Re: Ultimate solution
Dear Mr phobos, I know just enough to enable loggin, and I can see there is something called UPNP disabled. Right. But I didn't do it. Where is it, and should I turn it on? I am told that my router is a firewall. There are also Windows' own firewall and other commercial 'total protection suites'. I know what gnats are but not what a NAT is. And please, how do I 'punch a hole' in any of them? I did use Vidalia. No success in my log. For my Linux box, lotsa handshakes, onion skins, 3 cells, 6 cells, a child wants to read, another wants to write, more handshakes, then warning failure orport not reachable. OT, I have a linux box because I am so fed up with being hacked and remote-administered, and Debian said nothing could be installed without my root password - I hope I understood this much correctly? So why should java and javascript be a problem? Trying to help case by case will likely take up an unacceptable amount of the developers' time. Efficiency lies in standardisation and mass production. So Mr Freemor, I concur with you on the need for user education. I absolutely agree with Mr del Vacchio about making the process as painless as possible. Clement ___ The all-new Yahoo! Mail goes wherever you go - free your email address from your Internet provider. http://uk.docs.yahoo.com/nowyoucan.html
Re: Ultimate solution
Thank you JT, you expressed so eloquently what I have been thinking. Yes, please come out with a ready server package. I am a noob who sometimes don't even understand the messages in the log (and not at all the debug log). I have been trying to get my boxes to run as servers for weeks. No luck. And I don't know where and how to get help. I am very grateful for the security tor has given me, and would like to contribute to the community instead of just taking, taking. It would be great if we could have a default server package. ___ New Yahoo! Mail is the ultimate force in competitive emailing. Find out more at the Yahoo! Mail Championships. Plus: play games and win prizes. http://uk.rd.yahoo.com/evt=44106/*http://mail.yahoo.net/uk
502 Bad Gateway
[Warning] connection_dir_client_reached_eof(): Received http status code 502 (Bad Gateway) from server '212.227.108.114:80' while fetching /tor/status/fp/7EA6EAD6FD83083C538F44038BBFA077587DD755.z. I'll try again soon. I got two entries like this in the log today. Yesterday the message number was 404, not bad gateway but something not found. Did I do something wrong to my tor? ___ Inbox full of unwanted email? Get leading protection and 1GB storage with All New Yahoo! Mail. http://uk.docs.yahoo.com/nowyoucan.html ___ Copy addresses and emails from any email account to Yahoo! Mail - quick, easy and free. http://uk.docs.yahoo.com/trueswitch2.html
Re: Warnings on the download page
My suggestions as a no-tech user: Perhaps the Warning should be put on top of the page, before the download links - sometimes people don't go further than the download links. Also, might I suggest NoScript to be used in conjunction with QuickJava? And please add a line reminding users to reload the page if they use QuickJava. NoScript reloads automatically but not QuickJava. About the evil exit nodes, these extensions might help detect false pages: HostIP.Geolocation plugin, netcrafttoolbar, FormFox, and Shazou. FormFox is somewhat paranoid and not always accurate, but it serves as a reminder of thinking before clicking submit. About mail client: I configure my Thunderbird 995 and 465, same server name for pop and smtp, with Torbutton. So far I have had no problem retrieving and sending. There have been mentions in this list about problems with smtp, so maybe I am missing something. Am I blithely assuming my getting and sending mail through tor and SSL? About Windows (sorry guys) security, set up a normal user account for browsing, like they do in Linux. Change Administrator to some other moniker and set a password. And disable remote administration if you don't need this enabled. Voila, my 2centsworth. Roger Dingledine [EMAIL PROTECTED] wrote: On Wed, Mar 07, 2007 at 02:14:33PM -0600, Mike Perry wrote: The Tor download page should have a concice Things to know before downloading section that lists a few key points about the most easy ways your identity can be revealed through Tor. Something like Mike and I just whipped up an early version of this here: http://tor.eff.org/download.html.en#Warning - Inbox full of unwanted email? Get leading protection and 1GB storage with All New Yahoo! Mail.
