[tor-dev] List of Tor Exit IP address: Is this available from Tor Control Port
Hi all, is the list of Tor Exit IP addresses available from Tor Control Port or only from https://check.torproject.org/exit-addresses via TorDNSEL ? -naif ___ tor-dev mailing list tor-dev@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev
Re: [tor-dev] How many exits exit from an IP address different than their OR address? (10.7%)
On 1/12/16 4:43 AM, David Fifield wrote: > I wanted to know how many exits exit from an address that is different > from their OR address. The answer is about 10.7%, 109/1018 exits. The > interesting part is that of those 109 mismatches, 87 have an exit > address that differs from the OR address in all four octets; i.e., the > IP addresses used by the exit are not even in the same /8. It would be nice to prevent different IP traffic for Exit, unless OutBoundBindAddress is defined and/or OutBoundExitAddress (ie:https://trac.torproject.org/projects/tor/ticket/17975) is implemented and defined. >From a "transparency" point of view, i think that any routing aspects shall stay into the consensus database, so that it could be checked for possible sign of manipulations. If someone want to do asymmetric routing, then that information must be in the consensus (IMHO). -- Fabio Pietrosanti (naif) HERMES - Center for Transparency and Digital Human Rights http://logioshermes.org - https://globaleaks.org - https://tor2web.org - https://ahmia.fi ___ tor-dev mailing list tor-dev@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev
Re: [tor-dev] Proposal: End-to-end encrypted onion services for non-Tor clients
vice. > > 3.2. Entry Proxy > > Modern web browsers send a Server Name Indication (SNI) field in the initial > ClientHello of the TLS handshake. The entry proxy reads this field to > determine the clients destination domain. The proxy performs a DNS lookup at > that domain for a TXT record which specifies the corresponding onion address > for the provided domain. > > The TLS entry proxy connects to the onion service via a Tor2Web-type circuit > and then begins transparently proxying TLS traffic between the clients > browser and the destination onion service. > > 3.3. Resolving Nameserver > > The key component of this system is a DNS name server which can direct > clients to an online entry proxy via a round-robin type system. In a basic > solution the onion service operator could manually specify one or more entry > proxies in the A records for their domain on their existing authoritative > DNS provider. > > In practice entry proxy churn would result in changing set of entry proxies. > The nameserver will need regularly update its set of online entry proxies an > remove proxies which are malfunctioning, malicious or otherwise unusable. > > The resolver may run a scanner to check its known proxies or load a list > from an external service. Additionally the resolver should detect if an > entry proxy blacklists a domain for which it is responsible and avoid > routing clients to that entry proxy. > > It is expected that independent service providers will run their own > domain->onion resolving nameserver in diverse jurisdictions as free or paid > services. > > 4. Implementation: > > The entry proxy component could be implemented as part of the current Tor > relay code base. Integration directly within Tor would allow use of the > existing network consensus and bandwidth measurement systems to be used to > discover available entry proxies. It would also allow for malicious entry > proxies to be blacklisted. > > Alternatively the entry proxy could be implemented in the existing Tor2Web > software or as a standalone software package. Implementing outside of Tor > would be faster and it would avoid the risk of losing Tor relay capacity as > a result of legal threats to the entry proxies. > > The resolving nameserver is the most complicated component of this system. > The component will eventually require a DNS server, a management interface, > and a set of network monitoring tools. > > 5. Security and resiliency implications: > > 5.1. Availability Attacks: > > Adversaries can attack the availability of a publicly-proxied hidden > service at a number of levels: > > * Censorship or shutdown of entry proxy: > > Attacks on individual entry proxies are mitigated by performing DNS > based round-robin between many online entry proxies. The Resolver system > should be able to quickly remove entry proxies which misbehave or which > go offline. > > * Censorship or seizure of the hidden service public domain: > > DNS based blocks are widely deployed for censorship and may be difficult > to avoid. Domain registrars can also be forced to suspend domain names. > Service operators should considering running their service under a TLD > which is less vulnerable to these type of coercive threats. > > * Takedown of a nameserver provider: > > Multiple resolving nameservers can be configure for each forwarded > domain. Using nameservers maintained by different providers can provide > resilience to attacks against a single nameserver provider. > > 5.2. Security Attacks: > > Entry proxies and exit relays have a similar ability to monitor and > interfere with client traffic. This is greater risk of targeted > interference from entry proxies as they can also determine the client's > network location. > > * Man-in-the-middle HTTP connections: > > Entry proxies have the ability to man-in-the-middle HTTP connections. > Service operators should send HSTS header to force clients to > automatically use TLS for all future connections. > > * TLS man-in-the-middle with CA-signed certificate > > Some commercial CA cert providers allow for domain ownership to be > validated by providing a file over HTTP at the domain. A malicious entry > proxy could successfully obtain a CA-signed certificate from one of > these certificate authorities. > > Service operators can minimize their exposure to this type of attack by > using HPKP headers to limit the set of valid certificate authorities for > their domain. > > > > > ___ > tor-dev mailing list > tor-dev@lists.torproject.org > https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev > -- Fabio Pietrosanti (naif) HERMES - Center for Transparency and Digital Human Rights http://logioshermes.org - https://globaleaks.org - https://tor2web.org - https://ahmia.fi ___ tor-dev mailing list tor-dev@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev
Re: [tor-dev] Feature freeze plans for Tor 0.2.7: Please read if you hack Tor!
On 8/19/15 5:40 PM, Nick Mathewson wrote: Hi, all! Here's the schedule we worked out for the Tor 0.2.7 feature freeze. (These are defaults, not promises. We can make exceptions, but please remember that delaying a freeze will delay release, and every day we delay a release will delay all the _other_ features getting out into a stable Tor. We've been aiming to speed up our release cycle, and this represents the latest installment in that effort.) Are we considering, for that release, to include Tor2web mode and encrypted services to be built/compiled with the standard release of Tor (but with some very big-explicit-command-line to activate) ? As it would definitively help in the deployment of Tor2web -- Fabio Pietrosanti (naif) HERMES - Center for Transparency and Digital Human Rights http://logioshermes.org - https://globaleaks.org - https://tor2web.org - https://ahmia.fi ___ tor-dev mailing list tor-dev@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev
Re: [tor-dev] Namecoin .onion to .bit linking
On 5/19/15 4:43 PM, Jeremy Rand wrote: Hello Tor-Dev, One of the criticisms of Namecoin which seems to be raised sometimes is that the current domain namespace spec doesn't have a method for a .bit domain owner to prove that they are in control of a .onion. (This is also an issue for .bit domains that point to .i2p.) I'm interested in improving this situation, and am looking for feedback. At Tor2web we've been considering using Namecoin for those features: https://github.com/globaleaks/Tor2web/issues/30 https://github.com/globaleaks/Tor2web/issues/66 If someone want to hack on those feature, we'd love to support! :) -- Fabio Pietrosanti (naif) HERMES - Center for Transparency and Digital Human Rights http://logioshermes.org - https://globaleaks.org - https://tor2web.org - https://ahmia.fi ___ tor-dev mailing list tor-dev@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev
Re: [tor-dev] RFC: Ephemeral Hidden Services via the Control Port
On 2/16/15 11:22 PM, meejah wrote: I guess to put another way: I can't see a use-case to keep the hidden- service around if the application that added it went away. +1 from globaleaks perspective -naif ___ tor-dev mailing list tor-dev@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev
Re: [tor-dev] Static compile config and incore runtime [HS via Control Port]
On 2/16/15 11:45 PM, grarpamp wrote: In some unique situations you may not even be able to spawn/access the control port. So ability compiling in HS keys etc would be useful there. There may already be some tickets for these things. That's that Windows PE files does with PE Resources that are appended to the end-of file. Tor could support appending config files to the end of the Tor binary itself? -- Fabio Pietrosanti (naif) HERMES - Center for Transparency and Digital Human Rights http://logioshermes.org - https://globaleaks.org - https://tor2web.org - https://ahmia.fi ___ tor-dev mailing list tor-dev@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev
Re: [tor-dev] RFC: Ephemeral Hidden Services via the Control Port
On 2/14/15 1:45 AM, Yawning Angel wrote: Hi, The Warning: DO NOT USE MY BRANCH YET, IT HAS HAD MINIMAL TESTING AND REVIEW. IT IS NOT DONE. IT WILL BROADCAST YOUR SECRETS TO THE NSA'S ORBITAL SPACE STATION. Trac Ticket: https://trac.torproject.org/projects/tor/ticket/6411 Branch: https://github.com/Yawning/tor/compare/feature6411 I'm fine with the proposal. That's an important part of a set of tickets designed to enable the use of a Tor integration without ever touching the filesystem within third party application and application controllers (such as TxTorCon/ORbot) . This complement the already closed #13865 (https://trac.torproject.org/projects/tor/ticket/6411) and the yet-to-be-discussed #14899 (Enable Tor to work without using filesystem for cached files https://trac.torproject.org/projects/tor/ticket/14899). When #6411 will be integrated and #14899 will be implemented: - Tor AppArmor profile can be imporved by completely disabling filesystem read/write (when integrated with a third part app) - Third party App can fully use Tor by keeping all it's configuration directive, keys (for TorHS) and caches (for descriptors/consensus) in the application database Once all of that will be possible, we'll be able to make a 100% clean Tor integration into GlobaLeaks (that's undergoing an architecture refactor to have a master/slave process). -- Fabio Pietrosanti (naif) HERMES - Center for Transparency and Digital Human Rights http://logioshermes.org - https://globaleaks.org - https://tor2web.org - https://ahmia.fi ___ tor-dev mailing list tor-dev@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev
[tor-dev] Best way to client-side detect Tor user without using check.tpo ?
Hi all, we're introducing client-side checking if a user it's on Tor or not on the GlobaLeaks Javascript client. As far as i understood since some time ago, the right way to do it was to detect a TBB user with some fingerprinting technique, however those are going to disappear/being avoided/fixed right? So, the TorButton approach is to load https://check.torproject.org/?TorButton=true . However we're looking for a way that enable to check if we are on Tor without having to load a network resource. That's very important because there are use-case of GlobaLeaks where the application is being integrated into investigative media website (that are under HTTPS) and the Whistleblower is given some plausible deniability regarding the fact he's leaking something or visiting a news. For that reason, we cannot check if a user it's on Tor by loading an external network resource such as https://check.torproject.org/?TorButton=true because it would destroy the plausible deniability things. There's a right way to detect if a user it's on Tor, from a Browser, without loading an external network resource? -- Fabio Pietrosanti (naif) HERMES - Center for Transparency and Digital Human Rights http://logioshermes.org - https://globaleaks.org - https://tor2web.org - https://ahmia.fi ___ tor-dev mailing list tor-dev@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev
Re: [tor-dev] oppy - an Onion Proxy in Python
On 1/20/15 1:15 AM, Nik wrote: Hi tor-dev, I care deeply about the ability for people to have anonymity online, and I've always been really interested in exactly how Tor works. So for a class project last semester I wrote oppy, an onion proxy in 100% Python. I spent most of my winter break cleaning it up and writing documentation, and today I'm releasing oppy as a free software project :) code: https://github.com/nskinkel/oppy docs: https://nskinkel.github.com/oppy It would be an amazing evolution to see support for Tor Hidden Services. There are plenty of software (such as GlobaLeaks) that use Tor only: - as a Client (to make outbound connection) - as a Server (to receive outbound connection) It's a wet dream to have a pure-python Tor implementation integrated within Twisted, that enable to: - connect to the outside world using Tor - receive inbound connection as a Tor Hidden Service I understand that's quite tricky to reach production-grade, but for software-integration it would be a very valuable approach. Another approach to achieve better software integration is to have Tor as a Library (it has been discussed few times, there are some existing architectural issues within Tor and some concern on how it shall be done). -- Fabio Pietrosanti (naif) HERMES - Center for Transparency and Digital Human Rights http://logioshermes.org - https://globaleaks.org - https://tor2web.org - https://ahmia.fi ___ tor-dev mailing list tor-dev@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev
Re: [tor-dev] Internet-wide scanning for bridges
On 12/13/14 1:33 AM, Vlad Tsyrklevich wrote: I've attached a patch to warn bridge operators running with ORPort set to 443 or 9001 as a stop-gap measure. IMHO the real point is that Tor, is not employing the techniques that used since decades by the COMSEC solutions in the radio-frequency, that is frequency hopping. On the internet we have TCP ports, on the radio-spectrum we have frequency. Just apply the various, multiple, available, well documented techniques used to provide additional L1/L2 safety to the radio-frequency transmission techniques to Tor, et voilà, Tor would acquire important resiliency properties against massive scanning. That's just a concept and approach, it would require a bit more of research, but i'm quite confident that would provide very important benefit compared to the minor performance issues introduced. -- Fabio Pietrosanti (naif) HERMES - Center for Transparency and Digital Human Rights http://logioshermes.org - https://globaleaks.org - https://tor2web.org - https://ahmia.fi ___ tor-dev mailing list tor-dev@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev
Re: [tor-dev] Distributing TBB and Tails via Torrents
On 12/10/14 7:53 PM, Chuck Peters wrote: The torrent files are available through https with a valid certificate. We would love to distribute Tor Browser Bundle via Tor2web, useful for specific use-cases: https://github.com/globaleaks/Tor2web-3.0/issues/168 -- Fabio Pietrosanti (naif) HERMES - Center for Transparency and Digital Human Rights http://logioshermes.org - https://globaleaks.org - https://tor2web.org - https://ahmia.fi ___ tor-dev mailing list tor-dev@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev
Re: [tor-dev] Scaling tor for a global population
Il 9/27/14, 2:33 AM, Mike Perry ha scritto: We could also handle controlled rollouts to fractions of their userbase to test the waters, and slowly add high capacity nodes to the network to support these new users, to ensure we have the people ready to accept payment for running the servers, and maintain diversity. I read your very detailed estimations and improvement paths, i love it! However i see that the main suggestion to increase the network capacity can be simplified as follow: - improve big nodes ability to push even more traffic - add more big nodes Other improvements are to reduce the consensus size and directory load, but not specifically on network capacity. While this is the obvious way to add more capacity i feel that's going to have impacts such as: 1) reduce the diversity (thus the anonymity, because few players will handle most of the network's traffic) 2) make it irrelevant for anyone to run their own small/volounteer relay That sounds like the easier way to scale up in a defined amount of time and with a defined budget, but imho also with consequences and pre-defined limits. I feel that the only way to scale-up without limits and consequences is to have end-users became active elements of the network, where we have success story such as Skype. End-users have important network resources available that can be estimated and used (with care). Not all end-users are equal, i'm now on a 2M Hyperlan line (damn digital divide!), but someone else in Stockholm or San Francisco it's on a 1000M/100M fiber connection @home (not in a datacenter) and while in Milan i've a 100M/10M fiber! That bandwith resources are amazing, usually quite cheap (home broadband lines), widely available in the end-users hands. IMHO those are the bandwidth resources, widely available, cheap, very diverse/sparse that could help the Tor network to scale-up. How to use it properly within/for the Tor network? That's a different topic. But those big bandwidth resources are there, available under our feet, in our home, and we're not using it! -naif ___ tor-dev mailing list tor-dev@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev
Re: [tor-dev] Scaling tor for a global population
Il 9/26/14, 4:58 PM, Andrew Lewman ha scritto: They very much like Tor Browser and would like to ship it to their customer base. Their product is 10-20% of the global market, this is of roughly 2.8 billion global Internet users. . WOW! . Is there a better list available for someone new to Tor to read up on the scalability challenges? As a basic concept, i don't think that Tor could scale up to huge numbers without making the end-user to became active part of the network routing. -- Fabio Pietrosanti (naif) HERMES - Center for Transparency and Digital Human Rights http://logioshermes.org - http://globaleaks.org - http://tor2web.org ___ tor-dev mailing list tor-dev@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev
Re: [tor-dev] Making and distributing custom TBB with a new home-page
Il 9/21/14, 5:09 PM, Leif Ryge ha scritto: Waiting for comments before writing some quick specs If I remember correctly I heard some GlobaLeaks people discussing the idea of rebranding TBB a long time ago but eventually they concluded that it was generally undesirable for potential whistleblowers to have GlobaLeaks-specific bytes sitting around on their storage devices. Yeah, in past we've been brainstorming making a customized TBB for public uses. But we concluded it was not a good idea. Instead in that context of use it's: - specifically for private use/distribution - in a context where the download of TBB is anyhow filtered/censored from torproject.org so we must provide anyway a copy of the TBB binaries to the end-user, as he cannot download it. That means that we must anyway keep an updated mirror of TBB binaries for 2 specific target language versions. Also, it seems like whatever private distribution mechanism you plan to use for a modified TBB could also be used just as well for a standard TBB, or Tails. Using TBB as it is does require the end-user to make a copy/paste of the .onion URL, because .onion are not mnemonic, and that step must be done every time. We made user-personae and use-case scenario simulation directly with the relevant people dealing with end-users before coming to that conclusion. That step (copy/pasting URL) has been considered a too complex step to became acceptable, so the reason to deliver a customized TBB with a custom home-page pointing directly to that Globaleaks site. | Have you considered just distributing Tails USB sticks along with the .onion address on a piece of paper? We've considered it, but it was outside the logistically doable opportunity, as far as i understood. Sounds like the most apparently obvious solution for our community, are not so easily applicable in that context of use by speaking with the end-users. -- Fabio Pietrosanti (naif) HERMES - Center for Transparency and Digital Human Rights http://logioshermes.org - http://globaleaks.org - http://tor2web.org ___ tor-dev mailing list tor-dev@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev
Re: [tor-dev] Revised Relay Descriptor Fields proposal
This extension could be very useful for the Tor2web project, in order to easily introduce directory functionalities for join/leave/networking capabilities as per https://github.com/globaleaks/Tor2web-3.0/issues/41 . That would be *amazing* . I'm going to bring Italian Grappa with express-shipping as an alchoolic incentive to anyone that love to make it real! :-) -- Fabio Pietrosanti (naif) HERMES - Center for Transparency and Digital Human Rights http://logioshermes.org - http://globaleaks.org - http://tor2web.org Il 7/4/14, 10:22 AM, Virgil Griffith ha scritto: Filename: ExtraRelayDescriptorFields.txt Title: Adding new X- fields to relay descriptor Author: Virgil Griffith, Nick Mathewson Created: 2014-06-03 Status: Open 1. Motivation We wish to allow developers to build new applications atop relays. Towards this end, we wish to add the ability for users to specify arbitrary new key-value entries under the X- namespace. 2. Proposal Allow optional key-value lines in the relay's torrc file. These lines will be mirrored in the relay's descriptor which is then published in the directory consensus. For example: X-bitcoin 19mP9FKrXqL46Si58pHdhGKow88SUPy1V8 X-gravatar https://s.gravatar.com/avatar/d27fce46c9ac41a41bb52455ae75701d X-favoritequote Be excellent to each other. Party on dudes! X-foo bar The value field must be printable ASCII (characters 32-126). The value must not under any condition contain a newline. The key may contain lowercase ASCII letters (a-z), digits, underscore, or dash. In regex, [-_0-9a-z]. There may need to be a maximum sum length of the X- entries. This is left to the developers. I propose a maximum sum length of 5 kilobytes. To mitigate the chance of a malformed torrc file, I additionally propose there be a schema for the relay descriptor, and if the relay descriptor fails to match the schema it errors to the user to change her torrc file. -V ___ tor-dev mailing list tor-dev@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev ___ tor-dev mailing list tor-dev@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev
[tor-dev] Python Only Tor Client?
Hi all, does anyone know of any work to make a Python Only Tor Client, that just enable to expose a Tor Hidden Service? It would be very cool if it would be possible to avoid Tor binary as a dependency for Globaleaks, making it pure Python application code. The questions are: - Are there projects that foresee to do something like that? - From a Tor Project perspective, does it make sense? - From a Security perspective, are there strong security implications in doing so? -- Fabio Pietrosanti (naif) HERMES - Center for Transparency and Digital Human Rights http://logioshermes.org - http://globaleaks.org - http://tor2web.org ___ tor-dev mailing list tor-dev@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev
[tor-dev] Starting Tor from Python using Ctypes improving Sandboxing?
Hi, currently starting Tor from an python application using existing frameworks (such as txtorconn) provide limits related to the capabilities of sandboxing the application itself with AppArmor. If you want to start Tor from your own application, then you must enable such application to execute an external binary called /usr/bin/tor . I'm wondering if anyone ever tried to start Tor from a Python application using Ctypes, to start the Tor main(), placing the Tor process into a dedicated Python's application Thread. That way it would be possible to sandbox the Python application using AppArmor without enabling any kind of execve() call. Does anyone ever tried this? -- Fabio Pietrosanti (naif) HERMES - Center for Transparency and Digital Human Rights http://logioshermes.org - http://globaleaks.org - http://tor2web.org ___ tor-dev mailing list tor-dev@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev
Re: [tor-dev] GSoC - Search Engine for Hidden services
2014-03-16 20:13 GMT+01:00 George Kadianakis desnac...@riseup.net mailto:desnac...@riseup.net: API development In addition, ahmia.fi http://ahmia.fi/ provides RESTful API to integrate other services to use hidden service description information (see https://ahmia.fi/documentation/ https://ahmia.fi/documentation/). Hidden services can integrate their descriptions directly to the hidden service list (see https://ahmia.fi/documentation/descriptionProposal/ https://ahmia.fi/documentation/descriptionProposal/). I just added manually all the known globaleaks sites (http://en.wikipedia.org/wiki/GlobaLeaks#GlobaLeaks_uses) to the Ahmia Directory, so we can test the experimental feature of GlobaLeaks that generate a Description.json documented at https://ahmia.fi/documentation/descriptionProposal/ Integration with Tor2web Thanks to our suggestion recently, Tor2web has implemented a feature that provides secure and anonymous statistics within a day. I want to implement to implement an automatic fetch and handling of this data. Ahmia.fi should fetch these and add each new .onion page The experimental statistics documented here: https://github.com/globaleaks/Tor2web-3.0/wiki/OpenData Fabio -- Fabio Pietrosanti (naif) HERMES - Center for Transparency and Digital Human Rights http://logioshermes.org - http://globaleaks.org - http://tor2web.org ___ tor-dev mailing list tor-dev@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev
[tor-dev] Does TLS round-trip optimization apply do Tor?
Hi, i've been reading the article Optimizing NGIX TLS time for first byte below: http://www.igvita.com/2013/12/16/optimizing-nginx-tls-time-to-first-byte I've been thinking whenever that kind of optimization does apply also to Tor or not? -- Fabio Pietrosanti (naif) HERMES - Center for Transparency and Digital Human Rights http://logioshermes.org - http://globaleaks.org - http://tor2web.org ___ tor-dev mailing list tor-dev@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev
Re: [tor-dev] .i2p address support in torsocks
Il 11/2/13 5:13 PM, adrelanos ha scritto: Hi David, adding .i2p support to torsocks is perfectly fine. It's a feature, not a limitation. Who doesn't want to use it won't be annoyed by it. (Other than man page and --help entry, but well, life is tough. :) I'd love also if someone pickup I2P integration for Tor2web: https://github.com/globaleaks/Tor2web-3.0/issues/82 -- Fabio Pietrosanti (naif) HERMES - Center for Transparency and Digital Human Rights http://logioshermes.org - http://globaleaks.org - http://tor2web.org ___ tor-dev mailing list tor-dev@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev
Re: [tor-dev] Design for an exit relay scanner: feedback appreciated
Why don't just use OONI and a single Tor instance to do so? I expect it will take much less and you will be able to leverage existing code and exitsting knowledge within the tor project. Fabio Il 10/9/13 11:44 PM, Philipp Winter ha scritto: I am working on a Python-based exit relay scanner which should detect malicious and misbehaving exits. The design should have a reasonable balance between being fast/parallel and stressing the network as little as possible. ___ tor-dev mailing list tor-dev@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev
Re: [tor-dev] [Otter/Cute] What's Cute in APAF
Cool! I'd like to suggest several changes to the implementation strategy for Cute: * Cute should be an application and it must not be for any reason a virtual machine that's a nerdy/geeky things. An application has to be distributed trough Mac App Stores, Ubuntu App Stores, Windows App Stores. * Cute should not have multiple process running (only a single process, no LAMP that's difficult to be maintained) * Cute's Wordpress must use SQLite backend (to keep it selfcontained) * Wordpress should run over a secure Python sandbox Assuming the use of APAF, wordpress must be run using php-cgi, with a sandboxed profie from Twisted http://stackoverflow.com/questions/14541813/python-twisted-render-php * Use Tor2web for Edge Cache Nodes, without using other piece of software It just need to implement caching with https://github.com/globaleaks/Tor2web-3.0/issues/29 Fabio Il 10/10/13 2:02 PM, Michele Orrù ha scritto: Dear Team, For completeness' sake I am attaching to this email the report I wrote last week in order to summarize what the project APAF is about, and what there is in common between it and the Otter/Cute proposal. Eventually, feel free to add it to the trac page. After reading [Cute design and challenges], though, I think the report lacks an exhaustive description of APAF's threat model. ___ tor-dev mailing list tor-dev@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev
Re: [tor-dev] Torsocks reengineered
On 6/4/13 2:08 PM, Ian Goldberg wrote: David, Does the current version of torsocks support Optimistic Data? That saves a round trip through the Tor network, and makes things snappier. Tor clients, servers, and recently the Tor Browser now support it. I'd also say that you should consider extended socks code support, to know if a Tor Hidden Service exists or not: https://trac.torproject.org/projects/tor/ticket/6031 Fabio ___ tor-dev mailing list tor-dev@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev
Re: [tor-dev] Iran
On 5/9/13 1:34 AM, Jacob Appelbaum wrote: Maybe OONI ppl can help with that? I have an idea that I think might help. It isn't related to any current pluggable transport. I think we could pump out a transport that would not be easy to block. It would be also be very interesting to be able to play with the DPI system from an internal iranian intranet address space, if someone have an access from linux box. -naif ___ tor-dev mailing list tor-dev@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev
Re: [tor-dev] SQLSupport
On 5/1/13 1:36 PM, moataz ahmed wrote: is it possible to insert data about routers,circuits and bwhistory in database ? i am using opaddon to measure relays and i can see in torctl folder that there is a file called sqlsupport.py he is using sqlalchemy to deal with database i ran opaddon many times but there is no insertion in the database !!! You should look at the work getting done by Waldo to make Tor as a Library, that will also fix your issue, by abstracting the i/o currently hardcoded to filesystems and managed by Tor process. The project is called Onion Route http://www.onionroute.org/. Fabio ___ tor-dev mailing list tor-dev@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev
Re: [tor-dev] Tor Launcher settings UI feedback request
On 5/3/13 4:10 PM, Mark Smith wrote: http://trial.pearlcrescent.com/tor/torlauncher/2013-05-03/SetupWizard/wizard-all.png (composite of all of the wizard panels). While i've still not tried running it, i think that's very important to have a default way where the user with just 1 click is online. I mean that the wizard should provide as a first option a question that ask the end-user something like: - Start Browsing - Custom Settings That way you will reach two kind of users: - The ones that are OK with the default (or just doesn't know) - The ones that require some custom settings (if they need it, they know) The overall usability improvement would be very powerful because the user, from clicking to the application is just 1 step forward with no additional complex question asked (from the end user perspective). Fabio p.s. Following this improvement, from usability perspective i think that the most important steps are: - Making a comfort loader during the loading of Tor Hidden Services (to avoid bad white page effect while waiting) - Improving the Windows Installer (with a sort of installer guiding the end-user to the extraction process up to an open-browser) - Make Mac OS X DMG packaging for distribution (rather than ZIP) ___ tor-dev mailing list tor-dev@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev
Re: [tor-dev] Embedding tor in an application and using tor without opening a port
On 4/13/13 7:42 PM, wac wrote: Seems you want to put your hands at it so that makes two of us. You don't need to do what I already did. I am preparing the environment to move towards team mode. Check the website http://libtor.org. In any case remember all of this to make it solid is not just about coding. Regards Waldo Waldo, you're making something amazing! :-) If you succeed in your project, a lot of third party apps will be able to link with Tor directly! Are there already some code shared on Github? You should also consider to have a look at the work to use Tor as a Library made by Claudiu Vlad Ursache on https://github.com/ursachec/iTorExample (we spoke about it at CCC Congress last December 2012) . Fabio p.s. We should really look for some support for this project! ___ tor-dev mailing list tor-dev@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev
Re: [tor-dev] Embedding tor in an application and using tor without opening a port
On 4/1/13 10:17 PM, Navin Francis wrote: I am making a small application that always uses tor to communicate. I have embedded tor into the application by compiling and linking the tor source code along with my own code and calling tor's main() from within my own main(). To send data, tor has to open a port on the machine and my application would have to send data to 127.0.0.1:port This seems a little unnecessary since both tor and my application run in the same process. More importantly, it seems like any program on the machine can use my application's embedded tor client by connecting to the right port. The easiest way to avoid opening a port seems to be to modify the socket implementation so that it accesses an array rather than sending/receiving data. Are there any existing applications that embed tor in this manner? Is there a better way to do this, and if not, are there any corner cases I have to watch out for? You are the 3rd person in less than 1 week asking about using tor without having tor running . You may consider the discussion on Using Tor as a Library on Tor-dev in past week about the idea to make Tor be able to work as a library: https://lists.torproject.org/pipermail/tor-dev/2013-March/004564.html https://lists.torproject.org/pipermail/tor-dev/2013-March/004571.html Let's Cc Waldo that's working on that concept. Fabio ___ tor-dev mailing list tor-dev@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev
Re: [tor-dev] Using Tor as a library
On 3/28/13 8:32 AM, wac wrote: Hi Folks: I am looking to use Tor as a library for my program. I managed to build it from the sources including the required libraries. But now I am looking for hints on how to replace the SOCKS 4/5 or the transparent proxy with direct calls from my application to link them. I'm hoping somebody here can point me in the right direction. That is turning off all listening for incoming connections. Just my application going through tor circuits. That's the future of Tor, to be integrated as a library just like an encryption library into application. That's also the only way to make applications in constrained environment, such as Apple iOS. Some useful link to look at is: https://github.com/mtigas/iOS-OnionBrowser (embedding Tor as part of Apple iOS application) https://lists.torproject.org/pipermail/tor-talk/2011-September/021527.html If you approach this kind of problem, it would great if you create a full set of patches, creating proper tickets on http://trac.torproject.org and detailed documentation to enable anyone to build Applications with Tor built-in in an easy way. A very valuable target could be to create a wrapper around Tor with minor patch to be able to use it as a library from any major application programming languages. Fabio ___ tor-dev mailing list tor-dev@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev
Re: [tor-dev] Using Tor as a library
On 3/28/13 12:10 PM, Christopher Schmidt wrote: Fabio Pietrosanti (naif) lists-BEJ3GKOyH/ewup2xcto...@public.gmane.org writes: That's the future of Tor, to be integrated as a library just like an encryption library into application. No, it's not. Embedding a Tor client in another application cripples auditability, configurability, updateability etc. of Tor. So does embedding a controller. Even worse, an application trying to outsmart the user by controlling Tor on its own poses a severe security risk. It completely disagree with that vision. A separate component can be tampered or misconfiguredwithout leveraging the specific application context of use. A separate component cannot leverage the efficient automatic-update procedures of a specific application using it. Other than an encryption library, there is no well-defined output to an input that a Tor library should produce. The input and output is so very well defined that there's an RFC 1928 defining it. Without a tight integration with an application there are additional risks, such as applications leaking DNS or connecting directly if Socks server is not available . Without direct application integration (linking tor with the application) there is *much more code and complexity involved* and this represent a risks for the end-user. Tor is a vivid, organic ecosystem of different, replaceable projects that integrate into each other. Embedding a static subset of these in an application is wrong. The same for major crypto library like OpenSSL, but all applications link it directly rather than using an outdated IPC mechansmis here called SOCKS (involving multiple layers of software in userspace and kernel-space to be used). From the software architectural and security perspective having Tor integrated within an application represent a security advantage for the end-user, imho without any doubt. Fabio ___ tor-dev mailing list tor-dev@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev
Re: [tor-dev] Tor Exit Images
On 3/24/13 9:39 PM, Griffin Boyce wrote: Hey all, After talking to Wendy Seltzer, I decided to bring this up on the list. I frequently talk to people who would like to run an exit node, but who aren't as good a sysadmin as they'd like to be. It would be great if there were server images that could be fairly easily installed and then configured. All of these people so far have had the means to spend $150ish a month on the required hosting, they just felt that getting it running was a stumbling block. Thoughts? To fix that need it would be nice to make a sort of hosting provider (using existing tool for customer management, payments, server/application deployment maintenance) to host Tor Exit. That way the ownership, liability, costs, abuse management would still be of the person running it's own server, but it would be highly facilitated to be able to setup / sponsor Tor Exit somehow. The hosting provider would choose the right balance between bandwidth resources / ISPs locations / netblocks distribution. The hosting provider would provide to it's own customer a ready made ticketing-interface to handle abuse requests and management. It would be a way to industrialize and facilitate the setup of Tor Exit ISPs. Fabio ___ tor-dev mailing list tor-dev@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev
Re: [tor-dev] Tor Exit Images
On 3/24/13 11:11 PM, Griffin Boyce wrote: Fabio Pietrosanti (naif) li...@infosecurity.ch mailto:li...@infosecurity.ch wrote: To fix that need it would be nice to make a sort of hosting provider (using existing tool for customer management, payments, server/application deployment maintenance) to host Tor Exit. This would definitely be cool, though honestly I was thinking more pre-configured bundles for common ISP(s). Well, it would still need to have some kind of Web management software to let the non-unix-skilled person carry on regular maintenace procedure without a unix terminal such as: - Configure Tor (nickname, bandwidth, etc) - Check if there's an upgrade upgrade Tor when needed - See if Tor is running / ability to shutdown / restart it That's something that should need to be pre-installed to facilitate the regular maintenance operations for that non-unix-skilled persons. Does something like that still exists ? Fabio ___ tor-dev mailing list tor-dev@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev
Re: [tor-dev] Tor Exit Images - software to manage tor on unix without unix-skills
On 3/24/13 11:16 PM, Fabio Pietrosanti (naif) wrote: On 3/24/13 11:11 PM, Griffin Boyce wrote: Fabio Pietrosanti (naif) li...@infosecurity.ch mailto:li...@infosecurity.ch wrote: To fix that need it would be nice to make a sort of hosting provider (using existing tool for customer management, payments, server/application deployment maintenance) to host Tor Exit. This would definitely be cool, though honestly I was thinking more pre-configured bundles for common ISP(s). Well, it would still need to have some kind of Web management software to let the non-unix-skilled person carry on regular maintenace procedure without a unix terminal such as: - Configure Tor (nickname, bandwidth, etc) - Check if there's an upgrade upgrade Tor when needed - See if Tor is running / ability to shutdown / restart it That's something that should need to be pre-installed to facilitate the regular maintenance operations for that non-unix-skilled persons. Does something like that still exists ? Got an idea of an alternative solution to the problem Let someone without unix-skills to setup and maintain it's own Tor Exit on their favorite server provider. We can make a GUI Application that let this kind of user to: - Configure Tor (nickname, bandwidth, etc) - Check if there's an upgrade upgrade Tor when needed - See if Tor is running / ability to shutdown / restart it That kind of application automate via SSH/SCP the procedure explained below. The procedure would be finely tuned for all the different main unix operating systems available (that are the one ready-made on the vps/server provider of installable list). The user experience would be: - Start the application - Select operating system version (Ubuntu 12.04, Debian 6, CentOS X, etc, etc) - Insert hostname, root's username, password - Configure visually on the UI: - Nickname - Bandwidth - Exit Policy - Click Deploy Tor Et voilà, the tor intance would be installed and configured on the remote server trough SSH/SCP for that specific OS version. Other options provided to the end-user by the UI would complete the maintenance operation required: - Check for upgrade - Upgrade - Start / Stop / Restart With such approach you would still had made possible for non-unix users to deploy and maintain tor on unix's vps of all the provider. Fabio ___ tor-dev mailing list tor-dev@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev
Re: [tor-dev] Twisted-based Tor client performance measurement tool (using ooni?)
On 1/21/13 9:06 PM, Karsten Loesing wrote: Hi everyone, you probably heard of Torperf [0], the tool that produces our Tor client performance graphs [1]. Torperf is mostly a bunch of scripts and lengthy HOWTOs, so setting it up and keeping it happy is not exactly trivial. I am wondering if this should not use and leverage the existing OONI project that does more or less what functionally TorPerf has to do? Fabio ___ tor-dev mailing list tor-dev@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev
Re: [tor-dev] Working on GUI
On 11/6/12 10:00 PM, vimalathithan wrote: Hi, I am new to this community. A group consists of 5 members from School of Informatics and Computing, working with Professor Jean Camp on a research paper. Our research is to carry out a case study after making changes in the UI of Tor Browser. Could anyone here, please provide a link to learn more about Tor UI to get started with the development activities. Imho, creating a simplifier Tor Browser Bundle without Vidalia, with a single executable on which you make click-click and it open an Option-less browser would be a very cool stuff. Starting back from the *most simplified solution* Fabio ___ tor-dev mailing list tor-dev@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev
Re: [tor-dev] [OONI] Designing the OONI Backend (OONIB). RESTful API vs rsynch
On 7/15/12 3:58 PM, Jacob Appelbaum wrote: Are you sure HTTP doesn't support resume? What does wget -c do? I believe this requires the HTTP: range header and it doesn't provide the integrity checking that rsync provides. It maybe also an application HTTP parameters that contain the last offset of the specific data-set download, so that the server would seek to that offset and start sending data up to that point? -naif ___ tor-dev mailing list tor-dev@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev
Re: [tor-dev] Onionoo in Python
On 7/10/12 5:36 PM, Norman Danner wrote: On 7/9/12 12:09 PM, Sathyanarayanan Gunasekaran wrote: Is this available yet? Yep - https://github.com/gsathya/pyonionoo It's pretty hacky(it was meant to be a prototype to see if Cyclone was a good idea - and well, i like it) and will probably have to be refactored. Based on a quick look, it seems like Cyclone provides a slightly nicer way to specify how to handle the various requests than does a plain Twisted web application. Are there any other advantages to using Cyclone as opposed to plain Twisted? On APAF (anonymous python application framework) GSoc project, to build cross-platform Windows, OSX, Linux applications including Tor there is the use of Twisted+Cyclone. http://github.com/mmaker/APAF If you use such kind of framework, it should be relatively easy to hook them to APAF, to build your application and deliver it also for Windows and OSX. -naif ___ tor-dev mailing list tor-dev@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev
Re: [tor-dev] Onionoo in Python
On 7/10/12 6:18 PM, Damian Johnson wrote: On APAF (anonymous python application framework) GSoc project, to build cross-platform Windows, OSX, Linux applications including Tor there is the use of Twisted+Cyclone. I'm still not clear though - what is the advantage of providing Onionoo as a hidden service? We shouldn't add dependencies, especially on a new project like APAF, without clear and substantial benefits. The Tor Hidden Service support of APAF is just a small part of what it does provide. At first it does provide you an environment to build a Desktop Applications, with an easy-build-system integrating Tor and nicely looking UI elements for Windows and OSX, including an embedded browser. So basically if you would like to make a desktop application including Onionoo Atlas together to provide an end-user an application that he can download to query/search/analyze the Consensus, APAF it's a good choice. If you just need to do it for a single application that does not need to be installed and/or distributed hundreds/thousands of time, then the APAF framework may not be the right choice. -naif ___ tor-dev mailing list tor-dev@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev
Re: [tor-dev] [GSoC] APAF Report
On 7/8/12 2:19 PM, Michele Orrù wrote: Sorry for being so late, but as anticipated on the irc channel, I spent most of the last week as talk manager at Europython. During, the free time I've had the occasion to meet lots of developers of the tor community joining the tordev meeting before and during the hackfest. Concerning the project, I've organized some new cool features for services, such as the configuration class which should help the customization. Backend apis are almost finished - authentication, tor controlport, panel configuration- and covered with unit tests. There is a new dependency, pyCrypto, used for generating safely random ports on which the service should listen to on each run; I think it will be useful also for future utilities exposed from the apaf itself, as toolkit for services. I hope to merge those changes with the platform-specific modules, so that after midterm evaluations I can work on the frontend side. Anybody wanting to help with graphics? What are we missing as graphics elements? Making a list of the ones for which ideas had come out during time, which are made / need to be made / need to be documented? - Application Icon Windows / OSX: - Dock Icon / Menu OSX: - System Tray / Menu Windows: - Splash Screen Windows/OSX: - DMG Packaging Finder/Background Icon OSX: - Embedded Browser for App UI (Windows / OSX): -naif ___ tor-dev mailing list tor-dev@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev
Re: [tor-dev] Open Proposals as of June 2012
On 6/19/12 2:30 AM, Jacob Appelbaum wrote: 146 Add new flag to reflect long-term stability From time to time we get the idea of having clients ship with a reasonably recent consensus (or a list of directory mirrors), so instead of bootstrapping from one of the authorities, they can bootstrap from a regular directory cache. The problem here is that by the time the client is run, most of the directory mirrors will be down or will have changed their IP. This proposal tries to address that. It needs analysis based on behavior of actual routers on the network to see whether it could work, and what parameters might work. Nevertheless, we should really do something like this, so that we can ship a list of initial directory mirrors with Tor (possibly via the fallback consensus deisgn), so that new bootstrapping Tor clients don't all hammer the directory authorities. (6/2012) I almost wonder if the guard flag is essentially the same set of constraints? I think we should discuss this at the TorDev in Italy if possible... A part from the performance reason that's also a censorship-bypass reason. For example currently in China all the TorDA are fully IP Filtered ( not even ping are allowed to those IP addresses). That means that even if we found a way to fuck the GFW active-probe-filter for a while, the Tor clients already existing and residing in china would not be able to connect because they cannot reach the software-hard-coded tor directory authority. Imho it would be also required to consider, within that proposal, a way to dynamically append the latests network-map available when a user is going to download Tor. That way when a release X is done, it automatically get the map of the build-time. But if everytime a user download the software, the latests network map is populated, it would increase the chance to bypass static ip filters. -naif ___ tor-dev mailing list tor-dev@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev
Re: [tor-dev] [GSoC] APAF Report
On 6/20/12 5:54 PM, Damian Johnson wrote: Personally I decided to write my own modules for this functionality [1] (including some improvements based on psutil [2]) because a C module dependency didn't feel worth this functionality - especially since pid lookup is a one-time thing, and doesn't need to be blazingly fast. Eh... if only tor was also available for use as software library (Like silvertunnel OrLib), we would a lot of less system integration complexity! There's a lot of effort in many project on Tor integration hacks to use it for application integration requirements. Imho Tor should before or later really provide clear and standard guidance and path for integration in 3rd party applications: - API to build tor within an application - API to do basic operations on Tor - Generalized Filesystem I/O (to keep all data, from configuration to hidden services up to descriptors in memory and/or in a database) So that anonymity feature can be plugged in to existing applications, like it is possible to plug SSL or OTR in a Chat client. -naif ___ tor-dev mailing list tor-dev@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev
[tor-dev] STEM: Tor2csv / Tor2xml / Tor2json ?
Hi, i just would like to provide a suggestion for Stem use (maybe already done), now that it has a powerful cached-consensus/descriptors parsers. Would it possible to provide easy to use command line tools to access Tor's data in the following formats: - csv - xml - json So that anyone requiring to access tor's current network data can easily use a function / script trough a command line tool and get it in easy to be formatted output. That's just a suggestion, but it maybe very useful for anyone requiring to work on tor's network data in an easy/accessible way. -naif ___ tor-dev mailing list tor-dev@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev
Re: [tor-dev] Proposal 188: Bridge Guards and other anti-enumeration defenses
On 6/12/12 12:32 PM, Roger Dingledine wrote: Any attacker who can extend circuits through a bridge can enumerate the set of guard nodes which it routes its clients' circuits through. A malicious middle relay can easily determine the set of entry guards used by a hidden service, and over time, can determine the set of entry guards used by a user with a long-term pseudonym. If a bridge uses the same set of entry guards for its clients' circuits as it does for its own, users who operate bridges can be deanonymized quite trivially. I think that's a good reason to have the guards that clients get through the bridge be different than the guards that the bridge uses for its own traffic. I'll also note that this proposal may not be quite as high-priority as it originally was, if we go the multi-homed bridges route: see the parenthetical note at the bottom of attack #2 on https://blog.torproject.org/blog/research-problems-ten-ways-discover-tor-bridges --Roger And it would be very useful if we would allow an easy way to setup hundreds of dumb briges, simple TCP forwarding proxy that goes in a random order across all public relays. Easier to setup, available in big quantities. I would be pleased to use my *dsl/cable home-router with fixed-IP address to do a port-mapping to a known and stable tor-relay. Being able to setup a bridge by simply: - opening a port-forward on my router - submitting it to a web-interface would be a very cool way to open-up opportunities of hundreds or thousands of different IP:PORT pair (basically a bridge) without having to run dedicated software on an always on-server (replaced by a simple home-router, that's the always-on server). -naif ___ tor-dev mailing list tor-dev@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev
Re: [tor-dev] GSoC Introduction - Pluggable Transports in Python
On 5/22/12 5:34 PM, Brandon Wiley wrote: *py2exe packaging for obfsproxy* The command line tool will be packaged into a standalone executable for Windows. Would you be interested in leveraging knowledge/code/experience from APAF (Anonymous Python Application Framework): http://www.mail-archive.com/tor-dev@lists.torproject.org/msg01030.html http://archives.seul.org/or/dev/Apr-2012/msg00031.html http://www.mail-archive.com/tor-dev@lists.torproject.org/msg00893.html -naif ___ tor-dev mailing list tor-dev@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev
[tor-dev] ampislay: anonymous connection trough IP spoofing
Vecna [1], today published ampislay [2], an 8 years old project to implement anonymous communication trough IP spoofing. It's a not-so-conventional techniques, that have it's advantage and weakness, but that maybe considered within the Tor community for some particular use-case. It was a gift for my 2004 birthday (thanks!!!) :-) -naif [1] http://www.delirandom.net [2] https://github.com/vecna/apmislay ___ tor-dev mailing list tor-dev@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev
Re: [tor-dev] Tor for iOS via official channels
On 3/18/12 2:42 PM, Linas Valiukas wrote: Hello, I was thinking about a GSoC 2012 project I could propose, and I came to the question of why there's no Tor iOS (iPhone / iPad / iPod touch) application distributed on the official iTunes App Store? There's this test package of Tor for iOS available [1], but it has to be installed via Cydia and not everyone's phone is jailbroken. Distributing an application via the App Store has some benefits of its own too (additional marketing and visibility, easier installation, to name a few). So, what is the problem? * Would it comply with the iOS Developer Program License Agreement? I'm no lawyer, but last I read the document there's nothing in it that would prevent distributing an app which would create a local HTTP proxy to be used by the other applications. * Since the iPhone 3GS, the applications can retain running in the background, so I guess we're fine on the purely technical side too. * There are US Export laws that require a so-called CCATS review and approval to be done with each application that employs strong encryption. I don't think that's a blocker though. * Maybe that Tor iOS application wouldn't reach various interesting markets such as PRC (for example, a commercial yet pricy Covert Browser [2] is not available in China's App Store) because of the legal restrictions. Still, I would argue that it is worth having such an application. It would add that it would be interesting to provide Tor integration to all iPhone iOS applications. While this could not be done by operating a SOCKS server locally because iPhone doesn't support to configure a Socks Server for iOS sockets. But iPhone let configure VPN using PPTP and L2TP protocol. Why not running within a Tor for iPhone also a local PPTP or L2TP daemon that's hooked to SOCKSIFY all connections of the Phone via Tor? A sort of PPTP-to-SOCKS-to-Tor integrated, to provide trasparent secure browsing for iOS applications. -naif ___ tor-dev mailing list tor-dev@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev
[tor-dev] Tor HS keys password protection against impersonation attacks?
