What the "Spoiled Onions" paper means for Tor users

Together with Stefan, I recently published the paper "Spoiled Onions: Exposing Malicious Tor Exit Relays". The paper only discusses our results and how we obtained them and we don't talk a lot about the implications for Tor users. This blog post should fill that gap.

First, it's important to understand that 25 relays in four months isn't a lot. It is ultimately a very small fraction of the Tor network. Also, it doesn't mean that 25 out of 1,000 relays are malicious or misconfigured (we weren't very clear on that in the paper). We have yet to calculate the churn rate of exit relays which is the rate at which relays join and leave the network. 1,000 is really just the approximate number of exit relays at any given point in time. So the actual number of exit relays we ended up testing in four months is certainly higher than that. As a user, that means that you will not see many malicious relays "in the wild".

Second, Tor clients select relays in their circuits based on the bandwidth they are contributing to the network. Faster relays see more traffic than slower relays which balances the load in the Tor network. Many of the malicious exit relays contributed relatively little bandwidth to the Tor network which makes them quite unlikely to be chosen as relay in a circuit.

Third, even if your traffic is going through a malicious exit relay, it doesn't mean that everything is lost. Many of the attacks we discovered still caused Firefox' infamous "about:certerror" warning page. As a vigilant user, you would notice that something isn't quite right and hopefully leave the site. In addition, TorBrowser ships with HTTPS-Everywhere which by default attempts to connect to some sites over HTTPS even though you just typed "http://". After all, as we said in the past, "Plaintext over Tor is still plaintext".

Finally, we want to point out that all of these attacks are of course not limited to the Tor network. You face the very same risks when you are connecting to any public WiFi network. One of the fundamental problems is the broken CA system. Do you actually know all the ~50 organisation who you implicitly trust when you start your Firefox, Chrome, or TorBrowser? Making the CA system more secure is a very challenging task for the entire Internet and not just the Tor network.

Tor Weekly News — January 22th, 2014

Welcome to the third issue in 2014 of Tor Weekly News, the weekly newsletter that covers what is happening in the Tor community.

Future of the geolocalization database used in Tor software

The first version of Tor to include an IP-to-country database was, released in 2008. In 2010, the database switched from data provided by WebHosting.Info to use the more up-to-date MaxMind’s GeoLite service. All was good, until two years later when MaxMind started to hide the country of Tor relays, marking them as from the “A1” country, standing for “anonymous proxy”. Karsten Loesing has been tirelessly doing manual database updates ever since.

MaxMind has launched GeoIP2 as a successor of its previous service. The very good news, as spotted by Karsten, is that the new format “provide the A1/A2 information in *addition* to the correct country codes”.

The question lies on how should this new database be integrated into the different software using geolocalization information: Tor, BridgeDB, the metrics database and the metrics website. The format used by Tor so far has always been a custom format, so writing a converter from MaxMind’s database format is one option. Another option is to integrate the parsing libraries provided by MaxMind into Tor software.

Both approaches have their advantages. In any cases, they can be useful, fun and small projects for someone new to the Tor community. Be sure to have a look at Karsten’s suggestions if you feel like helping.

Key generation on headless and diskless relays

Following up on his work on Torride — a live Linux distribution meant to run Tor relays — anarcat asked about key generation in low entropy situation. Lunar had raised a similar question for the Tor-ramdisk distribution a couple of months ago.

“The concern here is what happens when Tor starts up the first time. I believe it creates a public/private key pair for its cryptographic routines. In Torride, this is done right on the start of the operating system, when the entropy of the system is low or inexistent” explained anarcat.

Gerardus Hendricks has made a quick analysis of Tor source code to determine that key were generated using entropy from /dev/urandom — an insecure behavior in low entropy situation.

Nick Mathewson suggested to change the initialization procedure in order to “try to read a byte from /dev/random before it starts Tor, and block until it actually can read that byte.“ This would “ensure that the kernel RNG has (by its own lights) reached full entropy at least once, which guarantees cryptographic quality of the rest of the /dev/urandom stream.” More general solutions are now discussed in a newly created ticket.

