Tor 0.2.1.15-rc released

by phobos | June 1, 2009

Tor 0.2.1.15-rc marks the second release candidate for the 0.2.1.x
series. It fixes a major bug on fast exit relays, as well as a variety
of more minor bugs.

This is a release candidate! That means that we don't know of any
remaining show-stopping bugs, and this will become the new stable if
there are no problems. Please test it, and tell us about any problems
that you find.

https://www.torproject.org/download

Changes in version 0.2.1.15-rc - 2009-05-25

    Major bugfixes (on 0.2.0.x):
  • Fix a timing-dependent, allocator-dependent, DNS-related crash bug that would occur on some exit nodes when DNS failures and timeouts occurred in certain patterns. Fix for bug 957.
    Minor bugfixes (on 0.2.0.x):
  • Actually return -1 in the error case for read_bandwidth_usage().
    Harmless bug, since we currently don't care about the return value
    anywhere. Bugfix on 0.2.0.9-alpha.
  • Provide a more useful log message if bug 977 (related to buffer
    freelists) ever reappears, and do not crash right away.
  • Fix an assertion failure on 64-bit platforms when we allocated
    memory right up to the end of a memarea, then realigned the memory
    one step beyond the end. Fixes a possible cause of bug 930.
  • Protect the count of open sockets with a mutex, so we can't
    corrupt it when two threads are closing or opening sockets at once.
    Fix for bug 939. Bugfix on 0.2.0.1-alpha.
  • Don't allow a bridge to publish its router descriptor to a
    non-bridge directory authority. Fixes part of bug 932.
  • When we change to or from being a bridge, reset our counts of
    client usage by country. Fixes bug 932.
  • Fix a bug that made stream bandwidth get misreported to the
    controller.
  • Stop using malloc_usable_size() to use more area than we had
    actually allocated: it was safe, but made valgrind really unhappy.
  • Fix a memory leak when v3 directory authorities load their keys
    and cert from disk. Bugfix on 0.2.0.1-alpha.
    Minor bugfixes (on 0.2.1.x):
  • Fix use of freed memory when deciding to mark a non-addable
    descriptor as never-downloadable. Bugfix on 0.2.1.9-alpha.

The original release announcement can be found at http://archives.seul.org/or/talk/May-2009/msg00133.html

Comments

Please note that the comment area below has been archived.

June 01, 2009

Permalink

Hello,

I have intstalled this version from 2 days and it seem to be stable and exit on more various exit node...

the only error i obtain sometime with all version are : eventdnd: all namesserveur failed

but it never cut or make problem just i found this message in log vidalia...

Thanks for all great work...

i have a question about browser.. i use the plugin for firefox "jondofox" for firefox 3 and are the button to enable TOR, JOndo or custom proxy, after test on different site it never send headers and make no leaks data.. Are for anti script and all important plugins inclus..

what do you mean about the security with it and tor?

my best

June 02, 2009

Permalink

You still haven't fixed the problem with values below 30 for CircuitBuildTimeout that no longer have is working since version 0.2.1.8A.

About the command CircuitBuildTimeout, before version 0.2.1.9 in the torrc one has been able to change this to lower values than 30, thats no longer the case, I think this is bad for one's privacy and bad for the overall speed of Tor, example:

If 2 of the 3 nodes in the circuit build fast (less than 2 sec) and the 3rd takes up to 28 sec then it's obviously either
1 overloaded, and it would be better if some people(that change this value in torrc) waited less than 30 sec to try to build another circuit)or
2 even worse it's doing some bad thing like an timing attacks(and you do absolutely not want use it then.).

It would of course not be good for ones privacy to use values like 2, 3 or similar(if that leads to that only 50 nods is fast enough) but one should definitely be able to use values like 5-29, the choice should really be up to people them selfs, not be forced upon them to use these high values.

Why do you make changes to Tor that purposely decreases peoples security & speed ?
Are you going to implement this bad thing in the coming stable versions too ?

According to Figure 5 in the performance.pdf around 85-90% of the whole circuits(all 3 nodes) are created within 7 seconds, and around 70% within 5 seconds, so could you please allow people to choose values of 5-10 seconds for CircuitBuildTimeout in coming Tor versions.

People who needs higher security needs to lower this value to decrease the ability to illegally monitor them from organizations(like the NSA) that controls large parts the internet & Tor's traffic.

Otherwise you would create an unnecessary security risk for people that either would have to accept higher risk for timing attacks and similar (using version 0.2.1.9A-0.2.1.15RC).
or be forced to use an old(version 0.2.1.8A or earlier) insecure(?) version of Tor, both a bad thing of course.

Please allow CircuitBuildTimeout values of 5-29.
This should be allowed at least until you fix this new approach in the coming 0.2.2.x or later versions.

June 08, 2009

In reply to phobos

Permalink

If a couple of % of tor's users needs higher security against timing attacks and change there settings to 5-10 seconds instead of 120(earlier standard value), 60(standard value) or 30 lowest possible now with latest versions, it won't be a problem if:

According to Figure 5 in the performance.pdf around 85-90% of the whole circuits(all 3 nodes) are created within 7 seconds, and around 70% within 5 seconds, so could you please allow people to choose values of 5-10 seconds for CircuitBuildTimeout in coming Tor versions.

By taking away that possibility for the people who needs higher protection against timing attacks you give the bad guys who monitors & modifies traffic an helping hand.

By having all circuits in an smaller timespan(for example 0-5 sec), compared to 0-30 or even worse 0-60 or 0-120 sec you make it harder for the bad guys who does timing attacks(on Tor network) to be able to isolate a particular persons circuits from other persons.

It's sad to see that the Tor project by this change has actively started to help NSA and similar organization to break peoples anonymity.

July 25, 2009

In reply to phobos

Permalink

I have reverted to 0.2.1.8 specifically because it supports low value for circuit time-out.
Interestingly I still get a good variety of nodes being used from all over the planet - so I am happy with a small time-out.

I wont be upgrading to the newer Tor version for this reason. If at some point 0.2.1.8 becomes a version that is extinct in terms of connecting to Tor then I will drop Tor altogether and stop hosting an exit node for others too.

I hate it when software designers make choices for us. We are grown up and adult to make those choices ourselves.

There is no point having fantastic anonymity if pages take 1 to 2 minutes to load - which they can on the newer Tor version with CircuitBuildTimeout set too low.

Also - for those who want more and more speed - i recommend on using the latest beta of Vidalia and Privoxy (on windows)

Here's a better answer:

http://blog.torproject.org/blog/tor-02114rc-released#comment-1124

"You're right that in the older versions you could configure it to prefer the
circuits that completed faster. Letting users set it too low is a bug: if
everybody did that, the relays would get overwhelmed with circuit creation
requests, making everything slower, and leading all the Tor clients to
unwittingly launch DoS attacks on the network. We can't allow that.

The right answer is to have every Tor client automatically track how long it
takes to build circuits, and then discard circuits that take more than a
standard dev above the mean. For more details, check out Section 5.2 of the
performance.pdf document I posted about here:
https://blog.torproject.org/blog/why-tor-is-slow
and also proposal 151:
https://git.torproject.org/checkout/tor/master/doc/spec/proposals/151-pa...

We hope to have this dynamic-timeout-calculation feature in the Tor 0.2.2.x
series. In the mean time, let's all try not to make the Tor network fall over."

June 02, 2009

Permalink

Hello,

i have try to make my full DNS , like exclude node and rendez-vous but it seem to not take in vidalia and work not so....

What can we do to fix that? That's will be great when we can accept more port, and all torrec config accepted...

thanks in advance for the answer :)

my best

June 03, 2009

Permalink

Hello,

I have found how force vidalia to accept the TOR config modified from us, i have only create a new right and file for the config torrc and change the path in vidalia to use mine...

now it accept the name full DNS and i have use the command: excludeexitnodes (ip to block) and excludenodes too and seem to block the bad exit and node...

The version 02.1.15 are really more performant and run well...

i think that's will be good to accept another buildtimecircuit under 30 ...

For the best security i block spammer, hacker, hijacked, faker, pedophile , troyan and only very bad thinks with blocklist...

i don't know when that's really help against attack on TOR but the performance are very good and my speed are almost always good speed for the web...

Thanks to all devloper and staff for all great work and viva our privacy ;)

my Best

June 04, 2009

Permalink

hello,

I have block a few exit and node with ip and work perfect, i have try to add a country too but the problem are it will exit or use the country as it don't use...

I think country are only for choose exit or node you want but not too block it..

it's that's so or have i do something wrong?

excludenodes 127.00.00,235.125.12.0,SE,DE for exemple and without the country it block and with it use...

i work with the last geoip and this version tor 0.2.1.15-1 jaunty 64 bits

so i can confirm the country are reconize well by me , just not what i want ;)

maybe need ip or country ? Are somebody with same problem?

my best

June 08, 2009

In reply to phobos

Permalink

Thanks very much for your answer, i have try so but with big letter like {SE] i will try next time like you siad...

At time i have only block ip and work very well , it's always excludes :)

my best

June 05, 2009

Permalink

Steve Topletz, a Xerobank guy, claims:

"It will quickly do an IP scan for network detection (instant) and can ban based on proxy detection, then it loads up about 25 proxy-breaking tests which take a half second to 3 seconds or so to complete each but can be run concurrently.

The point is not to be some evil tool but to demonstrate to everyone that they aren't as anonymous as they are being led to believe. This will change the game and put nearly all "anonymity" (privacy) services and networks to shame."

source:
http://www.wilderssecurity.com/showpost.php?p=1480717&postcount=24

Is there a big trouble?
What are these 35 tests?

I'm going to wait and see. Every defcon/blackhat/usenixsec there is some presentation that claims to break Tor. Most researchers talk to us in advance and offer suggestions to fix Tor, or explain how they broke Tor. It's easy to break Tor in a lab environment, when you can control variables. Attacking the OS is far easier than Tor itself. See http://decloak.net/.

We know nothing more than you about this supposed proxy-breaking tool.

In this thread you link to, SteveTX is lying here:

" Tor nodes are not "allowed" to keep logs. If they find out you keep logs or do injecting, they put you in a "badnode" list. So presumably, if every link in your circuit (3) kept logs they could find out who you are. "

Since the 1 jan 2009 all tor nodes in Germany have to log all traffic from ip, to ip,......
If they don't, the police close them down & bring criminal charges against them.
And as far as i know all the German nodes are not marked as bad and banned.
Is this a feature you will implement soon ???
It sounds like this guy(SteveTX) doesn't have a clue what he's talking about.....

Then you have the USA & Greatbritain that monitors all traffic going between euroupe & north america, the sweedes saves all data that passes throu sweden and so on, so a lot of the data is both logged and saved for later examination.

As author of that site, I can answer your question validity.

Deanonymizer is a on going project since new bugs/vulnerablities are found frequently. It attempts to make your browser use third-party apps that are already installed on your system. Yes, I know about HD's decloak(.net), and his test also address the same issue of bad security compromising your privacy. I have initially chosen not include java or flash during the initial launch of the site because it's been done over and over already, but I may add it later...we'll see.

If you follow good security practices, use things like Torbutton and Noscript, then you should be good. Some people will not be affected, some will. If you make a decent attempt to secure your browser, then you should be alright. NEVER USE INTERNET EXPLORER.

The point of the site is to point out bad security implementations in various different privacy/anonymity solutions or products; this is not affecting just Tor.

So to answer the question of this subject, no, Tor is not broken, but your web browsers security might be.

June 07, 2009

Permalink

7 june '09

hello, phobos, and from the outset, thank you

sorry if this post is in an incorrect spot, but

i recently installed tor and used some email accounts to do a rudimentary test.
with my browser opened conventionally i went to an one email acct(a) and sent a message to a different acct(b). i then deleted all cookies/history when closing my browser (recently updated firefox.)

i then started vidalia, and connected to the tor network, reopened the browser and sent a second message from acct(a) to acct(b). I was surprised upon opening the full headers of the separate emails that they both contained the same originating ip.

when i view the message log it says, "we now have enough directory information to build circuits" and then "tor has successfully opened a circuit. looks like client functionality is working."

yet the email headers/path would seem to indicate otherwise.
what have i done incorrectly?

If this was a mail client on your machine, tor doesn't clean content. If this was a web mail account, was the IP address your IP address? Or was it the exit node IP address?

June 08, 2009

In reply to phobos

Permalink

thanks for your reply.

it was my actual ip. i have since backtracked and done some more research on my own, sorry for being a neophyte.
even though the control panel and the message log say connected, the checktpo url said no. i believe the problem is i may not have the network settings in either, or both, vidalia/tor and my mac (yes, i installed the mac bundle) vis-a-vis proxies/ports set/id'ed correctly.
i lazily thought that privoxy as part of the bundle was going to automatically detect and prescribe these connections. embarrassingly i may not be enough of a systems admin sort a guy to accomplish this, yet (i know its really just a dialogue box, but i don't understand the architectural references.) even though i remember elements of -ancient- ms-dos, and know some basic (X)HTML i am not facile enough in the terminal x environment, i.e., at the command line.
plus i'm connecting mostly through wifi, i assume that involves some more proxy voodoo. i got some learnin' to do...

June 07, 2009

Permalink

Hello,

i see are the livevent 1.4.2 with tor experimental 0.2.1.15 rc and in my reposery jaunty 64 bits i have the 1.3e automatic when i will install tor from it, to work with 1.4.2 i need intsall the package from the site and intsall the geoip after and so it work with the 1.4.2..

What's the better for me stay with 1.4.2 or return with the normal 1.3e from my reposery?

thanks in advance for your answers

my best

June 08, 2009

In reply to phobos

Permalink

thanks very much, while i have not see a big deal and not many explain about change.. i see only it support other format...

i stay with the new so i will see when are bug...

to now are always the eventdns error : allnamesserveur failed..

but i see are many with same message .. excpet this log , i have never a error on linux jaunty 64 bits intel

my best

June 10, 2009

In reply to phobos

Permalink

Hi phobos.

I've been one of tor users for some time. I read a news before on the net. It said that governments or organizations in some contries control the underlying telcom or internet connection. Will tor nodes or networks be limited, controlled or blocked by those governments or organizations? Can tor immune to those interfaces?

I can't tell you what governments or organizations will do in the future. I can tell you that to date, Tor works in every country. Perhaps it does work in North Korea, but no one has reported back to us from there, so we don't know. If Tor becomes a threat to the organization trying to control the Internet in a country, they will try to block Tor. The arms race will continue where they try to block us, we respond, they try something else, we respond, etc. Our goal is to have an arms race as slow as possible.

June 09, 2009

Permalink

Herllo,

i have tested with some exploit the system and in all case with accept java and flash, are never find DNS true ip of me , it's said always no info except external ip :)

my problem are in external NAT flash are found sometime my true ip but not always...

i will know what i can do to fix that?

With what i have read seem very good when the DNS are never my true ip and no info about external NAT...

Is that possible are while a torrent program work in external or are upnp option?

thanks for answer in advance..

my best

I don't fully understand your question. Flash and Java can be used to bypass your proxy settings in the browser. In fact, neither flash nor java have to honor any proxy settings you configure in their settings. Applets can simply ignore the proxy settings.

As for torrent programs, using Tor for a tracker is probably ok, but doing bulk data transfer over Tor simply overloads the network.

June 11, 2009

In reply to phobos

Permalink

hello,

sorry for my english,

my system block all plugins in basic to have no problem with that but i have try the test found in this blog to see with all accepted what was found for info of me...

After many test only the flash from external NAT was bypass, all others programms or plugins don't was bypass and give info... so the security are really great ..

in all case my browser and system don't accept and use flash ect....

So i have ask when you think was from a extern programm, like bittorent or a device who have give the true ip in test...

now with your answer, i know are the proxy bypassed from the flash only ;)

For torrent , that's sure i will never use TOR for the peer connections, what i take are many linux but i like to be connected to the tracker anonyme too. Trackers work great ! need only use a program who can resolve the host in proxy , so i never have more a leak data or ip...

Thanks for your answer, i have mean maybe i have forget to config something....

my best
Thanks

June 17, 2009

Permalink

hello,

Yesterday the TOR crash and said was 120 sec difference in the time and that's impossible! I have control the time and all was right..

Are someone with the same case? After restart that's good but i have one more time lost my positon in statut of exit node....

my best

June 17, 2009

In reply to phobos

Permalink

Hello phobos,

i have not send in bugs, while was nothing write about that in logs....

only was on the vidalia logs when it was crashed at night...

So i have just say here when someone have same case ...

The last error sighaled on log are on 7 june....

sorry to cannot give more infos, have a good journey

my best

June 18, 2009

In reply to by swisstorexit (not verified)

Permalink

At least one of the fastest Tor nodes are constantly using wrong times , maby this is done on purpose to take advantage of some wonerability.
I would recommend that you block(in torrc) this node & the other nodes from there nodefamily in case they do some nasty stuff to break your(& others) privacy.

http://www.reuters.com/article/rbssTechMediaTelecomNews/idUSPEK12189520…

China sticks to Internet filter plan -Reuters,
BEIJING, June 23 (Reuters) - China will not revoke its controversial plan requiring all new personal computers to be sold with "Green Dam" Internet filtering software from July 1..

http://news.google.com/news/url?sa=t&ct2=us%2F3_0_s_0_0_t&usg=AFQjCNHFv…

US urges China to scrap Internet filter plan
Washington Post - Chris Buckley, Doug Palmer - ‎1 hour ago‎
BEIJING (Reuters) - China on Thursday stepped up accusations that Google is spreading obscene content, a day after US officials urged Beijing to abandon plans for controversial filtering software on new computers.

June 21, 2009

Permalink

Hello,

I have updated to 2.1.16 rc in jaunty 64 bits and at install, with package, source ect... are not possible for TOR to find the library for livevent 1.4!

So it accept only the libevent 1.3e on it...

Thanks to look to make a change in the linux reposery to have no more the 1.3e and update to 1.4 or , change the path in TOR to can reconize libevent 1.4e

Thanks in adavance

my best

May 14, 2010

Permalink

hi i am new to tor , i would like to know if i can use specific country ips instead of random addresses?