Tor Browser Bundle 1.3.1 Released

The latest in the Tor Browser series, version 1.3.1 is released. This includes updates to Firefox, Pidgin, and Tor.

Tor 0.2.1.22 rotates two of the seven v3 directory authority keys and
locations, due to a security breach of some of the Torproject servers:
http://archives.seul.org/or/talk/Jan-2010/msg00161.html

It also fixes a privacy problem in bridge directory authorities -- it
would tell you its whole history of bridge descriptors if you make the
right directory request.

Everybody should upgrade:
https://www.torproject.org/easy-download

The changelog is:

1.3.1: Released 2010-01-22
update Firefox to 3.5.7
update Pidgin to 2.6.5
update Tor to 0.2.1.22

Anonymous

January 24, 2010

Permalink

Thanks for having it out so soon after the Tor update.

Something strange I just found:

"check.torproject.org" brought me to the NON-SSL "http://check.torproject.org"

whereas in the past, entering the same always automatically brought me to the SSL "https//check.torproject.org"

Anonymous

January 24, 2010

Permalink

I just upgraded to the latest Vidalia on OS X Snow Leopard and I can't connect to the network. My message log looks like this:

Jan 24 13:55:35.495 [Notice] We're missing a certificate from authority with signing key B7A209B31ACDD633258D0F07715482BD04F88F4F: launching request.
Jan 24 13:55:35.497 [Notice] We're missing a certificate from authority with signing key 665711AF821C459DC59A8491FAD1B9D7A7800ECF: launching request.
Jan 24 13:55:35.507 [Notice] We're missing a certificate from authority with signing key 6584DF098CFC68ACBF5E551532C8A58674586820: launching request.
Jan 24 14:05:45.555 [Notice] We're missing a certificate from authority with signing key B7A209B31ACDD633258D0F07715482BD04F88F4F: launching request.
Jan 24 14:05:45.571 [Notice] We're missing a certificate from authority with signing key 665711AF821C459DC59A8491FAD1B9D7A7800ECF: launching request.
Jan 24 14:05:45.571 [Notice] We're missing a certificate from authority with signing key 6584DF098CFC68ACBF5E551532C8A58674586820: launching request.
Jan 24 14:05:45.922 [Warning] TLS error: unexpected close while renegotiating
Jan 24 14:10:50.679 [Warning] TLS error: unexpected close while renegotiating
Jan 24 14:15:55.708 [Warning] TLS error: unexpected close while renegotiating
Jan 24 14:26:06.042 [Warning] TLS error: unexpected close while renegotiating
Jan 24 14:36:15.740 [Notice] We're missing a certificate from authority with signing key B7A209B31ACDD633258D0F07715482BD04F88F4F: launching request.
Jan 24 14:36:15.742 [Notice] We're missing a certificate from authority with signing key 665711AF821C459DC59A8491FAD1B9D7A7800ECF: launching request.
Jan 24 14:36:15.765 [Notice] We're missing a certificate from authority with signing key 6584DF098CFC68ACBF5E551532C8A58674586820: launching request.
Jan 24 14:36:16.185 [Warning] TLS error: unexpected close while renegotiating
Jan 24 14:36:16.207 [Warning] Problem bootstrapping. Stuck at 10%: Finishing handshake with directory server. (DONE; DONE; count 10; recommendation warn)
Jan 24 14:51:00.307 [Warning] TLS error: unexpected close while renegotiating
Jan 24 14:51:00.335 [Warning] Problem bootstrapping. Stuck at 10%: Finishing handshake with directory server. (DONE; DONE; count 11; recommendation warn)
Jan 24 14:51:44.793 [Warning] Problem bootstrapping. Stuck at 10%: Finishing handshake with directory server. (Operation timed out; TIMEOUT; count 12; recommendation warn)
Jan 24 14:52:32.235 [Warning] TLS error: unexpected close while renegotiating
Jan 24 14:52:32.263 [Warning] Problem bootstrapping. Stuck at 10%: Finishing handshake with directory server. (DONE; DONE; count 13; recommendation warn)
Jan 24 14:57:37.432 [Warning] TLS error: unexpected close while renegotiating
Jan 24 14:57:37.433 [Warning] Problem bootstrapping. Stuck at 10%: Finishing handshake with directory server. (DONE; DONE; count 14; recommendation warn)
Jan 24 15:07:47.306 [Warning] TLS error: unexpected close while renegotiating
Jan 24 15:07:47.306 [Warning] Problem bootstrapping. Stuck at 10%: Finishing handshake with directory server. (DONE; DONE; count 15; recommendation warn)
Jan 24 15:37:15.168 [Notice] We're missing a certificate from authority with signing key B7A209B31ACDD633258D0F07715482BD04F88F4F: launching request.
Jan 24 15:37:15.170 [Notice] We're missing a certificate from authority with signing key 665711AF821C459DC59A8491FAD1B9D7A7800ECF: launching request.
Jan 24 15:37:15.170 [Notice] We're missing a certificate from authority with signing key 6584DF098CFC68ACBF5E551532C8A58674586820: launching request.
Jan 24 15:37:15.596 [Warning] TLS error: unexpected close while renegotiating
Jan 24 15:37:15.597 [Warning] Problem bootstrapping. Stuck at 10%: Finishing handshake with directory server. (DONE; DONE; count 16; recommendation warn)
Jan 24 15:39:30.781 [Warning] Problem bootstrapping. Stuck at 10%: Finishing handshake with directory server. (Operation timed out; TIMEOUT; count 17; recommendation warn)
Jan 24 15:50:28.659 [Warning] TLS error: unexpected close while renegotiating
Jan 24 15:50:28.659 [Warning] Problem bootstrapping. Stuck at 10%: Finishing handshake with directory server. (DONE; DONE; count 18; recommendation warn)
Jan 24 15:50:28.758 [Warning] TLS error: unexpected close while renegotiating
Jan 24 15:50:28.758 [Warning] Problem bootstrapping. Stuck at 10%: Finishing handshake with directory server. (DONE; DONE; count 19; recommendation warn)
Jan 24 15:51:29.765 [Warning] TLS error: unexpected close while renegotiating
Jan 24 15:51:29.766 [Warning] Problem bootstrapping. Stuck at 10%: Finishing handshake with directory server. (DONE; DONE; count 20; recommendation warn)
Jan 24 15:56:34.766 [Warning] TLS error: unexpected close while renegotiating
Jan 24 15:56:34.766 [Warning] Problem bootstrapping. Stuck at 10%: Finishing handshake with directory server. (DONE; DONE; count 21; recommendation warn)
Jan 24 16:06:44.712 [Warning] TLS error: unexpected close while renegotiating
Jan 24 16:06:44.713 [Warning] Problem bootstrapping. Stuck at 10%: Finishing handshake with directory server. (DONE; DONE; count 22; recommendation warn)
Jan 24 16:38:15.660 [Notice] We're missing a certificate from authority with signing key B7A209B31ACDD633258D0F07715482BD04F88F4F: launching request.
Jan 24 16:38:15.660 [Notice] We're missing a certificate from authority with signing key 665711AF821C459DC59A8491FAD1B9D7A7800ECF: launching request.
Jan 24 16:38:15.661 [Notice] We're missing a certificate from authority with signing key 6584DF098CFC68ACBF5E551532C8A58674586820: launching request.
Jan 24 16:38:15.755 [Warning] TLS error: unexpected close while renegotiating
Jan 24 16:38:15.756 [Warning] Problem bootstrapping. Stuck at 10%: Finishing handshake with directory server. (DONE; DONE; count 23; recommendation warn)
Jan 24 16:38:29.374 [Warning] Problem bootstrapping. Stuck at 10%: Finishing handshake with directory server. (Operation timed out; TIMEOUT; count 24; recommendation warn)
Jan 24 16:50:27.628 [Warning] TLS error: unexpected close while renegotiating
Jan 24 16:50:27.630 [Warning] Problem bootstrapping. Stuck at 10%: Finishing handshake with directory server. (DONE; DONE; count 25; recommendation warn)
Jan 24 16:50:28.011 [Warning] TLS error: unexpected close while renegotiating
Jan 24 16:50:28.013 [Warning] Problem bootstrapping. Stuck at 10%: Finishing handshake with directory server. (DONE; DONE; count 26; recommendation warn)

Is this a known problem or do I have something misconfigured?

Thanks.

Did some research, apparently apples security patch patched out OpenSSL to not allow all renegotiation afaik.

Any fix for this? I'm running 10.5.8 on a PPC platform and I think the update has also affected my ability to connect to the TOR network:

Jan 25 13:09:38.217 [Notice] We're missing a certificate from authority with signing key 6584DF098CFC68ACBF5E551532C8A58674586820: launching request.
Jan 25 13:09:38.953 [Warning] TLS error: unexpected close while renegotiating

The program just hangs on the message "Establishing an encrypted directory connection" until it finally times out and fails.

I am running Vidalia 0.2.6, Tor 0.2.1.22 and Qt 4.3.5

Thanks!

Any fix for this? I'm running 10.5.8 on a PPC platform and I think the update has also affected my ability to connect to the TOR network:

You realize you posted on a blog entry that's almost two years old, right?

Are you really seeing renegotiation failure warnings in your Tor log? That would be unfortunate. What version of which bundle did you install?

Anonymous

January 24, 2010

Permalink

I am using the new TBB 1.3.1 and just got an Open DNS redirect and http://www.opendns.com/welcome/intro/ says

"Your network is using open dns"

I refreshed several times, after clicking 'new identity' and it was the same.

Anyone else have this? Are a number of nodes now using Open DNS?
_________
There have been a number of other comments saying the formatting here is not working.

(This post was NOT written as one paragraph...)

I'm trying to get the browser bundle, but when I check the asc file I'm constantly getting BAD result from Andrew's key

(I've already tried 4 diffrent mirror's)

Is this common?

Toggling TorButton to disable Tor resulted in the enabling of all automatic updates in Firefox. Toggling again to re-enable Tor did not change this setting back to the default of having automatic updates disabled.

Regarding verifying signatures, the TBB downloads page links to a page with information on verifying signatures but what about the (undoubtedly many) TBB users and potential users with no familiarity or understanding of PGP/GPG, keyrings and the like? Wouldn’t it only make sense, therefore, to link to some introduction to these technologies?

Thanks for a great program!

may be add hashes md5, sha-1... ?

And I agree that a small introduction to openPGP or gnuPG would be very useful with a few links to this kind of programs one can use.

Also, barring DNS poisoning and if one was careful to check the download URL, how likely is it for a TBB download to be rogue?

Everything was fine till yesterday. Now I keep getting:
Jan 26 12:36:19.710 [Notice] We're missing a certificate from authority with signing key 665711AF821C459DC59A8491FAD1B9D7A7800ECF: launching request.
Jan 26 12:36:19.711 [Notice] We're missing a certificate from authority with signing key 6584DF098CFC68ACBF5E551532C8A58674586820: launching request.
Jan 26 12:41:24.818 [Notice] We're missing a certificate from authority with signing key 665711AF821C459DC59A8491FAD1B9D7A7800ECF: launching request.
Jan 26 12:41:24.820 [Notice] We're missing a certificate from authority with signing key 6584DF098CFC68ACBF5E551532C8A58674586820: launching request.
Jan 26 12:41:25.081 [Warning] TLS error: unexpected close while renegotiating

What to do?

I am having the same problem with "missing a certificate from authority." We need a fix for this!

Experiencing the same problem. Awaiting additional information / fix.

ditto. This is annoying. :( Please help!

dont know

I do not think that the "missing a certificate for authority" error is directly related to the newest version - I have been getting this off and on with TBB 1.3.0 since I upgraded to that version. It comes and goes...

Is anyone else getting Open DNS placeholders/ re-directs while using TBB?

Or typos like gogle.com automatically re-directing to google.com ?

(All other indications are that I am using Tor: Tor Button enabled, numerous IP checks)

NOTE: If this post appears as a single paragraph, then the formatting problem that has been mentioned in several other posts has not been solved. It would be much appreciated if it could at least be _acknowledged_.

The problem is a mis-configured exit node, not TBB.

"Is anyone else getting Open DNS placeholders/ re-directs while using TBB?"

No, I get a proxy error: "504 Connect to www.blablablacksheep.com:80 failed: SOCKS error: host unreachable"

Do you have 208.67.222.222 (OpenDNS) as one of your configured DNS servers under non-Tor operations?

"Or typos like gogle.com automatically re-directing to google.com ?"

"http:www.gogle.com" *does* redirect to google.com. I imagine that Google has bought up a lot of the common typos for their domain. Once you own those domain names, it is trivial to point them to wherever you want - I do this myself.

If you are running Windows, it might be worth checking what is in your HOSTS and LMHOSTS files (in root\WINDOWS\System32\drivers\etc\ of all the unsane places), as those resolution entries trump all other settings. For example, in HOSTS I have a list of entries (ironically originally obtained from OpenDNS) that resolve domains that I don't like (for a variety of reasons) to 127.0.0.1 I have heard of some malware writing entries to these files, which can produce unexpected results.

The problem is a mis-configured exit node, not TBB.

Wouldn't it have had to have been _several_ exit nodes? ('Live preview' continued telling me I was using Open DNS, despite numerous changes of Tor ID and page refreshes)

"Do you have 208.67.222.222 (OpenDNS) as one of your configured DNS servers under non-Tor operations?"

For _some_ of my dial-up networking connections (WIN 2K), yes.

However, whereas _previously_ even when I used those connections, TBB seemed to bypass Open DNS, what I described above happened _even when using connections that were configured to use 'server assigned DNS' from my ISP (and NOT Open DNS).

It's been a few days since I last tried TBB.
--------
(con'td.- making multiple posts of broken formatting)

""http:www.gogle.com" *does* redirect to google.com. I imagine that Google has bought up a lot of the common typos for their domain."

I hadn't realized this. Thanks.

............

Another thing I've since learned is that the page at http://www.opendns.com/welcome/intro/ that says,

"Your network is using Open DNS" is actually _static_ and not of an indication of whether one is using OpenDNS or not.

(But the question remains how I got directed to that page in the first place)

Nonetheless, the 'live preview' at
http://www.opendns.com/about/share/
_is_ supposed to be a live check that tells whether one is using Open DNS or not.

AND, as I had noted, I had also gotten actual Open DNS placeholders.

Re: HOSTS and LMHOSTS:

1.) I had been checking the HOSTS (but not the LMHOSTS) file regularly (opening in NotePad) and had not noticed any sign of tampering.

###NEW PARAGRAPH###

2.) When I tried to open the LMHOSTS file, after reading your reply, something very strange happened. It automatically started and tried to open in Sandboxie and gave me some error message.

After all I described above, I had the following bizarre experience. Wonder how related they could be.

Might the same mysterious exit nodes that appeared to be using Open DNS , have been responsible for what I describe below by way of some mysterious attack?

###NEW PARAGRAPH###
Despite _appearing_ as if I had made (and kept) successful dial-up connections, I would be unable to connect to _any_ site- both in regular Firefox Portable (NOT TBB) as well as Internet Explorer. (No Tor or proxy configuration of any type). Tried several different access numbers as well as both with _as well_ as without Open DNS configured. Same thing with all of them. Completely dead connection.

###NEW PARAGRAPH###
But that's not the half of it; were it not for what followed, I would have figured it was probably just corrupted DUN.

###NEW PARAGRAPH###
I restored to a system image I had made well before this problem had started and still got the same completely 'dead connections'!
(I did not notice any other unusual behavior)

###NEW PARAGRAPH###
Must have been my ISP, right? That's what I thought too but then I booted into a Linux live CD and, lo and behold, was able to connect just fine- same ISP, modem, etc.!

(I'm actually using Simply MEPIS to post right now. antiX MEPIS seemed to work fine as well.)

I must admit that I cannot think of any single issue that would account for all of the symptoms that you are reporting (of course that assumes that Murphy is napping and it is a single issue). Having you considered running RootKitRevealer (Sysinternals) or a similar utility? In theory a root kit should also affect *nix, but I'm not certain the symptoms would be identical. What about HijackThis! (TrendMicro) to examine suspicious Windows registry entries?

"In theory a root kit should also affect *nix,"

Wouldn't it have to be a _hardware_ rootkit (such as the BIOS exploit that was discovered last year) to affect the performance of a *LIVE* CD?

Any chance someone works in Flash support in the TBB? I think there are free alternatives that would give us moderate support of Flash standards while playing on the free-software side. Gnash or SWFdec, readily bundled with Tor Browser - wouldn't that be great? Or is this technically impossible?

(BTW: I do not advocate inclusion of the original Adobe Player, it's a privacy nightmare!)

"No, I get a proxy error: "504 Connect to www.blablablacksheep.com:80 failed: SOCKS error: host unreachable""
I've gotten those errors too sometimes, even before the strange Open DNS behavior I described. When the site was valid (and up), it would usually load after no more than a few retrys.

Same problem here on 10.6.2

Feb 05 13:56:05.162 [Notice] Bootstrapped 10%: Finishing handshake with directory server.
Feb 05 13:56:05.377 [Warning] TLS error: unexpected close while renegotiating
Feb 05 13:56:05.378 [Notice] No current certificate known for authority dannenberg; launching request.
Feb 05 13:56:05.448 [Warning] TLS error: unexpected close while renegotiating
Feb 05 13:56:05.771 [Warning] TLS error: unexpected close while renegotiating
Feb 05 13:57:06.110 [Notice] No current certificate known for authority dannenberg; launching request.
Feb 05 13:58:07.595 [Warning] TLS error: unexpected close while renegotiating
Feb 05 14:02:11.268 [Notice] No current certificate known for authority dannenberg; launching request.
Feb 05 14:02:11.652 [Warning] TLS error: unexpected close while renegotiating

Not sure where to put this so putting it here. Is is possible that tor screws up automatic updates on windows vista? I had to reinstall my windows recently becuase it would no longer update. The only reason I could think of was tor. Is this possible. I have changed to windows seven so hopefully this would take care of the problem...thanks!

GFW is too powerful.
tor can't conact.

PLEASE HELP - I tried everything. reinstalled. used bridges. made Tor trusted in Kaspersky. But still i'm getting this error log --

* Tor v0.2.2.35 (git-b04388f9e7546a9f). This is experimental software. Do not rely on it for strong anonymity. (Running on Windows 7 [workstation])
*Initialized libevent version 2.0.17-stable using method win32. Good.
*Opening Socks listener on 127.0.0.1:9050
*Opening Control listener on 127.0.0.1:9051
*Parsing GEOIP file .\Data\Tor\geoip.
* Bootstrapped 10%: Finishing handshake with directory server.
* [Warning] Problem bootstrapping. Stuck at 10%: Finishing handshake with directory server. (Network is unreachable [WSAENETUNREACH ]; NOROUTE; count 4; recommendation warn)
* [Warning] Problem bootstrapping. Stuck at 10%: Finishing handshake with directory server. (Network is unreachable [WSAENETUNREACH ]; NOROUTE; count 7; recommendation warn)

Any Suggestions??