[TWN team] Recent changes to the wiki pages
Lunar
lunar at torproject.org
Tue Sep 24 10:00:04 UTC 2013
===========================================================================
=== https://trac.torproject.org/projects/tor/wiki/TorWeeklyNews/2013/12 ===
===========================================================================
version 40
Author: dope457
Date: 2013-09-24T09:15:46+00:00
numberzz
--- version 39
+++ version 40
@@ -15,109 +15,109 @@
Reimbursement of exit operators
-------------------------------
-In July 2012, Roger Dingledine wrote a post on the Tor blog [XXX] in which he
+In July 2012, Roger Dingledine wrote a post on the Tor blog [1] in which he
raised the prospect of offering funding to organizations running fast Tor exit
nodes. In so doing, Roger wrote, “we will improve the network's diversity as
well as being able to handle more users.” He also announced that donors were
already interested in financing such a scheme. Then, in April this year, Moritz
-Bartl stated [XXX] that torservers.net was looking to move away from establishing
+Bartl stated [2] that torservers.net was looking to move away from establishing
additional exit nodes, in favor of providing support of various kinds to partner
organizations running their own exits.
These plans, and the discussion they provoked, are now about to bear fruit
in the form of a financial reimbursement scheme directed at torservers.net's
-partner organizations. Moritz wrote again on the the tor-relays list [XXX]
+partner organizations. Moritz wrote again on the the tor-relays list [3]
to announce that reimbursements are scheduled to begin at the end of this
month, drawn from a one-time donation by the U.S. Government's Broadcasting
Board of Governors.
The ensuing debate focused both on the technical aspects of reimbursement —
that is, how best to determine the division of funds based on information
-harvested from the network metrics [XXX] — and the question of the security
-issues that could potentially arise from such a scheme [XXX].
+harvested from the network metrics [4] — and the question of the security
+issues that could potentially arise from such a scheme [5].
Moritz specified that currently the only organizations to qualify for
reimbursements are those that he personally knows: “so, if you're interested
in becoming a partner, start social interaction with me”, he wrote. Questions
or comments regarding these proposals are welcome on the tor-relays list, and
further announcements and discussion about the reimbursement system will be
-published on its dedicated mailing lists [XXX].
-
- [XXX] https://blog.torproject.org/blog/turning-funding-more-exit-relays
- [XXX] https://lists.torproject.org/pipermail/tor-relays/2013-April/001996.html
- [XXX] https://lists.torproject.org/pipermail/tor-relays/2013-September/002824.html
- [XXX] https://lists.torproject.org/pipermail/tor-relays/2013-September/002825.html
- [XXX] https://lists.torproject.org/pipermail/tor-relays/2013-September/002831.html
- [XXX] https://lists.torproject.org/pipermail/tor-relays/2013-May/002138.html
+published on its dedicated mailing lists [6].
+
+ [1] https://blog.torproject.org/blog/turning-funding-more-exit-relays
+ [2] https://lists.torproject.org/pipermail/tor-relays/2013-April/001996.html
+ [3] https://lists.torproject.org/pipermail/tor-relays/2013-September/002824.html
+ [4] https://lists.torproject.org/pipermail/tor-relays/2013-September/002825.html
+ [5] https://lists.torproject.org/pipermail/tor-relays/2013-September/002831.html
+ [6] https://lists.torproject.org/pipermail/tor-relays/2013-May/002138.html
Tails 0.20.1 is out
-------------------
-Tails saw its 33rd release on September 19th [XXX]. The most visible change
+Tails saw its 33rd release on September 19th [7]. The most visible change
might be the upgrade of tor to version 0.2.4.17-rc, which should result in
faster and more reliable access to the network after the sudden bump in
-Tor clients [XXX].
+Tor clients [8].
Among other minor bugfixes and improvements, persistence volumes are now properly unmounted
on shutdown. This should prevent data loss in some situations, and avoid a sometimes lengthy
pause upon activation.
-It also fixes several important security issues [XXX]. It is recommended that
-all users upgrade as soon as possible [XXX].
-
- [XXX] https://tails.boum.org/news/version_0.20.1/
- [XXX] https://blog.torproject.org/blog/how-to-handle-millions-new-tor-clients
- [XXX] https://tails.boum.org/security/Numerous_security_holes_in_0.20/
- [XXX] https://tails.boum.org/news/version_0.20.1/
+It also fixes several important security issues [9]. It is recommended that
+all users upgrade as soon as possible [10].
+
+ [7] https://tails.boum.org/news/version_0.20.1/
+ [8] https://blog.torproject.org/blog/how-to-handle-millions-new-tor-clients
+ [9] https://tails.boum.org/security/Numerous_security_holes_in_0.20/
+ [10] https://tails.boum.org/news/version_0.20.1/
New Tor Browser Bundles released
--------------------------------
-A new set of stable and beta Tor Browser Bundles was released [XXX] on September 20th.
