[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

[tor-talk] Tor Weekly News â April 15th, 2015

Tor Weekly News                                         April 15th, 2015

Welcome to the fifteenth issue in 2015 of Tor Weekly News, the weekly
newsletter that covers whatâs happening in the Tor community.


 1. Tor Browser 4.0.8 is out
 2. Hidden services that arenât hidden
 3. Tor Summer of Privacy â entry closing soon!
 4. More monthly status reports for March 2015
 5. Miscellaneous news
 6. Upcoming events

Tor Browser 4.0.8 is out

Mike Perry announced [1] a new stable release by the Tor Browser team.
This version is exactly the same as 4.0.7, which was briefly advertised
to users last week but then withdrawn because a bug [2] would have
caused it to endlessly recommend updating.

This release includes Tor, which fixes the recent onion
service [3] and client [4] crash bugs.

There is no corresponding Tor Browser alpha update; that series will
become the new stable release in a couple of weeks.

Download your copy of Tor Browser 4.0.8 from the project page [5], or
over the in-browser update system.

  [1]: https://blog.torproject.org/blog/tor-browser-408-released
  [2]: https://bugs.torproject.org/15637
  [3]: https://bugs.torproject.org/15600
  [4]: https://bugs.torproject.org/15601
  [5]: https://www.torproject.org/projects/torbrowser.html

Hidden services that arenât hidden

As the name implies, Tor hidden services (also known as âonion
servicesâ) are location-hidden and anonymous, just like regular Tor
clients. There may be instances, however, in which a potential hidden
service operator doesnât much care about being hidden: they are more
interested in the other unique properties of hidden services, like free
end-to-end encryption and authentication, or they want to prevent their
users from accidentally sending information non-anonymously. For
example, even though everyone knows who Facebook are and where to find
them, their users still have things to gain from using their .onion
address [6].

At the moment, these kinds of services are still forced to use the
regular hidden service protocol, meaning they connect to rendezvous
points [7] over a Tor circuit. Hiding someone who doesnât want to be
hidden is an inefficient use of network resources, and needlessly slows
down connections to the service in question, so Tor developers have been
discussing the possibility of enabling âdirect onion servicesâ, which
sacrifice anonymity for improved performance.

George Kadianakis requested feedback on a draft [8] of a Tor proposal
for this feature. One of the major questions still to be resolved is how
to ensure that nobody enables this option by mistake, or fails to
understand the implications for their serviceâs anonymity. Possible
solutions include choosing a better name, making the configuration file
option sound more ominous, or even requiring the operator to compile Tor
themselves with a special flag.

See Georgeâs proposal for more use-cases and full details of the
concept, and feel free to comment on the tor-dev list thread.

  [6]: https://blog.torproject.org/blog/facebook-hidden-services-and-https-certs
  [7]: https://www.torproject.org/docs/hidden-services
  [8]: https://lists.torproject.org/pipermail/tor-dev/2015-April/008625.html

Tor Summer of Privacy â entry closing soon!

If youâd like to participate in the first-ever Tor Summer of
Privacy [9], you still have the chance â but be quick, as the
application period closes on Friday.

Competition for places is already strong, so make it as easy as possible
for your entry to be chosen: look at previous applications [10] for an
idea of what Tor developers like to see, drum up interest from potential
mentors on the tor-dev mailing list [11] or IRC channel [12], link to
your best code samples, and show the community that you can take the
initiative in moving your project forward. Good luck!

  [9]: https://trac.torproject.org/projects/tor/wiki/org/TorSoP
 [10]: https://www.torproject.org/about/gsoc#Example
 [11]: https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev
 [12]: https://www.torproject.org/about/contact#irc

More monthly status reports for March 2015

A few more Tor developers submitted monthly reports for March: Isis
Lovecruft [13] (for work on BridgeDB and pluggable transports), Arlo
Breault [14] (reporting on Tor Messenger and Tor Check), Karsten
Loesing [15] (for projects including hidden service statistics,
translation coordination, and Tor network tools), and Colin C. [16] (for
work on support, documentation, and localization).

The Tails team published its March report [17]. Take a look for updates
on development, funding, and outreach; summaries of ongoing discussions;
Tails in the media; and much more besides.

 [13]: https://lists.torproject.org/pipermail/tor-reports/2015-April/000802.html
 [14]: https://lists.torproject.org/pipermail/tor-reports/2015-April/000803.html
 [15]: https://lists.torproject.org/pipermail/tor-reports/2015-April/000804.html
 [16]: https://lists.torproject.org/pipermail/tor-reports/2015-April/000805.html
 [17]: https://tails.boum.org/news/report_2015_03

Miscellaneous news

Nathan Freitas announced [18] the third release candidate for Orbot v15.
This version supports the x86 processor architecture, so devices such as
the Galaxy Tab 3 and the Asus Zenphone/Padphone are now officially
Tor-compatible. See Nathanâs announcement for the full changelog.

 [18]: https://lists.mayfirst.org/pipermail/guardian-dev/2015-April/004316.html

Giovanni Pellerano announced [19] GlobalLeaks 2.60.65, featuring lots of
bugfixes, improved localization (including eight new languages), and

 [19]: https://lists.torproject.org/pipermail/tor-talk/2015-April/037457.html

David Fifield located and fixed [20] a problem with meekâs Microsoft
Azure backend that was causing it to run much more slowly than the other
two options. âIf you tried meek-azure before, but it was too slow, give
it another try!â

 [20]: https://lists.torproject.org/pipermail/tor-dev/2015-April/008637.html

Thanks to John Penner [21] for running a mirror of the Tor Projectâs
website and software!

 [21]: https://lists.torproject.org/pipermail/tor-mirrors/2015-April/000870.html

Upcoming events

  Apr 15 13:30 UTC | little-t tor development meeting
                   | #tor-dev, irc.oftc.net
  Apr 16 - 18      | Roger @ 2015 German-American Frontiers of Engineering Symposium
                   | Potsdam, Germany
                   | http://www.naefrontiers.org/Symposia/GAFOE/21649/44840.aspx
  Apr 20 18:00 UTC | Tor Browser online meeting
                   | #tor-dev, irc.oftc.net
  Apr 20 18:00 UTC | OONI development meeting
                   | #ooni, irc.oftc.net
  Apr 21 18:00 UTC | little-t tor patch workshop
                   | #tor-dev, irc.oftc.net
  Apr 24           | Roger @ CTIC Privacy Conference
                   | University of Pennsylvania Law School
                   | https://www.law.upenn.edu/newsevents/calendar.php#event_id/48977/view/event
  Apr 29 02:00 UTC | Pluggable transports/bridges meeting
                   | #tor-dev, irc.oftc.net
                   | https://lists.torproject.org/pipermail/tor-dev/2015-April/008627.html
  May 03 19:00 UTC | Tails contributors meeting
                   | #tails-dev, irc.oftc.net
                   | https://mailman.boum.org/pipermail/tails-project/2015-April/000187.html

This issue of Tor Weekly News has been assembled by Harmony, the Tails
team, and other contributors.

Want to continue reading TWN? Please help us create this newsletter.
We still need more volunteers to watch the Tor community and report
important news. Please see the project page [22], write down your
name and subscribe to the team mailing list [23] if you want to
get involved!

 [22]: https://trac.torproject.org/projects/tor/wiki/TorWeeklyNews
 [23]: https://lists.torproject.org/cgi-bin/mailman/listinfo/news-team
tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsubscribe or change other settings go to