Blogs

Tor Weekly News — June 24th, 2015

Welcome to the twenty-fifth issue in 2015 of Tor Weekly News, the weekly newsletter that covers what’s happening in the Tor community.

Adopt an onion with Nos Oignons

Alongside the thousands of individual Tor relay operators who donate their time, expertise, and resources in order to build a fast and stable Tor network, a number of Tor relay organizations (independent of the Tor Project itself) have been set up in several countries. These groups make use of the benefits that formal non-profit status brings — such as funding opportunities, resource pooling, and legal advice — to set up and operate fast, secure Tor relays, and often to represent Tor and Tor users in local-language media. Torservers.net — the Germany-based relay organization and umbrella group for these projects — currently lists fourteen partner organizations in eleven countries, with more on the way.

Nos Oignons, the French Torservers.net partner, runs five high-capacity relays on three machines that together handle a fiftieth of current Tor traffic. The bandwidth for one of these is generously provided by the registrar and hosting company Gandi, but the other two are funded by the organization itself, at a cost of around 300 euros per month. With only three months’ worth of financing left, Nos Oignons is holding its first funding drive to ensure these major relays stay online for the benefit of all Tor users.

If you donate more than 2 euros to Nos Oignons between 15th June and 15th August, you can suggest a name for their next Tor relay. The current set are named after the philosopher Herbert Marcuse, Ursula K. Le Guin’s “Ekumen” universe, and the protagonist of Walter Tevis’ novel “Mockingbird”, so use your imagination! At the end of the fundraiser, three entries will be chosen at random and the team will pick one of them; see the campaign page (or the English announcement) for information on how to take part.

Miscellaneous news

Anthony G. Basile put out version 20150616 of Tor-ramdisk, featuring updates to core software.

meejah announced that txtorcon, the Twisted-based asynchronous Tor controller, now supports David Stainton’s “tor:” endpoint parser. “This means two things: txtorcon now depends on txsocksx, and you can do "client-type" things directly with endpoints”. See meejah’s message for more details.

Jesse Victors published his second Tor Summer of Privacy status report for the OnioNS (Onion Name System) project, detailing further work to decentralize the system and improvements to event logging.

Arturo Filastò published a summary of the costs incurred by OONI’s next-generation data-processing pipeline since March.

Thanks to Ana Lucia Cortez for running a mirror of the Tor Project website and software archive!


This issue of Tor Weekly News has been assembled by Harmony and other contributors.

Want to continue reading TWN? Please help us create this newsletter. We still need more volunteers to watch the Tor community and report important news. Please see the project page, write down your name and subscribe to the team mailing list if you want to get involved!

How We Work

The Tor Project is driven by ideas. We believe in the right to privacy for every person on the planet. Our community—paid and volunteer—brainstorms projects that embody those ideas, like decentralized hidden messaging systems or ingenious new ways to get uncensored Internet access to people in China.

On our public wikis, we make lists of what we need to build these projects—and then we approach potential sponsors with these lists. If we’re lucky, a sponsor will pay to do the project. If not, we may make it for free.

This is true whether the potential sponsor is a government agency or anyone else.

Because of this system, some projects, like hidden services, need more funding, and we are seeking individual contributions to make this technology stronger. One day we hope to build it into many more programs—for instance, phone apps--to make them private and secure by default.

Our diverse, international community includes thousands of men and women inspired by the ideals we share. They work to support Tor and create important tools based on Tor, like Tails and Orbot (there are at least a dozen of these). Our group includes visionaries who think and talk publicly about the Internet and the future of privacy; among them: @nickm_tor, @ioerror and @RogerDingledine. @aaronsw was one of us.

We will accept no back doors to our software, ever. You can watch @ioerror talk about this at last year’s 31c3 talk in Hamburg. We believe in and build free, open source software—free as in freedom. Tor’s source code is online for everyone to see.

We are proud of our people, our work, and our ideals. We are a human rights organization. We are inventors. Our community is a workshop for the future of privacy tools; maybe even for the future of privacy.

The Tor community is open to newcomers; we hope you will join us.

Tor Weekly News — June 17th, 2015

Welcome to the twenty-fourth issue in 2015 of Tor Weekly News, the weekly newsletter that covers what’s happening in the Tor community.

