Delivery-Date: Wed, 06 Aug 2014 08:01:23 -0400
Return-Path: <tor-talk-bounces@lists.torproject.org>
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on moria.seul.org
X-Spam-Level: 
X-Spam-Status: No, score=-4.8 required=5.0 tests=BAYES_00,RCVD_IN_DNSWL_MED,
	RP_MATCHES_RCVD,UNPARSEABLE_RELAY autolearn=ham version=3.3.1
X-Original-To: archiver@seul.org
Delivered-To: archiver@seul.org
Received: from eugeni.torproject.org (eugeni.torproject.org [38.229.72.13])
	(using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by khazad-dum.seul.org (Postfix) with ESMTPS id CBEA01E01A3;
	Wed,  6 Aug 2014 08:01:20 -0400 (EDT)
Received: from eugeni.torproject.org (localhost [127.0.0.1])
	by eugeni.torproject.org (Postfix) with ESMTP id 1871626FA8;
	Wed,  6 Aug 2014 12:01:18 +0000 (UTC)
Received: from localhost (localhost [127.0.0.1])
 by eugeni.torproject.org (Postfix) with ESMTP id E8ED227EDA;
 Wed,  6 Aug 2014 12:01:14 +0000 (UTC)
X-Virus-Scanned: Debian amavisd-new at eugeni.torproject.org
Received: from eugeni.torproject.org ([127.0.0.1])
 by localhost (eugeni.torproject.org [127.0.0.1]) (amavisd-new, port 10024)
 with ESMTP id DfioV63zK9j1; Wed,  6 Aug 2014 12:01:14 +0000 (UTC)
Received: from mail.potager.org (quatre.potager.org [91.194.60.100])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (Client CN "*.potager.org",
 Issuer "StartCom Class 2 Primary Intermediate Server CA" (not verified))
 by eugeni.torproject.org (Postfix) with ESMTPS id 86FBA21AFC;
 Wed,  6 Aug 2014 12:01:14 +0000 (UTC)
Received: from [127.0.0.1] (localhost [127.0.0.1]) with ESMTPSA id 65155C2BAC4
Date: Wed, 6 Aug 2014 14:00:57 +0200
From: Lunar <lunar@torproject.org>
To: tor-news@lists.torproject.org, tor-talk@lists.torproject.org
Message-ID: <20140806120057.GB20092@loar>
Mail-Followup-To: tor-news@lists.torproject.org, tor-talk@lists.torproject.org
MIME-Version: 1.0
User-Agent: Mutt/1.5.23 (2014-03-12)
Subject: [tor-talk] =?utf-8?q?Tor_Weekly_News_=E2=80=94_August_6th=2C_2014?=
X-BeenThere: tor-talk@lists.torproject.org
X-Mailman-Version: 2.1.15
Precedence: list
Reply-To: tor-talk@lists.torproject.org
List-Id: "all discussion about theory, design,
 and development of Onion Routing" <tor-talk.lists.torproject.org>
List-Unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-talk>, 
 <mailto:tor-talk-request@lists.torproject.org?subject=unsubscribe>
List-Archive: <http://lists.torproject.org/pipermail/tor-talk/>
List-Post: <mailto:tor-talk@lists.torproject.org>
List-Help: <mailto:tor-talk-request@lists.torproject.org?subject=help>
List-Subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>, 
 <mailto:tor-talk-request@lists.torproject.org?subject=subscribe>
Content-Type: multipart/mixed; boundary="===============3679566248311489702=="
Errors-To: tor-talk-bounces@lists.torproject.org
Sender: "tor-talk" <tor-talk-bounces@lists.torproject.org>


--===============3679566248311489702==
Content-Type: multipart/signed; micalg=pgp-sha256;
	protocol="application/pgp-signature"; boundary="QTprm0S8XgL7H0Dt"
Content-Disposition: inline


--QTprm0S8XgL7H0Dt
Content-Type: text/plain; charset=utf-8
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D
Tor Weekly News                                         August 6th, 2014
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D

Welcome to the thirty-first issue of Tor Weekly News in 2014, the weekly
newsletter that covers what is happening in the Tor community.

Tor and the RELAY_EARLY traffic confirmation attack
---------------------------------------------------

Roger Dingledine ended several months of concern and speculation in the
Tor community with a security advisory posted to the tor-announce
mailing list=C2=A0[1] and the Tor blog=C2=A0[2].

In it, he gave details of a five-month-long active attack on operators
and users of Tor hidden services that involved a variant of the
so-called =E2=80=9CSybil attack=E2=80=9D: the attacker signed up =E2=80=9Ca=
round 115 fast
non-exit relays=E2=80=9D (now removed from the Tor network), and configured=
 them
to inject a traffic header signal consisting of RELAY_EARLY cells to
=E2=80=9Ctag=E2=80=9D any hidden service descriptor requests received by ma=
licious
relays =E2=80=94 a tag which could then be picked up by other bad nodes act=
ing
as entry guards=C2=A0[3], in the process identifying clients which requested
information about a particular hidden service.

The attack is suspected to be linked to a now-cancelled talk that was
due to be delivered at the BlackHat security conference=C2=A0[4]. There have
been several fruitful and positive research projects involving
theoretical attacks on Tor=E2=80=99s security, but this was not among them.=
 Not
only were there problems with the process of responsible disclosure,
but, as Roger wrote, =E2=80=9Cthe attacker encoded the name of the hidden
service in the injected signal (as opposed to, say, sending a random
number and keeping a local list mapping random number to hidden service
name)=E2=80=9D, thereby =E2=80=9C[putting] users at risk indefinitely into =
the future=E2=80=9D.

On the other hand, it is important to note that =E2=80=9Cwhile this particu=
lar
variant of the traffic confirmation attack allows high-confidence and
efficient correlation, the general class of passive (statistical)
traffic confirmation attacks remains unsolved and would likely have
worked just fine here=E2=80=9D. In other words, the tagging mechanism used =
in
this case is the innovation; the other element of the attack is a known
weakness of low-latency anonymity systems, and defending against it is a
much harder problem.

=E2=80=9CUsers who operated or accessed hidden services from early February
through July 4 should assume they were affected=E2=80=9D and act accordingl=
y; in
the case of hidden service operators, this may mean changing the
location of the service. Accompanying the advisory were two new releases
for both the stable and alpha tor branches (0.2.4.23 and 0.2.5.6-alpha);
both include a fix for the signal-injection issue that causes tor to
drop circuits and give a warning if RELAY_EARLY cells are detected going
in the wrong direction (towards the client), and both prepare the ground
for clients to move to single entry guards (rather than sets of three)
in the near future. Relay operators should be sure to upgrade; a
point-release of the Tor Browser will offer the same fixes to ordinary
users. Nusenu suggested=C2=A0[5] that relay operators regularly check their
logs for the new warning, =E2=80=9Ceven if the attack origin is not directly
attributable from a relay=E2=80=99s point of view=E2=80=9D. Be sure to read=
 the full
security advisory for a fuller explanation of the attack and its
implications.

   [1]:=C2=A0https://lists.torproject.org/pipermail/tor-announce/2014-July/=
000094.html
   [2]:=C2=A0https://blog.torproject.org/blog/tor-security-advisory-relay-e=
arly-traffic-confirmation-attack
   [3]:=C2=A0https://www.torproject.org/docs/faq#EntryGuards
   [4]:=C2=A0https://blog.torproject.org/blog/recent-black-hat-2014-talk-ca=
ncellation
   [5]:=C2=A0https://lists.torproject.org/pipermail/tor-relays/2014-August/=
005046.html

Why is bad-relays a closed mailing list?
----------------------------------------

Damian Johnson and Philipp Winter have been working on improving the
process of reporting bad relays=C2=A0[6]. The process starts by having users
report odd behaviors to the bad-relays mailing list.

Only a few trusted volunteers receive and review these reports. Nusenu
started a discussion on tor-talk=C2=A0[7] advocating for more transparency.
Nusenu argues that an open list would =E2=80=9Clikely get more confirm/can=
=E2=80=99t
confirm feedback for a given badexit candidate=E2=80=9D, and that it would =
allow
worried users to act faster than operators of directory authorities.

Despite being =E2=80=9Cusually on the side of transparency=E2=80=9D, Roger =
Dingledine
described=C2=A0[8] being =E2=80=9Cstuck=E2=80=9D on the issue, =E2=80=9Cbec=
ause the arms race is so
lopsidedly against us=E2=80=9D.

Roger explains: =E2=80=9Cwe can scan for whether exit relays handle certain
websites poorly, but if the list that we scan for is public, then exit
relays can mess with other websites and know they=E2=80=99ll get away with =
it.
We can scan for incorrect behavior on various ports, but if the list of
ports and the set of behavior we do is public, then again relays are
free to mess with things we don=E2=80=99t look for.=E2=80=9D

A better future and more transparency probably lies in adaptive test
systems run by multiple volunteer groups. Until they come to existence,
as a small improvement, Philipp Winter wrote=C2=A0[9] it was probably safe =
to
publish why relays were disabled, through =E2=80=9Cshort sentence along the
lines of =E2=80=98running HTTPS MitM=E2=80=99 or =E2=80=98running sslstrip=
=E2=80=99=E2=80=9D.

   [6]:=C2=A0https://trac.torproject.org/projects/tor/wiki/doc/ReportingBad=
Relays
   [7]:=C2=A0https://lists.torproject.org/pipermail/tor-talk/2014-July/0341=
98.html
   [8]:=C2=A0https://lists.torproject.org/pipermail/tor-talk/2014-July/0342=
19.html
   [9]:=C2=A0https://lists.torproject.org/pipermail/tor-talk/2014-July/0342=
16.html

Monthly status reports for July 2014
------------------------------------

Time for monthly reports from Tor project members. The July 2014 round
was opened by Georg Koppen=C2=A0[10], followed by Philipp Winter=C2=A0[11],
Sherief Alaa=C2=A0[12], Lunar=C2=A0[13], Nick Mathewson=C2=A0[14], Pearl Cr=
escent=C2=A0[15],
George Kadianakis=C2=A0[16], Matt Pagan=C2=A0[17], Isis Lovecruft=C2=A0[18]=
, Griffin
Boyce=C2=A0[19], Arthur Edelstein=C2=A0[20], and Karsten Loesing=C2=A0[21].

  [10]:=C2=A0https://lists.torproject.org/pipermail/tor-reports/2014-July/0=
00598.html
  [11]:=C2=A0https://lists.torproject.org/pipermail/tor-reports/2014-July/0=
00599.html
  [12]:=C2=A0https://lists.torproject.org/pipermail/tor-reports/2014-August=
/000601.html
  [13]:=C2=A0https://lists.torproject.org/pipermail/tor-reports/2014-August=
/000603.html
  [14]:=C2=A0https://lists.torproject.org/pipermail/tor-reports/2014-August=
/000604.html
  [15]:=C2=A0https://lists.torproject.org/pipermail/tor-reports/2014-August=
/000605.html
  [16]:=C2=A0https://lists.torproject.org/pipermail/tor-reports/2014-August=
/000608.html
  [17]:=C2=A0https://lists.torproject.org/pipermail/tor-reports/2014-August=
/000609.html
  [18]:=C2=A0https://lists.torproject.org/pipermail/tor-reports/2014-August=
/000610.html
  [19]:=C2=A0https://lists.torproject.org/pipermail/tor-reports/2014-August=
/000611.html
  [20]:=C2=A0https://lists.torproject.org/pipermail/tor-reports/2014-August=
/000612.html
  [21]:=C2=A0https://lists.torproject.org/pipermail/tor-reports/2014-August=
/000614.html

Lunar reported on behalf of the help desk=C2=A0[22] and Mike Perry for the
Tor Browser team=C2=A0[23].

  [22]:=C2=A0https://lists.torproject.org/pipermail/tor-reports/2014-August=
/000602.html
  [23]:=C2=A0https://lists.torproject.org/pipermail/tor-reports/2014-August=
/000607.html

Miscellaneous news
------------------

Anthony G. Basile announced a new release of tor-ramdisk, an i686 or
x86_64 uClibc-based micro Linux distribution whose only purpose is to
host a Tor server. Version 20140801=C2=A0[24] updates Tor to version
0.2.4.23, and the kernel to 3.15.7 with Gentoo=E2=80=99s hardened patches.

  [24]:=C2=A0http://opensource.dyc.edu/pipermail/tor-ramdisk/2014-August/00=
0132.html

meejah has announced=C2=A0[25] a new command-line application. carml=C2=A0[=
26] is
a versatile set of tools to =E2=80=9Cquery and control a running Tor=E2=80=
=9D. It can do
things like =E2=80=9Clist and remove streams and circuits; monitor stream,
circuit and address-map events; watch for any Tor event and print it (or
many) out; monitor bandwidth; run any Tor control-protocol command; pipe
through common Unix tools like grep, less, cut, etcetera; download TBB
through Tor, with pinned certs and signature checking; and even spit out
and run xplanet configs (with router/circuit markers)!=E2=80=9D The applica=
tion
is written in Python and uses the txtorcon=C2=A0library=C2=A0[27]. meejah
describes it as early-alpha and warns that it might contain =E2=80=9Cseriou=
s,
anonymity-destroying bugs=E2=80=9D. Watch out!

  [25]:=C2=A0https://lists.torproject.org/pipermail/tor-dev/2014-August/007=
295.html
  [26]:=C2=A0https://github.com/meejah/carml
  [27]:=C2=A0https://txtorcon.readthedocs.org/

Only two weeks left for the Google Summer of Code students, and the last
round of reports but one: Juha Nurmi on the ahmia.fi project=C2=A0[28], Marc
Juarez on website fingerprinting defenses=C2=A0[29], Amogh Pradeep on Orbot
and Orfox improvements=C2=A0[30], Zack Mullaly on the HTTPS Everywhere secu=
re
ruleset update mechanism=C2=A0[31], Israel Leiva on the GetTor revamp=C2=A0=
[32],
Quinn Jarrell on the pluggable transport combiner=C2=A0[33], Daniel Mart=C3=
=AD on
incremental updates to consensus documents=C2=A0[34], Noah Rahman on
Stegotorus enhancements=C2=A0[35], and Sreenatha Bhatlapenumarthi on the Tor
Weather rewrite=C2=A0[36].

  [28]:=C2=A0https://lists.torproject.org/pipermail/tor-reports/2014-August=
/000600.html
  [29]:=C2=A0https://lists.torproject.org/pipermail/tor-reports/2014-August=
/000606.html
  [30]:=C2=A0https://lists.torproject.org/pipermail/tor-dev/2014-August/007=
282.html
  [31]:=C2=A0https://lists.eff.org/pipermail/https-everywhere/2014-August/0=
02199.html
  [32]:=C2=A0https://lists.torproject.org/pipermail/tor-dev/2014-August/007=
284.html
  [33]:=C2=A0https://lists.torproject.org/pipermail/tor-dev/2014-August/007=
285.html
  [34]:=C2=A0https://lists.torproject.org/pipermail/tor-dev/2014-August/007=
287.html
  [35]:=C2=A0https://lists.torproject.org/pipermail/tor-dev/2014-August/007=
288.html
  [36]:=C2=A0https://lists.torproject.org/pipermail/tor-dev/2014-August/007=
293.html

The Tails team is looking for testers to solve a possible
incompatibility in one of the recommended installation procedures. If
you have a running Tails system, a spare USB stick and some time, please
help=C2=A0[37]. Don=E2=80=99t miss the recommended command-line options=C2=
=A0[38]!

  [37]:=C2=A0https://mailman.boum.org/pipermail/tails-testers/2014-July/000=
059.html
  [38]:=C2=A0https://mailman.boum.org/pipermail/tails-testers/2014-July/000=
060.html

The Citizen Lab Summer Institute=C2=A0[39] took place at the University of
Toronto from July 28 to 31. The event brought together policy and
technology researchers who focus on Internet censorship and measurement.
A lot of great work was presented including but not limited to a
proposal to measure the chilling effect, ongoing work to deploy
Telex=C2=A0[40], and several projects to measure censorship in different
countries. Some Tor-related work was also presented: Researchers are
working on understanding how the Tor network is used for political
purposes. Another project makes use of TCP/IP side channels to measure
the reachability of Tor relays from within China=C2=A0[41].

  [39]:=C2=A0https://citizenlab.org/summerinstitute/2014.html
  [40]:=C2=A0http://freehaven.net/anonbib/cache/usenix11-telex.pdf
  [41]:=C2=A0https://arxiv.org/pdf/1312.5739.pdf

The Electronic Frontier Foundation wrote two blog posts to show why Tor
is important for universities and how universities can help the Tor
network. The first part=C2=A0[42] explains why Tor matters, gives several
examples of universities already contributing to the Tor network, and
outlines a few reasons for hosting new Tor nodes. The second part=C2=A0[43]
gives actual tips on where to start, and how to do it best.

  [42]:=C2=A0https://www.eff.org/deeplinks/2014/08/tor-campus-part-i-its-be=
en-done-and-should-happen-again
  [43]:=C2=A0https://www.eff.org/deeplinks/2014/08/tor-campus-part-ii-icebr=
eakers-and-risk-mitigation-strategies

Tor help desk roundup
---------------------

Users occasionally ask if there is any way to set Tor Browser as the
default browser on their system. Currently this is not possible,
although it may be possible in a future Tor Browser release=C2=A0[44]. In t=
he
mean time, Tails provides another way to prevent accidentally opening
hyperlinks in a non-Tor browser.

