Testers Wanted! Tor – Stable Upgrades

Tor was updated to in Whonix stable-proposed-updates as well as in testers repository.

Instructions for changing Whonix repository:

Then just do a update:

Patrick started developing Whonix, the Anonymous Operating System in 2012, when quickly others joined efforts. He collected experiences working pseudonymous on Whonix for two years, enjoys collaboratively working on privacy preserving software.

Notable Replies

  1. Tested briefly on Virtualbox-Whonix. No obvious issues.

    When was announced and how? I don’t see any announcement on tor-announce or tor-talk. I wouldn’t want to add jessie-proposed-updates to my stable machines and I don’t want to check constantly if there are new versions on a test machine. But I’d like to test before stable release - and maybe switch my repo back deb.torproject.org.

  2. In that case you can try anon-shared-build-apt-sources-tpo.

    sudo apt-get install anon-shared-build-apt-sources-tpo

    It will add torproject signing key as well as the deb.torproject.org repository.

    After that, I also recommend sudo apt-get install deb.torproject.org-keyring.

  3. released but seems optional for Whonix:

    Changes in version - 2016-12-08
      Tor backports fixes for additional portability issues that
      could prevent Tor from building correctly on OSX Sierra, or with
      OpenSSL 1.1. Affected users should upgrade; others can safely stay
  4. Major Release

    Some points of interest to Whonix:

    • Deprecated features:

      • A number of DNS-cache-related sub-options for client ports are now deprecated for security reasons, and may be removed in a future version of Tor. (We believe that client-side DNS caching is a bad idea for anonymity, and you should not turn it on.) The options are: CacheDNS, CacheIPv4DNS, CacheIPv6DNS, UseDNSCache, UseIPv4Cache, and UseIPv6Cache.
        Does this impact https://phabricator.whonix.org/T567? (Nice job @HulaHoop & @Patrick)
    • Minor features (port flags):

      • Add new flags to the *Port options to give finer control over which requests are allowed. The flags are NoDNSRequest, NoOnionTraffic, and the synthetic flag OnionTrafficOnly, which is equivalent to NoDNSRequest, NoIPv4Traffic, and NoIPv6Traffic. Closes enhancement 18693; patch by “teor”.
    • Minor features (controller):
      Some new control events. STATUS_SERVER may improve usability for hibernating laptop users.

    • Minor features (unix domain sockets):

      • When configuring a unix domain socket for a SocksPort, ControlPort, or Hidden service, you can now wrap the address in quotes, using C-style escapes inside the quotes. This allows unix domain socket paths to contain spaces. Resolves ticket 18753.
    • Minor bugfixes (client, unix domain sockets):

      • Disable IsolateClientAddr when using AF_UNIX backed SocksPorts as the client address is meaningless. Fixes bug 20261; bugfix on

    BIg list! Will try out soon.

  5. Uploaded to Whonix jessie-proposed-updates and testers repository.

Continue the discussion forums.whonix.org

7 more replies