[TWN team] Recent changes to the wiki pages
Lunar
lunar at torproject.org
Tue Jan 20 23:00:04 UTC 2015
===========================================================================
==== https://trac.torproject.org/projects/tor/wiki/TorWeeklyNews/2015/3 ====
===========================================================================
version 2
Author: harmony
Date: 2015-01-20T22:17:12+00:00
this week's
--- version 1
+++ version 2
@@ -1,6 +1,6 @@
''81st issue of Tor Weekly News. Covering what's happening from January 13th, 2015 to January 20th, 2015. To be released on January 21st, 2015.''
-'''Editor:'''
+'''Editor:''' Harmony
'''Subject:''' Tor Weekly News — January 21st, 2015
@@ -10,80 +10,158 @@
========================================================================
Welcome to the third issue in 2015 of Tor Weekly News, the weekly
-newsletter that covers what’s happening in the XXX Tor community.
+newsletter that covers what’s happening in the boring [XXX] Tor
+community.
-Feature XXX
------------
+ [XXX]: https://guardianproject.info/2015/01/02/2015-is-the-year-of-bore-sec/
-Feature 1 with cited source [XXX]
+Tor Browser 4.0.3 and 4.5a3 are out
+-----------------------------------
- [XXX]:
+Georg Koppen announced two new releases by the Tor Browser team. Version
+4.0.3 [XXX] of the privacy-preserving browser is based on Firefox
+31.4.0esr, and also contains updates to NoScript, meek, and Tor
+Launcher.
-Monthly status reports for XXX month 2015
------------------------------------------
+The third release in the 4.5-alpha series [XXX] allows the secure
+in-browser update mechanism to handle signed update files, and will
+reject unsigned ones from now on. It also restores functionality for
+meek, which was broken in previous 4.5-alpha releases, and offers other
+improvements and bugfixes — please see Georg’s announcement for the full
+changelog.
-The wave of regular monthly reports from Tor project members for the
-month of XXX has begun. XXX released his report first [XXX], followed
-by reports from name 2 [XXX], name 3 [XXX], and name 4 [XXX].
+These releases contain important security updates, so users of both the
+stable and alpha series should upgrade as soon as possible. Furthermore,
+Tor Browser 4.5a3 is signed by a new Tor Browser Developers signing key
+rather than the personal key of an individual developer. If you want to
+verify your download of the new alpha (and you should!), you will need
+to retrieve the new key (fingerprint EF6E 286D DA85 EA2A 4BA7 DE68 4E2C
+6E87 9329 8290) from a keyserver before doing so.
- [XXX]:
- [XXX]:
- [XXX]:
- [XXX]:
+ [XXX]: https://blog.torproject.org/blog/tor-browser-403-released
+ [XXX]: https://blog.torproject.org/blog/tor-browser-45a3-released
Miscellaneous news
------------------
-Item 1 with cited source [XXX].
+Anthony G. Basile announced [XXX] version 20150114 of Tor-ramdisk, the
+uClibc-based micro Linux distribution whose only purpose is to host a
+Tor relay in an environment that maximizes security and privacy. This
+release includes updates to Tor, Libevent, and other key software.
-Item 2 with cited source [XXX].
+ [XXX]: https://lists.torproject.org/pipermail/tor-talk/2015-January/036526.html
-Item 3 with cited source [XXX].
+Nik announced [XXX] oppy, an onion proxy implemented in Python: “oppy
+works like a regular Tor client”, though “there are a number of
+simplifications made, with the major ones primarily centering around
+circuit management/build logic and how and when network status documents
+are collected”. Nik also asked for suggestions on how to take the
+project forward: “Whether or not I continue hacking on oppy to make it a
+solid piece of software (rather than just a prototype) or just leave it
+as is as a reference depends on whether or not the Tor development
+community sees any real uses or future potential for the project”.
- [XXX]:
- [XXX]:
- [XXX]:
+ [XXX]: https://lists.torproject.org/pipermail/tor-dev/2015-January/008174.html
-Tor help desk roundup
----------------------
+meejah announced [XXX] a new one-to-one encrypted and anonymous voice
+chat feature for “carml” [XXX], the command-line Tor control utility:
+“[It] essentially cross-connects the mic + speakers of each side via an
+Opus + OGG stream over a single Tor TCP connection.” As meejah warns, it
+is “NOT FOR REAL USE at all yet”, but if you have experience with
+gstreamer and/or OGG then please see meejah’s message for some
+unresolved questions.
-Summary of some questions sent to the Tor help desk.
+ [XXX]: https://lists.torproject.org/pipermail/tor-dev/2015-January/008166.html
+ [XXX]: https://github.com/meejah/carml.git
-News from Tor StackExchange
----------------------------
+Following suggestions from Sebastian Urbach [XXX] and grarpamp [XXX],
+Karsten Loesing altered [XXX] the main unit of data rate measurement for
+the Tor Metrics portal [XXX] from MiB/s (mebibytes per second) to the
+more common Gbit/s (gigabits per second).
