> I had suggested something pretty similar (as a replacement for Vidalia, > for example) quite a while ago (on IRC only maybe?) and several people > thought it was a completely horrible idea (e.g. "that'll NEVER happen") > mostly on the grounds of what Damian pointed out already (cross-protocol > attacks, bigger attack surface) plus fears like getting people used to > looking at "a web thing" to control Tor means fake "web things" get > easier to attack them with, ... > > Aren't these concerns valid for the relay cases and for a "client" > (tor-router) sort of thing as well?
Hi Meejah. I wasn't part of those earlier irc discussions so I can't speak to their concerns. If someone has an actual issue they're worried about then I'm happy to discuss it here. > If not, or if tor-dev thinks this *could* be made to work (securely), I > could potentially dig out the proof-of-concept I had for anyone who wanted > a starting-point to tackle this (with txtorcon + Twisted of course, plus > d3.js for realtime bandwidth graphs plus some comet/ajax thing I forget > right now). Neat! A proof of concept would certainly help to bootstrap the project. :P _______________________________________________ tor-dev mailing list [email protected] https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev
