Re: Help translate Orbot
Fantastic Marco! A few questions: 1) The iPhone, especially the basic 3G model, seem pretty strapped for free resources (RAM and CPU cycles)... How does Tor fare with those limitations? How much RAM does it really need anyway? 2) Is Privoxy/Polipo needed for iPhone apps? 3) How does the Tor background process affect battery life? .w On May 16, 2010, at 5:25 AM, Marco Bonetti wrote: Don't worry: I'm working on it :-P See http://sid77.slackware.it/iphone/ *** To unsubscribe, send an e-mail to majord...@torproject.org with unsubscribe or-talkin the body. http://archives.seul.org/or/talk/
Re: Tor on the iPhone
Interesting. Well, I ask this one because I've always found that my battery drains the fastest when using the 3G or EDGE connection. Significantly faster than playing an intensive 3D game, even... .w On May 16, 2010, at 5:57 AM, Marco Bonetti wrote: Backgrounding itself is completely negligent, what affects the battery life are cryptography operations tor will ask the CPU to carry out, *** To unsubscribe, send an e-mail to majord...@torproject.org with unsubscribe or-talkin the body. http://archives.seul.org/or/talk/
Re: Help translate Orbot
Wow Runa, while I unfortunately can't help with any translations, I just want to say that that app looks wonderful and wish you the best of luck with it. Wish I had something like that on my iPhone! .w On May 15, 2010, at 2:20 PM, Runa A. Sandvik wrote: As many of you probably know, Tor is available for Android by installing a package named Orbot: https://www.torproject.org/docs/android.html. Right now, Orbot is only available in English and Spanish, but I am hoping that this will change really soon. I have added Orbot to the Tor translation portal, along with the following languages: Norwegian, German, Spanish, French and Polish. See https://translation.torproject.org/projects/orbot/. Please send an email to tor-translat...@torproject.org if you want me to add another language. Thanks, *** To unsubscribe, send an e-mail to majord...@torproject.org with unsubscribe or-talkin the body. http://archives.seul.org/or/talk/
Traffic shaping?
Does Tor do any kind of traffic shaping? .w *** To unsubscribe, send an e-mail to majord...@torproject.org with unsubscribe or-talkin the body. http://archives.seul.org/or/talk/
Preventing 502s?
Hi all, I am getting a lot of these messages lately -- how can I increase the wait time? 502 Server dropped connection The following error occurred while trying to access http://xxx 502 Server dropped connection Generated Sat, 15 May 2010 19:37:54 EDT by Polipo on xxx.local:8118. .w*** To unsubscribe, send an e-mail to majord...@torproject.org with unsubscribe or-talkin the body. http://archives.seul.org/or/talk/
Re: Traffic shaping?
In this case, purposely 'shaping' the traffic so that it looks like something other than what it actually is (ie, not Tor traffic). .w On May 15, 2010, at 11:18 PM, and...@torproject.org wrote: What do you mean by traffic shaping? *** To unsubscribe, send an e-mail to majord...@torproject.org with unsubscribe or-talkin the body. http://archives.seul.org/or/talk/
Re: Tor Exit Node Sponsorship - looking for partners
Back to the Kickstarter idea, while I fully understand and agree with most of your points, my thought was one of publicly creating awareness of need. Whatever the appropriate platform, I really think it needs to move in that direction. Let's hypothesize for a moment that a suitable basic payment platform is found. What if Tor, the application itself (not making a distinction between Tor and Vidalia here), were to make people more aware of the need for exit node donations? I'm not necessarily suggesting nagware pop-ups, but I am talking about something like, perhaps, a splash screen with a reminder -- and a button -- upon launch. I am also talking about gentle nudges in the initial setup process. Tor development is only possible with your support! etc etc. And the Tor Browser Bundle? How about making its default page an explanation of the need for more exit notes, statistics, and some kind of visualization of what the impact would be for a given amount donated? And make it beautiful and simple, like this: http://www.charitywater.org/donate/ .w On May 12, 2010, at 1:11 PM, Moritz Bartl wrote: I first planned to offer a certain bandwidth push for one-time donations, eg. 1Mbit/s for one month for 2 Euro. The system could be automated to automatically update the Tor node configuration *** To unsubscribe, send an e-mail to majord...@torproject.org with unsubscribe or-talkin the body. http://archives.seul.org/or/talk/
How to wrap applications in Mac OS X?
Is there a torify equivalent for Mac OS X, or does Torify work on that platform... And if so, can it wrap GUI applications as well? Asking because I'd like certain applications on my system without individual proxy settings to use Tor, and certain apps of the same class not to... .w *** To unsubscribe, send an e-mail to majord...@torproject.org with unsubscribe or-talkin the body. http://archives.seul.org/or/talk/
Re: Tor Exit Node Sponsorship - looking for partners
Well, assuming that it is only a technically-minded userbase that installs Tor, then maybe! Do you guys have any sense of whether or not that's actually true? .w On May 13, 2010, at 6:57 PM, Martin Fick wrote: I would think that the slowness of the network would be reminder enough, no? -Martin *** To unsubscribe, send an e-mail to majord...@torproject.org with unsubscribe or-talkin the body. http://archives.seul.org/or/talk/
Re: Tor Exit Node Sponsorship - looking for partners
This is not an entrepreneurial proposition all. I'm merely talking about exposing the end-users to the financial realities of operating the service, and inviting them to help in a more obvious way. I'm NOT suggesting blatant nagware. Gentle is the word used, and I certainly never said pop-ups. Forget my comment about technically-minded users for a moment. My question really should read: Are there a significant body of end users of Tor who do not understand how it fundamentally works? Think about it: Once Tor is setup properly, how often is the average user going to return to the website to be reminded that they should donate, or that Tor organizationally is in need of this or that? Yes, the speed of the network should be some indicator, but I am suggesting that not everyone will know that, so perhaps a message like Tor exit nodes are heavily congested. Click here to help . . . would have a beneficial impact. All this being said, I completely understand, even even fully empathize with your reaction. I would never want to see Tor be packaged with crapware! .w On May 13, 2010, at 8:31 PM, Jon wrote: I can not speak for everyone else, but for my self, if I read this right, imo, there is no difference or very little difference between nagware popups and splash screens that have reminders or ads on them. There is enough ' crap ' ware out there with those pop ups, etc. As a relay operator, if i had to see this everytime an upgrade was done or had to reboot for whatever reason, those screens/popups would be enough after a while to stop being a relay. I am not in the ' technically-minded ' user base, but I am among the relay user database that donates time, bandwidth, money to the cause here. As just like several hundred others. Again, imo, I get the feeling beginning from the topic, that it appears to be more to this then meets the eye. It seems to me that some one other than TOR is going to benefit more from this. I may be wrong in the way I am reading this, but sure seems like to me that this is an entrepreneur proposition for some one to make money on/with. *** To unsubscribe, send an e-mail to majord...@torproject.org with unsubscribe or-talkin the body. http://archives.seul.org/or/talk/
Re: How to wrap applications in Mac OS X?
Responding to part of what you said in the Exit Node Sponsorship thread, this makes me think that something which could be really useful -- and which could certainly lessen the newbie-not-effectively-using-Tor-syndrome: a sort-of launcher and dashboard for apps that are to be Torified (using torsocks, dsocks, or whatever else). In other words, a panel that they open up, drag apps into, and -- if they are launched from this panel -- get properly wrapped. A simple, green light / red light metaphor could then be used to indicate whether or not they are being run through Tor. Is that conceivable? I imagine that from there they could also get warnings if the app is leaking DNS requests and so on (couched of course in simpler terms, 'warning: although Tor is trying to protect you, this application is giving away your private information. Click here to see a recommended replacement')... Leading to a web tool which recommends replacements for 'unsafe' apps. I can try mocking all of this up if it would be helpful. I imagine that no one would have time to implement it for a while, but if Tor use is starting to become more mainstream the conceptual direction could perhaps be at least mildly useful? .w On May 14, 2010, at 12:59 AM, and...@torproject.org wrote: If by GUI applications you mean native OS X carbon/cocoa apps, unlikely unless you can launch them from the command line. *** To unsubscribe, send an e-mail to majord...@torproject.org with unsubscribe or-talkin the body. http://archives.seul.org/or/talk/
Re: Tor Exit Node Sponsorship - looking for partners
Have you guys thought organizing a (very) public Kickstarter.com project for the purpose of raising the funds and creating awareness of need? .w On May 10, 2010, at 8:06 PM, Moritz Bartl wrote: Hi, At the moment, 25% of all traffic exits through Blutmagie (thanks Olaf!). I guess we all agree that this situation is far from optimal. Judging from the number of requests in the last months where people were looking for friendly ISPs, help with setting up, running and managing Tor nodes, and especially abuse handling advice, I think there is enough interest to fund another big node. I've been in contact with several ISPs lately, asking specifically for high bandwidth Tor exit node hosting. I have also added their responses to the GoodBadISPs wiki. What I am planning is either a large node (split like Blutmagie), if I can find enough people to sponsor it, and/or smaller nodes on virtual machines, eg. for hidden services hosting. I will personally order the machine, manage it, keep Tor(s) running with mostly unrestricted exit policies and handle all abuse. The companies selected will not shut down the serve but pass all abuse to me, WHOIS notices will be adjusted when possible (unfortunately, only a few of them offered that), RDNS and notice pages will be set up accordingly. I know that this is a controversial topic, and that it would be better to have completely independent nodes, but I hope that I can earn your trust. I will happily sign an agreement that I will not log/sniff traffic. :-) The configuration will be published among sponsors. I am open to suggestions here: You as a sponsor might also be interested in an additional private VPN service, or use the large drive space as backup purposes, I2P etc. You can of course also be mentioned on the notice page as sponsor, complete with your company logo. If you're interested, feel free to contact me directly. Tell me what you'd want to give, and what you'd expect for your money. At the moment, I am thinking about something like these (monthly): $200 100TB - http://www.100tb.com/ $160 100Mbit/s - http://fdcservers.net/ 50€ 10Mbit/s - http://www.netrouting.nl/ All depending on how many people are willing to participate. -- Moritz Bartl GPG 0xED2E9B44 http://moblog.wiredwings.com/ *** To unsubscribe, send an e-mail to majord...@torproject.org with unsubscribe or-talkin the body. http://archives.seul.org/or/talk/ *** To unsubscribe, send an e-mail to majord...@torproject.org with unsubscribe or-talkin the body. http://archives.seul.org/or/talk/
Re: Problems with irc because of tor?
Sebastian Hahn wrote: -Ursprüngliche Nachricht- Von: Praedor Atrebates [EMAIL PROTECTED] Gesendet: 20.11.08 21:10:08 An: or-talk@freehaven.net Betreff: Problems with irc because of tor? Why does running tor suddenly cause me to be unable to connect to freenode? I am NOT running a torified irc client. Also, where's the address 127.0.0.1 coming from? Why is my REAL IP address now invisible (apparently) and tor causing sites to think I am trying to use the illegal localhost IP? praedor Unfortunately, some service providers choose to not accept Tor users as part of their userbase and block connections from exit nodes. That wasn't the question, he was wondering why he was using Tor at all though he told his client not to use it. Praedor: Sure you don't use a proxy in your IRC-client? Also, check - if you're using some flavour of UNIX - if you have some variable like http_proxy set. Alex. signature.asc Description: OpenPGP digital signature
Re: Problems with irc because of tor?
Praedor Atrebates wrote: Now I'm really lost on this. Tor quit running (I cannot run tor-0.2.1.7-alpha for more than a couple minutes, so it seems. It just suddenly quits without any errors. It's running then suddenly it isn't. OK, that's another thing. Looks like it is back to the previous version again... That said, tor is down/off and I STILL get the same messages for my IRC client. It seems that simply running tor briefly is enough to bork my IRC client from then on (at least until I reboot)? N, no way. A couple of questions: 1) You run some kind of transparent proxy? 2) If not, check if Tor is really disabled. Use ps in UNIX or the Windows Taskmanager to check. Shut down Tor. 3) Check all your IRC-client's settings. To be more precise: 4) What operating system are you using? 5) What IRC-Client are you using? The error-message you're describing is hand-crafted for people who want to use the Freenode-network with Tor. It wouldn't appear for any other users (unless Freenode borked up their scanners). By the way, the message Closing Link: 127.0.0.1 (Banned) seems to indicate that you're using some kind of proxy. If you give us more details, we might be able to help. Alex. signature.asc Description: OpenPGP digital signature
Re: Problems with irc because of tor?
Robert Hogan wrote: Do you run a server yourself? If so, your real IP may be on the irc server's 'tor blocklist'. I don't think so, Freenode wouldn't send the error-message with 127.0.0.1 then, but with his public IP-address. Alex. signature.asc Description: OpenPGP digital signature
Re: Problems with irc because of tor?
Ted Smith wrote: On Thu, 2008-11-20 at 22:39 +0100, Alexander W. Janssen wrote: Robert Hogan wrote: Do you run a server yourself? If so, your real IP may be on the irc server's 'tor blocklist'. I don't think so, Freenode wouldn't send the error-message with 127.0.0.1 then, but with his public IP-address. Alex. No, speaking from experience freenode sends 127.0.0.1 if you're on their blacklist, torified or no. They're also very slow to update; I've not been running my exit for some time, but for a long time I was still forced to use the hidden service. I'd probably still be banned if I hadn't had to reboot my router. What blacklist is Freenode using then? Do they run their own? Any chance to check if it's really that? Sounds sensible though... Alex. signature.asc Description: OpenPGP digital signature
Re: GnuPG through Tor
misc wrote: Is there any way at all to get keys from LDAP server through Tor? LDAP uses TCP, so yes, it should be working if you configure GnuPG to use a proxy. Alex. signature.asc Description: OpenPGP digital signature
Re: Fwd: Post Confirmation 807ccc3983b12bd9
Jonathan Addington wrote: Can someone explain why I get this message every time I post? Or delete whatever email address sends this back to me? You're maybe posting not with the same email-address as you subscribed. I don't post often, but it is annoying when I do. Maybe it's just that. Alex. signature.asc Description: OpenPGP digital signature
Re: flash won't work with Tor enabled
Kasimir Gabert wrote: If you really need to access a flash script you could set up CGIProxy (http://www.jmarshall.com/tools/cgiproxy/) to route through Tor, and then connect to a local CGIProxy proxy with it's settings enabled for rewriting scripts. This will not, of course, guarantee your anonymity. I would combine it by putting the CGIProxy on another machine (or virtual machine), then set your firewall to block any/all requests that are not to that machine or localhost. This should help protect against failed rewrites by CGIProxy, and potentially retain the anonymity provided by Tor. Please correct me if I am wrong! Hm, I wonder if running your browser explicitly through torify would help? All network system-calls would be replaced by SOCKS-calls then. Can anyone comment on this? Not sure if that applies to plugins though. Kasimir Alex. signature.asc Description: OpenPGP digital signature
Re: icann opening up of tld's
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Geoff Down wrote: Presumably any problems could be avoided by changing the pseudo-tld to something really obscene... .onionporn? SCNR Alex. -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.7 (MingW32) iQCVAwUBSGYzuBYlVVSQ3uFxAQJXkgP8DOB4xMsvV3U9TI9EAnsS4rfqkn7K3VQS kiTYZ/8PIAkYj4JYwy5YwNvpVi/4OHkxN6epzrh2IiFETbQ/jgKQBicKu40/S9xg G8QIFZ1fzMiddR+9pjGMn1fsSIUvraqFtWuFeWJtblAWad3rvFb2ddjCeI00LMsm PszeQmW9PmU= =CuzM -END PGP SIGNATURE-
Re: German Fed???
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Karsten N. wrote: Hi, I have found this at core.onion (http://eqt5g4fuenphqinx.onion/page/31) gpfTOR1-4: Those are operated by a front end of the German Verfassungsschutz. Wtf? :-) Is it only the paranoia of some individuals or disinformation? I guess a bit of both. And I have a question: Why looks our organisation like a front end of the German Verfassungsschutz. Any help? Don't take the bait. I bet those weirdos who put that information up the Web are just playing with their wieners, drooling over your disgust. Karsten N. Alex. -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.7 (MingW32) iQCVAwUBSGNlqxYlVVSQ3uFxAQJVbgQAkkv50Ec45j8YDgUMZzLwm8gQP6IyoZDf Y9pE2uElUxBYB93cyT1XzgtGuokhxC27LtyGwfIFLBQxe/dJrL1hzNHtUqrScKiv ea41+utVfXf0D8rNkpuTCgbdU+ZMgc49f7TvO1QrycxzwErS5F2fW+tPRrQORk3h Df45tHpSwLg= =i/VX -END PGP SIGNATURE-
Re: Problem w/ Using tor(k) for Geostreaming Live-Videos
Works here with torify, though painfully slow. You might chose a stream which uses less bandwidth: $ ./torify mplayer -playlist http://wstreaming.zdf.de/zdf/veryhigh/080609_smm.asx ... STREAM_ASF, URL: mms://c36000-o.w.core.cdn.streamfarm.net/36000zdf/ondemand/3546zdf/zdf/zdf/08/06/080609_smm_vh.wmv Resolving c36000-o.w.core.cdn.streamfarm.net for AF_INET... Connecting to server c36000-o.w.core.cdn.streamfarm.net[217.243.250.24]: 1755... Connected ... By the way, Switzerland-Turkey 1:1 :-) Have fun, Alex. [EMAIL PROTECTED] schrieb: Hi there, here offers German Tv a live stream for soccer matches of the euro 2008! It is shielded by geostreaming! And even more, since due to some technical stuff on their side, not all German IPs are allowed accidentally.. Thus I need to use tor in order to become another German IP via an exit node, so that I can also watch them in real time! mplayer -playlist http_proxy://127.0.0.1:8118/http://wstreaming.zdf.de/zdf/veryhigh/080609_smm.asx It seems that tor is checking out the url in the playlist file but then goes there straight without the proxy? I have tried also regular German public proxies like http://www.publicproxyservers.com/page1.html but no success either.. It is an rtsp stream after all, the live video... How can I run tor(k) so that I can view the games??? Erich PS: Please reply to the list and to my email address so that I can read the replies before the daily digest with the others topics of this list.. Jetzt komfortabel bei Arcor-Digital TV einsteigen: Mehr Happy Ends, mehr Herzschmerz, mehr Fernsehen! Erleben Sie 50 digitale TV Programme und optional 60 Pay TV Sender, einen elektronischen Programmführer mit Movie Star Bewertungen von TV Movie. Außerdem, aktuelle Filmhits und spannende Dokus in der Arcor-Videothek. Infos unter www.arcor.de/tv signature.asc Description: OpenPGP digital signature
Re: Tor with secure Gmail
Man Man schrieb: Hi! Aloha! I am using Gmail at https://mail.google.com/ with tor. When I am at login, browser will state that the connection is only partially secure, ie. some items (I do not know what) are not encrypted. However, once I untor, I am able to get into the fully secure Gmail login page. What browser are you using? Can you tell us the exact words of the error-message? Does it say something like self-signed certificate, security certificate belongs to other hostname, certificate expired or what? Click the little button which looks like a lock on your browser's lower right side (for IE and Mozilla-clones). I tried this for many times and got this result each time. As I live in an unsafe country, I am worried my government is adding code to network traffic to identify users. So please state what exact error-messages you're getting. Thanks in advance. Alex. signature.asc Description: OpenPGP digital signature
Applications Recommended For Use With Tor +++ PROPOSAL, DRAFT +++
Hi all, following up a discussion on #tor I made up a Wiki-article about the abovementioned subject. https://wiki.torproject.org/noreply/RecommendedSoftware Abstract: To create a list of Applications Recommended For Use With Tor [2]. Those applications must obey the rules of 1) using the proxy supplied 2) not leaking any information around the proxy Disclaimer: This is work in progress. This is only meant for your information. It's not a formal process, nor a written thing. I just put it for discussion. It's up to you to define the rules. Motivation: Tonight we were discussing if [1] is a reasonable thing or not. I pointed out that Tor, as a layer-3 routing-software, can't solve layer-4+ problems and that it should be up to downstream-proxies to solve the untrusted TCP-port-problem. However, several people disagreed with my opinion, pointing out that the real problem are the applications using Tor, compromising the anonymity of the user and the IP-address-obfuscation of the router. The real thing would be solving all those problems directly in the applications instead of sailing around the problems, using proxies and the such. Later, the point about Tor-safe and not-safe applications popped up - thinking of DNS-leakage, unsafe browser plugins. Those problems were reported before on this list about several products - related to several versions of those individual applications - but except the archive of this list this pieces of information _were never consolidated_. We just have a bunch of warnings that a certain application $foo in version $bar leaks DNS. Goal: To create a list of Applications Recommended For Use With Tor. That'd give users a certain degree of confidence that the application (s)he's using isn't leaking information to the world when using Tor. I'd appreciate your comments and I'm awaiting your corrections on all the articles in the Wiki. (free registration required). The Wiki-article isn't linked to anywhere in the Wiki yet. That's on purpose until we sorted our all the basic questions. I'll be willing to set up a dedicated mailing-list for this subject, unless we can have on elsewhere. Cheers, Alex. [1] https://www.torproject.org/svn/trunk/doc/spec/proposals/129-reject-plaintext-ports.txt [2] Name made up by Nick. I like it, though I found it to be too bold. signature.asc Description: OpenPGP digital signature
Re: Applications Recommended For Use With Tor +++ PROPOSAL, DRAFT +++
Kyle Williams schrieb: Hello Alex, Aloha Kyle! I've already logged into the Wiki and updated the Test Procedures section. Seeing as I've found lots of IP disclosure vulnerabilities in the past (and future?), I for one would be more than happy to help with this. Thanks. The whole section is quite a draft and seriously: it needs more details than we have right now, even with your corrections. One application that should never show up on this list is Internet Explorer. I've got two 0-days right now for IE, and they would totally compromise your anonymity and security. Don't worry, they've been reported through 3Com's ZDI program and I'm waiting to see the fixes come out (who knows when). If you use Tor, DO NOT USE INTERNET EXPLORER! Actually that's not the point about this wiki-page; it's more about what specific things can go wrong, not about what kind of special exploits a several application is suffering of. Even all those Mozilla-browsers have their own problems so i want to keep this specific section open. The questions are: * Where do those applications compromise anonymity? * What plugins are known to be shit? That's fairly generic - there's no need for another my browers's better than yours-thing. Thanks for your input anyway! :-) Let the bug hunting continue!! w00t! Oh yeah. I'll be testing me very own setup on thursday. - Kyle Alex. signature.asc Description: OpenPGP digital signature
Re: Ports 443 80
I've not tried to setup a TOR node with your config, but I'll tell you how I got mine to work : Assumptions for the following configuration: 1.1.1.1 - Public IP address of Firewall (assumes you are using NAT internally) 2.2.2.2 - Private IP address in use on the TOR server :9090 - Private OR Port :443 - Public OR Port :9091 - Private DIR Port :80 - Public DIR Port First I set my firewall up to accept the following external ports, and forward them to the TOR server - basically port forwarding with NAT: 1.1.1.1:443 -NAT and port forward to- 2.2.2.2:9090 1.1.1.1:80 -NAT and port forward to- 2.2.2.2:9091 The TOR server was then configured to listen locally for TOR traffic on 2.2.2.2:9090 and 2.2.2.2:9091, so you'll need to set the following items in your torrc file: ## The IP or FQDN for your server. Leave commented out and Tor will guess. Address 1.1.1.1 ## Required: what port to advertise for Tor connections. ORPort 443 ORListenAddress 2.2.2.2:9090 ## Optional: what port to advertise for TOR directory connections.Uncomment this to mirror the directory for others. DirPort 80 DirListenAddress 192.168.3.20:9091 So, without validating your firewall setup, I would think you need to modify your 'ORListenAddress' and 'DIRListenAddress' to reflect the ACTUAL IP address (not 0.0.0.0) of your TOR server, and set your 'Address' value to the actual public IP address of your firewall (note, no port required on the 'Address' value). Hope this helps! Robert On May 17, 2008, at 4:53 PM, Nathaniel Dube wrote: I read somewhere that you can use ports 443 and 80 to help out people stuck behind really restrictive firewalls. I've been trying to manually configure Tor to do just that. I've configured the router for port forwaring. I'm pretty sure I did the same for my Linux firewall. I told the firewall to listen on ports 443/80 and redirect to 9090/9091. So the way I understand it is, Tor servers/clients should be trying to connect to ports 443/80 -- my router listens on 443/80 and bounces to my firewall -- my firewall listens to 443/80 and bounces to 9090/9091 which the tor server is really listening in on. I'm running openSUSE 10.3. I used yast to set the firewall. If I understand what I'm doing I use the Masquerading section to do firewall port forwaring. Which I'm pretty sure I did correctly but for some reason servers/clients are still unable to connect to my tor server. I could really use some help getting this working. I can get the normal ports working no problem and have my server join the tor network. It's when I try doing the port 443/80 trick that things get harry. Here are screenshots of my configuration screens I did for the port forwarding. http://img246.imageshack.us/img246/303/443zb6.png http://img265.imageshack.us/img265/1403/80xv7.png http://img253.imageshack.us/img253/483/yastmasqsm4.png http://img253.imageshack.us/img253/2820/yastrulesyl0.png http://img338.imageshack.us/img338/5127/routerpn3.png Here's portions of tor's config file. I Xed out stuff that might be considered a security risk on my part. SocksPort 9050 SocksListenAddress 127.0.0.1 DataDirectory /home/tor/.tor ControlPort 9051 ORPort 443 ORListenAddress 0.0.0.0:9090 DirPort 80 DirListenAddress 0.0.0.0:9091 Also, here's the log when I run tor in Konsole as root. I know, don't run Tor as root. I'm just doing that to test it to make sure it's working before I set it to start on boot under the tor user. May 16 23:09:16.449 [notice] Tor v0.1.2.19. This is experimental software. Do not rely on it for strong anonymity. May 16 23:09:16.450 [notice] Initialized libevent version 1.3b using method epoll. Good. May 16 23:09:16.450 [notice] Opening OR listener on 0.0.0.0:9090 May 16 23:09:16.450 [notice] Opening Directory listener on 0.0.0.0:9091 May 16 23:09:16.450 [notice] Opening Socks listener on 127.0.0.1:9050 May 16 23:09:16.450 [notice] Opening Control listener on 127.0.0.1:9051 May 16 23:09:16.451 [warn] You are running Tor as root. You don't need to, and you probably shouldn't. May 16 23:09:16.642 [notice] Your Tor server's identity key fingerprint is 'XXX' May 16 23:09:18.240 [notice] We now have enough directory information to build circuits. May 16 23:09:18.438 [notice] Guessed our IP address as X. May 16 23:09:21.856 [notice] Tor has successfully opened a circuit. Looks like client functionality is working. May 16 23:09:21.856 [notice] Now checking whether ORPort XXX:443 and DirPort :80 are reachable... (this may take up to 20 minutes -- look for log messages indicating success) May 16 23:29:18.900 [warn] Your server (XXX:443) has not managed to confirm that its ORPort is reachable. Please check your firewalls, ports, address, /etc/hosts file, etc. May 16 23:29:18.900 [warn] Your server (XX:80) has not managed to
Re: Reregister after key change?
Based on a thread from last October, I don't believe they are registering 'named' nodes anymore. I think the loss of the 'named' status is the worst part of the key re- gen process - for those of us that run legacy, named nodes. Now, time to roll keys on my nodes . . . . Robert On May 15, 2008, at 7:13 PM, F. Fox wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA256 [EMAIL PROTECTED] wrote: (snip) Anyway, since I changed my onion key because of the ssl vulnerability should I send another email somewhere? (snip) I did. It's [EMAIL PROTECTED] , I believe. - -- F. Fox AAS, CompTIA A+/Network+/Security+ Owner of Tor node kitsune http://fenrisfox.livejournal.com -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.6 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iQIVAwUBSCzt4Oj8TXmm2ggwAQhh5RAAwFt2pwwiu9FUrZnQ/Iv5SMyJzDZWAZmd lSK2r46i4TkN3sHpa6rTtbBONR5ai1e70RBkZdWDOTaKKtqjkXaxF9aSjgDAzYd/ xEnyX8zAqYbwb05E5uvjQN+/P9S2jX4sls4GjOoTGuX7kT8cUgayCJowgp4EdmO5 fCPCUNuOUVKTUdjXx9xE7lz93isGlXl+bfyaITa6xs5aLAq0Zq2GAZwrKzi50jpn 3iYCwQC70U7ZQmh6M5k6OKs4VCtdVbTuPsoUf6zC+l8OuQnkiYcI2eXJIv5ePLcw 4r9+XGF3z8Vs+kYJyGplwGvYlp+on682Vci12RfKpqzMFByX3n3s1lKDpVJcmsbC I/xdK07SWuAuwmmJkxtew07SaODAqZFOxHsHc+6qKD8Pd2Q31SsC/49zBMh/MaZI zZ8tcmPxe21r6IoHHlatyC4iT0PKEKjsXP8t4AKjP61C/EH39eZNezd86fWDg7bU eM19vbKuG9MlfweZwiREA7Tn54Jp18Xrg7NPIbn/cjaeB4hMx6sNM4cHRF8Njr1A cdmqi9MzAA9YxoW8OwIHpuUA6At19i5VOI4Fb4lU/JqNAAA9hm+gAARjjqojI1Dc +Df5Z96AvMuv/PCCnpEH2l6eBkMhOHSklef+M6ercYiRXBHEAlkqXhq6hkTH33MV 8dpQdZb+rz4= =u+WU -END PGP SIGNATURE-
Re: TOR slowing down other network services
Rochester TOR Admin schrieb: A few other environment factors: - my firwall is a pretty old machine with a very slow NIC - my tor server NIC is very cheap [$10] Could anyone give me some insight about what they think might be going on? I'm not sure... what's a pretty old machine? I mean, Tor uses quite quite a lot of crypto-stuff, which is expensive. Maybe the CPU is overcomitted. Have you checked the load of your system? at-sar might give you some insight. Thanks in advance... Cheers, Alex. signature.asc Description: OpenPGP digital signature
Re: TOR slowing down other network services
Oh, and memory might be an issue too. If your machine starts paging and swapping it'll suffer from it. at-sar helps there too. Alex. signature.asc Description: OpenPGP digital signature
Re: Tor relay shutted down by ISP
Tom Hek schrieb: Thanks :) My ISP reconnected me again but I had to promise to never run Tor again. Tomorrow I'm going to call them and try to change their minds. XS4ALL is a ISP who stands for freedom of speech, they are against censorship, etc etc. If they knew what Tor was they wouldn't disconnect me for running Tor.. Yeah, that's what I thought too... I mean XS4ALL has quite a good reputation. It puzzles me that they acted like you described it. However, good luck and keep us updated. Cheers, Alex. signature.asc Description: OpenPGP digital signature
Re: Tor operator raided in Finland
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Scott Bennett wrote: In the United States, knowingly giving false information to a federal law enforcement officer is a felony, so as soon as they found out you had deceived them, they would likely charge you with that crime. That sounds a bit misleading - if you're a suspect you don't need to tell the truth. You don't need to say anything. Though if you're a witness, you *must* testify (as long as you're not accusing your kids or spouse) *and* tell the truth. However, if you lie in court as a witness, you're in big trouble. Alex. -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.7 (MingW32) iQCVAwUBR5807hYlVVSQ3uFxAQJnWAP+J/76s/iaLVUIPkkXrxxxfobjYGBlBsr1 DolPN2v7JrWUnsQIbPBIlGCYjfEvZXd30HC8jpDM75+LUJXj3ueuRUUbaNHzdNOw jPgLxiwp+SMioiRyrt5J9t7w360Fe51EJu6pE2paxTqpxiIUEJXvNbr8DeNM2yDQ Qw2JwrYg1UU= =fm2N -END PGP SIGNATURE-
Re: unusual connection activity?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 [...snip...] A bit of quoting[1] would've been nice. It's hard to follow that email. Alex. [1] http://www.netmeister.org/news/learn2quote.html -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.6 (GNU/Linux) iQCVAwUBR5jUqRYlVVSQ3uFxAQJBHwP/bAIPKg9JLbqdMDVbzP5cAkZHSSR4/AKe mC7i++w2wcG8uRtJ8x5EKDWGzjn7+dkN9S4+eIs6G2xa7A33sPGDp94w9MVO9gIL Skfp9U50vaCpxnNK1eR82aw42MmhYwkMqWlaExpII1HMxFvmY/9zZnfruBGeyHOi t2V2Wvzrs1o= =9/Ml -END PGP SIGNATURE-
Re: Why is TorButton and not FoxyProxy so much supported by the tor project?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 kazaam schrieb: Hi, I myself am using the foxyproxy plugin and not torbutton. With foxyproxy I simply make a blacklistrule which routes evertyhing through tor and only whitelist pages I'm really trusting. With TorButton I see many problems: [...] To make a long story short, the new development-version of Torbutton has improved dramatically. See http://itnomad.wordpress.com/2008/01/02/try-new-torbutton-firefox-plugin/ for instance. (shameless advertisement for my blog;) Cheers, Alex. -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.6 (GNU/Linux) iQCVAwUBR4UdnBYlVVSQ3uFxAQJM8AQAlI7LU5xXzzHFTRPZYqxI8zRqqsVGc/Ml rFOBlABVdGWqo5T8ZpgLOZSdwj4ahW8PZe6NMfQ2lBRjfQvAe8hfNXBTr4/6BmyL /3XIVtAFayuhfRuYAvUUujT1Iq9Iq5qPCtlpARBb8eue7W7iF3f+b8AfxH7SZ+Xb eQhVyrcoN5c= =wVYb -END PGP SIGNATURE-
Re: shinjiru closed exit node acceptnolimits
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 accept no limits schrieb: Now the server has new IPs and this exit node will soon be back. Congratulations! Bye accept no limits Alex. -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.6 (GNU/Linux) iQCVAwUBR4OxdRYlVVSQ3uFxAQL7EgQAqQUPYZLGzK2rBDOXBNl3kCzma/8wKAGc 8x2TqmtGPQ2f/wUE42C81hs0nP9/hFp5QKUl9wXaGNyvnJ9Au3qYy78lT8+ywTvI uVveJWRyTueeCFqFxqCd/r+9lYtyGjn2VDxTJNRWw/0IC+F1IUfJl3QZ71VoqVtJ FxzEQf9hjGU= =ggIF -END PGP SIGNATURE-
Re: What to do at IP number change?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Scott Bennett schrieb: On Mon, 7 Jan 2008 20:55:36 +0100 Tom Hek [EMAIL PROTECTED] wrote: i'm changing my public IP number ten times per day and to avoid confusion, *Ten times per day?* Please tell us again why it is you're bothering to run a tor server if you also feel you have to hide its existence. That's not what he said. He thinks he's helping the Tor-infrastructure through stopping the software before the IP-change and starting it up afterwards. Think of /etc/ppp/if.up and if.down. He's not hiding it's existence. He wants our advice. Alex. -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.6 (GNU/Linux) iQCVAwUBR4KHVRYlVVSQ3uFxAQJzkgP+Kfv/XFw8msTVU5yLjiv7l6dritIUCG96 GJVITYLNFTrRVdgYZvfNG0+3wy1fQgoe/V5fHV2DVw2HNG1RjsXdofw6eEoaLY47 fnnCeYUpBqmhFQ0pl2UECvrzupXgunUI1NvA6QMFVhIoqSBJ+Rq04um0j/helM9h x628dDWvD5A= =nlHz -END PGP SIGNATURE-
Re: Tor server using Vista?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Ringo Kamens wrote: This is certainly not adviseable because of the lack of security built into windows and the possible backdoors. I ain't no Windows-advocate but I find this argument a bit weak. Nowadays all the modern operating systems have the same problems: To much installed services by default, weak administration and the general reluctance of users to pay attentions to security-updates and best-practise when it comes to using common sense. Though there's a technical problem with Windows which Roger explained on his talk at 24C3 [1], it eventually runs out of sockets due to the way Windows allocates non-pageable memory-areas. Comrade Ringo Kamens Alex. [1] http://outpost.h3q.com/fnord/24c3-torrents/24c3-2325-en-current_events_in_tor_development.mkv.torrent -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.7 (MingW32) iQCVAwUBR34+ChYlVVSQ3uFxAQJcQwP+IuGKXu1XCpruFPGOk4J62wBvH/5X575E z0Bf/ubzBQTckD31kBa/fxGezk4pnWW8GfR++viBfNefV3R15/ZFK6pwn51vR+3v RbUDyeLLZuUrrI0e8niHwxVS2EFW7ZmvlPiBgJK4heLenGjnQge2Gom9zd+Cen10 4ypC2Z9SpAQ= =wdZT -END PGP SIGNATURE-
Re: Tor server using Vista?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Eugen Leitl wrote: On Fri, Jan 04, 2008 at 03:09:16PM +0100, Alexander W. Janssen wrote: I ain't no Windows-advocate but I find this argument a bit weak. Nowadays all the modern operating systems have the same problems: To http://openbsd.org/ is not a modern operation system? FreeBSDs? Even modern Linux distros, with security hardening? That's not what I said. OpenBSD might be a rare exception, but you need to take into account that it's mostly used by people who know what they're doing. As for Linux, even though some distributions have SELinux enabled by default, most of the people seem to shut it down for convenience reasons. much installed services by default, weak administration and the general reluctance of users to pay attentions to security-updates and best-practise when it comes to using common sense. That's my explanation which is still valid. Alex. -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.7 (MingW32) iQCVAwUBR35MnBYlVVSQ3uFxAQLkTAQAnTAChoaCg6L6KRN81vW7UP7Za/0zDlyp 97W1Fj6W9ig1KdjrbMY0NJdhLTUOKOGxkG2nFW2sQq5YBzFxG5FYViU3ruuf8cqQ mdJYmY4A8aVDUvWekceLhzPDV8M8lfuZlwhUmo7exdARKszgD2rGBmAHqCrlXmdd l6WBqVGwD2o= =SzTM -END PGP SIGNATURE-
Re: TLS errors
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Hans Schnehl wrote: Hi, Hi! Jan 02 12:46:06.204 [debug] TLS error: syscall error while reading (errno=54: Connection reset by peer) Jan 02 12:46:06.204 [info] connection_read_to_buf(): tls error [connection reset]. breaking (nickname NoNickNode, address 111.112.113.114). It looks like one of the nodes you have a connection too just kicked you out for some reason (connection reset by peer). This is pretty normal. Could be the remote node shutting down the software, rebooting and such. Jan 02 12:46:14.711 [debug] crypto error while performing RSA decryption: oaep decoding error (in rsa routines:RSA_padding_check_PKCS1_OAEP) Not sure about those, but it could be consecutive errors resulting from the encrypted connection (TLS) being shut down. Tor is running, but appears to be using only fractions of the bandwidth it is supposed to. Can someone please give a short explanation? No idea about that though. But it usually takes some time until everyone learned about your node - from my experience it takes up to 24 hours until the bandwidth is fully utilized. I'm just guessing from my generic experience :) Hans Alex. -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.7 (MingW32) iQCVAwUBR3uQZBYlVVSQ3uFxAQK9BwP+Ir5XUmyxYPttIdC6u3K/B/0Zyf8zE5p1 7Xm7xm43gNlGRG5ypimO/rhsaA2Lb9AegTbWKjGcxQo2ysn9RwrXMOAq4BNf3U1J kXY/xPEydo9UdMtT6+E4UZii1NbKYvDGAyU6IsiB8cYX9LyO+r0c+qrg5CIaZTta i99biZT6/G0= =JAjN -END PGP SIGNATURE-
Re: Google becomes usefull for us again
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 F. Fox schrieb: [I was going to leave your quoted message in... but my Lord, is your monitor as wide as a football field?! =xoD ] Since you're using Icedove, a little hint: If you go to the Edit-menu, you'll find a nice rewrap message function... :-) Alex. -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.6 (GNU/Linux) iQCVAwUBR3qenRYlVVSQ3uFxAQIIGQP8C9iAP54NzW2VWLwTT2usIhGGVMzB1084 VTb6S+AzzLn8mNyGuhuJRdj7toHdZJUUkOBkJ1oomSu1xz1ZMvTVUd+wDArF+vkd fLKor2XzK/nu/xo+C4SMrwBdYwbOHhCdA8heoAzyhoYTq4Wqer2q31dx/P0GfCju CWcmf8vhZNc= =x+yj -END PGP SIGNATURE-
Re: Google becomes usefull for us again
