ProHoster > Blog > internet news > Release of new stable branch Tor 0.4.2

Release of new stable branch Tor 0.4.2

Submitted by release of tools Gate 0.4.2.5, used to organize the work of the anonymous Tor network. Tor 0.4.2.5 is recognized as the first stable release of the 0.4.2 branch, which has been in development for the past four months. At the same time, updates were proposed for the old branches 0.4.1.7, 0.4.0.6 and 0.3.5.9. The 0.4.2 branch will be maintained as part of the regular maintenance cycle - updates will be discontinued after 9 months or 3 months after the release of the 0.4.3.x branch. Long Cycle Support (LTS) is provided for the 0.3.5 branch, which will receive updates until February 1, 2022. Support for the 0.4.0.x and 0.2.9.x branches will end early next year.

Main innovations:

  • Enabled on directory servers blocking connecting nodes that use outdated releases of Tor, which are no longer supported (all nodes that do not use the current branches 0.2.9, 0.3.5, 0.4.0, 0.4.1 and 0.4.2 will be blocked). Blocking will allow, as support for the next branches is terminated, to automatically exclude nodes from the network that have not switched to the current software in time.

    The presence of nodes with outdated software on the network negatively affects stability and creates additional security risks. If the administrator does not keep Tor up to date, it is likely that he is negligent in updating the system and other server applications, which increases the risk of taking control of the node as a result of targeted attacks. Having nodes with releases that are no longer supported also prevents important bugs from being fixed, prevents the spread of new protocol features, and reduces network efficiency. Operators of legacy systems were notified of the planned blocking back in September.

  • For hidden services are provided means for protection against DoS attacks. Connection selection points (intro points) can now limit the intensity of requests from the client using parameters sent by the hidden service in the ESTABLISH_INTRO cell. If the new extension is not used by the hidden service, then the connection selection point will be guided by the consensus parameters.
  • At connection selection points, it is forbidden to connect direct forwarding clients (single-hop), which were used to operate the Tor2web service, the support of which was discontinued a long time ago. Blocking will reduce the load on the network from spammer clients.
  • For hidden services, a generic token bucket is implemented, using a single counter that can be used to combat DoS attacks.
  • The "BEST" mode in the ADD_ONION command now uses ED25519-V3 (v3) services by default instead of RSA1024 (v2).
  • Added the ability to share configuration data across multiple objects to the configuration code.
  • Significant code cleaning has been done.

Source: opennet.ru

Add a comment