[TWN team] Recent changes to the wiki pages

Lunar lunar at torproject.org
Tue Oct 21 16:20:06 UTC 2014 

===========================================================================
=== https://trac.torproject.org/projects/tor/wiki/TorWeeklyNews/2014/42 ===
===========================================================================

version 17
Author: harmony
Date:   2014-10-21T15:34:42+00:00

   write about tails 1.2

--- version 16
+++ version 17
@@ -69,6 +69,32 @@
  [XXX]: https://dist.torproject.org/torbrowser/4.0/
  [XXX]: https://www.torproject.org/download/download-easy
 
+Tails 1.2 is out
+----------------
+
+The Tails team put out version 1.2 [XXX] of the anonymizing live
+operating system. This release replaces the Iceweasel browser with “most
+of” the regular Tor Browser, and confines several important applications
+with AppArmor.
+
+I2P will now, like Tor, be started upon network connection if activated
+with the “i2p” boot parameter, and must be used with the new dedicated
+I2P Browser. This is also the last Tails release to ship with the
+now-unmaintained TrueCrypt tool, but the Tails team has already
+documented the method for opening TrueCrypt volumes with
+cryptsetup [XXX]. See the team’s announcement for a full list of changes
+in the new version.
+
+This is an important security release and all users should upgrade as
+soon as possible. If you have a running Tails, you should be able to use
+the incremental updater; if your Tails drive was manually created, or
+you are a new user, head to the download page [XXX] for more
+information.
+
+ [XXX]: https://tails.boum.org/news/version_1.2/
+ [XXX]: https://tails.boum.org/doc/encryption_and_privacy/truecrypt/index#cryptsetup
+ [XXX]: https://tails.boum.org/download/
+
 Miscellaneous news
 ------------------
 
@@ -134,7 +160,5 @@
  * Running a Separate Tor Network https://lists.torproject.org/pipermail/tor-dev/2014-October/007613.html
  * C99 and Tor https://lists.torproject.org/pipermail/tor-dev/2014-October/007619.html
  * ooniprobe 1.2.2 is out https://lists.torproject.org/pipermail/ooni-dev/2014-October/000177.html
- * Tor Browser 4.0 https://blog.torproject.org/blog/tor-browser-40-released
- * Tails 1.2 https://tails.boum.org/news/version_1.2/index.en.html
  * tor2web 3.1.20 https://lists.torproject.org/pipermail/tor-dev/2014-October/007641.html
  * Mirroring changed, new mirror instructions online https://lists.torproject.org/pipermail/tor-mirrors/2014-October/000727.html

version 16
Author: harmony
Date:   2014-10-21T15:10:10+00:00

   write about tb4.0

--- version 15
+++ version 16
@@ -17,8 +17,8 @@
 
 Nick Mathewson announced [XXX] what is hopefully the final release
 candidate in the Tor 0.2.5 series. It contains two enhancements in
-response to the recent POODLE attack on OpenSSL, “even though POODLE
-does not affect Tor”, as well as a number of other miscellaneous
+response to the recent POODLE attack on OpenSSL [XXX], “even though
+POODLE does not affect Tor”, as well as a number of other miscellaneous
 improvements.
 
 Upgrading is important for relay operators a remote crash has
@@ -31,8 +31,43 @@
 should follow shortly.
 
  [XXX]: https://lists.torproject.org/pipermail/tor-talk/2014-October/035302.html
+ [XXX]: https://blog.torproject.org/blog/new-sslv3-attack-found-disable-sslv3-torbrowser
  [XXX]: https://blog.torproject.org/blog/advisory-remote-dos-when-using-tor-recent-openssl-versions-built-no-ssl3-option
  [XXX]: https://dist.torproject.org/
+
+Tor Browser 4.0 is out
+----------------------
+
+Mike Perry announced [XXX] a major release by the Tor Browser team.
+Version 4.0 of the secure and anonymous web browser brings several
+exciting new features to the stable series, including the meek [XXX]
+censorship-circumvention tool, the secure updater, and a simplified
+Javascript enabling/disabling process in NoScript, all based on a
+customized Firefox ESR31. SSLv3 is also disabled, in response to the
+recent POODLE attack.
+
+This release contains important security fixes, and all users should
+upgrade as soon as possible. Please note that the new directory
+structure means users cannot simply extract the new Tor Browser over
+their existing 3.6.6 directory, and must instead delete the old version
+entirely. The secure updater still requires manual activation in the
+“About Tor Browser” menu option, as its security will depend “on the
+specific CA that issued the www.torproject.org HTTPS certificate
+(Digicert)” until site-specific certificate pinning [XXX] and signed
+update files [XXX] are implemented. Furthermore, “we still need to
+improve meek’s performance to match other transports”, wrote Mike, “so
+adjust your expectations accordingly”.
+
+See Mike’s post for further details and a full changelog, and get your
+copy of Tor Browser 4.0 from the distribution directory [XXX] or the
+download page [XXX].
+
+ [XXX]: https://blog.torproject.org/blog/tor-browser-40-released
+ [XXX]: https://trac.torproject.org/projects/tor/wiki/doc/meek
+ [XXX]: https://bugs.torproject.org/11955
+ [XXX]: https://bugs.torproject.org/13379
+ [XXX]: https://dist.torproject.org/torbrowser/4.0/
+ [XXX]: https://www.torproject.org/download/download-easy
 
 Miscellaneous news
 ------------------



-- 
Your friendly TWN monitoring script

      In case of malfunction, please reach out for lunar at torproject.org
          or for the worst cases, tell weasel at torproject.org to kill me.

More information about the news-team mailing list