[tor-talk] Tor 0.2.7.2-alpha is released
This, the second alpha in the Tor 0.2.7 series, has a number of new features, including a way to manually pick the number of introduction points for hidden services, and the much stronger Ed25519 signing key algorithm for regular Tor relays (including support for encrypted offline identity keys in the new algorithm). Support for Ed25519 on relays is currently limited to signing router descriptors; later alphas in this series will extend Ed25519 key support to more parts of the Tor protocol. You can download the source from the usual place on the website. Packages should be up in a few days. NOTE: This is an alpha release. Please expect bugs. o Major features (Ed25519 identity keys, Proposal 220): - All relays now maintain a stronger identity key, using the Ed25519 elliptic curve signature format. This master key is designed so that it can be kept offline. Relays also generate an online signing key, and a set of other Ed25519 keys and certificates. These are all automatically regenerated and rotated as needed. Implements part of ticket 12498. - Directory authorities now vote on Ed25519 identity keys along with RSA1024 keys. Implements part of ticket 12498. - Directory authorities track which Ed25519 identity keys have been used with which RSA1024 identity keys, and do not allow them to vary freely. Implements part of ticket 12498. - Microdescriptors now include Ed25519 identity keys. Implements part of ticket 12498. - Add support for offline encrypted Ed25519 master keys. To use this feature on your tor relay, run tor --keygen to make a new master key (or to make a new signing key if you already have a master key). Closes ticket 13642. o Major features (Hidden services): - Add the torrc option HiddenServiceNumIntroductionPoints, to specify a fixed number of introduction points. Its maximum value is 10 and default is 3. Using this option can increase a hidden service's reliability under load, at the cost of making it more visible that the hidden service is facing extra load. Closes ticket 4862. - Remove the adaptive algorithm for choosing the number of introduction points, which used to change the number of introduction points (poorly) depending on the number of connections the HS sees. Closes ticket 4862. o Major features (onion key cross-certification): - Relay descriptors now include signatures of their own identity keys, made using the TAP and ntor onion keys. These signatures allow relays to prove ownership of their own onion keys. Because of this change, microdescriptors will no longer need to include RSA identity keys. Implements proposal 228; closes ticket 12499. o Major features (performance): - Improve the runtime speed of Ed25519 operations by using the public-domain Ed25519-donna by Andrew M. (floodyberry). Implements ticket 16467. - Improve the runtime speed of the ntor handshake by using an optimized curve25519 basepoint scalarmult implementation from the public-domain Ed25519-donna by Andrew M. (floodyberry), based on ideas by Adam Langley. Implements ticket 9663. o Major bugfixes (client-side privacy, also in 0.2.6.9): - Properly separate out each SOCKSPort when applying stream isolation. The error occurred because each port's session group was being overwritten by a default value when the listener connection was initialized. Fixes bug 16247; bugfix on 0.2.6.3-alpha. Patch by jojelino. o Major bugfixes (hidden service clients, stability, also in 0.2.6.10): - Stop refusing to store updated hidden service descriptors on a client. This reverts commit 9407040c59218 (which indeed fixed bug 14219, but introduced a major hidden service reachability regression detailed in bug 16381). This is a temporary fix since we can live with the minor issue in bug 14219 (it just results in some load on the network) but the regression of 16381 is too much of a setback. First-round fix for bug 16381; bugfix on 0.2.6.3-alpha. o Major bugfixes (hidden services): - When cannibalizing a circuit for an introduction point, always extend to the chosen exit node (creating a 4 hop circuit). Previously Tor would use the current circuit exit node, which changed the original choice of introduction point, and could cause the hidden service to skip excluded introduction points or reconnect to a skipped introduction point. Fixes bug 16260; bugfix on 0.1.0.1-rc. o Major bugfixes (open file limit): - The open file limit wasn't checked before calling tor_accept_socket_nonblocking(), which would make Tor exceed the limit. Now, before opening a new socket, Tor validates the open file limit just before, and if the max has been reached, return an error. Fixes
Re: [tor-talk] tor not running
www.torproject.org - Original Message - From: aka To: tor-talk@lists.torproject.org Sent: Monday, July 27, 2015 3:02 PM Subject: Re: [tor-talk] tor not running Tor doesn't need .NET framework. Where did you download your Tor package? It appears you installed malware/adware pretending to be Tor. Bill Cunningham wrote: Hello, I posted a little while back about my XP x64 not opening Tor. I wrote to tor's help desk too and received no answer. I installed .NET version 4.0 and tor still wouldn't open. I have googled and can't find anything. Would anyone maybe have an idea as to what's up? Thanks, Bill -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
[tor-talk] (no subject)
https://www.torproject.org/download/download-easy.html.en -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] tor not running
Did you follow anything Soul Plane said? Matt Speak Freely -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
[tor-talk] comicskingdom.com inaccessible by Tor?