blog about tor and skype
I read in this blog http://www.hermann-uwe.de/blog/howto-anonymous-communication-with-tor-some-hints-and-some-pitfalls in the comment/reply section: Not meant for privacy It seems like there's a slight misunderstanding here. This setup is not going to anyonymize all of your Skype telephony traffic, but will only allow you to tunnel connections to the Skype servers through TOR. As such, your peer-to-peer traffic will not be anonymized, and even your telephony traffic to the skype servers may be unencrypted. You just fake your IP address towards the skype authentication server, that's all. -- I do not understand this paragraph. Doesn't tunnel connections ... through TOR mean encrypting the traffic, whether voice or text? If I send a text message in skype through tor, is it or is it not encrypted by tor? If I make a skype call through tor, is the voice traffic encrypted by tor? Finally, please tell me how to configure skype to use tor -- I have confidence in tor's protective power :-) Thanks for replying. - Now you can scan emails quickly with a reading pane. Get the new Yahoo! Mail.
Re: blog about tor and skype
A quick note: I mean skype sms and skypeout calls, both types are to non-skype mobile phones instead of to another skype user. sy16 [EMAIL PROTECTED] wrote: If I send a text message in skype through tor, is it or is it not encrypted by tor? If I make a skype call through tor, is the voice traffic encrypted by tor? - Now you can scan emails quickly with a reading pane. Get the new Yahoo! Mail.
Re: blog about tor and skype
Thank you for explaining, it's good to know that VOIP calls are encrpted. About configuring skype to use tor, can I just set proxy server to localhost, port 9050, using HTTPS? Or is it necessary to install freecap? Enigma [EMAIL PROTECTED] wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Hi, - From what it sounds your destinations are normal phones. In that case your calls will not be encrypted. Actually, Tor could encrypt your call up to the point where it arrives at a gateway that connects to the public phone network. From there it can no longer be encrypted since there's no way to handle the encrypted data in a public phone network (yes there are exceptions but that's rare and a different topic). In summary: you can't make fully encrypted calls to a non-VOIP phone from what I know. Sincerely, Enigma - -- German Tor mailing list / surveillance and anonymity: http://www.anti1984.com New GPG key ID: 4096R/87FF3BA2, old key is revoked. sy16 schrieb: A quick note: I mean skype sms and skypeout calls, both types are to non-skype mobile phones instead of to another skype user. */sy16 /* wrote: If I send a text message in skype through tor, is it or is it not encrypted by tor? If I make a skype call through tor, is the voice traffic encrypted by tor? -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.7 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iQIVAwUBRe2L6Xds87OH/zuiAQJ07w//ScZzd/W17okxObdiPu/9u63DK8A3gutz je/Y6rEls9D634T/5sZqY4kY1clfDZ6rSkLpRhp+BT9J3kprKrbzQCalIaHbI6dZ sJ02//cST1+aAaZ7wn0K/7RvpNpHlrypz4QNQTPf91v2OxGwZRojn7WMNq3wpmoc uhCBrKZtGkBqVXbXkrw3iljOyT+tUq5r3F84qcSk5YM9kWyO2UcyPCR+c4lURErL FVaB5qBDTKo9NPJmn8EJOGfPR/HmU9OgrqpZ/2j8N4toZay+zmcvrOlqPcTW8ysz OYSBDEB8k4Akwg3LRGrUqiP64eXh5dlhMl3LF1rA2q7APDt2fgEhqbVc7ieDMDqi /dHmPoprVcFNick2DCihnGWUAC2Jr4zHOhpTQbv8KwAJZG5FM60dqDDzuvqQYiq0 jD4rH/Ir0cLg07G+pdmr2lm3MzziulURmBSeMdK0NiCZJ2Oy7+DOe23YwTIMaDvA BpJApJEDKWKpDpeZ3rs+4VqPWjQCcbH2Kpefwbe1RelUdO8LFtRYYqpvh/gdrpzq 33Ns4yQMGPQmSXGJJr07jNk7ZIKoUNFFfGFcFem3G0GJMYgPxvZIr9IZ2e0YO1NU YFUNtrfM0A2m5mxCUmSc9BFAYBtx+8OjUSCYQ6RBXQvUKH3oaJrqnHW0L/YiFM8o yLqsJ3KBFuE= =aPGO -END PGP SIGNATURE- - Now you can scan emails quickly with a reading pane. Get the new Yahoo! Mail.
