Re: Searching for "good" ISPs
On 20 February 2010 01:43, Ted Smith wrote: > On Fri, 2010-02-19 at 17:32 -0800, coderman wrote: >> On Fri, Feb 19, 2010 at 4:22 PM, wuiv yccwg wrote: >> > ... >> > Basically, I am after some feedback and maybe a wish list or >> > suggestions. What Tor community would like to see in such kind of >> > service provider? >> >> Tor is a decentralized architecture. why use Tor in your centralized >> (even if distributed) network? >> >> based on your description a one or two hop VPN service would fit the >> needs of your customers and design nicely. attempting to use Tor in >> such a configuration would only mislead your users about the potential >> privacy and security that could be afforded. >> >> perhaps i have misunderstood the nature of your "hosted Tor service". > > One of the services they offer is VPN access to an entry node that's > local to the VPN - this simulates a two-hop Tor proxy. > > But what the main subject of the email was, it seems, was their new > service which allows people to host Tor nodes. The implication being > that they are a "good" ISP/Tor host. > Yes, exactly. It is basically the idea to be a "good" tor host, among other things. I believe that presence of such 'potentially' concentrated Tor subnetworks would be beneficial to the network because: 1. It would simplify running high bandwidth tor servers for not technically minded people. 2. It would add bandwidth capacity to the network. We could scale it up to tens, even hundreds Gbps if there is demand. 3. The network still stays fairly distributed, thanks to /16 hack, and careful use of Family configuration options. 4. Users get more options. As with using VPN to get to the same box running the EntryNode. Someone wants to trade some anonymity for speed by trading down to effectively 2 hop scheme. They would get this _option_. Not everyone needs a bulletproof anonymity. Some people just want to have some anonymity to simply prevent ISP's selling their clickstreams, for example. Just good Internet hygiene. 5. Eventually, once Tor gets more popular, which I think quite likely. Particularly, if it gets quicker. This kind of networks could grow in something similar to today's bandwidth exchanges like LINX LONAR LIPEX and such, but in Tor network. 6. With growth of Tor network it will inevitably gravitate to a topology which minimises cost of bandwidth anyway. just a thought... *** To unsubscribe, send an e-mail to majord...@torproject.org with unsubscribe or-talkin the body. http://archives.seul.org/or/talk/
Re: launch external application warning
On 02/16/2010 02:00 AM, Luis Herrera wrote: >> This is a UI problem with either otr or pidgin. Naturally you think >> clikcing "Authenticate" means you want to authenticate the user. What >> it really means is that pidgin tries to load your default browser to go >> to the otr website to explain what "authenticate" means, like a help >> file. >> > *** Yes, that is what I thought. Is there a way to tell the portable > Tor-enabled Firefox browser, "always use me and don't launch any other > browser"? I agree on the risks. I'll hack at this a bit and see if I can figure it out. -- Andrew Lewman The Tor Project pgp 0x31B0974B Website: https://torproject.org/ Blog: https://blog.torproject.org/ Identi.ca: torproject *** To unsubscribe, send an e-mail to majord...@torproject.org with unsubscribe or-talkin the body. http://archives.seul.org/or/talk/
Re: Searching for "good" ISPs
On Fri, 2010-02-19 at 17:32 -0800, coderman wrote: > On Fri, Feb 19, 2010 at 4:22 PM, wuiv yccwg wrote: > > ... > > Basically, I am after some feedback and maybe a wish list or > > suggestions. What Tor community would like to see in such kind of > > service provider? > > Tor is a decentralized architecture. why use Tor in your centralized > (even if distributed) network? > > based on your description a one or two hop VPN service would fit the > needs of your customers and design nicely. attempting to use Tor in > such a configuration would only mislead your users about the potential > privacy and security that could be afforded. > > perhaps i have misunderstood the nature of your "hosted Tor service". One of the services they offer is VPN access to an entry node that's local to the VPN - this simulates a two-hop Tor proxy. But what the main subject of the email was, it seems, was their new service which allows people to host Tor nodes. The implication being that they are a "good" ISP/Tor host. signature.asc Description: This is a digitally signed message part
Re: why polipo?
