Blogs

Tor Weekly News — July 22nd, 2015

Welcome to the twenty-ninth issue in 2015 of Tor Weekly News, the weekly newsletter that covers what’s happening in the Tor community.

More TSoP status reports

The students in this year’s Tor Summer of Privacy continued work on their respective projects, as their status reports show.

Jesse Victors made significant progress on his DNS-like Onion Naming System (OnioNS) project at the recent onion service development meeting in Washington, DC. Many bugs were fixed and the software is now in a demonstration-ready state. The issue of implementing a global source of randomness, which is important for the next generation of onion services as well as for OnionNS, was also worked on. “The server-to-server communication needs a few bug fixes, but most of that code is in place. As soon as that is complete, I should be about ready for a beta test.”

Israel Leiva sent the first report on his GetTor enhancement project. GetTor now distributes links to copies of Tor Browser hosted on Github as well as Dropbox, and the text of the autoresponder was expanded with more information. Upcoming additions include a Google Drive script, distribution of mirror links, and the promotion of Github to the default download source.

Cristobal Leiva also sent his first report, for the relay web status dashboard project. A prototype UI has been created and development milestones have been prioritized: “Over the next two weeks I’ll be coding the graph and log components”.

Finally, Donncha O’Cearbhaill’s OnionBalance load-balancing system has been enhanced with unit tests, and has received some real-world testing courtesy of s7r .

Exciting progress all round!

Miscellaneous news

The Guardian Project announced new releases of Chatsecure and Orbot. Chatsecure v14.2.0 is “all about squashing bugs, reducing memory and improving network stability”, while Orbot 15.0.3-RC-3 features “overall improvements to system and server stability, improvements to Apps VPN mode support…improved launch and hidden service API for third-party app interaction”, and updates to Tor and OpenSSL.

Anthony G. Basile announced a new release of tor-ramdisk, the micro Linux distribution whose only purpose is to host a Tor server in an environment that maximizes security and privacy. Version 20150714 includes updates to the distribution’s core software.

Nick Mathewson published proposal 248 , which offers a migration path for “finally removing our old Ed25519 keys”.

Following the recent outage of meek-azure, David Fifield published a workaround for those who want to use this backend.

The Tails team is planning a sprint in November, possibly face-to-face, focusing on porting Tails to the current stable release of Debian, Jessie. “If you want to join the fun, let me know. If you’re interested in having a face-to-face sprint to work on this in November, let me know. If these dates don’t work for you, let me know”, wrote intrigeri.

The Intercept’s Micah Lee published a detailed beginner’s guide to secure online chat, including how to configure your chat client to use Tor.

For those who wish the modern world looked more like “Johnny Mnemonic” than “CITIZENFOUR”: you can hear Keanu Reeves narrating an unexpectedly soothing animation about the “Deep Web” and Tor onion services as part of Alex Winter’s upcoming documentary film on the subject.


This issue of Tor Weekly News has been assembled by Harmony.

Want to continue reading TWN? Please help us create this newsletter. We still need more volunteers to watch the Tor community and report important news. Please see the project page, write down your name and subscribe to the team mailing list if you want to get involved!

Tor Weekly News — July 15th, 2015

Welcome to the twenty-eighth issue in 2015 of Tor Weekly News, the weekly newsletter that covers what’s happening in the Tor community.

Caspar Bowden

Caspar Bowden, a leading advocate for many years in the field of civil liberties, and a member of the Tor Project, Inc.’s board of directors, has died after a short illness. As the Tor Project wrote in a statement, Caspar “was a passionate supporter of universal human rights, including the right to privacy”: “The world has lost a voice of tremendous moral courage.”

A Caspar Bowden Legacy Fund has been established “to promote advocacy for privacy as a universal human right and privacy enhancing technologies as one means to protect it”, in accordance with Caspar’s request “that we work to ensure equal protection regardless of nationality”. If you would like to make a contribution to this fund in Caspar’s memory, please see the web page for further details.

