Posts by nickm

New Release: Tor 0.4.2.1-alpha

by nickm | September 17, 2019

There's a new alpha release available for download. If you build Tor from source, you can download the source code for 0.4.2.1-alpha from the download page on the website. Packages should be available over the coming weeks, with a new alpha Tor Browser release in the next couple of weeks.

New release: Tor 0.4.1.5

by nickm | August 20, 2019

After months of work, we have a new stable release series! If you build Tor from source, you can download the source code for 0.4.1.5 on the website. Packages should be available within the next several weeks, with a new Tor Browser in early September.

This is the first stable release in the 0.4.1.x series. This series adds experimental circuit-level padding, authenticated SENDME cells to defend against certain attacks, and several performance improvements to save on CPU consumption. It fixes bugs in bootstrapping and v3 onion services. It also includes numerous smaller features and bugfixes on earlier versions.

Per our support policy, we will support the 0.4.1.x series for nine months, or until three months after the release of a stable 0.4.2.x: whichever is longer. If you need longer-term support, please stick with 0.3.5.x, which will we plan to support until Feb 2022.

Below are the changes since 0.4.0.5. For a list of only the changes since 0.4.1.4-rc, see the ChangeLog file.

Changes in version 0.4.1.5 - 2019-08-20

  • Directory authority changes:
    • The directory authority "dizum" has a new IP address. Closes ticket 31406.
  • Major features (circuit padding):
    • Onion service clients now add padding cells at the start of their INTRODUCE and RENDEZVOUS circuits, to make those circuits' traffic look more like general purpose Exit traffic. The overhead for this is 2 extra cells in each direction for RENDEZVOUS circuits, and 1 extra upstream cell and 10 downstream cells for INTRODUCE circuits. This feature is only enabled when also supported by the circuit's middle node. (Clients may specify fixed middle nodes with the MiddleNodes option, and may force-disable this feature with the CircuitPadding option.) Closes ticket 28634.

 

New release candidate: Tor 0.4.1.4-rc

by nickm | July 26, 2019

There's a new release candidate available for download. If you build Tor from source, you can download the source code for 0.4.1.4-rc from the usual place on the website. Packages should be available over the coming weeks, with a new alpha Tor Browser release likely in the next month or so.

Remember, this is just a release candidate: you should only run this if you'd like to find and report bugs.

Tor 0.4.1.4-rc fixes a few bugs from previous versions of Tor, and updates to a new list of fallback directories. If no new bugs are found, the next release in the 0.4.1.x series should be stable.

Changes in version 0.4.1.4-rc - 2019-07-25

  • Major bugfixes (circuit build, guard):
    • When considering upgrading circuits from "waiting for guard" to "open", always ignore circuits that are marked for close. Otherwise, we can end up in the situation where a subsystem is notified that a closing circuit has just opened, leading to undesirable behavior. Fixes bug 30871; bugfix on 0.3.0.1-alpha.
  • Minor features (continuous integration):
    • Our Travis configuration now uses Chutney to run some network integration tests automatically. Closes ticket 29280.

 

New alpha release: Tor 0.4.1.3-alpha

by nickm | June 25, 2019

There's a new alpha release available for download. If you build Tor from source, you can download the source code for 0.4.1.3-alpha from the usual place on the website. Packages should be available over the coming weeks, with a new alpha Tor Browser release likely in the next couple of weeks.

Remember, this is an alpha release: you should only run this if you'd like to find and report more bugs than usual.

Tor 0.4.1.3-alpha resolves numerous bugs left over from the previous alpha, most of them from earlier release series.

Changes in version 0.4.1.3-alpha - 2019-06-25

  • Major bugfixes (Onion service reachability):
    • Properly clean up the introduction point map when circuits change purpose from onion service circuits to pathbias, measurement, or other circuit types. This should fix some service-side instances of introduction point failure. Fixes bug 29034; bugfix on 0.3.2.1-alpha.
  • Minor features (geoip):
    • Update geoip and geoip6 to the June 10 2019 Maxmind GeoLite2 Country database. Closes ticket 30852.

 

New alpha release: Tor 0.4.1.2-alpha

by nickm | June 6, 2019

There's a new alpha release available for download. If you build Tor from source, you can download the source code for 0.4.1.2-alpha from the usual place on the website. Packages should be available over the coming weeks, with a new alpha Tor Browser release by some time next week.

Remember, this is an alpha release: you should only run this if you'd like to find and report more bugs than usual.

Tor 0.4.1.2-alpha resolves numerous bugs--some of them from the previous alpha, and some much older. It also contains minor testing improvements, and an improvement to the security of our authenticated SENDME implementation.

Changes in version 0.4.1.2-alpha - 2019-06-06

  • Major bugfixes (bridges):
    • Consider our directory information to have changed when our list of bridges changes. Previously, Tor would not re-compute the status of its directory information when bridges changed, and therefore would not realize that it was no longer able to build circuits. Fixes part of bug 29875.
    • Do not count previously configured working bridges towards our total of working bridges. Previously, when Tor's list of bridges changed, it would think that the old bridges were still usable, and delay fetching router descriptors for the new ones. Fixes part of bug 29875; bugfix on 0.3.0.1-alpha.
  • Major bugfixes (flow control, SENDME):
    • Decrement the stream-level package window after packaging a cell. Previously, it was done inside a log_debug() call, meaning that if debug logs were not enabled, the decrement would never happen, and thus the window would be out of sync with the other end point. Fixes bug 30628; bugfix on 0.4.1.1-alpha.

 

New alpha release: Tor 0.4.1.1-alpha

by nickm | May 22, 2019

There's a new alpha release available for download. If you build Tor from source, you can download the source code for 0.4.1.1-alpha from the usual place on the website. Packages should be available over the coming weeks, with a new alpha Tor Browser release in the next couple of weeks.

Remember, this is an alpha release: you should only run this if you'd like to find and report more bugs than usual.

This is the first alpha in the 0.4.1.x series. It introduces lightweight circuit padding to make some onion-service circuits harder to distinguish, includes a new "authenticated SENDME" feature to make certain denial-of-service attacks more difficult, and improves performance in several areas.

Changes in version 0.4.1.1-alpha - 2019-05-22

  • Major features (circuit padding):
    • Onion service clients now add padding cells at the start of their INTRODUCE and RENDEZVOUS circuits, to make those circuits' traffic look more like general purpose Exit traffic. The overhead for this is 2 extra cells in each direction for RENDEZVOUS circuits, and 1 extra upstream cell and 10 downstream cells for INTRODUCE circuits. This feature is only enabled when also supported by the circuit's middle node. (Clients may specify fixed middle nodes with the MiddleNodes option, and may force-disable this feature with the CircuitPadding torrc.) Closes ticket 28634.
  • Major features (code organization):
    • Tor now includes a generic publish-subscribe message-passing subsystem that we can use to organize intermodule dependencies. We hope to use this to reduce dependencies between modules that don't need to be related, and to generally simplify our codebase. Closes ticket 28226.

 

New Release: Tor 0.4.0.5

by nickm | May 3, 2019

After months of work, we have a new stable release series! If you build Tor from source, you can download the source code for 0.4.0.5 on the website. Packages should be available within the next several weeks, with a new Tor Browser likely later this month.

This is the first stable release in the 0.4.0.x series. It contains improvements for power management and bootstrap reporting, as well as preliminary backend support for circuit padding to prevent some kinds of traffic analysis. It also continues our work in refactoring Tor for long-term maintainability.

New Release: Tor 0.4.0.4-rc

by nickm | April 11, 2019

Tor 0.4.0.4-rc is the first release candidate in its series; it fixes several bugs from earlier versions, including some that had affected stability, and one that prevented relays from working with NSS.

New release: Tor 0.4.0.3-alpha

by nickm | March 22, 2019

There's a new alpha release available for download. If you build Tor from source, you can download the source code for 0.4.0.3-alpha from the usual place on the website. Packages should be available over the coming weeks, with a new alpha Tor Browser release some time in the coming weeks.

Remember, this is an alpha release: you should only run this if you'd like to find and report more bugs than usual.

Tor 0.4.0.3-alpha is the third in its series; it fixes several small bugs from earlier versions.

Changes in version 0.4.0.3-alpha - 2019-03-22

  • Minor features (address selection):
    • Treat the subnet 100.64.0.0/10 as public for some purposes; private for others. This subnet is the RFC 6598 (Carrier Grade NAT) IP range, and is deployed by many ISPs as an alternative to RFC 1918 that does not break existing internal networks. Tor now blocks SOCKS and control ports on these addresses and warns users if client ports or ExtORPorts are listening on a RFC 6598 address. Closes ticket 28525. Patch by Neel Chauhan.
  • Minor features (geoip):
    • Update geoip and geoip6 to the March 4 2019 Maxmind GeoLite2 Country database. Closes ticket 29666.