Archive

Tor Browser 5.0a3 is released

The Tor Browser Team is proud to announce the first alpha released based on Firefox 38 ESR.

As such, this release features many updates to Firefox (including several security updates), as well as to our build system and dependencies. For this release, we performed a thorough network and feature review of Firefox 38, and fixed the most pressing privacy issues, as well as all Tor proxy safety issues that we discovered during the audit.

We also updated our toolchain on OS X to use the OS X 10.7 SDK. For Linux and Windows we switched to GCC 5.1 as our new (cross)-compiler. We are therefore especially interested in feedback if there are stability issues or broken Tor Browser bundles due to these toolchain upgrades.

Besides Firefox 38 and build system changes, we also updated several components. Most notably, we bumped OpenSSL to version 1.0.1o, NoScript to version 2.6.9.27 and Torbutton to version 1.9.3.0. Included as well is a backported Tor patch to improve usability on websites, and we fixed a crash bug impacting users with the security slider level set to "High".

Here is the complete changelog since 5.0a2

  • All Platforms
    • Update Firefox to 38.1.0esr
    • Update OpenSSL to 1.0.1o
    • Update NoScript to 2.6.9.27
    • Update meek to 0.20
    • Update Torbutton to 1.9.3.0
      • Bug 16403: Set search parameters for Disconnect
      • Bug 14429: Make sure the automatic resizing is enabled
      • Bug 16427: Use internal update URL to block updates (instead of
        127.0.0.1)

      • Bug 16200: Update Cache API usage and prefs for FF38
      • Bug 16357: Use Mozilla API to wipe permissions db
      • Translation updates
    • Update Tor Launcher to 0.2.6.7
      • Bug 16428: Use internal update URL to block updates (instead of
        127.0.0.1)

      • Bug 15145: Visually distinguish "proxy" and "bridge" screens.
      • Translation updates
    • Bug 16430: Allow DNS names with _ characters in them (fixes
      nytimes.com) (Tor patch backport)

    • Bug 13247: Fix meek profile error after bowser restarts
    • Bug 16397: Fix crash related to disabling SVG
    • Bug 16403: Set search parameters for Disconnect
    • Bug 16446: Update FTE bridge #1 fingerprint
    • Bug 15646: Prevent keyboard layout fingerprinting in KeyboardEvent
    • Bug 16005: Relax WebGL minimal mode
    • Bug 16300: Isolate Broadcast Channels to first party
    • Bug 16439: Remove Roku screencasting code
    • Bug 16285: Disabling EME bits
    • Bug 16206: Enforce certificate pinning
    • Bug 13670: Isolate OCSP requests by first party domain
    • Bug 16448: Isolate favicon requests by first party
    • Bug 7561: Disable FTP request caching
    • Bug 6503: Fix single-word URL bar searching
    • Bug 15526: ES6 page crashes Tor Browser
    • Bug 16254: Disable GeoIP-based search results
    • Bug 16222: Disable WebIDE to prevent remote debugging and addon
      downloads.

    • Bug 13024: Disable DOM Resource Timing API
    • Bug 16340: Disable User Timing API
    • Bug 14952: Disable HTTP/2
  • Mac OS
    • Use OSX 10.7 SDK
    • Bug 16253: Tor Browser menu on OS X is broken with ESR 38
  • Build System
    • Bug 16351: Upgrade our toolchain to use GCC 5.1
    • Bug 15772 and child tickets: Update build system for Firefox 38

Tor Browser 4.5.3 is released

A new release for the stable Tor Browser is available from the Tor Browser Project page and also from our distribution directory.

Tor Browser 4.5.3 is based on Firefox ESR 31.8.0, which features important security updates to Firefox.

Moreover, it contains an updated OpenSSL, NoScript and Torbutton, a fix for a crash bug visible with the security slider level set to "High" and a backport of a Tor patch to improve usability on websites.

Here is the complete changelog since 4.5.2:

  • All Platforms
    • Update Firefox to 31.8.0esr
    • Update OpenSSL to 1.0.1o
    • Update NoScript to 2.6.9.27
    • Update Torbutton to 1.9.2.8
      • Bug 16403: Set search parameters for Disconnect
      • Bug 14429: Make sure the automatic resizing is disabled
      • Translation updates
    • Bug 16397: Fix crash related to disabling SVG
    • Bug 16403: Set search parameters for Disconnect
    • Bug 16446: Update FTE bridge #1 fingerprint
    • Bug 16430: Allow DNS names with _ characters in them (fixes
      nytimes.com) (Tor patch backport)

Tor Weekly News — July 2nd, 2015

Welcome to the twenty-sixth issue in 2015 of Tor Weekly News, the weekly newsletter that covers what’s happening in the Tor community.

Tor Messenger Third Alpha is out

Sukhbir Singh and Arlo Breault put out a third alpha version of Tor Messenger, the Instantbird-based instant messaging client with Tor and Off-the-Record encryption enabled by default.

This release comes with packages for Windows and Mac OS X, as well as 32-bit and 64-bit Linux. Major improvements include the ability to create XMPP accounts in-band (that is, by logging in with the desired account credentials, if the chat server supports this), meaning that users no longer have to create their accounts beforehand over a non-Tor connection; usability improvements to the Off-the-Record extension; an installable Arabic language pack, courtesy of Sherief Alaa (with more languages to follow); and other network- and application-related enhancements.

However, this is still an alpha release: “there may be serious privacy leaks and other issues”, so “please DO NOT recommend Tor Messenger to end users” just yet. If you’d like to test the software out, please see Sukhbir’s announcement for download links and installation instructions, then submit your feedback on Tor’s bug tracker with the “Tor Messenger” component, or on the tor-dev mailing list or IRC channel.

OnionBalance 0.0.1 is out

Donncha O’Cearbhaill, one of the students participating in the first-ever Tor Summer of Privacy, released the first alpha version of his OnionBalance tool. OnionBalance “provides load-balancing and redundancy for Tor hidden services by distributing client requests to multiple backend Tor instances”; if you run an onion service that handles a large number of client requests, or require automatic failover in the event that some of your hardware fails or is seized, OnionBalance will help to distribute the load evenly and efficiently.

The tool is currently under heavy development, and “there are likely bugs which cause the OnionBalance service to crash or not operate correctly”. “I would very much appreciate any feedback or bug reports. In particular I would like to improve the documentation and make the tool easier for operators to install and run”, writes Donncha. Please see the release announcement for further information and installation instructions.

Tor Weekly News turns two

The first issue of Tor Weekly News was sent out on July 3rd, 2013. Since the last anniversary, we’ve reported on many positive developments in the Tor community: work by Facebook security engineers to offer a Tor onion service for the world’s largest social network; the Library Freedom Project helping American public libraries to protect their patrons’ right to free expression with Tor; a significant community-chosen donation by Reddit to the Tor Project; credits for Tor and Tails in an Academy Award-winning documentary film; and of course the daily software development, research, and innovation that ensure security and anonymity for millions of Internet users around the world. Last month we were even able to lead our hundredth issue with the wonderful news that the United Nations Special Rapporteur on freedom of opinion and expression has endorsed the Tor Project’s work in his first report to the UN Human Rights Council.

We’re always grateful for help and suggestions; if you’d like to get involved, see the information below for more details. Many thanks to everyone who has helped to write and proofread this newsletter over the past two years.

Monthly status reports for June 2015

The wave of regular monthly reports from Tor project members for the month of June has begun. Damian Johnson released his report first (with an update on Nyx development), followed by reports from Karsten Loesing (on project management and Tor network tools), Jacob Appelbaum (on outreach and advocacy), David Goulet (on onion service development), and Pearl Crescent (on development of Tor Browser and related software).

Mike Perry sent out the report for the Tor Browser team.

Miscellaneous news

Griffin Boyce offered an update on the development status of Stormy, the one-click onion service setup tool: “Right now, the scripts are undergoing third-party testing to identify any obvious bugs before sending them to security auditors”.

Chloe posted details of an experiment to detect malicious Tor relays that might be stealing usernames and passwords that are not protected by HTTPS connections.

Juha Nurmi warned that an attacker is creating fake onion addresses that resemble those of popular onion services, including ahmia.fi, and using them to interfere with the content of onion pages as clients request them. Another update gives more information about the details of the attack.


This issue of Tor Weekly News has been assembled by Harmony.

Want to continue reading TWN? Please help us create this newsletter. We still need more volunteers to watch the Tor community and report important news. Please see the project page, write down your name and subscribe to the team mailing list if you want to get involved!

