New Privoxy 3.0.8 with Tor
When I've upgraded from Privoxy 3.0.6 to New Privoxy 3.0.8 These rules from user.action doesn't seem to work anymore: { +filter{hide-tor-exit-notation} } / {+filter-client-headers +filter{hide-tor-exit-notation}} / Now I can't use Tor to surf with exit node specific urls. Ie: http://showip.net.4edd4dbb3a352cee02ab8e2298b002477c778281.exit/ Please help me. Looking for last minute shopping deals? Find them fast with Yahoo! Search. http://tools.search.yahoo.com/newsearch/category.php?category=shopping
Re: How does tor encrypt my data?
That is to say: the exit node we choose must be trustable in keeping my privacy? Thank you for your valuable information! - Original Message - From: "F. Fox" <[EMAIL PROTECTED]> To: Sent: Tuesday, January 29, 2008 3:40 AM Subject: Re: How does tor encrypt my data? -BEGIN PGP SIGNED MESSAGE- Hash: SHA256 孙超 wrote: (snip) We know that there is an entrance node and an exit node in a path, cleartext is sent out from the exit node to the destination that we are aimed at. If so, my original cleartext could be revealed to the exit node? If my data is encrypted on my PC by the tor I runned, how does the exit node decrypt the ciphered text? How does it get the decrypt key? You should read the Tor FAQ; these questions are answered there: https://wiki.torproject.org/noreply/TheOnionRouter/TorFAQ#head-75d5f6d474527a80fc370d208252b4dfd2ea2efd I will answer the most important one in short here, though: Unless you're using something that provides end-to-end encryption (HTTPS, encrypting email with PGP/GPG, using SSH for logging into things, etc.), exit nodes can - and have been known to - spy on cleartext. They can also alter things being passed through; this is how Torment and similar tools attempt to "demask" those who haven't properly secured their browser. Another question is what kind of cryptology algorithm tor uses, RSA? or others? A bit about the public-key side of Tor: https://wiki.torproject.org/noreply/TheOnionRouter/TorFAQ#head-808ed17a2519e7851b33bcc620b67b97cac76511 I do know that AES is used on the symmetric-key side (although I don't know what key length is used). - -- F. Fox: A+, Network+, Security+ Owner of Tor node "kitsune" http://fenrisfox.livejournal.com -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.6 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iQIVAwUBR54vp+j8TXmm2ggwAQgc/A//UiAnqn45VEan0ucqmP5YhkvNr2vsph4D TO2fG38VBlSDXiHnMqYJ49eWxPj0SqlbCvLpxyJkgPpXAmXgN6QtrPN7WmlVCWmX qvoC14K8n8dbV00A/VL+1pbxA40OeLR8MKi4dABqA0422V2Ig+zj695bKECjrBWv aPWB99JktAaKAl4I4xTNDDe2mXz4Sc6zb4IkgwGmDJIkQzxvEoo2E7CUPDEhlEM8 DUKRHFyYySu7IT4wgKWluP0TWBHmhBofW0WEAH93usfjqom2atxe92Xn2aNldze5 LIAtuN1bHpq0kw7NGXqBX//mx3n7/lPis+vTRoEPWzR5w791hoE9Lrq20lGZYQfa jCwV8rpZxPWbb+y0qlDx9HwSslBgzozJaR7E4x3vLkz1ysVHm0AdY+0IudhYR+Qf m9jInj0Exg4vR/QThwbhQrqaMyijxxcA55Jd+3M++CWknUnxzEyot0pwVkXEvTNZ FoH91TocOO6suOlPWI36SuX8mlsdsky7BUh0O7FlEwfBRpPT2H6+TPrqNWB/6lzO +M1RB5kPamQa+9fhuMw32J/dxNzcR2n0SETND5d0nIzgu/zDL5T9d6RKGlySp9XY HJ1HX2W3XWvkeo/56NJigiCcgxYkocUe2b7unfNnh4BUUvk/YmqNBnGQE0J8dRqZ MX7aflbz49I= =W3nX -END PGP SIGNATURE-
Tor 0.2.0.18-alpha log entries
Hello all, I just upgraded to 0.2.0.18-alpha and I've seen the following in my logs: [...] 1.) Jan 28 15:08:42.412 [info] read_file_to_str(): Could not open "/var/lib/tor/router-stability": No such file or directory [...] 2.) Jan 28 15:08:43.382 [info] read_file_to_str(): Could not open "/var/lib/tor/unverified-consensus": No such file or directory 3.) Jan 28 15:08:43.382 [notice] We're missing a certificate from authority dannenberg with signing key F0A23AD304A0CFF4C27B3D0AE23468FBDD4E88F0: launching request. Jan 28 15:08:43.383 [info] routers_update_all_from_networkstatus(): The directory authorities say my version is ok. [...] 4.) Jan 28 15:08:53.787 [warn] Received http status code 404 ("Not found") from server '85.25.151.22:9030' while fetching "/tor/keys/fp/585769C78764D58426B8B52B6651A5A71137189A". 5.) Jan 28 15:08:53.787 [notice] We're missing a certificate from authority dannenberg with signing key F0A23AD304A0CFF4C27B3D0AE23468FBDD4E88F0: launching request. Jan 28 15:08:53.787 [info] connection_dir_request_failed(): Giving up on directory server at '85.25.151.22'; retrying Jan 28 15:08:53.787 [notice] We're missing a certificate from authority dannenberg with signing key F0A23AD304A0CFF4C27B3D0AE23468FBDD4E88F0: launching request. [...] 6.) Jan 28 15:08:54.366 [warn] Received http status code 404 ("Not found") from server '85.214.58.87:80' while fetching /tor/keys/fp/585769C78764D58426B8B52B6651A5A71137189A". Jan 28 15:08:54.366 [info] connection_dir_request_failed(): Giving up on directory server at '85.214.58.87'; retrying [...] 7.) Jan 28 15:24:09.384 [info] connection_dir_client_reached_eof(): Received extra server info (size 0) from server '128.31.0.34:9032' Jan 28 15:24:09.384 [info] connection_dir_client_reached_eof(): Received http status code 404 ("Not found") from server '128.31.0.34:9032' while fetching "/tor/server/d/22E30802B3AF156AB4A65AF3620FBCD20C030725 +0E51AA8EEE5D6D099332E7BA6FB8AE730771C5CF +4AC601292064ABD1785D057D8D2198F78F3B728E +56C6AD0E38918E84A451D1866F48FD5B6342FE60 +8C928F8E9A206A6931012CA10B997E1DE78D +DFF32A169565661124B176564D29AA312066944F +764EA3AD875C93EE75D562F7FCD5AD35C34487A9 +9241E32C11B39F026BFE3DF73135F450C8966F83 +172D428D55C5C2191431E5DD4AE32653FC17B4C5 +049F0632C7C06F38160E7A0FBFCA574546353006 +2A95C86EADB095F5D1029DE99A011D482313DBEB +1FC06BDABDD9ECABF8599BFD2F3D1CDBF0FD8938 +3AE1246C8752D87E04F530989E76E6FEFC3A5DE5 +1E0369BD1E2544827226B64B6F472DAE35F9E817 +A1428B9CE742D6AD51ABE30C0C220906C7C92890 +3DF742A4398044DE4A6DD8A8542CDB72A5C88CC6.z". I'll try again soon. [...] 1.) + 2.) Why occur this message? I'm not running a directory, only a relay with dirport and tornetworkstatus. 3.) + 5.) IMHO discussed recently on the list about missed certificates? 4.) + 6.) + 7.) May be a misconfiguration?? Does anybody know a reasonable answer or an explanation? Thanks in advance, Ruediger tor node arachne: 0D49 B1D8 0FD8 ED65 7D25 F137 CFB4 9B86 48C4 F386
Tor 0.2.0.18-alpha is out
Tor 0.2.0.18-alpha adds a sixth v3 directory authority run by CCC, fixes a big memory leak in 0.2.0.17-alpha, and adds new config options that can warn or reject connections to ports generally associated with vulnerable-plaintext protocols. https://www.torproject.org/download#Dev Changes in version 0.2.0.18-alpha - 2008-01-25 o New directory authorities: - Set up dannenberg (run by CCC) as the sixth v3 directory authority. o Major bugfixes: - Fix a major memory leak when attempting to use the v2 TLS handshake code. Bugfix on 0.2.0.x; fixes bug 589. - We accidentally enabled the under-development v2 TLS handshake code, which was causing log entries like "TLS error while renegotiating handshake". Disable it again. Resolves bug 590. - We were computing the wrong Content-Length: header for directory responses that need to be compressed on the fly, causing clients asking for those items to always fail. Bugfix on 0.2.0.x; fixes bug 593. o Major features: - Avoid going directly to the directory authorities even if you're a relay, if you haven't found yourself reachable yet or if you've decided not to advertise your dirport yet. Addresses bug 556. - If we've gone 12 hours since our last bandwidth check, and we estimate we have less than 50KB bandwidth capacity but we could handle more, do another bandwidth test. - New config options WarnPlaintextPorts and RejectPlaintextPorts so Tor can warn and/or refuse connections to ports commonly used with vulnerable-plaintext protocols. Currently we warn on ports 23, 109, 110, and 143, but we don't reject any. o Minor bugfixes: - When we setconf ClientOnly to 1, close any current OR and Dir listeners. Reported by mwenge. - When we get a consensus that's been signed by more people than we expect, don't log about it; it's not a big deal. Reported by Kyle Williams. o Minor features: - Don't answer "/tor/networkstatus-bridges" directory requests if the request isn't encrypted. - Make "ClientOnly 1" config option disable directory ports too. - Patches from Karsten Loesing to make v2 hidden services more robust: work even when there aren't enough HSDir relays available; retry when a v2 rend desc fetch fails; but don't retry if we already have a usable v0 rend desc. signature.asc Description: Digital signature
Re: HidServDirectoryV2 option
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 | Is there a design document on this DHT-like thing? Yes, there are multiple documents on different technical levels. The first is my GSoC 2007 application which contains the general idea, some pre-studies, and a brief security discussion; however, the design as described there has slightly changed while writing the specification and implementing it, so it is only about 90 % accurate: http://www.uni-bamberg.de/fileadmin/uni/fakultaeten/wiai_lehrstuehle/praktische_informatik/Dateien/Forschung/Tor/loesing-distributed-storage.pdf Then, proposal 114 contains a more accurate description of the design as it is implemented now, but with fewer explanations: https://tor-svn.freehaven.net/svn/tor/trunk/doc/spec/proposals/114-distributed-storage.txt The relevant parts of the proposal are also included in rend-spec.txt: https://tor-svn.freehaven.net/svn/tor/trunk/doc/spec/rend-spec.txt Just in case you need something more citable: I'm currently writing a paper about it (and some other stuff). If you like, I could send you the submitted version (as soon as it is submitted) via private e-mail. If you have comments on any of these documents, please feel free! Hope this helps! - --Karsten -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.6 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFHnksW0M+WPffBEmURAraxAKCT6X4z+tFOGSRcD3xN9QHfuqmqxwCgh4KF 3D97PHXQr8YFqv9eG1jzhBE= =mb7t -END PGP SIGNATURE-
Re: quick circuit tear down question
On Mon, Jan 28, 2008 at 03:53:51PM -0500, Roger Dingledine wrote: > On Wed, Jan 23, 2008 at 03:47:42PM -0600, Jon McLachlan wrote: > > Maybe more for developers... but, does anyone know a way to tear down > > only the last relay on an already constructed anonymous Tor circuit, in > > such a way that the circuit remains unchanged except for the > > disappearance of the last hop? It doesn't seem like this is > > documented/viable in the ControlPort given the spec @ > > http://www.torproject.org/svn/trunk/doc/spec/control-spec.txt, but maybe > > someone knows of a neat or hackish trick? :) Or maybe future releases > > of Tor might... > > Check out Section 5.4 of tor-spec.txt, which includes: > >To tear down part of a circuit, the OP may send a RELAY_TRUNCATE cell >signaling a given OR (Stream ID zero). That OR sends a DESTROY >cell to the next node in the circuit, and replies to the OP with a >RELAY_TRUNCATED cell. > > I don't think we've added any interface for this into the control > protocol, because we don't really have a safe use in mind yet. You > can read about the feature in tor-design.pdf under the phrase "leaky > pipe". But somebody needs to do more anonymity and performance analysis > first, to tell us what the tradeoffs are between tearing down part of > a certain and just starting a new one. > One example concern we had was that someone who owned the first two hops could kill the last part of the circuit and hope it was rebuilt to a compromised node. Put much too succinctly, this makes the anonymity roughly 1 - c^3/n^2 rather than 1 - c^2/n^2 , where c is the number of compromised nodes out of n nodes total. That statement rides roughshod over many important points. But there were enough concerns with this and other aspects of leaky-pipes that we decided we should put off deploying them until our analysis was holding water a little better. aloha, Paul
Re: quick circuit tear down question
On Wed, Jan 23, 2008 at 03:47:42PM -0600, Jon McLachlan wrote: > Maybe more for developers... but, does anyone know a way to tear down > only the last relay on an already constructed anonymous Tor circuit, in > such a way that the circuit remains unchanged except for the > disappearance of the last hop? It doesn't seem like this is > documented/viable in the ControlPort given the spec @ > http://www.torproject.org/svn/trunk/doc/spec/control-spec.txt, but maybe > someone knows of a neat or hackish trick? :) Or maybe future releases > of Tor might... Check out Section 5.4 of tor-spec.txt, which includes: To tear down part of a circuit, the OP may send a RELAY_TRUNCATE cell signaling a given OR (Stream ID zero). That OR sends a DESTROY cell to the next node in the circuit, and replies to the OP with a RELAY_TRUNCATED cell. I don't think we've added any interface for this into the control protocol, because we don't really have a safe use in mind yet. You can read about the feature in tor-design.pdf under the phrase "leaky pipe". But somebody needs to do more anonymity and performance analysis first, to tell us what the tradeoffs are between tearing down part of a certain and just starting a new one. Hope that helps, --Roger
Re: How does tor encrypt my data?
On Mon, Jan 28, 2008 at 03:23:58PM +0800, wrote: > But I still have some questions about how does tor work, especially how does > it encrypt my data? https://www.torproject.org/documentation#DesignDoc should help you -- especially tor-spec.txt. --Roger
Re: Ethical considerations about parent proxies for To r exit nodes [Was: Tor operator raided in Finland]
Hi, > >> Sometimes, when a Tor user does something illegal with Tor, the exit > >> node operator of the exit node the Tor user was using is blamed. > > > > if you use a transparent proxy plus a provider proxy as parent proxy > > for your TOR server, you can simply avoid that ;-) > (snip) > > While that's a wonderful solution from a practical standpoint, I'm sure > it's going to bother some people on an ethical one. > > Three things to consider: > > 1.) What kind of parent proxy is being used? Is it a misconfigured > system, or deliberately left open? for performance, and because i'm paying for it, i'm using a proxy of my provider; the ony misconfiguration is that i can't images of DVDs because there is a 2 GiB file size limit. And when i'm playing with open proxies, only with far away ones; on other continents. > 2.) Basically, all this does is make the parent proxy admin take the > fall, instead of you; that in itself may cause ethical problems with > some people. Nonsense; providers do not take the fall. But even if that would change: They do get payed for their job and i do pay for it. Greets
Re: Scripted exclusion of nodes? [Was: How to remove some useless nodes]
F. Fox wrote on 29.01.2008 00:54: > Kraktus wrote: >> You can add >> ExcludeNodes NodeName1, NodeName2 >> to your torrc, where the NodeName1, etc. are the names of Chinese exit >> nodes that you are aware of. However, you much disallow each Chinese >> node separately; you can't exclude by country. > (snip) > > Sadly, China's government would likely spend the resources to constantly > "randomize" their nodes, one way or the other. I suppose they wouldn't as this don't make much sense from the economic POV. As topic-starter (sorry, I don't speak Chinese, and can't read his name) said, it makes no sense to use exit-nodes located in China to avoid the Great Firewall. Don't forget it shouldn't necessarily be caused by some purposeful Chinese government's actions to poison the Tor network with 'fake' nodes. Even if Tor-client uses some legitimate exit-node located in China, she will get censored content just because that's what exit-node is receiving from the ISP. > Perhaps a script (set as a cron job?) could be used to find Chinese > nodes in the Tor directory on a regular basis, update the ExcludeNodes > section of the torrc, and do a "sudo killall -s SIGHUP tor" to load it. > I'll have to think it over... perhaps I could use it to get some > scripting practice? =;o) > > (Do note that this is UNIX-centric; if you're using Vidalia [as the > original poster said], I don't think it would be that easy.) > -- SATtva | security & privacy consulting www.vladmiller.info | www.pgpru.com
Re: Tor operator raided in Finland
Hi, i know that there's a RIPA act in UK, but some laws are illegal, e. g. the Nuremberg Laws, http://en.wikipedia.org/wiki/Nuremberg_Laws, and they doe not affect the international laws and do not impress international courts like the European Court of Justice, http://en.wikipedia.org/wiki/European_Court_of_Justice. And you don't need to forget the password; it's enough to mistake the password, you have been asked for, with others - nobody is perfect ;-) Greets -- > On 28.01.2008 at 20:10 Matthew MacGregor wrote: > > > I have no knowledge of the fact, but is there not some provision in > > the laws of any countries with these crypto laws to deal with the, > > "I forgot" defense. Because I can see every single person being > > asked for their passphrase to use this defense. Hell, I know I > > would... > > Well, the British government passed a law last year threatening 5 > years of jail if you do not disclose your keys/passphrases to unlock > these [0]. One could argue that by "forgetting" your passphrase you > actually fail to disclose it. On the other hand an US court recently > ruled that your password acually is protected by the 5th amendment > [1], but I believe the US govt is challenging this decision. Anyways > -- if you decide to "forget" your passphrase, I'd guess that you're at > least in danger of being held in contempt of court (but IANAL, > obviously). > > Greetings, > > > Niels > > [0] http://www.heise-security.co.uk/news/96850 > [1] http://yro.slashdot.org/article.pl?sid=07/12/15/1459243 > >
Re: [OT] NSA to spy on rest of government, launch counterattacks at crackers
It reminds me of some of the stuff out of the Matrix... hackers casing damage by manipulating the code of the Matrix, Machines moving in and out of everything... Greetings professor .. would you like to play a game?
Re: [OT] NSA to spy on rest of government, launch counterattacks at crackers
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Scott Bennett wrote: > Although this is off topic, it is closely related to the interests of > many on the list: > > http://www.theregister.co.uk/2008/01/27/bush_nsa_internal/ (snip) I don't think I really need to mention how high a degree of f---ed up-ness this notion presents, given the general mindset of people who subscribe to this list. I do find the part about "cyberwar" interesting, though - indeed, what *would* the rules of such a "conflict" be? It reminds me of some of the stuff out of the Matrix... hackers casing damage by manipulating the code of the Matrix, Machines moving in and out of everything... It sounds almost as cool, as does scary. =:oD - -- F. Fox: A+, Network+, Security+ Owner of Tor node "kitsune" http://fenrisfox.livejournal.com -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.6 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iQIVAwUBR54w+uj8TXmm2ggwAQh7Yw/9HGSGaVVz2xfrSTiBFG1IuDQ3TJazzFCI sllV8kwnTaGI3R18osERD31lnpTNEsEL2zcY+wapQI7rKOV0XI/0925XYuwZzqcH 2/fAYbscq/dZXzHigult31gsabsBa/4fop5/3TydRenjJXbcGD5nwp2zoz3wRGK2 6l/7N2mqKB5bhRG+tC7A0GEs7GmEZo3osybwM/ipn/1AczkvkNSzIuQwkl4ksA2Z BtxM0ttICTY/1pN2ZaPOgJlSJWREdZxzbrA3i+tv8F28e0kllyCD4L8Ivyni4gD3 7nTB9vQi+vDZ82MCoa+MJPTPN6sdyXKw7wz/TlYxKQjd10L9EHxcEz/CHQzrqn9b ILeClE5izbVSWtatDLP+TdYkmXaoyA/5JWzEAti1fbdK8VDHC0nR5kaMglp2kr+7 XW7BSBCDiDaCSvrq0uXW/8ikemlC7SB8K/1VSZM4Slku7svOLhT7HLysPyWGGNFV HgNHR1bIUxxjrF7tpPODYY2+r6k+TS1ktm7oLUIbCzxzJkyfthddZ67zpOuugDV0 nrqaxe0FY4Q9PXebY3Uni2rUsGZFPpOioPbQ43AtevorE5mkhPX3E32KH9/mKXj6 Y8lP/L3jdTRg9Jd1CA0troSql6ggQYewAHqabAS7GkD65r4zqBlJIsOj9EgPfPYP 5Zs4K8bXB8Y= =YT3d -END PGP SIGNATURE-
another unusual connection
on Mon, Jan 28, 2008 at 3:33 AM Roger Dingledine wrote: > Neat. So it was 212.112.242.159 in both cases? yes > Please let me know if it happens more (or if other people experience it > and can provide more details!), and maybe we'll narrow in further. will do. if there's anything i can do to provide you with more detailed/specific information then let me know & i will endeavour to do so. regards, john smith On 1/28/08, Roger Dingledine <[EMAIL PROTECTED]> wrote: > On Sun, Jan 27, 2008 at 10:42:14PM +, john smith wrote: > > another recurrence of the same type of unusual connection. > > i include the time the server started in the log below. the connection > > through 212.112.242.159 persists for a much longer period of time on > > this occassion (the 'scrubbed' connection did not occur last time). > > Neat. So it was 212.112.242.159 in both cases? > > New theory: in rare cases, Tor servers (like maximator) lie to directory > clients about what IP address they appear to have, due to iptables > confusion or something similar. More specifically, it claims that > everybody looks like itself. Then Tor servers that don't know their own > address get suckered into thinking they switched. > > If this is actually the bug, I'll have to ponder how to fix it well. We > could require several places to agree before we think we should switch; > but that would slow down reaction times considerably. We could only > believe answers from authorities; but I don't want to preclude better > load balancing. We could ignore it when we ask a directory mirror at IP > address X and he says we look like we're coming from IP address X; > that's probably a good idea, and I should add a check for this. Then we > can see if that check ever triggers. > > Please let me know if it happens more (or if other people experience it > and can provide more details!), and maybe we'll narrow in further. > > Thanks, > --Roger > >
Re: How does tor encrypt my data?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 孙超 wrote: (snip) > We know that there is an entrance node and an exit node in a path, > cleartext is sent out from the exit node to the destination that we are > aimed at. If so, my original cleartext could be revealed to the exit > node? If my data is encrypted on my PC by the tor I runned, how does the > exit node decrypt the ciphered text? How does it get the decrypt key? > You should read the Tor FAQ; these questions are answered there: https://wiki.torproject.org/noreply/TheOnionRouter/TorFAQ#head-75d5f6d474527a80fc370d208252b4dfd2ea2efd I will answer the most important one in short here, though: Unless you're using something that provides end-to-end encryption (HTTPS, encrypting email with PGP/GPG, using SSH for logging into things, etc.), exit nodes can - and have been known to - spy on cleartext. They can also alter things being passed through; this is how Torment and similar tools attempt to "demask" those who haven't properly secured their browser. > Another question is what kind of cryptology algorithm tor uses, RSA? or > others? A bit about the public-key side of Tor: https://wiki.torproject.org/noreply/TheOnionRouter/TorFAQ#head-808ed17a2519e7851b33bcc620b67b97cac76511 I do know that AES is used on the symmetric-key side (although I don't know what key length is used). - -- F. Fox: A+, Network+, Security+ Owner of Tor node "kitsune" http://fenrisfox.livejournal.com -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.6 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iQIVAwUBR54vp+j8TXmm2ggwAQgc/A//UiAnqn45VEan0ucqmP5YhkvNr2vsph4D TO2fG38VBlSDXiHnMqYJ49eWxPj0SqlbCvLpxyJkgPpXAmXgN6QtrPN7WmlVCWmX qvoC14K8n8dbV00A/VL+1pbxA40OeLR8MKi4dABqA0422V2Ig+zj695bKECjrBWv aPWB99JktAaKAl4I4xTNDDe2mXz4Sc6zb4IkgwGmDJIkQzxvEoo2E7CUPDEhlEM8 DUKRHFyYySu7IT4wgKWluP0TWBHmhBofW0WEAH93usfjqom2atxe92Xn2aNldze5 LIAtuN1bHpq0kw7NGXqBX//mx3n7/lPis+vTRoEPWzR5w791hoE9Lrq20lGZYQfa jCwV8rpZxPWbb+y0qlDx9HwSslBgzozJaR7E4x3vLkz1ysVHm0AdY+0IudhYR+Qf m9jInj0Exg4vR/QThwbhQrqaMyijxxcA55Jd+3M++CWknUnxzEyot0pwVkXEvTNZ FoH91TocOO6suOlPWI36SuX8mlsdsky7BUh0O7FlEwfBRpPT2H6+TPrqNWB/6lzO +M1RB5kPamQa+9fhuMw32J/dxNzcR2n0SETND5d0nIzgu/zDL5T9d6RKGlySp9XY HJ1HX2W3XWvkeo/56NJigiCcgxYkocUe2b7unfNnh4BUUvk/YmqNBnGQE0J8dRqZ MX7aflbz49I= =W3nX -END PGP SIGNATURE-
Re: Tor operator raided in Finland
Hi, > [EMAIL PROTECTED] wrote: > (snip) > > If someone would ask me for a password, i would spam, tell wrong > > passwords, to waste his time, which could be used to ask others for > > passwords ;-) > (snip) > > If the authorities tried to get encryption passphrases out of me - and I > didn't want them to have them - I would go for the "I forgot" > alternative. They are pretty huge, after all. yes, and what i meant is "wasting as much time as possible", so after about a dozen of wrong passwords it should be clear that i can't/will not tell the right one and that's the right time to say that the password is forgotten. For this i have several never used passwords for confusing; e. g. "secret" because a password should be secret and "common" passwords are simple ;-) On my PC with the TOR server i've got a self-made sticker (with signature, date and stamp) which says that a TOR server is running on this PC since some years and with a short explanation of TOR and that ALL log files do get deleted every day by overwriting before unlinking and some other stuff on that PC. Even if it does not help against raiding, it helps getting the hardware back earlier and close the case soon, because the observers are looking for something like a dokument to close the case or find evidences. But after a first look, they see that there are really no evidences and the only wise action is to close the case. Greets
Re: Tor operator raided in Finland
On 28.01.2008 at 20:10 Matthew MacGregor wrote: I have no knowledge of the fact, but is there not some provision in the laws of any countries with these crypto laws to deal with the, "I forgot" defense. Because I can see every single person being asked for their passphrase to use this defense. Hell, I know I would... Well, the British government passed a law last year threatening 5 years of jail if you do not disclose your keys/passphrases to unlock these [0]. One could argue that by "forgetting" your passphrase you actually fail to disclose it. On the other hand an US court recently ruled that your password acually is protected by the 5th amendment [1], but I believe the US govt is challenging this decision. Anyways -- if you decide to "forget" your passphrase, I'd guess that you're at least in danger of being held in contempt of court (but IANAL, obviously). Greetings, Niels [0] http://www.heise-security.co.uk/news/96850 [1] http://yro.slashdot.org/article.pl?sid=07/12/15/1459243 PGP.sig Description: This is a digitally signed message part
Ethical considerations about parent proxies for Tor exit nodes [Was: Tor operator raided in Finland]
