Commit 7555fb6d authored by Pili Guerra's avatar Pili Guerra
Browse files

Update GSoC project descriptions

parent 6f92cbe5
......@@ -33,18 +33,27 @@ The scope of this project is creating a open-source community-driven browsable l
---
body:
# Problem
Security concerned web users take conscious steps to limit the amount of data they share with the websites visited and third party services.
There are a number of security enhancing tools available. Some come in the form of browser extensions and javascript blockers, others are full fledged web browsers designed with providing extra security to their users.
One of this is the Tor Browser. The Tor Browser was designed to provide privacy while surfing the web and defend users against both network and local forensic adversaries. There are two main categories of requirements that have been considered: Security Requirements, and Privacy Requirements.
One of these is the Tor Browser. The Tor Browser was designed to provide privacy while surfing the web and defend users against both network and local forensic adversaries. There are two main categories of requirements that have been considered: Security Requirements, and Privacy Requirements.
Security Requirements are the minimum properties in order for a browser to be able to support Tor and similar privacy proxies safely. Privacy requirements are primarily concerned with reducing linkability: the ability for a user's activity on one site to be linked with their activity on another site without their knowledge or explicit consent.
Websites can work seamsly with the Tor Browser and other privacy enhancing browsers and tools if they adopt a series of respectful and ethical patterns.
# Proposal
Websites can work seamlessly with the Tor Browser and other privacy enhancing browsers and tools if they adopt a series of respectful and ethical patterns.
The Tor Browser is in fact, based on Mozilla's Extended Support Release (ESR) Firefox branch. We have a series of patches against this browser to enhance privacy and security. Browser behavior is additionally augmented through the Torbutton extension, and we also change a number of Firefox preferences from their defaults.
The Tor Project has developed over the years a set of web development guidelines that allow websites to work with security enhanced browsers without causing any or minimal functionality destruption to their users. These guidelines have been shaped in an internal styleguide that has been adopted across all torproject.org websites.
We are now formalizing these web development patterns and some security concerns that need to be considered when developing websites for users surfing the web with security enhanced browsers and tools.
We are now formalizing these web development patterns and some security concerns that need to be considered when developing websites for users surfing the web with security enhanced browsers and tools. The scope of this project is creating a open-source community-driven browsable list of patterns and release a css/js framework that web developers can extend and use in their work.
# Resources
- Tor Project [styleguide](https://styleguide.torproject.org/)
- Styleguide repo on github: https://github.com/torproject/styleguide
......@@ -33,7 +33,16 @@ This project entails implementing Salmon, a bridge distribution mechanism that p
---
body:
Short description: Many users rely on bridges, or anti-censorship proxies, to connect to the Tor network. We need a way of distributing bridge information to users so that they are able to connect. However, when censors learn this information the bridges quickly become blocked and can no longer be used. Our goal is to distribute bridges to users in censored regions when they need them, while also limiting the amount of bridge information that is leaked to censors.
# Problem
For more information on Salmon, see the related paper and source code.
Bridges are Tor relays that are not publicly listed and therefore allow access to the Tor network in places where access to the public Tor relays, and therefore access to the Tor network, is blocked. Many users rely on bridges, or anti-censorship proxies, to connect to the Tor network. However, when censors learn this information, the bridges quickly become blocked and can no longer be used. We need a way of distributing bridge information to users so that they are able to connect without these bridges being discovered by the censors.
# Proposal
Our goal is to distribute bridges to users in censored regions when they need them, while also limiting the amount of bridge information that is leaked to censors. This project entails implementing Salmon, a bridge distribution mechanism that partitions and distributes bridges using reputation to give well-behaved users access to "better" bridges and add a penalty when their bridges get censored.
# Resources
- Original Paper: [Salmon: Robust Proxy Distribution for
Censorship Circumvention](https://petsymposium.org/2016/files/papers/Salmon__Robust_Proxy_Distribution_for_Censorship_Circumvention.pdf)
- Salmon Project on github: https://github.com/SalmonProject
\ No newline at end of file
......@@ -33,8 +33,15 @@ This project entails implementing a Snowflake proxy app that will run on Android
---
body:
Snowflake is a circumvention system in which volunteers can run proxies to help users connect to the Tor network. Users make WebRTC connections to the proxies, who then relay this data to a Snowflake bridge and then on to the Tor network. The advantage of using WebRTC is that Snowflake proxies can frequently change IP address or operate behind a NAT. At the moment, we have implemented the Snowflake proxy code as a web extension or a web badge, but we have not yet implemented a proxy that will run smoothly on Android.
# Background
[Snowflake](https://snowflake.torproject.org/) is a circumvention system in which volunteers can run proxies to help users connect to the Tor network. Users make WebRTC connections to the proxies, who then relay this data to a Snowflake bridge and then on to the Tor network. The advantage of using WebRTC is that Snowflake proxies can frequently change IP address or operate behind a NAT. At the moment, we have implemented the Snowflake proxy code as a web extension or a web badge, but we have not yet implemented a proxy that will run smoothly on Android.
# Proposal
This project entails implementing a Snowflake proxy app that will run on Android and relay a user's Tor traffic to the Tor network in the background. There is an implementation component as well as an exploration and testing component while we figure out how to achieve good performance from a background application without using too much of the volunteer proxy's data or resources.
Skills Needed: Development experience on Android.
\ No newline at end of file
# Resources
- [Snowflake](https://snowflake.torproject.org/)
- Snowflake repo: https://gitweb.torproject.org/pluggable-transports/snowflake.git/
\ No newline at end of file
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment