[TWN team] Recent changes to the wiki pages
Lunar
lunar at torproject.org
Wed Sep 18 08:40:08 UTC 2013
===========================================================================
=== https://trac.torproject.org/projects/tor/wiki/TorWeeklyNews/2013/11 ===
===========================================================================
version 54
Author: dope457
Date: 2013-09-18T07:57:11+00:00
minor formatting
--- version 53
+++ version 54
@@ -11,8 +11,8 @@
Tor Weekly News September 18th, 2013
========================================================================
-Welcome to the twelfth issue of Tor Weekly News, the weekly newsletter that
-covers what is happening in the closely-observed Tor community.
+Welcome to the twelfth issue of Tor Weekly News, the weekly newsletter
+that covers what is happening in the closely-observed Tor community.
Official response to QUICK ANT disclosure
-----------------------------------------
@@ -121,14 +121,15 @@
Tor Help Desk Roundup
---------------------
-The Tor help desk received a request for assistance setting up Thunderbird to work with Tor.
-Thunderbird can be made to route connections through Tor using the TorBirdy add-on.
-Further information about using Tor with Thunderbird can be found on the wiki [14].
+The Tor help desk received a request for assistance setting up Thunderbird
+to work with Tor. Thunderbird can be made to route connections through Tor
+using the TorBirdy add-on. Further information about using Tor with
+Thunderbird can be found on the wiki [14].
Another user wrote to comment on the lack of OpenSUSE support on Tor’s rpm
-package page [15]. There is an open ticket concerning this issue, but it hasn’t
-seen activity for some months [16]. A new ticket was opened that addresses this
-concern more specifically [17].
+package page [15]. There is an open ticket concerning this issue, but it
+hasn’t seen activity for some months [16]. A new ticket was opened that
+addresses this concern more specifically [17].
[14] https://trac.torproject.org/projects/tor/wiki/torbirdy#BeforeusingTorBirdy
[15] https://www.torproject.org/docs/rpms.html
@@ -186,8 +187,7 @@
different methods of migrating the Hidden Service protocol to a more secure
version [26].
-George also pushed new versions of obfsproxy (0.2.3) and pyptlib
-(0.0.4) [27].
+George also pushed new versions of obfsproxy (0.2.3) and pyptlib (0.0.4) [27].
[26] https://lists.torproject.org/pipermail/tor-dev/2013-September/005438.html
[27] https://lists.torproject.org/pipermail/tor-dev/2013-September/005441.html
version 53
Author: karsten
Date: 2013-09-18T07:16:08+00:00
Correct a single, lonely typo.
--- version 52
+++ version 53
@@ -67,7 +67,7 @@
also harm a user’s anonymity: “You would *not*, for example, want to
maintain a different set of entry guards for every IP that you receive,
since if you did, a hostile DHCP server could feed you new IPs until you
-picked a hostile guard. Similarly, if you are a busy traveller who changes
+picked a hostile guard. Similarly, if you are a busy traveler who changes
your view of what network you are on hundreds or thousands of times, your
chance of picking a hostile guard would rise accordingly.” He also pointed
out that “having a record in your state file of every network you have
version 52
Author: lunar
Date: 2013-09-18T07:03:18+00:00
a few more nitpicks
--- version 51
+++ version 52
@@ -26,13 +26,13 @@
on Reddit [4] and Twitter [5] began to suggest possible attacks on Tor
that might be managed through such an interface.
-Andrew Lewman posted an official response on the Tor Blog [6] in which
+Andrew Lewman posted an official response on the Tor blog [6] in which
he reiterated that “it’s not clear what the NSA or GCHQ can or cannot do”,
and that well-known theoretical attacks against the Tor network are clearly
described on the project’s FAQ page [7].
He further added that the tool in question was more likely to involve
-“some “Tor flow detector” scripts that let them pick Tor flows out of a
+“some ‘Tor flow detector’ scripts that let them pick Tor flows out of a
set of flows they’re looking at” than “anything to do with deanonymizing
Tor users, except insofar as they might have traffic flows from both sides
of the circuit in their database.”
@@ -86,7 +86,7 @@
In response to some confusion on the part of relay operators over the
apparently slow growth in the use of newly-established nodes by clients,
-Roger Dingledine posted on the Tor Blog [11] a detailed account of how
+Roger Dingledine posted on the Tor blog [11] a detailed account of how
new relays, and the bandwidth they supply, are gradually integrated into
the Tor network by directory authorities, bandwidth authorities, and clients
themselves. Roger stressed that “the descriptions here are in part anecdotal”.
@@ -131,7 +131,7 @@
concern more specifically [17].
[14] https://trac.torproject.org/projects/tor/wiki/torbirdy#BeforeusingTorBirdy
- [15] https://www.torproject.org/docs/rpms.html.en
+ [15] https://www.torproject.org/docs/rpms.html
[16] https://bugs.torproject.org/4389
[17] https://bugs.torproject.org/9718
version 51
Author: lunar
Date: 2013-09-18T06:59:28+00:00
nitpicking typography
--- version 50
+++ version 51
@@ -19,26 +19,26 @@
Another round of speculation regarding the attitude of state surveillance
agencies towards the Tor network was provoked by a slide [1] featured in an
-edition of the Brazilian current-affairs show ‘Fantástico’, broadcast on
+edition of the Brazilian current-affairs show “Fantástico”, broadcast on
September 8th [2]. The slide, leaked as part of the ongoing Snowden
disclosures, appeared to show a tab in the alleged GCHQ [3] FLYING PIG
-surveillance interface labelled ‘Query QUICK ANT - Tor events QFD’. Users
+surveillance interface labelled “Query QUICK ANT - Tor events QFD”. Users
on Reddit [4] and Twitter [5] began to suggest possible attacks on Tor
that might be managed through such an interface.
Andrew Lewman posted an official response on the Tor Blog [6] in which
-he reiterated that “it's not clear what the NSA or GCHQ can or cannot do”,
+he reiterated that “it’s not clear what the NSA or GCHQ can or cannot do”,
and that well-known theoretical attacks against the Tor network are clearly
-described on the project's FAQ page [7].
+described on the project’s FAQ page [7].
He further added that the tool in question was more likely to involve
“some “Tor flow detector” scripts that let them pick Tor flows out of a
-set of flows they're looking at” than “anything to do with deanonymizing
+set of flows they’re looking at” than “anything to do with deanonymizing
Tor users, except insofar as they might have traffic flows from both sides
of the circuit in their database.”
Finally, he remarked that instead of engaging in speculation based on
-limited evidence, “we'd rather spend our time developing Tor and conducting
+limited evidence, “we’d rather spend our time developing Tor and conducting
research to make a better Tor.”
[1] https://people.torproject.org/~andrew/2013-09-10-quick-ant-tor-events-qfd.png
@@ -52,19 +52,19 @@
Entry guards and linkability
----------------------------
-Leif Ryge pointed out [8] an issue with Tor's current ‘entry guards’
+Leif Ryge pointed out [8] an issue with Tor’s current “entry guards”
system, whereby connections entering Tor from different points on the
same network could potentially be linked to an individual user based on
-the three entry nodes selected by that user's Tor client, which remain
+the three entry nodes selected by that user’s Tor client, which remain
constant for a period of 4-8 weeks [9].
-Leif suggested that “assuming this is an accurate assessment, wouldn't
+Leif suggested that “assuming this is an accurate assessment, wouldn’t
it make sense to maintain separate sets of entry guards for each network
that the user connects from?”
Nick Mathewson replied [10] with an acknowledgement of the problem and
a number of reasons why simply generating separate sets of guards might
-also harm a user's anonymity: “You would *not*, for example, want to
+also harm a user’s anonymity: “You would *not*, for example, want to
maintain a different set of entry guards for every IP that you receive,
since if you did, a hostile DHCP server could feed you new IPs until you
picked a hostile guard. Similarly, if you are a busy traveller who changes
@@ -73,7 +73,7 @@
out that “having a record in your state file of every network you have
visited is not necessarily the best idea either.”
-Nick concluded by mentioning Roger Dingledine's proposal to lower the
+Nick concluded by mentioning Roger Dingledine’s proposal to lower the
number of entry guards selected by a client to one only, “to avoid the
property of letting guard choices identify Tor clients”.