+A new set of stable and beta Tor Browser Bundles was released [11] on September 20th.
The Tor Browser is now based on Firefox 17.0.9esr and fixes several important
-security issues [XXX].
+security issues [12].
Queries for the default search engine, Startpage, are no longer subject to its
-invasive “family filter” [XXX]. The beta branch also include an updated version of
+invasive “family filter” [13]. The beta branch also include an updated version of
HTTPS Everywhere that no longer causes a storm of requests to clients1.google.com,
-an issue reported by many users after the last release [XXX].
+an issue reported by many users after the last release [14].
Once again, it is recommended that all users upgrade as soon as possible.
- [XXX] https://blog.torproject.org/blog/new-tor-browser-bundles-firefox-1709esr
- [XXX] https://www.mozilla.org/security/known-vulnerabilities/firefoxESR.html#firefox17.0.9
- [XXX] https://bugs.torproject.org/8839
- [XXX] https://bugs.torproject.org/9713
+ [11] https://blog.torproject.org/blog/new-tor-browser-bundles-firefox-1709esr
+ [12] https://www.mozilla.org/security/known-vulnerabilities/firefoxESR.html#firefox17.0.9
+ [13] https://bugs.torproject.org/8839
+ [14] https://bugs.torproject.org/9713
Tor mini-hackathon at GNU 30th Anniversary Celebration
------------------------------------------------------
-Nick Mathewson sent an invitation [XXX] encouraging everyone to attend the GNU 30th Anniversary
-Celebration [XXX] on September 28th and 29th at MIT, Cambridge, MA, USA.
+Nick Mathewson sent an invitation [15] encouraging everyone to attend the GNU 30th Anniversary
+Celebration [16] on September 28th and 29th at MIT, Cambridge, MA, USA.
Part of the event is a hackathon and Tor is featured alongside a few other projects.
-So if you want to spend some of the week-end to help the Tor community, sign up on the webpage [XXX] and come along!
-
- [XXX] https://lists.torproject.org/pipermail/tor-talk/2013-September/030154.html
- [XXX] https://gnu.org/gnu30/celebration
- [XXX] https://crm.fsf.org/civicrm/event/register?id=10
+So if you want to spend some of the week-end to help the Tor community, sign up on the webpage [17] and come along!
+
+ [15] https://lists.torproject.org/pipermail/tor-talk/2013-September/030154.html
+ [16] https://gnu.org/gnu30/celebration
+ [17] https://crm.fsf.org/civicrm/event/register?id=10
Clock skew: false alarm
-----------------------
Small offsets in system time offer an attractive opportunity for fingerprinting Tor
clients. In order to eliminate unnecessary exposure, Nick Mathewson has been working on
-proposal 222 [XXX].
+proposal 222 [18].
Unfortunately, this process introduced a bug into the tor daemon which became apparent
after the directory authority named “turtles” was upgraded. The result was that relays
-started to warn their operators of an implausible clock skew [XXX]. This was, of course,
+started to warn their operators of an implausible clock skew [19]. This was, of course,
a false alarm.
-The issue was quickly worked around, and fixed properly a few hours later [XXX].
-
- [XXX] https://gitweb.torproject.org/torspec.git/blob_plain/refs/heads/master:/proposals/222-remove-client-timestamps.txt
- [XXX] https://lists.torproject.org/pipermail/tor-relays/2013-September/002888.html
- [XXX] https://bugs.torproject.org/9798
+The issue was quickly worked around, and fixed properly a few hours later [20].
+
+ [18] https://gitweb.torproject.org/torspec.git/blob_plain/refs/heads/master:/proposals/222-remove-client-timestamps.txt
+ [19] https://lists.torproject.org/pipermail/tor-relays/2013-September/002888.html
+ [20] https://bugs.torproject.org/9798
Tor Help Desk Roundup
---------------------
@@ -127,49 +127,49 @@
The torbrowser application violates the Tor Project's trademark, and the Tor Project
encourages users to avoid it . Multiple Tor Project developers have contacted
SourceForge, which hosts this application's website, attempting to get the project
-removed. Andrew Lewman has said that lawyers have now been engaged [XXX].
+removed. Andrew Lewman has said that lawyers have now been engaged [21].
A number of University students continue contacting the help desk to report difficulties
circumventing their University's Cyberoam firewall. These students report being unable
to access the Tor network even when using the Pluggable Transports Browser with obfs3
bridges. One person reported success circumventing the firewall when using an obfsproxy
-bridge on port 443. This issue is ongoing, but a bug report has been filed [XXX].
-
- [XXX] https://lists.torproject.org/pipermail/tor-talk/2013-August/029614.html
- [XXX] https://bugs.torproject.org/projects/tor/ticket/9601
+bridge on port 443. This issue is ongoing, but a bug report has been filed [22].
+
+ [21] https://lists.torproject.org/pipermail/tor-talk/2013-August/029614.html
+ [22] https://bugs.torproject.org/projects/tor/ticket/9601
Miscellaneous news
------------------
Jacob Appelbaum inquired with VUPEN about the Tor Project having the right of first
-refusal for Tor Browser bugs, in order to protect users [XXX].
-
- [XXX] http://storify.com/fredericjacobs/discussion-between-tor-s-ioerror-and-vupen-s-chaou
+refusal for Tor Browser bugs, in order to protect users [23].
+
+ [23] http://storify.com/fredericjacobs/discussion-between-tor-s-ioerror-and-vupen-s-chaou
The proposed Tor page on Stack Exchange has now reached 100% commitment, and will soon
-be launching as a live beta. Thanks to everyone who signed up! [XXX].
-
- [XXX] http://area51.stackexchange.com/proposals/56447/tor
+be launching as a live beta. Thanks to everyone who signed up! [24].
+
+ [24] http://area51.stackexchange.com/proposals/56447/tor
sajolida reported on the latest Tails “low-hanging fruits session”. The date and a
-tentative agenda for the next online contributors meeting have also been set [XXX].
-
- [XXX] https://mailman.boum.org/pipermail/tails-dev/2013-September/003703.html
- [XXX] https://mailman.boum.org/pipermail/tails-dev/2013-September/003696.html
+tentative agenda for the next online contributors meeting have also been set [25,26].
+
+ [25] https://mailman.boum.org/pipermail/tails-dev/2013-September/003703.html
+ [26] https://mailman.boum.org/pipermail/tails-dev/2013-September/003696.html
While GSoC entered its final phase, Kostas Jakeliunas reported on the searchable
-metrics archive [XXX], Johannes Fürmann on EvilGenius [XXX], and Cristian-Matei Toader
-on Tor capabilities [XXX].
-
- [XXX] https://lists.torproject.org/pipermail/tor-dev/2013-September/005483.html
- [XXX] https://lists.torproject.org/pipermail/tor-dev/2013-September/005484.html
- [XXX] https://lists.torproject.org/pipermail/tor-dev/2013-September/005490.html
+metrics archive [27], Johannes Fürmann on EvilGenius [28], and Cristian-Matei Toader
+on Tor capabilities [29].
+
+ [27] https://lists.torproject.org/pipermail/tor-dev/2013-September/005483.html
+ [28] https://lists.torproject.org/pipermail/tor-dev/2013-September/005484.html
+ [29] https://lists.torproject.org/pipermail/tor-dev/2013-September/005490.html
How can we provide Tor users an easy way to verify the signatures on Tor software?
Sherief Alaa has raised the question on the tor-dev mailing list when asking for
-comments on plans to write a “small” GUI tool [XXX].
-
- [XXX] https://lists.torproject.org/pipermail/tor-dev/2013-September/005491.html
+comments on plans to write a “small” GUI tool [30].
+
+ [30] https://lists.torproject.org/pipermail/tor-dev/2013-September/005491.html
Upcoming events
@@ -197,12 +197,10 @@
Want to continue reading TWN? Please help us create this newsletter.
We still need more volunteers to watch the Tor community and report
-important news. Please see the project page [XXX], write down your
-name and subscribe to the team mailing list [XXX] if you want to
+important news. Please see the project page [31], write down your
+name and subscribe to the team mailing list [32] if you want to
get involved!
- [XXX] https://trac.torproject.org/projects/tor/wiki/TorWeeklyNews
- [XXX] https://lists.torproject.org/cgi-bin/mailman/listinfo/news-team
+ [31] https://trac.torproject.org/projects/tor/wiki/TorWeeklyNews
+ [32] https://lists.torproject.org/cgi-bin/mailman/listinfo/news-team
}}}
-
-Possible items :
version 39
Author: lunar
Date: 2013-09-24T08:45:57+00:00
mention the discussion on tor-dev about file verification tool
--- version 38
+++ version 39
@@ -164,6 +164,13 @@
[XXX] https://lists.torproject.org/pipermail/tor-dev/2013-September/005483.html
[XXX] https://lists.torproject.org/pipermail/tor-dev/2013-September/005484.html
[XXX] https://lists.torproject.org/pipermail/tor-dev/2013-September/005490.html
+
+How can we provide Tor users an easy way to verify the signatures on Tor software?
+Sherief Alaa has raised the question on the tor-dev mailing list when asking for
+comments on plans to write a “small” GUI tool [XXX].
+
+ [XXX] https://lists.torproject.org/pipermail/tor-dev/2013-September/005491.html
+
Upcoming events
---------------
--
Your friendly TWN monitoring script
In case of malfunction, please reach out for lunar at torproject.org
or for the worst cases, tell weasel at torproject.org to kill me.
More information about the news-team
mailing list