Re: TorChat is a security hazard

2010-02-24 Thread Max 
did anyone tried http://retroshare.sf.net over tor?
maybe it needs a proxy function.

On Wed, Feb 24, 2010 at 6:29 PM, 7v5w7go9ub0o <7v5w7go9u...@gmail.com> wrote:
> On 02/23/10 22:38, Paul Campbell wrote:
> [snip]
>>
>> It is possible to run Off-the-Record Messaging over Tor.
>> Off-the-Record Messaging has all kinds of features: encryption,
>> perfect forward secrecy and deniable authentication.  And it doesn't
>> have the problems of "TorChat".
>
> Good point on OTR messaging.
>
> Many of us use Pidgin to facilitate OTR messaging within a SILC network
> chatroom (created on the fly). SILC is quick and flexible - much better
> than freenode.
>
> TOR is comfortably used by Pidgin to get to SILC, making the OTR
> conversation secure, and anonymous to all but the participants
>
>
>
> ***
> To unsubscribe, send an e-mail to majord...@torproject.org with
> unsubscribe or-talk    in the body. http://archives.seul.org/or/talk/
>
***
To unsubscribe, send an e-mail to majord...@torproject.org with
unsubscribe or-talkin the body. http://archives.seul.org/or/talk/

RetroShare v 0.5 is out (encrypted messenger)

2010-02-11 Thread Max 
http://downloads.sourceforge.net/project/retroshare/RetroShare/0.5.0%20alpha%201/RetroShare_0.5.0_alpha_1_2282_setup.exe?use_mirror=ovh

http://retroshare.sourceforge.net/downloads.html

http://downloads.sourceforge.net/project/retroshare/RetroShare/0.5.0%20alpha%201/RetroShare_0.5-alpha1.2282_ubuntu_amd64.deb?use_mirror=garr
http://retroshare.svn.sourceforge.net/viewvc/retroshare/trunk.tar.gz?view=tar&pathrev=2282

in the feature patch section is a http server code for browsing the
web over friends, not peers. like syphon.
***
To unsubscribe, send an e-mail to majord...@torproject.org with
unsubscribe or-talkin the body. http://archives.seul.org/or/talk/

Re: Announce: amnesia Live system 0.4.2

2010-02-08 Thread Max 
Thanks for the info, it is recommended to add these apps too:
http://www.vorratsdatenspeicherung.de/CD/preview/amnesiacd.html

On Mon, Feb 8, 2010 at 11:14 AM, intrigeri  wrote:
> Hello,
>
> amnesia [0] is a Live System similar to (and heavily inspired by)
> Incognito [1]:
>
> * all outgoing connections to the Internet are forced to go through
>  the Tor network;
> * no trace is left on local storage devices unless explicitely asked.
>
> Since the initial announcement on this mailing-list in August, a few
> releases happened. We're working hand in hand with the Incognito
> developers, and amnesia can now be considered as the ground
> foundations for the next main Incognito release.
>
> Try it, seed it! Any comments are welcome.
>
> Highlighted changes since August:
>
> * We now ship multilingual ISO images; initially supported (or rather
>  wanna-be-supported) languages are: ar, zh, de, en, fr, it, pt, es.
> * We now ship "hybrid" ISO images, which can be either burnt on CD-ROM
>  or dd'd to a USB stick or hard disk.
> * Icedove (Thunderbird) was replaced with claws mail, in a bit
>  rough way.
> * Virtual keyboard: kvkbd was replaced with onBoard.
> * Tor controller: TorK was replaced with Vidalia.
> * Anonymous, GnuPG-encrypted bug reporting is now made easy for
>  end-users.
> * Users are now warned at runtime when the amnesia version they are
>  running is affected by security flaws, and which ones they are.
> * Includes NetworkManager 0.7 to support non-DHCP networking.
> * Always use the latest Tor stable release from deb.torproject.org.
> * Securely erases RAM on shutdown using smem.
> * Added support for running as a guest system in VirtualBox.
> * Improved boot time on CD by ordering files in the squashfs in the
>  order they are used during boot.
>
> See the online Changelog [2] for details.
>
> [0] https://amnesia.boum.org/
> [1] http://www.anonymityanywhere.com/incognito/
> [2] http://git.immerda.ch/?p=amnesia.git;a=blob_plain;f=debian/changelog
>
> Bye,
> --
>  intrigeri 
>  | GnuPG key @ https://gaffer.ptitcanardnoir.org/intrigeri/intrigeri.asc
>  | OTR fingerprint @ 
> https://gaffer.ptitcanardnoir.org/intrigeri/otr-fingerprint.asc
>  | So what?
>
***
To unsubscribe, send an e-mail to majord...@torproject.org with
unsubscribe or-talkin the body. http://archives.seul.org/or/talk/

Re: Tor WIN in germany :)

2009-10-29 Thread Max 
who was your lawyer?

On Thu, Oct 29, 2009 at 8:07 PM, morphium  wrote:
> Hi,
>
> 2 hours ago I left court with a verdict of not guilty :) They accused
> me of fraud & computer fraud, because someone ordered something via my
> Tor node. I think this is the first Tor verdict in germany, isn't it?
>
> Tomorrow my lawyer will do a press release in german. If you have any
> questions, feel free to mail them.
>
> Best regards from .de,
> Theodor 'morphium' Reppe
> ***
> To unsubscribe, send an e-mail to majord...@torproject.org with
> unsubscribe or-talk    in the body. http://archives.seul.org/or/talk/
>
***
To unsubscribe, send an e-mail to majord...@torproject.org with
unsubscribe or-talkin the body. http://archives.seul.org/or/talk/

Re: Obfuscated URLs?

2009-07-01 Thread Max 
use eepsite urls: www.i2p2.de

On Wed, Jul 1, 2009 at 10:27 PM,  wrote:

> The alternative, remote hosting anonymously is
> hard,

Re: Obfuscated URLs?

2009-06-30 Thread Max 
already in here:
http://offsystem.sf.net



On Tue, Jun 30, 2009 at 8:47 PM, Martin Fick  wrote:

>
> Obfuscated URL Paths?
>
> Would it be possible to create a URL or some longer string that
> describes a hidden path through the tor network to a specific
> hidden URL and to implement a routing mechanism to access
> documents (files) using this "Obfuscated URL"?
>
> I am fully aware of hidden services, and I am suggesting something
> that I think is quite different.  I am suggesting a way to point
> someone to a file on the normal non-hidden internet without
> telling them where I am pointing to!
>
> I envision an onion encrypted URL along with the exact path through
> tor (the three hops) also onion encrypted.  This would be similar
> to the way a client normally wraps requests through tor, but the
> wrapping would happen up front and then the wrapper would become
> the "Obfuscated URL" which could be handed off to someone else
> obfuscating both the path through tor and the final destination to
> the person receiving the "Obfuscated URL".
>
> Obviously, this would not allow a user to chose their own route
> through tor to maintain anonymity according to their standards,
> so allowing them to route through 3 original nodes before using
> the obfuscated URL inside the tor network might be necessary.
> This I believe should be similar to the way accessing hidden
> services works (3 hops in, 3 hops out).
>
> The hard part is that it seems like it would also be necessary
> to layer a document fetching mechanism ontop of tor instead of
> simply wrapping TCP to make this effective though?  If not,
> obfuscating the URL from the fetcher is likely to be useless since
> end point servers are likely to divulge their locations via most
> protocols (headers...).  Would there be an easier way, to avoid
> this disclosure than creating a new fetching protocol?  Perhaps,
> by adding a built-in simple obfuscating proxying mechanism such
> as polipo on the exit side?
>
> The intent of the Obfuscated URL would not necessarily be to
> maintain long term obfuscation of the URL (could it?), but at
> least to be the basis of a mechanism that would allow users to
> publish hard to censor anonymous content without a hidden service.
> Perhaps the user changes the hidden location every now and then
> in case the real URL is eventually disclosed, but it the
> obfuscation mechanism works for a long enough time, in some case,
> this might be a lot easier and safer than using a hidden service
> (easier to change the location, ability to use free web space
> anonymously...).  Of course, I neglected to mention how the
> user would publish their obfuscated URLs in the first place,
> but that problem exists with onion URLs also?
>
> Any thoughts?  Crazy, useless, impossible...
>
> Cheers,
>
> -Martin
>
>
>
>
>

Re: many new relays

2009-06-21 Thread Max Berger 
Am Montag, den 22.06.2009, 03:23 + schrieb David Jevans:
> Do we have indication of any geographic concentration of these relays?  
> Worried about sybil attacks.

