[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: Tor is out

     On Thu, 20 Nov 2008 18:50:12 -0500 Roger Dingledine <arma@xxxxxxx>
>Tor fixes a major security problem in Debian and Ubuntu
>packages (and maybe other packages) noticed by Theo de Raadt, fixes
>a smaller security flaw that might allow an attacker to access local
>services, adds better defense against DNS poisoning attacks on exit
>relays, further improves hidden service performance, and fixes a variety
>of other issues.
>Changes in version - 2008-11-08
>    [much text deleted  --SB]
>  o Minor bugfixes:
>    - Minor fix in the warning messages when you're having problems
>      bootstrapping; also, be more forgiving of bootstrap problems when
>      we're still making incremental progress on a given bootstrap phase.
>    - When we're choosing an exit node for a circuit, and we have
>      no pending streams, choose a good general exit rather than one that
>      supports "all the pending streams". Bugfix on 0.1.1.x. Fix by rovv.

     Does "good general exit" mean a relay listed with an Exit flag in the
consensus and status documents?

>    - Send a valid END cell back when a client tries to connect to a
>      nonexistent hidden service port. Bugfix on Fixes bug
>      840. Patch from rovv.
>    - If a broken client asks a non-exit router to connect somewhere,
>      do not even do the DNS lookup before rejecting the connection.
>      Fixes another case of bug 619. Patch from rovv.
>    - Fix another case of assuming, when a specific exit is requested,
>      that we know more than the user about what hosts it allows.
>      Fixes another case of bug 752. Patch from rovv.

     Does "what hosts it allows" really mean what its exit policy (hosts and
port combinations) allows?

>    - Check which hops rendezvous stream cells are associated with to
>      prevent possible guess-the-streamid injection attacks from
>      intermediate hops. Fixes another case of bug 446. Based on patch
>      from rovv.
>    - Avoid using a negative right-shift when comparing 32-bit
>      addresses. Possible fix for bug 845 and bug 811.
>    - Make the assert_circuit_ok() function work correctly on circuits that
>      have already been marked for close.
>    - Fix read-off-the-end-of-string error in unit tests when decoding
>      introduction points.
>    - Fix uninitialized size field for memory area allocation: may improve
>      memory performance during directory parsing.
>    - Treat duplicate certificate fetches as failures, so that we do
>      not try to re-fetch an expired certificate over and over and over.

     Does "expired certificate" refer to an expired relay descriptor?  If so,
does the above fix also have some means of checking the timestamps on the
queried directory servers' contents, so that, for example, a newly
reinitialized relay whose descriptor has been posted to the authorities but
has not yet been fetched by all directory servers will not be ignored because
the last descriptor held by two directory servers who are an hour or two out
of date do not yet have the new descriptor?

                                  Scott Bennett, Comm. ASMELG, CFIAG
* Internet:       bennett at cs.niu.edu                              *
* "A well regulated and disciplined militia, is at all times a good  *
* objection to the introduction of that bane of all free governments *
* -- a standing army."                                               *
*    -- Gov. John Hancock, New York Journal, 28 January 1790         *