Re: Declining traffic
On Fri, Apr 23, 2010 at 8:35 AM, Timo Schoeler timo.schoe...@riscworks.net wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Hi, I'm seeing declining traffic over the last few weeks, please see graph: It dropped from a sustainted 2,5Mbps (or more) to about a fifth, with a massive drop today. I'm running tor-0.2.1.25-1.el5.rf on a 64Bit CentOS machine. Is there something going in the TOR network? Thanks, Timo -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.5 (GNU/Linux) iD8DBQFL0ZP1fg746kcGBOwRAmO2AJ963k9qco593llBXrxmrTUNOnAhHQCbBmRq IpkFf2XtmZ+a2hn4E+8/pN8= =htNU -END PGP SIGNATURE- Any chance your ISP is throttling you? -Brian -- Feel free to contact me using PGP Encryption: Key Id: 0x3AA70848 Available from: http://keys.gnupg.net *** To unsubscribe, send an e-mail to majord...@torproject.org with unsubscribe or-talkin the body. http://archives.seul.org/or/talk/
Re: I exclude all bloxortsipt nodes in my tor use
2009/12/4 swinglowswingh...@safe-mail.net: Weird shit: bloxortsipt supp...@truxton.com 74.240.51.79 74.238.241.32 74.238.240.47 69.40.11.93 68.90.41.105 64.90.29.217 209.169.89.26 (and other IPs) [snip] Did you try emailing supp...@truxton.com, find out what the deal is? -- Feel free to contact me using PGP Encryption: Key Id: 0x3AA70848 Available from: http://keys.gnupg.net *** To unsubscribe, send an e-mail to majord...@torproject.org with unsubscribe or-talkin the body. http://archives.seul.org/or/talk/
Re: livejournal ban tor-nodes
On Tue, Nov 24, 2009 at 4:04 PM, James Brown jbrownfi...@gmail.com wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 The Livejournal has blocked access to that resource through the Tor. It is certainly the consequence of purshasing the LJ of Russian company SUP by order of Putin and FSB. That decision of Russian powers of purshacing the LJ was adopted because many Russian oppositionists used it in the conditions of suffocation of freedom of speech by Putin's bloody fascist regim. I think that all progressive humanity must require from the US President B. Obama to order the FBI to investigate the circumstances of purshasing the LJ by Russian company that was acted obviously as an agent of Russian secret services against the foundations of the constitutional order of the USA. -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.9 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iEYEARECAAYFAksMSk0ACgkQV59uvM2EEnfgIgCcDy8Owq4RcE15xlEm8fwcJrDy DqsAoKRewaepDe472vseltErbKC0KiEU =kAxW -END PGP SIGNATURE- *** To unsubscribe, send an e-mail to majord...@torproject.org with unsubscribe or-talk in the body. http://archives.seul.org/or/talk/ I appreciate your passion for this issue, but this isn't a mailing list for political issues. Thank you for the update on Tor, please keep the political content to a minimum. -Brian -- Feel free to contact me using PGP Encryption: Key Id: 0x3AA70848 Available from: http://keys.gnupg.net *** To unsubscribe, send an e-mail to majord...@torproject.org with unsubscribe or-talkin the body. http://archives.seul.org/or/talk/
Re: Reduce hops when privacy level allows to save Tor network bandwidth
On Thu, Nov 19, 2009 at 11:46 AM, Erilenz eril...@gmail.com wrote: * on the Thu, Nov 19, 2009 at 07:43:01AM -0500, Andrew Lewman wrote: That's fine, as long as you're assuming that people only use Tor when they need strong anonymity. As soon as you realise that people who don't need strong anonymity are using it as well, your point fails. Whether or not they *should* be doing so is irrelevant. The options are: 1.) Ignore that they're doing it 2.) Prevent them from doing it 3.) Make their impact smaller when they are doing it I choos3. You are going to BMW asking them to include features from Ford, because you personally like some features found in Ford trucks. If only BMW cars would include these features, then you'd buy a BMW and stop complaining about the lack of Ford features. That is the worse analogy I've ever seen. It's terribly constructed and doesn't bare even the slightest resemblance to what is being discussed. Please try again. Or don't. This is the borderline definition of trolling. No it's not. I've not done anything which would suggest I was trolling. Random claims that somebody is trolling in order to discredit what they're saying ... now *that's* trolling. Until the research shows less than three hops is as safe as the current three hops, we as the Tor Project are not changing the default number of hops. Are you suggesting that I said something about changing the default number of hops? I explicitly stated the *opposite* of that. Your first language is English right? If you want simple circumvention without strong anonymity, there are ten thousand or so open proxies in the world, which are free. If you want strong anonymity, use Tor. The current research