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 [EMAIL PROTECTED] wrote: > Hi, > >> Sometimes, when a Tor user does something illegal with Tor, the exit >> node operator of the exit node the Tor user was using is blamed. > > if you use a transparent proxy plus a provider proxy as parent proxy > for your TOR server, you can simply avoid that ;-) (snip) While that's a wonderful solution from a practical standpoint, I'm sure it's going to bother some people on an ethical one. Three things to consider: 1.) What kind of parent proxy is being used? Is it a misconfigured system, or deliberately left open? 2.) Basically, all this does is make the parent proxy admin take the fall, instead of you; that in itself may cause ethical problems with some people. 3.) Also, if it's a misconfigured machine, they may not even realize they could get in trouble; at least Tor node admins know what they're providing, and are likely to take proactive steps in protecting their privacy and legal situation. - -- F. Fox: A+, Network+, Security+ Owner of Tor node "kitsune" http://fenrisfox.livejournal.com -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.6 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iQIVAwUBR54m/+j8TXmm2ggwAQixoA/+PFhVgncQQcOnPCg3GVO8e5yD/2CtaYNz tLAc9uGSLbqlJY+zg5JlU0RxEbP1MCNNHo+NnXyLq/Q3B+10bqzkhk9+j9YKTTYK 0anZAcEBVT2VxbKPHxtd8GdTsubHd1QnAfMuRDD9YN0RLfwsAhJZXS/tmSShtc/y 3wN7RYeFoVf18cmBUaBhXmeeIDnad/7O04Wu+2BQoiNXcwtmxIN7AAPCH0xsu5Ro nyqt6S4aCq1P4QtRL3cOyh2acDWoKDpsRpEN52oQ8WGewAz3Cxjle6itThVdVxZZ j1DuQK/v09Yghv1JfByzgjzivOTtECXMC1EeVQ9PM4XoYwKj2ef4y1F/GB/BOnVq d6FAtArlnt3LOkEzXwxVa7MR0bjrd6WEtmjUqS1cq0IIMkca3VPkmG+fUgm0n0Hm yJNBvRRmEsrAQt8ck9QyGl5SoQRF3/IdSz9kO9WeOHbS7QBh+RYqW5XFNi+9WRRB Ytz5SF2CJtr3Ch9Tys80K2Ptp9WJEMa9Ix4A0qVIgTT7Th1clO7uCiFYVaW/Wds8 te3YY4fW9As5ThjJWsNRs4JMvOPJZdxqn7r+Tc1yAglF1ll6dhhRpBEW9ipDPzdp M+puNSBOyde4vxmITkOo/HmDDa9zhkIkBr6w/O5E6UHyqQXzeUCZ+AcgknHDqcxW ZGq0uU9WRmM= =HFeF -END PGP SIGNATURE-
Re: HidServDirectoryV2 option
(much snippage) > So, what happens when you set "HidServDirectoryV2 1"? Your relay will > become part of a DHT-like directory for hidden service descriptors. (yet even more further snippage) Hi Karsten, Is there a design document on this DHT-like thing? Thanks, Eugene -- Eugene Y. Vasserman Ph.D. Candidate, University of Minnesota http://www.cs.umn.edu/~eyv/
Scripted exclusion of nodes? [Was: How to remove some useless nodes]
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Kraktus wrote: > You can add > ExcludeNodes NodeName1, NodeName2 > to your torrc, where the NodeName1, etc. are the names of Chinese exit > nodes that you are aware of. However, you much disallow each Chinese > node separately; you can't exclude by country. (snip) Sadly, China's government would likely spend the resources to constantly "randomize" their nodes, one way or the other. Perhaps a script (set as a cron job?) could be used to find Chinese nodes in the Tor directory on a regular basis, update the ExcludeNodes section of the torrc, and do a "sudo killall -s SIGHUP tor" to load it. I'll have to think it over... perhaps I could use it to get some scripting practice? =;o) (Do note that this is UNIX-centric; if you're using Vidalia [as the original poster said], I don't think it would be that easy.) - -- F. Fox: A+, Network+, Security+ Owner of Tor node "kitsune" http://fenrisfox.livejournal.com -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.6 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iQIVAwUBR54k/ej8TXmm2ggwAQjm+BAAlUJyyj8yDbcN35wFxdmG4eVp0wrsCpSK 84ZdDcZJI3DbTCOH8Utok5caPKoDnorM5y+Vm1IM7xLf6fS+iY8X5dBF1Bg+9Yk2 sClrPRpqVxj6PNmbvMUG7HIrreXcYlTGX/yzy9zpx2afuxt15JVDinT6mN8xSAwa 41Jpbywh0EEKFitZcLYmpxoW2sXDZi1iAA69JXQ5btj+HIBmn8ayZ6JSXWU4ynn1 bEXz7MIO2ZOYrQSHJPChRwYJnQG75cUZWGoFv6u0oTIWBh2n3FsboVHWdZOU7mBK DQ7O0WffwI3ZvzQp9Pr77Y/s+RGgJB6ORUm3oVxz4TteEGyz7f3NJT5LHoNYwsi7 3XDaTvpM+zsfV7Jw9h4vLHvJ93l9AKkKn+W+MnHfmQAju3jmPQ0wK5MA+6nDUqCi h0S/UAV8tQu7NIlRqWaVVMRejmIixnd5xPgwtJKaj7FPuZovMF3VqpsnSAeFEti+ eheOp8Pc25wmblkqV5MZHLECiBaOgSjVVkH1foY920CTHw0rPvqyPXjQVPFlJmq4 LBb/tqR6hjmm7+tH2FMaPmc18T253a8hhMUEINqF8uiZoOqTYLc28TjJOmXcG7H1 7sWEyx6QxL2FwHPExYVW+e4Qy40QDTeAP3WC71itmTIsUX/XIqrb0E84is8CVxng ckubjQ74+CQ= =1amc -END PGP SIGNATURE-
Re: Tor operator raided in Finland
I have no knowledge of the fact, but is there not some provision in the laws of any countries with these crypto laws to deal with the, "I forgot" defense. Because I can see every single person being asked for their passphrase to use this defense. Hell, I know I would... --- Matthew - Original Message - From: "F. Fox" <[EMAIL PROTECTED]> To: Sent: Monday, January 28, 2008 6:42 PM Subject: Re: Tor operator raided in Finland -BEGIN PGP SIGNED MESSAGE- Hash: SHA256 [EMAIL PROTECTED] wrote: (snip) If someone would ask me for a password, i would spam, tell wrong passwords, to waste his time, which could be used to ask others for passwords ;-) (snip) If the authorities tried to get encryption passphrases out of me - and I didn't want them to have them - I would go for the "I forgot" alternative. They are pretty huge, after all. I just don't trust the state of the law, as for trying to group not divulging passphrases with the 5th Amendment and similar laws. There's a good chance, IMO, it'll end up being put with the 4th and not the 5th, unfortunately. My passphrasses are humongous, so it's quite plausible that they could be forgotten. It's happened before... - -- F. Fox: A+, Network+, Security+ Owner of Tor node "kitsune" http://fenrisfox.livejournal.com -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.6 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iQIVAwUBR54iCOj8TXmm2ggwAQi2Iw/+LfTccCAbJhyqSgQZa1Ea9UGkFkzuxJK/ h6kvYzSrPGww0UKQi2l+g6XHsQTqqG5jrz3NcwYDWCj9unsVLrPDmWXBYey5USjC c7/BDLFrO3+J0DU4BSZyWCQVdYvYez5Z9VfRsHvG+bj4w8kmkSww2o+4Ol1lnup3 P7Ab47ybdHmb7bLF6u8KcdvxHXSaXPS/MKjJSsJCf0WdF/c1gwweUgU6R9+NnsgH gmRDfFFLEwCADDSOjuOrIBfLX/HteVft9C+EdPPBa7QvoOAZxf+iIIIZTzwVjrhc R6Tbwj0vdrDgpTbDqea6qcq77C/wuzEMZgfN1geI7QzbcMJK1ey7S/HgQb8ZunYe ekjTu5E146KfF8tWxTXp3StBjH3ic3j7gg8nLI9PIq+1GFWyDKAPafnB3GZ33Qca LU/ZD/J4Eziyx8T4Lv9TVZ5+QCoqNSj4518oEOFAxwumamWyHTn9bqa6Sxb8CACL AwTy51EFWdy0BpTBMQ5apt4iFm+DJIvbZ2qYR2lwiNg5xJJAdCCk0RmQDzXAgTA2 mNMODavHOX9nya0jaRHitA3hkauISNa+oKBqY3sjCHXt36I3yuatxlSOQ37s2Ox0 moMU/gEftYdYOx6PV5rHfwdwVGFpRj6glBNEkcHkTru7GxHjaCyVB+OpQ1ausv3P xZA4qCkZiwQ= =ikEI -END PGP SIGNATURE- --- avast! Antivirus: Outbound message clean. Virus Database (VPS): 080127-1, 27/01/2008 Tested on: 28/01/2008 19:10:11 avast! - copyright (c) 1988-2008 ALWIL Software. http://www.avast.com
Re: Tor operator raided in Finland
We're all very sorry to hear about your hassles. I hope the authorities realize there is nothing they can find and that issue is resolved quickly. Thank you for being an exit node and running a server. > (This, BTW, is exactly why I run my node as middleman-only; it's just > too risky for a home user, IMO.) There are the unfortunate risks, but the odds of this happening are very low, and more authorities are realizing that there is nothing on the machines. IMHO the benefits to some many others outweigh the small risks of an unlucky few. Thanks again!
Re: Tor operator raided in Finland
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 [EMAIL PROTECTED] wrote: (snip) > If someone would ask me for a password, i would spam, tell wrong > passwords, to waste his time, which could be used to ask others for > passwords ;-) (snip) If the authorities tried to get encryption passphrases out of me - and I didn't want them to have them - I would go for the "I forgot" alternative. They are pretty huge, after all. I just don't trust the state of the law, as for trying to group not divulging passphrases with the 5th Amendment and similar laws. There's a good chance, IMO, it'll end up being put with the 4th and not the 5th, unfortunately. My passphrasses are humongous, so it's quite plausible that they could be forgotten. It's happened before... - -- F. Fox: A+, Network+, Security+ Owner of Tor node "kitsune" http://fenrisfox.livejournal.com -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.6 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iQIVAwUBR54iCOj8TXmm2ggwAQi2Iw/+LfTccCAbJhyqSgQZa1Ea9UGkFkzuxJK/ h6kvYzSrPGww0UKQi2l+g6XHsQTqqG5jrz3NcwYDWCj9unsVLrPDmWXBYey5USjC c7/BDLFrO3+J0DU4BSZyWCQVdYvYez5Z9VfRsHvG+bj4w8kmkSww2o+4Ol1lnup3 P7Ab47ybdHmb7bLF6u8KcdvxHXSaXPS/MKjJSsJCf0WdF/c1gwweUgU6R9+NnsgH gmRDfFFLEwCADDSOjuOrIBfLX/HteVft9C+EdPPBa7QvoOAZxf+iIIIZTzwVjrhc R6Tbwj0vdrDgpTbDqea6qcq77C/wuzEMZgfN1geI7QzbcMJK1ey7S/HgQb8ZunYe ekjTu5E146KfF8tWxTXp3StBjH3ic3j7gg8nLI9PIq+1GFWyDKAPafnB3GZ33Qca LU/ZD/J4Eziyx8T4Lv9TVZ5+QCoqNSj4518oEOFAxwumamWyHTn9bqa6Sxb8CACL AwTy51EFWdy0BpTBMQ5apt4iFm+DJIvbZ2qYR2lwiNg5xJJAdCCk0RmQDzXAgTA2 mNMODavHOX9nya0jaRHitA3hkauISNa+oKBqY3sjCHXt36I3yuatxlSOQ37s2Ox0 moMU/gEftYdYOx6PV5rHfwdwVGFpRj6glBNEkcHkTru7GxHjaCyVB+OpQ1ausv3P xZA4qCkZiwQ= =ikEI -END PGP SIGNATURE-
Re: How to remove some useless nodes
