OStatic

Tor: Anonymous, and Now Apparently Bug-Free

By way of Heise Online comes word that Tor, the internet anonymization system, has hit a milestone of nearly mythical proportions -- there are currently no known bugs in the Tor code.

Tor began scanning its development releases in September using Coverity, a bug detection application developed by Stanford University in collaboration with the US Department of Homeland Security. In September, Coverity revealed 171 issues in Tor's code base, ranging from "annoying yet not critical" sloppiness to bugs capable of causing crashes that would prove challenging to debug. By December, Tor had lowered this number to 15, and last week, Coverity testing revealed that the project had successfully eliminated the last known issues.

Coverity, as the Tor blog states, is a "serious company with a serious 'enterprise' pricing structure," but it offers its services free of charge to qualifying open source projects. Founded in 2006, Coverity focused on Linux, Apache, BIND DNS server code and Firefox in its first scans. The list of projects included at this point is  diverse in purpose and platform.

It is no small feat to eradicate critical bugs without inadvertently starting a few little fires in the newly fixed code, and the fact that Tor has done this so quickly and efficiently speaks volumes about the dedication of the people involved in the project. Analysis tools such as Coverity undoubtedly help ease the discovery process, but it's the interest and drive of the wider community that yields real results.

• open source
• linux
• Coverity
• TOR
• internet
• networking
• anonymous

by Don Weathers on Jun. 29, 2009

Tor is great but the speed really sucks! It can take almost a minute to load a page and some sites just break down when you use Tor. I try using it only in "special" cases ;-)

0 Votes

Share Your Comments