Tor Weekly News — July 9th, 2014

Welcome to the twenty-seventh issue of Tor Weekly News in 2014, the weekly newsletter that covers what is happening in the Tor community.

On being targeted by the NSA

Das Erste has published an article and supporting material showing how the NSA explicitly targets Tor and Tails user through the XKEYSCORE Deep Packet Inspection system. Several other media picked up the news, and it was also discussed in various threads on the tor-talk mailing list (1, 2, 3, 4, 5, 6, 7).

The Tor Project’s view has been reposted on the blog. To a comment that said “I felt like i am caught in the middle of a two gigantic rocks colliding each other”, Roger Dingledine replied: “You’re one of the millions of people every day who use Tor. And because of the diversity of users […], just because they know you use Tor doesn’t mean they know why you use Tor, or what you do with it. That’s still way better than letting them watch all of your interactions with all websites on the Internet.”

More monthly status reports for June 2014

The wave of regular monthly reports from Tor project members for the month of June continued, with submissions from Georg Koppen, Lunar, Noel David Torres Taño, Matt Pagan, Colin C., Arlo Breault, and George Kadianakis.

Mike Perry reported on behalf of the Tor Browser team.

Miscellaneous news

An Austrian Tor exit node operator interpreted their conviction in a first ruling as judging them “guilty of complicity, because he enabled others to transmit content of an illegal nature through the service”. Moritz Bartl from Torservers.net commented: “We strongly believe that it can be easily challenged. […] We will definitely try and find some legal expert in Austria and see what we can do to fight this.”

Linus Nordberg is expanding the idea of public, append-only, untrusted log à la Certificate Transparency to the Tor consensus. Linus submitted a new draft proposal to the tor-dev mailing list for reviews.

Miguel Freitas reported that twister — a fully decentralized P2P microblogging platform — was now able to run over Tor. As Miguel wrote, “running twister on top of Tor was a long time goal, […] the Tor support allows a far more interesting threat model”.

Google Summer of Code students have sent a new round of reports after the mid-term: Israel Leiva on the GetTor revamp, Amogh Pradeep on Orbot and Orfox improvements, Mikhail Belous on the multicore tor daemon, Daniel Martí on incremental updates to consensus documents, Sreenatha Bhatlapenumarthi on the Tor Weather rewrite, Quinn Jarrell on the pluggable transport combiner, Noah Rahman on Stegotorus enhancements, Marc Juarez on website fingerprinting defenses , development, Juha Nurmi on the ahmia.fi project , and Zack Mullaly on the HTTPS Everywhere secure ruleset update mechanism.

sajolida, tchou and Giorgio Maone from NoScript drafted a specification for a Firefox extension to download and verify Tails.

Tor help desk roundup

One way to volunteer for Tor is to run a mirror of the Tor Project website. Instructions are available for anyone wanting to run a mirror. Mirrors are useful for those who, for one reason or another, cannot access or use the main Tor Project website. Volunteers who have successfully set up a synced a mirror can report their mirror to the tor-mirrors mailing list to get it included in the full mirrors list.

Easy development tasks to get involved with

ooniprobe is a tool for conducting network measurements that are useful for detecting network interference. When ooniprobe starts it should perform checks to verify that the config file is correct. If that is not the case, it should fail gracefully at startup. The ticket indicates where this check should be added to the ooniprobe codebase. If you’d like to do some easy Python hacking, be sure to give this ticket a try.

This issue of Tor Weekly News has been assembled by Lunar, harmony, Matt Pagan, and Karsten Loesing.

Want to continue reading TWN? Please help us create this newsletter. We still need more volunteers to watch the Tor community and report important news. Please see the project page, write down your name and subscribe to the team mailing list if you want to get involved!