Re: more letters from the feds
Problem still exists though, that Tor needs more exit nodes. If nobody is willing to run an exit server the performance of the network suffers dramatically. I personally find the performance of the network to be almost unusable, so I choose other pay-for anonymity services. This is not a bash of Tor or its design, but as we all know there are simply not enough servers running to handle the amount of clients. Perhaps someone could draft a generic response letter to be sent to law enforcement if a server operator is contact and post it online or even include it in the package. It might be easier for you to have the tor traffic routed through a gateway machine and have it limit bandwidth. On 1/11/07, gabrix [EMAIL PROTECTED] wrote: xiando wrote: I think this is a valid point. I ran an exit-node for a short while at home without thinking too much about it. The huge amount of traffic I was attracting (even within minutes of booting up) made me shut it off for the sake of personal convenience, but I don't think I will ever go back - Use bandwidth limiting? BandwidthRate 45 KB BandwidthBurst 95 KB This is low, but that's all I can spare on my home ADSL, and at least it contributes something. Limit your home node and it don't attract more than you can spare. Also, you can lower it temporarily (the minimum is 20 KB) and just -HUP tor if you need to upload a big file somewhere or something like that. explaining to the authorities why child porn/terrorist manuals/online fraud appear to have originated from my home IP is not an edifying prospect, to say the least. This is something you need to consider if you're going to run a exit node, you may have to face legal problems running a Tor exit server. If you are not willing to do it then don't. My view is that if it ever comes to that then I'll just face the legal problems, for in my view it won't be a matter of me vs. the state it'll be a matter of freedom (of speech) vs the state and if freedom vs the state has to be tried with my being involved then I'll do it. These days I generally run a middle-man node but even that has started to feel inappropriate for home use. I would be amazed if regular appearances on directory servers does not blink wildly on some form of institutional radar, low-hanging fruit and all that. Middle-man don't exit any traffic. If someone puts you on a list simply for _relaying_ encrypted traffic from A to B then that's just insane, but if someone wants to do it, then go ahead. I really don't see how running a middle-man node could get you into any kind of trouble (but what do I know). Has anyone ever got into trouble for running a middle-man node? * From a common-sense, peace-of-mind point of view, is running an exit-node strictly for co-located servers? Does anyone here run one at home? If so, have you had second thoughts? I run exit nodes co-located and also on my home ADSL. I don't have any second thoughts, but as said, I am aware that I may get into legal trouble and I'm 100% willing to face that if it comes to it - because, as said, I view that as something that would be Freedom vs Tyranny, allowing Tor-servers vs. forbidding them, not something that really has anything to do with me (apart from my name being on the legal action because I run a tor-server, but the case itself won't be me vs. the state, it'll be Tor vs. the state). * Are tor-at-home users who run middleman servers out of the goodness of their heart possibly exposing themselves to unwanted attention? Do we have any evidence of such attention, anecdotal or otherwise? Very good question. You'll be on the list of tor-servers, but I see no other attention you could get. I had run an exit node as middle-man for about 5 mounthes and i never got into any kind of legal troubble apart that normal operations like browsing were impossible even bandwidth limiting BandwidthRate 20KB and BandwidthBurst 20KBthe minimum possible.I hope with new versions of tor , bandwidth limiting improved because when i used it, it didn't seem much to work .My isp says i have a 2MB connection in download but it never goes up 500KB-700KB most of the time.I was really disappointed to stop my middle-man but i had to .Let me know how you find bandwidth limiting once you start because you better start and try yourself , hasta siempre !!!
Re: more letters from the feds
On Sat, Jan 27, 2007 at 11:12:01AM -0500, [EMAIL PROTECTED] wrote: Problem still exists though, that Tor needs more exit nodes. If nobody is You can buy a fast exit server, and choose it as your default exit. You can also build a private Tor network, and limit it to paying customers. (I'm welcome to suggestions as to which jurisdicions are most suitable in that respect). willing to run an exit server the performance of the network suffers dramatically. I personally find the performance of the network to be almost unusable, so I choose other pay-for anonymity services. This is Which ones do you use? How much do they charge? not a bash of Tor or its design, but as we all know there are simply not enough servers running to handle the amount of clients. So how many exit nodes are you running? Perhaps someone could draft a generic response letter to be sent to law enforcement if a server operator is contact and post it online or even include it in the package. It doesn't matter what you write, if your local jurisdiction outlaws e.g. pedophilia or persecutes online fraud and is serious about it you will receive more attention from LEOs and lawyers than you're comfortable with. Which is main reason why I'm no longer running an exit node. -- Eugen* Leitl a href=http://leitl.org;leitl/a http://leitl.org __ ICBM: 48.07100, 11.36820http://www.ativel.com 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE signature.asc Description: Digital signature
the small review of tor [article on ESpanish]
im send a small review on mexican FS magazine about of the tor proyect . all text on spanish.. http://revista-sl.gnulinux.com.mx/downloads/RevistaSL6.pdf more about the magazine www.revista-sl.org cheerss dud
Re: more letters from the feds
On 1/27/07, [EMAIL PROTECTED] [EMAIL PROTECTED] wrote: Problem still exists though, that Tor needs more exit nodes. If nobody is willing to run an exit server the performance of the network suffers dramatically. If *nobody* is willing to run an exit server the performance drops to zero (at least for all but hidden services). That brings up an idea, though. Are there certain common perfectly legitimate things that exit nodes are being used for, that maybe some hidden services could be set up to take the load off? For instance, one could set up a hidden service to search Google or to read Wikipedia, things which aren't going to attract any negative attention, but which would take the load off an exit server. Or what about a hidden service for reading web pages in general? Something which doesn't support POST (or maybe even GET), so is much less likely to be used abusively. Is this feasible? Anthony
Re: TorK 0.13 Released - Many new features
Due to a cock-up on my part, this version of TorK is only compatible with the alpha series of Tor for the time being. Once 'getinfo ns/all' makes it into the stable series, it'll be usable on both again. Apologies if I've inconvenienced any 'stable' users. BTW, will ns/all go into stable anytime soon? Or should I really consider winding back? On Saturday 27 January 2007 22:40, Robert Hogan wrote: Hi All, I've just released a new version of TorK, with quite a few new features. The addition of a mixminion client, as well as the facility to manage anonymous use of Opera and Firefox, broadens TorK's horizons a bit. I'm still looking for new ideas/features for TorK so if you can think of something useful it should have, let me know. Screenshots are available at: http://www.kde-apps.org/content/preview.php?preview=1id=39442file1=39442- 1.pngfile2=39442-2.pngfile3=39442-3.pngname=TorK The highlights for the new release are (you may recognize the changelog style ;-) ): Major Features o New, improved set-up wizard (incomplete but fully functional). o Send Anonymous Email using mixminion. o Browse Anonymously with Firefox o Browse Anonymously with Opera o Graphs now show system network traffic on eth* interfaces. o Link to privoxy configuration. o Modify appearance of konqueror windows when anonymous browsing enabled (experimental). Minor Features o Optional 'Paranoid' mode for browsing. o Improvements to tor network display. o Make exit nodes in the server list identifiable. o Improvements to quick launch interface. o Reverse lookup IP address of servers when displaying their status. o Better 'guard' icons. o Better privoxy management. You can try it straight from CVS: [handy copy/paste for installing it] cd ~ mkdir torkcvs cd torkcvs cvs -z3 -d:pserver:[EMAIL PROTECTED]:/cvsroot/tork co -P tork cd tork make -f Makefile.cvs ./configure make su -c 'make install' or download it at: http://sourceforge.net/project/showfiles.php?group_id=159836 Regards, Robert -- KlamAV - An Anti-Virus Manager for KDE - http://www.klamav.net TorK - A Tor Controller For KDE - http://tork.sf.net
Re: TorK 0.13 Released - Many new features
Hi Hogan and all, I'm trying to install Tork on my Kubuntu 6.06 machine. I'm not a C programmer, just script langs and much assembler level work a long time ago. I've followed the instructions to install from cvs, had to install make, autoconf, automake, and gcc when they were not found. When I do the ./configure I'm stumped with an error C compiler cannot make executables Can anyone help on this? Is it a file permission/owner problem or some such thing? Thanks, Patrick Robert Hogan wrote: Hi All, I've just released a new version of TorK, with quite a few new features. The addition of a mixminion client, as well as the facility to manage anonymous use of Opera and Firefox, broadens TorK's horizons a bit. I'm still looking for new ideas/features for TorK so if you can think of something useful it should have, let me know. Screenshots are available at: http://www.kde-apps.org/content/preview.php?preview=1id=39442file1=39442-1.pngfile2=39442-2.pngfile3=39442-3.pngname=TorK The highlights for the new release are (you may recognize the changelog style ;-) ): Major Features o New, improved set-up wizard (incomplete but fully functional). o Send Anonymous Email using mixminion. o Browse Anonymously with Firefox o Browse Anonymously with Opera o Graphs now show system network traffic on eth* interfaces. o Link to privoxy configuration. o Modify appearance of konqueror windows when anonymous browsing enabled (experimental). Minor Features o Optional 'Paranoid' mode for browsing. o Improvements to tor network display. o Make exit nodes in the server list identifiable. o Improvements to quick launch interface. o Reverse lookup IP address of servers when displaying their status. o Better 'guard' icons. o Better privoxy management. You can try it straight from CVS: [handy copy/paste for installing it] cd ~ mkdir torkcvs cd torkcvs cvs -z3 -d:pserver:[EMAIL PROTECTED]:/cvsroot/tork co -P tork cd tork make -f Makefile.cvs ./configure make su -c 'make install' or download it at: http://sourceforge.net/project/showfiles.php?group_id=159836 Regards, Robert
Re: TorK 0.13 Released - Many new features
On Saturday 27 January 2007 23:22, Patrick Hooker wrote: C compiler cannot make executables there are some suggestions in: http://forums.gentoo.org/viewtopic.php?t=27719 -- KlamAV - An Anti-Virus Manager for KDE - http://www.klamav.net TorK - A Tor Controller For KDE - http://tork.sf.net
Re: more letters from the feds
Anthony DiPierro writes: Or what about a hidden service for reading web pages in general? Something which doesn't support POST (or maybe even GET), so is much less likely to be used abusively. Is this feasible? The current directory scheme does allow (in fact, requires) policies to be specified in terms of IP addresses and TCP port numbers. So a web browsing only exit node is possible. A Google only exit node is possible if you knew the IP address of every Google server, which is a fairly tricky proposition. A GET-only exit node can't be specified with the current directory system, which isn't capable of expressing any information about what an node will do with connections to a particular TCP port other than allow or deny them. You could make an HTTP GET only exit node, but you wouldn't have a way to tell clients that your node enforced that policy, and users would probably get mad (and stop using your exit node entirely) when some of their transactions failed mysteriously. The fine-grainedness of exit policy languages is a difficult strategic question akin to the problem of the fine-grainedness of DRM policy languages. It's possible that making an exit policy language more specific would lead some existing exit node operators to forbid more things -- things that they would actually like to forbid but currently don't have a technical means of forbidding without getting effectively kicked out of the Tor network. On the other hand, it's possible that making an exit policy language more specific would lead some existing node operators to allow new things -- things that they wanted to allow but didn't have a technical means of specifying that they wanted to allow without also allowing other things that they didn't want to allow. It's also possible that some people who current don't run exit nodes would start allowing extremely limited exit nodes that they wouldn't have been willing to operate any other way. The technical overhead of moving beyond ports to a more specific kind of exit policy seems to me quite high, not because of the need to develop a language to express it, but because of the need to find a way of communicating it between the Tor client and client applications (to prevent applications from making requests that exit nodes they're using will block, or, conversely, to allow the Tor client to choose exit nodes that will not forbid any of the things that an application intends to do, or might possibly do). I'm not aware of any existing protocol that allows this information to be conveyed or any applications that support this kind of feature right now. To take a concrete example, how would Firefox tell Tor I need to be able to HTTP POST or how would an old version of lynx tell Tor I only support HTTP/1.0? How would ssh tell Tor that it was ssh? See section 2.1 of http://tor.eff.org/cvs/tor/doc/dir-spec.txt for the (extremely simple) status quo. -- Seth Schoen Staff Technologist[EMAIL PROTECTED] Electronic Frontier Foundationhttp://www.eff.org/ 454 Shotwell Street, San Francisco, CA 94110 1 415 436 9333 x107