Dear Phantoms,
The Phantom Protocol is intended to anonymize all internet traffic. We
should be able to rule out any application communicating over the
internet in standard fashion, once Phantom is running and active on a
computer.
In the design it was suggested to go as low level as necessary, in
order that applications don't even notice or need to notice, that they
are using our AP protocol instead of directly using IP with TCP or
UDP. This might lead to some application specific problems (e.g. DNS),
as Walter pointed out in another thread, but let's discuss these
problems and solutions for it in another thread.
So so far I found three different possibilities, that would allow us
to reach this goal:
(symbols and abbreviations explained at the bottom of the mail)
1: using Tun/Tap
2: overloading the socket API
3: netlink sockets
No.1 TunTap was already discussed in the thread Initial Research on
Implementation (
http://groups.google.com/group/phantom-protocol/t/
b379a10b877aa915). To sum it up:
[+] runs on Unix, Linux, Mac and Windows
[+] clean solution, easy for us to use/implement
[-] requires the user to create and configure a virtual TunTap network
interface (possible hurdle for many unexperienced users, resp. DAUs*)
[-] possibly requires root access to the computer
No. 2 is the idea of simply overloading the socket API used by the OS.
This could be done by ld_preload and perhaps in the user space (i am
not sure there).
[+] suitable for DAUs
([+] perhaps possible to run in user space)
[-] restriction to the possibilities and limits of the socket API.
No.3 using netlink sockets. This is basically the same as No.1 without
having all the work already done by someone else.
[+] perhaps possibility to find a solution that does not require the
set up of a virtual interface on the user side (DAU compatible)
[-] probably a lot of work for us
-------
That's what I've found out so far. There might be more than these
three possibilities, If I find another I will add it in this thread.
For now I am inviting you to discuss these three with me.
I will try to find out more about these solutions, so we can replace
some of the "perhapses" and "probablys" above.
see you... anonymized ;)
Michael
[Legend]
[+] marks an advantage of the specific approach
[-] marks a disadvantage of the specific approach
DAU is a useful German abbreviation. It stands for Dümmster
Anzunehmender User. Since there is no English pendant/translation of
this term, I'll be using the German one. DAU means "most stupid user
imaginable". The closest English term might be Luser.