[tor-reports] Isis' February 2014
isis
isis at torproject.org
Wed Mar 5 06:30:21 UTC 2014
**** Isis' February 2014: Review
In February, I:
* Gave BridgeDB a CHANGELOG. [0]
* Implemented a feature which allows BridgeDB to generate its own CAPTCHA
images locally, [1] [2] without using reCaptcha. Work must still be done
on making this friendlier for blind people. (#10809) [3]
* Rewrote BridgeDB's usage of reCaptcha to be asynchronous an to *only* use
SSLv3/TLS [4] (with cert-chain verification and hostname checking! [5])
(#11127)
* Package the (bridge) descriptor generator as “Leekspin”. [6] The name
comes from this pre-nyancat loop of an anime person spinning a leek and
singing swedish scat: http://leekspin.com (for the sane and decent folk
without Flash: https://www.youtube.com/watch?v=1wnE4vF9CQ4).
* Reviewed and merged several sets of patches from sysrqb, in order to:
- fix several issues in the logic of BridgeDB's descriptor parsing. [7]
(#9264)
- report a whitelisted IP to the reCaptcha API server, which is supposed
to make the CAPTCHAs easier for BridgeDB users. [8] (#10834)
* Sysrqb and I both implemented slightly different UIs [9] [10] for
requesting PTs from BridgeDB (#9127). I like sysrqb's more… specifically
the new options page at https://bridges.torproject.org/options though UI
suggestions are super appreciated!
* Released BridgeDB versions 0.1.1 [11], 0.1.2 [12], 0.1.3 [13], and
0.1.4 [14].
^^
^^ .. ..
[] []
.:[]:_ ^^ ,:[]:.
.: :[]: :-. ,-: :[]: :.
.: : :[]: : :`._ ,.': : :[]: : :.
.: : : :[]: : : : :-._ _,-: : : : :[]: : : :.
_..: : : : :[]: : : : : : :-._________.-: : : : : : :[]: : : : :-._
_:_:_:_:_:_:[]:_:_:_:_:_:_:_:_:_:_:_:_:_:_:_:_:_:_:_:[]:_:_:_:_:_:_
!!!!!!!!!!!![]!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!![]!!!!!!!!!!!!!
^^^^^^^^^^^^[]^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^[]^^^^^^^^^^^^^
[] []
[] []
[] []
~~^-~^_~^~/ \~^-~^~_~^-~_^~-^~_^~~-^~_~^~-~_~-^~_^/ \~^-~_~^-~~-
~ _~~- ~^-^~-^~~- ^~_^-^~~_ -~^_ -~_-~~^- _~~_~-^_ ~^-^~~-_^-~ ~^
~ ^- _~~_- ~~ _ ~ ^~ - ~~^ _ - ^~- ~ _ ~~^ - ~_ - ~^_~
~- ^_ ~^ - ^~ _ - ~^~ _ _~^~- _ ~~^ - _ ~ - _ ~~^ -
~^ -_ ~^^ -_ ~ _ - _ ~^~- _~ -_ ~- _ ~^ _ - ~ ^-
~^~ - _ ^ - ~~~ _ - _ ~-^ ~ __- ~_ - ~ ~^_-
~ ~- ^~ - ~^ - ~ ^~ - ~~ ^~ - ~
* Attended the Tor developer meeting in Reykjavik, Iceland. There were
numerous sessions regarding BridgeDB, PTs, and (PT)TBB which I found
productive. [15] I'm particularly happy to have had a chance to brainstorm
the the UI workflow for a bridge user with TBB, TorLauncher, and BridgeDB.
* Took a couple days off before and after the meeting to explore Iceland and
to meet some of the local anarchists. I was also rather determined to
photograph the aurora ― the physics behind it has fascinated me since I
was little. I never imagined I'd get to see it one day.
` : | | | |: || : ` : | |+|: | : : :| .` .
` : | :| || |: : ` | | :| : | : |: | . :
.' ': || |: | ' ` || | : | |: : | . ` . :.
`' || | ' | * ` : | | :| |*| : : :|
* * ` | : : | . ` ' :| | :| . : : * :.||
.` | | | : .:| ` | || | : |: | | ||
' . + ` | : .: . '| | : :| : . |:| ||
. . ` *| || : ` | | :| | : |:| |
. . . || |.: * | || : : :|||
. . . * . . ` |||. + + '| ||| . ||`
. * . +:`|! . |||| :.||`
+ . ..!|* . | :`||+ |||`
. + : |||` .| :| | | |.| ||` .
* + ' + :|| |` :.+. || || | |:`|| `
. .||` . ..|| | |: '` `| | |` +
. +++ || !|!: ` :| |
+ . . | . `|||.: .|| . .
`
' `|. . `:||| + ||' `
__ + * `' `'|. `:
"' `---"""----....____,..^---`^``----.,.___ `. `. .
