On Wed, Apr 9, 2014 at 3:49 AM, Kostas Jakeliunas wrote:
> Making a separate thread so as not to pollute the challenger[1] one.
>
> Roger: you wanted to know (times are UTC if anyone cares),
>
>
[22:08:35] [...] we now have a list of 1000 fingerprints, and we could
>> pretend those are in the chal
On 08/04/14 17:01, Moritz Bartl wrote:
> On 04/08/2014 04:58 PM, ecart...@riseup.net wrote:
>> Greetings all. I follwed the above instructions on my relay. Upon
>> restarting Tor I have lost all of my flags and I have a new fingerprint.
>> Previously I had the Fast, Guard, Named, Running, Stable
On Tue, Apr 08, 2014 at 07:31:43PM -0600, Jesse Victors wrote:
> I'd recommend that every relay operator delete their keys as well,
Not every. Those on OpenSSL 0.9.8, e.g. because they're using Debian
oldstable, were never vulnerable to this bug. I imagine there are some
FreeBSD or the like people
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
I've updated OpenSSL, deleted the keys on my exit per the
recommendations, and restarted the whole box. I got a new fingerprint.
I'll watch to see how long the flags take to come back, but I predict it
will be like a new relay. I wonder how this cha
On Wed, Apr 9, 2014 at 4:18 AM, Kostas Jakeliunas wrote:
> On Wed, Apr 9, 2014 at 4:06 AM, Lukas Erlacher wrote:
>
>> Hi Kostas,
>>
>> right now, we're coding challenger against what exists in debian wheezy,
>> which means version 0.1.2 of the requests lib using the python-requests
>> package you
On Wed, Apr 9, 2014 at 4:06 AM, Lukas Erlacher wrote:
> Hi Kostas,
>
> right now, we're coding challenger against what exists in debian wheezy,
> which means version 0.1.2 of the requests lib using the python-requests
> package you mentioned, where response.json is correct, and not
> response.jso
Hi Kostas,
right now, we're coding challenger against what exists in debian wheezy, which
means version 0.1.2 of the requests lib using the python-requests package you
mentioned, where response.json is correct, and not response.json() to get json
content from the response.
I'd recommend that i
Making a separate thread so as not to pollute the challenger[1] one.
Roger: you wanted to know (times are UTC if anyone cares),
[22:08:35] [...] we now have a list of 1000 fingerprints, and we could
> pretend those are in the challenge and use our graphing/etc plans on them
> [22:08:45] they happ
Based on my experience today, I'd say this is
an excellent idea for any Tor relay operator.
Have been running 'tor' on the router since
late November with AddressSanitizer and
it has crashed exactly ONE time: Today
when someone attempted to apply the
OpenSSL "Heartbleed" attack against
the relay.
On Tue, Apr 8, 2014 at 12:59 PM, Karsten Loesing wrote:
> On 05/04/14 17:46, Lukas Erlacher wrote:
> > Hello Nikita, Karsten,
> >
> > On 04/05/2014 05:03 PM, Nikita Borisov wrote:
> >> On Sat, Apr 5, 2014 at 3:58 PM, Karsten Loesing
> >> wrote:
> >>> Installing packages using Python-specific pack
On Tue, Apr 8, 2014 at 4:04 PM, Roger Dingledine wrote:
> Actually, I'd like us to take this opportunity to throw out the Named
> and Unnamed flags entirely.
> I think we've done pretty well at teaching
> users to use $fingerprints rather than nicknames in the few cases where
> they actually want
On Tue, Apr 08, 2014 at 06:30:28PM -0400, starlight.201...@binnacle.cx wrote:
> Have been running Tor relay with
> AddressSanitizer and it crashed this
> morning.
People on #tor are helping us enumerate vulnerable relays, so while this
plausibly is an instance of "somebody testing for the vulnerab
Have been running Tor relay with
AddressSanitizer and it crashed this
morning. I thought it was related to
the system being close to running out of
free memory until I read about the new
OpenSSL vulnerability.
Anyone running a Tor relay with OpenSSL
1.0.1 should update the library or
rebuild agai
On Tue, Apr 8, 2014 at 4:34 PM, Roger Dingledine wrote:
> On Tue, Apr 08, 2014 at 04:35:39PM +0100, mick wrote:
>> Moritz Bartl allegedly wrote:
>> > Yes. You made it generate new keys, so it is a "new relay" as far as
>> > Tor is concerned. This is why not everybody should generate new keys
>> >
On Tue, Apr 08, 2014 at 04:35:39PM +0100, mick wrote:
> Moritz Bartl allegedly wrote:
> > Yes. You made it generate new keys, so it is a "new relay" as far as
> > Tor is concerned. This is why not everybody should generate new keys
> > immediately, especially larger relays. But don't worry too muc
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Hy community :(
It seems, that we are seriously f# since 14 MAR 2012 with the release of
the openssl 1.0.1 branch until yesterday!!!
Affected services which used these libraries are enormous. ftps, https, imaps,
smtp over ssl, xmpp, and so on
On Tue, Apr 08, 2014 at 07:00:53PM +0200, Andreas Krey wrote:
> On Tue, 08 Apr 2014 17:01:18 +, Moritz Bartl wrote:
> ...
> > immediately, especially larger relays. But don't worry too much, you'll
> > get your flags back eventually. :)
>
> But my name only very eventually?
Correct.
Actually
Yup - looks like I just missed it before, updated - now to clear keys and
reboot.
Thanks,
Chris
On 8 April 2014 20:48, Alexander Dietrich wrote:
> I just got 1.0.1e-2+rvt+deb7u5, try again?
>
> Best regards,
>
> Alexander
>
> ---
> PGP Key: 0xC55A356B | https://dietrich.cx/pgp
>
> On 2014-0
I just got 1.0.1e-2+rvt+deb7u5, try again?
Best regards,
Alexander
---
PGP Key: 0xC55A356B | https://dietrich.cx/pgp
On 2014-04-08 21:27, Chris Whittleston wrote:
> I run a relay on a Raspberry Pi and have just gone through and updated
> (apt-get update, apt-get upgrade') but it seems
I run a relay on a Raspberry Pi and have just gone through and updated
(apt-get update, apt-get upgrade') but it seems like the latest version
available is still compromised?
openssl (1.0.1e-2+rvt+deb7u4)
If so - recommendations as to where I might be able to find an updated
version for the pi wo
On 2014-04-08 09:20:28 (-0700), ecart...@riseup.net wrote:
>
> Update: I now have Running, Unnamed, V2Dir and Valid flags after 90
> minutes of uptime. So I guess all is well.
So do I. I guess Named will be the toughest of them all :).
--
David Serrano
GnuPG id: 280A01F9
signature.asc
Des
Hey Guido.
Am 08.04.2014 20:07, schrieb Guido Witmond:
According to the debian security announcement it has been fixed at
*u5*.
Where did you get *u6*? A QUANTUM INSERT? Or a typo?
Debian released another update that - unlike the previous version - also
prompts you to restart affected servic
On 04/08/14 20:19, Roman Mamedov wrote:
> On Tue, 08 Apr 2014 19:54:21 +0200
> elrippo wrote:
>
>> Hy there.
>>
>> My Debian Wheezy box is using 1.0.1e-2+deb7u6 after the upgrade
>>
>> I think this should be good :)
>
> Thanks for the heads-up, turns out it was updated twice in a day.
>
> I gu
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Hy Guido.
I tend to use openssl-dev, so I suppose that is on behalf of the dev extension
:D
greetings,
elrippo
On 08. April 2014 20:07:58 MESZ, Guido Witmond wrote:
>On 04/08/14 19:54, elrippo wrote:
>> Hy there.
>>
>> My Debian Wheezy box is us
On Tue, 08 Apr 2014 19:54:21 +0200
elrippo wrote:
> Hy there.
>
> My Debian Wheezy box is using 1.0.1e-2+deb7u6 after the upgrade
>
> I think this should be good :)
Thanks for the heads-up, turns out it was updated twice in a day.
I guess the 6th version is not as important if you remembered
On 04/08/14 19:54, elrippo wrote:
> Hy there.
>
> My Debian Wheezy box is using 1.0.1e-2+deb7u6 after the upgrade
>
> I think this should be good :)
According to the debian security announcement it has been fixed at *u5*.
Where did you get *u6*? A QUANTUM INSERT? Or a typo?
http://www.debian
Indeed, you should check you /var/lib/tor/keys directory to be empty before
restarting your service again.
ATTENTION!!!
On a Debian box, i got the "warning" to restart the openssh and openvpn
server, to be sure that these services use the new libssl binaries.
It is recommended to not only resta
Hy there.
My Debian Wheezy box is using 1.0.1e-2+deb7u6 after the upgrade
I think this should be good :)
Am Dienstag, 8. April 2014, 17:09:07 schrieb Felix:
> Thanks for posting the blog in here
>
> > Relays and bridges: Tor relays and bridges could maybe be made to
> >
> > leak their med
On Tue, 08 Apr 2014 19:04:08 +0200
Lukas Erlacher allegedly wrote:
> On Debian or Ubuntu:
>
> service tor stop && rm /var/lib/tor/keys/* && apt-get update &&
> apt-get -y upgrade
>
You might want to restart tor after that.
-
On Tue, 08 Apr 2014 17:01:18 +, Moritz Bartl wrote:
...
> immediately, especially larger relays. But don't worry too much, you'll
> get your flags back eventually. :)
But my name only very eventually?
Andreas
--
"Totally trivial. Famous last words."
From: Linus Torvalds
Date: Fri, 22 Jan 2
On Debian or Ubuntu:
service tor stop && rm /var/lib/tor/keys/* && apt-get update && apt-get -y
upgrade
Cheers
Luke
On 04/08/2014 05:55 PM, Dennis Crawford wrote:
> Where is the instructions for this?
>
> Thanks!
> Dennis
>
> -Original Message-
> From: tor-relays [mailto:tor-relays-bou
Update: I now have Running, Unnamed, V2Dir and Valid flags after 90
minutes of uptime. So I guess all is well.
Disregard my second question I see you already addressed it, thanks.
> Thanks Moritz. But shouldn't I at least be Fast Running Valid? I thought
> that when I first set up the relay I
Thanks Moritz. But shouldn't I at least be Fast Running Valid? I thought
that when I first set up the relay I received those flags almost
immediately, but I've been running for over an hour and I still have no
flags at all.
Also, if all relays lose their flags won't we be left with an inoperable
Where is the instructions for this?
Thanks!
Dennis
-Original Message-
From: tor-relays [mailto:tor-relays-boun...@lists.torproject.org] On Behalf
Of mick
Sent: Tuesday, April 8, 2014 11:36 AM
To: tor-relays@lists.torproject.org
Subject: Re: [tor-relays] Relays vulnerable to OpenSSL bug: P
On Tue, Apr 8, 2014 at 11:01 AM, Moritz Bartl wrote:
> On 04/08/2014 04:58 PM, ecart...@riseup.net wrote:
>> Greetings all. I follwed the above instructions on my relay. Upon
>> restarting Tor I have lost all of my flags and I have a new fingerprint.
>> Previously I had the Fast, Guard, Named, R
On Tue, 08 Apr 2014 17:01:18 +0200
Moritz Bartl allegedly wrote:
> On 04/08/2014 04:58 PM, ecart...@riseup.net wrote:
> > Greetings all. I follwed the above instructions on my relay. Upon
> > restarting Tor I have lost all of my flags and I have a new
> > fingerprint. Previously I had the Fast,
Thanks for posting the blog in here
>
> Relays and bridges: Tor relays and bridges could maybe be made to
> leak their medium-term onion keys (rotated once a week), or their
> long-term relay identity keys. An attacker who has your relay identity
> key can publish a new relay descriptor indic
> best practice would be to update
> your OpenSSL package, discard all the files in keys/ in your
> DataDirectory, and restart your Tor to generate new keys.
Greetings all. I follwed the above instructions on my relay. Upon
restarting Tor I have lost all of my flags and I have a new fingerprint
On 04/08/2014 04:58 PM, ecart...@riseup.net wrote:
> Greetings all. I follwed the above instructions on my relay. Upon
> restarting Tor I have lost all of my flags and I have a new fingerprint.
> Previously I had the Fast, Guard, Named, Running, Stable, and Valid flags.
> Is this expected? Did
On 05/04/14 17:46, Lukas Erlacher wrote:
> Hello Nikita, Karsten,
>
> On 04/05/2014 05:03 PM, Nikita Borisov wrote:
>> On Sat, Apr 5, 2014 at 3:58 PM, Karsten Loesing
>> wrote:
>>> Installing packages using Python-specific package managers is
>>> going to make our sysadmins sad, so we should have
40 matches
Mail list logo
