[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] Tor is released

>> Tor version fixes a major bug in entry guard selection,
>>     - Actually look at the Guard flag when selecting a new directory
>>       guard. When we implemented the directory guard design, we
>>       accidentally started treating all relays as if they have the Guard
>>       flag during guard selection, leading to weaker anonymity and worse
>>       performance. Fixes bug 17772; bugfix on Discovered
>>       by Mohsen Imani.
> Is this bug found also in, or only in

the changelog says "bugfix on" which means all tor
releases since  and released before 2015-12-10 are affected.

The trac entry is tagged with: 024-backport 025-backport 026-backport

As you can see on gitweb.torproject.org Nick is preparing some more releases

but most ordinary users will probably (and should) just use torbrowser
and the tor version that comes with it (so we might see an update there

> What does "weaker anonymity" mean exactly? How big is the risk? Can this 
> bug lead to deanonymization?

https://blog.torproject.org/blog/tor-0276-released wrote:
> For more information on the guard bug, see Roger's preliminary analysis
> https://trac.torproject.org/projects/tor/ticket/17772#comment:1

If you want to read more about directory guards (compared to an entry

tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsubscribe or change other settings go to