Re: [tor-dev] [OBORONA-SPAM] Decentralized VOIP over Tor
On Fri, Aug 15, 2014 at 05:53:44PM -0400, ter...@safe-mail.net wrote: > Hi, > > I'm interested an anonymous decentralized VOIP network on Tor. All traffic > routed through Tor. Every Tor user being an optional server for PTT or > Continuous Speech. > > How feasible does this sound? What about WebRTC? ___ tor-dev mailing list tor-dev@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev
Re: [tor-dev] DNSSEC
On Sat, Aug 30, 2014 at 04:35:27PM -0700, merc1...@f-m.fm wrote: > > Does anyone know why TOR does not use DNSSEC? The only documentation I > found on the TORProject website for DNS does not actually explain how > DNS works on TOR. I infer it must be TCP, as TOR can not do UDP, and I > imagine that relay nodes must be the resolvers in order to resolve > .onion domains. But beyond that there is no information on how it > works. > > Seems to me that the lack of DNSSEC in TOR is a gigantic security hole. > (DNS cache poisoning) Because DNSSEC can be themselves "gigantic security hole". Google it. It is very questionable technology. ___ tor-dev mailing list tor-dev@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev
Re: [tor-dev] DNSSEC
On Mon, Sep 01, 2014 at 04:33:34PM +, David Stainton wrote: > > Dear merc1...@f-m.fm, > > Is DNSSEC is not evil? To me it seems like the 1984 of domain name systems... > Please take a good look at the political implications of DNSSEC. > I personally do not understand why this Tor Project spec includes mention of > DNSSEC: > https://gitweb.torproject.org/torspec.git/blob/HEAD:/proposals/219-expanded-dns.txt > > Can we use djb's DNSCurve instead of DNSSEC? > Perhaps I misunderstand the situation and the difference between DNSCurve and > DNSSEC. > Perhaps "ZOMG someone is wrong on the Internet!" will spark someone else's > interest in correcting me here > in this discussion. I personally think that people mentioning DNSSEC on tor > communications channels > must either have an agenda to help the US government gain more control of the > Internet... or they must be trolls. > But maybe I am totally wrong about this. I'd be interested in hearing a > correction if I am wrong... and > does this mean the DJB is also wrong? =-) > https://en.wikipedia.org/wiki/DNSCurve Yeah, he is troll or/and NSA's agent :) He's already got the answer exactly the same as yours, from two people from tor-talk: 1. https://gitweb.torproject.org/torspec.git/blob/HEAD:/proposals/219-expanded-dns.txt 2. DNSSEC is suck, not security technology. to merc1...@f-m.fm, is it act of sabotage? Stop it or I will come for you! ;) ___ tor-dev mailing list tor-dev@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev
Re: [tor-dev] Building TOR using Visual Studio
On Thu, Oct 16, 2014 at 02:16:32PM -0400, Nick Mathewson wrote: > On Thu, Oct 16, 2014 at 7:40 AM, Владимир Мартьянов > wrote: > > Hi all! I'm new at this list :-) > > > > I decided to understand how TOR works and I want to build it in VS to debug > > it and explore it's internals. I have Visual Studio on my first PC and I got > > errors during build on address.c. I investigated the reason: commit > > 0ca83872468af59b94e14fe7fdfcb38cb5a3f496 > > > > I have Visual Studio express 2013 on my second PC and I didn't have any > > problems building the TOR. > > > > So I have two questions: did you decide not to support old Visual Studio > > versions or it'll be better to build TOR in VS2008 too? If old versions > > aren't supported, should it be some #error directives in sources to explain > > this decision? It was really hard to understand where's the problem, so I > > think #error will be very helpfull. > > > > If you give me some instructions about the problem, I'll try to commit the > > changes. Thank you. > > Hello, Vladimir! > > That's the commit where we decided that, since C99 is 15 years old > now, it's probably okay for us to require a compiler to support it. I > thought that I would get more feedback by breaking the master branch > than by asking on a mailing list. > > I'd be happy to take a patch that added #error directives for > compilers that don't have basic C99 support. > > But first, I'd like to ask you, and anyone else who sometimes uses > compilers that don't support C99: Is it important for Tor that we keep > supporting C89? Are there a lot of VS2008 users who can't upgrade? Support for C89 makes it possible nativly compile and test software on old archs (e.g. VAX). This is one reason why OpenBSD supports many architectures that practically no longer used today. They have caught tons of bugs through this method. ___ tor-dev mailing list tor-dev@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev
Re: [tor-dev] Building TOR using Visual Studio