Tor 0.2.6.9 is out

Nick Mathewson announced a new release in Tor’s current stable series. Version 0.2.6.9 stops relays without the Stable flag from serving as onion service directories, and raises the uptime requirement for the Stable flag itself, which means that any Sybil attacks launched against the network will not become effective for at least a week. This change only affects the Tor network’s nine directory authorities, most of whom have already upgraded.

The other significant fix in this release concerns port-based isolation of client requests, which now functions properly; if you make use of this feature in your standalone Tor client, then please upgrade as soon as possible. For other users, writes Nick, this “is not a high-urgency item”.

Tor Browser 4.5.2 and 5.0a2 are out

The Tor Browser team put out new stable and alpha releases of the privacy-preserving browser. As well as updates to key software components, versions 4.5.2 and 5.0a2 both contain fixes for the “Logjam” attack on TLS security - as Nick Mathewson wrote at the time of this vulnerability’s disclosure, the connections between Tor clients and relays were unlikely to have been affected by this attack, but the bug is now fixed in the browser component of Tor Browser as well.

These new releases also fix a possible crash in Linux, and stop the Add-ons page from breaking if Torbutton is disabled. The new alpha further improves meek’s compatibility with the automatic update process on Windows machines.

All users should upgrade their Tor Browser as soon as possible. Your browser might already have prompted you to do this — if not, you can always upgrade by downloading a fresh copy from the Tor website.

The future of GetTor and uncensorable software distribution

The GetTor service offers users who are unable to reach the Tor website an alternative method of downloading Tor Browser: any email sent to gettor@torproject.org will receive an automated reply containing links to file-hosting services (such as Dropbox) for the latest Tor Browser package and its signature.

Israel Leiva, lead developer on the revamped GetTor project since last year’s Google Summer of Code, is back for the first-ever Tor Summer of Privacy to continue expanding the feature set of this tool. As Israel wrote to the tor-dev mailing list, current plans for the summer include the addition of other file-hosting services, Tor Browser localizations, and other distribution methods (including instant messaging and Twitter).

However, it might also be time for a more radical change in the way GetTor works. An official distributor application or browser add-on, available through channels like the OS X or Google Chrome app stores, could automate Tor Browser downloads, as well as the vital but unintuitive process of verifying the signature to ensure the software has not been tampered with. Israel offered two suggestions for the inner workings of such a distributor: one involving a fixed (but potentially blockable) backend API with which the distributor communicates, and one in which a more complex distributor is capable of helping the user download the required software from several different sources.

Some related projects are already underway: the Tails team is discussing the possibility of its own browser add-on for ISO download and verification, while Griffin Boyce pointed to his own Satori project, a distributor application that offers torrent files and content-delivery network (CDN) links. The discussion over the possible GetTor distributor’s relationship with these projects is still to be had.

“I would really love to hear your comments about this idea, my work at Summer of Privacy might change depending on this discussion”, writes Israel. It’s clear that forcing users to depend on “single points of failure” for their software is bad news all round, so if you have worthwhile ideas to add to this discussion, feel free to take them to the tor-dev mailing list thread.

Great progress on Orfox browser

Nathan Freitas, of mobile device security specialists the Guardian Project, reported on the status of Orfox, the Android-compatible Tor Browser build. “The goal is to get as close to the ‘real Tor Browser’ while taking into account the new, unique issues we face on Android”, he wrote. Amogh Pradeep, former Google Summer of Code student and now intern at the Guardian Project, has made significant progress getting the software to build, and you can follow his regular updates on the Orfox development blog. “We expect to have an alpha out this week”, wrote Nathan, “but feel free to jump in on testing of the posted builds, and file bugs or feature requests as you find them”.

A persistent Tor state for Tails?

The Tails team is discussing the possibility of making Tor’s state persist across sessions in the anonymous live operating system. As the team writes on the relevant blueprint page, such a change would have several benefits: not only would Tor’s bootstrap process be faster and more efficient, but it would enable Tails to take advantage of the “entry guards” concept, without which Tails users are more likely to select a malicious entry node at some point over the course of their activity. Moreover, the fact that Tails selects a new entry node on every boot, while Tor Browser does not, allows an adversary to determine whether a user who remains on one network (their home or place of work, for example) is using Tails or not. This would also be solved by a persistent Tor state.

However, this change does of course have some drawbacks. For one thing, although entry guards in Tails would help defend against end-to-end correlation attacks, they enable a certain kind of fingerprinting: if a user makes a connection to an entry guard from their home, and an adversary later observes a connection to the same guard from an event or meeting-place that the user is suspected of attending, the adversary can draw a conclusion about the user’s geographical movement. This violates one of Tails’ threat model principles, which the team calls “AdvGoalTracking”. There are ways that Tails could request location information from the user in order to maintain different entry guards for different locations, but too many requests for information might bamboozle Tails users into accidentally worsening their own security, especially if they do not understand the threat model behind the requests, or it does not apply to them.

What is needed, then, is a balance between “defaults that suit the vast majority of use-cases […] for Tails’ target audience” and helping “users with different needs to avoid becoming less safe ‘thanks’ to this new feature”. The discussion continues on the tails-dev mailing list.

Miscellaneous news

Nick Mathewson recommended that all relay operators upgrade their copies of OpenSSL to fix several issues that could enable remote denial-of-service attacks. As Nick makes clear, this is an “upgrade when you can”-level announcement, rather than a “run in circles freaking out”. Nick also requests that people still using OpenSSL’s 0.9.8 series upgrade to one of the more recent versions, as 0.9.8 contains several security flaws and will not be supported by Tor 0.2.7.2-alpha or later.

Sherief Alaa reported on his activities in May.


This issue of Tor Weekly News has been assembled by Harmony.

Want to continue reading TWN? Please help us create this newsletter. We still need more volunteers to watch the Tor community and report important news. Please see the project page, write down your name and subscribe to the team mailing list if you want to get involved!

Tor Browser 5.0a2 is released

The second alpha release in the 5.0 series of the Tor Browser is now available from our extended downloads page as well as the distribution directory.

This release provides a fix for the Logjam attack (https://weakdh.org/) and updates a number of Tor Browser components: Tor to version 0.2.7.1-alpha, Torbutton to version 1.9.2.7, NoScript to version 2.6.9.26, meek to version 0.19 and HTTPS-Everywhere to version 5.0.5. Moreover, it fixes a possible crash on Linux and avoids breaking the Add-ons page if Torbutton is disabled, and it also fixes an update issue when using meek on Windows systems.

Here is the complete changelog

  • All Platforms
    • Update Tor to 0.2.7.1-alpha
    • Update OpenSSL to 1.0.1n
    • Update HTTPS-Everywhere to 5.0.5
    • Update NoScript to 2.6.9.26
    • Update meek to 0.19
    • Update Torbutton to 1.9.2.7
      • Bug 15984: Disabling Torbutton breaks the Add-ons Manager
      • Bug 14429: Make sure the automatic resizing is enabled
      • Translation updates
    • Bug 16130: Defend against logjam attack
    • Bug 15984: Disabling Torbutton breaks the Add-ons Manager
  • Windows
    • Bug 16014: Staged update fails if meek is enabled
    • Bug 16269: repeated add-on compatibility check after update (meek enabled)
  • Linux
    • Bug 16026: Fix crash in GStreamer
    • Bug 16083: Update comment in start-tor-browser

Tor Browser 4.5.2 is released

A new release for the stable Tor Browser is available from the Tor Browser Project page and also from our distribution directory.

Tor Browser 4.5.2 provides a fix for the Logjam attack (https://weakdh.org/) and updates a number of Tor Browser components: Tor to version 0.2.6.9, Torbutton to version 1.9.2.6, NoScript to version 2.6.9.26 and HTTPS-Everywhere to version 5.0.5. Moreover, it fixes a possible crash on Linux and avoids breaking the Add-ons page if Torbutton is disabled.

Here is the complete changelog since 4.5.1:

  • All Platforms
    • Update Tor to 0.2.6.9
    • Update OpenSSL to 1.0.1n
    • Update HTTPS-Everywhere to 5.0.5
    • Update NoScript to 2.6.9.26
    • Update Torbutton to 1.9.2.6
      • Bug 15984: Disabling Torbutton breaks the Add-ons Manager
      • Bug 14429: Make sure the automatic resizing is disabled
      • Translation updates
    • Bug 16130: Defend against logjam attack
    • Bug 15984: Disabling Torbutton breaks the Add-ons Manager
  • Linux
    • Bug 16026: Fix crash in GStreamer
    • Bug 16083: Update comment in start-tor-browser

Tor 0.2.6.9 is released.

Hi! I've just put out a new stable Tor release. It is not a high-urgency item for most clients and relays, but directory authorities should upgrade, as should any clients who rely on port-based circuit isolation. Right now, the source is available on the website, and packages should become available once their maintainers build them.

Tor 0.2.6.9 fixes a regression in the circuit isolation code, increases the requirements for receiving an HSDir flag, and addresses some other small bugs in the systemd and sandbox code. Clients using circuit isolation should upgrade; all directory authorities should upgrade.

Changes in version 0.2.6.9 - 2015-06-11

  • Major bugfixes (client-side privacy):
    • Properly separate out each SOCKSPort when applying stream isolation. The error occurred because each port's session group was being overwritten by a default value when the listener connection was initialized. Fixes bug 16247; bugfix on 0.2.6.3-alpha. Patch by "jojelino".
  • Minor feature (directory authorities, security):
    • The HSDir flag given by authorities now requires the Stable flag. For the current network, this results in going from 2887 to 2806 HSDirs. Also, it makes it harder for an attacker to launch a sybil attack by raising the effort for a relay to become Stable which takes at the very least 7 days to do so and by keeping the 96 hours uptime requirement for HSDir. Implements ticket 8243.

  read more »

Tor Weekly News — June 11th, 2015

Welcome to the twenty-third issue in 2015 of Tor Weekly News, the weekly newsletter that covers what’s happening in the Tor community.

Blocking-resistant communication through domain fronting

David Fifield, lead developer of the meek pluggable transport, co-authored a paper entitled “Blocking-resistant communication through domain fronting”, the technique that meek (along with other software such as Lantern and Psiphon) uses to ensure that its connections to the Tor network can’t be blocked by a censor without incurring significant collateral damage. The paper is based on the experience of operating domain-fronting systems on the real network. Congratulations to the researchers on this milestone in their project!

David also published the monthly summary of costs incurred by the infrastructure for meek. Rate-limits have now been imposed on some backends in order to keep the operating costs sustainable. This sophisticated pluggable transport is a vital tool for thousands of users in areas that censor all other circumvention systems, so if you know of (or are) a friendly funder looking for a worthy project to support, please let the community know!

The Art of Dissent

Laura Poitras, Pulitzer Prize-winning director of the Academy Award-winning “Citizenfour” and public advocate for Tor and Tails, documented a collaboration between the Tor Project’s Jacob Appelbaum and artist Ai Weiwei — both of them “artists, journalists, dissidents, polymaths — and targets” — involving a “zone of hyper-surveillance”, shredded NSA documents, and several cuddly toy pandas.

Laura’s film is available to view on the New York Times website as part of its “Op-Docs” series, accompanied by an article in which Laura describes her interest in “the way being watched and recorded affects how we act, and how watching the watchers, or counter-surveillance, can shift power”.

More monthly status reports for May 2015

The wave of regular monthly reports from Tor project members for the month of May continued, with reports from Isis Lovecruft (maintaining Tor’s bridge distribution system along with other coding/organizational work), Israel Leiva (leading the GetTor project), Sukhbir Singh (working on Tor Messenger, TorBirdy, and GetTor), and Arlo Breault (also developing Tor Messenger, and maintaining Tor Check).

The Tails team published its monthly report, while George Kadianakis sent out the report for SponsorR, and Arturo Filastò reported on the OONI team’s May progress.

Tor Summer of Privacy Students Donncha O’Cearbhaill and Jesse Victors also sent out their first project status reports.

Miscellaneous news

Giovanni Pellerano announced version 3.1.41 of Tor2web, the tool for non-anonymous connections to onion services from regular browsers. This version of the software allows users to download Tor Browser from any running Tor2web instance, as well as other improvements. See Giovanni’s message for more details.

Donncha O’Cearbhaill published the results of his call for input from onion service operators on the challenges of running high-performance sites and services through a Tor process.

teor published a guide to obtaining a copy of OpenSSL on Mac OS X that is recent enough to build a working copy of Tor.

Thanks to Justaguy for running another mirror of the Tor Project website and software archive!


This issue of Tor Weekly News has been assembled by Harmony and the Tails developers.

Want to continue reading TWN? Please help us create this newsletter. We still need more volunteers to watch the Tor community and report important news. Please see the project page, write down your name and subscribe to the team mailing list if you want to get involved!

Tor Weekly News — June 3rd, 2015

Welcome to the hundredth issue of Tor Weekly News, the weekly newsletter that covers what’s happening in the Tor community.

United Nations Special Rapporteur endorses Tor

David Kaye, the United Nations Special Rapporteur on freedom of opinion and expression, last week issued his first report to the UN Human Rights Council addressing the relationship between secure online communication, the freedom of expression, and regulation of these by States and governments. The report draws on submissions by UN member states as well as advocacy groups and non-governmental organizations, including the Tor Project.

Recognizing that “the ability to search the web, develop ideas and communicate securely may be the only way in which many can explore basic aspects of identity, such as one’s gender, religion, ethnicity, national origin or sexuality”, and that the right to free expression must be protected “especially in situations where it is not only the State creating limitations but also society that does not tolerate unconventional opinions or expression”, the report concludes by encouraging “States, civil society organizations, and corporations” to ”engage in a campaign to bring encryption by design and default to users around the world”.

There can be few clearer endorsements of the Tor Project’s work than this; that it comes in a report to the UNHRC only adds to its significance. David Kaye also identified Tor by name as an example of essential anonymity software in an interview with the Washington Post following the release of his report.

You can read Tor Project board member Wendy Seltzer’s analysis of the report on the Tor blog. Thanks to everyone who contributed to the report in its research phase, and to David Kaye for so eloquently making the case for anonymity online.

Monthly status reports for May 2015

The wave of regular monthly reports from Tor project members for the month of May has begun. Philipp Winter released his report first (for work on Sybil attack detection), followed by reports from Damian Johnson (hacking on Stem and Nyx), Karsten Loesing (for work on Sponsors O & R, Onionoo, Metrics, and CollecTor), Georg Koppen (developing Tor Browser), Jacob Appelbaum (working on outreach), Tom Ritter (for work on Tor Browser and Tor network tools), Griffin Boyce (reporting on several coding projects and research), Nick Mathewson (leading core Tor development, as well as organizational work), David Goulet (on onion service research, code review, and Torsocks development), George Kadianakis (conducting onion service and security research), Juha Nurmi (leading the ahmia.fi project and outreach in Finland), Leiah Jansen (creating the Tor Project’s design and branding), Pearl Crescent (developing Tor Browser and Tor Launcher), and Isabela Bagueros (project-managing all of the above).

Colin C. sent out the May report for the Tor help desk, while Isabela sent out a comprehensive core Tor report, and Mike Perry reported on the Tor Browser team’s monthly progress.

Miscellaneous news

Anthony G. Basile announced version 20150531 of Tor-ramdisk, the micro Linux distribution whose only purpose is to host a Tor server in an environment that maximizes security and privacy. This release updates Tor and the Linux kernel, along with other key software.

David Goulet announced the release of Torsocks 2.1.0, featuring support for TCP fast open, outbound localhost connections, saner warning defaults, and more; see the changelog for full details.

Philipp Winter added functionality to sybilhunter, the tool for detecting attempts to take control of a large part of the Tor network, that produces a visualization of similarities between relay descriptors. “Please let me know if you have any suggestions on how to improve the tool or its visualisation”, writes Philipp.

Matthew Finkel updated proposal 237, which concerns making all relays into directory servers by default, to include plans for a NotDir consensus flag, because if the proposal is implemented, relays that do not respond to directory requests will be more unusual (and hence more deserving of a flag) than those that do.

Nick Mathewson sent out a draft of proposal 245, which suggests ways to deprecate the mostly-defunct TAP circuit extension protocol without breaking anything.

Thomas White asked for feedback (via an online survey) on his upcoming shared onion service hosting platform: “The priority and thought behind the service is to enable people who aren’t usually confident, skilled or bothered to go through the process of creating their own hidden service, thus outsourcing the development, deployment and maintainance…to a third party company like mine.”


This issue of Tor Weekly News has been assembled by Harmony.

Want to continue reading TWN? Please help us create this newsletter. We still need more volunteers to watch the Tor community and report important news. Please see the project page, write down your name and subscribe to the team mailing list if you want to get involved!

Syndicate content Syndicate content