[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] Tor 0.2.7.6 is released

To: tor-talk@xxxxxxxxxxxxxxxxxxxx
Subject: Re: [tor-talk] Tor 0.2.7.6 is released
From: Oskar Wendel <o.wendel@xxxxx>
Date: Fri, 11 Dec 2015 14:26:56 +0000 (UTC)
Delivered-to: archiver@xxxxxxxx
Delivery-date: Fri, 11 Dec 2015 10:00:24 -0500
List-archive: <http://lists.torproject.org/pipermail/tor-talk/>
List-help: <mailto:tor-talk-request@lists.torproject.org?subject=help>
List-id: "all discussion about theory, design, and development of Onion Routing" <tor-talk.lists.torproject.org>
List-post: <mailto:tor-talk@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=unsubscribe>
References: <CAKDKvuyDQCWgg65hQHb23q8R546Rsr1FU5F-qQo=NHZZj1-2kg@xxxxxxxxxxxxxx>
Reply-to: tor-talk@xxxxxxxxxxxxxxxxxxxx
Sender: "tor-talk" <tor-talk-bounces@xxxxxxxxxxxxxxxxxxxx>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Nick Mathewson <nickm@xxxxxxxxxxxxxx>:

> Tor version 0.2.7.6 fixes a major bug in entry guard selection,

>     - Actually look at the Guard flag when selecting a new directory
>       guard. When we implemented the directory guard design, we
>       accidentally started treating all relays as if they have the Guard
>       flag during guard selection, leading to weaker anonymity and worse
>       performance. Fixes bug 17772; bugfix on 0.2.4.8-alpha. Discovered
>       by Mohsen Imani.

Is this bug found also in 0.2.6.10, or only in 0.2.7.5?

Are users of 0.2.6.10 (as this is still the stable version; 0.2.7.6 is 
listed as unstable) encouraged to upgrade to 0.2.7.6?

What does "weaker anonymity" mean exactly? How big is the risk? Can this 
bug lead to deanonymization?

Thank you.

- -- 
Oskar Wendel, o.wendel@xxxxxxxxxxxxxxxxx
Pubkey at https://pgp.mit.edu/pks/lookup?search=0x6690CC52318DB84C
-----BEGIN PGP SIGNATURE-----

iQEcBAEBAgAGBQJWat0oAAoJEGaQzFIxjbhMYnsIAJkVa8YhXD5jWduhaEMh433L
wh1suAJPTWiqFTMgRz5E9jsa+NXbOM8EqirAc3FjvNMVp4DEM9CLAEyeDDTxBBaq
d3WCc17fSkfswIDx31lHmDW88ruOKjx+ldkc6aI23980uYGxBPJvdmXizxu7qTi5
eDcVCDAARj6nC2siEEFhrufUu7JpebpXsl/lufa9J40T2t33eCuLHGQ8U8xFqKrN
R4+o128QSZGVsJJ/ayklXd419LYVXNeV8m/r4s4JLwWA9835JgBhjEVxySSZiYeO
Prb/6PqSDckLpuuUduFC3gbqjRKHBDcxI6HyDPctN9pY4CkoUx3w4RaBl3nF9b4=
=eXdI
-----END PGP SIGNATURE-----

-- 
tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

Follow-Ups:
- Re: [tor-talk] Tor 0.2.7.6 is released
  - From: nusenu
- Re: [tor-talk] Tor 0.2.7.6 is released
  - From: nusenu

Prev by Author: Re: [tor-talk] Tor 0.2.7.6 is released
Next by Author: Re: [tor-talk] Tor 0.2.7.6 is released
Previous by thread: [tor-talk] Save Crypto: Tell the White House We Can't Sacrifice Security
Next by thread: Re: [tor-talk] Tor 0.2.7.6 is released
Index(es):
- Author
- Thread