anonymity advocacy

Updated 06/30/2010: Mention Reduced Exit Policy, ISP Shopping Tips, and Abuse Response Templates

Updated 08/30/2010: Update exit policy with svn, git, hg, Kerberos, remote admin panels, IRC, others

I have noticed that a lot of new exit nodes have recently appeared on the network. This is great news, since exit nodes are typically on the scarce side. Exits usually occupy 30-33% of network by capacity, but are currently at a whopping 38.5% (156 MBytes/sec out of 404 total).

However, I want to make sure that these nodes stay up and don't end up being shut down due to easily preventable abuse complaints. I've run a number of exit nodes on a few different ISPs and not only have I lived to tell about it, I've have not had one shut down yet. Moreover, I've only received about 4 abuse complaints in as many years of running exit nodes. This is in stark contrast to other node operators following a more reactive strategy. I'm convinced this is largely because I observe the following pro-active guidelines. read more »

New releases

On August 4, we released Tor Browser Bundle 1.2.7. It is updated primarily due to Firefox 3.0.13 with its ssl fixes.

The full changelist is:
1.2.7: Released 2009-08-04

• update Firefox to 3.0.13
• add Polish translation
• update libevent to 1.4.12

On August 19, we released Tor Browser Bundle 1.2.8. The big changes are the inclusion of statically linked openssl dlls to resolve a few geoip lookup and functionality issues with Vidalia, and the upgrade to the new Vidalia 0.2.2.

The full list of updates and fixes: read more »

• update Torbutton to 1.2.2
• update Vidalia to 0.2.2
• compile OpenSSL 0.9.8k with Visual C to make dlls
• update Pidgin to 2.6.1

There have been some recent stories in the news about various "anonymous" bloggers and commenters being unmasked by court order. A business promises not to give up your identity unless forced to do so via court order. This is anonymity by policy. If a business doesn't have your identity, then there is nothing to divulge. This is anonymity by design. read more »

New releases

On July 8th, we released Vidalia 0.1.15..

On July 8th, we updated the Tor 0.2.0.35-stable bundles with the new Vidalia to fix an ssl issue and the Firefox Torbutton extension installation for OS X users.

On July 8th, we released Tor 0.2.1.17-rc.

Tor Browser Bundle 1.2.3 was released on July 8, 2009.
TBB 1.2.3 was replaced by 1.2.4 on July 11, 2009
TBB 1.2.5 was released on July 25th. It solely included an update to Tor 0.2.1.18 . read more »

New releases

On June 20th we released Tor 0.2.1.16-rc.
On June 21st, we released Tor Browser Bundle 1.2.1.
On June 23rd, we released Tor Browser Bundle 1.2.2.
On June 24th, we released Tor 0.2.0.35-stable. We expect that this release is the last of the 0.2.0.x -stable series, soon to be replaced with the 0.2.1.x series.
On June 30th, we released Vidalia 0.1.14.

Censorship circumvention

Packaged rpms for Red Flag Linux version 6. Red Flag Linux is reported to be the new operating system for all Internet cafe's in China. So far, no one has seen this conversion actually happen, but now we're ready if it does.

Our email autoresponder, gettor , received a number of patches to deal with dkim issues, including finding a dkim bug that prevented yahoo email users from fetching Tor. This bug has been fixed. Additionally, we've whitelisted some domains where we read more »

New releases
On May 25, we released Tor 0.2.1.15-rc.
On May 17, we released Tor VM 0.0.2.
On May 25, we released Vidalia 0.1.13 containing read more »

• Remove an old warning on the relay settings page that running a bridge
  relay requires Tor 0.2.0.8-alpha or newer.
• Add a workaround for a bug that prevented Vidalia's tray icon from
  getting added to the system notification area on Gnome when Vidalia was
  run on system startup. Patch by Steve Tyree. (Ticket #247)
• Fix a bug that prevented the control panel from displaying when
  running on the Enlightenment window manager. Patch by Steve Tyree.
• Rename the CMake variables used to store the location of Qt's lupdate
  and lrelease executables. Recent versions of CMake decided to use the
  same variable name, which was stomping on mine, resulting in the wrong
  lupdate and lrelease executables being used.

We worked with Sami from Global Voices to update their guide to blogging anonymously. The big changes are more screenshots, easier instructions, and suggested use of the Tor Browser Bundle by default; as it's generaly plug and play.

The Citizen Media Law Project also has a good guide to anonymity online. Be sure to check out the legal challenges to anonymity online and legal protections to anonymous speech as well.

New releases, new hires, new funding
On February 8, we released versions 0.2.0.34-stable and 0.2.1.12-alpha.

Tor 0.2.0.34 features several more security-related fixes. You should upgrade, especially if you run an exit relay (remote crash) or a directory authority (remote infinite loop), or you're on an older (pre-XP) or not-recently-patched Windows (remote exploit).

This release marks end-of-life for Tor 0.1.2.x. Those Tor versions have many known flaws, and nobody should be using them. You should upgrade. If you're using a Linux or BSD and its packages are obsolete, stop using those packages and upgrade anyway.

Enhancements
In Tor 0.2.1.12-alpha, if we're using bridges and our network goes away, be more willing to forgive our bridges and try again when we get an application request. Bugfix on 0.2.0.x. read more »

Our fine green t-shirts have been a hit over the past few years. By the sheer number of requests we've received for another color, it appears not everyone is comfortable wearing the conversation starting green. We now have black t-shirts. Just like the green shirts, these are Fruit of the Loom "tagless" 100% cotton t-shirts. They have the Tor logo and domain name on the front, nothing on the back.

The conditions for receiving them are still the same: read more »

I was asked the other day why we don't advocate for just Tor as the one tool to rule them all. My glib answer is "of course we do, however the larger the toolbox, the better off the world."

Expanding on that notion, the various anonymity, privacy, and circumvention tools target different people and use cases. Tor advocates for Anonymity first, circumvention second. It would be very naive of us to think that we can solve all use cases. In fact, it would be silly of us to try to dictate the needs of any user. The larger the ecosystem of privacy and anonymity tools, the more options for users, and the better off we are as a whole. read more »