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 F. Fox schrieb: Alexander W. Janssen wrote: F. Fox schrieb: [I was going to leave your quoted message in... but my Lord, is your monitor as wide as a football field?! =xoD ] Since you're using Icedove, a little hint: If you go to the Edit-menu, you'll find a nice rewrap message function... :-) (snip) LOL, thank you. =:o) That will come in handy in the future... Sure! It works surprisingly well! Though I'd like to see a whitespace between the thingies... But I'm sure you can configure that elsewhere. I can't get over how wide that message was, though; usually, things are too *narrow* to be efficient for this monitor. It's a 1280x768 LCD panel... =:oD If you look at MUAs like Outlook - they just don't wrap correct, so the user has to type Enter just to make it look right. Blargh. So users just tend to write without pressing Enter, hoping that the receiver's MUA wraps it correctly. Not true for Thunderbird and derivates though. But actually it's correct - from a typographic point of view - that a paragraph is written without individual linefeeds, but that collides with best practise when it comes to plaintext-emails... But I'm just being a smartass there :) Back to topic now. And happy new year! Alex. -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.6 (GNU/Linux) iQCVAwUBR3qkfBYlVVSQ3uFxAQJAuwP+J0r+p2tj+qccUYwI5irtbJqSOyVGHVYQ IKL/Q9toEi8aqHrbTZcDDdy26SkiB+5lGtEBtpWzj6FJoU1toX8vYVNYq6Vr1YPr DPfqPpc+C/KtFTYhOGBnzbiuqA1Aq0zQKtW3Ah2GAGID9LkZ4CTCqR/lP+dEI7xX Hn8Slc5Iw8Y= =Pie9 -END PGP SIGNATURE-
Re: Is there something similar like Torbutton FF plugin for the Internet Explorer ?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Ben Stover schrieb: Is there something similar like Torbutton FF plugin for the Internet Explorer ? A quick check on Google revealed: http://www.geocities.com/claudias_za/ http://swodum.com/ Not sure if any of those are any good though. If you test it, give us feedback :) Ben Alex. -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.6 (GNU/Linux) iQCVAwUBR3i+VRYlVVSQ3uFxAQLP8gP/VZjgooMfe/Uh10Kf/KGznSCshxSAZIIS BW5EtBPTkCLLIKGosiFKRxfTXWd3IUfBE/yIj/aKiN411hI1tp9SLM5irRq1gATb B0ZMLF2wMm1yr308u62lfl4mD0VNSpAEeWklW1cqM+hU6jpd6lc1nAe6zWgbF00H 9pEQIQwrkO4= =UesW -END PGP SIGNATURE-
Re: TOR and non-contineous internet connections
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Florian D. wrote: Hi folks, I like the TOR project and want to participate. My question: Is it a good idea to set up a server, which is not connected to the internet contineously? -- i.e. I turn on my computer, when I come home from work and turn it off at bedtime, so it runs several hours a day - is this enough? Each time the server goes down, the session for the user gets interrupted, right? So, where is the line to draw? Every Tor-server helps, although I wouldn't advice you run a Tor-node at home if you want to be an Exit-Node. cheers, Florian Hope that helps, Alex. -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.7 (MingW32) iQCVAwUBR3fi+RYlVVSQ3uFxAQJLhAP/WYOe8FrW8ax4A3xAVWtxSqdq1PM9KUCg Mw724NVx/7yZdSYXLvsmZ1klQrAh9NyKj11/rYTY/TLpj1wPftGWQq8+2kfpBQfr 1bcC7WC9M2hOZcuOyfUl0tpz0SAR/QAPx/32dpfO9l+iuiAjZCgXqYlArz9htJ7o YsXvfejy1G8= =3i5R -END PGP SIGNATURE-
Spam Feedback [was: [ANNOUNCE] Tor-UPNP. Need feedback.]
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Ringo Kamens schrieb: Just so you know, gmail filtered this as spam. Not for my gmail-account though... Comrade Ringo Kamens Alex. -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.6 (GNU/Linux) iQCVAwUBR3S4dBYlVVSQ3uFxAQJmjwQAwW7Q66EhlSHbFhkh6OKZ7pQwzKJsPDAI QCPG1dexS5KxBbYtI0cMZLOPbcNjIQNmBs1O979/dvJ/FZTYsTYC3N3caHWIhf7A GwbGOxthYspBHdnDI7fD2uD6PYDQl0+FJS1a8P8/VBOq1+/jpg51ByulNOxdKGV5 0vZTQ0MbbHE= =gnBm -END PGP SIGNATURE-
Re: Please run a bridge relay! (was Re: Tor 0.2.0.13-alpha is out)
Trying to run a bridge I get the following error: Starting tor daemon: tor... Dec 24 08:13:15.454 [notice] Tor v0.2.0.14-alpha (r12937). This is experimental software. Do not rely on it for strong anonymity. (Running on Linux x86_64) Dec 24 08:13:15.456 [notice] Initialized libevent version 1.1a using method epoll. Good. Dec 24 08:13:15.456 [notice] Opening OR listener on 0.0.0.0:443 Dec 24 08:13:15.456 [warn] Could not bind to 0.0.0.0:443: Permission denied Dec 24 08:13:15.456 [warn] Failed to parse/validate config: Failed to bind one of the listener ports. Dec 24 08:13:15.456 [err] Reading config failed--see warnings above. I sort of understand what the error is saying but I don't know how to fix it. Suggestions? On Sat, Dec 22, 2007 at 05:00:28AM -0500, Roger Dingledine wrote: The harder way is to edit your torrc file manually https://wiki.torproject.org/noreply/TheOnionRouter/TorFAQ#torrc and add the following lines: ORPort 443 BridgeRelay 1 PublishServerDescriptor bridge ExitPolicy reject *:* RelayBandwidthRate 50 KBytes Minor fix: if you use this last line, you'll also want this line RelayBandwidthBurst 50 KBytes --Roger -- Brian
Re: Please run a bridge relay! (was Re: Tor 0.2.0.13-alpha is out)
Brian wrote: I sort of understand what the error is saying but I don't know how to fix it. Suggestions? http://archives.seul.org/or/talk/Dec-2007/msg00284.html ;-) - -- Marco Bonetti Ah, thanks. Now tor started without error. But, how can I tell if the bridge is working? The log file doesn't seem to contain any different messages from when I ran a regular tor server. Does it show up on the various tor server statistics pages as a bridge? Brian
Re: Encrypted Web Pages?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Martin Fick wrote: Yes, but it really is a fairly simple one. I am surprised that HTML does not seem to have some extension to deal with this already. It is not much different from encrypted email concepts, just that the browser needs the ability to do the decrypting instead of your mail program. The simplest fallback may be to simply open the web page with the user's mailer (if their mailer supports that,) Why not simply use the Firegpg-extension for Firefox? Step 1: Open encrypted file in webbrowser http://yalla.ynfonatic.de/media/firegpg-demo/step1.png Step 2: Mark the stuff and chose decrypt http://yalla.ynfonatic.de/media/firegpg-demo/step2.png Step 3: After entering your passphrase, a result-window pops up and shows you the content. http://yalla.ynfonatic.de/media/firegpg-demo/step3.png Obviously that's only working perfectly with text-files, but you could possibly try to make up your own XPI for Firefox. -Martin Alex. -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.7 (MingW32) iQCVAwUBR2a2xxYlVVSQ3uFxAQIP8wP9F++o1A72KA2Ekl4IzfBTjnpq/SbYsOHl 65o7dub/FLq0+yQ8T6iM+DDtkkD2+82ntqtExTx2whTqXi+rPztS819CI6qYzqVt dhnCMEJURnVjklcMTWUQhx3oCMCuGNl8p/StDJD8YY706LD8+SKhMzfoo+uA8KhZ uYMTZ2+S5Ns= =+gxd -END PGP SIGNATURE-
Re: storage privacy (was: Nice quiet, private, anonymous life??)
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 [EMAIL PROTECTED] wrote: I guess you can read one persons attack but are blind to others What attack? And I thought the people on this list were against censorship, unless they, of course, are doing the censoring. I'm trying to follow the thread (which went quite bizarre), but from my personal judgment Andrew is right to tell you that personal attacks are not acceptable. And this has nothing to do with censorship. This is a public list of people discussing Tor and sometimes even politics. But this ain't no place to insult other people. What you encounter here, are opinions which don't match yours. And certainly no one is censoring here. If we'd censor here, we wouldn't even see your posting. THAT'D BE censorship. If you think you're insulted by something Eugene said, tell us - or even better, discuss your problems off-list. Cheers, Alex. -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.7 (MingW32) iQCVAwUBR1s6iRYlVVSQ3uFxAQKq0QP/bKM5vwwZeVG9wtM/41tldL4IjeS4yNCU 4nleLDikGF6Z/WPrpWc458InmYOso5JG1hsbEr16xvutRY1WfuliFUJDSGli6rnv hJa20g4T2qzHnmmRudpxPf5EZNv8WkAMZVZR1kOakbUtpJGpoNrjnKA/6Jn0ansL sKGsy8fIURA= =0QX/ -END PGP SIGNATURE-
Re: storage privacy
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Alexander W. Janssen wrote: [EMAIL PROTECTED] wrote: I guess you can read one persons attack but are blind to others What attack? OK, i swept back through the postings and /dev/ass wasn't nice too. Got that, Eugen? Whatever. Back to business. If you feel inclined to talk out of /dev/ass or you feel like you want to tell someone to fuck him/herself, go off-list. We're publicy offical civilized people after all? And with Sheila Broflovski's words: Senseless violence is allowed as long as it doesn't contain any naughty words. So go and get a gun. Just kidding. Alex. -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.7 (MingW32) iQCVAwUBR1s9kBYlVVSQ3uFxAQIPfQP+Opn+NUBCvi1ELs704L9RbagmHYsU8wcS XCYeHslFAUBNYQi4FCxRuwxFUfH3I3+JpZsJd4eIYDxrdJpUeG8Q8a8wTZTMoo8N JKHnOZ0gl206hnUSFiSL+fGZNDkP4Slw+wtW81AaCYmgAcXN/y4sXfGXkonY8DiF KBuQ0u4LNFA= =6Etk -END PGP SIGNATURE-
Re: storage privacy (was: Nice quiet, private, anonymous life??)
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 [EMAIL PROTECTED] schrieb: Judge: Ok you are to be held in contempt and in jail xyz, until such time as you give us the pass phrase to your data Only a matter of the UK at the moment. Bad enough though. Most data overwrite programs take too long-you do not have that time when they are knocking down your door. That's were strong encryption might work, along with enough entropy to claim that this is random data, and not just encrypted files. I heard, but haven't checked myself, that the truecrypt-suite offers something meeting this requirements. A strong magnetic field close to the hard drive will completely destroy the data making it impossible to recover. I will also probably fuckup the drive mechanism, rendering the drive useless. Someone said consumer demagnetizers were not sufficently strong? How do you know this? Come on, that's just a idea directly from the game Uplink. You know any of those movie-grade-demagnetisers? You might want to check Powerlab's can-crusher[1] though, just for the fun of it ;-) I have not run a tor server, so I do not know the exact requirements. Can it be done from a ram drive? It could, but you'd need to make sure it doesn't swap/page down to disk, which would be bad. Explosives and incendiaries are a poor choice for obvious reasons. Want to add arson and terrorism to your charges? I don't think is was meant to be serious... I am not saying magnetism is the only way or even the best way, but a way, assuming you have recent backups at an undisclosed, secure location. It's the Star Trek way. Go for strong encryption. Everything else is The Science of 24. (As seen on National TV!) Alex. [1] http://www.powerlabs.org/pssecc.htm -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.6 (GNU/Linux) iQCVAwUBR1XC4hYlVVSQ3uFxAQKNUwP6A7kUkr9vtzUVIHDi7xIc/ZxjGLqevdez mXtB+OeuEU1BUwaq2g6haOiu4BWtbDzGZCZobEzvn1bqFCAyWYx4AGXkzb2XR5eN FngV5I/IZe2T7X4cEfxoK7zjQZBGYHdv2o+krVBnL2DpWIZItwKKE/FHWnLbyNBH djWOo3hlxnA= =QJeH -END PGP SIGNATURE-
Re: Help me understand tor with SSL?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Juliusz Chroboczek wrote: Firefox should in principle not use the DNS if network.proxy.socks_remote_dns is set to true (in about:config). Hm, I'm not sure - I thought this option only works if you're using a SOCKS-proxy, e.g. connecting directly to the Tor-socks interface? Is that also true for http-style proxies? Juliusz Alex. -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.7 (MingW32) iQCVAwUBR1MJExYlVVSQ3uFxAQKkpgQAoaO14Cdw+U9XcUKylFkUaT4c6PEoNlWr G8DBZ8BwLtLw31I4mbNI5CwsGiqETG29c1zG0ydfXJHeHoPmCj9b8x7q3/sQpxQn TgDWWlM2pNtx4EkczCQaprkbFjctu66dDk/pI2UYeosEvL26L0rRRqWt2NoAX6gg sP+nszQAyxQ= =gM35 -END PGP SIGNATURE-
Re: Nice quiet, private, anonymous life??
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 [EMAIL PROTECTED] wrote: If I was in your position I might consider putting some bulk demagnetizers near my hard drives with a panic switch, with backups to a secure unknown location. Now this is definitively a bizarre idea... :-) That reminds me of the nuke gateway-function in the game Uplink[1]. Alex. [1] http://www.uplink.co.uk/ -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.7 (MingW32) iQCVAwUBR1MpERYlVVSQ3uFxAQLmXAP9FKqkC/3tqzYVgWK7DwqUlme+nOsMyVXw kPjRjl/vbZAHC1MuRlMsakMP6caKladDpX0JH8nMcNfjmIcDbm7B5qDjmrw6UuVv y+u9f8oNWth1Nv0w7Qty84cTABkrrs/68zwJnLwvUoZwNgBObIftUZcjDKHraazi yHKZyQ51N34= =yQ5u -END PGP SIGNATURE-
Re: [Political/Legal] Passing ideas on German Tor nodes
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 F. Fox wrote: However, let's suppose that we're in a time when German Tor nodes are now actively keeping logs of all connections. What would be the best way to: As I already said in an earlier posting, German Tor nodes won't be starting logging before 1/1/2009 - if they'll log at all - there's still a pending lawsuit against the data retention law in the supreme court. And I bet that there will be a lot civil disobedience when it comes to logging. [... idea ...] So, what if a maximum of one German Tor node were allowed in a circuit? Would that achieve both numbered goals? If that's the idea, than it should only be the middleman node. Entry-node might be possible too, but only if you make sure that this node is the only German node in the circuit. Given the logging, it might be wise to not allow the German node to be the exit node; I'm not sure about the entry guard. Considering the pressure which piled up in the last couple of months in Germany, running an exit-node in Germany is not encouraged anyway. I would think that a German middleman node would be safe, though, right? If it's the only German node in the circuit: Possibly. Alex. -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.7 (MingW32) iQCVAwUBR1Mn5BYlVVSQ3uFxAQK/fQQAqe496ityWEiTZovIazse0XpBusyV0G+8 Zn5mVkZpREl9J0PZ4uKFRB6ydwBZ1TJNFsMIbgHZhhGsJqstGBQBfR8U5gAI2FtS kAEv62vTm8EPBOAUWx7UZKwuekmo2veQD0c5b/t77jaXUph067Qbdnh/7PnqQ7vn ESTZOMavZis= =i84f -END PGP SIGNATURE-
Re: German Tor Legal Fund
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Onion wrote: That's why I'd also prefer a name covering all facets of OR like 'Deutsche Anonymisierserver Initiative - DASI gegen Stasi', with equivalent shorthand expressions ('British [...] Anonymisation Server Initiative' = 'BASI') easy to adapt to areas of other languages. offtopic (ignore at will) Puh, although I get the pun I wouldn't like the Stasi-reference in the organisation's name. After all, the Stasi was an organisation known to abduct and kill, and to harass an entire nation. Though we're just facing some enormous changes in privacy- and security-policy no one in Germany can say that it's as bad as it was with the Stasi. If someone really thinks that way, I'd advice to get a good textbook on history... I have no problems to use references to the Stasi in a polemic context, but to make it your whole slogan wouldn't be fair to the victims of the Stasi. And yes, that also applies to the Gestapo and all the other Godwin-like arguments. /offtopic We're just in the phase of making up the articles of the organisation. The preliminary name for the organisation is Privacy Legal Fund (Germany). Kind regards Onion Alex. -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.7 (MingW32) iQCVAwUBR01bcxYlVVSQ3uFxAQKlwQP/bVCZ+ExdHYJLPCLI+8yCIQw+gMxY7W3P oiWqk8dG/TjhXszAim8lx5lWtDwtC5SylJdDyi6CNkexKIGzOUx2u5zX11PA3ero A1D3cdkRqCkcgvEH0D+hKVVyahZZhICSC7uA5l2Np/ZgQi3RXCVaqAndMQRICakz DZerdIcr2ow= =7Fof -END PGP SIGNATURE-
Re: Tor blocking german nodes
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Andrew wrote: Actually, it might be wise to develop a feature that lets the client choose no more than one node from _any_ country, since other EU countries might use the directive that led to the german law, to pass similar laws. Which means, if you really want to block Tor nodes from countries who make logging mandatory, you should do this for all EU-countries. After all, Germany is only following the EU's demand for such a data retention act. I bet a fiver: If Germany really passes that law and if the Supreme Court doesn't rule against that law, everyone else in the EU will just follow (except maybe Greece...) 'Nuff said. Let's stop the nay saying ;) The law isn't active yet. The law isn't even ratified. And no one even started logging. The lawsuit, which's underway, isn't even filed at the Supreme Court. Yet. We're living in interesting times, but there's no need to overreact. Alex. -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.7 (MingW32) iQCVAwUBR0gLORYlVVSQ3uFxAQJz3QP+JzTLsafsqrl3tHnpJX+5qBuLg1nlXFAR 1eZ7a7G6bpJlB/M2/YlBfOuxB57VkDhdTgAfb4oz0S6VR3SCXH8r4JBxjilUNyEB ZM6i2FtxplovNS1TInMb2pxJUn9asF91Xgov+Ju2DS915sCCWEkMpiG8jen7atuZ 5j8xFP4WIuk= =rT3x -END PGP SIGNATURE-
Re: Tor blocking german nodes
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Martin Senftleben wrote: Am Samstag, 24. November 2007 schrieb Alexander W. Janssen: Andrew wrote: 'Nuff said. Let's stop the nay saying ;) The law isn't active yet. The law isn't even ratified. And no one even started logging. The latter isn't right. There are quite a few companies which log the data of their customers and keep it for quite a while. Well, I was specifically coining that to Tor... I know that some companies - especially T-Com - are reluctant to follow valid legislation, abusing citizen rights - but it's so convenient for the government or people threatening to start a law-suit, that no one tries to stop them. Remember, the Lex Voss isn't available for everyone... Cheers, Alex. -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.7 (MingW32) iQCVAwUBR0gSJxYlVVSQ3uFxAQKR8wQAmBAKxBNe5mKmgJK7k2CWdyHYjAfPCeU0 FUXbEKdUWGiwbZhLt21Xj5PmALO0XdUIZ3fo57QWv+J2vqKIJCQzMdUkxIw/fwmL mq4bJPQWERkCO8ehKLVoKvUBT0L11eFG3QvyxI4PtbPQ85rUic+3R+5/fmit+/AN 7yeSUdRU3hk= =Kxyd -END PGP SIGNATURE-
Re: court trial against me - the outcome
Hi Mirko, that sounds... disastrous. I'm facing the same thing at the moment, a quite similar case - although my lawyer currently tries to fight off an actual case at court, pointing out all the other incidents I suffered of earlier. This stinks. Beihilfe my a**. BTW, I'm currently reading http://www.spiegel.de/politik/deutschland/0,1518,517232,00.html That's stinks too... Good luck for the future. Cheers, Alex. -- I am tired of all this sort of thing called science here... We have spent millions in that sort of thing for the last few years, and it is time it should be stopped. -- Simon Cameron, U.S. Senator, on the Smithsonian Institution, 1901. .
Re: court trial against me -
Am Mittwoch, den 14.11.2007, 21:22 +0100 schrieb TOR Admin (gpfTOR1): Hi Mirko, 1: by German law a Tor node admin is something like an access provider. You are not responsible for your traffic. If the court have only an IP address and you have a tor status log, they have nothing. I'd point it out differently: Supporting a crime - Beihilfe in German - is not someone can accuse you just because you run Tor. My lawyer clearly states, that in order to be guilty of Beihilfe you need to actively support a certain crime. It's not Beihilfe just because you provide the MEANS of a crime. Of some generic crime. It must be a special incidident. However, I can understand why you accepted the fact. A lawsuit is time- and money-consuming. I'm just in the same situation and I already piled up a couple of hundreds of Euros in lawyer-bills which I have to pay myself. On another note, good news: The court decided that I'm entitled for compensation about the illegal search of my house. However, they forgot to mention the arrest, so it's put back to court at the moment. I don't know what that means so far, since being entitled doesn't mean that I'd get any substantial money to cover my laywer-bills. It only says that I can claim back money which arose from physical damages. And lawyer-bills and mental compensation is not physical... However, Mirko, you should consider getting a lawyer and check if you have the chances for an appeal. You need to be found unguilty. It's important for you and for Tor in general. If you need advice, drop me an email off-list. Good luck! Alexander. signature.asc Description: Dies ist ein digital signierter Nachrichtenteil
Re: News orgs should be interested in running tor nodes
Am Mittwoch, den 14.11.2007, 22:48 +0100 schrieb Thomas Hluchnik: Has anyone ever tried to speak with the guys from SPIEGEL, FAZ, Sueddeutsche and so on that they drive own tor nodes? This would be good PR for tor. Hm, not me, althoug I know that some journalist organisations were thinking about running their own Tor-nodes. If not yet, is there anybody who has contact to news orgs? If the great news orgs in germany would have own tor nodes, they would become more sensitive about what we are fighting for. Well... uh... I possibly could do that, although I have quite a lack of spare-time. And we still have the Privacy Foundation in Germany which actually wants to care about that special topic. However, I don't know how far they are and how well organised. But, if there ain't no takers, I might volunteer in doing so. Anyone inclined supporting me? Thomas Alex. signature.asc Description: Dies ist ein digital signierter Nachrichtenteil
German Tor Legal Fund
This is to all german Tor-operators about the possibilty to found a german Tor legal fund. In german. Obviously. Hallo Kameraden, so langsam wird es Zeit. Ich hatte selber schon drei Verfahren gegen mich, die mich jetzt schon viele hundert Euro an Anwaltsrechnung kosten. Heute habe ich von jemanden gelesen, den es in einem Verfahren so richtig erwischt hat: Keinen Freispruch, sondern Einstellung nach §153 StPO. Das kann es doch nicht sein. Um es zusammenzufassen: Das Betreiben eines Tor-Nodes in Deutschland ist (noch) nicht illegal. So etwas wie Beihilfe gibt es nicht. Behilfe muss immer eine konkrete, aktive Tat sein, die es bei Tor in dieser eng definerten Form nicht gibt. Eine Menge Leute haben nun schon mit der Strafverfolgung in der einen oder anderen Art zu Tun gehabt. Es gibt in Deutschland noch keine Organisation, die sich um Leute mit geringen finanziellen Mittel kümmert. Wenn es nicht zu einem Verfahren kommt und man nicht freigesprochen wird, gibt es kaum eine Möglichkeite, irgendwie seine Kosten für die Verteidigung wiederzubekommen. Jedoch habe ich im engeren und erweitertem Bekanntenkreis doch schon festgestellt, dass die Bereitschaft, für solche Vorfälle zu spenden, eindeutig vorhanden ist. Warum nicht einen Verein gründen? Spenden annehmen. Anwälte bezahlen. Operator raushauen. So etwas gibt es in Deutschland noch nicht. Aber es wird Zeit, dass wir so etwas bekommen. Wer hat Zeit und das nötige Aussdauervermögen, so etwas durchzuziehen? Wer kennt sich im Vereinsrecht aus? Wer hat sowas schon einmal gemacht? Ich bin dabei. Ich habe so langsam die Faxen dicke. Man wird von vorne bis hinten so richtig durchgenudelt, obwohl man nur seine Bürgerrechte wahrnimmt. Datenvorratsspeicherung hin oder her: So langsam muss Schluss sein. Anfragen und Angebote bitte per Email *verschlüsselt* direkt an mich: [EMAIL PROTECTED], keyid 90DEE171. Bis bald! Mit Ringos Worten: Kamerad Alex. signature.asc Description: Dies ist ein digital signierter Nachrichtenteil
Re: German Tor Legal Fund
Am Donnerstag, den 15.11.2007, 00:58 +0100 schrieb [EMAIL PROTECTED]: Hi, Hi! Warum nicht einen Verein gründen? Spenden annehmen. Anwälte bezahlen. Operator raushauen. So etwas gibt es in Deutschland noch nicht. Aber es wird Zeit, dass wir so etwas bekommen. Das verstehe ich jetzt nicht. Sollten genau diese Aufgaben nicht auch durch die German Privacy Foundation e.V i.Gr. http://www.privacyfoundation.de/ wahrgenommen werden bzw. war das nicht ihre ursprüngliche Motivation? Nicht, dass ich wüsste. Soweit ich weiss, will sich die Pricacy Foundation auf Lobbyarbeit beschränken. Das ist zumindestens mein letzter Kenntnisstand. Auf der Webseite steht: In Ausnahmefällen bietet die German Privacy Foundation e.V. auch Rechtsbeistand für private Betreiber von Anonymisierung-Servern. Aber ich bin eher für einen Verein, der sich hauptsächlich darum kümmert. Aber wenn die Privacy Foundation sich dort mehr engagieren will, ist das doch gerne gesehen! Aber so Ad-Hoc sehe ich dort keine finanzielle Hilfe für Tor-Admins. In wie fern man auch Ausnahme definieren mag. Das lässz sich ja bestimmt auch kombinieren. Gruss, Alex. signature.asc Description: Dies ist ein digital signierter Nachrichtenteil
Re: German Tor Legal Fund
Am Donnerstag, den 15.11.2007, 01:19 +0100 schrieb [EMAIL PROTECTED]: [... Privacy Foundation ...] Ich habe gerade eine Anfrage an die Privacy Foundation geschickt und sie gebeten, mir zur erklären, was folgender Passus[1] bedeutet: In Ausnahmefällen bietet die German Privacy Foundation e.V. auch Rechtsbeistand für private Betreiber von Anonymisierung-Servern. Gruss, Alex. [1] http://www.privacyfoundation.de/index.php?id=37 signature.asc Description: Dies ist ein digital signierter Nachrichtenteil
Re: no traffic?
