On 19/03/2011 00:02, Alexander Bernauer wrote:
> I don't quite understand how any attacker is trapped by a honepot
> that is publicly marked as being one. Furthermore, I don't know how
> this IRC bot is able to operate with mail and web ports only as my
> tor exit node is dropping everything else.
On Sun, Mar 20, 2011 at 11:15:27PM -0400, Aplin, Justin M wrote:
> welcome to peruse the source for any backdoors and compile it for
> yourself, just to be sure.
But make sure that you've compiled your compiler yourself with a
compiler that you trust.
http://cm.bell-labs.com/who/ken/trust.html
*
Torbutton 1.3.2-alpha has been released at:
https://www.torproject.org/torbutton/releases/torbutton-1.3.2-alpha.xpi
This release features several fixes for some annoying Firefox 4
exceptions and popup issues, as well as a score of other bugfixes.
I am hoping that this will be the last release bef
1st, thanks for the refresher, Paul. I'll bet most users didn't know
Tor was started by the NRL. Unfortunately, for many, that won't ease
their minds much.
I don't have the knowledge & skills to check Tor's source code & bet
well > 90% of users don't either.
I know (knew) my comments on Tor
It strikes me that I'd want notice (or the option to get notice)
before submitting rare certs to the database... say a dialog like:
"We're about to submit the certificate for the following site, [x] ok,
[ ] no, do not submit this certificate. ([ ] remember this preference
for this certificate)." My
On 2/28/2011 6:35 PM, Lucky Green wrote:
Joe,
This article is good intro to how the STARTTLS command would be used:
http://en.wikipedia.org/wiki/STARTTLS
In short, the client sends the STARTTLS command to the server to
indicate a desire to use TLS encryption for the connection.
STARTTLS is most
On Mon, Mar 21, 2011 at 4:32 AM, Ali-Reza Anghaie wrote:
> I find it curious that ~credibility~ of tor is being called into
> question by some. The source is readily available, the libraries it
> compiles against are readily available, the change logs, code control
> records, etc. are all readily
On Mon, Mar 21, 2011 at 1:59 PM, Joe Btfsplk wrote:
> I've never known Sam to get involved in, or fund something - especially like
> this - * w/o wanting something in return.* Ever. WHETHER or not they make
> known, to anyone, what they want or intend to do. It's been shown for over
> 50 - 60
Hi all,
a cool friend of mine made Sniffjoke, a very powerful software
(http://www.delirandom.net/sniffjoke/) that apply multiple low-level
techniques to tweak stateful inspection systems used by interception and
censorship tool.
We would be really happy to be able to test it on Iranian networks
On Mon, Mar 21, 2011 at 02:43:22PM +0100, Anders Andersson wrote:
> On Mon, Mar 21, 2011 at 4:32 AM, Ali-Reza Anghaie
> wrote:
> > I find it curious that ~credibility~ of tor is being called into
> > question by some. The source is readily available, the libraries it
> > compiles against are read
On Mon, 21 Mar 2011 11:07:49 -0400
Paul Syverson wrote:
> universities are in on it, and the supposedly independent researchers
> who found code flaws were also in on it (or sock puppets created by
> Roger to create credibility). But at some point you have to look at
> the size, diversity, and en
On Mon, Mar 21, 2011 at 11:40 AM, katmagic wrote:
> On Mon, 21 Mar 2011 11:07:49 -0400
> Paul Syverson wrote:
>
>> universities are in on it, and the supposedly independent researchers
>> who found code flaws were also in on it (or sock puppets created by
>> Roger to create credibility). But at s
--- On Mon, 3/21/11, Joe Btfsplk wrote:
> It's a serious question. Please save the "check the
> source code yourself" comments. Open source code means
> literally nothing.
You have three choices when it comes to trusting
something: 1) you can check yourself, 2) you can
have someone you trust
Joe Btfsplk wrote on 21.03.2011:
> Again, WHY would Sam develop or fund technology that would make it
> possible for * their enemies * to communicate anonymously and
> privately, possibly allowing them to plot against him, with ABSOLUTELY
> no way to decipher that communication?
>
Do you rea
On Sun, 20 Mar 2011 17:58:06 -0700
Mike Perry wrote:
> So, the question for the bikeshed discussion then is what should the
> default state of this collection be? Our thought is to provide
> HTTPS-Everywhere users with this dialog on first-run
> https://trac.torproject.org/projects/tor/wiki/HTTPS
On Mon, 21 Mar 2011 09:05:30 -0400
Joseph Lorenzo Hall wrote:
> It strikes me that I'd want notice (or the option to get notice)
> before submitting rare certs to the database... say a dialog like:
> "We're about to submit the certificate for the following site, [x] ok,
> [ ] no, do not submit th
- Original Message
> From: Moritz Bartl
> To: tor-talk@lists.torproject.org; torserv...@freelists.org
> Sent: Mon, March 21, 2011 5:07:47 AM
> Subject: Re: [tor-talk] how to install torrent tor
>
> Hi Zaher,
>
> On 20.03.2011 22:43, Zaher F. wrote:
> > i have downloaded this one ...so
On 3/21/2011 10:07 AM, Paul Syverson wrote:
On Mon, Mar 21, 2011 at 02:43:22PM +0100, Anders Andersson wrote:
In a scenario where the military actually
would hide something in the source, all programmers working on the
project would of course be in on it together. There are only a handful
of the
On Mon, Mar 21, 2011 at 02:06:04PM -0500, Joe Btfsplk wrote:
> On 3/21/2011 10:07 AM, Paul Syverson wrote:
>> On Mon, Mar 21, 2011 at 02:43:22PM +0100, Anders Andersson wrote:
>>> In a scenario where the military actually
>>> would hide something in the source, all programmers working on the
>>> pr
On Mar 21, 2011, at 1:38 PM, Curious Kid wrote:
I looks to me like Zaher F. mistakenly believes that this is a
bundle created to
download torrents through Tor.
I hope those mirrors you posted don't get blocked...
It was my impression that his original question was a badly-worded
variation
> From: jmap...@ufl.edu
> To: tor-talk@lists.torproject.org
> Date: Mon, 21 Mar 2011 15:18:05 -0400
> Subject: Re: [tor-talk] how to install torrent tor
>
> On Mar 21, 2011, at 1:38 PM, Curious Kid wrote:
>
> > I looks to me like Zaher F. mistakenly believes that this is a
> > bundle created
On 03/20/2011 08:05 PM, Mike Perry wrote:
>> if EFF was presented with a national security letter or other legal
>> demand under seal demanding the existence of a given certificate not
>> be exposed, would they be bound to not present a MITM alert for that
>> cert?
>
> Leaving this for pde and/or
On 3/21/2011 2:39 PM, Paul Syverson wrote:
On Mon, Mar 21, 2011 at 02:06:04PM -0500, Joe Btfsplk wrote:
Last comments for a while. (All I have time for, sorry.) I'm just
going to respond to specific issues about system threats and the
like.
I appreciate your comments & the work of all involved w
On 2011-03-21 16:17, Joe Btfsplk wrote:
[...]
> I don't pretend to know the answers, but know when to ask questions.
> For all I know, the US wants the enemy to use Tor for plotting, thinking
> they're anonymous, when they're not. No one's answering my specific
> questions, possibly because if th
That's a very good point klaus.
Joe - if you think the US Government is one big cohesive entity that funds
projects consistently from a single pool of resources and money then I would
politely suggest you may not have had much to do with them :P
Alfred
On 21 Mar 2011 16:27, "Klaus Layer" wrote:
Thus spake Robert Ransom (rransom.8...@gmail.com):
> On Sun, 20 Mar 2011 17:58:06 -0700
> Mike Perry wrote:
>
> > However, I'm not sure that this is going to work for Tor Browser
> > Bundle users (which ships with HTTPS Everywhere) who may have the TBB
> > on readonly USB keys or live cds. They
Thus spake Robert Ransom (rransom.8...@gmail.com):
> On Mon, 21 Mar 2011 09:05:30 -0400
> Joseph Lorenzo Hall wrote:
>
> > It strikes me that I'd want notice (or the option to get notice)
> > before submitting rare certs to the database... say a dialog like:
> > "We're about to submit the certif
Thus spake Aplin, Justin M (jmap...@ufl.edu):
> On 3/20/2011 11:04 PM, Edward Langenback wrote:
> >Joe Btfsplk wrote:
> >>EVEN if it's not true, for me, Tor project has lost a good deal of its
> >>credibility through its associations. Of course, no government would
> >>ever lie& neither would a
On Tue, Mar 22, 2011 at 3:16 AM, Mike Perry wrote:
> For example: "Trust the community. So many different people have
> worked on, volunteered for, attacked, reviewed, and researched
> tor-related topics from so many different institutions and backgrounds
> that it is *the* most extensively studie
Thus spake Joe Btfsplk (joebtfs...@gmx.com):
> On 3/21/2011 2:39 PM, Paul Syverson wrote:
> >On Mon, Mar 21, 2011 at 02:06:04PM -0500, Joe Btfsplk wrote:
> >Last comments for a while. (All I have time for, sorry.) I'm just
> >going to respond to specific issues about system threats and the
> >lik
30 matches
Mail list logo
