USB or CD.

2) Activists - 2 or more of them
	They all access the same site from different places on the Internet. 
	They have specific political/social agenda. Often they maintain an AFK 
	identity and an on-line persona. Hoping for a level of privacy. They 
	each have different roles based on their skills. Roles like reporter, 
	editor, graphic designer and comment-moderator. They publish content 
	on a consistent bases, and very determined to get their words out.

	Such groups are the building blocks of large scale political/social movements.
	Their activities lead to mass protests and social change.

3) Whileslblowers
	This could be an employee of an evil entity that is about
	to do harm. For example company X bypassing international laws &
	selling DPI boxes to dictatorships. This whistle blower wishes to stay 
	anonymous in fear of retribution. He/She may have limited technical 
	abilities, and facing a well resourced adversary.

4) Professionals
	I call this group professionals because they usually operate like a 
	business and involved in some sort of commercial activity. This group 
	includes and not limited to: Newspapers, public and private entities. 
	They wish to use the features such as end-to-end encryption and DDoS 
	mitigation of hidden services, but don't have the desire or technical 
	ability to setup a proper Hidden service. Many major newspapers are 
	setting up whistle blowing portals on their websites already.

5) Anonymous Crime Reporters
	Police departments have webportals for the public to send "anonymous" crime
	reports. The reality is that these portals are NOT anonymous, considering 
	the state of insecurities on the Internet. Such Law Enforcement groups 
	can instead direct crime-reporters to launch a self hosted hidden service 
	and not depend their lives on privacy by policy.

6) Anyone that does not or can not got to wordpress.com and register for a free blog. 
	Help me identify these groreality ups :)


- -- 
“Be the change that you wish to see in the world.” Mahatma Gandhi
-----BEGIN PGP SIGNATURE-----

iQJ8BAEBCgBmBQJScVN8XxSAAAAAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w
ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXRGQ0E0NjQxNDg4RUMyMjUwOThBQzA0QTYz
QzYyNzgwMTIyMkNFOUE4AAoJEDxieAEiLOmow2EP/iS+hA4QFq0d67DoWUaBffwd
DAl4cYX94dxlYMjyvE6F1y9Gbj6FKfNXnerzUzCvsS+9SzQgHsPT2V2vbOItTI62
AfHm1EitUVO2YfdioJbUaom6Gh3JfIJukPjy0oJbbccK6jlQcs8TBFdas0FYi4ML
YQNN/UQrGkSGm4JnnVCobFGwVBcVp7SOb3ClyGVTml/dpkntoHwyJ7aO6ZmoGhxv
+bqx0o90cfka3a0wnamAhkTp1pUi1fMcDdG2OJ1ccemvaaBBmG/Gjt1Fw266HN2p
53vMZ6ZcEZE8iCGgShEm4nnq/FJn7mGuXHxwozjbYao5uCMPNrqCsfxnxS80H3d4
vH6ICCbF7ETfLoLVe//UV0+SRfnIaCQ97x8SMugnK1nKNlAvAuwvRZpm6xyteeoW
syR2EfnNEERjmlzzqBlfjX9HkuSE0BAnWEbhTzsIzWyFjpr8KahYHtcTyKAyFcz1
ph6Wxi6/PAVNuAAow7gybKf425Qt19G85IU+3OZj6RtIl0vjnX1Umyu/3JvViLUs
Y6gluA7RA6JMxH9a5p3BhjjnvEfIFFHGvwJeFf2wG3Tmq+N9XArS3kszFuvuW5j8
KaVWF7e2ql7BucgY9AasYkxobFOsX91THhOMaLJfqO9CtB3p2WxNQrsI64syd2SQ
fr30v9bBRv0zN/bozpF7
=HEt2
-----END PGP SIGNATURE-----


More information about the tor-dev mailing list