On 11/3/07, Udo van den Heuvel [EMAIL PROTECTED] wrote: Udo van den Heuvel wrote: Alexander W. Janssen wrote: no peaks. Why is the traffic like it is? No idea. Did you ever update/restart your Tor-server? Could you share your MRTG-grahps with us? http://pindarots.xs4all.nl/mrtg/tor.html Any insights after seeing the graphs? Not really, no. Have you ever updated/restarted the Tor-software? Alex. -- I am tired of all this sort of thing called science here... We have spent millions in that sort of thing for the last few years, and it is time it should be stopped. -- Simon Cameron, U.S. Senator, on the Smithsonian Institution, 1901. .
Re: no traffic?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 10/31/07, Udo van den Heuvel wrote: Hello, Hi! In my mrtg graphs I see fair traffic until april, then less traffic until august and after august it is 2xx bytes/s in average with almost no peaks. Why is the traffic like it is? No idea. Did you ever update/restart your Tor-server? Could you share your MRTG-grahps with us? Udo Alex. - -- I am tired of all this sort of thing called science here... We have spent millions in that sort of thing for the last few years, and it is time it should be stopped. -- Simon Cameron, U.S. Senator, on the Smithsonian Institution, 1901. . -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.7 (MingW32) Comment: http://firegpg.tuxfamily.org iQCVAwUBRykT7hYlVVSQ3uFxAQL+rwP+OqeTwV5KvNDafvmo0DcqtTm2z13lYhGk SaGGAJ+WxZubWdce3XOAmDo80Iby7z4wLbcqMuq1NTBYs4DT0OW6hbSSrkq7dyyX 8dwHnG1zSHH+NU8lxNEV9mtaFos9Tbs+FX4Ta4nGB76jdTQAVm/4XBuxWK1VGXco DtN3oyBpLys= =RTBm -END PGP SIGNATURE-
Re: The Observer - Ten ways to thwart Big Brother
On 10/30/07, Florian Reitmeir [EMAIL PROTECTED] wrote: Hi, On Mon, 29 Oct 2007, Dave Page wrote: http://observer.guardian.co.uk/comment/story/0,,2200579,00.html Mentions xB browser for anonymous browsing. and how is this Tor related? xB is the new name for Torpark. http://support.xerobank.com/wiki/doku.php?id=faq Alex. -- I am tired of all this sort of thing called science here... We have spent millions in that sort of thing for the last few years, and it is time it should be stopped. -- Simon Cameron, U.S. Senator, on the Smithsonian Institution, 1901. .
Re: Tor Defcon Talks
On 10/15/07, Gregory Maxwell [EMAIL PROTECTED] wrote: I don't intend to troll... but wouldn't be ..er better if playing the videos didn't require using Flash? My mplayer plays downloaded Flash-videos just fine. Alex. -- I am tired of all this sort of thing called science here... We have spent millions in that sort of thing for the last few years, and it is time it should be stopped. -- Simon Cameron, U.S. Senator, on the Smithsonian Institution, 1901. .
Re: dns_cancel_pending_resolve() message
On 9/29/07, Watson Ladd [EMAIL PROTECTED] wrote: English is not easy, nor is it a lingua franca. Everybody knows that Elbonian is the lingua franca in IT. Watson Ladd Scnr, Alex. -- I am tired of all this sort of thing called science here... We have spent millions in that sort of thing for the last few years, and it is time it should be stopped. -- Simon Cameron, U.S. Senator, on the Smithsonian Institution, 1901. .
Re: About HTTP 1.1 Cache
The easiest solution would be just using different browser-profiles and run them simultaneously. One for Tor, one for everything else. Cheers, Alex. -- I am tired of all this sort of thing called science here... We have spent millions in that sort of thing for the last few years, and it is time it should be stopped. -- Simon Cameron, U.S. Senator, on the Smithsonian Institution, 1901. .
Re: Load Balancing
On 9/21/07, Arrakis [EMAIL PROTECTED] wrote: Does Tor care about the destination of the TCP request, when deciding to make a new circuit, and thus will use one because it is already dirtied by that domain? s/domain/IP-address ? However, that's all up to the implementation of the internal SOCKS-proxy, too! Just think: Your browser might send out 6 different requests in different connections, but you don't know what the SOCKS-interface of Tor makes of it... It might try to be clever and queue it up to a single circuit. Not that this is bad, but interesting to know. If we get an answer, we should put that up to the Tor Tech FAQ. It's a pretty interesting question. Steve Alex. -- I am tired of all this sort of thing called science here... We have spent millions in that sort of thing for the last few years, and it is time it should be stopped. -- Simon Cameron, U.S. Senator, on the Smithsonian Institution, 1901. .
Re: Arrested/surveillance/etc Tor-operators (was: [Fwd: Re: I break the silence: My arrest])
Hi! On 9/18/07, xiando [EMAIL PROTECTED] wrote: A question to all Tor-operators: I'd like to do a survey about all incidents which happened to operators. Stuff like: * arrested * confiscated equippment * nastygram * surveillance * ... What would be possible other questions/point in the survey? I was put under surveillance and tortured by the Nowegian Security Police. Note that this is why I now run Tor-servers, not the other way around (I just assumed it would be a good thing to include in the survey). What does torture mean in your case? Alex. -- I am tired of all this sort of thing called science here... We have spent millions in that sort of thing for the last few years, and it is time it should be stopped. -- Simon Cameron, U.S. Senator, on the Smithsonian Institution, 1901. .
Re: time needed to register a serve
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Funny, I was just coming to post this same question :) I sent my first request to add a new node (BinaryBLENDER) on August 23rd, and then sent a follow-up today . . . still no named flag in the directory. I would be happy to assist if there's a backlog of requests and a need for volunteers to clear them. Robert -BEGIN PGP SIGNATURE- Version: PGP Desktop 9.6.3 (Build 3017) wj8DBQFG8LWrB7FAVdwjg9QRAgLnAJ9RcGutXPQ1g9v3Xy6gpVw0waT/hQCdGYx3 qzHZPS+bBgnSXfVSKSutdzM= =F8So -END PGP SIGNATURE- On Sep 18, 2007, at 1:06 AM, Scott Bennett wrote: Does anyone have a sense of the current processing delay in registering a server? I ask only because I sent off the registration information to [EMAIL PROTECTED] last Thursday evening, 13 Sept., and my server is still showing up in the status documents without the Named flag in them. It's not a big deal; I'm just curious. Processing of flight instructor certificate renewals is now said to take more than six months, and the certificates have to be renewed every 24 months. (Your tax dollars at work, of course. :-) Scott Bennett, Comm. ASMELG, CFIAG ** * Internet: bennett at cs.niu.edu * ** * A well regulated and disciplined militia, is at all times a good * * objection to the introduction of that bane of all free governments * * -- a standing army. * *-- Gov. John Hancock, New York Journal, 28 January 1790 * **
Re: What do you think about this exit policy for germany?
Just one contra: Supporting $some_crime always means that you knew about that certain case they're suing you about. Since you can only know about something if you start sniffing - which is strictly forbidden - you can't possibly know about a direct certain crime. Unless you were it yourself, using your own Tor exit-node, trying to veil yourself behind this clever coupe. (yes, that's what one policeman thought of me once...) However, that doesn't protect you from Mickey Mouse investigation. Any lawyers here who can confirm/dissect my argument? Alex. -- I am tired of all this sort of thing called science here... We have spent millions in that sort of thing for the last few years, and it is time it should be stopped. -- Simon Cameron, U.S. Senator, on the Smithsonian Institution, 1901. .
Re: I break the silence: My arrest
On 9/16/07, Juliusz Chroboczek [EMAIL PROTECTED] wrote: http://itnomad.wordpress.com/2007/09/16/tor-madness-reloaded/ Alex, perhaps you or somebody could put up a web page, in German, that explains in simple terms what Tor is about, aimed at explaining to the average German police officer what tor is about. This might (or might not) prove useful if other German tor operators get into a similar kind of situation. Actually what'd be more useful would be something like a tag in the whois-database... But the average copper would probably either ignore or not understand it :-( Juliusz Alex. -- I am tired of all this sort of thing called science here... We have spent millions in that sort of thing for the last few years, and it is time it should be stopped. -- Simon Cameron, U.S. Senator, on the Smithsonian Institution, 1901. .
Re: I break the silence: My arrest
On 9/16/07, Ryan Wagner [EMAIL PROTECTED] wrote: There's still the possibility that a server op is using their Tor node as a scapegoat and really is doing bad things (I don't mean to imply that's the case here). Even if the police know that their suspect is running a Tor node, what Tor is, and what it's used for, they're still going to investigate him. All we can hope for is that they'd be a bit nicer about it. Actually one guy from the police exactly asked me: Can you prove that the traffic is really from Tor and someone else and not from your pretending this was Tor traffic? F*ck! This is insane. If i'd be an evildoer I would use *every other* exitnode, but not mine! Why should I use mine? There'd be a chance that they kick down my door! I'd handcraft my torrc in a way to blacklist my very own node. And why on earth should I, as the suspect, prove myself unguilty in that case? I can't! There's a saying: Innocent until proven guilty. And it's good that way. I don't need to prove my innocense. THEY have to prove I'm guilty! Never forget that. It's the law. It's a stupid idea. Sorry. Bollocks. Alex. -- I am tired of all this sort of thing called science here... We have spent millions in that sort of thing for the last few years, and it is time it should be stopped. -- Simon Cameron, U.S. Senator, on the Smithsonian Institution, 1901. .
Re: I break the silence: My arrest
On 9/16/07, Ringo Kamens [EMAIL PROTECTED] wrote: Is there any way that people can donate to help cover your legal fees? I'll commit to one US dollar. If half the people who read this message did that, it would at least take a small chunk out of that mountain of legal fees you're facing. Also, have you talked to the CCC (ccc.de) about this? They might be able to help. Hi Ringo, thanks for your offer, but I'm able to sort this out on my own. However, your offer is valid and some kinda Tor Legal Fund (which was discussed earlier) would make sense. There are still some open cases (like morphiums's case, a student) which could need monetary help. However, I'm not a lawyer and I don't know anything about how to set up such a thing. It's be easy to set up a Paypal-account, but it'd be not non-profit, means someone's got to pay taxes for this. Any takers? Comrade Ringo Kamens Alex. -- I am tired of all this sort of thing called science here... We have spent millions in that sort of thing for the last few years, and it is time it should be stopped. -- Simon Cameron, U.S. Senator, on the Smithsonian Institution, 1901. .
Re: I break the silence: My arrest
On 9/16/07, Ringo Kamens [EMAIL PROTECTED] wrote: If you set up a paypal account I would be willing to donate on a case-by-case basis (in this case, it would be to help with your legal fees). I think even if you don't need help with legal fees by receiving donations from all across the world it sends the message to German authorities that harassing and attacking tor node operators is not acceptable. Also, being able to mail in money would also be nice ; ) Well. There's an EFF Europe now and it has a coordinator, Erik Josefsson, who's in cahrge with it. Maybe we should contact him and let all the funds ran over the european EFF? Erik, you're listening? Is there any possiblity to create a legal fund? (Problem is: At leat german organisations can't accept donations tax-free from foreign countries. Also I'd like to see someone official in charge rather than some person - like me, who is pretty much unkown and not trustworthy when it comes to money.) Comrade Ringo Kamens Alex. -- I am tired of all this sort of thing called science here... We have spent millions in that sort of thing for the last few years, and it is time it should be stopped. -- Simon Cameron, U.S. Senator, on the Smithsonian Institution, 1901. .
Re: [german] Suche Strafrechtler (Vorwurf: Verbreitung KiPo)
The interesting part in english: 1) The state filed two cases against me. There are ongoing investigations for multiple accusations. 2) I'm OK. 3) I have a competent lawyer. 4) I've shut down my server wormhole to protect my family. 5) Don't gossip. I'll break the news when I know I'll be safe. To the press: I won't comment on it. On a sidenote, I just came back from the Linuxbeerhike 2007 in Crete, where I gave a talk about the legal implications when running a Tor-node. The slides are here: http://yalla.ynfonatic.de/media/lbw2007/tor_talk-LBW2007.pdf Feedback is welcome. Alex. -- I am tired of all this sort of thing called science here... We have spent millions in that sort of thing for the last few years, and it is time it should be stopped. -- Simon Cameron, U.S. Senator, on the Smithsonian Institute, 1901. .
