Re: [tor-talk] Accepting Java
On 2011-07-12 00:09, JW wrote: Max wrote: On 2011-07-11 18:46, JW wrote: Lalle Bralle wrote: I'm trying to get countermail working with my TOR bundle I use on a USB stick for added security and anomity when I feel I need it. However, I believe Java has some security holes that's why it's not accepted. While that's good I need TOR to accept java so I can access countermail's login applet and considering their site's security (no IP logging, added end-to-end encryption, OpenPGP encryption, digital certificates) along with the fact the added anomity I will receive by using a TOR bundle on my USB stick with a portable FireFox it should not be that harmful. Anyone that could help me? I, too have never found a recipe for success with Countermail. Indeed, the Countermail Engine requires Java in order to work. I have seen web traffic from the Countermail Team regarding Java security issues. You may want to write to them directly and ask. They will respond. They'll explain to you why they feel it's not an issue. I actually wound up accessing Countermail through Google Chrome and a Tor connection with JanusVPN. That works well, but then with Tor you run into the issue where you can login, but then you go to access your mail, or reply and you have to login again due to Tor's constantly shifting IP's. Countermail was supposed to be working on this issue,but I've yet to see a resolution. Bottom line, without Java CM won't work and with Tor it doesn't play nicely either. ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk Ah, ok. I will contact them as I've been asking questions and they respond quickly. Now it's always great with competition and other than AnonymousSpeech I haven't find any other decent anonymous e-mail domains. Could you or anyone as well recommend some other that works well with tor? I like both, I guess AS is preferred via TOR because it doesn't use Java. Actually, one CAN use Countermail in an email client such as Thunderbird , with the appropriate settings, and with Tor. I just set that up. No real need to access Countermail through a browser. ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk Great, that's actually what I wanted to accomplish when I begin using Thunderbird just a few days ago. I will try to make that work. :) ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] Downloading Firefox add-ons trough Tor. Safe?
Original Message From: Justin Aplin jap...@gmail.com I honestly don't know, but if you're *that* paranoid about your downloads being tampered with, navigating to https://addons.mozilla.org and looking up the add-ons manually is only a few extra clicks. I think it only checks the version with HTTPS, but download trough standard HTTP. I'm wondering if Firefox 3.6 has some checking of checksums or anything, not because I'm paranoid but because I'm wondering if this is safe to do on a regular basis by updating add-ons trough tor. ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] Accepting Java
Original Message From: Lalle Bralle noizi...@gmail.com I'm trying to get countermail working with my TOR bundle I use on a USB stick for added security and anomity when I feel I need it. However, I believe Java has some security holes that's why it's not accepted. While that's good I need TOR to accept java so I can access countermail's login applet and considering their site's security (no IP logging, added end-to-end encryption, OpenPGP encryption, digital certificates) along with the fact the added anomity I will receive by using a TOR bundle on my USB stick with a portable FireFox it should not be that harmful. Anyone that could help me? I'm on Linux and I've created iptables rules so only the user who runs the tor process is allowed to access the gateway, while the user who runs Firefox is not allowed to use the network at all. So I'm using Java and my logs have never detected any side channel transfers. ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] Accepting Java
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 2011-07-12 00:09, JW wrote: Max wrote: On 2011-07-11 18:46, JW wrote: Lalle Bralle wrote: I'm trying to get countermail working with my TOR bundle I use on a USB stick for added security and anomity when I feel I need it. However, I believe Java has some security holes that's why it's not accepted. While that's good I need TOR to accept java so I can access countermail's login applet and considering their site's security (no IP logging, added end-to-end encryption, OpenPGP encryption, digital certificates) along with the fact the added anomity I will receive by using a TOR bundle on my USB stick with a portable FireFox it should not be that harmful. Anyone that could help me? I, too have never found a recipe for success with Countermail. Indeed, the Countermail Engine requires Java in order to work. I have seen web traffic from the Countermail Team regarding Java security issues. You may want to write to them directly and ask. They will respond. They'll explain to you why they feel it's not an issue. I actually wound up accessing Countermail through Google Chrome and a Tor connection with JanusVPN. That works well, but then with Tor you run into the issue where you can login, but then you go to access your mail, or reply and you have to login again due to Tor's constantly shifting IP's. Countermail was supposed to be working on this issue,but I've yet to see a resolution. Bottom line, without Java CM won't work and with Tor it doesn't play nicely either. ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk Ah, ok. I will contact them as I've been asking questions and they respond quickly. Now it's always great with competition and other than AnonymousSpeech I haven't find any other decent anonymous e-mail domains. Could you or anyone as well recommend some other that works well with tor? I like both, I guess AS is preferred via TOR because it doesn't use Java. Actually, one CAN use Countermail in an email client such as Thunderbird , with the appropriate settings, and with Tor. I just set that up. No real need to access Countermail through a browser. ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk Is there something specific I need to do to make Thunderbirds' connections go through TOR? -BEGIN PGP SIGNATURE- Version: GnuPG v2.0.17 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iQEcBAEBAgAGBQJOHFe5AAoJEPec/BF37YscQGcIAIazi7Q1k+Kl3PQhIAkIBRF0 Fgl4ouN6BRGPV4OmAJlyWEjWyB/ghwcd0//Zl9197w+MUOPW6ISKMpI698umGnFN bXCRtzs9KrbPeRtIDHCHNKenZqYxFYXS4ZN21qfFTEwPbQSe41q9cbGA4D3u5044 al+sKWSjHdodZGnh4DIUv49aXhO7OyfL1ATRZevQG/2w85S2vENSgHy6V/0uHnSo sqGG+x6+dLd4u6ATqMXY9PQ696lfR7gw2ZmmYjgn+rLrjK1LIy2zBXZ2gXe1GN15 Kq7JvVMPhTfbDWAke/zDPwJVzZ8YMgUXchl9FKwnJYGr+2yGnLZ1FlfpvXBvCGk= =gptC -END PGP SIGNATURE- ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] Accepting Java
