Re: An asking concirning the TB

[Andrew Lewman]

On Thu, 12 Aug 2010 09:16:14 +
James Brown  wrote:

> 1. What is the bug in the TB which lets that test define that I use
> Mozilla under Windows but not IE under Windows? Or the TB masqueradge
> only the OS not the type of browser? (I thought that it masqueradge
> the type of browser too, am I not right?).

Torbutton sets a common user agent to make all users look alike.   See
https://www.torproject.org/torbutton/design/#id2935059 for details.

> 2. It defined that by the browser characteristic "HTTP_ACCEPT
> Headers" those are only one in about 7000 browsers have that value.
> Why? What could mean the above value of that characterisrics?

Maybe Seth or Peter can answer this question based on the code logic
in panopticlick.

-- 
Andrew Lewman
The Tor Project
pgp 0x31B0974B
+1-781-352-0568

Website: https://www.torproject.org/
Blog: https://blog.torproject.org/
Identi.ca: torproject
Skype: lewmanator
***
To unsubscribe, send an e-mail to majord...@torproject.org with
unsubscribe or-talkin the body. http://archives.seul.org/or/talk/

Re: Restricted Exit Policy Port Suggestions?

[Robert Ransom]

On Wed, 11 Aug 2010 08:44:38 -0400
and...@torproject.org wrote:

> On Wed, Aug 11, 2010 at 03:05:24AM -0700, mikepe...@fscked.org wrote 1.8K 
> bytes in 55 lines about:
> : It's become clear that it is almost impossible to run an exit node
> : with the default exit policy in the USA, due to bittorrent DMCA abuse
> : spambots. I believe this means that we should try to come up with one
> : or more standard, reduced exit policy sets that allow use of the
> : majority of popular internet services without attracting bittorrent
> : users and associated spam.
> 
> Giving in to the automated accusations of DMCA violations is a sad
> statement on the contemporary Internet.  It seems the chilling effects
> of the DMCA are so palpable, no one wants to fight back any more, not
> users and not ISPs. See http://chillingeffects.org/ for more analysis
> and options on how to respond. Are there no ISPs/datacenters left in the
> USA willing to defend the First Amendment of the US Constitution and the
> user's legal protections under patent/trademark/copyright laws?

What you need is a federal prosecutor willing to put the DMCA-abuse
spammers behind bars for a zillion counts of perjury.  The threat of
the EFF sponsoring an occasional lawsuit over a blatantly false
accusation won't deter them; the spammers operate as ‘independent’
corporations with no real assets in their names, and if one shell
company gets zapped in civil court, they'll close it and start two new
ones running the same software the next day.  The threat of being sent
to prison for the next 2000 years might make those scum turn off their
spambots and go ooze back to wherever they came from.


Robert Ransom


signature.asc
Description: PGP signature

An asking concirning the TB

[James Brown]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

I use the latest stable version of TB 1.2.5 and pluging QuickJava 0.4.2.1.
When I tried the test on https://panopticlick.eff.org, I have had the
next results:
1. If J and JS disabled both:
User Agent Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US;
rv:1.9.2.3) Gecko/20100401 Firefox/3.6.3

HTTP_ACCEPT Headers
text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
windows-1251,utf-8;q=0.7,*;q=0.7 gzip,deflate en-us,en;q=0.5
Browser Plugin Details  no javascript
Time Zone no javascript
Screen Size and Color Depth no javascript
System Fonts no javascript
Are Cookies Enabled?No
Limited supercookie test no javascript
(In the realty I had enabled cookies).
2. If JS is enabled and J is disabled:
practically the same result except that it defined that cookies was enabled.
3. If J and JS enabled both I can see time zone, Screen Size and Color
Depth and others.

According with the above I have the next questions:
1. What is the bug in the TB which lets that test define that I use
Mozilla under Windows but not IE under Windows? Or the TB masqueradge
only the OS not the type of browser? (I thought that it masqueradge the
type of browser too, am I not right?).
2. It defined that by the browser characteristic "HTTP_ACCEPT
Headers" those are only one in about 7000 browsers have that value. Why?
What could mean the above value of that characterisrics?

-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.9 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iEYEARECAAYFAkxju94ACgkQV59uvM2EEnfAkACgpLygouvL4K7YIf0dbrtIM0sK
gZwAoIPZq7nCcEqAy3WFSYMrPWHG6++o
=jRh3
-END PGP SIGNATURE-
***
To unsubscribe, send an e-mail to majord...@torproject.org with
unsubscribe or-talkin the body. http://archives.seul.org/or/talk/

Re: Restricted Exit Policy Port Suggestions?

[Robert Ransom]

On Wed, 11 Aug 2010 03:05:24 -0700
Mike Perry  wrote:

> It's become clear that it is almost impossible to run an exit node
> with the default exit policy in the USA, due to bittorrent DMCA abuse
> spambots. I believe this means that we should try to come up with one
> or more standard, reduced exit policy sets that allow use of the
> majority of popular internet services without attracting bittorrent
> users and associated spam.
> 
> Using previous threads, I have an initial sketch of such a policy at:
> https://blog.torproject.org/blog/tips-running-exit-node-minimal-harassment
> 
> It includes the following ports: 20-22, 53, 79-81, 110, 143, 443, 465,
> 563, 587, 706, 873, 993, 995, 1863, 5190, 5050, 5222, 5223, 8008,
> 8080, .
> 
> While looking over the Vidalia settings, I just noticed that IRC is
> missing from this list: , 6667, 6697. 
> 
> However, IRC is also a common source of abuse and DDoS attacks, and is
> often forbidden by ISP AUP. Because of this, I was thinking we should
> probably define 3 or 4 levels of Exit Policy:
> 
> 1. Low Abuse (above list, possibly minus 465, 587 and 563)
> 2. Medium Abuse (above list, plus IRC)
> 3. High Abuse (default exit policy)
> 
> Now the question is, what other ports should we add or subtract from
> this list?

I just looked through the IANA-registration-based services file from
iana-etc 2.30 ( as installed
to /etc/services on Arch Linux).  Here are my recommendations:


Add:

* 70 (Gopher)
* 504 (Citadel (a BBS; see ))
* 553 (PIRP (see )
* 564 (9P (related to Plan 9; documented at multiple sites))
* 1649 (IANA-registered Kermit port)
* 2401 (CVS pserver)
* 2628 (DICT (see  and/or IETF RFC 2229))
* 3690 (Subversion)
* 4155 (bzr version control system)
* 4349 (fsportmap (related to Plan 9))
* 4691 (Monotone version control system)
* 5999 (CVSup)
* 6121 (SPDY)
* 9418 (Git)
* 11371 (HKP (“OpenPGP HTTP Keyserver”))


Gopher and Kermit are still in use; Citadel is in use, and the protocol
used on port 504 appears to support TLS.  PIRP may or may not be in
use, but I do not expect abuse complaints related to it.  9P is useful
over the Internet, and the Plan 9 ports are unlikely to be exposed to
the Internet (or accessed!) unintentionally or by technically clueless
users for the foreseeable future, so they should not result in abuse
complaints.  CVSup can be used to upgrade FreeBSD to a -CURRENT
system.  The rest of the ports listed above need no further explanation.


Other ports to consider:

* 194 (IANA-registered IRC port)
* 994 (IANA-registered IRC-SSL port)
* 1080 (IANA-registered SOCKS port)
* 1789 (in IANA services file, registered to DJB; described only as
  “hello”; possibly useful for testing connectivity to a
  soon-to-be-public server)
* 5191..5193 (other AOL ports; 5190 is already listed)
* 5556 (FreeCiv (turn-based game))
* 5688 (GGZ Gaming Zone (probably low-data-rate, although the protocol
  is probably not useful over Tor and should be checked for unwanted
  information disclosure))
* 6665 (in IANA services file; described only as “IRCU”)
* ..6673 (not listed in IANA services file, but used unofficially
  by the Inferno VM; overlaps with customary IRC ports; no ports in
  this range are listed as used by file-sharing programs)
* 8074 (Gadu-Gadu)
* 8990..8991 (in IANA services file; described as “webmail HTTP(S)
  service”)


I don't expect these ports to cause much trouble for the Tor exit node
(except possibly the IRC ports).  Port 1080 can be used to reach
BitTorrent or other rude services, but that's a little trickier for the
client to set up than Tor alone, and it is less likely to result in
DMCA complaints sent to the Tor exit operator (although the SOCKS
server operator may complain).


Robert Ransom


signature.asc
Description: PGP signature