This project is abandoned and (due to changes to Chrome Certificate Validation) non-functional. It exists for historical purposes only.
Subshard is an attempt to make a better 'Tor browser' - based on Chrome instead of Firefox, and using a client-server model instead of a 'thick client'.
How it works
Subshard has two parts: The client script (which launches and controls Chrome for you) and subshard-serv, a server component where Chrome tunnels all traffic.
When you launch subshard, a separate chrome instance starts which is bound to a subshard server. All traffic goes through your server, proxy style.
You configure which domains go to Tor and which URLs go to the open internet. You can configure domains to be blocked, such as ad domains or websites which can identify you (prevent yourself from absent-mindedly logging into facebook).
Why do you believe this is better than the Tor bundle?
The Tor browser is an easy target for browser exploits. Such approaches are known and effective attack vectors by modern adversaries.
- Firefox lacks a lot of generic exploit protections that other browsers implement.
- The Tor browser cuts its updates from Extended Support Release, often getting important security fixes months after it is patched. Chrome, by contrast prioritises these releases and has them out typically in 2 weeks. They also do some patching to mitigate this, but I can't say I have the highest of confidence in this approach.
- There are comparitively few versions of the browser bundle, meaning exploit writers have an easier job targeting exploits for Tor users. Ideally, a large number of browsers with diverse code bases are used, making targeted exploits harder.
- All Tor traffic is generated on the server, meaning your local network cannot easily detect Tor is in use. Rather, they see a HTTPS proxy connection. This also simplifies client configuration.
- Subshard is an attempt to bring the best of Chromes security into the Tor ecosystem.
Other features
- Entirely separate chrome instance - no sharing of cookies / history / local storage / extensions.
- Bright red color theme means it is always obvious which chrome you are in.
- Serverside domain blacklists can help to prevent accidental browsing to certain sites, or prevent traffic hitting certain domains (eg: ad domains).
- Automatically forward traffic on specific domains to another SOCKS/HTTP/HTTPS proxy. These rules are defined by regexes on the server (see: Forwarders).
- Multiple user support
- We have an extension -
subshard guard- that hacks in basic first-party isolation for Tor domains. This is the one feature of Firefox that I miss.
Downsides
- Less tried-and-tested than the Tor browser.
- Tor traffic is generated on the server, so we must trust the Server.
Installation
Server
Please see our instructions on installing the server.
Client
Windows: Unfortunately, I dont have packaging for Windows. Please see here for some basic instructions for manually getting it working. If you know windows, please help me get it packaged.
OSX/Debian: Setting up a client on your machine should be as trivial as installing a package for your OS, doing two configuration steps for your first run, and then using it! Make sure you have Chrome stable already installed, and please follow our instructions for your platform.
Troubleshooting
For issues in your Client: Client Troubleshooting
References
- Hacking Subshard - A lay of the
landsource + design - Installing the server
I need your help!
- (!) It needs to be packaged (to a zip, msi, something) for Windows. Help?
- Make options page for Subshard Guard Chrome Extension work.
- Make symlinks for our binaries in /usr/local/bin on OSX.
- Fix the sysv 'service' wrapper for the server .deb package.
- Code cleanup around proxy initialization and Authentication.
- Support for Client certificate authentication.
- Automated testing for important security features, rather than me manually testing each release.
- Salt the password in configuration.
- More security features!