Protect your privacy when your surfing
Preserving your privacy on the net is no easy task nowadays with so many security risks and potential prowlers out there.
Tor is a toolset that’s designed for anyone who wants to improve their safety and security on the Internet. It can help you anonymize web browsing and publishing, instant messaging, and other applications that use the TCP protocol. For business users, it means that confidential exchanges of information can be kept from prying eyes and for more general users, it means that ISPs, keyloggers and other types of malware can’t track your activities easily.
It works by bouncing traffic around a distributed network of servers which it calls “onion routers” (hence the logo). The Tor interface allows you to easily toggle it on and off based on when you need to go online anonymously – there’s no need to restart your computer when you’ve done so. If you want, you can also choose from various proxy tunnels based on a world map which displays exactly where each one is located.
To check it’s working, you can use the online “Tor detector” to see if you’re surfing anonymously or not. Connection can take some time depending on how many users are logged onto the network at any one time but usually its very quick. The Tor onion logo turns from yellow to green in your taskbar when a successful connection has been made.
Tor is simple, well organized and effective tool for anyone worried about security or invasions of privacy online.
Major bugfixes:· Avoid an assertion failure when reloading a configuration withTrackExitHosts changes. Found and fixed by ‘laruldan’. Fixes bug3923; bugfix on 0.2.2.25-alpha.Minor features (security):· Check for replays of the public-key encrypted portion of anINTRODUCE1 cell, in addition to the current check for replays ofthe g^x value. This prevents a possible class of active attacksby an attacker who controls both an introduction point and arendezvous point, and who uses the malleability of AES-CTR toalter the encrypted g^x portion of the INTRODUCE1 cell. We thinkthat these attacks are infeasible (requiring the attacker to sendon the order of zettabytes of altered cells in a short interval),but we’d rather block them off in case there are any classes ofthis attack that we missed. Reported by Willem Pinckaers.Minor features:· Adjust the expiration time on our SSL session certificates tobetter match SSL certs seen in the wild. Resolves ticket 4014.· Change the default required uptime for a relay to be accepted asa HSDir (hidden service directory) from 24 hours to 25 hours.Improves on 0.2.0.10-alpha; resolves ticket 2649.· Add a VoteOnHidServDirectoriesV2 config option to allow directoryauthorities to abstain from voting on assignment of the HSDirconsensus flag. Related to bug 2649.· Update to the September 6 2011 Maxmind GeoLite Country database.Minor bugfixes (documentation and log messages):· Correct the man page to explain that HashedControlPassword andCookieAuthentication can both be set, in which case either methodis sufficient to authenticate to Tor. Bugfix on 0.2.0.7-alpha,when we decided to allow these config options to both be set. Issueraised by bug 3898.· Demote the ‘replay detected’ log message emitted when a hiddenservice receives the same Diffie-Hellman public key in two differentINTRODUCE2 cells to info level. A normal Tor client can cause thatlog message during its normal operation. Bugfix on 0.2.1.6-alpha;fixes part of bug 2442.· Demote the ‘INTRODUCE2 cell is too {old,new}’ log message to infolevel. There is nothing that a hidden service’s operator can doto fix its clients’ clocks. Bugfix on 0.2.1.6-alpha; fixes partof bug 2442.· Clarify a log message specifying the characters permitted inHiddenServiceAuthorizeClient client names. Previously, the logmessage said that “[A-Za-z0-9+-_]” were permitted; that could havegiven the impression that every ASCII character between “+” and “_”was permitted. Now we say “[A-Za-z0-9+_-]”. Bugfix on 0.2.1.5-alpha.Build fixes:· Provide a substitute implementation of lround() for MSVC, whichapparently lacks it. Patch from Gisle Vanem.· Clean up some code issues that prevented Tor from building on olderBSDs. Fixes bug 3894; reported by “grarpamp”.· Search for a platform-specific version of “ar” when cross-compiling.Should fix builds on iOS. Resolves bug 3909, found by Marco Bonetti.
Changes
-
Major bugfixes:· Avoid an assertion failure when reloading a configuration withTrackExitHosts changes. Found and fixed by ‘laruldan’. Fixes bug3923; bugfix on 0.2.2.25-alpha.Minor features (security):· Check for replays of the public-key encrypted portion of anINTRODUCE1 cell, in addition to the current check for replays ofthe g^x value. This prevents a possible class of active attacksby an attacker who controls both an introduction point and arendezvous point, and who uses the malleability of AES-CTR toalter the encrypted g^x portion of the INTRODUCE1 cell. We thinkthat these attacks are infeasible (requiring the attacker to sendon the order of zettabytes of altered cells in a short interval),but we’d rather block them off in case there are any classes ofthis attack that we missed. Reported by Willem Pinckaers.Minor features:· Adjust the expiration time on our SSL session certificates tobetter match SSL certs seen in the wild. Resolves ticket 4014.· Change the default required uptime for a relay to be accepted asa HSDir (hidden service directory) from 24 hours to 25 hours.Improves on 0.2.0.10-alpha; resolves ticket 2649.· Add a VoteOnHidServDirectoriesV2 config option to allow directoryauthorities to abstain from voting on assignment of the HSDirconsensus flag. Related to bug 2649.· Update to the September 6 2011 Maxmind GeoLite Country database.Minor bugfixes (documentation and log messages):· Correct the man page to explain that HashedControlPassword andCookieAuthentication can both be set, in which case either methodis sufficient to authenticate to Tor. Bugfix on 0.2.0.7-alpha,when we decided to allow these config options to both be set. Issueraised by bug 3898.· Demote the ‘replay detected’ log message emitted when a hiddenservice receives the same Diffie-Hellman public key in two differentINTRODUCE2 cells to info level. A normal Tor client can cause thatlog message during its normal operation. Bugfix on 0.2.1.6-alpha;fixes part of bug 2442.· Demote the ‘INTRODUCE2 cell is too {old,new}’ log message to infolevel. There is nothing that a hidden service’s operator can doto fix its clients’ clocks. Bugfix on 0.2.1.6-alpha; fixes partof bug 2442.· Clarify a log message specifying the characters permitted inHiddenServiceAuthorizeClient client names. Previously, the logmessage said that “[A-Za-z0-9+-_]” were permitted; that could havegiven the impression that every ASCII character between “+” and “_”was permitted. Now we say “[A-Za-z0-9+_-]”. Bugfix on 0.2.1.5-alpha.Build fixes:· Provide a substitute implementation of lround() for MSVC, whichapparently lacks it. Patch from Gisle Vanem.· Clean up some code issues that prevented Tor from building on olderBSDs. Fixes bug 3894; reported by “grarpamp”.· Search for a platform-specific version of “ar” when cross-compiling.Should fix builds on iOS. Resolves bug 3909, found by Marco Bonetti.