We currently have approximately 1,000 bridges, 600 of which support the obfs4 obfuscation protocol. Unfortunately, these numbers have been stagnant for a while. It’s not enough to have many bridges: eventually, all of them could find themselves in block lists. We therefore need a constant trickle of new bridges that aren’t blocked anywhere yet. This is where we need your help. By setting up an obfs4 bridge, you can help censored users connect to the open internet through Tor.
Based on this call we put a bridge relay into the net a week ago, and – if everything works out – we will add a second one. However, that was not enough for us. Mostly during the last few weekends, we’ve implemented a TorBox feature that allows anyone with a public IP address, 24/7 internet connectivity over a long time, and a bandwidth of at least 1 Mbps to configure their bridge relay at the touch of a button and put it on the net. Besides, we have added and improved some other details, so that we can now release the resulting image as TorBox v.0.2.5. Below are the corresponding links (typically, you need only the image file):
Changelog v.0.2.4-rpi4 (08.08.2019) —> v.0.2.5 (24.09.2019) New: This version introduces the support for setting up a bridge relay. Updated : The system is based on Raspbian “Buster” lite with Linux Kernel 4.19.66 and Tor version 0.4.1.5. New: A little message (“TOR is working“) in the right corner of the main menu shows you immediately if you are connected with the Tor network (meaning https://check.torproject.org returns a positive result). Since a missing response does not automatically mean that there is no connection to the Tor network, no error message is displayed. In other words, if this message is missing, there may or may not be a connection problem. New: We use the same method as mentioned above for the final message box after selecting (or changing) a connection (main menu entry 6-11). In case of success, the message starts with “CONGRATULATION !!” otherwise with “HMMM… THAT DOESN’T LOOK GOOD…“. In contrast to the positive message, negative feedback does not necessarily mean that an error has occurred. Since the check does not last more than 5 seconds, Tor may not have been ready yet; the check site may have been down, etc. New: Support for Adafruit’s PiTFT displays (PiTFT 3.5″ resistive touch 320×480, PiTFT 2.8“ capacitive touch 240×320, PiTFT 2.4″, 2.8″ or 3.2″ resistive 240×320, PiTFT 2.2″ no touch 240×320, Braincraft 1.54″ display 240×240). Note: TorBox’s menus and dialog boxes have only been adapted for the PiTFT 3.5 (320×480) or any other display, which displays in textual mode at least 25×80 characters. Improved: Menus and dialog boxes should now work more smoothly on 25×80 textual screens as well as on smartphone and tablet clients. For that reason, we added for some message boxes scroll texts, which are visible with the “scroll down” remark in the title of the message box. Improved: Revised version of the Tor reset functionality in the „Countermeasure & Troubleshooting“ menu. Improved: Cleaning up in the shell scripts (used more variables, combine certain parts into functions, etc.). Updated: Pre-configured Bridges (we also added our bridge relay) Fixed: While adding bridges, TorBox activates/deactivates the new bridges depending on the current bridge modus. Fixed: Some more non-critical bugs and typos in the text files.
The pre-v.0.2.6 release is expected at the end of the year.
If you look at the various forums about Tor, there is a lot of skepticism, misunderstandings, and questions, especially among newcomers, about how Tor works and the possibilities (or limitations) it offers. This is due in particular to the fact that many people are unfamiliar with how Tor works, and feel that it is far too complicated to understand. With an excellent video of Computerphile, Dr. Mike Pound shows that it doesn’t have to be complicated. Very simple and easy for beginners to understand, he shows how Tor works and mentions its limitations.
My first Tor Bridge Relay is properly working – see here.
With TorBox v.0.2.5 (coming soon) everyone with direct internet connection will be able to set up a Tor Bridge Relay — only with a view „clicks“.
Bridges are essential for people in authoritarian countries to reach the open internet. TorBox v.0.2.4 offers such client functionality already, but soon, users with a direct internet connection can help others by setting up their relay.
Due to the size of the Raspberry Pi and the necessary accessories, TorBox is very easy to use on the road. Below, we show you the recommended minimal accessories for portable use. Nevertheless, all the stuff still fits into a waterproof, compact plastic container. Below the images, you find further information about the items used with the corresponding links.
• • •
• • •
• • •
Although the Raspberry Pi takes up little space, the problem lies in the fact that the official power adapters to the Raspberry Pi are not very compact and therefore waste valuable space. There are smaller power adapters, such as the 12W USB Power Adapter by Apple shown in our example, but when directly connected to the Raspberry Pi, they can cause power problems. This also applies to power banks: the power supply is usually not sufficient for a long stable operation of the Raspberry Pi. The Raspberry Pi 3 Model B was still satisfied with 12W, but Model B+ and the Raspberry Pi 4 Model B require at least 15W (see here: Raspberry Pi 3 B+ Review and Performance Comparison and this Power Consumption Benchmarks). There is also another problem with the Raspberry Pi 4 Model B: because of a flaw in how the USB-C power input is behaving, currently, the Raspberry Pi 4 B does not work with most third-party power adapter and power banks. By contrast, the PiJuice HAT works reliably with almost all Raspberry Pi versions and models, and virtually any power adapter or power bank can be connected to it, so the somewhat weak standard battery doesn’t run out too quickly. With the PiJuice alone, TorBox can be operated for an estimated 1-2 hours, depending on the load.
12W USB Power Adapter by Apple (until now, we didn’t found a smaller powerfull power adapter; however, we will test out the SlimQ). If you have additional space, I recommend to take an official power adapters to the Raspberry Pi with you.
In contrast to the previous versions, the Raspberry Pi 4 Model B has a higher power consumption, which is why we also recommend the use of a Pimoroni’s chunky heatsink in combination with a Pibow Coupé 4 case (see photo above).
The TorBox pre-v.0.2.5 release is expected at the end of the year.
https-everywhere: Automatically makes websites use a more secure HTTPS connection instead of HTTP if they support it. With HTTPS, even the connection between the Tor exit node and the web server is encrypted. Tor Browser also uses this add-on. (USED BY TOR BROWSER; ESSENTIAL for SECURITY / ANONYMITY; available for Firefox, Firefox for Android, Chrome, and Opera).
Neat URL: Cleans URLs, removing parameters such as Google Analytics’ utm parameters. (ESSENTIAL for ANONYMITY; available for Firefox)
Skip Redirect: Some web pages use intermediary pages before redirecting to a final page. This add-on tries to extract the final url from the intermediary url and goes there straight away if successful. (ESSENTIAL for PRIVACY / USABILITY; available for Firefox)
Privacy Pass: Allow users to redeem validly signed tokens instead of completing captcha solutions. Clients receive 30 signed tokens for each captcha that is initially solved. Cloudflare currently supports Privacy Pass. (ESSENTIAL for USABILITY; available for Firefox and Chrome).
uMatrix: Point and click matrix to filter net requests according to its source, destination, and type (available Firefox, Chrome, and Opera).
Privacy Badger: A balanced approach to internet privacy between consumers and content providers by blocking advertisements and tracking cookies that do not respect the Do Not Track setting in a user’s web browser (available for Firefox, Chrome, and Opera).
FoxyProxy: FoxyProxy is an advanced proxy management tool (see also here; available for Firefox, Chrome, Safari, Opera, and others).
Bypass Paywalls: Let’s say you are a researcher and one of your sources is an article in the Washington Post. Would you subscribe, only for that one article? Yes, we thought so, too 😉 (available for Firefox and Chrome).
Do you have another very useful browser add-on? Let me know in the comment section below!
