Custom Query (18 matches)


Show under each result:

Results (11 - 15 of 18)

1 2 3 4
Ticket Summary Owner
#5553 prevent protocol leaks; Tor client connection API or protocol review howto phoul

I am unhappy with the current Torify instructions.

The big bittorrent leak may happen to any application, which has not been explicitly designed for Tor or reviewed by someone. That's why safe use of Tor is at the moment somewhat limited to the few applications designed over Tor (Tor Browser) or reviewed for use over Tor.

Two ideas will follow how to solve this problem. One or another may work as solution. Feel free to propose other/better/easier/faster solutions.

Proposal 1: Write a howto, how to review an application and protocol for leak free use over Tor. "The protocol/application has to be reviewed." - That is much to vague, even for the application's developer.

For example, would the xchat developers answer "xchat over Tor: do not use dcc/ctcp... it leaks your IP/timezone..."?

What we easily could do for many applications, would be asking the application's developers. But even them could be confused by the question. The paper should define, what a protocol leak is, how to look out for them, how to prevent them.

This would hopefully enable the application developers to answer to the question regarding the protocol leak status. And if they don't want to review their own application, third party contributors could review the protocol.

Proposal 2: Provide an alternate interface for applications. An alternative to socks. Either an API or libery for developers. i2p does also provide one and loads of applications are build on top of i2p. Why there are not so many applications designed for Tor? Because there is neither an API nor an libery.

#8518 Document the new support workflow phoul

The support workflow is changing, the team is growing, I should document it.

#10966 Define a process on how new support assistants can be accepted in the team phoul

The switch from having a single person handling all support request to a team was made through recruiting support assistants as a contracting position. It would be good to define a process on how new people can get accepted in the team. It's mostly a question of trust and probably we need to define a vouching process and a set of people that need to ack the decision.

#12842 Helpdesk needs a PGP key to be able to receive encrypted help queries phoul

Couple days ago sherief mentioned we need a PGP key to be able to receive and handle encrypted help queries via RT.

I think it's a great idea as protecting our users' sensitive information is and always should be our first priority at support team.

This ticket is to help us remember we need to make this happen (hopefully in near future)

Once we have the pgp, we should start advertising and encouraging our users to use encryption if possible.

#27292 Put the country of the apparent IP address on the logged-in page phoul

Please add the country of the apparent IP address to the Congratulations logged-in page.

Some US sites don't allow me to see videos, www. cnbc. com/video/2018/08/16/jay-leno-chats-with-teslas-chief-designer-about-the-2020-tesla-roadster. html reports "Geographic Restriction", I imagine it's because of the European data restrictions, I'm in England. So knowing the country of the apparent IP address would help get round this issue.

Please also make the TOR urls to find out and change the apparent country address easily found, I can't see them anywhere...

1 2 3 4
Note: See TracQuery for help on using queries.