TorK – anonymity manager for TDE
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
 
 
 
 
 
 

544 lines
18 KiB

ACTIVE TODO'S
=============
For 0.32:
---------
- Integrate modified pktstats
- Replace torksocks with torsocks.
- Add badexit icon
- Add KB/s to traffic logs
- implement bootstrap info
- fix use of mapaddress
New Features TODO sometime:
---------------------------
- upnp bug - Message: Ports 80 and 443 on your router
urn:schemas-upnp-org:device:WANConnectionDevice:1 successfully forwarded to the
ports 9030 and 9001 used by your Tor server.
- It would be nice if Tork integrates an option to make it possible to select
and exclude Tor servers that are running older and possibly (hacked) versions
of Tor, other then the current stable and some newer Alpha builds. Servers like
nixnix and bettyboob are at least suspicious because they use the same ISP, old
version, OS build,  and push a huge amount of traffic.Adding this option would
make it easier to spot and add servers like these to the enemy server list.
- Fix the controlport warnings when we don't lock the controlport
quickly enough.
- If you don't apply settings and have select server in the drop down menu,
what are we supposed to do?
- Don't apply server/upnp settings (obviously)
- Just prevent server systray info from displaying? (And leave 'server'
selected in drop-down?)
- Leave 'server' grayed-out and unapplied until settings are applied?
- tdesudo is fucked. need to use the API.
- Add a 'monitor' option - tork does not do any setconf'ing.
- Ability to import blocklists. - tdehotnewstuff?
* customized pktstat to report all non-tor traffic
- non-tor traffic osd
- report kb/s in traffic log
- report tor kb/s in traffic log too!
* Separate profiles for separate tor servers.
Add an argument (-profile profilename) specifying the profilename to use.
Add a Tor->Create New Profile button
Add a Tor->Save Profile button (only enabled when non-default profile in
use).
-Saves to desktop file for launching the profile.
<kcfgfile arg="true"/>
TorkConfig::instance(QString());
delete TorkConfig::self();
TorkConfig::instance(configurationFile);
TorkConfig* config = TorkConfig::self();
//Make a copy of config for use in a profile
TorkConfig::self()->config()->copyTo("profilename",TorkConfig::self()->config()
);
//Load a profile
TDEConfig *tmpconfig;
tmpconfig = new TDEConfig("torkspecialrc", false, false);
tmpconfig->copyTo("torkspecialrctmp",TorkConfig::self()->config());
now delete torkspecialrctmp
- maybe I haven't noticed but vidalia gives other nodes time to re-route
when disconnecting does Tork do that? - DONE
* Add warning when tork is configured to expect privoxy to be running at
startup but there is no sign of it - DONE
- Fix: when selecting 'client' from start-up icon, ensure 'None is set
in server dropdown - DONE
- text alongside icons in toolbar - DONE
- If firstrun wizard cancelled, then cancel out of TorK and re-run it next
time Tor is run. - DONE
For 0.32:
- Use separate pidgin settings for anonymity.
- I just managed to explain how to edit torc to a total non-tech person,
but all that was about was simply adding "fascist firewall" parameter -
maybe Tork could check if there is one in it's way and try using http
port's if needed? (informing the user so that the firewall could be
edited if possible)
* [wish] the ability to choose to have the state "anonymized" or
"non-anonymized" by default
* investigate use of unix sockets a bit
* circuitidletimeout - set to 4 or 5 hours to prevent lag when building
circuits.
* keep track of programs anonymized from Tork/torkify and warn heavily if
they leak
traffic.
* merge torsocks patches
* Shallot Integration. To be useful would have to be bundled.
For 0.32:
- Port to KDE4 - End 2008
Sometime:
* use kpaaworddialog and tdesuclient for password requests
- Re-tool kicker applet
1. 'Optimize' button to replace 'Change Identity':
- 'For Speed'
CircuitBuildTimeout 5 (or values as low as 2)
KeepalivePeriod 60
NewCircuitPeriod 15
NumEntryGuards 8
CircuitIdleTimeout 600
- 'For Safety'
Default values of above.
Launches wizard that configures according to your requirements.
'Change ID' can remain in system tray.
Add changeID to OSD. - DONE
Add 'Optimize' to system tray.
3. Merge KB/s and onion progress display to a single column.
4. Integration with Firefox.
- Prompt for installation of TorButton when first launched.
- Ensure torbutton toggled on when launched.
6. A stacking OSD, i.e. no listview.
- Crystal-effect black with white/grey border
- Transparent
- Upright rounded rectangle.
- Each item represents an active stream.
- Each item contains:
- A 16x16 'cancel icon for killing the stream
- A 22x22 icon representing the site/service.
- The host name.
-
7. An Anonymous Email Wizard.
- Assist with download of mixminion.
- Explain 'advanced' usage with KMail.
- Explain 'simple' usage with plain interface.
- Install sendmail-mixminion script
A test tool:
- Build circuits with selected routers
- Fetch a specified resource with circuits
- B/W Graphs etc.
- Facility to distribute test specs to clients
* Toggle javascript and cookies from control button in konqueror
===============
PREVIOUS TODO'S
===============
Done in 0.31:
- fix version checking code for 'download stable'
- temp orport rather than torkconfig::orport
- Fix MapAddress
Done in 0.29.2:
* use a qvaluelist for the server list (speed up populating it).
likewise for the streamlist. (ALREADY DONE)
* add ability to reverse-resolve ip addresses in traffic log on-demand - DONE
* make log entries copyable - DONE
* add hidden service to 'run server' dropdown. - DONE
* ability to drag urls to system tray - DONE.
For 0.29:
1. Speed up pop-up windows - DONE
1. Disable padlock when performing updates. - CANTDO
1. RejectPlainTextPorts. Re-implement to block and warn. - DONE
8. Quick B/W Configuration in System Tray a la KTorrent. - DONE
1. Advise users on how to prevent privoxy running automatically. Attempt
to update privoxy conf and sighup it. - DONE
1. Force users to re-boot before running first-run wizard, just in case
they've installed tor/privoxy freshly, it isn't running, but will only
run at start-up - DONE
For 0.29:
1.
-
Redesign OSD. Make it more useful and less ugly.
-------------------------------------------
using TorK with konqueror
When switching konqueror's anonimity there are some problems:
1. Java and javascript uses same checkbox so you must use both of them or
not use at all.
2 When you turn off anonimity tork turn on all of things in list (java/js,
plugins, browser identification, etc) even they wasn't used before tork
reconfigure konqueror to use tor.
-------------------------------------------
>
> - In the First-Run Wizard I think it should be possible to enter a
> password for local Tor instances (it's already possible to do this for
> remote instances) if the user already has set one. Or do you have some
> kind of reason for the current absense of it?
>
TODO for 0.27:
- Upnp
* UPNP!!
o make dirport configurable
* Usability:
o Remove 'connect'/disconnect from toolbar
o Simple Mode:
- Add 'Advanced' button that will reveal:
- 'Launch/Server Filter' button
- 'Citizen' button
- 'Fail-Safe' button and 'Fail Safe' config
- 'Change Identity' button
- So in simple mode only 'server' and 'un-censor' remain
- 'Usability' config section
o 'My Tor Server', 'My Server BW', and 'Configure Server'remain hidden unless
a server is
actually running (and advanced mode is selected?).
o 'My Hidden Services' remains hidden unless user elects to create a hidden
service from main
listing.
o 'My Network View' remains hidden until user right-clicks on server list to
select servers.
* New Server wizard for UPNP and basic server info
* Integrate shallot into hidden service wizard?
* Get rid of libwhich for christ's sake
* Use overlays for server icon
QPixmap icon = DesktopIcon( m_iconName );
QPixmap overlay( locate ( "icon", KMimeType::favIconForURL(
m_filterData->uri() ) + ".png" ) );
if ( !overlay.isNull() )
{
int x = icon.width() - overlay.width();
int y = icon.height() - overlay.height();
if ( icon.mask() )
{
QBitmap mask = *icon.mask();
bitBlt( &mask, x, y,
overlay.mask() ? const_cast<QBitmap *>(overlay.mask()) :
&overlay,
0, 0, overlay.width(), overlay.height(),
overlay.mask() ? OrROP : SetROP );
icon.setMask(mask);
}
bitBlt( &icon, x, y, &overlay );
}
* gnutls
TODO FOR 0.23
---------------------
Major
* Applet that displays full raw running config and allows you to set raw
options manually and on the fly.
* Copy ktorrent's bandwidth toggling in the systray menu
* Review konqueror against threats in http://torbutton.torproject.org/dev/
* Check torkify installation when launching torkify
Minor
* use kpaaworddialog and tdesuclient for password requests
* Toggle javascript and cookies from control button in konqueror
* rename 'my network view'
* Use RelayBandwidthRate
* Use cookieauthfile and put in ~/.tork
* When server toggled off, throttle bandwidth or something to genuinely stop
it.
* Fiddle with screen dimensions - make usable for smaller resolutions
* Fix bridges
* Authentication cookie - more granular help
* Spiffify gpg refresh
TODO FOR 0.24
---------------------
* A servers history tab, built on a sqlite table. This will accumulate server
lifetime history. It will also collect user's usage history of each server.
TODO SOMETIME
-------------
* Keep lobbying for a friendlier tor landing-page with meaningful info.
* use "GETINFO addr-mappings/control".
* Fix installation paths - autoconf voodoo required.
* Use getinfo desc/id/or instead of getinfo server/status/fp
* Nested server list by subnet
* Customise ifdefs for livecd?
* reduce gcc warnings
* Improve stream OSD
* Re-write controller logic.
* use kompile instead of arkollon
* Split out tork.cpp a bit, at least a vagure gesture towards cleaner code
* Find and squash as many bugs as possible in tdeconfig and elsewhere.
* 'Configure KMail' wizard for Mixminion
* filter log with right-click
* Full-refresh-of-server-list button
* Blogging wizard
* Pre-configure hidden service irc on kopete
WON'T DO
--------
* universal sidebar (?)
DONE
----
* if authentication isn't enabled, enable authentication for the duration of
the session
Options
* for 'bw options' allow tork to always set values,even when greyed out.
selecting 'default' should reset
values to default.
* for 'performance' do the same
* for 'normal settings' do the same.
* for 'server' do not store 'old' values if greyed out, but always apply
values. this will work because
'never run as server' is tied to clientonly.
* remove 'i'm special'
* fix exitnode selection
* fix the way some options were being applied while tor is running
* make dynamic password setting the default authentication option
In 0.22
-------
* ifdefs for livecd:
Looking through the UI:
1. Remove options to download and install software X
2. Remove start/stop Tor since this really only connects/disconnects from
Tor.
3. Remove anonymous browsing with {Konqueror, Firefox, Opera). x
4. Remove create anonymous services, though the search for hidden services
is
nice. x
5. Remove anonymous kopete, IRC, SSH, Telnet, GPG keys (I may add the hidden
services to gpg.conf), shell. x
6. Remove fail-safe options, Incognito already has those. x
7. Remove run server options.x
8. Remove privoxy config options, the next version doesn't use privoxy.
Maybe
this could be determined at runtime depending on privoxy being installed.
9. Remove the "My Tor Client" config tab, I don't think there's anything
useful for Incognito there. x
10. Remove the "My Tor Server", I think Incognito should be left as middle
man. x
11. Remove "My Hidden Services", the next release has a different mechanism
for configuring that based on a certain directory structure on the USB drive.
x
12. remove konqueror plugin
* Flush circuits for pseudonymity
* Cope with new extra-info handling for servers
* Resolve dns through tor
* Fix stream bandwidth counting
* add n/a icon
* Privoxy config fix, see
http://archives.seul.org/or/talk/Oct-2007/msg00291.html
In 0.21:
* Apply settings - make togglebox allow you to apply in future always
* Make systray icon reflect client/server status rather than activity
* Create manpages for all binaries
* Make torkify installation easier to manage for packagers
* Build patches from Patrick Matth�i
* stop trying to connect if waiting more than 20 secs
* copy control_auth_cookie to ~/.tor in first-run wizard
* stop other passive popups when a showstopper popup has already been displayed
* zeroise netstats on disconnect
* Debug torkified mixminion
* also, the fonts are wonky. in the wizard when it first started, it couldn't
fit all the words it wanted to fit
* under 'my server bandwidth', there's an option to 'don't reuse a connection
if it is more than'. but that option is for clients, not servers.
*also, under 'my server bandwidth', there's an option 'max number of
simultaneous connections allowed'. my maxconn doesn't actually perform this
function. nothing does.
* remove ASSERT: "(mode & KFile::Files) == 0"
in/tmp/buildd/tdelibs-3.5.5a.dfsg.1/./tdeio/tdefile/kurlrequester.cpp (311)
In 0.19:
* Name filter for server list
* Fix 'My Client' bugs
* Improve cookieauth attempts to find cookie, search multiple dirs.
* Make passwords compulsory in firstrun wizard
* Fix My Family
* Add passive pop-up when hovering over system tray
* Display server/client info (maybe number of running servers too?) in
statusbar
* Reflect server status in system tray
* Complete Intro wizard - do's/dont's
In 0.18:
* Remove 'complete' server list from network view config. Speed up config page
loading.
* Use asynchronous dns
* 'Failsafe' button
* Add 'program' column to connection display
* Implement general, server and client status events
* Add country servers to exclude list if country blocked
* Add TorK generated messages to Tor log and flag accordingly.
* Implement entry-guards status events
In 0.17:
* Kicker applet
* Konqueror plugin
* Konqueror right-cliick actions
* Add tor: io slave.
* Reset filters when server list fully refreshed
In 0.15:
* If thttpd is installed, don't offer to download it.
* Add 'Run Server' button
* Alert user that KDE's non-anonymous settings have been restored when Tork is
closed.
* Beginnings of intro-wizard.
* Speed up sliding notifications
* Fix bug when stopping and restarting connection to tor.
* Turn off extended selection of circuits when dragging to circuit pane
In 0.14:
* Pseudonymity button
* Display servers by country
* Combo select for tor session type (beneath onion on main page)
* bw for streams
* dynamically block exits with right-click
* Fix browser settings for opera/firefox
* count our own seconds for bw events
* do not install libwhich and libgeoip
* bandwidthrate at different times of the day
Before 0.14:
* tor traffic log.
* log non-tor traffic
* Replace privoxy templates with TorK ones that are a little more friendly
* Add mixminion client
* add privoxy configuration.
* connect to tor (if it is running) during set-up wizard. this is to determine
if the packaged installation has
the controlport open or not. if it does not, then the set-up wizard will need
to add the relevant conf line
to every possible configuration file candidate it can think of.
* SetUp Wizard should inspect your tor installation and recommend appropriate
tork setup.
Tor GUI Suggestions
-------------------
X = Fully(!?) Done
x = Sort of Done
X Allow the user to fully configure Tor rather than manually searching for and
opening text files.
X Let users learn about the current state of their Tor connection (for example,
how well the current Tor connection is working), and configure or find
out whether any of their applications are using it.
X Make alerts and error conditions visible to the user.
X Run on at least one of Windows, Linux, and OS X, on a
not-unusually-configured consumer-level machine.
Provide detailed information about which applications, ports, or packets are
(or are not!) passing through Tor, including accounting for both Tor- and
non-Tor traffic.
Provide additional statistics about the Tor connection.
Give users more control over how their Tor behaves at certain times of day or
in other contexts (like operating as a server).
x How much bandwidth is Tor using? How does this compare to the overall network
traffic to/from the computer?
x Is there network traffic from ports or applications that the user intended to
be anonymized?
What Tor servers does the user know about on the network? Where are they? How
available are they?
An interface for displaying or controlling Tor paths: "show me the network from
Africa by way of Asia". Think of the global satellite map from the movie
Sneakers.
Configure other running applications to use Tor (for example, by modifying or
working through the network stack, and/or by altering application
configurations).
x Provide an elegant installer for Tor, your GUI submission, and other
supporting applications.
X Make your GUI manage the Tor process and other supporting applications --
start them, stop them, realize when they've died.
X Provide meaningful defaults for a good Tor experience.
Provide application-level anonymity -- that is, not just paying attention to
transport anonymity on the level of Tor, but also paying attention to the
anonymity of the http headers, cookies, etc.
Let the user specify different Tor config option sets depending on time of day
(e.g. daytime vs. nighttime).
Provide useful controller functions for Tor servers too -- for example, walk
the user through recommended bandwidth configurations and exit policies.
X Have a "minimized view" of your GUI for common use, and then a more detailed
view or set of windows when the user wants more detail.
Provide a button or some automatically updating interface to let the user learn
whether Tor is working currently, perhaps by accessing an external what's-my-IP
site and seeing if it thinks you're a Tor server; and give useful messages and
recommendations if it doesn't seem to be working.
Provide a way to automatically configure local firewalls (ipchains, Windows
firewalls, etc) to let Tor traffic out (and in, for Tor servers). As a bonus,
configure it to prevent non-Tor traffic from leaving (and notify when it
tries).