New Tor Cloud images with obfs3

by Runa | April 13, 2013

The Tor Cloud images have been updated to include the latest version of Ubuntu 12.04.2 LTS (Precise Pangolin). An instance created from any of the images will automatically be a normal bridge, an obfs2 bridge, and an obfs3 bridge.

When setting up an instance, please remember to edit the security group with the following rules: SSH (22), HTTPS (443), 40872, and 52176.


Please note that the comment area below has been archived.

April 15, 2013


Hi, I'm Patrick. I have a question on phone call privacy. I am from Australia and right now stationed in the usa for my job. In just 1 week I will have to make a call to my boss who lives in Australia. It is aprivate, confidential conversation. What is the safest way to call my boss and have the conversations without risking it is being recorded somewhere or monitored? should I call my boss using skype-to-skype or should I call him from my cell phone directly to his cell phone...? or is there a better way...?

You should DEFINITELY NOT use Skype for anything private. Microsoft who^H^H^Hsells itself out to any government that asks for a backdoor (i.e. China, UAE, Iran, USA, etc.). Instead, you should use something like RedPhone from WhisperSystems which is both open source and created by a rather cool dude who's serious about securty and privacy:

April 16, 2013


Still ridiculously cumbersome to be forced to use TBB (Because of laziness) for our browsing when we have a Tor instance already running on our machine for other proxification that isn't browsing.

Are you guys ever planning on remembering that not all of us use Tor for web browsing? The least you could do is change the defaults on one package or the other so there are no port conflicts between the two packages instead of assuming the user knows enough to know how to do that themselves.

Off-Topic I know...but apparently you guys need to be hounded about such a simple and important fix. TBB and your insistance on sticking to it (Limiting our choices...never a good thing) has cause considerable grief among the less tech-savy of your users.

April 17, 2013


Off topic: but this is BAD for Tor; not sure if this is related to the recent "attack" on Wordpress (Wordpress users were advised to use a "CloudFare" plug-in) but in the past few days I have seen a LOT of this (but not on wordpress sites!):

"What happened?

This website is participating in a project to stop attacks and educate visitors with infected computers or mobile devices about how they can clean them up.
Why am I seeing this page?

Your computer or another device on your network is compromised with a virus or malware. Criminals can use this malware to manipulate your device to send spam, process fraudulent transactions, or conceal other dangerous activities.
What should I do?

Make sure your anti-virus software is up to date and run a full scan. If you do not currently use an anti-virus solution, we encourage you to consider one.
When will this restriction go away?

This restriction will disappear when your computer or mobile device is cleaned and no more harmful behavior is detected. Completing the challenge above proves you are a human and gives you temporary access. You can ask the website owner to permanently whitelist you.
Your IP: · Help · Performance & Security by CloudFlare"

Performance & Security by CloudFlare

because it seems that this outfit have taken it upon themselves to block the Tor network!

April 17, 2013


Confirmed: it is that is blocking Tor!

May 07, 2013


Is there way to deploy obfs3 standalone to protect ssh traffic with --ext-cookie-file enabled?
In my opinion, ext-cookie-file is a 64 byte random data, am I right?
It works with --ext-cookie-file on server, but how to config the client with --ext-cookie-file?