Re: [tor-talk] tor-0.2.2.30rc, torrc, ExitNodes, EntryNodes parameters.Not Recognized.
On 7/12/2011 6:53 PM, Roger Dingledine wrote: On Tue, Jul 12, 2011 at 06:37:36PM -0500, Joe Btfsplk wrote: On 7/12/2011 1:24 PM, Luis Maceira wrote: I define some entry nodes or exit nodes in torrc and tor-0.2.2.30rc ignores them completely.Is this a new feature of 0.2.2.x series of releases? No, they should work fine. Are you using Vidalia bundle or browser bundle? Did you edit it while Tor was running? Did you close all Tor, Vidalia,& browser processes, then restart after editing torrc? And made sure the changes were saved? (I've failed to save changes made in files - or something went wrong) Did you use the StictExitNodes 1...command after defining the exit nodes? https://www.torproject.org/docs/tor-manual.html.en StrictExitNodes is no longer needed in the Tor 0.2.2.x series (you can think of it as being automatically on). --Roger Of course, the entry / exit nodes have to be running or Tor can't use them. ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] tor-0.2.2.30rc, torrc, ExitNodes, EntryNodes parameters.Not Recognized.
On Tue, Jul 12, 2011 at 06:37:36PM -0500, Joe Btfsplk wrote: > On 7/12/2011 1:24 PM, Luis Maceira wrote: >> I define some entry nodes or exit nodes in torrc and tor-0.2.2.30rc >>ignores them completely.Is this a new feature of 0.2.2.x series of >>releases? No, they should work fine. > Are you using Vidalia bundle or browser bundle? > Did you edit it while Tor was running? > Did you close all Tor, Vidalia, & browser processes, then restart after > editing torrc? And made sure the changes were saved? (I've failed to > save changes made in files - or something went wrong) > > Did you use the StictExitNodes 1...command after defining the exit > nodes? https://www.torproject.org/docs/tor-manual.html.en StrictExitNodes is no longer needed in the Tor 0.2.2.x series (you can think of it as being automatically on). --Roger ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] tor-0.2.2.30rc, torrc, ExitNodes, EntryNodes parameters.Not Recognized.
On 7/12/2011 1:24 PM, Luis Maceira wrote: I define some entry nodes or exit nodes in torrc and tor-0.2.2.30rc ignores them completely.Is this a new feature of 0.2.2.x series of releases? ___ Are you using Vidalia bundle or browser bundle? Did you edit it while Tor was running? Did you close all Tor, Vidalia, & browser processes, then restart after editing torrc? And made sure the changes were saved? (I've failed to save changes made in files - or something went wrong) Did you use the StictExitNodes 1...command after defining the exit nodes? https://www.torproject.org/docs/tor-manual.html.en ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] Downloading Firefox add-ons trough Tor. Safe?
Original Message From: tagnaq > This was recently discussed: > https://lists.torproject.org/pipermail/tor-talk/2011-June/020755.html Oh, I didn't see that. Thanks. It's a relief to finally get confirmed that it uses SHA256 checking, because I've downloaded and updated add-ons trough Firefox 3.6 for a while. ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] Is it possible to use Tor and Web-based MessengingServices?
Original Message From: William Wrightman > [...] > If anyone has had positive experiences with any web-based chat / > messengering services combined with Tor then please let me know. I think you can use tor for anything, unless you're using a tor exit that's banned. The problem is usually that such services require Java to work, and Java is mostly disabled or recommend to be disabled on tor setups because it can reveal your true IP by going side by tor. But if you know how to firewall your tor setup, you should be able to safely use Java. I don't know if you know how to do that, I think such firewalling is safer and works best on Linux anyway. ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] Accepting Java
On 7/12/2011 10:13 AM, Max wrote: Is there something specific I need to do to make Thunderbirds'connections go through TOR? Same as in Firefox (or that Torbutton does, if using that). Go to Tools>Options>Advanced>Network & Disk Space>Settings. Screen looks same as Firefox's. If Manual Proxy settings aren't already filled in, AFAIK, use same as Torbutton uses in normal Firefox (or in Tor Browser). I forgot to ask. How do I actually check if Thunderbird is going through TOR? I have setup so it works with firefox but there's a check site for that. Don't know about a check site for Tbird. You could look in your firewall's log & see what address Tbird is accessing. I'm sure there are other ways - I've never done it for an email client. There may even be an addon for Tbird that would tell you. FYI, there is a topic on the Tor project / help site, "How to torrify applications." Thunderbird is listed w/ some basic instructions. ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
[tor-talk] tor-0.2.2.30rc, torrc, ExitNodes, EntryNodes parameters.Not Recognized.
I define some entry nodes or exit nodes in torrc and tor-0.2.2.30rc ignores them completely.Is this a new feature of 0.2.2.x series of releases? ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] Accepting Java
Max wrote: > On 2011-07-12 00:09, JW wrote: > > Max wrote: > >> On 2011-07-11 18:46, JW wrote: > >>> Lalle Bralle wrote: > I'm trying to get countermail working with my TOR bundle I use > on a USB stick for added security and anomity when I feel I > need it. However, I believe Java has some security holes that's > why it's not accepted. While that's good I need TOR to accept > java so I can access countermail's login applet and considering > their site's security (no IP logging, added end-to-end > encryption, OpenPGP encryption, digital certificates) along > >> with > the fact the added anomity I will receive by using a TOR bundle > on my USB stick with a portable FireFox it should not be that > harmful. > > Anyone that could help me? > > >>> I, too have never found a recipe for success with Countermail. > >>> > >>> Indeed, the Countermail Engine requires Java in order to work. I > >>> have seen web traffic from the Countermail Team regarding Java > >>> security issues. You may want to write to them directly and ask. > >>> They will respond. They'll explain to you why they feel it's not > >>> an issue. > >>> > >>> I actually wound up accessing Countermail through Google Chrome > >>> and a Tor connection with JanusVPN. That works well, but then > >>> with Tor you run into the issue where you can login, but then you > >>> go to access your mail, or reply and you have to login again due > >>> to Tor's constantly shifting IP's. Countermail was supposed to > >>> be working on this issue,but I've yet to see a resolution. > >>> > >>> Bottom line, without Java CM won't work and with Tor it doesn't > >>> play nicely either. > >>> > >>> ___ tor-talk mailing > >>> list tor-talk@lists.torproject.org > >>> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk > >> > >> Ah, ok. I will contact them as I've been asking questions and they > >> respond quickly. Now it's always great with competition and other > >> than AnonymousSpeech I haven't find any other decent anonymous > >> e-mail domains. Could you or anyone as well recommend some other > >> that works well with tor? I like both, I guess AS is preferred via > >> TOR because it doesn't use Java. > >> > > Actually, one CAN use Countermail in an email client such as > > Thunderbird , with the appropriate settings, and with Tor. I just > > set that up. No real need to access Countermail through a browser. > > > ___ tor-talk mailing > > list tor-talk@lists.torproject.org > > https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk > > Is there something specific I need to do to make Thunderbirds' > connections go through TOR? I wish I could be of more assistance here. I use JanusVPN. As a VPN it routes all TCP traffic on my machine through Tor. Thus, I don't need any special settings in Thunderbird to proxy Countermail through Tor. I use the standard Countermail server settings. I did not have to change them. Perhaps a note to the Countermail Team would help. I'm sure they can help with the recommended settings. Sorry I could not be of more help. ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
[tor-talk] Is it possible to use Tor and Web-based Messenging Services?
Hi, A Scroogle search for "messenging online" reveals quite a few services. However, my experience has been that such services do not work properly with Tor. I'm not sure why but either I cannot complete the login process or my "buddies" do not appear or suchlike. All I am trying to do is to login with a Hotmail or Yahoo address then add people, chat, etc. I realize that I can download Pidgin and suchlike and use them with Tor but (for now at least) I would like to see if I can get web-based chat to work. If anyone has had positive experiences with any web-based chat / messengering services combined with Tor then please let me know. Thanks, William ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] Accepting Java
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 2011-07-12 00:09, JW wrote: > Max wrote: >> On 2011-07-11 18:46, JW wrote: >>> Lalle Bralle wrote: I'm trying to get countermail working with my TOR bundle I use on a USB stick for added security and anomity when I feel I need it. However, I believe Java has some security holes that's why it's not accepted. While that's good I need TOR to accept java so I can access countermail's login applet and considering their site's security (no IP logging, added end-to-end encryption, OpenPGP encryption, digital certificates) along >> with the fact the added anomity I will receive by using a TOR bundle on my USB stick with a portable FireFox it should not be that harmful. Anyone that could help me? >>> I, too have never found a recipe for success with Countermail. >>> >>> Indeed, the Countermail Engine requires Java in order to work. I >>> have seen web traffic from the Countermail Team regarding Java >>> security issues. You may want to write to them directly and ask. >>> They will respond. They'll explain to you why they feel it's not >>> an issue. >>> >>> I actually wound up accessing Countermail through Google Chrome >>> and a Tor connection with JanusVPN. That works well, but then >>> with Tor you run into the issue where you can login, but then you >>> go to access your mail, or reply and you have to login again due >>> to Tor's constantly shifting IP's. Countermail was supposed to >>> be working on this issue,but I've yet to see a resolution. >>> >>> Bottom line, without Java CM won't work and with Tor it doesn't >>> play nicely either. >>> >>> ___ tor-talk mailing >>> list tor-talk@lists.torproject.org >>> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk >> >> Ah, ok. I will contact them as I've been asking questions and they >> respond quickly. Now it's always great with competition and other >> than AnonymousSpeech I haven't find any other decent anonymous >> e-mail domains. Could you or anyone as well recommend some other >> that works well with tor? I like both, I guess AS is preferred via >> TOR because it doesn't use Java. >> > Actually, one CAN use Countermail in an email client such as > Thunderbird , with the appropriate settings, and with Tor. I just > set that up. No real need to access Countermail through a browser. > > ___ tor-talk mailing > list tor-talk@lists.torproject.org > https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk I forgot to ask. How do I actually check if Thunderbird is going through TOR? I have setup so it works with firefox but there's a check site for that. -BEGIN PGP SIGNATURE- Version: GnuPG v2.0.17 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iQEcBAEBAgAGBQJOHGSIAAoJEPec/BF37Yscd3MIALSkKnXEMOHINPtmvyIwIOH/ VbIj3LU9u9yJhtlfE9mMAo2pqz1G1Y4moLCNlcK1ifoPekVSzt5GLF/3b6gJcfF6 QWMQlD6HzKYYPeylXkODS6GfRBMkowqEob045Zm3jfjsInNBhPJGUCARspwCYwl0 VBAh3SGBg9fbdW5UfRFTrWw3KqKgrBhKVGkcZ7pT/j2RbomQhjRnqfcHTHp+JK4M CdcUuUGPMWTlFotNQH0MzYtYqqTDnUGOahepeiAndeE7SGP780mNcnJebAc5JxGf p8tIGFc12jNZykgK20reQ4HKjB+smp8qPLgLncRlleUdiDYnb7QMGaSXOkYN6no= =v54r -END PGP SIGNATURE- ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] Accepting Java
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 2011-07-12 00:09, JW wrote: > Max wrote: >> On 2011-07-11 18:46, JW wrote: >>> Lalle Bralle wrote: I'm trying to get countermail working with my TOR bundle I use on a USB stick for added security and anomity when I feel I need it. However, I believe Java has some security holes that's why it's not accepted. While that's good I need TOR to accept java so I can access countermail's login applet and considering their site's security (no IP logging, added end-to-end encryption, OpenPGP encryption, digital certificates) along >> with the fact the added anomity I will receive by using a TOR bundle on my USB stick with a portable FireFox it should not be that harmful. Anyone that could help me? >>> I, too have never found a recipe for success with Countermail. >>> >>> Indeed, the Countermail Engine requires Java in order to work. I >>> have seen web traffic from the Countermail Team regarding Java >>> security issues. You may want to write to them directly and ask. >>> They will respond. They'll explain to you why they feel it's not >>> an issue. >>> >>> I actually wound up accessing Countermail through Google Chrome >>> and a Tor connection with JanusVPN. That works well, but then >>> with Tor you run into the issue where you can login, but then you >>> go to access your mail, or reply and you have to login again due >>> to Tor's constantly shifting IP's. Countermail was supposed to >>> be working on this issue,but I've yet to see a resolution. >>> >>> Bottom line, without Java CM won't work and with Tor it doesn't >>> play nicely either. >>> >>> ___ tor-talk mailing >>> list tor-talk@lists.torproject.org >>> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk >> >> Ah, ok. I will contact them as I've been asking questions and they >> respond quickly. Now it's always great with competition and other >> than AnonymousSpeech I haven't find any other decent anonymous >> e-mail domains. Could you or anyone as well recommend some other >> that works well with tor? I like both, I guess AS is preferred via >> TOR because it doesn't use Java. >> > Actually, one CAN use Countermail in an email client such as > Thunderbird , with the appropriate settings, and with Tor. I just > set that up. No real need to access Countermail through a browser. > > ___ tor-talk mailing > list tor-talk@lists.torproject.org > https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk Is there something specific I need to do to make Thunderbirds' connections go through TOR? -BEGIN PGP SIGNATURE- Version: GnuPG v2.0.17 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iQEcBAEBAgAGBQJOHFe5AAoJEPec/BF37YscQGcIAIazi7Q1k+Kl3PQhIAkIBRF0 Fgl4ouN6BRGPV4OmAJlyWEjWyB/ghwcd0//Zl9197w+MUOPW6ISKMpI698umGnFN bXCRtzs9KrbPeRtIDHCHNKenZqYxFYXS4ZN21qfFTEwPbQSe41q9cbGA4D3u5044 al+sKWSjHdodZGnh4DIUv49aXhO7OyfL1ATRZevQG/2w85S2vENSgHy6V/0uHnSo sqGG+x6+dLd4u6ATqMXY9PQ696lfR7gw2ZmmYjgn+rLrjK1LIy2zBXZ2gXe1GN15 Kq7JvVMPhTfbDWAke/zDPwJVzZ8YMgUXchl9FKwnJYGr+2yGnLZ1FlfpvXBvCGk= =gptC -END PGP SIGNATURE- ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] Accepting Java
Original Message From: Lalle Bralle > I'm trying to get countermail working with my TOR bundle I use on a USB > stick for added security and anomity when I feel I need it. However, I > believe Java has some security holes that's why it's not accepted. While > that's good I need TOR to accept java so I can access countermail's login > applet and considering their site's security (no IP logging, added > end-to-end encryption, OpenPGP encryption, digital certificates) along > with the fact the added anomity I will receive by using a TOR bundle on my > USB stick with a portable FireFox it should not be that harmful. > > > Anyone that could help me? I'm on Linux and I've created iptables rules so only the user who runs the tor process is allowed to access the gateway, while the user who runs Firefox is not allowed to use the network at all. So I'm using Java and my logs have never detected any side channel transfers. ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] Downloading Firefox add-ons trough Tor. Safe?