on anonymity networks is conveniently collected for you at http://freehaven.net/anonbib/. Cypherpunks write code. Feel free to write code so you can screw your own anonymity with the speed and efficiency you claim to want. Others have already done this; some even got talks at blackhat or defcon for changing a line of code or two. Google search has your answers. You keep talking as though it is *me* who wants this capability. For myself, I want a 3 hop circuit, but I want more bandwidth available to me. In order to get more bandwidth, I want those who *can* use a 2 hop circuit to do so. This is one of those ideal/practical arguments. Idealistically, Tor would only have 3 hop circuits and those who want simple circumvention wouldn't use it. That doesn't make it the practical truth of what is happening though. -- Erilenz *** To unsubscribe, send an e-mail to majord...@torproject.org with unsubscribe or-talk in the body. http://archives.seul.org/or/talk/ My question is: do you really think it would help? If people are using Tor inappropriately (meaning they could get what they want with a simple anonymous proxy), what are the chances they're going to have it configured appropriately to reduce the bandwidth they use? Also, is the number of relay's really the limiting factor? It seems to me that the number of exit-nodes would be a bigger bottle neck, and cutting down hop counts wouldn't help in this regard. -Brian -- Feel free to contact me using PGP Encryption: Key Id: 0x3AA70848 Available from: http://keys.gnupg.net *** To unsubscribe, send an e-mail to majord...@torproject.org with unsubscribe or-talkin the body. http://archives.seul.org/or/talk/
Re: Reduce hops when privacy level allows to save Tor network bandwidth
On Tue, Nov 17, 2009 at 8:57 AM, Erilenz eril...@gmail.com wrote: The following occured to me. Tor is designed to protect users from traffic analysis by very technical adversaries. There are many use cases where that level of protection isn't required. In those cases, if there was a config option to reduce the number of hops in a circuit to 2 (or possibly even 1), then users would be able to get themselves a more responsive circuit, whilst saving the Tor network overall bandwidth. In a three hop circuit, when x contacts y, the Tor network ends up having to transfer 4X the data: x -(1) Entry -(2) Middle -(3) Exit -(4) y In a 2 hop circuit it only has to transfer 75% of that: x -(1) Entry -(2) Exit -(3) y -- Erilenz [snip] Isn't an underloaded network a security concern anyway, since it makes it theoretically easier to track if there's not as much going on in the network? -Brian -- Feel free to contact me using PGP Encryption: Key Id: 0x3AA70848 Available from: http://keys.gnupg.net *** To unsubscribe, send an e-mail to majord...@torproject.org with unsubscribe or-talkin the body. http://archives.seul.org/or/talk/
Related topic (Privacy): Brittain wants to track all telecom usage
I thought quite a few people on this list might be interested in this story, regarding privacy on networks. Maybe it will lead to more people using Tor, or maybe it will lead to increased legal pressure on Tor users and relay operators. http://spectrum.ieee.org/blog/computing/it/riskfactor/british-government-we-want-access-to-your-every-phone-call-email-and-web-search The second paragraph gives the long and short of it. The British government has decided to go ahead with its plans under what it calls the Intercept Modernisation Programme to force every telecommunication company and Internet service provider to keep a record of all of its customers' personal communications, showing who they have contacted, when and where, as well as the web sites they have visited, according to the London Telegraph and various other British papers. -Brian -- Feel free to contact me using PGP Encryption: Key Id: 0x3AA70848 Available from: http://keys.gnupg.net *** To unsubscribe, send an e-mail to majord...@torproject.org with unsubscribe or-talkin the body. http://archives.seul.org/or/talk/
Re: Tor WIN in germany :)
On Sat, Nov 7, 2009 at 1:24 PM, Juliusz Chroboczek juliusz.chroboc...@pps.jussieu.fr wrote: And here is the german press release: http://klangbuero.net/2009/10/29/freispruch-fur-tor/ Please publish an English translation, so it gets Googlified. Juliusz *** To unsubscribe, send an e-mail to majord...@torproject.org with unsubscribe or-talk in the body. http://archives.seul.org/or/talk/ Yes, I'd really like to see an English version if possible. Congratulations! -Brian -- Feel free to contact me using PGP Encryption: Key Id: 0x3AA70848 Available from: http://keys.gnupg.net *** To unsubscribe, send an e-mail to majord...@torproject.org with unsubscribe or-talkin the body. http://archives.seul.org/or/talk/
Re: Kaspersky wants to make Tor illegal and supports a globalized policed internet.
On Sun, Oct 18, 2009 at 9:04 PM, John Case c...@sdf.lonestar.org wrote: On Sun, 18 Oct 2009, Jacob Todd wrote: [clip] I'd like to change the design of the Internet by introducing regulation--Internet passports, Internet police and international agreement--about following Internet standards. And if some countries don't agree with or don't pay attention to the agreement, just cut them off. Let's say this is successful ... it will simply lead to a parallel, mostly wireless network that is even more decentralized than the current Internet. How much does it cost these days to link 10mbps across 10 km ? In a few years, with n hardware flooding the market, how much will it cost to link 100mbps across 50 km ? [clip] Agreed. You would think a man at the head of an Internet Security firm would have a better understand of Internet vs. internet. His comment about the Internet being designed illustrates to me that he doesn't actually know much about the history of networking, and apparently doesn't even have a good understanding of how ad-hoc these things really are. Anyway, like I said, I totally agree with your point. If The Internet is restricted in such ridiculous ways as Kaspersky suggests, then other internets will just spring up to replace it. Maybe to this end we should all make an effort to establish de-centralized networks in our own worlds: connect a few neighbors together with CAT5, or hell, even RS232, and you've got a network. Connect one of these to the neighbors on the next block, and you've got an internet. How about Sneakernets? Onion routing by snail-mail and courier? Packet transmission by encrypted email? The Internet grew out of nothing, once, and that when network theory was only in its infancy. There's no reason we couldn't go it again. -Brian -- Feel free to contact me using PGP Encryption: Key Id: 0x3AA70848 Available from: http://keys.gnupg.net *** To unsubscribe, send an e-mail to majord...@torproject.org with unsubscribe or-talkin the body. http://archives.seul.org/or/talk/
Re: Tor WIN in germany :)
Thanks! On Tue, Nov 10, 2009 at 12:36 PM, Carolyn Anhalt caro...@anhalt.org wrote: Today I fought with my lawyer for the acquittal of Tor:) Here is our press release: Jena, 29.10.2009 Today, the Local Court of Jena, Hall 1, held a criminal trial against the domain owner of wikileaks.de, Theodore Reppe. The criminal charges were computer fraud - Reppe was accused of posting false information on the Internet and thereby causing damages amounting to 38.55 euros. The only evidence: An IP address that led to Reppe's customer data. After the opening statement, defense attorney Norman Lenz read out comments and other statements from Reppe that the court and prosecutor had to see that Reppe was not the culprit. In fact, it turned out that the Tor server operated by Reppe had been misused by someone else. The question ensued between the court and defense as to whether Reppe was still guilty since he had allowed the transfer of the fraudulent data. The court offered the popular conservative view that projects such as Tor are more harmful than useful, stating claims such as, There's nothing to fear if you have nothing to hide! and This server could also allow anonymous distribution of child pornography! The defense countered: These sorts of statements could also justify the elimination of private mail and personal correspondence. In the end, the presumption of innocence was upheld: Reppe's Tor server only anonymizes and encrypts activity, it is not itself the source of illegal activities, and thus the court had to acquit him. Please send questions to t...@morphium.info and they will be promptly answered. On Tue, Nov 10, 2009 at 11:19 AM, Brian Mearns bmea...@ieee.org wrote: On Sat, Nov 7, 2009 at 1:24 PM, Juliusz Chroboczek juliusz.chroboc...@pps.jussieu.fr wrote: And here is the german press release: http://klangbuero.net/2009/10/29/freispruch-fur-tor/ Please publish an English translation, so it gets Googlified. Juliusz *** To unsubscribe, send an e-mail to majord...@torproject.org with unsubscribe or-talk in the body. http://archives.seul.org/or/talk/ Yes, I'd really like to see an English version if possible. Congratulations! -Brian -- Feel free to contact me using PGP Encryption: Key Id: 0x3AA70848 Available from: http://keys.gnupg.net *** To unsubscribe, send an e-mail to majord...@torproject.org with unsubscribe or-talk in the body. http://archives.seul.org/or/talk/ -- Feel free to contact me using PGP Encryption: Key Id: 0x3AA70848 Available from: http://keys.gnupg.net *** To unsubscribe, send an e-mail to majord...@torproject.org with unsubscribe or-talkin the body. http://archives.seul.org/or/talk/
Re: Random chaff [was: more work for Grobbages]
On Wed, Sep 23, 2009 at 3:38 AM, Nick Mathewson ni...@torproject.org wrote: On Fri, Sep 18, 2009 at 10:19:17PM -0400, Ted Smith wrote: On Fri, 2009-09-18 at 04:25 -0400, grarpamp wrote: Nodes usually have a max bandwitch set. Nodes often comsume less than this. All node to node traffic is encrypted. Perhaps implement a random stream generator that only runs when it or its chosen path has free bandwidth, tags its traffic as chaff, pipes it through some number of nodes, or if it has idle neighbors, and ultimtely sink it somewhere. It would be even harder to follow an actual client dl/ul stream if things were maybe udp with the stream reassembly info inside each onion wrapped cell. Or something like that. No doubt this is old ideas. Indeed it is, and it's my understanding that this doesn't really work. More astute minds than I can explain in full, but you can render this sort of safeguard useless quite easily. The issue with padding isn't that it doesn't work at all, but that it doesn't work well enough to do any good. Last I checked, the state of the art in low-volume padding could slow down correlation attacks by 10-50%, depending on how you're counting. This sounds good until you think about how fast correlation attacks actually are. If a correlating attacker (one watching both ends of the communication) needs only a second of traffic to link sender and receiver, then forcing him to collect an extra half-second of traffic doesn't actually help the user very much, assuming that the user intends to use Tor for more than a second and a half. What would need to change for padding to become useful? If it turns out that correlation attacks are far more difficult than the research community thinks, or if somebody comes up with a padding approach that actually delays correlation enough[**], I think we should come back to the question. [*] You can do high-cost methods that defeat correlation[***] pretty easily: constant-rate traffic is one of them. There's a FAQ entry about why constant-rate traffic probably won't work in the wild: http://wiki.noreply.org/noreply/TheOnionRouter/TorFAQ#YouShouldPad [**] What's enough? I'd say the lifetime of a circuit, but I might be wrong. [***] But you'd still need to worry about active attacks in this case. peace, -- Nick So, if I understand this correctly, a correlation attack works (on a very basic level) by noticing that Alice sent a message to Bob (a known Tor node) at time X, and Dave (another known Tor node) sent a message to Wally (a web server) at time X+e, where e is about how long we would expect it to take for the onion to be routed. Is that more or less the idea? It seems like determining e (time to route the packet) with any degree of precision would be pretty difficult, so is this really a big problem? (or is that still being debated?) On the other hand, if an attacker could monitor a good number of nodes, wouldn't it be fairly easy to determine each three-node circuit segment (like Alice, to Bob, to Charlie) and trace the whole thing end-to-end? It seems like this could be defeated with a more intelligent type of chaff, where the receiving relay generates N random dummy onions (with an appreciable circuit length) for each onion it receives, and then sends all N+1 into the network in a random order. Then again, I may have completely missed the boat on this whole correlation attack thing. -Brian -- Feel free to contact me using PGP Encryption: Key Id: 0x3AA70848 Available from: http://keys.gnupg.net
Re: I Write Mass Surveillance Software
On Wed, Sep 16, 2009 at 5:01 PM, Rich Jones r...@anomos.info wrote: http://www.reddit.com/r/IAmA/comments/9kwph/i_am_a_guy_who_writes_covert_software_that_runs/ Thoughts? also, I realized that two of the posts I've made this this list have now been reddit-related. Sorry about that. But I'd really like to know what you all make of this. He doesn't give very many specifics, unfortunately. What do you think his 'sidestepping' is? R Well, I'm not entirely convinced that this guy is legit, or if he is that his equipment is really as powerful as he implies. On the other hand, I've only been casually studying cryptology for a few years, and in that short time I've encountered more mind-blowing you can do that!? moments than I can count on one hand (in binary). Everyone knows that there are side channels in any system if not properly and carefully implemented/operated. DNS lookups, search bar suggestions, software update checks, etc., all have the potential for subverting your privacy with Tor by not using the configured proxy settings. Based on a bunch of the comments, I'm going to guess this sort of thing (and probably many other equally simple but largely non-obvious channels) are a big part of what he does (assuming he does it). I think he (or someone else) also implied that traffic analysis is a big part of it. This has been another one of those holy crap! fields for me; the idea that an intelligent and diligent person can uncover a significant amount of information from encrypted communications without even breaking any of the encryption, is surprising but apparently very realistic. Lastly, I can't help but recall the early years of modern crypto, when the public/academic sector was impossibly far behind the more clandestine government/military sector. We like to think that this has changed, but we can't really be sure, can we? I feel fairly comfortable putting a good amount of stock in modern publicly available cryptography, but then again I'm not doing too much that could get me in trouble if I'm wrong, so it's not a high wager. My point is that I personally wouldn't put it completely outside the realm of possibility that a government agency has the capacity to just straight up break modern public cryptography. I think the poster pretty explicitly denied this, but then again, he would, wouldn't he? -Brian -- Feel free to contact me using PGP Encryption: Key Id: 0x3AA70848 Available from: http://keys.gnupg.net
Re: good troll, intelligence psyops, or the genuine article? you decide
On Thu, Sep 17, 2009 at 3:49 PM, Eugen Leitl eu...@leitl.org wrote: - Forwarded message from Ted Smith te...@cs.umd.edu - From: Ted Smith te...@cs.umd.edu Date: Thu, 17 Sep 2009 12:11:12 -0400 To: Eugen Leitl eu...@leitl.org Cc: cypherpu...@al-qaeda.net Subject: Re: good troll, intelligence psyops, or the genuine article? you decide X-Mailer: Evolution 2.8.0 (2.8.0-61.el4) On Thu, 2009-09-17 at 16:36 +0200, Eugen Leitl wrote: Look at everything Grobbage says at below URL. I honestly don't know into which cathegory to place him. If he's genuine, the state of the art is quite a bit more advance than I've thought (active MITM for system compromise instead of just passive taps). Somebody should just save everything he says, just in case it gets deleted, somehow. http://www.reddit.com/r/IAmA/comments/9kwph/i_am_a_guy_who_writes_covert_software_that_runs/ My bet is on psyops. To restate and summarize my or-talk post, there's been a lot of anonymity network buzz on Reddit recently, and this is a good way of combating that. The real message here isn't primarily we can see what you're doing even if you try to hide, it's only pedophiles use anonymity networks, you don't want to help that, do you?. I also call sockpuppet on the poster (about midway through the page) who lists all of the various things the OP can supposedly do, and then says Whatever, I have nothing to hide. Definitely not the genuine article, IMHO. Though it's certainly believable that the tech exists in some form and is used on those with misconfigured / backdoored setups. - End forwarded message - -- Eugen* Leitl a href=http://leitl.org;leitl/a http://leitl.org __ ICBM: 48.07100, 11.36820 http://www.ativel.com http://postbiota.org 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE Could you explain what psyops refers to? Psychological operations? If I understand correctly, you're suggesting that perhaps he/his organization doesn't really have all the capabilities he implies, but that they're trying to scare people away from using technologies they can't beat? Thanks, -Brian -- Feel free to contact me using PGP Encryption: Key Id: 0x3AA70848 Available from: http://keys.gnupg.net
Re: Vidalia exit-country and Hulu
On Tue, Sep 15, 2009 at 7:26 PM, bao song michaelw...@yahoo.com.au wrote: Some time ago (2008) I read about a Canadian who used Tor to view Hulu. I tried it from outside the US, and it worked, but the speed was too slow for me to use it regularly. Today, a clip from Hulu was highly recommended by the New York Times, so I tried again: Hulu now tries to block all attempts to connect via Tor. I tried two US exits, and both were blocked. Of course, the idea of Tor is NOT to allow people to watch high bandwidth commercial videos restricted to US audiences, but to allow people who need privacy to obtain it. [clip] You seem to understand the burden such activities place on the Tor network, in which case I'm curious what reason one might have for accessing Hulu anonymously? (Genuine question, not a snide comment) -Brian -- Feel free to contact me using PGP Encryption: Key Id: 0x3AA70848 Available from: http://keys.gnupg.net
Re: Vidalia exit-country and Hulu
On Wed, Sep 16, 2009 at 1:23 PM, Flamsmark flamsm...@gmail.com wrote: On Wed, Sep 16, 2009 at 10:02, Brian Mearns bmea...@ieee.org wrote: On Tue, Sep 15, 2009 at 7:26 PM, bao song michaelw...@yahoo.com.au wrote: Some time ago (2008) I read about a Canadian who used Tor to view Hulu. I tried it from outside the US, and it worked, but the speed was too slow for me to use it regularly. Today, a clip from Hulu was highly recommended by the New York Times, so I tried again: Hulu now tries to block all attempts to connect via Tor. I tried two US exits, and both were blocked. Of course, the idea of Tor is NOT to allow people to watch high bandwidth commercial videos restricted to US audiences, but to allow people who need privacy to obtain it. [clip] You seem to understand the burden such activities place on the Tor network, in which case I'm curious what reason one might have for accessing Hulu anonymously? (Genuine question, not a snide comment) If such material (western TV) is deemed inappropriate by the local authorities, then you wouldn't want them to know that you were accessing it. It might not be of life-or-death importance that you did manage to access it for entertainment, but you would nonetheless desire anonymity. [clip] Understood, thank you for informing me. =) -Brian -- Feel free to contact me using PGP Encryption: Key Id: 0x3AA70848 Available from: http://keys.gnupg.net
Re: Reliable relay status check
On Fri, Sep 11, 2009 at 12:36 AM, Gitano ran6oony7r9de...@gmx-topmail.de wrote: Brian Mearns wrote: Is there a way to test that my relay is working? My logs indicate that ORPort and DirPort are both reachable from the outside, but several different websites (such as https://torstat.xenobite.eu/) can't find my relay (nicknamed shallot). Your relay was working: http://torstatus.blutmagie.de/router_detail.php?FP=674d9f085e219fefc0f132cdf5e12212c57436d9 Wonderful, thanks. -Brian -- Feel free to contact me using PGP Encryption: Key Id: 0x3AA70848 Available from: http://keys.gnupg.net
Reliable relay status check
Is there a way to test that my relay is working? My logs indicate that ORPort and DirPort are both reachable from the outside, but several different websites (such as https://torstat.xenobite.eu/) can't find my relay (nicknamed shallot). Thanks, -Brian -- Feel free to contact me using PGP Encryption: Key Id: 0x3AA70848 Available from: http://keys.gnupg.net
Faking a local connection to services running on exit node
I have a relay running on the same system as several other services. Some of these services only accept connections from the localhost (or otherwise give special privileges to localhost) . If I allow my relay to be an exit node, someone attempting to connect to these services through Tor will appear to be coming from localhost, right? Is there anyway to prevent this while still allowing my relay to exit to these services? Thanks, Brian -- Feel free to contact me using PGP Encryption: Key Id: 0x3AA70848 Available from: http://keys.gnupg.net
