Here is the May report for SponsorF Year4: https://trac.torproject.org/projects/tor/wiki/org/sponsors/SponsorF/Year4 (With thanks to Lunar for compiling much of it!)
------------------------------------------------------------------------ 1) Tor: performance, scalability, reachability, anonymity, security. - Tor 0.2.4.22 was released on May 16th. This new stable version backports numerous high-priority fixes from the Tor 0.2.5 alpha release series. These include blocking all authority signing keys that may have been affected by the OpenSSL "heartbleed" bug, choosing a far more secure set of TLS ciphersuites by default, closing a couple of memory leaks that could be used to run a target relay out of RAM, and several others. https://lists.torproject.org/pipermail/tor-talk/2014-May/032956.html - Daniel Martà has been working on proposal 140 to implement consensus diffs and so reduce the amount of information downloaded hourly by Tor clients. https://lists.torproject.org/pipermail/tor-dev/2014-May/006792.html - Nick Mathewson worked on proposal 236, which deals with the proposed transition to single guard nodes for Tor clients. The amendments include the retention of multiple guards for directory requests, since trusting a single source for the completeness and freshness of directory info is suboptimal. https://gitweb.torproject.org/torspec.git/blob_plain/refs/heads/master:/proposals/236-single-guard-node.txt ------------------------------------------------------------------------ 2) Bridges and Pluggable transports: make Tor able to adapt to new blocking events (including better tracking when these blocking events occur). - Yawning has announced a new pluggable transport, currently named obfs4. The protocol resembles ScrambleSuit but uses Daniel J. Bernstein's cryptographic primitives to mitigate some performance/denial-of-service concerns. Instead of obfs3 style UniformDH and CTR-AES256/HMAC-SHA256, obfs4 uses a combination of Curve25519, Elligator2, HMAC-SHA256, XSalsa20/Poly1305, and SipHash-2-4. https://github.com/Yawning/obfs4 - David Fifield released a new round of Tor Browser packages modified to include meek, the pluggable transport which uses tricks similar to GoAgent. https://trac.torproject.org/projects/tor/wiki/doc/meek - David Fifield published "A Child's Garden of Pluggable Transports", a detailed visualization of different pluggable transport protocols. https://trac.torproject.org/projects/tor/wiki/doc/AChildsGardenOfPluggableTransports - Arturo released Ooniprobe 1.0.2. The new version brings security fixes, a manpage, and a test for Tor bridge reachability, among other improvements. https://lists.torproject.org/pipermail/ooni-dev/2014-May/000114.html - Isis rewrote the email bridge distributor of BridgeDB in order to fix some fundamental design problems with the old code. https://lists.torproject.org/pipermail/tor-dev/2014-May/006856.html - Griffin Boyce released the first version of Satori, an app for Google Chrome that distributes circumvention software in a difficult-to-block way and makes it easy for users to check if it's been tampered with in-transit. https://lists.torproject.org/pipermail/tor-talk/2014-May/032866.html - Israel Leiva published the initial version of a design proposal for the "Revamp GetTor" Google Summer of Code project. https://github.com/ileiva/gettor/blob/master/spec/overview.txt ------------------------------------------------------------------------ 3) Bundles: improve the Tor Browser Bundle and other Tor bundles and packages, especially improving bridge and pluggable transport support in TBB. - Tor Browser 3.6.1 was released on May 7th. Apart from updating HTTPS Everywhere and NoScript, the new release mainly solves a regression experienced by proxy users. https://blog.torproject.org/blog/tor-browser-361-released - Nicolas Vigier setup the Tor Browser test suite to run automatically when a new build is ready. The results are emailed to the tor-qa mailing list. https://lists.torproject.org/pipermail/tor-qa/2014-May/000405.html - Michael Schloh von Bennewitz spent time analyzing a privacy (local disk) leak in Tor Browser: when one copies a significant chunk of text to the clipboard, a temporary file is created with its content. https://bugs.torproject.org/9701 - Nicolas Vigier has been investigating some extra connections made by the Tor Browser on startup to the local resolver and the default port of the SOCKS proxy. https://lists.torproject.org/pipermail/tbb-dev/2014-May/000050.html - Georg Koppen has successfully built test packages of the Tor Browser with ASan hardening. AddressSanitizer (ASan) is a powerful memory error detector: software built with such technology makes it a lot harder to exploit programming errors related to memory management. https://lists.torproject.org/pipermail/tor-qa/2014-May/000414.html (Unfortunately these first test packages are not very portable, and also it turns out that Firefox has a lot of bugs so the test packages are not as stable as we might want.) - Tails 1.0 was released on May 1st. It marks the 36th stable release since the very first release in June 2009. Over Tails 0.23, the new version brings security fixes from Firefox and Tor, an updated I2P, several enhancements to the Tor configuration interface, and the appearance of the new Tails logo. https://tails.boum.org/news/version_1.0/ - Tails 1.1 beta1, which is based the latest stable Debian version (as opposed to oldstable), was released to testers on May 30th. https://tails.boum.org/news/test_1.1-beta1/ - Alpha releases of Orbot v14 (Tor for Android) are now available for testing. They include support for the obfs3 and ScrambleSuit protocols, thanks to obfsclient (a C++ rather than Python implementation, so much better suited to Android). https://lists.torproject.org/pipermail/tor-talk/2014-May/032847.html - Cure53 audited the security of the Onion Browser, a web browser for iOS platforms that tunnels traffic through Tor. All reported issues should have been fixed in release 1.5 on May 14th. https://cure53.de/pentest-report_onion-browser.pdf https://mike.tig.as/onionbrowser/security/#v1_5 - David Goulet reported on the status of the development of Torsocks 2.0, the library for safely "torifying" applications via LD_PRELOAD tricks. https://lists.torproject.org/pipermail/tor-dev/2014-May/006872.html - Anthony G. Basile released version 20140520 of tor-ramdisk, the micro Linux distribution whose only purpose is to host a Tor relay in an environment that maximizes security and privacy. The new version upgrades Tor to version 0.2.4.22. http://opensource.dyc.edu/pipermail/tor-ramdisk/2014-May/000131.html ------------------------------------------------------------------------ 4) Metrics: provide safe but useful statistics, along with the underlying data, about the Tor network and its users and usage. - Karsten Loesing recompressed the tarballs of archived metrics data. The new compression algorithm (xz rather than bz2) reduced their total size from 212 gigabytes to 33 gigabytes -- an 85% gain! - The metrics library now properly handles router descriptor with non-ASCII characters. https://bugs.torproject.org/11821 - Scramblesuit usage is now visible on the bridge users graph. https://bugs.torproject.org/11799 https://metrics.torproject.org/users.html?graph=userstats-bridge-transport&start=2014-03-10&end=2014-06-08&transport=scramblesuit#userstats-bridge-transport (There are very few such users, because there are very few such bridges.) - Onionoo search by contacts is now working again: https://bugs.torproject.org/11822 - Onionoo now uses the Gson library to format and parse JSON documents instead of custom code: https://bugs.torproject.org/11577 - Karsten Loesing has been looking at new libraries that could improve the metrics code base in future refactoring: https://lists.torproject.org/pipermail/tor-dev/2014-May/006908.html ------------------------------------------------------------------------ 5) Outreach: teach a broad range of communities about how Tor works, why it's important, and why this broad range of user communities is needed for best safety. - Martin Kepplinger ran a "Create a Tor relay!" session during Linuxwochen in Vienna, Austria on May 8th. https://cfp.linuxwochen.at/de/LWW14/public/events/108 - Andrew Lewman was invited to speak on a panel at Sida and then at the Stockholm Internet Forum: https://lists.torproject.org/pipermail/tor-reports/2014-May/000538.html - Karen Reilly went to the launch event of SaferJourno by Internews: Digital Security Resources for Media Trainers. https://saferjourno.internews.org/ - Karen Reilly was present at the ISC (USAID's Internet security program) annual meeting. People from various repressive countries met developers to talk about tools they need. - Karen Reilly spoke at "Strategies for Digital Security in Development Projects" hosted by Appropriate IT and CommunityRED together with IREX and the ISC Project on May 17th. - Karen Reilly talked with Al Jazeera for several days about journalist security. - Karen Reilly helped with presenting Tor and our pluggable transport ideas at the Pentagon, where various military folks want to know how they can use our tools to stay safe (and avoid censorship) on the Internet too. - Lunar worked on updating and localizing the EFF's interactive "Tor and HTTPS" visualization. https://lists.torproject.org/pipermail/tor-talk/2014-May/033001.html ------------------------------------------------------------------------ 6) Research: Assist the academic community in analyzing/improving Tor. - Our HotPETS paper on "tradeoffs around moving to one guard" got in: https://www-users.cs.umn.edu/~hopper/single_guard.pdf I expect there will be some debate about it in Paris / Amsterdam. - Roger Dingledine, Ian Goldberg, and other members of the larger Tor community attended the 35th IEEE Symposium on Security and Privacy in San Jose, California. http://www.ieee-security.org/TC/SP2014/ Two highlights of research discussions: * Sukhbir Singh has been making progress on scaling ExperimenTor to work on Ian's shiny new huge cluster. Ian was looking for some straightforward experiments to run that would show that the new Tor network simulator works well, and also would be the right amount of work to finish a Master's thesis. I suggested "simulate the situation where a botnet shows up with many Tor clients, which use TAP handshakes whereas other clients use nTor handshakes, and the botnet clients are all accessing a hidden service. Then explore the parameter space for what happens when the hidden service goes away and the clients start thrashing trying to reach it." That project will hopefully achieve the right balance of instrumenting the simulator vs instrumenting Tor, and also it's a space we really want to get more intuition on. * Damon McCoy and Paul Pearce were both interested in the "follow the money" question around the Sefnit botherder -- if we can temporarily disrupt the bot traffic, they can look for the resulting disruption in clickfraud, and learn more about which companies are getting screwed by this guy; then we can inform the companies that they're getting ripped off, and their back pressure will reduce the profit from operating the botnet. This is of course a delicate operation, since an adversary with a five million node botnet can make a big mess if it puts its mind to it. I've introduced Damon and Paul to the Microsoft anti-botnet guy who was doing cleanup. The early answer appears to be that the Tor component to Sefnit "seems to be a largely legacy component. All their recent activity is not Tor related." That's a great sign, but work remains to help everybody else in the world draw the conclusion that using Tor for your botnet C&C is counterproductive. _______________________________________________ tor-reports mailing list [email protected] https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-reports
