[TWN team] Recent changes to the wiki pages

Tue Oct 15 13:20:06 UTC 2013

===========================================================================
=== https://trac.torproject.org/projects/tor/wiki/TorWeeklyNews/2013/15 ===
===========================================================================

version 43
Author: lunar
Date:   2013-10-15T12:46:14+00:00

   FREEZE

--- version 42
+++ version 43
@@ -1,6 +1,8 @@
 ''Sixteenth issue of Tor Weekly News. Covering what's happening from October 8th, 2013 to October 15th, 2013. To be released on October 16th, 2013.''
 
 '''Editor:''' Lunar
+
+'''Status:''' ''Frozen!'' Only technical and language fixes are to be made before 2013-10-16 12:00 UTC. New topics should go in [wiki:TorWeeklyNews/2013/16 next week edition].
 
 '''Subject:''' Tor Weekly News — October 16th, 2013
 
@@ -9,185 +11,196 @@
 Tor Weekly News                                       October 16th, 2013
 ========================================================================
 
-Welcome to the sixteenth issue of Tor Weekly News, the weekly newsletter that
-covers what's happening in the venerable Tor community.
+Welcome to the sixteenth issue of Tor Weekly News, the weekly newsletter
+that covers what's happening in the venerable Tor community.
 
 Making hidden services more scalable and harder to locate
 ---------------------------------------------------------
 
-Christopher Baines started a discussion [XXX] on tor-dev on the scaling
+Christopher Baines started a discussion [1] on tor-dev on the scaling
 issues affecting the current design of Tor hidden services. Nick
 Mathewson later described Christopher's initial proposal as “single
 hidden service descriptor, multiple service instances per intro point”
-along with three other alternatives. Nick and Christopher also teamed up to
-produce a set of seven goals that a new hidden service design should aim for
-regarding scalability.
+along with three other alternatives. Nick and Christopher also teamed up
+to produce a set of seven goals that a new hidden service design should
+aim for regarding scalability.
 
 There's probably more to discuss regarding which goals are the most
-desirable, and which designs are likely to address them, without — as always
-— harming anonymity.
-
-George Kadianakis also called for help concerning “the guard enumeration
-attack that was described by the ‘Trawling for Tor Hidden Services:
-Detection, Measurement, Deanonymization’ paper (in section VII)” [XXX].
-
-The most popular solution so far seems to be enabling a client or hidden service
-to reuse some parts of a circuit that cannot be completed successfully in order to
-connect to new nodes. This should “considerably slow the attack” [XXX],
-but “might result in unexpected attacks” as George puts it. 
-
-These problems could benefit from everyone's attention. Free to read the threads
-in full and offer your insights!
-
- [XXX] https://lists.torproject.org/pipermail/tor-dev/2013-October/005556.html
- [XXX] https://lists.torproject.org/pipermail/tor-dev/2013-October/005621.html
- [XXX] http://www.ieee-security.org/TC/SP2013/papers/4977a080.pdf
- [XXX] https://bugs.torproject.org/9001
+desirable, and which designs are likely to address them, without — as
+always — harming anonymity.
+
+George Kadianakis also called for help [2] concerning “the guard
+enumeration attack that was described by the ‘Trawling for Tor Hidden
+Services: Detection, Measurement, Deanonymization’ paper (in section
+VII)” [3].
+
+The most popular solution so far seems to be enabling a client or hidden
+service to reuse some parts of a circuit that cannot be completed
+successfully in order to connect to new nodes. This should “considerably
+slow the attack” [4], but “might result in unexpected attacks” as George
+puts it. 
+
+These problems could benefit from everyone's attention. Free to read the
+threads in full and offer your insights!
+
+   [1] https://lists.torproject.org/pipermail/tor-dev/2013-October/005556.html
+   [2] https://lists.torproject.org/pipermail/tor-dev/2013-October/005621.html
+   [3] http://www.ieee-security.org/TC/SP2013/papers/4977a080.pdf
+   [4] https://bugs.torproject.org/9001
 
 Detecting malicious exit nodes
 ------------------------------
 
-Philipp Winter asked [XXX] for feedback on the technical architecture of “a
-Python-based exit relay scanner which should detect malicious and
+Philipp Winter asked [5] for feedback on the technical architecture of
+“a Python-based exit relay scanner which should detect malicious and
 misbehaving exits.”
 
