[tor-talk] New TOR Service Suggestions and Enhancements

Mark McCarron mark.mccarron at live.co.uk
Tue Nov 19 05:50:50 UTC 2013

> Date: Mon, 18 Nov 2013 21:11:40 +0100
> From: tor at unterderbruecke.de
> To: tor-talk at lists.torproject.org
> Subject: Re: [tor-talk] New TOR Service Suggestions and Enhancements
> Hash: SHA1
> On 11/18/2013 05:23 PM, Mark McCarron wrote:
> > With all the recent crack downs on civil liberties, seizure of TOR
> >  services and general censorship that is now hitting even 
> > mainstream search engines, I would like to propose a set of new 
> > services and some enhancements to the network layer to improve 
> > anonymity. We need to get as much support as possible behind these 
> > services and improvements as they will assist in both the
> > expansion and self-funding capability of TOR going forward.
> > 
> > The following services have been suggested and will require a fee,
> >  paid in Bitcoins, which will be donated to the TOR project. This
> > is a security measure to prevent saturation of the services. These
> >  services should be integrated into the TOR software and run in a 
> > distributed fashion.
> > 
> > 1.  Distributed Web Hosting
> > 
> > Currently, anyone hosting a hidden service must provide their own 
> > hosting solution and use software to provide access to the TOR 
> > network. This strategy has seen increasing number of services taken
> > down in raids by various governments. We require a distributed
> > hosting solution that provides a web server and database to anyone.
> > The requirements for the service are as follows:
> > 
> > a.  Payment gateway that accepts Bitcoins and either generates a 
> > new site, or renews a previously generated private key. This 
> > gateway should retain no knowledge of any transaction, or the 
> > ability to revoke a site once generated. Sites should
> > automatically expire after a given date, unless the private key is
> > renewed. Private key renewals should not require the private key to
> > leave the client-side.
> > 
> > b.  Sites can be hosted at any node in an encrypted server with 
> > redundancy options (whack-a-mole) and automatic replication between
> > nodes. No node should be able to inspect what it hosts in any
> > fashion. A premium can be paid to increase replication times.
> > 
> > c.  Should provide a set minimum of traffic capacity, a premium
> > can be paid to increase that capacity or link sites to build a
> > larger service (i.e. multiple front-ends, database clusters). A
> > Bitcoin pool should be created that providers of this service can
> > be paid from to compensated for the increased processing.
> > 
> While I strongly agree that a distributed HS system would be very
> desirable, I find the idea to make it dependent on any kind of payment
> very appalling.
> Especially your point 1c, which is exactly what many ISPs try to force
> upon their customers nowadays. Be on the slow lane or pay a premium. And
> what if a critical mass of users is already on the fast lane? Thanks,
> but no thanks. Best effort should remain the way to go.
> What you call the gateway would also be a single point of failure.
> Unless that gateway was decentralized, too, some TLA could simply decide
> to seize it because one of the countless Hidden Services was doing
> something bad. Consequently, all other HS would fade out when their keys
> expire.

In an ideal world, there would be no payment system.  In the world as it
 is today, we must deal with both abuse of a system and the realities of
 the costs of operating a system.  In respect to the latter, we cannot 
live in some hippy freeloader universe.

In regards to 1c, you 
felt it was a type of net neutrality.  No, that is wrong.  Think of it 
more like the difference between shared and dedicated hosting.

The payment gateway would also be distributed.

> > 2.  Distributed File Hosting
> > 
> > Follows the same structure as web hosting, but provides an FTP 
> > service. Should integrate into the web hosting layer seamlessly.
> > 
> > 3.  Distributed Virtual Machine Hosting
> > 
> > Follows the same structure as web hosting, but provides a complete
> >  virtual OpenBSD/Linux platform. A Bitcoin pool should be created 
> > that providers of this service can be paid from to compensated for 
> > the increased processing.
> This kind of approach would be needed to go beyond a "simple"
> distributed storage for static files. How else would you host a HS which
> runs any kind of interactive content...

The file hosting discussed on deals with ftp-like services.  If a need is shows for other types of file hosting, it can be added, but we should focus on core services first.

> > 
> > 4.  Distributed Web Indexer
> > 
> > Uncensored search of the entire internet.  Speed is unimportant,
> > as is the frequency of updates. The primary goal is to make it 
> > uncensored.
> Have you had a look at YaCy [1]?

Not until you mention it.  This solution looks viable and should be re-written and absorbed into the default install of TOR.

> > 
> > 5.  Distributed Email and Instant Messaging
> > 
> > Accounts can be purchased for Bitcoins, completely decentralized. 
> > Speed of delivery is unimportant and should be a best effort 
> > system. The inclusion of a "global broadcast" for a premium is 
> > recommended. This latter services allows for important 
> > announcements to be flashed across the world. The premium should
> > be set very high to prevent abuse.
> Why do you want to sell anything and everything? The nice thing about
> Tor is that you can set up your own HS *without* the need for a central
> authority and *without* the need to pay anything.
> For decentralized instant messaging (without the need to pay, I might
> add), have a look at TorChat [2]

Its not about selling, its is about preventing the abuse of resources and ensuring anything that requires servers can scale with the user base rather than being contested.

TORChat solves the instant messaging issue and should be bundled.  Now we need a distributed email system.

> > 
> > 6.  Distributed News Service
> > 
> > Pay a premium and post your story.  This will ensure only
> > important news hits this newswire.
> Yes, because those with most money and willingness to pay are those with
> the most important news for everybody.

It would be a token amount, its just to prevent spam mainly.

> > 
> > 7.  Distributed Start Page and TOR Index
> > 
> > TOR needs an entry point, somewhere that provides access to all 
> > services and can guide users through the system. Many sites have 
> > tried to serve this function, none have survived.
> > 
> Do you realize that one of the points of a *Hidden* Service might be
> that it does *not* show up in a publicly available list of services?
> Feel free to create a HS for users new to Tor, which exemplarily
> introduces the users to some Hidden Services cherry-picked by you.

I understand that, I'm thinking of an automated directory similar to TORDir where you manually add services and ones that fail a given number of checks get pruned from the system.

Creating a hidden service to act as a start page, or gateway, for users has been tried time-and-time again.  Look at core.onion, gone in a flash.  We require something more robust.

More information about the tor-talk mailing list