Re: [tor-talk] Ports required for Tor and hidden services

On Fri, 24 Jan 2020 01:12:10 +, Forst wrote: > Please don't make assumptions. If outgoing traffic is restricted, which > ports are required for Tor to work as in outgoing traffic default action > is drop? Technically, all of them. A tor client connects to the OR-Ports of tor relays, and they

Re: [tor-talk] Grey Borders / Viewbox in tor

On Tue, 05 Nov 2019 12:34:39 +, Jan wrote: > Hello folks, > > I'm using tor browser 9.0. Recently (since the last update?) a grey > border appears when maximising the window. Or when resizing to anything that is not a multiple of 100px in either dimension, 200px when over 1600px. Try with th

Re: [tor-talk] Streaming Videos VS Downloading Videos

On Wed, 12 Dec 2018 21:28:00 +, bo0od wrote: > comparison should be equal , like full video downloaded and full video > streamed. Not necessarily. When streaming, bit rate is usually adapted dynamically to fit the actual line speed, while a download should yield in the resolution you requeste

Re: [tor-talk] privacy concerns with new CAPTCHA-method for obfs4 bridges

On Wed, 03 Oct 2018 13:03:14 +, ithor wrote: ... > Can you elaborate upon that for the noob I am. If i understand you correctly, > when using domain fronting, Tor basically spoofs or "hijacks" the ip address > of an existing Azure server client ? SNI: Server Name Indication. While setting up

Re: [tor-talk] privacy concerns with new CAPTCHA-method for obfs4 bridges

On Wed, 03 Oct 2018 14:06:27 +, Jonathan Marquardt wrote: ... > They did so supposedly because it voilated their terms of use. It also probably violates a few RFCs, and they never advertised this 'feature'. > They probably don't want to ruin their relationships with totalitarian > regimes.

Re: [tor-talk] ascertain trustworthyness of entry-nodes and obfs4 bridges?

On Wed, 03 Oct 2018 08:41:29 +, ithor wrote: ... > So would there be a way to (pen-?)test a private obfs4 bridge as being non > blacklisted and actually usable without really trying to connect to it and > alarming my ISP and DPI the like ? Obviously not. To test that you need to try to conne

Re: [tor-talk] Tor on the International Space Station?

On Fri, 28 Sep 2018 14:08:17 +, Lara wrote: ... > It would be quite ironic, given the latency they face in orbit. The ISS doesn't fly that high - having a link directly down would means a few millisecond ping time. But they have to link via (other) satellites because you'd need an awful lot o

Re: [tor-talk] alt-svc supported by TBB

On Thu, 20 Sep 2018 12:38:56 +, Dave Warren wrote: ... > >Using the test page at https://perfectoid.space/test.php I get either > >red or yellow exclusively, no amount of refreshing and/or changing > >circuits seems to get green which confirms my own testing on a site I > >operate that is pa

Re: [tor-talk] Tor Project - FOIA revelation ?

On Fri, 02 Mar 2018 16:18:32 +, J B wrote: > https://www.zerohedge.com/news/2018-03-02/tor-project-almost-100-funded-us-government-report That is no news at all. That same Levine reported exactly that three years ago: https://pando.com/2014/07/16/tor-spooks/ Andreas -- "Totally trivial. Fam

Re: [tor-talk] TBB-alpha doesn't update

On Thu, 25 Jan 2018 13:22:00 +, Georg Koppen wrote: ... > without issue to 8.0a1 (both with an incremental and a full update). Hrm. 'Cannot reproduce'. I filed #25023 for the alpha/current discrimination. (Didn't find a good component, though.) - Andreas -- "Totally trivial. Famous last wo

Re: [tor-talk] TBB-alpha doesn't update

On Thu, 25 Jan 2018 11:40:00 +, Georg Koppen wrote: ... > Could you enable update logging (with `app.update.log` set to `true`) > and check the the browser console whether there is any error visible? If > so, what is it complaining about? Fresh install, no config change, except for the above (

Re: [tor-talk] Tor and TBB Issues Needing Good Advice

On Mon, 22 Jan 2018 13:33:31 +, Mirimir wrote: ... > But it would be very cool if its vulnerabilities were clearly disclosed. > On the download page. There's already disclosure (but maybe not explicit > enough) that Tor isn't secure against global adversaries. So why not > disclosure that Tor b