____,.,-
___,--'""`---"' ^ ^ ^ ^ """'---,..___ __,..---""'
--"' ^ ``--..,__
[0]: “BridgeDB CHANGELOG” https://gitweb.torproject.org/bridgedb.git/blob/HEAD:/CHANGELOG
[1]: “fix/10809-gimp-captcha” https://gitweb.torproject.org/user/isis/bridgedb.git/shortlog/refs/heads/fix/10809-gimp-captcha
[2]: “gimp-captcha” https://github.com/isislovecruft/gimp-captcha
[4]: #11127 https://trac.torproject.org/projects/tor/ticket/11127#ticket
[5]: “Twisted SSL Client with certificate-chain verification and hostname checking”
https://gitweb.torproject.org/user/isis/bridgedb.git/blob/refs/heads/fix/11127-recaptcha-ssl:/lib/bridgedb/crypto.py#l83
[6]: “Leekspin” https://pypi.python.org/pypi/leekspin
[7]: https://gitweb.torproject.org/bridgedb.git/commitdiff/558610e3fa321b76af03142d4aa1ab92125a43d5
[8]: https://gitweb.torproject.org/bridgedb.git/commitdiff/aa835c1d9155c5139950a4e35d76bf6cfb295415
[9]: “tpo-sysrqb/bug9127” https://gitweb.torproject.org/bridgedb.git/commit/aa835c1d9155c5139950a4e35d76bf6cfb295415
[10]: “tpo-isis/fix/9127-https-interface-ipv6” https://gitweb.torproject.org/bridgedb.git/commit/95dd010dd9ef9faf69e6034f952a7a95b6743c3b
[11]: bridgedb-0.1.1 https://gitweb.torproject.org/user/isis/bridgedb.git/tag/446bc967442c2c7bbac23b50e709058c7f502c3f
[12]: bridgedb-0.1.2 https://gitweb.torproject.org/user/isis/bridgedb.git/tag/35adf25be33210948e80f28623aee867cca6043d
[13]: bridgedb-0.1.3 https://gitweb.torproject.org/user/isis/bridgedb.git/tag/1fac391754b1cb12bd32dc990fb92e86b593dde0
[14]: bridgedb-0.1.4 https://gitweb.torproject.org/user/isis/bridgedb.git/tag/a49efc6faa7d15573f5081946140af03f649533d
[15]: “2014 Winter Dev Meeting” https://trac.torproject.org/projects/tor/wiki/org/meetings/2014WinterDevMeeting,
specifically, the “Pluggable transports and bridges” section.
**** Tickets worked on in February 2014:
***** Component: Analysis (1 match)
#10680 Obtain attributes of current public bridges
***** Component: BridgeDB (16 matches)
#5232 Import bridges into BridgeDB in a separate thread and database transaction
#9264 Problem with transport lines in BridgeDB's bridge pool assignment files
#9127 Users can't ask for ipv6 bridges with the new bridgedb interface
#9385 bridgedb's email responder should fuzzy match email addresses within time periods
#9404 BridgeDB will sometimes return no obfs2 or obfs3 bridges over html
#9499 BridgeDB should hand out identity fingerprints
#9988 Refactor BridgeDB's use of `sha` module to use `hashlib` instead.
#10737 POST arguments to bridges.torproject.org are dropped if entering a CAPTCHA fails
#10795 Create a Privacy Policy
#10796 Bridgedb became unresponsive
#10811 BridgeDB's assignments.log files are not being updated
#10813 Email respond needs an update
#10831 Captchas are not accessible for blind users
#10834 Configurable reCAPTCHA remoteip
#10916 Increase monitoring of bridges.tp.o
#10989 bridgedb should use starttls for outgoing mails
***** Component: Pluggable transport (2 matches)
#9743 Think of a good name for the obfs-flash meta-proxy and create a repo for it
#10671 Pluggable Transports: Improve method of transferring parameters to client-side transports
***** Component: Tor (5 matches)
#8106 Make .onion addresses harder to harvest by directory servers
#6546 Replace check.tp.o with internal mapaddress + JSON/XML object
#9498 Allow bridge descriptors to contain no address if they are not being published
#9729 Make bridges publish additional ORPort addresses in their descriptor
#10849 tunneldirconns 0 makes hidden services publish descriptors over http -- and they're refused
***** Component: Tor Launcher (1 match)
#10418 Make a "Use Default Bridges" Radio button in the Tor Launcher Bridge UI
***** Component: Tor Support (1 match)
#10890 Redirect “get bridges” messages automatically
**** In March 2014, I plan to work on:
* More BridgeDB UI work to add a workflow which transitions smoothly from
TorLauncher to BridgeDB to help users obtain bridges. (#10418)
* Begin implementing BridgeDB backend database improvements for
proposal #226. [16]
* Sort out my contract.
