[tor-talk] New TOR Service Suggestions and Enhancements

Random Tor Node Operator tor at unterderbruecke.de
Mon Nov 18 20:11:40 UTC 2013 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 11/18/2013 05:23 PM, Mark McCarron wrote:
> With all the recent crack downs on civil liberties, seizure of TOR
>  services and general censorship that is now hitting even 
> mainstream search engines, I would like to propose a set of new 
> services and some enhancements to the network layer to improve 
> anonymity. We need to get as much support as possible behind these 
> services and improvements as they will assist in both the
> expansion and self-funding capability of TOR going forward.
> 
> The following services have been suggested and will require a fee,
>  paid in Bitcoins, which will be donated to the TOR project. This
> is a security measure to prevent saturation of the services. These
>  services should be integrated into the TOR software and run in a 
> distributed fashion.
> 
> 1.  Distributed Web Hosting
> 
> Currently, anyone hosting a hidden service must provide their own 
> hosting solution and use software to provide access to the TOR 
> network. This strategy has seen increasing number of services taken
> down in raids by various governments. We require a distributed
> hosting solution that provides a web server and database to anyone.
> The requirements for the service are as follows:
> 
> a.  Payment gateway that accepts Bitcoins and either generates a 
> new site, or renews a previously generated private key. This 
> gateway should retain no knowledge of any transaction, or the 
> ability to revoke a site once generated. Sites should
> automatically expire after a given date, unless the private key is
> renewed. Private key renewals should not require the private key to
> leave the client-side.
> 
> b.  Sites can be hosted at any node in an encrypted server with 
> redundancy options (whack-a-mole) and automatic replication between
> nodes. No node should be able to inspect what it hosts in any
> fashion. A premium can be paid to increase replication times.
> 
> c.  Should provide a set minimum of traffic capacity, a premium
> can be paid to increase that capacity or link sites to build a
> larger service (i.e. multiple front-ends, database clusters). A
> Bitcoin pool should be created that providers of this service can
> be paid from to compensated for the increased processing.
> 

While I strongly agree that a distributed HS system would be very
desirable, I find the idea to make it dependent on any kind of payment
very appalling.

Especially your point 1c, which is exactly what many ISPs try to force
upon their customers nowadays. Be on the slow lane or pay a premium. And
what if a critical mass of users is already on the fast lane? Thanks,
but no thanks. Best effort should remain the way to go.

What you call the gateway would also be a single point of failure.
Unless that gateway was decentralized, too, some TLA could simply decide
to seize it because one of the countless Hidden Services was doing
something bad. Consequently, all other HS would fade out when their keys
expire.



> 2.  Distributed File Hosting
> 
> Follows the same structure as web hosting, but provides an FTP 
> service. Should integrate into the web hosting layer seamlessly.
> 
> 3.  Distributed Virtual Machine Hosting
> 
> Follows the same structure as web hosting, but provides a complete
>  virtual OpenBSD/Linux platform. A Bitcoin pool should be created 
> that providers of this service can be paid from to compensated for 
> the increased processing.

This kind of approach would be needed to go beyond a "simple"
distributed storage for static files. How else would you host a HS which
runs any kind of interactive content...


> 
> 4.  Distributed Web Indexer
> 
> Uncensored search of the entire internet.  Speed is unimportant,
> as is the frequency of updates. The primary goal is to make it 
> uncensored.

Have you had a look at YaCy [1]?


> 
> 5.  Distributed Email and Instant Messaging
> 
> Accounts can be purchased for Bitcoins, completely decentralized. 
> Speed of delivery is unimportant and should be a best effort 
> system. The inclusion of a "global broadcast" for a premium is 
> recommended. This latter services allows for important 
> announcements to be flashed across the world. The premium should
> be set very high to prevent abuse.

Why do you want to sell anything and everything? The nice thing about
Tor is that you can set up your own HS *without* the need for a central
authority and *without* the need to pay anything.

For decentralized instant messaging (without the need to pay, I might
add), have a look at TorChat [2]


> 
> 6.  Distributed News Service
> 
> Pay a premium and post your story.  This will ensure only
> important news hits this newswire.

Yes, because those with most money and willingness to pay are those with
the most important news for everybody.


> 
> 7.  Distributed Start Page and TOR Index
> 
> TOR needs an entry point, somewhere that provides access to all 
> services and can guide users through the system. Many sites have 
> tried to serve this function, none have survived.
> 

Do you realize that one of the points of a *Hidden* Service might be
that it does *not* show up in a publicly available list of services?

Feel free to create a HS for users new to Tor, which exemplarily
introduces the users to some Hidden Services cherry-picked by you.



Best regards,
- --RTNO


[1] http://yacy.net/
[2] https://github.com/prof7bit/TorChat
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/

iQIcBAEBAgAGBQJSinRdAAoJEJe61A/xrcOQZCAQAI9iBgCqXAqMVC/R8ivLIsL9
sJP5l0CCfevJuSFDXxZ72erj1sKNhqQUKCNsvF+ek/gTeOg6BACWqbd0tcc5eebO
hKu+ANgiGAo/0eSdKeJ9aHugsigC5yxzWYkTfThppTDELB2OkLFLW0APj76MOzvh
NNz21HTRKCZdVaAS7kB3V8BDcNRdOMI3yMrjBDoQOS6nGgXqGZFlbTc0bpK6LeWn
e8hba2pICqDeBXlZq0sstsmxRQ+lZingDK75gzolFPZ6zJNqT7aZsqLcpIaq3Ngm
K3U/DRM00l5LF29hojq0G8SOd5ckqtC7bLPUXkWG35qu/NgGIsyXbaGSMIKVTVhp
fE1yXPsIPCXdJNFX4lyhVUJpdvcPPSOLJMgUCkmn0HRc5YaecQrsLP7tgi+nZAta
KLbTPH/iK5pugiOISEVDTdgT9GnhBAfDUvE9EabhRuQYMy/aYXoKNbZTu7JNV7ZO
mPmXOYmgnAHcKPJ0rGvo1No1iAaMfGqEr1REB+8E/LHm+RgHWWrzsNzcwwJojco9
9UafsmT48lzCxBc1rBg18wjMvX8ZvBeLD96Ju3s5aGd3rOTB8lpQ/EA8X2Z9BNfr
4BOELzAfauSbu3U6dr1oWM5ucknQgbjLx7jnf3TqdjkInC8K4UDkHRYOU9xrzAZC
3FmWGwdn/5Br0oAS1gtY
=a1um
-----END PGP SIGNATURE-----

More information about the tor-talk mailing list