[tor-dev] Is anyone using tor-fw-helper? (Was Re: BOINC-based Tor wrapper)

Jacob Appelbaum jacob at appelbaum.net
Thu Jul 23 19:18:34 UTC 2015


On 7/23/15, Yawning Angel <yawning at schwanenlied.me> wrote:
> On Thu, 23 Jul 2015 18:26:33 +0000
> Jacob Appelbaum <jacob at appelbaum.net> wrote:
>
>> >> Also - does this mean that after many many years... that this new
>> >> version of tor-fw-helper be enabled by default at build time?
>> >> Pretty please? :-)
>> >
>> > Unlikely, AFAIK the general plan was to have it as a separate
>> > package.
>> >
>>
>> That is really a major bummer if so - we should be shipping this code
>> and enabling it by default. If a user wants to run a relay, they
>> should only have to express that intent with a single button.
>
> The problem with this (and why we're not shipping it in Tor Browser,
> even if it would make flashproxy actually usable/useful to a large
> number of users) is because there is no one that is willing/able to deal
> with every single instance of:
>
>  * "My router crashed"
>  * "My router crashed and I had to factory reset it"
>  * "Why do I need to open a UDP port on my computer's firewall for
>     uPnP/NAT-PMP to work, and how do I do that?"
>  * "Random unrelated port mappings got blown away"
>  * "My router's NAT TCP session table filled up"
>  * "My ISP is complaining that I'm on some random asshole's blacklist
>     because they include every single Tor Relay"
>  * "Sites that used to work no longer work because some random
>     asshole's blacklist includes every single Tor Relay"
>  * etc, etc, etc, etc
>

Why are we avoiding allowing users to make this choice because of the
above reasons? If a user wants to run a relay or a bridge, we should
make it easy. We don't answer the above questions when it is hard -
are we really off the hook there? It just seems ridiculous.

> And I certainly can't deal with "my router has a strange idea of what
> the uPnP spec actually says, and it fails to port forward" (unless they
> have/know how to use wireshark).
>

In that case, we don't get a bridge or a relay, we may get a bug
report and we will overall have more bridges or relays with less
effort.

> I'm as unhappy at the general situation surrounding the codebase as
> anyone else, and if I thought deploying it would be a good idea, I'd be
> strongly pushing for it, since I think the new code I wrote will work
> for a lot of people.
>

I think that if you have high confidence in the code, I *really* want
to deploy it.

> But we have a gigantic userbase, and playing "consumer router support
> technician" for all of the ones that ship with broken uPnP/NAT-PMP
> implementations does not fill me with warm fuzzy feelings.

I think this is a weird analysis. How many of those people even try to
be a relay or a bridge? Do we have numbers on that? Does the support
team object or are you objecting on their behalf? It just seems too
hand wavy for too many years to punt on dealing with NAT properly.

I admit, I am pretty frustrated that we implemented it, shipped the
code for years and I'm probably the only person who really used it
because of what feels like fear, uncertainty and doubt. Some of the
concerns makes sense but it mostly just strikes me as a farce at this
point. We can always make it harder later but we haven't really tried
to make it easier, ever.

Any user that can compile a Go program can probably just do the NAT
punching on their own anyway...

All the best,
Jacob


More information about the tor-dev mailing list