logs archiveIRC Archive / Oftc / #tor / 2010 / April / 1 / 1
Klogg
Hello, may I ask a question or two about one of the gsoc proposed projects?
karsten
mikeperry: you're right. V3Dir is in the spec, but we don't use it, it seems.
Sebastian
Klogg: please do!
karsten
Klogg: sure, you've 1 question left.
mikeperry
Klogg: in general, you should just ask your questions and be patient. people read backlog
Sebastian
Klogg: the more you are visible here and ask etc, the more likely it is you will pick you :)
mikeperry
also #tor-dev might be better for development-type questions
Klogg
well, I was advised at tor-assistants to check idea 7 from the list about improving the testing process. although it sounds neat, I feel abolutely silly because i don't know what to look for in the source code
mikeperry
karsten: created bug 1338 to implement V3Dir
         

Sebastian
Klogg: are you gareth?
Klogg
are there any bug reports or maybe a wishlist concerning the most problematic spots or do I have to discover all of them on my own?
Sebastian: no
Sebastian
Klogg: ah ok
BarkerJr
mikeperry, if it were, why's its topic says not to talk there?
Sebastian
Klogg: so, it would be best if you had a look around
ran gcov
etc
To see if you think you're up to it
I'll have some hints in a bit
afk for a while
mikeperry
BarkerJr: hrmm, perhaps because it is using the term 'developers' to mean 'anyone interested in development'
interested in *doing* development
BarkerJr
hehe ok
so, not people requesting new features
Klogg
Sebastian, already checked gcov. as I understand it, the whole point of the task is to make the coverage as high as possible, right? and the whole business about globals is the fewer globals we have, the more functions we can test independently
never done unit checking before, so I must not be the strongest candidate, but at least I'll learn something new this week :)
mikeperry
BarkerJr: probably depends on the feature ;)
pipe
Another important part of gcov is to make sure you have no untested code
Klogg
isn't that the same?
pipe
I suppose I mean "code path"
Klogg
oh. yes, it is different.
by the way, does svn work for commits in the source code as well or does one have to use git exclusively?
nsa
or: n8fr8 committed revision 22104 (/website/trunk/en): added in the additional Orbot/Android ideas for the GSoC list
or: n8fr8 committed revision 22105 (/projects/android/trunk/Orbot): adding TODO file with GSoC ideas in here as well
Sebastian
Klogg: ok back
Klogg: Tor is in git, no svn anymore
Klogg: The goal of the project is not just to make the coverage as high as possible, but also to identify areas that can be usefully tested and that were error-prone in the past.
The refactorings required are related to some aspects of the code that make for poor testability, even though we can use tinytest to run tests in a clean environment and without messing up state for later runs
Klogg
I see.
Sebastian
Some aspects of Tor cannot be unit-tested at all, of course. But much could be, but we're just not doing it yet.
Klogg
ah. so tinytest basically just spawns a child and runs a test in it
Sebastian
right
Klogg
Sebastian: could you point at one of them so that I would be able to try to figure out what can be done? :)
         

Sebastian
one of the tests?
Klogg
one aspect that could be tested
I guess looking through the bug list for untested problematic spots might be a good idea too
Sebastian
One example would be consensus parsing
we don't have a lot of unit tests there
the bugtracker might not be the place where you learn whether something has a unit test or not, but it sure can give you some ideas about where our bugs are
Klogg
yes, that's what I had in mind saying that
Sebastian
A great part of your application would be a new unit test
Klogg
by saying that you mean that i should try and write a couple of new tests during this week or something else?
Sebastian
yeah
it'd be a great way to show us that you can actually write code
If you need help, we'd be happy to help (just as we will be when mentoring), but it's you who needs to write the code :)
Klogg
I guess I might as well try to make a test or two for consensus parsing(whatever it is) to get a better understanding of the whole system
thanks for the tip
Sebastian
Yeah, I don't think that's necessarily the best idea
that's complicated
just look at the current code
the current tests, I mean
Klogg
yeah, I see
Sebastian
try and identify a few functions that can be tested
It doesn't need to be something huge
Klogg
I think I'll take a look around the code and try to find a couple of missing parts
Sebastian
sounds great!
Also, feel free to submit your application early
we won't grade you down on your first drafts, but will give useful feedback
Klogg
well, right know I can probably do nothing more than copy the proposal from the idea list. I still need deeper knowledge of the system to propose something constructive
but if it can be changed later, I'll do it
Sebastian
yeah
you can update your application any time
until the deadline
Klogg
Got it! I guess, I'll go check the source again, then.
Thanks for the help, Sebastian.
Sebastian
sure
let us know if you need more help
Klogg
will do
Sebastian
Now sleep, though
Guest845
What is the name of the live cd that has tor enabled by default?
phobos
amnesia
keb
incognito
yeah
why do we always go from alpha to rc to stable, but there is no beta
phobos
because tor is already beta
Guest845
Does it have a usb image to run from? What is the url of their site?
Thank you.
phobos
https://amnesia.boum.org/
too late
keb
i wonder which one they will look for
nsa
or: phobos committed revision 22106 (/torbrowser/trunk): start the updates for 1.3.4
or: arma committed revision 22107 (/torbrowser/trunk/build-scripts): get rid of whitespace at the end of lines
phobos
<nsa or: phobos commit revision 22108 (/torbrowser/trunk/build-script): put the whitespace back. why does no one defend whitespace?
keb
one space at the end of a line can save keystrokes when adding code
dr|z3d
phobos: doesn't much matter which they look for.. they'll get amnesia either way.
(incognito's page links to amnesia)
nsa
or: arma committed revision 22108 (/torbrowser/trunk/build-scripts): balance the brokets
arma
http://www.nytimes.com/2010/04/01/us/01nsa.html
keb
april fools, right?
misc
no, the article date back of yesterday
dr|z3d
04/01 appears to be today. :)
arma
enki: any crashes with the newer tor version?
enki
arma: nope :-)
niiinja
you should code an april fools tor version that routes all data unencrypted with destination and sender through an NSA computer
just for laughs
arma
niiinja: every year we think about what tor could do for april fools day. but no matter how outlandish the idea is, there's always somebody out there who will believe it, freak out, and trust tor less. the landscape is just too fragile.
dr|z3d
"arma appointed to be the whitehouse encryption spokesman"
You're right, too fragile.
"arma appears on mtv and raps with j-lo" ?
(Action) winks.
arma
some arma topics are safe. tor topics not so much.
dr|z3d
How _is_ your rapping these days, arma? :)
(Action) doesn't anticipate a response.
niiinja
arma, hehe
atagar
dun: you're right, ss should provide another alternative to netstat (given the -p option) - I kinda doubt that it'll be in this next release, but I'll try to provide it as an alternative soon
arma
dr|z3d: i think i picked up a disease in the jungles of guatemala. so, not so good this week.
dr|z3d
arma: I wish you a speedy recovery, if only so we can look forward to som arma rapping on youtube. ;)
arma: Joking aside, wtf were you up to there? :)
I can't imagine advocacy would have been your reason.. were you taking a well earned rest from Tor?
arma
yes
though actually there's some serious advocacy to be done there
and, i'll have you know that i could probably best rms at rapping.
dr|z3d
One would hope so, for all our sakes :)
enki
rms cranks dat soulja boy, I've heard
dr|z3d
(Action) laughs, incredulously.
Neeraj
can a method be devised such that if a user is connected to tor network and the bridge he is connected to is overloaded. Since he is connected he knows all the nodes, so he connects to another bridge with low traffic automatically using a script thereby making the system more stable
arma
neeraj: since he is connected he knows the relays, but that doesn't mean he knows the other bridges.
Neeraj
ok
arma
but yes, something like that could be done, if someone were to work out how to do it.
Neeraj
can i put it in the proposal?
i think it can be done
helix
arma: can you see #tor-dev please
Neeraj
a overloaded user will invoke a script which will make a request which can go to a page using the bridge he is connected to fetch a new bridge and then connect to it automaticall
automatically
what do you think arma??
arma
neeraj: another option is to add a little something to the tor protocol so the first bridge informs the user about a second bridge
doing anything as a script will mean the windows users lose. and they're, for the most part, all windows users.
Neeraj
but using a python script can be a better option
arma
but the research piece of this is: where does the first bridge find the second one? and if you give it out to too many people, what are the blocking-resistance implications here?
Neeraj
we may also provide dll files too for windows user
arma
windows people don't have python, much. though they might if they use thandy.
Neeraj
that can be a web page
since the first user is connected to a bridge he can have acces to it
arma
how does the web page know what bridge they should get?
i think we're dangerously close to being back in the land of "lots of research to be done before it's clear whether building it would be a good idea"
Neeraj
it can be a random bridge if it connects ok or else another request
arma
if it's a random bridge, then you just go to the web page a lot and you get to learn all of them
do you know about https://bridges.torproject.org/ ? we already have this web page, sort of.
Neeraj
but most users will not do that
ok
i got ur point
we can keep a list of what bridges are blocked everywhere and which are not
and give away bridges which are not blocked
building a network analysis system might help
and overall if an adversary blocks tor then he blocks the https://bridges.torproject.org/ also
arma
yep
Neeraj
that's same agai
again
arma
though you can reach that website through tor
Neeraj
yep
arma
though if you do, we have to restrict what answers you can get from it
(and we do)
Neeraj
i figured it out
getting from a webpage directly will make the adversary know all the bridges too.. an automated system will help the adversary not find it for blocking
arma
why is that?
because it seems like a wrong statement
Neeraj
because the adresses can be encrypted with a key and only tor can decrypt it
arma
if that's true, how about if the adversary uses tor to decrypt it?
(or reverse engineers tor to learn the key. or just looks at the source code, assuming we publish it.)
Neeraj
so you say that if an adversary connects to tor he can get the bridge address too
the key can be negotiated at tiem of making a request
arma
you keep assuming that the adversary doesn't have a copy of the tor program
Neeraj
no
i assume he has
but in this way even the tor is also not fully protected against an attack
but this can make it more difficult rather than just leaving upto him to do it easily
ok
may be its not a good idea
the whole idea was to automate the process to reduce loads
what about Tor's predictable string during the TLS handshake
is that a feasible option for the GSoC?
i want to modify it so that the traffic does not get predictable
arma: can you pls review my proposal
and point out what is missing
can I field more than one proposal to tor?
Sebastian
yes
Neeraj
I am interested in "Rewrite TorDNSEL, this time with a spec"
Sebastian_
great
looks like I might be primary mentor for that project
Tell me more?
Neeraj
yep
nothing as much
just started reading for it
i have posted one proposal
but i dont think its a good one
cause i could not come up with better ideas
can you review the proposal and tell what else can be done
as you were GSoC student yourself can you help me with what else has to be included
arma
Neeraj: we already modified tor's tls handshake quite a bit. see e.g. proposal 130
Neeraj
ok
« prev 1 2 3 next »