[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] how relays upgrade to latest version of Tor

On Tue, Feb 25, 2014 at 02:39:16AM +0200, s7r@xxxxxxxxxx wrote:
> When a new version of Tor is released, one which makes significant
> changes to routing rules, covers security vulnerabilities, etc. - how
> do all the ~6000 relays upgrade to the latest version automatically
> and simultaneously so the peers in the network can talk to each other?

It really depends how they're installed.

Many of the larger relays use the Tor deb (for Debian or Ubuntu):
and they update their Tor as part of standard system updates.

> So, when something with important changes takes place - how are all
> the peers in the network convinced to upgrade simultaneously and
> automatically?

There's definitely a balance between keeping software up-to-date and
maintaining independence and trust separation. I think I'd be pretty
uncomfortable with a silent auto update mechanism for Tor relays -- that's
why in the past when we talk about updates we talk about "secure update",
not "auto update". Words like "simultaneously" and "automatically"
are good for usability, but both good and scary for security.

In general we try to maintaining compatibility with many versions of
Tor other than the most recent release. That said, there is support in
the directory authorities for cutting out (unlisting) relays that are
running insufficiently recent Tor versions.

Hope that helps,

tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsubscribe or change other settings go to