Changelog v.0.2.3 (09.02.2019) —> v.0.2.4 (25.05.2019) Updated: The system is based on Raspbian “Stretch” lite with Linux Kernel 4.19.2 and Tor version 0.3.5.8. New: Instead of the “advanced submenu”, we split old and new functionalities into two separate submenus: “countermeasures & troubleshooting” and “configuration & update”. New: We implemented in the “countermeasures & troubleshooting” submenu a user-friendly way to activate, configure, and change the OBFS4 bridge’s functionality. There are 15 pre-configured OBFS4 bridges in the configuration, which were fully functional at the time of the release. We hope to help with this approach beginners. We urgently need your feedback to develop this functionality further. New: Since TorBox v.0.2.3, nyx does a good job as a statistics tool (main menu entry 1). However, there are certain cases, when Tor hangs during bootstrap, that nyx doesn’t start either. Therefore we have added an alternative method in the submenu “countermeasures & troubleshooting” (entry 11) to quickly display the log file of Tor and update the display if necessary. New: TorBox is now providing a SOCKS v5 proxy functionality on port 9050 to its connected clients. If you use that capability, applications which support SOCKS v5 proxy connectivity and “DNS over proxy” (for example Firefox or the add-on FoxyProxy) can access directly .onion sites. For more information, see here. Improved: We again reduced the size of the image file, which is now about 865 Mbyte. Changed: All scripts are now executed by bash instead of sh. The change was needed to enable the handling with arrays. Fixed: Some minor bugs and cleaned up the code. Removed: The experimental section (for now).
The pre-v.0.2.5 release is expected at the end of the year.
Article 26 paragraph 2 of the Turkish constitution guarantees freedom of the press and expression. At the same time, it legitimizes a regulatory system for “publications by radio, television, cinema or similar means”. Finally, in paragraph 2, the above mentioned rights of freedom are again undermined by a large number of arbitrarily applicable exemptions. At the same time, a vague formulation about the protection of “the reputation or rights of others and their private or family life” opens the door to restrict freedom of the press and expression. Nevertheless, the government often uses the argument “support of a terrorist organization” as justification for any repression. Accordingly, many journalists find themselves behind bars: at the end of December 2018, there were 68 in jail – no other country (followed by China, Egypt, and Saudi Arabia) imprisoned so many journalists. On average, jailed Turkish journalists spend more than a year in detention awaiting trial, and after that, imposing long prison sentences is the norm. In some cases, even sentences of life without parole have been handed down (“Turkey: Massive Purge“, Reporters Without Borders, 2018).
While Turkey has never been a model for guaranteeing freedom and human rights, the situation has worsened in stages after 2006, 2013, and 2016. The EU has criticized Turkey from early on, and the relationship is often strained not the least because of apparent shortcomings in freedom and human rights. Despite an association agreement in 1963 and a customs union at the end of 1995, the EU renounced accession negotiations in 1997 (to the annoyance of Turkey in contrast to the Eastern European countries and Cyprus), which in the short term led to a break in talks between the EU and Turkey. Quasi for reconciliation, at the end of 1999, Turkey was categorized as an “applicant country” by the European Council. At the same time, the European Council stated that the fulfillment of the Copenhagen criteria would be a prerequisite for the opening of accession negotiations or entry to the EU. The Copenhagen criteria include “institutional stability, democratic and constitutional order, respect for human rights and respect for and protection of minorities”.
In fact, at the beginning of the 2000s, Turkey was trying to meet these criteria. For example, a comprehensive reform of Turkish civil law was undertaken, the death penalty was abolished even in times of war, torture was forbidden, the freedom of assembly and demonstration expanded, and the rights of the Kurds were strengthened. Ironically, today’s Turkish President Recep Tayyip Erdoğan and his Justice and Development Party (Adalet ve Kalkınma Partisi, AKP) were behind many of these reforms. Nevertheless, the new standards were often paper tigers, because, in practice, it proved lacking. For instance, in its report last year, Amnesty International stated that torture is still occurring among people in police custody and that public authorities do not effectively prevent it (“Turkey 2017/2018“, Amnesty International).
The limited successes of the reform efforts were short-lived. As early as 2006, an intensification of the anti-terrorist legislation led to an increase in journalist arrests. There were also restrictions on the use of the Internet. In May 2007, Law No. 5651 on the regulation and the fight against crime on the Internet came into force. This law was initially promoted to combat sexual exploitation and abuse of children, prostitution, and gambling, but over the years it has increasingly been used as a basis to block all kinds of content the government finds disagreeable. Based on this law, in addition to blocking websites, access to Facebook, Twitter, YouTube, Instagram, WhatsApp, and Skype is repeatedly temporarily blocked, the connection speed is throttled, or access to the Internet is completely blocked (Burcu Selin Yılmaz, Hümeyra Doğru, and Volkan Bahçeci, “What If You Cannot Access the Internet in the Surveillance Society? Individuals’ Perceptions Related to The Internet Censorship and Surveillance in Turkey“, Journal of Media Critiques, vol. 3, no. 11, 10 September 2017, p. 74f). This law has been used as the basis for completely blocking all content on Wikipedia since the end of April 2017. However, the Internet is not only partially blocked: since November 2011, there is also a nationwide filter system. Finally, for the first time, in September 2012, an Internet user was sentenced to one year in prison for insulting the Turkish President Abdullah Gül on Facebook. The increasing censorship of Internet content is also reflected in the evaluation by Freedom House: since 2009, this rating has steadily worsened and has been rated as “not free” since 2016.
A further sustained restriction of freedom of the press and expression – both in the classical sense as well as on social media – took place in 2013. This was due to several events, which, together with social media and conventional reporting had a negative impact on the then-Prime Minister Erdoğan, his political environment, and the AKP. Starting in 2012 and particularly in 2013, several hundred Turkish officers were jailed for past or suspected coups or attempted coups. Overlapping, the conflict with the Kurdistan Workers’ Party (PKK) flared up from October 2011 to March 2013 (and later again from 2015). However, the most influential were the demonstrations starting in late May 2013 in Istanbul against a planned construction project on the grounds of Gezi Park. These demonstrations increasingly became a nationwide, anti-government protest and culminated in December 2013 with the publication of massive allegations of corruption against the AKP government.
The press in Turkey can hardly be called free. Almost all media companies are owned by large holding companies that have connections to political parties. Around a dozen journalists, who had reported positively about the demonstrators during the protests in 2013, were fired. After facing massive amounts of pressure in their media companies in 2014, hundreds of journalists who had previously investigated corruption cases quit their jobs. Law No. 5651, which was strengthened by the AKP in February 2014, expanded state monitoring capabilities. Internet service providers (including Internet cafés and free Wi-Fi providers) were required to keep their users’ activity data up to two years instead of the original one year. This data had to be provided at the request of the authorities without requiring any judicial order (Bilge Yesil and Efe Kerem Sozeri, “Online Surveillance in Turkey: Legislation, Technology and Citizen Involvement“, Surveillance & Society, vol. 15, no. 3/4, 9 August 2017, p. 545). However, parts of the strengthening, such as the two-year retention period, were reversed in December 2016 by a Turkish Constitutional Court ruling.
Since December 2016, a large number of VPN providers and Tor entry nodes have been blocked. Public censorship can be bypassed with a reasonably stable connection if the Tor client uses OBFS4 bridges. However, this approach only works if web pages are blocked; there is no solution if the overall connection to the Internet is throttled or the connection is blocked entirely (Yılmaz, Doğru, and Bahçeci, p. 78f). Offiziere.ch is aware of a case in which a relatively reliable, permanent connection was made with 15 bridges. In TorBox version 0.2.3, the possibility to use bridges is experimentally implemented, but not yet in a user-friendly way (there is a well-documented configuration file for savvy users). A more user-friendly implementation will be provided with the pre-version 0.2.4 – planned for the middle of this year. Currently, the following VPN providers are available in Turkey: ExpressVPN, NordVPN, AstrillVPN, PrivateVPN, and CyberGhost. Like Tor with OBFS4, they also rely on obfuscated protocols. In any case, the VPN user is well advised to additionally use Tor over VPN so that the VPN provider can only recognize an encrypted, target-anonymized data stream.
Also, in mid-March 2018 ProtonMail was blocked. ProtonMail is an email provider located in Switzerland, which specializes in the free or cost-effective offering of user-friendly encrypted email communication. According to information from ProtonMail customer service the service was accessible again after a few days for users located in Turkey, but based on the information available to offiziere.ch there were at least repeated temporary restrictions. Particularly piquant is that the blocking was carried out by Vodafone Turkey, which is part of the British Vodafone Group. Once again there are companies in democratic states supporting censorship in authoritarian states.
TorBox has now its own GitHub page, which gives you an easy way to contribute to the TorBox project. Especially for that occasion, TorBox v.0.2.3 has been updated. Here are the links for the latest TorBox v.0.23 (usually, you need only the image-file):