[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

[tor-talk] Tor Weekly News â September 10th, 2014



========================================================================
Tor Weekly News                                     September 10th, 2014
========================================================================

Welcome to the thirty-sixth issue in 2014 of Tor Weekly News, the weekly
newsletter that covers what is happening in the Tor community.

More monthly status reports for August 2014
-------------------------------------------

The wave of regular monthly reports from Tor project members for the
month of August continued, with reports from Yawning Angel [1], George
Kadianakis [2], Isis Lovecruft [3], Colin C. [4], and Griffin Boyce [5].

Arturo Filastà reported on behalf of the OONI team [6].

  [1]: https://lists.torproject.org/pipermail/tor-reports/2014-September/000643.html
  [2]: https://lists.torproject.org/pipermail/tor-reports/2014-September/000644.html
  [3]: https://lists.torproject.org/pipermail/tor-reports/2014-September/000646.html
  [4]: https://lists.torproject.org/pipermail/tor-reports/2014-September/000647.html
  [5]: https://lists.torproject.org/pipermail/tor-reports/2014-September/000648.html
  [6]: https://lists.torproject.org/pipermail/tor-reports/2014-September/000645.html

Miscellaneous news
------------------

Nathan Freitas announced [7] the release of Orbot 14.0.8, containing
âsome fixes for people who like to fiddle with transproxy/iptables
settings, which can lead to the device getting into a bad network
stateâ, as well as for âa common freak crash that was occuring on app
exit in some cases.â See Nathanâs message for a full changelog and
download links.

  [7]: https://lists.mayfirst.org/pipermail/guardian-dev/2014-September/003752.html

Mike Perry asked for comments [8] on his proposal to drop Tor Browser
support for Mac OS X 10.6, which is no longer receiving security updates
from Apple. This means that the Tor Browser team would only have to
distribute standard-sized 64-bit builds for Mac OS X rather than the
oversized 32+64-bit set. Users who are unable to upgrade their operating
system would still be able to use Tails for their Tor browsing needs.

  [8]: https://lists.torproject.org/pipermail/tor-talk/2014-September/034606.html

Hartmut Haase reported [9] that Tor Browser occasionally fails to open,
despite a successful connection being made to the Tor network; several
other users confirmed that they are also experiencing this problem.
Georg Koppen suggested [10] that the issue is the one covered by bug
ticket #10804 [11]: âSolving this is high on the priority list, but alas
not as high as getting everything ready for the switch to ESR31.â

  [9]: https://lists.torproject.org/pipermail/tor-talk/2014-September/034666.html
 [10]: https://lists.torproject.org/pipermail/tor-talk/2014-September/034678.html
 [11]: https://bugs.torproject.org/10804

Thanks to Peter Ludikovsky [12] and goll [13] for running mirrors of the
Tor Project website and software archive!

 [12]: https://lists.torproject.org/pipermail/tor-mirrors/2014-September/000681.html
 [13]: https://lists.torproject.org/pipermail/tor-mirrors/2014-September/000685.html

Andrew Lewman published [14] the results of a test he ran to answer the
question âWhy not just use CloudFlare for mirrors of the Tor Project
website?â: âThe results are that using CloudFlare doesnât offload the
binaries, which are what make up the bulk of traffic on the mirror [â]
Iâve started to look at CDN providers to see if there are affordable
services which can offload the entire site itself.â

 [14]: https://lists.torproject.org/pipermail/tor-mirrors/2014-September/000690.html

As part of an ongoing effort to rescue the Tor blog from rot and ruin
caused by broken Drupal code, ultrasandwich set up [15] an unofficial
preview [16] of a possible blog based on the Jekyll static site
generator. If you want to contribute to the revamp of the Tor Project
website, including the blog, the www-team mailing list [17] awaits your
comments and ideas!

 [15]: https://bugs.torproject.org/10022#comment:22
 [16]: http://tor-blog.deadhare.com/
 [17]: https://lists.torproject.org/cgi-bin/mailman/listinfo/www-team

Tor help desk roundup
---------------------

Users want to know if their personal information is safe when they use
Tor Browser. Personal accounts are no less secure using Tor Browser than
they are using the web without Tor: the problem of authenticating
websites and preventing eavesdropping has been addressed outside of the
Tor context through HTTPS. Thatâs why the Tor Browser ships with the
HTTPS-Everywhere browser extension [18] â for every website you visit,
HTTPS-Everywhere checks  whether or not that website is known to have an
HTTPS version, and if so  it connects to the site using HTTPS instead of
HTTP. Tor + HTTPS provides  full end-to-end encryption when visiting any
site that offers its content  via HTTPS. Using HTTPS with Tor helps keep
usersâ web accounts secure.

 [18]: https://www.eff.org/https-everywhere

Easy development tasks to get involved with
-------------------------------------------

If a single human or organization runs more than one relay, they should
configure all their relays to be in the same âfamilyâ, the goal being to
prevent clients from using more than one of these relays in the same
circuit. However, the config option used for this, MyFamily, only
accepts relay fingerprints that are preceeded by $, unlike most other
config options. It would be great if this option accepted fingerprints
preceeded by $, as well as without it. Nick Mathewson says this ticket
would be pretty easy, so why not give it a try? It does sound like some
fun C hacking. Be sure to post your patch to the ticket [19].

 [19]: https://bugs.torproject.org/12093

Back in the day, the tor daemon, which is the core of the Tor network,
compiled and ran on Windows 98. But thatâs history, and arenât we all
glad? Somebody should identify and drop support code for all Windows
versions prior to Windows XP. Nick says âthis is mainly going to be a
matter of identifying cases where we use LoadLibrary and GetProcAddress
to find always-present-functions in always-present DLLs.â If the
previous sentence made any sense to you, maybe youâre a good person to
help with this! Be sure to comment on the ticket [20] if you have a
branch to review.

 [20]: https://bugs.torproject.org/11444

Upcoming events
---------------

  Sep 10 13:30 UTC | little-t tor development meeting
                   | #tor-dev, irc.oftc.net 
                   |
  Sep 10 16:00 UTC | Pluggable transport online meeting
                   | #tor-dev, irc.oftc.net
                   |
  Sep 11 14:00 UTC | Globe/Atlas development meeting
                   | #tor-dev, irc.oftc.net
                   | https://lists.torproject.org/pipermail/tor-dev/2014-September/007458.html
                   |
  Sep 15 18:00 UTC | Tor Browser online meeting
                   | #tor-dev, irc.oftc.net
                   |
  Oct 06 08:30 PDT | Roger @ ISCI â1984+30â panel
                   | UC Berkeley, California, USA
                   | https://blog.torproject.org/events/www.icsi.berkeley.edu/icsi/events/2014/10/1984-plus-30


This issue of Tor Weekly News has been assembled by harmony, Matt Pagan,
Karsten Loesing, and Lunar.

Want to continue reading TWN? Please help us create this newsletter.
We still need more volunteers to watch the Tor community and report
important news. Please see the project page [21], write down your
name and subscribe to the team mailing list [22] if you want to
get involved!

 [21]: https://trac.torproject.org/projects/tor/wiki/TorWeeklyNews
 [22]: https://lists.torproject.org/cgi-bin/mailman/listinfo/news-team
-- 
tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk