On September 13th, the Iranian government began blocking The Onion Router (TOR), a system for evading network censorship. On September 14th, the TOR project changed its code so that it wasn't blocked anymore.
Yesterday morning (in our timezones — that evening, in Iran), Iran added a filter rule to their border routers that recognized Tor traffic and blocked it. Thanks to help from a variety of friends around the world, we quickly discovered how they were blocking it and released a new version of Tor that isn't blocked. Fortunately, the fix is on the relay side: that means once enough relays and bridges upgrade, the many tens of thousands of Tor users in Iran will resume being able to reach the Tor network, without needing to change their software.
How did the filter work technically? Tor tries to make its traffic look like a web browser talking to an https web server, but if you look carefully enough you can tell some differences. In this case, the characteristic of Tor's SSL handshake they looked at was the expiry time for our SSL session certificates: we rotate the session certificates every two hours, whereas normal SSL certificates you get from a certificate authority typically last a year or more. The fix was to simply write a larger expiration time on the certificates, so our certs have more plausible expiry times.
That massive data breach that hit hotel group Marriott? Now there are clues the hackers behind it were working for a Chinese government intelligence gathering operation.
Tumblr will ban ‘female-presenting nipples’ and other content beginning December 17, 2018. Photographer and writer Nate ‘Igor’ Smith is a longtime Tumblr user whose work straddles the boundaries of art, editorial, and adult. Here, Nate explains why Tumblr’s decision to censor is devastating for the Tumblr’s longtime users, and the rest of us. — XJ […]
How bad is the Marriott/Starwood breach disclosed today? “Unauthorized access to the Starwood network since 2014 … For approximately 327M of these guests, the info includes some combination of name, mailing address, phone number, email address, passport number.” Marriott says information from as many as 500 million people has been compromised, and credit card numbers […]
Take a scroll through any app marketplace and you’ll see that the doors are wide open for any game these days – and any game developer. Like any creation, virtual or analog, it all starts with an idea. And if you’ve got one of those, the Complete Unity Game Developer Bundle can walk you the […]
At the rate the world is shrinking, you don’t need to be a globetrotter for a second language to be a useful skill. And if you’re looking to learn that second language (or a third, or fourth), uTalk Language Education is the learning program that makes progression not only easy but fun. If you can’t […]
Smokers on the go can breathe a little easier. With an innovative, easy-loading spiral design, the Twisty Glass Blunt offered a smoother, more consistent draw than conventional pipes. Now the Twisty Glass Mini delivers the benefits of its heavy-duty sister pipe in a more discreet package. For those that haven’t already made the Twisty Glass […]