[tor-reports] SponsorF April 2014 report

Roger Dingledine arma at mit.edu
Fri May 9 06:01:03 UTC 2014

Here is the April report for SponsorF Year4:
(With thanks to Lunar for compiling much of it!)


1) Tor: performance, scalability, reachability, anonymity, security.

- Tor was released on April 26th. It includes several
security and performance improvements for clients and relays, including
blacklisting authority signing keys that were used while susceptible
to the OpenSSL "heartbleed" bug, fixing two expensive functions on busy
relays, improved TLS ciphersuite preference lists, support for run-time
hardening on compilers that support AddressSanitizer, and more work on
the Linux sandbox code. It also includes several usability fixes for
clients using bridges, two new TransPort protocols supported (one on
OpenBSD, one on FreeBSD), and various other bugfixes.

- We spent many hours working on the outcome of OpenSSL bug CVE-2014-0160,
also known as the Heartbleed bug. Roger Dingledine wrote a security
advisory within hours of the bug's disclosure. Sina Rabbani and Andrea
Shepard worked on tracking vulnerable relays. Operators of affected
directory authorities generated new signing keys, and we blacklisted the
old ones. We also configured directory authorities to reject identity
keys of relays that didn't upgrade quickly.

- Lessons from the "Heartbleed" bug have been written down in the form
of new proposals: How to change RSA1024 relay identity keys (proposal
230), and Migrating authority RSA1024 identity keys (proposal 231).

- The Tor release marks the end-of-life for Tor 0.2.2.x;
those Tor versions have accumulated many known flaws. Old relays will be
rejected from the network once enough directory authorities upgrade.

- We accepted Daniel Martí as a Google Summer of Code (GSoC) student to
work on reducing bandwidth needed for clients by implementing consensus


2) Bridges and Pluggable transports: make Tor able to adapt to new
blocking events (including better tracking when these blocking events

- David Fifield released new browser bundles configured to use the meek
transport automatically. These bundles use a web browser extension to make
the HTTPS requests, so that the TLS layer used is actually Firefox itself.

- Ximin Luo started a discussion on how "indirect" pluggable transports
like flashproxy or meek are currently handled by Tor as they are based
on different assumptions than obfs3 or ScrambleSuit.

- Matthew Finkel and Colin Childs worked on warning bridge operators
of the "Heartbleed" vulnerability, and the actions that should be taken
as a result.

- As part of GSoC, Marc Juarez is going to work on a framework for
website fingerprinting countermeasures, Kostas Jakeliunas will spend his
summer writing a bridge address distributor reachable through Twitter,
and Quinn Jarrell will work on a pluggable transport combiner.


3) Bundles: improve the Tor Browser Bundle and other Tor bundles and
packages, especially improving bridge and pluggable transport support
in TBB.

- Tor Browser version 3.5.4 was released on April 8th with an updated
OpenSSL library fixing the "Heartbleed" vulnerability.

- Tor Browser version 3.6 was released on April 30th. The 3.6 series
features fully integrated pluggable transport support, including an
improved Tor Launcher UI for configuring pluggable transport bridges.
Installation usability for Mac users is also improved by switching
to the more common DMG format. Many more usability fixes and UI
improvements were made.

- Michael Schloh von Bennewitz worked on a guide to configuring a
virtual machine for building the Tor Browser Bundle, and another to
building with Gitian.

- David Goulet released the seventh candidate for Torsocks 2.0.0, the
wrapper for safely using network applications with Tor.

- Meejah released version 0.9.2 of txtorcon, the Tor controller
library for the Twisted Python framework.

- Anthony Basile released the Tor-ramdisk live distribution version 20140409
with updated OpenSSL and kernel.

- David Stainton announced his Tor role for the Ansible automation tool.

- GSoC student Israel Leiva will work on revamping GetTor over the summer,
and Amogh Pradeep will work on the Orfox browser for Android.


4) Metrics: provide safe but useful statistics, along with the underlying
data, about the Tor network and its users and usage.

- As part of GSoC, Sreenatha Bhatlapenumarthi will work on rewriting
the Tor Weather application that notifies relay operators of downtimes
and available software upgrades.

- Arlo Breault announced the release of Bulb, a work-in-progress Tor
relay web status dashboard.

- Major parts of Onionoo have been refactored: the Gson library
is now used instead of plain string concatenation to format the JSON
output; bandwidth and clients documents for running relays/bridges are
now always returned.

- Onionoo gained a new field last_running for "seen in a network status
with the Running flag" in addition to last_seen for "seen in a network

- Relays/bridges that haven't been running in the past week can now be
part of Onionoo searches:


5) Outreach: teach a broad range of communities about how Tor works,
why it's important, and why this broad range of user communities is
needed for best safety.

- Sukhbir Singh posted a round-up of the various methods by which users
can download and run the Tor Browser, covering download mirrors, GetTor,
bridge address distribution, and pluggable transports usage as a blog

- Andrew Lewman reported on his week in Stockholm for the Civil
Rights Defender's Defenders Days where he trained activists and
learned more about the situation in Moldova, Transnistria, Burma,
Vietnam, and Bahrain.

- Andrew Lewman spoke at F.ounders NYC.

- Roger attended an FBI workshop to make sure we keep up relationships
there and also to see if we can use them for anything further.

- Kelley Misata represented Tor at the Women in Cyber Security Conference.

- William Papper presented a functioning beta version of a prototype
new download page for our website.

- Karen, Roger, and others helped plan and caption a pluggable transport
explanation video that our funders will use to teach people about
pluggable transports. In the future hopefully we'll reuse and adapt it
for a broader audience.


6) Research: Assist the academic community in analyzing/improving Tor.

- Philipp Winter relayed the call for papers for the 4th USENIX
Workshop on Free and Open Communications on the Internet on the Tor

- Nick Hopper led a hotpets submission around the "move to one guard"
design. Expect a tech report or equivalent soon.

- Roger participated in a panel at an NSF "the future of science"
workshop in DC, which wanted him to be there to talk to people about
surveillance, how the NSA leaks impact Tor, and why it would be useful
for NSF to fund continued research on this topic.

- Roger reviewed another 14 Usenix Security papers:

- Roger reviewed an NSF proposal in the censorship circumvention space. I
hope they fund it.

- Roger did a Tor talk at George Mason University:
and met with students, including some working on Tor performance research,
especially an updated Defenestrator ("N23") design.

- Roger visited Berkeley, including:
  - Guest lecture in Xiao Qiang's digital activism class, where they're
    working on many interesting and practical projects around
    circumventing censorship (similar to Dan Boneh's class from a few
    years back).
  - Two hour Q&A discussion with grad students around Tor research topics.
  - Talked to David Fifield about Meek and about his font enumeration
  - Talked to Paul Pierce about his botnet research and what lessons we
    can learn for how to handle the botnet that's still sitting on Tor.
  - Talked to Adam Lerner who helps run the UW Tor exit relay. They are
    a great success story about running a fast exit at a university,
    but they've also made some compromises to be able to do it -- most
    notably they add network filters (regexps) to avoid getting hassled
    by their network admins who keep complaining that their computer
    is surely compromised. So technically we should be giving them the
    BadExit flag, but then we'd lose their contribution. We should keep
    working on the right balance here.

More information about the tor-reports mailing list