Re: [tor-talk] What is tor used for?
On Thu, Nov 03, 2011 at 04:23:48AM -, toru...@tormail.net wrote: i believe there is a real need for secure communications but as a new user to tor it seems the common entry points to the network are rife with criminal activity. the torproject website lists users as friends and family, military, business owners etc - use cases that make sense to me, but i've yet to find any stories or ancedontal evidence to suggest this is really the case. instead i find core.onion linking to adult content that has little to do with adults and market sites that deal with illegal trade in weapons and drugs. so far it has me wondering if tor is really used for the humanitarian purposes the technology has the potential of aiding. i would really appreciate hearing real stories and highlights of how has helped in the use cases torproject lists. You might like https://torproject.org/about/torusers.html.en https://blog.torproject.org/blog/we-need-your-good-tor-stories Really, getting good stories of Tor successes is tricky, because if Tor is doing its job, nobody notices. I know a lot of people who have really interesting Tor success stories and have no interest in telling the world who they are and how they managed (until that moment when everybody is reading about them, that is) to stay safe. Still, there are a bunch of other stories out there that haven't been documented as well. For example, I really like Nasser's story about his experiences in Mauritania: http://www.technologyreview.com/computing/22427/page4/ I think I understand one of your confusions though, when you say the common entry points to the network. You're thinking about hidden services, which are not Tor's main use case (Tor's main use case is accessing the rest of the Internet safely). Hidden services have gotten less broad attention from the Tor user base, since most people who install Tor have a website in mind like twitter or indymedia that they want to visit safely. Some good use cases that we've seen for hidden services in particular include: - I know people (for example, in countries that have been undergoing revolutions lately) who run popular blogs but their blogs kept getting knocked offline by, well, criminals. The common blogging software they used (like Wordpress) couldn't stand up to the ddos attacks and breakins. The solution was to split the blog into a public side, which is static html and has no logins, and a private side for posting, which is only reachable over a Tor hidden service. Now their blog works again and they're reaching their audiences. And as a bonus, the nice fellow hosting the private side for him doesn't need to let people know where it is, and even if they figure it out, the nice fellow hosting it doesn't have any IP addresses to hand over or lose. - Whistleblowing websites want to provide documents from a platform that is hard for upset corporations or governments to censor. See e.g. http://globaleaks.org/ - Google for 'indymedia fbi seize'. When Indymedia offers a hidden service version of their website, censoring organizations don't know which data centers to bully into handing over the hardware. - Data retention laws in Europe (and soon in the US too at this rate) threaten to make centralized chat networks vulnerable to social network analysis (step one, collect all the data; step two, get broken into by corporations, criminals, external governments, you name it; step three comes identity theft, stalking, targeted scam jobs, etc etc). What if you had a chat network where all the users were on hidden services by default? Now there's no easy central point to learn who's talking to who and when. Building one and making it usable turns out to be hard. But good thing we have this versatile tool here as a building block. How's that for a start? It is certainly the case that we (Tor) spend most of our time making the technology better, and not so much of our time figuring out how to market it and change the world's perception on whether being safe online is worthwhile. Please help. :) --Roger ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] Don't use Google as default search in Tor Browser?
On 2 November 2011 20:17, Julian Yon jul...@yon.org.uk wrote: On 02/11/11 23:32, Joe Btfsplk wrote: I have no concrete knowledge if it would violate any Mozilla agreements. As the GPL is one of the license options, there is no way that any contract or agreement between Google and Mozilla could possibly be binding on a third party. Mozilla do impose restrictions on use of their trademarks but as TBB uses the Aurora non-branding that isn't an issue. Julian I am inclined to consider the lack of privacy friendly default search engines in TBB as a bug. Yes removing Google as the default should be a trivial change. Could any of the developers comment on this? Thanks. ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] What is tor used for?
On 03/11/11 04:23, toru...@tormail.net wrote: so far it has me wondering if tor is really used for the humanitarian purposes the technology has the potential of aiding. i would really appreciate hearing real stories and highlights of how has helped in the use cases torproject lists. I'm willing to speak up, although I'm not going to be very specific. As Roger has already implied, it kind of defeats the point of Tor if you then broadcast to the world what traffic you're pushing through it. I am a part time political activist in the United Kingdom. Due to disability and chronic illness I don't manage to do much work on the ground. Instead I work online to motivate and inform other activists, and increase awareness of issues that our mostly state-supporting media chooses not to report. Things are not good here at the moment. Although we are by no means China or Syria (thank G-d), we are not a free country either. There is much to be challenged and the establishment has a strong interest in further restrictions of liberty. Many people, myself included, have been spuriously arrested over the past few years and police brutality has become an everyday occurrence. The ethnic cleansing which we thought was consigned to history is back, and many of us now live in genuine fear. I assume the rest of the world is seeing very little of this. I don't hide the fact that I'm against the government. It's pretty hard to do what I do without being noticed. But that doesn't mean I want everything to be public. That would be pretty dangerous. Like in the USA, people are being badly beaten by the police simply for engaging in legitimate protest. I am more likely than most to die from a beating because I don't heal properly. If I don't have to publicise what I'm doing and where I'm doing it, I don't intend to. I'm not engaging in criminal activity, but I am fighting for my kids' rights and would like to stay alive. The UK is one of the most watched countries in the world. Tor allows people like me to be selective in what we allow the authorities to know. When the guys with the big sticks and guns are looking for any excuse to have some fun, and the government is happy to increase their power, we all have something to hide. Julian -- 3072D/D2DE707D Julian Yon (2011 General Use) pgp.2...@jry.me signature.asc Description: OpenPGP digital signature ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
[tor-talk] SOCKS error
One moment I get name resolution and I can access a site. Then I get... Connect to THE_SITE_NAME:80 failed: SOCKS error And I can't access it any longer. WHY ? -- Dave Multi-AV Scanning Tool - http://multi-av.thespykiller.co.uk http://www.pctipp.ch/downloads/dl/35905.asp ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
[tor-talk] Tor client pushing large amounts of data?
My local tor client runs 0.2.3.7-alpha. Just now I stumbled upon this: Heartbeat: Tor's uptime is 2 days 6:00 hours, with 0 circuits open. I've sent 48.04 GB and received 992.41 MB. I don't run a bridge and don't run hidden services. Nothing in my usage makes me expect the large 'sent' value. Is the counter wrong or do I want to investigate further? Sebastian ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
[tor-talk] Tor 0.2.2.34 crashes
Hello tories, after reading this mail I started to upgrade my two tor nodes which ran stable for years. I never have seen my tor process disappearing from the process list. Unfortunamtely, after upgrading to 2.2.34 on both nodes tor is crashing within a short time. I started tor in debug mode sending its debug log into a file. The crash always happens at the same point. root@h1896303:/chroot/tor/log# tail debug.log.2 Nov 01 19:52:13.842 [debug] connection_or_process_cells_from_inbuf(): 129: starting, inbuf_datalen 512 (0 pending in tls object). Nov 01 19:52:13.842 [debug] relay_lookup_conn(): found conn for stream 62648. Nov 01 19:52:13.843 [debug] circuit_receive_relay_cell(): Sending away from origin. Nov 01 19:52:13.843 [debug] connection_edge_process_relay_cell(): Now seen 239 relay cells here (command 2, stream 62648). Nov 01 19:52:13.843 [debug] connection_edge_process_relay_cell(): circ deliver_window now 999. Nov 01 19:52:13.843 [debug] connection_or_process_cells_from_inbuf(): 129: starting, inbuf_datalen 0 (0 pending in tls object). Nov 01 19:52:13.843 [debug] conn_read_callback(): socket -1 wants to read. Nov 01 19:52:13.843 [debug] fetch_from_buf_http(): headerlen 186, bodylen 0. Nov 01 19:52:13.843 [debug] directory_handle_command_get(): Received GET command. Nov 01 19:52:13.843 [debug] directory_handle_command_get(): rewritten url as '/tor/status-vote/current/consensus/14C131+27B6B5+49015F+585769+805509+D586D1+E8A9C4+ED03BB.z'. My tor runs in a chrooted environment. Together with tor I upgraded libevent to the latest release (2.0.15). Any ideas? Where can I start searching the bug? Thanks for any hint in advance Thomas Am Freitag, 28. Oktober 2011 schrieb Roger Dingledine: Tor 0.2.2.34 fixes a critical anonymity vulnerability where an attacker can deanonymize Tor users. Everybody should upgrade. The attack relies on four components: 1) Clients reuse their TLS cert when talking to different relays, so relays can recognize a user by the identity key in her cert. 2) An attacker who knows the client's identity key can probe each guard relay to see if that identity key is connected to that guard relay right now. 3) A variety of active attacks in the literature (starting from Low-Cost Traffic Analysis of Tor by Murdoch and Danezis in 2005) allow a malicious website to discover the guard relays that a Tor user visiting the website is using. 4) Clients typically pick three guards at random, so the set of guards for a given user could well be a unique fingerprint for her. This release fixes components #1 and #2, which is enough to block the attack; the other two remain as open research problems. Special thanks to frosty_un for reporting the issue to us! (As far as we know, this has nothing to do with any claimed attack currently getting attention in the media.) Clients should upgrade so they are no longer recognizable by the TLS certs they present. Relays should upgrade so they no longer allow a remote attacker to probe them to test whether unpatched clients are currently connected to them. This release also fixes several vulnerabilities that allow an attacker to enumerate bridge relays. Some bridge enumeration attacks still remain; see for example proposal 188. https://www.torproject.org/download/download Changes in version 0.2.2.34 - 2011-10-26 o Privacy/anonymity fixes (clients): ... ... signature.asc Description: This is a digitally signed message part. ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] Tor 0.2.2.34 crashes
On Thu, Nov 3, 2011 at 1:37 PM, thomas.hluch...@netcologne.de thomas.hluch...@netcologne.de wrote: Hello tories, after reading this mail I started to upgrade my two tor nodes which ran stable for years. I never have seen my tor process disappearing from the process list. Unfortunamtely, after upgrading to 2.2.34 on both nodes tor is crashing within a short time. I started tor in debug mode sending its debug log into a file. The crash always happens at the same point. root@h1896303:/chroot/tor/log# tail debug.log.2 Hi, Thomas! This looks like you're using a Unix box, which makes stuff easier. The best way to debug a crash is by getting a stack trace -- either getting a core dump, or by running Tor under gdb. That will tell us exactly which part of the program is failing. Just let us know if you need help doing that and you can't find good instructions online. cheers, -- Nick ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] New Browser Bundle
yes u r right .. Java Script an cookies should be disabled but why there r not in this version this is the question should been answered Date: Thu, 3 Nov 2011 01:30:00 -0400 From: zzretro...@email2me.net To: tor-talk@lists.torproject.org Subject: [tor-talk] New Browser Bundle Hullo. noticed that the new, very latest browser bundle for windows has Java Script enabled, cookies enabled and NoScript changed settings back to enable globally considered dangerous! Any reason for this? Even after I unchecked enable globally I started to surf and then noticed a different icon on the top of the window of Aurora where it now shows an icon for 'Tor enabled and 'NoScript'. When I went back into NoScript Preferences, that's when I found enable globally - dangerous - checked again//??*#@%^] flat on my face_ (..) I guess I really don't understand this NoScript. It shows one icon that supposedly protects me, but that icon is nowhere to be found in the preferences panel/window. Why not? It has always seemed very confusing and misleading to me and why it changes settings that I haven't changed I do not know. I am not tech savvy, computer gravy or hair wavy. But now I must learn. A little help please on how or where to go, to understand NoScript. Maybe I would be better off just disabling it altogether? H? Again though, aren't Java Script and cookies supposed to be disabled for Tor to work at its best in creating anonymity? I don't know how to tweak it like you'all do and I stopped doing substances many years ago. You know? Not playing 'hide 'n go tweak' any longer. Takes 3 months for a book on Terminal to reach me and there's still a month and a half to go! Tanks! Advance! In! ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] Tor 0.2.2.34 crashes
