[tor-project] Cloud Compute Resources for Tor Browser

Tom Ritter tom at ritter.vg
Fri Aug 18 16:00:32 UTC 2017 

As we wrap up the GSOC, I wanted to do a retrospective on the Tor
Browser development process for new people.

Basically, building Tor Browser is difficult from a setup perspective
(we're always working on making it easier, but it's still not trivial)
and it's difficult from a resource perspective - it can take a long
time to build Tor Browser. You can easy have a day where if you get
two compiles in - that's a good day.  Couple that with the trial and
error process that new people usually have with a software project -
and you have a pretty high barrier to entry.

The experience with nmago this past summer illustrated how important
this is. I estimate he would have been able to accomplish 33% to 50%
more than he was able to accomplish if he had both a faster machine
and a pre-set-up build environment.

What I'd like to do to improve this situation is to provide a
development instance on EC2. We can publish an image that anyone can
run on their own and do development in. They would have to pay their
own money to run the machine, while the host org (Tor or me) would pay
a small cost each month to provide the image (I think <$3/month).

Furthermore, I'd like Tor Project to _fund_ this development image for
future GSOC people and potentially others on a case by case basis.
GSOC is finishing, so this isn't an actual request to pay any money
now. But I think we should in the future.

Right now, the cost to reserve a single machine for an entire year is
2248.28. If we only did on-demand it would be 825.72 for 3 months.

There is no reason we couldn't have multiple people using a single
machine; aside from if two people compile at the same time they'll be
fighting for resources. Depending on how often it is used this may not
matter or it may matter a lot.

Obviously we don't trust cloud images, but this is for developing
patches which will receive code review. There is no real trust here,
unless the user does something silly like put their ssh keys on it,
which they should not.

-tom

More information about the tor-project mailing list