Hi - Tor (and incidentally a newly minted Debian) developer here - I'd request that you upgrade the package because 0.2.4.x uses ECC which reduces the load on the network. The Tor Network is under very heavy load and older versions of Tor are being used by a botnet:
https://blog.torproject.org/blog/how-to-handle-millions-new-tor-clients https://blog.torproject.org/blog/tor-weekly-news-%E2%80%94-september-11th-2013 If it is technically possible, we really would urge you to upgrade the package to 0.2.4.x - it would be a help for the Tor network and it will improve the Tor client experience. Circuits that use 0.2.4.x are going to be treated more reasonably by the network - older circuit building will be de-prioritized as there are ~2.5 million bots using the older circuit building method. :( So this is a lot less about the NSA (hopefully) and a lot more about some jerk messing up the network with a lot of cryptographic/network load. ** Changed in: tor (Ubuntu) Status: Incomplete => Confirmed -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1222662 Title: Upgrade 2.4 (as recommended by Tor dev) - due to DHE 1024 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/tor/+bug/1222662/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs