Blogs

Tor Browser Bundle 3.0beta1 Released

The first beta release in the 3.0 series of the Tor Browser Bundle is now available from the Tor Package Archive:
https://archive.torproject.org/tor-package-archive/torbrowser/3.0b1/

This release includes important security updates to Firefox, as well as a fix for a startup crash bug on Windows XP.

This release also reorganizes the bundle directory structure to simplify implementation of the FIrefox updater in future releases. This means that extracting the bundle over previous installation will likely not preserve your preferences or bookmarks, and may cause other issues.

This release has also introduced a build reproducibility issue on Windows, hence it is signed only by two keys. We should have this issue fixed by the next beta.

Here is the complete ChangeLog:

  • All Platforms:
    • Update Firefox to 17.0.10esr
    • Update NoScript to 2.6.8.2
    • Update HTTPS-Everywhere to 3.4.2
    • Bug #9114: Reorganize the bundle directory structure to ease future autoupdates
    • Bug #9173: Patch Tor Browser to auto-detect profile directory if launched without the wrapper script.
    • Bug #9012: Hide Tor Browser infobar for missing plugins.
    • Bug #8364: Change the default entry page for the addons tab to the installed addons page.
    • Bug #9867: Make flash objects really be click-to-play if flash is enabled.
    • Bug #8292: Make getFirstPartyURI log+handle errors internally to simplify caller usage of the API
    • Bug #3661: Remove polipo and privoxy from the banned ports list.
    • misc: Fix a potential memory leak in the Image Cache isolation
    • misc: Fix a potential crash if OS theme information is ever absent
    • Update Tor-Launcher to 0.2.3.1-beta
      • Bug #9114: Handle new directory structure
      • misc: Tor Launcher now supports Thunderbird
    • Update Torbutton to 1.6.4
      • Bug #9224: Support multiple Tor socks ports for about:tor status check
      • Bug #9587: Add TBB version number to about:tor
      • Bug #9144: Workaround to handle missing translation properties
  • Windows:
    • Bug #9084: Fix startup crash on Windows XP.
  • Linux:
    • Bug #9487: Create detached debuginfo files for Linux Tor and Tor Browser binaries.

Tor Weekly News — November 6th, 2013

Welcome to the nineteenth issue of Tor Weekly News, the weekly newsletter that covers what is happening in the up-to-date Tor community.

Tails 0.21 is out

The Tails developers anounced the 34th release of the live system based on Debian and Tor that preserves the privacy and anonymity of its users.

The new version fixes two holes that gave too much power to the POSIX user running the desktop: Tor control port cannot be directly accessed anymore to disallow configuration changes and IP address retrieval, and the persistence settings now requires privileged access. On top of these specific changes, the release include security fixes from the Firefox 17.0.10esr release and for a few other Debian packages.

More visible improvements include the ability to persist printer settings, support for running from more SD card reader types, and a panel launcher for the password manager. For the curious, more details can be found in the full changelog.

As with every releases: be sure to upgrade!

New Tor Browser Bundles based on Firefox 17.0.10esr

Erinn Clark released new versions of the Tor Browser Bundle on November 1st. The previously “beta” bundles have moved to the “release candidate” stage and are almost identical to the stable ones, except for the version of the tor daemon. A couple of days later, David Fifield also released updated “pluggable transport“ bundles.

The new bundles include all security fixes from Firefox 17.0.10esr, and updated versions of libpng, NoScript and HTTPS Everywhere. It also contains a handful of improvements and fixes to the Tor Browser patches.

Users of older version of the Tor Browser bundles should already have been reminded to upgrade by the notification system. Don't forget about it!

This should be the last bundles based on the 17 branch of Firefox as it is going to be superseded by the 24 branch as the new long-term supported version in 6 weeks. Major progress has already been made by Mike Perry and Pearl Crescent to update the Tor Browser changes and review the new code base.

Monthly status reports for October 2013

The wave of regular monthly reports from Tor project members for the
month of October has begun early this time to reach the tor-reports
mailing-list: Damian Johnson, Linus Nordberg, Karsten Loesing, Philipp Winter, Ximin Luo, Lunar, Kelley Misata, Matt Pagan, Sherief Alaa, Nick Mathewson, Pearl Crescent, George Kadianakis, Colin Childs, Arlo Breault, and Sukhbir Singh.

Tor Help Desk Roundup

One person asked why the lock icon on the Tor Project's website was not outlined in green. Sites that use HTTPS can purchase different types of SSL certificates. Some certificate issuers offer certificates that supply ownership information, such as the physical address of the website operator, for a higher price. Sites that use these certificates get the lock icon by their URL outlined in green. The Tor Project adds protection to the validity of our SSL certificate a different way, by supplying our SSL certificate fingerprint on our FAQ page. You can double check that fingerprint on any of the Tor Project's mirror pages as well.

One person wanted to known why a website they were visiting over Firefox was telling them that they were not using Tor, even though Vidalia told them that Tor was running. By default, the Tor Browser Bundle does not anonymize all the traffic on your computer. Only the traffic you send through the Tor Browser Bundle will be anonymized. If you have Firefox and the Tor Browser open at the same time, the traffic you send through Firefox will not be anonymous. Using Firefox and Tor Browser Bundle at the same time is not a great idea because the two interfaces are almost identical, and it is easy to get the two browsers mixed up, even if you know what you are doing.

Miscellaneous news

The third beta release of TorBirdy has been released as version 0.1.2. Among several other fixes and improvements it restores proper usage of Tor when used with Thunderbird 24. Be sure to upgrade!

starlight reported on running a Tor relays with the daemon compiled with the AddressSanitizer memory error detector available since GCC 4.8.

Isis Lovecruft has sent two proposals for improvements to BridgeDB. One is finished and addresses the switch to a “Distributed Database System and RDBMS”. The second is still in draft stage and “specifies a system for social distribution of the centrally-stored bridges within BridgeDB”.

Karsten Loesing announced the availability of a new tech report he wrote with Steven J. Murdoch, and Rob Jansen: Evaluation of a libutp-based Tor Datagram Implementation. Be sure to have a look if you are interested in one of the “promising approach to overcome Tor’s performance-related problems”.

SiNA Rabbani has been asking for comments on two documents he wrote about how use cases and design of a “point-and-click” hidden service blogging tool, as part of the Cute Otter project.

David Goulet released third rc of Torsocks 2.0.0 with a lot of fixes and improvements. Available to download from GitHub and also as Debian package from the experimental distribution.

Christian is working on a new round of improvements for Globe, a web application to learn about relays and bridges of the Tor network. The project seems close to be mature enough to replace Atlas according to some.

A discussion on the tor-relays mailing list prompted Roger Dingledine to ask about changing the current default exit policy of the tor daemon. The current “restricted exit node” policy has been in place since 2003. As this has surprised some operators, switching the default policy to “middle node” is under consideration.


This issue of Tor Weekly News has been assembled by Lunar, dope457, Matt Pagan, and Philipp Winter.

Want to continue reading TWN? Please help us create this newsletter. We still need more volunteers to watch the Tor community and report important news. Please see the project page, write down your name and subscribe to the team mailing list if you want to get involved!

Pluggable transports bundles 2.4.17-rc-1-pt1 with Firefox 17.0.10esr

There are new Pluggable Transports Tor Browser Bundles with Firefox 17.0.10esr. They are made from the Tor Browser Bundle release of November 1.

The OS X bundle won't work in the new OS X Mavericks by default. It is caused by some changes in the new operating system release. We know about this problem and are working on fixing it. If you are an affected user, you can try this workaround of placing absolute paths in the torrc file.

The bundles contain flash proxy and obfsproxy configured to run by default. If you want to use flash proxy, you will have to take the extra steps listed in the flash proxy howto.

These bundles contain the same hardcoded obfs2 bridge addresses as the previous bundles which may work for some jurisdictions but you are strongly advised to get new bridge addresses from BridgeDB.

TorBirdy: 0.1.2 - Our third beta release!

TorBirdy 0.1.2 is out! All users are encouraged to upgrade as soon as possible, especially if you are using Thunderbird 24.

Notable changes in this release include:

0.1.2, 04 Nov 2013

  • New options:
    • restore default TorBirdy settings
    • toggle checking of new messages automatically for all accounts
  • The minimum version of Thunderbird we now support is 10.0 (closes #9569)
  • `--throw-keyids' is now disabled by default (closes #9648)
  • We are no longer forcing Thunderbird updates (closes #8341)
  • Add support for Thunderbird 24 (Gecko 17+) (closes #9673)
  • Enhanced support for Thunderbird chat
  • We have a new TorBirdy logo. Thanks to Nima Fatemi!
  • Improved documentation:
  • Add new translations and updated existing ones
    • Please see the Transifex page for more information and credits

We offer two ways to install TorBirdy -- either by visiting our website (sig) or by visiting the Mozilla Add-ons page for TorBirdy. Note that there may be a delay -- which can range from a few hours to days -- before the extension is reviewed by Mozilla and updated on the Add-ons page.

As a general anonymity and security note: we are still working on two known anonymity issues with Mozilla. Please make sure that you read the Before Using TorBirdy and Known TorBirdy Issues sections on the wiki before using TorBirdy.

We had love help with translations, programming or anything that you think will improve TorBirdy!

New Tor Browser Bundles with Firefox 17.0.10esr

Firefox 17.0.10esr has been released with several security fixes and all of the Tor Browser Bundles have been updated. All users are encouraged to upgrade.

https://www.torproject.org/projects/torbrowser.html.en#downloads

Tor Browser Bundle (2.3.25-14)

  • Update Firefox to 17.0.10esr
    https://www.mozilla.org/security/known-vulnerabilities/firefoxESR.html#f...
  • Update LibPNG to 1.6.6
  • Update NoScript to 2.6.8.4
  • Update HTTPS-Everywhere to 3.4.2
  • Firefox patch changes:
    • Hide infobar for missing plugins. (closes: #9012)
    • Change the default entry page for the addons tab to the installed addons page. (closes: #8364)
    • Make flash objects really be click-to-play if flash is enabled. (closes: #9867)
    • Make getFirstPartyURI log+handle errors internally to simplify caller usage of the API. (closes: #3661)
    • Remove polipo and privoxy from the banned ports list. (closes: #3661)
    • misc: Fix a potential memory leak in the Image Cache isolation
    • misc: Fix a potential crash if OS theme information is ever absent

Tor Browser Bundle (2.4.17-rc-1)

  • Update Firefox to 17.0.10esr
    https://www.mozilla.org/security/known-vulnerabilities/firefoxESR.html#f...
  • Update LibPNG to 1.6.6
  • Update NoScript to 2.6.8.4
  • Downgrade HTTPS-Everywhere to 3.4.2 in preparation for this becoming the stable bundle
  • Firefox patch changes:
    • Hide infobar for missing plugins. (closes: #9012)
    • Change the default entry page for the addons tab to the installed addons page. (closes: #8364)
    • Make flash objects really be click-to-play if flash is enabled. (closes: #9867)
    • Make getFirstPartyURI log+handle errors internally to simplify caller usage of the API. (closes: #3661)
    • Remove polipo and privoxy from the banned ports list. (closes: #3661)
    • misc: Fix a potential memory leak in the Image Cache isolation
    • misc: Fix a potential crash if OS theme information is ever absent

Tor Weekly News — October 30th, 2013

Welcome to the eighteenth issue of Tor Weekly News, the weekly newsletter that covers what is happening in the Tor community.

A few highlights from this year’s Google Summer of Code

The Google Summer of Code 2013 program is over since the end of September. While Nick, Moritz and Damian attended the GSoC Mentor Summit at Google’s main campus last week, here are a few highlights from three of the five projects that were carried through the summer.

Robert worked on enhancing Tor’s Path Selection algorithm. The enhancement uses active measurements of the Round-Trip-Time of Tor circuits. Rejecting the slowest circuits will improve the average latency of Tor circuits. The results of this work will hopefully be integrated into Tor 0.2.5.x and should then be usable by users. Robert wrote: “Working with the Tor community is very encouraging since there are highly skilled and enthusiastic people around. I am really happy to have made that decision and can definitely recommend doing so to others.”

Johannes Fürmann created a censorship simulation tool that facilitates testing of applications in a simulated network which can be configured and extended to behave like censorship infrastructure in various countries. EvilGenius can be used to do automated “smoke testing”, i.e. find out if code still works properly if a node in the network manipulates traffic in different ways. Other than that, it can be used to automatically test decentralized network applications. “Overall, working with Tor was a great experience and I hope to be able to work with the Tor community again” said Johannes.

Kostas Jakeliūnas worked on creating a searchable and scalable Tor Metrics data archive. This required implementing a Tor relay consensus and descriptor search backend that can encompass most of the archival data available (as of now, the currently running backend covers relays from 2008 up until now).

Those curious to browse Tor relay archives — searching for a needle in the very large haystack or just looking around — might enjoy playing with the current test platform. It can run powerful queries on the large dataset without query parameter/span restrictions. Many use cases are supported — for example, since the newest consensus data is always available, the backend can be used in an ExoneraTor-like fashion.

Together with Karsten Loesing, Kostas hopes to integrate this system with the current Onionoo, hopefully further empowering (and eventually simplifying) the overall Tor Metrics ecosystem.

Kostas described the project as “an interesting and challenging one — a lot of work […] to make it robust and truly scalable.” He also added: “Working with Tor was a great experience: I found the developer community to be welcoming indeed, comprised of many people who are professionals in their field. It should be noted that where there are interesting problems and a clear cause, great people assemble.”

Collecting data against network level adversaries

“The anonymity of a connection over Tor is vulnerable to an adversary who can observe it in enough places along its route. For example, traffic that crosses the same country as it enters and leaves the Tor network can potentially be deanonymized by an authority in that country who can monitor all network communication.” Karsten Loesing, Anupam Das, and Nikita Borisov began their call for help to Tor relay operators by stating a problem that has recently attracted some interest by the research community.

The question “which part of the Internet does a Tor relay lie in” is easy enough to answer, but “determining routes with high confidence has been difficult“ so far. The best source of information could come from the relay operators, as Karsten et al. wrote: “To figure out where traffic travels from your relay, we’d like you to run a bunch of ‘traceroutes’ — network measurements that show the paths traffic takes.”

This one-time experiment — for now — is meant to be used by “several researchers, but the leads are Anupam Das, a Ph.D. student at the University of Illinois at Urbana-Champaign, and his advisor Nikita Borisov.”

In order to participate, shell scripts are available which automate most of the process. They have been reviewed with care from several members of the Tor community and are available from a Git repository. Since their initial email, Anupam Das has assembled a FAQ regarding scope, resource consumption, and other topics.

Be sure to run the scripts if you can. As Karsten, Anupam, and Nikita concluded, “with your help, we will keep improving to face the new challenges to privacy and freedom online.”

Tor Help Desk Roundup

Using the Tor Browser Bundle is still proving to be tricky for many Ubuntu users who upgraded from Ubuntu 13.04 to 13.10. The commonly reported error is that users cannot enter text in any of the browser’s text fields, including the URL and search bars. So far this problem appears to be resolved by removing ibus with apt-get before running the Tor Browser. Users who need ibus can try running `export GTK_IM_MODULE=xim`, as documented in Trac ticket #9353.

Miscellaneous news

David Goulet is asking for a final round of reviews of his rewrite of torsocks so it can replace the old implementation. Lunar has updated the package in Debian experimental to encourage testing. A few portability bugs and a deadlock  has already been ironed out in the process.

The next Tails contributor meeting will be held on November 6th. The present agenda has “firewall exceptions for user-run local services”, “decide what kind of questions go into the FAQ”, among other topics.

Matthew Finkel has sent a draft proposal with possible solutions for Hidden Services backed by multiple servers. Several comments have been made already, with Nick Mathewson giving a heads-up on the work he has started on merging thoughts and discussions in a new specification.

James B. reported a tutorial on bsdnow.tv describing how to setup Tor relays, bridges, exit nodes and hidden services on FreeBSD. Their last week’s podcast called “A Brief Intorduction” features a live demonstration (beginning at 43:52).

The Guardian Project has made a new release of its chat application for Android systems. ChatSecure v12 (previously known has Gibberbot) contains several new features and is fully integrated with Orbot.


This issue of Tor Weekly News has been assembled by Lunar, dope457, Matt Pagan, Kostas Jakeliūnas, ra, Johannes Fürmann, Karsten Loesing, and Roger Dingledine.

Want to continue reading TWN? Please help us create this newsletter. We still need more volunteers to watch the Tor community and report important news. Please see the project page, write down your name and subscribe to the team mailing list if you want to get involved!

Tails 0.21 is out

Tails, The Amnesic Incognito Live System, version 0.21, is out.

All users must upgrade as soon as possible: this release fixes numerous security issues.

Download it now.

Changes

  • Security fixes
    • Don't grant access to the Tor control port for the desktop user. Else, an attacker able to run arbitrary code as this user could obtain the public IP.
    • Don't allow the desktop user to directly change persistence settings. Else, an attacker able to run arbitrary code as this user could leverage this feature to gain persistent root access, as long as persistence is enabled.
    • Install Iceweasel 17.0.10esr with Torbrowser patches.
    • Patch Torbutton to make window resizing closer to what the design says.
  • New features
    • Add a persistence preset for printing settings.
    • Support running Tails off more types of SD cards.
  • Minor improvements
    • Add a KeePassX launcher to the top panel.
    • Improve the bug reporting workflow.
    • Prefer stronger ciphers when encrypting data with GnuPG.
    • Exclude the version string in GnuPG's ASCII armored output.
    • Use the same custom Startpage search URL than the TBB. This apparently disables the new broken "family" filter.
    • Provide a consistent path to the persistent volume mountpoint.
  • Localization
    • Many translation updates all over the place.

See the online Changelog for technical details.

Known issues

  • On some hardware, Vidalia does not start.
  • Longstanding known issues.

What's coming up?

The next Tails release is scheduled for around December 11.

Have a look to our roadmap to see where we are heading to.

Would you want to help? There are many ways you can contribute to Tails. If you want to help, come talk to us!

Tor Weekly News — October 23rd, 2013

Welcome to the seventeenth issue of Tor Weekly News, the weekly newsletter that covers what is happening in the Tor community.

Tor’s anonymity and guards parameters

In a lengthly blog post, Roger Dingledine looked back on three research papers published in the past year. Some of them have been covered and most of the time misunderstood by the press. A good recap of the research problems, what the findings mean and possible solutions hopefully will help everyone understand better.

Introduced in 2005, entry guards were added to recognise that “some circuits are going to be compromised, but it’s better to increase your probability of having no compromised circuits at the expense of also increasing the proportion of your circuits that will be compromised if any of them are.” Roger “originally picked ‘one or two months’ for guard rotation” but the initial parameters called for more in-depth research.

That call was heard by “the Tor research community, and it’s great that Tor gets such attention. We get this attention because we put so much effort into making it easy  for researchers to analyze Tor.” In his writing Roger highlights the finding of three papers. Two of them published at WPES 2012 and Oakland 2013, and another upcoming at CCS 2013.

