Ticket #3644: xxx-no-public-network.txt

File xxx-no-public-network.txt, 3.6 KB (added by mikeperry, 8 years ago)

Solution outline

Line 
1Problem Summary:
2 - We need a way to tell tor not to send Internet traffic at certain
3   times
4
5Justification:
6 - Tor users need to be asked about alternate connection methods before
7   connecting directly to the public network, which can put them at risk
8   - Primarily for bridge and proxy users now, but obfsproxy users will
9     need this prompt too
10 - Orbot also needs a mechanism to conserve battery power while the
11   Internet is known to be unreachable by the phone
12   - If we do everything right, it can be the same underlying mechanism
13     in tor
14
15Relevant tickets:
16 - Still open:
17   - https://trac.torproject.org/projects/tor/ticket/2905
18   - https://trac.torproject.org/projects/tor/ticket/3644
19   - https://trac.torproject.org/projects/tor/ticket/4290
20 - Past Issues/Rejects/Reverts
21   - https://trac.torproject.org/projects/tor/ticket/2355
22   - https://trac.torproject.org/projects/tor/ticket/3307
23   - https://trac.torproject.org/projects/tor/ticket/3354
24   - https://trac.torproject.org/projects/tor/ticket/3419
25   - https://trac.torproject.org/projects/tor/ticket/3420
26
27Why this is so hard:
28 - TBB, Tails, Orbot, and the Relay Bundles all have slightly
29   different needs that conflict in some ways but not others
30
31Use cases:
32 - TBB needs:
33   - Vidalia to ask the user what to do in a polite and non-alarmist way
34     - First-run only
35     - Prompts either before launching tor, or starts a no-network tor
36     - We may want to disable this until we have an updater to properly handle
37       it
38 - Tails needs:
39   - Tor is started before Vidalia
40   - Tails GDM Greeter ask the user if they want to use bridges
41   - Vidalia must ask the user what bridges they need
42   - Tails does not want the public network to be accessed until Vidalia
43     has asked the user for bridges.
44 - Orbot needs:
45   - A way to tell Tor to stop network activity while the phone
46     is disconnected from the Internet
47 - Relay bundle needs:
48   - No prompting. This feature should be disabled in Relay bundles
49
50Unified Solution:
51 - Tor implements DisableNetwork config var
52   - The variable will prevent all non-control port activity while on
53     - DisableNetwork can also disable remote control ports, too, if
54       that simplifies implementation. Our 4 use cases don't care about
55       remote controllers
56   - It must be toggleable via SETCONF
57 - TBB does:
58   - When updater is, ships a torrc with DisableNetwork 1
59 - Tails does:
60   - If bridges are selected from greeter, start tor with DisableNetwork 1
61 - Orbot does:
62   - SETCONF DisableNetwork=1 when Internet is unreachable
63   - SETCONF DisableNetwork=0 when Internet is reachable
64 - Vidalia does:
65   - If Tor.DisableNetwork:
66     - Display "First Run Prompt" (see Prompting Text below)
67     - If UseBridges is set in vidalia.conf:
68       - In the "First Run Prompt", show extra help for bridges (pop-up,
69         in-line short text or whatever). Note that the bridge settings
70         must be visible since UseBridges is set.
71   - SETCONF DisableNetwork=0 once successful
72   - SAVECONF to write DisableNetwork and Bridge values to disk
73     (to govern future prompting)
74
75Prompting Text:
76 - First Run Prompt:
77   - Example text:
78     "Before Tor attempts to connect to the Internet, we need to know
79      some information about your Internet connection. Please select the
80      options that apply to your Internet connection, if any.
81     
82     [Insert existing Vidalia Network Settings tab pane here]"
83     - The text should have hyperlinks to the Vidalia network config help
84       text and/or tooltips to explain more about bridges (and possibly
85       other network settings) and how to use them.
86