@@ -95,9 +95,9 @@
relay within the network, and finished by offering a number of questions
for further research, under a general rubric: “what do these phases look
like with real-world data?” If you would like to contribute to the Tor
-community's understanding of the interaction between individual relays
+community’s understanding of the interaction between individual relays
and the network as a whole, please take a look both at the list of sample
-questions and at Tor's publicly-available archive of metrics data [12],
+questions and at Tor’s publicly-available archive of metrics data [12],
and see what you can find!
[11] https://blog.torproject.org/blog/lifecycle-of-a-new-relay
@@ -121,22 +121,20 @@
Tor Help Desk Roundup
---------------------
-The Tor help desk received a request for assistance setting up Thunderbird to work with Tor.
-Thunderbird can be made to route connections through Tor using the TorBirdy add-on.
+The Tor help desk received a request for assistance setting up Thunderbird to work with Tor.
+Thunderbird can be made to route connections through Tor using the TorBirdy add-on.
Further information about using Tor with Thunderbird can be found on the wiki [14].
-Another user wrote to comment on the lack of OpenSUSE support on Tor's rpm
-package page [15]. There is an open ticket concerning this issue, but it hasn't
+Another user wrote to comment on the lack of OpenSUSE support on Tor’s rpm
+package page [15]. There is an open ticket concerning this issue, but it hasn’t
seen activity for some months [16]. A new ticket was opened that addresses this
concern more specifically [17].
-
[14] https://trac.torproject.org/projects/tor/wiki/torbirdy#BeforeusingTorBirdy
[15] https://www.torproject.org/docs/rpms.html.en
[16] https://bugs.torproject.org/4389
[17] https://bugs.torproject.org/9718
-
Miscellaneous news
------------------
@@ -157,7 +155,7 @@
[19] http://lists.nycbug.org/pipermail/tor-bsd/2013-September/000044.html
[20] https://lists.torproject.org/pipermail/tor-talk/2013-September/030036.html
-Karsten Loesing updated tor's GeoIP database to the newest version [21].
+Karsten Loesing updated tor’s GeoIP database to the newest version [21].
Karsten also published the results of his memory usage test on a version of tor
that reports additional statistics, which he conducted using the Shadow network
@@ -195,9 +193,9 @@
[27] https://lists.torproject.org/pipermail/tor-dev/2013-September/005441.html
In the course of a thread about the size of browser windows posing a
-fingerprinting threat [28], harmony discovered that users of Ubuntu's Unity
-desktop should disable the ‘automaximize’ behavior, as it can override one
-of Tor Browser's anti-fingerprinting measures [29].
+fingerprinting threat [28], harmony discovered that users of Ubuntu’s Unity
+desktop should disable the “automaximize” behavior, as it can override one
+of Tor Browser’s anti-fingerprinting measures [29].
[28] https://lists.torproject.org/pipermail/tor-talk/2013-September/030022.html
[29] https://bugs.torproject.org/9738
version 50
Author: lunar
Date: 2013-09-18T06:56:23+00:00
add numbers to references
--- version 49
+++ version 50
@@ -2,7 +2,7 @@
'''Editor:''' harmony
-'''Status: FROZEN.''' New items should go in [wiki:TorWeeklyNews/2013/12 next week's edition]. Expected release time 2013-09-18 12:00 UTC.
+'''Status: FROZEN.''' New items should go in [wiki:TorWeeklyNews/2013/12 next week's edition]. Expected release time 2013-09-18 12:00 UTC.
'''Subject:''' Tor Weekly News — September, 18th 2013
@@ -18,18 +18,18 @@
-----------------------------------------
Another round of speculation regarding the attitude of state surveillance
-agencies towards the Tor network was provoked by a slide [XXX] featured in an
+agencies towards the Tor network was provoked by a slide [1] featured in an
edition of the Brazilian current-affairs show ‘Fantástico’, broadcast on
-September 8th [XXX]. The slide, leaked as part of the ongoing Snowden
-disclosures, appeared to show a tab in the alleged GCHQ [XXX] FLYING PIG
+September 8th [2]. The slide, leaked as part of the ongoing Snowden
+disclosures, appeared to show a tab in the alleged GCHQ [3] FLYING PIG
surveillance interface labelled ‘Query QUICK ANT - Tor events QFD’. Users
-on Reddit [XXX] and Twitter [XXX] began to suggest possible attacks on Tor
+on Reddit [4] and Twitter [5] began to suggest possible attacks on Tor
that might be managed through such an interface.
-Andrew Lewman posted an official response on the Tor Blog [XXX] in which
+Andrew Lewman posted an official response on the Tor Blog [6] in which
he reiterated that “it's not clear what the NSA or GCHQ can or cannot do”,
and that well-known theoretical attacks against the Tor network are clearly
-described on the project's FAQ page [XXX].
+described on the project's FAQ page [7].
He further added that the tool in question was more likely to involve
“some “Tor flow detector” scripts that let them pick Tor flows out of a
@@ -41,28 +41,28 @@
limited evidence, “we'd rather spend our time developing Tor and conducting
research to make a better Tor.”
- [XXX] https://people.torproject.org/~andrew/2013-09-10-quick-ant-tor-events-qfd.png
- [XXX] http://g1.globo.com/fantastico/noticia/2013/09/nsa-documents-show-united-states-spied-brazilian-oil-giant.html
- [XXX] https://twitter.com/ggreenwald/status/378185448293552128
- [XXX] http://www.reddit.com/r/TOR/comments/1m3jum/gchq_tor_events_capture/
- [XXX] https://twitter.com/jonathanmayer/status/377292928718499841
- [XXX] https://blog.torproject.org/blog/tor-nsa-gchq-and-quick-ant-speculation
- [XXX] https://www.torproject.org/docs/faq.html.en#AttacksOnOnionRouting
+ [1] https://people.torproject.org/~andrew/2013-09-10-quick-ant-tor-events-qfd.png
+ [2] http://g1.globo.com/fantastico/noticia/2013/09/nsa-documents-show-united-states-spied-brazilian-oil-giant.html
+ [3] https://twitter.com/ggreenwald/status/378185448293552128
+ [4] http://www.reddit.com/r/TOR/comments/1m3jum/gchq_tor_events_capture/
+ [5] https://twitter.com/jonathanmayer/status/377292928718499841
+ [6] https://blog.torproject.org/blog/tor-nsa-gchq-and-quick-ant-speculation
+ [7] https://www.torproject.org/docs/faq.html.en#AttacksOnOnionRouting
Entry guards and linkability
----------------------------
-Leif Ryge pointed out [XXX] an issue with Tor's current ‘entry guards’
+Leif Ryge pointed out [8] an issue with Tor's current ‘entry guards’
system, whereby connections entering Tor from different points on the
same network could potentially be linked to an individual user based on
the three entry nodes selected by that user's Tor client, which remain
-constant for a period of 4-8 weeks [XXX].
+constant for a period of 4-8 weeks [9].
Leif suggested that “assuming this is an accurate assessment, wouldn't
it make sense to maintain separate sets of entry guards for each network
that the user connects from?”
-Nick Mathewson replied [XXX] with an acknowledgement of the problem and
+Nick Mathewson replied [10] with an acknowledgement of the problem and
a number of reasons why simply generating separate sets of guards might
also harm a user's anonymity: “You would *not*, for example, want to
maintain a different set of entry guards for every IP that you receive,
@@ -77,16 +77,16 @@
number of entry guards selected by a client to one only, “to avoid the
property of letting guard choices identify Tor clients”.
- [XXX] https://lists.torproject.org/pipermail/tor-dev/2013-September/005423.html
- [XXX] https://blog.torproject.org/blog/lifecycle-of-a-new-relay
- [XXX] https://lists.torproject.org/pipermail/tor-dev/2013-September/005424.html
+ [8] https://lists.torproject.org/pipermail/tor-dev/2013-September/005423.html
+ [9] https://blog.torproject.org/blog/lifecycle-of-a-new-relay
+ [10] https://lists.torproject.org/pipermail/tor-dev/2013-September/005424.html
The lifecycle of a new relay: further research needed
-----------------------------------------------------
In response to some confusion on the part of relay operators over the
apparently slow growth in the use of newly-established nodes by clients,
-Roger Dingledine posted on the Tor Blog [XXX] a detailed account of how
+Roger Dingledine posted on the Tor Blog [11] a detailed account of how
new relays, and the bandwidth they supply, are gradually integrated into
the Tor network by directory authorities, bandwidth authorities, and clients
themselves. Roger stressed that “the descriptions here are in part anecdotal”.
