[or-cvs] r23172: {projects} actually number the ten points unmangle my mdashes make quot (projects/articles)
Roger Dingledine
arma at torproject.org
Mon Sep 13 20:09:18 UTC 2010
Author: arma
Date: 2010-09-13 20:09:18 +0000 (Mon, 13 Sep 2010)
New Revision: 23172
Modified:
projects/articles/circumvention-features.tex
Log:
actually number the ten points
unmangle my mdashes
make quotes latex-compatible
Modified: projects/articles/circumvention-features.tex
===================================================================
--- projects/articles/circumvention-features.tex 2010-09-13 20:08:12 UTC (rev 23171)
+++ projects/articles/circumvention-features.tex 2010-09-13 20:09:18 UTC (rev 23172)
@@ -13,9 +13,10 @@
\fancyhead{}
\fancyfoot[C]{\hrulefill \\ The Tor Project, Inc.\\ 969 Main Street, Suite 206, Walpole, MA 02081-2972 USA\\ https://www.torproject.org/}
\author{Roger Dingledine \\ The Tor Project}
-\title{Ten desired properties for Internet circumvention tools \\
+\title{Ten desired properties for Internet circumvention tools \\
\includegraphics[width=5cm,keepaspectratio=true]{../presentations/images/2009-oval_sticker_new.png}}
\date{\today}
+\def\thesection{\arabic{section}}
\begin{document}
\maketitle
\tableofcontents \newpage
@@ -38,7 +39,7 @@
relaying component and a discovery component. The relaying component is
what establishes a connection to some server or proxy, handles encryption,
and sends traffic back and forth. The discovery component is the step
-before that — the process of finding one or more reachable addresses.
+before that -- the process of finding one or more reachable addresses.
Some tools have a simple relaying component. For example, if you're using
an open proxy, the process of using the proxy is straightforward: you
@@ -55,7 +56,7 @@
that some other tool developers may not care about), I have also tried
to include features that other tool developers consider important.
-\section*{Diverse set of users}
+\section{Diverse set of users}
One of the simplest questions you can ask when looking at a circumvention
tool is who else uses it. A wide variety of users means that if somebody
@@ -77,7 +78,7 @@
into some languages but not others can also direct (or hamper) which
users it will attract.
-\section*{Works in your country}
+\section{Works in your country}
The next question to consider is whether the tool operator artificially
restricts which countries can use it. For several years, the commercial
@@ -92,7 +93,7 @@
on the other hand, if you're in Saudi Arabia and need a circumvention
tool, some otherwise useful tools are not an option for you.
-\section*{Sustainable network and software development}
+\section{Sustainable network and software development}
If you're going to invest the time to figure out how to use a given tool,
you want to make sure it's going to be around for a while. There are
@@ -112,7 +113,7 @@
third approach is to rely on sponsors to pay for the bandwidth costs. The
Java Anon Proxy or JAP project relied on government grants to fund its
bandwidth; now that the grant has finished they're investigating the
-for-profit approach. Ultrareach and Freegate use the "sponsor" model
+for-profit approach. Ultrareach and Freegate use the ``sponsor'' model
to good effect, though they are constantly hunting for more sponsors to
keep their network operational.
@@ -130,7 +131,7 @@
a tool uses can help you predict what problems it might encounter in
the future.
-\section*{Open design}
+\section{Open design}
The first step to transparency and reusability of the tool's software and
design is to distribute the software (not just the client-side software,
@@ -173,7 +174,7 @@
projects and the field of circumvention development as a whole moves
forward too slowly.
-\section*{Decentralized architecture}
+\section{Decentralized architecture}
Another feature to look for in a circumvention tool is whether its network
is centralized or decentralized. A centralized tool puts all of its users'
@@ -184,10 +185,10 @@
Another way to look at this division is based on whether the trust is
centralized or decentralized. If you have to put all your trust in one
-entity, then the best you can hope for is "privacy by policy" — meaning
+entity, then the best you can hope for is ``privacy by policy'' -- meaning
they have all your data and they promise not to look at it, lose it, or
sell it. The alternative is what the Ontario Privacy Commissioner calls
-"privacy by design" — meaning the design of the system itself ensures
+``privacy by design'' -- meaning the design of the system itself ensures
that users get their privacy. The openness of the design in turn lets
everybody evaluate the level of privacy provided.
@@ -195,8 +196,8 @@
Berkman Center ran across a FAQ entry for a circumvention tool that
offered to sell its users' clicklogs. I later talked to a different
circumvention tool provider who explained that they had all the logs
-of every request ever made through their system "because you never know
-when you might want them."
+of every request ever made through their system ``because you never know
+when you might want them.''
I've left out the names of the tools here because the point is not that
some tool providers may have shared user data; the point is that any
@@ -207,13 +208,13 @@
Many of these tools see circumvention and user privacy as totally
unrelated goals. This separation isn't necessarily bad, as long as you
-know what you're getting into — for example, we hear from many people
+know what you're getting into -- for example, we hear from many people
in censoring countries that just reading a news website isn't going to
get you locked up. But as we've been learning in many other contexts
over the past few years, large databases of personal information tend
to end up more public than we'd like.
-\section*{Keeps you safe from websites too}
+\section{Keeps you safe from websites too}
Privacy isn't only about whether the tool operator can log your
requests. It's also about whether the websites you visit can recognize
@@ -233,10 +234,10 @@
information about you.
This level of application-level protection comes at a cost though: some
-websites don't work correctly. As more websites move to the latest "web
-2.0" fads, they require more and more invasive features with respect to
+websites don't work correctly. As more websites move to the latest ``web
+2.0'' fads, they require more and more invasive features with respect to
browser behavior. The safest answer is to disable the dangerous behaviors
-— but if somebody in Turkey is trying to reach Youtube and Tor disables
+-- but if somebody in Turkey is trying to reach Youtube and Tor disables
his Flash plugin to keep him safe, his videos won't work.
No tools have solved this tradeoff well yet. Psiphon manually evaluates
@@ -251,21 +252,21 @@
other tools just let through any active content, meaning it's trivial
to unmask their users.
-\section*{Doesn't promise to magically encrypt the entire Internet}
+\section{Doesn't promise to magically encrypt the entire Internet}
I should draw a distinction here between encryption and privacy. Most
circumvention tools (all but the really simple ones like open proxies)
encrypt the traffic between the user and the circumvention provider. They
need this encryption to avoid the keyword filtering done by such censors
as China's firewall. But none of the tools can encrypt the traffic
-between the provider and the destination websites — if a destination
+between the provider and the destination websites -- if a destination
website doesn't support encryption, there's no magic way to make the
traffic encrypted.
The ideal answer would be for everybody to use https (also known as
SSL) when accessing websites, and for all websites to support https
connections. When used correctly, https provides encryption between your
-web browser and the website. This "end-to-end" encryption means nobody
+web browser and the website. This ``end-to-end'' encryption means nobody
on the network (not your ISP, not the backbone Internet providers, and
not your circumvention provider) can listen in on the contents of your
communication. But for a wide variety of reasons, pervasive encryption
@@ -280,12 +281,12 @@
people have expressed concern over Tor's volunteer-run network design,
reasoning that at least with the centralized designs you know who runs
the infrastructure. But in practice it's going to be strangers reading
-your traffic either way — the tradeoff is between volunteer strangers
+your traffic either way -- the tradeoff is between volunteer strangers
who don't know it's you (meaning they can't target you), or dedicated
strangers who get to see your entire traffic profile (and link you to
-it). Anybody who promises "100\% security" is selling something.
+it). Anybody who promises ``100\% security'' is selling something.
-\section*{Fast}
+\section{Fast}
The next feature you might look for in a circumvention tool is speed. Some
tools tend to be consistently fast, some consistently slow, and some
@@ -313,7 +314,7 @@
downside is that the network is often overwhelmed by users doing bulk
transfer.
-\section*{Easy to get the software and updates}
+\section{Easy to get the software and updates}
Once a circumvention tool becomes well-known, its website is going to get
blocked. If it's impossible to get a copy of the tool itself, who cares
@@ -343,19 +344,19 @@
assume they're ready for the next round. Along these lines, Tor prepared
for its eventual blocking by streamlining its network communications
to look more like encrypted web browsing, and introducing unpublished
-"bridge relays" that are harder for an attacker to find and block than
+``bridge relays'' that are harder for an attacker to find and block than
Tor's public relays. Tor tries to separate software updates from proxy
-address updates — if the bridge relay you're using gets blocked,
+address updates -- if the bridge relay you're using gets blocked,
you can stick with the same software and just configure it to use a
new bridge address. Our bridge design was put to the test in China in
September of 2009, and tens of thousands of users seamlessly moved from
the public relays to bridges.
-\section*{Doesn't promote itself as a circumvention tool}
+\section{Doesn't promote itself as a circumvention tool}
Many circumvention tools launch with a huge media splash. The media loves
-this approach, and they end up with front page articles like "American
-hackers declare war on China!" But while this attention helps attract
+this approach, and they end up with front page articles like ``American
+hackers declare war on China!'' But while this attention helps attract
support (volunteers, profit, sponsors), the publicity also attracts the
attention of the censors.
@@ -373,7 +374,7 @@
talks about it, how do users learn about it? One way out of the paradox
is to spread through word of mouth and social networks rather than the
more traditional media. Another approach is to position the tool in a
-different context — for example, we present Tor primarily as a privacy
+different context -- for example, we present Tor primarily as a privacy
and civil liberties tool rather than a circumvention tool. Alas, this
balancing act is tough to maintain in the face of increasing popularity.
@@ -384,14 +385,14 @@
intentionally avoided drawing up a table of different tools and scoring
them on each category. No doubt somebody will do that eventually and
sum up how many checkmarks each tool gets, but the point here is not
-to find the "best" tool. Having a diversity of circumvention tools in
+to find the ``best'' tool. Having a diversity of circumvention tools in
wide use increases robustness for all the tools, since censors have to
tackle every strategy at once.
Last, we should keep in mind that technology won't solve the whole
problem. After all, firewalls are socially very successful in these
-countries. As long as many people in censored countries are saying "I'm so
-glad my government keeps me safe on the Internet," the social challenges
+countries. As long as many people in censored countries are saying ``I'm so
+glad my government keeps me safe on the Internet,'' the social challenges
are at least as important. But at the same time, there are people in
all of these countries who want to learn and spread information online,
and a strong technical solution remains a critical piece of the puzzle.
@@ -410,5 +411,6 @@
Creative Commons Attribution 3.0 United States License:
http://creativecommons.org/licenses/by/3.0/us/.
Earlier versions of this article were prepared for the March 2010
-``Index on Censorship'' and May 2010 Human Rights in China publication.
+``Index on Censorship'' and May 2010 Human Rights in China publication.
\end{document}
+
More information about the tor-commits
mailing list