-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Hi everyone,
As some of you may be aware (if you attend the community team meetings),
Alison and I have been working on updating the Tor Browser User Manual
and getting it ready for an official release.
The community team has now had an opportunity to review the manual, and
now we would like to request feedback from the larger community! You can
view the manual at https://tb-manual.torproject.org/linux/en-US/ .
If you find something that needs …
[View More]changing, please open a ticket on
Trac[1] and set the component to "Community", and the "owner" to "phoul"
.
Thanks, and I hope everyone had a nice weekend!
[1]: https://trac.torproject.org/
- --
Colin Childs
Tor Project
https://www.torproject.org
Twitter: @Phoul
-----BEGIN PGP SIGNATURE-----
iQIcBAEBCgAGBQJXls5GAAoJEJWQHABkmqq5mz0P/30P28JS3LrYUxSLYElKkWUC
JbxQNcHRpnDX5kt1t2Gl0oz/xXisXT/9NF68HFjxbQiWaXiKV19Z9homwc3KiWu2
RfkL/xqI62y1QJpp/EpCGPa7IwsVBdiUfyC7/DwxF9dY5CToWeeJDEcWu5rQrKFE
F6gbCGpKBirGva8b9n/PdPFHZbyOqKDFO6ZZm/UjCQ5Ga7NFJvDyPEom0dYuw0cW
OweSXH+Qjxn1i5OCtra1b6JayQ03z7msI99fOPqzBREtBGPJt2+50jcnXddWnPQv
rMbnuLO1KhLqZ9gGYbTi1+kIjEOu5ZwX7qyQLBDo2HMww79EuyUtDkHOR2hZxC72
N//Aj5M4myGodjYUsdb/QNRKJSy2Z69eco4eKsRonn0U8/JOO0dh82AkfzVzRS7A
MPmYivw0zFuTjn9C5e1QiHWJEwmPsbpDuwBU4mj0EZ5H4evMDsncDqW9yE/Lgqpq
Jw6v7GP5arZlbJ+3vZgznAVATAuY2O2+ytu2Z8vetpFFCoaSsvZD7bqT1c1c1LdM
oWT0yPXJWeKcdm16ow7/Bjh5yO4NBXahnoAAVTLQG7TjpTSiyMw7nHxMRmMVk84u
5jR7GLOPgQCSqTBonnpxCOnt5phg38OV4TQarxUE+zcov/7GKMrvY/uSj5aRly/c
xlxlSP9tGaLMaK/PmYvl
=HTUt
-----END PGP SIGNATURE-----
[View Less]
https://bugs.torproject.org/20495
It looks like meek has been blocked in China since about 2016-10-19.
(See the red line in the attached graph.)
I didn't get any reports or anything; I just happened to check the
graph.
I tried but have not yet been able to reproduce any blocking by making
HTTPS requests from a measurement location in China.
----- Original message -----
From: Nathan of Guardian <nathan(a)guardianproject.info>
To: guardian-dev(a)lists.mayfirst.org
Subject: [guardian-dev] Orbot 15.2.0 RC 1 is out!
Date: Fri, 28 Oct 2016 09:13:11 -0700
A culmination of work done since March, has resulted in a
stable-enough-for-jazz RC 1 release of Orbot v15.2. This is the first RC
using our new Gradle-based project, which we hope to even further refine
into various useful modules.
We've also redesigned the user interface to be …
[View More]even simpler for new
users, yet still have all the exciting options for the old timers. Along
with this, we are now shipping on ARM only, SDK16+ release, reducing the
app download size to 7MB. We will be released x86 and MIPS builds
shortly, as well. We are considering our strategy for supporting older
devices, in particular Android 2.3, or at least 4.0/SDK-14, and up
still.
The build has been pushed to Google Play, and is available as an APK for
direct download. We will update our F-Droid repository shortly, as
always.
