<html><body><div style="color:#000; background-color:#fff; font-family:times new roman, new york, times, serif;font-size:12pt">Hi Matt <br> <br> Enjoy running a bridge ,anyway I uninstalled my old bridge bundle and tor then got the latest release and installed it. Hey could anyone there please e-mail my authenticated password for Tor ,mail I tried the one I wrote down but it keeps kicking me out anyway my e-mail is kattamann@sbcglobal.net and I am running win 7 pro on my computer that also runs my bridge. Would really appreciate it!<br><div><span><br></span></div><div> </div><div>Sincerely John P. Katakowski.</div><div><br></div> <div style="font-family: times new roman, new york, times, serif; font-size: 12pt;"> <div style="font-family: times new roman, new york, times, serif; font-size: 12pt;"> <div dir="ltr"> <hr size="1"> <font face="Arial" size="2"> <b><span style="font-weight:bold;">From:</span></b> Matthew Finkel
<matthew.finkel@gmail.com><br> <b><span style="font-weight: bold;">To:</span></b> tor-relays@lists.torproject.org <br> <b><span style="font-weight: bold;">Sent:</span></b> Wednesday, April 23, 2014 2:32 AM<br> <b><span style="font-weight: bold;">Subject:</span></b> [tor-relays] Bridge Operators - Heartbleed, Heartwarming, and Increased Help<br> </font> </div> <div class="y_msg_container"><br>Hi All,<br><br>Below is an email we sent last week to almost all of the bridge<br>operators who provided contact information for their bridge(s). For<br>those operators we missed and for those we couldn't contact, this<br>hopefully provides some useful information.<br><br>All the best,<br>Matt<br><br>-----------------------------------------------------------------------<br><br>Hi Tor Bridge Relay Operator!<br><br>Unfortunately this email must begin with bad news, but it gets better.<br><br>Due to the recent Heartbleed OpenSSL vulnerability that was
disclosed<br>earlier this week, we are reaching out to you to ask that you install<br>an updated version of OpenSSL. The vulnerability has the potential to<br>decrease the security of your bridge as well as the anonymity of any<br>user connecting to your bridge. As a result of this, we also ask that<br>you generate a new identity key due to the possibility that your<br>current one was leaked. <br><br>The process to upgrade your version of OpenSSL depends greatly on<br>your operating system. Please ensure you are using a version that was<br>released within the past four days, see the Heartbleed website[0] for<br>more details on the vulnerability and for which versions are affected.<br>Please do this before you regenerate your identity key.<br><br>When this is done, you will need to restart Tor. At this point you can<br>ask us to retest your bridge to confirm that it is not vulnerable<br>anymore.<br><br>Next, to regenerate your identity key simply stop
Tor and delete the<br>current key. This is done by opening Tor's Data directory and removing<br>the contents in the keys/ directory. Tor's Data directory is located at<br>/var/lib/tor, by default. Let us know if you have trouble locating it.<br>When this is complete, start Tor and it will automatically create a new<br>identity for you.<br><br>See the recent blog post for many more details:<br><a href="https://blog.torproject.org/blog/openssl-bug-cve-2014-0160" target="_blank">https://blog.torproject.org/blog/openssl-bug-cve-2014-0160</a><br><br>Now that the bad news was said, we want to take this opportunity to<br>thank you, from the bottom of our hearts, for volunteering to run<br>a bridge relay. We know we do not say it often, but it is really<br>appreciated! Please let us know if you have any question, concerns, or<br>suggestions, especially related to how we communicate with you and how<br>bridge relay operators can be more involved.<br><br>Lastly,
if you are not already running the obfsproxy pluggable<br>transport[1] (i.e. obfs3) on your bridge, please follow the Debian<br>instructions[2] (for a Debian-based system) on the website and install<br>it. Your bridge is a great contribution to the Tor network, however as<br>censorship on the internet increases around the world users are forced<br>to use a pluggable transport. Tor does not understand how to<br>communicate with them by default, though. Therefore we are asking that<br>all bridge operators install obfsproxy and help as many users as<br>possible.<br><br>In addition, also consider subscribing to the tor-relays mailing<br>list[3], if you are not already; we will be posting instructions on how<br>to maximize the contribution of your bridge on that list every now and<br>then.<br><br>[0] <a href="http://heartbleed.com/" target="_blank">http://heartbleed.com</a><br>[1] <a href="https://www.torproject.org/docs/pluggable-transports.html.en"
target="_blank">https://www.torproject.org/docs/pluggable-transports.html.en</a><br>[2] <a href="https://www.torproject.org/projects/obfsproxy-debian-instructions.html.en#instructions" target="_blank">https://www.torproject.org/projects/obfsproxy-debian-instructions.html.en#instructions</a><br>[3] <a href="https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays" target="_blank">https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays</a><br><br>Again, thank you for running a bridge relay and sorry for the bad news.<br><br>Let us know if you have any questions or if you have any suggestions.<br><br>All the best,<br>Matt<br>The Tor Project<br>_______________________________________________<br>tor-relays mailing list<br><a ymailto="mailto:tor-relays@lists.torproject.org" href="mailto:tor-relays@lists.torproject.org">tor-relays@lists.torproject.org</a><br><a href="https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays"
target="_blank">https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays</a><br><br><br></div> </div> </div> </div></body></html>