Here's what I said at the beginning of July that I hoped to do:

- Attend the Dev meeting and hack fest in Florence. Help everybody understand about our upcoming grants, and the upcoming deliverables that go with them.

Done. It was a great dev meeting and hack fest -- we had something like 40 Tor developers in one place. How the community has grown! https://trac.torproject.org/projects/tor/wiki/org/meetings/2012SummerDevMeet... Thanks again to Gunner for helping us making sure everything went smoothly and we kept moving forward: http://aspirationtech.org/about/people/gunner

- Attend PETS

Done: http://petsymposium.org/2012/program.php David Fifield gave a fantastic talk on our Flash Proxy design: http://crypto.stanford.edu/flashproxy/ I talked to Greg Norcie a lot about Tor Browser usability issues, progress we've made so far, and what remains to be done: http://petsymposium.org/2012/papers/hotpets12-1-usability.pdf If we had enough money we should totally be funding research grants for people like Greg to do further usability analysis. On the other hand, we have a pile of known problems and not enough developers to actually fix them -- so accruing *more* known problems, while great, maybe shouldn't be the most immediate goal. I should also draw your attention to Yossi Gilad's paper, "Spying in the Dark: TCP and Tor Traffic Analysis": http://freehaven.net/anonbib/papers/pets2012/paper_57.pdf It's another in the line of congestion-based traffic analysis papers (watch Alice's connection into the Tor network, send some packets to the suspected exit relay and/or destination website to reduce its TCP window, and then see if the flow on Alice's side slows down). It's unclear how bad it is in practice (i.e. how practical the attack is), but it's a nice example of how congestion attacks are not yet fully understood. The next PETS will be at Indiana University next summer.

plus do a talk at the 'provably privacy' workshop in Vigo.

Done: https://www.cosic.esat.kuleuven.be/ecrypt/provpriv2012/program.html The ecrypt workshop was a tough combination of people who already did Tor research and people who didn't know that Tor doesn't mix. It ended up being in part a group discussion of Tor's toughest research attacks, to try to raise awareness of issues rather than suggest solutions.

- Probably go to Berkeley for the last week in July.

Done. I met with EFF people for a day (mainly Peter Eckersley, talking with Mike Perry and Isis about how to salvage our browser situation in the face of both Firefox and Chrome including new privacy-invasive features at a faster clip than we can keep up with). I had lunch with Prateek Mittal, a post-doc at Berkeley who used to be in Nikita Borisov's lab at Illinois. Prateek is working on Sybil resistance and social-network-based security -- e.g. routing through your social network to resist some of the attacks that Tor has problems with. I also met briefly with Doug Tygar, a Berkeley prof who is working on evaluating circumvention tools, and with Vern Paxson's group at ICSI, who are looking into how to reason about pluggable transports and find ways to do better at the arms race.

- Summarize open simulation tickets and open performance tickets, so we can prioritize them and get more developer attention on them.

I talked to Karsten and Rob about performance work at the dev meeting, and we moved each ticket forward individually. I haven't had a chance to sit down and organize them en masse though: https://trac.torproject.org/projects/tor/wiki/org/roadmaps/Tor/Performance Nickm now has a list of specific Tor development tasks (mostly of the form "clean up this patch so it's something we'd be willing to merge"). And Rob has been doing simulations on our current patches to help us decide which ones should actually help: https://trac.torproject.org/projects/tor/ticket/6401

- Publicize one or more new job openings on our jobs page: https://www.torproject.org/about/jobs.html.en and start collecting applications.

I helped Mike get the Tor Browser Hacker job description up and announced: https://www.torproject.org/about/jobs-browserhacker Now we need to get enough applications and interest that we have great people to select from.

- Make sure our new core dev gets added to the people page, and make sure we do some sort of announcement so there's closure. Follow-up on the original core dev job announcements to say we've got one (but leave the job announcement up, because we wouldn't mind having another if the perfect person came along).

I just added Andrea to the core people page, along with some other people who have been core people for a while but never made it onto the page. We continue to have a blurry line between which of our fine volunteers happens to make it into the core people page. I think we should probably put more of them on it -- isis and Moritz come to mind, as well as David Fifield, Philipp Winter, the Tails people, Ian Goldberg, and others. All that said, I don't think we've actually done any sort of announcement or acknowledgement about the core dev spot. Should we?

- Ian told me that Tariq's "Changing of the Guards" paper was flawed. I don't yet agree that it's flawed -- I should follow up with them and see which parts of the design need to be discarded and which I can resurrect.

Tariq, Ian, I, and others ended up adapting the paper into a WPES submission, which focuses on Tariq's framework for how to answer questions about bridge churn. I still think the investigation has uncovered a really interesting privacy vulnerability: if the Tor client has perfect connectivity, it will pick three guards, and if one of them goes offline it will continue in a degraded "two guard" state rather than picking a fourth guard and risking showing its circuits to a new relay. So far so good. But a client with bad connectivity will end up with dozens or even hundreds of guards on its list, and when one of its top three goes away it will move to a fourth. Somewhere in there it would seem this is suboptimal behavior. More research required, as they say.

- Get Tor 0.2.3.x closer to stable.

We released 0.2.3.19-rc on 2012-07-06.

- Organize and announce (hopefully in that order) our upcoming plans for encouraging more exit relays.

