[TWN team] Recent changes to the wiki pages
Lunar
lunar at torproject.org
Fri Aug 7 12:40:04 UTC 2015
===========================================================================
=== https://trac.torproject.org/projects/tor/wiki/TorWeeklyNews/2015/30 ===
===========================================================================
version 4
Author: harmony
Date: 2015-08-07T12:00:02+00:00
--
--- version 3
+++ version 4
@@ -1,6 +1,6 @@
30th issue of Tor Weekly News.
-Editor:
+Editor: Harmony
Subject: Tor Weekly News — August 7th, 2015
@@ -15,83 +15,202 @@
Contents
--------
- 1. XXX
- 2. XXX
-
-Feature XXX
------------
-
-Feature 1 with cited source [XXX]
-
- [XXX]:
-
-Monthly status reports for XXX month 2015
------------------------------------------
+ 1. Tor 0.2.7.2-alpha is out
+ 2. Tor Browser 5.0a4 is out
+ 3. Random number generation during Tor voting
+ 4. CameraV (aka InformaCam) is out
+ 5. Monthly status reports for July month 2015
+ 6. Miscellaneous news
+ 7. Upcoming events
+
+Tor 0.2.7.2-alpha is out
+------------------------
+
+Nick Mathewson announced [XXX] the second alpha release in the Tor
+0.2.7.x series. This version includes improvements to the handling of
+Tor’s identity keys, which now use the Ed25519 elliptic curve signature
+format. It also allows onion service operators to specify a higher
+number of introduction points with a special configuration option, if
+the service is coming under heavy load, “at the cost of making it more
+visible that the hidden service is facing extra load”.
+
+For full details of the many other developments in this release, please
+see Nick’s announcement. The source code is available as usual from
+Tor’s distribution directory [XXX].
+
+ [XXX]: https://blog.torproject.org/blog/tor-0272-alpha-released
+ [XXX]: https://dist.torproject.org
+
+Tor Browser 5.0a4 is out
+------------------------
+
+The Tor Browser team put out their fourth alpha release [XXX] in the 5.0
+series of the privacy-preserving anonymous browser. “Most notably, this
+release contains an experimental defense against font fingerprinting by
+using an identical set of shipped fonts on all supported platforms”,
+wrote Georg Koppen. This version also fixes some of the issues created
+by the update to Firefox 38ESR, which “brings us very close to a stable
+Tor Browser 5.0, which we aim to release next week”.
+
+Get your copy of the new alpha from the project page [XXX], or via the
+incremental updater if you are already using the alpha Tor Browser
+series.
+
+ [XXX]: https://blog.torproject.org/blog/tor-browser-50a4-released
+ [XXX]: https://www.torproject.org/projects/torbrowser.html.en#downloads-alpha
+
+Random number generation during Tor voting
+------------------------------------------
+
+One of the weaknesses of the current onion service design is that parts
+of it (such as the relays chosen by a service to upload its descriptor)
+rely on a list of Tor relays which is generated in a predictable way.
+This makes it possible for people with malicious intentions to insert
+their bad relays into the list at points of their choosing, in order to
+carry out attacks such as denials-of-service (as some researchers proved
+earlier this year [XXX]). A good way of preventing this is to make Tor’s
+directory authorities jointly come up with a random number as part of
+their regular voting procedure, which is then used by onion services to
+choose the directories to which they will upload their descriptor
+information, and by clients to find those same directories. It could
+also be used by other systems as a shared source of randomness.
+
+George Kadianakis published a draft proposal [XXX] describing how this
+procedure could work. For a period of twelve hours, the directory
+authorities send each other a “commitment”, consisting of the hash of a
+256-bit value. Once all authorities are aware of the others’
+commitments, they then reveal to one another the values they committed
+to, for another twelve-hour period. At the end of that time, the
+revealed values are checked to see if they correspond to the
+commitments, and then they are all used to compute that day’s random
+value. This works because although you can use the commitment hash to
+verify that the value revealed is the same as the one decided upon
+twelve hours ago, you cannot derive the value itself from the
+commitment.
+
+Please see the draft proposal in full for discussion of the finer points
+of the proposed system, or if you are a fan of ingenious solutions.
+
+ [XXX]: https://conference.hitb.org/hitbsecconf2015ams/wp-content/uploads/2015/02/D2T2-Filippo-Valsorda-and-George-Tankersly-Non-Hidden-Hidden-Services-Considered-Harmful.pdf
+ [XXX]: https://lists.torproject.org/pipermail/tor-dev/2015-August/009189.html
+
+CameraV (aka InformaCam) is out
+-------------------------------
+
+The Guardian Project put out a full release [XXX] of CameraV (or InformaCam),
+a nifty smartphone application that lets you “capture and share
+verifiable photos and video proof on a smartphone or tablet, all the
+while keeping it entirely secure and private”. It allows you to prove
+the authenticity of your photos by using “the built-in sensors in modern
+smartphones for tracking movement, light and other environmental inputs,
+along with Wi-Fi, Bluetooth, and cellular network information to capture
+a snapshot of the environment around you” and bundling this information
+into the picture file.
+
+As you would expect, InformaCam is fully compatible with the Guardian
+Project’s Tor software offerings for Android, so whether you’re a
+citizen journalist or a keen phone photographer who values privacy, take
+a look at the CameraV page and try it out for yourself!
+
+ [XXX]: https://lists.mayfirst.org/pipermail/guardian-dev/2015-July/004466.html
+
+Monthly status reports for July month 2015
+------------------------------------------
The wave of regular monthly reports from Tor project members for the
-month of XXX has begun. XXX released his report first [XXX], followed
-by reports from name 2 [XXX], name 3 [XXX], and name 4 [XXX].
-
- [XXX]:
- [XXX]:
- [XXX]:
- [XXX]:
+month of July has begun. Pearl Crescent released their report
+first [XXX] (for work on Tor Browser development), followed by reports
+from David Goulet [XXX] (on onion service research and development),
+Georg Koppen [XXX] (working on Tor Browser), Isabela Bagueros [XXX] (for
+overall project management), Karsten Loesing [XXX] (working on Tor
+network tools and organizational tasks), Damian Johnson [XXX] (on Nyx
+and stem development), and Juha Nurmi [XXX] (on ahmia.fi development).
+
+The students in this year’s Tor Summer of Privacy also sent updates
+about their progress. Donncha O’Cearbhaill gave news of the OnionBalance
+load-balancing project [XXX], while Jesse Victors did the same for the
+OnioNS DNS-like system [XXX], Cristobal Leiva for the relay web status
+dashboard [XXX], and Israel Leiva for continuing development of the
+GetTor alternative software distributor [XXX].
+
+Finally, the Tails team published their June report, bringing updates
+about outreach, infrastructure, funding, and ongoing discussions
+relating to the anonymous live operating system.
+
+ [XXX]: https://lists.torproject.org/pipermail/tor-reports/2015-July/000882.html
+ [XXX]: https://lists.torproject.org/pipermail/tor-reports/2015-August/000883.html
+ [XXX]: https://lists.torproject.org/pipermail/tor-reports/2015-August/000885.html
+ [XXX]: https://lists.torproject.org/pipermail/tor-reports/2015-August/000888.html
+ [XXX]: https://lists.torproject.org/pipermail/tor-reports/2015-August/000890.html
+ [XXX]: https://lists.torproject.org/pipermail/tor-reports/2015-August/000892.html
+ [XXX]: https://lists.torproject.org/pipermail/tor-reports/2015-August/000893.html
+ [XXX]: https://lists.torproject.org/pipermail/tor-reports/2015-August/000884.html
+ [XXX]: https://lists.torproject.org/pipermail/tor-dev/2015-August/009197.html
+ [XXX]: https://lists.torproject.org/pipermail/tor-reports/2015-August/000886.html
+ [XXX]: https://lists.torproject.org/pipermail/tor-reports/2015-August/000887.html
+ [XXX]: https://tails.boum.org/news/report_2015_06
Miscellaneous news
------------------
-Tails published (late) their June report. See https://tails.boum.org/news/report_2015_06
-
-Item 1 with cited source [XXX].
