ACTIVE TODO'S ============= For 0.32: --------- - Integrate modified pktstats - Replace torksocks with torsocks. - Add badexit icon - Add KB/s to traffic logs - implement bootstrap info - fix use of mapaddress New Features TODO sometime: --------------------------- - upnp bug - Message: Ports 80 and 443 on your router urn:schemas-upnp-org:device:WANConnectionDevice:1 successfully forwarded to the ports 9030 and 9001 used by your Tor server. - It would be nice if Tork integrates an option to make it possible to select and exclude Tor servers that are running older and possibly (hacked) versions of Tor, other then the current stable and some newer Alpha builds. Servers like nixnix and bettyboob are at least suspicious because they use the same ISP, old version, OS build, and push a huge amount of traffic.Adding this option would make it easier to spot and add servers like these to the enemy server list. - Fix the controlport warnings when we don't lock the controlport quickly enough. - If you don't apply settings and have select server in the drop down menu, what are we supposed to do? - Don't apply server/upnp settings (obviously) - Just prevent server systray info from displaying? (And leave 'server' selected in drop-down?) - Leave 'server' grayed-out and unapplied until settings are applied? - tdesudo is fucked. need to use the API. - Add a 'monitor' option - tork does not do any setconf'ing. - Ability to import blocklists. - tdehotnewstuff? * customized pktstat to report all non-tor traffic - non-tor traffic osd - report kb/s in traffic log - report tor kb/s in traffic log too! * Separate profiles for separate tor servers. Add an argument (-profile profilename) specifying the profilename to use. Add a Tor->Create New Profile button Add a Tor->Save Profile button (only enabled when non-default profile in use). -Saves to desktop file for launching the profile. <kcfgfile arg="true"/> TorkConfig::instance(QString()); delete TorkConfig::self(); TorkConfig::instance(configurationFile); TorkConfig* config = TorkConfig::self(); //Make a copy of config for use in a profile TorkConfig::self()->config()->copyTo("profilename",TorkConfig::self()->config() ); //Load a profile TDEConfig *tmpconfig; tmpconfig = new TDEConfig("torkspecialrc", false, false); tmpconfig->copyTo("torkspecialrctmp",TorkConfig::self()->config()); now delete torkspecialrctmp - maybe I haven't noticed but vidalia gives other nodes time to re-route when disconnecting does Tork do that? - DONE * Add warning when tork is configured to expect privoxy to be running at startup but there is no sign of it - DONE - Fix: when selecting 'client' from start-up icon, ensure 'None is set in server dropdown - DONE - text alongside icons in toolbar - DONE - If firstrun wizard cancelled, then cancel out of TorK and re-run it next time Tor is run. - DONE For 0.32: - Use separate pidgin settings for anonymity. - I just managed to explain how to edit torc to a total non-tech person, but all that was about was simply adding "fascist firewall" parameter - maybe Tork could check if there is one in it's way and try using http port's if needed? (informing the user so that the firewall could be edited if possible) * [wish] the ability to choose to have the state "anonymized" or "non-anonymized" by default * investigate use of unix sockets a bit * circuitidletimeout - set to 4 or 5 hours to prevent lag when building circuits. * keep track of programs anonymized from Tork/torkify and warn heavily if they leak traffic. * merge torsocks patches * Shallot Integration. To be useful would have to be bundled. For 0.32: - Port to KDE4 - End 2008 Sometime: * use kpaaworddialog and tdesuclient for password requests - Re-tool kicker applet 1. 'Optimize' button to replace 'Change Identity': - 'For Speed' CircuitBuildTimeout 5 (or values as low as 2) KeepalivePeriod 60 NewCircuitPeriod 15 NumEntryGuards 8 CircuitIdleTimeout 600 - 'For Safety' Default values of above. Launches wizard that configures according to your requirements. 'Change ID' can remain in system tray. Add changeID to OSD. - DONE Add 'Optimize' to system tray. 3. Merge KB/s and onion progress display to a single column. 4. Integration with Firefox. - Prompt for installation of TorButton when first launched. - Ensure torbutton toggled on when launched. 6. A stacking OSD, i.e. no listview. - Crystal-effect black with white/grey border - Transparent - Upright rounded rectangle. - Each item represents an active stream. - Each item contains: - A 16x16 'cancel icon for killing the stream - A 22x22 icon representing the site/service. - The host name. - 7. An Anonymous Email Wizard. - Assist with download of mixminion. - Explain 'advanced' usage with KMail. - Explain 'simple' usage with plain interface. - Install sendmail-mixminion script A test tool: - Build circuits with selected routers - Fetch a specified resource with circuits - B/W Graphs etc. - Facility to distribute test specs to clients * Toggle javascript and cookies from control button in konqueror =============== PREVIOUS TODO'S =============== Done in 0.31: - fix version checking code for 'download stable' - temp orport rather than torkconfig::orport - Fix MapAddress Done in 0.29.2: * use a qvaluelist for the server list (speed up populating it). likewise for the streamlist. (ALREADY DONE) * add ability to reverse-resolve ip addresses in traffic log on-demand - DONE * make log entries copyable - DONE * add hidden service to 'run server' dropdown. - DONE * ability to drag urls to system tray - DONE. For 0.29: 1. Speed up pop-up windows - DONE 1. Disable padlock when performing updates. - CANTDO 1. RejectPlainTextPorts. Re-implement to block and warn. - DONE 8. Quick B/W Configuration in System Tray a la KTorrent. - DONE 1. Advise users on how to prevent privoxy running automatically. Attempt to update privoxy conf and sighup it. - DONE 1. Force users to re-boot before running first-run wizard, just in case they've installed tor/privoxy freshly, it isn't running, but will only run at start-up - DONE For 0.29: 1. - Redesign OSD. Make it more useful and less ugly. ------------------------------------------- using TorK with konqueror When switching konqueror's anonimity there are some problems: 1. Java and javascript uses same checkbox so you must use both of them or not use at all. 2 When you turn off anonimity tork turn on all of things in list (java/js, plugins, browser identification, etc) even they wasn't used before tork reconfigure konqueror to use tor. ------------------------------------------- > > - In the First-Run Wizard I think it should be possible to enter a > password for local Tor instances (it's already possible to do this for > remote instances) if the user already has set one. Or do you have some > kind of reason for the current absense of it? > TODO for 0.27: - Upnp * UPNP!! o make dirport configurable * Usability: o Remove 'connect'/disconnect from toolbar o Simple Mode: - Add 'Advanced' button that will reveal: - 'Launch/Server Filter' button - 'Citizen' button - 'Fail-Safe' button and 'Fail Safe' config - 'Change Identity' button - So in simple mode only 'server' and 'un-censor' remain - 'Usability' config section o 'My Tor Server', 'My Server BW', and 'Configure Server'remain hidden unless a server is actually running (and advanced mode is selected?). o 'My Hidden Services' remains hidden unless user elects to create a hidden service from main listing. o 'My Network View' remains hidden until user right-clicks on server list to select servers. * New Server wizard for UPNP and basic server info * Integrate shallot into hidden service wizard? * Get rid of libwhich for christ's sake * Use overlays for server icon QPixmap icon = DesktopIcon( m_iconName ); QPixmap overlay( locate ( "icon", KMimeType::favIconForURL( m_filterData->uri() ) + ".png" ) ); if ( !overlay.isNull() ) { int x = icon.width() - overlay.width(); int y = icon.height() - overlay.height(); if ( icon.mask() ) { QBitmap mask = *icon.mask(); bitBlt( &mask, x, y, overlay.mask() ? const_cast<QBitmap *>(overlay.mask()) : &overlay, 0, 0, overlay.width(), overlay.height(), overlay.mask() ? OrROP : SetROP ); icon.setMask(mask); } bitBlt( &icon, x, y, &overlay ); } * gnutls TODO FOR 0.23 --------------------- Major * Applet that displays full raw running config and allows you to set raw options manually and on the fly. * Copy ktorrent's bandwidth toggling in the systray menu * Review konqueror against threats in http://torbutton.torproject.org/dev/ * Check torkify installation when launching torkify Minor * use kpaaworddialog and tdesuclient for password requests * Toggle javascript and cookies from control button in konqueror * rename 'my network view' * Use RelayBandwidthRate * Use cookieauthfile and put in ~/.tork * When server toggled off, throttle bandwidth or something to genuinely stop it. * Fiddle with screen dimensions - make usable for smaller resolutions * Fix bridges * Authentication cookie - more granular help * Spiffify gpg refresh TODO FOR 0.24 --------------------- * A servers history tab, built on a sqlite table. This will accumulate server lifetime history. It will also collect user's usage history of each server. TODO SOMETIME ------------- * Keep lobbying for a friendlier tor landing-page with meaningful info. * use "GETINFO addr-mappings/control". * Fix installation paths - autoconf voodoo required. * Use getinfo desc/id/or instead of getinfo server/status/fp * Nested server list by subnet * Customise ifdefs for livecd? * reduce gcc warnings * Improve stream OSD * Re-write controller logic. * use kompile instead of arkollon * Split out tork.cpp a bit, at least a vagure gesture towards cleaner code * Find and squash as many bugs as possible in tdeconfig and elsewhere. * 'Configure KMail' wizard for Mixminion * filter log with right-click * Full-refresh-of-server-list button * Blogging wizard * Pre-configure hidden service irc on kopete WON'T DO -------- * universal sidebar (?) DONE ---- * if authentication isn't enabled, enable authentication for the duration of the session Options * for 'bw options' allow tork to always set values,even when greyed out. selecting 'default' should reset values to default. * for 'performance' do the same * for 'normal settings' do the same. * for 'server' do not store 'old' values if greyed out, but always apply values. this will work because 'never run as server' is tied to clientonly. * remove 'i'm special' * fix exitnode selection * fix the way some options were being applied while tor is running * make dynamic password setting the default authentication option In 0.22 ------- * ifdefs for livecd: Looking through the UI: 1. Remove options to download and install software X 2. Remove start/stop Tor since this really only connects/disconnects from Tor. 3. Remove anonymous browsing with {Konqueror, Firefox, Opera). x 4. Remove create anonymous services, though the search for hidden services is nice. x 5. Remove anonymous kopete, IRC, SSH, Telnet, GPG keys (I may add the hidden services to gpg.conf), shell. x 6. Remove fail-safe options, Incognito already has those. x 7. Remove run server options.x 8. Remove privoxy config options, the next version doesn't use privoxy. Maybe this could be determined at runtime depending on privoxy being installed. 9. Remove the "My Tor Client" config tab, I don't think there's anything useful for Incognito there. x 10. Remove the "My Tor Server", I think Incognito should be left as middle man. x 11. Remove "My Hidden Services", the next release has a different mechanism for configuring that based on a certain directory structure on the USB drive. x 12. remove konqueror plugin * Flush circuits for pseudonymity * Cope with new extra-info handling for servers * Resolve dns through tor * Fix stream bandwidth counting * add n/a icon * Privoxy config fix, see http://archives.seul.org/or/talk/Oct-2007/msg00291.html In 0.21: * Apply settings - make togglebox allow you to apply in future always * Make systray icon reflect client/server status rather than activity * Create manpages for all binaries * Make torkify installation easier to manage for packagers * Build patches from Patrick Matth�i * stop trying to connect if waiting more than 20 secs * copy control_auth_cookie to ~/.tor in first-run wizard * stop other passive popups when a showstopper popup has already been displayed * zeroise netstats on disconnect * Debug torkified mixminion * also, the fonts are wonky. in the wizard when it first started, it couldn't fit all the words it wanted to fit * under 'my server bandwidth', there's an option to 'don't reuse a connection if it is more than'. but that option is for clients, not servers. *also, under 'my server bandwidth', there's an option 'max number of simultaneous connections allowed'. my maxconn doesn't actually perform this function. nothing does. * remove ASSERT: "(mode & KFile::Files) == 0" in/tmp/buildd/tdelibs-3.5.5a.dfsg.1/./tdeio/tdefile/kurlrequester.cpp (311) In 0.19: * Name filter for server list * Fix 'My Client' bugs * Improve cookieauth attempts to find cookie, search multiple dirs. * Make passwords compulsory in firstrun wizard * Fix My Family * Add passive pop-up when hovering over system tray * Display server/client info (maybe number of running servers too?) in statusbar * Reflect server status in system tray * Complete Intro wizard - do's/dont's In 0.18: * Remove 'complete' server list from network view config. Speed up config page loading. * Use asynchronous dns * 'Failsafe' button * Add 'program' column to connection display * Implement general, server and client status events * Add country servers to exclude list if country blocked * Add TorK generated messages to Tor log and flag accordingly. * Implement entry-guards status events In 0.17: * Kicker applet * Konqueror plugin * Konqueror right-cliick actions * Add tor: io slave. * Reset filters when server list fully refreshed In 0.15: * If thttpd is installed, don't offer to download it. * Add 'Run Server' button * Alert user that KDE's non-anonymous settings have been restored when Tork is closed. * Beginnings of intro-wizard. * Speed up sliding notifications * Fix bug when stopping and restarting connection to tor. * Turn off extended selection of circuits when dragging to circuit pane In 0.14: * Pseudonymity button * Display servers by country * Combo select for tor session type (beneath onion on main page) * bw for streams * dynamically block exits with right-click * Fix browser settings for opera/firefox * count our own seconds for bw events * do not install libwhich and libgeoip * bandwidthrate at different times of the day Before 0.14: * tor traffic log. * log non-tor traffic * Replace privoxy templates with TorK ones that are a little more friendly * Add mixminion client * add privoxy configuration. * connect to tor (if it is running) during set-up wizard. this is to determine if the packaged installation has the controlport open or not. if it does not, then the set-up wizard will need to add the relevant conf line to every possible configuration file candidate it can think of. * SetUp Wizard should inspect your tor installation and recommend appropriate tork setup. Tor GUI Suggestions ------------------- X = Fully(!?) Done x = Sort of Done X Allow the user to fully configure Tor rather than manually searching for and opening text files. X Let users learn about the current state of their Tor connection (for example, how well the current Tor connection is working), and configure or find out whether any of their applications are using it. X Make alerts and error conditions visible to the user. X Run on at least one of Windows, Linux, and OS X, on a not-unusually-configured consumer-level machine. Provide detailed information about which applications, ports, or packets are (or are not!) passing through Tor, including accounting for both Tor- and non-Tor traffic. Provide additional statistics about the Tor connection. Give users more control over how their Tor behaves at certain times of day or in other contexts (like operating as a server). x How much bandwidth is Tor using? How does this compare to the overall network traffic to/from the computer? x Is there network traffic from ports or applications that the user intended to be anonymized? What Tor servers does the user know about on the network? Where are they? How available are they? An interface for displaying or controlling Tor paths: "show me the network from Africa by way of Asia". Think of the global satellite map from the movie Sneakers. Configure other running applications to use Tor (for example, by modifying or working through the network stack, and/or by altering application configurations). x Provide an elegant installer for Tor, your GUI submission, and other supporting applications. X Make your GUI manage the Tor process and other supporting applications -- start them, stop them, realize when they've died. X Provide meaningful defaults for a good Tor experience. Provide application-level anonymity -- that is, not just paying attention to transport anonymity on the level of Tor, but also paying attention to the anonymity of the http headers, cookies, etc. Let the user specify different Tor config option sets depending on time of day (e.g. daytime vs. nighttime). Provide useful controller functions for Tor servers too -- for example, walk the user through recommended bandwidth configurations and exit policies. X Have a "minimized view" of your GUI for common use, and then a more detailed view or set of windows when the user wants more detail. Provide a button or some automatically updating interface to let the user learn whether Tor is working currently, perhaps by accessing an external what's-my-IP site and seeing if it thinks you're a Tor server; and give useful messages and recommendations if it doesn't seem to be working. Provide a way to automatically configure local firewalls (ipchains, Windows firewalls, etc) to let Tor traffic out (and in, for Tor servers). As a bonus, configure it to prevent non-Tor traffic from leaving (and notify when it tries).