Unlocked Again! Generation 2 Droplets are now live!
Generation 2 Droplets are now available. Existing droplet owners will be prioritized for upgrades should they wish - otherwise, everyone can resume requesting droplets.
Highlights of the G2 Update.
All droplets can now be started, stopped, and restarted by the Droplet Manager. There may be some issues with the certificate in these early days - but if you encounter an issue, just keep reloading the page until it works (it should work)
Additionally, all G2 servers now require you to use a Time-based One Time Password (TOTP). Any authentication app that supports TOTP will work. There is no communication with the server and this does not compromise your privacy or anonymity in any way. It is just to make sure only you can manage your server.
Security Info
First of all, may I say that between the ASCII QR Code Generation and the TOTP validator - I have done a fucken spectacular job. Especially since up to three nights ago I had no clue how I was gonna implement this whole manage your own droplet thing, yet alone how to do it securely.
Secondly, I have tried to be as safe as possible while implementing this update on the system and my server, and tried to remove as many vulnerable parts as possible. All inputs have been sanitized thoroughly, with all invalid inputs leading to errors. The entire system (except the list of droplets and their TOTP secrets that are used to calculate the TOTP codes) runs in one PHP script. This is visible for inspection and I would love any improvements you guys can recommend to the code. I am a very amateur developer and I will make mistakes and write security-compromising code due to inexperience.
Upcoming Feature: Backup
As part of the action list in the Droplet Manager, you will soon see a backup option which will allow users to backup their droplet. This is useful before you make any changes to the torrc file or the /var/lib/tor directory, or if you made any big changes to your site. This feature will also allow you to recover a backup if your server is broken, or create a new backup which will overwrite any previous backups... but more will be specified on this when the time comes.
Until then - I hope you lot take advantage of the new found freedom to use on your droplets and emmm... until next time 🙂