Archive

Tor Browser 4.5.3 is released

A new release for the stable Tor Browser is available from the Tor Browser Project page and also from our distribution directory.

Tor Browser 4.5.3 is based on Firefox ESR 31.8.0, which features important security updates to Firefox.

Moreover, it contains an updated OpenSSL, NoScript and Torbutton, a fix for a crash bug visible with the security slider level set to "High" and a backport of a Tor patch to improve usability on websites.

Here is the complete changelog since 4.5.2:

  • All Platforms
    • Update Firefox to 31.8.0esr
    • Update OpenSSL to 1.0.1o
    • Update NoScript to 2.6.9.27
    • Update Torbutton to 1.9.2.8
      • Bug 16403: Set search parameters for Disconnect
      • Bug 14429: Make sure the automatic resizing is disabled
      • Translation updates
    • Bug 16397: Fix crash related to disabling SVG
    • Bug 16403: Set search parameters for Disconnect
    • Bug 16446: Update FTE bridge #1 fingerprint
    • Bug 16430: Allow DNS names with _ characters in them (fixes
      nytimes.com) (Tor patch backport)

Tor Weekly News — July 2nd, 2015

Welcome to the twenty-sixth issue in 2015 of Tor Weekly News, the weekly newsletter that covers what’s happening in the Tor community.

Tor Messenger Third Alpha is out

Sukhbir Singh and Arlo Breault put out a third alpha version of Tor Messenger, the Instantbird-based instant messaging client with Tor and Off-the-Record encryption enabled by default.

This release comes with packages for Windows and Mac OS X, as well as 32-bit and 64-bit Linux. Major improvements include the ability to create XMPP accounts in-band (that is, by logging in with the desired account credentials, if the chat server supports this), meaning that users no longer have to create their accounts beforehand over a non-Tor connection; usability improvements to the Off-the-Record extension; an installable Arabic language pack, courtesy of Sherief Alaa (with more languages to follow); and other network- and application-related enhancements.

However, this is still an alpha release: “there may be serious privacy leaks and other issues”, so “please DO NOT recommend Tor Messenger to end users” just yet. If you’d like to test the software out, please see Sukhbir’s announcement for download links and installation instructions, then submit your feedback on Tor’s bug tracker with the “Tor Messenger” component, or on the tor-dev mailing list or IRC channel.

OnionBalance 0.0.1 is out

Donncha O’Cearbhaill, one of the students participating in the first-ever Tor Summer of Privacy, released the first alpha version of his OnionBalance tool. OnionBalance “provides load-balancing and redundancy for Tor hidden services by distributing client requests to multiple backend Tor instances”; if you run an onion service that handles a large number of client requests, or require automatic failover in the event that some of your hardware fails or is seized, OnionBalance will help to distribute the load evenly and efficiently.

The tool is currently under heavy development, and “there are likely bugs which cause the OnionBalance service to crash or not operate correctly”. “I would very much appreciate any feedback or bug reports. In particular I would like to improve the documentation and make the tool easier for operators to install and run”, writes Donncha. Please see the release announcement for further information and installation instructions.

Tor Weekly News turns two

The first issue of Tor Weekly News was sent out on July 3rd, 2013. Since the last anniversary, we’ve reported on many positive developments in the Tor community: work by Facebook security engineers to offer a Tor onion service for the world’s largest social network; the Library Freedom Project helping American public libraries to protect their patrons’ right to free expression with Tor; a significant community-chosen donation by Reddit to the Tor Project; credits for Tor and Tails in an Academy Award-winning documentary film; and of course the daily software development, research, and innovation that ensure security and anonymity for millions of Internet users around the world. Last month we were even able to lead our hundredth issue with the wonderful news that the United Nations Special Rapporteur on freedom of opinion and expression has endorsed the Tor Project’s work in his first report to the UN Human Rights Council.

We’re always grateful for help and suggestions; if you’d like to get involved, see the information below for more details. Many thanks to everyone who has helped to write and proofread this newsletter over the past two years.

Monthly status reports for June 2015

The wave of regular monthly reports from Tor project members for the month of June has begun. Damian Johnson released his report first (with an update on Nyx development), followed by reports from Karsten Loesing (on project management and Tor network tools), Jacob Appelbaum (on outreach and advocacy), David Goulet (on onion service development), and Pearl Crescent (on development of Tor Browser and related software).

Mike Perry sent out the report for the Tor Browser team.

Miscellaneous news

Griffin Boyce offered an update on the development status of Stormy, the one-click onion service setup tool: “Right now, the scripts are undergoing third-party testing to identify any obvious bugs before sending them to security auditors”.

Chloe posted details of an experiment to detect malicious Tor relays that might be stealing usernames and passwords that are not protected by HTTPS connections.

Juha Nurmi warned that an attacker is creating fake onion addresses that resemble those of popular onion services, including ahmia.fi, and using them to interfere with the content of onion pages as clients request them. Another update gives more information about the details of the attack.


This issue of Tor Weekly News has been assembled by Harmony.

Want to continue reading TWN? Please help us create this newsletter. We still need more volunteers to watch the Tor community and report important news. Please see the project page, write down your name and subscribe to the team mailing list if you want to get involved!

Tor Weekly News — June 24th, 2015

Welcome to the twenty-fifth issue in 2015 of Tor Weekly News, the weekly newsletter that covers what’s happening in the Tor community.

Adopt an onion with Nos Oignons

Alongside the thousands of individual Tor relay operators who donate their time, expertise, and resources in order to build a fast and stable Tor network, a number of Tor relay organizations (independent of the Tor Project itself) have been set up in several countries. These groups make use of the benefits that formal non-profit status brings — such as funding opportunities, resource pooling, and legal advice — to set up and operate fast, secure Tor relays, and often to represent Tor and Tor users in local-language media. Torservers.net — the Germany-based relay organization and umbrella group for these projects — currently lists fourteen partner organizations in eleven countries, with more on the way.

Nos Oignons, the French Torservers.net partner, runs five high-capacity relays on three machines that together handle a fiftieth of current Tor traffic. The bandwidth for one of these is generously provided by the registrar and hosting company Gandi, but the other two are funded by the organization itself, at a cost of around 300 euros per month. With only three months’ worth of financing left, Nos Oignons is holding its first funding drive to ensure these major relays stay online for the benefit of all Tor users.

If you donate more than 2 euros to Nos Oignons between 15th June and 15th August, you can suggest a name for their next Tor relay. The current set are named after the philosopher Herbert Marcuse, Ursula K. Le Guin’s “Ekumen” universe, and the protagonist of Walter Tevis’ novel “Mockingbird”, so use your imagination! At the end of the fundraiser, three entries will be chosen at random and the team will pick one of them; see the campaign page (or the English announcement) for information on how to take part.

Miscellaneous news

Anthony G. Basile put out version 20150616 of Tor-ramdisk, featuring updates to core software.

meejah announced that txtorcon, the Twisted-based asynchronous Tor controller, now supports David Stainton’s “tor:” endpoint parser. “This means two things: txtorcon now depends on txsocksx, and you can do "client-type" things directly with endpoints”. See meejah’s message for more details.

Jesse Victors published his second Tor Summer of Privacy status report for the OnioNS (Onion Name System) project, detailing further work to decentralize the system and improvements to event logging.

Arturo Filastò published a summary of the costs incurred by OONI’s next-generation data-processing pipeline since March.

Thanks to Ana Lucia Cortez for running a mirror of the Tor Project website and software archive!


This issue of Tor Weekly News has been assembled by Harmony and other contributors.

Want to continue reading TWN? Please help us create this newsletter. We still need more volunteers to watch the Tor community and report important news. Please see the project page, write down your name and subscribe to the team mailing list if you want to get involved!

How We Work

The Tor Project is driven by ideas. We believe in the right to privacy for every person on the planet. Our community—paid and volunteer—brainstorms projects that embody those ideas, like decentralized hidden messaging systems or ingenious new ways to get uncensored Internet access to people in China.

On our public wikis, we make lists of what we need to build these projects—and then we approach potential sponsors with these lists. If we’re lucky, a sponsor will pay to do the project. If not, we may make it for free.

This is true whether the potential sponsor is a government agency or anyone else.

Because of this system, some projects, like hidden services, need more funding, and we are seeking individual contributions to make this technology stronger. One day we hope to build it into many more programs—for instance, phone apps--to make them private and secure by default.

Our diverse, international community includes thousands of men and women inspired by the ideals we share. They work to support Tor and create important tools based on Tor, like Tails and Orbot (there are at least a dozen of these). Our group includes visionaries who think and talk publicly about the Internet and the future of privacy; among them: @nickm_tor, @ioerror and @RogerDingledine. @aaronsw was one of us.

We will accept no back doors to our software, ever. You can watch @ioerror talk about this at last year’s 31c3 talk in Hamburg. We believe in and build free, open source software—free as in freedom. Tor’s source code is online for everyone to see.

We are proud of our people, our work, and our ideals. We are a human rights organization. We are inventors. Our community is a workshop for the future of privacy tools; maybe even for the future of privacy.

The Tor community is open to newcomers; we hope you will join us.

Tor Weekly News — June 17th, 2015

Welcome to the twenty-fourth issue in 2015 of Tor Weekly News, the weekly newsletter that covers what’s happening in the Tor community.

Tor 0.2.6.9 is out

Nick Mathewson announced a new release in Tor’s current stable series. Version 0.2.6.9 stops relays without the Stable flag from serving as onion service directories, and raises the uptime requirement for the Stable flag itself, which means that any Sybil attacks launched against the network will not become effective for at least a week. This change only affects the Tor network’s nine directory authorities, most of whom have already upgraded.

The other significant fix in this release concerns port-based isolation of client requests, which now functions properly; if you make use of this feature in your standalone Tor client, then please upgrade as soon as possible. For other users, writes Nick, this “is not a high-urgency item”.

Tor Browser 4.5.2 and 5.0a2 are out

The Tor Browser team put out new stable and alpha releases of the privacy-preserving browser. As well as updates to key software components, versions 4.5.2 and 5.0a2 both contain fixes for the “Logjam” attack on TLS security - as Nick Mathewson wrote at the time of this vulnerability’s disclosure, the connections between Tor clients and relays were unlikely to have been affected by this attack, but the bug is now fixed in the browser component of Tor Browser as well.

These new releases also fix a possible crash in Linux, and stop the Add-ons page from breaking if Torbutton is disabled. The new alpha further improves meek’s compatibility with the automatic update process on Windows machines.

All users should upgrade their Tor Browser as soon as possible. Your browser might already have prompted you to do this — if not, you can always upgrade by downloading a fresh copy from the Tor website.

The future of GetTor and uncensorable software distribution

The GetTor service offers users who are unable to reach the Tor website an alternative method of downloading Tor Browser: any email sent to gettor@torproject.org will receive an automated reply containing links to file-hosting services (such as Dropbox) for the latest Tor Browser package and its signature.

Israel Leiva, lead developer on the revamped GetTor project since last year’s Google Summer of Code, is back for the first-ever Tor Summer of Privacy to continue expanding the feature set of this tool. As Israel wrote to the tor-dev mailing list, current plans for the summer include the addition of other file-hosting services, Tor Browser localizations, and other distribution methods (including instant messaging and Twitter).

However, it might also be time for a more radical change in the way GetTor works. An official distributor application or browser add-on, available through channels like the OS X or Google Chrome app stores, could automate Tor Browser downloads, as well as the vital but unintuitive process of verifying the signature to ensure the software has not been tampered with. Israel offered two suggestions for the inner workings of such a distributor: one involving a fixed (but potentially blockable) backend API with which the distributor communicates, and one in which a more complex distributor is capable of helping the user download the required software from several different sources.

Some related projects are already underway: the Tails team is discussing the possibility of its own browser add-on for ISO download and verification, while Griffin Boyce pointed to his own Satori project, a distributor application that offers torrent files and content-delivery network (CDN) links. The discussion over the possible GetTor distributor’s relationship with these projects is still to be had.

“I would really love to hear your comments about this idea, my work at Summer of Privacy might change depending on this discussion”, writes Israel. It’s clear that forcing users to depend on “single points of failure” for their software is bad news all round, so if you have worthwhile ideas to add to this discussion, feel free to take them to the tor-dev mailing list thread.

Great progress on Orfox browser

Nathan Freitas, of mobile device security specialists the Guardian Project, reported on the status of Orfox, the Android-compatible Tor Browser build. “The goal is to get as close to the ‘real Tor Browser’ while taking into account the new, unique issues we face on Android”, he wrote. Amogh Pradeep, former Google Summer of Code student and now intern at the Guardian Project, has made significant progress getting the software to build, and you can follow his regular updates on the Orfox development blog. “We expect to have an alpha out this week”, wrote Nathan, “but feel free to jump in on testing of the posted builds, and file bugs or feature requests as you find them”.

A persistent Tor state for Tails?

The Tails team is discussing the possibility of making Tor’s state persist across sessions in the anonymous live operating system. As the team writes on the relevant blueprint page, such a change would have several benefits: not only would Tor’s bootstrap process be faster and more efficient, but it would enable Tails to take advantage of the “entry guards” concept, without which Tails users are more likely to select a malicious entry node at some point over the course of their activity. Moreover, the fact that Tails selects a new entry node on every boot, while Tor Browser does not, allows an adversary to determine whether a user who remains on one network (their home or place of work, for example) is using Tails or not. This would also be solved by a persistent Tor state.

However, this change does of course have some drawbacks. For one thing, although entry guards in Tails would help defend against end-to-end correlation attacks, they enable a certain kind of fingerprinting: if a user makes a connection to an entry guard from their home, and an adversary later observes a connection to the same guard from an event or meeting-place that the user is suspected of attending, the adversary can draw a conclusion about the user’s geographical movement. This violates one of Tails’ threat model principles, which the team calls “AdvGoalTracking”. There are ways that Tails could request location information from the user in order to maintain different entry guards for different locations, but too many requests for information might bamboozle Tails users into accidentally worsening their own security, especially if they do not understand the threat model behind the requests, or it does not apply to them.

What is needed, then, is a balance between “defaults that suit the vast majority of use-cases […] for Tails’ target audience” and helping “users with different needs to avoid becoming less safe ‘thanks’ to this new feature”. The discussion continues on the tails-dev mailing list.

Miscellaneous news

Nick Mathewson recommended that all relay operators upgrade their copies of OpenSSL to fix several issues that could enable remote denial-of-service attacks. As Nick makes clear, this is an “upgrade when you can”-level announcement, rather than a “run in circles freaking out”. Nick also requests that people still using OpenSSL’s 0.9.8 series upgrade to one of the more recent versions, as 0.9.8 contains several security flaws and will not be supported by Tor 0.2.7.2-alpha or later.

Sherief Alaa reported on his activities in May.


This issue of Tor Weekly News has been assembled by Harmony.

Want to continue reading TWN? Please help us create this newsletter. We still need more volunteers to watch the Tor community and report important news. Please see the project page, write down your name and subscribe to the team mailing list if you want to get involved!

Tor Browser 5.0a2 is released

The second alpha release in the 5.0 series of the Tor Browser is now available from our extended downloads page as well as the distribution directory.