Exposing malicious exit relays

Anyone is free to start a new Tor relay and join the Tor network. Most Tor relay operators are volunteers who dedicate time and money to support online privacy.

Unfortunately, as Philipp Winter and Stefan Lindskog wrote in the introduction of their new research project, “there are exceptions: in the past, some exit relays were documented to have sniffed and tampered with relayed traffic”. The project, dubbed “spoiled onions”, is meant to “monitoring all exit relays for several months in order to expose, document, and thwart malicious or misconfigured relays”.

The paper gives more details on the modular scanning software that has been developed. It elaborates on how it can detect tampering with the HTTP, HTTPS, SSH, and DNS protocols. The paper also discusses that occasionally it’s the relay’s ISP that is responsible for an attack despite the operator’s good faith.

The authors also describe an extension to the Tor Browser that can help with detecting HTTPS man-in-the-middle attacks: if the browser is unable to verify a certificate, it will automatically retrieve the certificate again using a different Tor exit node. If the certificates do not match, a warning can then be issued informing the user that an attack might be happening and offering to notify the Tor Project. However, the extension is merely a proof of concept and not usable at this point.

Philipp and Stefan’s efforts have already identified 25 bad relays that have subsequently been marked as such by directory authority operators. Even if we wish the number of problematic relays to stay low, let’s hope this will help to identify those who try to abuse Tor users as soon as possible in the future.

Miscellaneous news

Alex reported his bad experience with Hetzner when attempting to participate in the “Trusted Tor Traceroutes” experiment. Paul Görgen reported having similar troubles, even with a lower packet per second rate. Relay operators might want to warn their ISP before undertaking the experiment in the future to avoid similar misadventures.

Anupam Das reported that they have “received a good rate of participation by relay operators to our measurement project”. To measure progress, there is now a live scoreboard of all participants.

The integration of “pluggable transports” in the main Tor Browser Bundle is moving smoothly. David Fifield published beta images of his recent work, and the initial implementation adding a default set of bridges to Tor Launcher has been completed.

Following up on last week call for help regarding Tor Weather, Karsten Loesing is organizing an IRC meeting with interested developers on Wed, Jan 22, 18:00 UTC. The meeting will happen in #tor-dev on OFTC.

As part of the website redesign effort, Marck Al proposed an updated visual identity. Lunar also highlighted a couple of tasks that could be undertaken to move the website redesign forward.

Tails’ release calendar has been shifted by two weeks because of the holiday break from Mozilla.

Ximin Luo has been discussing with I2P developers on how Pluggable Transports could be made easier to use by other projects.

Isis Lovecruft has sent late reports on her activity for October, November and December 2013.

There are two weeks left to participate in the crowdfunding campaign started by the Freedom of the Press Foundation. Among other projects, the money will support core Tor development and Tails 1.0 release.

Tor help desk roundup

Frequently users email the Tor help desk because they cannot access a particular public-facing website. Often this is because an increasing number of websites have begun blocking connections that appear to come from the Tor network. A partial list of websites that do this can be found on Tor Project’s wiki. Feel free to add more sites to the list, and to contact the website’s operators to explain why banning Tor is not the best course of action.

Some users reported websites that do not allow logins when using the Tor Browser. This is not always related to website blocks or blacklists. There is a known bug in the Tor Browser Bundle such that Private Browsing Mode disallows cookies in a way that some sites don’t like. Disabling Private Browsing mode via Torbutton’s Preferences is a workaround and will hopefully be fixed soon.

This issue of Tor Weekly News has been assembled by Lunar, Matt Pagan, Philipp Winter, Karsten Loesing, Sandeep, and dope457.

Want to continue reading TWN? Please help us create this newsletter. We still need more volunteers to watch the Tor community and report important news. Please see the project page, write down your name and subscribe to the team mailing list if you want to get involved!

Tor Weekly News — January 15th, 2014

Welcome to the second issue in 2014 of Tor Weekly News, the weekly newsletter that covers what is happening in the Tor community.

Orbot 13 is out

Orbot — the Guardian Project’s port of Tor on Android platforms — has received a major update. Version 13 includes “all the latest bling across the board” meaning Tor and updated versions of OpenSSL and XTables. Nathan also mentions “some important fixes to the Orbot service, to ensure it remains running in the background, and the active notification keeps working, as well. Finally, we’ve changed the way the native binaries are installed, making it more reliable and clean across devices.”

After the initial release candidates, 13.0.1, 13.0.2 and then 13.0.3 were quickly made available to fix various reported issues.

The new release is available from the Guardian Project’s website, F-Droid repository or Google Play.

Who are the Tor Project’s website visitors?

Last week’s call for help regarding the Tor Project’s website has seen a pretty impressive response. Discussions then quickly sparkled on the newly created mailing list.

As one of the first concrete outcomes, Rey Dhuny contributed an initial set of “personas”, later improved by Max Jakob Maass, Silviu Riley with suggestions from others. Quoting Wikipedia: “personas are fictional characters created to represent the different user types within a targeted demographic, attitude and/or behavior set that might use a site, brand or product in a similar way.”

One can have a look at the wiki page to learn more about the seven different users of the Tor website that have been currently identified: The Student, The Journalist, The Researcher, The Donor, The Engineer, The Activist, The Dissident. These personas should probably be further refined, but are already a very useful tool to think about how to structure a new website.

For anyone interested in following the effort, Andrew Lewman has spent time triaging all website related tickets and setting up a new milestone to keep tabs on tasks and issues.

Let’s save Tor Weather!

The Tor network would not exist without all its volunteers — currently more than 3,000 all around the world — who run the 5,000+ relays anonymizing our connections.

Tor Weather is one of these small services run by the Tor Project that is meant to make the life of relay operators easier. It can warn them when their relay is down or when a new version of tor is available… and when they can receive the rewarding t-shirt. Unfortunately, Tor Weather has been unmaintained for quite a while, and issues have accumulated over time.

Karsten Loesing has sent a call for help with suggestions on how the code can be simplified and improved. Abhiram Chintangal and Norbert Kurz have already stated their interests. Coordination is done through the tor-dev mailing list  and a design wiki page. Join them if you are up to some Python hacking or spiffing up the web interface!

More monthly status reports for December 2013

The wave of regular monthly reports from Tor project members for the month of December 2013 continued this week as well with the extended report form the Tails team followed by reports from George Kadianakis, Kevin P Dyer, and Andrew Lewman.

Miscellaneous news

The Tails team has put out a call for testing the first release candidate for Tails 0.22.1. The new version will bring several bugfixes, an updated kernel, and many improvements to the upgrader application.

Directory authorities are in the process of upgrading their directory signing key to RSA 2048. This has been done for five out of nine authorities. The changes might result in some temporary error messages in logs of Tor relays, as it did when gabelmoo changed its key on January 11th.

Nicolas Vigier has sent a proposal about replacing the current Gitian-based build system for the Tor Browser Bundle by a system based on burps. Nicolas also worked on a prototype to go with his proposal.

Nick Mathewson mentioned that the “Sniper Attack” paper by Rob Jansen, Florian Tschorsch, Aaron Johnson, and Björn Scheuermann was now available. This paper describes serious Denial of Service attacks through memory exhaustion. The issue is fixed “thanks to advice from the paper’s authors, in Tor 0.2.4.x and later”.

In order to prevent attacks on hidden services based on predicting which directory will be used, directory authorities need to periodically produce shared unpredictable random strings. To address the issue, Nicholas Hopper has sent a threshold signature-based proposal for a shared RNG, now up for reviews.

The next session of low-hanging fruits for Tails will happen on February 8th in the #tails IRC channel OFTC at 10:00 CET.

Thanks to, Maki Hoshisawa and cYbergueRrilLa AnonyMous NeXus for running new mirrors of the Tor Project website.

Jaromil announced the release of Dowse, “a transparent proxy setup supporting Tor”. One feature is that it detects “all URLs whose domain ends in .onion, routing them directly to Tor, effectively making the onion network accessible without any plugin or software installed.” The transport proxy approach has known issues but can still be of interest to some users. Jaromil is seeking feedback and opinions from the community.

Microsoft’s Geoff McDonald wrote a blog post describing how they have helped remove half of the estimated four millions of Tor clients installed by the Sefnit botnet without the computer owner’s knowledge.

Koumbit has been working on Torride, a live distribution to run Tor relays — not unlike Tor-ramdisk — but based on Debian. Version 1.1.0 has been released on January 10th.

Tor help desk roundup

Many users have been emailing for clarification on the Tor Browser’s interface. The first time Tor Browser is started, users are asked if their network is free of obstacles. Many users do not know if their network is free of obstacles or not. A network is free of obstacles if it does not censor connections to the Tor network. Ticket #10610 has been opened to discuss possible improvements.

A number of users have reported problems using the Tor Browser in Backtrack Linux. Backtrack is unusual among Linux distributions in that the user can only log in as root; there are no other user accounts. The Tor Browser cannot be run as root. One solution for Backtrack users is to create a new account with the useradd command and then run the Tor Browser as that user with the sudo command.

This issue of Tor Weekly News has been assembled by Lunar, Matt Pagan, dope457, Sandeep, Karsten Loesing, Nicolas Vigier, Philipp Winter and the Tails developers.

Tor Weekly News needs reviewers! 24 hours before being published, the content of the next newsletter is frozen so there is time to improve the language. We are really missing native or good English speakers who could spend just about 20 minutes each week. See the project page, and subscribe to the team mailing list if you want to get involved!

Tor Weekly News — January 8th, 2014

Welcome to the first issue for the year 2014 of Tor Weekly News, the weekly newsletter that covers what is happening in the impressive Tor community. The tor-news mailing list has reached a thousand subscribers. Thanks for following us!

Tor at the 30th Chaos Communication Congress

The Chaos Computer Club held its thirtieth congress in Hamburg, Germany during the days and nights of December 26th-30th. The congress had over 9,000 participants. The topic of pervasive surveillance was more present than ever, and Tor was a common answer to many questions.

“We are living in interesting times” was the subtitle of Jacob Appelbaum
and Roger Dingledine’s talk for this year. Their tour of what happened to Tor in the past years and more importantly in the past months was seen by more than 3,000 attendees in Hamburg and a couple more from the live stream and recordings. Later on, Sophie Bayerlein had decorated a wall with her visual summary of the talk.

The talk was quickly followed by a “How to help Tor?” workshop. Lunar reported “an overwhelming success as more than 200 people showed up. We were not prepared for helping so many folks waiting to learn how they can help Tor. It still created interesting discussions, I believe, and I hope we will find ways to interact more with the larger community in the upcoming weeks, especially concerning outreach to the general public.”

Earlier the same day, a meetup of Tor relay operators was held. The small room was packed with at least 60-70 attendees. Several relay operator organizations reported on their progress: DFRI, Frënn vun der Ënn, Icetor, Noisetor, Nos oignons, Swiss Privacy Foundation and Zwiebelfreunde. Many of these projects did not exist last year, and new organizations are still being created, like The Torrorists who also gave a quick status update. Nikita Borisov gave a quick presentation of the traceroute research experiment and encouraged more operators to run the test script. Several operators of important relays and directory authorities also assisted the session. Let’s hope everyone shared the same feelings as Jason from Icetor: “It was really excellent meeting all of you and great for my morale to see all the people understanding and working towards common goals. Perhaps it’s just due to my remoteness, but I rarely get to discuss projects like this at such an intricate level.”

On the lightning talks front, Kai Engert presented DetecTor (slides, video at 1:56:25), David Fifield covered the basics of Tor pluggable transports, and Michael Zeltner introduced tor2tcp (video at 1:41:00). Some OnionCat developers have also been spotted in the corridors.

The Chaos Communication Congress is one of the rare events where an impressive number of members of the Tor community have a chance to interact. Let’s hope it has been a fruitful time for everyone!

Tor website needs your help!

One of the outcomes of the “How to help Tor?” session at the 30C3 was that there were quite some people interested in helping the Tor project with its website. In order to foster anyone’s participation, a larger call for help has been sent.

It starts by acknowledging that “Tor has shifted in the recent years from being a project prominently used by researchers, developers, and security experts to the wider audience of anyone concerned about their privacy”. As its primary audience shifted, “it is again time for important changes” to the website structure and design.

As one can read in the call or browse through the website related tickets, it’s going to be a challenging task. A new mailing list has been created to coordinate the efforts. Join if you want to help!

Monthly status reports for December 2013

The wave of regular monthly reports from Tor project members for the month of December has begun. Philipp Winter released his report first, followed by reports from Pearl Crescent, Sherief Alaa, Colin C., Damian Johnson, Tor’s help desk, Lunar, Karsten Loesing, Matt Pagan, Georg Koppen, Ximin Luo, Nick Mathewson, and Nicolas Vigier.

Miscellaneous news

Anthony G. Basile released version 20131230 of Tor-ramdisk — a uClibc-based micro Linux distribution whose only purpose is to host a Tor server — with an updated Linux kernel and Tor

Gregory Maxwell started discussion on how to improve Hidden Services key management: “It would be preferable if it were possible to have a HS master key which was kept _offline_ which could be use to authorize use for some time period and/or revoke usage.” As Nick Mathewson pointed out, the timing is right and such issues have a chance to be addressed with the current redesign process (see proposal 220 and proposal 224).

The Tails team has announced: “The MAC address spoofing feature is ready for testing. This feature prevents geographical tracking of your network devices (and by extension, you) by randomizing their MAC addresses.” Testing on a variety of hardware is now needed, give it a try!

The next Tails contributor online meeting will be held January 9th on the IRC channel #tails-dev (OFTC) at 21:00 UTC.

The “test/rjb-migration” branch has been merged into the Tails development tree. It should now be fairly straightforward to run the automated test suite on a Debian Wheezy system.

The Tor Project’s website has gained another new mirror, thanks PW!

Johannes Fürmann asked the relay operators community to review a short documentation on how to run multiple Tor processes on one host.

Some users have been tricked into downloading malware from the domain. Action is on-going to shutdown the domain. In the meantime, watch out!

Tor help desk roundup

Multiple people have now asked the help desk for support using the Tor Browser on Windows RT. Windows RT is a new edition of Windows 8.1 designed for ARM devices like the Microsoft Surface. There is no supported way of using Tor on Microsoft RT.

Many people have been emailing the help desk to ask how to get a new identity or set up a relay now that Vidalia is no longer included in the Tor Browser package. Vidalia is still available as a standalone package. More information on the transition away from Vidalia can be found on the Tor Browser 3 FAQ wiki page.

This issue of Tor Weekly News has been assembled by Lunar, Matt Pagan, dope457, Sandeep, weasel, rey, murb and nicoo.

Want to continue reading TWN? Please help us create this newsletter. We still need more volunteers to watch the Tor community and report important news. Please see the project page, write down your name and subscribe to the team mailing list if you want to get involved!

Tor website needs your help!

Tor started more than eleven years ago. The project website has gone through three major revisions in that time. It looks like it’s again time for important changes.

Tor has shifted in the recent years from being a project prominently used by researchers, developers, and security experts to the wider audience of anyone concerned about their privacy. Tor’s user base continues to grow. While this is a very good news for the anonymity of every Tor user, we need to make information that matters more accessible and better structured. The support team already receive close to 30 new requests every day, and it would be a better experience for newcomers, users, and journalists to directly find their answers.

Creating the ideal website for Tor is not an easy task. We have very diverse audiences with very diverse expectations. We need to gather information from different sources. Some pages should be multi-lingual. As outdated information could endanger our users, it should be easy to keep up-to-date. Our users deserve beautiful, clear, and comprehensive graphics to allow everyone to quickly understand Tor better. We’ve had some starting discussions, but we’re very much in need of your help.

Up to the challenge? Do you want to help improving a website visited everyday by millions of people looking for protection against surveillance? Then feel free to join the website team mailing list. We need usability experts, technical writers, designers, code wizards of the modern web, static website generator experts, documentalists… Join us and help!

Tor Weekly News — December 25th, 2013

Welcome to the 26th issue of Tor Weekly News, the weekly newsletter that covers what is happening in the Tor community.

The 3.x series of the Tor Browser Bundle is now stable

After more than a year of work, Mike Perry has officially blessed the 3.5 release of the Tor Browser Bundle as the new stable release. Improving on the previous stable series, it features a deterministic build system for distributed trust, a new integrated interface to interact with Tor and all the improvements from Tor 0.2.4.

Users of the previous 2.x series might be a little disoriented by the user interface changes. David Fifield, Matt Pagan and others have been compiling the most frequent questions heard after the switch. Until the integrated browser interface catches up, new Vidalia bundles are now available for those who need them. Erinn Clark is ironing out the remaining integration issues.

With the discontinuation of Firefox 17 ESR, the new release had to be pushed to users to avoid exposing them to security holes. Firefox 24 ESR, on which the Tor Browser is now based, should be supported by Mozilla for approximately one year. This will leave our browser hackers some time to focus more on user experience improvements, test automation, and better resistance to fingerprinting issues.

Several tutorials, videos, and bits of documentation might now in one way or another be out-of-date in many places. Please help report them or, even better, write up some updated versions.

This release is quite a milestone for the project. Update and enjoy!

The Tor Project now accepts donation in Bitcoin

As is often pointed out in the press, the majority of the Tor Project’s financial support comes from US government-linked organizations. In the ongoing effort to offer as many possible ways for individuals and organizations to give help to the project, Bitcoin donations are now being accepted.

As Roger Dingledine wrote in a subsequent comment: “We really need to get some funding for core Tor development, and especially for improving Tor’s anonymity, because none of our current funders care enough about the anonymity side of Tor. Outreach and blocking-resistance are great topics, but we can’t let the anonymity part rot.”

Head over to the donations page to learn more about how to chip in with Bitcoins or other currencies.

Tor is out

The first update to the new stable branch of Tor has been released on December 23rd. It fixes an issue that would create more preemptive circuits than actually need, and a security issue related to poor random number generation.

The latter affects “users who 1) use OpenSSL 1.0.0 or later, 2) set ‘HardwareAccel 1’ in their torrc file, 3) have ‘Sandy Bridge’ or ‘Ivy Bridge’ Intel processors, and 4) have no state file in their DataDirectory (as would happen on first start). Users who generated relay or hidden service identity keys in such a situation should discard them and generate new ones.”

The source code is already available from the usual location. Update packages and bundles should be ready soon.

Tor events at the 30th Chaos Communication Congress

The Chaos Computer Club will be holding its 30th Congress in Hamburg between the 27th and the 30th of December, and as usual there are a number of Tor-related talks and events scheduled.

Following their session on the Tor ecosystem at 29c3, Tor Project members Roger Dingledine and Jacob Appelbaum will be giving a talk entitled “The Tor Network: We’re living in interesting times”, in which they discuss the Project’s work over the last few years, with special reference to “major cryptographic upgrades in the Tor network, interesting academic papers in attacking the Tor network, major high profile users breaking news about the network itself, discussions about funding, FBI/NSA exploitation of Tor Browser users, botnet related load on the Tor network, and other important topics”.

Their talk will be followed by a discussion involving everyone interested in helping Tor at the NoisySquare assembly. The Tor ecosystem is now made up of more than forty different projects, and there are sure to be ways you can help. Bring your skills and your energy! will be holding a meeting of Tor relay operators and organizations, featuring “quick presentations on recent and future activities around”, to be followed by the official members’ meeting of the German partner organization, Zwiebelfreunde e.V.

#youbroketheinternet will hold a session on the future of crypto routing backends: “Even the IETF is now considering that Onion Routing should be a fundamental capability of the Internet. How would that look in practice?”

If you are attending the Congress, feel free to come along and participate in these sessions; if not, you should be able to catch up with the talks online.

Miscellaneous news

Anthony G. Basile released version 20131216 of Tor-ramdisk, a “uClibc-based micro Linux distribution whose only purpose is to host a Tor server in an environment that maximizes security and privacy.” This new release is the first to ship the 0.2.4 branch of Tor.

For those who like hazardous experiments, intrigeri sent a call for testing an experimental Tails image with preliminary UEFI support — users of Apple hardware should be particularly interested. anonym also announced that test images from the MAC spoofing branch were available.

Nick Mathewson sent his now-monthly review of the status of Tor’s proposals. Karsten Loesing followed-up by commenting on several of those related to the directory protocol. Have a look, you might also be able to move things forward!

Many thanks to John Sweeney of, Jeremy J. Olson of EPRCI, and for running mirrors of the Tor Project website.

Karsten Loesing has been experimenting with replacementsfor the “fast exits” graphs that would convey a better feeling of the network growth. He also deployed a new visualization for the fraction of connections used uni-/bidirectionally.

Tor help desk roundup

Multiple users have now emailed the help desk regarding a particular type of “ransomware” that encrypts the hard drive of Windows computers and won’t give users the decryption key until a payment is made. Victims of this malware have emailed the help desk because the ransomware message includes a link to a tor hidden service site. Malware victims wanted to know how to install the Tor Browser, or thought the Tor Project was the source of the malware.

The Tor Project does not make malware; in the past Tor developers have worked with anti-virus developers to help stop other types of malware. Users affected might find useful information in the guide assembled by If you have not been affected, the story might be a good reminder to think about your backups.

This issue of Tor Weekly News has been assembled by Lunar, harmony, Matt Pagan and dope457.

Want to continue reading TWN? Please help us create this newsletter. We still need more volunteers to watch the Tor community and report important news. Please see the project page, write down your name and subscribe to the team mailing list if you want to get involved!

Tor Browser Bundle 3.5 is released

Update 12/20: Test builds of Pluggable Transport bundles are now available. See inline and see the FAQ link for more details.

The 2.x stable series of the Tor Browser Bundle has officially been deprecated, and all users are encouraged to upgrade to the 3.5 series.

Packages are now available from the Tor download page as well as the Tor Package archive.

For now, the Pluggable Transports-capable TBB is still a separate package, maintained by David Fifield. Download them here: We hope to have combined packages available in a beta soon.

For people already using TBB 3.5rc1, the changes are not substantial, and are included below.

However, for users of TBB 2.x and 3.0, this release includes important security updates to Firefox. All users are strongly encouraged to update immediately, as we will not be making further releases in the 2.x or 3.0 series.

In terms of user-facing changes from TBB 2.x, the 3.x series primarily features the replacement of Vidalia with a Firefox-based Tor controller called Tor Launcher. This has resulted in a vast decrease in startup times, and a vast increase in usability. We have also begun work on an FAQ page to handle common questions arising from this transition -- where Vidalia went, how to disable JavaScript, how to check signatures, etc.

The complete changelog for the 3.x series describes the changes since 2.x.

The set of changes since the 3.5rc1 release is:

  • All Platforms
    • Update Tor to
    • Update Tor Launcher to
      • Bug 10382: Fix a Tor Launcher hang on TBB exit
    • Update Torbutton to
      • Misc: Switch update download URL back to download-easy

Tor Weekly News — December 18th, 2013

Welcome to the twenty-fifth issue of Tor Weekly News, the weekly newsletter that covers what is happening in the ever-updating Tor community.

Tor is out

After more than a year in the making, Roger Dingledine announced the first stable release in the Tor 0.2.4 series, as well as the dedication of this series to the memory of Aaron Swartz (1986-2013).

Tor 0.2.4 boasts a large number of major new features, among them a new circuit handshake, improved link encryption, a flexible approach to the queueing of circuit creation requests, and the use of “directory guards” to defend against client-enumeration attacks. You can consult the full changelog in Roger’s announcement, and download the source code from the website.

As no code changes have been made since the previous release candidate, there is no reasons for users of tor to upgrade in a hurry.

Tor Browser Bundle 3.5rc1 is out

Mike Perry announced the first release candidate in the Tor Browser Bundle 3.5 series, and strongly encouraged users to update in anticipation of the imminent end-of-life of both the 2.x stable and 3.0 series, following Mozilla's deprecation of Firefox 17 ESR, on which both are based.

This release also includes a number of important security updates, alongside various bugfixes and usability improvements; for this reason as well, users should upgrade as soon as possible.

Tails 0.22 is out

Tails saw its 35th release on December 11th. It incorporates many major and minor improvements and bugfixes, and opens up the new incremental-upgrade feature for beta-testing.

As this is the first release to feature a browser based on the Firefox 24 ESR series, some small inconveniences found their way in. Have a look at the known issues before giving it a go.

Nevertheless, it fixes several important security issues, so it is recommended that all users upgrade as soon as possible. awarded $250,000 grant

The team announced that they have received a $250,000 organizational grant, to be spread over two years, from the Digital Defenders Partnership, which in its own words was “established to provide rapid response to threats to internet freedom.”

With this grant, wrote Moritz Bartl, “participating Torservers organizations will be able to sustain at least 3 Gbit/s of exit traffic, and 2000 fast and up-to-date bridges.”

In order to make the most efficient use of this significant contribution to the Tor network while maintaining its diversity, wrote Moritz, “we need to find seven more organizations that are willing to rent servers for a period of at least 2 years”, adding that “we really want to avoid having organizations run both high bandwidth exit relays and a larger number of Tor bridges: An operator should not see both traffic entering the Tor network and traffic leaving the Tor network” .

For this reason, he called for groups interested in supporting the Tor network to get in contact, in order to discuss how they can best set up and maintain Tor services. The first such partnership will be with the Institute for War and Peace Reporting's Cyber Arabs group.

If you represent an organization that could make this much-needed contribution to the Tor network, please contact the team, or join them at the Tor relay operators meetup during the upcoming Chaos Communication Congress in Hamburg.

Miscellaneous news

The Tails team reported on the vast amount of activity that occurred during November 2013. Coming up in the next few Tails releases are an updated I2P, a new clock applet with configurable timezone, better localization, incremental upgrades, safer persistence, MAC spoofing…

meejah announced the release of txtorcon 0.8.2, and warned users that they should upgrade if they use that program’s TCP4HiddenServiceEndpoint feature, in order to fix a bug that allows listening on hosts other than

Kevin P Dyer announced the 0.2.2 release of fteproxy, which “includes the removal of gmpy as a dependency, additional documentation to explain the significance of language theoretical algorithms, and bounds checking of the input/output of our (un)ranking algorithms”; this hot on the heels of 0.2.1, in which he “focused on breaking away from heavyweight dependencies: OpenFST and boost”.

Mike Perry shared his thoughts regarding the presence of the Tor Browser Bundle in centralized repositories such as the Apple App Store or Google Play, and the possibilities for attack that these stores open up.

Ondrej Mikle warned users of Enterprise Linux 5 that Tor RPM packages will no longer be built for their platform, owing to an “increasing number of required workarounds”.

Karsten Loesing published a summary of the past, present and the future of the Tor Metrics project, which he maintains, offering some context for the various changes that have recently been announced.

Lunar sent reports from the Tor help desk for October and November.

Jacob Appelbaum recapped his work over the last few months — from June to December — in a slew of reports (June, July, August, September, October, November, December).

Tor help desk roundup

Occasionally users who need the Pluggable Transports Tor Browser Bundle will download the Vidalia Bridge Bundle instead, which is less useful for users trying to circumvent state censorship. The Vidalia Bridge Bundle is only available for Windows and is configured by default to turn the client machine into a bridge. None of the Vidalia Bundles are designed to use Pluggable Transports.

This issue of Tor Weekly News has been assembled by harmony, Lunar, dope457, and Matt Pagan.

Want to continue reading TWN? Please help us create this newsletter. We still need more volunteers to watch the Tor community and report important news. Please see the project page, write down your name and subscribe to the team mailing list if you want to get involved!

Syndicate content Syndicate content