Possible upcoming attempts to disable the Tor network
The Tor Project has learned that there may be an attempt to incapacitate our network in the next few days through the seizure of specialized servers in the network called directory authorities. (Directory authorities help Tor clients learn the list of relays that make up the Tor network.) We are taking steps now to ensure the safety of our users, and our system is already built to be redundant so that users maintain anonymity even if the network is attacked. Tor remains safe to use.
We hope that this attack doesn't occur; Tor is used by many good people. If the network is affected, we will immediately inform users via this blog and our Twitter feed @TorProject, along with more information if we become aware of any related risks to Tor users.
The Tor network provides a safe haven from surveillance, censorship, and computer network exploitation for millions of people who live in repressive regimes, including human rights activists in countries such as Iran, Syria, and Russia. People use the Tor network every day to conduct their daily business without fear that their online activities and speech (Facebook posts, email, Twitter feeds) will be tracked and used against them later. Millions more also use the Tor network at their local internet cafe to stay safe for ordinary web browsing.
Tor is also used by banks, diplomatic officials, members of law enforcement, bloggers, and many others. Attempts to disable the Tor network would interfere with all of these users, not just ones disliked by the attacker.
Every person has the right to privacy. This right is a foundation of a democratic society. For example, if Members of the British Parliament or US Congress cannot share ideas and opinions free of government spying, then they cannot remain independent from other branches of government. If journalists are unable to keep their sources confidential, then the ability of the press to check the power of the government is compromised. If human rights workers can't report evidence of possible crimes against humanity, it is impossible for other bodies to examine this evidence and to react. In the service of justice, we believe that the answer is to open up communication lines for everyone, securely and anonymously.
The Tor network provides online anonymity and privacy that allow freedom for everyone. Like freedom of speech, online privacy is a right for all.
[Update Monday Dec 22: So far all is quiet on the directory authority front, and no news is good news.]
[Update Sunday Dec 28: Still quiet. This is good.]
Mostly right. For your question (a), it really depends how this hypothetical attack plays out. If we were all online at the time, I think we'd have it back up and working in a matter of hours. But it's such an unusual event that it's hard to guess exactly how it might happen if it does.
(b) When we put out a new Tor version, check the signatures on the packages you download. You should be doing this anyway.
I'm sorry it is so hard on Windows -- please help make it easier!
As for how to detect if somebody else is generating fake consensus documents... I think the whole Internet will be screaming if this happens. One answer is that you can look at the relays in the current consensus document and the relays in later consensus documents and see how much turnover there is. But that is alas hard for ordinary users to do.
What makes it so hard? Is there no documentation on the consensus documents?
Plenty of documentation, e.g.
But ordinary users will stop at the mention of a text file. We'll be much happier automating something for them. (Please help!)