========================================================================
Tor Weekly News July, 17th 2013
========================================================================
Welcome to the third issue of Tor Weekly News, the weekly newsletter
meant to cover what is happening in the amazing Tor community.
Last call for testing Tor 0.2.4 branch
--------------------------------------
Roger Dingledine notified tor-talkÂ[1] that there are new versions of
the Tor Browser Bundle, dubbed 2.4.15-beta-1, that are readyÂ[2] to be
tested: âIf all goes well, weâll be calling the Tor 0.2.4 branch stable
very soon. So now is the perfect time to let us know that it broke for
you.â
He also added âto be clear, it is the Tor part of the Tor Browser Bundle
that needs testing. We know there are a growing pile of bugs in Vidalia,
as well as a set of issues in Torbutton. Both of these should improve
with the TBB 3.0 release. But that is a separate thread.â
[1]Âhttps://lists.torproject.org/pipermail/tor-talk/2013-July/028934.html
[2]Âhttps://www.torproject.org/projects/torbrowser.html.en#Download-torbrowserbundlealpha
Tor Hack Day, Munich, Germany
-----------------------------
Meet the people who spend their day making Tor a reality. Join them for
a public hack dayÂ[3] on Friday, July 26, 2013 in Munich, Germany at the
Technische UniversitÃt MÃnchenÂ[4].
The agenda and conversations will be determined by you and Torâs team of
developers and researchersÂâ so bring your ideas, questions, projects,
and technical expertise with you!
[3]Âhttps://blog.torproject.org/blog/join-us-tor-hack-day-munich-germany
[4]Âhttp://www.tum.de/
13th Privacy Enhancing Technologies Symposium
---------------------------------------------
Many academic researchers and students interested in anonymity are
already working with Tor. They also are part of a broader community of
academics that gather every year during the Privacy Enhancing
Technologies SymposiumÂ[5]. The 13th editionÂ[6] was held in
Bloomington, Indiana, USA and was again well attended.
Several Tor developers were among the crowd of around 130 attendees
(this makes it a new record or very close). On the first day, the first
workshop on Privacy Enhancing Tools (PETools)Â[7] was held, in which
Roger Dingledine was invited to talk about âLessons from Tor: How to
Help Developers and Researchers Improve your Privacy Tool.â
During the next two days, researchers presented the selected papers.
Two of them are directly relevant to the development of the Tor network:
Mashael Alsabah, Kevin Bauer, Tariq Elahi, and Ian Goldberg presented
ConfluxÂ[8], âa dynamic traffic-splitting approach that assigns traffic
to an overlay path based on its measured latency. [â] Conflux
considerably increases performance for clients using low-bandwidth
bridges.â A thread on tor-talkÂ[9] discusses effects of Conflux on
website fingerprinting.
John Geddes, Rob Jansen, and Nicholas Hopper studiedÂ[10] âbalancing
performance with anonymity in Torâ. They have âinvestigated the effects
of proposed [performance enhancing] modifications on attacks that rely
on network measurements as a side channel.â The paper concluded with âan
analysis of the total reduction in anonymity that clients face due to
each proposed mechanism.â
Other papers are relevant to the wider set of Tor problems:
David Fifield, Gabi Nakibly, and Dan Boneh have looked atÂ[11]
âweb-based online scanning service [â] that can be covertly used as
proxies in a censorship circumvention system.â The system they describe
is already âavailable as an experimental rendezvous for the flash proxy
systemÂ[12] and is part of Torâs pluggable-transports web browser
bundles starting with the 2.4.11-alpha-1 releaseÂ[13].â
Amir Houmansadr and Nikita Borisov presentedÂ[14] an analysis of how
practical it is to âreliably fingerprint millions of network flows by
tagging only as few as tens of packets from each flow.â
An extra day was dedicated to the HotPETs workshop, intended to âfoster
new ideas, spirited debates, and controversial perspectives on privacy
(and lack thereof).â Among other interesting submissions, Wenxuan Zhou,
Amir Houmansadr, Matthew Caesar, and Nikita Borisov presented
SWEETÂ[15], a way to encapsulate âa censored userâs traffic inside email
messages that are carried over by typical email service providers.â
All papers presented during the conference are available for download
from the program page.
The next edition of PETS will be help July 16-18, 2014, in Amsterdam.
[5]Âhttp://petsymposium.org/
[6]Âhttp://petsymposium.org/2013/program.php
[7]Âhttp://petools.soic.indiana.edu/
[8]Âhttp://freehaven.net/anonbib/papers/pets2013/paper_65.pdf
[9]Âhttps://lists.torproject.org/pipermail/tor-talk/2013-July/028950.html
[10]Âhttp://freehaven.net/anonbib/papers/pets2013/paper_80.pdf
[11]Âhttp://freehaven.net/anonbib/papers/pets2013/paper_29.pdf
[12]Âhttps://crypto.stanford.edu/flashproxy/
[13]Âhttps://www.torproject.org/projects/obfsproxy.html#download
[14]Âhttp://freehaven.net/anonbib/papers/pets2013/paper_71.pdf
[15]Âhttp://petsymposium.org/2013/papers/zhou-censorship.pdf
Hardware for high bandwidth relay
---------------------------------
Andreas Fink askedÂ[16] for hints on hardware that could support âbig
fat tor exit nodes connected with multiple 1gbps or 10gps links.â
Andy Isaacson answeredÂ[17] that NoisetorÂ[18] uses âmost of a 4-core
X3350 2.6 GHz to push ~500 Mbps symmetric. Thatâs without AES-NI.â Mike
Perry and Moritz Bartl then both confirmed that modern Intel Xeon CPUs
with AES-NI could do 300 Mbit/s per core.