The Tor Project launches its search for a new Executive Director

Following the departure of long-time Executive Director Andrew Lewman earlier this year, the Tor Project, Inc. has opened a world-wide search for its new Executive Director. As Wendy Seltzer, a member of the board of directors, writes: “We have engaged The Wentworth Company to help us with the search process, and invite the broader Tor community and friends to share the job posting among your networks. If you are or know a great leader with a passion for anonymous communication and free software, please contact Judy Tabak at Wentworth (judytabak at wentco.com, other contact details in the posting) for more information or to be considered for the job.”

Tor 0.2.6.10 is out

Nick Mathewson put out a new release in the current Tor stable series. Version 0.2.6.10 contains a fix for a regression introduced in 0.2.6.3-alpha that made it difficult for clients to access onion services under certain circumstances — for example, if a hidden service restarts after a client connects, the same client would have been unable to connect again until the next hour. This version also “bulletproofs the cryptography init process, and fixes a bug when using the sandbox code with some older versions of Linux”.

“Everyone running an older version, especially an older version of 0.2.6, should upgrade”, writes Nick. Source code is downloadable from the distribution directory; packages will become available as their packagers package them.

New onion service-related proposals

A gathering of experts in Tor onion service research and development resulted (among other things) in two new Tor proposals for improving the anonymity and efficiency of services hosted inside the Tor network.

John Brooks and George Kadianakis expanded John’s earlier suggestion that the roles of “hidden service directory” and “introduction point” could be merged in the next generation of onion services, into what is now proposal 246. This innovation would simplify the relevant code, reduce load on the network, and limit the number of relays that can observe the service’s activity or serve as a fingerprint for an observer.

George also wrote up draft proposal 247, which tries to prevent “guard discovery attacks” (where an adversary is able to work out which Tor relay is being contacted directly by the target client, thereby allowing them to attack that relay itself and deanonymize the client) by making the attack significantly more costly to perform, using “vanguards”. By enabling a Tor configuration option, the service operator could pin the second and third hops (the “vanguards” in question) of their circuits for a longer period. A would-be attacker is then forced to carry out “a Sybil attack and two coercion attacks” before succeeding, as opposed to the current situation “where the Sybil attack is trivial to pull off, and only a single coercion attack is required”. “I consider this issue very important and any feedback is greatly appreciated”, wrote George.

This is privacy development at the most advanced level, and the waters are very much uncharted: there may be major design flaws, improvements, and counter-arguments lurking up ahead. If this is an area in which you feel you have a contribution to make, by all means take a look at the proposals, and then pitch in on the tor-dev mailing list!

ExoneraTor gets an update

The ExoneraTor service lets you use historical Tor network data to quickly determine whether or not a particular IP address was being used by a public Tor relay on a given date. This is useful if, for example, you’re the administrator of a web service that received malicious traffic on that date, and you want to find out if the IP address will be useful to your investigation of the problem.

After much discussion and feedback on the tor-relays list, Karsten Loesing and Julius Mittenzwei have updated ExoneraTor to offer a simpler, more intuitive service without unnecessary details that might confuse a non-specialist. Searches are now restricted to full days, rather than precise timestamps, to avoid most issues relating to timezone differences (ExoneraTor’s results are given in UTC, and searchers might forget to make adjustments for their local timezone); the form allowing searchers to check whether a relay permitted exit traffic to a target address and port has been replaced by an “Exit” column indicating whether or not any exit traffic was allowed by that relay, again for the sake of simplicity; and the overall look of the service has been streamlined, with clearer, non-technical explanations of Tor and Exonerator, and a translation into German (with more languages planned).

“Please give it a try, including the tricky edge cases where you expect it to break”, wrote Karsten. “And if you have any further feedback,” please send it to the tor-relays mailing list.

The Vegas plan continues to roll out

The “Vegas plan” — a reorganization of Tor’s active contributors into a more focused team-based structure, named after the fair city in which it was developed — continues to roll out, with the Measurement, Community, Networks, and Applications teams holding their first or second IRC meetings this week. Isabela Bagueros, Tor’s project manager, writes: “Keep an eye out for teams’ updates, and for things that can be done better; feedback will be key for making this successful, and that is why we will have a check-in during our next dev meeting. So follow up, participate, bring feedback!”

If you aren’t already working with one of the new teams, and feel you should be, please check in on IRC or the mailing lists, and someone will help direct you to the right place.

Miscellaneous news

The upcoming IETF Meeting in Prague will have a DNS Operations meeting on 20th July that will discuss both the draft proposal to reserve .onion as a special-use domain suffix (about which Tor Weekly News has written before), and other proposals for related projects like I2P and Gnunet. If you're going to Prague, consider attending this meeting and humming in support of reserving .onion and these other domains!

After a hiatus in activity on the tor-mirrors list, Sebastian Hahn updated the file used to build the directory of mirrors on the Tor Project website with changes made in the last few months. “If you notice any unexpected entries or think you should be on the list but aren’t, I’ll check what the problem is.”


This issue of Tor Weekly News has been assembled by Karsten Loesing, Tom Ritter, Wendy Seltzer, Isabela Bagueros, nicoo, and Harmony.

Want to continue reading TWN? Please help us create this newsletter. We still need more volunteers to watch the Tor community and report important news. Please see the project page, write down your name and subscribe to the team mailing list if you want to get involved!

Tor 0.2.6.10 is released

Hi, all! There's a new stable Tor release out, and source code is now available on the website. If you build Tor from source code, you'll want to upgrade. Otherwise, packages should be available reasonably soon.

Remember to check signatures! (See the FAQ for information how)

Tor version 0.2.6.10 fixes some significant stability and hidden service client bugs, bulletproofs the cryptography init process, and fixes a bug when using the sandbox code with some older versions of Linux. Everyone running an older version, especially an older version of 0.2.6, should upgrade.

Changes in version 0.2.6.10 - 2015-07-12

  • Major bugfixes (hidden service clients, stability):
    • Stop refusing to store updated hidden service descriptors on a client. This reverts commit 9407040c59218 (which indeed fixed bug 14219, but introduced a major hidden service reachability regression detailed in bug 16381). This is a temporary fix since we can live with the minor issue in bug 14219 (it just results in some load on the network) but the regression of 16381 is too much of a setback. First-round fix for bug 16381; bugfix on 0.2.6.3-alpha.
  • Major bugfixes (stability):
    • Stop crashing with an assertion failure when parsing certain kinds of malformed or truncated microdescriptors. Fixes bug 16400; bugfix on 0.2.6.1-alpha. Found by "torkeln"; fix based on a patch by "cypherpunks_backup".
    • Stop random client-side assertion failures that could occur when connecting to a busy hidden service, or connecting to a hidden service while a NEWNYM is in progress. Fixes bug 16013; bugfix on 0.1.0.1-rc.

  read more »

Tor Weekly News — July 10th, 2015

Welcome to the twenty-seventh issue in 2015 of Tor Weekly News, the weekly newsletter that covers what’s happening in the Tor community.

Tails 1.4.1 is out

The Tails team announced version 1.4.1 of the anonymous live operating system. Most notable in this release is the fix of automatic upgrades in Windows Camouflage mode, and plugging a hole in Tor Browser’s AppArmor sandbox that previously allowed it to access the list of recently-used files.

For a full list of changes, see the team’s announcement. This release contains important security updates, so head to the download page (or the automatic upgrader) as soon as possible.

Tor Browser 4.5.3 and 5.0a3 are out

The Tor Browser team put out new releases in both the stable and alpha series of the secure, private web browser. Tor Browser 4.5.3 contains updates to Firefox, OpenSSL, NoScript, and Torbutton; it also fixes a crash triggered by .svg files when the security slider was set to “High”, and backports a Tor patch that allows domain names containing underscores (a practice generally discouraged) to resolve properly. For example, users should now be able to view the website of the New York Times without problems.

Tor Browser 5.0a3, meanwhile, is the first release to be based on Firefox 38 ESR. “For this release, we performed a thorough network and feature review of Firefox 38, and fixed the most pressing privacy issues, as well as all Tor proxy safety issues that we discovered during the audit”, wrote Georg Koppen. Changes to the toolchain used to build the browser mean “we are […] especially interested in feedback if there are stability issues or broken Tor Browser bundles due to these toolchain upgrades.

These are important security releases, and you should upgrade to the new version in whichever series you prefer. Head to the download page to get your first copy of Tor Browser, or use the in-browser updater.

Tor unaffected by new OpenSSL security issue

A few days ago, the team behind the essential Internet encryption toolkit OpenSSL announced that a security issue classified as “high” would shortly be disclosed and fixed, leading to concern that another Heartbleed was on the cards. In the event, the now-disclosed CVE-2015-1793 vulnerability does not appear to affect either the Tor daemon or Tor Browser, as Nick Mathewson explained. However, you should still upgrade your OpenSSL as soon as possible, in order to protect the other software you use which may be vulnerable.

OVH is the largest and fastest-growing AS on the Tor network

nusenu observed that the hosting company OVH is both the largest autonomous system on the Tor network by number of relays, and the fastest-growing. While it’s no bad thing to have multiple relays located on the same network, it becomes a problem if any one entity (or someone who watches them closely enough) is able to observe too large a fraction of Tor traffic — they would then be in a position to harm the anonymity of Tor users.

This is what is meant by “diversity” on the Tor network. If you’re considering running a Tor relay, then as nusenu says, “choose non-top 10 ASes when adding relays (10 is an arbitrary number)”. See nusenu’s post for more information on how to select a hosting location for a stronger and more diverse Tor network.

More monthly status reports for June 2015

The wave of regular monthly reports from Tor project members for the month of June continued, with reports from Leiah Jansen (working on graphic design and branding), Georg Koppen (developing Tor Browser), Isabela Bagueros (overall project management), Sukhbir Singh (developing Tor Messenger), Arlo Breault (also working on Tor Messenger, as well as Tor Check), Colin Childs (carrying out support, localization, and outreach), and Juha Nurmi (working on onion service indexing).

Donncha O’Cearbhaill sent his third Tor Summer of Privacy status report with updates about the OnionBalance onion service load-balancing tool, while Jesse Victors did the same for the DNS-like Onion Naming System, and Israel Leiva submitted a status update for the GetTor alternative software distributor, which is also being expanded as part of TSoP, as explained in Israel’s re-introduction of the project. Cristobal Leiva also introduced his TSoP project, a web-based status dashboard for Tor relay operators

Miscellaneous news

David Fifield published the regular summary of costs incurred by the infrastructure for the meek pluggable transport over the past month. “The rate limiting of meek-google and meek-amazon has been partially effective in bringing costs down. […] meek-azure bandwidth use continues to increase, up 17% compared to the previous month. Keep in mind that our grant expires in October, so you should not count on it continuing to work after that.”

Following Donncha O’Cearbhaill’s 0.0.1 alpha release of OnionBalance, s7r called for help putting it to the test on a running onion service. One week on, there have been four million hits on the service, with hardly a murmur of complaint from OnionBalance or the service it is handling: “the same instances are running since service first started, no reboot or application restart”. See s7r’s post for more numbers.


This issue of Tor Weekly News has been assembled by the Tails team, Karsten Loesing, teor, and Harmony.

Want to continue reading TWN? Please help us create this newsletter. We still need more volunteers to watch the Tor community and report important news. Please see the project page, write down your name and subscribe to the team mailing list if you want to get involved!

Preliminary analysis of Hacking Team's slides

A few weeks ago, Hacking Team was bragging publicly about a Tor Browser exploit. We've learned some details of their proposed attack from a leaked powerpoint presentation that was part of the Hacking Team dump.

The good news is that they don't appear to have any exploit on Tor or on Tor Browser. The other good news is that their proposed attack doesn't scale well. They need to put malicious hardware on the local network of their target user, which requires choosing their target, locating her, and then arranging for the hardware to arrive in the right place. So it's not really practical to launch the attack on many Tor users at once.

But they actually don't need an exploit on Tor or Tor Browser. Here's the proposed attack in a nutshell:

1) Pick a target user (say, you), figure out how you connect to the Internet, and install their attacking hardware on your local network (e.g. inside your ISP).

2) Wait for you to browse the web without Tor Browser, i.e. with some other browser like Firefox or Chrome or Safari, and then insert some sort of exploit into one of the web pages you receive (maybe the Flash 0-day we learned about from the same documents, or maybe some other exploit).

3) Once they've taken control of your computer, they configure your Tor Browser to use a socks proxy on a remote computer that they control. In effect, rather than using the Tor client that's part of Tor Browser, you'll be using their remote Tor client, so they get to intercept and watch your traffic before it enters the Tor network.

You have to stop them at step two, because once they've broken into your computer, they have many options for attacking you from there.

Their proposed attack requires Hacking Team (or your government) to already have you in their sights. This is not mass surveillance — this is very targeted surveillance.

Another answer is to run a system like Tails, which avoids interacting with any local resources. In this case there should be no opportunity to insert an exploit from the local network. But that's still not a complete solution: some coffeeshops, hotels, etc will demand that you interact with their local login page before you can access the Internet. Tails includes what they call their 'unsafe' browser for these situations, and you're at risk during that brief period when you use it.

Ultimately, security here comes down to having safer browsers. We continue to work on ways to make Tor Browser more resilient against attacks, but the key point here is that they'll go after the weakest link on your system — and at least in the scenarios they describe, Tor Browser isn't the weakest link.

As a final point, note that this is just a powerpoint deck (probably a funding pitch), and we've found no indication yet that they ever followed through on their idea.

We'll update you with more information if we learn anything further. Stay safe out there!

Tor Project Launches World-wide Search for New Executive Director

The Tor Project is pleased to open a world-wide search for our new Executive Director. We have engaged The Wentworth Company to help us with the search process, and invite the broader Tor community and friends to share the job posting (reproduced below) among your networks. Please contact Judy Tabak, contact information below, for more information or to be considered for the job.

Thanks!


The Tor Project, one of the world’s strongest advocates for privacy and anonymous, open communications is currently seeking an experienced Executive Director to take the helm. The new Executive Director will spearhead key initiatives to make the organization even more robust in its work to advance human rights and freedoms by creating and deploying anonymity and privacy technologies, advancing their scientific and popular understanding, and encouraging their use.

The Position

The position provides the high-profile opportunity to assume the voice and face of Tor to the world, and particularly to the global community of Internet organizations dedicated to maintaining a stable, secure and private Internet. In this position, the successful candidate will be able to exercise their deep leadership experience to manage a virtual team of culturally diverse volunteer developers. The candidate will have the opportunity to draw support from their stature in the wider community of Internet privacy foundations and activist organizations to advance external development initiatives.

The Organization

Founded in 2006, this 501(c)(3) research NGO provides free software that enables anonymous Internet communication world-wide. Tor’s mission is to return control over Internet security and privacy to users. Tor’s members, users, and sponsors include governmental and nongovernmental organizations, the US Navy, Indymedia, Electronic Frontier Foundation, journalists and media organizations, corporations and law enforcement organizations.

The original Tor design paper won the Usenix Security "Test of Time" award in 2014. The Tor Project won the EFF's Pioneer Award in 2013, and the Free Software Foundation's Award for Projects of Social benefit in 2010.

The Ideal Candidate

The ideal candidate will dive head first into the activities of advocacy for the Internet privacy movement. They will enjoy exercising their strong network of connections in fundraising efforts. They will take satisfaction in establishing a highly collaborative and productive culture in a volunteer-driven, virtual organization and will appreciate the opportunity to build consensus among diverse cultural groups as they all work toward the common mission and goal. The successful candidate will have a passion for the ideals behind Internet privacy and welcome the opportunity to make strides for the cause to establish anonymous Internet communications.

The Opportunity

The successful candidate will welcome the opportunity to create an organizational culture that builds conditions and infrastructures vital for Tor’s continued success and relevance to the cause. This is a chance to be known for leadership agility at the helm of an organization on the forefront of the drive to enable free, private, non-censored Internet communication for people everywhere.

The Compensation

As leader of the Tor team, the successful candidate receives a highly competitive compensation package.

If you know someone who might be interested, please contact, or ask them to contact:
Judy Tabak
The Wentworth Company
479 West Sixth Street, San Pedro, CA 90731
(310) 732-2321
JudyTabak@wentco.com
Wentworth ReqID: 67528129

Tor Browser 5.0a3 is released

The Tor Browser Team is proud to announce the first alpha released based on Firefox 38 ESR.

As such, this release features many updates to Firefox (including several security updates), as well as to our build system and dependencies. For this release, we performed a thorough network and feature review of Firefox 38, and fixed the most pressing privacy issues, as well as all Tor proxy safety issues that we discovered during the audit.

We also updated our toolchain on OS X to use the OS X 10.7 SDK. For Linux and Windows we switched to GCC 5.1 as our new (cross)-compiler. We are therefore especially interested in feedback if there are stability issues or broken Tor Browser bundles due to these toolchain upgrades.

Besides Firefox 38 and build system changes, we also updated several components. Most notably, we bumped OpenSSL to version 1.0.1o, NoScript to version 2.6.9.27 and Torbutton to version 1.9.3.0. Included as well is a backported Tor patch to improve usability on websites, and we fixed a crash bug impacting users with the security slider level set to "High".

Here is the complete changelog since 5.0a2

  • All Platforms
    • Update Firefox to 38.1.0esr
    • Update OpenSSL to 1.0.1o
    • Update NoScript to 2.6.9.27
    • Update meek to 0.20
    • Update Torbutton to 1.9.3.0
      • Bug 16403: Set search parameters for Disconnect
      • Bug 14429: Make sure the automatic resizing is enabled
      • Bug 16427: Use internal update URL to block updates (instead of
        127.0.0.1)

      • Bug 16200: Update Cache API usage and prefs for FF38
      • Bug 16357: Use Mozilla API to wipe permissions db
      • Translation updates
    • Update Tor Launcher to 0.2.6.7
      • Bug 16428: Use internal update URL to block updates (instead of
        127.0.0.1)

      • Bug 15145: Visually distinguish "proxy" and "bridge" screens.
      • Translation updates
    • Bug 16430: Allow DNS names with _ characters in them (fixes
      nytimes.com) (Tor patch backport)

    • Bug 13247: Fix meek profile error after bowser restarts
    • Bug 16397: Fix crash related to disabling SVG
    • Bug 16403: Set search parameters for Disconnect
    • Bug 16446: Update FTE bridge #1 fingerprint
    • Bug 15646: Prevent keyboard layout fingerprinting in KeyboardEvent
    • Bug 16005: Relax WebGL minimal mode
    • Bug 16300: Isolate Broadcast Channels to first party
    • Bug 16439: Remove Roku screencasting code
    • Bug 16285: Disabling EME bits
    • Bug 16206: Enforce certificate pinning
    • Bug 13670: Isolate OCSP requests by first party domain
    • Bug 16448: Isolate favicon requests by first party
    • Bug 7561: Disable FTP request caching
    • Bug 6503: Fix single-word URL bar searching
    • Bug 15526: ES6 page crashes Tor Browser
    • Bug 16254: Disable GeoIP-based search results
    • Bug 16222: Disable WebIDE to prevent remote debugging and addon
      downloads.

    • Bug 13024: Disable DOM Resource Timing API
    • Bug 16340: Disable User Timing API
    • Bug 14952: Disable HTTP/2
  • Mac OS
    • Use OSX 10.7 SDK
    • Bug 16253: Tor Browser menu on OS X is broken with ESR 38
  • Build System
    • Bug 16351: Upgrade our toolchain to use GCC 5.1
    • Bug 15772 and child tickets: Update build system for Firefox 38

Tor Browser 4.5.3 is released

A new release for the stable Tor Browser is available from the Tor Browser Project page and also from our distribution directory.

Tor Browser 4.5.3 is based on Firefox ESR 31.8.0, which features important security updates to Firefox.

Moreover, it contains an updated OpenSSL, NoScript and Torbutton, a fix for a crash bug visible with the security slider level set to "High" and a backport of a Tor patch to improve usability on websites.

Here is the complete changelog since 4.5.2:

  • All Platforms
    • Update Firefox to 31.8.0esr
    • Update OpenSSL to 1.0.1o
    • Update NoScript to 2.6.9.27
    • Update Torbutton to 1.9.2.8
      • Bug 16403: Set search parameters for Disconnect
      • Bug 14429: Make sure the automatic resizing is disabled
      • Translation updates
    • Bug 16397: Fix crash related to disabling SVG
    • Bug 16403: Set search parameters for Disconnect
    • Bug 16446: Update FTE bridge #1 fingerprint
    • Bug 16430: Allow DNS names with _ characters in them (fixes
      nytimes.com) (Tor patch backport)
Syndicate content Syndicate content