[tor-talk] TBB-alpha doesn't update

Hi all, I have (since last week) two installations of the alpha browsers, both on win7. The update of yesterday failed for both of them, first saying that the incremental update could not be applied, then the full update couldn't be either ('The Update could not be installed (patch apply failed)')

Re: [tor-talk] Tor and TBB Issues Needing Good Advice

On Sun, 21 Jan 2018 11:05:01 +, Mirimir wrote: > On 01/21/2018 04:52 AM, Andreas Krey wrote: ... > > TBB works right out of the box. Dear casual reader, please don't be alarmed > > by this post. > > It does indeed. But it's a fragile thing, in that there&#x

Re: [tor-talk] Tor and TBB Issues Needing Good Advice

On Sun, 21 Jan 2018 09:13:29 +, Wanderingnet wrote: > So far I have been unable to gain a working torrc and iptables setup for > either tor, or, particularly, Tor Browser Bundle. TBB works right out of the box. Dear casual reader, please don't be alarmed by this post. > And believe me, I've

Re: [tor-talk] What The F - Tor Browser is not your privacy browser, Non-goal: PRIVACY

On Wed, 10 Jan 2018 20:06:07 +, grarpamp wrote: ... > Fiber / copper / WiFi, shovels / ladders, C'mon. Nobody is sufficiently interested to dig up 5 miles through the woods to connect to the next village on free time and own funds, esp. when there is exactly nothing that can actually be reache

[tor-talk] random onion non-reachability

Hi everyone, I keep noticing a phenomenon regarding onion sites reachability. Every now and then some onion site becomes unreachable from a given tor browser instance while continuing to be reachable from others. After a few days it becomes reachable again from that instance as well. Happens with

Re: [tor-talk] How to find trust nodes?

On Thu, 28 Sep 2017 07:31:56 +, Jason Long wrote: > I guess there is no guarantee about Tor nodes. What kind of guarantee do you expect? That, in case you get busted because someone figures out how to trace you despite using tor, they will send a small army to free you from the prison some dic

Re: [tor-talk] Tor bridges over ICMP or DNS

On Thu, 07 Sep 2017 21:47:24 +, Ben Tasker wrote: ... > > Same. Basically, you just need any bridge and a means to tunnel ssh, > > and the you can 'ssh -L port:bridgeip:bridgeport', and configure > > tor to use the bridge at localhost:port. This will work as long > > as not too many people do i

Re: [tor-talk] Tor bridges over ICMP or DNS

On Thu, 07 Sep 2017 13:32:35 +, Roman Mamedov wrote: > Hello, > > Has anyone considered making a Tor bridge protocol with ICMP as transport? Probably. > Or tunneling over DNS? Same. Basically, you just need any bridge and a means to tunnel ssh, and the you can 'ssh -L port:bridgeip:bridgepo

Re: [tor-talk] Neal Krawetz's abcission proposal, and Tor's reputation

On Wed, 30 Aug 2017 15:55:36 +, Jon Tullett wrote: > On 30 August 2017 at 15:02, Andreas Krey wrote: ... > > Facebook is a house. Tor is a street. > > Ah, a motoring analogy. Not at all. You usually don't even enter houses by car. Andreas -- "Totally trivial.

Re: [tor-talk] Neal Krawetz's abcission proposal, and Tor's reputation

On Wed, 30 Aug 2017 14:41:52 +, Jon Tullett wrote: ... > And yet Facebook itself actively engages in censorship, Facebook is a house. Tor is a street. A house can set house rules (although an argument can be made that facebook should not be able to, given its ubiquity). Streets shouldn't reg

Re: [tor-talk] Is the recent growth in Ukrainian users confusing google's geoip?

On Sun, 18 Jun 2017 10:50:27 +, Alec Muffett wrote: > On 18 June 2017 at 06:39, Roger Dingledine wrote: ... > Or, indeed, there are people whose self-declared Google-account country of > residence is Ukraine, and enough of them have been logging into Google from > the exit node IP addresses fo

Re: [tor-talk] Using .onion address for MQTT pubsub.

