Pluggable transports bundles 2.4.12-alpha-2-pt1 with Firefox 17.0.6esr

by dcf | June 2, 2013

We've updated the Pluggable Transports Tor Browser Bundles with Firefox 17.0.6esr and Tor 0.2.4.11-alpha. These correspond to the Tor Browser Bundle release of May 14.

These bundles contain contain flash proxy and obfsproxy configured to run by default. Flash proxy has a new faster registration method, flashproxy-reg-appspot. The existing flashproxy-reg-email and flashproxy-reg-http will be tried if flashproxy-reg-appspot doesn't work.

If you want to use flash proxy, you will have to take the extra steps listed in the flash proxy howto.

These bundles contain the same hardcoded obfs2 bridge addresses as the previous bundles which may work for some jurisdictions but you are strongly advised to get new bridge addresses from BridgeDB: https://bridges.torproject.org/?transport=obfs2 https://bridges.torproject.org/?transport=obfs3.

These bundles are signed by David Fifield (0x5CD388E5) with this fingerprint.

Comments

Please note that the comment area below has been archived.

June 02, 2013

Permalink

Title says "Firefox 17.0.6esr"

Then, first line says: "17.04esr"

June 03, 2013

Permalink

Is my connection to your site secure?

When I click on the (gray) padlock it says:

##################

you are connected to
torproject.org

which is run by
(unknown)

Verified by: DigiCert Inc

Your connection to this website is
encrypted to prevent eavesdropping.

##################

Most SSL sites are like this,
with the exception being grc.com
and a few others which show the
padlock in green with different
information.

Am I being MiTM'd on sites where
the padlock is gray and displays
comparable information?

How do I resolve this so all SSL sites
are displayed in green? Thanks.

Green and blue are only for sites that have extended validation certs.

This excludes even Google and Amazon.

The situation is indeed confusing to many and seeing "verified by (unknown)" is rather off-putting. Worse, the Mozilla documentation even states that sensitive info should never be submitted when the padlock is gray! Imagine what the effect would be upon Amazon.com alone, if people were to follow that warning!

Truly outrageous.

June 03, 2013

Permalink

GPG verify option on these files are looking for a different key which is not listed on the signing keys page or the verification page:

https://decvnxytmk.oedi.net/docs/signing-keys.html.en
https://decvnxytmk.oedi.net/docs/verifying-signatures.html

Instead, the signing key is found at:

https://crypto.stanford.edu/flashproxy/

Which is:

The client packages are signed with subkey 0x5CD388E5 of this key:

pub 8192R/C11F6276 2012-07-21
Key fingerprint = AD1A B35C 674D F572 FBCE 8B0A 6BC7 58CB C11F 6276
uid David Fifield
sub 4096R/D90A8E40 2012-07-21
sub 4096R/5CD388E5 2012-07-21

You are looking for output like this:

gpg --verify flashproxy-client-version.zip.asc flashproxy-client-version.zip
gpg: Signature made date using RSA key ID 5CD388E5
gpg: Good signature from "David Fifield "

Please post this change and please add release dates to your obfs page.

June 03, 2013

Permalink

Hi,

The current 2.4.12 Obfsproxy TBB seems to be signed with a different key than the ones mentioned here: https://decvnxytmk.oedi.net/docs/signing-keys.html.en
Instead of being signed by Alexandre Allaire (0x4279F297) or Sebastian Hahn (0xC5AA446D), I am seeing the bundle signature being from David Fifield (specifically his subkey 0x5CD388E5).
Is this okay?

June 04, 2013

Permalink

Have no secure webmail and no idea what name or channel the webirc requires

Here's an idea for Tor that would help greatly. As we all no doubt have plenty of space on web bars at to of the browser. Place their the ip address and info such as..

Tor Cloak xxx.xxx.xxx.xxx (where x is the current IP address) now active. Though would prefer this to be movable so can place where I like it on any available tool bars.

This way we don't have to put up with tor etc and IP address when start the browser and can have blank page. This way we also know what the ip is at any given time and are still secure.

I need to open to a blank each time that I open a new window or tab both are the same.

Easy to move around with using toolbar customize flexible space or other if need. Though please don't make it a throbber leave it static with black letter words and numbers.

Please also see about making tor web site more user friendly such as details for IRC on the connecting page. Such as name or need to choose one if that is so. And what the channel number need to be entered.

Then also there is communication between us and Tor where have no secure email or can use IRC. A web form maybe nice idea though maybe end up been ignored to many requests. So how about a forum or request board panel or similar where user doesn't need to register. Remember about no secure email there's very few around now.

Those email companies that are as always with many pick a user name let say waj92q3ur97rjf91cr2218389hpcn9wrqu8rqpu9328vr90qvui2m9irw3a9ic where never would be any the same ok shorter and always comes back with sorry that name is chosen or in use how about waj92q3ur97rjf91cr2218389hpcn9wrqu8rqpu9328vr90qvui2m9irw3a9ic1 which is the same with number one at the end WTF !!!! This one is for all those big email providers out there, must be using the same old sign up script. I have lost a few email accounts of late and expect a few more with yahoo. Then again I never trusted yahoo free mail. Though now many will be disappointed as the change will mean loss of all mails for million I guess.Anyway who remembers what they put for secret questions and other details when they got the email decades ago !

And this post goes to show why you should not have a web form. Where someone has to read this and many others. No doubt near all companies don't read emails and such. Sure it is their job to do so but when have a few or many who cares what the email or other says. Quick glance and reply with nothing or little to do with the original email

June 05, 2013

Permalink

Feedback from China, in both WINXP and WIN7, flashproxy-reg-appspot doesnt work well, here is the log file:

2013-06-05 19:50:22 VERSION 1
2013-06-05 19:50:22 Listening remote on 0.0.0.0:9002.
2013-06-05 19:50:22 Listening remote on [::]:9002.
2013-06-05 19:50:22 Listening local on 127.0.0.1:3450.
2013-06-05 19:50:22 CMETHOD websocket socks4 127.0.0.1:3450
2013-06-05 19:50:22 CMETHODS DONE
2013-06-05 19:50:22 Trying to register ":9002".
2013-06-05 19:50:22 Running command: D:\xxx\APP\TBBflashnew\Tor Browser\App\flashproxy-reg-appspot :9002
2013-06-05 19:50:25 Local connection from [scrubbed].
2013-06-05 19:50:25 SOCKS request from [scrubbed].
2013-06-05 19:50:25 Got SOCKS request for [scrubbed].
2013-06-05 19:50:25 locals (1): ['[scrubbed]']
2013-06-05 19:50:25 remotes (0): []
2013-06-05 19:50:25 Data from unlinked local [scrubbed] (230 bytes).
2013-06-05 19:50:25 locals (1): ['[scrubbed]']
2013-06-05 19:50:25 remotes (0): []
2013-06-05 19:50:26 flashproxy-reg-appspot: Registered "xxx.xxx.xxx.xxx:9002" with fp-reg-a.appspot.com.
2013-06-05 19:50:28 Remote connection from [scrubbed].
2013-06-05 19:50:28 Data from WebSocket-pending [scrubbed].
2013-06-05 19:50:28 locals (1): ['[scrubbed]']
2013-06-05 19:50:28 remotes (1): ['[scrubbed]']
2013-06-05 19:50:28 Linking [scrubbed] and [scrubbed].
2013-06-05 19:50:28 Remote connection from [scrubbed].
2013-06-05 19:50:28 Remote connection from [scrubbed].
2013-06-05 19:50:28 Data from WebSocket-pending [scrubbed].
2013-06-05 19:50:28 locals (1): ['[scrubbed]']
2013-06-05 19:50:28 remotes (2): ['[scrubbed]', '[scrubbed]']
2013-06-05 19:50:28 Remote connection from [scrubbed].
2013-06-05 19:50:29 Remote connection from [scrubbed].
2013-06-05 19:50:29 Data from WebSocket-pending [scrubbed].
2013-06-05 19:50:29 locals (1): ['[scrubbed]']
2013-06-05 19:50:29 remotes (3): ['[scrubbed]', '[scrubbed]', '[scrubbed]']
2013-06-05 19:50:29 Remote connection from [scrubbed].
2013-06-05 19:50:29 Data from WebSocket-pending [scrubbed].
2013-06-05 19:50:29 locals (1): ['[scrubbed]']
2013-06-05 19:50:29 remotes (4): ['[scrubbed]', '[scrubbed]', '[scrubbed]', '[scrubbed]']
2013-06-05 19:50:29 Remote connection from [scrubbed].
2013-06-05 19:50:29 Data from WebSocket-pending [scrubbed].
2013-06-05 19:50:29 locals (1): ['[scrubbed]']
2013-06-05 19:50:29 remotes (5): ['[scrubbed]', '[scrubbed]', '[scrubbed]', '[scrubbed]', '[scrubbed]']
2013-06-05 19:50:29 Remote connection from [scrubbed].
2013-06-05 19:50:29 Remote connection from [scrubbed].
2013-06-05 19:50:29 Remote connection from [scrubbed].
2013-06-05 19:50:29 Data from WebSocket-pending [scrubbed].
2013-06-05 19:50:29 locals (1): ['[scrubbed]']
2013-06-05 19:50:29 remotes (6): ['[scrubbed]', '[scrubbed]', '[scrubbed]', '[scrubbed]', '[scrubbed]', '[scrubbed]']
2013-06-05 19:50:29 Remote connection from [scrubbed].
2013-06-05 19:50:29 Data from WebSocket-pending [scrubbed].
2013-06-05 19:50:29 locals (1): ['[scrubbed]']
2013-06-05 19:50:29 remotes (7): ['[scrubbed]', '[scrubbed]', '[scrubbed]', '[scrubbed]', '[scrubbed]', '[scrubbed]', '[scrubbed]']
2013-06-05 19:50:29 Remote connection from [scrubbed].
2013-06-05 19:50:29 Data from WebSocket-pending [scrubbed].
2013-06-05 19:50:29 locals (1): ['[scrubbed]']
2013-06-05 19:50:29 remotes (8): ['[scrubbed]', '[scrubbed]', '[scrubbed]', '[scrubbed]', '[scrubbed]', '[scrubbed]', '[scrubbed]', '[scrubbed]']
2013-06-05 19:50:29 Remote connection from [scrubbed].
2013-06-05 19:50:30 Remote connection from [scrubbed].
2013-06-05 19:50:30 Expired remote connection from [scrubbed].
2013-06-05 19:50:30 locals (1): ['[scrubbed]']
2013-06-05 19:50:30 remotes (8): ['[scrubbed]', '[scrubbed]', '[scrubbed]', '[scrubbed]', '[scrubbed]', '[scrubbed]', '[scrubbed]', '[scrubbed]']
2013-06-05 19:50:30 Data from WebSocket-pending [scrubbed].
2013-06-05 19:50:30 locals (1): ['[scrubbed]']
2013-06-05 19:50:30 remotes (9): ['[scrubbed]', '[scrubbed]', '[scrubbed]', '[scrubbed]', '[scrubbed]', '[scrubbed]', '[scrubbed]', '[scrubbed]', '[scrubbed]']
2013-06-05 19:50:30 Remote connection from [scrubbed].
2013-06-05 19:50:30 Expired remote connection from [scrubbed].
2013-06-05 19:50:30 locals (1): ['[scrubbed]']
2013-06-05 19:50:30 remotes (9): ['[scrubbed]', '[scrubbed]', '[scrubbed]', '[scrubbed]', '[scrubbed]', '[scrubbed]', '[scrubbed]', '[scrubbed]', '[scrubbed]']
2013-06-05 19:50:32 Expired remote connection from [scrubbed].
2013-06-05 19:50:32 locals (1): ['[scrubbed]']
2013-06-05 19:50:32 remotes (9): ['[scrubbed]', '[scrubbed]', '[scrubbed]', '[scrubbed]', '[scrubbed]', '[scrubbed]', '[scrubbed]', '[scrubbed]', '[scrubbed]']
2013-06-05 19:50:32 Expired remote connection from [scrubbed].
2013-06-05 19:50:32 locals (1): ['[scrubbed]']
2013-06-05 19:50:32 remotes (9): ['[scrubbed]', '[scrubbed]', '[scrubbed]', '[scrubbed]', '[scrubbed]', '[scrubbed]', '[scrubbed]', '[scrubbed]', '[scrubbed]']
2013-06-05 19:50:32 Expired remote connection from [scrubbed].
2013-06-05 19:50:32 locals (1): ['[scrubbed]']
2013-06-05 19:50:32 remotes (9): ['[scrubbed]', '[scrubbed]', '[scrubbed]', '[scrubbed]', '[scrubbed]', '[scrubbed]', '[scrubbed]', '[scrubbed]', '[scrubbed]']
2013-06-05 19:50:32 Expired remote connection from [scrubbed].
2013-06-05 19:50:32 locals (1): ['[scrubbed]']
2013-06-05 19:50:32 remotes (9): ['[scrubbed]', '[scrubbed]', '[scrubbed]', '[scrubbed]', '[scrubbed]', '[scrubbed]', '[scrubbed]', '[scrubbed]', '[scrubbed]']
2013-06-05 19:50:39 Remote connection from [scrubbed].
2013-06-05 19:50:39 Data from WebSocket-pending [scrubbed].
2013-06-05 19:50:39 locals (1): ['[scrubbed]']
2013-06-05 19:50:39 remotes (10): ['[scrubbed]', '[scrubbed]', '[scrubbed]', '[scrubbed]', '[scrubbed]', '[scrubbed]', '[scrubbed]', '[scrubbed]', '[scrubbed]', '[scrubbed]']
2013-06-05 19:51:09 Socket error from local: '[Errno 10054] An existing connection was forcibly closed by the remote host'
2013-06-05 19:51:28 Data from unlinked remote [scrubbed] (6 bytes).
2013-06-05 19:51:28 locals (0): []
2013-06-05 19:51:28 remotes (9): ['[scrubbed]', '[scrubbed]', '[scrubbed]', '[scrubbed]', '[scrubbed]', '[scrubbed]', '[scrubbed]', '[scrubbed]', '[scrubbed]']
2013-06-05 19:51:29 Data from unlinked remote [scrubbed] (6 bytes).
2013-06-05 19:51:29 locals (0): []
2013-06-05 19:51:29 remotes (9): ['[scrubbed]', '[scrubbed]', '[scrubbed]', '[scrubbed]', '[scrubbed]', '[scrubbed]', '[scrubbed]', '[scrubbed]', '[scrubbed]']
2013-06-05 19:51:48 EOF from unlinked remote [scrubbed] with 6 bytes buffered.
2013-06-05 19:51:48 locals (0): []
2013-06-05 19:51:48 remotes (8): ['[scrubbed]', '[scrubbed]', '[scrubbed]', '[scrubbed]', '[scrubbed]', '[scrubbed]', '[scrubbed]', '[scrubbed]']
2013-06-05 19:51:49 EOF from unlinked remote [scrubbed] with 6 bytes buffered.
2013-06-05 19:51:49 locals (0): []
2013-06-05 19:51:49 remotes (7): ['[scrubbed]', '[scrubbed]', '[scrubbed]', '[scrubbed]', '[scrubbed]', '[scrubbed]', '[scrubbed]']

June 06, 2013

Permalink

The latest version (or 2 latest versions) of alpha TBB Linux 64-bit on my system has Tor Browser 17.0.6esr crash very often (Vidalia keeps running OK).

Usually the browser dies on any plugin or disk interaction (Save Page As Archive with the MAFF plugin, update RSS Feeds, etc.) I tried both the "pluggable transports" and a stand-alone alpha versions - the same result. I tried disabling different plugins (except TorButton), but the crash happens regardless of any specific plugin - as long as there is a couple of them enabled (that I need to use). I didn't try disabling all the plugins yet.

So, it seems that the latest alpha-packaged Tor Browser is easily breakable by something. Does anyone else have this problem? Thanks.

June 07, 2013

Permalink

Hi, i got bellow errors for "tor-browser-2.4.12-alpha-2_en-US.exe":

[...] Tor Software Error - The Tor software encountered an internal bug. Please report the following error message to the Tor developers at bugs.torproject.org: "microdesc_cache_rebuild(): Bug: Discontinuity in position in microdescriptor cache.By my count, I'm at 1447850, but I should be at 1447883
"
[....] Tor Software Error - The Tor software encountered an internal bug. Please report the following error message to the Tor developers at bugs.torproject.org: "getinfo_helper_dir(): Bug: control.c:1715: getinfo_helper_dir: Assertion md->body failed; aborting.
"

June 08, 2013

Permalink

I can't still connect to tor in iran. sometimes it connects, then the connection drops after 2,3 minutes... pls tor do something :(

June 08, 2013

Permalink

Dear Tor Devs: Given the current situation,it probably won't be too long until the government will force a backdoor into the tor system, without allowing you to inform the tor users. Please, instead of complying, do shut down Tor instead.

June 21, 2013

Permalink

A Problem verifying the win32 bundle:

I downloaded the win32 bundle and the corresponding sig file, after using Kleopatra's Decrypt/Verify option, I got something like this:

tor-pluggable-transports-browser-2.4.12-alpha-2-pt1_en-US.exe.asc :Not enough information to check signature validity.

Signed on 2013-06-02 07:03 with unknown certificate 0x797A326AEC4A478AF050CC3AE2B93D815CD388E5.
The validity of the signature cannot be verified.

I have the public key of David Fiflied (Key ID C11F6276, Fingerprint AD1AB35C), I'm not sure which step is wrong, please help.

July 02, 2013

Permalink

When can we expect an update to the Pluggable transports bundles considering there are 'New Tor Browser Bundles and Tor 0.2.4.14-alpha packages'?

July 07, 2013

Permalink

When I use this TBB with only hardcoded obfs 2 bridge addresses, this TBB runs fine. When I add more than 10 total additional obfs 2 and obfs 3 bridge addresses, Vidalia hangs anywhere between 'Starting Tor' and 'Connected to Tor'. I have to delete this TBB and reinstall it to get it to work. Closing TBB using Task Manager removes the 'hanging' Vidalia, obfsproxy and flash proxy but TBB wil not reopen. Only reinstalling this TBB works. Using Windows 8 Pro 32 bit, SanDisk 16 GB USB flash drive.