It sounds to me like we need: 1. Absolutely easy to use client software that automatically acts as a router/server -- Needs to determine the lower (upstream) bandwidth, and not clog it -- Needs to be able to prioritize local originating connections to eliminate the desire to run separate client and server tor processes -- -- This includes using as much upstream as the local origination needs, even if it means nearly starving all "through me" traffic -- -- This means getting flow control working inside Tor, unless I missed something. -- Needs to be able to work with dynamic IP transparantly -- -- Tor currently does this if NO Address line is in the config file, but Vidallia insists on putting one in there anyways.
2. Simple instructions to end users -- Anonimity != privacy -- Things like flash, etc, can break privacy and reveal who you are -- Some sort of 'This is known to be safe, this is most likely unsafe, this is "maybe" ' list. 3. A preconfigured set of cookies for the major known cookie tracking sites (ads, etc), so that every Tor user looks the same. 4. Ideally a patch for Firefox. IE allows you to say "Accept 1st party cookies, reject 3rd party cookies." Safari allows you to say "Only accept cookies from sites I navigate to, but not from sites linked to them (Advertisements)". Firefox doesn't have that. 5. (Privoxy already strips referrer information, so that's not leaking your search history, etc, to third parties). ** 6 **. Since Tor will route to an exit node on the same machine as your target, giving end-to-end transparent encryption, some sort of push to get the major web sites to run at least a "local exit" tor node. In particular, we need an absolutely trivial, out of the box, "Local only, any port" tor exit config. On 3/27/07, Freemor <[EMAIL PROTECTED]> wrote:
On Mon, 2007-26-03 at 23:53 -0700, JT wrote: > You are making a very big mistake! In theory your are correct with what > you are saying but you are assuming the total noob can learn how to safe > anonymously but also give grandma a chance to surf anonymously. Grandma > knows what a browser is but has never heard about encryption or TCP/IP. > I think that if the information is geared to the new user that they will be able to pick it up. You don't need to get all technical to explain everything. you could just say "if your browser doesn't display the lock icon, like when using a banking site, your communication is anonymous but not confidential, and may reveal identifying information." I also think there is a real problem with the "a new user could never understand this" thinking. One should never assume that ones audience is less intelligent then you are. Also, even if the effort manages to only educate 30% of the new users this is far superior to not making the effort and having only the very enthusiastic users who have the skills to dig up the documentation they need being educated. Freemor