[16]Âhttps://lists.torproject.org/pipermail/tor-relays/2013-July/002239.html
[17]Âhttps://lists.torproject.org/pipermail/tor-relays/2013-July/002241.html
[18]Âhttp://noisetor.net/
Blocking GFW probes on the firewall
-----------------------------------
Marek Majkowski suggests how to resist Chinese effort to scan Tor relays
and bridgesÂ[19] using a firewallÂ[20]. Somewhere in the past month the
Great Firewall of China started to actively probe the destination of any
traffic that looked like a Tor bridge, plain or obfs2. If a handshake is
successful, the connection is reset and the bridge address put on a
blacklist.
As the probe sequence is static, Marek identified the incoming
connection and gave rules for the netfilter Linux firewall to filter
them out.
If you run a bridge under Linux, please give them a try!
[19]Âhttp://www.cs.kau.se/philwint/pdf/foci2012.pdf
[20]Âhttps://lists.torproject.org/pipermail/tor-talk/2013-July/028897.html
Is it worth running a relay on a home broadband connection?
-----------------------------------------------------------
Nick askedÂ[21] on the tor-relays mailing-list: âI have a reasonable
ADSL connection, and a little always-on server. The bandwidth is in the
region of 2Mib/s down, something less up (maybe 256Kib/s). Is it useful
for me to run a tor relay with this bandwidth?â
Lunar pointed outÂ[22] that a relay with this capacity was âlikely to be
selected as a middle node 1 time out of 10000 circuits, if not lessââ
Roger Dingledine drew the cutÂ[23]: âat this point if youâre at least
800kbit (100KBytes/s) each way, itâs useful to be a relay.â He also
detailed the current thresholds for the Stable and Guard flags.
Roger mentioned connections can still be of use though: âa bridge is a
fine thing to run on a connection with 250KBytes down and 32KBytes up.â
And maybe even more in the future as âwe might end up with a system like
ConfluxÂ[8] to let you glue together two slow bridges and get better
throughput.â
[21]Âhttps://lists.torproject.org/pipermail/tor-relays/2013-July/002240.html
[22]Âhttps://lists.torproject.org/pipermail/tor-relays/2013-July/002249.html
[23]Âhttps://lists.torproject.org/pipermail/tor-relays/2013-July/002255.html
Using Mumble with Tor
---------------------
David H. wrote a tutorialÂ[25] on how to configure Mumble to use the Tor
network on Ubuntu. This tutorial includes setting up a server using
Amazon EC2. During the discussion, adrelanos came up with his own
tutorialÂ[26] on anonymous VoIP which focuses on installing Mumble on
Whonix behind an hidden service.
Feel free to follow the discussion on tor-talkÂ[27].
[25]Âhttp://huertanix.tumblr.com/post/55261352264/location-anonymous-voice-communication-a-step-by-step
[26]Âhttps://whonix.org/wiki/Voip
[27]Âhttps://lists.torproject.org/pipermail/tor-talk/2013-July/028939.html
Miscellaneous development news
------------------------------
OONI has published a detailed reportÂ[28] on how Zambia is currently
censoring the grass roots online newspaper Zambian WatchdogÂ[29].
Nick Mathewson merged a way to mock C functions in tor unit tests. The
âmocking methodologyâ has been describedÂ[30] as âthe simplest thing
that could work â itâs one of the ones that festoon the code with macro
salad, and uglifies the declarations of functions that are going to get
mocked. It has the advantage of being portable, robust, and
comprehensible.â
Runa A. Sandvik announcedÂ[31] that she has disabled translations for
Vidalia on Transifex as âtranslators should not work on resources which
are currently not being maintained by a developer.â
Three GSoC students have sent updates: Johannes FÃrmann on the
EvilGenius censorship simulation projectÂ[32], Robert on Tor path
generation and Stream-RTT probingÂ[33], and Hareesan on the
steganography browser addonÂ[34].
[28]Âhttps://ooni.torproject.org/zambia-a-country-under-deep-packet-inspection.html
[29]Âhttps://zambianwatchdog.com/
[30]Âhttps://trac.torproject.org/projects/tor/ticket/8949#comment:1
[31]Âhttps://lists.torproject.org/pipermail/tor-dev/2013-July/005129.html
[32]Âhttps://lists.torproject.org/pipermail/tor-dev/2013-July/005140.html
[33]Âhttps://lists.torproject.org/pipermail/tor-dev/2013-July/005141.html
[34]Âhttps://lists.torproject.org/pipermail/tor-dev/2013-July/005143.html
Upcoming events
---------------
Jul 22-26 | Tor annual dev. meeting
| MÃnchen, Germany
| https://trac.torproject.org/projects/tor/wiki/org/meetings/2013SummerDevMeeting
|
Jul 26 | Tor Hack Day
| MÃnchen, Germany
| https://blog.torproject.org/blog/join-us-tor-hack-day-munich-germany
|
Jul 31-05 | Tor at OHM
| Geestmerambacht, Netherlands
| https://ohm2013.org/
|
Aug 1-4 | Runa Sandvik @ DEF-CON 21
| Rio Hotel, Las Vegas, USA
| https://www.defcon.org/html/defcon-21/dc-21-index.html
This issue of Tor Weekly News has been assembled by Lunar, luttigdev,
dope457, whabib, Karsten Loesing, and Roger Dingledine.
Want to continue reading TWN? Please help us create this newsletter. We
really need more volunteer writers who watch the Tor community and
report important news. Please see the project pageÂ[35] and write down
your name if you want to get involved!
[35]Âhttps://trac.torproject.org/projects/tor/wiki/TorWeeklyNews
Attachment:
signature.asc
Description: Digital signature
_______________________________________________ tor-talk mailing list tor-talk@xxxxxxxxxxxxxxxxxxxx https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk