[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
[tor-talk] Tor Weekly News â April 23rd, 2014
========================================================================
Tor Weekly News April 23rd, 2014
========================================================================
Welcome to the sixteenth issue of Tor Weekly News in 2014, the weekly
newsletter that covers what is happening in the Tor community.
Cutting out relays running version 0.2.2.x
------------------------------------------
Tor relays running the now ancient Tor 0.2.2.x are scheduled to be
removed from the consensus [1]. The change has already been merged in
the master branch and will be out with the next Tor 0.2.5 alpha.
Even if most relay operators have been warned, the change has not yet
been widely announced. But as three directory authorities are already
not voting for the deprecated versions, the downtime of two others while
cleaning up after the OpenSSL âHeartbleedâ issue was sufficient to get
these relays removed from the consensus [2] for a couple of days, as
Roger Dingledine explained [3].
Eventually relays running versions prior to 0.2.3.16-alpha might also be
removed from the consensus. âI think 0.2.3.16-alphaâs fix of #6033 makes
that one a plausible ânot below this oneâ cutoffâ, Roger writes in the
relevant Trac entry [4].
Relay operators should always make sure to run a recommended Tor
version [5]. The Tor Weather service [6] can be used by relay operators
to get email notifications if an outdated version is detected.
[1]: https://bugs.torproject.org/11149
[2]: https://metrics.torproject.org/network.html?graph=versions&start=2014-04-01&end=2014-04-23#versions
[3]: https://lists.torproject.org/pipermail/tor-relays/2014-April/004422.html
[4]: https://bugs.torproject.org/11149#comment:7
[5]: https://consensus-health.torproject.org/#recommendedversions
[6]: https://weather.torproject.org/subscribe/
Miscellaneous news
------------------
Nathan Freitas announced [7] the third (and probably final) release
candidate for Orbot 13.0.6: âThe big improvements in this build are a
fix for the disconnected UI/activity (Tor is on, but UI shows off), and
improvements to the transparent proxying iptables scriptsâ.
[7]: https://lists.mayfirst.org/pipermail/guardian-dev/2014-April/003436.html
The Tails developers put out two calls for testing: the first [8] is for
the first release candidate of Tails 1.0; while the second [9] is for
UEFI support, which âallows you to start Tails using a USB stick on
recent hardware, and especially on Macâ. âTest wildlyâ, and report any
bugs you find!
[8]: https://tails.boum.org/news/test_1.0-rc1/index.en.html
[9]: https://tails.boum.org/news/test_UEFI/index.en.html
Andrea Shepard sent [10] a list of 1777 fingerprints for relays âwhich
have ever turned up as potentially exposed by Heartbleedâ. It appears
that enough directory authority operators now reject relays known to be
problematic [11]: sssheep reported [12] that the still-vulnerable
section of the network was down to 0.01% of the consensus weight.
[10]: https://lists.torproject.org/pipermail/tor-relays/2014-April/004340.html
[11]: https://lists.torproject.org/pipermail/tor-relays/2014-April/004362.html
[12]: https://lists.torproject.org/pipermail/tor-talk/2014-April/032762.html
Mick drew attention [13] to the fact that in its current state, arm [14]
â the command-line relay status monitor â wrongly advises relay
operators to run it with the same user as Tor, in order to access
information about the relayâs connections. This is in fact a very bad
idea, and a ticket [15] is already open to address this issue. Lunar
detailed [16] the correct method of doing this, which is also explained
in the ticket.
[13]: https://lists.torproject.org/pipermail/tor-relays/2014-April/004414.html
[14]: https://www.atagar.com/arm/
[15]: https://bugs.torproject.org/10702
[16]: https://lists.torproject.org/pipermail/tor-relays/2014-April/004412.html
On the tor-relays mailing list, David Stainton mentioned [17] his Tor
role [18] for the Ansible [19] automation tool. David hoped that ârelay
operators will find this useful for deploying and maintaining large
numbers of Tor relays and bridgesâ. The documentation specifies that it
currently works with Debian and Ubuntu systems, and contains several
configuration examples.
