Windows + OS X + Linux
Update Tor to 0.4.6.10
Update NoScript to 11.3.7
Bug tor-browser-build#40435: Remove default bridge “deusexmachina”
Bug tor-browser-build#40440: Bump version of snowflake to include PT LOG events
Bug tor-browser#40684: Misc UI bugs in 11.0a10
Bug tor-browser#40687: Update message bar styling in about:preferences#tor
Bug tor-browser#40691: Make quickstart checkbox grey when “off” on about:torconnect
Bug tor-browser#40714: Next button closes “How do circuits work?” onboarding tour
Bug tor-browser#40824: Drop 16439 Patch (android screencasting disable)
Bug tor-browser#40826: Cherry-pick fixes for Mozilla bug 1758062
Build System
Windows + OS X + Linux
Update Go to 1.16.14
Bug tor-browser-build#40441: Add Austin as valid git-tag signer
Tor Browser 11.0 近日正式发布。这是第一个基于 Firefox ESR 91 的稳定版本,并包括对 Tor的重要更新。
Tor is free software for anonymous communication. The name comes from the English abbreviation of “The Onion Router” [10][11]. Users can use Tor to access the coverage network provided by volunteers around the world for free, including 6000+ relays [12], so as to achieve the purpose of hiding the user’s real address, avoiding network monitoring and traffic analysis. The Internet activities of Tor users (including browsing online websites, posts, and instant messages) are relatively difficult to track [13]. Tor was originally designed to protect users’ personal privacy, as well as the freedom and ability to communicate secretly without monitoring. Tor does not prevent online websites from determining whether users visit the website through Tor. Although it protects users’ privacy, it does not conceal the fact that users are using Tor. Some websites restrict users who use Tor. MediaWiki’s extension Torblock is one example, which can automatically restrict editing through Tor. Wikipedia, which uses Torblock, allows users to edit content through Tor under certain circumstances [14]. Tor implements onion routing technology by encrypting at the application layer in the transport protocol stack. Tor encrypts the data including the IP address of the next node multiple times and submits it through a virtual circuit (including a randomly selected Tor node). Each relay will decrypt one layer of encrypted data to know the next destination of the data, and then send the remaining encrypted data to it. The final relay will decrypt the innermost encrypted data and send the original data to the destination address without revealing or knowing the source IP address. [15] Attackers may try to de-anonymize Tor users through certain means. Including exploiting software vulnerabilities on Tor users’ computers [16]. The U.S. National Security Agency has the technology (code-named “EgotisticalGiraffe”) for vulnerabilities in the old version of Firefox bundled in the Tor installation package [17], and used the XKeyscore system to closely monitor Tor users [18]. Many scholars have also conducted academic research on how to crack the Tor network[19][20], and this behavior has been affirmed by the Tor project company[21]. A large part of the funding for the development and maintenance of Tor was donated by the U.S. federal government [22], and in the past it was donated in the name of the Office of Naval Research and the Defense Advanced Research Projects Agency [23]. Tor’s core technology “onion routing” was developed in the mid-1990s by employees of the US Naval Research Laboratory, mathematician Paul Syverson and computer scientists G. Mike Reed and David. · Goldschlag (David Goldschlag), software developed to protect American intelligence communications. After that, onion routing was handed over to the US Defense Advanced Research Projects Agency for further development in 1997[24][25][26][27][28][29]. The beta version of Tor was developed by Sevison and computer scientists Roger Dingledine and Nick Mathewson [22] and named it “The Onion Routing project” (The Onion Routing project, Referred to as the TOR project)[1][30]. This beta version was released on September 20, 2002[1][30]. The first public release version was launched the following year [31]. On August 13, 2004, Sevison, Dinglen and Matthewson gave a speech on the theme of “Tor: The Second Generation Onion Router” at the 13th USENIX Security Symposium [32]. In 2004, the U.S. Naval Research Laboratory released the Tor code under a free software license, and the Electronic Frontier Foundation began to fund Dinglen and Mathewson’s continued development [22].
In December 2006, Dinglen, Matthewson and others established a non-profit organization in Massachusetts-The Tor Project, responsible for the maintenance of Tor [33]. The Electronic Frontier Foundation served as its financial sponsor in the early years. Early sponsors of the Tor project also included the International Broadcasting Bureau, News International, Human Rights Watch, University of Cambridge, Google, and NLnet in the Netherlands.[34][35][36][37 ][38].
Since then, a large part of the cost of maintaining Tor has been donated by the US federal government [22].
In November 2014, due to an anti-black market operation called “De-anonymization Operation” carried out by the global judicial departments, it is speculated that Tor’s loopholes have been exploited [39]. The BBC quoted comments as saying that this was a “technical crack”[40], allowing the judicial department to track the physical location of the server. The relevant court documents aroused attention the following year about research ethics[41] and the right of “unreasonable search” guaranteed by the Fourth Amendment of the United States Constitution[42], which may have occurred earlier at that time. And the attack on Tor is related [43].
In December 2015, Tor Project Company announced the appointment of Shari Steele (Shari Steele) as the new operating director [44]. Before that, Shari led the Electronic Frontier Foundation for 15 years, and in 2004 made the Electronic Frontier Foundation decide to fund the early maintenance of Tor. One of its goals is to increase the user-friendliness of Tor so that more people can browse the web anonymously [45].
In July 2016, the board members of the Tor Project Company resigned collectively, and at the same time established a team composed of Matt Blazer, Cindy Cohen, Gabriela Coleman, Linus Nordberg (Linus Nordberg) , Megan Price (Megan Price) and Bruce Schneier’s new board of directors
Tor的核心技术“洋葱路由”,是在1990年代中期由美国海军研究实验室的员工,数学家保罗·西维森(Paul Syverson)和计算机科学家迈克·里德(G. Mike Reed)和大卫·戈尔德施拉格(David Goldschlag),为保护美国情报通信而开发的软件。之后,洋葱路由于1997年交由美国国防高等研究计划署进行进一步开发[24][25][26][27][28][29]。
2006年12月,丁格伦、马修森等人成立了一个位于马萨诸塞州的非营利组织——The Tor Project,负责维护Tor[33]。电子前哨基金会担任其早年的财政赞助商,Tor项目的早期赞助者还包括美国国际广播局、新闻国际、人权观察、剑桥大学、谷歌和荷兰的NLnet[34][35][36][37][38]。