Re: [tor-talk] Tor directory servers

On Sun, Feb 19, 2012 at 07:06:35PM +, Bravo 76 wrote: > Is there a list available on the Tor directory servers that my script could > parse and get the latest exit routers along with their fingerprints? > > I've found this:http://dannenberg.ccc.de/tor/server/all.zBut it doesn't > mention whe

Re: [tor-talk] Tor users trackable with common proxy?

On Tue, Feb 21, 2012 at 12:09:56PM +0100, miniBill wrote: > Paranoid mode: on > They intercept the initial bootstrapping and make you connect > to a "fake" tor network composed of malicious nodes only. > Is it feasible? Not feasible (assuming you're using Tor correctly). https://www.torproject.or

Re: [tor-talk] Tor users trackable with common proxy?

On Mon, Feb 20, 2012 at 04:15:37PM +0800, Koh Choon Lin wrote: > I would like to ask for members of this list about the following statement: > > "The authorities in Singapore are understood to have the ability to > track down a person online even if he or she uses anonymizing > facilities such as

Re: [tor-talk] Tor bridge with no traffic

On Thu, Feb 23, 2012 at 04:11:58PM -0800, Christian Kujau wrote: > On Thu, 23 Feb 2012 at 15:34, Andreas Krey wrote: > > They are announced, just not all to the general public. You have to tell > > your tor client to use bridges; normally it directly talks to (public) > > relays. > > You mean, pe

Re: [tor-talk] Does obfsproxy make any sense for relays

On Wed, Feb 29, 2012 at 05:04:47PM +0100, MacLemon wrote: > I was wondering if building tor with obfsproxy would make any sense for a > relay. The documentation suggests that obfsproxy is rather exclusive for > bridges yet isn?t absolutely clear about that. > > The only scenario I can fabricate

Re: [tor-talk] Who is 93.114.40.75? Tor check page lists it and says I'm not using Tor. Another user reported this, too.

On Sun, Mar 04, 2012 at 02:22:22AM -, m...@tormail.net wrote: > Who is 93.114.40.75? > > The Tor check page lists it and says I'm not using Tor. Another user > reported this, too. That's a false negative. In this case it happens because the Tor relay exits from a different IP address than it

Re: [tor-talk] Can't access Tor network

On Sun, Mar 11, 2012 at 12:27:03AM +0100, andr...@fastmail.fm wrote: > In trying to access Tor while using a certain network the following > error/problem message appears in the log; > > Mar 1 02:45:41.518 [Notice] Tor v0.2.2.35 (git-f). This is > experimental software. Do not rely on it f

Re: [tor-talk] Can't access Tor network

On Sun, Mar 11, 2012 at 03:28:00AM +0100, andr...@fastmail.fm wrote: > > Have you tried using bridges? > > Yes, I have several bridges set already. Also, the Get Tor Bridges > button doesn't get any bridges- they must be obtained off the web > address in HELP. Ah. I bet your bridges are all down

Re: [tor-talk] Google was maddened?

On Fri, Mar 23, 2012 at 04:54:48AM +, James Brown wrote: > Earlier they often demanded answer to the CAPTCHA when I sent queries to > them throwg the Tor. > Today I find that they block my queries at all: In the past, Google required that you have a Google cookie or they wouldn't even give you

[tor-talk] Tor 0.2.3.13-alpha is out

Tor 0.2.3.13-alpha fixes a variety of stability and correctness bugs in managed pluggable transports, as well as providing other cleanups that get us closer to a release candidate. https://www.torproject.org/download/download (Packages coming eventually. Speaking of packages, deb.torproject.org n

Re: [tor-talk] Tor traffic disguised as Skype video calls to fool repressive governments

On Wed, Apr 04, 2012 at 02:13:00PM -0700, J.C. Denton wrote: > Does anyone know where I can download this tool? I can't find it anywhere. The short answer is that SkypeMorph is not ready for actual usage yet. It is still at the "research project" stage. It's great that researchers are working on

Re: [tor-talk] Tor traffic disguised as Skype video calls to fool repressive governments

On Wed, Apr 04, 2012 at 02:51:44PM -0700, J.C. Denton wrote: > thank you for your guidance. what exactly should I run with Tor until >SkypeMorph is released? I have 3 portable browsers and all 3 register >different ip's when i go to www.whatismyipaddress.com/ should I only >run TOR and AdvancedTOR

Re: [tor-talk] access sites

On Wed, Apr 04, 2012 at 06:21:58PM -0400, Joseph Lorenzo Hall wrote: > There's been research by a CU Boulder team and Yoshi Kohno to this effect. > You can google it. best, Joe There has been some research on what Tor *traffic* is, but the methodology soundness is always a question. The question h

Re: [tor-talk] access sites

On Thu, Apr 05, 2012 at 03:57:55AM +0300, Maxim Kammerer wrote: > Table 2 (with Germany at the top) in [1] does seem to suggest that > ?Privacy enthusiasts? represent a significant proportion of Tor users. Notice that this paper is quite old. Since then Iran, has hit the "#2 country using Tor" mar

Re: [tor-talk] two tors?

