June 2009 Progress Report
On June 20th we released Tor 0.2.1.16-rc.
On June 21st, we released Tor Browser Bundle 1.2.1.
On June 23rd, we released Tor Browser Bundle 1.2.2.
On June 24th, we released Tor 0.2.0.35-stable. We expect that this release is the last of the 0.2.0.x -stable series, soon to be replaced with the 0.2.1.x series.
On June 30th, we released Vidalia 0.1.14.
Packaged rpms for Red Flag Linux version 6. Red Flag Linux is reported to be the new operating system for all Internet cafe's in China. So far, no one has seen this conversion actually happen, but now we're ready if it does.
Our email autoresponder, gettor , received a number of patches to deal with dkim issues, including finding a dkim bug that prevented yahoo email users from fetching Tor. This bug has been fixed. Additionally, we've whitelisted some domains where we
see we're having lots of use but dkim isn't always configured properly. We've had thousands of users from China using gettor.
Andrew, Roger, and Wendy attended Computers, Freedom, and Privacy 2009 Conference (http://www.cfp2009.org). Andrew presented a “quicktake” talk on “Who uses Tor?”. Andrew and Roger, along with Paul Syverson, and a North African blogger, hosted a panel on “It Takes A Village To Be Anonymous”. Due to the sensitive situation surrounding the blogger, this panel was not recorded.
Andrew talked with the Committee to Protect Journalists (http://cpj.org) about online security and circumvention tools.
Jillian C. York blogged at KnightPulse about “Average citizens browse anonymously
Due to Iranian's usage of Tor during the recent election, the general press/media conducted a few interviews with Andrew:
- Computer World, http://www.computerworld.com/action/article.do?command=viewArticleBasic…
- Cnet News, http://news.cnet.com/8301-13578_3-10267287-38.html
- Deutche Welle, http://www.dw-world.de/dw/article/0,,4400882,00.html
- Technology Review, http://www.technologyreview.com/web/22893/
- Origo, in Hungary, http://www.origo.hu/techbazis/internet/20090618-a-kiberforradalmarok-fe…
- O'Reilly, http://radar.oreilly.com/2009/06/tor-and-the-legality-of-runnin.html
- Washington Times, http://www.washingtontimes.com/news/2009/jun/26/protesters-use-navy-tec…
- Arte TV video interview, the 30-minute video interview can't be put online, but will be shown to their viewers in late June/early July 2009. http://www.arte.tv
- EFF, http://www.eff.org/deeplinks/2009/06/help-protesters-iran-run-tor-relay…
- A Houston Radio station did an on-air interview, but didn't put the interview online.
- A Romanian newspaper did an interview, but didn't put the story online.
- Public Rado International did a more in-depth interview. They expect it to be on PBS Radio and BBC Radio 4 in early July 2009.
A number of blogs and other media picked up these original interviews and spread the word even further:
- Wall Street Journal, http://blogs.wsj.com/digits/2009/06/18/iranians-using-tor-to-anonymize-…
- CBS News, http://www.cbsnews.com/blogs/2009/06/17/politics/politicalhotsheet/entr…
Preconfigured privacy (circumvention) bundles for USB or LiveCD.
Tor Browser Bundle 1.2.1 and 1.2.2 released in June. Planning a migration of the base operating system for the Incognito LiveCD to switch from Gentoo to an Ubuntu variant. We can always use help in maintaining Incognito.
Scalability, load balancing, directory overhead, efficiency.
June was spent documenting, stabilizing, and streamlining the bandwidth authority scanner, which has been runningfor a while on the Directory Authority named ides.
It is good enough to start running on multiple authorities now to produce actual results for clients to use.
More reliable (e.g. split) download mechanism.
Our email autoresponder, gettor , received a number of patches to deal with dkim issues, including finding a dkim bug that prevented yahoo email users from fetching Tor. This bug
has been fixed. Additionally, we've whitelisted some domains where we see we're having lots of use but dkim isn't always configured properly. We've had thousands of users from China using gettor.
The Tor Check website (check.torproject.org) had a few bugs and we've fixed all but two. We sometimes still have false negatives (because the Tor client doesn't know to fetch the consensus at any specific time) and we also still sometimes barf python exceptions because mod_python has some weird exception from time to time. We also accepted a patch from Marcus Greip that extends the TorBulkExitList to allow arbitrary ports rather than just port 80.
Footprints from Tor Browser Bundle.
Reduced the scanning for plugins Portable Firefox can do on launch of the application. There is still an issue where Firefox displays other plugins to users, but they aren't actually valid plugins and won't run on command. Firefox acquires the names through queries to the Windows Registry.
16 Polish website updates
8 Italian website updates
3 German website updates