|
|
|
= Hidden Services Crowdfunding Campaign =
|
|
|
|
|
|
|
|
== Task Brainstorming Area ==
|
|
|
|
|
|
|
|
* Improve security
|
|
|
|
* Implement the next generation hidden services proposal (rend-spec-ng.txt)
|
|
|
|
* also finalize and implement proposal 202 (improved relay crypto)
|
|
|
|
* High-latency anonymity + HS research
|
|
|
|
* also look into pynchon gate / alpha mixing
|
|
|
|
* Better guard security for HSes
|
|
|
|
* More guard discovery research
|
|
|
|
* More long-lived HS circuits
|
|
|
|
* Add entry guard rate limiting so that the HS stops working after so many guards
|
|
|
|
* Better guard node data structures (#12595)
|
|
|
|
* Tor path building with AS awareness
|
|
|
|
* Modularize Tor and write different parts of Tor in different languages (golang/rust/etc.)
|
|
|
|
* Write PoC for constant time padding protection against traffic analysis
|
|
|
|
* Compartmentalize crypto keys from the rest of Tor (see SoftHSM project)
|
|
|
|
* Better defence against tagging attacks
|
|
|
|
* Support postquantum crypto throughout the Tor protocol. Just in case!
|
|
|
|
* Better integration for TAILS in a VM
|
|
|
|
* Rewrite all Tor parsers to use trunnel
|
|
|
|
|
|
|
|
* Improve the hidden service community
|
|
|
|
* Improve integration with securedrop/pond/ricochet/torchat/whonix/openbazaar/onionshare
|
|
|
|
* More hidden service search engine research and development (see ahmia)
|
|
|
|
* Host a few useful HSes ourselves or with partner (e.g. pond/jabber server)
|
|
|
|
* Fund TWN author
|
|
|
|
* help maintain and extend pond
|
|
|
|
* research and PoC of anonymous blacklisting credentials
|
|
|
|
* collaborate with other anonymity projects (I2P/Gnunet/etc.) and closely review each other's code
|
|
|
|
|
|
|
|
* Improve performance
|
|
|
|
* More hidden service scaling / fault tolerance / availability
|
|
|
|
* More R&D on tor2web mode and encrypted services (its server-side equivalent)
|
|
|
|
* Make the Tor network itself more scaleable (support hundreds of thousands of relays!)
|
|
|
|
|
|
|
|
* Improve human factor / usability
|
|
|
|
* Analysis of HS use cases
|
|
|
|
* Petnames!
|
|
|
|
* petname system for gnunet: [https://gnunet.org/fcfs/Zoneinfo]
|
|
|
|
* GNS: [https://moderncrypto.org/mail-archive/messaging/2014/000939.html]
|
|
|
|
* SDSI: [http://people.csail.mit.edu/rivest/sdsi10.html]
|
|
|
|
* Better VM images to make HS easier and more secure to run and harder to deanonymize
|
|
|
|
* Better UI for HSes
|
|
|
|
* client-side: Makes HS authentication more user friendly, [XXX]
|
|
|
|
* client-side: Display HS circuit establishment process on the browser (similar to % process bar)
|
|
|
|
* HS-side: Make it easier for HS operators to check their guard nodes and the node history etc.
|
|
|
|
* Make it easier for HS operators to check their guard nodes and the node history etc.
|
|
|
|
* Write "best usage advice for HS operators" document (see #13843)
|
|
|
|
* Allow HSes to have configurable threat model (profiles)
|
|
|
|
* the default profile
|
|
|
|
* the Facebook profile: more IPs, more scaleability
|
|
|
|
* the paranoid profile: more guard discovery protection, bigger guard lifetime
|
|
|
|
* Make all the tor mods to better support SSL certs in HSes
|
|
|
|
* sign selfsigned cert with onion key etc.
|
|
|
|
* [https://blog.torproject.org/blog/facebook-hidden-services-and-https-certs]
|
|
|
|
|
|
|
|
* More projects!
|
|
|
|
* Tor router
|
|
|
|
* Stormy
|
|
|
|
* Video chat over HSes
|
|
|
|
* Generate video-broadcast hidden service on the fly, perhaps as a gui
|
|
|
|
* Tor on iOS or android
|
|
|
|
* Tor messenger
|
|
|
|
|
|
|
|
* Misc
|
|
|
|
* Crypto and/or code audit by [whitfield diffie / PPP / google security team / subgraph / the blackhats]
|
|
|
|
* Do online lecture series (coursera-style) on privacy / anonymity network design
|
|
|
|
* get full time press person (or any other position we missing and community might appreciate)
|
|
|
|
* tunnel tor inside bittorrent
|
|
|
|
* Write a Tor book
|
|
|
|
|
|
|
|
Stretch goals!
|
|
|
|
|
|
|
|
== Rewards brainstorming ==
|
|
|
|
|
|
|
|
Need more cool ideas for rewards to people who pledge
|
|
|
|
|
|
|
|
* We deanonymize/credit you in the blog post
|
|
|
|
* Stickers / Swag / Posters / T-Shirts -> juris@torservers willing to handle logistics
|
|
|
|
* Unique swag? Art by Tor people?
|
|
|
|
* Tor baseball caps
|
|
|
|
* Your name in the unittest constants
|
|
|
|
* Evening/night out with Tor people in the next dev meeting.
|
|
|
|
* Your 5 uninterrupted minutes with Roger
|
|
|
|
|
|
|
|
== Crowdfunding platform logistics ==
|
|
|
|
|
|
|
|
Which crowdfunding platform? Why? How?
|
|
|
|
Kicsktarter? Indiegogo? Or maybe thresh!
|
|
|
|
|
|
|
|
== TODO ==
|
|
|
|
|
|
|
|
What have we missed during task brainstorming? Should we add more TBB stuff? More non-HS stuff?
|
|
|
|
|
|
|
|
== Misc ==
|
|
|
|
|
|
|
|
"Onion Services: Next Generation Hidden Services" I'm telling you it's powerful. |
|
|
|
\ No newline at end of file |