On Thu, 23 Mar 2017 02:18:00 +, MaQ wrote: ... > mosquitto_pub -h abcdefg123456789.onion -p 9150(and mqtt port) -d -t > hello/world -m "Hello World" What is '9150(and mqtt port)'? Well, you need to tell mosquitto_pub to use the socks5 port that the client side tor has, probably with --proxy s

[tor-talk] tor browser crash

Hi everybody, my up-to-date (6.5.1 (based on Mozilla Firefox 45.8.0)) install of (windows) TBB crashes reproducibly when going to https://help.github.com/categories/writing-on-github/ (I've had random crashes on multiple installs, but this is the first one I can pinpoint.) - Andreas -- "Total

[tor-talk] tweetdeck trouble

Hi there, is there anybody else using tweetdeck via tor? I have the strange phenomenon that I get a '... Something went wrong. Please try again.' on the initial tweetdeck.twitter.com screen, and, while I can log into twitter.com, tweetdeck itself won't work. The interesting thing is that there ar

Re: [tor-talk] problems faced with tor browser

On Wed, 19 Oct 2016 23:13:05 +, Jim wrote: > You might want to give serious thought to whether you *really* want to > access your bank anonymously. I like location-anonymous access - my banks don't need to know where I am right now. I'm not anonymous to them - I need to log in anyway. >

Re: [tor-talk] problems faced with tor browser

On Wed, 19 Oct 2016 16:53:19 +, Sangy wrote: ... > > 2] when i try to do internet banking, the bank sites does not allow access. > > is there any solution for this? > Please don't. You are introducing a man in the middle between yourself > and the banks... Why? Any bank should use https, and t

Re: [tor-talk] My absence from the mailing lists...

On Fri, 26 Aug 2016 13:25:58 +, carlo von lynX wrote: ... > I still don't understand why you guys hang out on a public surveilled > IRC network where each line you type goes straight into XKEYSCORE. Because user management? When you change the irc channels to something secured you have a lot t

Re: [tor-talk] Any risk by showing traffic statistic on the DirFrontPage?

On Sat, 27 Aug 2016 11:12:38 +, Paul Syverson wrote: ... > As you noted, realtime updates and or even later postings of > temporally fine-grained numbers could be too revealing for even > after-the-fact traffic correlation. Where would you set the limit for 'fine-grained'? Minute? Tens? Hour?

Re: [tor-talk] "But he does good work." *Appelbaum*

On Mon, 20 Jun 2016 13:20:16 +, juan wrote: ... > See, the 'community' of clown 'hackers', sellouts and frauds > working for the US gov't and vasal states deems that X is > politically incorrect so...so fucking what eh? So, human rights are basically mob-enforced assholery,

Re: [tor-talk] "But he does good work." *Appelbaum*

On Tue, 21 Jun 2016 00:46:35 +, Zenaan Harkness wrote: ... > > so they are all government agents/assets then in a grand conspiracy > > against one person? > > "all"?!! Please! > > Classic dichotomy thinking! "It must be saintliness or abject evil." "all the accusers". If a sizeable (or mostl

Re: [tor-talk] "But he does good work." *Appelbaum*

On Mon, 20 Jun 2016 19:57:16 +, Zenaan Harkness wrote: > > Indeed, Jake's dementi is consistent with many of the allegations. (This one: http://www.twitlonger.com/show/n_1soorlp) > dict dementi does not turn up a definition - ?? Oops. German word - 'denail, disclaimer' acc. to dict.leo.org.

Re: [tor-talk] "But he does good work." *Appelbaum*

On Sat, 18 Jun 2016 15:24:43 +, thomas.hluch...@netcologne.de wrote: ... > You have. You might consider that intelligent services have large amounts of > resources. If this is a planned attack from a group of interested people, > they are able to do so. ...and very long-term planning, too.

Re: [tor-talk] Is it going to extradite Jacob to usa?

On Thu, 09 Jun 2016 02:40:04 +, tor_t...@arcor.de wrote: ... > Gefahr des Todes = death danger = "intoxicated" without being a med => > triggers Dangerous Drugs Act, too, btw I seem to have missed that part where 'intoxicated' didn't equal self-ingested alcohol. > ... there could be an extr

Re: [tor-talk] RIP Tor

On Wed, 08 Jun 2016 11:41:14 +, CANNON NATHANIEL CIOTA wrote: > Open source and compiling from source is best option. Hopefully there > are enough programmers that are able to interpret the source code > examining it. Although the source code may be good, most users do not > compile fro

Re: [tor-talk] FBI harassing Tor devs

On Thu, 19 May 2016 13:38:18 +, Jonathan Wilkes wrote: ... > Community that leverages gitian: Hm, this package looks different.  Let's > quarantine it and let the world inspect it. > World: Sounds fun! Actually, it's sufficient if there is a single person doing this when there are reproducibl

Re: [tor-talk] FBI harassing Tor devs

On Thu, 19 May 2016 00:50:14 +, Jonathan Wilkes wrote: ... > Someone please give me a plausible scenario of how an NSL to a single > developer ends up breaking Tor. "Hi, you're the one who is packaging tor, right? Please[tm] run this program on the binary, and don't tell anyone." Not sure i

Re: [tor-talk] Are squid proxies acceptable on exit nodes?

