Re: Tor 0.2.2.18-alpha is out
On Wed, 17 Nov 2010 20:11:44 -0500 Justin Aplin jmap...@ufl.edu wrote: I agree that dropping the expert packages might be a good idea, but I don't see a reason that the Vidalia bundles should fall behind. The reason for the delay in packages is the powerpc build machine died a melting death when the internal fan died over a weekend. A donor gave us a powerpc mac mini for a build machine running 10.5. It's in process of being turned into the powerpc build machine. Alternatively, building from source is very easy once the dependencies are installed. I'm not sure how well 10.5 binaries work on 10.3 and 10.4 (even with osx compiles set for 10.3 and 10.4 compatibility). I guess we'll find out. -- Andrew pgp 0x31B0974B *** To unsubscribe, send an e-mail to majord...@torproject.org with unsubscribe or-talkin the body. http://archives.seul.org/or/talk/
Re: Scalability and fairness [was: P2P over Tor [was: Anomos - anonBT]]
On Wed, 17 Nov 2010 20:03:58 -0500 grarpamp grarp...@gmail.com wrote: Wish the mbox or maildir archives were available/mirrored for easy search, reading, reference and reply using native mail clients :) ...I wish people would stop cross-posting between -dev and -talk...;) -- Andrew pgp 0x31B0974B *** To unsubscribe, send an e-mail to majord...@torproject.org with unsubscribe or-talkin the body. http://archives.seul.org/or/talk/
Re: Tor-node failed
On Fri, 03 Dec 2010 00:29:58 + Orionjur Tor-admin tor-ad...@orionjurinform.com wrote: Last time my tor-node regularry fails. How can I debug causes of it? https://trac.torproject.org/projects/tor/wiki/TheOnionRouter/TorFAQ#MyTorkeepscrashing. The text at that url is a fine start. -- Andrew pgp 0x74ED336B *** To unsubscribe, send an e-mail to majord...@torproject.org with unsubscribe or-talkin the body. http://archives.seul.org/or/talk/
Re: Tor 0.2.2.19-alpha is out
On Tue, 30 Nov 2010 16:25:25 + Matthew pump...@cotse.net wrote: In System / Administration / Software Sources / Authentication there is an deb.torproject.org archive signing key dated 2009-09-04 with the value 886DDD89. This is correct. Am I correct to think that this key sufficient to verify updates when using sources.list. This is correct. Also, who exactly owns 886DDD89? Is it a specific person or for torproject.org as a whole? If you gpg --list-sigs 0x886DDD89 You can see who signed the key. It is a role key that the packagers use to sign the builds, rather than using their own personal keys. It is up to you if you trust the key and those who signed it implying validity. -- Andrew pgp 0x74ED336B *** To unsubscribe, send an e-mail to majord...@torproject.org with unsubscribe or-talkin the body. http://archives.seul.org/or/talk/
Re: Tor Email?
On Wed, 29 Dec 2010 14:02:34 -0500 grarpamp grarp...@gmail.com wrote: We've generally suggested gmail because their bulk account creation process was good. It seems this is not the case any more. What is this bulk account creation you speak of? Gmail used to have the ability to stop bots from creating accounts en masse. gmail doesn't have this ability any more. This is false. I just created a gmail account via tor without needing a phone number or any other information. Hmm, you mean just, as in today? What exit were you using? Want to sell the account for bitcoins? Kidding :-) As in around 08:45 AM EST. I didn't look to see which exit, it just worked, just a captcha required. -- Andrew pgp 0x74ED336B *** To unsubscribe, send an e-mail to majord...@torproject.org with unsubscribe or-talkin the body. http://archives.seul.org/or/talk/
Re: Tor and google groups
On Wed, 05 Jan 2011 19:18:09 + Orionjur Tor-admin tor-ad...@orionjurinform.com wrote: Is it very difficult to buy a SIM without showing ID in the USA or countries of Western Europe? Sorry for such off topic but it is very interesting to know are there any countries in Western Europe or states of the USA when it is possible to buy a SIM without showing your ID with accordance to local law? My $0.02 from buying SIM cards all over the world, I show them my CostCo Club photo id. In Hong Kong they wrote down my first/last name as cost co. No one has photocopied the ID yet. Many shops ask for it and then do nothing with it. As explained to me in Belgium, the law says they have to see an ID, not record, write down, and register the sim in your name. Maybe I just found a cool shop by accident. -- Andrew pgp 0x74ED336B *** To unsubscribe, send an e-mail to majord...@torproject.org with unsubscribe or-talkin the body. http://archives.seul.org/or/talk/
Re: Home Internet with Anonymity Built In
On Fri, 7 Jan 2011 00:55:32 +0800 Trystero Lot lo...@callout.me wrote: will this work with linksys ata specially 3102? We're just adding a correct tor configuration to openwrt. If openwrt supports your device, then our tor mods should as well. -- Andrew pgp 0x74ED336B *** To unsubscribe, send an e-mail to majord...@torproject.org with unsubscribe or-talkin the body. http://archives.seul.org/or/talk/
Re: Index of hidden services?
On Fri, 7 Jan 2011 13:22:58 -0600 Peter McCann mc...@freeovernetfoundation.org wrote: On the website describing how to set up a hidden service I saw a mention of a (hypothetical?) Hidden Services Wiki where pointers to hidden services are stored. Does such a wiki exist? If so, where can I find it? Years ago, there was a popular place called The hidden wiki which was the only one in existence, that anyone knew about. It was then beseiged by child porn links and images and went away. Since then, many different services claiming to be the hidden wiki have come and gone. Someone also tried to setup a google search appliance to crawl all of .onion space. It didn't get very far for the obvious reason of most hidden service sites don't want to be found by the general population. The services don't link to each other, and they may be on random ports. It's possible one could create a search engine that crawls every possible .onion hostname on common tcp ports (80, 443, 8080, 8443). Over long periods of time, this may find many hidden services. -- Andrew pgp 0x74ED336B *** To unsubscribe, send an e-mail to majord...@torproject.org with unsubscribe or-talkin the body. http://archives.seul.org/or/talk/
Re: geeez...
On Wed, 12 Jan 2011 02:29:49 +0100 Dirk noi...@gmx.net wrote: But I wan't a legally binding statement from a lawyer or an official (BSI) that running TOR exit nodes in germany is legal. Ask the CCC for a start. They have defended many Germans already. -- Andrew pgp 0x74ED336B *** To unsubscribe, send an e-mail to majord...@torproject.org with unsubscribe or-talkin the body. http://archives.seul.org/or/talk/
Re: polipo-tor deb/ubuntu native package
On Mon, 17 Jan 2011 12:21:56 -0800 travis+ml-tor-t...@subspacefield.org wrote: The real answer is to fix firefox so it doesn't need a proxy between it and Tor. We patch firefox to do just this in the osx and linux tor browser bundles. Polipo was a fine kludge until either we started patching firefox or mozilla fixed their many-years-old socks bug. Hmm, I had no idea this was even available for Linux. It looks like a tarball - it's unclear how this will interact with a package manager, which likes to know which packages installed which files, and updates them automatically, etc. Tor Browser Bundle isn't something to install, you extract and run. I've seen a few linux users just double click the tar.gz file and run from inside their archive extractor. -- Andrew pgp 0x74ED336B *** To unsubscribe, send an e-mail to majord...@torproject.org with unsubscribe or-talkin the body. http://archives.seul.org/or/talk/
or-talk list migration Feb 19, 2011
Hello or-talk subscribers, On February 19, 2011, we are migrating or-talk from or-t...@seul.org to tor-t...@lists.torproject.org. We will migrate your e-mail address's subscription to the new list. You will receive a confirmation from the new mailing list software on the 19th. Current or-talk archives will be migrated. Roger plans to leave the current archives in place at seul.org as well. We're using this migration to spread administration out to Tor's sysadmin team rather than making Roger do everything himself. The secondary benefits of having the lists on the torproject.org domain include SSL-enabled login, archives, and easier account management. You can subscribe to the new list at https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk I will send out a reminder on the day of the migration. Please e-mail tor-assista...@torproject.org with any questions. Thank you. -- Andrew pgp 0x74ED336B signature.asc Description: PGP signature
Re: Tor exits in .edu space
On Thu, 27 Jan 2011 11:51:56 -0500 Flamsmark flamsm...@gmail.com wrote: I run a Tor exit node because I support the ubiquitous availability of strong anonymity for anyone who wants it. Tor is one of the strongest, best- researched, and most widely-used online anonymity system, and I want to help keep it running at maximum capacity. First and foremost, thank you. The support that I received from the project was somewhat limited, but I can't really imagine receiving that much more. I spoke with arma on the IRC channel, and he provided me with moral support, and offered to get me in touch with Ed Felten at Princeton's CITP. We're trying to figure this out ourselves. I've personally been the introduction point between exit relay operators and a lawyer in their country to help them when something goes wrong. I've spoken to a number of organizations, such as law enforcement, Internet providers, and schools about what Tor is, who uses it, and how we can help when criminals use tor. In some cases, I've travelled to meet people to spend time with them and help them as best I can. Law enforcement organizations are generally surprised when we show up to talk to them, to educate them, and explain that real people use tor for real reasons. If all you see all day are criminals using a hammer, then clearly hammers are only for criminals. It's the same with Tor. It's frequently the case that their own investigators are using Tor to hide their tracks online too, and are willing to show up to support us and talk about how they use it. I hope this helps stop SWAT teams from kicking down doors when someone exits traffic for a jerk. I've talked to people on the steps of their local police station just after they were released from jail the night before. I've talked to people looking at academic suspension and huge fines because of a DMCA notice. This is why I started contacting law firms in various countries to find resources for people, https://blog.torproject.org/blog/start-tor-legal-support-directory. It needs more work, it needs someone with more legal background to write up a case guide for other lawyers/solicitors/judge advocates. I am always impressed that 95% of those accused of something due to their exit node fight harder to keep running a Tor exit node. It's people like this that help keep your liberties around the world. Once again, thank you. -- Andrew pgp 0x74ED336B *** To unsubscribe, send an e-mail to majord...@torproject.org with unsubscribe or-talkin the body. http://archives.seul.org/or/talk/
Re: Is gatereloaded a Bad Exit?
On Sat, 29 Jan 2011 19:46:20 +0100 Jan Weiher j...@buksy.de wrote: This node looks suspicious to me, because there is no contact info given and the exit policy allows only unencrypted traffic: It hasn't shown up in any of the exit scans as suspicious. Lack of contact info isn't a concern. The exit policy is odd, yes. However, arguably those are also very popular ports as well. -- Andrew pgp 0x74ED336B *** To unsubscribe, send an e-mail to majord...@torproject.org with unsubscribe or-talkin the body. http://archives.seul.org/or/talk/
Re: Question and Confirmation.
On Sun, 30 Jan 2011 23:15:17 + Matthew pump...@cotse.net wrote: I'm still not getting this. My understanding is that you have the data and the header when using TCP. If only the data is encrypted then what happens to the headers? Does this image help at all? https://svn.torproject.org/svn/projects/presentations/images/tor-keys.svg Your original data is tunnelled through tor. Your original packets are wrapped in onionskins and moved about the globe. -- Andrew pgp 0x74ED336B *** To unsubscribe, send an e-mail to majord...@torproject.org with unsubscribe or-talkin the body. http://archives.seul.org/or/talk/
Re: Polipo bug reporting
On Mon, 31 Jan 2011 12:20:10 + Geoff Down geoffd...@fastmail.net wrote: Thank you Juliusz, I appreciate your efforts. Clearly Tor needs to ship with a working Polipo, so if this is a real fault would the bundle developers please revert to the version which was in the Vidalia 0.2.9 bundle, which is still working. The difference is that the PPC bundle with vidalia 0.2.9 was built on a 10.3.9 ppc mac. However, the 10.3.9 machine died a smelly, melty death during a build a few months ago. The current bundles are built on a 10.5 ppc mac with backwards compatibility for 10.3.9 (at least according to xcode/gcc). Clearly Apple's backwards compatibility options don't work. -- Andrew pgp 0x74ED336B *** To unsubscribe, send an e-mail to majord...@torproject.org with unsubscribe or-talkin the body. http://archives.seul.org/or/talk/
Re: Is gatereloaded a Bad Exit?
In my opinion, judging a relay based on exit policy is a slippery slope we don't want to go down. We never claim to make using Tor alone safer than using the Internet at large. Whether the creep is at Starbucks sniffing the wifi or running a relay is irrelevant to me. Encouraging people to use encrypted communications, the https everywhere firefox extension, and learn to be more secure online are some of our goals. The Tor Browser Bundle, while still a work in progress, is the best way to protect novice users and get them safer than they are without Tor. I personally run encrypted services on unencrypted ports, like 25, 80, 143, 110, etc. It's just a port number and only convention says port 80 has to be for http only. If people start doing deep packet inspection to enforce 80 is really http or running filters in some misguided attempt to block bad things through Tor, then those are reasons to 'badexit' relays. There are some obvious ways we can detect traffic manipulation through Tor relays. Today, we do detect them and badexit those relays. If we're going to start censoring Tor exits based on impressions, we might as well start blocking Tor relays that are rumoured to be run by national intelligence agencies, criminal organizations, martians, and other people we might not like. In fact, we might as well go back to the original model of every Tor relay operator has met and gained Roger's trust. I want a diverse set of Tor relays. If people don't want to trust relays based on whatever heuristics they want to use, great, use ExcludeNodes in your torrc. Don't punish everyone based on rumors and impressions. -- Andrew pgp 0x74ED336B *** To unsubscribe, send an e-mail to majord...@torproject.org with unsubscribe or-talkin the body. http://archives.seul.org/or/talk/
Re: Scroogle and Tor
On Sun, 13 Feb 2011 14:09:56 -0500 (EST) scroo...@lavabit.com wrote: I've been fighting two different Tor users for a week. Each is apparently having a good time trying to see how quickly they can get results from Scroogle searches via Tor exit nodes. I've talked to a few services that do one of the following: - Run a Tor exit enclave, which would only allow exit through Tor to your webservers. There are a few services that run a tor client and simply block every IP in the consensus, except their exit enclave. - Run a hidden service. Due to the current state of hidden services, it'll slow down everything. - Run a tor exit enclave against one, non-load balanced server for tor users. If someone abuses it, the reality of slower response times is a self-enforcing feedback loop. Of course, this sucks for the non-abusers. - Rate limiting queries in the application. The Google solution of CAPTCHA. The Yahoo/Bing solution of throwing up a temporary error page when queries cross some threshold per IP address. -- Andrew pgp 0x74ED336B *** To unsubscribe, send an e-mail to majord...@torproject.org with unsubscribe or-talkin the body. http://archives.seul.org/or/talk/
Re: or-talk list migration Feb 19, 2011
A reminder that this migration occurs this week. On Mon, 24 Jan 2011 15:05:03 -0500 Andrew Lewman and...@torproject.org wrote: Hello or-talk subscribers, On February 19, 2011, we are migrating or-talk from or-t...@seul.org to tor-t...@lists.torproject.org. We will migrate your e-mail address's subscription to the new list. You will receive a confirmation from the new mailing list software on the 19th. Current or-talk archives will be migrated. Roger plans to leave the current archives in place at seul.org as well. We're using this migration to spread administration out to Tor's sysadmin team rather than making Roger do everything himself. The secondary benefits of having the lists on the torproject.org domain include SSL-enabled login, archives, and easier account management. You can subscribe to the new list at https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk I will send out a reminder on the day of the migration. Please e-mail tor-assista...@torproject.org with any questions. Thank you. -- Andrew pgp 0x74ED336B *** To unsubscribe, send an e-mail to majord...@torproject.org with unsubscribe or-talkin the body. http://archives.seul.org/or/talk/
Re: or-talk list migration Feb 19, 2011
A final reminder that this migration occurs today. On Sun, 13 Feb 2011 21:35:14 -0500 Andrew Lewman and...@torproject.org wrote: A reminder that this migration occurs this week. On Mon, 24 Jan 2011 15:05:03 -0500 Andrew Lewman and...@torproject.org wrote: Hello or-talk subscribers, On February 19, 2011, we are migrating or-talk from or-t...@seul.org to tor-t...@lists.torproject.org. We will migrate your e-mail address's subscription to the new list. You will receive a confirmation from the new mailing list software on the 19th. Current or-talk archives will be migrated. Roger plans to leave the current archives in place at seul.org as well. We're using this migration to spread administration out to Tor's sysadmin team rather than making Roger do everything himself. The secondary benefits of having the lists on the torproject.org domain include SSL-enabled login, archives, and easier account management. You can subscribe to the new list at https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk I will send out a reminder on the day of the migration. Please e-mail tor-assista...@torproject.org with any questions. Thank you. -- Andrew pgp 0x74ED336B *** To unsubscribe, send an e-mail to majord...@torproject.org with unsubscribe or-talkin the body. http://archives.seul.org/or/talk/