Re: [tor-talk] Tragedy of the commons.
On 5/24/2013 12:39 PM, Chris Patti wrote: I just had to shut my relay down because someone was using it to hijack someone else's Gmail account :\ Dunno how I could get around this other than by blocking port 80, which is kind of the point :) How exactly does their hijacking attempt implicate your relay? At least, to shut it down entirely? I'm just asking. If they used any other anonymous proxy, the hijacker's activities are his own - yes / no ? I'm sure people hijack gmail accts all the time w/o using Tor. ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] DNS provider that does not hijack failures
On 5/30/2013 6:07 PM, Sean Alexandre wrote: On Thu, May 30, 2013 at 11:42:48PM +0200, Robin Kipp wrote: We use OpenDNS on our network, and I know they provide an info page if someone attempts to browse to a non-existant address. This isn't a big issue normally, but I can see how it's a problem with Tor. Thus, I'd like to use a different DNS service for my node and just put this in my resolv.conf to fix this. However, I'm not sure about which DNS provider would be best here, so any help with that would be greatly appreciated! Google Public DNS is one option: https://developers.google.com/speed/public-dns/docs/using OpenNIC has a list of some too, although I haven't tried any of these: http://wiki.opennicproject.org/Tier2 Google? Oh, my. ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] DNS provider that does not hijack failures
On 5/30/2013 8:11 PM, Sean Alexandre wrote: On Thu, May 30, 2013 at 07:15:36PM -0500, Joe Btfsplk wrote: Google? Oh, my. Not ideal, I agree. What would you use, if your ISP's resolvers weren't an option? Also, let's say you don't want to run your own DNS resolver. (Running your own resolver would seem ideal, but extra overhead.) I don't know. I'm just not sure about Google. No idea about their DNS resolver, but nothing they've done in years suggests that privacy / anonymity is anywhere near a top priority. Mostly, just the opposite. ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] DNS provider that does not hijack failures
On 5/31/2013 8:54 AM, Robin Kipp wrote: Hi Joe and Sean, thanks a lot for your suggestions and discussion! I have to say Google DNS really isn't an option for me, because I simply don't trust Google. Even if they do have a decent privacy policy for their DNS service, they do store geographic information which I think is unacceptable for a DNS provider. I've considered running my own DNS resolver, however the problem is that I use a Soekris Net6501 embedded PC as my home server which is also running the Tor node, and I think a DNS resolver would simply cause too much overheat on this box. Thanks a lot though, might have to consider other options if there aren't any other suggestions! Robin Again, I know nothing about Google's DNS service. I do know they've been sued over or have been the target of serious outcries from privacy advocates users, over their policies AND violating their own policies. Axiom: Google don't do nothin' for free. There's something in it for them. What - I've no idea. Any contract or policy is only as good as the word of the company behind it - unless one wants to take them to court. If one trusts Google to ensure privacy / or anonymity, in spite of their long track record, well... Why would they store geo info - ONLY geo info? Maybe to help understand where they need more / less capacity for DNS resolvers? Or something else? ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] Questions about IT security - can TOR help? Are theyre other systems out there?
On 6/2/2013 7:22 AM, Randolph William Scott wrote: Does Tor browser support a java plugin? No And if you download TOR, are there any insecure parts of the process? No, don't think so. It's a secure site. Any insecurity would likely be in your browser; presence of *possibly* insecure plugins (you mention java) and / or extensions (addons); or lack of some security enhancing addons (NoScript others). any ideas or validation would be nice. I have two weeks to get my business up and running as its cost me years of work - and a month of unbelievability at the obviousness of specific interference in the open. I unfortunately, by reacting to secure my and my daughters and my friends and business info, almost cover up any evidence someone doesn't pilfer before hand i realised. Don't know what this means. Like the gmail account - libertybluebe...@gmail.com - attacked immediately with DNS, spam, and delayed emails - and accessed by google and had account information added not associated with me. 1st, if looking for privacy a provider not data mining; using mined data or sharing, selling it, etc., Google / Gmail many other large providers aren't the places for you. Some details possibly missing. Were you running a business email acct w/ lots of traffic under a free, individual user acct? Though I don't really care for Gmail (I have a junk acct), their spam filters are generally pretty good (in my *free* acct). It is deleted now - after google got sensitive info without actually doing anything - so denying and pass on the info to others maybe. Spotify, Elance, Peopleperhour, Australia Post, ASIC, ANZ - all - gathered identifiable info, delayed, cross referenced, Did you read Google's TOS? It's straight forward that they'll take / use almost everything except your 1st born child. Most businesses don't use Gmail, Yahoo, etc., email accts - for the reasons you mention. im not one to watch my back all the time and constantly redoing the same checks on my info is tiring But you have to, if you want your data, transactions business to be reasonably safe. Every technology requires some knowledge expertise to use it properly safely. Internet's no different. If you're setting up business accts- on websites, email - you don't have the knowledge expertise to put proper safeguards security in place, *you may need to hire professionals.* Don't have the money? What if your car breaks down you don't have the knowledge to fix it? ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] [liberationtech] NSA, FBI, Verizon caught red handed spying on US citizens in the US
On 6/7/2013 9:34 AM, Eugen Leitl wrote: - Forwarded message from Richard Brooks r...@acm.org - Date: Fri, 07 Jun 2013 10:20:26 -0400 From: Richard Brooks r...@acm.org To: liberationt...@lists.stanford.edu Subject: Re: [liberationtech] *NSA, FBI, Verizon caught red handed spying on US citizens in the US* Not directed at Eugene. This isn't new news, to anyone that's paid even passing attention, over last several yrs. Further, it'd be ridiculous to think they're only monitoring Verizon. Even when they're warned specifically about HUGE red flags, or individuals are ON WATCH LISTS, they STILL don't catch them in time (latest - Boston). I'm sure they stop actions that we don't hear about (however, they DO like to toot their own horn)... One respected commentator I heard posed the question, Are we safer? How many plots have been stopped or arrests been made in U.S., as result of all the Billions spent BY THE U.S., on monitoring? We stopped the shoe bomber as result of tip from ? U.K.? (iirc) ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
[tor-talk] stop page image_thumb from appearing in tabs
Must have missed a memo about actual thumbnails (tiny) of pages appearing in each tab, in TBB 2.3.25-8. Not icons - actual thumbs of pages. I don't see that in regular fox, but maybe other addons block that behavior. Do you have to edit an about:config entry to stop them from showing in the tabs? Images are generally too small to be of much use take up room for text. Thanks. ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
[tor-talk] pages time out very fast_no network.http.proxy.keep-alive
Often sites I try to access w/ TBB time out almost instantly, where in Fx (23) same page, at same time - loads OK. The pages aren't Tor aphobics - as they will sometimes load in TBB. Part could be THE IP address being used in TBB, to access a page, at specific time. Some IPs could be on a / their black lists. I'm not sure when using Tor proxy, the about:config *network.http.proxy.keep-alive* applies in TBB, but it's not present in TBB, by default. But it's in Fx. 1st, in Fx for the similar *network.http.keep-alive.timeout* to work, *network.http.keep-alive* must be true. In TBB, there's no *network.http.keep-alive* entry (or ...proxy.keep-alive, if it exists) and no *network.http.proxy.keep-alive.* I'm guessing? this results in sometimes almost instantaneous timeouts? In some cases, could be the sites timing out Tor Network connections or specific IPs from Tor? May be coincidence - not tested it extensively, but when I add network.http.proxy.keep-alive entry set True - in TBB, same few pages I have problems loading in TBB, seem to load more consistently and / or faster. This is w/ limited testing. Anyone have insight on this topic? -- tor-talk mailing list - tor-talk@lists.torproject.org To unsusbscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
[tor-talk] Startpage, Ixquick not accessible
Has anyone else had problems accessing startpage, Ixquick DuckDuckGo search engines w/ TBB recently? For several days several restarts of Windows TBB 2.3.25-12, their pages time out almost immediately on accessing them. Restarted TBB, changed identities closed current relays several times w/ same result. I CAN still access google, Bing, Yahoo (sometimes) any other searches like Amazon, Wikipedia, etc. The ones still accessible load quickly. I have NO trouble accessing Startpage / Ixquick or DDG via regular Fx 23, which leads to believe the problem is tied to Tor relay addresses. Haven't been on Tor-Talk for quite a while, so sorry if this has been discussed. -- tor-talk mailing list - tor-talk@lists.torproject.org To unsusbscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] Startpage, Ixquick not accessible
On 9/30/2013 10:01 AM, Joe Btfsplk wrote: Has anyone else had problems accessing startpage, Ixquick DuckDuckGo search engines w/ TBB recently? For several days several restarts of Windows TBB 2.3.25-12, their pages time out almost immediately on accessing them. Restarted TBB, changed identities closed current relays several times w/ same result. I CAN still access google, Bing, Yahoo (sometimes) any other searches like Amazon, Wikipedia, etc. The ones still accessible load quickly. I have NO trouble accessing Startpage / Ixquick or DDG via regular Fx 23, which leads to believe the problem is tied to Tor relay addresses. Haven't been on Tor-Talk for quite a while, so sorry if this has been discussed. Re: log entries when access Ixquick, Startpage. Immediately on trying to access these search engines that are unavailable, the ONLY entries appearing in Tor log after the failed connections are: [Info] connection_edge_process_relay_cell(): data cell dropped, unknown stream (streamid 21351). This same message also appears for other *successful* connections, so don't know it's particularly useful. I don't have debug option checked in logging. -- tor-talk mailing list - tor-talk@lists.torproject.org To unsusbscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
[tor-talk] panopticlick data
Info given on panopticlick.eff.org is a bit confusing in that some of it seems incorrect. If that makes a browser more common, I guess it's a good thing. But some of the info it shows as incorrect is very uncommon. That doesn't mean someone trying to finger print a browser would get the same info that Panopticlick shows - or does it? It showed an incorrect screen size and color depth. Claiming in 1 in 430370 browsers (systems?) have that specific characteristic - fairly uncommon. Except monitor info is incorrect. All that resulted in a claim that only *one in 1,721,479 browsers have the same fingerprint*. https://panopticlick.eff.org I don't know where / how it gets the screen size, but mine definitely isn't 947 wide. It's actually a very common size. I assume the color depth is bit value. Panopticlick shows 24 (bit?), but there's not even a CHOICE of 24 bit in my display settings, for my monitor / graphics card combination. Maybe I misunderstand how Panopticlick arrives at that value. It surprised me that it estimated 1 in 76 browsers had the USERAGENT data given by TBB, of Windows 7 w/ Fx 17. Other than possibly mostly TBB users going to Panopticlick (skewing the data) to check browser uniqueness, I doubt 1 in every 76 users in the U.S. or world wide, truly have Fx 17 in Windows 7. Maybe I'm wrong. I just wondered if others have checked their regular Firefox TBB uniqueness on eff's site, to see if the data shown seems accurate for their system? -- tor-talk mailing list - tor-talk@lists.torproject.org To unsusbscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] panopticlick data
On 10/1/2013 12:48 AM, Andreas Krey wrote: On Mon, 30 Sep 2013 21:08:58 +, Joe Btfsplk wrote: ... No cookies are set, so that doesn't affect outcome. In fact, the bits of identifying information shown in results chart largely remain identical (except screen size sometimes changes), but their estimate of One in X browsers have the same fingerprint as yours, keeps going down dramatically - each time I re run the test. How do you expect them to identify repeat visitors as opposed to counting them as separate incarnations, thus lowering the uniqueness? Not sure I understand the question in this context. Without cookies, I don't expect them to identify repeat visitors. I read their full paper on how they use the data collected https://panopticlick.eff.org/browser-uniqueness.pdf Me visiting 2 - 4 more times, or even the other site visitors - *in the same 2 - 4 min. span*, wouldn't (actually) affect the statistics lower their reported uniqueness estimate by factors of 2, 3 or more. Repeating the test 4 times, almost immediately (clearing cache between), out of an existing data base of millions of other site visitors, wouldn't lower my uniqueness from 1 in 1.7 million, then to 1 in 700,000, to 1 in 500,000. I checked regular Fx again today my uniqueness just keeps dropping w/ each test. If I'd kept going, it may have gotten to, One in 100 browsers have the same fingerprint. Nothing changed about my browser between tests, so those huge decreases in my uniqueness would be statistically impossible, unless they had MANY millions of other visitors in the same few minutes I was testing - which they didn't. Just now (10/1/2013), I checked both TBB 2.3.25-12 ( Firefox 23 - showing it's true useragent info). Panopticlick showed TBB was over 3 times LESS unique than regular Fx. TBB: 1 in 689,000 vs Fx 23: 1 in 203,000, at least in one test. That may not be statistically meaningful, but it's a concern. Most of the difference came from TBB reported screen size (which showed the correct screen width of my monitor), where Panopticlick shows regular Fx 23 screen width as 256 px LESS than TBB. Not sure how that's possible for width. The bigger point is, uniqueness values for either browser keep dropping *dramatically*, repeating the test a few times in just 2 - 3 minutes, when browser characteristics didn't change. Making the value of their estimates questionable. I may contact them to see if they have an explanation for this. Possible solution to make fingerprinting more difficult: An extension or TBB design that regularly or randomly changes / spoofs values for some of the data used to calculate uniqueness. There are extensions that change some (like useragent), but don't change it repeatedly. To avoid tracking Tor users from entry to exit, some browser characteristics would have to change rapidly often. I have no idea if the current consensus is that trackers could identify a user from ONE request or a SINGLE entry / exit in the Tor network (making it hard, but not impossible to intentionally change browser characteristics during that short time). Or... if they'd need to observe several entries / exits (or several requests receipts involving same relays) to conclude with high confidence that it is the same browser. -- tor-talk mailing list - tor-talk@lists.torproject.org To unsusbscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] panopticlick data
On 10/1/2013 12:06 PM, Nicolas Vigier wrote: On Tue, 01 Oct 2013, Joe Btfsplk wrote: Not sure I understand the question in this context. Without cookies, I don't expect them to identify repeat visitors. I read their full paper on how they use the data collected https://panopticlick.eff.org/browser-uniqueness.pdf Me visiting 2 - 4 more times, or even the other site visitors - *in the same 2 - 4 min. span*, wouldn't (actually) affect the statistics lower their reported uniqueness estimate by factors of 2, 3 or more. Repeating the test 4 times, almost immediately (clearing cache between), out of an existing data base of millions of other site visitors, wouldn't lower my uniqueness from 1 in 1.7 million, then to 1 in 700,000, to 1 in 500,000. 1st visit: 3 444 000 2nd visit: 3 444 000 / 2 = 1 722 000 3rd visit: 3 444 000 / 3 = 1 148 000 4th visit: 3 444 000 / 4 = 861 000 5th visit: 3 444 000 / 5 = 688 800 6th visit: 3 444 000 / 6 = 574 000 etc ... Thanks. I'm not a statistics major, so you may have to explain, but are you saying that the 1st time I visit w/ a given set of browser characteristics, and they've only seen 1:3,444,000 browsers w/ exactly the same traits, then on my 2nd visit, they've now seen 2 identical browsers in 3,444,001 = 1: 1,722,000.5? All that seems to mean is, they've not seen many browsers like mine (poor distribution), IF... it started out as 1 in 3.44 mil, or anything close - as mine would be a VERY common setup. All the individual characteristics tested were very common, per their results. Most are 1:10 none 1:100, except the screen size (which seems incorrect). Seems unlikely my 1920 width monitor only has 1664 usable browser pane width (what they show). When they show *1920* width for TBB, but the 2 browser panes are the same in width. Only thing taking up horizontal space on either browser is the vertical scroll bar, which are pretty much identical. *NOTE:* The *bits of identifying information* for individual browser characteristics (useragent, cookies enabled, etc.) uniqueness (1 in X have this) of the INDIVIDUAL characteristics do NOT change, as you run the test repeatedly. Those values must be calculated from a set data base don't seem to be affected by your current visit. Assuming trackers had a large enough sample space to have a high confidence level, for fingerprinting purposes, would it matter if only 1 in 10,953, or 1 in 10,953,000 browsers were like yours? As long as they could identify A browser w/ the same uniqueness (EXACT same characteristics - entering exiting). Even w/o Flash or Java enabled revealing system fonts, etc. Only way I see that's not true is if 100's of users w/ EXACT same browser characteristics (right down to same screen characteristics), used the same entry / exit relays at the SAME time. That's unlikely, unless TBB starts spoofing screen size, the same for everyone. I believe in same TBB version (maybe the same in many versions) they spoof the useragent time zone, but wouldn't differences in screen sizes color bit ALONE, among a few users on one entry / exit combination, at a given moment be enough to fingerprint one user? -- tor-talk mailing list - tor-talk@lists.torproject.org To unsusbscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] panopticlick data