Re: [german] Suche Strafrechtler (Vorwurf: Verbreitung KiPo)
Hallo! (german - sorry) On 9/8/07, TOR Admin (gpfTOR1) [EMAIL PROTECTED] wrote: wormhole ist bereits offline und braucht evtl. Hilfe Ich will hier einmal proaktiv ein paar Informationen abgeben, um Gerüchten, Spekulationen und der allgemeinen Paranoia zuvorzukommen: 1) Ja, gegen mich wird momentan in zwei verschiedenen Fällen ermittelt, einer ist mir heute morgen erst ins Haus geflattert - der andere ist schon sechs Wochen alt. Details will ich noch nicht nennen. Mein Anwalt hat noch keine Akteneinsicht. 2) Ja, wormhole ist offline und wird es auch zunächst bleiben; ich habe Familie, der ich momentan nicht noch mehr Druck zumuten kann. 3) Ich habe kompetenten Rechtsbeistand. 4) Mir geht es gut. 5) Bitte keine Gerüchte, Mutmassungen etc. an die Presse kolportieren. Wenn es Neuigkeiten gibt, werde ich diese selber nennen. Falls die Presse mitliest: Anfragen sind zwecklos, ich werde keinen Kommentar abgeben. Details, wenn ich sie nennen kann. Es wird Zeit, eine Organisation für TOR-Admins zu bilden, an die man sich wenden kann. Wir bräuchten Anwälte, Journalisten Dazu gibt es schon einige Ideen von verschiedensten Leuten. Ich werde aber erst einmal meinen Kopf unten halten. Ich komme gerade von der Linuxbierwanderung 2007 wieder, wo ich einen Talk über die rechtliche Aspekte gehalten habe. Wen es interessiert, die Slides sind hier: http://yalla.ynfonatic.de/media/lbw2007/tor_talk-LBW2007.pdf Gruß Alex. -- I am tired of all this sort of thing called science here... We have spent millions in that sort of thing for the last few years, and it is time it should be stopped. -- Simon Cameron, U.S. Senator, on the Smithsonian Institute, 1901. .
Re: Proposal of a new hidden wiki
On 8/7/07, Frozen Flame [EMAIL PROTECTED] wrote: Hello, guys. Hi! Is anyone interested on the return of the hidden wiki? Fire at will. Alex. -- I am tired of all this sort of thing called science here... We have spent millions in that sort of thing for the last few years, and it is time it should be stopped. -- Simon Cameron, U.S. Senator, on the Smithsonian Institute, 1901.
Re: Tor Server Behind Reactive Firewall
On 5/19/07, Rouslan Nabioullin [EMAIL PROTECTED] wrote: Will a reactive firewall affect a middle-node Tor server? I am planning to use a Smoothwall Linux firewall with the reactive mod (http://community.smoothwall.org/forum/viewtopic.php?t=8206). Well, what does reactive mean? I just had a short look at it and those p2p.rules files seems to be covering what's mentioned at http://www.snort.org/vrt/docs/ruleset_changelogs/changes-2006-04-12.html. Tor isn't explictly mentioned there. But who knows what kind of rules were included in the meantime, so you should check that beforehand. I am concerned since when I ran a Tor server with Smoothwall, there were hundreds of entries logged in IDS (intrusion detection system). What kind of messages? Would be nice if you could share them so that a Tor-specific rulefile could be created (if someone not already did that?) Try the Yahoo! Mail Beta. No. :-) Cheers, Alex. -- I am tired of all this sort of thing called science here... We have spent millions in that sort of thing for the last few years, and it is time it should be stopped. -- Simon Cameron, U.S. Senator, on the Smithsonian Institute, 1901.
To the operator of the node AoF
OK, that's half off-topic, sorry for that. To the operator of the node AoF: You didn't give any contact-info, so I try to reach you on this way: Your node doesn't seem to work very well, the squid-proxy you're using ran out of sockets. If you try to use your node, you'll always end up with the error-message: --- snip --- ERROR The requested URL could not be retrieved While trying to retrieve the URL: http://www.heise.de.aof.exit/ The following error was encountered: * Socket Failure The system returned: (99) Cannot assign requested address Squid is unable to create a TCP socket, presumably due to excessive load. Please retry your request. --- snap --- Ulimits too low? Or the fault of your upstream-provider...? Hope that helps... Alex. -- I am tired of all this sort of thing called science here... We have spent millions in that sort of thing for the last few years, and it is time it should be stopped. -- Simon Cameron, U.S. Senator, on the Smithsonian Institute, 1901.
Re: LiveCD For Testing
Hi all, since the tracker Robert used went down, I set up a tracker elsewhere. The torrent Metafile can be accessed at http://yalla.ynfonatic.de/media/TorLiveCD-TestingOnly.iso.torrent The md5sum of the ISO is 0843b24fb08edf6e0ef64f82083e041b and it would be good if Robert could confirm that. I'm currently seeding with two machines, but I'm going to take the second seeder down as soon as other people joined in to save bandwidth; I noticed that a couple of people already completly downloaded the ISO, so there's no need to download it again. Starting your Client in the same directory where the original ISO is stored is enough. Cheers, Alex. -- I am tired of all this sort of thing called science here... We have spent millions in that sort of thing for the last few years, and it is time it should be stopped. -- Simon Cameron, U.S. Senator, on the Smithsonian Institute, 1901.
Re: Is this for real?
On 3/31/07, Karsten Loesing [EMAIL PROTECTED] wrote: But who knows? Perhaps they have multiple strategies? :) Sorry, I can't help myself, but I'm tempted to rename my node to something intriguing just for the fun of it. Fear and Loathing in Fort Meade :) Names mean nothing. Karsten Alex. -- I am tired of all this sort of thing called science here... We have spent millions in that sort of thing for the last few years, and it is time it should be stopped. -- Simon Cameron, U.S. Senator, on the Smithsonian Institute, 1901.
Re: Tor server crashes on a Linksys WRT54GL
Well what you could do is remote-debugging. Follow instructions to build gdb-sever for OpenWRT: http://forum.openwrt.org/viewtopic.php?pid=29712 Install gdb-server Run gdb-server on your WRT: # gdb-server $ip:12345 /path/to/tor $myoptions (Tor won't start immediately but will wait for a cont on the remote-debugger) Set ulmits and run gdb an another machine on the network: $ ulimit -c unlimited # or whatever you consider a sane value $ gdb (gdb) target remote $ip:12345 # connect to WRT (gdb) cont # run Tor ...wait for crash and note output... (Note: In the referenced URL above are more architecture-specific notes for the WRT. I haven't tried this myself) No idea if that will result in anything, but it might give some information about what's really going on - like if it's a memory-issue or something else. If the programm crashes with a SEGFAULT or something, type bt in the remote gdb-session to show the backtrace. Will be a lot of work, but maybe it's worth it. HTH, cheers, Alex. On 3/14/07, Mark Furner [EMAIL PROTECTED] wrote: Hi Roger The WRT54GL has about 16MB RAM. I was using an OpenWRT package of TOR version, 0.1.0.17. There is no gcc etc. on the box, and I doubt whether the thing could be compiled on it: will TOR run on such as puny system? Thanks for the tips about bandwidth changes. If I ever get this thing working, I could donate more bandwidth when I ought be sleeping... BTW nmap can scan higher port nos if you set with a port range (-p1-65535 ) but I take your point about netstat (on the box itself). Thanks for the tips Mark On Wednesday 14 March 2007 08:20, Roger Dingledine (Roger Dingledine [EMAIL PROTECTED]) may have written: On Wed, Mar 14, 2007 at 07:57:24AM +0100, Mark Furner wrote: I am experimenting with a tor server on my Linux router, but it starts 5 processes and hogs all my CPU before crashing. Try the 0.1.2.10-rc release -- it will start only 2 processes and then hog all your cpu. ;) I am using a Linksys WRT54GL with OpenWRT (White Russian RC6). How much ram does your linksys have? I hear they have been selling them with less and less ram to discourage people from using them for anything, so the newer it is the less likely it will run Tor (or heck, Linux) well. An nmap scan did not show the port open (I have opened TCP ports 9001 and 9030 on my firewall). Any tips so I can get this working? nmap won't scan all the ports. It is the wrong tool for that purpose. Try netstat instead. I would like to donate more bandwidth during the night, and think I could start/stop the tor server with a different torrc config file. If someone has a better idea how to do this, then please also let me know. You may find http://wiki.noreply.org/noreply/TheOnionRouter/CronBandwidthLimit or http://wiki.noreply.org/noreply/TheOnionRouter/BandwidthLimitChangeControll er helpful. Thanks for any help or pointers, Good luck, --Roger -- x-x-x-x-x-x-x-x-x-x-x-x-x Mark Furner, PhD Lärchenstr. 39 CH 8400 Winterthur Switzerland T. 0041 (0)78 641 15 92 E. [EMAIL PROTECTED] -- I am tired of all this sort of thing called science here... We have spent millions in that sort of thing for the last few years, and it is time it should be stopped. -- Simon Cameron, U.S. Senator, on the Smithsonian Institute, 1901.
Re: Security Focus story
On 3/9/07, Eugen Leitl [EMAIL PROTECTED] wrote: On Fri, Mar 09, 2007 at 08:37:58AM +0100, Alexander W. Janssen wrote: If TOR would legally qualify as an ISP, we're in deep trouble. We don't provide access to the Internet, and we're not charging for it. Last time I looked the data retention laws also allowed a loophole for very small providers. I hope so, although I wonder how small will be defined. How would you tell how many users your have on your TOR-node? Keyword: the upcoming data-retention laws in Europe. Even if you ran a Tor node with logging, and you gave BKA a slice for the time window they ask you for, that would be quite useless. No; the point is if you'd qualify as an access provider you need to enable relevant logging. ETSI already defined interfaces and data-sets which would come quite handy. But I agree with you: The law isn't here yet. Alex. -- I am tired of all this sort of thing called science here... We have spent millions in that sort of thing for the last few years, and it is time it should be stopped. -- Simon Cameron, U.S. Senator, on the Smithsonian Institute, 1901.
Re: Security Focus story
On 3/9/07, James Muir [EMAIL PROTECTED] wrote: http://www.securityfocus.com/news/11447 A quote which worries me: Tor servers meet the definition of an Internet service provider, which means that operators are not required to know what data passed through the server, said Kevin Bankston, staff attorney with the Electronic Frontier Foundation (EFF) If TOR would legally qualify as an ISP, we're in deep trouble. Keyword: the upcoming data-retention laws in Europe. Alex. -- I am tired of all this sort of thing called science here... We have spent millions in that sort of thing for the last few years, and it is time it should be stopped. -- Simon Cameron, U.S. Senator, on the Smithsonian Institute, 1901.
Re: Building tracking system to nab Tor pedophiles
OK, we heard a lot of technical details, I'll cover the non-tech part of it. On 3/7/07, Fergie [EMAIL PROTECTED] wrote: Comments? Yes, it's stupid. First, the legal issues. What he does is overtaking a TOR-user's machine by malicious code. He's accusing people of being childporn consuments based on the fact that *some* childporn keyword was found - we all know how good that works! (just have a look at the available internet filtering-software out there). I don't know about other countries legislations but evidences which weer gathered illegally are worth shit at court. So if you got a real child molester he'll be found not guilty and when you find just some innocent dude you're still going to destroy his personal life. Just the rumor oh, that dude does child-porn is enough to destroy a lot of personal relationsships. Secondly: It's harming the TOR-project in two ways: * TOR will lose valuable reputation and the rest of the world will denounce us of bigotry. * If the anti-child-porn patch will be applied the next lobby-group will demand a backdoor. Why not the PETA? They could as for all customers who bould furry clothes online. It's for the animals! Why not the RIAA or MPAA? It's for the better good and the artists! The idea is - and sorry for my language - a big pile of crap. Just my 2c, Alex. -- I am tired of all this sort of thing called science here... We have spent millions in that sort of thing for the last few years, and it is time it should be stopped. -- Simon Cameron, U.S. Senator, on the Smithsonian Institute, 1901.
Re: Running Tor on a v-server with limited number of TCP sockets
On 2/21/07, Stephan Walter [EMAIL PROTECTED] wrote: Is this a bad thing to do? (Apart from getting lots of warning messages in the log file?) Of course I don't want to cause any problems on the Tor network. From a pragmatic point of view that would also mean that you wouldn't be able to log in from remote if TOR gobbles up all sockets. Gee, what a crippled machine... No idea what influence that has regarding TOR in general, as a network. But certainly you can't harm established circuits, it just prevents new circuits being build up - that affects your local TOR-software, rather than the whole net. I guess. Regards, Stephan Alex. -- I am tired of all this sort of thing called science here... We have spent millions in that sort of thing for the last few years, and it is time it should be stopped. -- Simon Cameron, U.S. Senator, on the Smithsonian Institute, 1901.
Stephen Soghoian on U.S. Gov't Attitudes Toward Tor
University of Indiana graduate student Stephen Soghoian, against whom the U.S. Government considered filing criminal charges stemming from an airline boarding pass generator that he posted on-line, in the 28 November 2006 entry of his weblog,/ slight paranoia http://slightparanoia.blogspot.com/,/ comments among other things, on the attitude of federal investigators toward the Tor project: The Feds (at least those that I met) fundamentally disagree with me on many subjects - the role that researchers, academics, and common citizens take in studying, criticizing and pointing out the flaws in our security systems. I have been laying the groundwork for some Tor http://tor.eff.org related research at Indiana University (pending approval from the University Counsel) - in fact, two of Tor's designers are visiting researchers at IU this year. It was made perfectly clear during the meeting that parts of the US government, at least the two represented at the meeting, strongly disapprove of Tor - and in particular, thought that research universities such as IU, MIT, Georgia Tech, Harvard and others http://proxy.org/tor.shtml have no business supporting such projects.
