wiki:TorWeeklyNews/2014/32

Version 37 (modified by harmony, 6 years ago) (diff)

small fixes

58th issue of Tor Weekly News. Covering what's happening from August 5th, 2014 to August 12th, 2014. To be released on August 13th, 2014.

Editor: Lunar

Status: Frozen. Only technical and language fixes are welcome. New items should go in next week's edition

Subject: Tor Weekly News — August 13th, 2014

========================================================================
Tor Weekly News                                        August 13th, 2014
========================================================================

Welcome to the thirty-second issue of Tor Weekly News in 2014, the
weekly newsletter that covers what is happening in the Tor community.

Torsocks 2.0 is now considered stable
-------------------------------------

Torsocks [1] is a wrapper program that will force an application’s
network connections to go through the Tor network. David Goulet
released [2] version 2.0.0, blessing the new codebase as stable after
more than a year of efforts [3].

David’s original email highlighted several reasons for a complete
rewrite of torsocks. Among the issues were maintainability, error
handling, thread safety, and a lack of proper compatibility layer for
multiple architectures. The new implementation addresses all these
issues while staying about the same size as the previous version (4000
lines of C according to sloccount), and test coverage has been vastly
extended.

Torsocks comes in handy when a piece of software does not natively
support the use of a SOCKS proxy. In most cases, the new version may be
safer, as torsocks will prevent DNS requests and non-torified
connections from happening.

Integrators and power users should watch their steps while migrating to
the new version. The configuration file format has changed, and some
applications might behave differently as more system calls are now
restricted.

  [1]: https://gitweb.torproject.org/torsocks.git/blob/HEAD:/README.md
  [2]: https://lists.torproject.org/pipermail/tor-dev/2014-August/007330.html
  [3]: https://lists.torproject.org/pipermail/tor-dev/2013-June/004959.html

Next generation Hidden Services and Introduction Points
-------------------------------------------------------

When Tor clients need to connect to a Hidden Service, the first step is
to create a circuit to its “Introduction Point”. There, the Tor client
serving the Hidden Service will be waiting through another circuit to
agree on a “Rendezvous Point” and pursue the communication through
circuits connecting to this freshly selected Tor node.

This general design is not subject to any changes in the revision of
hidden services [4] currently being worked on. But there are still some
questions left unanswered regarding the best way to select Introduction Points.
George Kadianakis summarized [5] them as: “How many IPs should an HS
have? Which relays can be IPs? What’s the lifetime of an IP?”

For each of these questions, George collected possible answers and assessed
whether or not they could respond to several attacks identified in the past.
Anyone interested should help with the research needed and join the
discussion.

In the meantime, Michael Rogers is also trying to find ways [6] to
improve hidden service performance in mobile contexts. One way to do so
would be to “keep the set of introduction points as stable as possible”.
However, a naive approach to doing so would ease the job of attackers trying
to locate a hidden service. The idea would be to always use the same
guard and middle node for a given introduction point, but this might
also open the doors to new attacks. Michael suggests experimenting with
the recently published Java research framework [7] to gain a better
understanding of the implications.

  [4]: https://gitweb.torproject.org/torspec.git/blob/HEAD:/proposals/224-rend-spec-ng.txt
  [5]: https://lists.torproject.org/pipermail/tor-dev/2014-August/007335.html
  [6]: https://fulpool.org/pipermail/hidden-services/2014-August/000019.html
  [7]: https://github.com/drgowen/tor-research-framework

More status reports for July 2014
---------------------------------

The wave of regular monthly reports from Tor project members for the
month of July continued, with submissions from Andrew Lewman [8], Colin
C. [9], and Damian Johnson [10].

Roger Dingledine sent out the report for SponsorF [11]. Arturo Filastò
described what the OONI team [12] was up to. The Tails team covered
their activity for June and July [13].

  [8]: https://lists.torproject.org/pipermail/tor-reports/2014-August/000615.html
  [9]: https://lists.torproject.org/pipermail/tor-reports/2014-August/000616.html
 [10]: https://lists.torproject.org/pipermail/tor-reports/2014-August/000617.html
 [11]: https://lists.torproject.org/pipermail/tor-reports/2014-August/000619.html
 [12]: https://lists.torproject.org/pipermail/tor-reports/2014-August/000621.html
 [13]: https://tails.boum.org/news/report_2014_06-07/

Miscellaneous news
------------------

Two Tor Browser releases are at QA stage: 4.0-alpha-1 [14] including
meek and a new directory layout, and 3.6.4 [15] for security fixes.

