Re: Why does Gmail claim Tor IPs are located in one country when blutmagie.de claims they are located in a different country?
I go to http://torstatus.blutmagie.de/ and have a look at the exit node gigatux called emohawk2.gigatux.com and located at 78.129.201.189. This appears to be located in the UK according to blutmagie.de. whois and RIPE agree with blutmagie. Gmail is wrong. Perhaps they use different geoip databases. If you look at your circuits, are you exiting from the UK or do you have split circuits where some may be going to gstatic.com through another place? I am not sure what split circuits are but I assume it is where multiple exit nodes are used to access the website. In this case I was using gigatux with StrictExitNodes = 1 so AIUI all traffic is accessing Gmail (and therefore gstatic.com) via one node based in the UK. *** To unsubscribe, send an e-mail to majord...@torproject.org with unsubscribe or-talkin the body. http://archives.seul.org/or/talk/
polipo
it seems the censoredHeaders not working for me. have anyone tried to use this and add useragent? *** To unsubscribe, send an e-mail to majord...@torproject.org with unsubscribe or-talkin the body. http://archives.seul.org/or/talk/
Re: $keyid of my server
Orionjur Tor-admin wrote: Andrew Lewman wrote: On Wed, 18 Aug 2010 01:20:25 + Orionjur Tor-admin tor-ad...@orionjurinform.com wrote: Where I can find it for pointing out MyFamily in /etc/torrc ? I find only my node fingerprint. That's your keyid, or look for the log message on start: [notice] Your Tor server's identity key fingerprint is Or here, https://trac.torproject.org/projects/tor/wiki/TheOnionRouter/TorFAQ#Iwanttorunmorethanonerelay After I write there MyFamily 90ECA7259B93B08FEC9872B2A1C065A0C05B2EE4,9087CA232B155B415AD81C0D3F636FC898246DEB I have the next errors output when I reatart my Tor daemon: ABORTED: Tor configuration invalid: Aug 19 17:44:13.042 [notice] Tor v0.2.2.14-alpha (git-3218a82991d890b0). This is experimental software. Do not rely on it for strong anonymity. (Running on Linux i686) Aug 19 17:44:13.045 [warn] Failed to parse/validate config: Invalid nickname '90ECA7259B93B08FEC9872B2A1C065A0C05B2EE4' in MyFamily line Aug 19 17:44:13.045 [err] Reading config failed--see warnings above. When I point out nicknames of my nodes, restarting of tor-daemon has no problem but I have the next record in logs: I have no descriptor for the router named OrionTorNode in my declared family; I'll use the nickname as is, but this may confuse clients. What do I wrong? In addition to the above, I have the next record in my log of the tor on my tor-node 'OrionTorNode': You specified a server OrionTorNode1 by name, but this name is not registered, so it could be used by any server, not just the one you meant. To make sure you get the same server in the future, refer to it by key, as $9087CA232B155B415AD81C0D3F636FC898246DEB. But that name ('OrionTorNode1') is a name of working tor-server that presents in statistics (see, for example, torstatus.blutmagie.de ). *** To unsubscribe, send an e-mail to majord...@torproject.org with unsubscribe or-talkin the body. http://archives.seul.org/or/talk/
Re: Tor Project 2008 Tax Return Now Online
Jonathan D. Proulx wrote: While I do think it's good to see the funding there are two points that are important to remember. 1) this is a freesoftware project the code is there for all to see, hopefully clueful people other than the US Government are reading it. 2) no matter who's funding it the US gov't could read the code (see above) and would continue to (potentially) have a near global view of internet traffic. To a large extent freesoftware defends agains the worst abuses funders can demand (1), but I wouldn't fully trust TOR against China either (2) -Jon *** To unsubscribe, send an e-mail to majord...@torproject.org with unsubscribe or-talkin the body. http://archives.seul.org/or/talk/ I think so too. But I have an asking - were there any court proceedings (successful or not) against tor-users based on their deanonimisation in the USA? Because I never hear or read about it I very want to know it. If there were no such proceedings it seems to me that we must acknowledge that efficiency of the Tor has very high level. *** To unsubscribe, send an e-mail to majord...@torproject.org with unsubscribe or-talkin the body. http://archives.seul.org/or/talk/
Re: $keyid of my server
Am 19.08.2010 17:49, schrieb Orionjur Tor-admin: After I write there MyFamily 90ECA7259B93B08FEC9872B2A1C065A0C05B2EE4,9087CA232B155B415AD81C0D3F636FC898246DEB I have the next errors output when I reatart my Tor daemon: prepend each fingerprint with a $ sign. Once I made the same mistake. The docs afaik doesn't mention it. Here's my exit nodes' config option: MyFamily $6297B13A687B521A59C6BD79188A2501EC03A065,$67EC84376D9C4C467DCE8621AACA109160B5264E,$66CA87E164F1CFCE8C3BB5C095217A28578B8BAF,$7B698D327F1695590408FED95CDEE1565774D136 Olaf *** To unsubscribe, send an e-mail to majord...@torproject.org with unsubscribe or-talkin the body. http://archives.seul.org/or/talk/
Re: $keyid of my server
Olaf Selke wrote: Am 19.08.2010 17:49, schrieb Orionjur Tor-admin: After I write there MyFamily 90ECA7259B93B08FEC9872B2A1C065A0C05B2EE4,9087CA232B155B415AD81C0D3F636FC898246DEB I have the next errors output when I reatart my Tor daemon: prepend each fingerprint with a $ sign. Once I made the same mistake. The docs afaik doesn't mention it. Here's my exit nodes' config option: MyFamily $6297B13A687B521A59C6BD79188A2501EC03A065,$67EC84376D9C4C467DCE8621AACA109160B5264E,$66CA87E164F1CFCE8C3BB5C095217A28578B8BAF,$7B698D327F1695590408FED95CDEE1565774D136 Olaf *** To unsubscribe, send an e-mail to majord...@torproject.org with unsubscribe or-talkin the body. http://archives.seul.org/or/talk/ Very thanks, I will try. *** To unsubscribe, send an e-mail to majord...@torproject.org with unsubscribe or-talkin the body. http://archives.seul.org/or/talk/
Re: $keyid of my server
Olaf Selke wrote: Am 19.08.2010 17:49, schrieb Orionjur Tor-admin: After I write there MyFamily 90ECA7259B93B08FEC9872B2A1C065A0C05B2EE4,9087CA232B155B415AD81C0D3F636FC898246DEB I have the next errors output when I reatart my Tor daemon: prepend each fingerprint with a $ sign. Once I made the same mistake. The docs afaik doesn't mention it. Here's my exit nodes' config option: MyFamily $6297B13A687B521A59C6BD79188A2501EC03A065,$67EC84376D9C4C467DCE8621AACA109160B5264E,$66CA87E164F1CFCE8C3BB5C095217A28578B8BAF,$7B698D327F1695590408FED95CDEE1565774D136 Olaf *** To unsubscribe, send an e-mail to majord...@torproject.org with unsubscribe or-talkin the body. http://archives.seul.org/or/talk/ Very thanks, your advice was useful, the problem was resolved on its base. *** To unsubscribe, send an e-mail to majord...@torproject.org with unsubscribe or-talkin the body. http://archives.seul.org/or/talk/
Re: Tor Project 2008 Tax Return Now Online
Orionjur Tor-admin writes: I think so too. But I have an asking - were there any court proceedings (successful or not) against tor-users based on their deanonimisation in the USA? Because I never hear or read about it I very want to know it. If there were no such proceedings it seems to me that we must acknowledge that efficiency of the Tor has very high level. I think there are a number of techniques that law enforcement and intelligence agencies have that don't get introduced in court at a particular time because the agencies don't want people to know about their capabilities, even at a potential cost of not being able to get particular convictions. One analogy to this is the unsubstantied claim that the British intentionally avoided making an effective air defense of Coventry during World War 2 in order to avoid compromising the Ultra program (the ability to read Enigma traffic). https://secure.wikimedia.org/wikipedia/en/wiki/Bombing_of_Coventry#Coventry_and_Ultra (I wish I had an analogy that was actually based on something we know really happened...) I think two contemporary examples could be the ability to decrypt GSM traffic over the air, as described by many researchers, and the ability to obtain false certificates from CAs in the global PKI, as suggested in Soghoian and Stamm's paper. http://events.ccc.de/congress/2009/Fahrplan/attachments/1519_26C3.Karsten.Nohl.GSM.pdf http://petsymposium.org/2010/papers/hotpets10-Soghoian.pdf I don't mean to say that any particular agency has these capabilities, just that it seems plausible that some do. People who can do these things might not want to mention it in court because that might have the effect of changing a lot of people's behavior. One that's actually more alarming to me (because I don't know how to defend against it) is backdoors in hardware, like those described in http://www.usenix.org/event/leet08/tech/full_papers/king/king.pdf I don't think someone who had incorporated a backdoor like that in some popular device would want to mention it in any public context. -- Seth Schoen Senior Staff Technologist sch...@eff.org Electronic Frontier Foundationhttps://www.eff.org/ 454 Shotwell Street, San Francisco, CA 94110 +1 415 436 9333 x107 *** To unsubscribe, send an e-mail to majord...@torproject.org with unsubscribe or-talkin the body. http://archives.seul.org/or/talk/
Re: THE GLOBAL ADVERSARY [was: Tor Project 2008 Tax Return]
Thus spake Mike Perry (mikepe...@fscked.org): So if you were the Global Traffic Analysis Adversary then you would distract, delay, deny and defend lack of protection from your analysis. If you also funded the project then that would make that task easier. Don't forget all the University professors and grad students doing Tor research independent of the Tor Project. They are paid off to keep quiet, too. Most of them have island beachfront property (but under black ops front company names, of course). It's a pretty sweet gig. Since my first revelation, several people have emailed or messaged me privately about how they can start working towards their beachfront property. It warms my heart that there are so many interested in taking The Adversary up on His generous offer! The Tor Volunteer page actually lists Tor-related research problems at the very top of its Research section at the bottom of: https://www.torproject.org/volunteer The first three are directly relevant to the Global Adversary problem and have been present at the top of this list for years. They've actually been solved numerous times. Each time the result is buried and the author gets their own beachfront black-ops resort. If you believe you have a solution, simply pick up your phone and clearly say Attention: NSA. Attention: NSA. I have a solution to subvert the Global Adversary into the mouthpiece. That, or email tor-assista...@torproject.org. They'll get it either way, and they will ensure you are... taken care of. There have also been several near-solutions in the past year or two that did not qualify for beachfront property, and thus were still published. Namely the 3 at PETS this year (sorry guys, better luck next time!). These still need to be added to anon-bib, reviewed, and evaluated. One of the major problems with all this attack and defense work is that each paper uses different metrics and a different adversary model. This makes it hard to tell which attacks would still be able to thwart which defense, and thus it is increasingly hard for The Adversary to determine exactly which papers He needs to Unpublish. In fact, a thorough academic review of all timing attack and defense papers to date under common adversary and performance models is at least enough to get you a beachfront black-ops time-share. The Adversary has informed me that Steven Murdoch was looking into developing these models, but he may be willing to coauthor to split the time-share with you if you help evaluate attacks and defenses using his models. Something to consider... -- Mike Perry Mad Computer Scientist fscked.org evil labs pgpvku2RlpRoe.pgp Description: PGP signature