Tor is een netwerk dat gebruikt kan worden om anoniem over het internet te surfen. Al het tcp-verkeer van gebruikers wordt langs verschillende Tor-routers geleid, waarna het voor de ontvanger niet meer mogelijk is om na te gaan wie de oorspronkelijke verzender was. Binnen het Tor-netwerk is die informatie nog wel aanwezig, zodat antwoorden - uiteraard ook weer via het stelsel van routers - uiteindelijk weer op de juiste plek aankomen. De ontwikkelaars hebben versie 0.2.1.20 uitgebracht voorzien van de volgende aankondiging:
Tor 0.2.1.20 is released
Tor 0.2.1.20 fixes a crash bug when you're accessing many hidden services at once, prepares for more performance improvements, and fixes a bunch of smaller bugs.
The Windows and OS X bundles also include a more recent Vidalia, and switch from Privoxy to Polipo.
The OS X installers are now drag and drop. It's best to un-install Tor/Vidalia and then install this new bundle, rather than upgrade. If you want to upgrade, you'll need to update the paths for Tor and Polipo in the Vidalia Settings window.
Changes in version 0.2.1.20
- Send circuit or stream sendme cells when our window has decreased by 100 cells, not when it has decreased by 101 cells. Bug uncovered by Karsten when testing the "reduce circuit window" performance patch. Bugfix on the 54th commit on Tor -- from July 2002, before the release of Tor 0.0.0. This is the new winner of the oldest-bug prize.
- Fix a remotely triggerable memory leak when a consensus document contains more than one signature from the same voter. Bugfix on 0.2.0.3-alpha.
- Avoid segfault in rare cases when finishing an introduction circuit as a client and finding out that we don't have an introduction key for it. Fixes bug 1073. Reported by Aaron Swartz.
New directory authorities:
- Tor now reads the "circwindow" parameter out of the consensus, and uses that value for its circuit package window rather than the default of 1000 cells. Begins the implementation of proposal 168.
- Set up urras (run by Jacob Appelbaum) as the seventh v3 directory authority.
- Move moria1 and tonga to alternate IP addresses.
- Fix a signed/unsigned compile warning in 0.2.1.19.
- Fix possible segmentation fault on directory authorities. Bugfix on 0.2.1.14-rc.
- Fix an extremely rare infinite recursion bug that could occur if we tried to log a message after shutting down the log subsystem. Found by Matt Edman. Bugfix on 0.2.0.16-alpha.
- Fix an obscure bug where hidden services on 64-bit big-endian systems might mis-read the timestamp in v3 introduce cells, and refuse to connect back to the client. Discovered by "rotor". Bugfix on 0.2.1.6-alpha.
- We were triggering a CLOCK_SKEW controller status event whenever we connect via the v2 connection protocol to any relay that has a wrong clock. Instead, we should only inform the controller when it's a trusted authority that claims our clock is wrong. Bugfix on 0.2.0.20-rc; starts to fix bug 1074. Reported by SwissTorExit.
- We were telling the controller about CHECKING_REACHABILITY and REACHABILITY_FAILED status events whenever we launch a testing circuit or notice that one has failed. Instead, only tell the controller when we want to inform the user of overall success or overall failure. Bugfix on 0.1.2.6-alpha. Fixes bug 1075. Reported by SwissTorExit.
- Don't warn when we're using a circuit that ends with a node excluded in ExcludeExitNodes, but the circuit is not used to access the outside world. This should help fix bug 1090. Bugfix on 0.2.1.6-alpha.
- Work around a small memory leak in some versions of OpenSSL that stopped the memory used by the hostname TLS extension from being freed.
- Add a "getinfo status/accepted-server-descriptor" controller command, which is the recommended way for controllers to learn whether our server descriptor has been successfully received by at least on directory authority. Un-recommend good-server-descriptor getinfo and status events until we have a better design for them.