These research efforts highlighted several issues in the way Tor handles entry guards. Roger details five complementary fixes: using fewer guards, keeping the same guards for longer, better handling of brief unreachability of a guard, making the network bigger, and smarter assignment of the guard flag to relays. Some will require further research to identify the best solution. There are also other aspects regarding systems which don’t currently record guards such as Tails, how pluggable transports could prevent attackers from recognising Tor users, or enhancing measurements from the bandwidth authorities…

The whole blog post is insightful and is a must read for everyone who wishes to better understand some of Tor’s risk mitigation strategies. It is also full of little and big things where you could make a difference!

Hidden Service research

George Kadianakis posted a list of items that need work in the Hidden Service area. Despite not being exhaustive, the list contains many items that might help with upgrading the Hidden Service design, be it around security, performance, guard issues or “petname” systems.

Help and comments are welcome!

Usability issues in existing OTR clients

The consensus after the first round of discussions and research done in the prospect of providing a new secure instant-messaging Tor bundle is to use Mozilla Instantbird at its core. Arlo Breault sent out a draft plan on how to do so.

Instantbird currently lacks a core feature to turn it into the Tor Messenger: support for the OTR protocol for encrypted chat. Now is thus a good time to gather usability issues in existing OTR clients.

Mike Perry kicked off the discussion by pointing out several deficiencies regarding problems with multiple clients, key management issues, and other sub-optimal behaviour.

Ian Goldberg — original author of the pervasive OTR plugin for Pidgin — pointed out that at least one of the behaviour singled out by Mike was “done on purpose. The thing it’s trying to prevent is that Alice and Bob are chatting, and Bob ends OTR just before Alice hits Enter on her message. If Alice’s client went to ‘Not private’ instead of ‘Finished’, Alice’s message would be sent in the clear, which is undesirable. Switching to ‘Finished’ makes Alice have to actively acknowledge that the conversation is no longer secure.”

This tradeoff is a good example of how designing usable and secure user interfaces can be hard. Usability, in itself, is an often overlooked security feature. Now is a good time to contribute your ideas!

Tor Help Desk Roundup

The Tor Help Desk continues to be bombarded with help requests from users behind university proxies who cannot use ORPort bridges or the Pluggable Transports Browser to circumvent their network’s firewall. Although the cases are not all the same, bridges on port 443 or port 80 do not always suffice to circumvent such proxies.

Ubuntu 13.10 (Saucy Salamander) was released this week. One user reported their Tor Browser Bundle behaving unusually after updating their Ubuntu operating system. This issue was resolved by switching to the Tor Browser Bundle 3. Another user asked when Tor APT repositories would have packages for Saucy Salamander. Since then, packages for the latest version of Ubuntu have been made available from the usual deb.torproject.org.

Miscellaneous news

Tails has issued a call for testing of its upcoming 0.21 release. The new version contains two security fixes regarding access to the Tor control port and persistent settings among other improvements and package updates. “Test wildly!” as the Tails team wrote.

Andrew Lewman was invited to speak at SECURE Poland 2013 and sent a report on his trip to Warsaw.

Tails developers are looking for Mac and PC hardware with UEFI. If you have some spare hardware, please consider a donation!

Ximin Luo has been the first to create a ticket with 5 digits on Tor tracker. At the current rate, ticket #20000 should happen by the end of 2015… Or will the project’s continued growth make this happen sooner?

Roger Dingledine reported on his activities for September and October. Arturo Filastò also reported on his September.

Runa Sandvik continues her work on the new, more comprehensible Tor User Manual. The first draft is already out. Please review and contribute.

Aaron published a branch with his work on a Tor exit scanner based on OONI.


This issue of Tor Weekly News has been assembled by Lunar, Matt Pagan, dope457, George Kadianakis, Philipp Winter and velope.

Want to continue reading TWN? Please help us create this newsletter. We still need more volunteers to watch the Tor community and report important news. Please see the project page, write down your name and subscribe to the team mailing list if you want to get involved!

Syndicate content Syndicate content