Delivery-Date: Sun, 02 Nov 2014 07:25:59 -0500
Return-Path: <tor-talk-bounces@lists.torproject.org>
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on moria.seul.org
X-Spam-Level: 
X-Spam-Status: No, score=-4.7 required=5.0 tests=BAYES_00,DKIM_SIGNED,
	RCVD_IN_DNSWL_MED,RP_MATCHES_RCVD,T_DKIM_INVALID autolearn=ham version=3.3.1
X-Original-To: archiver@seul.org
Delivered-To: archiver@seul.org
Received: from eugeni.torproject.org (eugeni.torproject.org [38.229.72.13])
	(using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by khazad-dum.seul.org (Postfix) with ESMTPS id C67AA1E0462;
	Sun,  2 Nov 2014 07:25:57 -0500 (EST)
Received: from eugeni.torproject.org (localhost [127.0.0.1])
	by eugeni.torproject.org (Postfix) with ESMTP id 0E086318DA;
	Sun,  2 Nov 2014 12:25:53 +0000 (UTC)
Received: from localhost (localhost [127.0.0.1])
 by eugeni.torproject.org (Postfix) with ESMTP id 3B45831733
 for <tor-talk@lists.torproject.org>; Sun,  2 Nov 2014 12:25:47 +0000 (UTC)
X-Virus-Scanned: Debian amavisd-new at 
Received: from eugeni.torproject.org ([127.0.0.1])
 by localhost (eugeni.torproject.org [127.0.0.1]) (amavisd-new, port 10024)
 with ESMTP id kYPssPlFYsTw for <tor-talk@lists.torproject.org>;
 Sun,  2 Nov 2014 12:25:47 +0000 (UTC)
Received: from mail.headstrong.de (mail.headstrong.de [81.7.4.112])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (Client did not present a certificate)
 by eugeni.torproject.org (Postfix) with ESMTPS id 06E403159A
 for <tor-talk@lists.torproject.org>; Sun,  2 Nov 2014 12:25:47 +0000 (UTC)
Received: from localhost (localhost.localdomain [127.0.0.1])
 by mail.headstrong.de (Postfix) with ESMTP id 850CD1C0029F
 for <tor-talk@lists.torproject.org>; Sun,  2 Nov 2014 13:25:42 +0100 (CET)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=headstrong.de;
 h=content-transfer-encoding:content-type:content-type
 :in-reply-to:references:subject:subject:mime-version:from:from
 :date:date:message-id:received; s=mail; t=1414931121; x=
 1416745522; bh=zWql7EzzmyO6D1HuzgENmNt/TnGbm/c96ve+VoLiZCA=; b=G
 tBkhx/XJjaW9O0+xe4b5znP6KynbVpy4i4NQVIKojp0hsnb0/8nrzUCKNuknxhA+
 JsnhZozw18dNGlWho4MM7HNJkRZMd1M+g8PxQEtc0Ky7Is37jtWwzMB8xlWOlUY+
 jbYglIC+Z+dBiyOVx/q+PfisunUtkjSh++3F5U0aJ8=
X-Virus-Scanned: Debian amavisd-new at mail.headstrong.de
Received: from mail.headstrong.de ([127.0.0.1])
 by localhost (mail.headstrong.de [127.0.0.1]) (amavisd-new, port 10026)
 with ESMTP id YSfqmU7SQp4a for <tor-talk@lists.torproject.org>;
 Sun,  2 Nov 2014 13:25:21 +0100 (CET)
Message-ID: <545622AE.60901@torservers.net>
Date: Sun, 02 Nov 2014 13:25:18 +0100
From: Moritz Bartl <moritz@torservers.net>
MIME-Version: 1.0
To: tor-talk@lists.torproject.org
References: <7488606.2oxgLGVBPl@ncpws04>
In-Reply-To: <7488606.2oxgLGVBPl@ncpws04>
Subject: Re: [tor-talk] Cloak Tor Router
X-BeenThere: tor-talk@lists.torproject.org
X-Mailman-Version: 2.1.15
Precedence: list
Reply-To: tor-talk@lists.torproject.org
List-Id: "all discussion about theory, design,
 and development of Onion Routing" <tor-talk.lists.torproject.org>
List-Unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-talk>, 
 <mailto:tor-talk-request@lists.torproject.org?subject=unsubscribe>
List-Archive: <http://lists.torproject.org/pipermail/tor-talk/>
List-Post: <mailto:tor-talk@lists.torproject.org>
List-Help: <mailto:tor-talk-request@lists.torproject.org?subject=help>
List-Subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>, 
 <mailto:tor-talk-request@lists.torproject.org?subject=subscribe>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: tor-talk-bounces@lists.torproject.org
Sender: "tor-talk" <tor-talk-bounces@lists.torproject.org>

Hi!

My biggest worries are unattended upgrades, that they have to rely on
someone (you?) to provide up-to-date packages and hardware support for
the complete life-cycle. 64MB RAM may be enough for a Tor client,
although I'm a bit skeptical whether it can scale to more than a few
concurrent users. It is definitely not enough for a Tor bridge or
non-exit relay.

I am also not a fan of transparent proxying, but you are aware of the
issues there. I think it's irresponsible to throw people at the changed
threat model of Tor without telling them. I'd rather want to see a
captive portal that let's you download Tor and browse the Tor website,
and then lets Tor clients out. You say people are too stupid to run Tor
Browser. I think if you give them a nice tutorial on a captive portal,
they will manage. With the added benefit of educating these people so
they can also use Tor at different non-torified locations in the future.
It is not trivial to only allow Tor out (with all the pluggable
transports and things), but it can be done.

I do want a "Tor box" that has both this type of guest network with
captive portal, as well as enough power to be both a bridge or a relay.
It then needs some nice web user interface (with Tor stats!), a
mechanism to determine its own preferred state when not configured
otherwise (bridge/relay/client-only), and some fancy LEDs or display to
show how much you're helping the network. Yours cannot be that, so I'm
not really interested.

I also don't understand why everyone thinks they have to build their own
hardware. There are quite a number of open hardware platforms nowadays
that can be used for such a project just fine. Then you relieve yourself
of having to support that piece of hardware forever, manage production
and shipping and all that crap, but instead can focus on the important
parts, which is to make the software flexible enough to be moved from
one hardware platform to another, make nice interfaces, and work with
torproject.org to provide updates. The web GUI has been a proposed GSOC
project for quite some time, but no student picked it up yet. Does your
board even have LEDs?

You talk about adding exit relays, which is a nice thing to think about,
but as noted previously, if you don't talk about bandwidth and location,
that doesn't mean a thing.

I am not a hardware expert, but I have followed quite a number of
hardware-related kickstarters over time, and your timeline sounds really
ambitious.

-- 
Moritz Bartl
https://www.torservers.net/
-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