Hi, thinking about Tor Hidden services, they are managed by using Hidden Services client keys. The Tor HS keys are private keys that may require to be protected because they represent also the identity of the Tor HS and if stolen, it would be possible to carry on impersonation attack on connecting to Tor HS. Accepting connections on behalf of the real TorHS, with the goal to steal passwords, provide fake data to clients, exploit them, etc. The Tor HS keys are even more sensible than the X509v3, as it does provide: - identity (similar to an internet domain name) - routing (similar to an internet IP address) - encryption (they provide e2e encryption, i don't know if there are attacks on crypto if they get stolen) So owning a Tor HS key it's like owning a user domain name, acquiring it's ip address and the x509v3 private key of his digital certificate bound to his domain name. As a protection schema it would be possible to create the Tor HS private key encrypted with a passphrase, like it's possible to do for x509v3 PEM certificates. That the passphrase to unlock the Tor HS key, could be provided via Tor Control Port, so an external process (UI, scripts) could manage the setup of the passphrase. That way even in case of seizure of the server running the Tor HS it would not be possible to who seized the Tor HS Server to do actively Impersonation attacks of the Tor HS. -naif ___ tor-dev mailing list tor-dev@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev
Re: [tor-dev] Deployability of Python software.
On 3/3/12 12:58 AM, Arturo Filastò wrote: What do you think? Additionally with the Awaf concept it would be possible to also have Disaster Recovery for server applications, even running on windows PC behind *DSL lines. That's because if you make a copy of the TorHS key, the later one that insert itself to the Directory Authority will be the active one. If we put into Awaf also an easy way to make data-replication among different Awaf applications, it would be also very easy to make disaster recovery and strong resiliency of data. So two activists for example would be able to have a redundant, anonymous, 0-maintenance, easy-to-be-setup web application server. If you also consider the power of an Awaf based application when thinking about the future diffusion and stabilization of Tor2web, then things became even more challenging and interesting. Anyone will be able to setup an anonymous web-server on the internet with a couple of click on his own desktop computer (think about blog, chat, webserver, email server, file exchange server, obviously whistleblowing server, etc, etc). If we create such a framework we would be able to hide the system integration complexity that a general python web developer would need to face in order to: - Integrate different server software together (Tor, Tornadoweb, etc) - Handle inbound/outbound anonymous connection - Make cross-platform build-system - Secure what can be secured (jailing, sandboxing, etc) - Making it easy for end-user to deploy There's a lot of complexity in doing that. If we do it properly once, then web developers would be able to create a new ecosystems of web application running inside the Tor network and this could boost the use of Tor Hidden Service and Tor2web. Inshalla it will be something very cool! -naif ___ tor-dev mailing list tor-dev@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev
[tor-dev] Windows Alternative of torsocks/tsocks ?
Hi all, does anyone know if there is a windows alternative to torsocks/tsocks? We sketched down a draft to build up an anonymous web application framework that would allow to build TorHS exposed python webapps on a desktop computer. The draft is available at https://piratenpad.de/p/AnonymousWebApplicationFramework (feel free to modify) The idea is to deliver GlobaLeaks.exe (but possibly other software) including Tor, with a web-application framework that include all the functionalities to handle: - Tor Hidden Service exposure - Tor outbound communication For Tor Outbound outbound connections, the idea is to wrap all the application (Python, Tornadoweb, scripts) under Torsocks/tsocks. For Mac OS X / Linux it's easy, we can use torsocks/tsocks: TorSocks: http://code.google.com/p/torsocks/ But to make this library preload under windows we only found: Torcap: http://www.freehaven.net/~aphex/torcap/ Freecap: http://www.freecap.ru/eng/ Does anyone know if there's something else for win32 that can just run as a commandline tool to be included in a startup script, handling the DNS Query and TCP Connect torrifying them? -naif ___ tor-dev mailing list tor-dev@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev
[tor-dev] Filtering of DA and bootstrap
Hi all, in a network where the Directory Authority hard-coded in Tor code are filtered a Tor client cannot bootstrap. But as far as i understood there are (hundreds?) of Tor DA Mirror. If so, packaging the Tor clients periodically, bundling the latest consensus with the software, would provide higher chance for a client to bootstrap, finding an unfiltered Tor DA Mirror. Is this assumption true? Fabio ___ tor-dev mailing list tor-dev@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev
[tor-dev] Fwd: Re: [tor-talk] Bridge: Why not just stateless TCP socket proxy / forwarders?
Maybe this question is more appropriate for tor-dev mailing list? How to submit a certain IP:Port to BridgeDB without using Tor? -naif Original Message Subject: Re: [tor-talk] Bridge: Why not just stateless TCP socket proxy / forwarders? Date: Mon, 16 Jan 2012 09:29:41 +0100 From: Fabio Pietrosanti (naif) li...@infosecurity.ch To: tor-t...@lists.torproject.org On 1/15/12 11:54 PM, and...@torproject.org wrote: On Sun, Jan 15, 2012 at 04:58:56PM +0100, li...@infosecurity.ch wrote 0.3K bytes in 11 lines about: : does Bridge really need to be Tor Servers? : Why they can't be just be simpler TCP socket proxy? We've been through this already. ;) No, a bridge is just a way to reach the tor network from a tor client, it can be any proxy or tcp forwarder. I refer you to https://blog.torproject.org/blog/strategies-getting-more-bridge-addresses again. Specifically, approach four and five. So, if a third party would like independently to: - develop a TCP forwarder (very simple code) - submit to the BridgeDB - decide to which host to connect back which would be the step do be done from technical standpoint of view? Because that way it would be possible for a lot of third party to develop very lightweight Tor TCP Proxy that doesn't have inside other than the basic logic to do the TCP Proxy. Is the availability for third party software/script for that goals considered? Tnx! -naif ___ tor-dev mailing list tor-dev@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev
