Re: Ideas on increasing the significance of tor
Michael Holstein wrote: > > Two ideas : > > run multiple instances (and use family option), and let each instance > handle ($X) amount of traffic. at this moment on my box the tor process allocates about 2,3 gig virtual memory respectively 1,5 gig of non-swapped physical memory: PID USER PR NI VIRT RES SHR S %CPU %MEMTIME+ COMMAND 15486 debian-t 25 0 2329m 1.5g 25m S 75 78.2 17930:45 tor So running multiple instances seems not an option. My box only is equipped with 2 gig RAM. > run tor using hardware crypto acceleration (it's sort-of supported, > usually via patches to OpenSSL) can you give me a hint about OpenSSL supported crypto hardware? regards, Olaf
Re: Ideas on increasing the significance of tor
Mrtg motoring of my box clearly shows what's going on with throughput and cpu load. Thus I'm bothering this mailing list with more enhanced multithread capabilities, taking better advantage from multiple cores. Two ideas : run multiple instances (and use family option), and let each instance handle ($X) amount of traffic. Since TOR doesn't thread itself very well, that's one way to do it (sort of like what you've got to do with Snort). (or) run tor using hardware crypto acceleration (it's sort-of supported, usually via patches to OpenSSL) Side note to developers .. why not create one parent thread and ($n) worker threads (like Apache, etc. does) to solve this?
Re: Ideas on increasing the significance of tor
Michael_google gmail_Gersten wrote: > > The best I can conclude, from limited observations, is that CPU > overhead is critical. yep, at about 4500 KB/s the cpu running the tor main thread is loaded with 100%. The other three cpus are left almost idle. Mrtg motoring of my box clearly shows what's going on with throughput and cpu load. Thus I'm bothering this mailing list with more enhanced multithread capabilities, taking better advantage from multiple cores. regards, Olaf
Re: Ideas on increasing the significance of tor
Coming back to the matter of speed: what do we need to increase the performance of the tor network? More tor (exit) nodes, right? (please correct me if I'm wrong) More nodes is not the answer. You could add one million dialup speed nodes, and not improve the speed of Tor. More bandwidth is part of the answer. One exit node with 21 gigawatts, err, enough bandwidth might improve (possibly doubling) the speed of Tor -- IF it has enough CPU power to run things. I've seen circuits with only high-speed nodes (over 900 KB/s, as reported by Vidallia) operate slowly (and the web server is fast as soon as I switch Tor off). So bandwidth isn't the limit either. The best I can conclude, from limited observations, is that CPU overhead is critical. More connections are made to high bandwidth nodes than they can handle (there is no "I'm full, I'm rejecting your connection request" message in the Tor protocol that I know of). The second limit is node speed. There's no way to say "Only use nodes with at least speed in my connections". As soon as I get a node with less than 150 KB/s in my paths, my speed will be lower with Tor, because that's my download speed. The third limit is number of active connections. If I'm downloading a file, I don't mind 20 KB/s paths *IF* I can use multiple paths. My download manager is happy to work with 10 parts at once. So, my suspicions: 1. An easy way to toggle between "At least speed X" (for single-threaded web browsing) and "Any speed, many connections" (for downloads). 2. A way to keep nodes from being CPU starved from the encryption processing (high bandwidth nodes) 3. A way to keep nodes from being bandwidth starved (the main limit on middle-speed nodes).
Ideas on increasing the significance of tor
Hi, IMHO what tor needs to get more accepted and widely used is speed. Unless the user experience of using tor is at least comparable to the regular use of the Internet, only relatively few people will use tor in the future. Why does this matter to us? It's just their privacy that's in jeopardy, right? Wrong. Almost everybody you ask will recognize the importance of free speech to the continuous development of an open, free and pluralistic society. We all know that free speech is not a matter of me and you having that right but rather a matter of all of us having the right to speak freely. Because only if all members of our society have that right, we will continue to be (or start to become; depending on your point of view) a truly pluralistic and open society. IMHO the same principles apply to anonymous free speech (which by the way is not protected by Article 8 of the European Human Rights Convention). It is therefore imperative to make as many people as possible use tor. I think with privacy it's like this: Use it or loose it (as a society). Coming back to the matter of speed: what do we need to increase the performance of the tor network? More tor (exit) nodes, right? (please correct me if I'm wrong) Right now we simply ask the people to put up their own tor servers. The only thing people can do that are not that skilled but still want to support tor is to make a donation. But they will not see the effect their money has on tor. What I suggest is to create an incentive for donations while at the same time creating an instrument that will increase the number of tor (exit) nodes: - Users should be able to donate money for a tor (exit) node. They should be able to say "I am sponsoring X tor nodes!". Users should also be able to specify on which continent (or in which country?) "their" tor node is to be placed. - The installation, configuration and maintenance could then be performed in an efficient manner by a team of volunteers or people getting paid using part of the donated money. Whatever organization takes the donated money to install and operate new tor nodes will sooner or later be operating quite some tor nodes. This raises two questions. - Is it a good idea to grant a single organization that much power? Controlling multiple tor nodes has a great potential for abuse. IMHO that risk is rather low if the organization in question is EFF and good policies and procedures are in place for the administration of the tor nodes thereby limiting the risk of volunteers turning out to be operatives of some law enforcement agency. - That organization (and their operatives) might be a target for law suits. I don't know about the U.S. but in Europe, the operation of a tor node is - as a general rule - covered by the protection of Article 12 of the European E-Commerce Directive. Recent German and Austrian court rulings questioned the scope of this provision. All member states of the European Union are currently implementing the European Data Retention Directive which demands that access providers retain the information who communicated with whom, when, how long, and from which location (Cell-ID for mobile devices) if (and only if) the communication was over a mobile phone, a land line, E-Mail or VoIP. This data will have to be retained for at least 6 months (depending on the member state's implementation). The contents of the communication will not be retained. This legislative measure will create an increased demand for anonymous free speech. The question is: Is tor up for the task? Cheers, Lukas