Correction: CHRISTOPHER Soghoian on U.S. Gov't Attitudes Toward Tor
Sorry, Mr. Soghoian's first name is Christopher, not Stephen. -- University of Indiana graduate student Stephen Soghoian, against whom the U.S. Government considered filing criminal charges stemming from an airline boarding pass generator that he posted on-line, in the 28 November 2006 entry of his weblog,/ slight paranoia http://slightparanoia.blogspot.com/,/ comments among other things, on the attitude of federal investigators toward the Tor project: The Feds (at least those that I met) fundamentally disagree with me on many subjects - the role that researchers, academics, and common citizens take in studying, criticizing and pointing out the flaws in our security systems. I have been laying the groundwork for some Tor http://tor.eff.org related research at Indiana University (pending approval from the University Counsel) - in fact, two of Tor's designers are visiting researchers at IU this year. It was made perfectly clear during the meeting that parts of the US government, at least the two represented at the meeting, strongly disapprove of Tor - and in particular, thought that research universities such as IU, MIT, Georgia Tech, Harvard and others http://proxy.org/tor.shtml have no business supporting such projects.
Re: tor bandwith ratio
On Fri, Oct 13, 2006 at 02:45:39PM +0200, gabrix wrote: I have this in my iptables script: # TOR iptables -t mangle -A PREROUTING -p tcp -m tcp --dport 9090 -j MARK --set-mark 2 iptables -t mangle -A PREROUTING -p tcp -m tcp --dport 9090 -j RETURN iptables -t mangle -A PREROUTING -p tcp -m tcp --dport 9091 -j MARK --set-mark 2 iptables -t mangle -A PREROUTING -p tcp -m tcp --dport 9091 -j RETURN as 2 tor has a high priority,now is on 5 . Uhhh... What is that supposed to do? I only see that you mark the traffic, then immediately leaving the chain. Only marking them doesn't do anything. You usually mark the traffic if you want to handle it differently later, either with the mark-match inside iptables again, via the fwmark-option in iproute2 or tc. An another question is :if i announce port 110 and redirect traffic to 9090 which port shall i consider as priority in the above iptables ? Silly question isn't ? If you're going to redirect the traffic you won't acchieve anything - you need to consider the way the packets traverse through the indiviudal chains inside the Netfilter framework. 1) Packet enters machine 2) Packet enters mangle-table, PREROUTING chain (you may MARK here) 3) Packet enters nat-table, PREROUTING chain (DNAT/redirection happens here) 4) Packet enters Linux routing-code (tc and iproute2 use fwmark here) (*) 5) Packet enters filter-table, FORWARD chain (usual filtering-rules) 6) Packet enters mangle-table, POSTROUING chain (do some stuff) 7) Packet enters nat-table, POSTROUTING chain (SNAT and MASQUERADE) Coming back to your question: Since redirecting happens in step 3 you already missed the point where the packet got marked. Therefore: No, that won't happen. You'd need to mark the packet in the PREROUTING chain of the mangle-table onto port 110, and THEN redirecting it. That's the way it work with the Netfilter stuff. Where and how are you actually accessing the packets you've marked with MARK previously? I repeat: Only MARKing does nothing. It just puts a label on the packet to identify the packets in other parts of the kernel. Alex. (*) I'm not sure where tc integrates itself; but i think that happens in the routing-code. Please correct me if I'm wrong. However, that doesn't help you with your MARK and DNAT problem. -- I am tired of all this sort of thing called science here... We have spent millions in that sort of thing for the last few years, and it is time it should be stopped. -- Simon Cameron, U.S. Senator, on the Smithsonian Institute, 1901. signature.asc Description: Digital signature
Re: Tor 0.1.2.2-alpha is out
Hi! On Mon, Oct 09, 2006 at 06:49:09PM -0400, Roger Dingledine wrote: - Workaround for name servers (like Earthlink's) that hijack failing DNS requests and replace the no-such-server answer with a helpful redirect to an advertising-driven search portal. Also work around DNS hijackers who helpfully decline to hijack known-invalid RFC2606 addresses. Config option ServerDNSDetectHijacking 0 lets you turn it off. Is that related to our lengthy More bad tor server? thread? Thanks a lot and keep up your good work! Alex. -- I am tired of all this sort of thing called science here... We have spent millions in that sort of thing for the last few years, and it is time it should be stopped. -- Simon Cameron, U.S. Senator, on the Smithsonian Institute, 1901. signature.asc Description: Digital signature
Re: Analyzing TOR-exitnodes for anomalies
On Wed, Oct 04, 2006 at 08:45:03PM -0400, Claude LaFrenière wrote: Hmmm... Bogus exit nodes or bogus DNS servers ? One or the other way, brute forcing my way through all exit-nodes should reveil it. Hopefully... Is it possible that the strange side effects comes, not from the exit nodes themselves, but from the DNS server used by these exit nodes ? Could be either way. Things which popped up in my mind: 1) DNS poisoning 2) Exit-node is behind a transparent proxy which is compromised or modified in some way 3) Outbound traffic from the exit-node gets DNATed away by some firewall Things you could do: 1) Replacing complete websites with link-farms (that's what happened me) 2) Using a modified web-proxy which insert advertisement into the HTML-code (possible, it's exactly the reverse of what Privoxy does) 3) Filter content 4) Replacing valid downloads by trojaned versions 5) Replace all pictures of a website with a picture of the goatse-man... 6) Modifying text in a subtle way using simple lex-programs (e.g. replace all must by could or police by SS) 7) insert favourite attack here Our suspicions about bogus exit nodes must be based on facts so I suggest to collect information about this issue here. My first run during the night was not very successful, most of the exitnodes refused to talk to me. I'm in timezone GMT+2 and that's pretty normal for that time of the day, I started another scan just minutes ago. Usually the TOR-network is not that congested in the morning. What we can do is to report any strange side effect including: the link to the web site the resulting link with the redirection like the ones we're talking about the exit node used to access this web site Aye. Claude LaFrenière Alex. -- I am tired of all this sort of thing called science here... We have spent millions in that sort of thing for the last few years, and it is time it should be stopped. -- Simon Cameron, U.S. Senator, on the Smithsonian Institute, 1901. signature.asc Description: Digital signature
Re: Analyzing TOR-exitnodes for anomalies
On Thu, Oct 05, 2006 at 09:31:47PM +0800, Deephay wrote: Also, the logo linux-magazine.com what you need, when you need it is a image or just text? Exactly the same page is at http://www.wdr.tv/. The content of that page is (gathered with tcpdump): frameset rows=100%,* frameborder=no border=0 framespacing=0 frame src=http://searchportal.information.com/?a_id=20223domainname=wdr.tv; /frameset I don't know what the variable a_id is about - maybe a customer-id? However, domainname can be set to any arbitrary value. This seems to be the company behind it: http://oversee.net/ Maybe it is a DNS poisoning job, maybe some guy runs a local DNS server as well as a tor node to make some profit by directing us to this bogus linux-magazine? Interesting. Maybe, that would be an explantion considering how the searchportal-thing is working. However, I'm 75% through my second run with no results so far. Will keep you updated. Deephay Alex. -- I am tired of all this sort of thing called science here... We have spent millions in that sort of thing for the last few years, and it is time it should be stopped. -- Simon Cameron, U.S. Senator, on the Smithsonian Institute, 1901. signature.asc Description: Digital signature
First results of analysis
Hi all, i checked 1161 nodes in total. 269 of them where responsive exit-nodes, all behaving correctly. 9 exitnodes where responsive, but their had some proxy installed which didn't behave quite correct when you accessed a webpage with the notation original.url.$nodename.exit; the error-messages varied from could not resolve (looks like a DNS-leak to me) over 502 Bad Gateway through 502 Proxy Error. However, in my list of exit-nodes i couldn't find any host which showed the described behaviour. My test-URL was http://www.linux-magazine.com/. So there is still some space left for discussion: Did i miss the bad or banned exitnode? I tend to agree with Claude; at the moment it doesn't seem likely that we have some sort of bad exitnodes in place. However we probably should think if we should install some kind of early warning system. I could imagine something like this: Every client checks once per day some random website on the internet via, let's say, 10 random exit-nodes and compares the results. If something is wrong the exitnode could be signalled to a real human which could verify the claim. How do you think about that? Cheers, Alex. -- I am tired of all this sort of thing called science here... We have spent millions in that sort of thing for the last few years, and it is time it should be stopped. -- Simon Cameron, U.S. Senator, on the Smithsonian Institute, 1901. signature.asc Description: Digital signature
Analyzing TOR-exitnodes for anomalies
Hi all, considering that I heard from several people that they notice strange sideeffects since a couple of days - altered webpage, advertisement where no ads should be - I started a little investigation if there are any obviously bogus exitnodes in the wild: http://itnomad.wordpress.com/2006/10/04/analyzing-tor-exitnodes-for-anomalies/ I welcome you to start your own investigation; if there are really bogus exitnodes we should be aware of those and we should know their node's nickname to put them on a shitlist. This might leed to an escalation in the future when marketeers realize the possibilities of altering traffic. Comments, ideas, pointers to other projects? Alex. -- I am tired of all this sort of thing called science here... We have spent millions in that sort of thing for the last few years, and it is time it should be stopped. -- Simon Cameron, U.S. Senator, on the Smithsonian Institute, 1901. signature.asc Description: Digital signature
Re: More bad tor server?
On Tue, Oct 03, 2006 at 11:48:13AM -0400, nile wrote: I experienced this for the first time yesterday. Attempting to go to legitsite.com redirected me to something that looked like a domain squatter page - but the domain in the address bar of my browser was legitsite.com. Quite an interesting attack :) Is it possibly the same as what i got here? http://itnomad.wordpress.com/2006/10/02/the-linux-magazine-tor-and-bigotry/ If yes, i really need to apologize... nile Alex. -- I am tired of all this sort of thing called science here... We have spent millions in that sort of thing for the last few years, and it is time it should be stopped. -- Simon Cameron, U.S. Senator, on the Smithsonian Institute, 1901. signature.asc Description: Digital signature
Re: Off topic: need help getting tripwire to work
On Thu, Sep 28, 2006 at 12:34:53PM +0200, Thomas Hluchnik wrote: fconame.h:147: error: ISO C++ forbids declaration of 'cFCOName_i' with no type fconame.h:147: error: expected ';' before '*' token If you're using gcc version 4 or higher, than this is due to the pickyness of the compiler; see http://sourceforge.net/tracker/index.php?func=detailaid=1450721group_id=3130atid=103130 You could either use an older gcc (4) or try to fix the code manually; this was already done for the older version of tripwire, for details see: http://www.mail-archive.com/debian-bugs-rc@lists.debian.org/msg24375.html Anyone here who can give me a hint how to fix that? Hope that helps, Thomas Hluchnik Alexander Janssen. -- I am tired of all this sort of thing called science here... We have spent millions in that sort of thing for the last few years, and it is time it should be stopped. -- Simon Cameron, U.S. Senator, on the Smithsonian Institute, 1901. signature.asc Description: Digital signature
Re: Tor with ssh port forwarding
On Thu, Sep 28, 2006 at 06:07:49PM +0200, Végh István wrote: Hello, There are 2 hosts. Host 1 is at home (Debian-testing). Host 2 is at my workplace (WindowsXP Pro) I use Tor with Privoxy at home (host 1). Firefox with Torbutton plugin works fine. So it seems everything ok. At my workplace I use (WindowsXP, host 2) SSH port forwarding (with Putyy) for webbrowsing. At Firefox in preferences, in connection tab I had to set Socks host: localhost, port: 1080, using Socksv5. I would like to use the Tor network from the host2 over SSH portforwarding using my Debian host(2) at home. Is it possible? If so, how can I do it? What i do is set up a tunnel in Putty like this: Configuration - Connection - ssh - tunnels: Source Port: 9050 Destination: 127.0.0.1:9050 Press Add Don't forget to save the settings. In Firefox set the SOCKS-Proxy to 127.0.0.1, Port 9050. You can leave everything else blank. ADDITIONALLY you want to tell your Firefox to send DNS-lookups through the SOCKS-tunnel; open a tab, enter about:config as the URL, search for the key network.proxy.socks_remote_dns and set it to true. Thanks Alex. -- I am tired of all this sort of thing called science here... We have spent millions in that sort of thing for the last few years, and it is time it should be stopped. -- Simon Cameron, U.S. Senator, on the Smithsonian Institute, 1901. signature.asc Description: Digital signature
Re: Tor with ssh port forwarding
The same a but blogyfied: http://itnomad.wordpress.com/2006/09/28/tor-howto-using-tor-through-a-ssh-tunnel/ Alex. -- I am tired of all this sort of thing called science here... We have spent millions in that sort of thing for the last few years, and it is time it should be stopped. -- Simon Cameron, U.S. Senator, on the Smithsonian Institute, 1901. signature.asc Description: Digital signature
tor+torbutton without privoxy doesn't work
hi, I had installed Tor+Privoxy on my Mac, but Privoxy started pissing me off. I uninstalled Privoxy and Firefox with Tor didn't work - I got the The proxy server is refusing connections error. I uninstalled whole pack, restarted my computer, installed only Tor and Tor-startup package, updated Torbutton. I changed config in Torbutton not to use Privoxy and I still get the same error... I cannot use Tor... Can I use Tor without Privoxy? Is it possible? thanx in advance, T