Updated Tor Cloud images, and action required

by Runa | April 18, 2012

The Tor Cloud images for all the seven regions have been updated to include the latest cloud image for stable Ubuntu release 10.04 LTS (Lucid Lynx). These new images are available on the Tor Cloud website.

If you are already running a Tor Cloud bridge, you will need to either manually update your image, or set up a new Tor Cloud bridge and terminate the old one. If you decide not to take action, your image may fail to download package updates correctly.

What follows is an important message from the ubuntu-cloud mailing list:

In an effort to improve on reliability of the Ubuntu archive mirrors for EC2 instances, Canonical is replacing the existing EC2 archive mirrors with mirrors backed by Amazon S3. This change itself will be done via modification of DNS entries and will be transparent to users.

However, due to a bug in the http pipelining implementation in S3 a change to apt configuration needs to be made to avoid download errors. We have chosen to deliver this change via a package upgrade in cloud-init.

The action required is one of the following:

  • Upgrade cloud-init using sudo apt-get update ; sudo apt-get install -y cloud-init
  • Launch official AMI's released after 2012-04-01, which will have the fix included
  • Manually disable http pipeline use in apt using echo 'Acquire::http::Pipeline-Depth "0";' | sudo tee /etc/apt/apt.conf.d/99-no-pipelining

Should you choose not to take appropriate action, you will likely experience transient apt downloading errors after the change is implemented. In order to give appropriate time to apply the change, this transition will not occur before April 18, 2012.

Comments

Please note that the comment area below has been archived.

Anonymous (not verified) said:

April 19, 2012

Permalink

Hi an someone help me with a privacy concern?

When using Tor Browser Bundle for browsing the web, is it theoretically safer (privacy wise) to disable "Javascript" and/or "Accept cookies from sites"? Or is it just as safe with those options enabled?

Im one of those who had disabled cookies. but a friend said to me that without any cookies then https encryption to websites will not work properly because the website does not know which computer it is communicating with and cant form an ecnryption tunnel through the proxy to the computer making the request. Is it true??

Anonymous (not verified) said:

April 26, 2012

Permalink

since 4/21/2012

tor (obfsproxy) is not working in IRAN anymore!

tor stops at loading relay! here is what shows in log
----------------------------------------------------------------------------------------

  1. <br />
  2. Apr 26 23:54:34.698 [Warning] 15 connections have failed:<br />
  3. Apr 26 23:54:34.698 [Warning] 4 connections died in state handshaking (TLS) with SSL state SSLv2/v3 read server hello A in HANDSHAKE<br />
  4. Apr 26 23:54:34.698 [Warning] 3 connections died in state connect()ing with SSL state (No SSL object)<br />
  5. Apr 26 23:54:34.699 [Warning] 3 connections died in state handshaking (proxy) with SSL state (No SSL object)<br />
  6. Apr 26 23:54:34.699 [Warning] 3 connections died in state handshaking (TLS) with SSL state SSLv3 read server session ticket A in HANDSHAKE<br />
  7. Apr 26 23:54:34.699 [Warning] 2 connections died in state handshaking (TLS) with SSL state SSLv3 read finished A in HANDSHAKE<br />
  8. Apr 26 23:54:34.699 [Warning] Problem bootstrapping. Stuck at 50%: Loading relay descriptors. (Connection timed out [WSAETIMEDOUT ]; TIMEOUT; count 14; recommendation warn)<br />
  9. Apr 26 23:54:34.699 [Warning] 18 connections have failed:<br />
  10. Apr 26 23:54:34.699 [Warning] 5 connections died in state handshaking (proxy) with SSL state (No SSL object)<br />
  11. Apr 26 23:54:34.699 [Warning] 4 connections died in state handshaking (TLS) with SSL state SSLv2/v3 read server hello A in HANDSHAKE<br />
  12. Apr 26 23:54:34.699 [Warning] 4 connections died in state connect()ing with SSL state (No SSL object)<br />
  13. Apr 26 23:54:34.699 [Warning] 3 connections died in state handshaking (TLS) with SSL state SSLv3 read server session ticket A in HANDSHAKE<br />
  14. Apr 26 23:54:34.699 [Warning] 2 connections died in state handshaking (TLS) with SSL state SSLv3 read finished A in HANDSHAKE<br />
  15. Apr 26 23:54:34.703 [Warning] Problem bootstrapping. Stuck at 50%: Loading relay descriptors. (Connection timed out [WSAETIMEDOUT ]; TIMEOUT; count 15; recommendation warn)<br />
  16. Apr 26 23:54:34.703 [Warning] 19 connections have failed:<br />
  17. Apr 26 23:54:34.703 [Warning] 5 connections died in state connect()ing with SSL state (No SSL object)<br />
  18. Apr 26 23:54:34.703 [Warning] 5 connections died in state handshaking (proxy) with SSL state (No SSL object)<br />
  19. Apr 26 23:54:34.703 [Warning] 4 connections died in state handshaking (TLS) with SSL state SSLv2/v3 read server hello A in HANDSHAKE<br />
  20. Apr 26 23:54:34.703 [Warning] 3 connections died in state handshaking (TLS) with SSL state SSLv3 read server session ticket A in HANDSHAKE<br />
  21. Apr 26 23:54:34.703 [Warning] 2 connections died in state handshaking (TLS) with SSL state SSLv3 read finished A in HANDSHAKE<br />
  22. Apr 26 23:54:36.158 [Notice] Learned fingerprint C2765DB360C8E74D34CBD6A351E5975A9C408B7B for bridge 204.93.130.141:443<br />
  23. Apr 27 00:09:13.722 [Warning] getsockname() to check for address change failed: Bad address [WSAEFAULT ]<br />
  24. Apr 27 00:09:15.668 [Warning] Problem bootstrapping. Stuck at 50%: Loading relay descriptors. (Connection refused [WSAECONNREFUSED ]; CONNECTREFUSED; count 16; recommendation warn)<br />
  25. Apr 27 00:09:15.668 [Warning] 25 connections have failed:<br />
  26. Apr 27 00:09:15.668 [Warning] 10 connections died in state handshaking (proxy) with SSL state (No SSL object)<br />
  27. Apr 27 00:09:15.668 [Warning] 6 connections died in state connect()ing with SSL state (No SSL object)<br />
  28. Apr 27 00:09:15.668 [Warning] 4 connections died in state handshaking (TLS) with SSL state SSLv2/v3 read server hello A in HANDSHAKE<br />
  29. Apr 27 00:09:15.669 [Warning] 3 connections died in state handshaking (TLS) with SSL state SSLv3 read server session ticket A in HANDSHAKE<br />
  30. Apr 27 00:09:15.669 [Warning] 2 connections died in state handshaking (TLS) with SSL state SSLv3 read finished A in HANDSHAKE<br />
  31. Apr 27 00:09:34.718 [Warning] Problem bootstrapping. Stuck at 50%: Loading relay descriptors. (Connection timed out [WSAETIMEDOUT ]; TIMEOUT; count 17; recommendation warn)<br />
  32. Apr 27 00:09:34.718 [Warning] 26 connections have failed:<br />
  33. Apr 27 00:09:34.718 [Warning] 10 connections died in state handshaking (proxy) with SSL state (No SSL object)<br />
  34. Apr 27 00:09:34.718 [Warning] 7 connections died in state connect()ing with SSL state (No SSL object)<br />
  35. Apr 27 00:09:34.718 [Warning] 4 connections died in state handshaking (TLS) with SSL state SSLv2/v3 read server hello A in HANDSHAKE<br />
  36. Apr 27 00:09:34.718 [Warning] 3 connections died in state handshaking (TLS) with SSL state SSLv3 read server session ticket A in HANDSHAKE<br />
  37. Apr 27 00:09:34.718 [Warning] 2 connections died in state handshaking (TLS) with SSL state SSLv3 read finished A in HANDSHAKE<br />
  38. Apr 27 00:09:34.719 [Warning] Problem bootstrapping. Stuck at 50%: Loading relay descriptors. (Connection timed out [WSAETIMEDOUT ]; TIMEOUT; count 18; recommendation warn)<br />
  39. Apr 27 00:09:34.719 [Warning] 29 connections have failed:<br />
  40. Apr 27 00:09:34.719 [Warning] 12 connections died in state handshaking (proxy) with SSL state (No SSL object)<br />
  41. Apr 27 00:09:34.719 [Warning] 8 connections died in state connect()ing with SSL state (No SSL object)<br />
  42. Apr 27 00:09:34.720 [Warning] 4 connections died in state handshaking (TLS) with SSL state SSLv2/v3 read server hello A in HANDSHAKE<br />
  43. Apr 27 00:09:34.720 [Warning] 3 connections died in state handshaking (TLS) with SSL state SSLv3 read server session ticket A in HANDSHAKE<br />
  44. Apr 27 00:09:34.720 [Warning] 2 connections died in state handshaking (TLS) with SSL state SSLv3 read finished A in HANDSHAKE<br />
  45. Apr 27 00:09:34.726 [Warning] Problem bootstrapping. Stuck at 50%: Loading relay descriptors. (Connection timed out [WSAETIMEDOUT ]; TIMEOUT; count 19; recommendation warn)<br />
  46. Apr 27 00:09:34.726 [Warning] 33 connections have failed:<br />
  47. Apr 27 00:09:34.726 [Warning] 15 connections died in state handshaking (proxy) with SSL state (No SSL object)<br />
  48. Apr 27 00:09:34.727 [Warning] 9 connections died in state connect()ing with SSL state (No SSL object)<br />
  49. Apr 27 00:09:34.727 [Warning] 4 connections died in state handshaking (TLS) with SSL state SSLv2/v3 read server hello A in HANDSHAKE<br />
  50. Apr 27 00:09:34.727 [Warning] 3 connections died in state handshaking (TLS) with SSL state SSLv3 read server session ticket A in HANDSHAKE<br />
  51. Apr 27 00:09:34.727 [Warning] 2 connections died in state handshaking (TLS) with SSL state SSLv3 read finished A in HANDSHAKE<br />

----------------------------------------------------------------------------------------

and filtering the DNS request as well

ping facebook.com
Pinging facebook.com [10.10.34.34] with 32 bytes of data:
Request timed out.

.

10.10.34.34 (Irans blocked page ip)

wiresharks showed that request to DNS send perfectly but in return if site is in black list the IP replace with 10.10.34.34 otherwise the request is intact!

none of the socks proxy is working, it just change the ip to proxy's ip but all the filter site is still filter (i think they can check and filter the packet from socks proxy)

AND freegate act unusual! about 5 hours couldn't find any server at all and later took more than 4-5 min to find server, but it seems working fine now!

i didn't know where to post this, so i did post here!
i will check the blog for update. if there is any information you need just ask in blog i will provide them.
thank you!