Pages

Monday, December 15, 2008

Tor 0.2.1.8 + Bundles


Tor is a software project that helps you defend against traffic analysis, a form of network surveillance that threatens personal freedom and privacy, confidential business activities and relationships, and state security. Tor protects you by bouncing your communications around a distributed network of relays run by volunteers all around the world: it prevents somebody watching your Internet connection from learning what sites you visit, and it prevents the sites you visit from learning your physical location. Tor works with many of your existing applications, including web browsers, instant messaging clients, remote login, and other applications based on the TCP protocol.

Changelog:
Changes in version 0.2.1.8-alpha - 2008-12-08
Major features:

•New DirPortFrontPage option that takes an html file and publishes
it as "/" on the DirPort. Now relay operators can provide a
disclaimer without needing to set up a separate webserver. There's
a sample disclaimer in contrib/tor-exit-notice.html.
Security fixes:

•When the client is choosing entry guards, now it selects at most
one guard from a given relay family. Otherwise we could end up with
all of our entry points into the network run by the same operator.
Suggested by Camilo Viecco. Fix on 0.1.1.11-alpha.
Major bugfixes:

•Fix a DOS opportunity during the voting signature collection process
at directory authorities. Spotted by rovv. Bugfix on 0.2.0.x.
•Fix a possible segfault when establishing an exit connection. Bugfix
on 0.2.1.5-alpha.
Minor bugfixes:

•Get file locking working on win32. Bugfix on 0.2.1.6-alpha. Fixes
bug 859.
•Made Tor a little less aggressive about deleting expired
certificates. Partial fix for bug 854.
•Stop doing unaligned memory access that generated bus errors on
sparc64. Bugfix on 0.2.0.10-alpha. Fix for bug 862.
•Fix a crash bug when changing EntryNodes from the controller. Bugfix
on 0.2.1.6-alpha. Fix for bug 867. Patched by Sebastian.
•Make USR2 log-level switch take effect immediately. Bugfix on
0.1.2.8-beta.
•If one win32 nameserver fails to get added, continue adding the
rest, and don't automatically fail.
•Use fcntl() for locking when flock() is not available. Should fix
compilation on Solaris. Should fix Bug 873. Bugfix on 0.2.1.6-alpha.
•Do not mark smartlist_bsearch_idx() function as ATTR_PURE. This bug
could make gcc generate non-functional binary search code. Bugfix
on 0.2.0.10-alpha.
•Build correctly on platforms without socklen_t.
•Avoid potential crash on internal error during signature collection.
Fixes bug 864. Patch from rovv.
•Do not use C's stdio library for writing to log files. This will
improve logging performance by a minute amount, and will stop
leaking fds when our disk is full. Fixes bug 861.
•Stop erroneous use of O_APPEND in cases where we did not in fact
want to re-seek to the end of a file before every last write().
•Correct handling of possible malformed authority signing key
certificates with internal signature types. Fixes bug 880. Bugfix
on 0.2.0.3-alpha.
•Fix a hard-to-trigger resource leak when logging credential status.
CID 349.
https://blog.torproject.org/blog/tor-0.2.1.8-alpha-now-available

News:
11 December 2008: Tor im Browser 1.1.7 (Multilanguage Firefox + Tor) Latest Firefox Shiretoko
http://www.torproject.org/torbrowser/dist/?C=M;O=D

09 December 2008: Tor 0.2.1.8 Alpha + Vidalia Bundle 0.2.1.8
http://www.torproject.org/dist/vidalia-bundles/?C=M;O=D

05 December 2008: Tor 0.2.0.32 released as stable.
http://www.torproject.org/

Latest Privoxy 3.0.10 (stable)
http://sourceforge.net/project/showfiles.php?group_id=11118
http://privoxy.org/


Homepage: http://www.torproject.org/download.html.en
http://www.torproject.org/dist/win32/

By Morph , Spike2 based eMule mods in HttpDownloadDlg.cpp
// MORPH START, send user agent as firefox if obfuscated....
Spike2::Obfuscate

used by enabled protocol obfuscation
are all UA Strings Firefox 1.5 Italian language ( Can cause more often a Low ID by svr login and ISP and others can figure out in non Italian regions that it's emule with protocol obfuscation enabled )

Some mods send a invalid UA string by enabled protocol obfuscation. Close the String with ) is missing: SharkX for example _T("Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1;")
(thePrefs.IsClientCryptLayerRequested()?_T("Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1;")
-> (thePrefs.IsClientCryptLayerRequested()?_T("Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1)")

Changes can be done: by using different UA strings/Mod:
http://www.zytrax.com/tech/web/browser_ids.htm
http://www.useragentstring.com/pages/useragentstring.php

samples:
Firefox 3.1 beta 2 lang de

thePrefs.IsClientCryptLayerRequested()?_T("Mozilla/5.0 (Windows; U; Windows NT 5.1; de-DE; rv:1.9.1b2) Gecko/20081125 Firefox/3.1b2")

MS IE 6.0 on XP
(thePrefs.IsClientCryptLayerRequested()?_T("Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1)")

Firefox 2.0 lang en-us
(thePrefs.IsClientCryptLayerRequested()?_T("Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.1.16) Gecko/20080702 Firefox/2.0.0.16")

No comments:

Post a Comment