wiki:org/meetings/2015WinterDevMeeting/Notes/TorIn5Years

Agree: The future is

funding

  • We have diverse funding
  • Tor has funding runway of >= 2 years operating costs in the bank
  • Our small donor team is bringing in > 1/2 of our funding
  • Stable and continuous source of funding(s)
  • Tor should be able to fund new and interesting projects
  • Tor funding should be more diverse and sustainable
  • Tor has enough money to start and fail/abandon experimental projects without problem
  • Independent revenue sources: can we actually do one of these sell-hardcore ideas?
  • More politically diverse funding sources
  • Tor is self-sustaining financially without relying on grants
  • Reliable sustainable funding
  • Pavel Durov gives Tor a billion dollars
  • Tor should be crowd funded for more than 60y of global budget
  • Tor freedom concert.

public perception, outreach, user education, governments & law

  • The world should see Tor as a positive thing
  • Exit nodes are widely understood
  • hidden services are loved + respected
  • Tor services used by lots of ordinary people
  • Tor should be known by the public for things other than narcotics and pornography
  • Tor has raised public expectations of privacy (letting people know that internet privacy is positive)
  • Tor is widely understood to be an important part of the "freedom tech" infrastructure
  • Hidden services are popular and positive
  • Anonymity online is normal
  • Tor is a household name + widely loved
  • Onion services are mainstream
  • Tor should be mainstream
  • Tor as a security feature & mainstream (every application wants to add it)
  • Tor use becomes mainstream and more people are aware of how Tor can improve their privacy online
  • Governments realizing how how important Tor and funding is
  • Tor should be legal to use on the whole planet
  • Anonymity/Privacy/Coding Tor Bootcamp
  • Tor is viewed as a mainstream part of internet security & safety by ordinary Internet users
  • The Tor project maintains friendly relations w/ Law Enforcement & Governments
  • My brother in law uses Tor & can explain why
  • Tor suggested by hospitals to submit medical records
  • More human/animal success stories for Tor
  • Tor helps fester ongoing education into anonymity
  • More Tor curriculum for schools/university/cops
  • Get better at teaching and being a center of excellence for growing a community
  • Tor supports public policy goals for anonymity & human rights
  • Anatomized cloud storage in use by millions of people
  • Tor is taught (as protocol + anonymity) in schools
  • Tor is in Encyclopedia Britannica
  • Tor does field work in dictatorships and democracies all over
  • Tor participates from the launch of Open Hardware products (and benefits $$)
  • Tor usage is explicitly encouraged by all non-pariah local-to-national governments (for citizens); required for government communications.
  • Tor hidden services aren't portrayed as "scary" anymore.
  • Userbase growth continues & stable
  • Tor participates in major political bodies - un, eu, cor; in technical and human rights capacity
  • Government policies appreciate the value of Tor to the world
  • Importance of online privacy understood by most internet users (no longer hearing "I have nothing to hide")
  • Hidden services are used by more every-day people outside of security/circumvention environments (New media, etc)
  • Tor is legal everywhere
  • Tor has enabled >3 popular movements
  • Tor should train users around the world about privacy by design

relays/scale

  • We can support 500k+ relays (and we know because we do)
  • The Tor network scales to 100s of M users
  • More diversity (i.e. relays)
  • Anonymity is improved by Tor reaching 100,000 relays of which 35,000 high-bandwidth servers
  • Tor is rolled out as part of municipally provided comms systems for citizens
  • We should solve Guard risks and the traffic analysis risks
  • There are DirAuths in many geographies/legislation
  • Have a mechanism for Tor clients to anonymously donate to the relays which they are using (but *not* paying for non-neutral/preferential treatment/bandwidth/routing)
  • Exit relays do not steal unencrypted logins/passwords

uses/usability

  • Tor should work out of the box everywhere despite the "bad guy's" best efforts
  • TBB has a bookmark system using deniable encryption
  • >= M users form china
  • Should provide Apple like experience - Tyranny
  • I can register an email address through Tor without going insane
  • Tor (the program) will encourage the use of end-to-end encryption pervasively
  • Tor to be accessible from every country
  • There is a Tor/Anonymous/Privacy phone by Tor
  • Legal HS > illegal HS
  • Ind. journalists and media org using Tor/Tails by default wherever they are
  • All major web services to provide onion service
  • routers for SOHO use shipped with tor as standard
  • All the most popular websites on the internet offer a hidden service to access content + services
  • Anonymizing low-level internet protocols like MinimalT are beginning to be used

help devs

  • Tor SDKs for mobile developers
  • TBB ships with an anon payment system

Org

Tor stays open source

  • Tor remains Free Software
  • The Tor community will be much more diverse
  • more diversity (people, community)
  • More variety of spokespeople and better community presence in the press.
  • Tor Europe, Tor Asia, Tor Africa, and Tor South America funded better than Tor US.
  • Tor has offices in Europe/Asia/Africa/etc.
  • More transparency of tor business operation
  • Tor becomes great at remote team communications and friendly coordination, teaches other groups for $
  • Tor has a full-time webmaster
  • Tor budgets and contracts are public, discussion and decisions embrace transparency.
  • Tor supports integrating and supporting tor with other projects via developer time and financial support.
  • Tor is non-dysfunctional as an organization
  • everyone can be an employee
  • Devs should work on things they think are useful and not driven by sponsors deliverables
  • Tor is a model for other projects, communities, orgs. They want to be as happy and productive.
  • Tor project global made up of Tor NA, Europe, Asia, etc.
  • Tor Project is an entry point for consulting on thew tech developments (that Tor itself may dislike)
  • More partnerships with non-profit organizations
  • We're comfortable with our balance between neutral technology and political activism
  • We have a global list of Tor activist/advocates in a self-sustaining community
  • Tor is partnered with or doing outreach to non-technical orgs or institutions
  • Tor joined forces with ten other large projects to have joint platforms, conferences, and funding
  • Members of the Tor community are held accountable for responsibilities and do not only assume privileges.
  • Members of the Tor community are held accountable for their behavior.
  • Tr includes actual users in developing priorities for new development.
  • Tor browser and its support are fully multicultural
  • Tor has an R and D lab "Onion Labs"
  • Anti-privacy legislation falls outside the Overton window.

Integration

  • Large numbers of protocols and apps can safely be used over Tor
  • Productificaiton of Tor
  • Tor ships a browser, an IM client, pond-like message software, and runs services
  • Tor is built-in with the default network stack of all common OSs.
  • Tor runs on all communication devices
  • Tor included as an option in most open source communication apps/systems
  • Tor is so easy to use that it comes pre-configured on.
  • Tor network as a backbone for non-Tor projects
  • Operating systems ship Tor as they ship a TCP stack
  • Tor works well (both performance and security) in mobile, handheld, IoT, etc. space
  • Tor integrated with many software packages
  • All major phones ship with Tor in the TCB
  • Mobile apps can seamlessly integrate with and use Tor
  • Tor ships routers for home use
  • Linux distros ship up-to-date Tor and Tor browser

Browser

  • Tor browser is harder to exploit than chrome
  • Tor browser UX will be really fast
  • Firefox uses tor for privacy mode
  • easy-to-use default support in all mainstream browsers

Censorship

  • Obfuscation is updated faster than filters can be reconfigured
  • Global/pervasive surveillance is not cost-effective
  • Tor should automatically adapt to resist censorship.

Crypto

  • Will any of the crypto-currency for relays incentive schemes ever turn out to be safe?
  • Will Zerocoin be usable for such purposes?
  • Decentralized cryptographic trust
  • Security properties will be well understood
  • Tor is secure versus "science fiction" level adversaries (PQ crypto)

Tech

  • I can contribute to Wikipedia over Tor
  • Tor balances needs of high-latency and low-latency anonymity system users
  • most messaging and electronic communications between individuals is end-to-end encrypted and resistant to traffic analysis
  • can we support a stronger/high latency service using low-latency traffic as cover?
  • web ui is a bad fit for hsses, thicker client+medium latency message passing
  • Tor uses an awesome new transport
  • Hidden services are normal internet. Browsers support it by default
  • the internet should normalize toward tor
  • Be more persecution resistant. eg. hide dirauths;
  • Tor network has average speeds sufficient for most users to make it their default
  • tor resists traffic analysis
  • we have solve the bw auth problem
  • tor works on all networks
  • more mechanisms to protect against traffic analysis
  • we have solved secure email and chat
  • we have usable privacy solution we can recommend unreservedly
  • there is a replacement for email that is by default encrypted and location preserving

Agree: The future is NOT

  • There is more than one anonymity set
  • There are viable attacks that can't be mitigated
  • Anonymity is dead online.
  • Traffic analysis works, despite it all
  • One AS hosts more than 5% of all Tor relays
  • Tor fails to scale the network to accommodate 100s of millions of users and collapses
  • Tor takes direction from funders and ha little real diversity
  • Software has no QA or maintenance activity as part of proposals or budgets.
  • Backdoors in hardware or OSs make most relays secure.
  • Hostile state actions: Loss of funding, legal action against ops or devs
  • Extralegal persecution
  • Any single funder that we depend on for sustainability
  • Tor usage is mandatory
  • Tor is only useful with hidden services as everything else is blocked
  • Tor is mainly dependent on restricted funding (with deliverables etc)
  • More privileged white males people [by proportion] in community
  • Jobs at tor still don't have formal descriptions and responsibilities
  • Tor should not be a set of balkanized orgs that suck
  • Contracting sporadically is the main way most tor people are compensated
  • the exec team of Tor is opaque and detached from the rest of the tor community
  • Tor did not successfully handle expansion
  • everybody does 10 jobs!
  • Tor runs out of funds
  • Tor has no volunteers anymore
  • Tor outgrows capacity for scale and implodes
  • Tor is a closed or exclusive community
  • Tor developers are routinely harassed by media/state authorities
  • Running a relay is illegal x 2
  • Running exit node is illegal in all countries
  • Tor is illegal and the government remains in power
  • private communication is outlawed in western democracies
  • Main use of Tor is cybercrime
  • Tor is synonymous with the dark net, dark web, cybercriminal underground, etc
  • People think Tor is for criminals
  • Law enforcement continues (or expands) its view that Tor is their problem rather than their solution
  • Tor perceived as used mostly by criminals
  • Tor seen as radical
  • Anonymity is considered universally bad
  • Criminals main users of hidden services
  • Tor is only used for file sharing
  • All of the major sites wind up blocking tor because of abuse concerns
  • Cloud flare Captchas still there
  • Tor remains distracted and fragmented with too many projects
  • Tor will not acknowledge that almost all new internet users will be on mobile devices
  • Tor has law enforcement backdoors
  • Pressure to weaken tor to betray politically unpopular users - eg backdoor HSes for next silk road
  • Tor is mainly used for web browsing
  • It is not reasonable to use Tor for all of your web browsing all the time
  • Tor tells LE orgs how to catch criminals who use tor, using tor weaknesses.
  • Tor spends all its time fighting censorship at the expense of anonymity research
  • NSA breaks important Tor crypto (eg they get Shor's algorithm)
  • Tor still uses TLS
  • Tor network is forked so that new relays operate in multiple separate net domains
  • Reduction in bandwidth diversity is happening
  • Pay-at-point-of-use tor products
  • Tor people turn evil
  • We make closed-source software
  • Tor project produces proprietary software
  • Tor is non-free software

Contentious: The future is

funding from government

  • Tor continues to get government funding
  • Less reliance on government funding

expansion

  • Jurisdictional diversity/redundancy (Can we stop having US law as single point of failure?)
  • We should perfect the roger-cloning technology
  • Tor chapters all around the world

ubiquity/obsolescence

  • Tor is unnecessary because anonymity is built into the internet x2
  • No Tor because it isn't needed
  • Every service on the internet is an onion service
  • Tor is superseded by a different technology that's even better

workplace/demographics

  • It's possible to work for Tor as a “normal” job like McDonalds
  • [Tor does not hire people with certain politically problematic ties]
  • Tor has as many paid researchers as developers
  • 50% men, 50% women [controversial because of gender binary]

standardization

  • Tor as IETF standard x 2

p2p

  • Dir auths no longer necessary
  • Tor to be able to scale as users grow like a p2p network

expanded advocacy

  • Tor expands advocacy beyond “internet freedom”

litigation

  • Tor is actively involved in several active ongoing privacy-related litigations
  • Tor should fight privacy-anon battles around the world

funding

  • Be self-funded
  • Tor should offer a paid anonymity network
  • Tor development is funded (to the tune of several $m) by PROFIT
  • Tor sells a small box that is a Tor relay and corollary services

misc

  • Censorship cat-and-mouse continues, iterates slower
  • Don't have Tor switched on by default
  • There are 2 (3? 4?) BIG Tor networks.
  • There are privacy-conscious profiles in all major operating systems
  • Julian Assange endorses tor-branded IOS client
  • The Internet of Things uses Tor x 2

Contentious: The future is not

funding from government

  • Tor receives NO government funding

ubiquity/obsolescence

  • Cease to exist

standardization

  • A standards committee controls our protocol

expanded advocacy

  • Tor project remains neutral w/ regards to human rights

support for sad things

  • Tor STILL supports windows <7, x86<i686 w.sse2
  • TBB supports DRM or any patent-encumbered tech

compromising

  • Tor should not compromise on anonymity
  • Tor ever sacrifices quality, security, etc for non-tech reasons

criminals

  • Tor declares support for illegal activity over our software-
  • [Abusive content] people still find Tor hidden services the best place to be
  • none of our users is in jail or getting murdered

funding

  • Tor should never become a product/commercial
  • Tor has tiered services
  • Tor not paid service
  • Money incentive to bw relay ratio
  • Tor with paid product(s)
Last modified 19 months ago Last modified on Feb 29, 2016, 10:06:45 PM