

The first security-compliant version of the client, supporting thread isolation and guarding nodes, is scheduled for release in October. In its current state, Arti can now connect to the Tor network, interact with directory servers and create anonymous connections through Tor with the provision of a proxy based on the SOCKS protocol.ĭevelopment still not recommended for use in production systems, as not all privacy features are implemented and backward compatibility at the API level is not guaranteed. Also, when developing a new project, all past experience with Tor development is taken into account, which will avoid known architectural problems, make the project more modular and efficient. Rust it will also allow you to achieve a faster development speed than using C, due to the expressiveness of the language and the strict guarantees that you don't waste time on double checks and writing unnecessary code. According to Tor developers, at least half of all vulnerabilities monitored by the project will be eliminated in the Rust deployment, if the code does not use "insecure" blocks. The reasons for rewriting Tor in Rust are cited as a desire to achieve a higher level of code security through the use of a language that guarantees safe work with memory. In a first approximation, if the code is compiled and is not explicitly marked as "unsafe", then the broad categories of errors are assumed to be impossible. Also, it has some really innovative features that allow the language to enforce certain security properties at compile time. It is a high-level language and significantly more expressive than C. Rust seems like the clearest way out of our predicament. Although C is venerable and ubiquitous, it is notoriously prone to usage errors, and its lack of high-level features makes many programming tasks more complex than they would be in a more modern language. Today's Tor is written in the C programming language. It has been funded for over a year with funds from the Zcash Open Major Grants (ZOMG) grant program. Unlike the C implementation, which was initially designed as a SOCKS proxy and only later adapted to other needs, Arti initially it is developed in the form of an integrated modular library that can be used by various applications. Prossimo, an ISRG project to secure Linux kernel memory with RustĪnd now another great joins to this fever and it is nothing more and nothing less than Tor, since recently its developers presented the Arti project, within which we are working to create an implementation of the Tor protocol in the Rust language.
