subject:"\[tor\-bugs\] #33644 \[Circumvention\/Snowflake\]\: Upgrade tor on Snowflake bridge for TROVE\-2020\-002"

Re: [tor-bugs] #33644 [Circumvention/Snowflake]: Upgrade tor on Snowflake bridge for TROVE-2020-002

2020-03-23 Thread Tor Bug Tracker & Wiki

#33644: Upgrade tor on Snowflake bridge for TROVE-2020-002
-+
 Reporter:  dcf  |  Owner:  dcf
 Type:  task | Status:  closed
 Priority:  High |  Milestone:
Component:  Circumvention/Snowflake  |Version:
 Severity:  Normal   | Resolution:  fixed
 Keywords:   |  Actual Points:
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+

Comment (by arma):

 Replying to [comment:3 dcf]:
 > I was running a Turbo Tunnel Snowflake browser at the time, and after
 rebooting the server the browser was not responding
 > This makes sense, as a server restart isn't something Turbo Tunnel can
 recover from--the end-to-end session is broken and snowflake-client has to
 wait until tor makes another SOCKS request. I used the trick of switching
 to obfs4 for one second and then switching back to snowflake, and it
 started working again right away.

 I was running a Turbo Tunnel Snowflake browser too, and it gave me a bunch
 of page failures, and for a while the broker was giving me snowflakes that
 timed out when I tried to use them, and sometimes it give me a 504 error
 rather than giving me a snowflake. After a while (including periodically
 reloading the failed tabs) it all recovered.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #33644 [Circumvention/Snowflake]: Upgrade tor on Snowflake bridge for TROVE-2020-002

2020-03-23 Thread Tor Bug Tracker & Wiki

#33644: Upgrade tor on Snowflake bridge for TROVE-2020-002
-+
 Reporter:  dcf  |  Owner:  dcf
 Type:  task | Status:  closed
 Priority:  High |  Milestone:
Component:  Circumvention/Snowflake  |Version:
 Severity:  Normal   | Resolution:  fixed
 Keywords:   |  Actual Points:
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+
Changes (by dcf):

 * status:  assigned => closed
 * resolution:   => fixed


Comment:

 It's done. The snowflake bridge is now running tor 0.3.5.10 and Debian
 10.3.

 I mainly followed the instructions at
 https://www.debian.org/releases/buster/amd64/release-notes/ch-
 upgrading.en.html. Our old /etc/apt/sources.list was
 {{{
 deb http://ftp.nl.debian.org/debian stretch main
 deb http://security.debian.org/ stretch/updates main
 }}}
 I changed it to
 {{{
 deb http://ftp.nl.debian.org/debian buster main
 deb http://ftp.nl.debian.org/debian-security buster/updates main
 deb http://ftp.nl.debian.org/debian buster-updates main
 }}}
 I wasn't sure about the `buster/updates` and `buster-updates` lines
 because they were not mentioned in the upgrade guide. I found them used in
 the example sources.list at
 https://wiki.debian.org/SourcesList#Example_sources.list.

 I had to preserve local changes in /etc/ferm/ferm.conf and /etc/tor/torrc,
 while merging in the updates.

 After the installation there were these obsolete packages:
 {{{
 # aptitude search '~o'
 Warning: Invalid locale (please review locale settings, this might lead to
 problems later):
   locale::facet::_S_create_c_locale name not valid
 i   deb.torproject.org-keyring -
 GnuPG archive key of the deb.torproject.org repository
 i   gcc-4.8-base   -
 GCC, the GNU Compiler Collection (base package)
 i   gcc-4.9-base   -
 GCC, the GNU Compiler Collection (base package)
 i A gcc-6-base -
 GCC, the GNU Compiler Collection (base package)
 i   libapt-inst1.5 -
 deb package format runtime library
 i   libapt-pkg4.12 -
 package management runtime library
 i   libboost-iostreams1.55.0   -
 Boost.Iostreams Library
 i   libcryptsetup4 -
 disk encryption support - shared library
 i   libdns-export100   -
 Exported DNS Shared Library
 i   libgdbm3   -
 GNU dbm database routines (runtime version)
 i   libgnutls-deb0-28  -
 GNU TLS library - main runtime library
 i   libhogweed2-
 low level cryptographic library (public-key cryptos)
 i   libicu52   -
 International Components for Unicode
 i   libirs-export91-
 Exported IRS Shared Library
 i   libisc-export95-
 Exported ISC Shared Library
 i   libisccfg-export90 -
 Exported ISC CFG Shared Library
 i   libjson-c2 -
 JSON manipulation library - shared library
 i   liblogging-stdlog0 -
 easy to use and lightweight logging library
 i   liblognorm1-
 Log normalizing library
 i   libnettle4 -
 low level cryptographic library (symmetric and one-way cryptos)
 i   libprocps3 -
 library for accessing process information from /proc
 i   libpsl0-
 Library for Public Suffix List (shared libraries)
 i   libreadline6   -
 GNU readline and history libraries, run-time libraries
 i   libssl1.0.0-
 Secure Sockets Layer toolkit - shared libraries
 i   libxtables10   -
 netfilter xtables library
 i   linux-image-3.16.0-4-amd64 -
 Linux 3.16 for 64-bit PCs
 i A perl-modules-5.24  -
 Core Perl modules
 }}}
 I removed them with `aptitude

Re: [tor-bugs] #33644 [Circumvention/Snowflake]: Upgrade tor on Snowflake bridge for TROVE-2020-002

2020-03-23 Thread Tor Bug Tracker & Wiki

#33644: Upgrade tor on Snowflake bridge for TROVE-2020-002
-+--
 Reporter:  dcf  |  Owner:  dcf
 Type:  task | Status:  assigned
 Priority:  High |  Milestone:
Component:  Circumvention/Snowflake  |Version:
 Severity:  Normal   | Resolution:
 Keywords:   |  Actual Points:
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+--

Comment (by arma):

 Good plan -- oldstable is going to be obsolete pretty soon. So you could
 use the deb.tpo packages as a stopgap, but the right answer is to move the
 OS to stable. Thanks!

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #33644 [Circumvention/Snowflake]: Upgrade tor on Snowflake bridge for TROVE-2020-002

2020-03-23 Thread Tor Bug Tracker & Wiki

#33644: Upgrade tor on Snowflake bridge for TROVE-2020-002
-+--
 Reporter:  dcf  |  Owner:  dcf
 Type:  task | Status:  assigned
 Priority:  High |  Milestone:
Component:  Circumvention/Snowflake  |Version:
 Severity:  Normal   | Resolution:
 Keywords:   |  Actual Points:
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+--
Changes (by dcf):

 * owner:  (none) => dcf
 * status:  new => assigned


Old description:

> [https://lists.torproject.org/pipermail/tor-
> announce/2020-March/000196.html New stable Tor releases: 0.3.5.10,
> 0.4.1.9, and 0.4.2.7]
> > These releases fix a couple of denial-of-service vulnerabilities.
> Everybody running an older version should upgrade as packages become
> available.
>
> Upgrading tor may require an
> [https://www.debian.org/releases/buster/amd64/release-notes/ch-
> upgrading.en.html OS upgrade] from Debian stretch (oldstable) to buster
> (stable), and/or a switch to the [https://support.torproject.org/apt/tor-
> deb-repo/ torproject.org package repository]. Currently the bridge is on
> stretch. whose available version is
> [https://packages.debian.org/stretch/tor 0.2.9.16-1].

New description:

 [https://lists.torproject.org/pipermail/tor-
 announce/2020-March/000196.html New stable Tor releases: 0.3.5.10,
 0.4.1.9, and 0.4.2.7]
 > These releases fix a couple of denial-of-service vulnerabilities.
 Everybody running an older version should upgrade as packages become
 available.

 Upgrading tor may require an [https://www.debian.org/releases/buster/amd64
 /release-notes/ch-upgrading.en.html OS upgrade] from Debian stretch
 (oldstable) to buster (stable), and/or a switch to the
 [https://support.torproject.org/apt/tor-deb-repo/ torproject.org package
 repository]. Currently the bridge is on stretch, whose available version
 is [https://packages.debian.org/stretch/tor 0.2.9.16-1].

--

Comment:

 I'm going to look at doing the OS upgrade.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] #33644 [Circumvention/Snowflake]: Upgrade tor on Snowflake bridge for TROVE-2020-002

2020-03-18 Thread Tor Bug Tracker & Wiki

#33644: Upgrade tor on Snowflake bridge for TROVE-2020-002
-+
 Reporter:  dcf  |  Owner:  (none)
 Type:  task | Status:  new
 Priority:  High |  Milestone:
Component:  Circumvention/Snowflake  |Version:
 Severity:  Normal   |   Keywords:
Actual Points:   |  Parent ID:
   Points:   |   Reviewer:
  Sponsor:   |
-+
 [https://lists.torproject.org/pipermail/tor-
 announce/2020-March/000196.html New stable Tor releases: 0.3.5.10,
 0.4.1.9, and 0.4.2.7]
 > These releases fix a couple of denial-of-service vulnerabilities.
 Everybody running an older version should upgrade as packages become
 available.

 Upgrading tor may require an [https://www.debian.org/releases/buster/amd64
 /release-notes/ch-upgrading.en.html OS upgrade] from Debian stretch
 (oldstable) to buster (stable), and/or a switch to the
 [https://support.torproject.org/apt/tor-deb-repo/ torproject.org package
 repository]. Currently the bridge is on stretch. whose available version
 is [https://packages.debian.org/stretch/tor 0.2.9.16-1].

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #33644 [Circumvention/Snowflake]: Upgrade tor on Snowflake bridge for TROVE-2020-002

Re: [tor-bugs] #33644 [Circumvention/Snowflake]: Upgrade tor on Snowflake bridge for TROVE-2020-002

Re: [tor-bugs] #33644 [Circumvention/Snowflake]: Upgrade tor on Snowflake bridge for TROVE-2020-002

Re: [tor-bugs] #33644 [Circumvention/Snowflake]: Upgrade tor on Snowflake bridge for TROVE-2020-002

[tor-bugs] #33644 [Circumvention/Snowflake]: Upgrade tor on Snowflake bridge for TROVE-2020-002

5 matches

Site Navigation

Mail list logo

Footer information