Re: [tor-talk] Google disable web-access to gmail for Tor-users?
I used version 8. sdk tools rev 10 sdk platform-tools rev 3 plat 3.0 api 11 rev 1 + google api 11 rev 1 plat 2.3.3 api 10 rev 1 + google api 10 rev 1 plat 2.2 api 8 rev 1 + google api 8 rev 2 These all work. I wanted to install the platform-tools, platforms and add-ons individually via the command line but didn't have luck with the filters. 3.0 has a nice big tablet interface, but no keypad/button panels and it seems to wedge now and then. This should add the option to create a google account. The above are working as expected now. android list android create avd -t id -n name when you create an avd you have the option of specifying a custom screen resolution I didn't have much luck there. My physical crt is 21 at 1600x1200. So I'd want the android glass to be maybe 800x600, excluding the keypad/button panels off to the right. All within an X window of maybe 1024x768. Anyways: emulator -avb name -wipe-data -scale 0.76 Regarding identities and what is being sent... # sdk installation Though I haven't hashed the installation tree, I don't expeect android/google is issuing unique software packages (with embedded certs, etc). # avb runtime There are notes on the developer blog about various software generated identities. So at minimum the avd's should be regenned per account. You could diff the avb dirs. And further unpack/mount the images. Also: adb bugreport # host Though less likely, there could also be access (via java, blobs) of the host system UUID, MAC address, etc. # wire It's https, can't sniff it. I doubt google still has a fallback http creation interface either. My guess is that if you torify the entire box, regen the avb's and maybe change your MAC... you should be safe across accounts. But to be sure... I don't have any idea how this works. If anyone is interested in poking into this I suggest adding a self-signed root CA on a device or emulator and use sslsniff + wireshark to see what is going on. I found a nice tutorial explaining how to install a root CA here: http://wiki.cacert.org/ImportRootCert Unfortunately this did not work and the certificate is still untrusted. I also tried installing the certificate from the SD card (through settings-locationsecurity-install from sd card), but that doesn't affect the global certificate store. Attempts to create an account failed and sslsniff did not log anything. There's probably some android debugger that would work to trace the I/O of the android process that's talking through the stack to google. Regardless of what's being sent, I'm pretty sure it's using a lightweight android domain/proxy service cluster within google. ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
[tor-talk] TB-1.3.2alpha don't work under FF 3.6.16
TB-1.3.2alpha don't work under FF 3.6.16 from Ubuntu 10.10 distribution: I cannot save changing of settings (button OK don't pushable). TB-1.2.5 is workable with it. ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] Arm Release 1.4.2
arm version 1.4.2.2 (released April 6, 2011) typo in the manpage: -v, --verion provides version information ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] Google disable web-access to gmail for Tor-users?
On 05.04.2011 08:21, Aaron wrote: If you must have GMail, I've noticed that accounts created on android devices are not subject to these checks. And yes, even when using Tor via Orbot. You don't have an android phone? The following works too: 1. Install the android sdk/emulator and create an avd. I tested with API 8 (android 2.2) + google apis Oh, it is so slow to install that emulator through Tor... Do I need only install for that API 8 (android 2.2) + google apis, not others? And why do you try it with that version (which is now so new)? ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] Google disable web-access to gmail for Tor-users?
On 4/6/2011 7:27 PM, grarpamp wrote: Don't understand clinging to Gmail for dear life. They just happen to have some really good services and tie-ins that all rely on having a gmail/google account. I may just cough up $20 for a disposable phone to get that. If someday the services really become a real world value to me, sure, I'd get another phone or use my own, no problem :) ___ If I understand some Tor users' reasoning, they want to use Tor w/ email for various privacy reasons AND they want to use really good services tie-ins at the same time? Plus, some are concerned about having huge email storage while using Tor? Uh, not sure I understand that. I must be missing something. You do know anything stored on their servers isn't private? My questions here are sincere - trying to learn - why use Tor email (? on everyday basis ?) AND Gmail? Presumably, the email contents would only be hidden from ISPs - or perhaps prevented from being intercepted. The weakest link in chain is everything is exposed to Google. Maybe I'll learn something about privacy / security by meaningful input why Tor + Gmail are so important. No offense, but I don't consider really good services or storage, etc., priorities when using Tor (if I was going to use it w/ email). In some respects, if using Gmail, you may as well take out a front page ad on NY Times. So why the concern for certain features (vs basic email service) AND Tor compatibility? Why not use another provider w/ Tor, and a diff one (Gmail, if you insist) for everyday email? What are a few of the reasons for using Tor w/ email, where it's not just as easy to use another Tor friendly provider? IMHO, the brand recognition issue, especially when using Tor, doesn't make sense. If you want privacy, Gmail or anything remotely connected to Google isn't the place to be. Not an opinion - well documented over yrs. It's like saying, how can I stick my head in a lion's mouth w/o getting bitten? How about not sticking it in at all? ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] Arm Release 1.4.2
Thanks, fixed in the trunk. -Damian On Thu, Apr 7, 2011 at 6:19 AM, tagnaq tag...@gmail.com wrote: arm version 1.4.2.2 (released April 6, 2011) typo in the manpage: -v, --verion provides version information ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] TB-1.3.2alpha don't work under FF 3.6.16
On 4/7/2011 6:21 AM, Orionjur Tor-admin wrote: TB-1.3.2alpha don't work under FF 3.6.16 from Ubuntu 10.10 distribution: I cannot save changing of settings (button OK don't pushable). TB-1.2.5 is workable with it. ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk Did you go thru a complete uninstall process of TB 1.2.5 before installing 1.3.2? After uninstalling prev vers, try looking in about:config, removing references to torbutton. I had to do that once when changing versions. Make sure the old TB is gone from Firefox close FX before installing TB. I have found a couple of addons that seem to interfere w/ TB, or vice versa. ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] TB-1.3.2alpha don't work under FF 3.6.16
On 07.04.2011 14:52, Joe Btfsplk wrote: On 4/7/2011 6:21 AM, Orionjur Tor-admin wrote: TB-1.3.2alpha don't work under FF 3.6.16 from Ubuntu 10.10 distribution: I cannot save changing of settings (button OK don't pushable). TB-1.2.5 is workable with it. ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk Did you go thru a complete uninstall process of TB 1.2.5 before installing 1.3.2? After uninstalling prev vers, try looking in about:config, removing references to torbutton. I had to do that once when changing versions. Make sure the old TB is gone from Firefox close FX before installing TB. I have found a couple of addons that seem to interfere w/ TB, or vice versa. ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk Thanks for your advice, but I install that version of TB on new-installed systed where was no any TB earlier. ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] Google disable web-access to gmail for Tor-users?
If I understand some Tor users' reasoning, they want to use Tor w/ email for various privacy reasons AND they want to use really good services tie-ins at the same time? ... My questions here are sincere - trying to learn The shortest answer is that strong pseudonyms are useful, even (or especially) in a well connected social environment. Many people want to have those links. Many want use some of the services google offers: https://www.google.com/intl/en/options/ Many want to participate in the scene... just not as themselves. No one here is saying that google is not indeed terribly evil. Nor does being social or using google services equate to compromise of one's nym. That's up to the user and how they use it. Some keep their nym intact, some selectively disclose, some fully. Google, facebook, twitter, etc are all good entry points into the space, whether one chooses to do so pseudonymously or not. If they forbid access from anonymity networks, that element of usage is broken. So people testing and cataloging what works and doesn't, and finding workarounds, is a very useful thing. Some want location masking, some want identity masking, some want both. Presumably, the email contents would only be hidden from ISPs The weakest link in chain is everything is exposed to Google. Maybe I'll learn something about privacy / security by meaningful input why Tor + Gmail are so important. They are no more important to privacy/security than any other provider. All providers of all services are not to be trusted in that regard. Neither is anyone who might be able to trump them. That's old news :) IMHO, the brand recognition issue ... doesn't make sense. See the first paragraphs. ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] Google disable web-access to gmail for Tor-users?
Those are very good points. My usage is just to expand the Tor community and get some modicum of privacy. The more regular users that use Tor, the more acceptable it's use will be perceived. As, if only the pedophiles and criminals use it, then it draws more attention and immediately labels you a bad guy if you're suspected of using Tor. It also adds to the cost of those who would try to circumvent it's use. Yep. Many people use anonymity networks for their day to day biz and personal life, even with their real identity. Nothing 'bad' about it. It's kindof cool even. I don't like the association of such nets with 'bad' elements. They'll always be there, and overridden by the 'good' ones. Call it critical mass :) ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] Tor IM Bundle
Thank you very much for this info about wiping the drive. I will do that. For reference about deleting the logs so I can know this for my other computers as well, if I just delete the entire Tor IM Browser Bundle folder, will this delete all the Pidgin Chat logs and web history from the Tor Browser? Or is there some extra step I need to take to delete all of these Pidgin chat logs and web history? Thank you for your expertise. There are many intelligent people on this list, I appreciate your knowledge. On Thu, Apr 7, 2011 at 10:13 PM, Moritz Bartl mor...@torservers.net wrote: On 07.04.2011 23:17, michael jefferson wrote: I would like to give my computer away to someone who doesn't have a computer and if I could delete these pidgin chat logs first that would be great. You have to wipe your drive, which means to overwrite it completely. Do not give away any hard drive without wiping it first. Deleted files can easily be restored (deletion only removes the pointer to a file, not the file itself). -- Moritz Bartl https://www.torservers.net/ ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] Tor IM Bundle
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Why not just delete the entire Tor Bundle folder? You can also download this tool and erase your entire system by booting it from it: http://www.dban.org/download Have fun! - -- SiNA pgp 0x0B47D56D On 04/07/2011 02:17 PM, michael jefferson wrote: Hi there, I am new and searched the archives to find this before I asked but couldn't find the answer. I ask your forgiveness please if it is somewhere there but I couldn't find it. Thank you. I am just wondering, I have the Tor IM Browser Bundle with Firefox and Pidgin and am taking it off my old computer before I give my computer away. If I just delete the Pidgin folder that is self contained in the Tor Browser folder will that be enough to delete my Pidgin chat logs that I saved? Or are they saved in another place? Also, is there any browser history that I might need to delete? Again, I am very sorry that I couldn't find this answer and I very much appreciate any assistance you could provide. I would like to give my computer away to someone who doesn't have a computer and if I could delete these pidgin chat logs first that would be great. Thank you, Mikey ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.10 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iQIcBAEBAgAGBQJNnmcNAAoJEJPBwXYLR9VtC/sP/i5idhg+1hniiZbAheu2VGSm aY2CYD0MejeovW+15p8OMpUt2TIPbazrriZgOgeTtPJl9n2FFWOF0zcPDXJYEiwt reGWsZPOBu7E5GOlBLX9E1JduaYBkp8vafJtkW/uFlXbJSzNNdda008ZQujHErdW lrSQ0OC2PlmCBZoWNuZyMkC+BPDPJgC8VMOOHtF9iFu89jX9l49OhqQz80aijQu+ xn/fsYnzpAqNopQeUBUO3sGs8fzGxAXBEPBALUsC2kFBI9FpW2Xpl0P5SHHsXYSI 0c5EGUXpV5pf8qc+saM70NsdlKzlzwBN7/3NNcF/hZAZvyudT/lRFXN26/X12rXJ AQ6C2xTRbVBzXebgUSbHZ8NPReIITwz4rBsV2g8b8SKKto7HKGflIrBh+xOsVmUR ZquX0Ls72eaHUFt9/0n5VLuMk5CyfRwGO6noy+CT61mKi0l4Vs51qNCTV0ef2vgq +SuWFfTw9eY7knKblJOXH3aBGxnr4jqDnjJeWTAogF7Uu/qNS7ug1XxlUdqkbI10 TitUVisgQDUxKBPwlEGKwUZ9doPUG97gUWwyf/XeYf3pDB/veyi1M4hB4qK1v+j2 I7NtvoXM8+MN+u5Yo1h0ybXN3vwUH99pAxwSFLf8N3B06O9iC6xEy55AEWsaoSmX 2ZwB3BXd7tsaCC2eSDp+ =VdCJ -END PGP SIGNATURE- ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] location question
On 08.04.2011 03:52, Roger Dingledine wrote: On Fri, Apr 08, 2011 at 03:04:01AM +, AJ Baumgartner wrote: tor claims to mask your location. i tested out this feature by visiting a youtube video that is blocked in my country. after using tor to visit the page, and repeatedly using the new identity feature to no avail. if anyone has any advice on this, i would appreciate it. youtube video address below. http://www.youtube.com/watch?v=TOsJ_Kfh_FU You may find this FAQ entry useful: https://torproject.org/torbutton/torbutton-faq.html.en#noflash You can find that link in item 'b' of https://torproject.org/download/download#warning --Roger ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk Roger, what do you think about using gnash instead flash? Could it deanonymize too? ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