@@ -97,11 +97,11 @@
like with real-world data?” If you would like to contribute to the Tor
community's understanding of the interaction between individual relays
and the network as a whole, please take a look both at the list of sample
-questions and at Tor's publicly-available archive of metrics data [XXX],
+questions and at Tor's publicly-available archive of metrics data [12],
and see what you can find!
- [XXX] https://blog.torproject.org/blog/lifecycle-of-a-new-relay
- [XXX] https://metrics.torproject.org/data.html
+ [11] https://blog.torproject.org/blog/lifecycle-of-a-new-relay
+ [12] https://metrics.torproject.org/data.html
Food for thought
----------------
@@ -112,29 +112,29 @@
technological problems and the potential to better protect people and
their activities was nice, but the real attraction was to create a
context where people who were sure they should hate each other were
-forced to collaborate.” [XXX]
+forced to collaborate.” [13]
— Paul Syverson
- [XXX] https://lists.torproject.org/pipermail/tor-talk/2013-September/030097.html
+ [13] https://lists.torproject.org/pipermail/tor-talk/2013-September/030097.html
Tor Help Desk Roundup
---------------------
The Tor help desk received a request for assistance setting up Thunderbird to work with Tor.
Thunderbird can be made to route connections through Tor using the TorBirdy add-on.
-Further information about using Tor with Thunderbird can be found on the wiki [XXX].
+Further information about using Tor with Thunderbird can be found on the wiki [14].
Another user wrote to comment on the lack of OpenSUSE support on Tor's rpm
-package page [XXX]. There is an open ticket concerning this issue, but it hasn't
-seen activity for some months [XXX]. A new ticket was opened that addresses this
-concern more specifically [XXX].
-
-
-[XXX] https://trac.torproject.org/projects/tor/wiki/torbirdy#BeforeusingTorBirdy
-[XXX] https://www.torproject.org/docs/rpms.html.en
-[XXX] https://bugs.torproject.org/4389
-[XXX] https://bugs.torproject.org/9718
+package page [15]. There is an open ticket concerning this issue, but it hasn't
+seen activity for some months [16]. A new ticket was opened that addresses this
+concern more specifically [17].
+
+
+ [14] https://trac.torproject.org/projects/tor/wiki/torbirdy#BeforeusingTorBirdy
+ [15] https://www.torproject.org/docs/rpms.html.en
+ [16] https://bugs.torproject.org/4389
+ [17] https://bugs.torproject.org/9718
Miscellaneous news
@@ -143,68 +143,68 @@
The commitment level for the proposed Tor StackExchange page is hovering
at 82%; it needs to reach 100% before it will be accepted into beta. If
you think you will be able to contribute by answering questions from current or
-potential Tor users, please sign up! [XXX]
-
- [XXX] http://area51.stackexchange.com/proposals/56447/tor-online-anonymity-privacy-and-security
+potential Tor users, please sign up! [18]
+
+ [18] http://area51.stackexchange.com/proposals/56447/tor-online-anonymity-privacy-and-security
Brian Callahan alerted relay operators running FreeBSD and OpenBSD to the
-release of ports updated to the new tor 0.2.4.17-rc [XXX].
+release of ports updated to the new tor 0.2.4.17-rc [19].
Christian Sturm then promptly announced the release of updated packages for
NetBSD, DragonFly BSD, illumos, Minix, and “other systems potentially using
-pkgsrc” [XXX].
-
- [XXX] http://lists.nycbug.org/pipermail/tor-bsd/2013-September/000044.html
- [XXX] https://lists.torproject.org/pipermail/tor-talk/2013-September/030036.html
-
-Karsten Loesing updated tor's GeoIP database to the newest version [XXX].
+pkgsrc” [20].
+
+ [19] http://lists.nycbug.org/pipermail/tor-bsd/2013-September/000044.html
+ [20] https://lists.torproject.org/pipermail/tor-talk/2013-September/030036.html
+
+Karsten Loesing updated tor's GeoIP database to the newest version [21].
Karsten also published the results of his memory usage test on a version of tor
that reports additional statistics, which he conducted using the Shadow network
-simulator [XXX].
+simulator [22].
Finally, Karsten asked for comments on his proposal to retire the old method
of estimating user numbers on the metrics page over the next few weeks in
favor of a more reliable, more efficient system (which has been in beta for
some time already), and with it to remove the accumulated data associated with
-the older method [XXX].
-
- [XXX] https://bugs.torproject.org/9714
- [XXX] https://trac.torproject.org/projects/tor/ticket/7359#comment:18
- [XXX] https://lists.torproject.org/pipermail/tor-dev/2013-September/005443.html
+the older method [23].
+
+ [21] https://bugs.torproject.org/9714
+ [22] https://trac.torproject.org/projects/tor/ticket/7359#comment:18
+ [23] https://lists.torproject.org/pipermail/tor-dev/2013-September/005443.html
Fabio Pietrosanti announced that the available cipher suites for connections
-to tor2web.org have been updated to a much stronger set [XXX].
-
- [XXX] https://lists.torproject.org/pipermail/tor-talk/2013-September/030003.html
+to tor2web.org have been updated to a much stronger set [24].
+
+ [24] https://lists.torproject.org/pipermail/tor-talk/2013-September/030003.html
Robert published the results of an investigation into different kinds of
round-trip time (RTT) measurement, and their efficiency in building circuits
-through the Tor network [XXX].
-
- [XXX] https://lists.torproject.org/pipermail/tor-dev/2013-September/005440.html
+through the Tor network [25].
+
+ [25] https://lists.torproject.org/pipermail/tor-dev/2013-September/005440.html
George Kadianakis asked for comments on his early draft of a proposal for
different methods of migrating the Hidden Service protocol to a more secure
-version [XXX].
+version [26].
George also pushed new versions of obfsproxy (0.2.3) and pyptlib
-(0.0.4) [XXX].
-
- [XXX] https://lists.torproject.org/pipermail/tor-dev/2013-September/005438.html
- [XXX] https://lists.torproject.org/pipermail/tor-dev/2013-September/005441.html
+(0.0.4) [27].
+
+ [26] https://lists.torproject.org/pipermail/tor-dev/2013-September/005438.html
+ [27] https://lists.torproject.org/pipermail/tor-dev/2013-September/005441.html
In the course of a thread about the size of browser windows posing a
-fingerprinting threat [XXX], harmony discovered that users of Ubuntu's Unity
+fingerprinting threat [28], harmony discovered that users of Ubuntu's Unity
desktop should disable the ‘automaximize’ behavior, as it can override one
-of Tor Browser's anti-fingerprinting measures [XXX].
-
- [XXX] https://lists.torproject.org/pipermail/tor-talk/2013-September/030022.html
- [XXX] https://bugs.torproject.org/9738
-
-Tom Lowenthal submitted his monthly status report for August [XXX].
-
- [XXX] https://lists.torproject.org/pipermail/tor-reports/2013-September/000339.html
+of Tor Browser's anti-fingerprinting measures [29].
+
+ [28] https://lists.torproject.org/pipermail/tor-talk/2013-September/030022.html
+ [29] https://bugs.torproject.org/9738
+
+Tom Lowenthal submitted his monthly status report for August [30].
+
+ [30] https://lists.torproject.org/pipermail/tor-reports/2013-September/000339.html
Upcoming events
---------------
@@ -227,10 +227,10 @@
Want to continue reading TWN? Please help us create this newsletter.
We still need more volunteers to watch the Tor community and report
-important news. Please see the project page [XXX], write down your
-name and subscribe to the team mailing list [XXX] if you want to
+important news. Please see the project page [31], write down your
+name and subscribe to the team mailing list [32] if you want to
get involved!
- [XXX] https://trac.torproject.org/projects/tor/wiki/TorWeeklyNews
- [XXX] https://lists.torproject.org/cgi-bin/mailman/listinfo/news-team
-}}}
+ [31] https://trac.torproject.org/projects/tor/wiki/TorWeeklyNews
+ [32] https://lists.torproject.org/cgi-bin/mailman/listinfo/news-team
+}}}
--
Your friendly TWN monitoring script
In case of malfunction, please reach out for lunar at torproject.org
or for the worst cases, tell weasel at torproject.org to kill me.
More information about the news-team
mailing list