New release: Tor 0.3.5.4-alpha
There's a new alpha release available for download. If you build Tor from source, you can download the source code for 0.3.5.4-alpha from the usual place on the website. Packages should be available over the coming weeks, with a new alpha Tor Browser release by mid-December.
Remember, this is an alpha release: you should only run this if you'd like to find and report more bugs than usual.
Tor 0.3.5.4-alpha includes numerous bugfixes on earlier versions and improves our continuous integration support. It continues our attempts to stabilize this alpha branch and build it into a foundation for an acceptable long-term-support release.
Changes in version 0.3.5.4-alpha - 2018-11-08
- Major bugfixes (compilation, rust):
- Rust tests can now build and run successfully with the --enable-fragile-hardening option enabled. Doing this currently requires the rust beta channel; it will be possible with stable rust once Rust version 1.31 is released. Patch from Alex Crichton. Fixes bugs 27272, 27273, and 27274. Bugfix on 0.3.1.1-alpha.
- Major bugfixes (embedding, main loop):
- When DisableNetwork becomes set, actually disable periodic events that are already enabled. (Previously, we would refrain from enabling new ones, but we would leave the old ones turned on.) Fixes bug 28348; bugfix on 0.3.4.1-alpha.
- Minor features (continuous integration):
- Minor features (Windows, continuous integration):
- Build tor on Windows Server 2012 R2 and Windows Server 2016 using Appveyor's CI. Closes ticket 28318.
- Minor bugfixes (C correctness, also in 0.3.4.9):
- Avoid undefined behavior in an end-of-string check when parsing the BEGIN line in a directory object. Fixes bug 28202; bugfix on 0.2.0.3-alpha.
- Minor bugfixes (compilation):
- Fix a pair of missing headers on OpenBSD. Fixes bug 28303; bugfix on 0.3.5.1-alpha. Patch from Kris Katterjohn.
- Minor bugfixes (compilation, OpenSolaris):
- Fix compilation on OpenSolaris and its descendants by adding a missing include to compat_pthreads.c. Fixes bug 27963; bugfix on 0.3.5.1-alpha.
- Minor bugfixes (configuration):
- Minor bugfixes (directory authority, also in 0.3.4.9):
- Log additional info when we get a relay that shares an ed25519 ID with a different relay, instead of a BUG() warning with a backtrace. Fixes bug 27800; bugfix on 0.3.2.1-alpha.
- Minor bugfixes (onion service v3):
- Build the service descriptor's signing key certificate before uploading, so we always have a fresh one: leaving no chances for it to expire service side. Fixes bug 27838; bugfix on 0.3.2.1-alpha.
- Minor bugfixes (onion service v3, client authorization):
- Fix an assert() when adding a client authorization for the first time and then sending a HUP signal to the service. Before that, Tor would stop abruptly. Fixes bug 27995; bugfix on 0.3.5.1-alpha.
- Minor bugfixes (onion services):
- Unless we have explicitly set HiddenServiceVersion, detect the onion service version and then look for invalid options. Previously, we did the reverse, but that broke existing configs which were pointed to a v2 service and had options like HiddenServiceAuthorizeClient set. Fixes bug 28127; bugfix on 0.3.5.1-alpha. Patch by Neel Chauhan.
- Minor bugfixes (portability):
- Make the OPE code (which is used for v3 onion services) run correctly on big-endian platforms. Fixes bug 28115; bugfix on 0.3.5.1-alpha.
- Minor bugfixes (protover, rust):
- Reject extra commas in version strings. Fixes bug 27197; bugfix on 0.3.3.3-alpha.
- Minor bugfixes (relay shutdown, systemd):
- Notify systemd of ShutdownWaitLength so it can be set to longer than systemd's TimeoutStopSec. In Tor's systemd service file, set TimeoutSec to 60 seconds to allow Tor some time to shut down. Fixes bug 28113; bugfix on 0.2.6.2-alpha.
- Minor bugfixes (rust, also in 0.3.4.9):
- Minor bugfixes (rust, directory authority, also in 0.3.4.9):
- Fix an API mismatch in the rust implementation of protover_compute_vote(). This bug could have caused crashes on any directory authorities running Tor with Rust (which we do not yet recommend). Fixes bug 27741; bugfix on 0.3.3.6.
- Minor bugfixes (testing):
- Avoid hangs and race conditions in test_rebind.py. Fixes bug 27968; bugfix on 0.3.5.1-alpha.
- Minor bugfixes (testing, also in 0.3.4.9):
- Documentation (onion service manpage):
- Improve HSv3 client authorization by making some options more explicit and detailed. Closes ticket 28026. Patch by Mike Tigas.
Looks like there was a thread starting at https://firstname.lastname@example.org/msg10854.html , but I don't know if it will have what you want. Generally the mailing lists are a better place for this kind of question than the blog.
As I see, they discriminate their own noise traffic from their own target traffic, because both of these types of traffic have to pass through their proxy (after leaving exit node). They used this setup because of privacy issues. They cannot force all exit node traffic pass through their discriminating proxy.
This feature made it easier to discriminate target traffic. It made their distinguisher produce lower false positive and lower false negative rates. It is still good research and very dangerous attack, but I doubt that in real world scenario their probabilities will be as high as they claim.
Do you have another opinion? Use of different AS in path selection, as they propose it, may be a good point.