Re: blog about tor and skype
I don't know how to force skype to use only tcp, but one way to know whether it is using tcp (therefore tor) is to look at the little flag before the place where you enter the phone number. When it is different from where I am, it is probably using tor. I'll check out zfone and probably switch if it is user-friendly. Many thanks to all, that was really helpful. Enigma [EMAIL PROTECTED] wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Oh yeah, I forgot to mention that. Sly16, I read somewhere Skype is just encrypting its own protocol but not the traffic itself. Not sure whether it's true or not. In any case Skype users rely on a closed source protocol so no one really knows if it's secure and what else it may or may not do. I'm not saying it's insecure but if you want to be certain your connections are encrypted you might want to consider using other tools or techniques for voice communication that support open source encryption. As for voice my first idea would be VOIP and zfone. For text based communications (IRC or something) I'd rely on Tor. Sincerely, Enigma - -- German Tor mailing list / surveillance and anonymity: http://www.anti1984.com New GPG key ID: 4096R/87FF3BA2, old key is revoked. - The all-new Yahoo! Mail goes wherever you go - free your email address from your Internet provider.
Newbie's questions
I have very little computer knowledge and am very happy to have found Tor. According to the pictures on the Tor homepage, my communications are green (encrypted) until they reach the destination, there they become red (unencrypted). Here are my questions. (1) Does it mean that even when I visit unencrypted sites, nobody would be able to tell what sites or pages I am requesting? (2) Can the green line be cracked by intercepting the packets or headers? (3) I don't know where the encryption key is stored. Can it be stolen if my pc is hacked? Thanks for your replies. P.S. Please let me know where to post if this is not the correct list. P.P.S. Sorry about the Yahoo tail, POP seems to have stopped working. ___ Now you can scan emails quickly with a reading pane. Get the new Yahoo! Mail. http://uk.docs.yahoo.com/nowyoucan.html
Re: anonymous v. normal session
Where should I add them? In torrc? Sorry to be tiresome but I know very little about computer. Michael_google gmail_Gersten [EMAIL PROTECTED] wrote: Two suggestions: 1. Include port 80 in the list of long lived ports. 2. Set a limit on circuit build time, so that slow/backlogged nodes don't get used. CircuitBuildTimeout 10 LongLivedPorts 80,23,21,22,706,1863,5050,5190,5222,5223,6667,8300, That adds 80 (web browsing) to the long lived ports. (Actually, 443 should be added for https:// connections as well), and requires that circuits be constructed in 10 seconds instead of 60. On 2/27/07, sy16 wrote: I need advice on anonymous v. normal sessions. Tor has saved me from packet sniffers and MITM attacks since I started using it. These attacks always and only happened during my banking sessions. I inferred that my net traffic must have been closely monitored by someone (I have a private-detective neighbor whose son works for my ISP, but I can't very well bring a case based on suspicion). Having enjoyed the protection of Tor, I am now extremely reluctant to get online without it. But sometimes the connections are closed or too slow during my session that I get auto logged out by the server. I have to log in repeatedly, but there are only so many sessions a day allowed, as a security feature. Can someone tell me how best to safeguard my net traffic? What kind of emailer are you? Find out today - get a free analysis of your email personality. Take the quiz at the Yahoo! Mail Championship. - New Yahoo! Mail is the ultimate force in competitive emailing. Find out more at the Yahoo! Mail Championships. Plus: play games and win prizes.