-Aaron took the opportunity to mention his plans [XXX] to leverage the work done
-as part of OONI [XXX] to detect network interference. Aaron's intention is to
-“provide Tor network tests as part of ooni-probe's standard set of tests,
-so that many individuals will measure the Tor network and automatically
-publish their results, and so that current and future network interference
-tests can be easily adapted to running on the Tor network.”
-
-Detecting misbehaving exits so they can be flagged
-“BadExit” [XXX] by the operators of the directory authorities is important
-to make every Tor user safer. Getting more users to run tests against our
-many exit nodes would benefit everyone — it makes it more likely that
-bad behavior will be caught as soon as possible.
-
- [XXX] https://lists.torproject.org/pipermail/tor-dev/2013-October/005593.html
- [XXX] https://trac.torproject.org/projects/tor/wiki/doc/badRelays
- [XXX] https://lists.torproject.org/pipermail/tor-dev/2013-October/005596.html
- [XXX] https://ooni.torproject.org/
+Aaron took the opportunity to mention his plans [6] to leverage the work
+done as part of OONI [7] to detect network interference. Aaron's
+intention is to “provide Tor network tests as part of ooni-probe's
+standard set of tests, so that many individuals will measure the Tor
+network and automatically publish their results, and so that current and
+future network interference tests can be easily adapted to running on
+the Tor network.”
+
+Detecting misbehaving exits so they can be flagged “BadExit” [8] by the
+operators of the directory authorities is important to make every Tor
+user safer. Getting more users to run tests against our many exit nodes
+would benefit everyone — it makes it more likely that bad behavior will
+be caught as soon as possible.
+
+   [5] https://lists.torproject.org/pipermail/tor-dev/2013-October/005593.html
+   [6] https://trac.torproject.org/projects/tor/wiki/doc/badRelays
+   [7] https://lists.torproject.org/pipermail/tor-dev/2013-October/005596.html
+   [8] https://ooni.torproject.org/
 
 Hiding location at the hardware level
 -------------------------------------
 
-One of Tor goals is to hide the location of its users. And it does a reasonably
-good job for Internet connections. But when your threat model includes an
-adversary that can monitor which equipment is connected to a local network or
-monitor Wi-Fi network probes received by many access points, extra precaution
-must be taken.
-
-Ethernet and Wi-Fi cards ship with a factory determined hardware address (also
-called MAC address) that can uniquely identify a computer accross networks.
-Thankfully, most devices allow their hardware address to be changed by an
-operating system.
-
-As the Tails live operating system aims to protect the privacy and anonymity of
-its users, it's been a long requested feature [XXX] to have it automatically
-randomize MAC addresses. Some important progress has been made as anonym 
-requested comments [XXX] on a detailed analysis on why, when and how Tails
-should automatically randomize MAC addresses.
+One of Tor goals is to hide the location of its users. And it does a
+reasonably good job for Internet connections. But when your threat model
+includes an adversary that can monitor which equipment is connected to a
+local network or monitor Wi-Fi network probes received by many access
+points, extra precaution must be taken.
+
+Ethernet and Wi-Fi cards ship with a factory determined hardware address
+(also called MAC address) that can uniquely identify a computer accross
+networks.  Thankfully, most devices allow their hardware address to be
+changed by an operating system.
+
+As the Tails live operating system aims to protect the privacy and
+anonymity of its users, it's been a long requested feature [9] to have
+it automatically randomize MAC addresses. Some important progress has
+been made as anonym requested comments [10] on a detailed analysis on
+why, when and how Tails should automatically randomize MAC addresses.
 
 In his analysis, anonym describes a Tails user wanting to hide their
-geographical movement and not be identified as using Tails, but who also want
-to “avoid alarming the local administrators (imagine a situation where
-security guards are sent to investigate an ‘alien computer’ at your workplace,
-or similar)” and “avoid network connection problems due to MAC address
-white-listing, hardware or driver issues, or similar”.
-
-The analysis then tries to understand when MAC address should be randomized
-depending on several combination of locations and devices. The outcome is that
-“this feature enabled by default, with the possibility to opt-out.” anonym then
-dwelves into user interface and implementation considerations.
-
-If you are intersted the analysis, or curious on how you could help with the
-proposed implementation, be sure to have a look!
-
- [XXX] https://labs.riseup.net/code/issues/5421
- [XXX] https://mailman.boum.org/pipermail/tails-dev/2013-October/003835.html
+geographical movement and not be identified as using Tails, but who also
+want to “avoid alarming the local administrators (imagine a situation
+where security guards are sent to investigate an ‘alien computer’ at
+your workplace, or similar)” and “avoid network connection problems due
+to MAC address white-listing, hardware or driver issues, or similar”.
+
+The analysis then tries to understand when MAC address should be
+randomized depending on several combination of locations and devices.
+The outcome is that “this feature enabled by default, with the
+possibility to opt-out.” anonym then dwelves into user interface and
+implementation considerations.
+
+If you are intersted the analysis, or curious on how you could help with
+the proposed implementation, be sure to have a look!
+
+   [9] https://labs.riseup.net/code/issues/5421
+  [10] https://mailman.boum.org/pipermail/tails-dev/2013-October/003835.html
 
