[tor-talk] Tor 0.3.1.6-rc is released!
Hi, all! There's a new Tor release candidate available! The source is available from the "download" page on the website on the website, and packages should be available before long. The Tor Browser team expects to get a release out later this month. This is a release candidate; please help find bugs in it! If we don't find any new critical problems, we'll be calling this release series "stable" soon. Changes in version 0.3.1.6-rc - 2017-09-05 Tor 0.3.1.6-rc fixes a few small bugs and annoyances in the 0.3.1 release series, including a bug that produced weird behavior on Windows directory caches. This is the first release candidate in the Tor 0.3.1 series. If we find no new bugs or regressions here, the first stable 0.3.1 release will be nearly identical to it. o Major bugfixes (windows, directory cache): - On Windows, do not try to delete cached consensus documents and diffs before they are unmapped from memory--Windows won't allow that. Instead, allow the consensus cache directory to grow larger, to hold files that might need to stay around longer. Fixes bug 22752; bugfix on 0.3.1.1-alpha. o Minor features (directory authority): - Improve the message that authorities report to relays that present RSA/Ed25519 keypairs that conflict with previously pinned keys. Closes ticket 22348. o Minor features (geoip): - Update geoip and geoip6 to the August 3 2017 Maxmind GeoLite2 Country database. o Minor features (testing): - Add more tests for compression backend initialization. Closes ticket 22286. o Minor bugfixes (directory cache): - Fix a memory leak when recovering space in the consensus cache. Fixes bug 23139; bugfix on 0.3.1.1-alpha. o Minor bugfixes (hidden service): - Increase the number of circuits that a service is allowed to open over a specific period of time. The value was lower than it should be (8 vs 12) in the normal case of 3 introduction points. Fixes bug 22159; bugfix on 0.3.0.5-rc. - Fix a BUG warning during HSv3 descriptor decoding that could be cause by a specially crafted descriptor. Fixes bug 23233; bugfix on 0.3.0.1-alpha. Bug found by "haxxpop". - Rate-limit the log messages if we exceed the maximum number of allowed intro circuits. Fixes bug 22159; bugfix on 0.3.1.1-alpha. o Minor bugfixes (logging, relay): - Remove a forgotten debugging message when an introduction point successfully establishes a hidden service prop224 circuit with a client. - Change three other log_warn() for an introduction point to protocol warnings, because they can be failure from the network and are not relevant to the operator. Fixes bug 23078; bugfix on 0.3.0.1-alpha and 0.3.0.2-alpha. o Minor bugfixes (relay): - When a relay is not running as a directory cache, it will no longer generate compressed consensuses and consensus diff information. Previously, this was a waste of disk and CPU. Fixes bug 23275; bugfix on 0.3.1.1-alpha. o Minor bugfixes (robustness, error handling): - Improve our handling of the cases where OpenSSL encounters a memory error while encoding keys and certificates. We haven't observed these errors in the wild, but if they do happen, we now detect and respond better. Fixes bug 19418; bugfix on all versions of Tor. Reported by Guido Vranken. o Minor bugfixes (stability): - Avoid crashing on a double-free when unable to load or process an included file. Fixes bug 23155; bugfix on 0.3.1.1-alpha. Found with the clang static analyzer. o Minor bugfixes (testing): - Fix an undersized buffer in test-memwipe.c. Fixes bug 23291; bugfix on 0.2.7.2-alpha. Found and patched by Ties Stuij. - Port the hs_ntor handshake test to work correctly with recent versions of the pysha3 module. Fixes bug 23071; bugfix on 0.3.1.1-alpha. o Minor bugfixes (Windows service): - When running as a Windows service, set the ID of the main thread correctly. Failure to do so made us fail to send log messages to the controller in 0.2.1.16-rc, slowed down controller event delivery in 0.2.7.3-rc and later, and crash with an assertion failure in 0.3.1.1-alpha. Fixes bug 23081; bugfix on 0.2.1.6-alpha. Patch and diagnosis from "Vort". -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] Is there any societal use in Bitcoin?
