Re: [tor-relays] Debugging my small relay
Am 08.01.2016 um 07:33 schrieb Tim Wilson-Brown - teor: > What matters is the bandwidth it can contribute to censored users. > The advertised bandwidth is 100KB/s, which is somewhat low for a bridge. > As far as I recall, 250KB/s is considered a good minimum for a bridge. Yes, I'm aware of this "recommended minimum". But it's not me limiting bandwidth artifically, it's what the current hardware delivers. These 100 kB/s come for free, raising them would come with a price tag (xx Euros per month). So the question is wether to take these 100 kB or wether to stop the relay entirely. I could well imagine such small contributions are more than nothing. I could also imagine to see thousands of such small relays, because they cost nothing and run barely noticeable to the non-Tor, everyday traffic. "Help freedom of speech at no cost" sounds really good, many others could chime in, if approached by some marketing. If there were thousands of them, their bandwidth would add up, right? Another consideration is that it doesn't matter too much wether the bandwidth is actually used. I _could_ be used, raising the obfuscation the Tor network relies so heavily on. What do you think? Markus -- - - - - - - - - - - - - - - - - - - - Dipl. Ing. (FH) Markus Hitter http://www.jump-ing.de/ signature.asc Description: OpenPGP digital signature ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] Debugging my small relay
Am 06.01.2016 um 20:22 schrieb Jesse V: > On 01/06/2016 06:11 AM, Markus Hitter wrote: >> Not much, but let it be one of my small shares for improving humanity > > You probably didn't save the keys in /var/lib/tor, so you set up a new > relay and the old one isn't running. Thanks, Jesse, looks like you're spot on. I've filed a bug report with the OpenWRT package: https://dev.openwrt.org/ticket/21541 https://github.com/openwrt/packages/issues/2247 They might argue that an identity should go into /etc/, which is backed up by default, but let's see. Markus -- - - - - - - - - - - - - - - - - - - - Dipl. Ing. (FH) Markus Hitter http://www.jump-ing.de/ ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
[tor-relays] Debugging my small relay
Hello all, for somewhat over a year now I run a Tor relay on my router. The router in turn is running OpenWRT. It's this one: https://globe.torproject.org/#/relay/A52C51551F3BD6A68E778720E02B53303F014EB2 https://atlas.torproject.org/#details/A52C51551F3BD6A68E778720E02B53303F014EB2 Not much, but let it be one of my small shares for improving humanity :-) A few days ago I upgraded OpenWRT from 14.07 to 15.05, the latest release. Reinstalled the package 'tor', kept the old config file and the server started apparently smoothly. Previous Tor version was 0.2.4.22, now it's 0.2.5.12. I'm aware that these aren't exactly the latest, but that's what OpenWRT's package manager offers. As you can see in the link above, the relay is no longer recognized as 'running'. They don't recognize the new Tor version, don't recognize the restart. To what I know, /var/log/tor/notices.log looks fine, a few excerpts: Jan 02 14:34:36.000 [notice] Tor 0.2.5.12 (git-99d0579ff5e0349f) opening new log file. [... clock synchrionisation works :-) ...] Jan 04 17:35:42.000 [warn] Your system clock just jumped 183652 seconds forward; assuming established circuits no longer work. [...] Jan 04 17:38:09.000 [notice] Now checking whether ORPort x.x.x.x:9001 is reachable... (this may take up to 20 minutes -- look for log messages indicating success) Jan 04 17:38:15.000 [notice] Self-testing indicates your ORPort is reachable from the outside. Excellent. Publishing server descriptor. [...] Jan 06 11:35:42.000 [notice] Heartbeat: Tor's uptime is 1 day 18:00 hours, with 0 circuits open. I've sent 68.73 MB and received 85.15 MB. Jan 06 11:35:42.000 [notice] Average packaged cell fullness: 76.757% Jan 06 11:35:42.000 [notice] TLS write overhead: 9% Jan 06 11:35:42.000 [notice] Circuit handshake stats since last time: 9/9 TAP, 0/0 NTor. How could I find out about what's going wrong? Thanks, Markus -- - - - - - - - - - - - - - - - - - - - Dipl. Ing. (FH) Markus Hitter http://www.jump-ing.de/ ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] T-shirts and Confirming Relay Control
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Am 04.05.2015 um 13:35 schrieb teor: > Your post office or shipping company might have software like this already Quite possible, but using it just because they have it doesn't neccessarily make handling easier. Just like handling and shipping by the shirt manufacturer might be more complicated than doing this at home. Not every commercial service offered makes sense in every case. Markus -BEGIN PGP SIGNATURE- Version: GnuPG v1 iQEcBAEBAgAGBQJVR2QNAAoJEKuzOwuAbzo+1rkIAJfMH0mmGsQ/h00u6ydFeS35 YZSmJb8s/jUME1oFGQr056DV0Occhgi9XFMRTSrx3tPJo+JufTHhJnxPXd058q5B jGZ+ZoQbfKO6rgWCVfll/kXNvXLaPQu+8QAezS6DIrFGnFJ8m3OocsWuXSWk6P1f 5k+CD7s1eOwXyr9/kH5U7BLfmWdbrDOMlDOyaGcyzHFyIVBAKIOXzit5E0G6FCMQ iFFV4Hguxfo34od8YI2wR4kp+MI5IQRj3niOmR7SWDKaXYkoI1FDdMOAkTmj9+ca lGa1YnmQ8rMdJHZLOgckop95FkL+spl2kdvqlpnGbIsbW0aoJT3Igb7u9cRgFlU= =xO77 -END PGP SIGNATURE- ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] T-shirts and Confirming Relay Control
Am 04.05.2015 um 04:33 schrieb Matthew Finkel: > Our current solution using Printfection > is neither ideal nor cheap, but it is convenient. Tor pays Printfection > a bunch of money and Printfection creates the t-shirts, gives us > one-time links, and takes care of the shipping and handling. If we crowd > sourced creating bags with stickers in them we would need someone who > can organize all the volunteers, ship the bags and stickers around the > world, pay the return shipping for the filled bags, and then ship them > again to the relay operators. This sounds rather complicated. I run a small business which involves shipping stuff to customers and that's what I do: - Get the goods (t-shirts), envelopes/bags and a set of postage stamps in batches large enough for a few months. Larger numbers allow lower prices. - Stuff these goods into these bags. - Put address and postage stamp onto the envelope. - Throw the result into the post box of our postal services. Works fine for everywhere from the neighborhood to Russia, China, India. Now, if you could get the t-shirt provider into stuffing the t-shirts into bags already (1 shirt per bag), you'd just have to put the address stickers on. You'd get a box with 100 or 1000 enveloped shirts and once a week you'd print the accumulated addresses onto stickers, place them onto these envelopes and forward this to the postal services. "Handling shipping" isn't much in such a simple case. The more demanding part of this is to collect the addresses, especially the software to do so. An application which formats them ready for printing, calculates the stamp required, perhaps also prints some customs stickers depending on destination. Here volunteers can easily help and there's no need to hide such discussions, because such software doesn't require the real data, can be written/tested with dummy data instead. All the trusted person (you) has to do is to run this software on the real data and hit the "print" button. Markus ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] T-shirts and Confirming Relay Control
Am 03.05.2015 um 22:49 schrieb Matthew Finkel: > This requires that > operators trust us, so letting anyone help take care of these requests > is not wise. Maybe I'm unique with this opinion, but usually I trust groups open to helping hands more than those who consider them selfs to be wiser than the average. > We're a group of security and privacy conscious individuals who want > a world where everyone has secure and private communications, this isn't > exactly a good combination which leads to publically discussioning > everything. Sounds almost like the advertising from companies which try to sell their closed source software as the most secure thing since the invention of sliced bread. Of course it's not a good idea to publish the addresses of the t-shirt receivers, neither to email them randomly around the globe, but printing a hundred stickers and placing them on as many bags also isn't something which keeps a group of people busy for months. my $0.02 Markus -- - - - - - - - - - - - - - - - - - - - Dipl. Ing. (FH) Markus Hitter http://www.jump-ing.de/ ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] Relay from home
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Am 08.04.2015 um 12:57 schrieb Jannis Wiese: > Does it make sense to start operating a non-exit > relay from home for a longer term? Here is such a thing: https://globe.torproject.org/#/relay/A52C51551F3BD6A68E778720E02B53303F014EB2 It's a 20 Mbit down / 1 Mbit up connection without daily disconnect. Other than DSL you keep your connection for months with a cable ISP. Just a few kB/s on average is certainly not much, but it's more than nothing. The main point of Tor is obfuscation, the more nodes participate, the better. Without being an exit relay you'll barely notice the relay running at all. I installed it a few months ago directly on the router with default settings (except adding the reject *:*) and didn't have to care about it since then. Behaviour of normal internet usage is unchanged. Not much work for at least some effect. > However, my concerns > are the daily disconnect and the dynamic IP. Perhaps somebody else can say more on this topic. Other than that, I'd simply give it a try. Can't hurt. Markus - -- - - - - - - - - - - - - - - - - - - - - Dipl. Ing. (FH) Markus Hitter http://www.jump-ing.de/ -BEGIN PGP SIGNATURE- Version: GnuPG v1 iQEcBAEBAgAGBQJVJR02AAoJEKuzOwuAbzo+1PAH/2dz5ZobzBhethFi4HacCkIZ yODviutTRN6Fj6oNJAG5HWzwchc57XSJjNNP7IuOQKr8v/cmyOtU/hnrviEyieen ++hMkT8ETP9ucs+eQOCRsNE8pEmcGmZ1tn+rgqmIcDypyHmq7YByqNYTOs73A7Uk hdrSgiPw077tp+Q/pKyzdR2j3OVaCWwMrjXUTfw4/o8xs9daOUQO/T6EtCR0DWmM 3gprVh95DWfBuQkdJhfPD7kGZ/8H5kzSZl3uq3uUKJ0xQ5HQsoXZqJmLoyV1oBXH EJBQpZHn6AlJJH1KhWwJfYxuH8ojBfqBbiPXYiN4bWH7BcIVJY0yBU5a9k8FGus= =AfvX -END PGP SIGNATURE- ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] Legal situation of tor in Europe
Am 09.03.2015 um 23:09 schrieb yl: > So wouldn't the correct solution also be to educate the administrators > of such services? Yes, of course. With the _also_ underlined. > I mean the only reason, why there is more Tor-Exit-IPs > in the abuse log than any other single unique IP is that there is tens > of thousand of users using each Tor-Exit. If this claim could be substantiated by some numbers it'd certainly help. Markus -- - - - - - - - - - - - - - - - - - - - Dipl. Ing. (FH) Markus Hitter http://www.jump-ing.de/ ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] Legal situation of tor in Europe
Am 09.03.2015 um 20:33 schrieb grarpamp: > On Mon, Mar 9, 2015 at 2:40 PM, Markus Hitter wrote: >> > Am 09.03.2015 um 16:08 schrieb Steve Snyder: >>> >> Being able to separate webmail from the parent web presence (e.g. >>> >> gmail from google.com, Yahoo Mail from yahoo.com, etc.) would be a >>> >> big step forward in curbing spam. This would allow the exit >>> >> operation to refuse traffic to the webmail service while stilling >>> >> allowing access to the parent presence. >> > >> > Good point! > Two censors high five-ing themselves over ways to ban entire > peoples freedom to communicate using webmail. Amazing. It certainly wasn't meant this way. The point of these considerations is: of what use is an anonymous network if virtually no website accepts connections from it? Right: it's of not much use, with most of the public internet blocked you can communicate inside the network, only. To take your webmail example: if the site admin decides there's too much spam coming from Tor connections and blocks the entire network, then you're done with your webmailing, even with full freedom inside Tor its self. As such the only solution can be to play nice with public sites. I don't mean to have all answers to all problems here. Opening only selected ports, a common practice, could also be seen as censoring, still it's generally considered to be acceptable. Apparently it's not enough to gain a good reputation. Just look at this mail sent to the list by Josef Stautner a couple of minutes ago. Service providers fear Tor enough to demand an entire shutdown, risking loosing a customer, for just one abuse message. This isn't going to fly long term, admins have to loose this fear and the pretty much only way to get there is to get rid of the abuse. Get them to recognize that Tor users are actually the well behaving ones and you win the much needed freedom. Finding a good balance isn't easy, of course. That's why discussion is needed. Markus -- - - - - - - - - - - - - - - - - - - - Dipl. Ing. (FH) Markus Hitter http://www.jump-ing.de/ ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] Legal situation of tor in Europe
Am 09.03.2015 um 16:08 schrieb Steve Snyder: > Being able to separate webmail from the parent web presence (e.g. > gmail from google.com, Yahoo Mail from yahoo.com, etc.) would be a > big step forward in curbing spam. This would allow the exit > operation to refuse traffic to the webmail service while stilling > allowing access to the parent presence. Good point! Markus -- - - - - - - - - - - - - - - - - - - - Dipl. Ing. (FH) Markus Hitter http://www.jump-ing.de/ ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] Legal situation of tor in Europe
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Am 09.03.2015 um 16:02 schrieb s7r: > Your arguments are fair and correct and mostly I tend to agree. > > But, the port scans, malware distribution and spamming existed before > Tor, exist in parallel with Tor and will continue to exist even if Tor > will disappear. Searching for excuses or pointing to others doesn't help. Many websites consider Tor to be a threat and block all Tor traffic: https://trac.torproject.org/projects/tor/wiki/org/doc/ListOfServicesBlockingTor https://trac.torproject.org/projects/tor/wiki/doc/BlockingIrc http://stackoverflow.com/questions/9780038/is-it-possible-to-block-tor-users To get these sites back one has to stop the spam. That's the only helpful argument. If Tor is too slow for port scans already, all the better. Markus - -- - - - - - - - - - - - - - - - - - - - - Dipl. Ing. (FH) Markus Hitter http://www.jump-ing.de/ -BEGIN PGP SIGNATURE- Version: GnuPG v1 iQEcBAEBAgAGBQJU/egsAAoJEKuzOwuAbzo+dPoH/1Ab/ThVYCmlfvsaT/TvOj5T KvsQ1dF3cnGvr5OdpoeRVjR13xmyi/lzubMATSr5M6OhHRY2d5wCqkmFiKgQsRxK fxDpRV+rd2T3fNsTTT6Oj2oXgJzCDcFkDDwh5AoUspcpndGDijD41vUKDXaaEjr4 I/3O7+Y9XKt/8zMBdALc3PvcO8Wt1+DgGEaa49o368olcedtPhENNFrTVqoeIfD9 D76rzyKQmbMvg7pakd2C8DioNl88JnNCwSUgUB7XIxlK66gWx2LJ87OmXujYbGuh mgNZPYHog1KpLKcklBrMNeL7Jbnmrx0pbRSGQFleslVUgZ5zjqdL03W/rmjwL+Y= =JUYZ -END PGP SIGNATURE- ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] Legal situation of tor in Europe
