security fixes

Tor Browser Bundle 1.3.1 Released

phobos — Sat, 23 Jan 2010 04:53:13 -0800

The latest in the Tor Browser series, version 1.3.1 is released. This includes updates to Firefox, Pidgin, and Tor.

Tor 0.2.1.22 rotates two of the seven v3 directory authority keys and
locations, due to a security breach of some of the Torproject servers:
http://archives.seul.org/or/talk/Jan-2010/msg00161.html

It also fixes a privacy problem in bridge directory authorities -- it
would tell you its whole history of bridge descriptors if you make the
right directory request.

Everybody should upgrade:
https://www.torproject.org/easy-download

The changelog is:

1.3.1: Released 2010-01-22
update Firefox to 3.5.7
update Pidgin to 2.6.5
update Tor to 0.2.1.22

Tor 0.2.2.7-alpha released

phobos — Sat, 23 Jan 2010 04:48:28 -0800

alpha fixes a huge client-side performance bug, as well
as laying the groundwork for further relay-side performance fixes. It
also starts cleaning up client behavior with respect to the EntryNodes,
ExitNodes, and StrictNodes config options.

This release also rotates two directory authority keys, due to a security
breach of some of the Torproject servers:
http://archives.seul.org/or/talk/Jan-2010/msg00161.html

Everybody should upgrade:
https://www.torproject.org/download.html.en

Changes in version 0.2.2.7-alpha - 2010-01-19
o Directory authority changes:
- Rotate keys (both v3 identity and relay identity) for moria1
and gabelmoo.

o Major features (performance):
- We were selecting our guards uniformly at random, and then weighting
which of our guards we'd use uniformly at random. This imbalance
meant that Tor clients were severely limited on throughput (and
probably latency too) by the first hop in their circuit. Now we
select guards weighted by currently advertised bandwidth. We also
automatically discard guards picked using the old algorithm. Fixes
bug 1217; bugfix on 0.2.1.3-alpha. Found by Mike Perry.
- When choosing which cells to relay first, relays can now favor
circuits that have been quiet recently, to provide lower latency
for low-volume circuits. By default, relays enable or disable this
feature based on a setting in the consensus. You can override
this default by using the new "CircuitPriorityHalflife" config
option. Design and code by Ian Goldberg, Can Tang, and Chris
Alexander.
- Add separate per-conn write limiting to go with the per-conn read
limiting. We added a global write limit in Tor 0.1.2.5-alpha,
but never per-conn write limits.
- New consensus params "bwconnrate" and "bwconnburst" to let us
rate-limit client connections as they enter the network. It's
controlled in the consensus so we can turn it on and off for
experiments. It's starting out off. Based on proposal 163.

o Major features (relay selection options):
- Switch to a StrictNodes config option, rather than the previous
"StrictEntryNodes" / "StrictExitNodes" separation that was missing a
"StrictExcludeNodes" option.
- If EntryNodes, ExitNodes, ExcludeNodes, or ExcludeExitNodes
change during a config reload, mark and discard all our origin
circuits. This fix should address edge cases where we change the
config options and but then choose a circuit that we created before
the change.
- If EntryNodes or ExitNodes are set, be more willing to use an
unsuitable (e.g. slow or unstable) circuit. The user asked for it,
they get it.
- Make EntryNodes config option much more aggressive even when
StrictNodes is not set. Before it would prepend your requested
entrynodes to your list of guard nodes, but feel free to use others
after that. Now it chooses only from your EntryNodes if any of
those are available, and only falls back to others if a) they're
all down and b) StrictNodes is not set.
- Now we refresh your entry guards from EntryNodes at each consensus
fetch -- rather than just at startup and then they slowly rot as
the network changes.

o Major bugfixes:
- Stop bridge directory authorities from answering dbg-stability.txt
directory queries, which would let people fetch a list of all
bridge identities they track. Bugfix on 0.2.1.6-alpha.

o Minor features:
- Log a notice when we get a new control connection. Now it's easier
for security-conscious users to recognize when a local application
is knocking on their controller door. Suggested by bug 1196.
- New config option "CircuitStreamTimeout" to override our internal
timeout schedule for how many seconds until we detach a stream from
a circuit and try a new circuit. If your network is particularly
slow, you might want to set this to a number like 60.
- New controller command "getinfo config-text". It returns the
contents that Tor would write if you send it a SAVECONF command,
so the controller can write the file to disk itself.
- New options for SafeLogging to allow scrubbing only log messages
generated while acting as a relay.
- Ship the bridges spec file in the tarball too.
- Avoid a mad rush at the beginning of each month when each client
rotates half of its guards. Instead we spread the rotation out
throughout the month, but we still avoid leaving a precise timestamp
in the state file about when we first picked the guard. Improves
over the behavior introduced in 0.1.2.17.

o Minor bugfixes (compiling):
- Fix compilation on OS X 10.3, which has a stub mlockall() but
hides it. Bugfix on 0.2.2.6-alpha.
- Fix compilation on Solaris by removing support for the
DisableAllSwap config option. Solaris doesn't have an rlimit for
mlockall, so we cannot use it safely. Fixes bug 1198; bugfix on
0.2.2.6-alpha.

o Minor bugfixes (crashes):
- Do not segfault when writing buffer stats when we haven't observed
a single circuit to report about. Found by Fabian Lanze. Bugfix on
0.2.2.1-alpha.
- If we're in the pathological case where there's no exit bandwidth
but there is non-exit bandwidth, or no guard bandwidth but there
is non-guard bandwidth, don't crash during path selection. Bugfix
on 0.2.0.3-alpha.
- Fix an impossible-to-actually-trigger buffer overflow in relay
descriptor generation. Bugfix on 0.1.0.15.

o Minor bugfixes (privacy):
- Fix an instance where a Tor directory mirror might accidentally
log the IP address of a misbehaving Tor client. Bugfix on
0.1.0.1-rc.
- Don't list Windows capabilities in relay descriptors. We never made
use of them, and maybe it's a bad idea to publish them. Bugfix
on 0.1.1.8-alpha.

o Minor bugfixes (other):
- Resolve an edge case in path weighting that could make us misweight
our relay selection. Fixes bug 1203; bugfix on 0.0.8rc1.
- Fix statistics on client numbers by country as seen by bridges that
were broken in 0.2.2.1-alpha. Also switch to reporting full 24-hour
intervals instead of variable 12-to-48-hour intervals.
- After we free an internal connection structure, overwrite it
with a different memory value than we use for overwriting a freed
internal circuit structure. Should help with debugging. Suggested
by bug 1055.
- Update our OpenSSL 0.9.8l fix so that it works with OpenSSL 0.9.8m
too.

o Removed features:
- Remove the HSAuthorityRecordStats option that version 0 hidden
service authorities could have used to track statistics of overall
hidden service usage.

Tor 0.2.1.22 Released

phobos — Sat, 23 Jan 2010 04:46:20 -0800

Tor 0.2.1.22 rotates two of the seven v3 directory authority keys and
locations, due to a security breach of some of the Torproject servers:
http://archives.seul.org/or/talk/Jan-2010/msg00161.html

It also fixes a privacy problem in bridge directory authorities -- it
would tell you its whole history of bridge descriptors if you make the
right directory request.

Everybody should upgrade:
https://www.torproject.org/easy-download

Changes in version 0.2.1.22 - 2010-01-19
o Directory authority changes:
- Rotate keys (both v3 identity and relay identity) for moria1
and gabelmoo.

Tor Browser Bundle 1.2.9 Released

phobos — Fri, 11 Sep 2009 18:55:03 -0700

Tor Browser Bundle 1.2.9 is released today. It updates Firefox and Pidgin Instant Messaging client to address the security issues in the older versions, and includes the latest and greatest Vidalia.

TBB can be downloaded from https://www.torproject.org/torbrowser.