[17]: https://lists.torproject.org/pipermail/tor-relays/2014-April/004373.html
[18]: https://github.com/david415/ansible-tor
[19]: http://www.ansible.com/
David Fifield continued his progress on meek [20], a pluggable transport
âthat routes your traffic through a third-party web service in a way
that should be difficult to blockâ. David sent a call for wider
testing [21] of experimental Tor Browser builds and a call for reviews
of the code [22]. âThere are a lot of components that make up the meek
transport [â] This is your chance to get in on the ground floor of a
new transport!â
[20]: https://trac.torproject.org/projects/tor/wiki/doc/meek
[21]: https://lists.torproject.org/pipermail/tor-dev/2014-April/006718.html
[22]: https://lists.torproject.org/pipermail/tor-dev/2014-April/006719.html
Ximin Luo raised [23] several points regarding how âindirectâ pluggable
transports like flashproxy [24] or meek are currently handled by Tor.
Whereas obfs3 or ScrambleSuit connect directly to the specified peer,
transforming the data flow along the way, Ximin describes meek and
flashproxy as providing âthe metaphor of connecting to a global
homogeneous serviceâ. The latter being âincompatible with the metaphor
of connecting to a specific endpointâ. Solutions on how to make the
design, code, and configuration better are up for discussion.
[23]: https://lists.torproject.org/pipermail/tor-dev/2014-April/006689.html
[24]: http://crypto.stanford.edu/flashproxy/
Nicolas Vigier submitted his status report for March [25].
[25]: https://lists.torproject.org/pipermail/tor-reports/2014-April/000510.html
Philipp Winter relayed [26] the call for papers for the 4th USENIX
Workshop on Free and Open Communications on the Internet [27]. The
workshop will be held on August 18th, and should bring together the
wider community of researchers and practitioners interested in Tor and
other ways to study, detect, or circumvent censorship. Papers have to be
submitted before May 13th.
[26]: https://blog.torproject.org/blog/call-papers-foci14-workshop
[27]: https://www.usenix.org/conference/foci14/call-for-papers
Fabio Pietrosanti wondered [28] whether anyone had âever tried to start
Tor from a Python application using Ctypesâ, making it possible to
âsandbox the Python application using AppArmor without enabling any kind
of execve() callâ.
[28]: https://lists.torproject.org/pipermail/tor-dev/2014-April/006723.html
Tor help desk roundup
---------------------
Many people email the Tor Help Desk from behind restrictive university
firewalls that require them to connect using a proxy. Often these
firewalls, Cyberoam and Fortiguard are two examples, use Deep Packet
Inspection and block Tor traffic. Unfortunately Tor Browser users canât
use a proxy to connect to the internet and also use a pluggable
transport. The Tor Browser team plans to include this capability in a
future release [29].
[29]: https://bugs.torproject.org/8402
Upcoming events
---------------
Apr 23 19:00 UTC | little-t tor development meeting
| #tor-dev, irc.oftc.net
| https://lists.torproject.org/pipermail/tor-dev/2014-March/006616.html
|
Apr 25 17:00 UTC | Pluggable transports online meeting
| #tor-dev, irc.oftc.net
|
Apr 25 18:00 UTC | Tor Browser online meeting
| #tor-dev, irc.oftc.net
| https://lists.torproject.org/pipermail/tbb-dev/2014-March/000026.html
This issue of Tor Weekly News has been assembled by Lunar, harmony, Matt
Pagan, and an anonymous contributor.
Want to continue reading TWN? Please help us create this newsletter.
We still need more volunteers to watch the Tor community and report
important news. Please see the project page [30], write down your
name and subscribe to the team mailing list [31] if you want to
get involved!
[30]: https://trac.torproject.org/projects/tor/wiki/TorWeeklyNews
[31]: https://lists.torproject.org/cgi-bin/mailman/listinfo/news-team
--
tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk