Re: [Tails-dev] What do we miss to replace Vidalia [was: Get…

Nachricht löschen

Nachricht beantworten
Autor: sajolida
Datum:  
To: The Tails public development discussion list
Betreff: Re: [Tails-dev] What do we miss to replace Vidalia [was: Getting rid of Vidalia]
intrigeri:
> Alan wrote (12 Feb 2015 15:32:15 GMT) :
>>>> - Ability to close a circuit manually.
>>>
>>> No idea what are the use case for this feature that we would want to
>>> support. If someone really wants it, better add it to arm IMO.
>>>
>> Tor Monitor doesn't provide this feature yet. It would be very easy to
>> add, even though I'm not sure I find it desirable: currently we only
>> *monitor* Tor. Do we also really want to *control* it?
>
> Rather not IMO, but I guess everybody got that already :)
>
> I'd love to see Tails run no X application, except Tor Launcher, that
> is able to trivially deanonymize the user via the control port.


Being able to close circuits could be useful to debug malicious exit
nodes. For example, you get an unexpected HTTPS or SSH warning, write
down the info about your exit node, and close that circuit to get a
fresh one and confirm your suspicions.

How important would that be given it doesn't happen that often?
On the other hand I understand the importance of not doing into
controlling Tor.

To go back to the information we should provide about the circuits:

1. Be able to know the country of your exit node can be useful to
understand some limitations it might have when trying to access some
ressources (eg. YouTube in Germany).

2. We should have a look at what Tor is planning to integrate to their
browser as they are already solving a similar problem. I think.

>>>> - Bandwidth Graph.
>>>
>>> Advanced feature IMO, already present in arm. If we care much about
>>> getting this info graphically, then I think some GNOME system monitor
>>> would be a better tool to satisfy the need (it would be a suitable
>>> replacement in the context of Tails, since we're routing almost
>>> everything through Tor).
>>>
>> It would be possible (and I think desirable) [...]
>
> I'd love to understand why this would be more useful than some
> existing GNOME network monitor that we don't have to maintain, and so
> far I fail to. You find it desirable, so there's probably a good
> reason. Let me try harder to understand:
>
> In which use cases is the Tor bandwidth traffic info more useful than
> the overall system network traffic? (I can see the "heavy I2P
> + Tor user" one, but this can't be a good enough reason to write and
> maintain this code given we have arm already, I guess.)
>
> Or is it a matter of UX, as in users would find the tool more easily
> if it was accessible from the Tor Monitor's interface? I've no idea,
> and it might very well be the case. But then perhaps we can start
> whatever network traffic monitor we want from Tor Monitor.


I used to have "nload" in my additional software, but thanks to this
discussion I discovered that GNOME System Monitor is fine for what Alan
describes.

I also didn't even knew we were including arm. So I created #8915.

>  - Has there been any thought put already into how Tor Monitor would
>    integrate into #7437 ("Add a progress indicator while establishing
>    a connection to Tor"), or live aside of it? I was kinda hoping that
>    removing Vidalia would help consolidating the sources of
>    information we provide to the user about the network bootstrap
>    process: I bet the variety of such sources participate in confusing
>    users. So if Tor Monitor is meant to be an independent tool,
>    perhaps it's better if it does *not* start by default. Anyway, I'm
>    wandering a bit off-topic here, but you don't want me to wait
>    6 months before I ask this question, right?


Right, there's definitely a UX side to this. The first thing I can think
of is that people are going freak out if the green onion disappear as
its currently the only indicator of the Tor state on the desktop. I'm
not talking about the "Tor is ready" notification which is not an
permanent indicator.

We developers know that nothing can do wrong and everything that is not
Tor would be blocked. But in term of usable security, I think it's
important to have a visual indicator saying "hey, everything is
all-right". And also how shall we let users know when their Internet
connection is working but they loose their connection to Tor for some
reason (say their bridge shuts down)?

You're going to hate me but would it be conceivable to have Tor Monitor
appear as green onion on the desktop as Vidalia does until now?

And if Tor Monitor is always running in the background, then maybe it
could also provide information while Tor is starting and be the right
tool to solve #7437 in the future?

I hope that this will still allow us to simplify and make robust the Tor
bootstrapping process (which is currently a bit messy if I remember
correctly). We could have:

- Tor Monitor always running, reading the Tor status, and providing the
user visible side of things and replace the NM hooks
"60-tor-ready-notification.sh" and "60-vidalia.sh".
- Network Manager doing only the starting and stopping without worrying
about the visible side of things.