Tor Weekly News — June 24th, 2015

Welcome to the twenty-fifth issue in 2015 of Tor Weekly News, the weekly newsletter that covers what’s happening in the Tor community.

Adopt an onion with Nos Oignons

Alongside the thousands of individual Tor relay operators who donate their time, expertise, and resources in order to build a fast and stable Tor network, a number of Tor relay organizations (independent of the Tor Project itself) have been set up in several countries. These groups make use of the benefits that formal non-profit status brings — such as funding opportunities, resource pooling, and legal advice — to set up and operate fast, secure Tor relays, and often to represent Tor and Tor users in local-language media. Torservers.net — the Germany-based relay organization and umbrella group for these projects — currently lists fourteen partner organizations in eleven countries, with more on the way.

Nos Oignons, the French Torservers.net partner, runs five high-capacity relays on three machines that together handle a fiftieth of current Tor traffic. The bandwidth for one of these is generously provided by the registrar and hosting company Gandi, but the other two are funded by the organization itself, at a cost of around 300 euros per month. With only three months’ worth of financing left, Nos Oignons is holding its first funding drive to ensure these major relays stay online for the benefit of all Tor users.

If you donate more than 2 euros to Nos Oignons between 15th June and 15th August, you can suggest a name for their next Tor relay. The current set are named after the philosopher Herbert Marcuse, Ursula K. Le Guin’s “Ekumen” universe, and the protagonist of Walter Tevis’ novel “Mockingbird”, so use your imagination! At the end of the fundraiser, three entries will be chosen at random and the team will pick one of them; see the campaign page (or the English announcement) for information on how to take part.

Miscellaneous news

Anthony G. Basile put out version 20150616 of Tor-ramdisk, featuring updates to core software.

meejah announced that txtorcon, the Twisted-based asynchronous Tor controller, now supports David Stainton’s “tor:” endpoint parser. “This means two things: txtorcon now depends on txsocksx, and you can do "client-type" things directly with endpoints”. See meejah’s message for more details.

Jesse Victors published his second Tor Summer of Privacy status report for the OnioNS (Onion Name System) project, detailing further work to decentralize the system and improvements to event logging.

Arturo Filastò published a summary of the costs incurred by OONI’s next-generation data-processing pipeline since March.

Thanks to Ana Lucia Cortez for running a mirror of the Tor Project website and software archive!


This issue of Tor Weekly News has been assembled by Harmony and other contributors.

Want to continue reading TWN? Please help us create this newsletter. We still need more volunteers to watch the Tor community and report important news. Please see the project page, write down your name and subscribe to the team mailing list if you want to get involved!

How We Work

The Tor Project is driven by ideas. We believe in the right to privacy for every person on the planet. Our community—paid and volunteer—brainstorms projects that embody those ideas, like decentralized hidden messaging systems or ingenious new ways to get uncensored Internet access to people in China.

On our public wikis, we make lists of what we need to build these projects—and then we approach potential sponsors with these lists. If we’re lucky, a sponsor will pay to do the project. If not, we may make it for free.

This is true whether the potential sponsor is a government agency or anyone else.

Because of this system, some projects, like hidden services, need more funding, and we are seeking individual contributions to make this technology stronger. One day we hope to build it into many more programs—for instance, phone apps--to make them private and secure by default.

Our diverse, international community includes thousands of men and women inspired by the ideals we share. They work to support Tor and create important tools based on Tor, like Tails and Orbot (there are at least a dozen of these). Our group includes visionaries who think and talk publicly about the Internet and the future of privacy; among them: @nickm_tor, @ioerror and @RogerDingledine. @aaronsw was one of us.

We will accept no back doors to our software, ever. You can watch @ioerror talk about this at last year’s 31c3 talk in Hamburg. We believe in and build free, open source software—free as in freedom. Tor’s source code is online for everyone to see.

We are proud of our people, our work, and our ideals. We are a human rights organization. We are inventors. Our community is a workshop for the future of privacy tools; maybe even for the future of privacy.

The Tor community is open to newcomers; we hope you will join us.

Tor Weekly News — June 17th, 2015

Welcome to the twenty-fourth issue in 2015 of Tor Weekly News, the weekly newsletter that covers what’s happening in the Tor community.

Tor 0.2.6.9 is out

Nick Mathewson announced a new release in Tor’s current stable series. Version 0.2.6.9 stops relays without the Stable flag from serving as onion service directories, and raises the uptime requirement for the Stable flag itself, which means that any Sybil attacks launched against the network will not become effective for at least a week. This change only affects the Tor network’s nine directory authorities, most of whom have already upgraded.

The other significant fix in this release concerns port-based isolation of client requests, which now functions properly; if you make use of this feature in your standalone Tor client, then please upgrade as soon as possible. For other users, writes Nick, this “is not a high-urgency item”.

Tor Browser 4.5.2 and 5.0a2 are out

The Tor Browser team put out new stable and alpha releases of the privacy-preserving browser. As well as updates to key software components, versions 4.5.2 and 5.0a2 both contain fixes for the “Logjam” attack on TLS security - as Nick Mathewson wrote at the time of this vulnerability’s disclosure, the connections between Tor clients and relays were unlikely to have been affected by this attack, but the bug is now fixed in the browser component of Tor Browser as well.

These new releases also fix a possible crash in Linux, and stop the Add-ons page from breaking if Torbutton is disabled. The new alpha further improves meek’s compatibility with the automatic update process on Windows machines.

All users should upgrade their Tor Browser as soon as possible. Your browser might already have prompted you to do this — if not, you can always upgrade by downloading a fresh copy from the Tor website.

The future of GetTor and uncensorable software distribution

The GetTor service offers users who are unable to reach the Tor website an alternative method of downloading Tor Browser: any email sent to gettor@torproject.org will receive an automated reply containing links to file-hosting services (such as Dropbox) for the latest Tor Browser package and its signature.

Israel Leiva, lead developer on the revamped GetTor project since last year’s Google Summer of Code, is back for the first-ever Tor Summer of Privacy to continue expanding the feature set of this tool. As Israel wrote to the tor-dev mailing list, current plans for the summer include the addition of other file-hosting services, Tor Browser localizations, and other distribution methods (including instant messaging and Twitter).

However, it might also be time for a more radical change in the way GetTor works. An official distributor application or browser add-on, available through channels like the OS X or Google Chrome app stores, could automate Tor Browser downloads, as well as the vital but unintuitive process of verifying the signature to ensure the software has not been tampered with. Israel offered two suggestions for the inner workings of such a distributor: one involving a fixed (but potentially blockable) backend API with which the distributor communicates, and one in which a more complex distributor is capable of helping the user download the required software from several different sources.

Some related projects are already underway: the Tails team is discussing the possibility of its own browser add-on for ISO download and verification, while Griffin Boyce pointed to his own Satori project, a distributor application that offers torrent files and content-delivery network (CDN) links. The discussion over the possible GetTor distributor’s relationship with these projects is still to be had.

“I would really love to hear your comments about this idea, my work at Summer of Privacy might change depending on this discussion”, writes Israel. It’s clear that forcing users to depend on “single points of failure” for their software is bad news all round, so if you have worthwhile ideas to add to this discussion, feel free to take them to the tor-dev mailing list thread.

Great progress on Orfox browser

Nathan Freitas, of mobile device security specialists the Guardian Project, reported on the status of Orfox, the Android-compatible Tor Browser build. “The goal is to get as close to the ‘real Tor Browser’ while taking into account the new, unique issues we face on Android”, he wrote. Amogh Pradeep, former Google Summer of Code student and now intern at the Guardian Project, has made significant progress getting the software to build, and you can follow his regular updates on the Orfox development blog. “We expect to have an alpha out this week”, wrote Nathan, “but feel free to jump in on testing of the posted builds, and file bugs or feature requests as you find them”.

A persistent Tor state for Tails?

The Tails team is discussing the possibility of making Tor’s state persist across sessions in the anonymous live operating system. As the team writes on the relevant blueprint page, such a change would have several benefits: not only would Tor’s bootstrap process be faster and more efficient, but it would enable Tails to take advantage of the “entry guards” concept, without which Tails users are more likely to select a malicious entry node at some point over the course of their activity. Moreover, the fact that Tails selects a new entry node on every boot, while Tor Browser does not, allows an adversary to determine whether a user who remains on one network (their home or place of work, for example) is using Tails or not. This would also be solved by a persistent Tor state.

However, this change does of course have some drawbacks. For one thing, although entry guards in Tails would help defend against end-to-end correlation attacks, they enable a certain kind of fingerprinting: if a user makes a connection to an entry guard from their home, and an adversary later observes a connection to the same guard from an event or meeting-place that the user is suspected of attending, the adversary can draw a conclusion about the user’s geographical movement. This violates one of Tails’ threat model principles, which the team calls “AdvGoalTracking”. There are ways that Tails could request location information from the user in order to maintain different entry guards for different locations, but too many requests for information might bamboozle Tails users into accidentally worsening their own security, especially if they do not understand the threat model behind the requests, or it does not apply to them.

What is needed, then, is a balance between “defaults that suit the vast majority of use-cases […] for Tails’ target audience” and helping “users with different needs to avoid becoming less safe ‘thanks’ to this new feature”. The discussion continues on the tails-dev mailing list.

Miscellaneous news

Nick Mathewson recommended that all relay operators upgrade their copies of OpenSSL to fix several issues that could enable remote denial-of-service attacks. As Nick makes clear, this is an “upgrade when you can”-level announcement, rather than a “run in circles freaking out”. Nick also requests that people still using OpenSSL’s 0.9.8 series upgrade to one of the more recent versions, as 0.9.8 contains several security flaws and will not be supported by Tor 0.2.7.2-alpha or later.

Sherief Alaa reported on his activities in May.


This issue of Tor Weekly News has been assembled by Harmony.

Want to continue reading TWN? Please help us create this newsletter. We still need more volunteers to watch the Tor community and report important news. Please see the project page, write down your name and subscribe to the team mailing list if you want to get involved!

Tor Browser 5.0a2 is released

The second alpha release in the 5.0 series of the Tor Browser is now available from our extended downloads page as well as the distribution directory.

This release provides a fix for the Logjam attack (https://weakdh.org/) and updates a number of Tor Browser components: Tor to version 0.2.7.1-alpha, Torbutton to version 1.9.2.7, NoScript to version 2.6.9.26, meek to version 0.19 and HTTPS-Everywhere to version 5.0.5. Moreover, it fixes a possible crash on Linux and avoids breaking the Add-ons page if Torbutton is disabled, and it also fixes an update issue when using meek on Windows systems.

Here is the complete changelog

  • All Platforms
    • Update Tor to 0.2.7.1-alpha
    • Update OpenSSL to 1.0.1n
    • Update HTTPS-Everywhere to 5.0.5
    • Update NoScript to 2.6.9.26
    • Update meek to 0.19
    • Update Torbutton to 1.9.2.7
      • Bug 15984: Disabling Torbutton breaks the Add-ons Manager
      • Bug 14429: Make sure the automatic resizing is enabled
      • Translation updates
    • Bug 16130: Defend against logjam attack
    • Bug 15984: Disabling Torbutton breaks the Add-ons Manager
  • Windows
    • Bug 16014: Staged update fails if meek is enabled
    • Bug 16269: repeated add-on compatibility check after update (meek enabled)
  • Linux
    • Bug 16026: Fix crash in GStreamer
    • Bug 16083: Update comment in start-tor-browser

Tor Browser 4.5.2 is released

A new release for the stable Tor Browser is available from the Tor Browser Project page and also from our distribution directory.

Tor Browser 4.5.2 provides a fix for the Logjam attack (https://weakdh.org/) and updates a number of Tor Browser components: Tor to version 0.2.6.9, Torbutton to version 1.9.2.6, NoScript to version 2.6.9.26 and HTTPS-Everywhere to version 5.0.5. Moreover, it fixes a possible crash on Linux and avoids breaking the Add-ons page if Torbutton is disabled.

Here is the complete changelog since 4.5.1:

  • All Platforms
    • Update Tor to 0.2.6.9
    • Update OpenSSL to 1.0.1n
    • Update HTTPS-Everywhere to 5.0.5
    • Update NoScript to 2.6.9.26
    • Update Torbutton to 1.9.2.6
      • Bug 15984: Disabling Torbutton breaks the Add-ons Manager
      • Bug 14429: Make sure the automatic resizing is disabled
      • Translation updates
    • Bug 16130: Defend against logjam attack
    • Bug 15984: Disabling Torbutton breaks the Add-ons Manager
  • Linux
    • Bug 16026: Fix crash in GStreamer
    • Bug 16083: Update comment in start-tor-browser
Syndicate content