[tor-dev] Cute Otter == Tahoe-LAFS + Tor?

Griffin Boyce griffin at cryptolab.net
Fri May 16 18:40:56 UTC 2014

Leif Ryge wrote:
> I think the idea would be to have a web publishing app which doesn't
> necessarily expose Tahoe-LAFS to users directly, but rather just has a
> "Publish" button which uploads to it.

   That would be really cool =)  The URL problem is still a problem, but 
for use cases where url memorability isn't a factor, it would probably 
be fine.  (Such as Crabgrass instances where people are organizing 
rather than sharing files, or where visitors are mostly following links 
from the front page.

> What properties does stormy provide? Can I read about it somewhere?

   The original roadmap/code repo is Github[1].  The project has expanded 
rather a lot, and I'm happy to talk about it off-list sometime. =)

   The basics: a command line wizard that guides users through the 
install process, adds keys, performs critical server hardening (that 
most users currently don't do), sets up unattended security updates, 
sets up their platform of choice[2], sets up the Tor portion & torrc, 
sets up regular backups, sets up all of the init files and cron jobs, 
then backs up all config files and keys to a zip for easy retrieval by 
the user.

   I'd love to have guides translated across Tor's 15 supported 
languages, but that's wishing for too much ;-)  Maybe if I write *one* 
guide, the community will help with the rest.  The wizard itself detects 
language, but because environments tend to be in en_US, that's not as 
helpful as just giving an option to select language.


[1] https://github.com/glamrock/stormy
[2] There are several good options here that I've used in the past.  
With an eye toward avoiding Apache, the current roster includes Ghost, 
Crabgrass, MoinMoin, ejabberd, just a basic webserver, and just 
hardening. GlobaLeaks and SecureDrop would be perfect for this, but 
development on both is moving really fast right now.

More information about the tor-dev mailing list