Re: [Tails-dev] Tor Launcher extension

Delete this message

Reply to this message
Author: intrigeri
Date:  
To: Kathleen Brade
CC: The Tails public development discussion list, Mike Perry, Mark Smith
Old-Topics: Re: [Tails-dev] Tor Launcher extension [Was: Mike's March 2013]
Subject: Re: [Tails-dev] Tor Launcher extension
Hi Kathleen,

was the (quoted below) description of our requirements helpful in
asserting how much work it would be allow Tails to use Tor Launcher,
by turning it into a XUL app?

Don't hesitate asking any additional information you might need.

intrigeri wrote (03 Nov 2013 15:09:08 GMT) :
> Kathleen Brade wrote (23 Oct 2013 18:08:23 GMT) :
>> Can you describe your requirements in more detail? Here are some of our questions:


>> - Do you use Vidalia to launch tor (I would guess not) or just as a controller to
>> allow people to adjust settings?


> Tor is started system-wide in Tails (from a NetworkManager hook).
> As you had correctly guessed, we use Vidalia purely as a controller.


>> - What features of Vidalia do you need? Currently, Tor Launcher only provides "start
>> tor", network settings, and "Copy Tor Log to Clipboard" capabilities. Within the TBB
>> Browser, users can create a new identity but that is handled by Tor Button.


> At a glance, I think this should be enough for Tails.


> I'll miss the network map, especially when testing stream isolation
> etc., but we alse ship arm, so I guess we will just tell developers
> and advanced users to use that one for more advanced needs.


>> - Does the Tor network settings window need to be displayed at login time, e.g., to
>> allow configuration before tor touches the network?


> In bridge mode, Tor network settings must indeed be displayed before
> Tor touches the network. Our current plan is to start Tor with the
> DisableNetwork option enabled in torrc, then have the user configure
> bridges in Vidalia, then allow Tor to talk to the network... but
> I personally would be very happy if we could simply s/Vidalia/Tor
> Launcher/ in this plan.


> Relevant Tails tickets are:


>    https://labs.riseup.net/code/issues/5920
>    https://labs.riseup.net/code/issues/5305


>> - How do you currently prevent the desktop user from reconfiguring tor?


> We don't: the desktop upser (or an attacker with sufficient privs to
> generate X input events) can use the Vidalia UI. They don't have
> direct access to the control port, though.


Cheers,
--
intrigeri
| GnuPG key @ https://gaffer.ptitcanardnoir.org/intrigeri/intrigeri.asc
| OTR fingerprint @ https://gaffer.ptitcanardnoir.org/intrigeri/otr.asc