Re: mac and tor with little snitch
Normally LittleSnitch will stop and throw up an alert for tor traffic. Which you can allow as per any normal connection. By a "global proxy" setting do you mean you have used the Proxy setting in /System Preferences/Network/ ? Cheers, Darren On 2010-07-20, at 5:17 PM, Andrew Lewman wrote: > On Tue, 20 Jul 2010 15:22:49 +0200 > Jerzy Łogiewa wrote: >> when I have the global proxy configured to make everything run >> through tor, the mac ignores little snitch rules! > > If I understand what litte snitch does, this behavior should be > expected. Little Snitch is just ipfw configuration, I think. If you > use tor, little snitch/ipfw won't see the traffic as it's being > tunnelled through Tor. > > -- > Andrew Lewman > The Tor Project > pgp 0x31B0974B > +1-781-352-0568 > > Website: https://www.torproject.org/ > Blog: https://blog.torproject.org/ > Identi.ca: torproject > skype: lewmanator > *** > To unsubscribe, send an e-mail to majord...@torproject.org with > unsubscribe or-talkin the body. http://archives.seul.org/or/talk/ __ Darren Thurston - darren.t.thurs...@gmail.com PGP Key ID: 0x6E43BED7 Fingerprint: A596 0ED5 CD20 A620 0038 A917 CEC4 E5BB 6E43 BED7 *** To unsubscribe, send an e-mail to majord...@torproject.org with unsubscribe or-talkin the body. http://archives.seul.org/or/talk/
Re: app for each app's tor control?
On Tue, 20 Jul 2010 15:34:10 +0200 Jerzy Łogiewa wrote: > i have an idea- i would like an app for easily controlling what gui > and non-gui apps are using tor, like with little snitch on the mac. You're welcome to try to make the application. Perhaps what you're running into is the system proxy settings and apps that honor those settings versus apps that have their own proxy settings and ignore the system settings. > in the best case it should detect like little snitch if an app that > is to be proxied is opening and automatically route it the proper > way, yes? i can program a little. is there some list member who can > help to outline the basic idea? It sounds like you want a gui for tsocks. -- Andrew Lewman The Tor Project pgp 0x31B0974B +1-781-352-0568 Website: https://www.torproject.org/ Blog: https://blog.torproject.org/ Identi.ca: torproject skype: lewmanator *** To unsubscribe, send an e-mail to majord...@torproject.org with unsubscribe or-talkin the body. http://archives.seul.org/or/talk/
Re: mac and tor with little snitch
On Tue, 20 Jul 2010 15:22:49 +0200 Jerzy Łogiewa wrote: > when I have the global proxy configured to make everything run > through tor, the mac ignores little snitch rules! If I understand what litte snitch does, this behavior should be expected. Little Snitch is just ipfw configuration, I think. If you use tor, little snitch/ipfw won't see the traffic as it's being tunnelled through Tor. -- Andrew Lewman The Tor Project pgp 0x31B0974B +1-781-352-0568 Website: https://www.torproject.org/ Blog: https://blog.torproject.org/ Identi.ca: torproject skype: lewmanator *** To unsubscribe, send an e-mail to majord...@torproject.org with unsubscribe or-talkin the body. http://archives.seul.org/or/talk/
Re: Tor 0.2.2.14-alpha is out
Sorry. Here is a clarification: our http and email bots "worked" well. We have stopped those bots for quite a while and have no plan to make them run again. I also realized email distribution is necessary for some people. So a challenge-response mechanism can be necessary too against bots. However, the challenge-response mechanism should be able to tell bots from humans. Otherwise, the bots can still send email, read email and analyze the email for bridges. Xinwen Fu On Tue, Jul 20, 2010 at 10:52 AM, Xinwen Fu wrote: > We have implemented the http and email bots, which are working well without > much human labor work. > > I'd recommend CATCHA to be implemented on the bridge http server. The email > server should have at least a challenge-response mechanism. However, this > challenge-response mechanism helps only a little bit. Maybe we should not > have the email distribution mechanism if decent CATCHA is used on the http > server? > > Xinwen Fu > > On Mon, Jul 19, 2010 at 5:17 AM, wrote: > >> On Mon, Jul 19, 2010 at 12:12:48AM +0800, moses.ma...@gmail.com wrote >> 1.0K bytes in 27 lines about: >> : Could you guys add a CAPTCHA test for the bridges page >> : https://bridges.torproject.org/ ? It is almost certain that bridges >> : are crawled, analyzed and blocked by bots now. >> >> This is on the short-term todo list. However, it's been told to us that >> humans are crawling the bridges, not bots. In particular, China is >> crawling the https and smtp pools by human interaction, not bots. >> >> Stopping the bots is a fine idea as well. I believe captchas are easy >> to break by automated analysis already, but we'll find out when we roll >> out a captcha on bridges.torproject.org. >> >> -- >> Andrew Lewman >> The Tor Project >> pgp 0x31B0974B >> +1-781-352-0568 >> >> Website: https://www.torproject.org/ >> Blog: https://blog.torproject.org/ >> Identi.ca: torproject >> Skype: lewmanator >> *** >> To unsubscribe, send an e-mail to majord...@torproject.org with >> unsubscribe or-talkin the body. http://archives.seul.org/or/talk/ >> > >
Re: Tor 0.2.2.14-alpha is out
We have implemented the http and email bots, which are working well without much human labor work. I'd recommend CATCHA to be implemented on the bridge http server. The email server should have at least a challenge-response mechanism. However, this challenge-response mechanism helps only a little bit. Maybe we should not have the email distribution mechanism if decent CATCHA is used on the http server? Xinwen Fu On Mon, Jul 19, 2010 at 5:17 AM, wrote: > On Mon, Jul 19, 2010 at 12:12:48AM +0800, moses.ma...@gmail.com wrote 1.0K > bytes in 27 lines about: > : Could you guys add a CAPTCHA test for the bridges page > : https://bridges.torproject.org/ ? It is almost certain that bridges > : are crawled, analyzed and blocked by bots now. > > This is on the short-term todo list. However, it's been told to us that > humans are crawling the bridges, not bots. In particular, China is > crawling the https and smtp pools by human interaction, not bots. > > Stopping the bots is a fine idea as well. I believe captchas are easy > to break by automated analysis already, but we'll find out when we roll > out a captcha on bridges.torproject.org. > > -- > Andrew Lewman > The Tor Project > pgp 0x31B0974B > +1-781-352-0568 > > Website: https://www.torproject.org/ > Blog: https://blog.torproject.org/ > Identi.ca: torproject > Skype: lewmanator > *** > To unsubscribe, send an e-mail to majord...@torproject.org with > unsubscribe or-talkin the body. http://archives.seul.org/or/talk/ >
Re: JonDonym has advantages over TOR?
Le mardi 20 juillet 2010 13.29:21, vous avez écrit : > If I ask this from them, theyd definitely say yes. > id like to hear from those who have used both. > > thanks. > > http://anonymous-proxy-servers.net/en/ > > *** > To unsubscribe, send an e-mail to majord...@torproject.org with > unsubscribe or-talkin the body. http://archives.seul.org/or/talk/ It have advantge and disadvantage, depend of your use ... It's what i thinked after tested both ;) signature.asc Description: This is a digitally signed message part.
Re: Tor 0.2.2.14-alpha is out
On 20 July 2010 03:14, Moritz Bartl wrote: > > Speaking on behalf of a good, blind friend: This is not true. Unless you > consider him "not normal". > I don't want to get into the intricacies of interface design, and ableism, but some points of note: -blind people are not normal: they suffer from a disability that differentiates them from others in terms of what they can do; -the blind are hard to cater for with WIMP-type computer interfaces; adapting interfaces for the blind is often a subsidiary - and difficult - task to basic interface design; -most good CAPTCHAs like (reCAPTCHA) already incorporate accommodations for blind users; I agree that it's important to design computer systems and interfaces such that they're accessible to those with disabilities. However, this should not be at the expense of the system's core functionality: we should not allow the great to be the enemy of the good. In this specific case, the point is probably moot. Spontaneuous idea: I think it might be interesting to use a fingerprint > similar to the one caculated by Panopticlick to limit/influence the > selection of bridge addresses. Panopticlick uses a fingerprinting system that's quite effective against individual web users, because of the way that we set our browsers up for functionality. However, a malicious automated crawler can say whatever it wants: whatever resolution, javascript, cookies, and flash settings it wants. Using that type of fingerprinting would have little effect on a malicious crawler, but would be extremely inconvenient for normal users.
app for each app's tor control?
hello! i have an idea- i would like an app for easily controlling what gui and non-gui apps are using tor, like with little snitch on the mac. maybe i can try to make this? what would be the best way to do this? in the best case it should detect like little snitch if an app that is to be proxied is opening and automatically route it the proper way, yes? i can program a little. is there some list member who can help to outline the basic idea? thank you! -- Jerzy Łogiewa -- jerz...@interia.eu -- Auta kilka tysiecy zlotych taniej? Przebieraj wsrod tysiecy ogloszen! Sprawdz >>> http://linkint.pl/f277c *** To unsubscribe, send an e-mail to majord...@torproject.org with unsubscribe or-talkin the body. http://archives.seul.org/or/talk/
mac and tor with little snitch
hello! i am looking for a solution for mac using tor and little snitch: when I have the global proxy configured to make everything run through tor, the mac ignores little snitch rules! how can I configure the app to respect little snitch rules and at the same time move through tor? thank you! -- Jerzy Łogiewa -- jerz...@interia.eu Wakacje na kredyt bez odsetek? Sprawdz mozliwosci kart kredytowych MultiBanku! http://linkint.pl/f27a7 *** To unsubscribe, send an e-mail to majord...@torproject.org with unsubscribe or-talkin the body. http://archives.seul.org/or/talk/
JonDonym has advantages over TOR?
If I ask this from them, theyd definitely say yes. id like to hear from those who have used both. thanks. http://anonymous-proxy-servers.net/en/ *** To unsubscribe, send an e-mail to majord...@torproject.org with unsubscribe or-talkin the body. http://archives.seul.org/or/talk/
Re: Tor 0.2.2.14-alpha is out
Hi, And it would be little affection to normal users. Speaking on behalf of a good, blind friend: This is not true. Unless you consider him "not normal". Spontaneuous idea: I think it might be interesting to use a fingerprint similar to the one caculated by Panopticlick to limit/influence the selection of bridge addresses. -- Moritz Bartl http://www.torservers.net/ *** To unsubscribe, send an e-mail to majord...@torproject.org with unsubscribe or-talkin the body. http://archives.seul.org/or/talk/