Hi Griffin,
On 16/06/15 05:54, Griffin Boyce wrote:
While I don't necessarily want to discourage you from working on GetTor, it's worth noting the duplicated effort in terms of distribution apps. My primary project makes downloading Tor (and other privacy software) from un-censored sources easy, verifying sha256 hashes easy, along with distributing tutorials and bridges [1][2].
Au contraire, thanks for pointing this out. I'm familiar with your work, I just forgot to mention it as a reference of similar work. And yes, the idea is not to duplicate effort :)
The project is called Satori -- it's under heavy development, but has traction, particularly in Iran and China [3]. Satori comes partly from the fact that I don't scale -- 1-to-1 distribution is important but takes a lot of time and a handful of trainers can't help everyone. So I can write applications and increase my positive impact (particularly once guides are included and translations are finished). Downloads are via accessible CDNs and torrents.
Although the result would be similar (the desktop flow is pretty much what we want), for the moment I'm not sure if we want do it in the same way. We're still brainstorming though.. (I'll create a wiki page and send it later in this thread in case you want to collaborate).
When new versions of Tor Browser are available, how does the update process works in Satori (uploading it, doing checksums, etc)?
To answer your questions: 1) distributors are important IMO (see above). 2) I've always liked the idea of email autoresponders for software, but as the size of the Tor Browser increases, I'm not sure how viable it will be. It may be worthwhile to experiment with sending unblocked CDN links and torrent files. 3) I considered an API but don't think it would work as it just recreates the single point of failure that one is trying to avoid with this kind of project. At least for me, the focus on CDN and bittorrent-based software distribution make the most sense.
With respect to point 2), we do not send attachments, we're sending Dropbox links and soon enough we'll be sending Github links too.
About 3), right now we're figuring out if we can use an API (or something similar) with some sort of mirroring approach that could help us avoid the single point of failure that you mention. As I said, we're still discussing, so we might get to the same conclusion as you :)
Thanks for your comments Griffin!
Best, --ilv