Re: [tor-dev] How to run a headless second Firefox instance?
On Wed, Apr 9, 2014 at 12:17 PM, David Fifield wrote: > On Wed, Apr 09, 2014 at 04:31:57PM +0100, Ximin Luo wrote: >> On 09/04/14 07:29, David Fifield wrote: >> > It gets the job done, but it sucks because the first thing you see is >> > the dialog and you have to know not to close it. Is there a way to >> > accomplish the same thing (keep the browser running, but don't show a >> > browser window) without raising a conspicuous dialog? >> > >> >> You could play further with this: >> >> $ nc -l -p & >> $ iceweasel -no-remote -p testing -chrome http://localhost: > > That's an interesting idea. I didn't know about the -chrome option. > https://developer.mozilla.org/en-US/docs/Mozilla/Command_Line_Options#Chrome > > Maybe in order to avoid relying on a local port, we could use an > internal chrome:// URL that just doesn't define any UI elements, or > something like that. I don't know too much about how the XUL overlays > work, but it seems like it should be possible. I *think* this .xul file suffices: http://www.mozilla.org/keymaster/gatekeeper/there.is.only.xul";> There is a specific warning at https://developer.mozilla.org/en-US/docs/Mozilla/Tech/XUL/window to the effect that without more, "the window will be invisible". I don't know how to get rid of the OSX dock icon, though. ___ tor-dev mailing list tor-dev@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev
Re: [tor-dev] Please help testing a new Onionoo version that uses Gson to format documents
Is there a way for me to install it onto my relay? ( https://metrics.torproject.org/relay-search.html?search=176.31.156.199 ) Regards, Phill. On 25 April 2014 18:53, Karsten Loesing wrote: > Hi everyone, > > [I'm blind-copying everyone who I know has been working on an Onionoo > client in the past. If you received two copies of this email, or if you > received this email even though you're not subscribed to tor-dev@, and > you don't want to be informed of updates related to Onionoo, please let > me know.] > > Please help testing the Onionoo version running here: > > http://54.81.197.70:8080/onionoo/ > > This version uses Google's Gson library to format JSON documents, rather > than concatenating strings that happen to represent JSON documents > (#11577). While this change doesn't sound very difficult, it required > quite a few code changes. This is good, because the new code is much > cleaner. I'm just not certain whether I broke things. > > Please try to point your Onionoo client to the new Onionoo version and > see if something breaks. Please also try edge cases and give this > Onionoo instance a hard time. Just note that this version only contains > a few days of data. Things to try out in particular: > > - Responses contain less whitespace than before. Please make sure that > your client handles the more compact responses correctly. > > - UTF-8 characters in details documents should still be in escaped > form, e.g., \u00F2 for the ò in Filastò in the contact field. Other > fields that might contain UTF-8 characters are city_name, as_name, etc. > > - The fields parameter for details documents required some hacking, so > I might have broken it. > > I'm planning to deploy the new version on yatei in 5--7 days from now. > If you find a bug, please either comment on #11577 or open a new ticket, > whatever seems more appropriate. > > Thanks for your help! > > All the best, > Karsten > ___ > tor-dev mailing list > tor-dev@lists.torproject.org > https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev > -- https://wiki.ubuntu.com/phillw ___ tor-dev mailing list tor-dev@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev
[tor-dev] Please help testing a new Onionoo version that uses Gson to format documents
Hi everyone, [I'm blind-copying everyone who I know has been working on an Onionoo client in the past. If you received two copies of this email, or if you received this email even though you're not subscribed to tor-dev@, and you don't want to be informed of updates related to Onionoo, please let me know.] Please help testing the Onionoo version running here: http://54.81.197.70:8080/onionoo/ This version uses Google's Gson library to format JSON documents, rather than concatenating strings that happen to represent JSON documents (#11577). While this change doesn't sound very difficult, it required quite a few code changes. This is good, because the new code is much cleaner. I'm just not certain whether I broke things. Please try to point your Onionoo client to the new Onionoo version and see if something breaks. Please also try edge cases and give this Onionoo instance a hard time. Just note that this version only contains a few days of data. Things to try out in particular: - Responses contain less whitespace than before. Please make sure that your client handles the more compact responses correctly. - UTF-8 characters in details documents should still be in escaped form, e.g., \u00F2 for the ò in Filastò in the contact field. Other fields that might contain UTF-8 characters are city_name, as_name, etc. - The fields parameter for details documents required some hacking, so I might have broken it. I'm planning to deploy the new version on yatei in 5--7 days from now. If you find a bug, please either comment on #11577 or open a new ticket, whatever seems more appropriate. Thanks for your help! All the best, Karsten ___ tor-dev mailing list tor-dev@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev
Re: [tor-dev] GSoC: Ahmia.fi - Search Engine for Hidden Services
Juha Nurmi writes: > On 22.04.2014 17:35, George Kadianakis wrote: >> Enjoy GSoC :) > > I will :) > >> BTW, looking again at your proposal, I see that you are going to >> do both popularity tracking and backlinks. > > Yes, another crawler gathers backlinks from the public WWW and I will > start gathering the URL clicks from the users. > >> How are these two technologies going to interact with each other? >> That is, how will the indexer consider the output of those two >> features? > > Django front-end re-sorts the answers from YaCy back-end. > > See https://ahmia.fi/static/gsoc/re_sort.jpg > > I have this idea in mind: https://ahmia.fi/static/gsoc/sorter.py > > The result is sorted according to YaCy result index, number of > backlinks and clicks which are scaled. > > Note the scaling: p_info.backlinks = 1 / (float(index) + 1) etc. > > sum_function = 3.0*self.yacy + 2.0*self.backlinks + 1.0*self.clicks > > where 3, 2 and 1 are test coefficients. I will optimize these and made > a better model if necessary. However, clicks are easily spoofed and > there have to be small coefficient for them. > That makes sense. BTW, what is the 'yacy' score? Is it just the order that YaCy's indexer chose for each result? Or does YaCy actually expose a score for each result? How is the score derived? Or do you treat it as a blackbox and assume it's the most accurate of backlinks and popularity. Thanks! ___ tor-dev mailing list tor-dev@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev
Re: [tor-dev] Panopticlick summer project
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 04/25/2014 02:12 PM, Nicolas Vigier wrote: > On Mon, 21 Apr 2014, Gunes Acar wrote: > >> -BEGIN PGP SIGNED MESSAGE- >> Hash: SHA1 >> >> >> On Mon 21 Apr 2014 02:21:35 PM CEST, Mike Perry wrote: >>> Gunes Acar: Sorry everyone for the long pause. >>> >>> I wrote down a proposal (and some code) to address issues raised >>> by Mike and George: >>> https://securehomes.esat.kuleuven.be/~gacar/summer_2014.pdf >>> >>> Looking for your comments and critics... >>> This proposal looks like quite a good start. With respect to automated testing, you should definitely discuss this with Nicolas Vigier, who is our lead automation engineer. He has begun writing TBB automation tests, and can help you integrate your tests into that framework. You can see a few links to the existing testing infrastructure at in the QA and testing section of the TBB hacking doc: https://trac.torproject.org/projects/tor/wiki/doc/TorBrowser/Hacking#QAandTesting >> Sure, >> I already have some questions noted down for him. >> But I must say the framework he set up is pretty easy to extend. >> I could add and run my tests in minutes. > Hello, > > I have been looking at your git repository with selenium tests: > https://github.com/gunesacar/tbb-fp-tests > > And this looks like a very good start! If you think that's ready, I can > merge your patch (fp_tests.patch) so we start running those tests on > the next releases / nightly builds. Hi Nicholas, I think it won't hurt to merge and I'd be just glad. > > After reading your proposal about this new Panopticlick project, > something I'm wondering is if it would be possible to split this tool > in two differents parts: > > - the part that generate a profile of the browser visiting the page(s) >using all known fingerprinting techniques, and save this profile in a >file (in json, yaml or any other format that is easy to read from an >other program) > > - the part that takes this profile and adds it to a central database, >and compute a uniqueness score to display it to the user > > The reason I'm thinking about this is that it could allow us to share > the first part between the panopticlick website and the test suite. Yes, indeed this is exactly how I imagine it. And that's why I was reluctant to submit the patchmentioned above, as it doesn't follow this architecture. But sure, it can be easily updated once I start working. > > I've been thinking about making the test suite start a local web server > that would be used to host some pages to be used by tests, and this > fingerprinting website could be one of thoses. That'd be great. Maybe we can start with client side tests but in the end we'd need to run server side (to check HTTP headers etc.) > > Does it sounds like something possible ? Sure, indeed. > > > Nicolas > > > ___ > tor-dev mailing list > tor-dev@lists.torproject.org > https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.11 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iQEcBAEBAgAGBQJTWnIcAAoJEPb7JcMmVt4gFFoIAMc+DXIJgXrzdFv1aMFGh1AK NMi/CNqiTtk1L8C0LvMDwqtdXoU7Ip0iuysb9oO45j4MTkbMz3g7FUpuSGNxumnT OLDQDTDFYYi22YqE0U9SHmMJBv5F3EGI/WeVo4xVjiQeEPtsM4S7O988hfUBzCm7 MO06m+U+Kava8eb3XPU8xutEV8pZLXBmMvGTSMlBiAXpKtQjPTJDdcs33E/R2qlh Lz9aQZFaC+bTEPhsGZkLC+3/LqE9x3VtIecFV/TTTCYDnTq5BRSaNHCAwETTOpx0 tWjS0h3o22MJhWSvkXHAsw8NUocwLvp7zRfupYRdLjdsMVLyDMTWFPc/Q3ZS1tM= =E+pu -END PGP SIGNATURE- ___ tor-dev mailing list tor-dev@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev
Re: [tor-dev] Panopticlick summer project
On Mon, 21 Apr 2014, Gunes Acar wrote: > -BEGIN PGP SIGNED MESSAGE- > Hash: SHA1 > > > On Mon 21 Apr 2014 02:21:35 PM CEST, Mike Perry wrote: > > Gunes Acar: Sorry everyone for the long pause. > > > > I wrote down a proposal (and some code) to address issues raised > > by Mike and George: > > https://securehomes.esat.kuleuven.be/~gacar/summer_2014.pdf > > > > Looking for your comments and critics... > > > >> This proposal looks like quite a good start. With respect to > >> automated testing, you should definitely discuss this with > >> Nicolas Vigier, who is our lead automation engineer. He has begun > >> writing TBB automation tests, and can help you integrate your > >> tests into that framework. You can see a few links to the > >> existing testing infrastructure at in the QA and testing section > >> of the TBB hacking doc: > >> https://trac.torproject.org/projects/tor/wiki/doc/TorBrowser/Hacking#QAandTesting > > Sure, > >> > I already have some questions noted down for him. > But I must say the framework he set up is pretty easy to extend. > I could add and run my tests in minutes. Hello, I have been looking at your git repository with selenium tests: https://github.com/gunesacar/tbb-fp-tests And this looks like a very good start! If you think that's ready, I can merge your patch (fp_tests.patch) so we start running those tests on the next releases / nightly builds. After reading your proposal about this new Panopticlick project, something I'm wondering is if it would be possible to split this tool in two differents parts: - the part that generate a profile of the browser visiting the page(s) using all known fingerprinting techniques, and save this profile in a file (in json, yaml or any other format that is easy to read from an other program) - the part that takes this profile and adds it to a central database, and compute a uniqueness score to display it to the user The reason I'm thinking about this is that it could allow us to share the first part between the panopticlick website and the test suite. I've been thinking about making the test suite start a local web server that would be used to host some pages to be used by tests, and this fingerprinting website could be one of thoses. Does it sounds like something possible ? Nicolas pgp1Y3HBdYJmN.pgp Description: PGP signature ___ tor-dev mailing list tor-dev@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev
Re: [tor-dev] Panopticlick summer project
(sending this again as I accidentally removed Peter from CC) On Mon, 21 Apr 2014, Gunes Acar wrote: > -BEGIN PGP SIGNED MESSAGE- > Hash: SHA1 > > > On Mon 21 Apr 2014 02:21:35 PM CEST, Mike Perry wrote: > > Gunes Acar: Sorry everyone for the long pause. > > > > I wrote down a proposal (and some code) to address issues raised > > by Mike and George: > > https://securehomes.esat.kuleuven.be/~gacar/summer_2014.pdf > > > > Looking for your comments and critics... > > > >> This proposal looks like quite a good start. With respect to > >> automated testing, you should definitely discuss this with > >> Nicolas Vigier, who is our lead automation engineer. He has begun > >> writing TBB automation tests, and can help you integrate your > >> tests into that framework. You can see a few links to the > >> existing testing infrastructure at in the QA and testing section > >> of the TBB hacking doc: > >> https://trac.torproject.org/projects/tor/wiki/doc/TorBrowser/Hacking#QAandTesting > > Sure, > >> > I already have some questions noted down for him. > But I must say the framework he set up is pretty easy to extend. > I could add and run my tests in minutes. Hello, I have been looking at your git repository with selenium tests: https://github.com/gunesacar/tbb-fp-tests And this looks like a very good start! If you think that's ready, I can merge your patch (fp_tests.patch) so we start running those tests on the next releases / nightly builds. After reading your proposal about this new Panopticlick project, something I'm wondering is if it would be possible to split this tool in two differents parts: - the part that generate a profile of the browser visiting the page(s) using all known fingerprinting techniques, and save this profile in a file (in json, yaml or any other format that is easy to read from an other program) - the part that takes this profile and adds it to a central database, and compute a uniqueness score to display it to the user The reason I'm thinking about this is that it could allow us to share the first part between the panopticlick website and the test suite. I've been thinking about making the test suite start a local web server that would be used to host some pages to be used by tests, and this fingerprinting website could be one of thoses. Does it sounds like something possible ? Nicolas pgpAYC4_jk46a.pgp Description: PGP signature ___ tor-dev mailing list tor-dev@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev
