lunar's blog

Tor Weekly News — October 8th, 2014

Welcome to the fortieth issue in 2014 of Tor Weekly News, the weekly newsletter that covers what is happening in the Tor community.

Setup ooniprobe in five minutes

New versions of the Open Observatory of Network Interference (OONI) tools are out. On October 1st, Arturo Filastò announced ooniprobe 1.2.0 and oonibackend 1.1.4.

“One of the most interesting new features that are now part of ooniprobe is the ability to generate test decks for the country you are in a way that is much easier than before”, wrote Arturo.

He added: “As a matter of fact to start contributing useful measurements it’s just a matter of 5 minutes of setup.” So don’t be shy about adding your measurements to the project!

Monthly status reports for September 2014

The wave of regular monthly reports from Tor project members for the month of September has begun. Juha Nurmi released his report first, followed by reports from Georg Koppen, Damian Johnson, George Kadianakis, Matt Pagan, Lunar, Sherief Alaa, Leiah Jansen, Harmony, Pearl Crescent, Nick Mathewson, Karsten Loesing, Sukhbir Singh, Nicolas Vigier (in addition to July and August), Arlo Breault, J. Todaro, and Colin C.

Lunar also reported on Tor help desk, Mike Perry for the Tor Browser team, and Arturo Filastò for OONI.

Miscellaneous news

Orbot users should rejoice at the news that orWall 1.0.0 has been released! orWall will force selected applications through Tor while preventing unauthorized applications to have any network access. “Any feedback from Tor/Orbot users interests me in order to improve orWall. I think the current release is pretty good, but as the main dev I’m maybe not that neutral regarding this statement” joked CJ.

The OONI project has been “developing a test that allows probes in censored countries to test which bridges are blocked and which are not”. George Kadianakis is seeking help to create interesting visualization of the resulting data. He shared a sketch about countries and pluggable transports and another one showing time before blocks happened.

Nick Mathewson announced the release of Trunnel 1.3. Trunnel is a code generator for binary encoders/decoders. Nick adds: “Some code that it has generated has been merged into the Tor master branch for the 0.2.6 release series, though that code is not yet in active use.“

David Fifield sent a summary of the costs incurred by the meek pluggable transport for the month of September 2014. More details are included in the email, but costs are currently very low: “$3.85 for App Engine, $4.59 for Amazon, $0.00 for Azure”.

Virgil Griffith shared a yet unpublished tech report on Tor growth. To pick just one finding, the Tor network’s bandwidth has been doubling every 13–14 months so far.

The Knight Foundation is going to fund projects for “the future of libraries”. The Library Freedom Project wants to teach “librarians about privacy rights, law, and tech tools to protect patrons from dragnet surveillance”. It’s based on their previous experience promoting Tor and other privacy tools in Massachusetts libraries. Show them support!

The US National Science Foundation is seeking input to lay out a future Privacy Research Strategy. The deadline being October 17th, Roger Dingledine suggests: “if anybody here has partially written ideas that they want to put together into a submission, please do!”

Thanks to opi for running a new mirror of the Tor Project’s website and software.

Easy development tasks to get involved with

oonibackend is used by ooni, the Open Observatory of Network Interference, to run in the background and perform tasks like discovering addresses of test helpers and performing measurements that require a backend system to talk to. When oonibackend was changed to fix compatibility with Twisted 13.1 it lost its ability to start tor and then drop privileges. Arturo suspects that the correct way of doing this is to place the logic for starting tor inside of preApplication or startService. But from a quick research he suspects that Twisted does not support returning Deferreds in there. He also points to two relevant Twisted tickets (1, 2). If you have experience with Twisted and want to help debug or even solve this problem, be sure to post your thoughts or patches to the ticket.


This issue of Tor Weekly News has been assembled by Lunar, harmony, and Karsten Loesing.

Want to continue reading TWN? Please help us create this newsletter. We still need more volunteers to watch the Tor community and report important news. Please see the project page, write down your name and subscribe to the team mailing list if you want to get involved!

Tor Weekly News — August 13th, 2014

Welcome to the thirty-second issue of Tor Weekly News in 2014, the weekly newsletter that covers what is happening in the Tor community.

Torsocks 2.0 is now considered stable

Torsocks is a wrapper program that will force an application’s network connections to go through the Tor network. David Goulet released version 2.0.0, blessing the new codebase as stable after more than a year of efforts.

David’s original email highlighted several reasons for a complete rewrite of torsocks. Among the issues were maintainability, error handling, thread safety, and a lack of proper compatibility layer for multiple architectures. The new implementation addresses all these issues while staying about the same size as the previous version (4,000 lines of C according to sloccount), and test coverage has been vastly extended.

Torsocks comes in handy when a piece of software does not natively support the use of a SOCKS proxy. In most cases, the new version may be safer, as torsocks will prevent DNS requests and non-torified connections from happening.

Integrators and power users should watch their steps while migrating to the new version. The configuration file format has changed, and some applications might behave differently as more system calls are now restricted.

Next generation Hidden Services and Introduction Points

When Tor clients need to connect to a Hidden Service, the first step is to create a circuit to its “Introduction Point”. There, the Tor client serving the Hidden Service will be waiting through another circuit to agree on a “Rendezvous Point” and pursue the communication through circuits connecting to this freshly selected Tor node.

This general design is not subject to any changes in the revision of hidden services currently being worked on. But there are still some questions left unanswered regarding the best way to select Introduction Points. George Kadianakis summarized them as: “How many IPs should an HS have? Which relays can be IPs? What’s the lifetime of an IP?”

For each of these questions, George collected possible answers and assessed whether or not they could respond to several attacks identified in the past. Anyone interested should help with the research needed and join the discussion.

In the meantime, Michael Rogers is also trying to find ways to improve hidden service performance in mobile contexts. One way to do so would be to “keep the set of introduction points as stable as possible”. However, a naive approach to doing so would ease the job of attackers trying to locate a hidden service. The idea would be to always use the same guard and middle node for a given introduction point, but this might also open the doors to new attacks. Michael suggests experimenting with the recently published Java research framework to gain a better understanding of the implications.

More status reports for July 2014

The wave of regular monthly reports from Tor project members for the month of July continued, with submissions from Andrew Lewman, Colin C., and Damian Johnson.

Roger Dingledine sent out the report for SponsorF. Arturo Filastò described what the OONI team was up to. The Tails team covered their activity for June and July.

Miscellaneous news

Two Tor Browser releases are at QA stage: 4.0-alpha-1 including meek and a new directory layout, and 3.6.4 for security fixes.

The recent serious attack against Tor hidden services was also a Sybil attack: a large number of malicious nodes joined the network at once. This led to a renewal of interest in detecting Sybil attacks against the Tor network more quickly. Karsten Loesing published some code computing similarity metrics, and David Fifield has explored visualizations of the consensus that made the recent attack visible.

Gareth Owen sent out an update about the Java Tor Research Framework. This prompted a discussion with George Kadianakis and Tim about the best way to perform fuzz testing on Tor. Have a look if you want to comment on Tim’s approaches.

Thanks to Daniel Thill for running a mirror of the Tor Project website!

ban mentioned a new service collecting donations for the Tor network. OnionTip, set up by Donncha O’Cearbhaill, will collect bitcoins and redistribute them to relay operators who put a bitcoin address in their contact information. As the redistribution is currently done according to the consensus weight, Sebastian Hahn warned that this might encourage people to “cheat the consensus weight” because that now means “more money from oniontip”.

Juha Nurmi sent another update on the ahmia.fi GSoC project.

News from Tor StackExchange

arvee wants to redirect some TCP connections through Tor on OS X; Redsocks should help to route packets for port 443 over Tor . mirimir explained that given the user's pf configuration, the setting “SocksPort 8888” was probably missing.

meee asked a question and offered a bounty for an answer: the circuit handshake entry in Tor’s log file contains some numbers, and meee wants to know what their meaning is: “Circuit handshake stats since last time: 1833867/1833868 TAP, 159257/159257 NTor.”

Easy development tasks to get involved with

The bridge distributor BridgeDB usually gives out bridges by responding to user requests via HTTPS and email. A while ago, BridgeDB also gave out bridges to a very small number of people who would then redistribute bridges using their social network. We would like to resume sending bridges to these people, but only if BridgeDB can be made to send them via GnuPG-encrypted emails. If you’d like to dive into the BridgeDB code and add support for GnuPG-encrypted emails, please take a look at the ticket and give it a try.


This issue of Tor Weekly News has been assembled by Lunar, qbi, Karsten Loesing, harmony, and Philipp Winter.

Want to continue reading TWN? Please help us create this newsletter. We still need more volunteers to watch the Tor community and report important news. Please see the project page, write down your name and subscribe to the team mailing list if you want to get involved!

Tor Weekly News — August 6th, 2014

Welcome to the thirty-first issue of Tor Weekly News in 2014, the weekly newsletter that covers what is happening in the Tor community.

Tor and the RELAY_EARLY traffic confirmation attack

Roger Dingledine ended several months of concern and speculation in the Tor community with a security advisory posted to the tor-announce mailing list and the Tor blog.

In it, he gave details of a five-month-long active attack on operators and users of Tor hidden services that involved a variant of the so-called “Sybil attack”: the attacker signed up “around 115 fast non-exit relays” (now removed from the Tor network), and configured them to inject a traffic header signal consisting of RELAY_EARLY cells to “tag” any hidden service descriptor requests received by malicious relays — a tag which could then be picked up by other bad nodes acting as entry guards, in the process identifying clients which requested information about a particular hidden service.

The attack is suspected to be linked to a now-cancelled talk that was due to be delivered at the BlackHat security conference. There have been several fruitful and positive research projects involving theoretical attacks on Tor’s security, but this was not among them. Not only were there problems with the process of responsible disclosure, but, as Roger wrote, “the attacker encoded the name of the hidden service in the injected signal (as opposed to, say, sending a random number and keeping a local list mapping random number to hidden service name)”, thereby “[putting] users at risk indefinitely into the future”.

On the other hand, it is important to note that “while this particular variant of the traffic confirmation attack allows high-confidence and efficient correlation, the general class of passive (statistical) traffic confirmation attacks remains unsolved and would likely have worked just fine here”. In other words, the tagging mechanism used in this case is the innovation; the other element of the attack is a known weakness of low-latency anonymity systems, and defending against it is a much harder problem.

“Users who operated or accessed hidden services from early February through July 4 should assume they were affected” and act accordingly; in the case of hidden service operators, this may mean changing the location of the service. Accompanying the advisory were two new releases for both the stable and alpha tor branches (0.2.4.23 and 0.2.5.6-alpha); both include a fix for the signal-injection issue that causes tor to drop circuits and give a warning if RELAY_EARLY cells are detected going in the wrong direction (towards the client), and both prepare the ground for clients to move to single entry guards (rather than sets of three) in the near future. Relay operators should be sure to upgrade; a point-release of the Tor Browser will offer the same fixes to ordinary users. Nusenu suggested that relay operators regularly check their logs for the new warning, “even if the attack origin is not directly attributable from a relay’s point of view”. Be sure to read the full security advisory for a fuller explanation of the attack and its implications.

Why is bad-relays a closed mailing list?

Damian Johnson and Philipp Winter have been working on improving the process of reporting bad relays. The process starts by having users report odd behaviors to the bad-relays mailing list.

Only a few trusted volunteers receive and review these reports. Nusenu started a discussion on tor-talk advocating for more transparency. Nusenu argues that an open list would “likely get more confirm/can’t confirm feedback for a given badexit candidate”, and that it would allow worried users to act faster than operators of directory authorities.

Despite being “usually on the side of transparency”, Roger Dingledine described being “stuck” on the issue, “because the arms race is so lopsidedly against us”.

Roger explains: “we can scan for whether exit relays handle certain websites poorly, but if the list that we scan for is public, then exit relays can mess with other websites and know they’ll get away with it. We can scan for incorrect behavior on various ports, but if the list of ports and the set of behavior we do is public, then again relays are free to mess with things we don’t look for.”

A better future and more transparency probably lies in adaptive test systems run by multiple volunteer groups. Until they come to existence, as a small improvement, Philipp Winter wrote it was probably safe to publish why relays were disabled, through “short sentence along the lines of ‘running HTTPS MitM’ or ‘running sslstrip’”.

Monthly status reports for July 2014

Time for monthly reports from Tor project members. The July 2014 round was opened by Georg Koppen, followed by Philipp Winter, Sherief Alaa, Lunar, Nick Mathewson, Pearl Crescent, George Kadianakis, Matt Pagan, Isis Lovecruft, Griffin Boyce, Arthur Edelstein, and Karsten Loesing.

Lunar reported on behalf of the help desk and Mike Perry for the Tor Browser team.

Miscellaneous news

Anthony G. Basile announced a new release of tor-ramdisk, an i686 or x86_64 uClibc-based micro Linux distribution whose only purpose is to host a Tor server. Version 20140801 updates Tor to version 0.2.4.23, and the kernel to 3.15.7 with Gentoo’s hardened patches.

meejah has announced a new command-line application. carml is a versatile set of tools to “query and control a running Tor”. It can do things like “list and remove streams and circuits; monitor stream, circuit and address-map events; watch for any Tor event and print it (or many) out; monitor bandwidth; run any Tor control-protocol command; pipe through common Unix tools like grep, less, cut, etcetera; download TBB through Tor, with pinned certs and signature checking; and even spit out and run xplanet configs (with router/circuit markers)!” The application is written in Python and uses the txtorcon library. meejah describes it as early-alpha and warns that it might contain “serious, anonymity-destroying bugs”. Watch out!

Only two weeks left for the Google Summer of Code students, and the last round of reports but one: Juha Nurmi on the ahmia.fi project, Marc Juarez on website fingerprinting defenses, Amogh Pradeep on Orbot and Orfox improvements, Zack Mullaly on the HTTPS Everywhere secure ruleset update mechanism, Israel Leiva on the GetTor revamp, Quinn Jarrell on the pluggable transport combiner, Daniel Martí on incremental updates to consensus documents, Noah Rahman on Stegotorus enhancements, and Sreenatha Bhatlapenumarthi on the Tor Weather rewrite.

The Tails team is looking for testers to solve a possible incompatibility in one of the recommended installation procedures. If you have a running Tails system, a spare USB stick and some time, please help. Don’t miss the recommended command-line options!

The Citizen Lab Summer Institute took place at the University of Toronto from July 28 to 31. The event brought together policy and technology researchers who focus on Internet censorship and measurement. A lot of great work was presented including but not limited to a proposal to measure the chilling effect, ongoing work to deploy Telex, and several projects to measure censorship in different countries. Some Tor-related work was also presented: Researchers are working on understanding how the Tor network is used for political purposes. Another project makes use of TCP/IP side channels to measure the reachability of Tor relays from within China.

The Electronic Frontier Foundation wrote two blog posts to show why Tor is important for universities and how universities can help the Tor network. The first part explains why Tor matters, gives several examples of universities already contributing to the Tor network, and outlines a few reasons for hosting new Tor nodes. The second part gives actual tips on where to start, and how to do it best.

Tor help desk roundup

Users occasionally ask if there is any way to set Tor Browser as the default browser on their system. Currently this is not possible, although it may be possible in a future Tor Browser release. In the mean time, Tails provides another way to prevent accidentally opening hyperlinks in a non-Tor browser.

Easy development tasks to get involved with

Tor Launcher is the Tor controller shipped with Tor Browser written in JavaScript. Starting with Firefox 14 the “nsILocalFile” interface has been deprecated and replaced with the “nsIFile” interface. What we should do is replace all instances of “nsILocalFile” with “nsIFile” and see if anything else needs fixing to make Tor Launcher still work as expected. If you know a little bit about Firefox extensions and want to give this a try, clone the repository, make the necessary changes, run “make package”, and tell us whether something broke in interesting ways.


This issue of Tor Weekly News has been assembled by Lunar, harmony, Matt Pagan, Philipp Winter, David Fifield, Karsten Loesing, and Roger Dingledine.

Want to continue reading TWN? Please help us create this newsletter. We still need more volunteers to watch the Tor community and report important news. Please see the project page, write down your name and subscribe to the team mailing list if you want to get involved!

Tor Weekly News — July 30th, 2014

Welcome to the thirtieth issue of Tor Weekly News in 2014, the weekly newsletter that covers what is happening in the Tor community.

Tor Browser 3.6.3 is out

A new pointfix release for the 3.6 series of the Tor Browser is out. Most components have been updated and a couple of small issues fixed. Details are available in the release announcement.

The release fixes import security updates from Firefox. Be sure to upgrade! Users of the experimental meek bundles have not been forgotten.

New Tor stable and alpha releases

Two new releases of Tor are out. The new 0.2.5.6-alpha release “brings us a big step closer to slowing down the risk from guard rotation, and fixes a variety of other issues to get us closer to a release candidate”.

Once directory authorities have upgraded, they will “assign the Guard flag to the fastest 25% of the network”. Some experiments showed that “for the current network, this results in about 1100 guards, down from 2500.”

The complementary change to moving the number of entry guards down to one is the introduction of two new consensus parameters. NumEntryGuards and NumDirectoryGuards will respectively set the number of entry guards and directory guards that clients will use. The default for NumEntryGuards is currently three, but this will allow a reversible switch to one in a near future.

Several important fixes have been backported to the stable branch in the 0.2.4.23 release. Source packages are available at the regular location . Binary packages have already landed in Debian (unstable, experimental) and the rest should follow shortly.

Security issue in Tails 1.1 and earlier

Several vulnerabilities have been discovered in I2P which is shipped in Tails 1.1 and earlier. I2P is an anonymous overlay network with many similarities to Tor. There was quite some confusion around the disclosure process of this vulnerability. Readers are encouraged to read what the Tails team has written about it.

Starting I2P in Tails normally requires a click on the relevant menu entry. Once started, the security issues can lead to the deanonymization of a Tails user who visits a malicious web page. As a matter of precaution, the Tails team recommends removing the “i2p” package each time Tails is started.

I2P has fixed the issue in version 0.9.14. It is likely to be included in the next Tails release, but the team is also discussing implementing more in-depth protections that would be required in order to keep I2P in Tails.

Reporting bad relays

“Bad” relays are malicious, misconfigured, or otherwise broken Tor relays. As anyone is free to volunteer bandwidth and processing power to spin up a new relay, users can encounter such bad relays once in a while. Getting them out of everyone’s circuits is thus important.

Damian Johnson and Philipp Winter have been working on improving and documenting the process of reporting bad relays. “While we do regularly scan the network for bad relays, we are also dependent on the wider community to help us spot relays which don’t act as they should” wrote Philipp.

When observing unusual behaviors, one way to learn about the current exit relay before reporting it is to use the Check service. This method can be inaccurate and tends to be a little bit cumbersome. The good news is that Arthur Edelstein is busy integrating more feedback on Tor circuits being used directly into the Tor Browser.

Miscellaneous news

The Tor Project, Inc. has completed its standard financial audit for the year 2013. IRS Form 990, Massachusetts Form PC, and the Financial Statements are now available for anyone to review. Andrew Lewman explained: “we publish all of our related tax documents because we believe in transparency. All US non-profit organizations are required by law to make their tax filings available to the public on request by US citizens. We want to make them available for all.”

CJ announced the release of orWall (previously named Torrific), a new Android application that “will force applications selected through Orbot while preventing unchecked applications to have network access”.

The Thali project aims to use hidden services to host web content. As part of the effort, they have written a cross-platform Java library. “The code handles running the binary, configuring it, managing it, starting a hidden service, etc.” wrote Yaron Goland.

Gareth Owen released a Java-based Tor research framework . The goal is to enable researchers to try things out without having to deal with the full tor source. “At present, it is a fully functional client with a number of examples for hidden services and SOCKS. You can build arbitrary circuits, build streams, send junk cells, etc.” wrote Gareth.

Version 0.2.3 of BridgeDB has been deployed. Among other changes, owners of riseup.net email accounts can now request bridges through email.

The first candidate for Orbot 14.0.5 has been released. “This update includes improved management of the background processes, the ability to easily change the local SOCKS port (to avoid conflicts on some Samsung Galaxy and Note devices), and the fancy new notification dialog, showing your current exit IPs and country” wrote Nathan Freitas.

While working on guard nodes, George Kadianakis realized that “the data structures and methods of the guard nodes code are not very robust”. Nick Mathewson and George have been busy trying to come up with better abstractions. More brains working on the problem would be welcome!

Mike Perry posted “a summary of the primitives that Marc Juarez aims to implement for his Google Summer of Code project on prototyping defenses for Website Traffic Fingerprinting and follow-on research”. Be sure to have a look if you want to help prevent website fingerprint attacks.

A new draft proposal “for making all relays also be directory servers (by default)” has been submitted by Matthew Finkel. Among the motivations, Matthew wrote: “In a network where every router is a
directory server, the profiling and partitioning attack vector is reduced to the guard (for clients who use them), which is already in a privileged position for this. In addition, with the increased set size, relay descriptors and documents are more readily available and it diversifies the providers.” This change might make the transition to a single guard safer. Feedback welcome!

Noah Rahman reported on the progress of the Stegotorus Google Summer of Code project.

Tor help desk roundup

A number of Iranian Tor users have reported that Tor no longer works out of the box in Iran, and the Tor Metrics portal shows a corresponding drop in the number of directly-connecting users there. Collin Anderson investigated the situation and reported that the Telecommunication Company of Iran had begun blocking the Tor network by blacklisting connections to Tor’s directory authorities. Tor users can circumvent this block by getting bridges from BridgeDB and entering the bridge addresses they receive into their Tor Browser.


This issue of Tor Weekly News has been assembled by Lunar, Matt Pagan, harmony, and Philipp Winter.

Want to continue reading TWN? Please help us create this newsletter. We still need more volunteers to watch the Tor community and report important news. Please see the project page, write down your name and subscribe to the team mailing list if you want to get involved!

Tor Weekly News — July 23rd, 2014

Welcome to the twenty-ninth issue of Tor Weekly News in 2014, the weekly newsletter that covers what is happening in the Tor community.

Tails 1.1 is out!

Tails, the Debian-based live system that protects its users’ communications by ensuring they are all sent through the Tor network, has been updated. This new 1.1 release reminds Tails users of the distribution’s roots in Debian: Tails is now based on the current stable version of Debian, dubbed “Wheezy”.

This means that almost all software components have been updated. One noticeable example is the desktop environment. The user experience of the GNOME 3 in fallback mode should be similar to previous Tails versions, but things will look a bit differently than they used to.

One of the most keenly-awaited features of this new version is the support for UEFI firmware. Mac users now have only to press the Alt key while booting their computer to start Tails from a DVD or USB stick. The same goes for owners of computers displaying “Windows 8” stickers. And, talking of Windows 8, the camouflage mode has been updated to look more like it, instead of the now discontinued XP.

This new release also contains security fixes, and minor tweaks over the previous versions.

Because of the newly-introduced support for UEFI and the amount of upgraded software, incremental upgrades will not be offered for Tails 1.1. A full upgrade is needed through the Tails Installer. The safest method for upgrading Tails sticks is to go through a freshly burned DVD. Be sure to have a look at the list of known issues to learn about other oddities that might happen in the process.

PETS 2014

The fourteenth Privacy Enhancing Technologies Symposium was held in Amsterdam, Netherlands, July 16-18, 2014. A wide range of research in privacy enhancing technologies was presented, with many of relevance to Tor. Keynotes were given by Martin Ortlieb, Senior User Experience Researcher in Privacy at Google, and William Binney, a former NSA employee.

Some papers focusing on Tor include:

Also announced at PETS was the 2014 PET Award for Outstanding Research in Privacy Enhancing Technologies, for A Scanner Darkly: Protecting User Privacy From Perceptual Applications by Suman Jana, Arvind Narayanan†, and Vitaly Shmatikov. The winner of the best student paper at PETS was I Know Why You Went to the Clinic: Risks and Realization of HTTPS Traffic Analysis by Brad Miller, Ling Huang, A. D. Joseph and J. D. Tygar .

Prior to PETS, there was a Tor meet-up which Moritz Bartl reported as a great success. Hopefully there will also be such an event at the 2015 PETS, to be held in Philadelphia, US, in the week of June 29, 2015.

Miscellaneous news

txtorcon, the Tor control protocol implementation for the Twisted framework, received a new minor release. Version 0.10.1 fixes “a couple bugs introduced along with the endpoints feature in 0.10.0”.

Roger Dingledine posted an official reaction to the cancellation of a proposed talk at the upcoming Blackhat2014 conference dealing with possible deanonymization attacks on Tor users and hidden services.

Tor ships with a sample webpage that can be used by exit node operators to identify their system as such to anyone wishing to identify the source of Tor traffic. Operators most often copy and adapt this template to the local situation. Mick Morgan discovered than his version was out of sync and contained broken links. “If other operators are similarly using a page based on the old template, they may wish to update”, Mick advised.

Michael Rogers, one of the developers of Briar, announced a new mailing list for discussing peer-to-peer-based communication systems based on Tor hidden services. As Briar and other systems might be “running into similar issues”, a shared place to discuss them seemed worthwhile.

Karsten Loesing and Philipp Winter are looking for front-end web developers: “We are looking for somebody to fork and extend one of the two main Tor network status websites Atlas or Globe” writes Karsten. Both websites currently need love and new maintainers. Please reach out if you want to help!

The database which holds Tor bridges, usually called BridgeDB, is able to give out bridge addresses through email. This feature was recently extended to make the email autoresponder support more bridge types, which required introducing new keywords that must be used in the initial request. Matthew Finkel is looking for feedback on the current set of commands and how they could be improved.

Lunar wrote a detailed report on his week at the Libre Software Meeting in Montpellier, France. The report covers the booth jointly held with Nos Oignons, his talk in the security track, and several contacts made with other free software projects.

Here’s another round of reports from Google Summer of Code students: the mid-term: Amogh Pradeep on Orbot and Orfox improvements, Israel Leiva on the GetTor revamp, Quinn Jarrell on the pluggable transport combiner, Juha Nurmi on the ahmia.fi project, Marc Juarez on website fingerprinting defenses, and Daniel Martí on incremental updates to consensus documents.

Tim Retout announced that apt-transport-tor 0.2.1 has entered Debian unstable. This package enables APT to download Debian packages through Tor.

Atlas can now also be used to search for Tor bridges. In the past, Atlas was only able to search for relays. This was made possible thanks to a patch developed by Dmitry Eremin-Solenikov.

Thanks to Tim Semeijn and Tobias Bauer for setting up new mirrors of the Tor Project’s website and its software.

Tor help desk roundup

Some Linux users have experienced missing dependency errors when trying to install Tor Browser from their operating system’s software repositories. Tor Browser should only be installed from the Tor Project’s website, and never from a software repository. In other words, using apt-get or yum to install Tor Browser is discouraged. Downloading and verifying Tor Browser from the Tor Project website allows users to keep up with important security updates as they are released.

News from Tor StackExchange

user3224 wants to log in to its Google, Microsoft etc. accounts and wonders if they will know the real name and other personal information. Roya and mirimir explained that if someone logs into an already personalized account Tor can’t anonymize this user. Instead it might be wise to use Tor to register a pseudonym and also use an anonymous operating system like Tails or Whonix.

escapologybb has set up a Raspberry Pi. It serves as SOCKS proxy for the internal network. While everyone can use it, escapologybb asks what the security implications are and if this lowers the overall anonymity. If you know a good answer please share your knowledge with the users of Tor StackExchange.


This issue of Tor Weekly News has been assembled by Lunar, Steven Murdoch, harmony, Philipp Winter, Matt Pagan, qbi, and Karsten Loesing.

Want to continue reading TWN? Please help us create this newsletter. We still need more volunteers to watch the Tor community and report important news. Please see the project page, write down your name and subscribe to the team mailing list if you want to get involved!

Tor Weekly News — July 16th, 2014

Welcome to the twenty-eighth issue of Tor Weekly News in 2014, the weekly newsletter that covers what is happening in the Tor community.

Roundup of research on incentives for running Tor relays

As an hors-d’œuvre to the now on-going the Privacy Enhancing Technology Symposium, Rob Jansen wrote a long blog post covering the last five years of research on incentives for running Tor relays.

Rob introduces the topic by describing the current “volunteer resource model” and mentions that “has succeeded so far: Tor now consists of over 5000 relays transferring between 4 and 5 GiB/s in aggregate”. Rob lists several possible reasons why volunteers run relays right now. They are all intrinsic motivations: current operators run relays because they really want to.

Is only relying on volunteers going to limit the growth of the Tor network in the future? There are already not-for-profit organizations operating relays based on donations, but growing them too much would also be problematic. Another area being explored are extrinsic motivations: making Tor clients faster when someone runs a relay or giving a financial reward — in a currency or another — for the service. Some can legitimately ask if they are suitable for Tor at all and Rob raises plenty of legitimate concerns on how they would interact with the current set of volunteers.

The problem keeps interesting researchers, and Rob details no less than six schemes: the oldest are PAR and Gold Star which introduced anonymity problems, BRAIDS where double spending of rewards is prevented without leaking timing information, LIRA which focused on scalability, TEARS where a publicly auditable e-cash protocol reduce the reliance on trusted parties, and finally, the (not ideally namedTorCoin which introduces the idea of a crypto-currency based on “proof-of-bandwidth”.

Rob details the novel ideas and drawbacks of each schemes, so be sure to read the original blog post for more details. After this roundup, Rob highlights that “recent research has made great improvements in the area of Tor incentives”. But that’s for the technical side as “it is unclear how to make headway on the social issues”.

“Tor has some choices to make in terms of how to grow the network and how to position the community during that growth process” concludes Rob. So let’s have that conversation.

Defending against guard discovery attacks with layered rotation time

Guard nodes are a key component of a Tor client’s anonymity. Once an attacker gains knowledge of which guard node is being used by a particular client, putting the guard node under monitoring is likely the last step before finding a client’s IP address.

George Kadianakis has restarted the discussion on how to slow down guard discovery of hidden services by exploring the idea of “keeping our middle nodes more static”. The idea is to slow down the attacks based on repeated circuit destruction by reusing the same “middle nodes for 3-4 days instead of choosing new ones for every circuit”. Introducing this new behavior will slow down the attack, but George asks “are there any serious negative implications?”

The idea is not new, as Paul Syverson pointed out: “Lasse and I suggested and explored the idea of layered guards when we introduced guards”. He adds “there are lots of possibilities here”.

George worries that middle nodes would then “always see your traffic coming through your guard (assuming a single guard per client)”. Ian Goldberg added “the exit will now know that circuits coming from the same middle are more likely to be the same client”. Restricting the change to only hidden services and not every client means that it will be “easy for an entry guard to learn whether a client has static middle nodes or not”.

As George puts it the latest message in the thread: “As always, more research is needed…” Please help!

More monthly status reports for June 2014

The wave of regular monthly reports from Tor project members for the month of June continued, with submissions from Michael Schloh von Bennewitz and Andrew Lewman.

Arturo Filastò reported on behalf of the OONI team, while Roger Dingledine submitted the SponsorF report

Miscellaneous news

The various roadmaps that came out of the 2014 summer dev. meeting have been transcribed in a joint effort by George Kadianakis, Yawning Angel, Karsten Loesing, and an anonymous person. Most items will probably be matched with a ticket soon.

The Tor Project is hiring a financial controller. This is a part time position, approximately 20 hours per week, at the office in Cambridge, Massachusetts.

The Tails developers announced the creation of two new mailing lists. “If you are a designer, UX/UI expert or beginner” interested in the theory and practice of designing user interfaces for Tails, the tails-ux list is for you, while the tails-project list is dedicated to “the ‘life’ of the project“; however, “technical questions should stay on tails-dev”.

Alan kicked of the aforementioned tails-ux mailing list announcing progress on Tails initial login screen. The new set of mockups is visible on the corresponding blueprint.

More mockups! Nima Fatemi produced some for a possible browser-based Tor control panel, incorporating features that were lost with the removal of Vidalia from the Tor Browser, such as the world map with Tor circuit visualizations. “How would you perfect that image? What’s missing?”, asked Nima, hoping “to inspire people to start hacking on it”.

Meanwhile, Sean Robinson had been working on a new graphical Tor controller called Syboa. Sean’s “primary motivation for Syboa was to replace TorK, so it looks more like TorK than Vidalia”. Sean announces that he will not have time for further development soon but that he would answer questions.

Juha Nurmi submitted the weekly status report for the ahmia.fi GSoC project.

Thanks to the University of Edinburgh’s School of Informatics, funcube.fr, Stefano Fenoglio, IP-Connect, Justin Ramos, Jacob Henner from Anatomical Networks, and Hackabit.nl for running mirrors of the Tor Project website!

Tor help desk roundup

Users often ask about for assistance setting up Tor Cloud instances. Sina Rabbani is taking over the maintenance of Tor Cloud and is working on updating the packages and documentation. Until new documentation on using the up-to-date images and Amazon Web Services interface lands, users not already familiar with AWS may want to use a different virtual server provider to host their bridges.

Easy development tasks to get involved with

The setup scripts of the Flashproxy and Obfsproxy pluggable transports attempt to download and build the M2Crypto library if they are not already installed. We´d really want to avoid this and have the setup script fail if not all libraries are present for building Flashproxy. The ticket that describes this bug also outlines a possible workaround that disables all downloads during the setup process. If you know a bit about setuptools and want to turn this description into a patch and test it, please give it a try.


This issue of Tor Weekly News has been assembled by Lunar, harmony, Matt Pagan, Karsten Loesing, and George Kadianakis.

Want to continue reading TWN? Please help us create this newsletter. We still need more volunteers to watch the Tor community and report important news. Please see the project page, write down your name and subscribe to the team mailing list if you want to get involved!

Tor Weekly News — July 9th, 2014

Welcome to the twenty-seventh issue of Tor Weekly News in 2014, the weekly newsletter that covers what is happening in the Tor community.

On being targeted by the NSA

Das Erste has published an article and supporting material showing how the NSA explicitly targets Tor and Tails user through the XKEYSCORE Deep Packet Inspection system. Several other media picked up the news, and it was also discussed in various threads on the tor-talk mailing list (1, 2, 3, 4, 5, 6, 7).

The Tor Project’s view has been reposted on the blog. To a comment that said “I felt like i am caught in the middle of a two gigantic rocks colliding each other”, Roger Dingledine replied: “You’re one of the millions of people every day who use Tor. And because of the diversity of users […], just because they know you use Tor doesn’t mean they know why you use Tor, or what you do with it. That’s still way better than letting them watch all of your interactions with all websites on the Internet.”

More monthly status reports for June 2014

The wave of regular monthly reports from Tor project members for the month of June continued, with submissions from Georg Koppen, Lunar, Noel David Torres Taño, Matt Pagan, Colin C., Arlo Breault, and George Kadianakis.

Mike Perry reported on behalf of the Tor Browser team.

Miscellaneous news

An Austrian Tor exit node operator interpreted their conviction in a first ruling as judging them “guilty of complicity, because he enabled others to transmit content of an illegal nature through the service”. Moritz Bartl from Torservers.net commented: “We strongly believe that it can be easily challenged. […] We will definitely try and find some legal expert in Austria and see what we can do to fight this.”

Linus Nordberg is expanding the idea of public, append-only, untrusted log à la Certificate Transparency to the Tor consensus. Linus submitted a new draft proposal to the tor-dev mailing list for reviews.

Miguel Freitas reported that twister — a fully decentralized P2P microblogging platform — was now able to run over Tor. As Miguel wrote, “running twister on top of Tor was a long time goal, […] the Tor support allows a far more interesting threat model”.

Google Summer of Code students have sent a new round of reports after the mid-term: Israel Leiva on the GetTor revamp, Amogh Pradeep on Orbot and Orfox improvements, Mikhail Belous on the multicore tor daemon, Daniel Martí on incremental updates to consensus documents, Sreenatha Bhatlapenumarthi on the Tor Weather rewrite, Quinn Jarrell on the pluggable transport combiner, Noah Rahman on Stegotorus enhancements, Marc Juarez on website fingerprinting defenses , development, Juha Nurmi on the ahmia.fi project , and Zack Mullaly on the HTTPS Everywhere secure ruleset update mechanism.

sajolida, tchou and Giorgio Maone from NoScript drafted a specification for a Firefox extension to download and verify Tails.

