Tor Weekly News — August 27th, 2014
harmony01 at riseup.net
Wed Aug 27 13:00:02 UTC 2014
Tor Weekly News August 27th, 2014
Welcome to the thirty-fourth issue of Tor Weekly News in 2014, the
weekly newsletter that covers what is happening in the Tor community.
Orfox: a new Firefox-based secure browser for Android
With the growing popularity of pocket computers (also known as
“phones”), users need to have access to censorship-circumvention and
anonymity systems on these devices as well as on their desktop or laptop
machines. While there is currently no supported implementation of Tor
for Apple’s iOS, the Guardian Project  works closely with the Tor
Project to produce (amongst other software) a Tor client for Android
named Orbot . Mobile applications can be proxied through Orbot just
as they can through the Tor client on other operating systems, but
mobile web browsing potentially suffers from the same issues that the
Tor Browser was designed to protect against, such as disk leaks and a
large attack surface. The Guardian Project has therefore also been
maintaining a dedicated mobile browser for use with Orbot under the name
Orweb is based on WebView, and is limited by that browser’s features;
flaws such as the potential HTML5 IP leak , while possible to work
around in the short term, have made it clear that the best future for
secure mobile browsing lies in a switch to an application based on
Following a successful Google Summer of Code project by Amogh
Pradeep  and work by other Guardian Project members, Nathan Freitas
announced  that “a real working version” of Orfox, the new
Orbot-compatible mobile browser, is now available. “All the necessary
defaults [have been] changed to match Tor Browser’s defaults as closely
as possible”; the developers also “remove the Android permissions for
things like camera, mic, GPS” and “turn off webrtc.”
“We still need to figure out which preferences and features map between
the desktop mobile browser and the Android version, so there is quite a
bit of work to do”, but you can download and test this initial version
by following the links in Nathan’s email. “Over the next few months we
hope to launch this as our new official browser for Orbot, and deprecate
Orweb as quickly as possible”, he concluded.
A new release of ooniprobe, the network interference data collector for
OONI , was announced  by Arturo Filastò. Version 1.1.0 introduces
a new command line tool “for listing the reports that have not been
published to a collector and that allows the probe operator to choose
which ones they would like to upload”. The new version also improve the
privacy of the reports by sanitizing file paths.
Developers of applications using Onionoo  — the web service to learn
about currently running Tor relays and bridges — are invited to join the
new onionoo-announce mailing list . Keeping the list low volume,
Karsten Loesing plans on using it to announce major protocol changes,
scheduled maintenance, major bug fixes, and other important news.
Yawning Angel has made available  an experimental version of the Tor
Browser that includes the latest version of the obfs4  pluggable
transport. Testing on Windows and OS X would be particularly welcome.
Fabian Keil reported  that FreeBSD now includes ports of liballium
JusticeRage explained  how relay operators who offer exiting on port
25 can protect the reputation of their domain name by using the Sender
Sreenatha Bhatlapenumarthi sent the final GSoC report  for the Tor
Weather rewrite project. Juha Nurmi sent another report  on the
development of ahmia.fi.
Thanks to s7r for hosting a new mirror  of the Tor Project’s website
Tor help desk roundup
Users of different VPN (Virtual Private Network) services have told the
help desk that Tor Browser has difficulty connecting to Tor when a VPN
is in use. Using Tor with a VPN is not supported. For a trusted entry
into the Tor network, bridges and pluggable transports are recommended,
while for anonymizing all network traffic coming from a computer,
Tails  is recommended.
Easy development tasks to get involved with
The bandwidth authority scanners measure the actual bandwidth offered by
Tor relays in order to get accurate information into the Tor consensus.
The measurement process currently splits up the set of relays that are
to be measured into 4 subsets, with the goal that measuring each of
these subsets should take about the same time . However, this is not
the case. Measuring subsets 2 and 3 is about twice as fast as measuring
subset 1, and subset 4 is twice as fast as subset 2 and 3. If you're up
for doing some experiments to split up the set into more equal subsets,
please let us know about your findings on the ticket.
Aug 27 13:30 UTC | little-t tor development meeting
| #tor-dev, irc.oftc.net
Aug 29 15:00 UTC | OONI development meeting
| #ooni, irc.oftc.net
Sep 01 18:00 UTC | Tor Browser online meeting
| #tor-dev, irc.oftc.net
Sep 03 19:00 UTC | Tails contributors meeting
| #tails-dev, irc.indymedia.org / h7gf2ha3hefoj5ls.onion
This issue of Tor Weekly News has been assembled by Lunar, harmony, Matt
Pagan, Karsten Loesing, and dope457.
Want to continue reading TWN? Please help us create this newsletter.
We still need more volunteers to watch the Tor community and report
important news. Please see the project page , write down your
name and subscribe to the team mailing list  if you want to
More information about the tor-news