Original Message From: Justin Aplin > I honestly don't know, but if you're *that* paranoid about your downloads > being tampered with, navigating to https://addons.mozilla.org and looking > up the add-ons manually is only a few extra clicks. I think it only checks the version with HTTPS, but download trough standard HTTP. I'm wondering if Firefox 3.6 has some checking of checksums or anything, not because I'm paranoid but because I'm wondering if this is safe to do on a regular basis by updating add-ons trough tor. ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] Downloading Firefox add-ons trough Tor. Safe?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 hi...@safe-mail.net wrote: > Original Message > From: Justin Aplin > >> I honestly don't know, but if you're *that* paranoid about your downloads >> being tampered with, navigating to https://addons.mozilla.org and looking >> up the add-ons manually is only a few extra clicks. > > I think it only checks the version with HTTPS, but download trough standard > HTTP. > I'm wondering if Firefox 3.6 has some checking of checksums or anything, not > because I'm paranoid but because I'm wondering if this is safe to do on a > regular basis by updating add-ons trough tor. This was recently discussed: https://lists.torproject.org/pipermail/tor-talk/2011-June/020755.html -BEGIN PGP SIGNATURE- iF4EAREKAAYFAk4cLisACgkQyM26BSNOM7bhigEAl90GIsI9i95YZJ2bvGaz2WD4 qsXiIfCpvGga2eW1WBsA/RtF6WyVK+kRAe1OiOJOn/Ay+PsvL4XWLrY1sX54M91f =rGXo -END PGP SIGNATURE- ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] Accepting Java
On 2011-07-12 00:09, JW wrote: > Max wrote: >> On 2011-07-11 18:46, JW wrote: >>> Lalle Bralle wrote: I'm trying to get countermail working with my TOR bundle I use on a USB stick for added security and anomity when I feel I need it. However, I believe Java has some security holes that's why it's not accepted. While that's good I need TOR to accept java so I can access countermail's login applet and considering their site's security (no IP logging, added end-to-end encryption, OpenPGP encryption, digital certificates) along >> with the fact the added anomity I will receive by using a TOR bundle on my USB stick with a portable FireFox it should not be that harmful. Anyone that could help me? >>> I, too have never found a recipe for success with Countermail. >>> >>> Indeed, the Countermail Engine requires Java in order to work. >>> I have seen web traffic from the Countermail Team regarding >>> Java security issues. You may want to write to them directly >>> and ask. They will respond. They'll explain to you why they feel >>> it's not an issue. >>> >>> I actually wound up accessing Countermail through Google Chrome >>> and a Tor connection with JanusVPN. That works well, but then >>> with Tor you run into the issue where you can login, but then you go >>> to access your mail, or reply and you have to login again due to >>> Tor's constantly shifting IP's. Countermail was supposed to be >>> working on this issue,but I've yet to see a resolution. >>> >>> Bottom line, without Java CM won't work and with Tor it doesn't >>> play nicely either. >>> >>> ___ >>> tor-talk mailing list >>> tor-talk@lists.torproject.org >>> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk >> >> Ah, ok. I will contact them as I've been asking questions and they >> respond quickly. Now it's always great with competition and other than >> AnonymousSpeech I haven't find any other decent anonymous e-mail >> domains. Could you or anyone as well recommend some other that works >> well with tor? I like both, I guess AS is preferred via TOR because it >> doesn't use Java. >> > Actually, one CAN use Countermail in an email client such as Thunderbird > , with the appropriate > settings, and with Tor. I just set that up. No real need to access > Countermail through > a browser. > > ___ > tor-talk mailing list > tor-talk@lists.torproject.org > https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk Great, that's actually what I wanted to accomplish when I begin using Thunderbird just a few days ago. I will try to make that work. :) ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
