report for october and november
Greetings Tor! These past couple of months have been very busy for me and primarily consisted of pondering possible guard discovery attacks on the tor network, writing network scanners for the tor network and researching mix networks (because they are complementary to Tor). I scanned the tor network for CVE-2016-5696: https://lists.torproject.org/pipermail/tor-relays/2016-November/010981.html However it was brought to my attention that my scanner produces false positives when scanning NetBSD. Unfortunately I'm not going to devote anymore time to that particular project because I feel the impact of that particular vulnerability is very low for the Tor network now that over two thirds of the relay operators have upgraded their Linux kernels. The other Tor network scanner I worked on is the partition detection scanner: https://github.com/TheTorProject/bwscanner I've fixed many bugs however it's still a work in progress and I haven't merged it into upstream master branch yet; my dev branch is here: https://github.com/david415/bwscanner/tree/fix_partition_detection.4 While working on the partition scanner I managed to find and fix a memory leak in txtorcon: https://github.com/meejah/txtorcon/issues/192 https://github.com/meejah/txtorcon/commit/4f87dc2f308b74cd5285051ab9b6f047dcd6fb54 My up-to-date notes about mixnet design are here: https://github.com/david415/mixnet_notes TODO: - Write production quality composable mixnet APIs in golang, python and rust. - Ask nicely for Brian Warner to please cut a new Tahoe-LAFS release so that the pypa package will have our latest Tor integration features. - After running several particion detection scans of the Tor network there will be a large amount of data to analyze. I am not sure how much time I will have to work on that in the next coming weeks and I'm curious if there are other Tor people who would be interested in helping me with the data analysis after I collect it? ;-) - Tor integration for IPFS requires getting help from whyrusleeping to make it build. cheers, David Stainton
signature.asc
Description: PGP signature
_______________________________________________ tor-reports mailing list tor-reports@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-reports