 [14]: https://lists.torproject.org/pipermail/tor-qa/2014-August/000436.html
 [15]: https://lists.torproject.org/pipermail/tor-qa/2014-August/000439.html

The recent serious attack against Tor hidden services [16] was also a
Sybil attack: a large number of malicious nodes joined the network at
once. This led to a renewal of interest in detecting Sybil attacks against the Tor
network more quickly. Karsten Loesing published some code [17] computing
similarity metrics, and David Fifield has explored visualizations [18]
of the consensus that made the recent attack visible.

 [16]: https://blog.torproject.org/blog/tor-security-advisory-relay-early-traffic-confirmation-attack
 [17]: https://github.com/kloesing/SAD
 [18]: https://bugs.torproject.org/12813

Gareth Owen sent out an update [19] about the Java Tor Research
Framework. This prompted a discussion with George Kadianakis and Tim
about the best way to perform fuzz testing [20] on Tor. Have a look if
you want to comment on Tim’s approaches [21].

 [19]: https://lists.torproject.org/pipermail/tor-dev/2014-August/007328.html
 [20]: https://en.wikipedia.org/wiki/Fuzz_testing
 [21]: https://lists.torproject.org/pipermail/tor-dev/2014-August/007334.html

Thanks to Daniel Thill [22] for running a mirror of the Tor Project
website!

 [22]: https://lists.torproject.org/pipermail/tor-mirrors/2014-August/000651.html

ban mentioned [23] a new service collecting donations for the Tor
network. OnionTip [24], set up by Donncha O’Cearbhaill, will collect
bitcoins and redistribute them to relay operators who put a bitcoin
address in their contact information. As the redistribution is currently
done according to the consensus weight, Sebastian Hahn warned [25] that
this might encourage people to “cheat the consensus weight” because that
now means “more money from oniontip”.

 [23]: https://lists.torproject.org/pipermail/tor-relays/2014-August/005073.html 
 [24]: https://oniontip.com/
 [25]: https://lists.torproject.org/pipermail/tor-relays/2014-August/005077.html

Juha Nurmi sent another update [26] on the ahmia.fi GSoC project.

 [26]: https://lists.torproject.org/pipermail/tor-reports/2014-August/000620.html

News from Tor StackExchange
---------------------------

arvee wants to redirect some TCP connections through Tor on OS X;
Redsocks [27] should help to route packets for port 443 over Tor [28].
mirimir explained that given the user's pf configuration, the setting
“SocksPort 8888” was probably missing.

 [27]: http://darkk.net.ru/redsocks/
 [28]: https://tor.stackexchange.com/q/3802/88

meee asked a question and offered a bounty for an answer: the circuit handshake
entry in Tor’s log file contains some numbers, and meee wants to know what
their meaning is [29]: “Circuit handshake stats since last time:
1833867/1833868 TAP, 159257/159257 NTor.”

 [29]: https://tor.stackexchange.com/q/3213/88

Easy development tasks to get involved with
-------------------------------------------

The bridge distributor BridgeDB [30] usually gives out bridges by
responding to user requests via HTTPS and email. A while ago, BridgeDB
also gave out bridges to a very small number of people who would then
redistribute bridges using their social network. We would like to resume
sending bridges to these people, but only if BridgeDB can be made to
send them via GnuPG-encrypted emails [31]. If you’d like to dive into
the BridgeDB code and add support for GnuPG-encrypted emails, please
take a look at the ticket and give it a try.

 [30]: https://bridges.torproject.org/
 [31]: https://bugs.torproject.org/9332

Upcoming events
---------------

 Aug. 13 13:30 UTC | little-t tor development meeting
                   | https://lists.torproject.org/pipermail/tor-dev/2014-August/007314.html
                   | #tor-dev, irc.oftc.net
                   |
 Aug. 13 16:00 UTC | Pluggable transport online meeting
                   | https://lists.torproject.org/pipermail/tor-dev/2014-August/007317.html
                   | #tor-dev, irc.oftc.net
                   |
 Aug. 18 18:00 UTC | Tor Browser online meeting
                   | #tor-dev, irc.oftc.net
                   | https://lists.torproject.org/pipermail/tbb-dev/2014-August/000100.html
                   |
 August 18         | Roger @ FOCI ’14
                   | San Diego, California, USA
                   | https://www.usenix.org/conference/foci14
                   |
 August 20-22      | Roger @ USENIX Security Symposium ’14
                   | San Diego, California, USA
                   | https://www.usenix.org/conference/usenixsecurity14


This issue of Tor Weekly News has been assembled by Lunar, qbi,
Karsten Loesing, and harmony.

Want to continue reading TWN? Please help us create this newsletter.
We still need more volunteers to watch the Tor community and report
important news. Please see the project page [32], write down your
name and subscribe to the team mailing list [33] if you want to
get involved!

 [32]: https://trac.torproject.org/projects/tor/wiki/TorWeeklyNews
 [33]: https://lists.torproject.org/cgi-bin/mailman/listinfo/news-team