mirrors/tor
1
0
Fork 0
mirror of https://gitlab.torproject.org/tpo/core/tor.git synced 2024-11-20 10:12:15 +01:00
Code Issues Projects Releases Wiki Activity
97dfa611d1
tor/doc/TODO.external
Roger Dingledine 97dfa611d1 note some progress we've made on a few of them 
svn:r19177
2009-03-29 03:13:42 +00:00

183 lines
6.5 KiB
Plaintext
Raw Blame History

$Id$
Legend:
SPEC!! - Not specified
SPEC - Spec not finalized
N - nick claims
R - arma claims
P - phobos claims
S - Steven claims
E - Matt claims
M - Mike claims
J - Jeff claims
I - ioerror claims
W - weasel claims
K - Karsten claims
C - coderman claims
- Not done
* Top priority
. Partially done
o Done
d Deferrable
D Deferred
X Abandoned
=======================================================================
External constraints:
Past due:
N - Refine proposal 158, and implement.
For June/July:
NR - Work more on Paul's NRL research problem.
For March 22:
I * Email auto-responder
* How do we better support users with limited email
bandwidth? Multi-part download? Teach them how to reconnect
their gmail? Does downloading your gmail work when your network
keeps dying?
K - Metrics.
- With Mike's help, use Torflow to start doing monthly rudimentary
performance evaluations:
- Circuit throughput and latency
- Measure via Broadband and dialup
- Publish a report addressing key long-term metrics questions:
- What metrics should we present?
- What data are available for these metrics?
- What data are missing, and can collect them safely? Can we
publish them safely?
- What systems are available to present this data?
E - Vidalia improvements
- Put out a Vidalia release with the new features in it.
- Vidalia displays by-country user summary for bridge operators
? - write a help page for vidalia, "what is this"
M - Torbutton development
- Put out a Torbutton release with the new features in it.
C - Transparent interception of connections on Windows
- Write a summary (with links) of current progress and current
limitations.
S - Continue analyzing "traces" left on host machine by use of
Tor Browser, especially once we have our new launcher and have moved
to FF3. Write a summary of current progress, and what remains. Try
to solve some of the low-hanging fruit.
I d Get a relay operator mailing list going, with a plan and supporting
scripts and so on.
For mid August:
Section 0, items that didn't make it into the original roadmap:
0.1, installers and packaging
C . i18n for the msi bundle files
P . more consistent TBB builds
IC- get a buildbot up again. Have Linux and BSD build machines.
(Windows would be nice but realistically will come later.)
E - Get Tor to work properly on the iPhone.
3.1.1, performance work.
XXX
4.1, IOCP / libevent / windows / tor
N - get it working for nick
N - put out a release so other people can start testing it.
N - both the libevent buffer abstraction, and the
tor-uses-libevent-buffer-abstraction. Unless we think that's
unreachable for this milestone?
4.2.1, risks from becoming a relay
S - Have a clear plan for how users who become relays will be safe,
and be confident that we can build this plan.
- evaluate all the various attacks that are made possible by relaying.
specifically, see "relaying-traffic attacks" in 6.6.
- identify and evaluate ways to make them not a big deal
- setting a low RelayBandwidth
- Nick Hopper's FC08 paper suggesting that we should do a modified
round-robin so we leak less about other circuits
- instructing clients to disable pings in their firewall, etc
- pick the promising ones, improve them so they're even better, and
spec them out so we know how to build them and how much effort is
involved in building them.
4.5, clients download less directory info
N - deploy proposal 158.
N - decide whether to do proposal 140. if so, construct an implementation
plan for how we'll do it. if not, explain why not.
5.1, Normalize TLS fingerprint
N o write a draft list of possible attacks for this section, with
estimates about difficulty of attack, difficulty of solution, etc
N - revisit the list and revise our plans as needed
NR- put up a blog post about the two contradictory conclusions: we can
discuss the theory of arms races, and our quandry, without revealing
any specific vulnerabilities. (or decide not to put up a blog post,
and explain why not.)
5.5, email autoresponder
I . maintenance and keeping it running
5.7.2, metrics
XXX.
6.2, Vidalia work
E - add breakpad support or similar for windows debugging
E o let vidalia change languages without needing a restart
E - Implement the status warning event interface started for the
phase one deliverables.
E - Work with Steve Tyree on building a Vidalia plugin API to enable
building Herdict and TBB plugins.
6.3, Node scanning
M - Steps toward automation
- Set up email list for results
- Map failure types to potential BadExit lines
M - Improve the ability of SoaT to mimic various real web browsers
- randomizing user agents and locale strings
- caching, XMLHTTPRequest, form posting, content sniffing
- Investigate ideas like running Chrome/xulrunner in parallel
M - Other protocols
- SSH, IMAPS, POPS, SMTPS
M - Add ability to geolocalize exit selection based on scanner location
- Use this to rescan dynamic urls filtered by the URL filter
6.4, Torbutton development
M - Resolve extension conflicts and other high priority bugs
M - Fix or hack around ugly firefox bugs, especially Timezone issue.
Definitely leaning towards "hack around" unless we see some
level of love from Mozilla.
M - Vidalia New Nym Integration
- Implement for Torbutton to pick up on Vidalia's NEWNYM and clear
cookies based on FoeBud's source
- Do this in such a way that we could adapt polipo to purge cache
if we were so inclined
M - Write up a summary of our options for dealing with the google
you-must-solve-a-captcha-to-search problem, and pick one as our
favorite option.
6.6, Evaluate new anonymity attacks
S - relaying-traffic attacks
- original murdoch-danezis attack
- nick hopper's latency measurement attack
- columbia bandwidth measurement attack
- christian grothoff's long-circuit attack
S - client attacks
- website fingerprinting
7.1, Tor VM Research, analysis, and prototyping
C . Get a working package out, meaning other people are testing it.
7.2, Tor Browser Bundle
I - Port to one of OS X or Linux, and start the port to the other.
I . Make it the recommended Tor download on Windows
I - Make sure it's easy to un-brand TBB in case Firefox asks us to
I - Evaluate CCC's Freedom Stick
Reference in New Issue View Git Blame Copy Permalink