A few weeks ago, I suddenly could not access comicskingdom.com with Tor. For several years before that, I had no problem accessing comicskingdom.com with Tor. It might be interesting to figure out how they are blocking Tor, since we want people to be able to use Tor to access sites that are otherwise blocked. (I haven't had any luck with this.) -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] tor not running
Tor doesn't need .NET framework. Where did you download your Tor package? It appears you installed malware/adware pretending to be Tor. Bill Cunningham wrote: Hello, I posted a little while back about my XP x64 not opening Tor. I wrote to tor's help desk too and received no answer. I installed .NET version 4.0 and tor still wouldn't open. I have googled and can't find anything. Would anyone maybe have an idea as to what's up? Thanks, Bill -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
[tor-talk] tor not running
Hello, I posted a little while back about my XP x64 not opening Tor. I wrote to tor's help desk too and received no answer. I installed .NET version 4.0 and tor still wouldn't open. I have googled and can't find anything. Would anyone maybe have an idea as to what's up? Thanks, Bill -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] comicskingdom.com inaccessible by Tor?
They are most likely using one of 3 options to block Tor. 1) They use Tor-provided lists of Tor exit relays 2) They use publicly available block lists 3) They rolled their own block list generator The point is, this information is publicly available. So, the question isn't how they did it, but why they did it. The answer is whatever reason they chose. Your best option is to attempt to contact them directly and ask. Matt Speak Freely -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] comicskingdom.com inaccessible by Tor?
On Mon, 27 Jul 2015 18:54:59 + (UTC) bao song michaelw...@yahoo.com.au wrote: A few weeks ago, I suddenly could not access comicskingdom.com with Tor. For several years before that, I had no problem accessing comicskingdom.com with Tor. It might be interesting to figure out how they are blocking Tor, since we want people to be able to use Tor to access sites that are otherwise blocked. (I haven't had any luck with this.) They do seem to be blocking a lot of IPs (or have some networking problem). I couldn't access it from any of my non-exit IPs that I tried, but also from one machine which does not run a relay at the moment (but ran previously), and from a machine which has never ran a relay [1]. All of these are VPS/dedicated servers. The site loads fine from four tested regular user home and office connections. So maybe they are just blocking known datacenter IPs. [1] To my knowledge. Unfortunately ExoneraTor doesn't allow to check if that's really been the case (i.e. run a search with no date specified). -- With respect, Roman signature.asc Description: PGP signature -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] tor not running
Bill, Yeah, I've never received a response from any torproject email address. You're officially part of the club! I will re-post the first half of Soul Plane's very first remark. To get help I think you will have to give more information We need more information! You wrote: It will not even start let alone install. So, let's start at the beginning. Step by step. You downloaded the exe, you double clicked on it, then what? 1) You downloaded Tor Browser from Tor's website[0] 2) You double clicked the .exe 3) Some more questions: - Is this a work or personal computer? - Is your anti-virus running? Is your anti-virus up to date? - Have you tried temporarily disabling your AV while installing? - Is your Windows User account Limited/Standard, or Admin? - Can you install other software without issue? - Have you taken a look at Event Viewer? What does it say? - Did you verify the download using the signature? [0] https://www.torproject.org/projects/torbrowser.html.en#downloads or https://www.torproject.org/download/download-easy.html.en Matt Speak Freely -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] tor not running
- Original Message - From: Speak Freely To: tor-talk@lists.torproject.org Sent: Monday, July 27, 2015 4:26 PM Subject: Re: [tor-talk] tor not running Bill, Yeah, I've never received a response from any torproject email address. You're officially part of the club! I will re-post the first half of Soul Plane's very first remark. To get help I think you will have to give more information We need more information! You wrote: It will not even start let alone install. So, let's start at the beginning. Step by step. You downloaded the exe, you double clicked on it, then what? 1) You downloaded Tor Browser from Tor's website[0] 2) You double clicked the .exe 3) Nothing happens. It doesn't do anything. No processes begin to open the download. Some more questions: - Is this a work or personal computer? PC - Is your anti-virus running? Is your anti-virus up to date? no and no - Have you tried temporarily disabling your AV while installing? I do not use antivirus software. - Is your Windows User account Limited/Standard, or Admin? admin - Can you install other software without issue? yes - Have you taken a look at Event Viewer? What does it say? no - Did you verify the download using the signature? no [0] https://www.torproject.org/projects/torbrowser.html.en#downloads or https://www.torproject.org/download/download-easy.html.en -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] tor not running
Hello again, 1) Okay well the first thing to do would be to get an anti-virus. Now. Unless you want me to, I won't get into how exposed you are as an XP user, running under an admin account. You should do each of the following, but whichever order doesn't matter. 2) Check the download. This site does a really good explanation of how to verify your download. You will have to download GnuPG. https://www.torproject.org/docs/verifying-signatures.html.en 3) Check the Event Viewer Start Control Panel Administrative Tools Event Viewer. Look in each of the folders for errors. A 'good' idea is to try to run the program right before you open the event viewer, so anything that pops up would be at the top. 4) Confirm #1. Out of curiosity and for fun, try renaming the file and then running it. It probably won't help. Matt Speak Freely -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
[tor-talk] Vodafone DE throttles connections to the Tor network
Hi,
The ISP Vodafone Germany ('provided by GCHQ') is slowing down network speed
extremely when trying to connect to the Tor network. Although advertising that
there exists no DSL throttle [www.vodafone.de/dsl/dsl-drosselung.html] it is
becoming more and more difficult to download the required directory information
at the beginning [Establishing an encrypted directory connection]. Often this
is stopped by timeout.
24.04.2015 01:10:41.335 [NOTICE] I learned some more directory information,
but not enough to build a circuit: We need more microdescriptors: we have
29/6587, and can only build 0% of likely paths. (We have 0% of guards bw, 0% of
midpoint bw, and 0% of exit bw.)
The highest download speed is then at 4-6 kB/s or in better times at 15-20
kB/s. This way it is impossible to use the Tor network with Tor Browser to open
a text-based site with html or to download e-mails with Torbirdy in
Thunderbird. At the same time connections without Tor (Browser, ftp, torrent
download) are working with speeds up to 1.5 MB/s.
The throttling occurs using the latest Tor Browser versions on Windows or Linux
systems, also when connecting with obfs3. The connection to the Tor network
seems to work 'uncensored' if I use Tor Browser inside Tails with the
preference of changing the MAC address.
So, I would assume that the device's MAC address and / or the IP address which
is almost always the same (provided by the router, although there are three or
more different users), is used to block connecting to the Tor network.
