Monday, December 18, 2017

免费获取一年 Avira Phantom VPN 支持Windows、macOS、iOS、Android系统

Avira Phantom VPN是小红伞公司开发的VPN应用, 你可以安全地进行网络浏览,所有的数据都会经过 Avira 的服务器进行加密。多地区服务器加速,让你体验优化后的网络,支持多种系统,在不同设备上也可以愉快地上网冲浪了。

获取地址:http://ift.tt/2oD9CXh


输入邮箱获取,点击邮箱收到的链接注册账号即可下载应用安装使用

(注意,由于Avira Phantom VPN服务域名被dns污染,可以设置电脑或手机wifi里的dns地址为202.141.178.13、202.141.162.123解决,

由于Avira Phantom VPN服务有部分地区ip被封锁,可以多试几个国家的服务器连接)



via iGFW http://ift.tt/2yULoYh

Wednesday, December 13, 2017

VPNSecure——终身VPN只需24美元

StackSocial是一家知名的折扣网站,目前其网站做促销,VPNSecure 终身订阅原价39.99美元,使用优惠码后只需要24美元。

注册地址:http://ift.tt/2AtVcOx

注册后打开http://ift.tt/2Cev4o4 Code?点击这个按钮输入优惠码GREEN40价格会变成24美元。

 

VPNSecure:http://ift.tt/OiXaEW

VPNSecure是国外一家知名的vpn网站,本站在六七年前就介绍过,有台湾、韩国、日本、香港、新加坡、越南、美国、英国等地的VPN服务器可用,

支持PPTP、L2TP、OpenVPN、SSH、HTTP Proxy & Smart DNS等连接方式。



via iGFW http://ift.tt/2Ca5ekZ

Windows 10 加入 OpenSSH 客户端

微软早在 2015 年就宣布 Windows 将原生支持 SSH。SSH 是 Linux 上流行的远程访问和管理工具,Windows 此前没有相比拟的类似简单工具。现在 OpenSSH 客户端终于引入到 Windows 10 中。OpenSSH 客户端和服务器都是 Beta 版本,用户首先需要在“管理可选功能”里选择“加入一项功能”,然后向下滚动列表到 “OpenSSH Client (Beta) 和 OpenSSH Server (Beta) ”。安装之后,你就可以在命令行里输入 SSH 来使用 OpenSSH 客户端。

来源:http://ift.tt/2AQhU0f



via iGFW http://ift.tt/2Cfa0h2

Monday, December 11, 2017

Ivacy VPN——终身VPN只需18美元

StackSocial网站做促销,Ivacy VPN 终身订阅原价29美元,使用优惠码后只需要18美元。

注册地址:http://ift.tt/2AtVcOx

注册后打开http://ift.tt/2ygOUM1

Ivacy VPN官网:https://www.ivacy.com/

Ivacy VPN是国外一家知名的vpn网站,有香港、台湾、日本、韩国、新加坡、马来西亚、美国、英国等地的VPN服务器可用,

支持PPTP、L2TP、OpenVPN、SSTP、IKEv2等VPN连接方式。

StackSocial是一家知名的折扣网站,据悉购买后StackSocial提供的是5年的Ivacy VPN订阅,5年后再找StackSocial要5年订阅依次循环。

 

 



via iGFW http://ift.tt/2ygw6N1

Tuesday, December 5, 2017

Sunday, December 3, 2017

Shadowsocks安卓版客户端(v4.3.0)

  1. Retire the NAT mode.
  2. Add transparent proxy mode. (Firewall rules should be set manually)
  3. Add local SOCKS5 proxy mode. (Typically work with Orbot and similar app as a front-end proxy)
  4. Minor changes to the user interface.

Downloads

原文:http://ift.tt/2AmuPXz




via 细节的力量 http://ift.tt/2ATRaik

Tor Browser 7.5a8 is released

Tor Browser 7.5a8 is now available from the Tor Browser Project page and also from our distribution directory.

This release features important security updates to Firefox.

This release updates Firefox to version 52.5.0esr and Tor to version version 0.3.2.4-alpha. The HTTPS Everywhere and NoScript extensions we ship have also been updated.

This release also includes a new Tor Launcher with an improved progress bar and configuration UI.

On Windows, users with a 64bit CPU can now download a 64bit version of Tor Browser. Users of the 32bit version won’t automatically be updated to the 64bit version yet, so a manual installation needs to be done. Due to bug 24197 the sandbox is not yet enabled in the 64bit version. We plan to fix that in the next release.

The full changelog since Tor Browser 7.5a7 (7.5a6 for Windows) is:

  • All Platforms
    • Update Firefox to 52.5.0esr
    • Update Tor to 0.3.2.4-alpha
    • Update Torbutton to 1.9.8.3
      • Bug 23997: Add link to Tor Browser manual for de, nl, tr, vi
      • Bug 23949: Fix donation banner display
      • Update locales with translated banner
      • Translations update
    • Update Tor Launcher to 0.2.14.1
      • Bug 23262: Implement integrated progress bar
      • Bug 23261: implement configuration portion of new Tor Launcher UI
      • Translations update
    • Update HTTPS-Everywhere to 2017.10.30
    • Update NoScript to 5.1.5
      • Bug 23968: NoScript icon jumps to the right after update
    • Update sandboxed-tor-browser to 0.0.15
  • Windows
    • Bug 20636+10026: Create 64bit Tor Browser for Windows
    • Bug 24052: Block file:// redirects early

原文:http://ift.tt/2zGNKyb




via 细节的力量 http://ift.tt/2zKw817

New stable Tor releases, with security fixes: 0.3.1.9, 0.3.0.13, 0.2.9.14, 0.2.8.17, 0.2.5.16

There are new stable releases today, fixing the following security issues.  For more information about the issues, follow the links from from http://ift.tt/2diuhJZ

TROVE-2017-009: Replay-cache ineffective for v2 onion services
TROVE-2017-010: Remote DoS attack against directory authorities
TROVE-2017-011: An attacker can make Tor ask for a password
TROVE-2017-012: Relays can pick themselves in a circuit path
TROVE-2017-013: Use-after-free in onion service v2

You can download the source for 0.3.1.9 from the usual place on the website. For the older release series, see http://ift.tt/10uSJfY. Binary packages should be available soon. All users should update to one of these releases, or to 0.3.2.6-alpha, also released today.

Below is the changelog for 0.3.1.9.  For the other releases, see the tor-announceme email.

Tor 0.3.1.9 backports important security and stability fixes from the 0.3.2 development series. All Tor users should upgrade to this release, or to another of the releases coming out today.

Changes In Version 0.3.1.9 – 2017-12-01:

  • Major bugfixes (security, backport from 0.3.2.6-alpha):
    • Fix a denial of service bug where an attacker could use a malformed directory object to cause a Tor instance to pause while OpenSSL would try to read a passphrase from the terminal. (Tor instances run without a terminal, which is the case for most Tor packages, are not impacted.) Fixes bug 24246; bugfix on every version of Tor. Also tracked as TROVE-2017-011 and CVE-2017-8821. Found by OSS-Fuzz as testcase 6360145429790720.
    • Fix a denial of service issue where an attacker could crash a directory authority using a malformed router descriptor. Fixes bug 24245; bugfix on 0.2.9.4-alpha. Also tracked as TROVE-2017-010 and CVE-2017-8820.
    • When checking for replays in the INTRODUCE1 cell data for a (legacy) onion service, correctly detect replays in the RSA- encrypted part of the cell. We were previously checking for replays on the entire cell, but those can be circumvented due to the malleability of Tor’s legacy hybrid encryption. This fix helps prevent a traffic confirmation attack. Fixes bug 24244; bugfix on 0.2.4.1-alpha. This issue is also tracked as TROVE-2017-009 and CVE-2017-8819.
  • Major bugfixes (security, onion service v2, backport from 0.3.2.6-alpha):
    • Fix a use-after-free error that could crash v2 Tor onion services when they failed to open circuits while expiring introduction points. Fixes bug 24313; bugfix on 0.2.7.2-alpha. This issue is also tracked as TROVE-2017-013 and CVE-2017-8823.
  • Major bugfixes (security, relay, backport from 0.3.2.6-alpha):
    • When running as a relay, make sure that we never build a path through ourselves, even in the case where we have somehow lost the version of our descriptor appearing in the consensus. Fixes part of bug 21534; bugfix on 0.2.0.1-alpha. This issue is also tracked as TROVE-2017-012 and CVE-2017-8822.
    • When running as a relay, make sure that we never choose ourselves as a guard. Fixes part of bug 21534; bugfix on 0.3.0.1-alpha. This issue is also tracked as TROVE-2017-012 and CVE-2017-8822.
  • Major bugfixes (exit relays, DNS, backport from 0.3.2.4-alpha):
    • Fix an issue causing DNS to fail on high-bandwidth exit nodes, making them nearly unusable. Fixes bugs 21394 and 18580; bugfix on 0.1.2.2-alpha, which introduced eventdns. Thanks to Dhalgren for identifying and finding a workaround to this bug and to Moritz, Arthur Edelstein, and Roger for helping to track it down and analyze it.
  • Minor features (bridge):
    • Bridges now include notice in their descriptors that they are bridges, and notice of their distribution status, based on their publication settings. Implements ticket 18329. For more fine- grained control of how a bridge is distributed, upgrade to 0.3.2.x or later.
  • Minor features (directory authority, backport from 0.3.2.6-alpha):
    • Add an IPv6 address for the “bastet” directory authority. Closes ticket 24394.
  • Minor features (geoip):
    • Update geoip and geoip6 to the November 6 2017 Maxmind GeoLite2 Country database.
  • Minor bugfix (relay address resolution, backport from 0.3.2.1-alpha):
    • Avoid unnecessary calls to directory_fetches_from_authorities() on relays, to prevent spurious address resolutions and descriptor rebuilds. This is a mitigation for bug 21789. Fixes bug 23470; bugfix on in 0.2.8.1-alpha.
  • Minor bugfixes (compilation, backport from 0.3.2.1-alpha):
    • Fix unused variable warnings in donna’s Curve25519 SSE2 code. Fixes bug 22895; bugfix on 0.2.7.2-alpha.
  • Minor bugfixes (logging, relay shutdown, annoyance, backport from 0.3.2.2-alpha):
    • When a circuit is marked for close, do not attempt to package any cells for channels on that circuit. Previously, we would detect this condition lower in the call stack, when we noticed that the circuit had no attached channel, and log an annoying message. Fixes bug 8185; bugfix on 0.2.5.4-alpha.
  • Minor bugfixes (onion service, backport from 0.3.2.5-alpha):
    • Rename the consensus parameter “hsdir-interval” to “hsdir_interval” so it matches dir-spec.txt. Fixes bug 24262; bugfix on 0.3.1.1-alpha.
  • Minor bugfixes (relay, crash, backport from 0.3.2.4-alpha):
    • Avoid a crash when transitioning from client mode to bridge mode. Previously, we would launch the worker threads whenever our “public server” mode changed, but not when our “server” mode changed. Fixes bug 23693; bugfix on 0.2.6.3-alpha.

原文:http://ift.tt/2AM3jps




via 细节的力量 http://ift.tt/2npx1e9

Tor 0.3.2.6-alpha is released, with security updates

This version of Tor is the latest in the 0.3.2 alpha series. It includes fixes for several important security issues. All Tor users should upgrade to this release, or to one of the other releases coming out today. (The next announcement will be about the stable releases.)

You can download the source from the usual place on the website. Binary packages should be available soon.

These releases fix the following security bugs. For more information
on each one, see the links from
http://ift.tt/2diuhJZ

TROVE-2017-009: Replay-cache ineffective for v2 onion services
TROVE-2017-010: Remote DoS attack against directory authorities
TROVE-2017-011: An attacker can make Tor ask for a password
TROVE-2017-012: Relays can pick themselves in a circuit path
TROVE-2017-013: Use-after-free in onion service v2

Changes In Version 0.3.2.6-Alpha – 2017-12-01

  • Major bugfixes (security):
    • Fix a denial of service bug where an attacker could use a malformed directory object to cause a Tor instance to pause while OpenSSL would try to read a passphrase from the terminal. (Tor instances run without a terminal, which is the case for most Tor packages, are not impacted.) Fixes bug 24246; bugfix on every version of Tor. Also tracked as TROVE-2017-011 and CVE-2017-8821. Found by OSS-Fuzz as testcase 6360145429790720.
    • Fix a denial of service issue where an attacker could crash a directory authority using a malformed router descriptor. Fixes bug 24245; bugfix on 0.2.9.4-alpha. Also tracked as TROVE-2017-010 and CVE-2017-8820.
    • When checking for replays in the INTRODUCE1 cell data for a (legacy) onion service, correctly detect replays in the RSA- encrypted part of the cell. We were previously checking for replays on the entire cell, but those can be circumvented due to the malleability of Tor’s legacy hybrid encryption. This fix helps prevent a traffic confirmation attack. Fixes bug 24244; bugfix on 0.2.4.1-alpha. This issue is also tracked as TROVE-2017-009 and CVE-2017-8819.
  • Major bugfixes (security, onion service v2):
    • Fix a use-after-free error that could crash v2 Tor onion services when they failed to open circuits while expiring introduction points. Fixes bug 24313; bugfix on 0.2.7.2-alpha. This issue is also tracked as TROVE-2017-013 and CVE-2017-8823.
  • Major bugfixes (security, relay):
    • When running as a relay, make sure that we never build a path through ourselves, even in the case where we have somehow lost the version of our descriptor appearing in the consensus. Fixes part of bug 21534; bugfix on 0.2.0.1-alpha. This issue is also tracked as TROVE-2017-012 and CVE-2017-8822.
    • When running as a relay, make sure that we never choose ourselves as a guard. Fixes part of bug 21534; bugfix on 0.3.0.1-alpha. This issue is also tracked as TROVE-2017-012 and CVE-2017-8822.
  • Minor feature (relay statistics):
    • Change relay bandwidth reporting stats interval from 4 hours to 24 hours in order to reduce the efficiency of guard discovery attacks. Fixes ticket 23856.
  • Minor features (directory authority):
    • Add an IPv6 address for the “bastet” directory authority. Closes ticket 24394.
  • Minor bugfixes (client):
    • By default, do not enable storage of client-side DNS values. These values were unused by default previously, but they should not have been cached at all. Fixes bug 24050; bugfix on 0.2.6.3-alpha.

原文:http://ift.tt/2zSZSND




via 细节的力量 http://ift.tt/2zNlfMh