The details of the changes are:

update Vidalia to 0.2.4
update Qt to 4.5.2
update Pidgin to 2.6.2
update Firefox to 3.0.14

Tor 0.2.2.1-alpha released

phobos — Wed, 02 Sep 2009 12:32:58 -0700

Tor 0.2.2.1-alpha disables ".exit" address notation by default, allows
Tor clients to bootstrap on networks where only port 80 is reachable,
makes it more straightforward to support hardware crypto accelerators,
and starts the groundwork for gathering stats safely at relays.

https://www.torproject.org/download

We've been improving our packages and bundles:
Packaging changes:

Upgrade Vidalia from 0.1.15 to 0.2.3 in the Windows and OS X
installer bundles. See
https://trac.vidalia-project.net/browser/vidalia/tags/vidalia-0.2.3/CHAN...
for details of what's new in Vidalia 0.2.3.
Windows Vidalia Bundle: update Privoxy from 3.0.6 to 3.0.14-beta.
OS X Vidalia Bundle: move to Polipo 1.0.4 with Tor specific
configuration file, rather than the old Privoxy.
OS X Vidalia Bundle: Vidalia, Tor, and Polipo are compiled as
x86-only for better compatibility with OS X 10.6, aka Snow Leopard.
OS X Tor Expert Bundle: Tor is compiled as x86-only for
better compatibility with OS X 10.6, aka Snow Leopard.
OS X Vidalia Bundle: The multi-package installer is now replaced
by a simple drag and drop to the /Applications folder. This change
occurred with the upgrade to Vidalia 0.2.3.

Changes in version 0.2.2.1-alpha - 2009-08-26
Security fixes:

Start the process of disabling ".exit" address notation, since it
can be used for a variety of esoteric application-level attacks
on users. To reenable it, set "AllowDotExit 1" in your torrc. Fix
on 0.0.9rc5.

New directory authorities:

Set up urras (run by Jacob Appelbaum) as the seventh v3 directory
authority.

Major features:

New AccelName and AccelDir options add support for dynamic OpenSSL
hardware crypto acceleration engines.
Tor now supports tunneling all of its outgoing connections over
a SOCKS proxy, using the SOCKS4Proxy and/or SOCKS5Proxy
configuration options. Code by Christopher Davis.

Major bugfixes:

Send circuit or stream sendme cells when our window has decreased
by 100 cells, not when it has decreased by 101 cells. Bug uncovered
by Karsten when testing the "reduce circuit window" performance
patch. Bugfix on the 54th commit on Tor -- from July 2002,
before the release of Tor 0.0.0. This is the new winner of the
oldest-bug prize.

New options for gathering stats safely:

Directories that set "DirReqStatistics 1" write statistics on
directory request to disk every 24 hours. As compared to the
--enable-geoip-stats flag in 0.2.1.x, there are a few improvements:
1) stats are written to disk exactly every 24 hours; 2) estimated
shares of v2 and v3 requests are determined as mean values, not at
the end of a measurement period; 3) unresolved requests are listed
with country code '??'; 4) directories also measure download times.
Exit nodes that set "ExitPortStatistics 1" write statistics on the
number of exit streams and transferred bytes per port to disk every
24 hours.
Relays that set "CellStatistics 1" write statistics on how long
cells spend in their circuit queues to disk every 24 hours.
Entry nodes that set "EntryStatistics 1" write statistics on the
rough number and origins of connecting clients to disk every 24
hours.
Relays that write any of the above statistics to disk and set
"ExtraInfoStatistics 1" include the past 24 hours of statistics in
their extra-info documents.

Minor features:

New --digests command-line switch to output the digests of the
source files Tor was built with.
The "torify" script now uses torsocks where available.
The memarea code now uses a sentinel value at the end of each area
to make sure nothing writes beyond the end of an area. This might
help debug some conceivable causes of bug 930.
Time and memory units in the configuration file can now be set to
fractional units. For example, "2.5 GB" is now a valid value for
AccountingMax.
Certain Tor clients (such as those behind check.torproject.org) may
want to fetch the consensus in an extra early manner. To enable this
a user may now set FetchDirInfoExtraEarly to 1. This also depends on
setting FetchDirInfoEarly to 1. Previous behavior will stay the same
as only certain clients who must have this information sooner should
set this option.
Instead of adding the svn revision to the Tor version string, report
the git commit (when we're building from a git checkout).

Minor bugfixes:

If any the v3 certs we download are unparseable, we should actually
notice the failure so we don't retry indefinitely. Bugfix on
0.2.0.x; reported by "rotator".
If the cached cert file is unparseable, warn but don't exit.
Fix possible segmentation fault on directory authorities. Bugfix on
0.2.1.14-rc.
When Tor fails to parse a descriptor of any kind, dump it to disk.
Might help diagnosing bug 1051.

Deprecated and removed features:

The controller no longer accepts the old obsolete "addr-mappings/"
or "unregistered-servers-" GETINFO values.
Hidden services no longer publish version 0 descriptors, and clients
do not request or use version 0 descriptors. However, the old hidden
service authorities still accept and serve version 0 descriptors
when contacted by older hidden services/clients.
The EXTENDED_EVENTS and VERBOSE_NAMES controller features are now
always on; using them is necessary for correct forward-compatible
controllers.
Remove support for .noconnect style addresses. Nobody was using
them, and they provided another avenue for detecting Tor users
via application-level web tricks.

July 2009 Progress Report

phobos — Mon, 10 Aug 2009 01:07:57 -0700

New releases

On July 8th, we released Vidalia 0.1.15..

On July 8th, we updated the Tor 0.2.0.35-stable bundles with the new Vidalia to fix an ssl issue and the Firefox Torbutton extension installation for OS X users.

On July 8th, we released Tor 0.2.1.17-rc.

Tor Browser Bundle 1.2.3 was released on July 8, 2009.
TBB 1.2.3 was replaced by 1.2.4 on July 11, 2009
TBB 1.2.5 was released on July 25th. It solely included an update to Tor 0.2.1.18 .
TBB 1.2.6 was released on July 28th. It solely included an update to Tor 0.2.1.19.

On July 24th, we released Tor 0.2.1.18.

On July 28th, we released Tor 0.2.1.19.

Make Tor a better tool for users in censored countries

Tor 0.2.1.18 is our new stable. That is, this is the first stable release
of the 0.2.1.x branch. The 0.2.0.x branch went stable in July of 2008.
From the 0.2.1.18 release:

If the bridge config line doesn't specify a port, assume 443.
This makes bridge lines a bit smaller and easier for users to
understand.

If we're using bridges and our network goes away, be more willing
to forgive our bridges and try again when we get an application
request.

Architecture and technical design docs for Tor enhancements related to blocking-resistance.

Proposal 166 details four steps we're taking to safely collect data
about Tor's network performance and network usage: 1) directory client
counts by country, 2) entry guard client counts by country, 3) relay
cell statistics, and 4) exit traffic by port and volume.
https://git.torproject.org/checkout/tor/master/doc/spec/proposals/166-st...

Hide Tor's network signature

Part of the reason why Tor might be especially slow in Iran could
be that they're doing deep packet inspection (DPI) to throttle SSL
connections. Tor's strategy of looking like SSL might turn out to be a
bad move in this case. It's hard to tell whether the SSL throttling is
actually happening, of course, because we get plenty of mixed information
from our sources in Iran. But if it *is* happening, we should start
investigating traffic obfuscation approaches that a) don't look like SSL,
but b) don't look recognizably like any other protocol.

Some other Iran circumvention developers have come up with a patch to
obfuscate ssh traffic:
http://github.com/brl/obfuscated-openssh/tree/master
http://c-skills.blogspot.com/2008/12/sshv2-trickery.html

Sometime soon we should start looking at designs to super-encrypt the
Tor link traffic in this way.

Grow the Tor network and user base. Outreach

On July 1st, Andrew gave a detailed Tor talk at the National Cyber Forensics and Training Alliance. Andrew's blog about the event is at https://blog.torproject.org/blog/visit-ncfta.

On July 7th, Andrew was a panelist for the CIMA/NED discussion on Iran and the Role of New Media, http://cima.ned.org/events/new-media-in-iran.html. Andrew's blog about the event is at https://blog.torproject.org/blog/cimaned-panel-iran-and-new-media.

On July 15th, Andrew presented Tor at Webinno22, http://www.webinnovatorsgroup.com/2009/07/06/the-webinno22-demo-companie.... Further discussions about online privacy startups and business deals with various investors and their seed companies are continuing since this event.

Tor 0.2.1.16-rc Release Candidate now available

phobos — Wed, 24 Jun 2009 07:32:45 -0700

Tor 0.2.1.16-rc speeds up performance for fast exit relays, and fixes
a bunch of minor bugs.

https://www.torproject.org/download

Changes in version 0.2.1.16-rc - 2009-06-20
Security fixes:

Fix an edge case where a malicious exit relay could convince a
controller that the client's DNS question resolves to an internal IP
address. Bug found and fixed by "optimist"; bugfix on 0.1.2.8-beta.

Major performance improvements (on 0.2.0.x):

Disable and refactor some debugging checks that forced a linear scan
over the whole server-side DNS cache. These accounted for over 50%
of CPU time on a relatively busy exit node's gprof profile. Found
by Jacob.
Disable some debugging checks that appeared in exit node profile
data.

Minor features:

Update to the "June 3 2009" ip-to-country file.
Do not have tor-resolve automatically refuse all .onion addresses;
if AutomapHostsOnResolve is set in your torrc, this will work fine.

Minor bugfixes (on 0.2.0.x):

Log correct error messages for DNS-related network errors on
Windows.
Fix a race condition that could cause crashes or memory corruption
when running as a server with a controller listening for log
messages.
Avoid crashing when we have a policy specified in a DirPolicy or
SocksPolicy or ReachableAddresses option with ports set on it,
and we re-load the policy. May fix bug 996.
Hidden service clients didn't use a cached service descriptor that
was older than 15 minutes, but wouldn't fetch a new one either,
because there was already one in the cache. Now, fetch a v2
descriptor unless the same descriptor was added to the cache within
the last 15 minutes. Fixes bug 997; reported by Marcus Griep.

Minor bugfixes (on 0.2.1.x):

Don't warn users about low port and hibernation mix when they
provide a *ListenAddress directive to fix that. Bugfix on
0.2.1.15-rc.
When switching back and forth between bridge mode, do not start
gathering GeoIP data until two hours have passed.
Do not complain that the user has requested an excluded node as
an exit when the node is not really an exit. This could happen
because the circuit was for testing, or an introduction point.
Fix for bug 984.

The original announcement can be found at http://archives.seul.org/or/talk/Jun-2009/msg00288.html

Tor 0.2.1.13-alpha released

phobos — Thu, 12 Mar 2009 22:32:59 -0700

Tor 0.2.1.13-alpha includes another big pile of minor bugfixes and
cleanups. We're finally getting close to a release candidate.

https://www.torproject.org/download

Changes in version 0.2.1.13-alpha - 2009-03-09
Major bugfixes:

Correctly update the list of which countries we exclude as
exits, when the GeoIP file is loaded or reloaded. Diagnosed by
lark. Bugfix on 0.2.1.6-alpha.

Minor bugfixes (on 0.2.0.x and earlier):

Automatically detect MacOSX versions earlier than 10.4.0, and
disable kqueue from inside Tor when running with these versions.
We previously did this from the startup script, but that was no
help to people who didn't use the startup script. Resolves bug 863.
When we had picked an exit node for a connection, but marked it as
"optional", and it turned out we had no onion key for the exit,
stop wanting that exit and try again. This situation may not
be possible now, but will probably become feasible with proposal
158. Spotted by rovv. Fixes another case of bug 752.
Clients no longer cache certificates for authorities they do not
recognize. Bugfix on 0.2.0.9-alpha.
When we can't transmit a DNS request due to a network error, retry
it after a while, and eventually transmit a failing response to
the RESOLVED cell. Bugfix on 0.1.2.5-alpha.
If the controller claimed responsibility for a stream, but that
stream never finished making its connection, it would live
forever in circuit_wait state. Now we close it after SocksTimeout
seconds. Bugfix on 0.1.2.7-alpha; reported by Mike Perry.
Drop begin cells to a hidden service if they come from the middle
of a circuit. Patch from lark.
When we erroneously receive two EXTEND cells for the same circuit
ID on the same connection, drop the second. Patch from lark.
Fix a crash that occurs on exit nodes when a nameserver request
timed out. Bugfix on 0.1.2.1-alpha; our CLEAR debugging code had
been suppressing the bug since 0.1.2.10-alpha. Partial fix for
bug 929.
Do not assume that a stack-allocated character array will be
64-bit aligned on platforms that demand that uint64_t access is
aligned. Possible fix for bug 604.
Parse dates and IPv4 addresses in a locale- and libc-independent
manner, to avoid platform-dependent behavior on malformed input.
Build correctly when configured to build outside the main source
path. Patch from Michael Gold.
We were already rejecting relay begin cells with destination port
of 0. Now also reject extend cells with destination port or address
of 0. Suggested by lark.