Most of them are in the USA: http://www.dianacht.de/torstat/
(sorry, in german, it's based on the cached-consensus file of a tor-node
and geolocated with maxmind's GeoLite-database)

Bitblinder = Tor 2

2009-06-13 Thread Max 
Tor 2 is out: www.bitblinder.com
it is faster. why? everyone is an exitnode or forwarder.
What about changing the Tor 1 policy to be everyone as well an exit node by
default?
see as well tor button here http://dooble.sf.net

tor on windows mobile

2009-04-13 Thread Max 
Hi
soon every email will be read on mobil devices, e.g. with windows mobile
operating system.
For e.g. www.smallsister.org email project or onion cat hidden servics it is
useful to have Tor as well on mobile phones.

Is there any development to use tor on mobile?

Regards Max

Re: Possible attack method?? Question..

2008-01-11 Thread Max Berger 
Am Freitag, den 11.01.2008, 09:44 -0800 schrieb Anon Mus:
> This question is for those with the knowhow.
> 
> A while back I got a number of emails from the same source where the 
> emails were sent in "pairs" a minute or less apart.
> 
> The first of each of the "email pair" were large (over 700characters), 
> the second were small (under 50 characters). On the face of it the 
> "email pairs"  appeared to be a genuine error ("oh yes I forgot to 
> mention" kind of thing) by the sender, so I took no notice at the time.

Perhaps someone isn't looking for an unknown IP-address, but just want
to prove that the owner if a given IP-address is the owner of the
Mailbox "green lantern at yahoo". 

If this one is able to do a traffic analysis on this IP-address and
knows the login time at the pop/imap-Server of yahoo, a well defined
pattern of mail sizes could help. 

But in this case I think it's not useful for him, to send these mails in
such short intervals, because you would fetch both mails at one login
and in one stream of data...



Max

Re: 20090101

2007-11-10 Thread Max Berger 
Am Freitag, den 09.11.2007, 16:25 +0100 schrieb Eugen Leitl:
> 
> No, there's a clemency period until 20090101. Whether you want to
> log afterwards, or shut down your node is every operator's personal
> decision.
> 

Does anyone have an idea of the size of these log files? I try to
estimate how many data we will collect in half a year and how useful
they are for breaking anonymity...

Will we need the stream data? 

As far as I see in the new §113a TKG [*] we don't have to log the whole
circuit data. We just have to log, which nodes connect to our node and
which IP-address we give this connection (that's the IP-address of our
own node, so we have to log this only once). The IP-address of the next
node is not required.

Max


(*) http://www.bmj.bund.de/files/-/2047/RegE%20TK%DC.pdf
"§113a (6) Wer Telekommunikationsdienste erbringt und hierbei die nach
Maßgabe dieser Vorschrift zu speichernden Angaben verändert, ist zur
Speicherung der ursprünglichen und der neuen Angabe sowie des
Zeitpunktes der Umschreibung dieser Angaben nach Datum und Uhrzeit unter
Angabe der zugrunde liegenden Zeitzone verpflichtet."

Re: Running Tor on a v-server with limited number of TCP sockets

2007-02-21 Thread Max Berger 
Am Mittwoch, den 21.02.2007, 21:05 +0100 schrieb Stephan Walter:
> 
> So what I'm doing now is
> running Tor as a non-exit server with "ulimit -c 130", limiting the
> number of network sockets to about 100 (The other thirty are regular
> files and UDP sockets).

Hi,

my non-exit node ran on a vServer with ulimit 1024. Because I was afraid
of running in this limit I logged the number of oben files with

   pid=`cat /home/tor/.tor/tor.pid`
   sock=`ls -x1 /proc/$pid/fd | wc -l`
   

The number of open files depends on the bandwith limit. I don't know,
what my limit was, I think 40kb/s and the number of open sockets was
about 80 or 90.

Perhaps you could start with a low bandwith limit and have a look at
your number of open sockets.

Max

Re: gathering tor traffic stats

2007-02-12 Thread Max Berger 
Am Montag, den 12.02.2007, 19:00 +0100 schrieb Udo van den Heuvel:
> 
> I added to torrc:
> 
> AccountingStart day 12:21
> AccountingMax 999 TB

>  (does it help to switch to month accounting w.r.t. counter resets?)

my Max is about 1GB/day. So my server i going hibernating after half a
day and gets a reset every day.

mrtg ist not very sensitive to counter resets, maybe you will loose the
traffic of 5 minutes, but that's all.

I use a script in /usr/local/mrtg/tor

#!/bin/bash
 echo -en "authenticate\r\ngetinfo accounting/bytes\r\nquit\r\n" | \
  nc localhost 9051 | grep acc|\
  awk '{gsub("250-accounting/bytes=","");print $1; print $2}'
 /usr/bin/uptime | awk '{ gsub(",","");print $3, $4, $5 }'
 echo "dianacht.de"
-

and in my mrtg.cfg
-
Target[tor]:   `/usr/local/mrtg/tor`
Title[tor]:Tor
PageTop[tor]:  Tor Traffic
Options[tor]:  growright, avgpeak
MaxBytes[tor]: 1250
kilo[tor]: 1024


looks very similar to your solution, my script creates this output:
http://test.dianacht.de/mrtg/tor.html (looking like a sawtooth because
of daily hibernating periods)

There is a little gap between the "real" traffic generated by tor and
the measured traffic (about 5-10% more "real" traffic). I think because
accounting does not count the TLS overhead. This is fixed in
0.1.2.5-alpha, as I read...

Max

> 
> And put in mrtg.cfg:
> 
> ##
> ##
> # this is the tor traffic#
> ##
> ##
> Target[tor]: `/bin/echo -en "authenticate\r\ngetinfo
> accounting/bytes\r\nquit\r\n" |/usr/bin/nc localhost 9051|/bin/awk
> '/250-accounting.bytes=/ {split($1, a, "="); print a[2]; print $2}'`
> Options[tor]: noinfo, growright, transparent, nopercent
> MaxBytes[tor]: 125
> AbsMax[tor]: 125
> kilo[tor]: 1024
> YLegend[tor]: Bytes per second
> ShortLegend[tor]: B/s
> Legend1[tor]: Incoming Traffic in Bytes per second
> Legend2[tor]: Outgoing Traffic in Bytes per second
> Legend3[tor]: Maximal 10 Minute Incoming Traffic
> Legend4[tor]: Maximal 10 Minute Outgoing Traffic
> LegendI[tor]:  In:
> LegendO[tor]:  Out:
> TimeZone[tor]: Europe/Amsterdam
> Title[tor]: tor traffic
> PageTop[tor]: Tor traffic

Re: gathering tor traffic stats

2007-02-11 Thread Max Berger 
Am Sonntag, den 11.02.2007, 09:38 +0100 schrieb Udo van den Heuvel:
> Hello,
> 
> What is the recommended way of gathering tor traffic stats?
> (total bytes in/out of my node)

Hi,

I opened the control port in my torrc with "ControlPort 9051" and get my
traffic stats with

 echo -en "authenticate\r\ngetinfo accounting/bytes\r\nquit\r\n" | \
 nc localhost 9051

for more info about the control protocol have a look at
http://tor.eff.org/svn/trunk/doc/spec/control-spec.txt


Max

Re: Facing legal issues

2006-12-17 Thread Max Berger 
Am Sonntag, den 17.12.2006, 11:41 +0100 schrieb Florian Lohoff:
> Hi,
> i won an appointment with the local police on monday because someone
> abused the tor network for fraud on amazon. My node seems to have shown
> up in the logs of amazon so i am the one beeing invited.
> 
> I printed most of the documentation on the tor pages to make shure i get
> understood what tor is.
> I also printed the node list which clearly shows my node up and running. 
> 
> Are there other interesting legal documents concerning german law i
> might just take with me and clear the situation up more quickly.
> 
> Flo

Some parts of http://hp.kairaven.de/bigb/asurf.html#a92 could be
helpful, its in german and there are some pictures ...

Max