February 2012 Progress Report

by phobos | March 27, 2012

Our progress report for February 2012 is now available. It hightlights recent work with deep packet inspection and censorship circumvention in Iran and Kazakhstan. Also progress on a new tor status site based on new protocols, and general outreach and travels.

We implemented a new format this month to better reflect everything going on within Tor.

Available as a pdf with full color graphs, https://archive.torproject.org/monthly-report-archive/2012-February-Mon…

or as a plain text file for portability and readability, https://archive.torproject.org/monthly-report-archive/2012-February-Mon…

Comments

Please note that the comment area below has been archived.

March 28, 2012

Permalink

Hi, I want to try using Tor as a relay on Win7 64-bit. I configured port forwarding for 443 and 9030 on my router but the logs were saying it did not work. Then opened ports in Windows firewall still no go, but I'm not sure I did the Win firewall settings correctly. Is there a detailed guide to this somewhere?

March 28, 2012

Permalink

---IMPORTANT---

I have a great idea. Please create a new project together with EFF that would find any possible data leaks from the computer. Most people don't know or cannot understand the risks of using programs, opening files, reading emails, etc. or simply there could always be problems with the configurations. So both the beginners and advanced users could benefit from this project.

This could be used for checking Office files, PDF files, torrent files, emails (with HTML), etc. (for any potentially dangerous type) where data leaks or unwanted internet connections could happen.

There will be test files for each type which would directly connect to EFF and therefore the user could see the test results from a webpage. Or a safer way, localhost-linked files alongside a program to catch connections going to localhost [Will this work for "2." below? Maybe there should be options for both of them a) eff website b) localhost]

Here are the purposes:
1- Check whether an internet connection is happening or not.
2- If there's a connection, show the user's connecting IP. (To check if the anonymizer is working correctly: VPN, Tor, etc.)
3- Check every possible data leaks. What kind of identifiable information goes to Internet.
4- (If possible) Check if malicious scripts can be executed (for example office & pdf files) which can either send data immediately or change settings in the OS or applications for long term data leaks.
5- Maybe not just applications, but also the OS could be tested? (a further idea, not essential)

I think this is a good starting point. All known attack types could be implemented and also updated after new attacks are discovered.

Inspiration from: http://checkmytorrentip.com/

April 04, 2012

In reply to by Anonymous (not verified)

Permalink

The judge recommends to use TOR when the whistleblowers use https://www.ceic.gouv.qc.ca.

In Canada, in the province of Quebec, the « Commission Charbonneau » inquires into the corruption in the public utilities and the influence of the Mafia in the governments, in the cities, etc.

Judge France Charbonneau asks the citizens to use a Web form to give him the tips ones denouncing concrete examples of corruptions of civils servant and elected officials. In the policy of confidentiality of its Web site, it “strongly recommends” to use TOR.

April 01, 2012

Permalink

When I start TorBrowser, my Peerblock blocked the following:

Boston University
University of Missouri-Columbia
Customer 692 Zwiebelfreunde e.V
Detected AP2P on Ipredator VPN proxy

Tor is definitely responsible - I have no other apps open and until I open Tor, Peerblock is quiet.

Is this something to worry about?

I did some quick research for you: Maybe you have added/enabled a blocklist in Peerblock like the following that blocks all open proxies like Tor. They say something like P2P spammers and spies uses proxies, and this list seems to be used by many.

http://www.iblocklist.com/list.php?list=bt_proxy

Worry? Maybe you have reasons to worry about P2P spammers and spies connecting to your computer through proxies, but Peerblock doesn't make a difference in incoming and outgoing connections, so then you cannot connect to Tor yourself.

Suggestion: If you don't want to disable the list (I assume you are a worried heavy filesharer), my suggestion is to shutdown your P2P applications and then disable Peerblock when you want to use Tor.

http://www.torservers.net/wiki/verein/index

Zwiebelfreunde is nothing to worry about, as you can see. As for the rest, it's normal, although perhaps frightening. I, for example, get probed by dozens or sometimes even hundreds in matter of seconds sometimes. That's why Peerblock is there - to ensure privacy. My guess is that there are certain apps that immediately flag up on global net as soon as they are active, and prompt automated probing by organizations or individuals worldwide. These apps might be viewed as seedy to those who rave about internet censorship and copyright issues, and therefore as soon as they are active, they get regularly probed.

April 01, 2012

Permalink

New Tor Browser Bundle does not work in Kazakhstan without Obfsproxy. Old Obfsproxy bundle contains old Tor Bundle with security risks.
Do you make your bundles for humans in censored countries or just for software engineers?

Привет, бро (сис)! Кинь адрес своего мыльника, закину тебе ссылку как разблокировать стандартный тор протокол. Будешь как все, обновленный и рабочий.

April 02, 2012

Permalink

Hi, i have problems with tor from 2 weeks; it doesn't work.Can you help me? I have tried with different versions but the problem remains. Thanks for your answer.
Donato from Italy.

April 02, 2012

Permalink

Hi, i have problems with tor from 2 weeks; it doesn't work.Can you help me? I have tried with different versions but the problem remains. Thanks for your answer.
Donato from Italy.

April 08, 2012

Permalink

(In Linux) What's with Tor browser adding "www" in front of every .onion link when you open with a new tab. Even when you start with the correct addy, browser flips and adds "www"

April 09, 2012

Permalink

First, you need to learn the address of a bridge that supports obfsproxy. If you don't know any, try asking a friend to set one up for you

what friends whould have them -what a silly thing to place in a users guide!