APK: https://guardianproject.info/releases/Orbot-v15.2.0-RC-1-arm.apk
(.asc)
Tag:
https://gitweb.torproject.org/orbot.git/commit/?id=9077bd236df388cd14727252…
CHANGELOG: https://gitweb.torproject.org/orbot.git/tree/CHANGELOG
/** 15.2.0 RC 1 / 28 October 2016/
9077bd236df388cd14727252d0be676d39b841e5 **/
9077bd2 update to 15.2.0-RC-1 and SDK min of 16
085ddb3 make ndk-build work again
290059d fix string path in build script
dec3d95 add proguard rules to optimize orbot binary
160383b update for gradle
/** 15.2.0 BETA 2 / 24 October 2016/
12b1198b4b5a4420b16b9ab166828bba787c17aa **/
345aea9 move the controls to the left sidebar; improve VPN mode more
c76d935 improve bridge dialog display
ac037a9 fix browser install request
28f1dbf make the VPN/apps mode have a better UI flow
c1ffdbb put browser button back in
518f70d comment out notification actions for now
0bb8e84 update Tor version to 0.2.8.9
2125db1 make start and stop of Tor service all hanlded through executor
d8648a5 remove meek-google as an option
2676cd3 update resource to make smaller
3ee6b2a don't fail on lint for release builds
e3d7ca2 update tor 0.2.8.9
/** 15.2.0 BETA 1 / 13 October 2016/
abaa3f83fc64b9b567a5d437d26db0f660655f35 **/
cd8b549 add the compiled tun2socks lib for devs who just want to work on
UI
3c181bc add the proguard rules
9948975 we aren't going to show a notification light
50f33c9 make sure we set VPN mode properly before we launch the service
9de4f54 using compat builder for notifications
3308602 improve the code for launching the pdnsd daemon
da0fb10 multiple fixes to re-enable VPN mode and pdnsd daemon
ca238c6 continued re-integration of VPN feature
1614921 clean pdnsd binaries from libs in Makefile
1db5676 continue to migrate service and VPN code
d5f2c06 remove vpn code that is now in the service module
34c7cfd modify jni build inclusion
268002b fix build scripts for new paths
6333a45 update gitignore to handle orbotservice binary libs
d2cf545 move jni code and VPN logic from app module to service
9f61afc improve tor service event handling and display
ebc046e remove littleproxy reference (for now!)
7c3a16f we don't need a separate service for the VPN
7950cac remove dated information in the BUILD file
9afbb00 update gradle props and ignore files we don't want in repo
7284a5e make sure Tor start/stop work - use Process instance instead of
processID lookup - reply on Tor's HALT command
55e08b9 tweak homescreen layout and strings
d56fdb2 renable polipo
90d77ce modify imports
1ffea58 udpate resource paths
bab7904 target API 14
aba7f8e update gitignores for gradle
912cb74 update tor to 0.2.8.7
5a4e00a fix paths for new module layout
ecf9023 remove old binaries
10f1ade update makefile and add new patch
b52023a move assets to service project
549399b launch default activity from notification
6d0fdbb update gitignore for gradle project
56683a3 add pdnsd library in for vpn service DNS!
29fd07a remove patches from here, moved to external
0f00e12 move patches to external since that is what it is applied to
(external code)
54b3349 remove redundant code from old ant build format (not in gradle
modules)
18682e4 big check-in of major gradle refactor; now building and running!
VPN features are disabled for now
bdb5893 update translations
4023354 Merge branch 'master' of github.com:n8fr8/orbot
6e45c07 Merge pull request #32 from ghost/patch-1
21c5bcc Remove typo
5adcbec Start the meek transport for custom meek bridges
--
Nathan of Guardian
nathan(a)guardianproject.info
_______________________________________________
List info: https://lists.mayfirst.org/mailman/listinfo/guardian-dev
To unsubscribe, email: guardian-dev-unsubscribe(a)lists.mayfirst.org
[View Less]
/---------------------------\ /-----------------------\
| "Private" Network | | Internet |
| | | |
| User--------------\ ---------- /-server ___ |
| User-------------| Firewall |-------server |
| ------/ | |\-server |
| User--------/ / ---------- \--- |
| User-/ | ^ | \-----server |
\-----------…
[View More]----------------/ /|\ \-----------------------/
|
/
/
Freedom Added
and removed
here! :)
(Five newlines?)
(See [0] if you don't understand the reference for the artwork)
Shari beat me to the annoucement, but that's not a problem - this'll be a
little more detailed. I've been slacking a bit too much on this.
I'd like to encourage everyone in submitting a proposal for hosting a session
at IFF [1][2]. Next year IFF will be 6-10 March. Specifically, many of you
should look at the Tools and Tech theme - but the other themes are equally
interesting depending on your interests. (Yes, I am promoting this because I'm
on the team selecting the sessions, and yes I loved Valencia and IFF so much
for the last two years I think we should all go hangout for a third year).
All proposal submissions are due by 28 November (1 month from today. No, I
don't know which timezone).
You can learn about the other themes on the website [2], but below is the
summary of Tools and Tech:
The Tools & Technology Theme creates a space for the technologists that
are driving the next generation of security and privacy tools to share
knowledge and concerns, as well as to work collectively on core
infrastructure and known obstacles. It will feature workshops, sessions
and hackathons to improve the quality of existing tools and support the
development of innovative solutions to technical and real-world problems.
Topics for the Tools & Technology Theme include:
- New tools and latest developments in circumvention technologies
- Tool monitoring: i.e. ensuring what we are using and propagating is
still good?
- Tool contextualization and transferability
- Hardware Security
I can think of at least one person or team that fits each of these, so I'll try
getting in touch with you, but I hope everyone will consider submitting a
proposal.
Just some thoughts:
- Workshop or hackathon for OONI and lepidopter
- Panel about testing Tor with shadow/chutney/testnet and the future
- Presentation about Tails on QubesOS on X200 using libreboot
- Presentation on distributing Tor in censored regions and how it's improved
- Presentation on OONI, its growing dataset, and how the backend was designed
to be webscale compatible.
- Presentation on Metrics, the challenges of obtaining data, and its
excellent visualizations
- Something with bridges, bridge auth, bridgedb, monitoring bridges, ...
- ??
There are many potential sessions, let me know if you're interested or have any
questions. I should mention here that all sessions are either 1 hour or 3 hours
long, so factor that into the equation, as well.
Thanks,
Matt
[0] https://img.washingtonpost.com/rf/image_1484w/2010-2019/WashingtonPost/2013…https://www.washingtonpost.com/world/national-security/nsa-infiltrates-link…
[1] https://internetfreedomfestival.org/host-a-session/
[2] https://people.torproject.org/~sysrqb/Tools-and-Tech.png
(required linkage)
[3] https://internetfreedomfestival.org/#themes
[4] boots-and-cats-and-boots-and-cats
[View Less]
Here's the summary of meek's CDN fees for September 2016.
App Engine + Amazon + Azure = total by period
all 2014 $600.63 + $917.89 + $0.00 = $1518.52
January 2015 $464.37 + $669.02 + $0.00 = $1133.39
February 2015 $650.53 + $604.83 + $0.00 = $1255.36
March 2015 $690.29 + $815.68 + $0.00 = $1505.97
April 2015 $886.43 + $785.37 + $0.00 = $1671.80
May 2015 $871.64 + $896.39 + $0.00 = $1768.03
June 2015 $601.…
[View More]83 + $820.00 + $0.00 = $1421.83
July 2015 $732.01 + $837.08 + $0.00 = $1569.09
August 2015 $656.76 + $819.59 + $154.89 = $1631.24
September 2015 $617.08 + $710.75 + $490.58 = $1818.41
October 2015 $672.01 + $110.72 + $300.64 = $1083.37
November 2015 $602.35 + $474.13 + $174.18 = $1250.66
December 2015 $561.29 + $603.27 + $172.60 = $1337.16
January 2016 $771.17 + $1581.88 + $329.10 = $2682.15
February 2016 $986.39 + $977.85 + $445.83 = $2410.07
March 2016 $1079.49 + $865.06 + $534.71 = $2479.26
April 2016 $1169.23 + $1074.25 + $508.93 = $2752.41
May 2016 $525.46 + $1097.46 + $513.56 = $2136.48
June 2016 $0.00 + $1117.67 + $575.50 = $1693.17
July 2016 $0.00 + $1121.71 + $592.47 = $1714.18
August 2016 $0.00 + $1038.62 + $607.13 = $1645.75
September 2016 $0.00 + $932.22 + $592.92 = $1525.14
--
total by CDN $13138.96 + $18871.44 + $5385.91 = $37396.31 grand total
https://metrics.torproject.org/userstats-bridge-transport.html?start=2016-0…
The number of users was up again slightly compared to the preceding
month.
== Amazon a.k.a. meek-amazon ==
On 2016-08-18, I changed the Amazon CDN price class to "Use Only US,
Canada and Europe" to see if it would be cheaper. (As recorded in the
log at https://trac.torproject.org/projects/tor/wiki/doc/meek#Users.)
That's why there's no "Asia Pacific", "EU", "South America" etc. The
setting doesn't affect who can use meek-amazon; it only affects what
edge servers get used. It helped a little. We had a little more
bandwidth compared to last month (3225 GB vs. 2865 GB) and it cost a
little less ($251.88 vs. 277.90).
EU (Ireland) 287M requests $345.37 1261 GB $98.34
Global 7M requests $7.12 20 GB $1.56
US East (Northern Virginia) 327M requests $327.34 1943 GB $151.98
--
total 622M requests $679.83 3225 GB $251.88
charge for alarms $0.50
https://atlas.torproject.org/#details/F4AD82B2032EDEF6C02C5A529C42CFAFE5165…
== Azure a.k.a. meek-azure ==
Zone 1 6641 GB $577.79
Zone 2 110 GB $ 15.13
--
total 6751 GB $592.92
https://atlas.torproject.org/#details/AA033EEB61601B2B7312D89B62AAA23DC3ED8…
Earlier reports in this series:
https://trac.torproject.org/projects/tor/wiki/doc/meek#Costs
[View Less]
Hello,
I'm a member of Nos oignons (https://nos-oignons.net/ a french
association that runs exit nodes) and I thought about having a booth
during the next FOSDEM to talk about Tor and related stuff.
What do you think about sharing a common booth?
I send this invitation to Tor Project, Tails Project, Frënn vun der Ënn,
and torservers.net.
The deadline for stand proposals is October 31, I would send the
proposal in one month if we are enough people to participate. I think we
need to be 3 …
[View More]people each day.
Thanks.
Syl
[View Less]
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
See this posting for context:
https://lists.torproject.org/pipermail/tor-project/2016-April/000223.html
Notes for October 20 2016 meeting:
Alison:
1) Support desk stopgap measures: what we're doing before
support.torproject.org goes live
2) nothing else to report, unless you want to hear from the Cool and
Exciting world of Library Freedom Project, where things are going
really well :)
Nick:
1) 030 is forked.
2) 029 needs more testing, but we …
[View More]have no binaries. :(
* GeKo says he's figured out the bug on ln5's nightlies system, and
will try to get nightlies back tomorrow. Woo!
3) While Documenting stuff, I've been noticing how many old things we
still have in rephist.c and geoip.c and elsewhere. Metrics folks: any
time to review what we collect there and make sure it's all actually
useful? [Already talked with Karsten and Iwakeh here; no need to
discuss at meeting.]
Kate:
1) Planning out next 6 months of communications.
2) Working with OONI on ooniprobe 2.0.0 announcement to solicit media
coverage :)
3) Organizing 200 pages of press clips for DRL report
4) Working on various ongoing media stories. Waiting to hear back on
Wendy's opinion piece on Rule 41.
Mike:
1) Talked with CloudFlare a bit on tor-access. They said they will be
rolling out the WAF thing to paid sites, and their systems will be
ready for the blind token extension this quarter (they meant by end of
year, I think).
Arturo:
1) Released ooniprobe 2.0.0 (yay!). Still need to publish
announcement, but waiting for debian and osx packages to be done.
2) Gotten more or less green light from Ford to have them cover the
costs of the hackathon.
3) Many interesting and useful conversations at OTF summit.
Isabela:
1) A contract was sent to Tom (dev that will work on Orfox FE) - Linda
is leading the copy for the UI and our deadline is to have a final
copy by EOM
2) Working on DRL quarterly report
3) Sent call for help on testing core tor releases - got some
responses in tor-dev list and some off the list - need to follow up
with them now that the release is out
4) Lots going on at the OTF summit
5) lots of things to catch up because of OTF summit
Karsten:
1) We're on track with enabling CollecTor instances to synchronize
data from each other, which is our most important October milestone.
Shari:
1) We hired new finance and grants manager, Brad Parker. He starts on
November 14.
2) Working on end-of-year campaign stuff.
3) Meeting with lots of people this week at OTF Summit.
-----BEGIN PGP SIGNATURE-----
Comment: GPGTools - http://gpgtools.org
iQEcBAEBCAAGBQJYEF/AAAoJEC3ESO/4X7XBVwkIALU9jGYE33UGEBzA90oKNwfJ
YlxR0ydAwMYyGkVMdye9EfUDoH8t9SmJtG9m8OP3m8xfnymHR/Sf0SRNVaJ020l6
bk/IMC7scCq2RPaEsVNjktHFNTxqjRBBAs7C/Q7cxN4YpIjO7kmjkPFM11J2Uqh6
F6G6HIPS5CVqkaPH98B9JLz6M0syE6WZf0pclagF7KRmM8OOC2z3LQ72MVCvh1UH
/RyFkyW08hhaxQBs+pPDuVKZLYELwyLDldl+VMVY5ICuIqsN8rzy1k3xYmIjVf6v
lqp0co1yhbD2ekTjIVgAcYS7lUKNbYDJJ0aKhcghJ5PLArU/oXT35NSv0gDbd/E=
=3SYK
-----END PGP SIGNATURE-----
[View Less]
Hey all.
I’m collecting quotes of complimentary things our adversaries have said about Tor for possible inclusion on a t-shirt, and I would really appreciate your help. Roger got me started with a bunch of quotes below, but most of them are missing attribution. So if any of you have additional quotes and/or can add attribution to Roger’s quotes below, I would be extremely grateful. Thanks in advance for your help with this!
Shari
> Here are some:
>
> - "Still the King of high …
[View More]secure, low latency Internet Anonymity" "There
> are no contenders for the throne in waiting" -- from an NSA or GCHQ
> slide deck in 2011
>
> - "Tor Project staffed with smart people!" from the same slide deck
>
> - "Tor is very good -- No passive exploitation :-(" from the same slide
> deck
>
> - "TorButton: A Thorn in the side of SIGINT" from the same slide deck
>
> - "Catastrophic: near-total loss/lack of insight to target communications,
> presence" refering to impact of Tor, TrueCrypt, and Tails.
>
> - "Very naughty people use Tor" -- GCHQ, in a summary slide from a slide
> deck analyzing hidden service security (also "Near impossible to figure
> out who is talking to who").
>
> There are a few more that I should hunt down, like a good quote about
> Tails, and something complimentary of Mike in particular. But maybe
> those will be a good start?
[View Less]
Hi there,
sorry if this is the wrong place.
I've noticed since yesterday that storm is not accessible. The fact I
can't access the information there is starting to block some work from
moving forward.
I know isis has been taking care of our storm instance for a while. I
don't know if she is still doing it, and if she is, I don't know if she
has time now to get storm working again. (thank you isis!)
Would be possible to reboot the machine and see if it comes back?
Again, sorry if this is not …
[View More]the right place.
Isabela
[View Less]