Re: SSL only firefox add-on?
judaiko judaiko writes: > Let me say this first: > > One company had a firewall that blocked all non SSL traffic. > > So if you go https://mail.google.com and you sign in, it will stop you > at one URL which was not https. > > I am not sure if Gmail still does this i.e. redirect you to non https > (http) url after login, and then again go into https mode when you > enter gmail. > > So this firewall used to give error saying not allowed, but when you > changed it to https, the previous Gmail redirect url worked, and I > could login to Gmail. > > Now is there an add-on that does this in Firefox? > > Block ALL http traffic by default? EFF has been working on one called HTTPS Everywhere: https://www.eff.org/https-everywhere/ There are some subtle issues around situations where a site supports HTTPS for some resources but not others. For example, you can currently use https://www.google.com/ for encrypted web search, but only the unencrypted form http://www.google.com/language_tools?hl=en for translation services. As a result, HTTPS Everywhere has a database of rules with exceptions, so that a rule can apply to only a portion of a site. This may not do exactly what you want because you might prefer to block HTTP URLs entirely, rather than allowing them only if no HTTPS equivalent exists. You could probably achieve this in HTTPS Everywhere by adding a local wildcard rule that matches every HTTP site and redirects it to an intentionally broken page, such as a URL within your local host. The means of setting up your own local rewrite rules are described at https://www.eff.org/https-everywhere/rulesets -- Seth Schoen Senior Staff Technologist sch...@eff.org Electronic Frontier Foundationhttp://www.eff.org/ 454 Shotwell Street, San Francisco, CA 94110 +1 415 436 9333 x107 *** To unsubscribe, send an e-mail to majord...@torproject.org with unsubscribe or-talkin the body. http://archives.seul.org/or/talk/
Re: SSL only firefox add-on?
On Thu, 17 Jun 2010 19:47:44 + judaiko judaiko wrote: >Let me say this first: > >One company had a firewall that blocked all non SSL traffic. > >So if you go https://mail.google.com and you sign in, it will stop you >at one URL which was not https. > >I am not sure if Gmail still does this i.e. redirect you to non https >(http) url after login, and then again go into https mode when you >enter gmail. > >So this firewall used to give error saying not allowed, but when you >changed it to https, the previous Gmail redirect url worked, and I >could login to Gmail. > >Now is there an add-on that does this in Firefox? As noted previously: 1) Firefox should not be used without NoScript, and 2) NoScript allows the user to specify sites for which it will force the use of HTTPS. > >Block ALL http traffic by default? > >Then maybe like how Adblock plus is - "Disable on this page only" >allows http traffic only for that page? AFAIK, NoScript doesn't discriminate among individual pages, only by host+domainname. It does allow the use of wildcards in the names. Scott Bennett, Comm. ASMELG, CFIAG ** * Internet: bennett at cs.niu.edu * ** * "A well regulated and disciplined militia, is at all times a good * * objection to the introduction of that bane of all free governments * * -- a standing army." * *-- Gov. John Hancock, New York Journal, 28 January 1790 * ** *** To unsubscribe, send an e-mail to majord...@torproject.org with unsubscribe or-talkin the body. http://archives.seul.org/or/talk/
Orbot Transparent Proxy fails on Nexus One
All, I have a rooted Nexus One running Android 2.2 (Froyo). I installed Orbot, and gave it permission to run as root. However, I've unable to get transparent proxying to work. Neither Fennec nor the built-in browser get routed into it... Has anyone encountered this? I enabled transparent proxy, it comes up fine (or it says it does), and ... ? http://check.torproject.org comes up right away and says no go. thx, Jason. *** To unsubscribe, send an e-mail to majord...@torproject.org with unsubscribe or-talkin the body. http://archives.seul.org/or/talk/
Re: SSL only firefox add-on?
Try this greasemonkey script: http://userscripts.org/scripts/show/72944 (Forces SSL on specific websites, and you can adjust what websites too) On Jun 17, 2010, at 1:47 PM, judaiko judaiko wrote: > Let me say this first: > > One company had a firewall that blocked all non SSL traffic. > > So if you go https://mail.google.com and you sign in, it will stop you > at one URL which was not https. > > I am not sure if Gmail still does this i.e. redirect you to non https > (http) url after login, and then again go into https mode when you > enter gmail. > > So this firewall used to give error saying not allowed, but when you > changed it to https, the previous Gmail redirect url worked, and I > could login to Gmail. > > Now is there an add-on that does this in Firefox? > > Block ALL http traffic by default? > > Then maybe like how Adblock plus is - "Disable on this page only" > allows http traffic only for that page? > *** > To unsubscribe, send an e-mail to majord...@torproject.org with > unsubscribe or-talkin the body. http://archives.seul.org/or/talk/ *** To unsubscribe, send an e-mail to majord...@torproject.org with unsubscribe or-talkin the body. http://archives.seul.org/or/talk/
Re: Is JanusVM open source?
JanusVM uses open source software, but we didn't release the source because it was built with mostly .dpkg's. You have root by default on the console (inside the VM) if you want to look into it or modify it to your needs. Option 7 in the menu will drop you to a shell. The alternative would be Tor VM, which is open source. Project page can be found @ http://www.torproject.org/torvm/ Build instructions and sources can be found @ http://www.janusvm.com/tor_vm/ Also, their will be an update in the up coming weeks for both JanusVM and Tor VM. Martin and I have both been busy with our day jobs and haven't had much time to keep these projects maintained. Thank you, Kyle On Thu, Jun 17, 2010 at 12:33 PM, judaiko judaiko wrote: > Is JanusVM open source? > > Does JanusVM make you an exit node without your permission? >
SSL only firefox add-on?
Let me say this first: One company had a firewall that blocked all non SSL traffic. So if you go https://mail.google.com and you sign in, it will stop you at one URL which was not https. I am not sure if Gmail still does this i.e. redirect you to non https (http) url after login, and then again go into https mode when you enter gmail. So this firewall used to give error saying not allowed, but when you changed it to https, the previous Gmail redirect url worked, and I could login to Gmail. Now is there an add-on that does this in Firefox? Block ALL http traffic by default? Then maybe like how Adblock plus is - "Disable on this page only" allows http traffic only for that page? *** To unsubscribe, send an e-mail to majord...@torproject.org with unsubscribe or-talkin the body. http://archives.seul.org/or/talk/
Is JanusVM open source?
Is JanusVM open source? Does JanusVM make you an exit node without your permission?
Re: nameserver stats
Anders Andersson wrote: > Qualified guess: These might be so-called BitTorrent trackers. > > These tracker URLs are embedded in torrent files that you download. > You can download these torrent files from various sources, not > necessarily (even rarely) from the site itself. When you load these > torrents into a BitTorrent client, the client tries to contact all the > trackers embedded in the file, and will probably try every 5 minutes > or so. Smarter clients would give up or use incremental/exponential > back-off, but there are probably enough dumb clients out there to > compensate. attached you'll find the top 100 3rd level domain dns stats from the last four weeks. Still a lot of BitTorrent trackers... Olaf <>
Re: shadowserver.org
Am 14.06.2010 16:02, schrieb alex-...@copton.net: > I am running the exit-node tor-readme.spamt.net. My provider, > server4you, keeps getting abuse reports from shadowserver.org. Hi, server4you is not a good provider for exit nodes. They take down servers only because of spam abuses. :-( My recommendation is: use an other provider soon as possible. Until you can close your contract with server4you you may close ports for sending mails (465 and 587). May be, it will help a little bit. For your new server it may be the best choice to use a provider, who can set the RIPE-DB entry of the IP address to your contact address. (I was taught last time some provider offer this feature, but I have no more informations at the moment.) All abuses will go directly to you and not to your ISP. It is a very usefull feature for tor exit nodes. ;-) Best regards Karsten N. *** To unsubscribe, send an e-mail to majord...@torproject.org with unsubscribe or-talkin the body. http://archives.seul.org/or/talk/