-
-Item 2 with cited source [XXX].
-
-Item 3 with cited source [XXX].
-
- [XXX]:
- [XXX]:
- [XXX]:
-
-Tor help desk roundup
----------------------
-
-Summary of some questions sent to the Tor help desk.
-
-News from Tor StackExchange
----------------------------
-
-Text with cited source [XXX].
-
- [XXX]:
-
-Easy development tasks to get involved with
--------------------------------------------
-
-Text with cited source [XXX].
-
- [XXX]:
-
-This week in Tor history
-------------------------
-
-Text with cited source [XXX].
-
- [XXX]:
+The participants in the recent onion service hackfest in Washington, DC
+published a summary [XXX] of the exciting progress they made during the
+meeting.
+
+ [XXX]: https://blog.torproject.org/blog/hidden-service-hackfest-arlington-accords
+
+Arturo Filastò announced [XXX] that an OONI-related hackathon entitled
+“ADINA15: A Dive Into Network Anomalies” will be held on October 1-2 in
+the Chamber of Deputies at the Italian Parliament in Rome. “This means
+that you are all invited…to put your design and data analysis skills to
+the test!”
+
+ [XXX]: https://lists.torproject.org/pipermail/ooni-dev/2015-July/000307.html
+
+David Fifield published the regular summary of costs [XXX] incurred by
+the infrastructure for meek.
+
+ [XXX]: https://lists.torproject.org/pipermail/tor-dev/2015-August/009213.html
+
+Nathan Freitas explored [XXX] possible routes to an Android-compatible
+version of Ricochet [XXX], the exciting new privacy-preserving instant
+messaging application based on Tor onion services.
+
+ [XXX]: https://lists.mayfirst.org/pipermail/guardian-dev/2015-August/004470.html
+ [XXX]: https://ricochet.im
Upcoming events
---------------
-Jul XX-XX | Event XXX brief description
- | Event City, Event Country
- | Event website URL
- |
-Jul XX-XX | Event XXX brief description
- | Event City, Event Country
- | Event website URL
-
-
-This issue of Tor Weekly News has been assembled by XXX, XXX, and
-XXX.
+ Aug 10 09:30 EDT | Roger & others @ 5th USENIX FOCI Workshop / 24th USENIX Security Symposium
+ | Washington, DC, USA
+ | https://blog.torproject.org/events/roger-and-others-foci-usenix-security-dc
+ |
+ Aug 10 17:00 UTC | OONI development meeting
+ | #ooni, irc.oftc.net
+ |
+ Aug 10 18:00 UTC | Tor Browser meeting
+ | #tor-dev, irc.oftc.net
+ |
+ Aug 11 18:00 UTC | little-t tor patch workshop
+ | #tor-dev, irc.oftc.net
+ |
+ Aug 12 13:30 UTC | little-t tor development meeting
+ | #tor-dev, irc.oftc.net
+ |
+ Aug 12 14:00 UTC | Measurement team meeting
+ | #tor-project, irc.oftc.net
+ |
+ Aug 12 19:00 UTC | Tails low-hanging fruit session
+ | #tails-dev, irc.oftc.net
+ | https://mailman.boum.org/pipermail/tails-project/2015-August/000273.html
+ |
+ Aug 19 02:00 UTC | Pluggable transports/bridges meeting
+ | #tor-dev, irc.oftc.net
+
+
+This issue of Tor Weekly News has been assembled by BitingBird and
+Harmony.
Want to continue reading TWN? Please help us create this newsletter.
We still need more volunteers to watch the Tor community and report
--
Your friendly TWN monitoring script
In case of malfunction, please reach out for lunar at torproject.org
or for the worst cases, tell weasel at torproject.org to kill me.
More information about the news-team
mailing list