[tor-reports] report for august 19th to august 29th inclusive

Mon Aug 29 20:40:09 UTC 2016

Lately, I have not been working on bwscanner or the Tor integration for IPFS.

Tor guard discovery solution
-----------------------------

I spent some time reading papers and then writing about my new Tor
guard discovery attack involving the new TCP inference attacks. I've
also made some slight progress with writing a scanner to detect if a
Tor relay is vulnerable to this attack.

Subgraph OS Tor integration
---------------------------

Below describes my work on roflcoptor these past few weeks.  I also
had some design discussion with David Mirza Ahmad and other Subgraph
developers. Soon Oz sandboxing and Roflcoptor will be able to play
nice with Tor onion services; that is when Roflcoptor sees an ADD_ONION
or DEL_ONION from Oz-sandboxed programs such as Onionshare or Ricochet
Roflcoptor will talk to Oz via an RPC and tell it to create a listener
which will proxy to the onion service inside the Oz sandbox.

The current version of Subgraph OS now has packages for Roflcoptor and procsnitchd
however we soon plan to make new packages with the above described proxy setup and
with many of the features and bug fixes that are described in my report below.

Roflcoptor https://github.com/subgraph/roflcoptor
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

I fixed various bugs and added various features to Roflcoptor:

* add CLI option to set log level
  https://github.com/subgraph/roflcoptor/issues/42

* roflcoptor doesn't notice when it fails to bind a listener
  https://github.com/subgraph/roflcoptor/issues/30

* policy listeners do not get the correct policy assigned
  https://github.com/subgraph/roflcoptor/issues/29

* gnome-shll policy is broken
  https://github.com/subgraph/roflcoptor/issues/40

roflcoptor's procsnitchd privilege seperation daemon
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

* reconnect to procsnitchd upon connection failure
  https://github.com/subgraph/procsnitchd/issues/8

Tahoe-LAFS Tor integration
--------------------------

What is Tahoe-LAFS? --> A distributed ciphertext storage system!
https://tahoe-lafs.org/trac/tahoe-lafs

We are making various changes towards native Tor integration.
Recently I worked on these tickets:

Meejah and I added support for SOCKS over UNIX domain sockets for the
TorClientEndpoint https://github.com/meejah/txtorcon/issues/181
https://github.com/meejah/txtorcon/pull/182

Brian Warner and I added connection-policy configuration
https://tahoe-lafs.org/trac/tahoe-lafs/ticket/2788

I also fixed related storage broker changes and added a missing unit
test for static storage server configuration:
https://tahoe-lafs.org/trac/tahoe-lafs/ticket/2801

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 801 bytes
Desc: not available
URL: <http://lists.torproject.org/pipermail/tor-reports/attachments/20160829/c15a5db6/attachment.sig>