May 2010 Progress Report

New releases

On May 26, Tor Browser Bundle for Microsoft Windows is updated to include the newer Vidalia 0.2.9. This fixes some issues with character set handling, and adds Vietnamese as a new language.

On May 31, we released Tor Browser Bundle for Linux 1.0.6. It contains the following updates:

  • Add arch to tarball name so there's no collision
  • Add libpng for Arch Linux
  • Add HTTPS Everywhere extension
  • Update Qt to 4.6.2
  • Update Vidalia to 0.2.9
  • Update NoScript to 1.9.9.80

On June 1st, we released Tor Browser Bundle for Linux 1.0.7. It uses an older glibc for better compatibility with older linux distributions.

On May 20, we released Vidalia 0.2.9. Fixes include Qt 4.6.2 compatibility, new cert, and some new translations. You can download it at https://www.torproject.org/vidalia/. Packages are slowly being updated to include this version of Vidalia.
The full changelog is:

  • Remove the GoDaddy CA certificate bundle since we changed the certificate used to authenticate connections to geoips.vidalia-project.net for downloading GeoIP information from a commercial GoDaddy certificate to a free CACert certificate.
  • Define -D_WIN32_WINNT=0x0501 on Windows builds so that MiniUPnPc will build with the latest versions of MinGW.
  • Modify miniupnpc.c from MiniUPnPc's source so that it will build on Mac OS X 10.4.
  • Work around Qt's new behavior for the QT_WA macro so that Vidalia will work correctly again on Windows with Qt >= 4.6.

On May 2nd, we released an updated stable version of Tor, 0.2.1.26.
The detailed list of changes is:

o Major bugfixes:
- Teach relays to defend themselves from connection overload. Relays
now close idle circuits early if it looks like they were intended
for directory fetches. Relays are also more aggressive about closing
TLS connections that have no circuits on them. Such circuits are
unlikely to be re-used, and tens of thousands of them were piling
up at the fast relays, causing the relays to run out of sockets
and memory. Bugfix on 0.2.0.22-rc (where clients started tunneling
their directory fetches over TLS).
- Fix SSL renegotiation behavior on OpenSSL versions like on Centos
that claim to be earlier than 0.9.8m, but which have in reality
backported huge swaths of 0.9.8m or 0.9.8n renegotiation
behavior. Possible fix for some cases of bug 1346.
- Directory mirrors were fetching relay descriptors only from v2
directory authorities, rather than v3 authorities like they should.
Only 2 v2 authorities remain (compared to 7 v3 authorities), leading
to a serious bottleneck. Bugfix on 0.2.0.9-alpha. Fixes bug 1324.

o Minor bugfixes:
- Finally get rid of the deprecated and now harmful notion of "clique
mode", where directory authorities maintain TLS connections to
every other relay.

o Testsuite fixes:
- In the util/threads test, no longer free the test_mutex before all
worker threads have finished. Bugfix on 0.2.1.6-alpha.
- The master thread could starve the worker threads quite badly on
certain systems, causing them to run only partially in the allowed
window. This resulted in test failures. Now the master thread sleeps
occasionally for a few microseconds while the two worker-threads
compete for the mutex. Bugfix on 0.2.0.1-alpha.

On May 19, we released an updated OrBot (Tor for Android), version 0.0.6, which contains Tor 0.2.2.13-alpha.

On May 26, we released an updated Orbot (Tor for Android), version 0.0.7, which contains a number of usability fixes reported by users. See the bugfixes in trac.

Design, develop, and implement enhancements that make Tor a better tool for users in censored countries.

On May 4, China's Great Firewall began blocking connections to the public Tor relays. They also updated their blocking to include bridge relays published via email and https websites. Further research into the blocking mechanisms from inside China show they are simply blocking IP Address and TCP port combinations. Bridge relays that have been seeded into various social networks in China continue to work well.

Tor on the Android OS, called Orbot, continues progress. Work continues on a privacy-preserving web browser, Orweb, and other supporting applications to make Tor on Android more useful for daily users. Nathan got a Tor relay running on a Moons e-7001 “iRobot” tablet, tor on a tablet.

Grow the Tor network and user base. Outreach.

Preconfigured privacy (circumvention) bundles for USB or LiveCD.
Continued to work on Linux and Mac OS X tor browser bundles. The Mac version of TBB is going to use a sandboxing technology borrowed from IronFox. This should help minimize the footprint and security concerns about running TBB on OS X computers.

Scalability, load balancing, directory overhead, efficiency.
From the 0.2.1.26 release notes, teach relays to defend themselves from connection overload. Relays now close idle circuits early if it looks like they were intended for directory fetches. Relays are also more aggressive about closing TLS connections that have no circuits on them. Such circuits are unlikely to be re-used, and tens of thousands of them were piling up at the fast relays, causing the relays to run out of sockets and memory. Bugfix on 0.2.0.22-rc (where clients started tunneling their directory fetches over TLS).

Translation work, ultimately a browser-based approach.

  • Added the Android orbot application to the translation portal.
  • By user request, add Serbian to the available languages.
  • Translation updates for the following languages: Polish, Arabic, Greek, Serbian, Russian, Swedish, Chinese, Norwegian, Japanese, German, Spanish, Portugese, French, Dutch, Romanian, and Farsi.
Anonymous

June 18, 2010

Permalink

You can no longer connect to filesurf.ru unless you get rid of all entryNodes and exitNodes entries.

Anonymous

June 20, 2010

Permalink

On OSX, with Vidalia 0.2.2.13-alpha

ExitNodes {uk},{us},{se}
StrictNodes 1

works only, if I copy

/Applications/Vidalia.app/Contents/Resources/geoip

to

/Applications/Vidalia.app/share/tor/geoip

Hope this helps. ;-)

Cheers,
SylverRat

Anonymous

June 24, 2010

Permalink

Is here any way how can i could open only relay what i want? For example i want relay from USA, can i get it now? Thx

The point is that the GeoIP file is in the wrong place. The above user's suggestion works, or you can add this to torrc:

GeoIPFile /Applications/Vidalia.app/Contents/Resources/geoip

The point is that the GeoIP file is in the wrong place. The above user's suggestion works, or you can add this to torrc:

GeoIPFile /Applications/Vidalia.app/Contents/Resources/geoip

Anonymous

June 24, 2010

Permalink

vidalia-bundle-0.2.1.26-0.2.9.exe

Can not be installed on Windows 2000 Professional, a popup window always says
not found a function entry in WS2_32.dll

Anonymous

June 27, 2010

Permalink

the version of firefox that is included in the windows tor bundle is out of date and has some security vulnerabilities, is it possible to update the portable firefox to the latest version somehow?