Tor help desk roundup

One way to volunteer for Tor is to run a mirror of the Tor Project website. Instructions are available for anyone wanting to run a mirror. Mirrors are useful for those who, for one reason or another, cannot access or use the main Tor Project website. Volunteers who have successfully set up a synced a mirror can report their mirror to the tor-mirrors mailing list to get it included in the full mirrors list.

Easy development tasks to get involved with

ooniprobe is a tool for conducting network measurements that are useful for detecting network interference. When ooniprobe starts it should perform checks to verify that the config file is correct. If that is not the case, it should fail gracefully at startup. The ticket indicates where this check should be added to the ooniprobe codebase. If you’d like to do some easy Python hacking, be sure to give this ticket a try.


This issue of Tor Weekly News has been assembled by Lunar, harmony, Matt Pagan, and Karsten Loesing.

Want to continue reading TWN? Please help us create this newsletter. We still need more volunteers to watch the Tor community and report important news. Please see the project page, write down your name and subscribe to the team mailing list if you want to get involved!

Tor Weekly News — July 2nd, 2014

Welcome to the twenty-sixth issue of Tor Weekly News in 2014, the weekly newsletter that covers what is happening in the Tor community.

Tor Weekly News turns one

The very first issue of Tor Weekly News was released on July 3rd last year. Since then, we have been able to provide you news about the Tor community every week (except one).

Tor Weekly News is a community newsletter, so let’s all appreciate everyone who contributed so far: Andreas Jonsson, bastik, Colin, Damian Johnson, David Fifield, David Stainton, dope457, Georg Koppen, George Kadianakis, harmony, Jacob Appelbaum, Jesse Victors, Johannes Fürmann, Karsten Loesing, Kostas Jakeliūnas, Lunar, luttigdev, malaparte, Matt Pagan, Mike Perry, moskvax, murb, Nick Mathewson, Nicolas Vigier, nicoo, Nima, Paul Feitzinger, Peter Palfrader, Philipp Winter, Phoul, qbi, ra, rey, Roger Dingledine, Sandeep, sqrt2, the Tails developers, velope, whabib, Yawning, and several anonymous contributors.

Join us! The Tor community is always growing and there are always interesting topics to report about!

2014 Summer Tor meeting

Dedicated Tor contributors are having a five day meeting this week in Paris. Expect less online activity while keyboards are put away in favor of unmediated human interactions.

Pictures of post-it-note-based brainstorming sessions can already be seen online, and more minutes should be coming soon.

Unfortunately, due to several factors, there will be no widely open event around meeting this time.

Tails user experience experiments

Tails is experimenting on how to improve its user experience.

u. reported on the first Tails UX experiments session. Five people attended, trying to realize three different missions: “create a new encrypted document of your choice […], and save it to Tails, using persistence”, “find out the number of Tails downloads this month, and pass on this information using GPG via email”, “find one or more images [… and] clean up these files to erase any metadata”.

Some of what has been learned by watching users has already been converted into concrete bugs and enhancement proposals. For the rest, read the detailed and insightful report!

In the meantime, the first dialog window that appears when using Tails — also known as “the greeter” — is being redesigned. A first round of test images is now ready for your feedback.

Monthly status reports for June 2014

While Kevin Dyer sent out his report for May, the wave of regular monthly reports from Tor project members for the month of June has started. Damian Johnson released his report first, followed by reports from Pearl Crescent, Nick Mathewson, Karsten Loesing, and Sherief Alaa.

Lunar reported on behalf of the help desk.

Miscellaneous news

Lunar shared some highlights on a trip to Calafou, near Barcelona, to attend Backbone 409, an event for “projects actively building infrastructures for a free Internet from an anti-capitalist point of view”. Topics under discussion included hosting websites in the face of legal threats; secure operating systems; and the logistics of running a Torservers.net partner organization.

Juha Nurmi submitted a status report for the ahmia.fi Google Summer of Code project.

Nusenu warned users of the Tor Project’s RPM repository that an updated package available in the official Fedora repo will cause their tor to stop working, and set out two ways in which they can solve the problem.

starlight gave an account of their experience running a tor relay using versions of OpenSSL and libevent that had been hardened with AddressSanitizer.

While the fteproxy pluggable transport has been integrated into the Tor Browser, documentation on how to setup bridges was lacking. A problem fixed by Colin who took the time to document how to setup FTE bridges.

George Kadianakis gave an insightful answer to Rick Huebneron’s questions about the status of the “UpdateBridgesFromAuthority” feature. The latter should allow bridge users to automatically update the IP address of their bridge when it changes. But the feature is currently turned off by default as several problems are currently preventing it to be useful. Have a look at George’s summary if you want to scratch that itch.

Tor help desk roundup

The help desk has been asked about the “ethics” behind Tor. Tor’s technical design decisions are laid out in the various design documents, but to understand the social and cultural motivations for the Tor Project, videos like Roger’s talk at Internet Days, or Jake and Roger’s talks at the Chaos Communications Congress in 2011 and 2013 are good resources.


This issue of Tor Weekly News has been assembled by Lunar, harmony, Matt Pagan, and Rob Jansen.

Want to continue reading TWN? Please help us create this newsletter. We still need more volunteers to watch the Tor community and report important news. Please see the project page, write down your name and subscribe to the team mailing list if you want to get involved!

Syndicate content Syndicate content