* Finish writing a paper that I'll likely submit to HotPETS 2014. [17]
[16]: https://gitweb.torproject.org/torspec.git/blob/HEAD:/proposals/226-bridgedb-database-improvements.txt
[17]: http://petsymposium.org/2014/hotpets.php
**** Relevant Papers/Research:
George Danezis pointed out the following paper, for possible use as an
anonymous credential scheme for BridgeDB's Social Distributor. It's by the one
of the same cryptographers, Anna Lysyanskaya, as the one I had in mind for
this purpose (“Randomizable and Delegatable Anonymous Credentials” [18]). This
“Anonymous Credentials Light” scheme seems unsuitable, however, due to:
1. It uses a “Trusted Party” for signature creation.
2. A trapdoor anonymity-revocation is used as a double-spending protection.
3. Because a BridgeDB user's credential must be frequently updated (in the
rBridge scheme), the efficiency hacks in §5.3 of the ACL paper cannot
be used, and the expensive ACL Registration phase must be repeatedly
re-executed.
4. It's pseudonymous, not anonymous.
It seems more applicable for usage in some sort of payment processor proxy,
e.g. some service which processes BTC transactions from pseudonymous users
and proxies purchases from vendors.
Baldimtsi, F., Lysyanskaya, A. “Anonymous Credentials Light”.
Cryptology ePrint Archive: Report 2012/298, 2012.
https://eprint.iacr.org/2012/298
[18]: https://eprint.iacr.org/2008/428
--
♥Ⓐ isis agora lovecruft
_________________________________________________________
GPG: 4096R/A3ADB67A2CDB8B35
Current Keys: https://blog.patternsinthevoid.net/isis.txt
-------------- next part --------------
Red Baron No. 51: Aurora Borealis
________________ __ __
,' `. ('__`> _ --__`.
/ Here's the world \____ /=(66) ______\ -'_--`.
| famous Red Baron ,-' `\_-/ |()|::::)= '_`. .
| traversing the sky | _____ / /\ /)____||____\_-``.
\ of the far north! / `-------' \-` ,
`.________________,' & , . & , . & , | '
_\' `/_\' `/_\' |
_|`. ,'|_|`. ,'|_|`. |
|\
__________________________/__\
.`.-_-\
`_`.'_-_\
-- -
_______________ __
,' '. ('__`> ))
/ Ooooohhhh!! \____ (( /==(o) ______
| Behold the majestic ,-' `\_./ |()|::::)=
| AURORA BOREALIS | _____ / /\ /)____||___/__ ,\
| descending across | `-------' \ ,'\ |
| the arctic sky, a | & , . & , . & , |,' \ |
| gossamer curtain of | _\' `/_\' `/_\' |) )|, |
\ ethereal light! / _|`. ,'|_|`. ,'|_|`. |,' ,/ /
`._______________,' | ' ,
__________________________/ '
________________ __ __
,' `. ('__`> _ --__`.
/ It's-- (sniff) \____ /=(^^) ______\ -'_--`.
| it's one of those ,-' `\_~' |()|::::)= '_`. .
| grandiose spectacles | _____ / /\ /)____||____\_-``.
| of nature one just | `-------' \-` ,
| never grows tired | & , . & , . & , | '
| of watching! (And | _\' `/_\' `/_\' |
| all just caused by | _|`. ,'|_|`. ,'|_|`. |
\ solar spots!) / |\
`.________________,' __________________________/__\
.`.-_-\
`_`.'_-_\
-- -
So this concludes our cartoon for today. We hope you've been enjoy-
ing it and wish you a pleasant trip offli--
What's that? "Not funny?" What do you mean, not funny?! Haven't
you been paying attention?! All right, we'll see! I'm going to show
it to you once more, and this time around KEEP YOUR EYES PEELED!
, , _ _
/| /| |_) \ / | \
\| \| | \ \/\/ |_/
` `
________________ __ __
,' `. (`___`> _ --__`.
/ Squicksquick \____ /=((6) ______\ -'_---`.
| squeak squicksquick ,-' `\ _-/ |()|:::::)= '_`. .
| squiquick squeak | ____ / /\ /)____||____\_-``.
\ squeak squiqueak! / `-------' \-` ,
`.________________,' & , . & , . & , | '
_\' `/_\' `/_\' |
_|`. ,'|_|`. ,'|_|`. |
-===_- -= = = ==__=== --= =-=- _ =====- -=__==== =_=== -=== =
_- ---====_ ====== --_ === =_---- ==__ ===_- ===---- __-----===
__________________________/__\
.`.-_-\
`_`.'_-_\
-- -
. _
|\ |_) | /\ \_/
|/ | |_ /--\ |
'
________________ __ __
,' `. ('__`> _ --__`.