On Sat, Oct 18, 2014 at 03:29:51PM +1100, teor wrote: > > > * Some compilers for weird old hardware have never been upgraded to > > even rudimentary C99 support, and trying to build code with those > > weird old compilers is a good way to expose some bugs. I sympathize > > with this too: there was one guy who would always compile new versions > > of Tor on his old Irix boxes, and he always turned up a new warning or > > two when he did. > > Static analysers, better compiler warnings, and runtime checks are starting > to fill the role previous occupied by obscure systems. And mobile/embedded > platforms help with this too :-) > > I think we may be able to compensate for lack of C89 support for old > compilers, by using a combination of coverity, clang --analyze, gcc/clang > -ftrapv , and clang -fsanitize=undefined-trap > -fsanitize-undefined-trap-on-error. > > Oh, and unit tests :-) Theo de Raadt [1]: "The answer to that is not news. On a regular basis, we find real and serious bugs which affect all platforms, but they are incidentally made visible on one of the platforms we run, following that they are fixed. It is a harsh reality which static and dynamic analysis tools have not yet resolved. Now, If you don't realize this is the reason we try to run on the older platforms..." [1] http://marc.info/?l=openbsd-tech&m=138973312304511&w=2 ___ tor-dev mailing list tor-dev@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev
Re: [tor-dev] [HTTPS-Everywhere] "darkweb everywhere" extension
On Mon, Nov 03, 2014 at 05:48:03AM +, yan wrote: > +tor-dev. tl;dr: Would be nice if there were an HTTP response header > that allows HTTPS servers to indicate their .onion domain names so that > HTTPS Everywhere can automatically redirect to the .onion version in the > future if the user chooses a "use THS when available" preference. > > I imagine the header semantics and processing would be similar to HSTS. > It would only be noted when sent over TLS and have the max-age and > include-subdomains fields. I think "darkweb" inappropriate name from marketing/PR point of view. IMHO RenovatedWWW Everywhere more appropriate :) ___ tor-dev mailing list tor-dev@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev
Re: [tor-dev] Porting Tor Browser to the BSDs
On Tue, Feb 17, 2015 at 11:30:26AM -0500, Libertas wrote: > Has anyone looked into this? I talked to the maintainer of the OpenBSD > Firefox port, but he wasn't very interested and pointed out the > difficulty caused by the deterministic build system. Deterministic build is mandatory for sucessful build TB? ___ tor-dev mailing list tor-dev@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev
Re: [tor-dev] Is anyone using tor-fw-helper? (Was Re: BOINC-based Tor wrapper)
On Tue, Jul 21, 2015 at 11:38:00AM -0400, Nick Mathewson wrote: > Yawning's mail below reminds me: I am considering removing the C > implementation of tor-fw-helper from the tor distribution, and recommending > Yawning's pure-Go implementation instead. But before I do this, I'd like > to get some sense of whether folks are shipping tor-fw-helper today, or > using it in practice. pure-Go implementation does not compiled on many archs. Because Go's "gc" compiler supports only i386, amd64, ARM and IBM POWER processor architectures (from Wikipedia) and gccgo, GCC frontend (GCC >= 4.6), does not work everywhere too because of old architecture or architecture's resctriction. C implementation working everywhere. So, what is the purpose? ___ tor-dev mailing list tor-dev@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev
Re: [tor-dev] TB 5.0.3 for OpenBSD released
On Tue, Oct 27, 2015 at 12:14:29PM -0600, attila wrote: > The Tor BSD Diversity Project (TDP) is proud to announce the release of > Tor Browser (TB) version 5.0.3 for OpenBSD. Thank you very much for your effort. It is long awaited effort for people like me on OpenBSD. I have only one suggestion. Can you please build Tor Browser not only for -current but also for stable version like 5.7 and 5.8? Thank you very much! ___ tor-dev mailing list tor-dev@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev
Re: [tor-dev] Tor logo
On Sun, Nov 01, 2015 at 04:40:59PM +0100, Philip Lammert wrote: > Hi, > > I wasn’t lucky with the Tor logo, its design qualities in general, especially > its performance in small sizes and its inconsistent applications (different > shades of purple and green, outlines, gradients and glossy effects …). So I > made a redesign. I would offer all file types needed. I hope this > mailing-list is the right place to present it and discus it. Please, have a > look at the PDF-file: > http://www.file-upload.net/download-11010886/_logos_overview.pdf.html > I don't know what the fuck with file-upload.net, but I can't download from them. I disabled Noscript, Ablock Plus, Ghostery but still can't download your pdf. > The whole developing system here seems decentralised and an implementation > might be a bit cumbersome, but if it doesn’t exhaust me too much, I could > also offer further design advice, (re-)designing app icons, making mockups > for Tor websites, apps etc. and give it a consistent and professional > appearance. > > Regards > Philip > > ___ > tor-dev mailing list > tor-dev@lists.torproject.org > https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev ___ tor-dev mailing list tor-dev@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev
Re: [tor-dev] Tor logo
On Sun, Nov 01, 2015 at 08:00:14PM +0100, Philip Lammert wrote: > > -BEGIN PGP SIGNED MESSAGE- > Hash: SHA512 > > > > this community is very security conscious, and because of this a large > > > portion would be uncomfortable opening a PDF file. so i uploaded a > PNG > version to an image host. attached to this email is the same file > as well. > I understand. > > Here starts the problem. Your PNG doesn't show the right colours > (Q.E.D.). Here's a new upload (and attachment). > > http://postimg.org/image/7s05dc5wt/ I like them. They are simple. It is mainstream in iconographic and other graphical computer interfaces and in web today IMHO. ___ tor-dev mailing list tor-dev@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev