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Am 09.03.2015 um 15:13 schrieb s7r: > This is a speculation and it's not backed up by anything real. Can you > define "crack down on Tor"? People and organizations are researching > and trying to find a flaw in Tor since Tor was born - there is a good > side here, being widely studied and getting a lot of attention makes > it the best anonymity network available. One flaw which IMHO has to be solved sooner or later is the openess to abuse. Like port scans, like malware distribution, like spamming, you name it. Right now this task is left to the regular website operators and they don't like it, often resulting in general blocking of Tor exits. To what I understand, Tor's goal is to make flow of information free and to allow this freedom, anonymous. This doesn't include abuse, so implementing at least basic anti-abuse measures would make this network much more general website friendly and accordingly get it closer to its goals. Markus - -- - - - - - - - - - - - - - - - - - - - - Dipl. Ing. (FH) Markus Hitter http://www.jump-ing.de/ -BEGIN PGP SIGNATURE- Version: GnuPG v1 iQEcBAEBAgAGBQJU/bC3AAoJEKuzOwuAbzo++9UIAIUzj4XTaQcquR1JxczxrA03 bKkZ/6QOPfjJeDOSHgz/bMfWk6jyfN5Mg7In/EyDOU4235TE5CUefTSrp5NQkVaA 2T4CFjJP3kulA2RNvLovEz+zeRRQLQ7asUahwUB7y21r2vIN0w88eJg+qYwI3cEu /G8aw0q2+ywd8E+VlEnAtDQ2Zwv1CkDr1Msgu/lyGKOj7ABdlBaYw0oMvXsCfZB/ IEumeZ2Nbyzo33Tovqmg8sqDMvhtUrOn169fi1Y3hz24TnBga7ckKmfyxRpXgeiW BYV6vG8jzTmb7009imBuFnUs/GGNdKDw3mMh1KrTPkZHnugiv7TiMG4hIuOiNqM= =HauB -END PGP SIGNATURE- 0x806F3A3E.asc Description: application/pgp-keys 0x806F3A3E.asc.sig Description: PGP signature ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] 7 relays gone because of spammers
Am 26.02.2015 um 03:42 schrieb ZEROF: > 4. Setup honey-pot on your server and play their game (10-15 job): > http://linuxdrops.com/how-to-set-up-a-honeypot-using-smart-and-simple-artillery-debian-6-0/ Sounds like a good strategy. What I don't like is the _permanent_ ban of IP addresses. Being a co-maintainer of a wiki, a mailing list and a forum, all reasonably popular, I've learned that IP addresses are no longer a reliable way to identify users. Also that malicious people have no shortage of addresses. They have plenty of them, enough to choose another one for each attack even if you don't ban the former one. Running a strategy of banning permanently all IPs with malicious tries inevitably leads to also locking out many legitimate users. Before too long you've banned half the Internet and your server fortress is of no use anymore. As such I started to ban only for short periods of time. A week, or a month. Works just as fine as permanent bans against attacks and legitimate users have to just wait a few days worst case to pick up services again. Markus -- - - - - - - - - - - - - - - - - - - - Dipl. Ing. (FH) Markus Hitter http://www.jump-ing.de/ ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] Tor and Freenode
Am 02.02.2015 um 05:59 schrieb Moritz Bartl: > The history of Tor and Freenode is quite long and we currently can't > seem to change how they treat Tor users. Better ways could be > implemented, but someone would have to implemented it for their homebrew > grown IRCd. Thanks. At least one person understanding the disappointment about the current state of affairs. Markus -- - - - - - - - - - - - - - - - - - - - Dipl. Ing. (FH) Markus Hitter http://www.jump-ing.de/ ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] Hibernating / Traffic limit and consequrnces for the network.
Am 01.02.2015 um 20:02 schrieb Sebastian Urbach: > I would like to provide a good service for everyone, even at the end > of the month. That's getting harder the more systems are not present > at the end of the month. I could understand the discussion if it were about providing 500 kBit continuously vs. 1 Mbit for 2 of 4 weeks. But the particular case was about providing no less than 6 Mbit continuously, which is easily enough to comfortably browse the web, for doing large downloads and probably exhausts most internet connections in unfree countries. Accordingly it's unlikely a single connection is hobbled by such a bandwidth limitation. It might be a good idea to relax this recommendation for services above some threshold, where a "limitation" doesn't actually cause a noticably lower quality of service. Markus -- - - - - - - - - - - - - - - - - - - - Dipl. Ing. (FH) Markus Hitter http://www.jump-ing.de/ ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] Tor and Freenode
Am 25.01.2015 um 18:40 schrieb Seth: > I need to write this up anyway for my own personal reference, I'll > post a HOWTO to the list if enough people are interested and feel > that it's relevant. It's certainly relevant. Nicely, Tor project's wiki is writeable for mere users, so you can use that for a more permanently visible place. Only registration required. Syntax is the same as in Wikipedia. Might fit into the FAQ (scroll down to see not everything was moved away) ... https://trac.torproject.org/projects/tor/wiki/doc/TorFAQ ... or into a new page with a link from where the Freenode matter is mentioned: https://trac.torproject.org/projects/tor/wiki/org/doc/ListOfServicesBlockingTor#IRCSIPXMPPnon-webcommsnetworkservicesandmessaging Markus -- - - - - - - - - - - - - - - - - - - - Dipl. Ing. (FH) Markus Hitter http://www.jump-ing.de/ ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] Tor and Freenode
Am 25.01.2015 um 01:46 schrieb Seth: > I run a Tor relay 24/7 at home on a dedicated computer. I like to setup a ZNC > IRC bouncer on the same host have have it connect the Tor relay's SOCKS5 port > via Proxychains. You'll need to authenticate the ZNC Freenode server nick via > SASL if memory serves correctly. > > Then configure your IRC client to connect to the ZNC bouncer. Set it and > forget it. > > The only non Tor trafic exposure is registering the Freenode nick. Thanks for describing what I meant with "extra hassle". Makes also a more detailed description than what I could find on the web so far. :-) Markus -- - - - - - - - - - - - - - - - - - - - Dipl. Ing. (FH) Markus Hitter http://www.jump-ing.de/ ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] Tor and Freenode
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Am 24.01.2015 um 19:18 schrieb Philipp Defner: > You should probably read: > https://blog.torproject.org/blog/call-arms-helping-internet-services-accept-anonymous-users Thanks for the pointer. Interesting reading indeed. At least /some/ people sharing my mindset. Markus - -- - - - - - - - - - - - - - - - - - - - - Dipl. Ing. (FH) Markus Hitter http://www.jump-ing.de/ -BEGIN PGP SIGNATURE- Version: GnuPG v1 iQEcBAEBAgAGBQJUxAOCAAoJEKuzOwuAbzo+3esH/11ZxyPQ0BU2FDbg/48ViKL9 7f9PxQ4UUu/K+N4s5et8+bvOBPoLBLue4jvHdwdk288xWfZA86dEswldwrvga7la PypvJPilYti3j54bdqvqn8b+/+vC0I4Ge/ODLThjp/gsqxbFDTjDhZFkN5v4a9Zt spO9ogpHGLUdjMhjwq0skQzBsayx0yuFBCXX6oAfilCI/tx7Lj3SzIzCtfn4WgxX gVrTQO9aYGpgS2lnMAu3xwtMK9zL8vmfWhBjnvvOQOkrI5Twga5O/3868iblDoUq RCZ0VqKq6UG5h2fsmOx0iyZq/stPmR4OsPMIwImFzMXEQZeZ0IiCzzvREXAx2y4= =NWfe -END PGP SIGNATURE- ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] Tor and Freenode
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Am 24.01.2015 um 17:16 schrieb Matthew Anderson: > But I have to ask, why would you want to connect to freenode from an > exit relay when you can connect from within? - - It adds unneccessary load to the Tor network. - - It triples general network load. - - It's a hassle to setup. Proxies and such stuff. - - Even more if I don't want to move my entire PCs over to Tor entirely. Then I have to choose the network on an per application base, which not all applications allow to do. - - I can no longer use unregistered nicks. - - I can no longer register a nick. - - The same applies to all other users, the latter two are prohibitive for users actually in need of anonymity. > There's a reason they > offer the hidden service to connect to their network. I'm entirely fine with them offering this service. No need to forbid other services along with this, though. > Respectfully, I think you have a _lot_ to learn. Perhaps I'm not that kind of guy who accepts somebody elses decision as a god given. It's a deliberate decision by the Freenode folks. It's not me in need of help, it's them. They need a better way to distinguish spammers from legitimate users. Seeing pretty much all participants on this list (a Tor list!) are opposed to improving the situation of Tor isn't exactly encouraging to write some code to solve this problem. Perhaps I should return to hacking 3D printers. Thanks, Markus - -- - - - - - - - - - - - - - - - - - - - - Dipl. Ing. (FH) Markus Hitter http://www.jump-ing.de/ -BEGIN PGP SIGNATURE- Version: GnuPG v1 iQEcBAEBAgAGBQJUw+C9AAoJEKuzOwuAbzo+VKMH+QFCOEYncJplH+sqTr1OquGd HjWfLnj6HjLRlEJ7DBBydFr3GGyRf3wmaggBtLsZk7JwIk9Bk/e4M/Hcegp/sQ0J 15NVxlWw7ynM+KVJMzhKBemeKHWIfmt9HzTS6Mqb2sioXpVqe1MxPD0UIrZHUnhQ VTyYuO3Omk9+vAXgrBe6AcorYNfUuDgfC0YaiqEEx7VBgFZQ1tQvQsUDJdvLWmip TFNZ/iUKNpGHpIv3jMhd5P43f326/lJlZVDdAeW2YuJK6E8Hwy3MW+inm2+IdSlV BZYuGQk0TzBVWTh9PpxItmvMNYEEghjTDjFkR15U2Ku3P5q3GBSpBXXMjZ+xqwA= =/QyK -END PGP SIGNATURE- ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] Tor and Freenode
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Am 24.01.2015 um 16:21 schrieb Lukas Erlacher: > Your idealism is noble, but it isn't going to work that way. IRC > networks aren't going to open up to Tor more than Freenode already > does, for the simple reasons that it makes controlling trolls and > spammers absolutely impossible. Being connected anonymously doesn't mean this connection has to be without authentication. For example, it should be possible to request a NickServ login after connecting and allowing to register a nick, but before entering a room. Without a room there's not much to spam. It should also be possible to allow connections from exit relays with SASL authentication. Not as good as the above plan, still much better than what we have now. Nerds are the typical kind of persons predestined to run relays as early adopters and are also the typical population on Freenode. Similar for many other IRC nodes. These two _have_ to match to make Tor popular. > You should probably run a middle relay until you've learned more > about this. What else do I have to "learn"? Using Freenode and running an exit relay don't match, the technical details are secondary. At very least Freenode should be honest and state that they do not welcome anonymous connections and as such make their "welcome to Tor" pointless. I hate marketing speech obfuscating the truth. Markus - -- - - - - - - - - - - - - - - - - - - - - Dipl. Ing. (FH) Markus Hitter http://www.jump-ing.de/ -BEGIN PGP SIGNATURE- Version: GnuPG v1 iQEcBAEBAgAGBQJUw75oAAoJEKuzOwuAbzo+RRAH/2ZUQQzVVFkVxkIUkP2Rk4jR crDMwMr7txDhW3KlBjxPota93xJjfafG9JnWivHD2+KqV5WJp5gWYun3W7zxU9To sYx9JL5uYKt97+/WkTfUS5SGthoOgdxlKRLcq7uUUCclqZ+08Qjt3O+kPqzWFXhJ eAD6nd1i69lMNd1chOzbEj28Ha9VTTAzh8xyPy6G90Bnc8hGMJZ6rZdWoDIR1pLc XY3OIzIcqIekNKi9gT7/KQUx52kUjBn1wSLJHi2cK2uoDlfW2LGI4X1uEsuRZccB KuKAv+bcXKinXEp3nmIfn0o0L2vbLEsSnx6ws49b5M9DlNvZxgWP5WYT2zqfX00= =Bh0e -END PGP SIGNATURE- ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] Tor and Freenode
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Am 24.01.2015 um 15:45 schrieb Lukas Erlacher: > Completely disabling exit operation (with the reject *:* line) turns > you into a middle relay. OK, thanks. Jacob Applebaum stated in this speech he wants to have thousands of relays and make using anonymous connections a normal state of affairs in the long term. This isn't going to fly this way. I'll talk to the Freenode people about removing their prohibitive restrictions and also hope on your support. Thanks, Markus - -- - - - - - - - - - - - - - - - - - - - - Dipl. Ing. (FH) Markus Hitter http://www.jump-ing.de/ -BEGIN PGP SIGNATURE- Version: GnuPG v1 iQEcBAEBAgAGBQJUw7eUAAoJEKuzOwuAbzo+fowH/1aajHKjm5ycXEYHXnJX25Zx FJApkM/H+Ipo0lPDKVJRwUssaQQ5SxdLGDx+1+2lKsRFByUyzOXCBChws5R4E1X4 vvdUveGIr6cX/ZKA4YT2mZU7ju0A2IWkouHl4LaIkmeFsp1iavUk4xL6BmVhtYrZ TNbOy69tZukKTynRXgFmu8q+aTvb0Lxa+eWvDmS8H8qpQEiO0GIHdiNmLBFrR/SB 5EXhphNpD0qomaNR6DeEqNqdkqLB3xnr+0PgLkjBiANS3PDEAs7rRKvC2LRPgJmV AIy7NG3n7bzy1AwGCSIxnPnc80iyScecxN9/BbFTdJWHH4vz+0q5lCFCyn6DITc= =eSpT -END PGP SIGNATURE- ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] Tor and Freenode
Am 24.01.2015 um 14:28 schrieb David Serrano: > On 2015-01-24 12:48:18 (+0100), Markus Hitter wrote: >> >> http://www.freenode.org/irc_servers.shtml#tor > > Besides the snippet you quoted, that page says "The primary Tor hidden service > address for freenode is frxleqtzgvwkv7oz.onion". This is how Freenode welcomes > tor users. Thanks for pointing this out, I indeed snipped some of the text there. The reason I did is, it bugged me less that one needs to do extra steps to connect anonymously. That's mostly expected. What bugs me is that it's apparently impossible or at least severely restricted to participate in IRC the normal, non-tor way and to run a Tor relay at the same time. This doesn't match well, IMHO. Trying this .onion address results in this: [14:54] * Looking up frxleqtzgvwkv7oz.onion [14:54] * Unknown host. Maybe you misspelled it? I take that .onion addresses are available through Tor, only. And even when going through Tor Freenode still requires user authentication by SASL, which is not anonymous, because you have to get this account through a normal connection. Not to mention all the hassles required for running two networks in parallel on one router or PC and the extra load for the Tor network. Am 24.01.2015 um 14:30 schrieb Lukas Erlacher: > I recommend you reread freenode's explanations carefully. I did, and the still open question is, doesn't mean restricting ports 80, 443 and the IRC ones make running the relay a pretty useless operation? Without all these ports, which kinds of communication are left? Markus -- - - - - - - - - - - - - - - - - - - - Dipl. Ing. (FH) Markus Hitter http://www.jump-ing.de/ ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
[tor-relays] Tor and Freenode
Hello all, after yesterday watching "State of the Onion", a speech held at 31C3 recently, I spontanuously decided to also run a Tor relay. After some back and forth it appears to be running fine on my OpenWRT based router. The only ORPort is 9001, which is also the only hole punched into the firewall, I hope I did this right. Today I wanted to continue at Freenode IRC, like I did for years, not even using an anonymous connection. But they wouldn't let me in: [12:02] * You are banned from this server- Your tor exit node must not allow connections to freenode (tor exit node (chat.freenode.net:8000)). Email tor-kl...@freenode.net when corrected. (2015/1/24 09.41) I understand that my router and my PC share the same IP address to the remaining internet and IRC operators try to identify users by their IP address (which isn't possible). Reading up on the matter I found two texts: http://www.freenode.org/policy.shtml "The freenode network welcomes Tor users" http://www.freenode.org/irc_servers.shtml#tor "If you do want to be a Tor exit node and still use freenode, you will have to configure your exit policy to block all of the IRC ports we use, in addition to ports 80 and 443 as these are used for webchat." To me this sounds like "We welcome it, but please block all of its usage". They recommend to add a "reject *:*" rule, but that means the relay is no longer a relay, right? And blocking port 80 and 443 means Tor to become useless. As I can't find much on the matter by googling: is this actually a misalignment of Freenodes' statement to freedom as bad as it looks? If yes, what could I do about it? I'm a fairly experienced hobbyist hacker and admin, so I wouldn't fear writing some code. Cheers, Markus -- - - - - - - - - - - - - - - - - - - - Dipl. Ing. (FH) Markus Hitter http://www.jump-ing.de/ ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays