A few things everyone can do now:

  1. Please consider running a relay to help the Tor network grow.
  2. Tell your friends! Get them to run relays. Get them to run onion services. Get them to tell their friends.
  3. If you like Tor's goals, please take a moment to donate to support further Tor development. We're also looking for more sponsors — if you know any companies, NGOs, agencies, or other organizations that want anonymity / privacy / communications security, let them know about us.
  4. We're looking for more good examples of Tor users and Tor use cases. If you use Tor for a scenario or purpose not yet described on that page, and you're comfortable sharing it with us, we'd love to hear from you.

Documentation

  1. Help translate the documentation into other languages. See the translation guidelines if you want to help out. We especially need Arabic or Farsi translations, for the many Tor users in censored areas.
  2. Evaluate and document our list of programs that can be configured to use Tor.
  3. We have a huge list of potentially useful programs that interface with Tor. Which ones are useful in which situations? Please help us test them out and document your results.

Advocacy

  1. The tor community uses public mailing lists and IRC channels (join via Tor), like tor-talk (#tor on irc.oftc.net), tor-relays (#tor-relays), tor-dev (#tor-dev), or tbb-dev, and summarize noteworthy changes into articles for our blog and newsletter.
  2. Create a presentation that can be used for various user group meetings around the world.
  3. Create a video about the positive uses of Tor, what Tor is, or how to use it. Some have already started on Tor's Media server, Howcast, and YouTube.
  4. Create a poster around a theme, such as "Tor for Freedom!"
  5. Create a t-shirt design that incorporates "Congratulations! You are using Tor!" in any language.
  6. Spread the word about Tor at a symposium or conference and use these Tor brochures in PDF and ODG format and translated to at least ten different languages as conversation starter.

Projects

Below are a list of Tor related projects we're developing and/or maintaining. Most discussions happen on IRC so if you're interested in any of these (or you have a project idea of your own), then please join us in #tor-dev. Don't be shy to ask questions, and don't hesitate to ask even if the main contributors aren't active at that moment.

For a presentation summarizing many of these projects see...



Name Category Language Activity Contributors
Tor Core C, Rust Heavy nickm, arma, dgoulet, asn, teor
Tor Browser Bundle Javascript, XUL, Scripting Heavy mikeperry, Pearl Crescent, GeKo
HTTPS Everywhere Browser Add-on Javascript Moderate pde, mikeperry
Nyx User Interface Python, Curses Moderate atagar
Orbot User Interface Java Moderate n8fr8
Tails OS image Sys Admin Heavy #tails
tor-ramdisk OS image Sys Admin Light blueness
Torsocks Usability C Light David Goulet
Tor Messenger Bundle JavaScript, XUL, Scripting None arlolra, boklm, sukhe
TorBirdy Browser Add-on JavaScript Light sukhe
Shadow Simulator C, Python Moderate robgjansen
Chutney Simulator Python Light teor
Stem Library Python Heavy atagar
Txtorcon Library Python, Twisted Moderate meejah
metrics-lib Library Java Moderate karsten, iwakeh
Metrics Client Service Java Heavy karsten, iwakeh
Relay Search Client Service JavaScript Light irl
Onionoo Backend Service Java Heavy karsten, iwakeh
ExitMap Backend Service Python None phw
DocTor Backend Service Python Light atagar
GetTor Client Service Python None ilv
TorCheck Client Service Go None Arlo
BridgeDB Backend Service Python Light isis
Ooni Probe Scanner Python Heavy hellais, aagbsn
TorPS Backend Service Python None Aaron Johnson
TorFlow Backend Service Python None aagbsn
CollecTor Backend Service Java Moderate karsten, iwakeh
ExoneraTor Client Service Java Light karsten, iwakeh
Anonbib Website Python None arma, nickm
* Project is still in an alpha state.

Tor (code, bug tracker)

Central project, providing the core software for using and participating in the Tor network. Numerous people contribute to the project to varying extents, but the chief architects are Nick Mathewson and Roger Dingledine.

Project Ideas:
Python Tor Client
v3 Onion Services

Tor Browser (code, bug tracker, design doc)

Tor Browser is an easy-to-use, portable package of Tor, HTTPS-Everywhere, NoScript, TorLauncher, Torbutton, and a Firefox fork, all preconfigured to work together out of the box. The modified copy of Firefox aims to resolve the privacy and security issues in mainline version.

Project Ideas:
Tor Browser Crash Reporter

HTTPS Everywhere (code, bug tracker)

HTTPS Everywhere is a Firefox and Chrome extension that encrypts your communications with many major websites, making your browsing more secure.

Nyx (code, bug tracker)

Nyx (previously arm) is a terminal status monitor for Tor intended for command-line aficionados, ssh connections, and anyone with a tty terminal. This works much like top does for system usage, providing real time statistics for bandwidth, resource usage, connections, and quite a bit more.

Orbot (code, bug tracker)

Provides Tor on the Android platform. The project is under active development, updates to latest Tor releases, and working to stay up to date with all changes in Android and mobile threats.

The Amnesic Incognito Live System (code, bug tracker, documentation, design, contribute)

The Amnesic Incognito Live System is a live CD/USB distribution preconfigured so that everything is safely routed through Tor and leaves no trace on the local system. This is a merger of the Amnesia and Incognito projects, and still under very active development.

Tor-ramdisk (code, documentation)

Tor-ramdisk is a uClibc-based micro Linux distribution whose sole purpose is to securely host a Tor server purely in RAM.

Torsocks (code, bug tracker)

Utility for adapting other applications to work with Tor. Development has slowed and compatibility issues remain with some platforms, but it's otherwise feature complete.

Tor Messenger (code, bug tracker)

Tor Messenger is a cross-platform chat program that aims to be secure by default and sends all of its traffic over Tor.

TorBirdy (code, bug tracker)

TorBirdy is Torbutton for Thunderbird and related Mozilla mail clients.

Shadow (code, bug tracker)

Shadow is a discrete-event network simulator that runs the real Tor software as a plug-in. Shadow is open-source software that enables accurate, efficient, controlled, and repeatable Tor experimentation. For another simulator, see ExperimenTor.

Chutney (code, bug tracker)

Integration test suite that spawns a local tor network, checking the interactions of its components.

Stem (code, bug tracker)

Python controller library for scripts and controller applications using Tor.

Project Ideas:
Python Tor Client

Txtorcon (code, bug tracker)

Twisted-based asynchronous Tor control protocol implementation. Includes unit-tests, examples, state-tracking code and configuration abstraction. Used by OONI and APAF.

metrics-lib (code, bug tracker)

metrics-lib is a Java library that processes Tor network data provided by CollecTor or from other sources.

Metrics (web)

Processing and analytics of consensus data, provided to users via the metrics portal. This has been under active development for several years by Karsten Loesing.

Relay Search (code)

Relay Search is a web application to discover Tor relays and bridges. It provides useful information on how relays are configured along with graphics about their past usage.

This is the spiritual successor to TorStatus, the original codebase for which was written in PHP, and rewritten by students from Wesleyan as Django. If you dig into this space then also check out Globe, another similar site that's since been discontinued.

Onionoo (code, bug tracker)

Onionoo is a JSON based protocol to learn information about currently running Tor relays and bridges.

ExitMap (code, bug tracker)

Scanner for the Tor network by Philipp Winter to detect malicious and misconfigured exits. For more information about how it works see his Spoiled Onions research paper.

DocTor (code, bug tracker)

DocTor is a notification service that monitors newly published descriptor information for issues. This is primarily a service to help the tor directory authority operators, but it also checks for a handful of other issues like sybil attacks.

Weather (code, bug tracker)

Provides automatic notification to subscribed relay operators when their relay's unreachable. This underwent a rewrite by the Wesleyan HFOSS team, which went live in early 2011.

GetTor (code, bug tracker)

E-mail autoresponder providing Tor's packages over SMTP. This has been relatively unchanged for quite a while.

TorCheck (code, bug tracker)

Site for determining if the visitor is using Tor or not.

BridgeDB (code, bug tracker)

Backend bridge distributor, handling the various pools they're distributed in. This was actively developed until Fall of 2010.

Ooni Probe (code, bug tracker)

Censorship scanner, checking your local connection for blocked or modified content.

TorPS (code)

The Tor Path Simulator (TorPS) is a tool for efficiently simulating path selection in Tor. It chooses circuits and assigns user streams to those circuits in the same way that Tor does. TorPS is fast enough to perform thousands of simulations over periods of months.

TorFlow (code, bug tracker)

Library and collection of services for actively monitoring the Tor network. These include the Bandwidth Scanners (measuring throughput of relays) and SoaT (scans for malicious or misconfigured exit nodes). SoaT was last actively developed in the Summer of 2010, and the Bandwidth Scanners a few months later. Both have been under active use since then, but development has stopped.

CollecTor (code, bug tracker)

CollecTor is the Tor network data archive that powers other services like Metrics and Onionoo.

ExoneraTor (code, bug tracker)

ExoneraTor is a service that answers the question whether there was a Tor relay running on a given IP address on a given date.

Anonymity Bibliography (code)

Anonbib is a list of important papers in the field of anonymity. It's also a set of scripts to generate the website from Latex (bibtex). If we're missing any important papers, please let us know!

Project Ideas

You may find some of these projects to be good ideas for Google Summer of Code or the Tor Summer of Privacy. We have labelled each idea with which of our core developers would be good mentors. If one or more of these ideas looks promising to you, please contact us to discuss your plans rather than sending blind applications. You may also want to propose your own project idea — which often results in the best applications.

  1. Python Tor Client
    Language: Python
    Likely Mentors: Damian (atagar), teor

    Stem is our Python implementation of Tor's varous protocols. Traditionally this included stem.control for Tor's ControlPort and stem.descriptor to download from Tor's DirPort. But recently we added a third to this family, stem.client, that speaks Tor's ORPort protocol: the relay protocol for usage of the Tor network itself.

    This opens interesting opportunities we've never had before such as...

    • Construct a full three-hop circuit that can make GET requests and DNS lookups. If done right this might allow simple usage of the Tor network without even having Tor installed!
    • Expand descriptor downloading to use Tor's ORPort as an optional alternative for the DirPort. Following this we could adjust Tor so Fallback Directories no longer require a DirPort.
    • Download hidden service descriptors. Unlike relays, the descriptors for hidden services are only available over the ORPort. Once ticket 17945 is merged v3 HS descriptor downloads will require a multi-hop circuit. This requires an understanding of Tor's hidden service specifications, particularly the HSDir hash ring.
    • Authenticate our ORPort connection, checking that ORPorts we connect to have the right key fingerprint.
    • Add protocol level integration test of Tor's ORPort, for instance exercising edge cases in circuit construction and extension.
    • Connect to a hidden service to check if it's up or not.

    And more! Applicants are encouraged to get a decent understanding of Tor's ORPort protocol and come up with ideas of their own for neat directions that we can take this. To be clear this is not a particularly easy beginner project as it involves expanding stem.client to support more of Tor's ORPort protocol and crypto.

    As part of applying for this project please get your hands wet with the codebase by contributing some patches for Stem!

  2. v3 Onion Services
    Language: C
    Likely Mentors: George (asn)

    The onion services team is interested in mentoring projects related to v3 onion services. Anything from designing and implementing a HS health measurer, refactoring and improving the already existing code, or designing new features and improvements.

    This is a relatively difficult project which will require candidates to have a good understanding of the onion service protocol and in particular the v3 spec.

  3. Tor Browser Crash Reporter
    Language: Python
    Likely Mentors: Tom (tjr)

    This project involves modifying the Firefox Crash Reporter to submit less privacy sensitive data; and to submit this to an onion address of a service running a dump collection server.

    This project was previously worked on in 2017 as part of GSoC - the project got close; but the major outstanding issue was that the crash reporter program wasn’t submitting over Tor like we thought it was; and we need to pass the SOCKS information to it somehow.

  4. OONI Probe test development
    Language: C++
    Likely Mentors: Arturo Filastò(hellais) & Simone Basso(sbs)

    The Open Observatory of Network Interference (OONI) has a series of network tests which measure different forms of internet censorship. Every month, these tests (available via the ONI Probe apps) are run by human rights defenders in more than 200 countries, in an attempt to collect network measurement data that can serve as evidence of internet censorship.

    OONI Probe currently includes tests for some instant messaging apps (WhatsApp, Facebook Messenger & Telegram) and it would be great to have a new test developed for the Signal IM app. Support on improving upon existing OONI Probe tests would also be appreciated.

    As part of this project new Signal tests would be integrated into the OONI Probe mobile app. This would enable human rights defenders to test the accessibility of the Signal app around the world, and to openly share relevant network measurement data.

    You can find out more on our github repositories: https://github.com/ooni and https://github.com/measurement-kit.

  5. OONI Javascript Encore style test
    Language: Javascript, HTML and ideally React
    Likely Mentors: Arturo Filastò(hellais) & Simone Basso(sbs)

    The Open Observatory of Network Interference (OONI) has a series of network tests which measure different forms of internet censorship. Every month, these tests (available via the ONI Probe apps) are run by human rights defenders in more than 200 countries, in an attempt to collect network measurement data that can serve as evidence of internet censorship.

    All of these tests rely on people installing specialised software on their machine. The idea behind this project is that the student would be working on researching and implementing a test based on the Encore paper: https://conferences.sigcomm.org/sigcomm/2015/pdf/papers/p653.pdf. This test runs inside of a regular browser (without the need of a plugin) and is able to check reachability of websites. While the testing is not as precise as the rest of OONI Probe test it can be very useful to coordinate testing campaigns where getting a lot of less precise data quickly is essential.

    Part of the work will about integrating the OONI informed consent procedure into this form of testing too and ensuring that the measurements are collected in an ethical way.

    Please see the relevant github issue for more details: https://github.com/ooni/run/issues/19

  6. Salmon as a Bridge Distribution Mechanism
    Likely Mentors: ahf, Cecylia (cohosh)

    Many users rely on bridges, or anti-censorship proxies, to connect to the Tor network. We need a way of distributing bridge information to users so that they are able to connect. However, when censors learn this information the bridges quickly become blocked and can no longer be used. Our goal is to distribute bridges to users in censored regions when they need them, while also limiting the amount of bridge information that is leaked to censors.

    This project entails implementing Salmon, a bridge distribution mechanism that partitions and distributes bridges using reputation and social contacts to give well-behaved users access to "better" bridges and add a penalty when their bridges get censored.

    For more information on Salmon, see the related paper and source code.

  7. Bring up new ideas!
    Don't like any of these? Look at the Tor development roadmap for more ideas, or just try out Tor and Tor Browser, and find out what you think needs fixing. Some of the current proposals might also be short on developers.

Tor Tip

Tor is written for and supported by people like you. Donate today!