-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
On 4/21/14, Fabio Pietrosanti (naif) lists@infosecurity.ch wrote:
Hi all,
does anyone know of any work to make a Python Only Tor Client, that just enable to expose a Tor Hidden Service?
It would be very cool if it would be possible to avoid "Tor binary" as a dependency for Globaleaks, making it pure Python application code.
The questions are:
Are there projects that foresee to do something like that?
From a Tor Project perspective, does it make sense?
From a Security perspective, are there strong security implications in
doing so?
I have been considering such a project, though my purpose for pursuing it would be to both learn Python and to come to a better understanding of the internals of Tor. Perhaps not the best circumstances for a solid implementation...
For the time being my implementation is just going to be an experiment with trying to speak the Tor protocol, but assuming that I can get some of the basic building-blocks working I'll be pursuing a Tor rewrite in my spare time (I'm currently a student, and as such still sorting out my schedule). I'll probably be in and out of IRC and these mailing lists asking questions every now and again (and trying not to ask stupid ones).
- - ajtgarber (0xEFDA75F9) A190 2527 2D58 6A2B 8108 CB66 D57A A16A EFDA 75F9
On 04/21/2014 01:18 PM, Jacob Garber wrote:
On 4/21/14, Fabio Pietrosanti (naif) lists@infosecurity.ch wrote:
Hi all,
does anyone know of any work to make a Python Only Tor Client, that just enable to expose a Tor Hidden Service?
It would be very cool if it would be possible to avoid "Tor binary" as a dependency for Globaleaks, making it pure Python application code.
The questions are:
- Are there projects that foresee to do something like that?
- From a Tor Project perspective, does it make sense?
- From a Security perspective, are there strong security implications in
doing so?
I have been considering such a project, though my purpose for pursuing it would be to both learn Python and to come to a better understanding of the internals of Tor. Perhaps not the best circumstances for a solid implementation...
For the time being my implementation is just going to be an experiment with trying to speak the Tor protocol, but assuming that I can get some of the basic building-blocks working I'll be pursuing a Tor rewrite in my spare time (I'm currently a student, and as such still sorting out my schedule). I'll probably be in and out of IRC and these mailing lists asking questions every now and again (and trying not to ask stupid ones).
- ajtgarber (0xEFDA75F9)
A190 2527 2D58 6A2B 8108 CB66 D57A A16A EFDA 75F9 _______________________________________________ tor-dev mailing list tor-dev@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev
A friend and I are considering this as well for a little summer project (we're students too). In fact, we've started a bit already (very recently and limited on time until finals are over).
We're sort of thinking the same things you are, and main our goals with this are:
- learn internals of Tor protocol - learn more about anonymity systems and onion routing (and programming challenges that go along with this) - get better with Python (specifically Python3)
We're not so focused on making a practical tool at this point and more interested in just implementing all the specs correctly, although I suppose it's possible it could turn into something useful in the future.
You're welcome to hack on this with us if you want! Check here: https://github.com/blackd0t/needs-a-name
Note: we really *just* started, and are still working out the basics of the protocol, "when to do what", etc. and figuring out how pieces will fit together.
If you just want to do your own thing, feel free to be in touch if you want to talk about questions re: the protocol and/or chat about design decisions. We're currently figuring this stuff out too.
Nik
-
Jacob Garber -
Nik