/ --rld \____ /=(66) ______\ -'_--`.
| famous Red Baron ,-' `\_-/ |()|::::)= '_`. .
| traversing the sky | _____ / /\ /)____||____\_-``.
\ of the far north! / `-------' \-` ,
`.________________,' & , . & , . & , | '
_\' `/_\' `/_\' |
_|`. ,'|_|`. ,'|_|`. |
|\
__________________________/__\
.`.-_-\
`_`.'_-_\
-- -
_______________ __
,' '. ('__`> ))
/ Ooooohhhh!! \____ (( /==(o) ______
| Behold the majestic ,-' `\_./ |()|::::)=
| AURORA BOREALIS | _____ / /\ /)____||___/__ ,\
| descending across | `-------' \ ,'\ |
| the arctic sky, a | & , . & , . & , |,' \ |
| gossamer curtain of | _\' `/_\' `/_\' |) )|, |
\ ethereal light! / _|`. ,'|_|`. ,'|_|`. |,' ,/ /
`._______________,' | ' ,
__________________________/ '
*Sparkle!*
*Sparkle!*
. : . .
. . : . .
: . | :
: : . | :
. : : . | |
| . | | | | :
: : : . | : | :
| : : . | | : . .
: | ; |_____,-+-! : : :
___,---!______,----' !-' :____: .
. `---' `---.___,-----
. .|, . . .
-*- * .
* '|` * .
* . . . *
| *LIFT!* | | :
: : : : | :
| : : | | : . .
: | ; |_____;-+-! : : :
___,---!______,----' !-' :____: .
_ _ |__| `---' `---.___,-----
-- ---- |_| -+-*-+---+--- __
_ __ |__| |{ |{ | | --
|_| -+-}-+-}*+---+- _
. .|, * |__| |{*{|{ {| |
-*- |_| -+-}-}-}*}---+-
* '|` . | | |{ {|{ {| |
. ___________________________
. . / \
. * _,-' Romeo, oh Romeo! |
-'--'| Wherefore art thou Romeo? |
. . o: \___________________________/
V\_________
* [(qp)(qp)(q] | | |
. [b)(db)(db)]-+- . O () _
. |__| | \o_/ (_)
|_| -+-* | ______________
. |__| |{ /{> )) _( )_
|_| -+-} \ }* ( Entangled in _)
. .|, * |__| |{*{ { {| (_ the set, that's _)
-*- |_| -+-}-}-}*}- (__ wherefore! ___)
* '|` . | | |{ {|{ {| (____________)
____________
| | . .
| Later... | . .|, * *
|____________| -*- . .
'|` /\ , /\
__________ . |\/\/ \/|/ \/|__
* / \ _| /_
| Who's on |___ .', __\ THAT'S WHAT I /
. | first. ,-' o o `-. WANNA KNOW!! /
\__________/ -'|\ //) /__ __\
|\ /\ |/\/\ /\/\|
` ` ' ' \/
_______________________
| |
| Much, much later... |
|_______________________|
. .
. . *
. _____________________________________ .
,' ____ _ `.
/ \===\ (_) (#) \
* | \ \ \ \~ |
. | (#) (#) \ \~ | .
| |
. | There's no business like show business |
. \ Like no business I know! /
`.___ _____ _____ ____ ____________,' .
. /,' /,' /,' |/
. /' /' /' ' {"} ________
{"} O_, [________]
} {"} {"} {"} {"} {"} {"} {"} {"} O_,/|/ _[_________]
_,_O_,_O_,_O_,_O_,_O_,_O_,_O_,_O_,/|/ /_[___________]
/ |/ |/ |/ |/ |/ |/ |/ |/ /__[`____________]
/ / / / / / / / [`______________]
` ` ` ` ` ` ` `
__________________________________
,' ____ ___ `.
/ \===\ (#) \~~ \
| \ \ (#) \ |
| (#) (#) \__ (#) |_____
| _,-'
| Ev'rything about is is appealing! |
\ Ev'rything the traffic will allow! /
`.__________________________________,'
________________ __ __
,' `. ('__`> _ --__`.
/ It's-- (sniff) \____ /=(^^) ______\ -'_--`.
| it's one of those ,-' `\_~' |()|::::)= '_`. .
| grandiose spectacles | _____ / /\ /)____||____\_-``.
| of nature one just | `-------' \-` ,
| never grows tired | & , . & , . & , | '
| of watching! (And | _\' `/_\' `/_\' |
| all just caused by | _|`. ,'|_|`. ,'|_|`. |
\ solar spots!) / |\
`.________________,' __________________________/__\
.`.-_-\
`_`.'_-_\
-- -
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 1154 bytes
Desc: Digital signature
URL: <http://lists.torproject.org/pipermail/tor-reports/attachments/20140305/540a7faf/attachment.sig>
More information about the tor-reports
mailing list