Changes between Initial Version and Version 1 of org/meetings/2017Amsterdam/Notes/Toronallthings


Ignore:
Timestamp:
Mar 27, 2017, 3:30:10 PM (2 years ago)
Author:
jselon
Comment:

--

Legend:

Unmodified
Added
Removed
Modified
  • org/meetings/2017Amsterdam/Notes/Toronallthings

    v1 v1  
     1How to I build tor into my app?
     2Short term developer dependency as a library
     3
     4Three options
     5Tor as a library
     6Tor as a system extension
     7Tor as a user experience client
     8
     9We need to make this not a big deal for developers to integrate.
     10-Comes from Apple, Google, it is just there in a depo, repo. Not easy to
     11pick it up and put it in your app or client.
     12We need to add 20 lines of code to drop it in
     13
     14If Tor is an invisible network library, how do you configure it?
     15Tor launcher is user configuration for tor
     16What is the configuration, management, setup interface?
     17Make bridge retrieval automatic?
     18
     19Facebook wants to build tor into their app, but it must be .5 MB, must
     20utilize their libevent,
     21How do we get paid for our time, and energy?
     22How do we have our “Signal / WhatsApp” moment?
     23Is there a paid license, support, integration fees? Partnership fee? How
     24do we power the humans to do it?
     25Is the Linux foundation model to support?
     26
     27TAILS as a secure OS, for mobile, for things?
     28Get it ported to ARM
     29What is a desktop environment user interface?
     30What are the user stories driving this? Beyond journalist, activist?
     31Run TAILS on a cheap, second device? Disposable device
     32Lawyers are the new journalists…. They have bad practices
     33Domestic violence with spousal abuse
     34Run on compute sticks, TV based devices
     35GP to send chromebooks to TAILS
     36       
     37Tor in the house
     38Tor used as a remote access point
     39So many closed shop solutions in IoT (grill thermo device has a iGrill
     40app; too may apps)
     41Smarthubs try to integrate control of devices into one platform
     42Current IoT/knx protocol don’t use any security at all
     43Current assumptions are the LAN is safe, doesn’t require security
     44We need to draft ideal network map for IoT where Tor can play a role
     45Locative geofencing app sends HTTP request to home network
     46We need a whitepaper
     47Does every lightswitch need an onion service?
     48Can i connect my lightswitch in germany with my bulb in america?
     49We need to think about latency? How low can it go? Real-time
     50What are the applications that make sense?  Diagnostics, active control
     51Sending data to a manufacturer?
     52Get tor bundled into smarterthings, home assistant
     53
     54
     55What are different threat models and security requirements?
     56IoT threat model vs tor browser model?
     57Activists might be attacked, spied through these channels
     58Timing attacks or passive monitoring might not be as important when
     59talking about lightswitch on/off switch
     60We need to study if we have 100 millions lightswitches running tor
     61Research Tor vs IPv6 in terms of value of reachability, value of Tor
     62
     63Wordpress, Drupal or their CMS plug-in that makes you an onion
     64Install tor
     65Configure onion, init the onion
     66Add a “onion” address HTTP header or HTML header or UI element
     67Letsencrypt onion would also set up https
     68Can plugins to CMS run a daemon?
     69
     70Self hosting bundles, darkweb intranets as onions, small business
     71servers
     72websites, mailservers, team workplace servers
     73Owncloud, etherpad, XMPP, Rocketchat chat servers
     74TAILS server
     75Can we sell on a Raspberry Pi or Intel Compute Stick?
     76Onion Intranet Box (OIB) or TAILS Server Box (TSB)
     77Apt-get install “your service”, torrc.d
     78Using Tor Onions as a remote VPN with auth, we need user experience to
     79configure
     80File sync and mail
     81Collaborate with end users
     82
     83How do we create gatherings about Tor for different communities
     84Corporations, IT, small business
     85
     86Can we compete with Facebook drones and Google Loon?
     87What would it take to convince them to run Tor Bridge on their free
     88internet endpoint?
     89
     90How do we get Tor on the ISS?
     91Is there wireless? Are they using Android or iPhones?
     92Astronauts are geeks, how do find an astronaut is a tor phone?
     93Signal developer, physicist might be astronaut some day
     94How do we get a YouTube video of Tor in space?
     95When 30 minute round trip latency is Tor viable? Is there a high
     96latency, async Tor?
     97JPL and AMES lunch talks?
     98Discrediting client scientists?
     99
     100System, firmware updates
     101Stop the ability to target updates to specific people, devices
     102You get a different update, package
     103Make update process fully transparent
     104Anonymity IS important here for every day people
     105Sebastian’s master thesis?
     106Anonymity is necessary for all people in this case, not just
     107whistleblowers, etc
     108
     109Email delivery between servers via Tor
     110“This service delivers mail over Tor”
     111S2D over Onions
     112Non onion email send to a dot onion address
     113Shown an Onion icon next to emails delivered to an Onion service
     114MX records DNS priorities
     115
     116
     117Analytics and Crash reports over Tor
     118
     119
     120Tor built into mobile OSes
     121GP already working Fairphone and Copperhead OSes
     122We want them to build in Orbot, or ship as a default app
     123Talking about Transparent tor built in
     124Invisible to the users
     125Fixed iptables, network stack to work the “MIA” phone model