This release provides a fix for the Logjam attack (https://weakdh.org/) and updates a number of Tor Browser components: Tor to version 0.2.7.1-alpha, Torbutton to version 1.9.2.7, NoScript to version 2.6.9.26, meek to version 0.19 and HTTPS-Everywhere to version 5.0.5. Moreover, it fixes a possible crash on Linux and avoids breaking the Add-ons page if Torbutton is disabled, and it also fixes an update issue when using meek on Windows systems.

Here is the complete changelog

  • All Platforms
    • Update Tor to 0.2.7.1-alpha
    • Update OpenSSL to 1.0.1n
    • Update HTTPS-Everywhere to 5.0.5
    • Update NoScript to 2.6.9.26
    • Update meek to 0.19
    • Update Torbutton to 1.9.2.7
      • Bug 15984: Disabling Torbutton breaks the Add-ons Manager
      • Bug 14429: Make sure the automatic resizing is enabled
      • Translation updates
    • Bug 16130: Defend against logjam attack
    • Bug 15984: Disabling Torbutton breaks the Add-ons Manager
  • Windows
    • Bug 16014: Staged update fails if meek is enabled
    • Bug 16269: repeated add-on compatibility check after update (meek enabled)
  • Linux
    • Bug 16026: Fix crash in GStreamer
    • Bug 16083: Update comment in start-tor-browser

Tor Browser 4.5.2 is released

A new release for the stable Tor Browser is available from the Tor Browser Project page and also from our distribution directory.

Tor Browser 4.5.2 provides a fix for the Logjam attack (https://weakdh.org/) and updates a number of Tor Browser components: Tor to version 0.2.6.9, Torbutton to version 1.9.2.6, NoScript to version 2.6.9.26 and HTTPS-Everywhere to version 5.0.5. Moreover, it fixes a possible crash on Linux and avoids breaking the Add-ons page if Torbutton is disabled.

Here is the complete changelog since 4.5.1:

  • All Platforms
    • Update Tor to 0.2.6.9
    • Update OpenSSL to 1.0.1n
    • Update HTTPS-Everywhere to 5.0.5
    • Update NoScript to 2.6.9.26
    • Update Torbutton to 1.9.2.6
      • Bug 15984: Disabling Torbutton breaks the Add-ons Manager
      • Bug 14429: Make sure the automatic resizing is disabled
      • Translation updates
    • Bug 16130: Defend against logjam attack
    • Bug 15984: Disabling Torbutton breaks the Add-ons Manager
  • Linux
    • Bug 16026: Fix crash in GStreamer
    • Bug 16083: Update comment in start-tor-browser

Tor 0.2.6.9 is released.

Hi! I've just put out a new stable Tor release. It is not a high-urgency item for most clients and relays, but directory authorities should upgrade, as should any clients who rely on port-based circuit isolation. Right now, the source is available on the website, and packages should become available once their maintainers build them.

Tor 0.2.6.9 fixes a regression in the circuit isolation code, increases the requirements for receiving an HSDir flag, and addresses some other small bugs in the systemd and sandbox code. Clients using circuit isolation should upgrade; all directory authorities should upgrade.

Changes in version 0.2.6.9 - 2015-06-11

  • Major bugfixes (client-side privacy):
    • Properly separate out each SOCKSPort when applying stream isolation. The error occurred because each port's session group was being overwritten by a default value when the listener connection was initialized. Fixes bug 16247; bugfix on 0.2.6.3-alpha. Patch by "jojelino".
  • Minor feature (directory authorities, security):
    • The HSDir flag given by authorities now requires the Stable flag. For the current network, this results in going from 2887 to 2806 HSDirs. Also, it makes it harder for an attacker to launch a sybil attack by raising the effort for a relay to become Stable which takes at the very least 7 days to do so and by keeping the 96 hours uptime requirement for HSDir. Implements ticket 8243.

  read more »

Syndicate content