Re: New Bundle Version 1.3.10
On Tue, 02 Nov 2010 09:33:23 -0500 Joe Btfsplk wrote: >On 11/2/2010 3:01 AM, Scott Bennett wrote: >> On Wed, 27 Oct 2010 10:22:07 + Erinn Clark >> wrote: >>> NoScript >>> - majority of options are disabled >> Erinn, I'm not sure what you meant there. Did you mean that NoScript >> disables the majority of Firefox options? Or that the majority of NoScript >> options is disabled in this version of the bundle? >Not sure what was meant, but would it make * any * sense to include >NoScript & then disable most functionality of it? > >On 11/2/2010 3:01 AM, Scott Bennett wrote: >> FWIW, I'd like to recommend also using QuickJava, which allows toggling >> of Java and JavaScript individually. In other words, allowing scripts in >> NoScript allows one still to disable Java while leaving JavaScript enabled >> if one so desires. >Huh? It's early in AM, but which are you advocating - or both? I'm advocating installing both NoScript and QuickJava. >>If scripts are disabled in NoScript, then clicking on >> the QuickJava buttons has no effect. >Others can weigh in on this: In past, I've had conflicts running >QuickJava & Torbutton. One prob was once toggled Torbutton off, & shut >down Tor, QuickJava didn't properly toggle plugins unless restarted >Firefox - * at minimum. * Been a while, but may have had to uninstall / >reinstall QuickJava to restore functions. Plan on trying it again. >>I, for one, *never* want Java enabled >> for anything, but in a very few cases, I do allow JavaScript to run. >How do you get pages to work correctly - such as clicking links to d/l >files, if only allow JS on "very few" pages? Seems to me, more trusted >sites than not require some JS to use the sites. I'm curious, since you >said "very few," not "on trusted sites." There are "very few" that are "trusted sites". >> Okay. You might want to look through all the stuff on the NoScript >> web pages to get a better understanding of the extensive list of pretty awful >> leakages and attacks that NoScript can block. >Back to QuickJava & NoScript: Aren't they overlapping - possibly >conflicts of using both? I haven't encountered any. However, I have noticed a couple of weird situations where NoScript alone did not stop the unwanted appearance of windows with dotted (i.e., nonfunctioning) "close" buttons, whereas also having JavaScript disabled in QuickJava eliminated those. In any case, NoScript does not, AFAIK, allow the user to disable Java or JavaScript selectively, only both or neither. Adding QuickJava allows the user to enable/disable each individually. Scott Bennett, Comm. ASMELG, CFIAG ** * Internet: bennett at cs.niu.edu * ** * "A well regulated and disciplined militia, is at all times a good * * objection to the introduction of that bane of all free governments * * -- a standing army." * *-- Gov. John Hancock, New York Journal, 28 January 1790 * ** *** To unsubscribe, send an e-mail to majord...@torproject.org with unsubscribe or-talkin the body. http://archives.seul.org/or/talk/
Re: Tor router
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 11/11/2010 02:20 PM, James Brown wrote: > I have an Asus WL-500gPv2 under dd-wrt and I want to start tor on it. > I install tor, privoxy etc. and start it. > After it I have the next notification: "Nov 11 22:14:06.954 [warn] You > are running Tor as root. You don't need to, and you probably shouldn't" > But I have only root user under dd-wrt. It is possible to add in the > system anpther users using "adduser" utility from optware but it > disappears after rebooting router. > What is the better - use the tor under root user or make any script > adding user and groop for tor after each rebooting my router? > *** > To unsubscribe, send an e-mail to majord...@torproject.org with > unsubscribe or-talkin the body. http://archives.seul.org/or/talk/ If you run tor as root, you run the risk that if there is some exploitable in tor, your router can be compromise. I'm curious why you don't run out of ram? I tried this long ago on a Linksys wrt54g with a wopping 16M, and tor "worked" but lasted about 10 mins before OOM-ing. Understandable sine the router does much of its runtime filesystem in RAM. - -- Anthony G. Basile, Ph. D. Chair of Information Technology D'Youville College Buffalo, NY 14201 (716) 829-8197 -BEGIN PGP SIGNATURE- Version: GnuPG v2.0.16 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAkzdLT0ACgkQl5yvQNBFVTWjeQCeJ2+jaccwadODWuybsBolYBjb YuAAn3Ji4UXOsMcSTaExiAgnrLo0/5Hs =fdGQ -END PGP SIGNATURE- *** To unsubscribe, send an e-mail to majord...@torproject.org with unsubscribe or-talkin the body. http://archives.seul.org/or/talk/
Re: Orbot relay error
This is a bag of curiosities... first, you shouldn't have any issue acting as a relay with a non-rooted device. The port you are trying to open is high enough, and there are no iptables or other root related permissions required for this capability. The message that stands out for me is: "Unable to stat resolver configuration in '/etc/resolv.conf': No such file or directory" Perhaps the ReachableAddresses setting somehow stops the check for resolve.conf? I also need to verify whether it is standard or not for Android to have a resolv.conf in that location. I will do some testing on my Nexus and a Motorola Droid (Milestone) and see what I find. +n On 11/11/2010 04:24 PM, Berglind Ósk Bergsdóttir wrote: > > I've been looking at ticket #2069 (Orbot fails to start if configured as > a relay) https://trac.torproject.org/projects/tor/ticket/2069 > and found out that if you check ReachableAddresses (Run as a client > behind a firewall with restrictive policies) the error goes away and you > are succesfully connected. > > I was wondering what the normal behaviour is with these issues with > Tor(if ports are blocked that is). Maybe I could just somehow check if > the phone is blocking ports and show an error about it so the user knows > what's going on? > > Also I'm using an unrooted phone, HTC Hero 2.1, so I was wondering if > this just happens on unrooted phones? > > - Berglind aka beggaboo > > > > > *** To unsubscribe, send an e-mail to majord...@torproject.org with unsubscribe or-talkin the body. http://archives.seul.org/or/talk/
Tor 0.2.1.26-1~~lenny+1: segfault with libcryto.so.0.9.8
Dear Tor folks, I noticed that Tor had crashed on my system. I am using Debian Lenny with Tor 0.2.1.26-1~~lenny+1. The only thing I could find out about this crash is the following line running `dmesg`. $ dmesg […] [Several of these Treason uncloaked messages as you can see some seconds before the crash. I obfuscated the IP addresses.] [3301769.746795] TCP: Treason uncloaked! Peer xxx.xxx.xxx.xxx:60659/42859 shrinks window 1343914705:1343916145. Repaired. [3413085.371871] TCP: Treason uncloaked! Peer yyy.yyy.yyy.yyy:19595/45969 shrinks window 2416591117:2416591857. Repaired. [3604257.970658] tor[22506]: segfault at 21d4fc5 ip 7f1e78ba4ea6 sp 41188920 error 4 in libcrypto.so.0.9.8[7f1e78b21000+172000] [3604257.970707] type=1701 audit(1289305397.030:2): auid=4294967295 uid=102 gid=104 ses=4294967295 pid=22506 comm="tor" sig=11 So it could also be libcrypto is the culprit. `libssl0.9.8` is running with `0.9.8g-15+lenny8` as version. Is that a known problem? What other information can I provide to solve that? Unfortunately I have not found out how to reproduce it yet. Thanks, Paul signature.asc Description: This is a digitally signed message part