On 02/15/2010 12:09 PM, Michael Gomboc wrote: > Why is polipo used and no longer privoxy? The first question is, "why a http proxy at all?" The answer is, because Firefox SOCKS layer has hard-coded timeouts, and other issues, https://bugzilla.mozilla.org/show_bug.cgi?id=280661. Personally, I don't use an http proxy, I simply let my browser talk to tor via socks directly. The user experience sucks, because you'll receive untold numbers of "The connection has timed out" warnings, because firefox won't wait for Tor to build a circuit. Chrome, Safari, and Arora (amongst others) don't have this problem. Once Firefox fixes bug 280661, we don't need a http proxy at all. However, given the current pace of progress on 280661, we may switch to Chrome before the fix occurs. The second question is, "why switch from privoxy to polipo?" Privoxy is fine filtering software that works well for what is it intended to do. However, it's user experience is lacking due to it lacking a few features, namely, http 1.1 pipelining, caching most requested objects, and it needs to see the entire page to parse it, before sending it on to the browser. Lack of these three features is the reason we switched from privoxy to polipo. We've received plenty of feedback that browsing with polipo in place of privoxy "feels faster". The feedback indicates that because polipo streams the content to the browser for rendering nearly as fast as it receives it from Tor, the user understands what's going on and will start to read the web page as it loads. Privoxy, necesarily, will load the entire page, parse it for items to be filtered, and then send the page on to the browser. The user experience, especially on a slow circuit, is that nothing happens, the browser activity icon spins forever, and suddenly a page appears many, many seconds later. If Tor was vastly faster, privoxy's mode of operation wouldn't matter. We're working on making Tor faster. However, purposely showing the user how slow tor can be with privoxy was a huge point of complaint, and not what we intended to do. Does polipo have some bugs? Sure. Chrisd primarily, among others, is working on fixing them. At the current rate of progress on firefox bug 280661, we'll have polipo fixed before mozilla releases the SOCKS layer fix. Chrisd even wrote Mozilla a patch and submitted it on the bug. The final point is that this is all free software. You are in control. If you don't like polipo, but do like privoxy, then don't install polipo and use privoxy. The power of choice is yours. -- Andrew Lewman The Tor Project pgp 0x31B0974B Website: https://torproject.org/ Blog: https://blog.torproject.org/ Identi.ca: torproject *** To unsubscribe, send an e-mail to majord...@torproject.org with unsubscribe or-talkin the body. http://archives.seul.org/or/talk/
Re: Searching for "good" ISPs
On Fri, Feb 19, 2010 at 4:22 PM, wuiv yccwg wrote: > ... > Basically, I am after some feedback and maybe a wish list or > suggestions. What Tor community would like to see in such kind of > service provider? Tor is a decentralized architecture. why use Tor in your centralized (even if distributed) network? based on your description a one or two hop VPN service would fit the needs of your customers and design nicely. attempting to use Tor in such a configuration would only mislead your users about the potential privacy and security that could be afforded. perhaps i have misunderstood the nature of your "hosted Tor service". best regards, *** To unsubscribe, send an e-mail to majord...@torproject.org with unsubscribe or-talkin the body. http://archives.seul.org/or/talk/
Re: Tor on the Nokia N900 (Mobile Tor stuff)
7v5w7go9ub0o wrote: > On 02/18/10 20:07, Jacob Appelbaum wrote: >> The performance of Tor is similar to any other Tor client - this is our >> reference C implementation running on the N900. >> >> With that said - You may want to hold out and get an Android phone. >> We're looking to do a release of Tor on Android next week. We have some >> very promising alphas and it's quite exciting! > > Please correct me if I'm wrong, but am a little surprised at the > interest in TOR on Android - Android seems a closed, phone-home "cloud" > computer with little/no regard for privacy or anonymity. I'd always > wonder about a nice little log somewhere on my phone and/or in the "cloud". > I think that Android offers us a new possibility for telephones. I also like the N900 but I feel that Nokia often screws their user community. It's good to have options and so the more Tor on the more devices, the better. You may be interested in hearing about the Guardian project: http://openideals.com/guardian/ Additionally, you may also be interested in Noisedroid: https://www.noisebridge.net/wiki/Noisedroid Or perhaps the more well known cyanogen firmware: http://www.cyanogenmod.com/ All of those offer a possibility for an Android system built entirely from Free Software pieces. The big missing piece is the baseband and when last I checked there was not a single smart phone with a free baseband firmware. Harald Welte is currently working on on solving this problem for the Calypso chipset: http://laforge.gnumonks.org/weblog/2010/02/19/#20100219-announcing_osmocom_bb The future looks nice all around. Having Tor on as many of these devices will provide many people with options beyond what we can imagine. > OTOH, IIUC, The N900 can be configured as a traditional lap/desktop. > (Arguably, one may want to hold out for an entirely open-source meego > N900 with the new Intel chip) > The same can be said about almost any phone software. You can hack it and the barrier for entry is really the only sticking point. The N900 and Android aren't too terribly different from a consumer standpoint. If you're running the stock firmware from your phone provider, you're beholden to their backdoors or whatever crazy bugs they haven't patched. In any case, Tor provides you with a nice anonymity solution. It is far from perfect (baseband security issues, etc) but it's certainly better than nothing. Having Tor in the Android Market and having Tor in the Maemo repository allows people to choose. We'll also hopefully have Tor on Windows Mobile in the future but I can't seem to find anyone who wants to Bell The Cat. :-) Best, Jake signature.asc Description: OpenPGP digital signature
Re: Searching for "good" ISPs
Hi All, Sorry for this shameless plug, but it seems to be very relevant to the topic. As someone said before this is Capitalism and if there is demand there will be supply. I am actually working for a startup company Coldbot (UK), https://coldbot.com/ and we are running a beta test of hosted Tor service (still very much in development stage, though). Feel free to have a look. The idea is to to give customers an option to run Tor servers without getting too deep into technical details and without worrying how 'Tor friendly' their ISP is. The plans are to have Tor, VPN and some kind of proxy server services which customers could pick and match in any combination they want. As one of the options the customers could VPN into coldbot network and use it as the EntryNode their Tor server running on Coldbot network. Which would be almost the same as having so much discussed 2 hop Tor routing. Quite a few other combinations are possible as well, including simply running a Tor server either as relay or exit. Basically, I am after some feedback and maybe a wish list or suggestions. What Tor community would like to see in such kind of service provider? Thank You. *** To unsubscribe, send an e-mail to majord...@torproject.org with unsubscribe or-talkin the body. http://archives.seul.org/or/talk/
Re: Tor on the Nokia N900 (Mobile Tor stuff)
Perhaps, that is a good reason FOR Tor to be on Android. I'm a huge android fan (currently making my living off of Android development, in fact) - and the reason that it is so interesting to me is because it covers all of the major US carriers, numerous international carriers, and it's available on both high and low end phones. There is a huge amount of interoperability that you just don't get by just developing for a single Nokia phone. Rich Jones On Fri, Feb 19, 2010 at 3:53 PM, 7v5w7go9ub0o <7v5w7go9u...@gmail.com> wrote: > On 02/18/10 20:07, Jacob Appelbaum wrote: >> The performance of Tor is similar to any other Tor client - this is our >> reference C implementation running on the N900. >> >> With that said - You may want to hold out and get an Android phone. >> We're looking to do a release of Tor on Android next week. We have some >> very promising alphas and it's quite exciting! > > Please correct me if I'm wrong, but am a little surprised at the > interest in TOR on Android - Android seems a closed, phone-home "cloud" > computer with little/no regard for privacy or anonymity. I'd always > wonder about a nice little log somewhere on my phone and/or in the "cloud". > > OTOH, IIUC, The N900 can be configured as a traditional lap/desktop. > (Arguably, one may want to hold out for an entirely open-source meego > N900 with the new Intel chip) > > > > *** > To unsubscribe, send an e-mail to majord...@torproject.org with > unsubscribe or-talk in the body. http://archives.seul.org/or/talk/ > *** To unsubscribe, send an e-mail to majord...@torproject.org with unsubscribe or-talkin the body. http://archives.seul.org/or/talk/
Re: Tor on the Nokia N900 (Mobile Tor stuff)
On 02/18/10 20:07, Jacob Appelbaum wrote: > The performance of Tor is similar to any other Tor client - this is our > reference C implementation running on the N900. > > With that said - You may want to hold out and get an Android phone. > We're looking to do a release of Tor on Android next week. We have some > very promising alphas and it's quite exciting! Please correct me if I'm wrong, but am a little surprised at the interest in TOR on Android - Android seems a closed, phone-home "cloud" computer with little/no regard for privacy or anonymity. I'd always wonder about a nice little log somewhere on my phone and/or in the "cloud". OTOH, IIUC, The N900 can be configured as a traditional lap/desktop. (Arguably, one may want to hold out for an entirely open-source meego N900 with the new Intel chip) *** To unsubscribe, send an e-mail to majord...@torproject.org with unsubscribe or-talkin the body. http://archives.seul.org/or/talk/
Re: Tor in China
On 2/19/10 5:00 PM, Andrew Lewman wrote: > On 02/19/2010 05:20 AM, onion.s...@nym.hush.com wrote: >> http://metrics.torproject.org/bridge-users-graphs.html#china >> >> if there is no clear explanation account for the doubling of the >> usage figure in the whole December, i would speculate that this is >> an error in the estimation. could anyone confirm this? > > The best person to answer this is Karsten, and he's currently traveling. > We await his answer. That's a fine question. It's already on my list. I'll let you know as soon as I have a better answer than "probably something wrong with the measurements." --Karsten *** To unsubscribe, send an e-mail to majord...@torproject.org with unsubscribe or-talkin the body. http://archives.seul.org/or/talk/
Re: Tor on the Nokia N900 (Mobile Tor stuff)
Hi > I'm happy to announce that we've gotten Tor working as a client on the > Nokia N900 GSM telephone. We've written up a blog post and some > instructions. We'd love to get some feedback: > https://blog.torproject.org/blog/tor-nokia-n900-maemo-gsm-telephone that is *very* good news..well done Ian -- http://ianlawrence.info *** To unsubscribe, send an e-mail to majord...@torproject.org with unsubscribe or-talkin the body. http://archives.seul.org/or/talk/
[Solved] Problem with Tor 0.2.1.23....not managed to confirm that its ORPort is reachable
Roger Dingledine wrote: > On Wed, Feb 17, 2010 at 02:13:30PM +, Soviet Union wrote: [...] > > Did the new subversion tor-geoipdb_0.2.1.23-2~~lenny+1_all.deb be maked > > as imrpovement of that bug? > > Yes, the new deb should take care of it for now. Yes, now it works. There is also a new logentry: OpenSSL OpenSSL 0.9.8k 25 Mar 2009 looks like version 0.9.8l; I will try SSL3_FLAGS to enable renegotation. [...] tnx Benn *** To unsubscribe, send an e-mail to majord...@torproject.org with unsubscribe or-talkin the body. http://archives.seul.org/or/talk/
Re: Tor in China
On 02/19/2010 05:20 AM, onion.s...@nym.hush.com wrote: > http://metrics.torproject.org/bridge-users-graphs.html#china > > if there is no clear explanation account for the doubling of the > usage figure in the whole December, i would speculate that this is > an error in the estimation. could anyone confirm this? The best person to answer this is Karsten, and he's currently traveling. We await his answer. -- Andrew Lewman The Tor Project pgp 0x31B0974B Website: https://torproject.org/ Blog: https://blog.torproject.org/ Identi.ca: torproject *** To unsubscribe, send an e-mail to majord...@torproject.org with unsubscribe or-talkin the body. http://archives.seul.org/or/talk/
Re: What version FF for Mac 10.5.2 ppc
On 02/19/2010 06:41 AM, zzzjethro...@email2me.net wrote: > I just downloaded the new Vidalia/Tor bundle for Mac 10.5.2 ppc. > This version of Tor is 0.2.1.23-0.2.7 > > I am using Firefox 3.0.17. Is this a good safe Firefox for this version of > Tor? 3.0.18 was just released, otherwise, sure sounds good. -- Andrew Lewman The Tor Project pgp 0x31B0974B Website: https://torproject.org/ Blog: https://blog.torproject.org/ Identi.ca: torproject *** To unsubscribe, send an e-mail to majord...@torproject.org with unsubscribe or-talkin the body. http://archives.seul.org/or/talk/
Re: [Kraut] inquiries from law enforcement authorities
Eugen Leitl wrote: > On Wed, Feb 17, 2010 at 11:22:09PM +0100, Olaf Selke wrote: > >> It really has become an advantage providing my "own" pi address space. > > You don't have your own ASN, though? no overengineering ;-) Olaf *** To unsubscribe, send an e-mail to majord...@torproject.org with unsubscribe or-talkin the body. http://archives.seul.org/or/talk/
What version FF for Mac 10.5.2 ppc
I just downloaded the new Vidalia/Tor bundle for Mac 10.5.2 ppc. This version of Tor is 0.2.1.23-0.2.7 I am using Firefox 3.0.17. Is this a good safe Firefox for this version of Tor? thanX
Re: [Kraut] inquiries from law enforcement authorities
On Wed, Feb 17, 2010 at 11:22:09PM +0100, Olaf Selke wrote: > It really has become an advantage providing my "own" pi address space. You don't have your own ASN, though? > Thus according to ripe registry database police assumes me being the isp > and asking me about customer data. Otherwise without own address space > an isp would point with their finger on me being the bad guy. This > certainly would lead to police knocking on my door. -- Eugen* Leitl http://leitl.org";>leitl http://leitl.org __ ICBM: 48.07100, 11.36820 http://www.ativel.com http://postbiota.org 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE *** To unsubscribe, send an e-mail to majord...@torproject.org with unsubscribe or-talkin the body. http://archives.seul.org/or/talk/
Re: Tor in China
http://metrics.torproject.org/bridge-users-graphs.html#china if there is no clear explanation account for the doubling of the usage figure in the whole December, i would speculate that this is an error in the estimation. could anyone confirm this? On Fri, 12 Feb 2010 13:26:22 +0800 onion.s...@nym.hush.com wrote: >http://metrics.torproject.org/bridge-users-graphs.html#china > >The figure almost doubles in the whole December. These extra >usages >disappears after that. Does anyone know what happens? > >On Thu, 11 Feb 2010 21:11:16 +0800 Runa Sandvik > wrote: >>On Thu, Feb 11, 2010 at 2:08 PM, Curious Kid >> wrote: From: Jon >>> To: or-talk@freehaven.net Sent: Wed, February 10, 2010 2:10:16 AM Subject: Re: Tor in China Am not sure if they are still blocking, but I presume there >are >>some blocks still on, as the bridge usage is very high for users >>from there. >>> >>> Are you talking about who uses a bridge you operate? I hope >>there is not a way for people to know who uses bridges in >general. >> >>There is an estimate of the number of Chinese Tor users via >>bridges: >>http://metrics.torproject.org/graphs.html#bridgeusers >> >>-- >>Runa Sandvik >>** >* >> >>To unsubscribe, send an e-mail to majord...@torproject.org with >>unsubscribe or-talkin the body. >>http://archives.seul.org/or/talk/ > >*** > >To unsubscribe, send an e-mail to majord...@torproject.org with >unsubscribe or-talkin the body. >http://archives.seul.org/or/talk/ *** To unsubscribe, send an e-mail to majord...@torproject.org with unsubscribe or-talkin the body. http://archives.seul.org/or/talk/
[OT] more censorship, government-issued spyware coming to France
http://www.spiegel.de/international/europe/0,1518,678508,00.html Perhaps more people in Europe will have to relearn the hard way why the right of the people to keep and bear arms must be held inviolate. Scott Bennett, Comm. ASMELG, CFIAG ** * Internet: bennett at cs.niu.edu * ** * "A well regulated and disciplined militia, is at all times a good * * objection to the introduction of that bane of all free governments * * -- a standing army." * *-- Gov. John Hancock, New York Journal, 28 January 1790 * ** *** To unsubscribe, send an e-mail to majord...@torproject.org with unsubscribe or-talkin the body. http://archives.seul.org/or/talk/