[TWN team] Recent changes to the wiki pages
Lunar
lunar at torproject.org
Tue Jan 21 13:20:19 UTC 2014
===========================================================================
==== https://trac.torproject.org/projects/tor/wiki/TorWeeklyNews/2014/3 ====
===========================================================================
version 42
Author: karsten
Date: 2014-01-21T12:47:34+00:00
Minor fixes.
--- version 41
+++ version 42
@@ -35,7 +35,7 @@
different software using geolocalization information: Tor, BridgeDB,
the metrics database and the metrics website. The format used by Tor
so far has always been a custom format, so writing a converter from
-MaxMind's database format is one of the option. The other is to
+MaxMind's database format is one option. Another option is to
integrate the parsing libraries provided by MaxMind into Tor software.
Both approaches have their advantages. In any cases, they can be useful,
@@ -44,7 +44,7 @@
[1] https://gitweb.torproject.org/tor.git/tree/ee60a8dd
[2] https://gitweb.torproject.org/tor.git/commit/befcc84f
- [3] https://bugs.torprojet.org/6266
+ [3] https://bugs.torproject.org/6266
[4] http://blog.maxmind.com/2013/07/01/introducing-the-geoip2-beta/
[5] https://lists.torproject.org/pipermail/tor-dev/2014-January/006080.html
@@ -64,7 +64,7 @@
Gerardus Hendricks has made a quick analysis [9] of Tor source code
to determine that key were generated using entropy from /dev/urandom — an
-unsecure behaviour in low entropy situation.
+insecure behavior in low entropy situation.
Nick Mathewson suggested [10] to change the initialization procedure
in order to “try to read a byte from /dev/random before it starts Tor, and
@@ -97,7 +97,7 @@
The paper [15] gives more details on the modular scanning software [16]
that has been developed. It details on how it can detect tampering on
-the HTTP, HTTPS, SSH and DNS protocols. The paper also highlights that
+the HTTP, HTTPS, SSH, and DNS protocols. The paper also highlights that
in some occasions, it's the relay ISP that is responsible for the attack
despite of the good faith of the operator.
@@ -105,7 +105,7 @@
help to detect man-in-the-middle attacks: if the browser is unable
to verify a certificate, it will automatically retrieve the
certificate again using a different Tor exit node. If the certificates
-do no match, a warning is then issued informing the user that an attack
+do not match, a warning is then issued informing the user that an attack
might be happening and offering to notify the Tor Project.
Philipp and Stefan's efforts have already identified 25 bad relays that
@@ -127,7 +127,7 @@
participate in the “Trusted Tor Traceroutes” experiment. Paul Görgen
reported [17,18,19] having similar troubles, even with a lower packet per second
rate. Relay operators might want to warn their ISP before undertaking the
-xperiment in the future to avoid similar misadventures.
+experiment in the future to avoid similar misadventures.
[17] https://lists.torproject.org/pipermail/tor-relays/2014-January/003620.html
[18] https://web.engr.illinois.edu/~das17/tor-traceroute_v1.html
@@ -142,7 +142,7 @@
[22] http://128.174.241.211:443/relay_scoreboard
The integration of “pluggable transports” in the main Tor Browser Bundle [23]
-is moving smoothly. David Fifield published beta images of his recent work [24]
+is moving smoothly. David Fifield published beta images of his recent work [24],
and the initial implementation adding a default set of bridges to Tor Launcher [25]
has been completed.
version 41
Author: sand339
Date: 2014-01-21T12:30:06+00:00
Reviewed for language and minor language/grammatical edits made
--- version 40
+++ version 41
@@ -95,16 +95,16 @@
order to expose, document, and thwart malicious or misconfigured
relays”.
-The paper [15] give more details on the modular scanning software [16]
-that has been developed. It details how it can detects tampering on
+The paper [15] gives more details on the modular scanning software [16]
+that has been developed. It details on how it can detect tampering on
the HTTP, HTTPS, SSH and DNS protocols. The paper also highlights that
in some occasions, it's the relay ISP that is responsible for the attack
-despite the good faith of the operator.
+despite of the good faith of the operator.
The authors also describe a modification to the Tor Browser that can
-help to detect man-in-the-middle attacks: if the browser in unable
+help to detect man-in-the-middle attacks: if the browser is unable
to verify a certificate, it will automatically retrieve the
-certificate again using a different Tor exit nodes. If the certificates
+certificate again using a different Tor exit node. If the certificates
do no match, a warning is then issued informing the user that an attack
might be happening and offering to notify the Tor Project.
@@ -185,7 +185,7 @@
[37] https://lists.torproject.org/pipermail/tor-reports/2014-January/000432.html
[38] https://lists.torproject.org/pipermail/tor-reports/2014-January/000433.html
-There is two weeks left to participate in the crowdfunding campaign started by
+There are two weeks left to participate in the crowdfunding campaign started by
the Freedom of the Press Foundation [39]. Among other projects, the money will
support core Tor development and Tails 1.0 release.
@@ -199,10 +199,10 @@
number of websites have begun blocking connections that appear to come
from the Tor network. A partial list of websites that do this can be
found on Tor Project's wiki [40]. Feel free to add more sites to the
-latter, and to contact the website's operators to explain why banning
+list, and to contact the website's operators to explain why banning
Tor is not the best course of action.
-Some users report websites that do not allow logins when using the
+Some users reported websites that do not allow logins when using the
Tor Browser. This is not always related to website blocks or blacklists.
There is a known bug in the Tor Browser Bundle such that Private
Browsing Mode disallows cookies in a way that some sites don't like.
version 40
Author: dope457
Date: 2014-01-21T12:08:38+00:00
FROZEN
--- version 39
+++ version 40
@@ -1,6 +1,8 @@
''29th issue of Tor Weekly News. Covering what's happening from January 14th, 2014 to January 21th, 2014. To be released on January 22th, 2014.''
'''Editor:''' dope457
+
+'''Status:''' FROZEN! Only language and technical fixes allowed. New topics should go to [wiki:TorWeeklyNews/2014/4 next week's edition]. Expected publication time 2013-01-22 12:00 UTC.
'''Subject:''' Tor Weekly News — January 22th, 2014
version 39
Author: dope457
Date: 2014-01-21T12:01:13+00:00
item move to another issue
--- version 38
+++ version 39
@@ -237,8 +237,4 @@
[42] https://trac.torproject.org/projects/tor/wiki/TorWeeklyNews
[43] https://lists.torproject.org/cgi-bin/mailman/listinfo/news-team
-}}}
-
-To mention when TBB 3.5.1 will be officially out:
-
-* Accessibility support fixed, it can properly be used with a Screen Reader https://lists.torproject.org/pipermail/tor-talk/2014-January/031575.html
+}}}
version 38
Author: dope457
Date: 2014-01-21T11:58:39+00:00
credits
--- version 37
+++ version 38
@@ -226,8 +226,8 @@
| http://wiki.skullspace.ca/CryptoParty
-This issue of Tor Weekly News has been assembled by XXX, XXX, and
-XXX.
+This issue of Tor Weekly News has been assembled by Lunar, Matt Pagan,
+and dope457.
Want to continue reading TWN? Please help us create this newsletter.
We still need more volunteers to watch the Tor community and report
version 37
Author: dope457
Date: 2014-01-21T11:56:42+00:00
numbers
--- version 36
+++ version 37
@@ -16,16 +16,16 @@
-----------------------------------------------------------
The first version of Tor to include an IP-to-country database was
-0.2.0.27-rc [XXX], released in 2008. In 2010, the database
-switched [XXX] from data provided by WebHosting.Info to use the more
+0.2.0.27-rc [1], released in 2008. In 2010, the database
+switched [2] from data provided by WebHosting.Info to use the more
up-to-date MaxMind's GeoLite service. All was good, until two years
-later when MaxMind started to hide the country of Tor relays [XXX],
+later when MaxMind started to hide the country of Tor relays [3],
marking them as from the “A1” country, standing for “anonymous proxy”.
Karsten Loesing has been tirelessly doing manual database updates ever
since.
-MaxMind has launched GeoIP2 [XXX] as a successor of its previous
-service. The very good news, as spotted by Karsten [XXX], is that the
+MaxMind has launched GeoIP2 [4] as a successor of its previous
+service. The very good news, as spotted by Karsten [5], is that the
new format “provide the A1/A2 information in *addition* to the correct
country codes”.
@@ -40,19 +40,19 @@
fun and small projects for someone new to the Tor community. Be sure to
have a look at Karsten's suggestions if you feel like helping.
- [XXX] https://gitweb.torproject.org/tor.git/tree/ee60a8dd
- [XXX] https://gitweb.torproject.org/tor.git/commit/befcc84f
- [XXX] https://bugs.torprojet.org/6266
- [XXX] http://blog.maxmind.com/2013/07/01/introducing-the-geoip2-beta/
- [XXX] https://lists.torproject.org/pipermail/tor-dev/2014-January/006080.html
+ [1] https://gitweb.torproject.org/tor.git/tree/ee60a8dd
+ [2] https://gitweb.torproject.org/tor.git/commit/befcc84f
+ [3] https://bugs.torprojet.org/6266
+ [4] http://blog.maxmind.com/2013/07/01/introducing-the-geoip2-beta/
+ [5] https://lists.torproject.org/pipermail/tor-dev/2014-January/006080.html
Key generation on headless and diskless relays
----------------------------------------------
-Following up on his work on Torride [XXX] — a live Linux distribution
+Following up on his work on Torride [6] — a live Linux distribution
meant to run Tor relays — anarcat asked about key generation in low
-entropy situation. Lunar had raised [XXX] a similar question for the
-Tor-ramdisk distribution [XXX] a couple of months ago.
+entropy situation. Lunar had raised [7] a similar question for the
+Tor-ramdisk distribution [8] a couple of months ago.
“The concern here is what happens when Tor starts up the first time. I
believe it creates a public/private key pair for its cryptographic
@@ -60,23 +60,23 @@
system, when the entropy of the system is low or inexistent” explained
anarcat.
-Gerardus Hendricks has made a quick analysis [XXX] of Tor source code
+Gerardus Hendricks has made a quick analysis [9] of Tor source code
to determine that key were generated using entropy from /dev/urandom — an
unsecure behaviour in low entropy situation.
-Nick Mathewson suggested [XXX] to change the initialization procedure
+Nick Mathewson suggested [10] to change the initialization procedure
in order to “try to read a byte from /dev/random before it starts Tor, and
block until it actually can read that byte.“ This would “ensure that the kernel
RNG has (by its own lights) reached full entropy at least once, which
guarantees cryptographic quality of the rest of the /dev/urandom stream.”
-More general solutions are now discussed in a newly created ticket [XXX].
-
- [XXX] https://redmine.koumbit.net/projects/torride
- [XXX] http://opensource.dyc.edu/pipermail/tor-ramdisk/2013-January/000101.html
- [XXX] http://opensource.dyc.edu/tor-ramdisk/
- [XXX] https://lists.torproject.org/pipermail/tor-talk/2014-January/031725.html
- [XXX] https://lists.torproject.org/pipermail/tor-talk/2014-January/031773.html
- [XXX] https://bugs.torproject.org/10676
+More general solutions are now discussed in a newly created ticket [11].
+
+ [6] https://redmine.koumbit.net/projects/torride
+ [7] http://opensource.dyc.edu/pipermail/tor-ramdisk/2013-January/000101.html
+ [8] http://opensource.dyc.edu/tor-ramdisk/
+ [9] https://lists.torproject.org/pipermail/tor-talk/2014-January/031725.html
+ [10] https://lists.torproject.org/pipermail/tor-talk/2014-January/031773.html
+ [11] https://bugs.torproject.org/10676
Exposing malicious exit relays
------------------------------
@@ -86,14 +86,14 @@
support online privacy.
Unfortunately, as Philipp Winter and Stefan Lindskog wrote in the
-introduction of their new research project [XXX], “there are exceptions:
-in the past, some exit relays were documented to have sniffed [XXX] and
-tampered with relayed traffic [XXX]. The project, dubbed “spoiled
+introduction of their new research project [12], “there are exceptions:
+in the past, some exit relays were documented to have sniffed [13] and
+tampered with relayed traffic [14]. The project, dubbed “spoiled
onions” is meant to “monitoring all exit relays for several months in
order to expose, document, and thwart malicious or misconfigured
relays”.
-The paper [XXX] give more details on the modular scanning software [XXX]
+The paper [15] give more details on the modular scanning software [16]
that has been developed. It details how it can detects tampering on
the HTTP, HTTPS, SSH and DNS protocols. The paper also highlights that
in some occasions, it's the relay ISP that is responsible for the attack
@@ -112,82 +112,82 @@
this will help to identify those who try to abuse Tor users as soon as
possible in the future.
- [XXX] http://www.cs.kau.se/philwint/spoiled_onions/
- [XXX] http://www.cs.columbia.edu/~mikepo/papers/tordecoys.raid11.pdf
- [XXX] https://trac.torproject.org/projects/tor/wiki/doc/badRelays
- [XXX] http://www.cs.kau.se/philwint/spoiled_onions/techreport.pdf
- [XXX] https://github.com/NullHypothesis/exitmap
+ [12] http://www.cs.kau.se/philwint/spoiled_onions/
+ [13] http://www.cs.columbia.edu/~mikepo/papers/tordecoys.raid11.pdf
+ [14] https://trac.torproject.org/projects/tor/wiki/doc/badRelays
+ [15] http://www.cs.kau.se/philwint/spoiled_onions/techreport.pdf
+ [16] https://github.com/NullHypothesis/exitmap
Miscellaneous news
------------------
Alex reported his bad experience with Hetzner when attempting to
participate in the “Trusted Tor Traceroutes” experiment. Paul Görgen
-reported [XXX] having similar troubles, even with a lower packet per second
+reported [17,18,19] having similar troubles, even with a lower packet per second
rate. Relay operators might want to warn their ISP before undertaking the
xperiment in the future to avoid similar misadventures.
- [XXX] https://lists.torproject.org/pipermail/tor-relays/2014-January/003620.html
- [XXX] https://web.engr.illinois.edu/~das17/tor-traceroute_v1.html
- [XXX] https://lists.torproject.org/pipermail/tor-relays/2014-January/003625.html
-
-Anupam Das reported [XXX] that they have “received a good rate of participation by
-relay operators to our measurement project” [XXX]. To measure progress, there
-is now a live scoreboard of all participants [XXX].
-
- [XXX] https://lists.torproject.org/pipermail/tor-relays/2014-January/003686.html
- [XXX] https://web.engr.illinois.edu/~das17/tor-traceroute_v1.html
- [XXX] http://128.174.241.211:443/relay_scoreboard
-
-The integration of “pluggable transports” in the main Tor Browser Bundle [XXX]
-is moving smoothly. David Fifield published beta images of his recent work [XXX]
-and the initial implementation adding a default set of bridges to Tor Launcher [XXX]
+ [17] https://lists.torproject.org/pipermail/tor-relays/2014-January/003620.html
+ [18] https://web.engr.illinois.edu/~das17/tor-traceroute_v1.html
+ [19] https://lists.torproject.org/pipermail/tor-relays/2014-January/003625.html
+
+Anupam Das reported [20] that they have “received a good rate of participation by
+relay operators to our measurement project” [21]. To measure progress, there
+is now a live scoreboard of all participants [22].
+
+ [20] https://lists.torproject.org/pipermail/tor-relays/2014-January/003686.html
+ [21] https://web.engr.illinois.edu/~das17/tor-traceroute_v1.html
+ [22] http://128.174.241.211:443/relay_scoreboard
+
+The integration of “pluggable transports” in the main Tor Browser Bundle [23]
+is moving smoothly. David Fifield published beta images of his recent work [24]
+and the initial implementation adding a default set of bridges to Tor Launcher [25]
has been completed.
- [XXX] https://bugs.torproject.org/9444
- [XXX] https://gitweb.torproject.org/user/dcf/tor-browser-bundle.git/shortlog/refs/heads/3.6-beta
- [XXX] https://bugs.torproject.org/10418
-
-Following up on last week [XXX] call for help regarding Tor Weather [XXX],
-Karsten Loesing is organizing an IRC meeting [XXX] with interested developers
+ [23] https://bugs.torproject.org/9444
+ [24] https://gitweb.torproject.org/user/dcf/tor-browser-bundle.git/shortlog/refs/heads/3.6-beta
+ [25] https://bugs.torproject.org/10418
+
+Following up on last week [26] call for help regarding Tor Weather [27],
+Karsten Loesing is organizing an IRC meeting [28] with interested developers
on Wed, Jan 22, 18:00 UTC. The meeting will happen in #tor-dev on OFTC.
- [XXX] https://lists.torproject.org/pipermail/tor-dev/2014-January/006039.html
- [XXX] https://weather.torproject.org/
- [XXX] https://lists.torproject.org/pipermail/tor-dev/2014-January/006102.html
-
-As part of the website redesign effort, Marck Al proposed [XXX] an updated
-visual identity. Lunar also highlighted a couple of tasks [XXX] that could be
+ [26] https://lists.torproject.org/pipermail/tor-dev/2014-January/006039.html
+ [27] https://weather.torproject.org/
+ [28] https://lists.torproject.org/pipermail/tor-dev/2014-January/006102.html
+
+As part of the website redesign effort, Marck Al proposed [29] an updated
+visual identity. Lunar also highlighted a couple of tasks [30] that could be
undertaken to move the website redesign forward.
- [XXX] https://lists.torproject.org/pipermail/www-team/2014-January/000196.html
- [XXX] https://lists.torproject.org/pipermail/www-team/2014-January/000216.html
-
-Tails' release calendar [XXX] has been shifted by two weeks because of the
-holiday break from Mozilla [XXX].
-
- [XXX] https://tails.boum.org/contribute/calendar/
- [XXX] https://mailman.boum.org/pipermail/tails-dev/2014-January/004757.html
-
-Ximin Luo has been discussing with I2P [XXX] developers on how Pluggable
-Transports [XXX] could be made easier to use by other projects.
-
- [XXX] http://geti2p.net/
- [XXX] https://www.torproject.org/docs/pluggable-transports.html.en
- [XXX] https://bugs.torproject.org/10629
-
-Isis Lovecruft has sent late reports on her activity for October [XXX],
-November [XXX] and December 2013 [XXX].
-
- [XXX] https://lists.torproject.org/pipermail/tor-reports/2014-January/000431.html
- [XXX] https://lists.torproject.org/pipermail/tor-reports/2014-January/000432.html
- [XXX] https://lists.torproject.org/pipermail/tor-reports/2014-January/000433.html
+ [29] https://lists.torproject.org/pipermail/www-team/2014-January/000196.html
+ [30] https://lists.torproject.org/pipermail/www-team/2014-January/000216.html
+
+Tails' release calendar [31] has been shifted by two weeks because of the
+holiday break from Mozilla [32].
+
+ [31] https://tails.boum.org/contribute/calendar/
+ [32] https://mailman.boum.org/pipermail/tails-dev/2014-January/004757.html
+
+Ximin Luo has been discussing with I2P [33] developers on how Pluggable
+Transports [34] could be made easier to use by other projects [35].
+
+ [33] http://geti2p.net/
+ [34] https://www.torproject.org/docs/pluggable-transports.html.en
+ [35] https://bugs.torproject.org/10629
+
+Isis Lovecruft has sent late reports on her activity for October [36],
+November [37] and December 2013 [38].
+
+ [36] https://lists.torproject.org/pipermail/tor-reports/2014-January/000431.html
+ [37] https://lists.torproject.org/pipermail/tor-reports/2014-January/000432.html
+ [38] https://lists.torproject.org/pipermail/tor-reports/2014-January/000433.html
There is two weeks left to participate in the crowdfunding campaign started by
-the Freedom of the Press Foundation [XXX]. Among other projects, the money will
+the Freedom of the Press Foundation [39]. Among other projects, the money will
support core Tor development and Tails 1.0 release.
- [XXX] https://pressfreedomfoundation.org/
+ [39] https://pressfreedomfoundation.org/
Tor help desk roundup
---------------------
@@ -196,7 +196,7 @@
particular public-facing website. Often this is because an increasing
number of websites have begun blocking connections that appear to come
from the Tor network. A partial list of websites that do this can be
-found on Tor Project's wiki [XXX]. Feel free to add more sites to the
+found on Tor Project's wiki [40]. Feel free to add more sites to the
latter, and to contact the website's operators to explain why banning
Tor is not the best course of action.
@@ -205,10 +205,10 @@
There is a known bug in the Tor Browser Bundle such that Private
Browsing Mode disallows cookies in a way that some sites don't like.
Disabling Private Browsing mode via Torbutton's Preferences is a
-workaround and will hopefully be fixed soon [XXX].
-
- [XXX] https://trac.torproject.org/projects/tor/wiki/org/doc/ListOfServicesBlockingTor
- [XXX] https://bugs.torproject.org/10569
+workaround and will hopefully be fixed soon [41].
+
+ [40] https://trac.torproject.org/projects/tor/wiki/org/doc/ListOfServicesBlockingTor
+ [41] https://bugs.torproject.org/10569
Upcoming events
---------------
@@ -231,12 +231,12 @@
Want to continue reading TWN? Please help us create this newsletter.
We still need more volunteers to watch the Tor community and report
-important news. Please see the project page [XXX], write down your
-name and subscribe to the team mailing list [XXX] if you want to
+important news. Please see the project page [42], write down your
+name and subscribe to the team mailing list [43] if you want to
get involved!
- [XXX] https://trac.torproject.org/projects/tor/wiki/TorWeeklyNews
- [XXX] https://lists.torproject.org/cgi-bin/mailman/listinfo/news-team
+ [42] https://trac.torproject.org/projects/tor/wiki/TorWeeklyNews
+ [43] https://lists.torproject.org/cgi-bin/mailman/listinfo/news-team
}}}
To mention when TBB 3.5.1 will be officially out:
version 36
Author: lunar
Date: 2014-01-21T11:39:32+00:00
reword
--- version 35
+++ version 36
@@ -196,19 +196,19 @@
particular public-facing website. Often this is because an increasing
number of websites have begun blocking connections that appear to come
from the Tor network. A partial list of websites that do this can be
-found on our wiki [XXX]. The community should feel free to edit that
-page as more such sites are found.
+found on Tor Project's wiki [XXX]. Feel free to add more sites to the
+latter, and to contact the website's operators to explain why banning
+Tor is not the best course of action.
Some users report websites that do not allow logins when using the
Tor Browser. This is not always related to website blocks or blacklists.
There is a known bug in the Tor Browser Bundle such that Private
Browsing Mode disallows cookies in a way that some sites don't like.
Disabling Private Browsing mode via Torbutton's Preferences is a
-workaround. The work to address this issue can be followed in
-this ticket [XXX].
+workaround and will hopefully be fixed soon [XXX].
[XXX] https://trac.torproject.org/projects/tor/wiki/org/doc/ListOfServicesBlockingTor
- [XXX] https://trac.torproject.org/projects/tor/ticket/10569
+ [XXX] https://bugs.torproject.org/10569
Upcoming events
---------------
version 35
Author: lunar
Date: 2014-01-21T11:32:49+00:00
do a full feature about spoiled onions
--- version 34
+++ version 35
@@ -78,6 +78,46 @@
[XXX] https://lists.torproject.org/pipermail/tor-talk/2014-January/031773.html
[XXX] https://bugs.torproject.org/10676
+Exposing malicious exit relays
+------------------------------
+
+Anyone is free to start a new Tor relay and join the Tor network. Most
+Tor relay operators are volunteers who dedicate time and money to
+support online privacy.
+
+Unfortunately, as Philipp Winter and Stefan Lindskog wrote in the
+introduction of their new research project [XXX], “there are exceptions:
+in the past, some exit relays were documented to have sniffed [XXX] and
+tampered with relayed traffic [XXX]. The project, dubbed “spoiled
+onions” is meant to “monitoring all exit relays for several months in
+order to expose, document, and thwart malicious or misconfigured
+relays”.
+
+The paper [XXX] give more details on the modular scanning software [XXX]
+that has been developed. It details how it can detects tampering on
+the HTTP, HTTPS, SSH and DNS protocols. The paper also highlights that
+in some occasions, it's the relay ISP that is responsible for the attack
+despite the good faith of the operator.
+
+The authors also describe a modification to the Tor Browser that can
+help to detect man-in-the-middle attacks: if the browser in unable
+to verify a certificate, it will automatically retrieve the
+certificate again using a different Tor exit nodes. If the certificates
+do no match, a warning is then issued informing the user that an attack
+might be happening and offering to notify the Tor Project.
+
+Philipp and Stefan's efforts have already identified 25 bad relays that
+have subsequently been marked as such by directory authority operators.
+Even if we wish the number of problematic relays to stay low, let's hope
+this will help to identify those who try to abuse Tor users as soon as
+possible in the future.
+
+ [XXX] http://www.cs.kau.se/philwint/spoiled_onions/
+ [XXX] http://www.cs.columbia.edu/~mikepo/papers/tordecoys.raid11.pdf
+ [XXX] https://trac.torproject.org/projects/tor/wiki/doc/badRelays
+ [XXX] http://www.cs.kau.se/philwint/spoiled_onions/techreport.pdf
+ [XXX] https://github.com/NullHypothesis/exitmap
+
Miscellaneous news
------------------
@@ -135,12 +175,6 @@
[XXX] http://geti2p.net/
[XXX] https://www.torproject.org/docs/pluggable-transports.html.en
[XXX] https://bugs.torproject.org/10629
-
-Philipp Winter and Stefan Lindskog published a paper [XXX] on malicious
-Tor exit relays [XXX]. “Feedback or patches are always welcome.”
-
- [XXX] http://www.cs.kau.se/philwint/spoiled_onions/techreport.pdf
- [XXX] http://www.cs.kau.se/philwint/spoiled_onions/
Isis Lovecruft has sent late reports on her activity for October [XXX],
November [XXX] and December 2013 [XXX].
version 34
Author: lunar
Date: 2014-01-21T11:10:53+00:00
typo
--- version 33
+++ version 34
@@ -16,12 +16,13 @@
-----------------------------------------------------------
The first version of Tor to include an IP-to-country database was
-0.2.0.27-rc [XXX], released in 2008. In 2010, the database switched
-[XXX] from data provided by WebHosting.Info to use the more up-to-date
-MaxMind's GeoLite service. All was good, until two years later when
-MaxMind started to hide the country of Tor relays [XXX], marking them as
-from the “A1” country, standing for “anonymous proxy”. Karsten Loesing
-has been tirelessly doing manual database updates ever since.
+0.2.0.27-rc [XXX], released in 2008. In 2010, the database
+switched [XXX] from data provided by WebHosting.Info to use the more
+up-to-date MaxMind's GeoLite service. All was good, until two years
+later when MaxMind started to hide the country of Tor relays [XXX],
+marking them as from the “A1” country, standing for “anonymous proxy”.
+Karsten Loesing has been tirelessly doing manual database updates ever
+since.
MaxMind has launched GeoIP2 [XXX] as a successor of its previous
service. The very good news, as spotted by Karsten [XXX], is that the
===========================================================================
==== https://trac.torproject.org/projects/tor/wiki/TorWeeklyNews/2014/4 ====
===========================================================================
version 5
Author: dope457
Date: 2014-01-21T12:17:03+00:00
mesed up dates
--- version 4
+++ version 5
@@ -2,7 +2,7 @@
'''Editor:'''
-'''Subject:''' Tor Weekly News — January 30th, 2014
+'''Subject:''' Tor Weekly News — January 29th, 2014
{{{
========================================================================
version 4
Author: dope457
Date: 2014-01-21T12:15:17+00:00
fix
--- version 3
+++ version 4
@@ -1,4 +1,4 @@
-''30th issue of Tor Weekly News. Covering what's happening from January 22nd, 2014 to January 29th, 2014. To be released on January 30th, 2014.''
+''30th issue of Tor Weekly News. Covering what's happening from January 21st, 2014 to January 28th, 2014. To be released on January 29th, 2014.''
'''Editor:'''
@@ -6,7 +6,7 @@
{{{
========================================================================
-Tor Weekly News XXX Xth, 2014
+Tor Weekly News January 29th, 2014
========================================================================
Welcome to the fourth issue in 2014 of Tor Weekly News,, the weekly
version 3
Author: dope457
Date: 2014-01-21T12:13:21+00:00
dates
--- version 2
+++ version 3
@@ -1,16 +1,16 @@
-''XXXth issue of Tor Weekly News. Covering what's happening from XXX Xth, 2014 to XXX Xth, 2014. To be released on XXX Xth, 2014.''
+''30th issue of Tor Weekly News. Covering what's happening from January 22nd, 2014 to January 29th, 2014. To be released on January 30th, 2014.''
'''Editor:'''
-'''Subject:''' Tor Weekly News — XXX Xth, 2014
+'''Subject:''' Tor Weekly News — January 30th, 2014
{{{
========================================================================
Tor Weekly News XXX Xth, 2014
========================================================================
-Welcome to the Xth issue of Tor Weekly News, the weekly newsletter that
-covers what is happening in the XXX Tor community.
+Welcome to the fourth issue in 2014 of Tor Weekly News,, the weekly
+newsletter that covers what is happening in the XXX Tor community.
New Release of XXX
------------------
@@ -83,5 +83,6 @@
[XXX] https://lists.torproject.org/cgi-bin/mailman/listinfo/news-team
}}}
Possible items:
+
To mention when TBB 3.5.1 will be officially out:
* Accessibility support fixed, it can properly be used with a Screen Reader https://lists.torproject.org/pipermail/tor-talk/2014-January/031575.html
version 2
Author: dope457
Date: 2014-01-21T12:00:25+00:00
items from last issue
--- version 1
+++ version 2
@@ -82,5 +82,6 @@
[XXX] https://trac.torproject.org/projects/tor/wiki/TorWeeklyNews
[XXX] https://lists.torproject.org/cgi-bin/mailman/listinfo/news-team
}}}
-Possible item:
+Possible items:
+To mention when TBB 3.5.1 will be officially out:
* Accessibility support fixed, it can properly be used with a Screen Reader https://lists.torproject.org/pipermail/tor-talk/2014-January/031575.html
version 1
Author: dope457
Date: 2014-01-21T11:59:55+00:00
first
---
+++ version 1
@@ -0,0 +1,86 @@
+''XXXth issue of Tor Weekly News. Covering what's happening from XXX Xth, 2014 to XXX Xth, 2014. To be released on XXX Xth, 2014.''
+
+'''Editor:'''
+
+'''Subject:''' Tor Weekly News — XXX Xth, 2014
+
+{{{
+========================================================================
+Tor Weekly News XXX Xth, 2014
+========================================================================
+
+Welcome to the Xth issue of Tor Weekly News, the weekly newsletter that
+covers what is happening in the XXX Tor community.
+
+New Release of XXX
+------------------
+
+XXX: cite specific release date, numbers, and developers responsible
+
+XXX: details about release
+
+ [XXX]
+
+Monthly status reports for XXX month 2014
+-----------------------------------------
+
+The wave of regular monthly reports from Tor project members for the
+month of XXX has begun. XXX released his report first [XXX], followed
+by reports from name 2 [XXX], name 3 [XXX], and name 4 [XXX].
+
+ [XXX]
+ [XXX]
+ [XXX]
+ [XXX]
+
+Miscellaneous news
+------------------
+
+Item 1 with cited source [XXX].
+
+Item 2 with cited source [XXX].
+
+Item 3 with cited source [XXX].
+
+ [XXX]
+ [XXX]
+ [XXX]
+
+Tor help desk roundup
+---------------------
+
+Summary of some questions sent to the Tor help desk.
+
+Vulnerabilities
+---------------
+
+XXX: Reported vulnerabilities [XXX].
+
+ [XXX] vulnerability report source
+
+Upcoming events
+---------------
+
+Jul XX-XX | Event XXX brief description
+ | Event City, Event Country
+ | Event website URL
+ |
+Jul XX-XX | Event XXX brief description
+ | Event City, Event Country
+ | Event website URL
+
+
+This issue of Tor Weekly News has been assembled by XXX, XXX, and
+XXX.
+
+Want to continue reading TWN? Please help us create this newsletter.
+We still need more volunteers to watch the Tor community and report
+important news. Please see the project page [XXX], write down your
+name and subscribe to the team mailing list [XXX] if you want to
+get involved!
+
+ [XXX] https://trac.torproject.org/projects/tor/wiki/TorWeeklyNews
+ [XXX] https://lists.torproject.org/cgi-bin/mailman/listinfo/news-team
+}}}
+Possible item:
+* Accessibility support fixed, it can properly be used with a Screen Reader https://lists.torproject.org/pipermail/tor-talk/2014-January/031575.html
--
Your friendly TWN monitoring script
In case of malfunction, please reach out for lunar at torproject.org
or for the worst cases, tell weasel at torproject.org to kill me.
More information about the news-team
mailing list