Archive - Oct 2008

A few weeks ago, I watched some non-technical OS X users attempt to install the Vidalia-Tor Bundle. Many of them tried to drag the installation package to Applications. A few were surprised it required an installation at all.

In Vidalia trunk I committed a different way to install Vidalia, Tor, and Polipo. In this new dmg, you just open it up and drag the Vidalia icon into Applications. You now have Tor, Vidalia, and Polipo pre-configured and running completely out of Applications. While this works well for users that never installed Tor/Vidalia before, it doesn't work so well for existing installations.

Is it smart to think users will un-install their existing Vidalia/Tor bundle before using the drag and drop installation method? My inclination is that it isn't smart. This installation method also removes the ability to automatically install Torbutton for Firefox.

In comparison, the current method is to ship a dmg which contains a metapackage. This metapackage contains a few scripts to run pre and post-installation, which do smart things to save current configurations, upgrade existing software binaries, and try to install Torbutton for Firefox. In general, this method has worked well for most users. I've heard from enough people to know they tried to drag and drop the metapackage into Applications at first, and when that didn't work, double-clicked the metapackage to start the installer.

I'm now leaning towards creating a Tor Browser Bundle for OS X; which can run out of the dmg or be installed via drag and drop. Much like the current Tor Browser Bundle (also, we should stop naming everything Tor), it would be self-contained and leave zero trace on the machine after closing. read more »

With the "enforcement" phase of Germany's data retention law coming
into effect on January 1 2009, it's time to start considering design
modifications for Tor to make us more resistant. There are many different
pieces to consider, including

• How should we change path selection so Tor clients are less at risk
  from German ISPs that decide to log?

• What exactly will German ISPs log, and who is supposed to have access
  to it?

• What suggestions should we give to German Tor relay operators, and
  German privacy advocates in general, about how they should fight this
  law without putting themselves too much at risk?

I propose some technical changes to Tor in this or-dev post:
http://archives.seul.org/or/dev/Oct-2008/msg00001.html

Stay tuned for the policy suggestions -- perhaps we'll cover those at 25C3!

An article about the debate over online anonymity in South Korea caught my eye for a few reasons. The topic of online anonymity periodically rises to the social consciousness in South Korea. This time, it's about the suicide of a well-known actress, Choi Jin-sil. It's sad that she chose to commit suicide, and I'm sorry she felt she had no where to go for help. However, blaming the Internet for her death is dubious at best. The Internet is a collection of networks. The Internet is a thing, not a person. While I dislike rude telemarketers, I don't blame the telephone company for providing the connection. In this case, there seemed to be a subset of people bent on defaming her regardless of the circumstances, while using the Internet as their communication medium.

The real goal behind this upswelling of support for banning anonymity is to pass the Cyber Defamation Law. This appears to be the equivalent of user verification where all online activities must be in a real name and, in some way, verifiable.

"We will press hard to pass the Cyber Defamation Law and the real-name system," Hong Joon-pyo, the ruling Grand National Party's floor leader, told reporters last week. "It is wrong to neglect the fact that violence is rampant online, due to anonymity."

Defamation is already a crime in South Korea. The irony is that the person who possibly first defamed Choi Jin-sil has been found, a person only known by their last name, Paik. According to the article,

"Paik was questioned by investigators soon after Choi's suicide and ultimately indicted for defamation." read more »

Tor 0.2.1.6-alpha further improves performance and robustness of hidden
services, starts work on supporting per-country relay selection, and
fixes a variety of smaller issues.

The original announcement can be found at
http://archives.seul.org/or/talk/Oct-2008/msg00093.html

Changes in version 0.2.1.6-alpha - 2008-09-30 read more »

• Major features:
• Implement proposal 121: make it possible to build hidden services
  that only certain clients are allowed to connect to. This is
  enforced at several points, so that unauthorized clients are unable
  to send INTRODUCE cells to the service, or even (depending on the
  type of authentication) to learn introduction points. This feature
  raises the bar for certain kinds of active attacks against hidden
  services. Code by Karsten Loesing.
• Relays now store and serve v2 hidden service descriptors by default,
  i.e., the new default value for HidServDirectoryV2 is 1. This is
  the last step in proposal 114, which aims to make hidden service
  lookups more reliable.
• Start work to allow node restrictions to include country codes. The
  syntax to exclude nodes in a country with country code XX is
  "ExcludeNodes {XX}". Patch from Robert Hogan. It still needs some
  refinement to decide what config options should take priority if
  you ask to both use a particular node and exclude it.
• Allow ExitNodes list to include IP ranges and country codes, just
  like the Exclude*Nodes lists. Patch from Robert Hogan.
• Major bugfixes:
  

Releases
Vidalia 0.1.9 (released September 2) fixes a big pile of bugs and inconveniences in the earlier releases. This new release marks the first "stable" release of Vidalia, in that we have now branched into a stable (0.1.x) branch and a development (0.2.x) branch.
http://trac.vidalia-project.net/browser/vidalia/tags/vidalia-0.1.9/CHANG...

Tor 0.2.0.31 (released September 3) addresses two potential anonymity issues, starts to fix a big bug we're seeing where in rare cases traffic from one Tor stream gets mixed into another stream, and fixes a variety of smaller issues.
http://archives.seul.org/or/announce/Sep-2008/msg00000.html

Tor 0.2.1.6-alpha (released September 30) further improves performance and robustness of hidden services, starts work on supporting per-country relay selection, and fixes a variety of smaller issues.
http://archives.seul.org/or/talk/Oct-2008/msg00093.html

Circumvention Enhancements
From the Vidalia 0.1.9 ChangeLog:
"Correct the location of the simplified Chinese help files so they will actually load again."

From the Tor 0.2.1.6-alpha ChangeLog:
"Start work to allow node restrictions to include country codes. The syntax to exclude nodes in a country with country code XX is "ExcludeNodes {XX}". Patch from Robert Hogan. It still needs some refinement to decide what config options should take priority if you ask to both use a particular node and exclude it."
This feature should allow users in China to specify that they don't want to enter (and/or exit) in China, which in theory could provide stronger security for them.

From the Tor 0.2.1.6-alpha ChangeLog:
"Allow ports 465 and 587 in the default exit policy again. We had rejected them in 0.1.0.15, because back in 2005 they were commonly misconfigured and ended up as spam targets. We hear they are better locked down these days." read more »