On Fri, Apr 06, 2012 at 04:01:59PM -, BigTor wrote: > > I have two internet apps that I want to run the same time, both using tor > > socks proxy. I do not want the data streams of the apps routing thorugh > > the same circuit. Is it safe two run two tor processes, with different > > proxy port

[tor-talk] We're looking for another dedicated core Tor developer

Your job would be to work on all aspects of the main Tor network daemon and other open-source software. This would be a contractor position for 2012 (starting as soon as you're ready and with plenty of work to keep you busy), with the possibility of 2013 and beyond. Being a core Tor developer incl

[tor-talk] Tor 0.2.3.14-alpha is out

Tor 0.2.3.14-alpha fixes yet more bugs to get us closer to a release candidate. It also dramatically speeds up AES: fast relays should consider switching to the newer OpenSSL library. https://www.torproject.org/download/download (Packages coming eventually.) Changes in version 0.2.3.14-alpha - 2

[tor-talk] Tor 0.2.3.15-alpha is out

Tor 0.2.3.15-alpha fixes a variety of smaller bugs, including making the development branch build on Windows again. https://www.torproject.org/download/download (Packages coming eventually.) Changes in version 0.2.3.15-alpha - 2012-04-30 o Minor bugfixes (on 0.2.2.x and earlier): - Make su

Re: [tor-talk] 2.2.35-11, TBB Linux: network.websocket.enabled = true, why?

On Mon, May 07, 2012 at 05:30:40AM -, m...@tormail.org wrote: > With this blog entry: > > https://blog.torproject.org/blog/new-tor-browser-bundles-security-release > > It claims 2.2.35-11 fixes a problem posted here: > > https://blog.torproject.org/blog/firefox-security-bug-proxy-bypass-curr

Re: [tor-talk] how bridges work

On Sun, May 06, 2012 at 05:07:26AM -0400, eliaz wrote: > Of what use is a bridge working off an IP address of a provider located > in, say, the US, to a client in, say, Syria? Sorry for the elementary > question. - eli The client in Syria can connect through the bridge in the US to reach the Tor n

Re: [tor-talk] how bridges work

On Mon, May 07, 2012 at 04:01:13PM -0400, Tim Wilde wrote: > > Thanks for the reassurance about the process. While I accept the > > free-speech basis of Tor (that "bad" as well as "good" guys can use > > it) and the assumption that the network is overall doing more good > > than bad, I've been con

Re: [tor-talk] tor/netfilter: packets without uid

On Thu, May 10, 2012 at 10:11:06PM -0400, johnmurphy...@safe-mail.net wrote: > IN= OUT=eth0 SRC=192.168.178.50 DST=some-target LEN=40 TOS=0x00 PREC=0x00 > TTL=64 ID=0 DF PROTO=TCP SPT=50447 DPT=443 WINDOW=1002 RES=0x00 ACK URGP=0 > > This packet is https, most likely generated by my firefox user

Re: [tor-talk] unsubscribe me from mailing list

On Tue, May 15, 2012 at 11:31:22PM -0700, Jaime wrote: > I do not wish to continue receiving emails from you thank you > ___ > tor-talk mailing list > tor-talk@lists.torproject.org > https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk At the b

Re: [tor-talk] OpenSSL library does not load unless bridges are used

On Sat, May 19, 2012 at 01:46:49AM -, m...@tormail.org wrote: > > () Example A/Notations/Questions and fact: The OpenSSL library is not loaded > in Vidalia's Message > Log. Sounds like https://trac.torproject.org/projects/tor/ticket/4834 Looks like nobody's going to fix it anyti

Re: [tor-talk] anonymity: bridge users vs. entry guard users

On Fri, May 25, 2012 at 06:07:35PM +0200, pro...@secure-mail.biz wrote: > If I understand correctly, a bridge will be used as the first of three hops. Yes. See also Item #2 on https://blog.torproject.org/blog/research-problems-ten-ways-discover-tor-bridges including proposal 188: https://gitweb.to

[tor-talk] Tor 0.2.3.16-alpha is out

Tor 0.2.3.16-alpha introduces a workaround for a critical renegotiation bug in OpenSSL 1.0.1 (where 20% of the Tor network can't talk to itself currently). It also fixes a variety of smaller bugs and other cleanups that get us closer to a release candidate. The workaround for the OpenSSL bug will

Re: [tor-talk] TBB 2.2.36-1 fails to include Firefox 13

On Thu, Jun 07, 2012 at 06:12:02AM -, m...@tormail.org wrote: > * Why was FF13 not included in this release? * Well, because it just came out, for one. Every new Firefox release these days includes a pile of new privacy disasters that Mike is scrambling to keep up with. You might like https:

Re: [tor-talk] TBB 2.2.36-1 fails to include Firefox 13

On Fri, Jun 08, 2012 at 11:42:51AM +0200, Cristian Rigamonti wrote: > On Thu, Jun 07, 2012 at 06:12:02AM -, m...@tormail.org wrote: > > > > Tor Browser Bundle (2.2.36-1) > ... > > BTW, https://check.torproject.org/RecommendedTBBVersions is still advertising > 2.2.35-12, so the automatic start

[tor-talk] Tor 0.2.3.17-beta is out

Tor 0.2.3.17-beta enables compiler and linker hardening by default, gets our TLS handshake back on track for being able to blend in with Firefox, fixes a big bug in 0.2.3.16-alpha that broke Tor's interaction with Vidalia, and otherwise continues to get us closer to a release candidate. https://ww

[tor-talk] Roger's status report, May 2012

Hi folks! As the Tor Project has grown in scope, we've been struggling to keep up with simultaneously a) doing all the development that needs to be done (including meeting deliverables for our funders), and b) keeping the community up-to-date on our in-progress work. Lately I've been writing mont

Re: [tor-talk] Orbot Data Overhead

On Wed, Jun 20, 2012 at 05:13:16PM -0400, Patrick B wrote: > I made a blog post > on > the Guardian site about the data cost incurred by Orbot usage. It generally > seems quite manageable for most use cases. Running in the backround 24/7 >

[tor-talk] Tor 0.2.3.18-rc is out

Tor 0.2.3.18-rc is the first release candidate for the Tor 0.2.3.x series. It fixes a few smaller bugs, but generally appears stable. Please test it and let us know whether it is! https://www.torproject.org/download/download (Packages coming eventually.) Changes in version 0.2.3.18-rc - 2012-06-

Re: [tor-talk] Roger's status report, May 2012

On Sat, Jun 23, 2012 at 10:04:45PM -0700, coderman wrote: > On Sat, Jun 23, 2012 at 3:20 PM, Roger Dingledine wrote: > >... > > - Launch a working-group of pluggable transport developers and > > researchers, and make sure they all know about each other. > > ...

[tor-talk] Tor 0.2.3.19-rc is out

Tor 0.2.3.19-rc is the second release candidate for the Tor 0.2.3.x series. It fixes the compile on Windows, reverts to a GeoIP database that isn't as broken, and fixes a flow control bug that has been around since the beginning of Tor. https://www.torproject.org/download/download (Packages comin

[tor-talk] Roger's status report, June 2012

(What is this mail? See my explanation from the May mail I sent: https://lists.torproject.org/pipermail/tor-talk/2012-June/024572.html ) Here's what I said at the beginning of June that I hoped to do: > - Participate in the

Re: [tor-talk] BridgeDB reCAPTCHA deployed

On Tue, Jul 17, 2012 at 02:58:13PM +, Aaron wrote: > > Seems neat, but took me 8 tries to get it correct to get my bridges. > > Linus says he can do it in 2 tries :-) If English speakers have problems here, I wonder what that means for non-English speakers. Or said another way, what's the sta

Re: [tor-talk] TBB lags behind as Firefox ESR 10.0.6 is released

On Sat, Jul 21, 2012 at 08:09:42AM +0200, machine wrote: > https://www.mozilla.org/en-US/firefox/organizations/all.html > > but there hasn't been any update yet for The Tor Browser Bundle, which > has a Tor Browser version of 10.0.5. Yep. I believe TBB 2.2.37-2 is still in the QA process on our s

Re: [tor-talk] new tld question

On Sat, Jul 28, 2012 at 10:40:52AM -0400, Webmaster wrote: > With the availability of new TLDs, is there/would there be a > concern if someone applied for the .onion tld? Would this affect > the current system? In short, no. Tor clients treat .onion addresses specially, and don't go to dns serv

Re: [tor-talk] Strong anonymization in a fixed group of participants

On Mon, Aug 06, 2012 at 09:54:51PM -0400, Edward Z. Yang wrote: > > http://freehaven.net/anonbib if you haven't already. > > That is a very nice list of papers. I will do some reading into DC-nets; > what is your favorite paper describing their implementation? Take a look at http://freehaven.net

[tor-talk] Tor 0.2.3.20-rc is out

Tor 0.2.3.20-rc is the third release candidate for the Tor 0.2.3.x series. It fixes a pair of code security bugs and a potential anonymity issue, updates our RPM spec files, and cleans up other smaller issues. https://www.torproject.org/download/download (Packages coming eventually.) Changes in

[tor-talk] Roger's status report, July 2012

Here's what I said at the beginning of July that I hoped to do: > - Attend the Dev meeting and hack fest in Florence. Help everybody > understand about our upcoming grants, and the upcoming deliverables that > go with them. Done. It was a great dev meeting and hack fest -- we had something like 4

Re: [tor-talk] traffic down

On Tue, Aug 14, 2012 at 11:06:12AM -0700, Damian Johnson wrote: > > BandwidthRate is 20 KB > > That is the very minimum bandwidth rate. Circuits are picked > heuristically based on the available bandwidth so by setting it to > such a tiny value you'll be largely unused. Actually, it's lower than

Re: [tor-talk] Warning: ISP resurrected old tor node

On Thu, Aug 16, 2012 at 09:18:50PM -1000, Name Withheld wrote: > I notice some of the tor directories are showing my old server as > being online and routing traffic. That server: > > *Router Name:*00routin0packets > *Fingerprint:*DD03 46F6 56DA 5F0E C9F6 5D7B FE56 38DA F3FB 2F6B

Re: [tor-talk] Analyzing the traffic between nodes in my private tor network

On Tue, Aug 21, 2012 at 09:09:32PM +0300, juha...@wippies.fi wrote: > I succeeded to build a private tor network including some hidden >services in it and every tor-machine (ubuntu) is behind a different >router (multiple networks) I have tried to build my tor network as real >as possible in our la

Re: [tor-talk] End-to-end correlation for fun and profit

On Mon, Aug 20, 2012 at 10:33:29AM +0300, Maxim Kammerer wrote: > As you can see, sniffing just 25 Class-C networks (or 42 individual > nodes) lets an adversary correlate ~25% of (non-.onion) circuits. I think your numbers may not be right (there are a lot of other subtleties to the calculation),

Re: [tor-talk] Reliable server hosting company for Tor exits?

On Wed, Aug 22, 2012 at 08:37:16PM +0200, Rejo Zenger wrote: > On 22 aug. 2012, at 16:07, Robin Kipp wrote: > > I've already been running a Tor relay on that for quite a while, > > but sadly had to find out that the server's IP subsequently got added > > to several EMail blacklists - despite the se

Re: [tor-talk] tor browser without tor

On Thu, Aug 30, 2012 at 05:46:03PM -0500, SnakTaste wrote: > Hi, I normally use Thunderbird & Firefox trough Tor w/instructions > from "Toiyfy" & Tor button, What is "Toiyfy"? Whatever it is, it is unlikely to have good instructions. :) > the last update from Firefox made Tor > button to send se

[tor-talk] Tor 0.2.3.21-rc is out

Tor 0.2.3.21-rc is the fourth release candidate for the Tor 0.2.3.x series. It fixes a trio of potential security bugs, fixes a bug where we were leaving some of the fast relays out of the microdescriptor consensus, resumes interpreting "ORPort 0" and "DirPort 0" correctly, and cleans up other smal

[tor-talk] Tor 0.2.4.1-alpha is out

Tor 0.2.4.1-alpha lets bridges publish their pluggable transports to bridgedb; lets relays use IPv6 addresses and directory authorities advertise them; and switches to a cleaner build interface. This is the first alpha release in a new series, so expect there to be bugs. Users who would rather tes

[tor-talk] Roger's status report, August 2012

Here's what I said at the beginning of August that I hoped to do: > - Chair the FOCI workshop at Usenix Security, and also attend the rest > of Usenix Security. > https://www.usenix.org/conference/foci12/tech-schedule/workshop-program > https://www.usenix.org/conference/usenixsecurity12/tech-sched

Re: [tor-talk] hidden services and stream isolation (file transfer over Tor HS speedup?)

On Sat, Sep 08, 2012 at 07:59:03PM +0200, Fabio Pietrosanti (naif) wrote: > That step come while brainstorming with hellais and vecna about a file > upload system for big files that should try to optimize at maximum the > transfer over a TorHS with Javascript /web browser. Tricks like this make se

[tor-talk] Tor 0.2.4.2-alpha is out

Tor 0.2.4.2-alpha enables port forwarding for pluggable transports, raises the default rate limiting even more, and makes the bootstrapping log messages less noisy. https://www.torproject.org/download/download (Packages coming eventually.) Changes in version 0.2.4.2-alpha - 2012-09-10 o Major

Re: [tor-talk] Tor 0.2.4.2-alpha is out

On Mon, Sep 10, 2012 at 06:49:31PM -0400, Roger Dingledine wrote: > https://www.torproject.org/download/download Ok, I lied. While 0.2.2 and 0.2.3 are both still alive, it is unwise to clutter our download page with alpha releases. You can find the tarballs at https://www.torproject.org/d

[tor-talk] Tor 0.2.3.22-rc is out

Tor 0.2.3.22-rc fixes another opportunity for a remotely triggerable assertion. We'll be putting out 0.2.2.39 packages shortly that fix the issue too. https://www.torproject.org/download/download https://www.torproject.org/dist/ (Packages coming eventually.) Changes in version 0.2.3.22-rc - 201

Re: [tor-talk] Italy - third highest number users

On Wed, Sep 19, 2012 at 10:00:33AM -0700, SiNA Rabbani wrote: > Somehow in August, Italy got a few thousand additional Tor users and > became third as far as usage of Tor: France and Spain show similar growth. We've seen some overall growth in total Tor user count too, perhaps due to the recent g

[tor-talk] Tor 0.2.4.3-alpha is out

Tor 0.2.4.3-alpha fixes another opportunity for a remotely triggerable assertion, resumes letting relays test reachability of their DirPort, and cleans up a bunch of smaller bugs. https://www.torproject.org/dist/ Changes in version 0.2.4.3-alpha - 2012-09-22 o Security fixes: - Fix an asser

Re: [tor-talk] need only tor-browser firefox and chrome

On Fri, Sep 21, 2012 at 06:08:01PM +0530, Raviji wrote: > I am running tor, polipo, ttdnsd and pdnsd at system services. > Is there any tor firefox and chrome available without these > components ? Not currently. Right now the only safe way to use Tor as a client is with the Tor Browser Bundle. S

Re: [tor-talk] A question about mac addresses

On Sat, Sep 22, 2012 at 07:05:47AM -0500, Anthony Papillion wrote: > I'm not a networking guy. Sure, I can build a small business LAN but I'm a > software engineer and not a network guy. So please excuse me if this question > sounds stupid. > > Can a remote website know my mac address? Try a go

Re: [tor-talk] How do I change tor's socks5 port from 9050 to 9051?

On Sat, Sep 29, 2012 at 05:05:02PM +0300, Arsen Zahray wrote: > Is it possible to change the tor's socks5 port? Yes. > I've looked through options in Vidalia and through the documentation, and I > can't find anything of the kind I don't think Vidalia can do it. You'll have to edit your torrc f

Re: [tor-talk] DNSPort & googlemail.com

On Sun, Sep 30, 2012 at 01:47:07PM +0100, Paul wrote: > When using DNSPort to resolve googlemail.com, I get the 'wrong' address: > > $ host googlemail.com > googlemail.com has address 173.194.41.150 > Host googlemail.com not found: 4(NOTIMP) > Host googlemail.com not found: 4(NOTIMP) > > It shoul

Re: [tor-talk] Tor exit node IPv6

On Mon, Oct 01, 2012 at 12:08:27PM -0400, David Goulet wrote: > I'm looking to run a Tor exit node but IPv6 only. > > Anyone do/did that and got useful information about that? > > I don't know the state of the Tor network using IPv6. Is there some > statistics somewhere about the number of nodes

Re: [tor-talk] [tor-relays] clockskewer attack

On Wed, Oct 03, 2012 at 01:21:19PM -0400, Ted Smith wrote: > > # calculates the clockskew and then finds a corrilating > > # tor relay with an open http server with the same skew > > > So it actually assumes that the targeted hidden service is running a Tor > relay _and_ an open HTTP server. In t

Re: [tor-talk] Tor SOCKS?

On Fri, Oct 05, 2012 at 09:31:57PM +0200, antispa...@sent.at wrote: > I have in a folder on a 64bit Linux distro the TBB. I read the Vidalia > bundle has been discontinued. So I jumped at using this configuration. > I have read that the socks 5 proxy is on 127.0.0.1:9050. So I tried > pushing throu

[tor-talk] Tor 0.2.3.23-rc is out

Tor 0.2.3.23-rc adds a new v3 directory authority, fixes a privacy vulnerability introduced by a change in OpenSSL, and fixes a variety of smaller bugs in preparation for the release. I hope this will be the final release candidate for the 0.2.3 series. That is, if we don't find any urgent issues,

[tor-talk] Tor 0.2.4.4-alpha is out

Tor 0.2.4.4-alpha adds a new v3 directory authority, fixes a privacy vulnerability introduced by a change in OpenSSL, fixes a remotely triggerable assert, and adds new channel_t and circuitmux_t abstractions that will make it easier to test new connection transport and cell scheduling algorithms.

Re: [tor-talk] what is the current flow control and congestion control mechanism of Tor?

On Mon, Oct 22, 2012 at 06:40:02PM +0200, esolve esolve wrote: > the paper > *Tor: The Second*-*Generation Onion > Router* > > talked about flow control and congestion control of Tor, but it may have > been out-dated. > > are there any artic

Re: [tor-talk] How do I know the number of Tor users nearby?

On Tue, Oct 23, 2012 at 10:13:47PM -0400, Simon Brereton wrote: > > See > > https://metrics.torproject.org/users.html > > What is a censorship event? It's when the number of users in the country is sufficiently below (or above) the expected number of users in the country, relative to how usage nu

[tor-talk] Tor 0.2.3.24-rc is out

Tor 0.2.3.24-rc fixes two important security vulnerabilities that could lead to remotely triggerable relay crashes, and fixes a major bug that was preventing clients from choosing suitable exit nodes. I hope this will be the final release candidate for the 0.2.3 series. That is, if we don't find a

[tor-talk] Tor 0.2.4.5-alpha is out

Tor 0.2.4.5-alpha comes hard at the heels of 0.2.4.4-alpha, to fix two important security vulnerabilities that could lead to remotely triggerable relay crashes, fix a major bug that was preventing clients from choosing suitable exit nodes, and refactor some of our code. https://www.torproject.org/

Re: [tor-talk] DoS and TOR?

On Wed, Nov 07, 2012 at 03:35:38PM -0500, Chris Smart wrote: > Hi folks. > > Disclaimer: The following question refers to website testing, > vulnerability identification etc. > > Please bare in mind that I am an end user and not very knowledgeable > about internet security or so-called "white hat

Re: [tor-talk] sock proxy port

On Fri, Nov 09, 2012 at 01:45:22PM +0100, jiang song wrote: > hi, I think sock proxy port should be 9050 > but with TBB, I notice that the socket port changes every time I started > TBB, like 49223, 58871 > what is the reason for this? and is it possible to make it constant? https://www.torprojec

Re: [tor-talk] check.torproject.org

On Fri, Nov 09, 2012 at 01:08:15PM -0500, TorOp wrote: > Same here, but it just now responded. Yes. Apparently it doesn't start on reboot. Also, it's old and buggy. We're looking into ways to improve it, but all the Tor developers are distracted by other things, so it keeps falling out of the pri

Re: [tor-talk] sock proxy port

On Fri, Nov 09, 2012 at 01:27:03PM -0600, Joe Btfsplk wrote: > >https://www.torproject.org/docs/faq#TBBSocksPort > > > That article mentions OS X / Linux, but I don't know that the issue > of Tor using other random ports (in the FAQ) does NOT apply also to > Windows? The Windows TBB doesn't set th

Re: [tor-talk] Unsigned Mac OS X binary for TorBrowser

On Fri, Nov 09, 2012 at 06:05:58PM -0500, Matthew Fisch wrote: > TorProject should be registered as an Apple software developer, and the >binary should be signed, both to increase credibility of the torproject >and the safety of users. I agree with you about the 'safety of users' side. But I'm not

Re: [tor-talk] misconfigured mailing list (mailman software) for torproject discloses passwords in plaintext (stores too?)

On Fri, Nov 09, 2012 at 06:09:36PM -0500, Matthew Fisch wrote: > I used a unique random password for this mailing list, I'm going to >guess however a significant portion of the mailing list either uses this >password in other locations, a significant subset of them probably can't >trust their mailb

[tor-talk] please test the new obfsproxy bridge debian/ubuntu directions

Hi folks, George and I have put together some instructions on how to set up a Tor bridge + obfsproxy on Debian/Ubuntu: https://www.torproject.org/projects/obfsproxy-debian-instructions Getting more obfsproxy bridges up and running is useful because right now they're the best way for users in Chi

[tor-talk] Tor 0.2.4.6-alpha is out

Tor 0.2.4.6-alpha fixes an assert bug that has been plaguing relays, makes our defense-in-depth memory wiping more reliable, and begins to count IPv6 addresses in bridge statistics, https://www.torproject.org/dist/ Changes in version 0.2.4.6-alpha - 2012-11-13 o Major bugfixes: - Fix an ass

Re: [tor-talk] Guard flag vs relay bandwidth

On Wed, Nov 14, 2012 at 02:08:16PM +0600, Roman Mamedov wrote: > From what I can tell the Guard flag affects routed bandwidth very negatively. > After getting the flag the bandwidth drops off sharply and a Guard node will > typically push an order of magnitude (TEN times) less traffic than a non-gu

Re: [tor-talk] Appropriate methods of estimating daily tor users through your server?

On Sat, Nov 17, 2012 at 11:34:36AM -1000, Name Withheld wrote: > does anyone know of an appropriate method for estimating a > (rough) number of how many users per day make use of your node? http://research.torproject.org/techreports.html See "Privacy-preserving ways to estimate the number of Tor

Re: [tor-talk] Trouble with signal newnym

On Tue, Nov 20, 2012 at 10:27:48AM -0600, Landon Campbell wrote: > I'm new to Tor, and I'm working on developing a crawler that uses Tor >via Polipo/C# HttpWebRequest. So far, making an HTTP request via Polipo >through Tor is working like a charm. However, I would like to change >my route/exit node

[tor-talk] Roger's status report, Sept 2012

I've let my status reports lapse while focusing on getting "real" work done. Here's a start at getting back on track. - Karen and I attended a conference at the German Foreign Office to help them decide what role Germany and the EU should have at regulating the sale of censorship and surveillance

[tor-talk] Roger's status report, Oct 2012

1) I attended WPES and the first day of CCS: http://hatswitch.org/wpes2012/ http://www.sigsac.org/ccs/CCS2012/ There are a bunch of new Tor-related research papers: - "Changing of the Guards: A Framework for Understanding and Improving Entry Guard Selection in Tor" http://freehaven.net/an

Re: [tor-talk] Aggregate-type settings in torrc

On Mon, Dec 10, 2012 at 01:02:39AM -0500, Nick Mathewson wrote: > > And last question, is there a reason that a line like > > ClientTransportPlugin obfs2 exec /usr/bin/obfsproxy --managed > > causes Tor to always run an obfsproxy daemon, even if there are no obfs2 > > bridges defined in torrc? >

Re: [tor-talk] obfsproxy like approach against website traffic fingerprinting?

On Thu, Dec 13, 2012 at 08:38:37PM +, adrelanos wrote: > what if everyone, also people in uncensored countries, would use > obfsproxy like traffic obfuscation for all circuits? > > Could that make website traffic fingerprinting [1] more difficult? Obfsproxy transforms each byte, but it doesn'

Re: [tor-talk] traffic down

On Sat, Dec 15, 2012 at 10:24:51AM +0100, Udo van den Heuvel wrote: > On 2012-08-15 15:16, Udo van den Heuvel wrote: > >> So if you have less than 32KB/s of bandwidthrate, you won't get > >> the Fast flag, and basically all the clients will ignore you. > > > > So there was a change in this mechani

[tor-talk] Roger's status report, Nov 2012

Six big things I did in November: 1) Attended the NSF PI meeting for our new grant (joint with Georgia Tech and Princeton). Met dozens of professors and renewed connections to dozens more. One standout: I met a nice economist who framed our exit relay funding debate as an "if you" vs "now that" ga

[tor-talk] Please make a screenshot of your favorite Tor component

Hi folks, I'm preparing our talk for next week at 29c3. So far I've made a preliminary list of software in the Tor ecosystem: http://freehaven.net/~arma/tor-components-29c3.txt Since words are so boring in slides, I've started collecting a set of screenshots / images to use instead. You can see

[tor-talk] Tor 0.2.4.7-alpha is out

Tor 0.2.4.7-alpha introduces a new approach to providing fallback directory mirrors for more robust bootstrapping; fixes more issues where clients with changing network conditions refuse to make any circuits; adds initial support for exiting to IPv6 addresses; resumes being able to update our GeoIP