 Tor Help Desk Roundup
 ---------------------
 
-The Tor project wishes to expand its support channels to text-based instant
-messaging as part of the Boisterous Otter [XXX] project. Lunar and Colin C. came up with
-a possible implementation [XXX] based on the XMPP protocol, Prosody [XXX] for the
-server side, and Prodromus [XXX] as the basis for the web based interface.
-
-This week, multiple people asked if Tor worked well on the Raspberry Pi. Although the 
-Tor Project does not have any documentation directed specifically at the Raspberry Pi 
-(yet!), the issue was raised on Tor's StackExchange page [XXX]. Tor relay operators 
-are encouraged to share their experiences or ask for help on the tor-relays public 
-mailing list [XXX].
-
- [XXX] https://trac.torproject.org/projects/tor/wiki/org/sponsors/Otter/Boisterous
- [XXX] https://trac.torproject.org/projects/tor/wiki/org/sponsors/Otter/Boisterous/WebChat
- [XXX] https://prosody.im/
- [XXX] http://forge.webpresso.net/projects/prodromus
- [XXX] http://tor.stackexchange.com/questions/242/how-to-run-tor-on-raspbian-on-the-raspberry-pi
- [XXX] https://lists.torproject.org/pipermail/tor-relays/
+The Tor project wishes to expand its support channels to text-based
+instant messaging as part of the Boisterous Otter [11] project. Lunar
+and Colin C. came up with a possible implementation [12] based on the
+XMPP protocol, Prosody [13] for the server side, and Prodromus [14] as
+the basis for the web based interface.
+
+This week, multiple people asked if Tor worked well on the Raspberry Pi.
+Although the Tor Project does not have any documentation directed
+specifically at the Raspberry Pi (yet!), the issue was raised on Tor's
+StackExchange page [15]. Tor relay operators are encouraged to share
+their experiences or ask for help on the tor-relays public mailing
+list [16].
+
+  [11] https://trac.torproject.org/projects/tor/wiki/org/sponsors/Otter/Boisterous
+  [12] https://trac.torproject.org/projects/tor/wiki/org/sponsors/Otter/Boisterous/WebChat
+  [13] https://prosody.im/
+  [14] http://forge.webpresso.net/projects/prodromus
+  [15] http://tor.stackexchange.com/questions/242/how-to-run-tor-on-raspbian-on-the-raspberry-pi
+  [16] https://lists.torproject.org/pipermail/tor-relays/
 
 Miscellaneous news
 ------------------
 
-Ten years ago, on October 8th, 2003, Roger Dingledine announced [XXX] the first release
-of tor as free software on the or-dev mailing list.
-
- [XXX] https://lists.torproject.org/pipermail/tor-dev/2003-October/002185.html
-
-Damian Johnson announced [XXX] the release of Stem 1.1.0 [XXX]. The new version of this
-“Python library for interacting with Tor” adds remote descriptor fetching,
-connection resolution and a myriad of small improvements and fixes.
-
- [XXX] https://blog.torproject.org/blog/stem-release-11
- [XXX] https://stem.torproject.org/change_log.html#version-1-1
+Ten years ago, on October 8th, 2003, Roger Dingledine announced [17] the
+first release of tor as free software on the or-dev mailing list.
+
+  [17] https://lists.torproject.org/pipermail/tor-dev/2003-October/002185.html
+
+Damian Johnson announced [18] the release of Stem 1.1.0 [19]. The new
+version of this “Python library for interacting with Tor” adds remote
+descriptor fetching, connection resolution and a myriad of small
+improvements and fixes.
+
+  [18] https://blog.torproject.org/blog/stem-release-11
+  [19] https://stem.torproject.org/change_log.html#version-1-1
 
 Arlo Breault sent out a detailed plan on how Mozilla Instantbird could
-be turned into the Tor Messenger [XXX]. Feedback would be welcome,
-especially with regard to sandboxing, auditing, and internationalization for
-right-to-left languages.
-
- [XXX] https://lists.torproject.org/pipermail/tor-dev/2013-October/005616.html
-
-The Spanish and German version of the Tails website are outdated and may soon
-be disabled [XXX]. Now is a good time to help [XXX] if you want to keep those
-translations running!
-
- [XXX] https://mailman.boum.org/pipermail/tails-dev/2013-October/003879.html
- [XXX] https://tails.boum.org/contribute/how/translate/
-
-adrelanos announced [XXX] the release of Whonix 7, an operating system
-“based on Tor […], Debian GNU/Linux and the principle of security by isolation.”
-The new version includes tor 0.2.4, Tor Browser as the system default browser and
-a connection wizard, among other changes.
-
- [XXX] https://lists.torproject.org/pipermail/tor-talk/2013-October/030593.html
-
-Lunar sent out a report about the Dutch OHM2013 hacker camp [XXX] that
+be turned into the Tor Messenger [20]. Feedback would be welcome,
+especially with regard to sandboxing, auditing, and internationalization
+for right-to-left languages.
+
+  [20] https://lists.torproject.org/pipermail/tor-dev/2013-October/005616.html
+
+The Spanish and German version of the Tails website are outdated and may
+soon be disabled [21]. Now is a good time to help [22] if you want to
+keep those translations running!
+
+  [21] https://mailman.boum.org/pipermail/tails-dev/2013-October/003879.html
+  [22] https://tails.boum.org/contribute/how/translate/
+
+adrelanos announced [23] the release of Whonix 7, an operating system
+“based on Tor […], Debian GNU/Linux and the principle of security by
+isolation.” The new version includes tor 0.2.4, Tor Browser as the
+system default browser and a connection wizard, among other changes.
+
+  [23] https://lists.torproject.org/pipermail/tor-talk/2013-October/030593.html
+
+Lunar sent out a report about the Dutch OHM2013 hacker camp [24] that
 took place in August.
 
- [XXX] https://lists.torproject.org/pipermail/tor-reports/2013-October/000363.html
-
-Philip Winter, Justin Bull and rndm made several improvements to Atlas [XXX], the
-web application for learning more about currently-running Tor relays. The HSDir flag is now properly
-displayed [XXX], full country names and flags are shown instead of two-letter codes [XXX] and
-it's now easier to find out how long a relay has been down [XXX].
-
- [XXX] https://atlas.torproject.org/
- [XXX] https://bugs.torproject.org/9911
- [XXX] https://bugs.torproject.org/9914
- [XXX] https://bugs.torproject.org/9814
-
-ra, one of Tor's former GSoC students, proposed a patch [XXX] to add
-a command to the Tor control protocol asking tor to pick a completely new set of guards.
-
- [XXX] https://bugs.torproject.org/9934
-
-starlight shared some simple shell snippets [XXX] that connect to the Tor control port in order
-to limit the bandwidth used by a relay while running backups.
-
- [XXX] https://lists.torproject.org/pipermail/tor-talk/2013-October/030607.html
+  [24] https://lists.torproject.org/pipermail/tor-reports/2013-October/000363.html
+
+Philip Winter, Justin Bull and rndm made several improvements to
+Atlas [25], the web application for learning more about
+currently-running Tor relays. The HSDir flag is now properly
+displayed [26], full country names and flags are shown instead of
+two-letter codes [27] and it's now easier to find out how long a relay
+has been down [28].
+
+  [25] https://atlas.torproject.org/
+  [26] https://bugs.torproject.org/9911
+  [27] https://bugs.torproject.org/9914
+  [28] https://bugs.torproject.org/9814
+
+ra, one of Tor's former GSoC students, proposed a patch [29] to add a
+command to the Tor control protocol asking tor to pick a completely new
+set of guards.
+
+  [29] https://bugs.torproject.org/9934
+
+starlight shared some simple shell snippets [30] that connect to the Tor
+control port in order to limit the bandwidth used by a relay while
+running backups.
+
+  [30] https://lists.torproject.org/pipermail/tor-talk/2013-October/030607.html
 
 Upcoming events
 ---------------
@@ -201,15 +214,14 @@
           | http://www.sigsac.org/ccs/CCS2013/
 
 
-This issue of Tor Weekly News has been assembled by XXX, XXX, and
-XXX.
+This issue of Tor Weekly News has been assembled by Lunar, Matt Pagan,
+harmony, dope457 and Damian Johnson.
 
 Want to continue reading TWN? Please help us create this newsletter.
 We still need more volunteers to watch the Tor community and report
-important news. Please see the project page [XXX], write down your
-name and subscribe to the team mailing list [XXX] if you want to
-get involved!
-
-  [XXX] https://trac.torproject.org/projects/tor/wiki/TorWeeklyNews
-  [XXX] https://lists.torproject.org/cgi-bin/mailman/listinfo/news-team
+important news. Please see the project page [31], write down your name
+and subscribe to the team mailing list [32] if you want to get involved!
+
+  [31] https://trac.torproject.org/projects/tor/wiki/TorWeeklyNews
+  [32] https://lists.torproject.org/cgi-bin/mailman/listinfo/news-team
 }}}



-- 
Your friendly TWN monitoring script

      In case of malfunction, please reach out for lunar at torproject.org
          or for the worst cases, tell weasel at torproject.org to kill me.