Minor bugfixes (on 0.2.1.x):

Don't re-extend introduction circuits if we ran out of RELAY_EARLY
cells. Bugfix on 0.2.1.3-alpha. Fixes more of bug 878.
If we're an exit node, scrub the IP address to which we are exiting
in the logs. Bugfix on 0.2.1.8-alpha.

Minor features:

On Linux, use the prctl call to re-enable core dumps when the user
is option is set.
New controller event NEWCONSENSUS that lists the networkstatus
lines for every recommended relay. Now controllers like Torflow
can keep up-to-date on which relays they should be using.
Update to the "February 26 2009" ip-to-country file.

The original notice can be found at http://archives.seul.org/or/talk/Mar-2009/msg00047.html

January 2009 Progress Report

phobos — Sun, 22 Feb 2009 17:23:37 -0800

New releases, new hires, new funding

Tor 0.2.1.10-alpha (released January 6) fixes two major bugs in bridge
relays (one that would make the bridge relay not so useful if it had
DirPort set to 0, and one that could let an attacker learn a little bit
of information about the bridge's users), and a bug that would cause your
Tor relay to ignore a circuit create request it can't decrypt (rather
than reply with an error). It also fixes a wide variety of other bugs.
http://archives.seul.org/or/talk/Jan-2009/msg00078.html

Tor 0.2.1.11-alpha (released Jan 20) finishes fixing the "if your Tor is
off for a week it will take a long time to bootstrap again" bug. It also
fixes an important security-related bug reported by Ilja van Sprundel. You
should upgrade. (We'll send out more details about the bug once people
have had some time to upgrade.)
http://archives.seul.org/or/talk/Jan-2009/msg00171.html

Tor 0.2.0.33 (released Jan 21) fixes a variety of bugs that were making
relays less useful to users. It also finally fixes a bug where a relay or
client that's been off for many days would take a long time to bootstrap.
http://archives.seul.org/or/announce/Jan-2009/msg00000.html

Tor Browser Bundle 1.1.8 (released Jan 22) updates Tor to 0.2.1.11-alpha
(security update), updates OpenSSL to 0.9.8j (security update), updates
Firefox to 3.0.5, updates Pidgin to 2.5.4, and updates libevent to 1.4.9.
https://svn.torproject.org/svn/torbrowser/trunk/README

This month we also hired three new people: Martin Peck is working on
Tor VM, a new way of packaging Tor on Windows that will let people use
Youtube safely again; Mike Perry is working on Torbutton maintenance
and development and on Torflow, a set of scripts to do measurements on
the Tor network; and Andrew Lewman is our new executive director.

Enhancements
Major bugfixes in the Tor 0.2.1.10-alpha and 0.2.0.33 releases:
- If the cached networkstatus consensus is more than five days old,
discard it rather than trying to use it. In theory it could be useful
because it lists alternate directory mirrors, but in practice it just
means we spend many minutes trying directory mirrors that are long
gone from the network. Helps bug 887 a bit; bugfix on 0.2.0.x.

Tor 0.2.1.10-alpha contains cleanups that let Tor build on Google's
Android phone:
- Change our header file guard macros to be less likely to conflict
with system headers. Adam Langley noticed that we were conflicting
with log.h on Android.

Major bugfixes in the Tor 0.2.1.11-alpha and 0.2.0.33 releases:
- Discard router descriptors as we load them if they are more than
five days old. Otherwise if Tor is off for a long time and then
starts with cached descriptors, it will try to use the onion
keys in those obsolete descriptors when building circuits. Bugfix
on 0.2.0.x. Fixes bug 887.

Security bugfixes in the Tor 0.2.1.11-alpha and 0.2.0.33 releases:
- Fix a heap-corruption bug that may be remotely triggerable on
some platforms. Reported by Ilja van Sprundel.

Circuit-building speedups in Tor 0.2.1.10-alpha:
- When a relay gets a create cell it can't decrypt (e.g. because it's
using the wrong onion key), we were dropping it and letting the
client time out. Now actually answer with a destroy cell. Fixes
bug 904. Bugfix on 0.0.2pre8.

Scalability fixes from the Tor 0.2.0.33 ChangeLog:
- Clip the MaxCircuitDirtiness config option to a minimum of 10 seconds,
and the CircuitBuildTimeout to a minimum of 30 seconds. Warn the user if
lower values are given in the configuration. These fixes prevent a user
from rebuilding circuits too often, which can be a denial-of-service
attack on the network.
- When a stream at an exit relay is in state "resolving" or
"connecting" and it receives an "end" relay cell, the exit relay
would silently ignore the end cell and not close the stream. If
the client never closes the circuit, then the exit relay never
closes the TCP connection. Bug introduced in Tor 0.1.2.1-alpha;
reported by "wood".
- When sending CREATED cells back for a given circuit, use a 64-bit
connection ID to find the right connection, rather than an addr:port
combination. Now that we can have multiple OR connections between
the same ORs, it is no longer possible to use addr:port to uniquely
identify a connection.

Bootstrapping speedups in Tor 0.2.1.11-alpha:
- When our circuit fails at the first hop (e.g. we get a destroy
cell back), avoid using that OR connection anymore, and also
tell all the one-hop directory requests waiting for it that they
should fail. Bugfix on 0.2.1.3-alpha.

Architecture
Proposal 158 ("Clients download consensus + microdescriptors") suggests a
new way forward for reducing directory overhead for clients, and replaced
part of proposal 141. Rather than modifying the circuit-building protocol
to fetch a server descriptor inline at each circuit extend, we instead put
all of the information that clients need either into the consensus itself,
or into a new set of data about each relay called a microdescriptor.
https://svn.torproject.org/svn/tor/trunk/doc/spec/proposals/158-microdes...

From the 0.2.0.33 ChangeLog:
- Never use OpenSSL compression: it wastes RAM and CPU trying to compress
cells, which are basically all encrypted, compressed, or both. It also
made us stand out from other applications on the wire.

Advocacy
Jillian York continued blogging for us about the good uses of Tor:
http://www.knightpulse.org/blog/tor

"Federico Heinz advocates anonymous browsing in Argentina", Jan 8
http://www.knightpulse.org/blog/09/01/08/federico-heinz-advocates-anonym...

"Human Rights Organizations in Argentina welcome anonymous browsing", Jan 25
http://www.knightpulse.org/blog/09/01/25/human-rights-organizations-arge...

"Watch how you get around", Jan 30
http://www.knightpulse.org/blog/09/01/30/watch-how-you-get-around

Pre-configured bundles
Tor Browser Bundle 1.1.8 (released Jan 22) updates Tor to 0.2.1.11-alpha
(security update), updates OpenSSL to 0.9.8j (security update), updates
Firefox to 3.0.5, updates Pidgin to 2.5.4, and updates libevent to 1.4.9.
https://svn.torproject.org/svn/torbrowser/trunk/README

We continued work on Vidalia features to support where we want Tor
Browser Bundle to go. In particular, we're changing it to be able to
launch Firefox natively, rather than use the "PortableFirefox" pile of
complex scripts. We hope this change will also let users run a normal
Firefox alongside TBB. More on that in February.

We also continued work on Tor VM, a new way of packaging Tor on
Windows that will (among other things) let people use Youtube safely
again. Hopefully we'll have some simple instructions up about that in
February too.

Bridges
Major bugfixes in the Tor 0.2.1.10-alpha and 0.2.0.33 releases:
- Bridge relays that had DirPort set to 0 would stop fetching
descriptors shortly after startup, and then briefly resume
after a new bandwidth test and/or after publishing a new bridge
descriptor. Bridge users that try to bootstrap from them would
get a recent networkstatus but would get descriptors from up to
18 hours earlier, meaning most of the descriptors were obsolete
already. Reported by Tas; bugfix on 0.2.0.13-alpha.
- Prevent bridge relays from serving their 'extrainfo' document
to anybody who asks, now that extrainfo docs include potentially
sensitive aggregated client geoip summaries. Bugfix on
0.2.0.13-alpha.

Bugfixes in the Tor 0.2.1.10-alpha release:
- When we made bridge authorities stop serving bridge descriptors over
unencrypted links, we also broke DirPort reachability testing for
bridges. So bridges with a non-zero DirPort were printing spurious
warns to their logs. Bugfix on 0.2.0.16-alpha. Fixes bug 709.

New feature in Tor 0.2.1.10-alpha:
- New controller event "clients_seen" to report a geoip-based summary
of which countries we've seen clients from recently. Now controllers
like Vidalia can show bridge operators that they're actually making
a difference.
Vidalia will add support for this feature in February.

Alternate download methods
Our "gettor" email auto-responder is up and working:
https://svn.torproject.org/svn/projects/gettor/README
https://www.torproject.org/finding-tor#Mail

Thandy itself is working smoothly at this point too -- it can contact
the central repository, check all the keys, look in the registry and
compare the currently installed version to the new choices, fetch the
right packages, check all the signatures, and launch the install.

As of December we only had a new MSI-based installer for Tor, but not for
Vidalia, Torbutton, or Polipo. Now we do, though it's still in testing:
https://data.peertech.org/torbld

Translations
Our translation server is up and online:
https://translation.torproject.org/
https://www.torproject.org/translation-portal

We continued enhancements to the Chinese and Russian Tor website
translations. Our Farsi translation from this summer is slowly becoming
obsolete; we should solve that at some point.

Tor 0.2.1.12-alpha is released

phobos — Mon, 09 Feb 2009 15:29:18 -0800

Tor 0.2.1.12-alpha features several more security-related fixes. You
should upgrade, especially if you run an exit relay (remote crash) or
a directory authority (remote infinite loop), or you're on an older
(pre-XP) or not-recently-patched Windows (remote exploit). It also
includes a big pile of minor bugfixes and cleanups.

https://www.torproject.org/download.html.en

Changes in version 0.2.1.12-alpha - 2009-02-08
Security fixes:

Fix an infinite-loop bug on handling corrupt votes under certain
circumstances. Bugfix on 0.2.0.8-alpha.
Fix a temporary DoS vulnerability that could be performed by
a directory mirror. Bugfix on 0.2.0.9-alpha; reported by lark.
Avoid a potential crash on exit nodes when processing malformed
input. Remote DoS opportunity. Bugfix on 0.2.1.7-alpha.

Minor bugfixes:

Let controllers actually ask for the "clients_seen" event for
getting usage summaries on bridge relays. Bugfix on 0.2.1.10-alpha;
reported by Matt Edman.
Fix a compile warning on OSX Panther. Fixes bug 913; bugfix against
0.2.1.11-alpha.
Fix a bug in address parsing that was preventing bridges or hidden
service targets from being at IPv6 addresses.
Solve a bug that kept hardware crypto acceleration from getting
enabled when accounting was turned on. Fixes bug 907. Bugfix on
0.0.9pre6.
Remove a bash-ism from configure.in to build properly on non-Linux
platforms. Bugfix on 0.2.1.1-alpha.
Fix code so authorities _actually_ send back X-Descriptor-Not-New
headers. Bugfix on 0.2.0.10-alpha.
Don't consider expiring already-closed client connections. Fixes
bug 893. Bugfix on 0.0.2pre20.
Fix another interesting corner-case of bug 891 spotted by rovv:
Previously, if two hosts had different amounts of clock drift, and
one of them created a new connection with just the wrong timing,
the other might decide to deprecate the new connection erroneously.
Bugfix on 0.1.1.13-alpha.
Resolve a very rare crash bug that could occur when the user forced
a nameserver reconfiguration during the middle of a nameserver
probe. Fixes bug 526. Bugfix on 0.1.2.1-alpha.
Support changing value of ServerDNSRandomizeCase during SIGHUP.
Bugfix on 0.2.1.7-alpha.
If we're using bridges and our network goes away, be more willing
to forgive our bridges and try again when we get an application
request. Bugfix on 0.2.0.x.

Minor features:

Support platforms where time_t is 64 bits long. (Congratulations,
NetBSD!) Patch from Matthias Drochner.
Add a 'getinfo status/clients-seen' controller command, in case
controllers want to hear clients_seen events but connect late.

Build changes:

Disable GCC's strict alias optimization by default, to avoid the
likelihood of its introducing subtle bugs whenever our code violates
the letter of C99's alias rules.

The original announcement can be found at http://archives.seul.org/or/talk/Feb-2009/msg00054.html