Tor Browser 4.5.2 is released

A new release for the stable Tor Browser is available from the Tor Browser Project page and also from our distribution directory.

Tor Browser 4.5.2 provides a fix for the Logjam attack ( and updates a number of Tor Browser components: Tor to version, Torbutton to version, NoScript to version and HTTPS-Everywhere to version 5.0.5. Moreover, it fixes a possible crash on Linux and avoids breaking the Add-ons page if Torbutton is disabled.

Here is the complete changelog since 4.5.1:

  • All Platforms
    • Update Tor to
    • Update OpenSSL to 1.0.1n
    • Update HTTPS-Everywhere to 5.0.5
    • Update NoScript to
    • Update Torbutton to
      • Bug 15984: Disabling Torbutton breaks the Add-ons Manager
      • Bug 14429: Make sure the automatic resizing is disabled
      • Translation updates
    • Bug 16130: Defend against logjam attack
    • Bug 15984: Disabling Torbutton breaks the Add-ons Manager
  • Linux
    • Bug 16026: Fix crash in GStreamer
    • Bug 16083: Update comment in start-tor-browser

Tor is released.

Hi! I've just put out a new stable Tor release. It is not a high-urgency item for most clients and relays, but directory authorities should upgrade, as should any clients who rely on port-based circuit isolation. Right now, the source is available on the website, and packages should become available once their maintainers build them.

Tor fixes a regression in the circuit isolation code, increases the requirements for receiving an HSDir flag, and addresses some other small bugs in the systemd and sandbox code. Clients using circuit isolation should upgrade; all directory authorities should upgrade.

Changes in version - 2015-06-11

  • Major bugfixes (client-side privacy):
    • Properly separate out each SOCKSPort when applying stream isolation. The error occurred because each port's session group was being overwritten by a default value when the listener connection was initialized. Fixes bug 16247; bugfix on Patch by "jojelino".
  • Minor feature (directory authorities, security):
    • The HSDir flag given by authorities now requires the Stable flag. For the current network, this results in going from 2887 to 2806 HSDirs. Also, it makes it harder for an attacker to launch a sybil attack by raising the effort for a relay to become Stable which takes at the very least 7 days to do so and by keeping the 96 hours uptime requirement for HSDir. Implements ticket 8243.

  read more »

Tor Weekly News — June 11th, 2015

Welcome to the twenty-third issue in 2015 of Tor Weekly News, the weekly newsletter that covers what’s happening in the Tor community.

Blocking-resistant communication through domain fronting

David Fifield, lead developer of the meek pluggable transport, co-authored a paper entitled “Blocking-resistant communication through domain fronting”, the technique that meek (along with other software such as Lantern and Psiphon) uses to ensure that its connections to the Tor network can’t be blocked by a censor without incurring significant collateral damage. The paper is based on the experience of operating domain-fronting systems on the real network. Congratulations to the researchers on this milestone in their project!

David also published the monthly summary of costs incurred by the infrastructure for meek. Rate-limits have now been imposed on some backends in order to keep the operating costs sustainable. This sophisticated pluggable transport is a vital tool for thousands of users in areas that censor all other circumvention systems, so if you know of (or are) a friendly funder looking for a worthy project to support, please let the community know!

The Art of Dissent

Laura Poitras, Pulitzer Prize-winning director of the Academy Award-winning “Citizenfour” and public advocate for Tor and Tails, documented a collaboration between the Tor Project’s Jacob Appelbaum and artist Ai Weiwei — both of them “artists, journalists, dissidents, polymaths — and targets” — involving a “zone of hyper-surveillance”, shredded NSA documents, and several cuddly toy pandas.

Laura’s film is available to view on the New York Times website as part of its “Op-Docs” series, accompanied by an article in which Laura describes her interest in “the way being watched and recorded affects how we act, and how watching the watchers, or counter-surveillance, can shift power”.

More monthly status reports for May 2015

The wave of regular monthly reports from Tor project members for the month of May continued, with reports from Isis Lovecruft (maintaining Tor’s bridge distribution system along with other coding/organizational work), Israel Leiva (leading the GetTor project), Sukhbir Singh (working on Tor Messenger, TorBirdy, and GetTor), and Arlo Breault (also developing Tor Messenger, and maintaining Tor Check).

The Tails team published its monthly report, while George Kadianakis sent out the report for SponsorR, and Arturo Filastò reported on the OONI team’s May progress.

Tor Summer of Privacy Students Donncha O’Cearbhaill and Jesse Victors also sent out their first project status reports.

Miscellaneous news

Giovanni Pellerano announced version 3.1.41 of Tor2web, the tool for non-anonymous connections to onion services from regular browsers. This version of the software allows users to download Tor Browser from any running Tor2web instance, as well as other improvements. See Giovanni’s message for more details.

Donncha O’Cearbhaill published the results of his call for input from onion service operators on the challenges of running high-performance sites and services through a Tor process.

teor published a guide to obtaining a copy of OpenSSL on Mac OS X that is recent enough to build a working copy of Tor.

Thanks to Justaguy for running another mirror of the Tor Project website and software archive!

This issue of Tor Weekly News has been assembled by Harmony and the Tails developers.

Want to continue reading TWN? Please help us create this newsletter. We still need more volunteers to watch the Tor community and report important news. Please see the project page, write down your name and subscribe to the team mailing list if you want to get involved!

Tor Weekly News — June 3rd, 2015

Welcome to the hundredth issue of Tor Weekly News, the weekly newsletter that covers what’s happening in the Tor community.

United Nations Special Rapporteur endorses Tor

David Kaye, the United Nations Special Rapporteur on freedom of opinion and expression, last week issued his first report to the UN Human Rights Council addressing the relationship between secure online communication, the freedom of expression, and regulation of these by States and governments. The report draws on submissions by UN member states as well as advocacy groups and non-governmental organizations, including the Tor Project.

Recognizing that “the ability to search the web, develop ideas and communicate securely may be the only way in which many can explore basic aspects of identity, such as one’s gender, religion, ethnicity, national origin or sexuality”, and that the right to free expression must be protected “especially in situations where it is not only the State creating limitations but also society that does not tolerate unconventional opinions or expression”, the report concludes by encouraging “States, civil society organizations, and corporations” to ”engage in a campaign to bring encryption by design and default to users around the world”.

There can be few clearer endorsements of the Tor Project’s work than this; that it comes in a report to the UNHRC only adds to its significance. David Kaye also identified Tor by name as an example of essential anonymity software in an interview with the Washington Post following the release of his report.

You can read Tor Project board member Wendy Seltzer’s analysis of the report on the Tor blog. Thanks to everyone who contributed to the report in its research phase, and to David Kaye for so eloquently making the case for anonymity online.

Monthly status reports for May 2015

The wave of regular monthly reports from Tor project members for the month of May has begun. Philipp Winter released his report first (for work on Sybil attack detection), followed by reports from Damian Johnson (hacking on Stem and Nyx), Karsten Loesing (for work on Sponsors O & R, Onionoo, Metrics, and CollecTor), Georg Koppen (developing Tor Browser), Jacob Appelbaum (working on outreach), Tom Ritter (for work on Tor Browser and Tor network tools), Griffin Boyce (reporting on several coding projects and research), Nick Mathewson (leading core Tor development, as well as organizational work), David Goulet (on onion service research, code review, and Torsocks development), George Kadianakis (conducting onion service and security research), Juha Nurmi (leading the project and outreach in Finland), Leiah Jansen (creating the Tor Project’s design and branding), Pearl Crescent (developing Tor Browser and Tor Launcher), and Isabela Bagueros (project-managing all of the above).

Colin C. sent out the May report for the Tor help desk, while Isabela sent out a comprehensive core Tor report, and Mike Perry reported on the Tor Browser team’s monthly progress.

Miscellaneous news

Anthony G. Basile announced version 20150531 of Tor-ramdisk, the micro Linux distribution whose only purpose is to host a Tor server in an environment that maximizes security and privacy. This release updates Tor and the Linux kernel, along with other key software.

David Goulet announced the release of Torsocks 2.1.0, featuring support for TCP fast open, outbound localhost connections, saner warning defaults, and more; see the changelog for full details.

Philipp Winter added functionality to sybilhunter, the tool for detecting attempts to take control of a large part of the Tor network, that produces a visualization of similarities between relay descriptors. “Please let me know if you have any suggestions on how to improve the tool or its visualisation”, writes Philipp.

Matthew Finkel updated proposal 237, which concerns making all relays into directory servers by default, to include plans for a NotDir consensus flag, because if the proposal is implemented, relays that do not respond to directory requests will be more unusual (and hence more deserving of a flag) than those that do.

Nick Mathewson sent out a draft of proposal 245, which suggests ways to deprecate the mostly-defunct TAP circuit extension protocol without breaking anything.

Thomas White asked for feedback (via an online survey) on his upcoming shared onion service hosting platform: “The priority and thought behind the service is to enable people who aren’t usually confident, skilled or bothered to go through the process of creating their own hidden service, thus outsourcing the development, deployment and maintainance…to a third party company like mine.”

This issue of Tor Weekly News has been assembled by Harmony.

Want to continue reading TWN? Please help us create this newsletter. We still need more volunteers to watch the Tor community and report important news. Please see the project page, write down your name and subscribe to the team mailing list if you want to get involved!

UN Special Rapporteur: Anonymity Is Gateway to Free Expression

We at the Tor Project have long said that Tor is a technology for free expression. Today, that view was endorsed by UN Special Rapporteur David Kaye in a new report on encryption and anonymity. The report, a close look at international law and its relation to technology, concludes that encryption and anonymity technologies are essential to the protection of human rights to privacy and freedom of expression and opinion:

Encryption and anonymity, separately or together, create a zone of privacy to protect opinion and belief. For instance, they enable private communications and can shield an opinion from outside scrutiny, particularly important in hostile political, social, religious and legal environments. Where States impose unlawful censorship through filtering and other technologies, the use of encryption and anonymity may empower individuals to circumvent barriers and access information and ideas without the intrusion of authorities. Journalists, researchers, lawyers and civil society rely on encryption and anonymity to shield themselves (and their sources, clients and partners) from surveillance and harassment. The ability to search the web, develop ideas and communicate securely may be the only way in which many can explore basic aspects of identity, such as one’s gender, religion, ethnicity, national origin or sexuality. Artists rely on encryption and anonymity to safeguard and protect their right to expression, especially in situations where it is not only the State creating limitations but also society that does not tolerate unconventional opinions or expression.

The report points to the Tor network specifically, noting that anonymity is critical to protect privacy against identification through metadata analysis. "A common human desire to protect one’s identity from the crowd, anonymity may liberate a user to explore and impart ideas and opinions more than she would using her actual identity." In the protection of free expression, anonymity technology is thus a necessary counterpart to encryption, giving the individual the ability to choose both what to say and to whom to reveal that she is saying it.

The Kaye Report recognizes that technologies can be used for harm as well as for good, but that does not mean they may be banned. Rather, human rights law offers a strict framework for evaluation of government-imposed limits: "Restrictions on encryption and anonymity, as enablers of the right to freedom of expression... must be provided for by law; may only be imposed for legitimate grounds; and must conform to the strict tests of necessity and proportionality." That means that legal restrictions must be publicly and transparently legislated, with judicial safeguards on their application; they must be applied narrowly; and they must be proportional to the objectives of the law. "Because anonymity facilitates opinion and expression in significant ways online, States should protect it and generally not restrict the technologies that provide it."

The Tor Project is pleased to have contributed to the report, and we heartily endorse its conclusion:

The use of encryption and anonymity tools and better digital literacy should be encouraged. The Special Rapporteur, recognizing that the value of encryption and anonymity tools depends on their widespread adoption, encourages States, civil society organizations and corporations to engage in a campaign to bring encryption by design and default to users around the world and, where necessary, to ensure that users at risk be provided the tools to exercise their right to freedom of opinion and expression securely.

Tor is recruiting an Executive Administrator (a talented, organized office person)

The Tor Project is evaluating our needs and resources as we transition to a new era and begin our search for a new Executive Director. We have decided that we need better systems for sharing information and coordinating the incredibly diverse work of the Tor community.

We are recruiting an executive administrator to be at the hub of our leadership team. We seek an intuitive problem solver who can impose just the right amount of order on the ways that internal Tor communicates, makes decisions, and generally takes care of business. Our geographically and functionally diverse team has many stakeholders. A person who can step in to build processes, make connections, and provide support from all angles will be essential. The successful applicant will have the ability to translate objectives from diverse teams to a central framework that promotes better communication and support for all.

We hope and expect that applicants from many kinds of backgrounds will apply. We are not likely to find one person who meets all of our criteria for this role, but we recognize that particular strengths will make up for lack of experience in other areas. For example, a strong background in project management within the free and open source software movement might overcome lack of experience in formal office administration. We invite each candidate to make the case for how his or her skill set, knowledge, and attitude would assist in fulfilling the overall objectives of the role.

Please review the posting here: and consider sharing it within your networks. This is a phenomenal opportunity for a motivated, organized professional to make an immediate impact working at the forefront of anonymous and secure communications!

Tor Weekly News — May 28th, 2015

Welcome to the twenty-first issue in 2015 of Tor Weekly News, the weekly newsletter that covers what’s happening in the Tor community.

New faces in the Tor community

Since the beginning of the year, the Tor Project, Inc. has made two exciting new additions to its core team. Kate Krauss is Tor’s new Director of Communications, working with journalists and activists to make sure information about the Tor Project’s work gets to groups in need and to the public at large. She has two decades’ worth of experience in non-profit communications and outreach, earned at pioneering AIDS advocacy groups ACT UP and the AIDS Policy Project, and has also contributed to projects working against censorship and surveillance.

Isabela Bagueros is Tor’s new Project Manager, coordinating the numerous moving parts of Tor’s research, development, and outreach activities, and ensuring smooth interaction between funders, developers, users, and other communities. An active member of the free software community both in Brazil and internationally, she contributed to the migration of Brazilian government IT systems to free software, and has spent the last four years working on growth and internationalization at Twitter. See the press release on the Tor blog to learn more about Kate and Isabela, and the experience they bring to Tor.

Another newly-launched collaboration is that between the Tor Project and Sue Gardner, former executive director of the Wikimedia Foundation and award-winning activist for Internet freedom, transparency, and investigative journalism. Sue will be expanding on her recent informal advisory role to help develop a long-term organizational strategy for Tor; this will involve public consultations with members of the Tor Project and the wider Tor community “to develop a plan for making Tor as effective and sustainable as it can be”, as Roger Dingledine wrote on the Tor blog. Thanks to First Look Media for making this project possible!

These new relationships are already bearing fruit in many areas of Tor’s day-to-day operation. More new arrivals are expected in the near future, too: while the board of directors handles the process of transitioning to a new Executive Director following the departure of Andrew Lewman, the Tor Project is looking for an Executive Administrator to help meet its administrative and organizational needs in a time of rapid growth and development. If this sounds like something you want to be in on, please see the job description for the full details and instructions for applying.

Miscellaneous news

Nick Mathewson explained what the recently-disclosed “Logjam”/“weakdh” attack against SSL might mean for Tor. In short: not a lot, but you should take it as an opportunity to update Tor and OpenSSL if you haven’t done so already. See Nick’s post for the technical explanation.

Damian Johnson published a tutorial covering techniques for fine-grained handling of Tor circuits and streams using the Stem controller library.

Donncha O’Cearbhaill, one of the students in Tor’s first-ever Summer of Privacy program, introduced his project for the summer — improving the resilience and scalability of Tor onion services — and asked for feedback from onion service operators concerning “the use-cases, priorities and limitations for people who are experiencing the current limitations of the onion service subsystem”.

Arturo Filastò sent out status reports for the OONI team, covering its activities in March and April.

This week in Tor history

A year ago this week, Yawning Angel announced the development of obfs4, a next-generation censorship-circumvention system based on ScrambleSuit but using djb crypto, which (since you asked) means “a combination of Curve25519, Elligator2, HMAC-SHA256, XSalsa20/Poly1305 and SipHash-2-4”. The now-mature obfs4 was recently made the default pluggable transport offered to users requesting bridge relay addresses from the BridgeDB service, and has gained over a thousand regular users since its inclusion in the stable Tor Browser series this time last month.

Also celebrating its one-year anniversary is Micah Lee’s simple onion service-based filesharing tool, OnionShare, whose fans include national security journalists and unnamed Tor Project members

This issue of Tor Weekly News has been assembled by Harmony.

Want to continue reading TWN? Please help us create this newsletter. We still need more volunteers to watch the Tor community and report important news. Please see the project page, write down your name and subscribe to the team mailing list if you want to get involved!

Tor Weekly News — May 22nd, 2015

Welcome to the twentieth issue in 2015 of Tor Weekly News, the weekly newsletter that covers what’s happening in the aleatoric Tor community.

Tor is out

Nick Mathewson announced a new release in the current stable branch of the core Tor software. Tor stops directory authorities from giving the HSDir flag to relays without a DirPort configured, which was causing accessibility problems for some hidden services. It also fixes a bug that could have allowed a Tor client to crash an onion service in a very small number of cases where the service was making use of Tor’s “client authorization” feature.

If you are running one of the Tor network’s nine directory authorities, you should upgrade as soon as possible. If you aren’t one of those people, no urgent action is required.

Tor Browser 4.5.1 and 5.0a1 are out

Mike Perry announced new releases by the Tor Browser team in both the stable and alpha series. Tor Browser 4.5.1 relaxes the “first-party isolation” system slightly, in order to solve some usability issues affecting websites that host their content on several subdomains. In addition, NoScript’s ClearClick anti-clickjacking feature is disabled, as it had been causing frequent false positives, especially on pages serving captchas.

In addition to those fixes, Tor Browser 5.0a1 includes several new privacy-preserving features. The automatic window-resizing feature from 4.5a4 is reintroduced here, and JavaScript’s ability to take precise timings of some activities has been limited, in order to defend against browser fingerprinting attacks.

See Mike’s announcements for full changelogs, download instructions, and advice on reporting any issues you experience. Both releases include important security updates to Firefox, so please upgrade as soon as you can!

Fixing the Tor network’s bandwidth measurement system

When a Tor relay is first set up, it performs a test to estimate its own ability to handle Tor traffic, and then reports this figure to the directory authorities — the so-called “advertised bandwidth”. In the earliest versions of the Tor network, the directory authorities used this advertised value directly when creating the consensus, even though the amount of bandwidth available to relays is sometimes greater or lesser than the reported figure. This led to poor balancing of the traffic load across the Tor network, and to the overwhelming impression that Tor is just “slow”.

In 2009, therefore, Mike Perry introduced the “bandwidth authority” (or “bwauth”) scripts as part of his TorFlow suite of tools. Computers that are configured to run as bwauths regularly scan the relays that make up the Tor network to see if the bandwidth they advertise corresponds to their real capacity. If not, the consensus will adjust the advertised bandwidth up or down to reflect the measurements taken by the bwauths; this adjusted value is the “consensus weight”, and clients using the consensus weight to select their Tor circuits experience much less of the lag that plagued the Tor network in its infancy.

At least, that’s how it should work. For some time, the bwauth scripts have been unmaintained, leading to problems for their operators, and more recently they appear to have broken in a way that is hard to diagnose. As nusenu pointed out, a significant number of Tor relays are now unmeasured, which means that some Tor relay operators are contributing bandwidth which the network is not using in the most efficient way.

In the short term, work is underway to patch up the bwauth scripts so that they can once again scan all the relays in the network: Tom Ritter announced that new bwauths have been brought online to provide the necessary measurements, and the scripts are being investigated to see if differences between consensuses are causing scanners to miss some relays.

A more permanent fix, however, might involve a total rewrite of the bwauth scripts if, as Roger Dingledine suggested, the design itself is flawed. Tor Project contributor Aaron Gibson will hopefully be addressing this issue as part of an upcoming fellowship with OTF, and a number of other research groups are also working towards a more robust design for the bandwidth measurement system.

Be sure to sign up to the tor-relays mailing list for further information. Thanks to all relay operators for their patience while the problem-solving continues!

Stopping onion service DoS attacks by limiting connections

George Kadianakis published an experimental workaround for onion services affected by a newly-discovered denial-of-service attack. “In this attack”, as George explained, “the adversary forces a hidden service to create thousands of connections to its underlying application (e.g. the webserver), which overwhelms both Tor and the underlying application”.

Onion service operators who want to test the fix will need to recompile their Tor from a special git branch, then configure the new settings in their torrc file to set an upper limit on the number of TCP connections a client can make. “Let us know if this works for you, by sending an email to this list, or commenting on the trac ticket. If it works for people, we might incorporate it in a Tor release soon”, wrote George.

What is the value of anonymous communication?

Researchers at Drexel University in Philadelphia are investigating the ways in which Tor users “write blog posts, edit Wikipedia articles, contribute to open source projects on GitHub, post on discussion forums, comment on news articles, Tweet, write reviews, and many other things” as part of their online activity, and whether or not they are inhibited by obstacles such as captchas, IP blacklists, or other blocking mechanisms, as Kate Krauss explained on the Tor blog.

According to Professor Rachael Greenstadt, one of the co-authors: “By understanding the contributions that Tor users make, we can help make a case for the value of anonymity online”.

One of the biggest threats to Tor’s success, as Roger Dingledine wrote last year, is the “siloing” of the Internet caused by the “growing number of websites [that] treat users from anonymity services differently”, so it’s more important than ever to demonstrate the many contributions to online projects made by Tor users. If you are a Tor user and don’t mind sharing your experiences of using Tor to communicate anonymously online, please see Kate’s post for more information on how to participate in the study.

Miscellaneous news

Damian Johnson put out a new release of Stem, the Tor controller library in Python. Stem 1.4 brings another increase in the speed of document parsing (now that descriptors are not validated by default), and includes support for Tor’s new “ephemeral onion service” and descriptor handling features. See Damian’s announcement for the full changelog.

Alec Muffett, the lead engineer behind Facebook’s onion service, contributed some notes on his experiences to a thread about serving the same site as both an onion service and a regular website.

Jesse Victors, one of the students participating in the first-ever Tor Summer of Privacy, explained in greater detail his proposal for “OnioNS”, a method of creating human-memorable yet secure addresses for onion services.

Colin C. sent out the Tor Help Desk report for April.

Thanks to Matt Hoover and spriver for running mirrors of the Tor Project website and software archive!

Micah Lee discovered a bug that is causing OnionShare, the onion service-based file-sharing application, to crash the entire Tor process when run using Tails.

Martin Florian discussed the problems caused by onion services that change their IP address during operation, such as those hosted on mobile devices. “Some logic needs to be included for forgetting about rendevouz points that have failed once…Am I on the right track? Is this a good idea? And how do I forget about RPs?”

This week in Tor history

A year ago this week, Anders Andersson wondered about the problems that Tor would face if the .onion top-level domain (TLD) were to be sold by ICANN for public registration, in the same way as the large number of new “generic” TLDs. This question had already been the subject of a submission to the Internet Engineering Task Force co-authored by the Tor Project’s Jacob Appelbaum, arguing that the .onion suffix should be one of several TLDs set aside for special use by peer-to-peer software.

This week, Jacob and Facebook’s Alec Muffett submitted another Internet-draft to the IETF, specifically requesting the registration of .onion as a special-use TLD now that it is in wide use. If it is approved, the .onion suffix will be reserved for use by Tor, ensuring that no conflicts arise later which might break the onion service naming system or enable attacks on users.

This issue of Tor Weekly News has been assembled by Harmony, Karsten Loesing, and Roger Dingledine.

Want to continue reading TWN? Please help us create this newsletter. We still need more volunteers to watch the Tor community and report important news. Please see the project page, write down your name and subscribe to the team mailing list if you want to get involved!

Syndicate content Syndicate content