-Text with cited source [XXX].
+ [XXX]: https://lists.torproject.org/pipermail/tor-relays/2015-January/006240.html
+ [XXX]: https://lists.torproject.org/pipermail/tor-relays/2015-January/006248.html
+ [XXX]: https://bugs.torproject.org/14257
+ [XXX]: https://metrics.torproject.org/
- [XXX]:
+Philipp Winter published [XXX] preliminary statistics and analysis
+obtained by running a Go implementation of Doctor’s [XXX] sybil-hunting
+script over archived consensuses: “I’ll have a more detailed analysis at
+some point in the future.”
-Easy development tasks to get involved with
--------------------------------------------
+ [XXX]: https://lists.torproject.org/pipermail/tor-dev/2015-January/008156.html
+ [XXX]: https://gitweb.torproject.org/doctor.git/
-Text with cited source [XXX].
+The Tails team published [XXX] instructions for running an nginx
+webserver as a hidden service using a copy of Tails: “Feedback is
+welcome!”
- [XXX]:
+ [XXX]: https://mailman.boum.org/pipermail/tails-dev/2015-January/007919.html
+
+Thanks to Frédéric Cornu [XXX] for running a mirror of the Tor Project’s
+website and software!
+
+ [XXX]: https://lists.torproject.org/pipermail/tor-mirrors/2015-January/000850.html
This week in Tor history
------------------------
-Text with cited source [XXX].
+A year ago this week [XXX], the “Spoiled Onions” project [XXX] published
+its preliminary technical report. The goal of the project was to monitor
+Tor exit relays in order to “expose, document, and thwart malicious or
+misconfigured relays”; the researchers turned up 65 such relays over the
+course of their investigation, with the culprits engaging in attacks
+such as “SSH and HTTPS MitM, HTML injection, SSL stripping, and traffic
+sniffing”, or unintentionally interfering with traffic as a result of
+upstream censorship.
- [XXX]:
+Events such as the RELAY_EARLY traffic confirmation attack [XXX] and the
+sybil attacks late last year [XXX] have only highlighted the importance
+of monitoring for malicious relays in the Tor network. The bad-relays
+mailing list [XXX] serves as a reporting channel for Tor community
+members who believe particular relays are up to no good (messages sent
+to the list are not publicly visible, for various reasons [XXX]); David
+Fifield has been experimenting with data visualizations of significant
+network events [XXX]; and Philipp Winter, a “Spoiled Onions” co-author,
+has been working on additional tools (such as the above-mentioned Go
+sybil hunter and “zoossh”, a speedy Tor network document parser [XXX])
+to make these checks more efficient — to give only a few examples of
+recent work by the community on this issue.
+
+ [XXX]: https://lists.torproject.org/pipermail/tor-news/2014-January/000029.html
+ [XXX]: http://www.cs.kau.se/philwint/spoiled_onions/
+ [XXX]: https://blog.torproject.org/blog/tor-security-advisory-relay-early-traffic-confirmation-attack
+ [XXX]: https://lists.torproject.org/pipermail/tor-consensus-health/2014-December/005381.html
+ [XXX]: https://lists.torproject.org/cgi-bin/mailman/listinfo/bad-relays
+ [XXX]: https://lists.torproject.org/pipermail/tor-news/2014-August/000057.html
+ [XXX]: https://lists.torproject.org/pipermail/tor-dev/2015-January/008095.html
+ [XXX]: https://gitweb.torproject.org/user/phw/zoossh.git/
Upcoming events
---------------
-Jul XX-XX | Event XXX brief description
- | Event City, Event Country
- | Event website URL
- |
-Jul XX-XX | Event XXX brief description
- | Event City, Event Country
- | Event website URL
+ Jan 21 13:30 UTC | little-t tor development meeting
+ | #tor-dev, irc.oftc.net
+ |
+ Jan 22 17:30 JST | Jacob @ Free Software Initiative of Japan
+ | Tokyo, Japan
+ | http://www.fsij.org/monthly-meetings/2015/Jan.html
+ |
+ Jan 26 18:00 UTC | Tor Browser online meeting
+ | #tor-dev, irc.oftc.net
+ |
+ Jan 26 18:00 UTC | OONI development meeting
+ | #ooni, irc.oftc.net
+ |
+ Jan 27 18:00 UTC | little-t tor patch workshop
+ | #tor-dev, irc.oftc.net
+ |
+ Feb 03 20:00 UTC | Tails contributors meeting
+ | #tails-dev, irc.oftc.net
+ | https://mailman.boum.org/pipermail/tails-dev/2015-January/007860.html
-This issue of Tor Weekly News has been assembled by XXX, XXX, and
-XXX.
+This issue of Tor Weekly News has been assembled by Harmony.
Want to continue reading TWN? Please help us create this newsletter.
We still need more volunteers to watch the Tor community and report
--
Your friendly TWN monitoring script
In case of malfunction, please reach out for lunar at torproject.org
or for the worst cases, tell weasel at torproject.org to kill me.
More information about the news-team
mailing list