Changes between Version 5 and Version 6 of OpenITPReview/Criteria


Ignore:
Timestamp:
May 10, 2013 11:32:33 PM (7 years ago)
Author:
DISABLED
Comment:

Legend:

Unmodified
Added
Removed
Modified
  • OpenITPReview/Criteria

    v5 v6  
    77|| Is it open source? || Yes ||
    88|| Is it relevant to our field? || Should be (see below) ||
    9 || ''Is it a circumvention tool?'' || Yes? ||
     9|| ''Is it a circumvention tool?'' || Yes ||
    1010|| ''Is it a host security tool?'' || No? ||
    1111|| ''Is it a secure communications tool?'' || Yes ||
     
    1919|| Is this tool in production? || Yes ||
    2020|| Does this tool have actual users? || Yes ||
    21 || Does this tool fill a currently unmet need? || ? ||
    22 || Does this have unique advantages such as usability or localization? || ? ||
     21|| Does this tool fill a currently unmet need? || Yes - a decentralised low-latency anonymous network ||
     22|| Does this have unique advantages such as usability or localization? || Yes? - Built in eepsite webserver? ||
    2323|| Who nominated this tool? || Us ||
    2424|| Does your community have the resources to audit this tool independently? || No ||
    25 || Does your project have funding for the audit? || Possibly? ||
     25|| Does your project have funding for the audit? || Yes ||
    2626|| Has this project been audited in the past, either by us or anyone else? || No ||
    2727
     
    3030=== Threat Model ===
    3131|| '''Criterion''' || '''Our response''' || '''Do we fulfil this?''' ||
    32 || Does the tool have a threat model?|| Yes - http://www.i2p2.i2p/how_threatmodel || Yes ||
     32|| Does the tool have a threat model?|| Yes (Needs reviewing) - http://www.i2p2.i2p/how_threatmodel || Yes ||
    3333|| Does the tool have one or more clearly defined use contexts? || Maybe? I2P is an anonymous overlay network, and has many potential use contexts. || ? ||
    3434|| Does the threat model follow a clearly established methodology? || '''TODO: Needs research''' ||  ||
     
    3737=== User Experience ===
    3838|| '''Criterion''' || '''Our response''' || '''Do we fulfil this?''' ||
    39 || Does the user experience compromise the secure use of the tool? || ||  ||
     39|| Does the user experience compromise the secure use of the tool? || No? ||  ||
    4040|| Has there been a professional designer involved in the tool development process? || Anonymous designers have donated their time and effort. No money has been paid towards improving the design of the I2P software UI. ||  ||
    4141|| Has there been user experience testing involved in the design process and if so, what? || Sampling of the opinions of users on IRC (a very small percentage of the estimated userbase). || '''No''' ||
     
    4747|| Is the documentation translated into the same set of languages as the tool? || A small subset of languages, and not completely. || '''No''' ||
    4848|| Is the documentation up to date, regularly maintained, and accurate? || Not entirely; not as often as it should be; reasonably. || '''No''' ||
    49 || Does the documentation correctly describe the security caveats and use cases of the tool? || ||  ||
    50 || Does the documentation make clear security claims, and are those claims supported by the tool? || ||  ||
    51 || For tools intended for end-users, is there a set of introductory documentation for inexperienced users? || ||  ||
     49|| Does the documentation correctly describe the security caveats and use cases of the tool? || Yes ||  ||
     50|| Does the documentation make clear security claims, and are those claims supported by the tool? || Yes? - We need a review to find out ;) ||  ||
     51|| For tools intended for end-users, is there a set of introductory documentation for inexperienced users? || No ||  ||
    5252
    5353=== Audience and Adversary Definition ===
     
    5757|| Does the project understand who their user's adversaries are? || See previous criterion. ||  ||
    5858|| Is the tool actively designed with their user's adversary's capabilities in mind? || Maybe generally? ||  ||
    59 || Is the tool being used for contexts outside of those that it was designed for? || '''How could an anonymous overlay network be used other than to route traffic anonymously?''' ||  ||
     59|| Is the tool being used for contexts outside of those that it was designed for? || At least one user uses I2P as a dynamic dns with nat traversal capability ||  ||
    6060|| Was the tool designed with a realistic awareness of the needs of its intended user community? || '''TODO: Check old meeting logs''' || ? ||
    6161
     
    7474|| Does the project have a documented response process for security vulnerability reports? || '''TODO: Define or set up''' || '''No''' ||
    7575|| What is the project history of responding to security incidents and is it documented? || '''TODO: Check history''' ||  ||
    76 || Does the project have an internal responsible disclosure policy and is it used? || || '''No''' ||
     76|| Does the project have an internal responsible disclosure policy and is it used? || '''TODO: Discuss''' || '''No''' ||
    7777|| What timeline does the project have around responding to vulnerabilities? || As soon as possible? ||  ||
    7878
     
    8585=== Privacy and Terms of Service Disposition ===
    8686|| '''Criterion''' || '''Our response''' || '''Do we fulfil this?''' ||
    87 || To what degree does the project (as opposed to tool) come into contact with confidential information? || The I2P network operates on is that there are no "trusted" routers/servers, so the project has no direct contact with confidential information. Some router statistics are publicly published to the netDB for diagnostic purposes, and users sometimes post potentially-deanonymizing information as part of bug reports. '''What about IPs, router IDs etc. in website logs from updates?''' || Yes? ||
     87|| To what degree does the project (as opposed to tool) come into contact with confidential information? || The I2P network operates on is that there are no "trusted" routers/servers, so the project has no direct contact with confidential information. Some router statistics are publicly published to the netDB for diagnostic purposes, and users sometimes post potentially-deanonymizing information as part of bug reports. '''What about IPs, router IDs etc. in website logs from updates?''' - In-network update, also anyone can set up an update server || Yes? ||
    8888|| Does the project understand what data they gather about their users and what its privacy and security impacts are? || '''TODO: Check this''' ||  ||
    8989|| What do project policies permit the project to do with the data they gather? || '''TODO: Check this''' ||  ||
     
    104104|| '''Criterion''' || '''Our response''' || '''Do we fulfil this?''' ||
    105105|| How large is the project's user base? || http://stats.i2p shows ~30,000 routers || Yes? ||
    106 || Does this project benefit an at-risk population directly or indirectly? || || Yes ||
     106|| Does this project benefit an at-risk population directly or indirectly? || Directly || Yes ||
    107107|| Are there any alternatives for this functionality on the platforms it serves? || Tor provides hidden services, but unmaintained and tangential to Tor's target functionality. ||  ||
    108108|| Is this tool recommended by trainers or others in the field? || Unknown ||  ||
    109109|| How security-critical is the tool's functionality? || Being an anonymous network, other tools are dependent on its security. ||  ||
    110110|| Is this project infrastructure that other tools depend on? || Yes, e.g. eepsites, torrent software, http://nightweb.net || Yes ||
    111 || What does the project's growth curve look like? || Slow growth for the first 8 years, then large (exponential?) growth over the last few years. || ? ||
     111|| What does the project's growth curve look like? || Exponential - see http://stats.i2p/cgi-bin/total_routers_year.cgi || ? ||
    112112|| Is this tool localized for significant at-risk populations? || We have translations for Arabic and Chinese (among others). || Yes? ||
    113113|| Is localization applied consistently? || Localization of the routerconsole is mostly done via gettext. Inconsistencies do occur in the separate-page translations. || Maybe? ||