[TWN team] Recent changes to the wiki pages
Lunar
lunar at torproject.org
Wed Oct 22 12:40:04 UTC 2014
===========================================================================
=== https://trac.torproject.org/projects/tor/wiki/TorWeeklyNews/2014/42 ===
===========================================================================
version 35
Author: harmony
Date: 2014-10-22T12:06:32+00:00
numerize/wrap
--- version 34
+++ version 35
@@ -17,30 +17,30 @@
Tor 0.2.5.9-rc is out
---------------------
-Nick Mathewson announced [XXX] what is hopefully the final release
+Nick Mathewson announced [1] what is hopefully the final release
candidate in the Tor 0.2.5 series. It contains two enhancements in
-response to the recent POODLE attack on OpenSSL [XXX], “even though
-POODLE does not affect Tor”, as well as a number of other miscellaneous
+response to the recent POODLE attack on OpenSSL [2], “even though POODLE
+does not affect Tor”, as well as a number of other miscellaneous
improvements.
Upgrading is especially important for relay operators, as a remote crash
-is possible [XXX] when older Tor versions are used with a version of
+is possible [3] when older Tor versions are used with a version of
OpenSSL released last week that was built with the “no-ssl3” flag.
As ever, you can download the source code from the distribution
-directory [XXX] and packages should follow shortly.
-
- [XXX]: https://lists.torproject.org/pipermail/tor-talk/2014-October/035302.html
- [XXX]: https://blog.torproject.org/blog/new-sslv3-attack-found-disable-sslv3-torbrowser
- [XXX]: https://blog.torproject.org/blog/advisory-remote-dos-when-using-tor-recent-openssl-versions-built-no-ssl3-option
- [XXX]: https://www.torproject.org/dist/
+directory [4] and packages should follow shortly.
+
+ [1]: https://lists.torproject.org/pipermail/tor-talk/2014-October/035302.html
+ [2]: https://blog.torproject.org/blog/new-sslv3-attack-found-disable-sslv3-torbrowser
+ [3]: https://blog.torproject.org/blog/advisory-remote-dos-when-using-tor-recent-openssl-versions-built-no-ssl3-option
+ [4]: https://www.torproject.org/dist/
Tor Browser 4.0 is out
----------------------
-Mike Perry announced [XXX] a major release by the Tor Browser team.
+Mike Perry announced [5] a major release by the Tor Browser team.
Version 4.0 of the secure and anonymous web browser brings several
-exciting new features to the stable series, including the meek [XXX]
+exciting new features to the stable series, including the meek [6]
censorship-circumvention tool, the secure updater, and a simplified
Javascript enabling/disabling process in NoScript, all based on a
customized Firefox ESR31. SSLv3 is also disabled, in response to the
@@ -53,26 +53,26 @@
entirely. The secure updater still requires manual activation in the
“About Tor Browser” menu option, as its security will depend “on the
specific CA that issued the www.torproject.org HTTPS certificate
-(Digicert)” until site-specific certificate pinning [XXX] and signed
-update files [XXX] are implemented. Furthermore, “we still need to
-improve meek’s performance to match other transports”, wrote Mike, “so
-adjust your expectations accordingly”.
+(Digicert)” until site-specific certificate pinning [7] and signed
+update files [8] are implemented. Furthermore, “we still need to improve
+meek’s performance to match other transports”, wrote Mike, “so adjust
+your expectations accordingly”.
See Mike’s post for further details and a full changelog, and get your
-copy of Tor Browser 4.0 from the distribution directory [XXX] or the
-download page [XXX].
-
- [XXX]: https://blog.torproject.org/blog/tor-browser-40-released
- [XXX]: https://trac.torproject.org/projects/tor/wiki/doc/meek
- [XXX]: https://bugs.torproject.org/11955
- [XXX]: https://bugs.torproject.org/13379
- [XXX]: https://www.torproject.org/dist/torbrowser/4.0/
- [XXX]: https://www.torproject.org/download/download-easy
+copy of Tor Browser 4.0 from the distribution directory [9] or the
+download page [10].
+
+ [5]: https://blog.torproject.org/blog/tor-browser-40-released
+ [6]: https://trac.torproject.org/projects/tor/wiki/doc/meek
+ [7]: https://bugs.torproject.org/11955
+ [8]: https://bugs.torproject.org/13379
+ [9]: https://www.torproject.org/dist/torbrowser/4.0/
+ [10]: https://www.torproject.org/download/download-easy
Tails 1.2 is out
----------------
-The Tails team put out version 1.2 [XXX] of the anonymizing live
+The Tails team put out version 1.2 [11] of the anonymizing live
operating system. This release replaces the Iceweasel browser with “most
of” the regular Tor Browser, and confines several important applications
with AppArmor.