On 10/2/2013 12:08 AM, Andreas Krey wrote: On Tue, 01 Oct 2013 13:43:10 +, Joe Btfsplk wrote: ... I believe in same TBB version (maybe the same in many versions) they spoof the useragent time zone, but wouldn't differences in screen sizes color bit ALONE, among a few users on one entry / exit combination, at a given moment be enough to fingerprint one user? Fingerprinting isn't about identifying the same session (there are cookies for that), but about recognizing you on your next visit when you come from a different IP/exit (or even the same) I can't say if that is / isn't true. If it is, goes back to my question / pondering, if regularly changing some browser trait(s) (maybe w/ an extension, Tor Button) would make it much more difficult to conclusively say, This is the same person / browser. Seems unlikely that all TBB users having the exact same browser characteristics is going to happen. It's good in theory, but may be unrealistic. Perhaps approaching the issue from a more realistic standpoint is worth looking into? Chaos is easier to achieve than perfection. Wondering: in practice, which would be easier to achieve and / or be more successful at preventing fingerprinting: Trying to make all TBB users look identical or constantly changing (spoofing) some browser characteristics (ones that DON'T break functionality), so that every TBB browser is constantly changing it's profile? Perhaps call it SSTBB - shape shifter TBB. There may be drawbacks to *regularly* changing ANY characteristics used for fingerprinting. Just a thought. Definitely problems w/ the current method of trying to make everyone look identical. Screen/Window size spoofing is pointless as there are many ways of finding out the actual window size. And colors are pretty much always 24bit anyway. Does the issue of other ways to find the actual screen size value, apply to other browser traits as well (some / many)? If so, possibly ONLY turning of java script would prevent much of that. Unfortunately, that breaks at least part of many sites. -- tor-talk mailing list - tor-talk@lists.torproject.org To unsusbscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] Tor Weekly News — October 2nd, 2013
On 10/2/2013 7:00 AM, harmony wrote: Tor Weekly NewsOctober 2nd, 2013 On September 28th, Mike Perry released the fourth alpha of the new Tor Browser Bundle 3.0 series [1] It also fixes a fingerprinting issue by randomizing the TIMESTAMP sent when establishing an HTTPS connection. Why limit the randomization of browser characteristics or other data to just the timestamp? Why not randomize certain other data or browser characteristics (that wouldn't break functionality)? This goes back to my post containing the concept of it being easier to achieve chaos than perfection. I'm not sure what would / wouldn't surely break some functionality; but things like user agent (or parts of it); time zone; randomly spoofing system fonts, even w/ Flash Java disabled, etc. Or other things that are easy to randomize aren't likely to break functionality. -- tor-talk mailing list - tor-talk@lists.torproject.org To unsusbscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] Adblock for everyone
Thanks for your insight. On 10/6/2013 10:18 AM, Andrew Lewman wrote: Adblock whitelists certain advertising companies and ads themselves: These white lists can easily be disabled, but then that conflicts w/ Tor's concept of damaging sites' acceptance of Tor (interesting point). However, fingerprinting NOT with standing, millions? of Firefox other browser users, having Adblock Plus, Ghostery, etc., enabled, are never turned away from websites, AFAIK. Just curious - by that analogy, should Fx, Chrome others maybe disallow using extensions that block ads or other things, as it may cause some sites' non acceptance of browsers that allow such extensions? Could be wrong, but I'd bet if sites reject TBB, it might be because of several other reasons that come before blocking ads. But... Users are free to install these addons if they wish, but doing so is not recommended, as it will alter the browser request fingerprint. That brings up a good question. I assume that TBB freely gives up info to sites that use the query: navigator.plugins - where sites can query whether specific plugins are installed: |var isSupported = navigator.plugins['Shockwave Flash'];|... if users install any plugins. Since TBB doesn't ship with plugins, why does TBB honor requests for plugin info, at all? Would TBB ignoring requests for navigator.plugins from sites break too many browser functions or ? As I understand, in Fx there's no equivalent method to find out all installed EXTENSIONS (distinguished from plugins; collectively called addons). But presence of SOME extensions are detectable by their effect on a web site's function, such as ads or trackers being blocked. Correct? But, not all extensions in Fx (TBB) are detectable - correct? Thanks. -- tor-talk mailing list - tor-talk@lists.torproject.org To unsusbscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] Adblock for everyone
On 10/6/2013 3:14 PM, Joe Btfsplk wrote: Thanks for your insight. On 10/6/2013 10:18 AM, Andrew Lewman wrote: Adblock whitelists certain advertising companies and ads themselves: These white lists can easily be disabled, but then that conflicts w/ Tor's concept of damaging sites' acceptance of Tor (interesting point). However, fingerprinting NOT with standing, millions? of Firefox other browser users, having Adblock Plus, Ghostery, etc., enabled, are never turned away from websites, AFAIK. Just curious - by that analogy, should Fx, Chrome others maybe disallow using extensions that block ads or other things, as it may cause some sites' non acceptance of browsers that allow such extensions? Could be wrong, but I'd bet if sites reject TBB, it might be because of several other reasons that come before blocking ads. But... Users are free to install these addons if they wish, but doing so is not recommended, as it will alter the browser request fingerprint. That brings up a good question. I assume that TBB freely gives up info to sites that use the query: navigator.plugins - where sites can query whether specific plugins are installed: |var isSupported = navigator.plugins['Shockwave Flash'];|... if users install any plugins. Since TBB doesn't ship with plugins, why does TBB honor requests for plugin info, at all? Would TBB ignoring requests for navigator.plugins from sites break too many browser functions or ? As I understand, in Fx there's no equivalent method to find out all installed EXTENSIONS (distinguished from plugins; collectively called addons). But presence of SOME extensions are detectable by their effect on a web site's function, such as ads or trackers being blocked. Correct? But, not all extensions in Fx (TBB) are detectable - correct? Thanks. No comments from more experienced users about the possibility of TBB ignoring sites' requests for *most* plugins? On 10/6/2013 10:18 AM, Andrew Lewman wrote: Users are free to install these addons if they wish, but doing so is not recommended, as it will alter the browser request fingerprint. The word will means no exceptions. Is it true that for extensions (not plugins), how they change TBB's fingerprint (if at all) may depend on their function? Specifically, their effect, if any, on the web page and if that effect could be detected by the web page (or an adversary)? And then, only if the extension's (not plugins') specific effect on a web page is actually being monitored? What site or adversary would or could monitor if an extension was installed, that only shows the download status / progress of a page, etc.? If an extension doesn't alter sites' functions - at all (not talking about AdBlock here), doesn't send / receive data, no pinging, etc., how would its presence be detected, thus changing TBB's fingerprint? -- tor-talk mailing list - tor-talk@lists.torproject.org To unsusbscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
[tor-talk] still unable to reach StartPage or Ixquick
Haven't been able to reach StartPage or Ixquick sites or do search for a week or more, in TBB 2.3.25-12. Can't even reach their home pages through another search engine, like Google or Yahoo. ** Are others able to access these 2 search engines in the *same TBB version* as I'm using? If so, maybe I need to re-extract the TBB files start over. TBB has been closed / restarted many times since problem began. Thanks. -- tor-talk mailing list - tor-talk@lists.torproject.org To unsusbscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] still unable to reach StartPage or Ixquick
On 10/7/2013 5:27 PM, Roger Dingledine wrote: On Mon, Oct 07, 2013 at 05:18:17PM -0500, Joe Btfsplk wrote: Haven't been able to reach StartPage or Ixquick sites or do search for a week or more, in TBB 2.3.25-12. Can't even reach their home pages through another search engine, like Google or Yahoo. ** Are others able to access these 2 search engines in the *same TBB version* as I'm using? If so, maybe I need to re-extract the TBB files start over. TBB has been closed / restarted many times since problem began. Tor 0.2.3.x is not so fun to use these days: https://blog.torproject.org/blog/how-to-handle-millions-new-tor-clients I recommend trying the TBB 3.0a4 (assuming you're not on Win XP and you don't need pluggable transports): https://blog.torproject.org/category/tags/tbb-30 We'll hopefully declare Tor 0.2.4.x stable real soon now. We keep getting distracted though. Soon I hope! :) Thanks, but - Whoa! Tor 0.2.4.x isn't declared stable, so skip it - go straight to 3.0a? I know it's got a lot of ? unproven as rock solid? features, but what about my secret double naught spying duties? But, no XP here. Anyway, what about others reaching Startpage Ixquick using 2.3.25-12? If they're largely unreachable for others, no point in worrying about that - plenty of other stuff to occupy myself. -- tor-talk mailing list - tor-talk@lists.torproject.org To unsusbscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] still unable to reach StartPage or Ixquick
On 10/7/2013 9:34 PM, Matthew Finkel wrote: Thanks, but - Whoa! Tor 0.2.4.x isn't declared stable, so skip it - go straight to 3.0a? I know it's got a lot of ? unproven as rock solid? features, but what about my secret double naught spying duties? So these are actually two versions number for two different programs. 0.2.4.x referred to the tor version which is packaged in TBB. 3.0a referred to the TBB version. Your current version of TBB just happens to have a very similar version number to tor's. TBB will be jumping to 3.x soon, though, as Roger said, tor will remain on the 0.2.x.y path. Thanks. I understood that, but Roger suggested skipping past 0.2.4.x-b, straight to 3.0a. Maybe things have progressed so fast, that 0.2.4.x versions are already outdated, before they were released as stable. Either way, they're both still alpha or beta. I actually experienced this yesterday. I was too busy to troubleshoot the connection issue, but it appeared that the request timed out. This happened for both startpage and DDG, but not the other websites I loaded. T'was strange, but probably just circuit dependent. In short, if this is what you saw then it isn't only you, but I don't know why it's happening. Yes, the pages are timing out - immediately, repeatedly, spread out dozenS of times over a week. Also happening on DDG. I would've used dozens of circuits new identities. Some were U.S. exit relays. The only way I know of that could happen, is if the site's down (They aren't for regular Fx), or if they're blocking Tor traffic. Or something's interfering w/ TBB getting to them. DDG has also been unreachable w/ TBB. The newer 0.2.3.25-13 has the same issue. Either it's not happening to that many TBB users, or; Not that many actually use Startpage / Ixquick; Other than you, list users are too busy to reply a works for me, or same problem here. -- tor-talk mailing list - tor-talk@lists.torproject.org To unsusbscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
[tor-talk] which 3.0a4 package is for Windows
Is the only set of installers that doesn't list an OS, the one for Windows? https://archive.torproject.org/tor-package-archive/torbrowser/3.0a4/ Is there a reason even stable Win versions never reference the OS in file names? Thanks. -- tor-talk mailing list - tor-talk@lists.torproject.org To unsusbscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] which 3.0a4 package is for Windows
On 10/8/2013 6:13 PM, Moritz Bartl wrote: Is there a reason even stable Win versions never reference the OS in file names? .exe is a Windows(-only) extension. I agree that the OS could be added to the file name to avoid confusion. Thanks, but a question / comment. Except in this case, the file / package isn't an executable - it's a compressed archive. The exe may be used here to indicate a Windows build, but it's just a zipped (.7z) file. I'm sure lots of new users are confused by the .exe, in spite of instructions. Technically, shouldn't the Windows packages have a compressed archive extension, like the other platforms? Besides, emailing a Windows TBB package w/ .exe extension can create problems. Why not call it what it is? -- tor-talk mailing list - tor-talk@lists.torproject.org To unsusbscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] Tor Weekly News — October 9th, 2013
On 10/9/2013 10:27 AM, Lunar wrote: Tor Weekly NewsOctober 9th, 2013 Welcome to the fifteenth issue of Tor Weekly News, the weekly newsletter that covers what's happening in the world of Tor — “king of high-secure, low-latency anonymity” [1]. [1] http://www.theguardian.com/world/interactive/2013/oct/04/tor-high-secure-internet-anonymity New tranche of NSA/GCHQ Tor documents released -- ... a series of stories were published in the Guardian and the Washington Post that detailed alleged attempts by NSA, GCHQ, and their allies to defeat or circumvent the protection that Tor offers its users. ... The documents in question [3] offer,... a summary of attacks against Tor users and the network as a whole that they have considered or carried out. I'm sure Tor developers have considered the real possibility that some or all of what different agencies release, about their capabilities successes (or lack of) against Tor - or anything else, is misinformation, designed to make the Tor Project AND users more comfortable in continuing to use TBB. Logically, if any agency or adversary divulged they can somewhat successfully track users or infiltrate the system, then most would stop using it and a valuable method to gather information or catch criminals would cease to exist. Good poker players and gov'ts NEVER reveal their hands. I wouldn't take seriously anything that ANY gov't publicly reveals about their technology or intelligence capability (or lack there or). Over a long history, it's been repeatedly shown that advanced gov'ts always know more have more technology capability, than is revealed. That is, often until decades later, when the real truth comes out. It's no different now. -- tor-talk mailing list - tor-talk@lists.torproject.org To unsusbscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] Tor Weekly News — October 9th, 2013
On 10/9/2013 5:32 PM, Juan Garofalo wrote: Why hasn't Snowden published all the stuff he got from the NSA nazis? Why hasn't he uploaded it to wikileaks for instance? Or torrented it? Top 10 Reasons Snowden hasn't published his documents: 10. Wiki what? 9. Unaware of statute of limitations on publishing stolen government documents. 8. Can't find a ghost writer. 7. Been too busy traveling. 6. Worried it might hurt his chances for public office. 5. Waiting for The Presidential Medal of Freedom, for exposing violation of the Constitution. 4. Has grown fond of eating breathing. 3. Hoping for Ambassadorship of Syria. 2. Holding them as Get Out of Jail card. 1. Waiting for ABC to offer movie of the week deal. -- tor-talk mailing list - tor-talk@lists.torproject.org To unsusbscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] Tor Weekly News — October 9th, 2013
On 10/9/2013 6:52 PM, Crypto wrote: Excellent! I [love] it! Joe Btfsplk joebtfs...@gmx.com wrote: On 10/9/2013 5:32 PM, Juan Garofalo wrote: Why hasn't Snowden published all the stuff he got from the NSA nazis? Why hasn't he uploaded it to wikileaks for instance? Or torrented it? Top 10 Reasons Snowden hasn't published his documents: 10. Wiki what? 9. Unaware of statute of limitations on publishing stolen government documents. 8. Can't find a ghost writer. 7. Been too busy traveling. 6. Worried it might hurt his chances for public office. 5. Waiting for The Presidential Medal of Freedom, for exposing violation of the Constitution. 4. Has grown fond of eating breathing. 3. Hoping for Ambassadorship of Syria. 2. Holding them as Get Out of Jail card. 1. Waiting for ABC to offer movie of the week deal. Thank youuu! I'll be at the Holiday Inn lounge all week, on the interstate outside of Cleveland. -- tor-talk mailing list - tor-talk@lists.torproject.org To unsusbscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] still unable to reach StartPage or Ixquick
On 10/9/2013 8:00 PM, krishna e bera wrote: On 13-10-09 07:14 PM, Joe Btfsplk wrote: After manually adding prefs.js entries in 3.0a4, that were suggested on Tor project Trac to make it work, there's no change in being unable to connect to Startpage, Ixquick, DDG; often even Wikipedia -SSL Google. Could it be (for Startpage Ixquick), they've suddenly become very popular, due to lots of recent news about various people watching everything? Maybe they're limiting Tor or other anonymous traffic to keep servers open for regular users. No explanation for DDG, Wikipedia. Just that in regular Fx, can connect to all of them instantly. When you reinstalled or upgraded your TBB, did you remove the directory first? Sometimes a clean install gets rid of strange glitches leftover from in place upgrades. I never install TBB over the top of old versions or use an old profile. Since it's done the same thing (starting a wk ago in 2.3.25-12), now same exact thing in 2.3.25-13 3.0a4. I can connect to Bing Yahoo - in any TBB version I'm now trying. I even have tabs open w/ the URLs already entered for Startpage, Ixquick, Google say Bing, Yahoo AND any usual site. Google doesn't fail as much, but never had a problem w/ any of them before. So when Startpage, et al. fail, I instantly load another site (Mozilla.org, etc.) - which succeeds - using the same relay circuit. I checked w/ the network map open to make sure circuits weren't changing between the failures successes. One or 2x wouldn't mean anything, but I've repeated it dozens of times over many days w/ very consistent results. I also have Firefox open w/ the same site as TBB - say Startpage. When they fail in TBB, I instantly load it in regular Fx loads every time. So the search sites' servers aren't overloaded - at least for normal internet traffic. For a bit, I wondered if my ISP was slowing connections to Tor relays, but I don't have the TBB connection problem w/ most other sites, so that can't be it. I'm just brain storming. Thinking outside the box - what if I look at the problem from opposite direction. Instead of thinking as a problem of Startpage, et al. not accepting Tor / TBB, look at it from a Tor / TBB having problems with these sites stance (Startpage, et al.). There's obviously SOME reason, but not typical - given all the methods versions I've used to rule out possibilities. Yahoo, Bing, Amazon, Ebay searches - together w/ the nsa, *must* be blocking me from other searches engines, forcing me to use them. Yeah, that must be it. -- tor-talk mailing list - tor-talk@lists.torproject.org To unsusbscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] still unable to reach StartPage or Ixquick
On 10/10/2013 5:11 AM, Alex wrote: Orbot/orweb combination (android devices) does not seem to have any issues. Thanks. Good to know. I'm using Windows desktop laptop. Am 10. Oktober 2013 05:59:15 schrieb Joe Btfsplk joebtfs...@gmx.com: On 10/9/2013 8:00 PM, krishna e bera wrote: On 13-10-09 07:14 PM, Joe Btfsplk wrote: After manually adding prefs.js entries in 3.0a4, that were suggested on Tor project Trac to make it work, there's no change in being unable to connect to Startpage, Ixquick, DDG; often even Wikipedia -SSL Google. Could it be (for Startpage Ixquick), they've suddenly become very popular, due to lots of recent news about various people watching everything? Maybe they're limiting Tor or other anonymous traffic to keep servers open for regular users. No explanation for DDG, Wikipedia. Just that in regular Fx, can connect to all of them instantly. When you reinstalled or upgraded your TBB, did you remove the directory first? Sometimes a clean install gets rid of strange glitches leftover from in place upgrades. I never install TBB over the top of old versions or use an old profile. Since it's done the same thing (starting a wk ago in 2.3.25-12), now same exact thing in 2.3.25-13 3.0a4. I can connect to Bing Yahoo - in any TBB version I'm now trying. I even have tabs open w/ the URLs already entered for Startpage, Ixquick, Google say Bing, Yahoo AND any usual site. Google doesn't fail as much, but never had a problem w/ any of them before. So when Startpage, et al. fail, I instantly load another site (Mozilla.org, etc.) - which succeeds - using the same relay circuit. I checked w/ the network map open to make sure circuits weren't changing between the failures successes. One or 2x wouldn't mean anything, but I've repeated it dozens of times over many days w/ very consistent results. I also have Firefox open w/ the same site as TBB - say Startpage. When they fail in TBB, I instantly load it in regular Fx loads every time. So the search sites' servers aren't overloaded - at least for normal internet traffic. For a bit, I wondered if my ISP was slowing connections to Tor relays, but I don't have the TBB connection problem w/ most other sites, so that can't be it. I'm just brain storming. Thinking outside the box - what if I look at the problem from opposite direction. Instead of thinking as a problem of Startpage, et al. not accepting Tor / TBB, look at it from a Tor / TBB having problems with these sites stance (Startpage, et al.). There's obviously SOME reason, but not typical - given all the methods versions I've used to rule out possibilities. Yahoo, Bing, Amazon, Ebay searches - together w/ the nsa, *must* be blocking me from other searches engines, forcing me to use them. Yeah, that must be it. -- tor-talk mailing list - tor-talk@lists.torproject.org To unsusbscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] Troubleshooting failed Startpage connection [Was: still unable to reach StartPage or Ixquick]
On 10/9/2013 10:59 PM, Joe Btfsplk wrote: On 10/9/2013 8:00 PM, krishna e bera wrote: On 13-10-09 07:14 PM, Joe Btfsplk wrote: ... in 3.0a4, ... there's no change in being unable to connect to Startpage, Ixquick, DDG; often even Wikipedia -SSL Google. in regular Fx, can connect to all of them instantly. When you reinstalled or upgraded your TBB, did you remove the directory first? Sometimes a clean install gets rid of strange glitches leftover from in place upgrades. I never install TBB over the top of old versions or use an old profile. Since it's done the same thing (starting a wk ago in 2.3.25-12), now same exact thing in 2.3.25-13 3.0a4. I can connect to Bing Yahoo - in any TBB version I'm now trying. I even have tabs open w/ the URLs already entered for Startpage, Ixquick, Google say Bing, Yahoo AND any usual site. Google doesn't fail as much, but never had a problem w/ any of them before. So when Startpage, et al. fail, I instantly load another site (Mozilla.org, etc.) - which succeeds - using the same relay circuit. I checked w/ the network map open to make sure circuits weren't changing between the failures successes. One or 2x wouldn't mean anything, but I've repeated it dozens of times over many days w/ very consistent results. I also have Firefox open w/ the same site as TBB - say Startpage. When they fail in TBB, I instantly load it in regular Fx loads every time. So the search sites' servers aren't overloaded - at least for normal internet traffic. For a bit, I wondered if my ISP was slowing connections to Tor relays, but I don't have the TBB connection problem w/ most other sites, so that can't be it. I'm just brain storming. Thinking outside the box - what if I look at the problem from opposite direction. Instead of thinking as a problem of Startpage, et al. not accepting Tor / TBB, look at it from a Tor / TBB having problems with these sites stance (Startpage, et al.). There's obviously SOME reason, but not typical - given all the methods versions I've used to rule out possibilities. Yahoo, Bing, Amazon, Ebay searches - together w/ the nsa, *must* be blocking me from other searches engines, forcing me to use them. Yeah, that must be it. I assume? most users of WINDOWS TBB 2.3.25-12/13 that have read of my problem, have recently tried Startpage, Ixquick, DDG - not really having any issues? Would Tor message log posted here have anything useful that more experienced users may spot a problem? I looked at logs (w/ Debug, error, warning, notice turned on) for FAILED connection to Startpage / Ixquick Check.torproject VS. good connection to other sites. Nothing obvious - others may see something. -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] Failed Startpage connection problem found_need solution [Was: still unable to reach StartPage or Ixquick]
On 10/10/2013 11:26 AM, Joe Btfsplk wrote: I assume? most users of WINDOWS TBB 2.3.25-12/13 that have read of my problem, have recently tried Startpage, Ixquick, DDG - not really having any issues? Would Tor message log posted here have anything useful that more experienced users may spot a problem? I looked at logs (w/ Debug, error, warning, notice turned on) for FAILED connection to Startpage / Ixquick Check.torproject VS. good connection to other sites. Nothing obvious - others may see something. HOLY CRAP, TOR MAN. I discovered it's some change (update?) in Kaspersky Internet Security 2014, blocking access to certain sites, like the Tor checkpage, Ixquick, Startpage. But it doesn't affect vast majority of sites in TBB. SPECIFICALLY, it seems KIS's monitoring of HTTPS port 443 that blocks certain sites using HTTPS, in TBB -ONLY-, NOT in Fx. Just because it monitors certain ports, (normally) it wouldn't block *EVERYTHING* using those ports, unless there's a setting in TBB causing a problem, that's NOT in Fx. Both have HTTPS everywhere (UNchecking force HTTPS on Startpage made no change); both browsers have NoScript. In regular Fx 24, KIS is still monitoring HTTPS port 443 Startpage, et al., load just fine. So it's a *TBB / Tor connection* port 443 that KIS has a problem with. Guessing here - seems like a problem w/ TBB triggering KIS to block it on port 443. Fx 24 is NOT blocked on port 443. I can / will go on the Kaspersky forum on this, but some here may have good solutions. * Tor / TBB is already in KIS's Trusted Group, so no problem there. * Don't (think I) want to turn off ALL port 443 monitoring; causes no problem in Fx probably should be monitored?? * Don't want to whitelist (not monitor) *ALL* TBB activity in KIS - takes away all protection. Must be something specific on -HOW- TBB accesses port 443 VS. regular Fx, that KIS sees as a problem. -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] Failed Startpage connection problem found_need solution [Was: still unable to reach StartPage or Ixquick]
On 10/10/2013 1:42 PM, krishna e bera wrote: When you find yourself replying a lot in your own troubleshooting thread, it may be time to start a ticket on https://trac.torproject.org and followup there. OK, thanks. I never see troubleshooting threads go on forever on the list. :D But wait - I found the problem I'm sure lots of users here know the best, safest way to handle TBB various AV prgms monitoring port 443. Not sure need to create a ticket for that. Perhaps just turn off monitoring encrypted connections in the AV/ soft FW. Not sure about the safety aspect. On 13-10-10 02:10 PM, Joe Btfsplk wrote: * Don't want to whitelist (not monitor) *ALL* TBB activity in KIS - takes away all protection. Au contraire, why allowing any security or other software access to Tor communications? You are effectively sending Kaspersky corporation your data and metadata with your IP address, which can be intercepted or grabbed off their servers by any agency with sufficient powers. ...Unless you are using KIS and TBB in a VM with a fake IP address etc. Any AV that does updates, already has your IP address, I'd guess. I doubt there'd be any way for them to correlate an IP used for updates w/ Tor network addresses, or that it's any concern. If there is, the whole Tor Project is remiss in not warning users about the threat. KIS others log network activity, but you can turn it off completely, or limit retention to a day. If in a hostile environment, could clear the log (if turned on) erase free space on that partition, if worried about the MIB showing up. -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] Tor Weekly News — October 9th, 2013
The staged release may be a good idea, but have they got the timing right? this article is dated June 6 http://www.theguardian.com/world/2013/jun/06/nsa-phone-records-verizon-court-order that was 4 months ago. How many articles have they published since then? Actually, if the assumption is that people have a short attention span, then they should be publishing interesting stuff as frequently as possible? No idea where / when the documents relating to the following were released. You won't see this on the evening news. This article is about Brazil's President scheduling an international conference - early 2014, to discuss the revelations from documents leaked / released so far. http://rt.com/news/brazil-internet-summit-fight-nsa-006/ Brazil claims part of the documents released, showed everything Brazil is one of many surveillance targets of the US. Surprise! Phone, internet, etc. - just like home, sweet home. I'm not saying the claims are true / untrue - just that apparently some documents released to date, caused great concern in other countries as well. In reality, it's likely they give as good as they get. Or, the pot calling the kettle black. -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] Tor Weekly News — October 9th, 2013
On 10/11/2013 1:41 PM, mick wrote: On Fri, 11 Oct 2013 15:51:24 + Matt Pagan m...@pagan.io allegedly wrote: Hi Matt No problem. However, whilst we do have the beginnings of very intrusive network censorship in the UK (some ISPs are more pliable than others... ...you could equally say change your ISP to one with some balls. UK users should stay away from the majors (BT, Virgin, talk-talk, O2, Sky, EE etc) and use one of the multiple independents If enough UK users vote with their wallets, ISPs may be more inclined to grow a pair. ... Voting w/ your feet / wallet sometimes works, when consumers have choices. In some locales, there are very few affordable alternatives ISPs know this, when that's the case. Another unknown or forgotten fact is, these ISPs communications co's get paid BIG bucks for their research report preparation time, to hand over requested records (logs) of particular individuals. This is to comply w/ general warrants, nsl's, etc. The ISP's / mobile communications co's even showed how many requests they got / yr how much revenue it generated. An ordinary co. or citizen with info they were interested in, wouldn't get a dime for gathering preparing the data to hand over. In fact, they'd say, hand it over NOW or we'll throw you in jail fine you. I've seen actual invoices from several large communications providers. They didn't show the targets of requested info, just dates of the requests, how much the gov't was billed, etc. It apparently was public info (or released, somehow). You can find these in general searches. It was astonishing what they charged for such little info. That may?? be ONE reason (are probably many) that certain agencies claimed they needed to ignore the constitution just listen in w/ their own equip. Although, it's hard to believe they'd ever recoup the huge capital outlay, for the equip necessary to monitor many millions of users, by not having to pay ISPs' - research report preparation fees. But, they're not paying for it (in any country) - the taxpayers are. -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] Final report (maybe) on problems connecting to SSL search engines [Was: still unable to reach StartPage or Ixquick]
On 10/10/2013 1:10 PM, Joe Btfsplk wrote: On 10/10/2013 11:26 AM, Joe Btfsplk wrote: I assume? most users of WINDOWS TBB 2.3.25-12/13 that have read of my problem, have recently tried Startpage, Ixquick, DDG - not really having any issues? Would Tor message log posted here have anything useful that more experienced users may spot a problem? I looked at logs (w/ Debug, error, warning, notice turned on) for FAILED connection to Startpage / Ixquick Check.torproject VS. good connection to other sites. Nothing obvious - others may see something. For the possible benefit of others, I'm reporting what I finally discovered. It's a strange one. I reported I'd finally narrowed it to some change (update?) in Kaspersky Internet Security 2014 (KIS), seemed to block access to certain sites in TBB, like the Tor checkpage, Ixquick, Startpage. All appeared to be using HTTPS port 443. I think it affected ANY site in TBB using port 443. But didn't seem to affect regular Fx 23 / 24 on port 443. * Seems * port 443 was treated differently in TBB VS. Fx. Don't know whose fault it was. BEFORE the KIS fix, on the Tor network map, I watched port 443 open, then immediately close, each time an SSL connection was initiated. The solution involved TOGGLING settings in KIS for scanning (or not) encrypted / SSL ports. Then closing KIS completely restarting. Then changing Scan encrypted connections settings BACK to original defaults, closing restarting KIS (again). In the end, I wound up w/ the EXACT KIS 2014 settings (for this area), as the original defaults. It's just that THESE original default settings broke TBB, when using port 443. Other than KIS settings actually stored were different than the GUI showed, have no explanation. Hope I don't have to repeat this type process anytime soon. -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] Tor Weekly News — October 9th, 2013
Thanks for the input, Luther. Phrase meanings: just like home, sweet home. - In this context, meaning like in the U.S. Or just like in most countries. they give as good as they get. - one person (or country) may (or has the ability to) do the same to others, as is being done to them. the pot calling the kettle black. - signifying ultimate hypocrisy. One entity accusing another of bad behavior or traits, of which they are also guilty (or they are guilty of behavior as bad or worse as that of which they accuse others. The (cooking) pot - being *dirty* (black - from fire), accuses the kettle of the same thing. On 10/12/2013 10:09 AM, Luther Blissett wrote: On Fri, 2013-10-11 at 11:43 -0500, Joe Btfsplk wrote: The staged release may be a good idea, but have they got the timing right? this article is dated June 6 http://www.theguardian.com/world/2013/jun/06/nsa-phone-records-verizon-court-order that was 4 months ago. How many articles have they published since then? Actually, if the assumption is that people have a short attention span, then they should be publishing interesting stuff as frequently as possible? No idea where / when the documents relating to the following were released. You won't see this on the evening news. This article is about Brazil's President scheduling an international conference - early 2014, to discuss the revelations from documents leaked / released so far. http://rt.com/news/brazil-internet-summit-fight-nsa-006/ Brazil claims part of the documents released, showed everything Brazil is one of many surveillance targets of the US. Surprise! Phone, internet, etc. - just like home, sweet home. I'm not saying the claims are true / untrue - just that apparently some documents released to date, caused great concern in other countries as well. In reality, it's likely they give as good as they get. Or, the pot calling the kettle black. I'm not sure I understand the meaning of those expressions, but Brazilian govt is most likely trying to bargain access to the data systems, trying hard to be part of the inner circle of international politics rather than caring much for privacy/openness. People here bow to kapitol, leak it's shoes and dream of deep T it. There was some political momentum - during which I noticed fb blocking tor and undercover cops jamming wireless signals nearby street protestors - and after that people are on a quiet mood. Many approached me raising concerns, few adopted any means of protection at all and a majority seems to think that these issues are no issues. (Subjective, untrustworthy guess). So fed govt does not have any means of political pressure (military, economical, technological) and cannot count it's citizens to back up a clearcut opposition to kapitol's peeping tom desires. That said, the neoliberal right-wing journal Estado de São Paulo (estadao.com.br) which has historical aliances with the elites of the homonymous State has already started to give raise to manufactured news on some criminal plot to kill the State Governor which was supposedly caught with the help of hitech surveillance apparatus: http://www.estadao.com.br/noticias/cidades,faccao-criminosa-tenta-levar-casos-do-pcc-ao-stf,1084798,0.htm http://www.estadao.com.br/especiais/pcc-como-funciona-a-faccao-sua-cupula-e-influencia,214103.htm More context: PCC, for those who have not heard before, is an brotherhood of inmates (prison detainees) born inside São Paulo's prisons with the aim of fighting the ongoing day-to-day genocide of the black people on Brazil. During the years they supposedly took control of drug commerce and the govt and media are constantly reinforcing the fear around these issues as they serve the same purpose here as terror-talk on kapitol. There are, however, various info which suggests that military under the Governor started an unlawful taxing system for unlawful commerce as early as 2006 at least, but it probably goes back way before. The State Government on São Paulo has remained on the hands of the same political party for two decades now. -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
[tor-talk] fingerprinting implications_changing TBB font or font size?
I'm not a national whistle blower or spy (for now - gov't shut down), but I'm interested in the implication of changing font or size in TBB, in Options Fonts Colors Advanced. The default in my language package is Times New Roman. The default (serif) size for that font (16?), plus NO minimum font size, is too small on many pages to read, w/o using Ctrl + mouse scroll, or something similar. One named font at size 16 can vary a lot in displayed size, from another font - at same stated size. I'm not sure if named font size used in TBB is faked, or if sites can query the browser for it? If they can, changing them would likely make me more unique than those using default font settings. There are extensions that change browser font size, but those may be detectable as well?? A quick test on Panopticlick showed when I used Ctrl + scroll to zoom the screen, it DID change their perceived screen size (a lot) - to 11nn x 5nn. Default reported by TBB is 1920 x 970? Changing the TBB font SIZES in Options didn't change Panopticlick's perceived screen size - but that's THEIR TEST. Doesn't mean other sites couldn't detect the changesVS. other Tor browsers. Anyone have knowledge of real data on this? Thanks. -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] What are some free and private email providers?
On 10/12/2013 1:48 PM, Antispam 06 wrote: On 24.05.2013 00:50, Moritz Bartl wrote: On 23.05.2013 22:23, Nathan Suchy wrote: I'm looking for email providers with decent support, a good amount of storage, and that protect your privacy. Do you know any? In the end, for plaintext email, you always have to trust the operator. There's valid reasons for going with Google for some activities. For others, it might be better to take a look at https://we.riseup.net/riseuphelp+en/radical-servers . https://trac.torproject.org/projects/tor/wiki/doc/EmailProviderComparison is not very helpful. http://www.thesimplecomputer.info/articles/email-for-privacy.html is another older list. Things are looking bad. Lavabit is out. Fastmail is paid only. Nothing wrong with paid, only it beats the anonymity. Vmail.me has closed the gates. And it has big problems anyway: gmail bounces all my emails. Openmailbox has closed its gates. The system works well. The registration is off. Tormail is shutdown and unreachable. Even large guys changed lately. Lycos imposes a SMS ID with only a handful of countries in its list. Gmail imposes the SMS, even if their list is far greater. Gmx and Mail refuse account creation. They say it's tech problems, but it looks like Tor allergy. And Mail.com is a mask for more services. Hushmail shows only paid plans. Cyber-rights mask gave me access, but hushmail said it's suspended and gave me a chance to pay. If you're looking for privacy, Gmail is the wrong place. Even if you could create an acct using TBB (doubtful), they scan everything - as do many others. You can encrypt your more private messages, or attach encrypted files. Yahoo may still let you create an acct w/ TBB. In the US, you may have to use a US exit relay may have to use one each time you log in - or face the security questions, or complete login denial. Not the best, but... Here's an older comparison of some more privacy conscious providers, I did early this yrs. Some data is no doubt outdated by now. http://bayfiles.net/file/XYO1/iKZYCo/Email_provider_comparison.pdf -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] What are some free and private email providers?
On 10/12/2013 3:52 PM, Edgar S wrote: I was also left hanging when tormail shut down. I've found one that meets my needs. Based in Switzerland. It is Tor-friendly for both signups and webmail. Has both an onion hidden address, http://bitmailendavkbec.onion, and an open address, bitmessage.ch. Free. The only drawback is that you have to accept an assigned username that is a long string of random characters. Another possibility is URSSMail http://urssmail.org/ http://f3ljvgyyujmnfhvi.onion. Based in Russia and Brazil. Neither are very friendly to the NSA. It seems to have some problems currently. I thought I had created an account, but then I couldn't log into it. But it lets you assign your own username, and is free, although BTC donations are requested. As I write, the hidden service is down. I guess you went thru part of the signup process to see it assigns a random string as your acct username / email address? It told me the registration was having problems. How long was the random assigned name? That'd be a bit tough sending mail to general people. But, if you want privacy... I wonder if there's an option to enter a name that goes in front of the email user name, like most clients or even ISPs allow? I guess it'd be fine for typical mail, but the entire size per message limit is 2 MB. -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] What are some free and private email providers?
On 10/12/2013 8:30 PM, Johnny Carson wrote: Joe Btfsplk: I guess you went thru part of the signup process to see it assigns a random string as your acct username / email address? It told me the registration was having problems. How long was the random assigned name? That'd be a bit tough sending mail to general people. But, if you want privacy... I wonder if there's an option to enter a name that goes in front of the email user name, like most clients or even ISPs allow? I guess it'd be fine for typical mail, but the entire size per message limit is 2 MB. I too use Bitmessage.ch by their hidden service address (SSL). I use Torbirdy with Thunderbird. When I send emails to people I just enter a name into Thunderbird and that's the name a recipient sees. The email address of course is long, but I haven't found anyone that seemed to care. I dont send big files though, the 2 mb limit is low. A trace of an email sent through Tor and then Bitmessage and then to the recipient shows Tor exit node IP address, without usable metadata AFAIU what Bitmessage.ch does for metadata. There's a new Tor Mail Gateway coming online and it sounds bad ass: https://www.whonix.org/wiki/Special:AWCforum/sp/id429 https://lists.torproject.org/pipermail/tor-talk/2013-August/thread.html#29464 https://github.com/moba/tor2mail Thanks for the info. As always ( as Bitmessage site points out), if you send unencrypted email outside to regular email servers, sensitive or personal info faces exposure scanning by the receiving server. You can encrypt messages, but that's still not accepted by average users. I'm guessing that using Bitmessage w/ Tor, that perhaps the receiving server or the recipient, can't determine the sender's actual IP address? Has there been much of a problem w/ other email providers rejecting messages from Bitmessage servers? -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] What are some free and private email providers?
On 10/13/2013 3:35 PM, Johnny Carson wrote: I was thinking about this to get around IP blocks on Tor exit nodes: My computer (SSL) Thunderbird + Torbridy Tor (not using hidden service to bitmessage.ch) Internet VPN Internet Bitmessage.ch Internet Recipient Not sure if that's possible or easy with VPN and Bitmessage Mail Gateway?? You lost me after Torbirdy Tor... -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] New paper : Users Get Routed: Traffic Correlation on Tor by Realistic Adversaries
On 10/16/2013 4:50 PM, Roger Dingledine wrote: On Sun, Sep 01, 2013 at 10:10:56PM -0400, Roger Dingledine wrote: Yep. They're part of the Tor research community. I have plans for writing a blog post about the paper, to explain what it means, what it doesn't mean, what we should do about it, and what research questions remain open. Here it is: https://blog.torproject.org/blog/improving-tors-anonymity-changing-guard-parameters --Roger I read the paper - good job. Some of it will be over the heads of some, but that's unavoidable unless make it 10+ pages, in newbie language, then few would read it all, so... I'm not bashing Tor here, so leave your pitchforks in the barn. Just asking questions, making observations that may / may not have an answer or even be useful. One thing jumps out, Tor doesn't know for sure who's running Guard or exit nodes - can't unless they start doing (regular, repeated) extensive personal interviews, background checks, giving polygraph tests, injecting sodium pentathol to those wanting to run nodes. I guess more so for Guards. Since apparently now LEAs from (some) countries are teaming up, sharing info, etc., seems possible the problem of LEAs (or any adversaries) running a higher % of nodes could get worse, not better. If adversary nodes as a % of all nodes doesn't increase (new good guy nodes keeps up w/ increase of adversarial ones), then overall risk hasn't changed. But how can Tor (or any group) determine the risk if they have no reasonably reliable way to determine the REAL intention / identity of node operators (spies infiltrating Tor Network)? Governments, crooks have proven themselves VERY resourceful over decades, or 100's of yrs. The U.S., let alone other industrialized nations partnering together, has a lot more manpower, resources money than Tor Project. I don't think we can out spend them, for setting up nodes. How many full / part time programmers or idea people does Tor have (as good as they are) VS. one agency of one industrialized nation? Is there any way - in the future, that Tor could run a much larger % of nodes or at least, instead of constantly trying to figure how to beat / drastically improve the odds that an adversary won't accidentally control the entry / exit nodes on circuits? Perhaps a noble, but losing game, if gov'ts band together decide Tor, or the entire internet, IS worth serious monitoring. Perhaps reasonable anonymity on a world wide party line is too ambitious? (Those that don't know what a telephone party line was, can Startpage it. [stop saying Google it] :) What about somehow getting a better handle on who actually runs the nodes? With its current policies design, Tor is in a very tough position to ensure quality (anonymity). Tor isn't supposed to see any real data on the network - for one, so they can't be forced to give anything up (again, noble), but that prevents some (a lot of?) capability for quality control. No company would / could handle its own security that way. It's a Catch 22 situation for Tor, because of legal threats that many gov'ts impose, that many corporations don't face. And if they had some REALLY secret stuff to send abroad, they'd fly it in their own jet. What about a COMPLETELY different approach, rather than trying to develop methods to beat the odds, *ad infinitum,* against what COULD become an ever increasingly larger PERCENTAGE of gov't / adversary run nodes? Surely, it'd be worthwhile to look way down the road see where Gov'ts / LEAs may be going w/ this whether they can be bested, by following the same course that Tor is on (even with improvements along the way)? I have no idea - I'm just saying, sometimes the only way businesses, technologies, gov'ts survive thrive is to completely change course. For all of history, gov'ts have gone to GREAT lengths to spy on citizens adversaries have often done pretty well at it. Well liked corporations can often be as secretive as they want - they're protecting corporate data assets. Tor is looked at in part (*by gov'ts LEAs*), as a tool for terrorists, criminals - of all sorts. They couldn't care less if honest people, whistle blowers swim near schools of criminals terrorists, whether some will get caught in the same net. Maybe, like Corporations that get away w/ figurative murder, Tor Project should start contributing heavily to key political figures, to ensure they'll be left alone? :D You laugh, but that's exactly why big business, who by current STATUTES, break JUST AS MANY OR MORE laws, as Gov'ts / LEAs *ASSUME* that Tor users do? Big Business is left alone entities like Tor are on the hit list. -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] The NSA's problem? Too much data?
On 10/20/2013 2:19 PM, Antispam 06 wrote: On 20.10.2013 20:41, Anonymous wrote: I'm using an Finland provider 'cuz their law does not allow any other agentcy or anything like that to gain access to your files so easilly. That's so cute! Can you point out some time a spy agency was brought in front of a judge for not respecting the law. The same law written in stone in some countries as «nobody is above the law». Do you know of a time when they were found guilty and punished or ever issued an appology? I'm not knocking Finland. I know nothing of their privacy / citizens' rights laws. Even if A / The / Another Country has the BEST internet user, or any other privacy, citizens' rights laws in the WORLD, it doesn't mean all (or any) OTHER countries respect their laws. It doesn't mean other countries' LEAs aren't sniffing all the communications they can, that passes through those great countries (possibly even their allies). It doesn't mean some advanced countries don't have the ability to sniff / capture *SOME* of those great countries' internet, email, voice communications. Maybe none, a little or a lot - who knows? Maybe someone will leak some documents that sheds light on those activities. IIRC, there are a number of countries upset right now, by indications of LEAs from another country(ies) doing communications data gathering in their country. Brazil - one that is upset. And others. If you're a citizen of Finland or a super privacy conscious land, that's great. If you live in a country w/ not so good privacy laws (or ones that aren't enforced), are just using internet / email service in those great lands, your info might not be a private / protected as you (anyone) thought. From a privacy standpoint, it may? be somewhat better to use email servers somewhere like Finland, but it now seems apparent that it doesn't put you completely out of the long arm of the law of your own country. Depending on where you live. AFAIK, it's not illegal in most countries for its OWN agencies to spy on (in), gather data in other countries, in any manner they can possibly dream up. Quite the opposite. Which is what many countries do to each other - now, 365 days / yr. -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
[tor-talk] TBB prefs_prompt to sanitize on shutdown?
May be mistaken, but I thought the 1st pref below (included in TBB by default) was to bring back the old Fx 3.x, clear private data prefs, much like using the extension, AskForSanitize does. These are default values in TBB (I think): user_pref(privacy.sanitize.migrateFx3Prefs, true); user_pref(privacy.sanitize.sanitizeOnShutdown, true); I believe the 2nd pref automatically clears any private data. Thought the pref BELOW was so Fx / TBB would SHOW the prompt, to clear private data when close TBB / Fx? No? If so, adding it to TBB prefs doesn't cause it to show the prompt to show on closing TBB. user_pref(privacy.sanitize.promptOnSanitize, true); If allow some site an exception to make it work ( trust the site), I'd still like to SEE the prompt to clear data. MOST times in TBB, there will be no private data to clear.Maybe this is a non issue for most maybe it's by TBB design not to show the prompt. Or maybe TBB doesn't show it because modern Fx doesn't show it? Thanks. -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] Tor Weekly News — October 23th, 2013
On 10/23/2013 8:04 AM, Lunar wrote: Tor Weekly News October 23th, 2013 “some circuits are going to be compromised, but it’s better to increase your probability of having no compromised circuits at the expense of also _INCREASING THE PROPORTION_ of your circuits that will be compromised if any of them are.” I read the paper - slept since then. Would someone please clarify this general statement that part of the design concept? The statement in https://www.torproject.org/docs/faq#EntryGuards is a bit confusing. /But profiling is, for most users, as bad as being traced all the time: they want to do something often without an attacker noticing, and the attacker noticing once is as bad as the attacker noticing more often./ How is being noticed once, perhaps for 15 seconds, visiting one website - that yields very little info, better than being noticed many times, over a long period? Is it that once an adversary correlates your machine (fingerprint) w/ an originating IP a Tor entry / exit, they could theoretically ID you? If so, doesn't that beg the question of why does TBB keep the same browser fingerprint from entry to exit? Why (have or allow TBB to) keep the same fingerprint over long periods, even if some of that data is spoofed, rather than TBB randomly change (spoof) the fingerprint, from end to end on one circuit and / or over time? One big problem as I understand, is a Tor user (specific browser on specific machine) is potentially identifiable from entry to exit, by having the same fingerprint. Why not change the fingerprint? Put on a hat glasses or different colored coat part way through the circuit? TBB already spoofs SOME browser data - it just remains constant. Maybe other tracking issues completely over shadow this. Even if having TBB change fingerprints along a circuit and / or at other times doesn't solve all problems, could it be a *part* of reducing fingerprinting and / or tracking? -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] Tor Weekly News — October 23th, 2013
On 2013-10-24 10:26, Joe Btfsplk wrote: On 10/23/2013 8:04 AM, Lunar wrote: Tor Weekly News October 23th, 2013 “some circuits are going to be compromised, but it’s better to increase your probability of having no compromised circuits at the expense of also _INCREASING THE PROPORTION_ of your circuits that will be compromised if any of them are.” I read the paper - slept since then. Would someone please clarify this general statement that part of the design concept? The statement in https://www.torproject.org/docs/faq#EntryGuards is a bit confusing. /But profiling is, for most users, as bad as being traced all the time: they want to do something often without an attacker noticing, and the attacker noticing once is as bad as the attacker noticing more often./ How is being noticed once, perhaps for 15 seconds, visiting one website - that yields very little info, better than being noticed many times, over a long period? Is it that once an adversary correlates your machine (fingerprint) w/ an originating IP a Tor entry / exit, they could theoretically ID you? If so, doesn't that beg the question of why does TBB keep the same browser fingerprint from entry to exit? Why (have or allow TBB to) keep the same fingerprint over long periods, even if some of that data is spoofed, rather than TBB randomly change (spoof) the fingerprint, from end to end on one circuit and / or over time? One big problem as I understand, is a Tor user (specific browser on specific machine) is potentially identifiable from entry to exit, by having the same fingerprint. Why not change the fingerprint? Put on a hat glasses or different colored coat part way through the circuit? TBB already spoofs SOME browser data - it just remains constant. Maybe other tracking issues completely over shadow this. Even if having TBB change fingerprints along a circuit and / or at other times doesn't solve all problems, could it be a *part* of reducing fingerprinting and / or tracking? On 10/24/2013 1:21 PM, aut...@anonymousbitcoinbook.com wrote: By changing the browser fingerprint, do you mean altering the HTTP request headers, such as the User-agent? You'd need to decrypt SSL/TLS traffic in order to modify the headers of any request sent over SSL/TLS, so that limits you to plaintext HTTP traffic. You COULD alter HTTP request headers at each hop, but let me raise a potential objection: A considerable number of websites return different HTTP responses based on the contents of HTTP request headers, so you'd be potentially mucking up the deterministic output of web applications. A common example is returning a different version of a website when the User-Agent indicates a mobile device. One obvious part of the browser fingerprint is unique cookie values, such as those set by third-party ad domains. Cookies would be one of the trickiest to modify, because they are integral to the function of the vast majority of websites, and it would be difficult when to mutate a cookie value without negatively impacting the function of the web application. -Kristov Thanks. I moved your top post to underneath my post. Request header is only one of many things that would (may?) make up browser fingerprints (IIRC). Many other data could be changed. Whether they could be changed in transit on one circuit if it would be *any* benefit, is the question. I'm not talking about changing browser fingerprint data that would mess up the returned content (for mobile device, etc.). Maybe this isn't possible, but worth asking. IF... the request header can NOT be changed, or requested returned data won't work AND if the request header *alone* is enough for very sophisticated adversaries to track users end to end, then all bets may be off. If request header is all adversaries need, then the constant talk of /don't change [this] in TBB, or your browser fingerprint will make you (more) unique,/ is pointless. So, I assume that request headers aren't everything, for tracking / fingerprinting. If TBB users allow 3rd party cookies ( some other actions), they probably have other concerns fingerprinting may be a moot point for them. One assumes there's a certain point that preventing TBB users from shooting themselves in the foot is impossible. -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] Tor Weekly News — October 23th, 2013
On 10/24/2013 2:57 PM, Michael Wolf wrote: It looks like you grossly misunderstand how Tor works. The only node that can see your browser fingerprint is the exit node. The problem that Entry Guards are meant to solve is laid out in the very first paragraph of the FAQ you linked: Tor (like all current practical low-latency anonymity designs) fails when the attacker can see both ends of the communications channel. For example, suppose the attacker controls or watches the Tor relay you choose to enter the network, and also controls or watches the website you visit. In this case, the research community knows no practical low-latency design that can reliably stop the attacker from correlating volume and timing information on the two sides. In other words, if I can observe the pattern of traffic coming from your IP address at a particular time, and simultaneously observe that pattern at an exit node or website, then I can assume the traffic at the exit belongs to you. It doesn't matter that there are multiple layers of encryption along the way -- the attack doesn't look at the contents of the traffic, just the volume and timing of it. Having Entry Guards helps, but does not completely solve this problem. In regards to being noticed once -- if the site you are visiting is being watched by your government, then being noticed just once may be cause for them to watch you more closely. If you're posting data to wikileaks, having your government notice this could constitute a very bad thing. That is just one example. Thanks for the details. Of course you're correct about being noticed once, posting or d/l _certain data_ from certain sites (being watched). Question - for average users in free societies, if you're noticed once visiting a site like wikileaks (legal in most countries) by a formidable adversary (just visit - not post, download, etc.), they reasonably confirmed the entry traffic exit traffic are the same (volume timing), the assumption is they put all visitors on a watch list? I'm asking - for everyone that mistypes, is curious about a news story or chooses the wrong URL address (Tor non Tor users), they'll then gather all data for all accounts, of any type, of those people from then forward? If they saw the IP address you came from to the entry node you did something they were *really* interested in AND had the authority, I guess they could request from your ISP, who used that address on that date time. That is of utmost concern if you're Assange or Snowden; such use is the primary concern of Tor Project. For avg users, is it a huge concern (unless things change a lot - they could)? Probably 99+ % of Tor users don't post on wikileaks or release stolen, classified documents. For those that do, I'd guess they really should use something with / in addition to TBB (or instead of; their own strong encryption, carrier pigeon). I hope if you're in life or freedom threatening use of Tor (with its current limitations / weaknesses), that you *don't* access the network straight from your main, commercial ISP. Even for a one time whistle blower of a small co., is it likely someone would 1) be watching the exact entry / exits you used, AND 2) have the authority to track you down and care enough to do so? Do most gov'ts care about reporting sexual harassment at Bob's Broom Factory or who wishes to remain anonymous when data searching on male impotence? I don't grossly :) misunderstand how Tor network works, though I'm no expert, like most users. Certainly unsure how fingerprinting figured into adversaries controlling / watching entry exit nodes, etc. -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
[tor-talk] Kaspersky still interferes with SSL port 443 sites
Weeks ago I reported problems accessing https Ixquick / Startpage search sites in TBB 2.3.25-12, then *-13 and 2.4.x; then saw it was most (or all) sites using port 443. Traced it to some issue with Kaspersky Internet Security 2014 (KIS) its scan encrypted connections feature, though never found exact problem. My KIS settings do NOT cause problems in *Fx 24.x,* or any versions on secure URLs. It used to not cause problems in TBB. Now I've narrowed it to EVERY time TBB is opened, if KIS is closed then immediately reopened, the blocking port 443 problem *disappears*. Blocking is in quotes, cause I really don't know why port 443 is immediately closed, just that KIS is involved. No special messages from TBB (now 2.4.17b2) when SSL pages won't load, other than generic xyz.com has timed out...may be busy... In the Tor Network map, I can see port 443 try to open, then immediately close when accessing sites using that port. Until I close / reopen KIS - then problem solved. The issue seemingly has something to do w/ *differences* between TBB or processes *regular Fx,* as the KIS factory default settings for scan encrypted connections work fine in Fx port 443 - or any others. Besides, I temporarily disabled all KIS port monitoring for 443. Didn't change the TBB problem. AFAIK, the *default* KIS settings are that it's NOT scanning encrypted connections, unless you have KIS *parental control* enabled (I don't). For some reason, it affects TBB, but seems unlikely the real KIS default settings are the problem, as just closing / reopening KIS solves the TBB issue. If... TBB had a problem w/ the Kaspersky certificate, closing / reopening KIS wouldn't fix that. I could add TBB, vidalia and Tor.exe to KIS's do not monitor application's activity and / or do not scan (this application's) network activity list, but that defeats purpose of having the protection. Could be a weird KIS bug affecting TBB, that stopping / restarting KIS somehow fixes it temporarily (consistently). That'd be fairly unusual. Any thoughts on differences in TBB Fx that may contribute to this, or other suggestions? Thanks. -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] Kaspersky still interferes with SSL port 443 sites
On 11/2/2013 6:08 AM, Moritz Bartl wrote: What kind of protection do you expect from this, anyway? Wow, I don't know. Having a rough night / day? Could be a weird KIS bug affecting TBB, *that stopping / restarting KIS* somehow fixes it temporarily (consistently). That'd be fairly unusual. Unusual? Yes, unusual that stopping starting KIS, while some app (TBB) is already running, immediately stops a KIS problem w/ TBB, or vice versa. Don't expect too much help here [from Moritz]. Well, not from some, anyway. LOL :) only very few people are interested in closed source software... Right. Thanks. -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] Kaspersky still interferes with SSL port 443 sites
On 11/2/2013 9:15 AM, freek2...@yahoo.de wrote: Do you use the manual mode if KIS? I also tried that feature, but intransparently catching server certificates definitely messed with my system. This function is imho snakeoil of the highest quality. (Except you use an insecure browser and have no idea how ssl/tls and the x.509 certs work.) I want to be able to check certs myself and it's possible that the cert/ssl-design in tor, which uses (afaik randomly generated,) self signed certs, doesn't work with the validation KIS conducts. No - least, don't think so. Not sure what you mean - manual - in this context. *Could* be some screw up w/ certificate, but as said, w/ current settings, KIS doesn't (shouldn't) scan ANY encrypted connections. But KIS could have a problem, that it's not correctly using settings that are shown in GUI. It happens. In the Tor Network map, I can see port 443 try to open, then immediately close when accessing sites using that port. Until I close / reopen KIS - then problem solved. It's just a guess, buy maybe that way you get the proper certificate to your pc. Thanks, but no idea. Normally, stopping / starting KIS - or anything like it, wouldn't load or reload a new certificate. If it's doing that, I'd guess it's a bug. I posted on Kaspersky forum even long time mods have no idea on this one. Haven't filed support req w/ Kaspersky - yet, because doubt they support KIS TBB issues; but I'll try. I'll uncheck all KIS settings for scanning encrypted connections, so it *shouldn't* scan any - then see. -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] Kaspersky still interferes with SSL port 443 sites
On 11/2/2013 11:16 AM, Moritz Bartl wrote: On 11/02/2013 02:27 PM, Joe Btfsplk wrote: Don't expect too much help here [from Moritz]. Well, not from some, anyway. LOL :) Hey hey, no reason to become hostile. I wrote the mail, which I consider help. Help in making you understand why nobody really interacted with you over this issue the last time you brought it up. Sounds like you would rather not have me comment on this at all. I was trying to be helpful, as in: it is a KIS bug, *especially* if it goes away when you restart it, and also, if it messes with SOCKS in this way, they should get this fixed. If you want to help them fix it, run a local network sniffer and find out what they do exactly with the requests in question. Moritz Thanks Moritz, the phrase Well, not from some, anyway. LOL :) w/ LOL a smilie is pretty far from hostile, from my understanding. That's why they're sometimes used in email / postings - to indicate tone, that's often lost in email. Thought I was taking the high road; trying to defuse what seemed like a pretty flippant, looking down your nose reply. If not your intent, I apologize. If it was, may want to dial back a notch. I'm sure lots of Tor users have closed source AV software. But, see here - I'm still smiling: :D, :), ;) Why no one responded...? Kinda amusing. Could well be same reason KIS gurus / long time mods are stumped. Or same reason hundreds of software devs have been stumped by my questions / observations, over decades. Millions of users post intelligent questions on forums / lists *ALL* the time no one has an answer. Means nothing. It'd be very hard for me many to *entirely* avoid closed source software. I try to use open source if at all possible. I'll try the sniffer - if don't discover something else (soon), or if KIS support doesn't have a solution. I'm not sure Kaspersky cares about KIS / TBB issues. Yes, it seems like a (possible) bug. Stopping / restarting KIS *shouldn't* have an effect on certificates, whether it is / isn't scanning encrypted connections, etc. No (visible) settings are changed, by stopping / restarting it. That's why I said it was unusual. -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] Kaspersky still interferes with SSL port 443 sites
On 11/2/2013 2:04 PM, Sukhoi wrote: I am experimenting problems with TorBrowser on the last months. On most of the web sites I have to reload it 2 to 8 times until it loads, receiving most of the times messages like this: Unable to connect Firefox can't establish a connection to the server at blog.torproject.org. Sukhoi - a bit off topic, but I'm not sure your problem is w/ Kaspersky or any AV / FW. If you haven't upgraded to TBB 2.4.x (still beta), may try that. I think what you're seeing (if using TBB 2.3.x) is pretty common. Was for me until I upgraded. -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] TBB 2.3 sometimes doesn't open pages 1st try (was: Kaspersky still interferes with SSL port 443 sites)
On 11/6/2013 5:51 PM, Sukhoi wrote: On 05/11/2013 15:32, Joe Btfsplk wrote: On 11/2/2013 2:04 PM, Sukhoi wrote: I am experimenting problems with TorBrowser on the last months. On most of the web sites I have to reload it 2 to 8 times until it loads, receiving most of the times messages like this: Unable to connect Firefox can't establish a connection to the server at blog.torproject.org. Sukhoi - a bit off topic, but I'm not sure your problem is w/ Kaspersky or any AV / FW. If you haven't upgraded to TBB 2.4.x (still beta), may try that. I think what you're seeing (if using TBB 2.3.x) is pretty common. Was for me until I upgraded. Joe, Thanks for the comments. I did additional tests and possibly you are right about the Kaspersky and AV. I just installed the latest Tor 2.4.x beta version, on Win 8 x64. The problem seems to be a bit smaller, but stands, having to load and reload the pages many times to get the content. Tried also Tor 2.3 stable release on Linux, were the problem did not happened. Interesting. Each OS each TBB version may act a bit differently. I'm using Vista x64 - could be differences vs. W8. Others using W8 will have to weigh in. However, I've read many reporting same issues of TBB not loading pages, that improved or disappeared when moved to 2.4.x. Maybe new series 3.x is worth trying, but it's still alpha, so maybe ? not suitable for serious anonymity requirements (freedom, life death situations). I didn't see a speed change using TBB 3, but speed isn't Tor's purpose. I saw no diff in pages loading (or not) on 1st try, in 2.4.x vs. 3.0, using Vista. I tried 3.0a4 had same issue some others did - the browser opened empty. No menus, etc. Trac bug report said adding lines below, to userPerf.js in the TBB profile would fix it it did, for me. May now be a later version w/ this fix in it. TBB 3.0a4 - Pref.js (or userPref.js) entries - must be added before it will work. Otherwise, browser opens empty. user_pref(gfx.direct2d.disabled, true); user_pref(layers.acceleration.disabled, true); -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] More and more websites block Tor, which will eventually become useless!
On 11/10/2013 2:12 PM, Akater wrote: Actually I wonder why tor users seem to be convinced it's a bad idea Am I missing something? Yes, from what I've seen reported several times on this list, you're missing that even being approached or brought in for questioning by LEAs, threatened by lawyers - can be extremely stressful potentially expensive. A good many don't want to risk something like that. Most people I know have quite enough problems w/o taking the *chance* that something like that happens. If... it happens to you, can be all consuming for a time. Go back read some tales of that were dragged to the police station, had their computers seized, threatened w/ serious charges - on on. They were genuinely scared probably rightly so - even if in the end, there is no jail time or large loss of monies. I would be. Some spouses couldn't / wouldn't stand for that kind of stress, more than once. Some employers might find a way to dismiss workers, if they found out an employee is being investigated. People are fired everyday for far less. Yes, the employers often cite other reasons. In lots of places lot of states (in U.S.), they don't NEED a reason to fire (let go; lay off) workers. If thousands ran exit nodes - could LEAs / lawyers get them all or make all their lives miserable, for a time? Probably not. But the crocodile doesn't have to catch all the antelope to strike fear into the rest of them. That's how terrorists operate - making an example of a few striking fear into thousands, millions. Why use that analogy to describe actions of the powers that be - in many situations? If the reason has to be spelled out... -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] More and more websites block Tor, which will eventually become useless!
On 11/10/2013 3:14 PM, Akater wrote: The German guy was released, right? A couple more precendents, and police will stop raids like this one due to inefficiency. Because, ultimately, they /are/ inefficient, and all Tor community needs to do is to make it as clear to general public as possible. German guy was only one of several. I your theory is true, but it depends on the goal(s) of the LEAs. If their only purpose is to catch REAL criminals, they may stop going after exit operators, if most attempts are unsuccessful / unfruitful. But, in those cases, they're looking for ANY info. They want DATA from exit nodes, even if they don't think the operator is complicit. Just as they wanted data from ALL Lavabit customer accts. If intent is simply to intimidate (as is sometimes the case in other endeavors), then being inefficient matter at all. When that's the purpose, educating them won't help, either. That's not ALWAYS their purpose, but LONG history has shown that it can be. Some gov'ts, LEAs just don't want Tor the bad element they perceive it brings, operating in their jurisdiction. And, criminals do use Tor, at times. That said, I don't know that LEAs will stop turning over exit node rocks, to see what's underneath. -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] More and more websites block Tor, which will eventually become useless!
On 11/10/2013 4:53 PM, Akater wrote: And, criminals do use Tor, at times. Criminals do use guns at times. Does it mean gov't can harrass you if you own one, too? They can do harass anyone, for anything, that they want to. They know how far they can take it (sometimes, that's PRETTY far). Unless it was ongoing and / or EXTREME, I've never heard of an LEA suffering any consequence for harassing people. Yes, maybe an individual agent /officer that crossed some line get reprimanded, but not an agency pursuing leads hunches. If they suspect a gun's connected to a crime (sometimes, even a gut feeling) , in ANY shape, form or fashion - you'd better BET your sweet A** they'll harass you. -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] Are project change logs online?
On 11/10/2013 9:05 PM, Roger Dingledine wrote: On Sun, Nov 10, 2013 at 07:58:09PM -0500, gq wrote: I know change logs are included in packages but are they viewable online anywhere? Or do you have to download and extract/install the full package to see them? Go to https://www.torproject.org/download/download and click Source code https://gitweb.torproject.org/tor.git?a=blob_plain;hb=HEAD;f=ReleaseNotes https://gitweb.torproject.org/tor.git?a=blob_plain;hb=HEAD;f=ChangeLog Further question about that. On https://gitweb.torproject.org/tor.git?a=blob_plain;hb=HEAD;f=ChangeLog (or any page), change logs for some releases seem omitted? One example: For a good while - 2.4.17b2 was the latest of 2.4 series. But changes for it or *b1 aren't there (I assume was a b1). That's just one. Is it just oversight or lack of time to list changes for some releases, or am I still looking in the wrong spot? -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] Are project change logs online?
On 11/11/2013 9:53 AM, Nick Mathewson wrote: On Mon, Nov 11, 2013 at 10:32 AM, Joe Btfsplk joebtfs...@gmx.com wrote: On 11/10/2013 9:05 PM, Roger Dingledine wrote: On Sun, Nov 10, 2013 at 07:58:09PM -0500, gq wrote: I know change logs are included in packages but are they viewable online anywhere? Or do you have to download and extract/install the full package to see them? Go to https://www.torproject.org/download/download and click Source code https://gitweb.torproject.org/tor.git?a=blob_plain;hb=HEAD;f=ReleaseNotes https://gitweb.torproject.org/tor.git?a=blob_plain;hb=HEAD;f=ChangeLog Further question about that. On https://gitweb.torproject.org/tor.git?a=blob_plain;hb=HEAD;f=ChangeLog (or any page), change logs for some releases seem omitted? One example: For a good while - 2.4.17b2 was the latest of 2.4 series. But changes for it or *b1 aren't there (I assume was a b1). That's just one. Is it just oversight or lack of time to list changes for some releases, or am I still looking in the wrong spot? Wrong spot; you're looking at changelogs for the Tor program itself, but there has never been a Tor release called 2.4.17b2 -- that looks like a TBB version number. Thanks. Correct. Knew I should've waited till more awake. BUT... same general principle. Seems harder to find links / directions, STRAIGHT to TBB changes. This page gets you there - if you know what to click. https://gitweb.torproject.org/torbrowser.git/ The line at top of that page, description Scripts to build the Tor Browser Bundles - confusing for users? Don't remember a link to TBB changes page, on any main Tor / TBB info pages. May be wrong (happens). On that page, under Tags have to click the TBB version, then shortlog or log. Info there is useful, but not same format as for Tor, on https://gitweb.torproject.org/tor.git?a=blob_plain;hb=HEAD;f=ChangeLog - - if that's what users are looking for. Some will have trouble finding concise change logs for TBB. Shouldn't there be quite visible link(s) for all TBB versions changes / change logs, right on several MAIN pages - main download, main Help, etc? Here: https://www.torproject.org/download/download - has link to source code, but none for changes. Wouldn't that be most logical place for link(s) *directly* to TBB change logs, like most software sites? Lot of info available, but some is scattered. -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] SimpleMail
On 11/14/2013 5:27 PM, Missouri Anglers wrote: Has the security of Simple Mail been discussed yet? If so, can someone tell me where I can find the past discussions? If not, Simple Mail is a mail client add on for Firefox. It allows you to get notified, read and write messages for multiple email accounts inside Firefox. Does it maintain the privacy associated with the TOR Firefox browser? Maybe others have direct experience w/ it. The general problem w/ many extensions, plugins, even clients - is they don't follow the rules of staying w/in the Tor network AND not revealing data that may leak your identity / location. It's a case by case basis, but for Tor, most don't use extensions / plugins - for email - like you're talking. They're not developed w/ extreme anonymity in mind. Not that they don't work for general, non anonymous use. You want what everyone does - ultimate convenience high anonymity. They rarely exist together. You can search the archives of Tor-talk for previous discussions. -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] New to TOR
Unless you have *permanently* static IP address, you can force a new address, by: rebooting your modem / gateway; or accessing modem's EWS (GUI) there's almost always an option to disconnect / reconnect to the ISP, causing a new IP to be assigned. I'd wait just a bit, to sign up w/ a new IP. The site could have 100's / 1000's of members using same ISP as you, or could have very few. On 11/17/2013 7:01 AM, simb...@aol.com wrote: I received an account-ban from a web-site. I stood accused of violating challenge rules and was cut off from a community I had grown to love dearly. I can no longer post messages and/or send private messages. I would like to re-enter this web-site under a new identity, but I am afraid it checks IP addresses. I was wondering if a program such as TOR could help me out. Would TOR affect my existing accounts with other web-sites? I do most of my shopping and banking over the Internet. I have not downloaded TOR yet. How will I know it works if I do? Thank you. -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
[tor-talk] TBB 2.4.x Windows using more CPU than normal
Anyone noticed since starting to use Windows - TBB 2.4.x series, it using more CPU when loading pages than it used to? Even more than regular Fx. I've noticed this across 2 of the 2.4.x series versions. Haven't updated to latest - released couple days ago, yet. TBB 2.4 also seems to load pages considerably slower (over weeks of trial), than earlier versions - WHEN they worked correctly. I mean, before 2.3.x versions started having so many problems. It seems to use 25 - 30% CPU, on an Intel quad 2.66 MHz, uses that much for a long period. Maybe the length is because it generally takes all pages longer to load in TBB vs. Fx. Doesn't explain why it'd use so much MORE than regular FX. It's actually quite a bit more than Fx, percent wise. On my box, Fx (v 23 - 25) generally only uses in 8 - 12% (sometimes up to 17%) of CPU. Although, I have no shortage of CPU resources, so that may not be the reason for the significant slowness of 2.4.x versions vs. earlier ones, when they worked correctly. -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] Gmail account without phone number
On 11/19/2013 3:39 PM, Yo Mamma wrote: Hi, I have been reading on this mailing list that it is not possible to create a Gmail account without a phone number. I have just created such an account (this one). I was curious if this is a change on Gmail's part or if the conditions of my sign up were not the same as those having problems. I created this account without using Tor, so perhaps that is the critical difference. Please share w/ the rest of the kids. How'd you do it? Personally, if it's ANY sort of anonymity / privacy I'm concerned about, Gmail's the last one I'd want. Others will want to know. Was it thru Tor, or regular browser / ISP? Which country are you in (don't say, if in one where someone ID'g you could be dangerous). Any other (GENERAL) pertinent how to's - that won't compromise your anonymity, if any. -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] StrictExitNodes deprecated?
On 11/23/2013 2:16 AM, Roger Dingledine wrote:
On Sat, Nov 23, 2013 at 07:42:23AM +0200, Sherief Alaa wrote:
I just see the options StrictExitNodes and StrictEntryNodes is deprecated?
The correct syntax is:
EntryNodes {node, node, ...}
StrictNodes 0 or 1 #0 for disabled
No, you should not use StrictNodes with EntryNodes or ExitNodes. It
won't do anything (except confuse you I guess).
Note: it's recommend to leave Tor handle your path selection
automatically rather than specifying one yourself as it can greatly harm
your anonymity.
This is likely still true.
What about when using TBB is desired, but sites (say web mail) won't
accept addresses from countries other than used to sign up?
At least not w/o headaches - at times. Just one example. How can this
be handled - or can it?
--
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] Gmail account without phone number
On 11/24/2013 8:54 PM, Yo Mamma wrote: Hi Joe, I'll clarify the auto-login: After sign up it logged me in with the credentials I had just created. Why would it use cookies from a previous, different account login, to log in to this new account? Wouldn't that be a security hole? Dunno. Haven't created a gmail email acct in yrs. Security hole? Not sure - probably only thing you'd have access to is acct just created?? Maybe I misunderstood. I thought you also had access to your other features, once you created the gmail acct. And you already had a main google acct (don't know what they call it) that perhaps was why it let you create the email acct w/o a phone #? If you had another google acct still had cookies from previous session, they would've recognized you that way. -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] StrictExitNodes deprecated?
On 11/23/2013 3:04 PM, Joe Btfsplk wrote:
On 11/23/2013 2:16 AM, Roger Dingledine wrote:
On Sat, Nov 23, 2013 at 07:42:23AM +0200, Sherief Alaa wrote:
I just see the options StrictExitNodes and StrictEntryNodes is deprecated?
The correct syntax is:
EntryNodes {node, node, ...}
StrictNodes 0 or 1 #0 for disabled
No, you should not use StrictNodes with EntryNodes or ExitNodes. It
won't do anything (except confuse you I guess).
Note: it's recommend to leave Tor handle your path selection
automatically rather than specifying one yourself as it can greatly harm
your anonymity.
This is likely still true.
What about when using TBB is desired, but sites (say web mail) won't
accept addresses from countries other than used to sign up?
At least not w/o headaches - at times. Just one example. How can this
be handled - or can it?
Anyone?
--
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] StrictExitNodes deprecated?
On 11/25/2013 7:14 AM, Leo Unglaub wrote: the solution is simple. DONT USE THOSE FUCKED UP SERVICES. Use email providers that allow an authentication from anywhere like every provider is supposed to do. Greetings Leo It's not only F'g email that won't allow from some *-stan or African country (for instance). -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] Group Thinks Anonymity Should Be Baked Into the Internet Itself
On 11/29/2013 10:47 AM, Eugen Leitl wrote: http://www.technologyreview.com/news/521856/group-thinks-anonymity-should-be-baked-into-the-internet-itself/ Group Thinks Anonymity Should Be Baked Into the Internet Itself Good one. Not aimed at anyone, but along same line of thought - with about as much chance of reality (0.0%): Citizens think (all) gov'ts should stay out of their private lives personal decisions: w.w.w.crap-in-one-hand--spit-in-other-see-which-fills-up-1st.com -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] tor mention in newle released snowden documents
On 11/30/2013 2:30 PM, Rejo Zenger wrote: See: http://issuu.com/pimvandendool/docs/document03. New document, (really) briefly mentioning the efforts of the Dutch intelligence services identifying Tor-users. Attempts are made by hacking into servers running fora, obtaining the logfiles, sql-databases, etc, then combining and analyzing all available data (and hoping a user once didn't use Tor while accessing the forum). servers running fora Is fora plural for forum in Dutch? Or should that be servers running forums? -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] Risk of selectively enabling JavaScript
As TBB is a standard product, its fingerprint should be the same for everyone. Tell that to the guy that got arrested on campus, because he was one of a few people using it. People talk a good game in an armchair quarterback sort of way - if he'd only... Unless they're seasoned veterans at getting arrested / avoiding police questioning, most people put in that situation would be scared senseless. The fingerprint should be the same... statement holds some water, IFF (if ONLY if), there are a bunch of people using it at the same time, from the same server / ISP, etc. I imagine there are plenty of situations, locations, even countries where at times, TBB users stick out like a sore thumb. How would most users know how many other users in their area / through same server, ISP are using TBB at the same time? Probably can't.Or even, how many are using TBB in the same city through the same ISP at same time. May not be nearly as many as we'd think - depending. If only a few, maybe shouldn't be doing anything your particular gov't frowns on. If a guy in black clothes black mask walks into a bank, how hard is it to narrow it down to the guy in black clothes mask. What happens if that one (anonymous) guy also has an ISP acct. number, that logs the exact times he uses TBB? Don't be the only TBB user on your company's server that also files an anonymous complaint against your boss. :) -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] Forensics on Tor
On 1/23/2014 5:12 PM, Mirimir wrote: I wouldn't run VMs on Windows with any expectation of privacy. Only a year or so ago, shellbags were not common knowledge. Only the forensic community and hard-core black hat types knew about them. It's arguable that many similar features in Windows remain undocumented.[1] [1] I'd like to hear more. Arguable mean there is some evidence? -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] Vidalia has been replaced with Tor Launcher
On 1/25/2014 7:33 AM, Katya Titov wrote: TT Security: 1. So Network Map and New Identity are absent now. When these functions will be add to the TBB? Vidalia is now a stand-alone package. Details: https://www.torproject.org/docs/faq#WhereDidVidaliaGo If TBB is leaving Vidalia for a better ? Tor launcher extension, some have mentioned using Vidalia as stand alone, to still see circuits, IP addresses - what are the implications? Was Vidalia ditched for reasons that *might* make it undesirable to use with later TBB versions - in any circumstance? I missed the memo on all reasons why Vidalia - bad, Tor Launcher - good. Whether bugs, poor / slow connections, anonymity issues? Assuming we're talking about possibly using Vidala TBB 3.5? -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
[tor-talk] TBB 3.5 starts w/ size buttons hidden
TBB 3.5 for Win is starting in half screen the UI sizing buttons are hidden because the TBB UI is shifted where the size buttons are off the monitor. So is most of the title bar, making it hard to drag the UI down to reach buttons. Once maximized, it fits fine on the monitor. Finally got it pulled down so could maximize TBB, then closed it. Thinking it'd reopen maximized. On reopening, same thing - the UI size buttons are hidden off top of monitor. This is the 1st TBB version I've seen this problem. Not a problem w/ any other apps. -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] TBB 3.5 starts w/ size buttons hidden
2014-01-26 Joe Btfsplk joebtfs...@gmx.com TBB 3.5 for Win is starting in half screen the UI sizing buttons are hidden because the TBB UI is shifted where the size buttons are off the monitor. So is most of the title bar, making it hard to drag the UI down to reach buttons. Once maximized, it fits fine on the monitor. Finally got it pulled down so could maximize TBB, then closed it. Thinking it'd reopen maximized. On reopening, same thing - the UI size buttons are hidden off top of monitor. This is the 1st TBB version I've seen this problem. Not a problem w/ any other apps. -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk On 1/25/2014 9:22 PM, Nils Kunze wrote: You can use the windows key + an arrow key to resize and move windows. So for example win + left arrow to make the window take over the left half of the screen. With that you should be able to put it in the position you like anytime. Thank you. However, is anyone else having that problem? This is something I haven't seen in any apps for a long time. Firefox remembers the last window size when it was closed. TBB 3.5 doesn't seem to, nor where it was positioned. -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] Vidalia has been replaced with Tor Launcher
On 1/25/2014 5:07 PM, Lunar wrote: Joe Btfsplk: I missed the memo on all reasons why Vidalia - bad, Tor Launcher - good. At least: http://users.encs.concordia.ca/~clark/papers/2007_soups.pdf http://petsymposium.org/2012/papers/hotpets12-1-usability.pdf and Vidalia has no maintainers for a while now. Thanks Lunar. I perused those papers at my convenience (sounds fancy). It was lost on me if they in fact pointed out (important) flaws in Vidalia that Tor launcher doesn't have. Other than Vidalia not being maintained. -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] TBB 3.5 starts w/ size buttons hidden
Nils wrote: You can use the windows key + an arrow key to resize and move windows. DOESN'T work on my machine in Vista x64 (for any app). No effect. Maybe some Windows option turned off? On 1/26/2014 12:56 AM, Lars Luthman wrote: On Sat, 2014-01-25 at 21:37 -0600, Joe Btfsplk wrote: Re: TBB 3.5 doesn't seem to remember its window position between sessions. The size of your window can leak information that reduces your anonymity, at least if Javascript is enabled (maybe even if it's disabled?). I suspect that TBB has been intentionally modified to start with the same window size every time. It sounds odd that it starts with the title bar off-screen though. Thanks. Good point. Starting in reduced size isn't the issue - hidden title bar is. Starting w/ the title bar buttons hidden on a common 1920x1080 native (21.5 in.) monitor is odd. Nothing unusual about the monitor no issue w/ other apps. I'd think many would complain about TBB 3.5 if it's widespread. This began *ONLY* in TBB 3.5 - 1st launch has persisted (erratically). Checked this again in TBB 2.4.17 no issue w/ opening size or position. Further testing - TBB 3.5 opening UI alignment is erratic. Sometimes after maximizing, then closing - it reopens w/ title bar aligned - but often NOT. * Title bar being hidden on TBB start happens most often when I maximize its UI, then minimize, then close. That seems the MOST common scenario, when title bar's completely hidden on restart. But NOT ONLY time. Not using any extensions, plugins - except default. Tried it enough to see, even w/ no other changes between restarts, proper title bar alignment is erratic. * If title bar IS aligned, TBB sometimes starts w/ bottom border hidden well below the Windows task bar (I've only 1 task bar row small icons). Not a huge issue, as I can then maximize UI - but still odd. Tested a bunch of apps Firefox - none have these issues. Further, I've (always) had checked - keep *task bar* on top, but NOT locked or auto hide. No changes on task bar properties in ages. * With TBB 3.5 started in part-screen mode with (if) its bottom border hidden (that actually aligns w/ monitor's bottom IF... I hide task bar), when I hide, then UNhide task bar, TBB instantly adjusts its bottom border to just touch the task bar - for that session. But doesn't always remember ANY positions / alignment on next restart. When I think I've figured out sequence, it surprises me again. * Sometimes, if click maximize UI button, then reduce, it'll immediately change UI position, so all but ~ the LOWER 1/4 of resizing buttons are hidden off the monitor. Sometimes NOT. But doing that, buttons *may* display OK. * Still common for TBB 3.5 to start w/ title bar completely off monitor. If so, only way I've found to maximize TBB UI is IF... the bottom border is showing above task bar, drag it UP a bit, then PART of title bar instantly displays (showing small part of buttons). Then click maximize button. (Why would dragging TBB's bottom border make the title bar SUDDENLY jump / partially appear? Dunno - never seen it before.) Whatever my Windows / display settings are, haven't changed work OK w/ other apps previous TBB versions. That's why I asked - so not to file a bug if I'm the only one. Other than bug / Vista incompatibility, can't imagine why ONLY TBB 3.5 would do this. -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] Thunderbird leak
On 1/26/2014 11:33 AM, Andrew F wrote: YIKES... Are you sure, how did this slip by? On Sun, Jan 26, 2014 at 3:06 PM, Mike Cardwell t...@lists.grepular.comwrote: I just blogged about a general security issue in Thunderbird which may also affect people who are using Tor: https://grepular.com/Security_Bug_Thunderbird_Websites_Tabs Basically, an email can be crafted such that when you click a link in that email it is opened within a Thunderbird tab instead of in your usual (potentially torified) web browser. Bypassing any other defenses you might also have, including NoScript etc. -- Mike Cardwell https://grepular.com/ http://cardwellit.com/ OpenPGP Key35BC AF1D 3AA2 1F84 3DC3 B0CF 70A5 F512 0018 461F XMPP OTR Key 8924 B06A 7917 AAF3 DBB1 BF1B 295C 3C78 3EF1 46B4 -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk I've seen a few links in emails open in new Tbird tabs, instead of Firefox (email from persons I know, or think I know it's from them) . I usually just copy links paste in Fx. Safer. If it's from someone I know AND was expecting a msg, I rarely forget just click links. Rarely, those WILL open in a new Tbird tab, but usually in default browser (Fx). Don't know if has (anything) to do w/ Tbird options setting, under Advanced Reading Display: Open Messages In: New tab; New msg window; Existing msg window. Never seen a Tbird setting about open links in -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] Thunderbird leak
On 1/26/2014 1:15 PM, Al Billings wrote: Assuming we’re talking about people opening web pages in TB tabs, that normally can only happen if someone installs Thunderbrowse or a similar extension. By default, TB doesn’t render web pages. I thought the same thing. I'm pretty sure I've had links in email open IN Tbird tabs. It happened so rarely, took me by surprise. For safety, I never really clicked links in email. After that, I never do. I'm guessing it may've been a confirmation email for website forum, tech support w/ a link, etc. Something I expected, or likely wouldn't just have clicked it, regardless of what Tbird's supposed / not supposed to do. Of course, NSA could've intercepted the real confirmation sent a link that downloaded malware. If R click copy link location was missing, I'd not click it at all, or erase msg or at bare minimum (if it was important), look at the msg source to see the real link. When you're tired, may not realize you're in email absent mindedly click a link. Rather than a browser - where it's common to click links. Something to be said for using email text only mode. -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] Thunderbird leak
On 1/26/2014 10:03 PM, Moritz Bartl wrote: On 01/26/2014 08:42 PM, Al Billings wrote: What is the bug number? https://grepular.com/Security_Bug_Thunderbird_Websites_Tabs The bugzilla report is currently locked from being viewed, but for when it becomes unlocked, here it is: bug 700979 https://bugzilla.mozilla.org/show_bug.cgi?id=700979 That's odd. Once logged into bugzilla, I've never seen you are not authorized to view this bug. But maybe it happens. Why would they lock it so others can't add to comments, unless they know it's a problem want to keep a lid on it, till find a fix? -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] TBB 3.5 starts w/ size buttons hidden
On 1/27/2014 3:41 AM, Georg Koppen wrote: Joe Btfsplk: TBB 3.5 for Win is starting in half screen the UI sizing buttons are hidden because the TBB UI is shifted where the size buttons are off the monitor. So is most of the title bar, making it hard to drag the UI down to reach buttons. Once maximized, it fits fine on the monitor. Are you seeing https://trac.torproject.org/projects/tor/ticket/10441 ? If so, then it might be interesting to understand why it is happening in your case (see comment 2 for an explanation for the failure on my testing machine). If there is a different explanation we need to add that one to https://trac.torproject.org/projects/tor/ticket/9268 to take it into account for the Final Algorithm. Georg Read the bug comments. On mine, the title bar isn't missing - it's hidden (menu bar isn't checked to be displayed, by default) . Hard to tell from the bug report attached screen, if their title and / or menu bar is missing or just hidden. On mine, UI display - sometimes - stops in middle of tabs, showing it's not hidden or cut off JUST at their border. As I said, if / when it's hidden AND if TBB bottom border is visible / draggable, moving bottom border up an inch or so, causes UI to change size and / or re-position, so title bar sizing buttons are at least partially visible. So, doesn't seem truly missing. Neither does part of the bottom of UI (border) seem missing - on start up, when bottom border *sometimes* appears cut off. When bottom border is NOT visible, if I hide task bar, the bottom UI border seems aligned w/ monitor's bottom. Seems aligned - because don't know if it was ALREADY aligned (w/ monitor bottom, but hidden by task bar), or if hiding task bar causes TBB UI to *then change size / position,* just as when title bar is hidden dragging the bottom border UP, causes the UI to *re-position* - revealing *part* of title bar buttons. Just tested again w/ *menu bar displayed.* Still started w/ title bar sizing buttons *ALMOST* hidden (title bar - just above menu bar). In that scenario, almost hidden because can see only the *bottom, black border* of the sizing buttons. BARELY enough to click re-size UI (sometimes). Again, if drag the bottom border UP ~ an inch, more of the sizing buttons (but not all) become visible. With menu bar turned off, AND if / when it starts w/ title bar hidden, *(often) none* of sizing buttons is initially visible. Until I drag bottom border up, then the top of UI shifts down about 1/4 inch. Other times, just enough of buttons are visible to click. Erratic. I've identified at least 3 - 4 sequences / steps, when title bar (and / or menu) MAY be partially or totally hidden. But not 100% for any scenario, AFAIK. Title bar size buttons being hidden on startup is ERRATIC, but happens *probably 50% of startups.* Most often happens if I maximize UI, then reduce again, close TBB restart (reduce UI, not minimize to task bar). But, not 100% reproducible. Sometimes, UI opens (in partial screen) w/ title bar buttons fully displayed. Next restart (immediately, w/o accessing any pages), title bar buttons may be hidden again - *w/ OR W/O touching anything except close button.* Since this doesn't happen w/ any other TBB versions before 3.5, AND doesn't happen w/ any apps, seems the problem began w/ some v3.5 change. -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] Thunderbird leak
On 1/26/2014 7:14 PM, Al Jigong Billings wrote: Like I said, Thunderbird doesn't allow for pages to open in tabs without an extension. So., if you have reliable repro steps, it is a bug that should be fixed and I can push on it to get it addressed. Unless I can get one of the specially crafted emails to do tests, doubt I'll be able to reproduce it. Preferably, acquire a special email w/ links, determined safe or one created just for testing. Obviously, not going to click every link in all msgs from known / unknown sources. Happened only couple times IIRC - months ago spaced apart. But, I don't normally click ANY links in email. Impossible to tell how many may've shown this behavior. If I'm not imagining it, Mozilla could've fixed it by now. Or not. Someone mentioned (perhaps?) for some of the special msgs, they're missing the copy link location option? If so, could just R click links to check. -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] Vidalia has been replaced with Tor Launcher
On 1/27/2014 9:02 PM, Michael Wolf wrote: At this time, using Vidalia is the only way to change exit nodes without losing all your tabs, or to see which exit node is misbehaving. It would be really useful to be able to change exit nodes without Vidalia, even if this function is hidden somewhat. We don' need to see no stink-eng exit nodes. ...we walk by faith, not by sight. :D -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] Vidalia has been replaced with Tor Launcher
On 1/28/2014 4:34 AM, Rick wrote: On 01/27/2014 10:49 PM, Joe Btfsplk wrote: On 1/27/2014 9:02 PM, Michael Wolf wrote: At this time, using Vidalia is the only way to change exit nodes without losing all your tabs, or to see which exit node is misbehaving. It would be really useful to be able to change exit nodes without Vidalia, even if this function is hidden somewhat. We don' need to see no stink-eng exit nodes. ...we walk by faith, not by sight. :D U. Pink Floyd? You mean The Wall? (we don't need no education)? No, I'm sorry. The answer we wanted was, who were the banditos in Treasure of Sierra Madre, impersonating police - when asked to show their badges. Badges?! We don need no stink-ing badges. -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
[tor-talk] TBB font size concern for many users
People having excellent sight naturally don't think about reading small print books or web pages. But a lot of the general population has a problem with this. Because of possible browser fingerprinting issues / or anonymity leaks, TBB users are discouraged from - changing default settings in TBB (like font name or the Default Font size / minimum size). - using addons / extensions - (here, to enlarge fonts) that might compromise anonymity. Points taken. Where does that leave users NEEDING larger than default / minimum font size? My guess - people w/ these problems just change fonts / sizes by various means, unaware of implications, or just no other choice. For instance, using default font settings - TBB 3.5 - English, Windows - apparent font size on https://www.torproject.org/docs/faq.html.en#WhatIsTor is approx. equivalent to 9 pt (I think). Even w/ Windows DPI increased to 110 vs. default 96. For many, the equivalent of 9 pt is pretty small - even for a book. Some pages use *very* small or hard to read font, if users keep the default TBB setting, allow pages to use their own fonts For some, the default font STYLE - Times New Roman - (in TBB - English), may be less readable than others. Fonts other than Times New Roman are often recommended for better general readability for sight or other reading problems. Other reading problems exist besides eyesight / small font; I don't have them, but they exist. This general issue is problematic for many non-Tor users overcoming it is a *technical* issue; in TBB, it involves anonymity - even security / freedom (get caught using Tor in the wrong place, for instance). What are the *recommended* options for users w/ these issues, that won't increase browser uniqueness or possibly compromise anonymity? For web sites (or others) looking at font style / sizes in TBB, what effect does using the keyboard mouse to increase font size (e.g., Ctrl + scroll) have on fingerprinting? Using THAT or similar method, can they still see the font size is different than default? Just a question - I don't have a perfect answer: what if default font size was increased (some) - or *possibly* other changes - would it put hardship on normally sighted users? Would it cause them equivalent problems that small or harder to read font causes users w/ sight or reading problems? If changing default font or size, by ANY known method may still cause concern, then developing an extension that plays nice w/ TBB isn't the answer. Thanks. -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] Vidalia has been replaced with Tor Launcher
On 1/29/2014 7:05 AM, Kristov Atlas wrote: Then the button should read change exit node and not new identity, no? On Jan 27, 2014, at 22:02, Michael Wolf mikewol...@gmail.com wrote: On 1/26/2014 5:57 AM, Lunar wrote: Katya Titov: New Identity works from both TBB and Vidalia. The difference is that from TBB the entire browser closes and restarts and you lose open tabs. When choosing a new identity from Vidalia the browser remains open. I need to point this out one more time: In the case of the latter, the browser content stays the same. All the browser content. Including cookies, history, and many other things that are used to fingerprint a browser session. This means that from the websites point of view, nothing changes except the IP address. You keep the same identity there. Sometimes you don't actually want your identity to change, but you want to move to a different exit node because there is a connection issue between the exit node and the destination. You're browsing, and then your exit node changes after so many minutes... but the new exit node could be overloaded so it drops half of the requests coming through, or the exit node is banned (HTTP 403) on the site being requested, or the exit node is misbehaving and modifying traffic, or... At this time, using Vidalia is the only way to change exit nodes without losing all your tabs, or to see which exit node is misbehaving. It would be really useful to be able to change exit nodes without Vidalia, even if this function is hidden somewhat. -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk Playing devil's advocate - is it a good or not so good idea for users 1) not to be able to see their current (exit) node? For Tor users in certain countries, would it be the best choice to use nodes located in their own countries or in ones suspected of being cooperative with their countries? Or nodes in specific other countries, depending on your country its working relationship with those other countries? Or is using exit nodes in your own country or in countries that regularly trade info with your country (many countries do), not considered an issue - at all? 2) not to know the result of a new identity? Given 1) - (can't see nodes)..., then 2) seems a moot point. -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] NoScript for TOR disabled by default
On 1/30/2014 9:22 AM, Sukhoi wrote: In fact, I am worried with the Wireless Position System developed by google and others, and the introduction in the browsers, like firefox, a way to track which wireless networks the computer can see in a given moment. Based on that they identify the user physical (because google street view mapped the wireless network physical location), fingerprint the computer and, possibly, track other key information. Seems that this critical issue is not currently handled by TOR. OK - why would Mozilla want to track the location of users? Or think that (eventually) users would not say No to physically being tracked? Who *wouldn't* want to be physically tracked? Like certain mobile providers were geographically tracking some users. That way, if you get lost, just call your mobile provider's CS say, Where am I? Or, is it Google saying to Mozilla, If you want the $ we pay you (for making Google the default search engine), then we need to be able to physically track Fx users. So, make it happen. Or, maybe it's a 3 letter agency telling Mozilla Google to add ability in their browsers / searches, to physically track users? -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] NoScript for TOR disabled by default
On 1/31/2014 8:00 AM, Olivier Cornu wrote: Le 31/01/2014 01:18, Joe Btfsplk a écrit : On 1/30/2014 9:22 AM, Sukhoi wrote: In fact, I am worried with the Wireless Position System developed by google and others, and the introduction in the browsers, like firefox, a way to track which wireless networks the computer can see in a given moment. Based on that they identify the user physical (because google street view mapped the wireless network physical location), fingerprint the computer and, possibly, track other key information. Seems that this critical issue is not currently handled by TOR. OK - why would Mozilla want to track the location of users? It does not have to be Mozilla, it could also be any website visited: http://www.securityweek.com/hacker-uses-xss-and-google-streetview-data-determine-physical-location Where Mozilla might be held responsible is because the corresponding bug has had an open ticket for almost 8 years: https://bugzilla.mozilla.org/show_bug.cgi?id=354493 But perhaps I misunderstood what Sukhoi meant… I understood that it's websites (or trackers like Google) that would gather data. But the ability to do it - bug or whatever - comes from the browser or other technology, from Mozilla, Google, others. -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] TBB font size concern for many users
Maybe someone has further ideas, comments: Re: What effect does using Ctrl + Scroll have on web sites' ability to detect apparent screen size? Can sites determine the (selected) browser font name size thus, changes from default setting? For fingerprinting? Using http://browserspy.dk/ - without Flash or Java enabled, they apparently can't see any font list or size selected, in TBB or Fx. Nor do they indicate an ability (at all) to detect the font styles / sizes selected in either browser's options. Am I correct, that sites can't detect changes from default _TBB settings for font NAME, size minimum font size_, found under Options Content? browserspy.dk DOES reflect a change in *screen width height* (Resolution) *when screen is enlarged (zoomed) using Ctrl + mouse scroll.* That may / may not be very useful for fingerprinting? For me, their reported screen width height is incorrect - both @ 100% zoom AND w/ zoom increased. That could be because the detected DPI is *also incorrect.* They show: DPI detected via JavaScript = 96x96, when it's actually 110 DPI. Is it known that sites CAN detect selected TBB *browser* font names sizes? And perhaps other browser test sites would show that. If not, it appears that changing font name size under Options Content to increase small text, provides LESS browser characteristics than using Ctrl + mouse scroll to zoom screen size. On 1/29/2014 10:31 AM, Joe Btfsplk wrote: People having excellent sight naturally don't think about reading small print books or web pages. But a lot of the general population has a problem with this. Because of possible browser fingerprinting issues / or anonymity leaks, TBB users are discouraged from - changing default settings in TBB (like font name or the Default Font size / minimum size). - using addons / extensions - (here, to enlarge fonts) that might compromise anonymity. Points taken. Where does that leave users NEEDING larger than default / minimum font size? My guess - people w/ these problems just change fonts / sizes by various means, unaware of implications, or just no other choice. For instance, using default font settings - TBB 3.5 - English, Windows - apparent font size on https://www.torproject.org/docs/faq.html.en#WhatIsTor is approx. equivalent to 9 pt (I think). Even w/ Windows DPI increased to 110 vs. default 96. For many, the equivalent of 9 pt is pretty small - even for a book. Some pages use *very* small or hard to read font, if users keep the default TBB setting, allow pages to use their own fonts For some, the default font STYLE - Times New Roman - (in TBB - English), may be less readable than others. Fonts other than Times New Roman are often recommended for better general readability for sight or other reading problems. Other reading problems exist besides eyesight / small font; I don't have them, but they exist. This general issue is problematic for many non-Tor users overcoming it is a *technical* issue; in TBB, it involves anonymity - even security / freedom (get caught using Tor in the wrong place, for instance). What are the *recommended* options for users w/ these issues, that won't increase browser uniqueness or possibly compromise anonymity? For web sites (or others) looking at font style / sizes in TBB, what effect does using the keyboard mouse to increase font size (e.g., Ctrl + scroll) have on fingerprinting? Using THAT or similar method, can they still see the font size is different than default? Just a question - I don't have a perfect answer: what if default font size was increased (some) - or *possibly* other changes - would it put hardship on normally sighted users? Would it cause them equivalent problems that small or harder to read font causes users w/ sight or reading problems? If changing default font or size, by ANY known method may still cause concern, then developing an extension that plays nice w/ TBB isn't the answer. Thanks. -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] TBB font size concern for many users
On 1/31/2014 11:24 AM, Moritz Bartl wrote: On 01/31/2014 04:32 PM, Joe Btfsplk wrote: Is it known that sites CAN detect selected TBB *browser* font names sizes? See 4.6.4 in the Tor Browser design document: https://www.torproject.org/projects/torbrowser/design/#fingerprinting-linkability Thanks for the link. I've read the design document before, but good to review. I read what little browserspy.dk had about fonts. I've also read most of what EFF has on Panopticlick site, about everything. Several times. Didn't see the topic / statement on Panopticlick's site, referenced in Tor's design document fingerprinting-linkability - about enumerable list in filesystem order... : From https://www.torproject.org/projects/torbrowser/design/#fingerprinting-linkability Fonts According to the Panopticlick study, fonts provide the most linkability when they are provided as an enumerable list in filesystem order, via either the Flash or Java plugins. However, it is still possible to use CSS and/or Javascript to query for the *existence* of specific fonts. My question is NOT about sites querying which fonts are installed on my system (their existence). The design document talks about measures taken to limit font info that sites might get (quote below). But, either I don't understand some details in the document (likely), or it doesn't address my actual question... Which is, _can sites can detect the actual fonts font sizes, *currently used by* the browser._ If they CAN, I *change TBB's default font NAME and / or SIZES * (in Options Content), then I'd be different from many TBB users. I've looked for the answer for several years. I've never seen *that question* / issue discussed - anywhere. If someone has seen it discussed, please point it out. That's assuming the setting is UNchecked: Allow pages to use their own fonts. If I allow using their own fonts, some text on some pages will still be very small / difficult to read. As I determined, zooming pages with Ctrl + mouse scroll, DOES change the reported screen size on Panopticlick Browserspy.dk - even in TBB. Disregarding Flash Java (disabled or not installed), every thing I've seen about sites getting font info (as I understand), discusses them querying which fonts are on your system - NOT the actual fonts font sizes *currently used by* the browser. Tor DESIGN: Additionally, we limit both the number of font queries from CSS, as well as the total number of fonts that can be used in a document with a Firefox patch https://gitweb.torproject.org/torbrowser.git/blob/maint-2.4:/src/current-patches/firefox/0011-Limit-the-number-of-fonts-per-document.patch. We create two prefs, *browser.display.max_font_attempts* and *browser.display.max_font_count* for this purpose. Once these limits are reached, the browser behaves as if *browser.display.use_document_fonts* was set. We are still working to determine optimal values for these prefs. Again, no discussion of sites detecting TBB's currently selected fonts sizes. -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
[tor-talk] Tor-Talk now a social site?
Should Tor-talk change names to something like Torbook.com or Tor-match.com? Tor-talk possibly ? should not be used to plan dinner dates such, that has NOTHING to do w/ Tor, anonymity, privacy, computer safety, internet news practices nor even tongue in cheek comments specifically ABOUT those things. Maybe I'm off base. I wasn't aware Tor-talk was a chat room or social gathering site. Most people already get enough spam or mail that doesn't interest them in the least. -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] TBB: Can not set back to Never remember history
On 2/4/2014 3:02 PM, David Balažic wrote: I use TBB 3.5.1 (win32) Trying to delete some specific cookies, in the preferences I selected Remember History on the Privacy tabs, to gain access to the Show cookies button. Unexpectedly that required a restart of TBB. As that wiped out all cookies anyway, I tired to set thing back as they were. But if I select Never remember history, after confirming it (click OK), it changes to Use custom settings for history. I tried several times. In the TorButton extension security tab settings, are all 4 boxes checked? By default, they're all checked. It does say when you change the history setting in Options, that a restart is necessary. Are you restarting it when it prompts, after changing back to Never Remember History? -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] TBB: Can not set back to Never remember history
On 2/5/2014 4:36 PM, David Balažic wrote: On 5 February 2014 06:44, Joe Btfsplk joebtfs...@gmx.com wrote: On 2/4/2014 3:02 PM, David Balažic wrote: I use TBB 3.5.1 (win32) Trying to delete some specific cookies, in the preferences I selected Remember History on the Privacy tabs, to gain access to the Show cookies button. Unexpectedly that required a restart of TBB. As that wiped out all cookies anyway, I tired to set thing back as they were. But if I select Never remember history, after confirming it (click OK), it changes to Use custom settings for history. I tried several times. In the TorButton extension security tab settings, are all 4 boxes checked? By default, they're all checked. It does say when you change the history setting in Options, that a restart is necessary. Are you restarting it when it prompts, after changing back to Never Remember History? The third one is not checked. When I select Never remember history, it does not prompt for restart. If I restart manually, the setting is reverted to Use custom settings for history. if I set the mentioned third option in TorButton Security prefs, then set Never remember history, restart (it does not prompt), the TorButton Security change is preserved, but the History setting again reverts to Use custom settings for history. You don't have any (non-default) extensions or plugins? Sometimes they mess w/ things. Other than that one change, did you make any others? Wondering if a file got corrupted? One easy thing is just reinstall TBB. Erase old files start fresh. If something got corrupted, it'll be replaced. Assuming you have a good d/l copy. I've changed those settings before they don't refuse to go back. But, you may've found the newest bug. -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] TBB: Can not set back to Never remember history
On 6 February 2014 04:03, Joe Btfsplk joebtfs...@gmx.com wrote: You don't have any (non-default) extensions or plugins? Sometimes they mess w/ things. Other than that one change, did you make any others? Wondering if a file got corrupted? One easy thing is just reinstall TBB. Erase old files start fresh. If something got corrupted, it'll be replaced. Assuming you have a good d/l copy. I've changed those settings before they don't refuse to go back. But, you may've found the newest bug. On 2/6/2014 3:20 PM, David Balažic wrote: I now tried a clean installation of TBB 3.5.1 win32 I change the option from Never remember history to Remember History. It requested a restart. Then I checked and it was Use custom settings for history. I looked at the TorButton extension security tab settings and it had the first and third option UNchecked. I changed it to Never remember history, it requested a restart again. I looked at the TorButton extension security tab settings and it had the third option UNchecked. Then I checked the FF prefs and it was again Use custom settings for history. So it is easily reproducible. It doesn't sound right to me, but I'm no expert on newer TBB versions. I'm (sort of) seeing same thing as you. In my v3.5.1, if I change from default never remember history to use custom history then check something else - like remember my browsing download history, it prompts for restart - like you said. After it restarts I change back to never remember history check always use private browsing, it retains those settings until I close Options, then reopen it (no messages, doesn't complain). After reopening Options again, it's set on use custom settings for history. But always use private browsing is still checked NOTHING else on that screen. After that, in Torbutton Security tab, the 3rd option -restrict 3rd party cookies other tracking data, is NOT checked. It probably should be. AND when then look in about:config (while Options still show always use private browsing - checked, accept cookies - UNchecked), then about:config shows: extensions.torbutton.restrict_thirdparty = false. Obviously, it should be True. Other than checking some sites looking at the cookies file (using an editor) to see if it is / isn't allowing any cookies - of any type, we have no way of knowing if this is just a UI bug, or if settings really get messed up internally. Can others confirm this behavior? Did you check https://trac.torproject.org/projects/tor for a similar problem, or file a report yourself? -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] TBB: Can not set back to Never remember history
On 2/6/2014 6:21 PM, Joe Btfsplk wrote: Other than checking some sites looking at the cookies file (using an editor) to see if it is / isn't allowing any cookies - of any type, we have no way of knowing if this is just a UI bug, or if settings really get messed up internally. Can others confirm this behavior? Did you check https://trac.torproject.org/projects/tor for a similar problem, or file a report yourself? Best I can tell, when Options has setting of use custom settings for history always use private browsing is checked, then TBB 3.5.1 for Windows isn't allowing 1st or 3rd party cookies. In spite of Torbutton's restrict 3rd party cookies other tracking data, NOT being checked under that scenario. To check, I installed a cookie addon, so could access any stored cookies w/o the allow cookies box being checked. Others can verify what I see. If correct, the problem David sees may mostly affect the UI. Still needs fixing - kind of disconcerting. -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] Pissed off about Blacklists, and what to do?
On 2/7/2014 12:42 PM, Matthew Finkel wrote: This is in re: Hulu (whis is presumably authenticated)... but really, it applies to any service which we, the legitimate users of Tor, are denied access to. It has simply gone too far and we should be putting effort into reversing this trend by interacting with these deniers to become permitters. What do we do? Basically what Lunar said. A more active and vocal community may help. Passively accepting the current situation doesn't seem to be working. If the services don't know that legitimate Tor users exist in a significant quantity and that they are worthwhile to support, then there's no incentive to try. As someone mentioned, seems in order to convince some sites to stop denying Tor, some TBB users and / or Tor Project personnel need at least *some* supporting data. Hopefully showing that the number of abusers on given sites aren't disproportionately coming through Tor. Might be a 1st step? If data doesn't back that up (where would typical users *get* such data?), then the sites blocking Tor could have a point (regarding their OWN site). How do we know if the blocking sites are / aren't getting lots of abuse via Tor (or at least think they are), OR... if that's *just an excuse.* An excuse because TBB users can't be fingerprinted the same nor have the same amt of data extracted, as normal browsers. After all, some sites (what % ?) are reportedly selling their users' email addresses, other data - to companies building user profiles; which in turn sell the profiles for advertising or possibly other purposes (NS*, etc.). Even combining *real names addresses w/ email addresses,* along w/ profiled personal interests, buying habits; interests in politics, religion - so on. So it wouldn't be surprising for some sites to use we get abuse through Tor as an excuse to block it. Theoretically, they'd be losing money by not having as much data to sell. TWO of many detailed article on this practice, that seems to be gaining popularity: Race Is On to 'Fingerprint' Phones, PCs - http://online.wsj.com/news/articles/SB10001424052702304410504575560243259416072 RapLeaf Inc. Profiles Users by Name - http://online.wsj.com/news/articles/SB10001424052748704679204575646704100959546? I also remember a time when a fairly large # of sites refused access, unless you accepted cookies. That practice was eventually relaxed. Maybe? in part, because other ways were developed to gather data from visitors (beacons, etc.) and /or get money from 3rd parties, without needing cookies? -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] My solution to Tor Browser remember password bug
On 2/28/2014 11:25 AM, Edgar S wrote: I've complained here before that the remember password feature in some long previous versions of Tor Browser no longer works. I've accepted it will likely never come back. So I've found the following solution. Maybe it will also work for others, discussion welcome. In summary, I've installed a password manager, which I've gotten to work with the latest TBB, and also not compromise security. The password manager I chose was RoboForm. You could just try open source, well tested password managers that have excellent reps. I'm not sure Robo (full, uncrippled) can be had for free. But... Keepass Password mgr Password Safe are both open source, maintained, excellent reps. Keepass may be a bit more secure, but not by much. Both are on Sourceforge. -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
[tor-talk] Unseen.is login page blocked in TBB
On https://Unseen.is, the page(s) that would normally come after entering user name PW is blocked. Instead, submitting login data page refreshes, I just see a blank web page w/ a throbber in middle of page. Same thing happens when creating a free acct - at top of page at address in above link. After submitting data for new acct, browser refreshes, new page loads the blank page w/ throbber just sits. But (for me), the acct was actually created. I found that out from their support. FYI: to create an acct, don't actually need a *valid* Primary Email Acct.* You have to enter an address in the form, but I don't think it has to be working, or it can be a disposable address. After submit login data, even though the page is now blank, the URL in address bar has changed (from orig. Unseen.is), to reflect (I believe) the next page that's normally displayed after login. *Login works* - using a standard Fx profile (even w/ NoScript some other addons). In a regular profile, after submitting the login data, the SAME blank page w/ a throbber appears for a few seconds, then disappears. Difference being, in a regular profile, the blank page w/ throbber disappears after a few sec brings up next page. In TBB, the blank page never disappears. Even after the URL in address bar has changed, I also can't just delete the node for the blank page (overlay), to reveal the 1st page inside my account. I was unable to tell from Fx web console, what causes the blank page to permanently hang. Someone else might be able to see it. I've noticed the exact same problem in regular Fx... IF... I use the JonDoFox profile - created by the extension of same name. The profile that JonDoFox creates, makes many of the same changes to prevent browser fingerprinting that TBB and / or Torbutton make. Javascript is enabled for Unseen.is domain in all cases. In NoScript, I tried both whitelisting it allowing scripts globally - no difference. Login on this siteSince in a regular Fx profile works, but not in TBB or a JonDoFox profile. The regular Fx profile can contain NoScript, Ghostery, Adblock Plus, CookieMonster, HTTPS Everywhere, etc., still allow login. So, guessing? it's not those extensions causing the problem. I even disabled and / or uninstalled potential problem extensions (NoScript, etc.) in both TBB the JonDoFox profile - no change. I conclude the issue is a change made by *both* TBB (or Torbutton) and JonDoFox extension. Either it's some - other - change made (assuming in about:config) by both TBB JonDoFox, that is NOT directly related to their included addons...; OR... the problem is some change(s) that *IS associated* w/ their included addons (NoScript, etc.) but *disabling or uninstalling* the extensions installed by TBB JonDoFox, doesn't correctly reset all about:config changes they made. Unseen's support dept was clueless. They definitely don't block TBB / Tor. If anyone has an Unseen acct or wants to look / try creating a free acct, be aware they're upgrading part of their system for couple hrs as of Sun. 3/2 @ approx. 2 PM, Pacific Std. Time. So it may not be available for a while. Thanks. -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
[tor-talk] TorBrowser spoofed screen size?
I'm sure I recently checked what screen size TBB (Windows) was giving out. Which ever version I checked it in, test sites did NOT show my actual monitor size. Now, in TBB 3.5.2, my actual screen size seems to show on several browser test sites. Even extracted TBB again, into clean folder re-checked. Still shows my *actual* screen size on test sites. I thought decision was made / implemented to report same screen size for everyone? This is a problem - for couple reasons, for me. IF... I set Windows system DPI slightly default of 96 (else it's too damn small), then w/o TBB properly spoofing screen size, sites will detect a size that's NEITHER the same as other TBB users, nor a standard size. Changing Windows' DPI setting will make my detected screen size an oddball size - that almost no one has. Anyone else notice TBB isn't spoofing a default screen size anymore, or have ideas why it isn't spoofing mine correctly? -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] TorBrowser spoofed screen size?
On 3/5/2014 7:52 PM, Soul Plane wrote: I tried TBB 3.5.2 in Windows XP at 120 dpi and browserspy says I'm at 96. Yes, that's screen resolution, or just resolution. It's of some significance, but it's not the same as screen (or monitor) size. Screen size is what I meant (like 1280 x 720, etc.). That's the value I'm asking what TBB is now supposed to spoof (what IS that value). Note: it may? be working correctly for me (dunno)... except, since neither I nor millions, keep their system DPI set at default (in Windows, often 96), then the TBB spoofed screen size, modified by the DPI adjustment, gives a VERY weird number (sort of like: 1657 x 841, 1920 x 892 etc.). So weird, it's probably FAR more noticeable / unique, than just showing my real screen size, or somehow? spoofing my own (believable) value. But, EVEN WHEN I reset my system to 96 DPI, reboot - TBB still shows a weird value - like 1920 x *933* (just an example). NO one has a screen size w/ those odd numbers. That's the issue. Try checking your screen size at these sites (they do thorough jobs, in varying degrees). They're quite well known. At BrowserSpy.dk, must click each test separately. There, the test is screen. You may have to enable javascript (if turned off) in NoScript, for some sites to detect certain browser or system values (a lesson unto itself about JS giving up info). But, at least *parts* of many sites won't work w/o java script - a double edged sword. Browser check sites: From JonDoFox group: IP check http://ip-check.info/?lang=en Panopticlick-EFF.org_Browser.Uniqueness https://panopticlick.eff.org/ BrowserSpy.dk_Browser Privacy Tests http://browserspy.dk/resolution.php I've never checked the resolution before so I don't know how it compares to earlier versions. I can't remember what TBB was reporting, the last time I checked on one of those sites. For those using system default DPI values, TBB may be correctly spoofing a fairly common is size (or not). If others would, please check to see if it's spoofing a common screen size, or a weird one. If you report a sort of size back here, please state if you use default OS DPI value, or higher / lower. I read a bunch on Trac, but *never found* the final draft for what size(s) they'd show. I'm pretty sure none of the choices were 1920 x 869. -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] TorBrowser spoofed screen size?
On 3/6/2014 1:59 AM, Georg Koppen wrote: Joe Btfsplk: But, EVEN WHEN I reset my system to 96 DPI, reboot - TBB still shows a weird value - like 1920 x *933* (just an example). NO one has a screen size w/ those odd numbers. That's the issue. Yes, they should be a multiple of 200 x 100. Resizing the browser window does currently not take DPI and the size of taskbars into account (this is #9268). See my comment 7 there as well that was probably for you. Thanks Georg, but I think? we're talking about different things. The bug #9268 is about the size of TBB window when it's launched (whether it fits on monitor, etc.). The issue in THIS post, is the screen size (monitor size), that can be detected by sites for fingerprinting purposes as opposed to how well the TBB UI fits on the monitor when it's 1st launched. Not the same things - though possibly ? related. On the browser test sites mentioned, I'm not running the tests w/ TBB window partially enlarged (as when 1st launches). But to clarify / add to your comment here, IF... one DOES run the browser tests w/ TBB UI in non-full screen mode, the test sites will show *different* detected screen size than when it's maximized. And, if you zoom the TBB screen (Ctrl + scroll), the test sites detect a different screen size, as well. Different issues than my original question on this post, but worth noting. -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] TorBrowser spoofed screen size?
Following up on inconsistency of spoofed TBB screen sizes, shown on test sites: I did more testing / checking. Then posted comments on Trac https://trac.torproject.org/projects/tor/ticket/7256#comment:10 comment #11. For me, with each browser fully maximized, there's a *fundamental difference* in what the test sites see for screen size of regular Firefox (27), VS. TBB 3.5.2. Same monitor, same displayed toolbars (of nearly identical heights) in both browsers - but vastly different screen size detected. This would SEEM to make TBB users stick out like a sore thumb!? It seems to be a large problem, *regardless* of the system DPI setting (default, or custom value). Additional comment: note that at the same moment Panopticlick, etc., is showing an odd screen size for TBB 3.5.2 (like 1920 x **966** OR, if refresh page once, perhaps 1920 x **967**), a full screen capture of the same maximized browser screen (taking up full monitor), shows 1920 x **1080*.* The 966 or 967 TBB screen height (or whatever odd number),**turns out to be** the height for the part of browser window, beginning just below the browser navigation bar, down to the top of Addon Bar. However, in regular Fx with exact same, similarly sized toolbars displayed (as in TBB), the test sites show screen size of the **full** monitor: 1920 x **1080**, not just the usable display area of the browser pane (the part of browser window where websites actually display). I see odd (unique) screen sizes reported / detected on browser test sites, in TWO scenarios. 1) When Windows system DPI is set = default 96 DPI. 2) When system DPI is NOT the default value (many users must set it larger, to be able to read screens. Ex.: both Windows' apps' Help screens, or text in browser screens (TBB). On browserspy.dk or others, with **Windows' DPI = 96**, AND the TBB UI maximized (full screen), test sites don't show common screen (monitor) size. They show something like 1920 x 927 - a very odd value. At same exact time, regular Fx shows screen size = **1920 x 1080** x 24. On 3/6/2014 8:21 AM, Joe Btfsplk wrote: On 3/6/2014 1:59 AM, Georg Koppen wrote: Joe Btfsplk: But, EVEN WHEN I reset my system to 96 DPI, reboot - TBB still shows a weird value - like 1920 x *933* (just an example). NO one has a screen size w/ those odd numbers. That's the issue. Yes, they should be a multiple of 200 x 100. Resizing the browser window does currently not take DPI and the size of taskbars into account (this is #9268). See my comment 7 there as well that was probably for you. Thanks Georg, but I think? we're talking about different things. The bug #9268 is about the size of TBB window when it's launched (whether it fits on monitor, etc.). The issue in THIS post, is the screen size (monitor size), that can be detected by sites for fingerprinting purposes as opposed to how well the TBB UI fits on the monitor when it's 1st launched. Not the same things - though possibly ? related. On the browser test sites mentioned, I'm not running the tests w/ TBB window partially enlarged (as when 1st launches). But to clarify / add to your comment here, IF... one DOES run the browser tests w/ TBB UI in non-full screen mode, the test sites will show *different* detected screen size than when it's maximized. And, if you zoom the TBB screen (Ctrl + scroll), the test sites detect a different screen size, as well. Different issues than my original question on this post, but worth noting. -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
[tor-talk] configure Vidalia stand alone
The only comments I've seen about using Vidalia 0.2.21 - Win (the stand alone package) w/ TBB 3.5.x, to see the map connections, is just install / extract it to its own folder start it after TBB is already running. Like falling off a log? That doesn't work for me. Perhaps because I don't let TBB extract to the default location (I use another HDD than where C:\ is located)? Or, the devil's in the details. I need to control the country for exit relays - temporarily, while set up an email acct w/ TBB - then remove the restriction. Vidalia's not required to force exit relays in Tor, but makes it easier to see counties actually used. Anyway, I've not found many details on how to edit Vidalia settings now so it will detect that Tor is already running (it is). Especially when TBB is not on C:\. As opposed to what the Vidalia settings file still shows as a check box (the *old* way of how Vidalia / Tor worked): Start Tor software when Vidalia starts; instead of... how the FAQ instructions https://trac.torproject.org/projects/tor/wiki/doc/TorBrowserBundle3FAQ, seem to indicate?, just put Vidalia anywhere start it anytime after TBB is running... (~ no mods needed they'll find each other). Thanks. -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] TLS/SSL SMTP MitM
On 3/10/2014 1:43 PM, Gordon Morehouse wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Hi there, I have been doing some testing of sending email over Tor and today ran into a definite BadExit (but not flagged, clearly) because there was a blatant MitM attempt on three separate occasions when I initiated a TLS/SSL SMTP connection to my mail provider. Thunderbird popped up the usual warnings, etc. The trouble is, I don't know how to quickly find out what exit was being used so I can tattle on it; in this case, I'm using an old laptop with limited resources, so I just run tor at boot and don't have the fancy Vidalia map thingy or any of that, and I'm unfamiliar with the CLI invocations which could help me figure out who's playing dirty tricks with their exit node. I can't help much w/ determining if it was a bad exit, but I can offer one way to see the exits in use. That's one complaint about TBB 3.5 series - took away the ability to see a map of relays. Though I personally had what seemed like bugginess w/ Vidalia, you can still get the stand alone version to use w/ TBB 3.5. Vidalia-standalone-bundles_Index of /~erinn/ https://people.torproject.org/%7Eerinn/vidalia-standalone-bundles/ Best I can tell from sparse instructions, you just extract Vidalia files to a separate folder - created as sub-folder of TorBrowser folder. You must Start Vidalia AFTER TBB (Tor) is already connected. I didn't need to modify anything, anywhere to make Vidalia detect Tor display the network map. But, it also tends to crash (mess up), after a few TBB restarts (exiting Vidalia each time, before exiting TBB). So it may not work flawlessly, long term. Another option is copy the IPA shown on the Tor connection screen in TBB, then enter it into any IPA checking site - get the location, perhaps server name? Also check if that IPA is on blacklists What Is My IP Address Blacklist Check http://whatismyipaddress.com/blacklist-check -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
