Qubes OS
Hi, have you seen this: http://qubes-os.org/Home.html Qubes is an open source operating system designed to provide strong security for desktop computing. Qubes is based on Xen, X Window System, and Linux, and can run most Linux applications and utilize most of the Linux drivers. In the future it might also run Windows apps. I think this just calls to be torrified! :-)) And they say they are looking for developers... Regards, Matej *** To unsubscribe, send an e-mail to majord...@torproject.org with unsubscribe or-talkin the body. http://archives.seul.org/or/talk/
Re: a VPN on top of tor, here's a script
Hi, great job! BTW, is it possible to develop NetworkManager extension for this? And it would also be great to Tor extension for Network Manager... Regards, Matej *** To unsubscribe, send an e-mail to majord...@torproject.org with unsubscribe or-talkin the body. http://archives.seul.org/or/talk/
Re: GeoIP database comparison
Hi, Wasn't there a user driven opensource geoip database project For Debian/Ubuntu: geoip-database - IP lookup command line tools that use the GeoIP library (country database) tor-geoipdb - geoIP database for Tor bye, Matej *** To unsubscribe, send an e-mail to majord...@torproject.org with unsubscribe or-talkin the body. http://archives.seul.org/or/talk/
Re: Data Retention Law Violates German Constitution
Hi, Thanks for the info, it's great to read that and hope that's will help to protect the our privacy . It seems data retention is not completely banned, the problem is only german implementation. However, it is important thing. bye, Matej *** To unsubscribe, send an e-mail to majord...@torproject.org with unsubscribe or-talkin the body. http://archives.seul.org/or/talk/
TorButton translation
Hi, a year ago or so, I was translating TorButton in slovenian language. Now I see new features were added, but no localisation done. I am willing to help, however, I lost instructions. Could the author (Mike Perry) send me .po file or instructions how to finish slovenian translation? Thx. Bye, M. *** To unsubscribe, send an e-mail to majord...@torproject.org with unsubscribe or-talkin the body. http://archives.seul.org/or/talk/
Ubuntu Karmic repository?
Hi, I have noticed, there is no Ubuntu Karmic repository with Tor binary packages. Or am I wrong? bye, Matej *** To unsubscribe, send an e-mail to majord...@torproject.org with unsubscribe or-talkin the body. http://archives.seul.org/or/talk/
Re: SSL MITM attack by a Tor exit
Hi, Some interesting information about the self signed certificate: CN: Finjan.com Could be that provider of this exit point uses some network appliance. Some special firewall with antivirus, etc. protection, so called UTM (Unified Threat Management) device, which does traffic interception only to check for viruses or malicious code. Net neutrality ftw!! :-)) bye, M.
Re: Supercookies
Uuuups, it seems BetterPrivacy allows remote code execution. This plugin is currently dangerous for anyone to have installed as it is vulnerable to a 0 day exploit which allows remote code execution. I wont post the code but lets just say I have a working exploit ( though benign ) running on http://www.scenereleases.info/. The code isn't on the actual website, its a a banner ad but if you want to test your luck just visit http://www.scenereleases.info/ a few times and within 3 or 4 tries, as soon as the add reaches you in rotation you will start hearing funny sounds, sound fx from movies, an explosion, some rumbling followed by a very creepy loop of someone saying Ive got a virus, Ive got a virus very echoed. If you start task manager and then click on the applications tab you will see an .exe running called Better Privacy. Once you kill that process the sounds will stop. USE THIS PLUGIN ONLY IF YOU WANT TO CHANCE GETTING INFECTED BY SOMETHING THAT ACTUALLLY DOES DAMAGE. Most people arent as nice as I am to just show you a harmless demonstration. https://addons.mozilla.org/en-US/firefox/addon/6623 (see reviews)...
Supercookies
Hi, I am not sure if this was on this list, but it is an interesting information: http://www.wired.com/epicenter/2009/08/you-deleted-your-cookies-think-again/ it seems cookies could be respawned... And there is a plugin to remove this LSO's: https://addons.mozilla.org/en-US/firefox/addon/6623 You need to set Flash directory (autodetection does not always work): - Windows: %APPDATA%\Macromedia\Flash Player\ - Macintosh: ~/Library/Preferences/Macromedia/Flash Player/ - Linux/Unix: ~/.macromedia/Flash_Player/ Maybe something like that should be integraded into TorButton... However, the question is what about Silverlight and other non-flash plugins... There is also a Windows tool called CCleaner (http://www.ccleaner.com/)... bye, Matej
Tor on Ubuntu Jaunty
Hi, I added APT line for Ubuntu Jaunty Tor installation: http://mirror.noreply.org/pub/tor jaunty I also added GPG key of Peter Palfrader (key ID=94C09C7F). However, I got this error: W: GPG error: http://mirror.noreply.org jaunty Release: The following signatures were invalid: KEYEXPIRED 1217637003 KEYEXPIRED 1217637003 KEYEXPIRED 1217637003 KEYEXPIRED 1217637003 bye, Matej
Re: VoIP telephony building like Tor
Hi, You might want to take a look at zfone and zrtp. zfone is a free software phone that originates zrtp, an encryption scheme about to be implemented into a number of other free softphones (ekiga, for instance). Well, Zfone is not released under GPL licence. And only development (test) version of it is free. Final version will be proprietary... I also contacted developer of Ekiga about ZRTP protocol and he told me they have a plan to implement ZRTP in Ekiga in the future, but they do not have any time plan about it yet... Unfortunately, majority of SIP providers do not use even basic encryption (user to SIP server) and it is very easy to wiretap VoIP calls. I tried with Wireshark (on my phone) and it is only a matter of few clicks - and you can listen to the entire VoIP conversation... bye, Matej
Re: Help Iranian dissidents by collecting and posting Bridge addresses? (here?)
Hi, We've heard rumors they're blocking all encrypted traffic. Does this mean everything that does an SSL handshake no matter the port? Or does it mean the blocked port 443? If the former, an automated system like Tor is going to have a tough time keeping up -- at least without the tweaks we've been pondering over the past few days. ;) Are you planning to implement protocol wrapping? bye, Matej
JanusVM tests
Hi, if I go to the JanusVM deanonimyzer test without being connected through Tor, the test passes (of course), but I get info, that I have very good anonymizer service: If you do not see your real IP address in the report, then CONGRATULATIONS! This means that you have a very good anonymity service, that's if you are using one. This information is true, but a bit misledaing. My proposal (for JanusVM test owner) is to explain a little bit more what means if user passes test and to also check if user is using Tor exit point and then warn user that he passed the test, but is not using Tor. (I just wrote an article for one slovenian IT portal and some users are commenting that this test is misleading...) JanusVM test is here: http://www.janusvm.com/deanonymizer/scan.html byr, Matej
TorButton blocking exporting/importing PKCS #12 certificates
Hi, I just tried to export my personal certificates in Firefox (FF3, Ubuntu 8.10) and found it cannot be done - I get an error Failed to create the PKCS #12 backup file for unknown reasons.. The same problem is with importing PKCS #12 certificates. However, I found a solution - you must disable TorButton extension first, restart Firefox and then you can export/import certificates. Does anyone has an idea why is that so? bye, Matej
Re: SSL certificate checker plugin for Firefox?
Hi, That's what it is supposed to say until you give it a name. The assumption is that you use out of band methods to authenticate the cert is correctly assigned. And then you type whatever nickname you want to give it into the petname field. Should the slo-tech.com cert change, you'll receive a red box instead of green. Excatly that is the problem - I cannot change unauthenticated to any other string (on this site only, on PayPal I can do that). bye, Matej
SSL certificate checker plugin for Firefox?
Hi, unfortunately Petname tool is not working on this site: https://slo-tech.com/ It says unauthenticated, and I cannot change that. Any other solution? bye, Matej
SSL certificate checker plugin for Firefox?
Hi, problaby you have seen that: http://www.phreedom.org/research/rogue-ca/md5-collisions-1.0.ppt My question is - is there a plugin for Firefox, which saves info about certificate of a website. When user comes back next time, plugin should check prevous certificate and the new one. If there is change, it should raise alarm. Is there anything like that out there? bye, Matej
Re: SSL certificate checker plugin for Firefox?
Hi, 'petname tool' https://addons.mozilla.org/en-US/firefox/addon/957 No, it is not what I am looking for. And BTW, it is not working on this site: https://slo-tech.com bye, Matej
swap and live CD
Hi, Ubuntu 8.10 has an option to create live USB disk. It could be also writable and you can install your own software. So you can customize your portable USB stick, have your encrypted private directory (https://wiki.ubuntu.com/EncryptedPrivateDirectory) and install Tor. But the problem is, that Ubuntu uses swap partition of the host machine. So, how to remaster live image in such a way, that live CD/USB will not touch swap partition of the host machine? Thx for any info. Bye, Matej
Re: Researchers could face legal risks for Tor network snooping
Hi, it is interesting to see that some University research group will go to court because of their research... ... but NSA, which is doing much more problematic research has a full support from Bush administration and Congress. bye, Matej
TorButton translation
Hi, I would like to update slovenian translation of Tor Button. So I went to https://translation.torproject.org, registered myself and received only my username and e-mail, and not activation code. So I sent an e-mail to [EMAIL PROTECTED] - and received Undelivered Mail Returned to Sender message. Any help? bye, Matej
Re: Ubuntu Tor LiveCD: making your own with Remastersys
Hi, http://www.debuntu.org/how-to-customize-your-ubuntu-live-cd bye, M.
[ANN] Vidalia and Mixminion repository for ubuntu
Hi, Okay, menu-icon is now fully working in the new package :) Tested with gnome-panel and fbpanel on Ubuntu Gutsy Gibbon. It is working, yes. However, I have had installed Tor before, and when I startup Vidalia, it says: Vidalia detected that Tor exited unexpectedly. Please check the message log for indicators about what happened to Tor before it exited. This is the log: mar 20 07:34:42.637 [Notice] Tor v0.1.2.19. This is experimental software. Do not rely on it for strong anonymity. mar 20 07:34:42.638 [Notice] Initialized libevent version 1.3b using method epoll. Good. mar 20 07:34:42.640 [Notice] Opening Socks listener on 127.0.0.1:9050 mar 20 07:34:42.641 [Warning] Could not bind to 127.0.0.1:9050: Address already in use. Is Tor already running? mar 20 07:34:42.642 [Warning] Failed to parse/validate config: Failed to bind one of the listener ports. mar 20 07:34:42.644 [Error] Reading config failed--see warnings above. bye, Matej
Re: Sudden increase in number of Tor nodes
Hi, In weeks 8 and 12 there appear to be roughly 50 new nodes added in the space of roughly one day. Some secret service or criminal organisation is trying to repeat what Dan Egerstad didi in his embassy hack last year? :-) Or maybe someone is donating servers to Tor project? :-)) However, it would be nice to see where these servers emerge and at what dates/times... bye, M.
Re: Sudden increase in number of Tor nodes
Hi, - someone running Tor routers in a PlanetLab slice I don't want to be paranoid or think in a terms of conspiracy theory, but what Dan Egerstad did was that he set up several Tor exit nodes in a different countries. More nodes and more diversity (different countries) means greater possibiliy that you will catch something of interest. However, even if some secret service would be doing that, Tor would provide me anonymity against local eavesdroppers (local ISP, my boss, local advertisements network, etc.). And of course, using end-to-end encryption reduces the risk... P. S. What if P2P operators are developing a technology to link tor and P2P :-)) bye, M.
Re: [ANN] Vidalia and Mixminion repository for ubuntu
Hi, looks great, just a small problem: Vidalia is added into menu entry in Programs - Internet, but there is no icon in menu entry. bye, Matej
Re: 20090101
Hi, SI VIS PACEM, PARA BELLUM Bad idea. Right now we're not criminals, and can even convince the interested public of that. If we'd start shooting back we would lose public support. Which is the factor that will decide this war. Plus, it would never really work. Antivirus software would need days - at the most - to detect and disable tor. And we just don't have the resources to find new methods of spreading tor, like the big spammers and botnets constantly do. I agree. But what about building Tor server and client into popular P2P clients? bye, Matej
FireGPG
Hi, check this out: http://firegpg.tuxfamily.org/ Useful in cobination with Tor button. bye, Matej
Re: FireGPG
Hi, When do you use it? On what websites? It is useful for end-to-end encryption for instance using with Gmail. Tor does not provide you end-to-end encryption, your traffic is encrypted only through exit node. If you are using SSL website, your traffic is accessible to website, because website has SSL keys. With GPG your traffic is encrypted/decrypted on your own machine. P. S. this could also be useful information - https://help.ubuntu.com/community/EncryptedFilesystemHowto8 bye, Matej
Re: ISP controlling entry/exti (Low-Resource Routing Attacks Against Anonymous Systems)
Hi, Personally I cant see the advantage of it be ruined by 'Jews' - as compared to 'Nazis' - or anyone else. Surely this is just a personal preference? In fact, it was a provocation. We should have cleraly in mind that the most weak point of anonimisation systems are exit points and the possibility of snooping there. We also need a diversity. But we need common sense too. Remember Penet remailer? They were accused of help prividing child pornography. It was a complete nonsense (the posted porn picture was larger than Penet's file size limit), but the public turned against them and they closed the server (OK, there were also other things). But I thing we dont need a publicity that Tor is runned by crazy conspiracy theorists, anti-Jews, Nazis, paedophiles or terrorists. No, Tor is runned by ordinary people who like freedom. There are small percentage of huts among them, and small percentage of agents provocateurs, but majority is normal people. That's all. P. S. I do not support Israeli military actions againt Palestinian or civilians in Lebanon. But don't bullshit me with jewish-control-of-the-world. The fact is Holocaust was real, and Jews were the vitims. And that was the bad thing. And for those who know the history - when Nazis began to kill Jews, they were talking the same jews-control-the-world bullshit. That's why I don't like that bullshit. And NO, I am not a Jew, I do not know any Jew, but I think people are people regardless of the race. bye, Matej -- http://matej.owca.info/ Mi ne morete poslati odgovora na e-mail? Problems replying to this e-mail? -- http://matej.owca.info/email.html
Police blotter: Google searches nab wireless hacker
Hi, that is an interesting information: http://news.com.com/Police+blotter+Google+searches+nab+wireless+hacker/2100-1030_3-6144962.html?tag=cd.top It seems Google is becoming evil. In fact - it is a real problem when monopolists are doing surveillance. You have no option to hide, because you need monopolized service. bye, Matej
Re: suggestion for 'is my installation of tor working?' page
Hi, Suggestions for content: * A warm greeting! * Top Five things all tor users should know * Appeal for users to run servers and link to how-to * An introduction to some hidden services Maybe site should try to execute JavaScript/Java which will steal the real IP address and see if user is blocking these attempts with privoxy? bye, Matej
Fire Encrypter
Hi, slightly OT, but probably interesting for most of people on this mailing list: https://addons.mozilla.org/firefox/3208/ Fire Encrypter extension for Firefox. After installation you can find it at Tools - Fire Encrypter menu. Nice demonstration/learning tool. bye, Matej
Vidalia?
Hi, is it possible that Vidalia group or. someone else supports Ubuntu too? OK, compiling Vidalia on Ubuntu 6.10 is easy, but for 6.06, which has LONG TIME SUPPORT (!), there is no gt4-dev-tools qt4-designer packages in repositories. Ubuntu is very wide used, especially LTS version. bye, Matej
TorButton for Safari
Hi, maybe it was published here, but it seems that someone developed TorButton for Safari (Mac OS): http://slightparanoia.blogspot.com/2006/10/few-useful-applescripts.html bye, Matej
end-to-end encryption
Hi, this is not directly connected to Tor, but I think it is important issue because we need good support programs for Tor. By support programs I mean Firefox, etc. which USE Tor. The problem is people are extensively using webmail. They can use mobile Tor (TorPark), but the problem is the content of the webmail is not encrypted. So they can get anonymity, but not end-to-end encryption (so anonymity is also downgraded). I was reading this blog: http://www.links.org/?p=130 and comments, and got an idea how to enable better security for users using web mail. My idea is to build GPG into Firefox or at least integrate it more deeply. GPG keyring (user's private and public key) should be an object similar to certificate. User will be able to create/import keyring into Firefox, export it or delete it. Keyring could be secured with password (with FireFox security device), and additionaly with passphrase. Public keys could be easily retrieved from public key servers wia Firefox. How decryption will work? If FireFox will detect PGP/GPG code (in a form), it will enable decryption. This need more thinking in detaila, but in general when decrypted, it will be grabbed, decrypted and shown in plaintext. Similar to Enigmail extension for Thunderbird. So user could be able to use strong end-to-end encryption + anonymisationn from his/her USB drive. My observation is, that more and more services are moving into the iternet - and mostly into web. So web browser is a central technology for browsing, reading email, writing teksts (Writely), publishing things, configuring software, watching movies... even runnig OS (see YuOS for example) And web browser is becoming independent from other systems. In a future local operating system could be only web browser with connection to the internet. That is why we need end-to-end encryption built into it. If you find this idea reasonable and interesting, please promote this feature request: https://bugzilla.mozilla.org/show_bug.cgi?id=357310 bye, Matej
Re: Practical onion hacking: finding the real address of Tor clients
Maybe it is a stupid question, but why Tor does not create a virtual network card and passes all the traffic through it? Wouldn't that prevent DNS and IP leaking? bye, Matej
Schneier mentions TorPark
Here: http://www.schneier.com/blog/archives/2006/09/torpark.html Congratulations!
information about cenzorship in Slovenia
Hi, I would just like to let you know that Slovenian government (Slovenia is a member of European Union since last year) a week ago decided to block two on-line gambling sites, because they do not have a licence to operate in Slovenia. There are several problems with this, the major is that Office for Gaming Supervision sent a simple letter (not an official order!) to ISP's to block the site (what about mere conduit doctrine???) and major ISP's just did it. It is also funny, that European Court of Justice ruled in 2003 that across-border gambling like that is legal, because EU has free movement of services enacted (see case Gambelli). My personal opinion is that this cenzorship is illegal in many ways, but the problem is that ISP's dont want to oppose governemnt and they simply don't care about their users's rights. But this also opened a great possibilities to inform people about Tor as an anti-cenzorship tool, and of course I did it. :-)) So I just wanted to let you know that illegal cenzorship is not just something which is happening in China. And I hope a lot of people in Slovenia know about Tor now and see it as good anti-cenzorship tool. BTW, we had similar example of cenzorship before (see http://matej.owca.info/privacy/PHR04_slovenia.pdf, page 7 - udba.net case). bye, Matej
Re: Confiscation Re: Tor appliance
Hi, I'm not so sure that a dedicated appliance or Torpark-on-USB is going to help with the confiscation issue. When the police come in, they take *everything*. They're not going to say Oh look, it's Torpark on USB, let's just take the USB drive. They'll take the whole system. Of course. But if you have hosting somewhere, they will confiscate hosted machine only. Or if you have only one machine (the one with Tor) at one place. bye, Matej
Re: Tor-compatible secure email systems
Hi, I don't understand. You want a web based mail service that stores the data encrypted on their server, but your browser decrypts it when viewing? Also, the browser can't use Java or Javascript to do this? How would this be possible? Why not use portable Thunderbird with GPG on an TrueCrypt encrypted USB stick via Tor using POP3s/IMAPs and TLS/SSL'ed SMTP? The only problem will be with SMTP, but if your SMTP server uses secure password authentication, this should be no problem, server could be unlocked to any IP. You will only need to run portable Thunderbird in administrator mode bye, Matej
Re: confiscating middleman-tor-nodes
Hi, Or, they are searching for hidden services. Perhaps there are nodes within tor that provide content that is unallowed in germany and they start confiscating all tor nodes and search for unallowed content. If so, some more of us will get troubles soon. What?!? How could be that justified? You can't legally search a random computer without any suspicion of a crime. My personal opinion: I have no hidden service. I have no unallowed content at my host. It is allowed to run tor in germany. I will go on running a tor node. I tell anybody here to do so, too. The real bullshit is that you can also have encrypted hard drive and then a hidden service on it. Could you give more information about that? Do you have some official documents? bye, Matej
Re: Function of Tor
Hi, My reccomendation is to install TorButton addon for Firefox: http://zargon.hobbesnet.org/~squires/torbutton/ You can also install Live IP addreess (notification bar for Firefox): https://addons.mozilla.org/addon.php?id=1731 LiveIP har refresh time between 17 to 1422 minutes (see options), but you can go to Tools - Live IP Address - Force Update Now (in Firefox menu). You can check if Tor is working: http://serifos.eecs.harvard.edu/cgi-bin/ipaddr.pl?tor=1 it is also recommended to read at least something about DNS leaks problem on http://tor.eff.org. bye, Matej
Re: Snakes On A Tor
Hi, I have another idea. With Snakes On A Tor you are trying to estimate amount of exit abusers and catch them. What about some simple exit traffic analysis to detect how many people are using non-encrypted communications? We would have then the estimation about actual and potential abuse. I propose to log just basic information: which port was used for connection. No traffic analysis, no saving information about the target server. If it is default POP3 port, then we assume user is not using encrypted connection, and if it is default POP3S port we asume s/he does. Without doing real traffic analysis. It would also be fine to have spme basic statistics about what kind of internet services (web, mail, IRC,...) are people using mostly. That would also help to design trafiic priority in the future... It would also be usefulto have some basic information which are the most targeted servers (we can assume there are Hotmail, and similar), but there is a question whether that is ethical or not. But for design of a network would be fine to know which parts of network must be highly accessible. bye, Matej
Skype Call Traced