Hello, thanks for your response. Couriously I find no corefile. But I did that nice command: root# strace -f -o tor.strace.02 /usr/bin/chroot /chroot/tor /bin/tor The tracefiles have between 7 an 10 mb, with gzip 500-850k. Are you interested in having a look at one? They end up with these lines: 15811 time(NULL)= 1320171090 15811 time(NULL)= 1320171090 15811 --- SIGSEGV (Segmentation fault) @ 0 (0) --- 15812 +++ killed by SIGSEGV +++ Another output shows the dependent shared libraries in my environment (+ some more stuff): root@h1896303:/root# lsof -p 25448 COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME tor 25448 tor cwdDIR9,1 4096 913933 /chroot/tor/var tor 25448 tor rtdDIR9,1 4096 913922 /chroot/tor tor 25448 tor txtREG9,1 3452331 913940 /chroot/tor/bin/tor tor 25448 tor memREG9,1 13340552 913962 /chroot/tor/var/cached-descriptors tor 25448 tor memREG9,154467 913982 /chroot/tor/lib/libnss_files.so.2 tor 25448 tor memREG9,149683 915042 /chroot/tor/lib/libnss_nis.so.2 tor 25448 tor memREG9,1 107282 915045 /chroot/tor/lib/libnsl.so.1 tor 25448 tor memREG9,140250 913976 /chroot/tor/lib/libnss_compat.so.2 tor 25448 tor memREG9,143341 913973 /chroot/tor/lib/librt.so.1 tor 25448 tor memREG9,1 1670857 913972 /chroot/tor/lib/libc.so.6 tor 25448 tor memREG9,117392 913971 /chroot/tor/lib/libdl.so.2 tor 25448 tor memREG9,1 125115 913970 /chroot/tor/lib/libpthread.so.0 tor 25448 tor memREG9,1 1685208 913969 /chroot/tor/lib/libcrypto.so.1.0.0 tor 25448 tor memREG9,1 351456 913967 /chroot/tor/lib/libssl.so.1.0.0 tor 25448 tor memREG9,1 834262 913966 /chroot/tor/lib/libevent-2.0.so.5 tor 25448 tor memREG9,1 191006 913965 /chroot/tor/lib/libm.so.6 tor 25448 tor memREG9,175416 913963 /chroot/tor/lib/libz.so.1 tor 25448 tor memREG9,1 143978 915046 /chroot/tor/lib/ld-linux.so.2 tor 25448 tor0u CHR1,3 0t0 913938 /chroot/tor/dev/null tor 25448 tor1u CHR1,3 0t0 913938 /chroot/tor/dev/null tor 25448 tor2u CHR1,3 0t0 913938 /chroot/tor/dev/null tor 25448 tor3u 0,90 1012 anon_inode tor 25448 tor4u sock0,6 0t0 21020578 can't identify protocol tor 25448 tor5u unix 0xf34ea5c0 0t0 21020572 socket tor 25448 tor6u unix 0xf34ea7c0 0t0 21020573 socket tor 25448 tor7u 0,90 1012 anon_inode tor 25448 tor8u IPv4 21020574 0t0 TCP *:etlservicemgr (LISTEN) tor 25448 tor9u IPv4 21020575 0t0 TCP *:9030 (LISTEN) tor 25448 tor 10w REG9,1 7285 914703 /chroot/tor/log/notices.log tor 25448 tor 11w REG9,1 12832838 914712 /chroot/tor/log/debug.log tor 25448 tor 12uW REG9,10 913993 /chroot/tor/var/lock Regards Thomas Am Donnerstag, 3. November 2011 schrieb Nick Mathewson: On Thu, Nov 3, 2011 at 1:37 PM, thomas.hluch...@netcologne.de thomas.hluch...@netcologne.de wrote: Hello tories, after reading this mail I started to upgrade my two tor nodes which ran stable for years. I never have seen my tor process disappearing from the process list. Unfortunamtely, after upgrading to 2.2.34 on both nodes tor is crashing within a short time. I started tor in debug mode sending its debug log into a file. The crash always happens at the same point. root@h1896303:/chroot/tor/log# tail debug.log.2 Hi, Thomas! This looks like you're using a Unix box, which makes stuff easier. The best way to debug a crash is by getting a stack trace -- either getting a core dump, or by running Tor under gdb. That will tell us exactly which part of the program is failing. Just let us know if you need help doing that and you can't find good instructions online. cheers, signature.asc Description: This is a digitally signed message part. ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] Tor 0.2.2.34 crashes
On Thu, Nov 3, 2011 at 3:38 PM, thomas.hluch...@netcologne.de thomas.hluch...@netcologne.de wrote: Hello, thanks for your response. Couriously I find no corefile. The SEGV in your trace suggests that it died in a way that could have produced a core, if core dumps were enabled. Is there something in your chroot configuration or your rlimit that's disabling them for Tor? Oh! Also, you should make sure that Tor can find your GeoIPFile, to rule out some variant of bug https://trac.torproject.org/projects/tor/ticket/4340 . But I did that nice command: root# strace -f -o tor.strace.02 /usr/bin/chroot /chroot/tor /bin/tor The tracefiles have between 7 an 10 mb, with gzip 500-850k. Are you interested in having a look at one? Those are likely to have data that I should not see, like your private keys or user IPs. I don't want to look at those. :) Also, the SEGV suggests that it's a null-pointer reference or something that's going wrong here, so probably the earlier syscalls aren't going to help. It's a stack trace that would be useful here, I'm afraid. yrs, -- Nick ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] Tor client pushing large amounts of data?
Heartbeat: Tor's uptime is 2 days 6:00 hours, with 0 circuits open. I've sent 48.04 GB and received 992.41 MB. This looks like a mostly-harmless integer overflow bug. How so? I'd expect much lower values, not higher. I think it would help to post the bandwidth history: Tor's uptime is 6:00 hours, with 3 circuits open. I've sent 4.01 GB and received 419.10 MB. Tor's uptime is 12:00 hours, with 3 circuits open. I've sent 4.02 GB and received 696.57 MB. Tor's uptime is 18:00 hours, with 1 circuits open. I've sent 4.03 GB and received 831.90 MB. Tor's uptime is 1 day 0:00 hours, with 3 circuits open. I've sent 4.03 GB and received 877.31 MB. Tor's uptime is 1 day 6:00 hours, with 28 circuits open. I've sent 32.03 GB and received 880.58 MB. Tor's uptime is 1 day 12:00 hours, with 0 circuits open. I've sent 48.04 GB and received 989.46 MB. Is there significant overhead for many small packets, eg. HTTP requests? Sebastian ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] Tor-fi: risks of mobile hotspot feature in Orbot 1.0.6
On Thu, Nov 03, 2011 at 03:49:28PM -0400, Nathan Freitas wrote: While is definitely a feature that has a cool factor to it and will get some attention, I want to make sure we have thought through the risks/downsides of utilizing this feature, so that we can communicate them in any blogs, websites or tutorials. I also wonder if similar thoughts or documentation has been created within the TorRouter context. For example, Bob's iPad connects to Alice's Android's Tor-fied Wifi connection, and uses all sorts of non-https apps that leak enough information about Bob (google map location data), that reveals Alice's real-life location. Sounds like you really want your setup to make use of the proposal 171 separate streams feature that went into Tor 0.2.3.3-alpha: - You can now configure Tor so that streams from different applications are isolated on different circuits, to prevent an attacker who sees your streams as they leave an exit node from linking your sessions to one another. To do this, choose some way to distinguish the applications: have them connect to different SocksPorts, or have one of them use SOCKS4 while the other uses SOCKS5, or have them pass different authentication strings to the SOCKS proxy. Then, use the new SocksPort syntax to configure the degree of isolation you need. This implements Proposal 171. In what way are you proxying all of the traffic from the other users into your Tor client? See the Isolate* entries in the man page in Tor master. I keep saying this is no different than TorRouter in terms of risk profile, but am I wrong? The Torouter people should probably be asking themselves the same questions I asked above. --Roger ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] Tor client pushing large amounts of data?