Re: [tor-talk] Roger's status report, Nov 2012

On Wed, Dec 19, 2012 at 02:49:12AM -0800, Mike Perry wrote: > Thus spake Roger Dingledine (a...@mit.edu): > > > Six big things I did in November: > > > > 1) Attended the NSF PI meeting for our new grant (joint with Georgia > > Tech and Princeton). Met dozens of prof

Re: [tor-talk] Telex Circumvention tool

On Sun, Dec 30, 2012 at 02:55:02AM +, adrelanos wrote: > Telex https://telex.cc/ > > Circumvention tool. Concept looks promising. > > Has never been discussed here. Why not? Does anyone know more? > > I am interested what the status and progress is. Unfortunately, my > mailing list subscript

[tor-talk] Roger's status report, Dec 2012

Six things I did in December 2012: 1) Attended the SponsorF PI meeting and demo. I did another 90 minute talk for the research groups there, this time about the state of anonymity research and traffic analysis attacks: http://freehaven.net/~arma/slides-pi-dec12.pdf We also did a joint demo with se

Re: [tor-talk] Project idea: TorBox

On Mon, Jan 14, 2013 at 11:23:17PM +0100, Morgan Andreasson wrote: > *The TorBox* First thought: we try not to mash the word 'Tor' together with generic other words: https://www.torproject.org/docs/trademark-faq#combining See e.g. a previous TorBOX: http://sourceforge.net/projects/torbox/ > *What

[tor-talk] Tor 0.2.4.8-alpha is out

Tor 0.2.4.8-alpha introduces directory guards to reduce user enumeration risks, adds a new stronger and faster circuit handshake, and offers stronger and faster link encryption when both sides support it. https://www.torproject.org/download Changes in version 0.2.4.8-alpha - 2013-01-14 o Major

[tor-talk] Tor 0.2.4.9-alpha is out

Tor 0.2.4.9-alpha provides a quick fix to make the new ntor handshake work more robustly. https://www.torproject.org/download Changes in version 0.2.4.9-alpha - 2013-01-15 o Major bugfixes: - Fix backward compatibility logic when receiving an embedded ntor handshake tunneled in a CREA

Re: [tor-talk] TBB as a deb (was Re: Tor 0.2.4.8-alpha is out)

On Tue, Jan 15, 2013 at 07:28:34PM -0500, Micah Lee wrote: > Are there plans to release the Tor Browser Bundle as a package in Tor's > official repos, e.g. http://deb.torproject.org/torproject.org/? > > This would make keeping an up-to-date TBB much more convenient. It sure would make things more

Re: [tor-talk] Tor relay on small and cheap devices

On Sun, Jan 20, 2013 at 04:28:13PM -0800, Mike Perry wrote: > it's unlikely that the > network could support enough of these tiny relays to actually make any > substantial capacity difference, and they may actually harm overall > performance rather than help it. See also https://trac.torproject.o

Re: [tor-talk] TOR Fone - p2p secure and anonymous VoIP tool

On Sun, Feb 03, 2013 at 01:49:50PM +, adrelanos wrote: > I haven't seen TOR Fone discussions on this list. Description (selection > by adrelanos, see TOR Fone homepage [1] for original text). Ugh! Another project using the Tor name in a confusing way (which will make people think it is support

Re: [tor-talk] Vidalia Network Map list blank

On Mon, Feb 04, 2013 at 07:49:15AM -, ratl...@tormail.org wrote: > Tails 0.16 - Vidalia relays list is blank at start and with continued use > without a refresh. > > Bug is identical in previous versions. https://trac.torproject.org/projects/tor/ticket/6483 It's fixed in Vidalia 0.2.21, but

[tor-talk] Tor 0.2.4.10-alpha is out

Tor 0.2.4.10-alpha adds defenses at the directory authority level from certain attacks that flood the network with relays; changes the queue for circuit create requests from a sized-based limit to a time-based limit; resumes building with MSVC on Windows; and fixes a wide variety of other issues.

[tor-talk] Roger's status report, Jan 2013

Five things I did in January 2013: 1) Continued my rampage to teach law enforcement groups about Tor, including a US DEA talk, a Dutch regional police talk, a Belgian FCCU talk, and a Dutch KPN talk; and my parallel rampage to document and publish the results: https://blog.torproject.org/blog/trip

  1   2   3   4   5   6   7   >