phobos's blog

www, archive, ns, and rsync +1

Thanks to Debian for providing a fine server capable of providing redundancy for a number of services. This new server is in live rotation for https://archive.torproject.org, https://www.torproject.org, acts as one of our primary DNS servers, and provides rsync for the archive data store. It mirrors 165GB of data hourly. The server is located in Darmstadt, Germany and provides a copy of the services on the European continent.

The addition of a second server allows us to implement some changes to the way we allow others to mirror our data sets. The primary server behind archive.torproject.org is also known as rsync.torproject.org. It now solely serves up rsync.torproject.org. If you have scripts that periodically mirror archive.torproject.org, you probably want to update them for rsync.torproject.org.

Thanks to the Debian Sysadmin Team for the server and hosting!

Wading into social waters

Recently, we've been introduced to two "Tor Project" Facebook Org pages. Neither of which are run by us at Tor, yet. There was also a Google+ page for a while, too. We currently use a few social media methods, such as mailing lists, pgp web of trust, internet relay chat, Identi.ca, and Twitter. Some people are very upset Tor is seemingly supporting Facebook, Google+ and others.

We're expanding into Facebook, Google+, Reddit, and others because our users are asking for it. There are existing Tor communities in many places, and we don't need to formally be at them all. It's great when individuals step up to the challenge and represent Tor in positive ways. However, as people join these communities, they are looking for a real discussion with us. For many people, these platforms are the primary means of communication.

We do have some concerns about social media sites. Let's enumerate these concerns.

  1. Current social media solutions don't respect user privacy, however it's all we have today. With buttons like "+1", "Like", and "Tweet this" strewn about websites, tracking your normal web activity, Tor is at least one solution to help you stop this global tracking. We believe you should be fully in control of your own data and metadata.

  2. The users are currently using these systems in very unsafe ways. We can join the system and set up a presence with details about how to use these systems more safely--or if they cannot be used safely at all. The goal is to educate people.The EFF has an explanation of these risks as well.

  3. We can get our message out to people and have a discussion with them, where they are, even though we don't control the medium and risk getting kicked off the system.

  4. Some are impersonating us now, and not at the quality level we want to see. A bad answer or impression from a fake Tor is worse than no answer at all.

Why don't we write our own?

Writing and deploying our own social media system is beyond the scope of our mission. However, tor can provide an anonymous base for such a system. We have hope for systems like Diaspora, tent, and FreedomBox.

Announcing Tor Reports

For the past four years, I've been summarizing progress of Tor on the blog. See the tag progress report for the history of these reports. Based on community feedback, we're switching to a mailing list with archive of the raw status reports. Tor-reports is live. The goal is to provide the raw details rather than summarizing all of the progress and only being able to provide a quick summary per topic.

Each developer, advocate, and internal staff will be posting their reports to this list. The idea is to share more with the community and give people a chance to ask questions directly of the people doing the work. Enjoy the transparency.

Florence Hackfest Thanks

Thanks to all who attended and helped make the hackfest in Florence a success. Around 50 people stayed for the two day event. We heard from a team working on a free hardware and software (firmware to drivers) laptop prototype, some Italian legal experts with regards to anonymity, encryption, and chilling effects used to great length in the country, plus a number of Italian hackers from EuroPython 2012 interested in Tor (and vice versa).

And a big thanks to the Università degli Studi di Firenze, Il Progetto Winston Smith and Arturo for their translations, coordinations, and general welcoming attitude to Italy.

2012 Florence Hackfest

On July 5 and 6 we are holding an open hackfest at the Università degli Studi di Firenze in Florence, Italy.

Please attend if you have some interest in programming, advocacy, marketing, or (network security/anonymity/computer science/etc) research with Tor, or are willing to be persuaded to entertain an interest. :) Tor's a small project (in terms of number of developers) that could really use your help.

The majority language will be English, but there will be some Italian speakers at the hackfest.

More details can be found on the Florence Hackfest wiki page.

See you in Florence!

April 2012 Progress Report

Our progress report for April 2012 is now available. Highlights include tls/openssl updates, bridgeDB plans, tor cloud updates, obfsproxy updates, shadow tor simulator thoughts, new tor alpha release, support queue stats, and some press and speaking slots.

Available as a pdf with full color graphs, https://archive.torproject.org/monthly-report-archive/2012-April-Monthly...

or as a plain text file for portability and readability, https://archive.torproject.org/monthly-report-archive/2012-April-Monthly...

Stockholm Internet Forum Trip Report and Clarifications

The quick trip report

I spent the past week in Sweden for the Stockholm Internet Forum1, to meet up with our funders at Sida2, and to meet some activists looking for help and advice for their cause back in their home countries. Overall, it was a great trip. The Biståndsminister (Minister for Development)3, Gunilla Carlsson, specifically named Tor in her speech as a project she is proud to support and fund.

In the afternoon, I gave a Tor talk to support DFRI 4. The room was in a different building, way in back, with few signs to direct you to it. Hanna from dfri went out to grab people. In a short while, the room was packed, with people standing in the back and people sitting in the window seats. I would say roughly 35 people came and left during the session. I purposely did a quick 30 minute tor talk to leave time for questions. There were lots of questions, most about how to help and improve tor. The TeliaSonera5 people were interested in the intersection of Tor and the EU Data Retention Directive being implemented in Sweden on May 1. I'm not sure if TeliaSonera is for or against data retention. Frank La Rue6, Special Rapporteur on the promotion and protection of the right to freedom of opinion and expression, was in the room for most of the talk too.

Misconceptions around Tor

Many Europeans thought we were a Swedish company already and were generally surprised to hear we are from the States. The Latin Americans and Middle East people are cautiously supportive of Tor. I kept running into misconceptions about Tor, the charity, the software, and if we're humans or not. Hopefully this post will clear up these misconceptions.

  1. Tor was not started by the US Navy. The US Naval Research Labs (NRL) started a project in the 1990s called onion routing7. Tor uses the basic onion routing principles and applies them to the Internet. The volunteer Tor group started in 2001. The formal charity, The Tor Project, started in 2006. We continue to work with Dr. Paul Syverson from NRL on improving onion routing and therefore Tor.
  2. The goal of Tor is to give you control over your identity and privacy on the Internet. An equal goal is to enable research into anonymous communications on the Internet. We try very hard to make you anonymous by default. With this anonymity, it is up to you where you go, what you do, and what information about yourself you divulge. The goal is that you are in control.
  3. In 2011, Tor received a total of $1.3 million in funding from a few sources: Internews, The Broadcasting Board of Governers, Sida, SRI International, and roughly 700 individual donors. Our forthcoming audit will show the funding and how we spent it. People seem to think Tor is a massive operation with hundreds of millions in funding. We publish our audit reports and financial statements every year after our audit is complete8.
  4. Tor has a paid staff of 13 people. 10 of the 13 are developers and researchers. We have a part-time CFO, a marketing/policy person, and an Executive Director. We rely heavily on thousands of volunteers. We care a great deal about our community. Our core people9 are the most dedicated to improving Tor and have contributed greatly to the cause. We are currently looking to make this 14 people by hiring a dedicated developer10.
  5. We are human. Each of us involved is generally public about who we are and what we do for Tor. As we're only 13 people, we cannot be everywhere at once. We spend very, very little on marketing and advertising. A few of us, namely Roger, Jacob, Andrew, and Karen, do the bulk of public speaking. You can see various videos of our talks, lectures, and speeches in our media archive11.

Overall, the trip to Sweden was successful. And I hope these five points clarify who and what is Tor.

March 2012 Progress Report

Our progress report for March 2012 is now available. Highlights include lots and lots of metrics work, bridge infrastructure work, new tor alpha release, support queue stats, and some press and speaking slots.

Available as a pdf with full color graphs, https://archive.torproject.org/monthly-report-archive/2012-March-Monthly...

or as a plain text file for portability and readability, https://archive.torproject.org/monthly-report-archive/2012-March-Monthly...

Syndicate content Syndicate content