mirror of
https://github.com/torproject/community.git
synced 2024-11-28 12:10:44 +00:00
Fix grammar. Thanks @BlueMona.
This commit is contained in:
parent
886ee1ce21
commit
e38beeea0b
@ -15,7 +15,7 @@ Below are a collection of letters you can use to respond to your ISP about their
|
||||
|
||||
## Format and Philosophy of Templates
|
||||
|
||||
The general format of these templates is to inform the complaintant about Tor, to help them to find a solution to their particular issue that works in general for the Internet at large (open wifi, open proxies, botnets, etc), and barring all else, how to block Tor.
|
||||
The general format of these templates is to inform the complainant about Tor, to help them to find a solution to their particular issue that works in general for the Internet at large (open wifi, open proxies, botnets, etc), and barring all else, how to block Tor.
|
||||
The philosophy of the Tor Project is that abuse should be handled proactively by the site administrators, rather than wasting effort and resources on seeking vengeance and chasing ghosts.
|
||||
|
||||
The difference between the proactive approach and the reactive approach to abuse is the difference between decentralized fault-tolerant Internet freedom, and fragile, corruptible totalitarian control.
|
||||
@ -45,7 +45,7 @@ Unfortunately, some people misuse the network. However, compared to the rate of
|
||||
## Abuse Scenarios
|
||||
|
||||
The following scenario-specific paragraphs should be appended to the Common Boilerplate paragraphs above.
|
||||
The common boilerplate should be abridged or be omitted if the abuse complaintant is already familiar with Tor.
|
||||
The common boilerplate should be abridged or be omitted if the abuse complainant is already familiar with Tor.
|
||||
|
||||
## Comment/Forum Spam
|
||||
|
||||
@ -185,29 +185,33 @@ So it is even possible this is a legitimate order, but was flagged as fraud sole
|
||||
|
||||
## Threats of Violence (Advice for Real-Time Discussion)
|
||||
|
||||
If a serious abuse complaint not covered by this template set arrives, the best answer is to follow a pattern with the complaining party. This is not legal advice. This was not written or reviewed by a lawyer. It was written by someone with experience in working with various ISPs who had issues with a Tor exit node on their network. It has also been reviewed by someone who works in Abuse at a major ISP.
|
||||
If a serious abuse complaint not covered by this template set arrives, the best answer is to follow a pattern with the complaining party.
|
||||
This is not legal advice.
|
||||
This was not written or reviewed by a lawyer.
|
||||
It was written by someone with experience working with various ISPs who had issues with a Tor exit node on their network.
|
||||
It has also been reviewed by someone who works in Abuse at a major ISP.
|
||||
|
||||
* Read the [Tor Overview](https://2019.www.torproject.org/about/overview.html.en). Be prepared to summarize and answer basic questions. Assume the person with which you're going to converse knows nothing about Tor. Assume this same person isn't going to trust anything you say.
|
||||
* Read the [Tor Overview](https://2019.www.torproject.org/about/overview.html.en). Be prepared to summarize and answer basic questions. Assume the person with whom you're going to converse knows nothing about Tor. Assume this same person isn't going to trust anything you say.
|
||||
* In serious cases, such as harassment email or death threats, it is often helpful to draw an analogy to situations in the physical world where an action is perpetrated by an anonymous individual (such as delivering the notice via postal mail).
|
||||
* Remind them that traditional policework can still be used to determine who had the means, motive, and opportunity to commit the crime.
|
||||
* Arrange to talk with or directly email the complaintant.
|
||||
* Arrange to talk with or directly email the complainant.
|
||||
* During the conversation make sure you explain a few points:
|
||||
* You are not the perpetrator of the issue.
|
||||
* You are a responsible server operator and concerned about the complaintant's problem.
|
||||
* You are not insane. You may be insane, but we don't want the complaintant to guess this is true.
|
||||
* In many cases, your ISP will be involved as a conduit for the 3rd party complaintant. Your ISP wants to know:
|
||||
* You are a responsible server operator and concerned about the complainant's problem.
|
||||
* You are not insane. You may be insane, but we don't want the complainant to guess this is true.
|
||||
* In many cases, your ISP will be involved as a conduit for the 3rd party complainant. Your ISP wants to know:
|
||||
* Your server is not compromised.
|
||||
* Your server is not a spam relay.
|
||||
* Your server is not a trojan/zombie.
|
||||
* You are a competent server administrator and can address the issue. Minimally, you can at least discuss and respond to the issue intelligently.
|
||||
* The ISP is not at fault and not liable for your actions. This is normally the case, but the poor abuse person dealing with the issues just wants to hear it isn't the ISPs problem. They will move on after they are comfortable.
|
||||
* Discuss options. Options Phobos has been offered:
|
||||
* The ISP/Complaintant may very well demand to see logfiles. Fortunately, by default, nothing sensitive disclosed. You may want a new ISP if they demand access to log files ad hoc.
|
||||
* The ISP/Complaintant suggests you convert to middleman. In this case, you may want to counter with a reduced exit policy, such as the one suggested in [item #6 of the above blog post](https://blog.torproject.org/running-exit-node).
|
||||
* The ISP/Complaintant demands you disable Tor. You may want a new ISP as a result.
|
||||
* The ISP/Complaintant states they will firewall off the traffic on the default ports. You may want a new ISP as a result.
|
||||
* Update the config to disallow traffic to a certain IP range from your exit node. You may want to suggest the complaintant use the [Tor DNS RBL](https://2019.www.torproject.org/projects/tordnsel.html.en) instead.
|
||||
* After all has been discussed, offer a follow up conversation within a week. Make sure your agreed upon changes are implemented. Neither the ISP nor Complaintant may want to do this, but the fact that you offered is in your credit. This may help them feel "comfortable" with you.
|
||||
* You are a competent server administrator and can address the issue. Minimally, you can at least discuss and respond to the issue intelligently.
|
||||
* The ISP is not at fault and not liable for your actions. This is normally the case, but the poor abuse person dealing with the issues just wants to hear it isn't the ISPs problem. They will move on after they are comfortable.
|
||||
* Discuss options. Options Phobos has been offered:
|
||||
* The ISP/Complainant may very well demand to see logfiles. Fortunately, by default, nothing sensitive disclosed. You may want a new ISP if they demand access to log files ad hoc.
|
||||
* The ISP/Complainant suggests you convert to middleman. In this case, you may want to counter with a reduced exit policy, such as the one suggested in [item #6 of the above blog post](https://blog.torproject.org/running-exit-node).
|
||||
* The ISP/Complainant demands you disable Tor. You may want a new ISP as a result.
|
||||
* The ISP/Complainant states they will firewall off the traffic on the default ports. You may want a new ISP as a result.
|
||||
* Update the config to disallow traffic to a certain IP range from your exit node. You may want to suggest the complainant use the [Tor DNS RBL](https://2019.www.torproject.org/projects/tordnsel.html.en) instead.
|
||||
* After all has been discussed, offer a follow up conversation within a week. Make sure your agreed upon changes are implemented. Neither the ISP nor Complainant may want to do this, but the fact that you offered is in your credit. This may help them feel "comfortable" with you.
|
||||
|
||||
|
||||
## Other Template Sets
|
||||
|
@ -10,7 +10,8 @@ These guidelines are meant to give you a quick introduction into the business of
|
||||
|
||||
NOTE:
|
||||
This FAQ is for informational purposes only and does not constitute legal advice.
|
||||
Our aim is to provide a general description of the legal issues surrounding Tor exit relaying. Different factual situations and different legal jurisdictions will result in different answers to a number of questions.
|
||||
Our aim is to provide a general description of the legal issues surrounding Tor exit relaying.
|
||||
Different factual situations and different legal jurisdictions will result in different answers to a number of questions.
|
||||
Therefore, please do not act on this information alone; if you have any specific legal problems, issues, or questions, seek a complete review of your situation with a lawyer licensed to practice in your jurisdiction.
|
||||
|
||||
## Hosting
|
||||
@ -18,7 +19,8 @@ Therefore, please do not act on this information alone; if you have any specific
|
||||
### Tor at Universities: Find allies.
|
||||
|
||||
Find some professors (or deans!) who like the idea of supporting and/or researching anonymity on the Internet.
|
||||
If possible, use an extra IP range whose abuse contact doesn't go through the main university abuse team. Ideally, use addresses that are not trusted by the IP-based authentication many library-related services use -- if the university's entire IP address space is "trusted" to access these library resources, the university is forced to maintain an iron grip on all its addresses.
|
||||
If possible, use an extra IP range whose abuse contact doesn't go through the main university abuse team.
|
||||
Ideally, use addresses that are not trusted by the IP-based authentication many library-related services use -- if the university's entire IP address space is "trusted" to access these library resources, the university is forced to maintain an iron grip on all its addresses.
|
||||
Also read [How do I make my University / ISP / etc happy with my exit node?](/relay/community-resources/tor-relay-universities/)
|
||||
|
||||
### Find Tor-friendly ISPs.
|
||||
@ -34,7 +36,8 @@ Once you identified your ISP, you can follow the two-step advice of TorServers.n
|
||||
|
||||
1. Ask if the ISP is okay with a Tor exit
|
||||
|
||||
2. If they come back positively, ask them if they are OK with an IP range reassignment. If not, you can still explain that you are a non-profit superb large organization filled with security professionals, and that all will be good, and why IP reassignment helps reduce their workload.
|
||||
2. If they come back positively, ask them if they are OK with an IP range reassignment.
|
||||
If not, you can still explain that you are a non-profit superb large organization filled with security professionals, and that all will be good, and why IP reassignment helps reduce their workload.
|
||||
|
||||
The two-step process usually helps in elevating your request to higher levels of support staff without scaring them off too early, even if you don't end up with your own IP range. Here is template you can use: [Inquiry](https://www.torservers.net/wiki/hoster/inquiry)
|
||||
|
||||
@ -42,14 +45,14 @@ The two-step process usually helps in elevating your request to higher levels of
|
||||
|
||||
### Make sure you know the relevant legal paragraphs for common-carrier like communication services in your country (and the country of your hosting provider!).
|
||||
|
||||
At least most western countries should have regulations that exclude communication service providers from liability. Please add your country's regulations to this list.
|
||||
At least most western countries should have regulations that exclude communication service providers from liability.
|
||||
Please add your country's regulations to this list.
|
||||
|
||||
* USA: [DMCA 512](https://www.law.cornell.edu/uscode/text/17/512); see [EFF's Legal FAQ for Tor Operators](/relay/community-resources/eff-tor-legal-faq) (a very good and relevant read for other countries as well)
|
||||
* Germany: [TMG 8](http://www.gesetze-im-internet.de/tmg/__8.html) and [15](http://www.gesetze-im-internet.de/tmg/__15.html).
|
||||
* Netherlands: [Artikel 6:196c BW](http://wetten.overheid.nl/BWBR0005289/Boek6/Titel3/Afdeling4A/Artikel196c/)
|
||||
* Austria: [ECG 13](http://www.ris.bka.gv.at/Dokument.wxe?Abfrage=Bundesnormen&Dokumentnummer=NOR40025809)
|
||||
* France: FIXME
|
||||
* Sweden: [16-19 2002:562](https://lagen.nu/2002:562#P16S1)
|
||||
* USA: [DMCA 512](https://www.law.cornell.edu/uscode/text/17/512); see [EFF's Legal FAQ for Tor Operators](/relay/community-resources/eff-tor-legal-faq) (a very good and relevant read for other countries as well)
|
||||
* Germany: [TMG 8](http://www.gesetze-im-internet.de/tmg/__8.html) and [15](http://www.gesetze-im-internet.de/tmg/__15.html).
|
||||
* Netherlands: [Artikel 6:196c BW](http://wetten.overheid.nl/BWBR0005289/Boek6/Titel3/Afdeling4A/Artikel196c/)
|
||||
* Austria: [ECG 13](http://www.ris.bka.gv.at/Dokument.wxe?Abfrage=Bundesnormen&Dokumentnummer=NOR40025809)
|
||||
* Sweden: [16-19 2002:562](https://lagen.nu/2002:562#P16S1)
|
||||
|
||||
If you country is missing here and you know a lawyer who can provide a legal opinion, please get in contact with Tor Project.
|
||||
|
||||
@ -59,11 +62,15 @@ It's way better for them to hear about Tor from you, in a relaxed environment, t
|
||||
|
||||
### If you're not part of an organization, think about starting one!
|
||||
|
||||
Depending on the chosen form, setting up a legal body might help with liability, and in general it helps to appear bigger than you are (and less likely to get raided). The guys from Torservers.net in Germany found a lawyer who would agree to "host" them inside his office. They are now are a non-profit association ("eingetragener Verein, gemeinnutzig") registered inside a lawyer's office. The setup process was easy and cheap. Similar setups probably exist for your country. Another benefit of an association-like structure is that it might still work even when you leave, if you manage to find successors.
|
||||
Depending on the chosen form, setting up a legal body might help with liability, and in general it helps to appear bigger than you are (and less likely to get raided).
|
||||
The people from Torservers.net in Germany found a lawyer who would agree to "host" them inside his office.
|
||||
They are now are a non-profit association ("eingetragener Verein, gemeinnutzig") registered inside a lawyer's office.
|
||||
The setup process was easy and cheap. Similar setups probably exist for your country.
|
||||
Another benefit of an association-like structure is that it might still work even when you leave, if you manage to find successors.
|
||||
|
||||
### Consider preemptively teaching your local law enforcement about Tor.
|
||||
|
||||
"Cybercrime" people actually love it when you offer to [teach them about Tor and the Internet](https://blog.torproject.org/blog/talking-german-police-stuttgart) -- they're typically overwhelmed by their jobs and don't have enough background to know where to start.
|
||||
"Cybercrime" people actually love it when you offer to [teach them about Tor and the Internet](https://blog.torproject.org/blog/talking-german-police-stuttgart) -- they're typically overwhelmed by their jobs and don't have enough background to know where to start.
|
||||
Contacting them gives you a chance to teach them why Tor is useful to the world (and why it's [not particularly helpful to criminals](https://2019.www.torproject.org/docs/faq-abuse#WhatAboutCriminals).
|
||||
Also, if they do get a report about your relay, they'll think of you as a helpful expert rather than a potential criminal.
|
||||
|
||||
@ -75,15 +82,18 @@ If you receive an abuse complaint, don't freak out! Here is some advice for you:
|
||||
|
||||
### Answer to abuse complaints in a professional manner within a reasonable time span.
|
||||
|
||||
TorServers.net is a fairly large Tor exit operator and we receive only a very small number of complaints, especially compared to the amount of traffic we push. Roughly 80% are automated reports, and the rest is usually satisfied with [our default reply](https://www.torservers.net/wiki/abuse/templates). We have not needed the input of a lawyer in many years of operation following the advice on this page.
|
||||
TorServers.net is a fairly large Tor exit operator and we receive only a very small number of complaints, especially compared to the amount of traffic we push.
|
||||
Roughly 80% are automated reports, and the rest is usually satisfied with [our default reply](https://www.torservers.net/wiki/abuse/templates).
|
||||
We have not needed the input of a lawyer in many years of operation following the advice on this page.
|
||||
|
||||
In addition to the [templates at Torservers.net](https://www.torservers.net/wiki/abuse/templates), you can find many more templates for various scenarios on the [Tor Abuse Templates](/relay/community-resources/tor-abuse-templates/) . It is exceptionally rare to encounter a scenario where none of these templates apply.
|
||||
In addition to the [templates at Torservers.net](https://www.torservers.net/wiki/abuse/templates), you can find many more templates for various scenarios on the [Tor Abuse Templates](/relay/community-resources/tor-abuse-templates/).
|
||||
It is exceptionally rare to encounter a scenario where none of these templates apply.
|
||||
|
||||
### If you receive a threatening letter from a lawyer about abusive use or a DMCA complaint, also don't freak out.
|
||||
|
||||
We are not aware of any case that made it near a court, and we will do everything in our power to support you if it does.
|
||||
You can look up if an IP address was listed as an exit relay at a given time at [ExoneraTor](https://exonerator.torproject.org/). Point to that website in your reply to the complaint.
|
||||
If you feel it might be helpful, we can write you a signed letter confirming this information: Contact us at tor-assistants@torproject.org if you need one.
|
||||
If you feel it might be helpful, we can write you a signed letter confirming this information: Contact us at frontdesk@torproject.org if you need one.
|
||||
|
||||
In your reply, state clearly that you are not liable for forwarded content passing through your machine, and include the relevant legal references for your country.
|
||||
|
||||
@ -93,12 +103,14 @@ In your reply, state clearly that you are not liable for forwarded content passi
|
||||
|
||||
One of the biggest reasons exit relays disappear is because the people answering the abuse address get nervous and ask you to stop.
|
||||
If you can get your own IP block, great. Even if not, many providers will still reassign subblocks to you if you ask.
|
||||
ARIN uses [SWIP](https://www.arin.net/resources/request/reassignments.html), and RIPE uses something similar. You can also add comments to your range, hinting at your usage as anonymization service ([Example](https://apps.db.ripe.net/search/query.html?searchtext=ZWIEBELFREUNDE)).
|
||||
ARIN uses [SWIP](https://www.arin.net/resources/request/reassignments.html), and RIPE uses something similar.
|
||||
You can also add comments to your range, hinting at your usage as anonymization service ([Example](https://apps.db.ripe.net/search/query.html?searchtext=ZWIEBELFREUNDE)).
|
||||
If you have questions about the process, please write an email to [tor-relays mailing list](https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays) and we will try to explain the process to you.
|
||||
|
||||
### Register a phone number and a fax number as abuse contact.
|
||||
|
||||
At least law enforcement in Germany regularly uses the fax and phone numbers present in IP records. Torservers.net uses a free German fax-to-email service, call-manager.de, and a VoIP number from Sipgate.de.
|
||||
At least law enforcement in Germany regularly uses the fax and phone numbers present in IP records.
|
||||
Torservers.net uses a free German fax-to-email service, call-manager.de, and a VoIP number from Sipgate.de.
|
||||
|
||||
### Consider using the Reduced Exit Policy.
|
||||
|
||||
@ -115,7 +127,8 @@ Please read all the technical details before getting started. If you have any qu
|
||||
|
||||
* Set up an informative website on the exit IP(s) on port 80.
|
||||
|
||||
A disclaimer helps giving people the right idea about what is behind traffic coming from these IPs. A simple notice can be published without a separate webserver using Tor's "DirPortFrontPage " directive.
|
||||
A disclaimer helps giving people the right idea about what is behind traffic coming from these IPs.
|
||||
A simple notice can be published without a separate webserver using Tor's "DirPortFrontPage " directive.
|
||||
|
||||
* Try to use dedicated IPs, and when possible dedicated hardware.
|
||||
|
||||
|
@ -125,7 +125,7 @@ To confirm your bridge is running with no issues, you should see something like
|
||||
|
||||
### 6. Final notes
|
||||
|
||||
If you are having troubles setting up your bridge, have a look at [our help
|
||||
If you are having trouble setting up your bridge, have a look at [our help
|
||||
section](https://community.torproject.org/relay/getting-help/). If
|
||||
your bridge is now running, check out the [post-install
|
||||
notes](https://community.torproject.org/relay/setup/bridge/post-install/).
|
||||
|
@ -82,7 +82,7 @@ To confirm your bridge is running with no issues, you should see something like
|
||||
|
||||
### 6. Final notes
|
||||
|
||||
If you are having troubles setting up your bridge, have a look at [our help
|
||||
If you are having trouble setting up your bridge, have a look at [our help
|
||||
section](https://community.torproject.org/relay/getting-help/). If
|
||||
your bridge is now running, check out the [post-install
|
||||
notes](https://community.torproject.org/relay/setup/bridge/post-install/).
|
||||
|
@ -79,7 +79,7 @@ obfs4 1.2.3.4:1234 B0E566C9031657EA7ED3FC9D248E8AC4F37635A4 cert=OYWq67L7MDApdJC
|
||||
```
|
||||
|
||||
Make sure to check out the [post-install notes](https://community.torproject.org/relay/setup/bridge/post-install/).
|
||||
If you are having troubles setting up your bridge, have a look at [our help section](https://community.torproject.org/relay/getting-help/).
|
||||
If you are having trouble setting up your bridge, have a look at [our help section](https://community.torproject.org/relay/getting-help/).
|
||||
|
||||
---
|
||||
html: two-columns-page.html
|
||||
|
@ -97,7 +97,7 @@ To confirm your bridge is running with no issues, you should see something like
|
||||
|
||||
### 6. Final notes
|
||||
|
||||
If you are having troubles setting up your bridge, have a look at [our help
|
||||
If you are having trouble setting up your bridge, have a look at [our help
|
||||
section](https://community.torproject.org/relay/getting-help/). If
|
||||
your bridge is now running, check out the [post-install
|
||||
notes](https://community.torproject.org/relay/setup/bridge/post-install/).
|
||||
|
@ -109,7 +109,7 @@ FreeBSDlatest: {
|
||||
|
||||
### 7. Final notes
|
||||
|
||||
If you are having troubles setting up your bridge, have a look at [our help
|
||||
If you are having trouble setting up your bridge, have a look at [our help
|
||||
section](https://community.torproject.org/relay/getting-help/). If
|
||||
your bridge is now running, check out the [post-install
|
||||
notes](https://community.torproject.org/relay/setup/bridge/post-install/).
|
||||
|
@ -87,7 +87,7 @@ To confirm your bridge is running with no issues, you should see something like
|
||||
|
||||
### 6. Final notes
|
||||
|
||||
If you are having troubles setting up your bridge, have a look at [our help
|
||||
If you are having trouble setting up your bridge, have a look at [our help
|
||||
section](https://community.torproject.org/relay/getting-help/). If
|
||||
your bridge is now running, check out the [post-install
|
||||
notes](https://community.torproject.org/relay/setup/bridge/post-install/).
|
||||
|
@ -40,6 +40,6 @@ If you are looking to run a relay with minimal effort, we recommend you stick to
|
||||
|
||||
The installation commands are shown in code blocks and must be executed with root privileges.
|
||||
|
||||
Click below in which type of relay do you want to host and don't forget to read [Relay post-install and good practices](/relay/setup/post-install/).
|
||||
Click below on type of relay do you want to host and don't forget to read [Relay post-install and good practices](/relay/setup/post-install/).
|
||||
---
|
||||
_slug: {{setup}}
|
||||
|
@ -29,8 +29,8 @@ If your provider offers it, make sure your WHOIS record contains clear indicatio
|
||||
## Exit Notice HTML page
|
||||
|
||||
To make it even more obvious that this is a Tor exit relay you should serve a Tor exit notice HTML page.
|
||||
Tor can do that for you if your DirPort is on TCP port 80, you can make use of tor's DirPortFrontPage feature to display a HTML file on that port.
|
||||
This file will be shown to anyone directing his browser to your Tor exit relay IP address.
|
||||
Tor can do that for you: if your DirPort is on TCP port 80, you can make use of tor's DirPortFrontPage feature to display an HTML file on that port.
|
||||
This file will be shown to anyone directing their browser to your Tor exit relay IP address.
|
||||
|
||||
```
|
||||
DirPort 80
|
||||
@ -80,7 +80,7 @@ By using your own DNS resolver, you are less vulnerable to DNS-based censorship
|
||||
|
||||
Below are instructions on how to install and configure unbound – a DNSSEC-validating and caching resolver – on your exit relay. Unbound has many configuration and tuning knobs but we keep these instructions simple and short; the basic setup will do just fine for most operators.
|
||||
|
||||
After switching to unbound, verify it works as expected by resolving a valid hostname. If it does not work, you can restore your old resolv.conf file.
|
||||
After switching to unbound, verify that it works as expected by resolving a valid hostname. If it does not work, you can restore your old resolv.conf file.
|
||||
|
||||
### Debian/Ubuntu
|
||||
|
||||
@ -92,7 +92,7 @@ cp /etc/resolv.conf /etc/resolv.conf.backup
|
||||
echo nameserver 127.0.0.1 > /etc/resolv.conf
|
||||
```
|
||||
|
||||
To avoid that the configuration gets changed (for example by the DHCP client):
|
||||
To avoid unwanted configuration changed (for example by the DHCP client):
|
||||
|
||||
```
|
||||
chattr +i /etc/resolv.conf
|
||||
@ -135,7 +135,7 @@ cp /etc/resolv.conf /etc/resolv.conf.backup
|
||||
echo nameserver 127.0.0.1 > /etc/resolv.conf
|
||||
```
|
||||
|
||||
To avoid that the configuration gets changed (for example by the DHCP client):
|
||||
To avoid unwanted configuration changes (for example by the DHCP client):
|
||||
|
||||
```
|
||||
chattr +i /etc/resolv.conf
|
||||
@ -171,7 +171,7 @@ cp /etc/resolv.conf /etc/resolv.conf.backup
|
||||
echo nameserver 127.0.0.1 > /etc/resolv.conf
|
||||
```
|
||||
|
||||
To avoid that the configuration gets changed (for example by the DHCP client):
|
||||
To avoid unwanted configuration changes (for example by the DHCP client):
|
||||
|
||||
```
|
||||
chflags schg /etc/resolv.conf
|
||||
|
@ -8,7 +8,7 @@ body:
|
||||
|
||||
# 1. Enable Automatic Software Updates
|
||||
|
||||
One of the most imported things to keeps your relay secure is to install security updates timely and ideally automatically so you can not forget about it. Follow the instructions to enable [automatic software updates](updates) for your operating system.
|
||||
One of the most important things to keeps your relay secure is to install security updates timely and ideally automatically so you can not forget about it. Follow the instructions to enable [automatic software updates](updates) for your operating system.
|
||||
|
||||
# 2. Enable the EPEL repository
|
||||
|
||||
@ -30,7 +30,8 @@ cost=100
|
||||
|
||||
`yum install tor`
|
||||
|
||||
When you install the first package from the EPEL repository you will be asked about verifying the EPEL GPG signing key. Please ensure the key matches with the one available on the [Fedora Project website](https://getfedora.org/keys/).
|
||||
When you install the first package from the EPEL repository you will be asked about verifying the EPEL GPG signing key.
|
||||
Please ensure the key matches with the one available on the [Fedora Project website](https://getfedora.org/keys/).
|
||||
|
||||
# 4. Put the tor configuration file `/etc/tor/torrc` in place
|
||||
|
||||
@ -40,7 +41,7 @@ Nickname myNiceRelay
|
||||
ORPort 9001
|
||||
SocksPort 0
|
||||
ExitRelay 0
|
||||
# Change the email address bellow and be aware that it will be published
|
||||
# Change the email address below and be aware that it will be published
|
||||
ContactInfo tor-operator@your-emailaddress-domain
|
||||
```
|
||||
|
||||
@ -62,7 +63,8 @@ service tor start
|
||||
|
||||
# 6. Final notes
|
||||
|
||||
If you are having troubles setting up your relay, have a look at our [help section](/relay/getting-help/). If your relay is now running, check out the [post-install](/relay/setup/post-install/) notes.
|
||||
If you are having trouble setting up your relay, have a look at our [help section](/relay/getting-help/).
|
||||
If your relay is now running, check out the [post-install](/relay/setup/post-install/) notes.
|
||||
|
||||
---
|
||||
html: two-columns-page.html
|
||||
|
@ -8,7 +8,8 @@ body:
|
||||
|
||||
# 1. Enable Automatic Software Updates
|
||||
|
||||
One of the most important things to keeps your relay secure is to install security updates timely and ideally automatically so you can not forget about it. Follow the instructions to enable [automatic software updates](updates) for your operating system.
|
||||
One of the most important things to keeps your relay secure is to install security updates timely and ideally automatically so you can not forget about it.
|
||||
Follow the instructions to enable [automatic software updates](updates) for your operating system.
|
||||
|
||||
# 2. Configure Tor Package Repository
|
||||
|
||||
@ -43,7 +44,8 @@ Restart the tor daemon so your configuration changes take effect:
|
||||
|
||||
# 6. Final notes
|
||||
|
||||
If you are having troubles setting up your relay, have a look at our [help section](/relay/getting-help/). If your relay is now running, check out the [post-install](/relay/setup/post-install/) notes.
|
||||
If you are having trouble setting up your relay, have a look at our [help section](/relay/getting-help/).
|
||||
If your relay is now running, check out the [post-install](/relay/setup/post-install/) notes.
|
||||
---
|
||||
html: two-columns-page.html
|
||||
---
|
||||
|
@ -8,7 +8,8 @@ body:
|
||||
|
||||
# 1. Bootstrap `pkg`
|
||||
|
||||
DragonFlyBSD's daily snapshots and releases (starting with 3.4) come with `pkg` already installed. Upgrades from earlier releases, however, will not have it.
|
||||
DragonFlyBSD's daily snapshots and releases (starting with 3.4) come with `pkg` already installed.
|
||||
Upgrades from earlier releases, however, will not have it.
|
||||
|
||||
If `pkg` is missing on the system for any reason, it can be quickly bootstrapped without having to build it from source or even having **DPorts** installed:
|
||||
|
||||
@ -90,7 +91,8 @@ service tor start
|
||||
|
||||
# 5. Final Notes
|
||||
|
||||
If you are having troubles setting up your relay, have a look at our [help section](/relay/getting-help/). If your relay is now running, check out the [post-install](/relay/setup/post-install/) notes.
|
||||
If you are having trouble setting up your relay, have a look at our [help section](/relay/getting-help/).
|
||||
If your relay is now running, check out the [post-install](/relay/setup/post-install/) notes.
|
||||
---
|
||||
html: two-columns-page.html
|
||||
---
|
||||
|
@ -8,7 +8,7 @@ body:
|
||||
|
||||
# 1. Enable Automatic Software Updates
|
||||
|
||||
One of the most imported things to keeps your relay secure is to install security updates timely and ideally automatically so you can not forget about it. Follow the instructions to enable [automatic software updates](updates) for your operating system.
|
||||
One of the most important things to keeps your relay secure is to install security updates timely and ideally automatically so you can not forget about it. Follow the instructions to enable [automatic software updates](updates) for your operating system.
|
||||
|
||||
# 2. # 3. Add the following to /etc/yum.repos.d/tor.repo and then install the tor package.
|
||||
|
||||
@ -29,7 +29,7 @@ cost=100
|
||||
Nickname myNiceRelay
|
||||
ORPort 9001
|
||||
ExitRelay 0
|
||||
# Change the email address bellow and be aware that it will be published
|
||||
# Change the email address below and be aware that it will be published
|
||||
ContactInfo tor-operator@your-emailaddress-domain
|
||||
```
|
||||
|
||||
@ -42,7 +42,7 @@ systemctl start tor
|
||||
|
||||
# 5. Final notes
|
||||
|
||||
If you are having troubles setting up your relay, have a look at our [help section](/relay/getting-help/). If your relay is now running, check out the [post-install](/relay/setup/post-install/) notes.
|
||||
If you are having trouble setting up your relay, have a look at our [help section](/relay/getting-help/). If your relay is now running, check out the [post-install](/relay/setup/post-install/) notes.
|
||||
---
|
||||
html: two-columns-page.html
|
||||
---
|
||||
|
@ -8,11 +8,12 @@ body:
|
||||
|
||||
# 1. Enable Automatic Updates for Packages
|
||||
|
||||
One of the most imported things to keeps your relay secure is to install security updates timely and ideally automatically so you can not forget about it. Follow the instructions to enable [automatic software updates](updates) for your operating system.
|
||||
One of the most important things to keeps your relay secure is to install security updates timely and ideally automatically so you can not forget about it. Follow the instructions to enable [automatic software updates](updates) for your operating system.
|
||||
|
||||
# 2. Bootstrap `pkg`
|
||||
|
||||
This article considers we have already a base installation of FreeBSD running, and only the base system (here, we are running 12.0-RELEASE). That means we do not have any packages installed neither the `pkg` packages manager itself (there's no `sudo` available - we are running commands as root).
|
||||
This article assumes we have already a base installation of FreeBSD running, and only the base system (here, we are running 12.0-RELEASE).
|
||||
That means we do not have any packages installed, or even the `pkg` packages manager itself (there's no `sudo` available - we are running commands as root).
|
||||
|
||||
To bootstrap and install `pkg` we should run the following command:
|
||||
|
||||
@ -33,7 +34,9 @@ Installing the `ca_root_nss` package:
|
||||
pkg install ca_root_nss
|
||||
```
|
||||
|
||||
We are keeping the original setting used by `pkg` but setting a new one that will override it, so we set up a new directory and than create a configuration file to override what we need. This configuration file will be `/usr/local/etc/pkg/repos/FreeBSD.conf`.
|
||||
We are keeping the original setting used by `pkg` but setting a new one that will override it.
|
||||
So we set up a new directory, and then create a configuration file to override what we need.
|
||||
This configuration file will be `/usr/local/etc/pkg/repos/FreeBSD.conf`.
|
||||
|
||||
Creating the new directory:
|
||||
|
||||
@ -103,7 +106,8 @@ service tor start
|
||||
|
||||
# 7. Final Notes
|
||||
|
||||
If you are having troubles setting up your relay, have a look at our [help section](/relay/getting-help/). If your relay is now running, check out the [post-install](/relay/setup/post-install/) notes.
|
||||
If you are having trouble setting up your relay, have a look at our [help section](/relay/getting-help/).
|
||||
If your relay is now running, check out the [post-install](/relay/setup/post-install/) notes.
|
||||
---
|
||||
html: two-columns-page.html
|
||||
---
|
||||
|
@ -10,7 +10,7 @@ body:
|
||||
|
||||
Recent OpenBSD systems, like 6.5/amd64, already have the repository configured on `/etc/installurl` so we do not need to bother changing it.
|
||||
|
||||
Should that's not your case, please adjust the `installurl` configuration file like this:
|
||||
If that's not your case, please adjust the `installurl` configuration file like this:
|
||||
|
||||
```
|
||||
echo "https://cdn.openbsd.org/pub/OpenBSD" > /etc/installurl
|
||||
|
@ -10,7 +10,7 @@ If you are using a firewall, open a hole in your firewall so incoming connection
|
||||
|
||||
Also, make sure you allow all outgoing connections too, so your relay can reach the other Tor relays, clients and destinations.
|
||||
|
||||
You can find the specific ORPort TCP port number in the torrc configuration samples bellow (in the OS specific sections).
|
||||
You can find the specific ORPort TCP port number in the torrc configuration samples below (in the OS specific sections).
|
||||
|
||||
# 2. Verify that your relay works
|
||||
|
||||
@ -21,7 +21,7 @@ Self-testing indicates your ORPort is reachable from the outside. Excellent.
|
||||
Publishing server descriptor.
|
||||
```
|
||||
|
||||
About 3 hours after you started your relay it should appear on [Relay Search](https://metrics.torproject.org/rs.html).
|
||||
About 3 hours after you start your relay it should appear on [Relay Search](https://metrics.torproject.org/rs.html).
|
||||
You can search for your relay using your nickname or IP address.
|
||||
|
||||
# 3. Read about Tor relay lifecycle
|
||||
@ -30,15 +30,15 @@ It takes some time for relay traffic to ramp up, this is especially true for gua
|
||||
|
||||
# 4. Configuration Management
|
||||
|
||||
If you plan to run more than a single relay, or you want to run a high capacity relay (multiple Tor instances per server) or want to use strong security features like [Offline Master Keys](https://trac.torproject.org/projects/tor/wiki/doc/TorRelaySecurity/OfflineKeys) without performing additional steps manually, you may want to use a configuration management for better maintainability.
|
||||
If you plan to run more than a single relay, or you want to run a high capacity relay (multiple Tor instances per server) or want to use strong security features like [Offline Master Keys](https://trac.torproject.org/projects/tor/wiki/doc/TorRelaySecurity/OfflineKeys) without performing additional steps manually, you may want to use configuration management for better maintainability.
|
||||
|
||||
There are multiple configuration management solutions for Unix based operating systems (Ansible, Puppet, Salt, ...).
|
||||
There are multiple configuration management solutions for Unix-based operating systems (Ansible, Puppet, Salt, ...).
|
||||
|
||||
The following Ansible Role has specifically been build for Tor relay operators and supports multiple operating systems: [Ansible Relayor](http://github.com/nusenu/ansible-relayor).
|
||||
The following Ansible Role has specifically been built for Tor relay operators and supports multiple operating systems: [Ansible Relayor](http://github.com/nusenu/ansible-relayor).
|
||||
|
||||
# 5. Important: if you run more than one Tor instance
|
||||
|
||||
To avoid putting Tor clients at risk when operating multiple relays you must set a proper [MyFamily](https://2019.www.torproject.org/docs/tor-manual.html.en#MyFamily) value and have a valid [ContactInfo](https://2019.www.torproject.org/docs/tor-manual.html.en#ContactInfo) in your torrc configuration.
|
||||
To avoid putting Tor clients at risk, when operating multiple relays you must set a proper [MyFamily](https://2019.www.torproject.org/docs/tor-manual.html.en#MyFamily) value and have a valid [ContactInfo](https://2019.www.torproject.org/docs/tor-manual.html.en#ContactInfo) in your torrc configuration.
|
||||
The MyFamily setting is simply telling Tor clients what Tor relays are controlled by a single entity/operator/organization, so they are not used in multiple positions in a single circuit.
|
||||
|
||||
If you run two relays and they have fingerprints AAAAAAAAAA and BBBBBBBB, you would add the following configuration to set MyFamily:
|
||||
@ -47,10 +47,10 @@ If you run two relays and they have fingerprints AAAAAAAAAA and BBBBBBBB, you wo
|
||||
MyFamily AAAAAAAAAA,BBBBBBBB
|
||||
```
|
||||
|
||||
to both relays. To find your relays fingerprint you can look into the log files when tor starts up or find the file named "fingerprint" in your tor DataDirectory.
|
||||
to both relays. To find your relay's fingerprint you can look into the log files when tor starts up or find the file named "fingerprint" in your tor DataDirectory.
|
||||
|
||||
Instead of doing so manually for big operators we recommend to automate the MyFamily setting via a configuration management solution.
|
||||
Manually managing MyFamily for big relay groups is error prone and can put Tor clients at risk.
|
||||
Instead of doing so manually, for big operators we recommend to automate the MyFamily setting via a configuration management solution.
|
||||
Manually managing MyFamily for big relay groups is error-prone and can put Tor clients at risk.
|
||||
|
||||
# 6. Optional: Limiting bandwidth usage (and traffic)
|
||||
|
||||
@ -81,8 +81,8 @@ The following command line will ping the IPv6 addresses of Tor directory authori
|
||||
ping6 -c2 2001:858:2:2:aabb:0:563b:1526 && ping6 -c2 2620:13:4000:6000::1000:118 && ping6 -c2 2001:67c:289c::9 && ping6 -c2 2001:678:558:1000::244 && ping6 -c2 2607:8500:154::3 && ping6 -c2 2001:638:a000:4140::ffff:189 && echo OK.
|
||||
```
|
||||
|
||||
At the end of the output you should see "OK." if that is not the case do not enable IPv6 in your torrc configuration file before IPv6 is indeed working.
|
||||
**If you enable IPv6 without working IPv6 connectivity your entire relay will not be used, regardless if IPv4 is working.**
|
||||
At the end of the output you should see "OK." if that is not the case, do not enable IPv6 in your torrc configuration file before IPv6 is indeed working.
|
||||
**If you enable IPv6 without working IPv6 connectivity, your entire relay will remain unused, regardless of whether IPv4 is working.**
|
||||
|
||||
If it worked fine, make your Tor relay reachable via IPv6 by adding an additional ORPort line to your configuration (example for ORPort 9001):
|
||||
|
||||
@ -90,7 +90,8 @@ If it worked fine, make your Tor relay reachable via IPv6 by adding an additiona
|
||||
ORPort [IPv6-address]:9001
|
||||
```
|
||||
|
||||
The location of that line in the configuration file does not matter you can simply add it next to the first ORPort lins in your torrc file.
|
||||
The location of that line in the configuration file does not matter.
|
||||
You can simply add it next to the first ORPort lins in your torrc file.
|
||||
|
||||
Note: You have to explicitly specify your IPv6 address in square brackets, you can not tell tor to bind to any IPv6 (like you do for IPv4).
|
||||
If you have a global IPv6 address you should be able to find it in the output of the following command:
|
||||
@ -113,7 +114,7 @@ IPv6Exit 1
|
||||
|
||||
After your initial installation and start of the tor daemon it is a good idea to make a backup of your relay's long term identity keys.
|
||||
They are located in the "keys" subfolder of your DataDirectory (simply make a copy of the entire folder and store it in a secure location).
|
||||
Since relays have a ramp-up time it makes sense to backup the identity key to be able to restore your relay's reputation after a disk failure - otherwise you would have to go through the ramp-up phase again.
|
||||
Since relays have a ramp-up time it makes sense to back up the identity key to be able to restore your relay's reputation after a disk failure - otherwise you would have to go through the ramp-up phase again.
|
||||
|
||||
Default locations of the keys folder:
|
||||
|
||||
@ -127,9 +128,9 @@ This is a very low traffic mailing list and you will get information about new s
|
||||
|
||||
## Setting up outage notifications
|
||||
|
||||
Once you setup your relay it will likely run without much work from your side.
|
||||
Once you set up your relay it will likely run without much work from your side.
|
||||
If something goes wrong it is good to get notified automatically.
|
||||
We recommend you use one of the free services that allow you to check your relay's ORPorts for reachability and send you an email should they become unreachable for what ever reason.
|
||||
We recommend you use one of the free services that allow you to check your relay's ORPorts for reachability and send you an email should they become unreachable for whatever reason.
|
||||
|
||||
[UptimeRobot](https://uptimerobot.com/) is one of these services that allow you to monitor TCP listeners on arbitrary ports.
|
||||
This service can check your configured ports once every 5 minutes and send you an email should your tor process die or become unreachable.
|
||||
|
@ -38,13 +38,13 @@ A non-exit relay does not allow exiting in its exit policy.
|
||||
|
||||
# Exit relay
|
||||
|
||||
The exit relay is the final relay in a Tor circuit, the one that sends traffic out its destination.
|
||||
The services Tor clients are connecting to (website, chat service, email provider, etc) will see the IP address of the exit relay instead of their real IP address of the Tor user.
|
||||
The exit relay is the final relay in a Tor circuit, the one that sends traffic out to its destination.
|
||||
The services Tor clients are connecting to (website, chat service, email provider, etc) will see the IP address of the exit relay instead of the real IP address of the Tor user.
|
||||
|
||||
Exit relays have the greatest legal exposure and liability of all the relays.
|
||||
For example, if a user downloads copyrighted material while using your exit relay, you the operator may receive a [DMCA notice](https://www.dmca.com/Solutions/view.aspx?ID=712f28a5-93f2-467b-ba92-3d58c8345a32&?ref=sol08a2).
|
||||
For example, if a user downloads copyrighted material while using your exit relay, you, the operator may receive a [DMCA notice](https://www.dmca.com/Solutions/view.aspx?ID=712f28a5-93f2-467b-ba92-3d58c8345a32&?ref=sol08a2).
|
||||
Any abuse complaints about the exit will go directly to you (via your hoster, depending on the WHOIS records).
|
||||
Generally, most complaints can be handled pretty easily through template letters, which we'll discuss more in legal considerations section.
|
||||
Generally, most complaints can be handled pretty easily through template letters, which we'll discuss further in the legal considerations section.
|
||||
|
||||
Because of the legal exposure that comes with running an exit relay, you should not run a Tor exit relay from your home.
|
||||
Ideal exit relay operators are affiliated with some institution, like a university, a library, a hackerspace or a privacy related organization.
|
||||
@ -56,7 +56,7 @@ If you are considering running an exit relay, please read the [section on legal
|
||||
|
||||
The design of the Tor network means that the IP address of Tor relays is public.
|
||||
However, one of the ways Tor can be blocked by governments or ISPs is by blocklisting the IP addresses of these public Tor nodes.
|
||||
Tor bridges are nodes in the network that are not listed in the public Tor directory, which make it harder for ISPs and governments to block them.
|
||||
Tor bridges are nodes in the network that are not listed in the public Tor directory, which makes it harder for ISPs and governments to block them.
|
||||
|
||||
Bridges are useful for Tor users under oppressive regimes or for people who want an extra layer of security because they're worried somebody will recognize that they are contacting a public Tor relay IP address.
|
||||
Several countries, including China and Iran, have found ways to detect and block connections to Tor bridges.
|
||||
|
@ -24,11 +24,11 @@ Complete this checklist before running a Tor training.
|
||||
|
||||
## About the Venue
|
||||
|
||||
* The venue has enough tables and chairs to everyone
|
||||
* The venue has enough tables and chairs for everyone
|
||||
|
||||
* The venue has internet connection and I know the wifi password
|
||||
* The venue has an internet connection and I know the wifi password
|
||||
|
||||
* It has a projector or TV available and works on my computer
|
||||
* There is a projector or TV available and works with my computer
|
||||
|
||||
## Audience & Communication
|
||||
|
||||
@ -52,7 +52,7 @@ Before starting the training, make sure you:
|
||||
|
||||
## After the Training
|
||||
|
||||
* Collect participants feedback
|
||||
* Collect participants' feedback
|
||||
|
||||
* Leave an e-mail for further contact and support
|
||||
|
||||
|
@ -5,21 +5,21 @@ title: Risks
|
||||
body:
|
||||
|
||||
To our knowledge, no Tor trainer has ever faced consequences as a result of training others or speaking about Tor.
|
||||
However, in some countries and in certain circumstances, it's possible that simply a gathering of human rights defenders could be risky, illegal, or even subject someone to imprisonment, physical assaults, large fines, threats, placement on government watch lists, and targeting for surveillance.
|
||||
However, in some countries and in certain circumstances, it's possible that simply a gathering as human rights defenders could be risky, illegal, or even lead to imprisonment, physical assaults, large fines, threats, placement on government watch lists, and targeting for surveillance.
|
||||
|
||||
If you want to run a Tor training for the first time and you don't know how to assess the political and social environment, we strongly encourage you read this document and, in case of doubt, to reach out to the Tor Community Team privately.
|
||||
|
||||
Some potential risks of running a digital security training are only valid in specific contexts.
|
||||
The potential risks associated with running a Tor training depend on:
|
||||
|
||||
1. **Your threat model.** A high-profile activist already under a lot of surveillance, for example, might attract more attention when reaching out other activists to run a digital security training.
|
||||
1. **Your threat model.** A high-profile activist already under a lot of surveillance, for example, might attract more attention when reaching out to other activists to run a digital security training.
|
||||
2. **The laws and regulations in the country.** Consult with local lawyers and local freedom of expression organizations and learn whether your country has a record in prosecuting individuals engaging in similar types of activities.
|
||||
3. **The types of training.** Not all trainings carry the same weight in terms of potential risk.
|
||||
For example, talking about privacy in the digital age might be appreciable, but teaching how to circumvent government censorship could be a serious felony.
|
||||
4. **The audience.** Gathering university students might not attract attention, but if you're gathering a group of journalists working with leaked documents about government corruption, you might need to be extra careful on how to reach out them in a private way.
|
||||
For example, talking about privacy in the digital age might be appreciated, but teaching how to circumvent government censorship could be a serious felony.
|
||||
4. **The audience.** Gathering university students might not attract attention, but if you're gathering a group of journalists working with leaked documents about government corruption, you might need to take extra care to reach out to them in a private way.
|
||||
5. **The training venue.** Running a Tor training in some spaces could expose your participants' identities.
|
||||
Ideally, you should use a private space where you control the participants' entrance.
|
||||
If the space isn't private, check before the training to find out if participants are comfortable revealing their identity to a third party.
|
||||
If the space isn't private, check before the training to find out if participants are comfortable with revealing their identity to a third party.
|
||||
|
||||
## Evaluating risks
|
||||
|
||||
|
@ -24,7 +24,7 @@ First of all, make sure you read the [Tor Code of Conduct](https://gitweb.torpro
|
||||
At Tor, we collect only necessary data to improve our services; we don't collect invasive data about user behaviors - we test our software, not people.
|
||||
|
||||
## Be a good listener and open-minded
|
||||
Listening is a skill to build bridges. In Tor, we want people to build bridges, not walls - and we believe this is not just for our services, but as well for our communities. Get in here to read some suggestions about being a better listener and make a great research experience. <link>
|
||||
Listening is a skill to build bridges. In Tor, we want people to build bridges, not walls - and we believe this is not just for our services, but also for our communities. Get in here to read some suggestions about being a better listener and make a great research experience. <link>
|
||||
|
||||
## Learn
|
||||
When we are in Tor training, we listen to the stories people tell us about their context, about the laws of the Internet, and the difficulties they are going through. This is how we learn how we can help and create new mechanisms to facilitate access to information through Tor products. When we listen, we do research, we learn.
|
||||
@ -43,9 +43,9 @@ Send us the result - you don't have to write a report, we can do this data analy
|
||||
## Coordinate with the trainer and the Tor UX team
|
||||
You're not doing all this work alone - we will support you with meetings, guides, and mentorship if you want. You can join us at any time on our IRC channel #tor-ux and our [mailing list](https://lists.torproject.org/cgi-bin/mailman/listinfo/ux).
|
||||
|
||||
You must be aligned about the agenda and time to run interviews (if that is the case) during the end of the training. **We strongly recommend that you go through the program of the exercise with the trainer**. Also, we want you two to coordinate feedbacks together — both for you and for your audience.
|
||||
You must be aligned about the agenda and time to run interviews (if that is the case) during the end of the training. **We strongly recommend that you go through the program of the exercise with the trainer**. Also, we want you two to coordinate feedback together — both for you and for your audience.
|
||||
|
||||
By the beginning of the training, be sure to let everyone know whats your role there and why you're taking notes of the practice.
|
||||
At the beginning of the training, be sure to let everyone know what is your role there and why you're taking notes on the practice.
|
||||
|
||||
## Get prepared!
|
||||
Print and bring with you the material that you will need to run the research - that will probably be something like:
|
||||
@ -54,22 +54,24 @@ Print and bring with you the material that you will need to run the research - t
|
||||
* Usability test
|
||||
* Usability methodology
|
||||
|
||||
It is easier to have this material printed and in hands, but if you prefer, you can also type it on your computer.
|
||||
It is easier to have this material printed and in hand, but if you prefer, you can also type it on your computer.
|
||||
|
||||
Keep in mind that you might not have a useful Internet in the venue, so if you're going to install a Tor feature with someone during the interview, you may need to have it downloaded before the training.
|
||||
Keep in mind that you might not have Internet access at the venue, so if you're going to install a Tor feature with someone during the interview, you may need to have it downloaded before the training.
|
||||
|
||||
## Report to Tor UX team
|
||||
Before ending the training, coordinate with the trainer the feedbacks, you two should work together to hand out post-its for the audience, you can give one post-it on each color and ask them to fill it with what they think about: 1. the service they just learned; 2. Tor project; and 3. Tor in general. It can also be questions - keep in mind that every feedback is a good feedback.
|
||||
Before ending the training, coordinate the feedback with the trainer. The two of you should work together to hand out post-its for the audience, you can give each participant post-it of a different color per question and ask them to fill it with what they think about: 1. the service they just learned; 2. Tor project; and 3. Tor in general. It can also be questions - keep in mind that any feedback is a good feedback.
|
||||
|
||||
It is very important for us to hear back from you. We want to know how the training and the research was for you, how we can improve our support and also, if you want to keep running Tor User Research. We will ask you to fill a form by the end of the research, so we can get your address to send to you a researcher kit (t-shirts and stickers). We hope to hear back from you very soon!
|
||||
It is very important for us to hear back from you. We want to know how the training and the research was for you, how we can improve our support and also, if you want to keep running Tor User Research. We will ask you to fill a form at the end of the research, so we can get your address to send to you a researcher kit (t-shirt and stickers).
|
||||
We hope to hear back from you very soon!
|
||||
|
||||
We will send you our document on **how to report** to the UX team, so please [get in touch](https://lists.torproject.org/cgi-bin/mailman/listinfo/ux) with us to get it. If you think you won't have time to gather and report in this format, we would love to have another way to get the material you collected. You can take pictures or send your ´raw´ notes for us.
|
||||
We will send you our document on **how to report** to the UX team, so please [get in touch](https://lists.torproject.org/cgi-bin/mailman/listinfo/ux) with us to get it.
|
||||
If you think you won't have time to gather and report in this format, we would love to have another way to get the material you collected. You can take pictures or send your ´raw´ notes for us.
|
||||
|
||||
## Additional links
|
||||
|
||||
* [Strength in Numbers: Usable Tools Don't Need to Be Invasive](https://blog.torproject.org/strength-numbers-usable-tools-dont-need-be-invasive)
|
||||
|
||||
There are plenty of documents online about how to run a User Research, here you can find some of them:
|
||||
There are plenty of documents online about how to run User Research, here you can find some of them:
|
||||
* [Design Kit: The Human-Centered Design Toolkit](https://www.ideo.com/post/design-kit)
|
||||
* [Simply Secure Knowledge Base](https://simplysecure.org/knowledge-base/)
|
||||
* [OK Thanks Exploratorium ](https://okthanks.com/exploratorium)
|
||||
|
Loading…
Reference in New Issue
Block a user