Versie 6.4.1 van Tribler uitgekomen. Tribler is een opensource-p2p-client, die ooit ontwikkeld is door studenten van de TU Delft en de VU Amsterdam binnen het door de Nederlandse overheid gefinancierde I-share-project. Tegenwoordig werkt een internationaal team wetenschappers uit meer dan twintig organisaties samen aan dit project.
Tribler heeft onder meer een ingebouwde mediaspeler en er kan vaak direct worden gekeken of geluisterd wanneer een download wordt gestart. Het programma is beschikbaar voor Windows, Linux en OS X. In versie 6.4 is onder meer de anonimisering verder uitgebreid en is er nu zelfs end-to-end-encryptie mogelijk. Dit werkte echter niet helemaal zoals het hoorde en vandaar dat er nu een update verschenen is.
Changes since last release:
This release contains critical security updates. PLEASE UPDATE from V6.4.0 to V6.4.1.Detailed changes:
- The anonymity in V6.4.0 did not function properly.
- Users are advised to only enable anonymous downloading in V6.4.1 it if they understand the implications stated within the on-screen advisory.
- Our experimental hidden seeding feature did not perform adequately. You are likely to function as a exit node for the traffic of other users. We are deeply sorry for this. We're working hard on fixing this issue, but that will take significant amount of work. We will make Tribler exit nodes explicit in the future and reward them (issue #23 in Github).
- We want to get this right. We are very grateful for the help that security expert "Yawning Angel" is giving us. All critical issues raised by him/her are either fixed or are being working on. Especially the advise to replace our simplistic AES-ECB with AES-GCM saved us quite some development time. You can track our progress at: https://github.com/Tribler/tribler/issues/1066
To see a complete list of the changes, please click here.
- removed all references to gmpy.rand (security cleanup)
- one-time AES keys are generated with python's random.randint() (FIXED)
- code for researching homomorphic encryption removed, how not to do RSA: def rsa_encrypt(key, element) (security cleanup)
- warn user about the dangers of enabling anonymity (_temporary_ emergency fix)
- Fix Tribler crashes when starting Tribler just after stopping it.
- Fix: allow removing torrents from own channel (Thanks Dan Arnould!)
- Fixes for the tunnel community.
- Make TunnelCommunity (P2P encrypted proxy downloads) loading configurable and disabled by default
- Opt-in dialog for TunnelCommunity
- Several fixes and cleanups for the cryptographic code.
- Update .deb dependencies
- Update windows packager for new curves.ec location
- Updated tunneled download test description