  [44]:=C2=A0https://bugs.torproject.org/12763

Easy development tasks to get involved with
-------------------------------------------

Tor Launcher is the Tor controller shipped with Tor Browser written in
JavaScript. Starting with Firefox 14 the =E2=80=9CnsILocalFile=E2=80=9D int=
erface has
been deprecated and replaced with the =E2=80=9CnsIFile=E2=80=9D interface=
=C2=A0[45]. What we
should do is replace all instances of =E2=80=9CnsILocalFile=E2=80=9D with =
=E2=80=9CnsIFile=E2=80=9D and
see if anything else needs fixing to make Tor Launcher still work as
expected. If you know a little bit about Firefox extensions and want to
give this a try, clone the repository=C2=A0[46], make the necessary changes,
run =E2=80=9Cmake package=E2=80=9D, and tell us whether something broke in =
interesting
ways.

  [45]:=C2=A0https://bugs.torproject.org/10573
  [46]:=C2=A0https://gitweb.torproject.org/tor-launcher.git

Upcoming events
---------------

 Aug.  6 19:00 UTC | little-t tor development meeting
                   | #tor-dev, irc.oftc.net
                   |
 Aug. 11 18:00 UTC | Tor Browser online meeting
                   | #tor-dev, irc.oftc.net
                   | https://lists.torproject.org/pipermail/tbb-dev/2014-Au=
gust/000100.html
                   |
 August 18         | Roger @ FOCI =E2=80=9914
                   | San Diego, California, USA
                   | https://www.usenix.org/conference/foci14
                   |
 August 20-22      | Roger @ USENIX Security Symposium =E2=80=9914
                   | San Diego, California, USA
                   | https://www.usenix.org/conference/usenixsecurity14


This issue of Tor Weekly News has been assembled by Lunar, harmony,
Matt Pagan, Philipp Winter, David Fifield, Karsten Loesing, and Roger
Dingledine.

Want to continue reading TWN? Please help us create this newsletter.
We still need more volunteers to watch the Tor community and report
important news. Please see the project page=C2=A0[47], write down your
name and subscribe to the team mailing list=C2=A0[48] if you want to
get involved!

  [47]:=C2=A0https://trac.torproject.org/projects/tor/wiki/TorWeeklyNews
  [48]:=C2=A0https://lists.torproject.org/cgi-bin/mailman/listinfo/news-team

--QTprm0S8XgL7H0Dt
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: Digital signature

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2

iQIcBAEBCAAGBQJT4hj5AAoJEEgU3sIrMHw8OZwP/RUbbRyRzku08eCK7j8i2uY8
pZjY6ouNF/5XqEcZy372cnHwMmV/ZRLSD5nENXgzGB663xyWwjACRyQkspajexqL
xdGfwOS3AEnc07+GNl5C47hS0mVofKip42ycewgXf8hJ8F2j87cJs24rkCAkdMW9
V0nK5j2LOrb+FATgUjyTZLoTkPsWutFOJRfojM+7XTPAbGHQ/GoY4bvJBGnez1VT
0fw+rkNe6uC8/y8rx3/TRqToc2ztpbIVvUPBxO0MFOweK+l2cQlJcY7wDAY4cs/G
QLBBlgtxjHpDH2xqfxNljK215zLsw9Z7FsNHKf7WUdxLeFYPvzMPMdrzSE3B0xzY
/KPqGFKExyM1L3BiaFdOYWei3M9bFClrwOxb219UvJrTX/EHb1eKdRFXlz+LklJH
IaaB2Cdc5mUk19sbUF//AOcJtj29DYu6GSk6LM0eenMBa+KTUvToL/d+XYxg5a8L
9PWqlgsQABLSgktmIPzKsTyYyftjxvrnaF5ruv6HHOraQaX1VHUc3/tuKWOk/DJz
ekpqWl7lyOx+2Kj85BfNhdW7lAD9dWJdUv/5A2LFXsvyI3axKcjqaECC/moYlx8U
t4E04rjtqm2dl7CbdL8an7dvd3eTXL4ogxo3pDRQrp4SgHFNPmHVwUKmGB7C/vqJ
9Zhqu5h0mP7qnOSAGfkS
=MEdc
-----END PGP SIGNATURE-----

--QTprm0S8XgL7H0Dt--

--===============3679566248311489702==
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline

-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

--===============3679566248311489702==--

