Posts in category onion services

Tor's Fall Harvest: The Next Generation of Onion Services

by asn | November 2, 2017

We are hyped to present the next generation of onion services! We've been working on this project non-stop for the past 4 years and we officially launched it two weeks ago by publishing our first alpha releases. All in all, the new system is a well needed improvement that fixes many shortcomings of the old design, and builds a solid foundation for future onion work.

Secure Messaging with Onion Services, a How-To

by meejah | October 10, 2017

This post explores how Tor onion services can be integrated into existing web services, making them more secure. This integration will use the “publish / subscribe” pattern over Tor to trigger re-builds of the txtorcon documentation (which is hosted on an onion service). We will use Tor to transport the published messages so the network-location of the machine hosting the onion service remains hidden. We will use a messaging system called “Web Application Messaging Protocol” or WAMP.

We Want You to Test Next-Gen Onion Services

by tommy | October 2, 2017

We’re looking for technical people to come help us test next-gen onion services. They’ve been fully merged into tor-0.3.2.1-alpha, and the latest version of Tor Browser supports them. We're still in the testing phase, though -- keep an eye on this blog for the official launch.

New Tor stable releases (0.2.8.15, 0.2.9.12, 0.3.0.11) with fix for onion service security issue

by nickm | September 18, 2017

Hello! We found a security issue in the onion service code (CVE-2017-0380, TROVE-2017-008) that can cause sensitive information to be written to your logs if you have set the SafeLogging option to 0. If you are not running an onion service, or you have not changed the SafeLogging option from its default, you are not affected. If you are running 0.2.5, you are not affected. (0.2.4, 0.2.6, and 0.2.7 are no longer supported.) For more information, including workaround steps, see the advisory.

Take Part in a Study to Help Improve Onion Services

by phw | August 16, 2017

The goal of our study is to understand your expectations, assumptions, and habits when browsing onion services. For example, we are wondering: How do you keep track of onion domains? How do you discover new onion services? How do you know an onion service is legitimate and not an impersonation? By answering these questions, we can identify usability issues and build better anonymity technology.