Skype Call Traced Kobi Alexander fled the United States ten days ago. He was tracked down in Sri Lanka via a Skype call: According to the report, Alexander was located after making a one-minute call via the online telephone Skype service. The call, made from the Sri Lankan capital Colombo, alerted intelligence agencies to his presence in the country. Ars Technica explains: The fugitive former CEO may have been convinced that using Skype made him safe from tracking, but he -- and everyone else that believes VoIP is inherently more secure than a landline -- was wrong. Tracking anonymous peer-to-peer VoIP traffic over the Internet is possible (PDF). In fact, it can be done even if the parties have taken some steps to disguise the traffic. Let this be a warning to all of you who thought Skype was anonymous. http://www.schneier.com/blog/archives/2006/08/skype_call_trac.html http://ise.gmu.edu/~xwangc/Publications/CCS05-VoIPTracking.pdf
Re: following on from today's discussion
A simple example of modifying traffic: http://www.schneier.com/blog/archives/2006/08/stealing_free_w.html http://www.ex-parrot.com/~pete/upside-down-ternet.html Could be easily applied to Tor exit point too. However, sniffing is not a problem if you are visiting only public webistes (do not exchange any personal information), But traffic injection could be. Remember Penet remailer? They were accused to help distribute child pornography. It was not true, and it was proved so later. But Penet admin decided to shut down the service anyway because of public preasure. I am a little worried, that someone will try to destroy Tor network by sniffing, injecting, downloading child pornography/hacking through Tor and doing other nasty things... I was thinking about a solution to prevent traffic injection in non-encrypted public websites. What about having TWO conection open and do some kind of checking if the content is the same (maybe access the content from two different locations and do some MD5 check). I know the idea is hard to implement, since website can serve different content for each location or every second, and this could also mean double load of Tor network. But maybe someone will develop my idea into the usable form... If not, feel free to drop it away. bye, Matej
Re: what data transmission with tor is a security risk ?
Hi, SMTP = The payload (body) should be encypted using GnuPG (or other variations). SMTP can also use TLS/SSL. bye, Matej
Re: Can governments block tor?
Hi, what prevents government from running Tor (exit) points and sniffing exit (incoming) traffic on them? bye, Matej
Re: Sending mail through TOR/Socks
Hi, what about configuring your SMTP/POP3 port to something else? bye, Matej
Re: Firefox extensions and anonymity, TOR etc
Hi, I see a node in Saudia Arabia. Some nodes in China.. and even a node in Iran! These countries strongly control the internet. How is it possible to believe, that these nodes are not some kind of honeypots ?! And for this, it would be great to be able to easily decide to not use some TOR nodes. How is it possible to believe that those country wouldn't run their honeypots from someplace else where they get less attention. In fact, if I would be running secret service I would set-up Tor exit node. :-)) But what if user is using end-to-end encryption (SSL, TLS, encrypted messaging,...)? And I still cannot know the origin of the communication, just the destination. bye, Matej
refresh of tor directory
Hi, I have a question regarding Tor directory. How often is it refreshed? Is there any history of al Tor points with IP addresses? I am asking this in case of you are under investigation because someone abused your Tor exit node, and you have encrypted hard drive. Let's say you don't want to reveal your keys - is there any other way to prove you have been running Tor exit server? BTW: I have seen http://tor.noreply.org/tor/, http://www.noreply.org/tor-running-routers/ and http://serifos.eecs.harvard.edu/cgi-bin/exit.pl. P. S. I am writing some legal FAQ for slovenian users, that's why I need this information. bye, Matej
Re: refresh of tor directory
Hi, Yes, all tor servers have publicly known IPs and as a result, a query of the directory servers by the police could reveal you are a tor server. Yes, I know, I am asking something else. Let's say they take your server, and after few months you are asked to prove you really had Tor server. But your Tor server is not listed in directory anymore. Is there any history of Tor servers? Also, they could check your ISP logs. In some european countries data retention is still not implemented and it is possible that some ISP's don't have logs for more than month or so. bye, Matej
plausible deniability
Hi, Yes, once this is passed encrypting storage with a passphrase becomes a pointless exercise in the UK unless you are prepared to spend time at Her Majesty's pleasure in order to protect your data. I thought plausible deniability feature of True Crypt is usable for repressive regimes like China only. I think I was wrong. bye, Matej
cryptfs_luks
Hi, ever heard of cryptfs_luks? No. Google also finds nothing. bye, Matej
Firefox extension: TorButton
https://addons.mozilla.org/extensions/moreinfo.php?id=125application=firefox SwitchProxy lets you manage and switch between *multiple proxy configurations* quickly and easily. You can also use it as an anonymizer to protect your computer from prying eyes. That sounds cool, because you can have just additional proxy configuration. I mean - TorButton should ensure that user's current proxy configuration won't be overridden. bye, Matej