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 2011-07-12 00:09, JW wrote: Max wrote: On 2011-07-11 18:46, JW wrote: Lalle Bralle wrote: I'm trying to get countermail working with my TOR bundle I use on a USB stick for added security and anomity when I feel I need it. However, I believe Java has some security holes that's why it's not accepted. While that's good I need TOR to accept java so I can access countermail's login applet and considering their site's security (no IP logging, added end-to-end encryption, OpenPGP encryption, digital certificates) along with the fact the added anomity I will receive by using a TOR bundle on my USB stick with a portable FireFox it should not be that harmful. Anyone that could help me? I, too have never found a recipe for success with Countermail. Indeed, the Countermail Engine requires Java in order to work. I have seen web traffic from the Countermail Team regarding Java security issues. You may want to write to them directly and ask. They will respond. They'll explain to you why they feel it's not an issue. I actually wound up accessing Countermail through Google Chrome and a Tor connection with JanusVPN. That works well, but then with Tor you run into the issue where you can login, but then you go to access your mail, or reply and you have to login again due to Tor's constantly shifting IP's. Countermail was supposed to be working on this issue,but I've yet to see a resolution. Bottom line, without Java CM won't work and with Tor it doesn't play nicely either. ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk Ah, ok. I will contact them as I've been asking questions and they respond quickly. Now it's always great with competition and other than AnonymousSpeech I haven't find any other decent anonymous e-mail domains. Could you or anyone as well recommend some other that works well with tor? I like both, I guess AS is preferred via TOR because it doesn't use Java. Actually, one CAN use Countermail in an email client such as Thunderbird , with the appropriate settings, and with Tor. I just set that up. No real need to access Countermail through a browser. ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk I forgot to ask. How do I actually check if Thunderbird is going through TOR? I have setup so it works with firefox but there's a check site for that. -BEGIN PGP SIGNATURE- Version: GnuPG v2.0.17 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iQEcBAEBAgAGBQJOHGSIAAoJEPec/BF37Yscd3MIALSkKnXEMOHINPtmvyIwIOH/ VbIj3LU9u9yJhtlfE9mMAo2pqz1G1Y4moLCNlcK1ifoPekVSzt5GLF/3b6gJcfF6 QWMQlD6HzKYYPeylXkODS6GfRBMkowqEob045Zm3jfjsInNBhPJGUCARspwCYwl0 VBAh3SGBg9fbdW5UfRFTrWw3KqKgrBhKVGkcZ7pT/j2RbomQhjRnqfcHTHp+JK4M CdcUuUGPMWTlFotNQH0MzYtYqqTDnUGOahepeiAndeE7SGP780mNcnJebAc5JxGf p8tIGFc12jNZykgK20reQ4HKjB+smp8qPLgLncRlleUdiDYnb7QMGaSXOkYN6no= =v54r -END PGP SIGNATURE- ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
[tor-talk] Is it possible to use Tor and Web-based Messenging Services?
Hi, A Scroogle search for messenging online reveals quite a few services. However, my experience has been that such services do not work properly with Tor. I'm not sure why but either I cannot complete the login process or my buddies do not appear or suchlike. All I am trying to do is to login with a Hotmail or Yahoo address then add people, chat, etc. I realize that I can download Pidgin and suchlike and use them with Tor but (for now at least) I would like to see if I can get web-based chat to work. If anyone has had positive experiences with any web-based chat / messengering services combined with Tor then please let me know. Thanks, William ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] Is it possible to use Tor and Web-based MessengingServices?
Original Message From: William Wrightman williamwright...@yahoo.com [...] If anyone has had positive experiences with any web-based chat / messengering services combined with Tor then please let me know. I think you can use tor for anything, unless you're using a tor exit that's banned. The problem is usually that such services require Java to work, and Java is mostly disabled or recommend to be disabled on tor setups because it can reveal your true IP by going side by tor. But if you know how to firewall your tor setup, you should be able to safely use Java. I don't know if you know how to do that, I think such firewalling is safer and works best on Linux anyway. ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] tor-0.2.2.30rc, torrc, ExitNodes, EntryNodes parameters.Not Recognized.
On 7/12/2011 1:24 PM, Luis Maceira wrote: I define some entry nodes or exit nodes in torrc and tor-0.2.2.30rc ignores them completely.Is this a new feature of 0.2.2.x series of releases? ___ Are you using Vidalia bundle or browser bundle? Did you edit it while Tor was running? Did you close all Tor, Vidalia, browser processes, then restart after editing torrc? And made sure the changes were saved? (I've failed to save changes made in files - or something went wrong) Did you use the StictExitNodes 1...command after defining the exit nodes? https://www.torproject.org/docs/tor-manual.html.en ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