World University and School (which is like Wikipedia in 295 languages with CC MIT OCW in 7 languages and CC Yale OYC) is taking an all ~200 countries' official languages' approach to developing blockchain / bitcoin ... but planning too for health care data, for example, in the blockchain - http://scott-macleod.blogspot.com/2017/08/sustainability-universal-basic-income.html - plus an online bookstore / academic press in each of all 7,099 living languages re bitcoin ... and for developing an universal basic income for all 7.5 billion people (with nation states as the basic unit re their law systems and tax systems) - and presumably some of these people will receive this UBI (ethicality-wise) in a bitcoin-like digital currency. Best, Scott On Mon, Sep 4, 2017 at 11:50 PM, Jon Tullett wrote: > On 5 September 2017 at 08:25, carlo von lynX > wrote: > > On Mon, Sep 04, 2017 at 08:35:17PM +0500, Roman Mamedov wrote: > >> BTC wouldn't require "same timeframe" of 36 hours to transfer, it can > be done > >> within less than an hour. And with the recent developments in the BTC > world, > >> both transaction speed and cost per transaction will continue to > improve. > > > > I think I repeatedly mentioned TALER > > You did indeed. Couple of issues with Taler. First, it doesn't show up > on Google. You have to know that it's "GNU Taler". Sure, RMS would > probably argue that's a feature not a bug, but it's something of a > barrier to awareness. > > Second, release notes from this June [1] paraphrase thusly: > > > This is still an alpha release > > * Exchange implements the full Taler protocol, but does not integrate > with traditional banking systems > > * No integration with "real" banks, so only toy currencies are available > for now. > > * Documentation, testing, error handling and performance still need to > be improved. > > That has NOPE NOPE NOPE written all over it for me, I'm afraid. I'm > sure it's very clever, but until one of the release notes says "You > can now safely transfer funds from one bank to another", I'll stick > with established options (which include BTC, just not for spot forex > xfers). > > -J > > [1] https://lists.gnu.org/archive/html/info-gnu/2017-06/msg5.html > -- > tor-talk mailing list - tor-talk@lists.torproject.org > To unsubscribe or change other settings go to > https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk > -- -- - Scott MacLeod - Founder & President - World University and School - http://worlduniversityandschool.org - 415 480 4577 - http://scottmacleod.com - CC World University and School - like CC Wikipedia with best STEM-centric CC OpenCourseWare - incorporated as a nonprofit university and school in California, and is a U.S. 501 (c) (3) tax-exempt educational organization. IMPORTANT NOTICE: This transmission and any attachments are intended only for the use of the individual or entity to which they are addressed and may contain information that is privileged, confidential, or exempt from disclosure under applicable federal or state laws. If the reader of this transmission is not the intended recipient, you are hereby notified that any use, dissemination, distribution, or copying of this communication is strictly prohibited. If you have received this transmission in error, please notify me immediately by email or telephone. World University and School is sending you this because of your interest in free, online, higher education. If you don't want to receive these, please reply with 'unsubscribe' in the body of the email, leaving the subject line intact. Thank you. -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] Tor users in US up by nearly 100,000 this month
Hi Ryan, Ryan Carboni: > https://en.wikipedia.org/wiki/Facebookcorewwwi.onion > > I find it hard to believe that you cannot make use of any informal > relationships to make a meatspace query on valid Tor usage estimates. Can you expand on what you mean by this? What sort of "informal" relationships are you considering? If I decide to phone up a friend at Akamai or Cloudflare, there's no guarantee that CDNs like these keep statistics about Tor users (and differentiate between bots and humans), or that they'd want to share this. Maybe they think it would give their competitors information about their business e.g. its size (whether that's a valid concern is another matter entirely). As for the terminology "meatspace", I don't think it's useful to differentiate between "online" and "offline". The internet is life. It's a matter of language but I do think it's important. If I wanted to do it as a research project, the information would probably need to be given in a more formal manner by these CDNs, or collected by oneself. I think it would be interesting to devise such an experiment, and work out a way to differentiate between bots. This entire thread should give you plenty of ideas - I encourage you to make something out of these questions! > People do not exist in isolation, and this meme that no private sector > individual has knowledge on Tor ignores that Tor's often outdated > documentation itself makes RTFM invalid. > I wouldn't call it a meme. While people don't exist in isolation, whether they want to give up information about their usage (or would be more or less likely to go on sites explicitly advertising they're measuring whether they're a bot or not) is another matter entirely. I'm honestly not sure about the ethics of measuring this, either. Best, Duncan -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
