Tor 0.0.9.3 - Onion Ring Anonymizer

G

Gordon Darling

To: (e-mail address removed)
Subject: Tor 0.0.9.3 is out

Tor 0.0.9.3 improves cpu usage, works better when the network was recently
offline and you try to use Tor, and makes hidden services less unbearable.

http://tor.eff.org/download.html

o Bugfixes on 0.0.9:
- Backport the cpu use fixes from main branch, so busy servers won't
need as much processor time.
- Work better when we go offline and then come back, or when we
run Tor at boot before the network is up. We do this by
optimistically trying to fetch a new directory whenever an
application request comes in and we think we're offline -- the
human is hopefully a good measure of when the network is back.
- Backport some minimal hidserv bugfixes: keep rend circuits open as
long as you keep using them; actually publish hidserv descriptors
shortly after they change, rather than waiting 20-40 minutes.
- Enable Mac startup script by default.
- Fix duplicate dns_cancel_pending_resolve reported by Giorgos Pallas.
- When you update AllowUnverifiedNodes or FirewallPorts via the
controller's setconf feature, we were always appending, never
resetting.
- When you update HiddenServiceDir via setconf, it was screwing up
the order of reading the lines, making it fail.
- Do not rewrite a cached directory back to the cache; otherwise we
will think it is recent and not fetch a newer one on startup.
- Workaround for webservers that lie about Content-Encoding: Tor
now tries to autodetect compressed directories and compression
itself. This lets us Proxypass dir fetches through apache.

Regards
Gordon
 
A

Aaron

Gordon Darling said:
To: (e-mail address removed)
Subject: Tor 0.0.9.3 is out
[snip]



It's a nice tool, though everyone should remember not to send out any
plain text passwords through that network.

Er why not? My understanding is that it's encrypted when it moving through
the TOR network. Sure once it leaves the Tor network it's in the clear, but
that's no worse than normal.
 
S

scootgirl.com

[snip]
Er why not? My understanding is that it's encrypted when it moving through
the TOR network. Sure once it leaves the Tor network it's in the clear,
but
that's no worse than normal.



The exit nodes can read your username and password if it's sent in plain
text, so someone can setup an exit node, run a sniffer, and pipe username
and password data to a log ( http://tinyurl.com/6x2qn ). On a normal network
they would need access to the routers on it's path to the server. Both are
bad, but Tor is a very tempting solution for criminals to sit back and have
sensitive data served up to them from random people.

If your client and your server supports end-to-end encryption, then you'd be
safer using Tor.

Karen
http://scootgirl.com/
 
3

/3iff //ullins

Gordon Darling said:
To: (e-mail address removed)
Subject: Tor 0.0.9.3 is out
[snip]



It's a nice tool, though everyone should remember not to send out any
plain text passwords through that network.

Er why not? My understanding is that it's encrypted when it moving through
the TOR network. Sure once it leaves the Tor network it's in the clear, but
that's no worse than normal.
she don't read teh english so goot.
 
A

Aaron

[snip]
Er why not? My understanding is that it's encrypted when it moving
through the TOR network. Sure once it leaves the Tor network it's in
the clear, but
that's no worse than normal.
The exit nodes can read your username and password if it's sent in
plain text, so someone can setup an exit node, run a sniffer, and pipe
username and password data to a log ( http://tinyurl.com/6x2qn ). On a
normal network they would need access to the routers on it's path to
the server. Both are bad, but Tor is a very tempting solution for
criminals to sit back and have sensitive data served up to them from
random people.

True, I suppose that's the risk you have to take when you use a annoymous
proxy whether it's Tor or one of those single annoymous proxies.

If your client and your server supports end-to-end encryption, then
you'd be safer using Tor.

Well the passwords that I use that are valuable, have this anyway.
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads


Top