On Mon, 09 May 2016 19:48:57 +, Roman Mamedov wrote: ... > Squid itself is just a tool, sure it can cache, it can log all requests, but > is > it configured to do so? Not necessarily so. What happens when port 80 isn't HTTP? Or using custom verbs? Andreas -- "Totally trivial. Famous last w

[tor-talk] Are squid proxies acceptable on exit nodes?

Hi everyone, recently I occasionally get things like depicted in https://twitter.com/akrey/status/729677599652380672 A squid error page that the connection to the remote host timed out (here 193.99.144.85, which is the address of www.heise.de which I wanted to reach). To me it looks like the tor

Re: [tor-talk] 'Refresh tor browser' - and then it wasn't one anymore.

On Wed, 04 May 2016 04:28:49 +, Roger Dingledine wrote: ... > Can you file a Tor Browser ticket on trac, with as much detail as you > can? Especially including which Tor Browser version it was, and what > platform it was for? JFTR: Windows 7, as far as I remember it was already updated to 5.5.

[tor-talk] 'Refresh tor browser' - and then it wasn't one anymore.

Hi all, I just had the TBB ask me something to the lines of 'refresh tor browser?', and I sleepily said yes, and now the browser apparently has lost the addon that is the tor process underneath, and just says 'the proxy server is refusing connections'. (I was already annoyed often enough by this

Re: [tor-talk] CloudFlare blog post

On Thu, 31 Mar 2016 14:36:02 +, Joe Btfsplk wrote: ... > Tor is non-profit. They also don't use trackers. It's different with > For-profit sites. That is not a binary distiction. Even if there is an interest in tracking, for very few sites that is the primary or even a major interest. Also

Re: [tor-talk] CloudFlare blog post - Addendum

On Thu, 31 Mar 2016 23:33:39 +, Joe Btfsplk wrote: ... > Got a new identity, & when I finally solved the street signs, it gave > the random characters to copy. The current captchas are solvable. It's just you usually get multiple rounds, and the annoying part is the display (non)speed. But I

Re: [tor-talk] CloudFlare blog post

On Thu, 31 Mar 2016 11:27:24 +, Joe Btfsplk wrote: ... > >What I wonder is how they want to make a difference using .onion addresses > >for their customers - tor crawlers can take that redirect just so. > Andreas, sorry - don't understand part of your comment. > "It would be quite a lot of effo

Re: [tor-talk] CloudFlare blog post

On Wed, 30 Mar 2016 15:19:09 +, Joe Btfsplk wrote: ... > At times, Cloudflare or some sites may say, "Gee, whiz - we're not > blocking TBB intentionally. We're working on a solution." > But I don't buy that 100%. It's possibly just a politically correct > excuse vs. saying, "We can't track

Re: [tor-talk] .onion name gen

On Fri, 04 Mar 2016 19:55:01 +, Flipchan wrote: > IF i generate a .onion domain , isnt there a risk that someone can generate > the same domain? I mean anyone can generate .onion domains and IF i got an > easy .onion address then some could easily generate that rsa key right? There is no 'e

Re: [tor-talk] How to make the Tor service to stop faster?

On Mon, 15 Feb 2016 11:48:45 +, Ken Cline wrote: > > On 15 Feb 2016, at 7:22 AM, nusenu wrote: ... > > It is just the nicer way to say goodbye to clients - I guess. Also, tor then has a chance to gracefully shut down circuits so that at least short-lived connections don't break by the shutdow

Re: [tor-talk] How stream separation across multiple circuits can be implemented?

On Wed, 27 Jan 2016 11:32:56 +, Dimitar Milkov wrote: ... > " If we can move streams across circuits, though, we would need to add queues > at each end of the circuit, add sequence numbers so we can send and receive > acknowledgements for cells, and so forth." > > Why something like this (im

Re: [tor-talk] Escape NSA just to enter commercial surveillance?

On Thu, 14 Jan 2016 14:25:20 +, juan wrote: ... > Of course. It's absurd. There's nothing hidden about > facebook's location so a 'hidden' service is...nonsense. You're attacking the name instead of the content. Accessing facebook via the onion service means that you know you're t

Re: [tor-talk] Funding Tor Development trough Referral/Affiliate Marketing

On Sun, 10 Jan 2016 16:21:37 +, Kolja Weber wrote: > The amount of people buy stuff online via torbrowser should be quite low > (besides at some some "silkroads") , any serious online shop like amazon > will block Tor or VPN, otherwise the fraud order rate is quite high. None of my usual suspe

Re: [tor-talk] Ordering a .onion EV certificate from Digitcert

On Wed, 16 Dec 2015 11:54:09 +, Aymeric Vitte wrote: ... > I will not start a CA model discussion again, but the unanswered > question in the thread was: what can ws with https hurt exactly and why > are we obliged to use insecure http with ws? Which thread are you living in? Andreas -- "To

Re: [tor-talk] Ordering a .onion EV certificate from Digitcert

On Tue, 15 Dec 2015 22:24:05 +, Aymeric Vitte wrote: > For what use exactly? ie why people should want a TLS certificate for a > .onion, To get all the ways in which web browsers threat https differently from http: mixed content warnings, cookie policies etc. pp. Browsers won't special-case .o

Re: [tor-talk] Ordering a .onion EV certificate from Digitcert

On Tue, 15 Dec 2015 17:35:19 +, cyb3rwr3ck wrote: ... > What about CAcert? I am using them for a while now but I have never > tried them for .onion... CAcert isn't in the default cert list of tor browser, so you get the cert exception dance once for each browser restart. Andreas -- "Totally

[tor-talk] Exit MITMing plausible?

Hi all, a short question regarding potential state-rogue exit nodes: Does tor browser pin the certificates (even/at least in-session) so one could detect when the certificate offered changes to to a bad exit which does MITM? (Obviously restricted to state actors.) Besides, what/how many big exits

Re: [tor-talk] #nottor

On Thu, 03 Dec 2015 09:39:06 +, Sebastian Hahn wrote: ... > > When I try to join #nottor with a registered nick, > > I get told 'Cannot join to channel #nottor (You must be invited)' > > I can join #tor. ... > You're on the FreeNode irc network, not OFTC's. Boggle indeed (i.e. you're right).

[tor-talk] #nottor

On Wed, 02 Dec 2015 17:32:22 +, coderman wrote: ... > the collective defect identification efforts in real-time have moved > to channel #nottor. Speaking of which - what's up with #tor and #nottor. I'm using irssi (and am relatively clueless to IRC). When I /join #tor without a registered ni

Re: [tor-talk] Russia actually kind of cracked (?) Tor

On Thu, 26 Nov 2015 16:53:54 +, karste...@mailbox.org wrote: ... > I'm not sure about this. The Utimaco Lawful Inspection Units LIMS (used by > big German email providers) contain a "X1 admin interface" (or > "Management Server") which can used for administration of affected targets > and LEAs

Re: [tor-talk] Russia actually kind of cracked (?) Tor

On Thu, 26 Nov 2015 14:39:09 +, aka wrote: > Germany has exactly the same thing: > https://de.wikipedia.org/wiki/Sichere_Inter-Netzwerk_Architektur Er, no. SINA is to protect the connection from the provider to the agency (which is going over the internet), essentially hardware VPN boxes. The

Re: [tor-talk] MITM attack on TLS

On Fri, 20 Nov 2015 17:18:00 +, Justin wrote: ... > SSH is probably more dangerous than OBFS4 because it coulee be detected with > a DPI fingerprint. They might question that. I think Tor with transports is > good. On that paranioa level OBFS4 is as dangerous as SSH - it doesn't matter if

Re: [tor-talk] twitter tor block redux

On Sat, 14 Nov 2015 03:45:42 +, Mirimir wrote: ... > If you must use Twitter via Tor, No, I just don't want to use twitter directly from workboxes etc. Here it seems a bit of an interaction between tweetdeck and twitter itself. Tweetdeck lets me in but not post, and when I log into the origin

[tor-talk] twitter tor block redux

Hi all, datapoints: The last week twitter (via tweetdeck.twitter.com) looked normal. I could log in and see my feed, but I couldn't post anything any more ('suspicious activity'). Once I got blocked and needed to use a mailed password token. An acquaintance retried an account he had used some tim

Re: [tor-talk] How to write program that uses Tor network

On Tue, 29 Sep 2015 23:22:37 +, Tyler Hardin wrote: > Also, about rate limiting, what sort of rate limit do y'all think would be > mindful of the health of the network and the average site? I'm thinking a > maximum of 1 req per second per site and 10 reqs per second overall Perhaps you should

Re: [tor-talk] IBM says Block Tor

On Sun, 30 Aug 2015 11:01:42 +, Martijn Grooten wrote: ... > But a company that blocks Tor because, as IBM puts it, a lot of > malicious actors use Tor is making a sensible security decision. But that is not a reason to block torproject.org or even to forbid using the tor browser. It would be

Re: [tor-talk] SSH connection attempts through hidden service

On Tue, 11 Aug 2015 02:55:00 +, Jens Kubieziel wrote: ... > Nobody besides me knowns the onion name. The HSDirs do. So esentially hidden service names are enumerable. > Has anyone also seen such connection attempts through hidden services? I've seen accesses on unpublished hidden services, t

Re: [tor-talk] USB Sticks for Tails -> CCCamp

On Thu, 23 Jul 2015 10:25:37 +, Roman Mamedov wrote: ... > a random anonymously bought off-the-shelf DVD drive. If the bootable OS > verifies signatures of files it loads from the disk, then it'd have to do a > rather sophisticated and specifically targeted for that OS "evil maid" attack. A ta

Re: [tor-talk] evidence that Tor isn't "amoral"?

On Mon, 13 Jul 2015 16:38:34 +, aka wrote: ... > all other points are just plain mental diseases and accepting them does > more harm than good. Acceptability and being a disease are two unrelated concepts. E.g. being a hitman is unacceptable but definitely not a disease. The other way round

Re: [tor-talk] do Cloudfare captchas ever work?

On Fri, 19 Jun 2015 22:38:26 +, Joe Btfsplk wrote: ... > Using default browser installation & settings? > I so rarely have success, that I immediately close tabs for sites > presenting Cloudfare. > Even when the puzzle is clearly legible (rarely), it still doesn't work. The last weeks I was

Re: [tor-talk] Cloudflare's captcha problems: google's fault

On Tue, 09 Jun 2015 21:31:11 +, m8asyo...@sigaint.org wrote: ... > I hope they don't but it's just a worst case scenario that should be taken > into account. Even though they can redirect you from https://.com to > https://11l1.com if they wish and MTIM you from there, provided you don't >

Re: [tor-talk] Cloudflare's captcha problems: google's fault

On Tue, 09 Jun 2015 20:49:33 +, m8asyo...@sigaint.org wrote: ... > 2) Use a new identity until you get an exit node that either lets you > proceed with no captcha at all or gets google to display two clear words > instead of the fuzzy ones. The clear words are recognized when you enter > them c

Re: [tor-talk] Invaded by disconnect.me

On Tue, 02 Jun 2015 00:54:55 +, Mirimir wrote: ... > But what do you think of the current Disconnect default? Currently, I just use it (like the familiar google look). Will see when I seriously start missing the ddg shortcuts ('!imdb tom hanks', '!w relativity' etc). It's odd that the ddg oni

Re: [tor-talk] Invaded by disconnect.me

On Mon, 01 Jun 2015 20:06:47 +, Mirimir wrote: ... > DuckDuckgo's search results are pretty much useless, a waste of time. In my experience ddg got a lot better recently (year-ish); I stayed there during the startpage default. Seldom needed to go to google. But then, you can just select what

[tor-talk] Hidden service failures

Hi all, I'm just trying to access a hidden service, and the server (v0.2.6.8) says [warn] connection_edge_process_relay_cell (at origin) failed. each time I try to make a connection (which fails). Is that due to be the client-side tor being quite old (or the server too new; I'm not having iss

Re: [tor-talk] German University signs up 24 tor relays

On Wed, 06 May 2015 07:24:04 +, l.m wrote: ... > Pretending an attempt didn't occur to force disclosure doesn't change > the fact that it didn't happen. You definintion of 'force' obviously includes asking "how's the weather over there". Andreas -- "Totally trivial. Famous last words." From

Re: [tor-talk] German University signs up 24 tor relays

On Wed, 06 May 2015 06:54:27 +, l.m wrote: ... > Fine. Relays are public. They are. > The people who operate them are public > figures too. You're the only one claiming that. Neither did Roger force the Aachen operator out - nobody except for LE even can do that. Andreas -- "Totally triv

Re: [tor-talk] Clarification of Tor's involvement with DARPA's Memex

On Thu, 23 Apr 2015 11:31:18 +, benjamin barber wrote: ... > ... , and actively > steering people away from tor, if they are looking for real anonymity or > security. Where do you steer them *to*? Andreas -- "Totally trivial. Famous last words." From: Linus Torvalds Date: Fri, 22 Jan 2010

Re: [tor-talk] [tor-dev] Porting Tor Browser to the BSDs

On Sat, 11 Apr 2015 17:19:52 +, Yuri wrote: ... > There is no need to port TBB to BSD. Not worth of the effort. TBB is > unable to 100% separate tor and non-tor connections due to the network > stack architecture. I'm not sure whether you're barking up the right tree. > TBB users are typica

Re: [tor-talk] Protest Blocking Tor via CloudFlare

On Thu, 12 Mar 2015 14:16:44 +, ma...@wk3.org wrote: > On Wed, 11 Mar 2015 12:35:53 -0400 > "l.m" wrote: > > > Which site blocks tor exit entirely? I haven't seen one recently. > > https://pad.okfn.org/p/cloudflare-tor You apparently don't know the difference between 'needs a captcha solved

Re: [tor-talk] Protest Blocking Tor via CloudFlare

On Wed, 11 Mar 2015 13:09:57 +, grarpamp wrote: ... > I must give some credit... happy to see the impossible to > solve cowspot wavy blurred two-word "nnntnnlmm vvnmrmmttff" > style captchas went away. I'm not sure whose credit that would be - other (re?)captcha-using sites (IIRC hacker news)

Re: [tor-talk] Protest Blocking Tor via CloudFlare

On Wed, 11 Mar 2015 12:35:53 +, l.m wrote: > Which site blocks tor exit entirely? Some. More exactly, the server that sells railway tickets here seems to blackhole tor exits - connections just time out. (Especially annoying: The server that you use to select a train etc. works - only when you

Re: [tor-talk] Tor Browser 4.5a4 on Raspbian wheezy

On Mon, 09 Mar 2015 20:32:11 +, Mirimir wrote: > I've built Tor Browser 4.5a4 on Raspbian wheezy, using instructions at > . > > Is this news, or unremarkable? At least, it's interesting. I wanted to look into that myself (b

Re: [tor-talk] Funded search engine for onionspace?

On Thu, 05 Mar 2015 11:27:08 +, George Kadianakis wrote: ... > FWIW, none of the above will actually help against a non-experienced > user that uses tor2web to connect to an onion by mistake. Even with HS > authorization or HTTP auth, the onion will forever be imprinted on > that public list.

Re: [tor-talk] Why corrupt government officials are strongly opposed to this Tor project (a Gestapo government run amok!)

On Wed, 04 Mar 2015 23:53:04 +, Travis Bean wrote: ... > It seems highly suspicious that those of you on this mailing list, who > continue to make this out to be something other than the original post, > are all mysteriously in the same boat with this scoundrel Rupert Murdoch. The "you're eith

Re: [tor-talk] New Tor project idea for internet comments

On Wed, 04 Mar 2015 17:26:32 +, Juan wrote: ... > Prime example : A country like china is firewalled so the > pentagon can't spy on the chinese internet directly. Hence, > tor. And how, exactly, does tor help in this regard? > And of course, in a place like the US y

Re: [tor-talk] New Tor project idea for internet comments

On Wed, 04 Mar 2015 15:33:28 +, Lee Malek wrote: > 99% of censorship happens on blog comments. That's not censorship. It's my freedom to decide which comments I host on my blog. (You can run your own blog to share your thoughts.) Censorship is when a third party doesn't let you access my blog

Re: [tor-talk] Why corrupt government officials are strongly opposed to this Tor project (a Gestapo government run amok!)

On Wed, 04 Mar 2015 14:23:40 +, andr...@fastmail.fm wrote: ... > Simple- to know what the Tor project is doing. It's the "golden rule" He > who has the Gold makes the rules. The golden rule actually is 'look at the output'. It's not as if the projects acts in secrecy - or even could. Andreas

Re: [tor-talk] tor friendly github alternatives?

On Sat, 28 Feb 2015 12:01:06 +, Jeff Burdges wrote: > > Just fyi, airport wifis commonly block vanilla ssh, which requires me to do > pushes through tor. Github has ssh.github.com (IIRC) which accepts SSH on port 443, for exactly this problem. Andreas -- "Totally trivial. Famous last word

[tor-talk] TBB update experience

Hi all, the auto-update experience of the tor browser bundle is a bit strange. I'm somewhat used to the 'please update now' popup (and like it very much). But if/when I start TBB while an update is due I get the 'please click here to update' welcome page - which leads not to an update but to downl

Re: [tor-talk] git: application level leaks and best practices?

On Thu, 26 Feb 2015 20:55:56 +, str4d wrote: ... > If you only want to force UTC for occasional commands then just add > "TZ=UTC" in front of the command, but I personally prefer redefining > the git command like above, to prevent accidentally forgetting. You could also set your entire system

Re: [tor-talk] How can I use tor to access the ipv6-enabled website?

On Fri, 27 Feb 2015 09:41:26 +, Hongyi Zhao wrote: ... > 3- Thirdly, I use tor or privoxy as the proxy to access the > http://ipv6.google.com/, but finally failed. Can someone please give me > some hints? As far as I know, the tor network doesn't do exiting to ipv6 yet. When you have ipv6 ena

Re: [tor-talk] Who said it takes hours of latency to fix anonymity?

On Tue, 17 Feb 2015 16:42:44 +, Juan wrote: ... > Isn't that interesting? No. > There's a whole 'industry' of 'academics' getting millions in > grants for 'researching' stuff and doing 'science', and yet > they don't provide any useful data. Interesting and cute. "

Re: [tor-talk] Tor and solidarity against online harassment

On Mon, 15 Dec 2014 23:19:38 +, Mirimir wrote: ... > Certainly, Tor helps the US and its allies to consolidate their power. > Why else would they fund it? Because science? > But mostly it helps them to consolidate > their power against other states. It's probably been used against Iraq > and

Re: [tor-talk] Tor and solidarity against online harassment

On Fri, 12 Dec 2014 17:43:28 +, Juan wrote: ... > > That's why we try to do all > > of our development in public, and the source code is open, and the > > research communities are active and public, and we engage with many > > communities in person at a wide variety of conferences. > > N

Re: [tor-talk] Tor and solidarity against online harassment

On Fri, 12 Dec 2014 14:49:56 +, Thomas White wrote: ... > For the record, feminism is the movement to fight inequality against > only women. Not according to wikipedia: 'to...establish...equal...rights for women', which include approaching equality from both sides, as appropriate. ... > right

Re: [tor-talk] Hiden service and session integrity

On Mon, 17 Nov 2014 18:22:00 +, NTPT wrote: ... > web application "foo" use a classical session to maitain state of the user. > Classically user BAR have  IP address and cookie is assigned in the login > process. If the right cookie from the right ip address comes for user BAR, > server acce

Re: [tor-talk] Cloak Tor Router

On Tue, 11 Nov 2014 10:39:06 +, hellekin wrote: ... > But now I think it would be better to explain why it's not necessary, You need it if you want to guard against the user device accidentally routing around the box? Also, auto-config of the clients without hassling with the upstream DHCP. >

Re: [tor-talk] Facebook brute forcing hidden services

On Fri, 31 Oct 2014 16:49:38 +, AFO-Admin wrote: ... > Hi, > i really think that this is a good thing, because i think this hidden > service will get a lot attention in countries where Facebook is > blocked. In blocking countries you'll use Tor whether you to the .com or the .onion domain. The

Re: [tor-talk] more sites requiring captchas from Cloudfare (using Google API?)

On Tue, 16 Sep 2014 11:20:53 +, Joe Btfsplk wrote: ... > I know nothing about Cloudfare's "business model." But, the old saying, > "There's no such thing as a free lunch," is still true. And there isn't. The DDoS part is inclusive with their other (paid) service; they're a CDN. The DDoS part

Re: [tor-talk] Comcast looking for Tor traffic, contacting customers to threaten termination of service.

On Tue, 16 Sep 2014 11:41:13 +, Joe Btfsplk wrote: ... > If Comcast or any ISP / mobile provider don't monitor their customers' > activities, how are they able to regularly SELL such data to LEAs? What they 'sell' (and I'm rather confident they'd rather not do this particular 'business') is g

Re: [tor-talk] Pattern In Tor Addresses

On Thu, 14 Aug 2014 23:25:46 +, Ben Healey wrote: ... > When the key generator I've been trying produced an address 90% of the time > the browser does nothing. That has to do with the fact that each letter/digit represents five bits, while a-z0-9 are 36 values, and so tor does not use (afaik)

  1   2   3   >