Done: https://lists.torproject.org/pipermail/tor-relays/2012-July/001433.html I spent much of my second half of July on this topic, including individual mail threads with many of the fast exit and non-exit relay operators, to strengthen the community and learn who is in a good position for growing their relay. We have several trac tickets following the "diversity metrics" side: https://trac.torproject.org/projects/tor/ticket/6232 https://trac.torproject.org/projects/tor/ticket/6443 https://trac.torproject.org/projects/tor/ticket/6498 https://metrics.torproject.org/fast-exits.html I also talked to Sathya about having him do his undergrad thesis on the question of measuring and tracking diversity in the Tor network. It would be great to see more Tor research groups take an interest and give him some guidance. Next steps for me on the exit relay front are to hit up my contacts at universities (Boston University and University of Waterloo run fast exits, but many more want to if I just help them enough); figure out how logistically we can get money to the exit relay operators who need it; and figure out how to integrate Moritz into the "continuing to strengthen the relay operator community" role.

- Track down all the plans for my November trip to Amsterdam. The original plan was to speak in Rotterdam at their CA conference (organized after the DigiNotar thing), but that expanded to maybe talking to Dutch law enforcement, and then maybe Austrian law enforcement, and now the Belgian law enforcement want me to come explain the Internet to them too. All of these things are worth doing (the more law enforcement groups understand Tor, the less they hassle our exit relay operators and the less they lobby for laws to outlaw privacy), but we'll see how many I can fit in.

Not started. Should do rsn.

- Start looking into properties we want for a more DPI-resistant "obfs3" protocol.

I talked to Ian Goldberg about it, and got him talking to George (asn) at PETS. I believe they have a plan, and I think Brandon Wiley (our gsoc student) is even planning to integrate it into his python pluggable transport library. Stay tuned for more details. ------------------------------------------------------------------------ Here are some other things I did in July: - While in Vigo, I called in to the SponsorF site visit to help brief the program manager on our progress. One of the followups is that we should either get a 320KB torperf instance running (since 50KB is very small), or better, get something running that fetches some actual popular web pages including their css, images, etc. We could either do it as "this is how long it takes in practice to load the frontpage of foo.com", which would show us realistic performance over time, or we could set up a fake foo.com so real-world website changes don't add another variable. - Had multiple tor-exec budget meetings to figure out how to do all the new things our sponsors want, without running out of money. We have a plan, and it looks good. I look forward to learning how much that means we can scale up in 2013. - Helped Karsten plan for the SponsorL deliverables: https://lists.torproject.org/pipermail/tor-dev/2012-July/003808.html - Did a bit of actual Tor development, including tracking down some fun bugs like https://trac.torproject.org/projects/tor/ticket/6404 ------------------------------------------------------------------------ Here are some items I expect to do in August: - Chair the FOCI workshop at Usenix Security, and also attend the rest of Usenix Security. https://www.usenix.org/conference/foci12/tech-schedule/workshop-program https://www.usenix.org/conference/usenixsecurity12/tech-schedule/technical-s... - Talk to Ralf-Philipp Weinmann about his TorScan paper (upcoming at Esorics) and what we can do to address his attacks. - Look at Rob Jansen's performance graphs from his new Shadow simulations. Try to move the performance tickets forward. - Expand on the set of metrics by which the SponsorF Red Team will judge the project's success. Specifically, I should list the anonymity attacks that they shouldn't evaluate since the PETS community is already doing a good job at evaluating anonymity attacks. - Launch the "run fast bridges for BBG" campaign, ideally by gathering volunteers on tor-relays. - Launch the "exit relays at universities" push, and send BBG a timetable for how our exit relay rollout is looking. - Get some money to some exit relay operators, since it turns out (ha) that it's harder than I expected on our side to do it in a way we'll pass our audits. - Get 0.2.3.20-alpha and 0.2.3.21-alpha out. - Consider an 0.2.2.38 stable update. - Consider an 0.2.4.1-alpha release. - Sort out my September travel to Germany, and my November travel to Netherlands et al. - Schedule our NSF "censorship measurement" kickoff meeting, perhaps the last week of September or first of October. - Encourage Andrew to put our "project coordinator" job description up and announce it. - Try to take a vacation Aug 11-19. ------------------------------------------------------------------------ Things I'm still dropping the ball on: - Transparently document the secteam process, especially since we have concluded to use it far less often and only for critical security things. - Answer the thread between Karsten and Jake where we had an excited volunteer with a clearly useful contribution that we totally dropped on the floor. Try to generalize the experience to improve our response to new contributors. We used to be great at it, and lately we're all overloaded. - Add a "scientific papers" exception to our trademark-faq: I want to give blanket permission to scientific papers to use the word Tor in their paper name, so long as they don't go and write software under that name too. https://www.torproject.org/docs/trademark-faq - Make a plan for fixing all the "CBT sometimes breaks Tor" issues. https://trac.torproject.org/projects/tor/ticket/3443 - Start summarizing Tor research papers on the blog more regularly. There have been a huge number of really important research papers lately, and most Tor people don't know about them. Should I summarize them on the blog (for a broader audience), or on tor-dev (for the rest of the Tor developers), or what? - I need new business cards. - Get https://trac.torproject.org/projects/tor/wiki/org/sponsors/SponsorA through D back up on the wiki somewhere (Andrew took them down since they were concluded, and since they just listed contract deliverables rather than the progress reports and trac ticket links that we've been doing for later funders; but we should keep them there for posterity). - Tell Micah Sherr and Chris Wacek (Georgetown) about the open simulation questions; and get Rob Jansen (UMN/NRL), Mashael AlSabah (Waterloo), etc a good summary of the current performance situation. _______________________________________________ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk ----- End forwarded message ----- -- Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org ______________________________________________________________ ICBM: 48.07100, 11.36820 http://www.ativel.com http://postbiota.org 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE