TorK – anonymity manager for TDE
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

TODO 18KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544
  1. ACTIVE TODO'S
  2. =============
  3. For 0.32:
  4. ---------
  5. - Integrate modified pktstats
  6. - Replace torksocks with torsocks.
  7. - Add badexit icon
  8. - Add KB/s to traffic logs
  9. - implement bootstrap info
  10. - fix use of mapaddress
  11. New Features TODO sometime:
  12. ---------------------------
  13. - upnp bug - Message: Ports 80 and 443 on your router
  14. urn:schemas-upnp-org:device:WANConnectionDevice:1 successfully forwarded to the
  15. ports 9030 and 9001 used by your Tor server.
  16. - It would be nice if Tork integrates an option to make it possible to select
  17. and exclude Tor servers that are running older and possibly (hacked) versions
  18. of Tor, other then the current stable and some newer Alpha builds. Servers like
  19. nixnix and bettyboob are at least suspicious because they use the same ISP, old
  20. version, OS build,  and push a huge amount of traffic.Adding this option would
  21. make it easier to spot and add servers like these to the enemy server list.
  22. - Fix the controlport warnings when we don't lock the controlport
  23. quickly enough.
  24. - If you don't apply settings and have select server in the drop down menu,
  25. what are we supposed to do?
  26. - Don't apply server/upnp settings (obviously)
  27. - Just prevent server systray info from displaying? (And leave 'server'
  28. selected in drop-down?)
  29. - Leave 'server' grayed-out and unapplied until settings are applied?
  30. - tdesudo is fucked. need to use the API.
  31. - Add a 'monitor' option - tork does not do any setconf'ing.
  32. - Ability to import blocklists. - tdehotnewstuff?
  33. * customized pktstat to report all non-tor traffic
  34. - non-tor traffic osd
  35. - report kb/s in traffic log
  36. - report tor kb/s in traffic log too!
  37. * Separate profiles for separate tor servers.
  38. Add an argument (-profile profilename) specifying the profilename to use.
  39. Add a Tor->Create New Profile button
  40. Add a Tor->Save Profile button (only enabled when non-default profile in
  41. use).
  42. -Saves to desktop file for launching the profile.
  43. <kcfgfile arg="true"/>
  44. TorkConfig::instance(QString());
  45. delete TorkConfig::self();
  46. TorkConfig::instance(configurationFile);
  47. TorkConfig* config = TorkConfig::self();
  48. //Make a copy of config for use in a profile
  49. TorkConfig::self()->config()->copyTo("profilename",TorkConfig::self()->config()
  50. );
  51. //Load a profile
  52. TDEConfig *tmpconfig;
  53. tmpconfig = new TDEConfig("torkspecialrc", false, false);
  54. tmpconfig->copyTo("torkspecialrctmp",TorkConfig::self()->config());
  55. now delete torkspecialrctmp
  56. - maybe I haven't noticed but vidalia gives other nodes time to re-route
  57. when disconnecting does Tork do that? - DONE
  58. * Add warning when tork is configured to expect privoxy to be running at
  59. startup but there is no sign of it - DONE
  60. - Fix: when selecting 'client' from start-up icon, ensure 'None is set
  61. in server dropdown - DONE
  62. - text alongside icons in toolbar - DONE
  63. - If firstrun wizard cancelled, then cancel out of TorK and re-run it next
  64. time Tor is run. - DONE
  65. For 0.32:
  66. - Use separate pidgin settings for anonymity.
  67. - I just managed to explain how to edit torc to a total non-tech person,
  68. but all that was about was simply adding "fascist firewall" parameter -
  69. maybe Tork could check if there is one in it's way and try using http
  70. port's if needed? (informing the user so that the firewall could be
  71. edited if possible)
  72. * [wish] the ability to choose to have the state "anonymized" or
  73. "non-anonymized" by default
  74. * investigate use of unix sockets a bit
  75. * circuitidletimeout - set to 4 or 5 hours to prevent lag when building
  76. circuits.
  77. * keep track of programs anonymized from Tork/torkify and warn heavily if
  78. they leak
  79. traffic.
  80. * merge torsocks patches
  81. * Shallot Integration. To be useful would have to be bundled.
  82. For 0.32:
  83. - Port to KDE4 - End 2008
  84. Sometime:
  85. * use kpaaworddialog and tdesuclient for password requests
  86. - Re-tool kicker applet
  87. 1. 'Optimize' button to replace 'Change Identity':
  88. - 'For Speed'
  89. CircuitBuildTimeout 5 (or values as low as 2)
  90. KeepalivePeriod 60
  91. NewCircuitPeriod 15
  92. NumEntryGuards 8
  93. CircuitIdleTimeout 600
  94. - 'For Safety'
  95. Default values of above.
  96. Launches wizard that configures according to your requirements.
  97. 'Change ID' can remain in system tray.
  98. Add changeID to OSD. - DONE
  99. Add 'Optimize' to system tray.
  100. 3. Merge KB/s and onion progress display to a single column.
  101. 4. Integration with Firefox.
  102. - Prompt for installation of TorButton when first launched.
  103. - Ensure torbutton toggled on when launched.
  104. 6. A stacking OSD, i.e. no listview.
  105. - Crystal-effect black with white/grey border
  106. - Transparent
  107. - Upright rounded rectangle.
  108. - Each item represents an active stream.
  109. - Each item contains:
  110. - A 16x16 'cancel icon for killing the stream
  111. - A 22x22 icon representing the site/service.
  112. - The host name.
  113. -
  114. 7. An Anonymous Email Wizard.
  115. - Assist with download of mixminion.
  116. - Explain 'advanced' usage with KMail.
  117. - Explain 'simple' usage with plain interface.
  118. - Install sendmail-mixminion script
  119. A test tool:
  120. - Build circuits with selected routers
  121. - Fetch a specified resource with circuits
  122. - B/W Graphs etc.
  123. - Facility to distribute test specs to clients
  124. * Toggle javascript and cookies from control button in konqueror
  125. ===============
  126. PREVIOUS TODO'S
  127. ===============
  128. Done in 0.31:
  129. - fix version checking code for 'download stable'
  130. - temp orport rather than torkconfig::orport
  131. - Fix MapAddress
  132. Done in 0.29.2:
  133. * use a qvaluelist for the server list (speed up populating it).
  134. likewise for the streamlist. (ALREADY DONE)
  135. * add ability to reverse-resolve ip addresses in traffic log on-demand - DONE
  136. * make log entries copyable - DONE
  137. * add hidden service to 'run server' dropdown. - DONE
  138. * ability to drag urls to system tray - DONE.
  139. For 0.29:
  140. 1. Speed up pop-up windows - DONE
  141. 1. Disable padlock when performing updates. - CANTDO
  142. 1. RejectPlainTextPorts. Re-implement to block and warn. - DONE
  143. 8. Quick B/W Configuration in System Tray a la KTorrent. - DONE
  144. 1. Advise users on how to prevent privoxy running automatically. Attempt
  145. to update privoxy conf and sighup it. - DONE
  146. 1. Force users to re-boot before running first-run wizard, just in case
  147. they've installed tor/privoxy freshly, it isn't running, but will only
  148. run at start-up - DONE
  149. For 0.29:
  150. 1.
  151. -
  152. Redesign OSD. Make it more useful and less ugly.
  153. -------------------------------------------
  154. using TorK with konqueror
  155. When switching konqueror's anonimity there are some problems:
  156. 1. Java and javascript uses same checkbox so you must use both of them or
  157. not use at all.
  158. 2 When you turn off anonimity tork turn on all of things in list (java/js,
  159. plugins, browser identification, etc) even they wasn't used before tork
  160. reconfigure konqueror to use tor.
  161. -------------------------------------------
  162. >
  163. > - In the First-Run Wizard I think it should be possible to enter a
  164. > password for local Tor instances (it's already possible to do this for
  165. > remote instances) if the user already has set one. Or do you have some
  166. > kind of reason for the current absense of it?
  167. >
  168. TODO for 0.27:
  169. - Upnp
  170. * UPNP!!
  171. o make dirport configurable
  172. * Usability:
  173. o Remove 'connect'/disconnect from toolbar
  174. o Simple Mode:
  175. - Add 'Advanced' button that will reveal:
  176. - 'Launch/Server Filter' button
  177. - 'Citizen' button
  178. - 'Fail-Safe' button and 'Fail Safe' config
  179. - 'Change Identity' button
  180. - So in simple mode only 'server' and 'un-censor' remain
  181. - 'Usability' config section
  182. o 'My Tor Server', 'My Server BW', and 'Configure Server'remain hidden unless
  183. a server is
  184. actually running (and advanced mode is selected?).
  185. o 'My Hidden Services' remains hidden unless user elects to create a hidden
  186. service from main
  187. listing.
  188. o 'My Network View' remains hidden until user right-clicks on server list to
  189. select servers.
  190. * New Server wizard for UPNP and basic server info
  191. * Integrate shallot into hidden service wizard?
  192. * Get rid of libwhich for christ's sake
  193. * Use overlays for server icon
  194. QPixmap icon = DesktopIcon( m_iconName );
  195. QPixmap overlay( locate ( "icon", KMimeType::favIconForURL(
  196. m_filterData->uri() ) + ".png" ) );
  197. if ( !overlay.isNull() )
  198. {
  199. int x = icon.width() - overlay.width();
  200. int y = icon.height() - overlay.height();
  201. if ( icon.mask() )
  202. {
  203. QBitmap mask = *icon.mask();
  204. bitBlt( &mask, x, y,
  205. overlay.mask() ? const_cast<QBitmap *>(overlay.mask()) :
  206. &overlay,
  207. 0, 0, overlay.width(), overlay.height(),
  208. overlay.mask() ? OrROP : SetROP );
  209. icon.setMask(mask);
  210. }
  211. bitBlt( &icon, x, y, &overlay );
  212. }
  213. * gnutls
  214. TODO FOR 0.23
  215. ---------------------
  216. Major
  217. * Applet that displays full raw running config and allows you to set raw
  218. options manually and on the fly.
  219. * Copy ktorrent's bandwidth toggling in the systray menu
  220. * Review konqueror against threats in http://torbutton.torproject.org/dev/
  221. * Check torkify installation when launching torkify
  222. Minor
  223. * use kpaaworddialog and tdesuclient for password requests
  224. * Toggle javascript and cookies from control button in konqueror
  225. * rename 'my network view'
  226. * Use RelayBandwidthRate
  227. * Use cookieauthfile and put in ~/.tork
  228. * When server toggled off, throttle bandwidth or something to genuinely stop
  229. it.
  230. * Fiddle with screen dimensions - make usable for smaller resolutions
  231. * Fix bridges
  232. * Authentication cookie - more granular help
  233. * Spiffify gpg refresh
  234. TODO FOR 0.24
  235. ---------------------
  236. * A servers history tab, built on a sqlite table. This will accumulate server
  237. lifetime history. It will also collect user's usage history of each server.
  238. TODO SOMETIME
  239. -------------
  240. * Keep lobbying for a friendlier tor landing-page with meaningful info.
  241. * use "GETINFO addr-mappings/control".
  242. * Fix installation paths - autoconf voodoo required.
  243. * Use getinfo desc/id/or instead of getinfo server/status/fp
  244. * Nested server list by subnet
  245. * Customise ifdefs for livecd?
  246. * reduce gcc warnings
  247. * Improve stream OSD
  248. * Re-write controller logic.
  249. * use kompile instead of arkollon
  250. * Split out tork.cpp a bit, at least a vagure gesture towards cleaner code
  251. * Find and squash as many bugs as possible in tdeconfig and elsewhere.
  252. * 'Configure KMail' wizard for Mixminion
  253. * filter log with right-click
  254. * Full-refresh-of-server-list button
  255. * Blogging wizard
  256. * Pre-configure hidden service irc on kopete
  257. WON'T DO
  258. --------
  259. * universal sidebar (?)
  260. DONE
  261. ----
  262. * if authentication isn't enabled, enable authentication for the duration of
  263. the session
  264. Options
  265. * for 'bw options' allow tork to always set values,even when greyed out.
  266. selecting 'default' should reset
  267. values to default.
  268. * for 'performance' do the same
  269. * for 'normal settings' do the same.
  270. * for 'server' do not store 'old' values if greyed out, but always apply
  271. values. this will work because
  272. 'never run as server' is tied to clientonly.
  273. * remove 'i'm special'
  274. * fix exitnode selection
  275. * fix the way some options were being applied while tor is running
  276. * make dynamic password setting the default authentication option
  277. In 0.22
  278. -------
  279. * ifdefs for livecd:
  280. Looking through the UI:
  281. 1. Remove options to download and install software X
  282. 2. Remove start/stop Tor since this really only connects/disconnects from
  283. Tor.
  284. 3. Remove anonymous browsing with {Konqueror, Firefox, Opera). x
  285. 4. Remove create anonymous services, though the search for hidden services
  286. is
  287. nice. x
  288. 5. Remove anonymous kopete, IRC, SSH, Telnet, GPG keys (I may add the hidden
  289. services to gpg.conf), shell. x
  290. 6. Remove fail-safe options, Incognito already has those. x
  291. 7. Remove run server options.x
  292. 8. Remove privoxy config options, the next version doesn't use privoxy.
  293. Maybe
  294. this could be determined at runtime depending on privoxy being installed.
  295. 9. Remove the "My Tor Client" config tab, I don't think there's anything
  296. useful for Incognito there. x
  297. 10. Remove the "My Tor Server", I think Incognito should be left as middle
  298. man. x
  299. 11. Remove "My Hidden Services", the next release has a different mechanism
  300. for configuring that based on a certain directory structure on the USB drive.
  301. x
  302. 12. remove konqueror plugin
  303. * Flush circuits for pseudonymity
  304. * Cope with new extra-info handling for servers
  305. * Resolve dns through tor
  306. * Fix stream bandwidth counting
  307. * add n/a icon
  308. * Privoxy config fix, see
  309. http://archives.seul.org/or/talk/Oct-2007/msg00291.html
  310. In 0.21:
  311. * Apply settings - make togglebox allow you to apply in future always
  312. * Make systray icon reflect client/server status rather than activity
  313. * Create manpages for all binaries
  314. * Make torkify installation easier to manage for packagers
  315. * Build patches from Patrick Matth�i
  316. * stop trying to connect if waiting more than 20 secs
  317. * copy control_auth_cookie to ~/.tor in first-run wizard
  318. * stop other passive popups when a showstopper popup has already been displayed
  319. * zeroise netstats on disconnect
  320. * Debug torkified mixminion
  321. * also, the fonts are wonky. in the wizard when it first started, it couldn't
  322. fit all the words it wanted to fit
  323. * under 'my server bandwidth', there's an option to 'don't reuse a connection
  324. if it is more than'. but that option is for clients, not servers.
  325. *also, under 'my server bandwidth', there's an option 'max number of
  326. simultaneous connections allowed'. my maxconn doesn't actually perform this
  327. function. nothing does.
  328. * remove ASSERT: "(mode & KFile::Files) == 0"
  329. in/tmp/buildd/tdelibs-3.5.5a.dfsg.1/./tdeio/tdefile/kurlrequester.cpp (311)
  330. In 0.19:
  331. * Name filter for server list
  332. * Fix 'My Client' bugs
  333. * Improve cookieauth attempts to find cookie, search multiple dirs.
  334. * Make passwords compulsory in firstrun wizard
  335. * Fix My Family
  336. * Add passive pop-up when hovering over system tray
  337. * Display server/client info (maybe number of running servers too?) in
  338. statusbar
  339. * Reflect server status in system tray
  340. * Complete Intro wizard - do's/dont's
  341. In 0.18:
  342. * Remove 'complete' server list from network view config. Speed up config page
  343. loading.
  344. * Use asynchronous dns
  345. * 'Failsafe' button
  346. * Add 'program' column to connection display
  347. * Implement general, server and client status events
  348. * Add country servers to exclude list if country blocked
  349. * Add TorK generated messages to Tor log and flag accordingly.
  350. * Implement entry-guards status events
  351. In 0.17:
  352. * Kicker applet
  353. * Konqueror plugin
  354. * Konqueror right-cliick actions
  355. * Add tor: io slave.
  356. * Reset filters when server list fully refreshed
  357. In 0.15:
  358. * If thttpd is installed, don't offer to download it.
  359. * Add 'Run Server' button
  360. * Alert user that KDE's non-anonymous settings have been restored when Tork is
  361. closed.
  362. * Beginnings of intro-wizard.
  363. * Speed up sliding notifications
  364. * Fix bug when stopping and restarting connection to tor.
  365. * Turn off extended selection of circuits when dragging to circuit pane
  366. In 0.14:
  367. * Pseudonymity button
  368. * Display servers by country
  369. * Combo select for tor session type (beneath onion on main page)
  370. * bw for streams
  371. * dynamically block exits with right-click
  372. * Fix browser settings for opera/firefox
  373. * count our own seconds for bw events
  374. * do not install libwhich and libgeoip
  375. * bandwidthrate at different times of the day
  376. Before 0.14:
  377. * tor traffic log.
  378. * log non-tor traffic
  379. * Replace privoxy templates with TorK ones that are a little more friendly
  380. * Add mixminion client
  381. * add privoxy configuration.
  382. * connect to tor (if it is running) during set-up wizard. this is to determine
  383. if the packaged installation has
  384. the controlport open or not. if it does not, then the set-up wizard will need
  385. to add the relevant conf line
  386. to every possible configuration file candidate it can think of.
  387. * SetUp Wizard should inspect your tor installation and recommend appropriate
  388. tork setup.
  389. Tor GUI Suggestions
  390. -------------------
  391. X = Fully(!?) Done
  392. x = Sort of Done
  393. X Allow the user to fully configure Tor rather than manually searching for and
  394. opening text files.
  395. X Let users learn about the current state of their Tor connection (for example,
  396. how well the current Tor connection is working), and configure or find
  397. out whether any of their applications are using it.
  398. X Make alerts and error conditions visible to the user.
  399. X Run on at least one of Windows, Linux, and OS X, on a
  400. not-unusually-configured consumer-level machine.
  401. Provide detailed information about which applications, ports, or packets are
  402. (or are not!) passing through Tor, including accounting for both Tor- and
  403. non-Tor traffic.
  404. Provide additional statistics about the Tor connection.
  405. Give users more control over how their Tor behaves at certain times of day or
  406. in other contexts (like operating as a server).
  407. x How much bandwidth is Tor using? How does this compare to the overall network
  408. traffic to/from the computer?
  409. x Is there network traffic from ports or applications that the user intended to
  410. be anonymized?
  411. What Tor servers does the user know about on the network? Where are they? How
  412. available are they?
  413. An interface for displaying or controlling Tor paths: "show me the network from
  414. Africa by way of Asia". Think of the global satellite map from the movie
  415. Sneakers.
  416. Configure other running applications to use Tor (for example, by modifying or
  417. working through the network stack, and/or by altering application
  418. configurations).
  419. x Provide an elegant installer for Tor, your GUI submission, and other
  420. supporting applications.
  421. X Make your GUI manage the Tor process and other supporting applications --
  422. start them, stop them, realize when they've died.
  423. X Provide meaningful defaults for a good Tor experience.
  424. Provide application-level anonymity -- that is, not just paying attention to
  425. transport anonymity on the level of Tor, but also paying attention to the
  426. anonymity of the http headers, cookies, etc.
  427. Let the user specify different Tor config option sets depending on time of day
  428. (e.g. daytime vs. nighttime).
  429. Provide useful controller functions for Tor servers too -- for example, walk
  430. the user through recommended bandwidth configurations and exit policies.
  431. X Have a "minimized view" of your GUI for common use, and then a more detailed
  432. view or set of windows when the user wants more detail.
  433. Provide a button or some automatically updating interface to let the user learn
  434. whether Tor is working currently, perhaps by accessing an external what's-my-IP
  435. site and seeing if it thinks you're a Tor server; and give useful messages and
  436. recommendations if it doesn't seem to be working.
  437. Provide a way to automatically configure local firewalls (ipchains, Windows
  438. firewalls, etc) to let Tor traffic out (and in, for Tor servers). As a bonus,
  439. configure it to prevent non-Tor traffic from leaving (and notify when it
  440. tries).