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 孙超 wrote: > We in China use tor mainly for avoiding Great Fire Wall, which is a very > strong internet censorship software operated by the government. So, if > linkage with nodes within China is completely useless for us to break > the censorship. Usually, we can cut off such connection in tor's graphic > window vidalia manually, but it very bothering, we must keep an eye on > whether there is linkage within China. I wonder if there is some way to > remove nodes located in China. Although I'm not in a country like China, nor do I know a solution, do know that I support any effort which makes Tor a better tool for circumventing the Great Firewall. The ability to exclude nodes by [approximate] geography would be a nice feature; taking a look at TorStatus, I notice that the nodes (including my own) are already identified with their country of origin. - -- F. Fox: A+, Network+, Security+ Owner of Tor node "kitsune" http://fenrisfox.livejournal.com -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.6 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iQIVAwUBR54gS+j8TXmm2ggwAQiVpRAAvk36odM1GPfOiHQ7bAyzaly4IFyqogDB 79BtSzPKwLBCJR0hU/vmgOJHYxw3x+hAki6Q6rYFFk3MWO1m1e6u+vTgTc1L4EO1 rzuZSW/Q3+W1g9ynSeqwupgi30OL5wnOQMl8LhgSm9uVqnHa22F91fviOapbC9Na +G+y4HFdNyvLMY2rAc9FGOHXlWHldZpV16jf2BFhe6M4t6uYUpXIaR6NZ7ssuciO XeIiWjAxMo/7aGt1ps2QwaEpCi3DsDE/gCKZaJ4j80Mq5Obd5kOKlovuxlRualeq nCEJn8DS9R35mLmoH6UVZe9agJ8vyq3HRl4iqox7fVTqLliLrA5aK7orI9mrjFbs E2Ml/0C3p0rhSzUxSzrys0yY04DrKdQE4T30vVAP+A9fdXkBWGboB+rgW1ZyvzTZ Vk/o5uSYjf0sEymkNXJjC2CpuTc2DjfLL+hBNQB1ReQEmRUglce11RHw6ObTPy5P 7z/K7NOiRFIOApxwil1mgXQrnK49gOExxgZHLTdoBYLLQwA+7ZzkVbmTOPLAAe9k pxtCwvvOvf61zEKVPRFVUpWWa5n2rTAUDQN8ZjvpR+KIOXz1Hhf0TM21aUqzresF 92FC8ZDf5O7aCySpnsEAv0ITGyrSmEAdwXCs4YeC5fySiLi90q4g/N5LTqpdtizN vE+0g5zk63M= =S5FI -END PGP SIGNATURE-
Re: 100% CPU - again
On Mon, Jan 28, 2008 at 09:21:51AM -0500, [EMAIL PROTECTED] wrote 0.2K bytes in 1 lines about: : Sorry to come back with this problem, but where does it come from? The older releases of Tor/Vidalia didn't use 100% CPU during afew minutes, so (sorry to ask so directly!) why isn't it fixed in the last release? Well, we don't know what the issue is. Nor can we recreate the issue ourselves. Therefore, we need more data. Can you give Tor/Vidalia some sort of output which shows what calls are being made while Tor/Vidalia is at 100%? In unix world this could be strace, oprofile, or gdb output. I'm not sure which OS you have, but more data about what Tor/Vidalia are doing would be great. https://bugs.torproject.org for tor issues, or http://trac.vidalia-project.net/wiki/ReportingBugs for Vidalia issues. Thanks. -- Andrew
100% CPU - again
Sorry to come back with this problem, but where does it come from? The older releases of Tor/Vidalia didn't use 100% CPU during afew minutes, so (sorry to ask so directly!) why isn't it fixed in the last release?
Warning messages
Hi, I noticed this message in the Vidalia log window: "[Warning] Application request to port 110: this port is commonly used for unencrypted protocols. Please make sure you don't send anything you would mind the rest of the Internet reading!" This is great, but as I check various addresses on the port 110 every 5 minutes or so, my log window is full of this. Is there a way to stop the program sending THIS warning? (I know that port 110 is NOT encrypted, but don't care for these addresses) Thanks
Re: How to remove some useless nodes
On Jan 26, 2008 10:08 PM, Kraktus <[EMAIL PROTECTED]> wrote: > On 26/01/2008, 孙超 <[EMAIL PROTECTED]> wrote: > > We in China use tor mainly for avoiding Great Fire Wall, which is a very > > strong internet censorship software operated by the government. So, if > You can add > ExcludeNodes NodeName1, NodeName2 > to your torrc, where the NodeName1, etc. are the names of Chinese exit > nodes that you are aware of. However, you much disallow each Chinese > node separately; you can't exclude by country. It would be interesting if tor exits used passive connection monitoring to figure out if they are on a content modifying or censoring network, then made a note of it in the directory. Users could then choose to avoid that exit while people interested in censorship or neutrality would have a shortlist to do research from. Some types of censoring are pretty subtle and couldn't easily be detected this way, but the Great Firewall is pretty obvious.
[OT] NSA to spy on rest of government, launch counterattacks at crackers
Although this is off topic, it is closely related to the interests of many on the list: http://www.theregister.co.uk/2008/01/27/bush_nsa_internal/ Scott Bennett, Comm. ASMELG, CFIAG ** * Internet: bennett at cs.niu.edu * ** * "A well regulated and disciplined militia, is at all times a good * * objection to the introduction of that bane of all free governments * * -- a standing army." * *-- Gov. John Hancock, New York Journal, 28 January 1790 * **