[tor-talk] Tor implementation in JavaScript / FirefoxOS

Aymeric Vitte vitteaymeric at gmail.com
Thu Mar 20 14:52:56 UTC 2014

Thanks, indeed if it's about fetching and REST requests, node-Tor fits 
perfectly, cryptocat, globalleaks, hidden services/tor2web (no browsing??),

The fact is that I am convinced that the right approach is a serverless 
one and the app inside the browser so you don't have to install anything 
and it's working on any platform.

This does not prevent to have some "facilitators" doing the same as 
background processes on node, ff os, etc

If you have some time take a look at 
, complete serverless anonymous P2P using the Tor protocol (so a 
distributed Tor network inside peers), unstoppable, technically we are 
not far from it.

It's now easy to build whatever you like on top of node-Tor, there is 
only one difficulty: browsing, how to direct the requests to the Tor 
circuits that the app has established?

It's a bit of a paradox, the most complicate works but this "simple" 
thing does not exist (OK, it's not so simple but this would just be like 
proxying to the Tor circuits in a sandboxed container, like iframe but 
we don't like iframes, that's why I am sketching something based on 
createObjectURL) , maybe members of browsers vendors on the list here 
have some ideas...



Le 20/03/2014 13:54, Nathan Freitas a écrit :
> On 03/20/2014 08:33 AM, Aymeric Vitte wrote:
>> As Andreas wrote, there is the node-Tor [1] project, it's implementing
>> the OP and OR inside browsers, as well as on any js platform like node.
>> It's fully working, it does implement some other protocols on top of the
>> Tor protocol used for example for Peersm project [2], it is used too for
>> the Peersm clients and Websocket bridges [3], it can of course connect
>> to the Tor Websocket bridges (flash proxy), it implements whatever
>> necessary Tor, SSL/TLS, ws, socks, etc in js, ORDB1 to 3 are live in the
>> Tor network.
> Impressive work!
>> The target of Peersm is to have the peers (ie browsers) implement the
>> Tor nodes using WebRTC.
>> So the Onion proxy is inside the browser, then the question is: how can
>> I browse things with the OR inside the browser? You can easily fetch
>> things connecting to a Tor or Peersm bridge via Websosckets but how to
>> browse?
> If today, I wanted to build an HTML5/JS/REST app, say something like
> Globaleaks or Crypto.cat, that had note-Tor built into it, that should
> work fairly easily then? Both of these apps make single JSON-type HTTP
> connections to a single server, so the need for general purpose
> web-browsing is not necessary.
>> The idea is of course to get rid of the traditional SOCKS proxy, whose
>> configuration can be a bit painfull for some and depends on the
>> platform, this was the concept of [4], but definitely too much
>> complicate and not very user friendly for something that is implemented
>> inside browsers, then supposedly easy to use.
> Yes, agreed, and on mobile devices the option for proxying seems to be
> never there by default, at least as part of the browser app.
>> So the question remains, you should have a means to say "I am loading
>> http://www.example.com, direct all the requests that this page is
>> loading as you would do it using SOCKS to one of the x circuits I have
>> established with the Tor network"
>> This might look quite strange, but maybe something like
>> createObjectURL('example.com html code', reference to the transport
>> supporting my Tor circuits (ws, webrtc))
> The issue will be (and I am sure there are many more) that when your
> Gecko/WebView container loads up the page you request, all subsequent
> requests for content for embedded images, js, etc will also need to be
> routed over this new API, and all standard HTTP connections blocked.
> It is pretty exciting to see that Tor now has viable implementations in
> C, Java and Javascript.
> +n

Peersm : http://www.peersm.com
node-Tor : https://www.github.com/Ayms/node-Tor
GitHub : https://www.github.com/Ayms

More information about the tor-talk mailing list