[Hackmeeting] Tor2web 3.1.41 release with GetTor & CheckTor

Delete this message

Reply to this message
Author: Giovanni Pellerano
Date:  
To: hackmeeting
Subject: [Hackmeeting] Tor2web 3.1.41 release with GetTor & CheckTor
Dear all,

We’re happy to announce the release of Tor2web 3.1.41 [1].

This release includes the following important features:
- Tor2web GetTor: that provides end-user a super-easy-automatic way to
download Tor Browser
- Tor2web CheckTor: that enables third party sites to check if a user is
behind Tor
- Improved URL rewriting for JS, CSS, and XML files
- Improved packaging and signing

Most of the improvals are thanks to a private donation by Virgil
Griffith in relation to the Onion.city project [2].

### Tor2web GetTor
Tor2web GetTor [3] is designed to enable third party to design and
develop their own Tor Browser installation instruction, by simplifying
and localizing that process.

It serves the latests stable Tor Browser for Windows and Mac OS X
directly from any Tor2web public or private server on the following URL:
* /gettor : gives you the latests TBB for your OS/Language
* /gettor/signature : gives you the signature file for the latests TBB
for your OS/Language

It automatically detects the operating system (Windows, Mac OS X) and
language, by serving the right TBB installation file.
For iOS and Android does redirect to the Apple Store and Google Play.
Documentation of Tor2web GetTor is at
https://github.com/globaleaks/Tor2web/wiki/GetTor .
The corresponding ticket for development is at
https://github.com/globaleaks/Tor2web/issues/168

Tor2web GetTor feature comes from a functional requirement for a
GlobaLeaks deployment for Amnesty International.
The feature is the result of a collaborative effort between Hermes
Center (Giovanni/Fabio) and Ilv (https://github.com/ilv/gettor) working
on the Tor Project’s GetTor
(https://www.torproject.org/projects/gettor.html).

### Tor2web CheckTor
Tor2web CheckTor [4] enables a third party website, to verify if a user
is connecting over Tor or not, in a flexible way with the regards to the
different usage/integration requirements.

It serves an HTTP Header X-Check-Tor (true/false) on each Tor2web
response, additionally providing a /checktor embeddable URI (CORS
enabled) that provide a data format compatible with
https://check.torproject.org/api/ip .

CheckTor.js and CheckTor.html examples have been written in order to
simplify user adoption and integration inside third party websites:
https://github.com/globaleaks/Tor2web/blob/master/contrib/checktor

Documentation of Tor2web CheckTor is at
https://github.com/globaleaks/Tor2web/wiki/CheckTor .

Tor2web CheckTor comes from a functional requirement for a GlobaLeaks
deployment for OCCRP (Organized Crime and Corruption Reporting Project),
where we designed a new "Integrated way" to deploy Whistleblowing site
(https://github.com/globaleaks/GlobaLeaks/wiki/Integration-Guide).


We invite the Tor community to contribute, evaluate, constructively
criticize those additional facilities we’ve integrated into Tor2web.

If you want to run a Tor2web conduit or otherwise support Tor2web:
- take a look at our wiki https://github.com/globaleaks/Tor2web/wiki
- join the tor2web-talk mailing list
http://lists.tor2web.org/mailman/listinfo/tor2web-talk

[1] https://github.com/globaleaks/Tor2web
[2] http://www.onion.city
[3] https://github.com/globaleaks/Tor2web/wiki/GetTor
[4] https://github.com/globaleaks/Tor2web/wiki/CheckTor

Giovanni Pellerano - Founding Member
HERMES - Center for Transparency and Digital Human Rights
http://logioshermes.org - https://globaleaks.org - https://tor2web.org -
https://ahmia.fi