@@ -82,53 +82,51 @@
I2P Browser. This is also the last Tails release to ship with the
now-unmaintained TrueCrypt tool, but the Tails team has already
documented the method for opening TrueCrypt volumes with
-cryptsetup [XXX]. See the team’s announcement for a full list of changes
+cryptsetup [12]. See the team’s announcement for a full list of changes
in the new version.
This is an important security release and all users should upgrade as
soon as possible. If you have a running Tails, you should be able to use
the incremental updater; if your Tails drive was manually created, or
-you are a new user, head to the download page [XXX] for more
-information.
-
- [XXX]: https://tails.boum.org/news/version_1.2/
- [XXX]: https://tails.boum.org/doc/encryption_and_privacy/truecrypt/index#cryptsetup
- [XXX]: https://tails.boum.org/download/
+you are a new user, head to the download page [13] for more information.
+
+ [11]: https://tails.boum.org/news/version_1.2/
+ [12]: https://tails.boum.org/doc/encryption_and_privacy/truecrypt/index#cryptsetup
+ [13]: https://tails.boum.org/download/
Miscellaneous news
------------------
-tagnaq warned [XXX] users of TorBirdy [XXX], the torifying extension
-for the Thunderbird mail client, that a change in Thunderbird 31’s
-handling of the “reply_header_authorwrote” header means that the word
-“wrote”, translated into the user’s system language, may be inserted
-before quoted text when replying to emails, leaking the system language
-to recipients of replies if not removed. Jacob Appelbaum responded [XXX]
+tagnaq warned [14] users of TorBirdy [15], the torifying extension for
+the Thunderbird mail client, that a change in Thunderbird 31’s handling
+of the “reply_header_authorwrote” header means that the word “wrote”,
+translated into the user’s system language, may be inserted before
+quoted text when replying to emails, leaking the system language to
+recipients of replies if not removed. Jacob Appelbaum responded [16]
that a new release of TorBirdy addressing this and other issues was
imminent.
- [XXX]: https://lists.torproject.org/pipermail/tor-talk/2014-October/035285.html
- [XXX]: https://trac.torproject.org/projects/tor/wiki/torbirdy
- [XXX]: https://lists.torproject.org/pipermail/tor-talk/2014-October/035305.html
-
-Arturo Filastò announced [XXX] the release of ooniprobe 1.1.2,
-containing “two new report entry keys, test_start_time and
-test_runtime”, and a fix for a bug that “led to ooniresources not
-working properly”.
-
- [XXX]: https://lists.torproject.org/pipermail/ooni-dev/2014-October/000177.html
-
-evilaliv3 announced [XXX] version 3.1.20 of tor2web, an HTTP proxy that
-enables access to hidden services without a Tor client, for users who
-do not require strong anonymity. As well as “some networking bugfixing
-and optimizations”, this release adds a “replace” mode for
-remotely-fetched blocklists in addition to “merge”, and a feature that
-allows different hostnames to be mapped to specific hidden services.
-
- [XXX]: https://lists.torproject.org/pipermail/tor-dev/2014-October/007641.html
-
-Karsten Loesing gave users of Onionoo a “one-month heads-up” that on or
-after November 15th, a change to the protocol will let the search
+ [14]: https://lists.torproject.org/pipermail/tor-talk/2014-October/035285.html
+ [15]: https://trac.torproject.org/projects/tor/wiki/torbirdy
+ [16]: https://lists.torproject.org/pipermail/tor-talk/2014-October/035305.html
+
+Arturo Filastò announced [17] the release of ooniprobe 1.1.2, containing
+“two new report entry keys, test_start_time and test_runtime”, and a fix
+for a bug that “led to ooniresources not working properly”.
+
+ [17]: https://lists.torproject.org/pipermail/ooni-dev/2014-October/000177.html
+
+evilaliv3 announced [18] version 3.1.20 of tor2web, an HTTP proxy that
+enables access to hidden services without a Tor client, for users who do
+not require strong anonymity. As well as “some networking bugfixing and
+optimizations”, this release adds a “replace” mode for remotely-fetched
+blocklists in addition to “merge”, and a feature that allows different
+hostnames to be mapped to specific hidden services.
+
+ [18]: https://lists.torproject.org/pipermail/tor-dev/2014-October/007641.html
+
+Karsten Loesing gave users of Onionoo a “one-month heads-up” [19] that
+on or after November 15th, a change to the protocol will let the search
parameter “accept base64-encoded fingerprints in addition to hex-encoded
fingerprints, nicknames, and IP addresses.” These searches will also
return relays whose base64-encoded fingerprints are a partial match for
@@ -136,44 +134,43 @@
message and do nothing”, but if not, “you’ll have to filter out those
relays locally”.
- [XXX]: https://lists.torproject.org/pipermail/onionoo-announce/2014/000001.html
+ [19]: https://lists.torproject.org/pipermail/onionoo-announce/2014/000001.html
Following updates to the Tor Project’s website, Sebastian Hahn drew
-attention [XXX] to a change in the steps necessary to run a website
-mirror [XXX]. “Please ask if you run into any trouble, and thanks for
+attention [20] to a change in the steps necessary to run a website
+mirror [21]. “Please ask if you run into any trouble, and thanks for
providing a mirror!”
- [XXX]: https://lists.torproject.org/pipermail/tor-mirrors/2014-October/000727.html
- [XXX]: https://www.torproject.org/docs/running-a-mirror
+ [20]: https://lists.torproject.org/pipermail/tor-mirrors/2014-October/000727.html
+ [21]: https://www.torproject.org/docs/running-a-mirror
Inspired by “the Directory Authorities, the crappy experiment leading up
to Black Hat, and the promise that one can recreate the Tor network in
the event of some catastrophe”, Tom Ritter sent out a detailed
-report [XXX] of issues he encountered while setting up his own Tor
+report [22] of issues he encountered while setting up his own Tor
network using “full-featured independent tor daemons”, rather than a
-network simulator like Shadow or Chutney [XXX].
-
- [XXX]: https://lists.torproject.org/pipermail/tor-dev/2014-October/007613.html
- [XXX]: https://www.torproject.org/docs/faq#PrivateTorNetwork
-
-Cthulhu asked for assistance in overhauling the GoodBadISP
-page [XXX], which is the starting point for many relay operators
-around the world. If you have some time to spare, or know some ISPs
-not yet on the list, it would be greatly appreciated if they could be
-added to the page. This new effort to reach out to hosting providers
-could be of great value after years of what Roger Dingledine has
-described [XXX] as a “slash and burn” agriculture model of operating
-Tor nodes.
-
- [XXX]: https://bugs.torproject.org/13421
- [XXX]: https://lists.torproject.org/pipermail/tor-relays/2014-October/005495.html
-
-Vladimir Martyanov started a discussion [XXX] on the question of
-whether Tor developers should ensure that tor can still be built using
-compilers that do not support the C99 programming language standard,
-such as older versions of Microsoft Visual Studio.
-
- [XXX]: https://lists.torproject.org/pipermail/tor-dev/2014-October/007619.html
+network simulator like Shadow or Chutney [23].
+
+ [22]: https://lists.torproject.org/pipermail/tor-dev/2014-October/007613.html
+ [23]: https://www.torproject.org/docs/faq#PrivateTorNetwork
+
+Cthulhu asked for assistance in overhauling the GoodBadISP page [24],
+which is the starting point for many relay operators around the world.
+If you have some time to spare, or know some ISPs not yet on the list,
+it would be greatly appreciated if they could be added to the page. This
+new effort to reach out to hosting providers could be of great value
+after years of what Roger Dingledine has described [25] as a “slash and
+burn” agriculture model of operating Tor nodes.
+
+ [24]: https://bugs.torproject.org/13421
+ [25]: https://lists.torproject.org/pipermail/tor-relays/2014-October/005495.html
+
+Vladimir Martyanov started a discussion [26] on the question of whether
+Tor developers should ensure that tor can still be built using compilers
+that do not support the C99 programming language standard, such as older
+versions of Microsoft Visual Studio.
+
+ [26]: https://lists.torproject.org/pipermail/tor-dev/2014-October/007619.html
Upcoming events
---------------
@@ -203,10 +200,10 @@
Want to continue reading TWN? Please help us create this newsletter.
We still need more volunteers to watch the Tor community and report
-important news. Please see the project page [XXX], write down your
-name and subscribe to the team mailing list [XXX] if you want to
+important news. Please see the project page [27], write down your
+name and subscribe to the team mailing list [28] if you want to
get involved!
- [XXX]: https://trac.torproject.org/projects/tor/wiki/TorWeeklyNews
- [XXX]: https://lists.torproject.org/cgi-bin/mailman/listinfo/news-team
+ [27]: https://trac.torproject.org/projects/tor/wiki/TorWeeklyNews
+ [28]: https://lists.torproject.org/cgi-bin/mailman/listinfo/news-team
}}}
--
Your friendly TWN monitoring script
In case of malfunction, please reach out for lunar at torproject.org
or for the worst cases, tell weasel at torproject.org to kill me.
More information about the news-team
mailing list