[tor-talk] How to contribute / takeover a sub project?

proper at secure-mail.biz proper at secure-mail.biz
Wed Mar 7 02:27:56 UTC 2012

> On Tue, Mar 6, 2012 at 5:37 PM,  <proper at secure-mail.biz> wrote:
> >
> ... Nowadays VirtualBox is fully Open Source. It was not in past, but now
> it is. There is a closed source extension package for VirtualBox with stuff
> like rdp, but that is not required. We use only the Open Source edition which
> is available for Windows, Linux, etc.
> ok. i have not used virtual box OSE
> in a while; my understanding is
> that the bridged and host only adapter mode
> didn't work out of the box
> in OSE on windows.

Fortunately they fixed that. Everything, internal, bridged, NAT. All networking is working out of the box in VirtualBox.

> in Tor VM both a bridge and
> tap device were needed
> for networking in the VM, one for network, one for
> host.
> if they changed that, awesome :)

Many things became simpler over the years.

> > We do. It's secured through
> an internal network. You
confirmed it in a cursory check.
> > https://lists.torproject.org/pipermail/tor-talk/2012-March/023531.html
> >
> > If you see any issues with it, let us know.
> if the user configures
> it properly, it should be fine. my concern was:
> is it easy to misconfigure?

Two things we have to compare here...

For the HowTo / manual setup:
- basic linux/shell knowledge is required
- it's a step by step tutorial, everything is explained
- The most important thing is, to give the Tor-Workstation an internal network and to rename it.
- If that was done right, great. Or if you forget a network card or mess up anything else, no connections will be possible. No leaks. Fail safe.

For the future download version:
- You would have to add from virtual networking to nat or bridged and you would break it. That would be stupid. We can not prevent people form committing suicide.

> is it obvious if it
is misconfigured?

If you choose NAT/bridged for Tor-Workstation by mistake,
- check.torproject.org would show "you are not using Tor"

If you choose internal network or no network I can not think of any other more subtle leaks.

> i am fond of "there is only one
> mode, and it is secure." approach.

Perhaps if we were to fork VirtualBox (Portable(apps) Edition) and disable the critical configuration buttons, but that looks like a lot of work (patch it, keep sync with upstream).

> >> and ease of use
> >>
> (no technical
> >> know how required).
> >
> > It's also our goal.
> We make it as easy as possible.
> for Tor VM there was a one-click installer
> that launched everything
> and managed the network configuration and virtual
> machine life cycle
> with a vidalia controller.
> there may be some of that
> automation which would be applicable to
> TorBOX. i'll take a look this


One idea:

Other ideas welcome...

> > <snip> TorVM would be renamed
> >> to TorBOX.
> >>
> >> what would be the purpose?
> >...
> > I prefer the name TorBOX
> sure. i was confused as to what the intent was regarding "taking
> over".

I though it's better to take over an old project, than starting a new one. Amongst other TorVM/JanusVM and their lack of progress motivated me to start TorBOX.

> i don't think there's any point in renaming an old project,
> however, it may
> be useful to point to TorBOX and TAILS as current
> alternatives on the Tor
> VM pages.

That would be great!

powered by Secure-Mail.biz - anonymous and secure e-mail accounts.

More information about the tor-talk mailing list