tl;dr Did you by any chance compile tor with bufferevents enabled (--enable-bufferevents)? Let's see the path of the sent bytes string: The heartbeat code (src/or/status.c) receives the bytes sent in log_heartbeat() using 'uint64_t get_bytes_written(void)' and stores it into a uint64_t. Then it passes it to 'static char *bytes_to_usage(uint64_t bytes)' which has an 'if' statement checking the number of bytes so that it can return a meaningful string. In this case we got into the 'else' part of the 'if' which is activated iff '(bytes = (130))', which means more or equals to a gigabyte. Then 'bytes', a uint64_t, is casted into a double and printed into a string. The only problem I can see here is if 'bytes' is bigger than what the mantissa part of double can represent, in which case we start losing precision. The mantissa part is usually™ 53-bits which can represent 9~ petabytes; so it's gonna take a while and is probably irrelevant with this thread's problem. I don't see an integer overflow or underflow happening anywhere either. From what I can gather, 'bytes' got into bytes_to_usage() with a value around 48.08*(2^30). Did you by any chance compile tor with bufferevents enabled? ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] What is tor used for?
On Thu, Nov 03, 2011 at 04:23:48AM -, toru...@tormail.net wrote 0.9K bytes in 25 lines about: : the torproject website lists users as friends and family, military, : business owners etc - use cases that make sense to me, but i've yet to : find any stories or ancedontal evidence to suggest this is really the : case. instead i find core.onion linking to adult content that has : little to do with adults and market sites that deal with illegal trade : in weapons and drugs. each of these 'use cases' are real testimonials sent to us. we didn't make them up, but we did have to keep them anonymous. We have a further set of quotes/testimonials from people that we're trying to figure out how to publish in some sane fashion. -- Andrew pgp key: 0x74ED336B ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] New Browser Bundle
On Thu, Nov 03, 2011 at 01:30:00AM -0400, zzretro...@email2me.net wrote 4.2K bytes in 100 lines about: : Any reason for this? Even after I unchecked enable globally I started to surf : and then noticed a different icon on the top of the window of Aurora where it : now shows an icon for 'Tor enabled and 'NoScript'. The current draft of the TBB design document is here, https://www.torproject.org/projects/torbrowser/design/ It should help explain the choices made in TBB so far. Feedback is welcome. -- Andrew pgp key: 0x74ED336B ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] What is tor used for?
i believe there is a real need for secure communications but as a new user to tor it seems the common entry points to the network are rife with criminal activity. the torproject website lists users as friends and family, military, business owners etc - use cases that make sense to me, but i've yet to find any stories or ancedontal evidence to suggest this is really the case. instead i find core.onion linking to adult content that has little to do with adults and market sites that deal with illegal trade in weapons and drugs. so far it has me wondering if tor is really used for the humanitarian purposes the technology has the potential of aiding. i would really appreciate hearing real stories and highlights of how has helped in the use cases torproject lists. Tor is used for a lot of different things. Sure, the kiddy pron, drug and chan waste and all the talk about those things is disgusting to see infiltrating everywhere. But with nothing to do about it you just have to ignore it. Yes, it would be cool to see stuff like EFF, EPIC, ACLU, Red Cross and whatever else makes you happy all be multihomed into the anonymous space. But really, if you can't get to them on the clearnet, or via Tor exits, you probably have worse problems on your hands, like finding work, food, shelter and not getting shot. Nor do they see it as being all that helpful to them. On the plus side, lots of people use Tor for totally benign and boring everyday stuff, I certainly do. Think about it... IRC with friends, dating, reading the paper, contributing to forums and various projects, blogging, doing your banking and school stuff, email, internet and systems work, looking for work, writing freely with random people, buying stuff. Whatever it might be that people do. It all feels just a bit better knowing your ISP. employer or government doesn't really have such an easy task anymore of cataloging or quoting you, tracking your home/work/travels, turning you into a statistic, optimizing your online experience, or any other such things you might not want to happen. These certainly aren't examples of 'working for the greater global good of humanity' or whatever, but it all adds up. Kindof how anti-spam systems reduce the profitability of spam. And in a way, gaining back some of the anonymity by default that everyone had before everyone and everything went digital, online, databased, monetized and controlled in the 90's. It's unlikely you'll find those who really need Tor for their activities standing up and saying here I am with their use cases in hand. They simply have better things to do and that would entail risk. You're more likely to find relay ops and coders evangelizing to the good. They are the interfaces to the use cases and know what's out there. Just seeing packets flow through the occaisional relay I prop up makes me happy knowing at least some of them weren't full of the aforementioned trash... even if they are just our boring daily stuffs. ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk