Opened 20 months ago

Last modified 8 months ago

#23446 reopened task

Write a guidelines documentation for requirements with Tor integration by third parties

Reported by: cypherpunks Owned by: tbb-team
Priority: Medium Milestone: website redesign
Component: Webpages/Website Version:
Severity: Normal Keywords: FAQ
Cc: arma, arthuredelstein, gk, brade, mcs Actual Points:
Parent ID: Points:
Reviewer: Sponsor:

Description

I heard that one of the discussions in the Montreal meeting was "Encouraging Tor integration by third parties" which spawned for me the idea that there must be some guidelines documentation the requirements that should be met for each use case. For example for browsers (where integrating Tor is a goal with Brave in private browsing and it has been suggested by the (ex?)-CEO of Mozilla) among the requirements I can think of,

  1. Having the user agent the same as the Tor Browser (Otherwise fingerprinting would be easy).
  2. Stream isolation should be enforced, otherwise a single exit can watch all traffic.
  3. First party isolation should be enforced.
  4. ...etc

Of course there's already the Tor Browser design documentation, but it doesn't address this question directly, and more importantly those folks don't want to make an alternative Tor Browser, rather just a "Tor mode" to their private browsing that can enable true privacy by design.

What do you think of such an idea?

Note that this finds its parallel with little-t-tor in another ticket that I couldn't find about alternative implementations of the tor client.

Child Tickets

Change History (12)

comment:1 Changed 20 months ago by cypherpunks

Summary: Write a guidelines documentation for requirements with Tor integrationWrite a guidelines documentation for requirements with Tor integration by third parties

comment:2 Changed 20 months ago by gk

Status: newneeds_information

I am confused about the proposed scope for this ticket. First, is this meant to be a documentation about how to include tor into other *browsers*? The descriptions just says "third parties". If not, then please put it into a different component.

comment:3 in reply to:  2 Changed 20 months ago by cypherpunks

Replying to gk:

I am confused about the proposed scope for this ticket. First, is this meant to be a documentation about how to include tor into other *browsers*?

Nope, it's about the requirements for a Tor integration by a third-party to be called "successful" and ensuring a minimum guarantee of privacy by design, look at the examples I gave (e.g. "Stream isolation should be enforced").

Also not sure what other different component this should be filed under...

comment:4 Changed 20 months ago by arthuredelstein

Component: Applications/Tor BrowserWebpages/Website

I think this is a nice idea. Perhaps we could write it in the form of a checklist. Starting a page on the wiki might be easiest for now. Of course in the case of browsers, the Tor Browser spec will also be highly relevant.

  1. Having the user agent the same as the Tor Browser (Otherwise fingerprinting would be easy).

Having the same user agent is probably unnecessary in most cases, because it's probably impossible to make another browser (except maybe Firefox and derivatives) otherwise indistinguishable from Tor Browser.

comment:5 Changed 20 months ago by mcs

Cc: brade mcs added

comment:6 in reply to:  4 Changed 19 months ago by cypherpunks

Replying to arthuredelstein:

Having the same user agent is probably unnecessary in most cases, because it's probably impossible to make another browser (except maybe Firefox and derivatives) otherwise indistinguishable from Tor Browser.

That's not the goal with that, and it doesn't disprove that it shouldn't be made (it's rather to make it more difficult for naive tracking - imagine a situation in which a single site with a small number of visitors who is also visited by one TB user, one Firefox user with Tor mode, and one Brave user with Tor mode, and there's someone looking at the logs trying to distinguish them). I should point out that the user agent is only one component of it, the more general thing is to make the header uniform.*

FWIW I think the classification, if done as you suggest in a checklist form, should be divided into necessary and unnecessary (with strongly recommended and preferable sub-categories).

_

* : For example, for Firefox in private browsing (I assume that's where the Tor mode may be based off) the default behavior is to send DNT=1 in the header.

comment:7 in reply to:  4 Changed 19 months ago by cypherpunks

Replying to arthuredelstein:

Having the same user agent is probably unnecessary in most cases, because it's probably impossible to make another browser (except maybe Firefox and derivatives) otherwise indistinguishable from Tor Browser.

Oh, something else which I forgot that is also very important: Cloudflare shows captchas if you're using Tor and the user-agent is different than TB. You can easily reproduce this by going to https://blockchain.info which usually doesn't show a captcha with Tor Browser (or pick a better example). Then change the user-agent in about:config to the one for FF55 for example, then click on New Identity, and go to https://blockchain.info again which will surely show you a captcha. You can test this with a variety of websites behind Cloudflare to confirm this behavior.

comment:8 Changed 13 months ago by hiro

Milestone: website redesign

comment:9 Changed 8 months ago by traumschule

Keywords: FAQ added

The UA differs depending on the used OS and its is not the only way to fingerprint users (#26146).

I wonder if a link to the tor spec in the FAQ answering a question like "How to implement an application based on/like Tor" is what the reporter meant.

comment:10 Changed 8 months ago by traumschule

Resolution: fixed
Status: needs_informationclosed

From my perspective this is implemented: https://www.torproject.org/docs/trademark-faq

comment:11 Changed 8 months ago by tom

Resolution: fixed
Status: closedreopened

This is actually about more than just trademark, so we want to keep this open.

comment:12 Changed 8 months ago by traumschule

oh, sorry for confusing this! Reading it again a wiki page was proposed above, maybe similar like doc/PluggableTransports/GuidelinesForDeployingPTs? Probably too long: doc/GuidelinesForDeployingApplicationsUsingTor?

Note: See TracTickets for help on using tickets.