February 2011 Progress Report

New hires
We contracted Runa Sandvik to work on moving the torouter project forward, https://trac.torproject.org/projects/tor/wiki/TheOnionRouter/Torouter, translations, and integration of tor web server log analysis and publication.

New Releases
On February 23rd, we released an updated Tor -stable. Tor 0.2.1.30 fixes a
variety of less critical bugs. The main other change is a slight tweak to Tor's TLS handshake that makes relays and bridges that run this new version reachable from Iran again. We don't expect this tweak will win the arms race long-term, but it
buys us time until we roll out a better solution. Full announcement at
https://lists.torproject.org/pipermail/tor-announce/2011-February/00000…

Censorship resistance

  • Arm development has stayed relatively on track, with the revised
    connection panel very nearly achieving parity with its predecessor
    (and in most respects surpassing it). Most of what remains are
    refinements and tasty new features. Arm has also been added to Debian
    (Sid) and Ubuntu (Natty) with backports pending. Many thanks to Peter
    for his help.
  • Tom spent some time assisting Jacob with a satellite test. The test wound
    up breaking due to flaky hardware, however they were able to collect some usable
    data.
  • Created the trac ticket around hidden service improvements,
    https://trac.torproject.org/projects/tor/ticket/2552. We need to focus on
    improving hidden services and fixing some of the performance and reliability
    issues within.
  • Mike fixed a bunch of torbutton bugs. His summary iteration results are
    at https://trac.torproject.org/projects/tor/ticket/2591.
  • Mike helped fix the bandwidth authority on salsa that exploded due to a
    reinstall.

Architecture and Design Docs for better censorship resistance

  • Karsten and Sebastian tried to improve the database schema in metrics-db
    to speed up relay search performance. Unfortunately, the required updates
    from the old schema took forever, so we don't just need a better schema, but
    also a better migration strategy to go from one schema to the next.
  • Karsten started moving code from metrics-db to metrics-web to make the
    metrics website a self-contained unit that's independent of
    aggregating descriptors. The idea is that people can take the metrics-web
    code and improve it or replace it with a better metrics website written in
    the web language of their choice.
  • Karsten started working on better visualizations of Tor data using the
    Thematic Mapping API together with Rachel Binx.

Hide Tor's network signature.

  • Collaborated with George K on obfsproxy, a generic protocol
    obfuscator. It seems to work ok but needs more testing.
  • Nick worked on improving the pluggable-transport design.
  • Jacob did another revision on what is now prop 179,
    https://gitweb.torproject.org/torspec.git/blob/HEAD:/proposals/179-TLS-…
  • Jacob looked at the EFF SSL data and have some improvements for how we can
    get better data for future research questions.

Outreach and Advocacy

Preconfigured privacy bundles

  • Jacob did some testing of Gibberbot's Tor and OTR integration. Gibberbot
    is an XMPP chat client for Android designed to work over Tor.
  • Jacob did a bunch of work on ttdnsd - some important (but not critical)
    bug fixes and he's planning on pushing out a release in the future. Jacob and
    Robert did some work on torsocks integration and in the process hammered out a
    reasonable torsocks API for people who want to have auto-magically Torified
    sockets without understanding Tor internals.
  • Jacob worked on OpenWRT packaging issues - as well as other work on the
    Torouter project.
  • Jacob worked on Tahoe (http://tahoe-lafs.org/trac/tahoe-lafs) and
    Tor related Hidden Service documentation; after moderate amount of Tor testing
    with Tahoe now and it seems to be partially functional.

Bridge work

  • Karsten prepared a patch for BridgeDB to export bridge pool assignments to
    a local file. This patch needs some cleanup before being deployed on
    BridgeDB.
  • Karsten wrote a first draft of a BridgeDB specification that Nick
    commented on. The next step is to include Nick's comments and change the
    writing style, so that the specification describes what the current BridgeDB
    code does, not what a generic BridgeDB implemention should do.
  • Karsten extended the bridge descriptor sanitizing algorithm to include IP
    address hashes in the sanitized descriptors. Sanitized all existing
    bridge descriptors using this new algorithm. Instead of 127.0.0.1,
    bridges now have 10.x.y.z addresses with x.y.z being stable for a given
    bridge fingerprint in a given month. This allows analyses of how often
    bridges change their IP addresses in a given month.
  • Christian deployed a new version of BridgeDB, the one that's i18n enabled
    (#1613) and also can dump bridge pool assignments to files. We can now
    assign an amount of unassigned bridges to someone/something and dump
    them to file buckets. See #1612 for more infos. In theory, we can now
    have an amount of Twitter assigned bridges that we pump out over
    Twitter.
  • Christian also started writing a python script that is able to dump
    stuff to Twitter.
  • After deployment of the new BridgeDB, some issues came up that were fixed
    (#2556 and others). It seems to run smoothly now. We'll be even more
    happy about it when we have important (read: Chinese and Farsi)
    translations ready and deployed.
  • Christian and Karsten discussed about whether his planned "dump bridge
    pool
    assignments to files" feature can use the bucket mechanism of #1612.
    Turns out it can't since both have a different set of goals and would
    be to painful to sync with every change.
  • Mike helped Karsten with improving the output of Torperf for future
    experiments involving circuit build timeouts.

Scalability

  • Improved Torperf and finally deployed it to collect data about used
    paths and to measure performance with custom guard node selections.
    This is still work in progress together with Mike and Tom as part of
    our first Scrum iteration that ends on March 5.
  • Worked on Florian's and Björn's token bucket patch some more together
    with Sebastian. The current state of the patch is that it needs some
    more love before it can be merged into 0.2.3.x.
  • Nick collaborated a little with two volunteers on what we
    think at this point must be the 5th generation of a "launch a private
    network" tool. This one is called "chutney".
  • Nick reviewed a bunch of patches, reviewed a bunch of bugs, fixed a
    bunch of bugs, merged many people's code, got 0.2.2.x closer to done.
  • Sebastian wrote a proposal for a safer voting process for consensus
    parameters, and wrote an implementation for it.
    https://gitweb.torproject.org/torspec.git/blob/HEAD:/proposals/178-param-
    voting.txt
  • Damian started thinking about our various projects in a more streamlined
    and easy-to-understand way. The results are at
    https://www.torproject.org/getinvolved/volunteer.html.en#Projects.

Incentives

  • Christian cleaned up the rather hackish installation of Weather on bahri.
    The stable installation now lives under `/home/weather/opt/current' and actually
    is update-able through `git pull'. There's also a testing installation to test
    stuff and play around at https://weather2.torproject.org/. He's tried to
    update the documentation with all the stuff that is necessary to install and run
    Weather.
  • Christian tried looking into #2467. Some people complained that Weather
    didn't know their relay fingerprint. On Sebastian's and Mike's idea, Christian
    changed the torrc to include `FetchDirInfoEarly 1' and `FetchUselessDescriptors
    1'. Since that no one complained again about Weather not knowing a certain relay
    (except for one time, when the Weather process had silently crashed and
    therefore the database wasn't updated for a day).
  • After Tor 0.2.1.30 was tagged and made it to the recommended versions',
    people running 0.2.1.29 started complaining about getting "Node out of date!"
    emails from Weather. It turned out that Weather was actually doing the right
    thing, namely mailing them that they were not running the latest recommended
    stable version anymore. No one seemed to have read the text near the checkbox in
    the signup process. After discussing this intensely with Sebastian, we decided
    to go for a more simple solution: People now get email when they don't run one
    of the recommended versions or a more recent dev version of Tor.

More reliable downloads

  • Christian did a rather large GetTor overhaul. The way GetTor manages its
    packages is now much easier to understand and enhance. GetTor moved from a
    ini-style configuration file and parser to a more BridgeDB-like configuration
    management. Also, packages are now configured rather than hard coded. In
    addition, he cleaned up the i18n management of GetTor to something similar to
    what we use in BridgeDB. Not only are the translation strings cleaner now, but
    the translation and installation is smoother. Also, the logging was simplified
    because it had too many features that no one used and generally was polluting
    the log file with too much useless information. Furthermore, the MakeStat.py
    script that
    creates GetTor's package statistics was simplified a lot.
  • Christian fixed #1586, users requesting non-existent split packages now
    are informed about that fact.
  • Nick worked on a thandy packaging spec with Erinn.

Translations

  • Sebastian Started figuring out a way how translations can be pulled from
    transifex and used in their respective products in a more automated
    fashion.
  • New or updated website translations in French, Russian, Italian, Japanese,
    Spanish, Mandarin Chinese, and Greek.