TorLang (Tor implemented in Erlang)

Source code repository



Tor is currently implemented in C which makes it possible for an attacker to find vulnerabilities specific to unmanaged environment such as buffer overflows. Successfully compromised Tor nodes could lead to leakage of plaintext traffic and (since every node runs the same implementation) disclosure of a whole circuit. This way, even hidden services could be discovered and localized, which gives people running these a false sense of security/anonimity.

Why Erlang

  • managed -> security
  • scalablility
  • free as in both senses
  • available to a wide range of operating systems

Potential sources of code reuse

  • ErlTunnel (MIT license)
  • Surrogate forward/reverse proxy (Apache 2.0)
  • Tsung load testing tool with HTTP/HTTPS support (undeclared license -> copyright?)


Contributors to this page: dnet and maxigas .
Page last modified on Tuesday 17 of May, 2011 17:17:18 CEST by dnet.

Upcoming Events

No records to display