17.01.2015 00:17:19.658 [NOTICE] Bootstrapped 10%: Finishing handshake with
directory server
17.01.2015 00:18:57.352 [NOTICE] Delaying directory fetches: No running bridges
17.01.2015 00:19:02.760 [NOTICE] Bootstrapped 15%: Establishing an encrypted
directory connection
17.01.2015 00:19:02.806 [WARN] Proxy Client: unable to connect to x.x.x.x:x
(Connection refused)
17.01.2015 00:19:02.807 [WARN] Proxy Client: unable to connect to x.x.x.x:x
(Connection refused)
With separately provided bridges [https://bridges.torproject.org/options] Tor
Browser is working fine.
[May 15, 2015] Today's direct connection to the Tor network: downloading with
20-30 kB/s; downloading the latest version of Tor Browser here resulted in a
corrupted file.
With custom bridges the download speed is around 600-1200 kB/s.
Vodafone seems also to learn these non-published bridges. I had three different
bridges in Tor network settings / enter custom bridges, and after a period of
uncensored connections two of three bridges are blocked now:
30.06.2015 05:31:34.228 [NOTICE] Bootstrapped 10%: Finishing handshake with
directory server
30.06.2015 05:31:34.229 [NOTICE] Bootstrapped 15%: Establishing an encrypted
directory connection
30.06.2015 05:31:34.230 [NOTICE] Bootstrapped 20%: Asking for networkstatus
consensus
30.06.2015 05:31:34.230 [NOTICE] new bridge descriptor 'Unnamed' (fresh):
XX~Unnamed at xxx.xxx.xxx.xxx
30.06.2015 05:31:34.230 [NOTICE] I learned some more directory information, but
not enough to build a circuit: We have no usable consensus.
30.06.2015 05:31:34.230 [NOTICE] new bridge descriptor 'xyz' (fresh):
X~xyz at xxx.xxx.xxx.xxx
30.06.2015 05:31:34.231 [NOTICE] I learned some more directory information, but
not enough to build a circuit: We have no usable consensus.
30.06.2015 05:32:30.385 [NOTICE] Closing no-longer-configured Socks listener on
127.0.0.1:9150
30.06.2015 05:32:30.385 [NOTICE] DisableNetwork is set. Tor will not make or
accept non-control network connections. Shutting down all existing connections.
30.06.2015 05:32:30.385 [NOTICE] Closing old Socks listener on 127.0.0.1:9150
30.06.2015 05:32:30.385 [WARN] connection_connect_sockaddr(): Bug: Tried to
open a socket with DisableNetwork set.
30.06.2015 05:32:30.385 [WARN] Problem bootstrapping. Stuck at 20%: Asking for
networkstatus consensus. (Network is unreachable; NOROUTE; count 1;
recommendation warn; host XXX at
xxx.xxx.xxx.xxx:9001)
30.06.2015 05:32:37.108 [NOTICE] Delaying directory fetches: DisableNetwork is
set.
I wouldn't have assumed that communications without surveillance are becoming
that difficult in Germany. A lot of countries is developing legislation that
makes encryption illegal or nearly impossible now.
Dan
GPG key information:
pub 4096RSA/EC630522 2015-07-14 [expires: 2016-07-14]
--
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] tor not running
I feel bad replying to this whole list so could someone email me personally for a little advice on how to start running the Onion VPN because I'm not super computer savvy and I need some help. On Mon, Jul 27, 2015 at 8:24 PM, Speak Freely when2plus2...@riseup.net wrote: Hello again, 1) Okay well the first thing to do would be to get an anti-virus. Now. Unless you want me to, I won't get into how exposed you are as an XP user, running under an admin account. You should do each of the following, but whichever order doesn't matter. 2) Check the download. This site does a really good explanation of how to verify your download. You will have to download GnuPG. https://www.torproject.org/docs/verifying-signatures.html.en 3) Check the Event Viewer Start Control Panel Administrative Tools Event Viewer. Look in each of the folders for errors. A 'good' idea is to try to run the program right before you open the event viewer, so anything that pops up would be at the top. 4) Confirm #1. Out of curiosity and for fun, try renaming the file and then running it. It probably won't help. Matt Speak Freely -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
