On 7/23/15, Yawning Angel yawning@schwanenlied.me wrote:
On Thu, 23 Jul 2015 18:26:33 +0000 Jacob Appelbaum jacob@appelbaum.net wrote:
Also - does this mean that after many many years... that this new version of tor-fw-helper be enabled by default at build time? Pretty please? :-)
Unlikely, AFAIK the general plan was to have it as a separate package.
That is really a major bummer if so - we should be shipping this code and enabling it by default. If a user wants to run a relay, they should only have to express that intent with a single button.
The problem with this (and why we're not shipping it in Tor Browser, even if it would make flashproxy actually usable/useful to a large number of users) is because there is no one that is willing/able to deal with every single instance of:
- "My router crashed"
- "My router crashed and I had to factory reset it"
- "Why do I need to open a UDP port on my computer's firewall for uPnP/NAT-PMP to work, and how do I do that?"
- "Random unrelated port mappings got blown away"
- "My router's NAT TCP session table filled up"
- "My ISP is complaining that I'm on some random asshole's blacklist because they include every single Tor Relay"
- "Sites that used to work no longer work because some random asshole's blacklist includes every single Tor Relay"
- etc, etc, etc, etc
Why are we avoiding allowing users to make this choice because of the above reasons? If a user wants to run a relay or a bridge, we should make it easy. We don't answer the above questions when it is hard - are we really off the hook there? It just seems ridiculous.
And I certainly can't deal with "my router has a strange idea of what the uPnP spec actually says, and it fails to port forward" (unless they have/know how to use wireshark).
In that case, we don't get a bridge or a relay, we may get a bug report and we will overall have more bridges or relays with less effort.
I'm as unhappy at the general situation surrounding the codebase as anyone else, and if I thought deploying it would be a good idea, I'd be strongly pushing for it, since I think the new code I wrote will work for a lot of people.
I think that if you have high confidence in the code, I *really* want to deploy it.
But we have a gigantic userbase, and playing "consumer router support technician" for all of the ones that ship with broken uPnP/NAT-PMP implementations does not fill me with warm fuzzy feelings.
I think this is a weird analysis. How many of those people even try to be a relay or a bridge? Do we have numbers on that? Does the support team object or are you objecting on their behalf? It just seems too hand wavy for too many years to punt on dealing with NAT properly.
I admit, I am pretty frustrated that we implemented it, shipped the code for years and I'm probably the only person who really used it because of what feels like fear, uncertainty and doubt. Some of the concerns makes sense but it mostly just strikes me as a farce at this point. We can always make it harder later but we haven't really tried to make it easier, ever.
Any user that can compile a Go program can probably just do the NAT punching on their own anyway...
All the best, Jacob