Archive - Apr 2010

  • All
  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30

Bittorrent over Tor isn't a good idea

An increasing number of people are asking us about the recent paper coming out of Inria in France around Bittorrent and privacy attacks. This post tries to explain the attacks and what they imply.

There are three pieces to the attack (or three separate attacks that build on each other, if you prefer). read more »

You have won the Tor sweepstakes and other scams

Over the past 18 months someone has been mailing fake checks from us to individuals all over the United States. The text of the letter one receives is:

From: Merchant & Bryce, Partners in Finance.
To: victim

Congratulations! We are pleased to inform you that you are one of the 26 declared lucky winners of our 2009 Dreams Sweepstakes(tm) held on [pick a date] in the 2nd category. A ticket with serial numbers [make up some numbers] attached to your name drew the lucky winning numbers [make up some numbers]. read more »

Tor and are out

Tor fixes a critical bug in how directory authorities
handle and vote on descriptors. It was causing relays to drop out of
the consensus.

Tor fixes yet another instance of broken OpenSSL libraries
that was causing some relays to drop out of the consensus.

(Windows bundles will be available whenever Andrew gets around to making
them; we're trying to stick to a policy of announcing alphas on time
rather than waiting for every package.)

Original announcement is at

Changes in version - 2010-04-20
o Major bugfixes:
- Many relays have been falling out of the consensus lately because
not enough authorities know about their descriptor for them to get
a majority of votes. When we deprecated the v2 directory protocol,
we got rid of the only way that v3 authorities can hear from each read more »

March 2010 Progress Report

New Releases
On March 7th, we released the latest in the -alpha series, Tor Tor fixes a regression introduced in that could prevent relays from guessing their IP address correctly. It also starts the groundwork for another client-side performance boost, since currently we're not making efficient use of relays that have both the Guard flag and the Exit flag.

o Major bugfixes:
- Fix a regression from our patch for bug 1244 that caused relays
to guess their IP address incorrectly if they didn't set Address
in their torrc and/or their address fails to resolve. Bugfix on; fixes bug 1269.

o Major features (performance):
- Directory authorities now compute consensus weightings that instruct
clients how to weight relays flagged as Guard, Exit, Guard+Exit,
and no flag. Clients that use these weightings will distribute read more »

Torbutton Release 1.2.5, Google Captchas, and

Torbutton 1.2.5 has been released. You can download it from the torbutton homepage. It has also been submitted to, though it may take a while for Mozilla to review the addon.

In addition to the numerous bug fixes mentioned in the changelog, one of the new features of this release is to provide the ability to automatically redirect to an alternate search engine when Google presents you with a captcha. The current options are IxQuick, Bing, Yahoo, and Scroogle. Since it supports SSL, and appears to have a progressive stance on user privacy, IxQuick is the current default. read more »

Syndicate content