[tor-talk] tormail.net is a project of Russian security services?
Earlier there were discassions about tormail.net in this mail list. Today I find very intereting web-document when Russian users tell that thay suspect that that project is a provocation of Russian security services (http://www.pgpru.com/forum/politikapravorealjnyjjmir/proekttormailnetgrandioznajaprovokacijaspecsluzhbrossii?p=last#Comment51468 , in Russian) They found that when their own server send emails to tormail.net addresses there were the next records in their logs: > R=a_dnslookup T=remote_smtp H=incomin > > g.tormail.net [81.177.32.41] X=TLS1.0:RSA_AES_256_CBC_S > HA1:32 DN="C=RU,ST=Moscow,O=Tor Mail,CN=tormail.net" C= > > "250 OK id=1RyDfA-0003e1-5U" The next, they found: > dig incoming.tormail.net > > ;; ANSWER SECTION: > incoming.tormail.net. 1706IN A 81.177.32.41 > > whois 81.177.32.41 > % Information related to '81.177.32.0 - 81.177.33.255' > > inetnum:81.177.32.0 - 81.177.33.255 > netname:INSOLVERTC3 > descr: In-Solve/1Gb.ru hosting services provider > country:RU > admin-c:DM3950-RIPE > tech-c: DM3950-RIPE > status: ASSIGNED PA > mnt-by: AS8342-MNT > source: RIPE # Filtered > > person: Dmitry Mikhailov > address:123100, Russia, Moscow, > address:Presnenskaya 12, Fed. Tower, 45th floor > e-mail: n...@in-solve.ru > phone: +7 495 2211152 > nic-hdl:DM3950-RIPE > source: RIPE # Filtered > > % Information related to '81.176.0.0/15AS8342' > > route:81.176.0.0/15 > descr:RTCOMM-RU > origin: AS8342 > mnt-by: AS8342-MNT > source: RIPE # Filtered They tell that Moscow telophone numbers like +7495221 probably belong to the Federal security service of Russia. What do you think about the above? ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] tormail.net is a project of Russian security services?
On Sat, 24 Mar 2012 11:56:46 + James Brown wrote: > What do you think about the above? Here's what lists.torproject.org sees for tormail servers: Mail from lists to tormail flows via: relay=incoming.tormail.net[200.50.230.38]:25 mail from tormail to lists flows via: RCPT from server2.allsitecontrol.com[63.143.36.210] -- Andrew http://tpo.is/contact pgp 0x6B4D6475 ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] tormail.net is a project of Russian security services?
Am Sat, 24 Mar 2012 11:56:46 + schrieb James Brown : > They tell that Moscow telophone numbers like +7495221 probably > belong to the Federal security service of Russia. > > What do you think about the above? http://kvels77.ru/catalog156.html?Company_page=7 http://kakoi-operator.ru/495/2211134-2211154/ Every number can be a rouge number, so hard to say. I don't think it is enough to say "probably". My personal opinion... -- BlueStar88 0x36150C86 (PGP) signature.asc Description: PGP signature ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] About sources of TBB
On Mar 24, 2012, at 4:29 PM, James Brown wrote: > On 24.03.2012 15:01, James Brown wrote: >> On 24.03.2012 14:57, James Brown wrote: >>> I have got TBB-sources from here: >>> https://www.torproject.org/projects/torbrowser-details.html.en#build >>> >>> But when I try to verify that, I have so strange result: ~$ gpg --verify tor-browser-2.2.35-8-src.tar.gz.asc tor-browser-2.2.35-8-src.tar.gz gpg: не найдено данных формата OpenPGP. gpg: Не могу проверить подпись. Файл подписи (.sig или .asc) должен быть первым указан в командной строке. >>> >>> And the next question, that as I can see there are TBB for Linux >>> 2.2.35-9 in repos but 2.2.35-8 in sources, why? >> >> Sorry: >> >>> LANG=C; gpg --verify tor-browser-2.2.35-8-src.tar.gz.asc >>> tor-browser-2.2.35-8-src.tar.gz >>> gpg: no valid OpenPGP data found. >>> gpg: the signature could not be verified. >>> Please remember that the signature file (.sig or .asc) >>> should be the first file given on the command line. > > > Probably attached file is not a signature: > https://www.torproject.org/dist/torbrowser/tor-browser-2.2.35-8-src.tar.gz.asc Hrm, looks like you're quite right. I've cc'ed our build engineer here to check it out. ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
[tor-talk] About sources of TBB
I have got TBB-sources from here: https://www.torproject.org/projects/torbrowser-details.html.en#build But when I try to verify that, I have so strange result: > ~$ gpg --verify tor-browser-2.2.35-8-src.tar.gz.asc > tor-browser-2.2.35-8-src.tar.gz > gpg: не найдено данных формата OpenPGP. > gpg: Не могу проверить подпись. > Файл подписи (.sig или .asc) должен быть > первым указан в командной строке. And the next question, that as I can see there are TBB for Linux 2.2.35-9 in repos but 2.2.35-8 in sources, why? ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] About sources of TBB
On 24.03.2012 14:57, James Brown wrote: > I have got TBB-sources from here: > https://www.torproject.org/projects/torbrowser-details.html.en#build > > But when I try to verify that, I have so strange result: >> ~$ gpg --verify tor-browser-2.2.35-8-src.tar.gz.asc >> tor-browser-2.2.35-8-src.tar.gz >> gpg: не найдено данных формата OpenPGP. >> gpg: Не могу проверить подпись. >> Файл подписи (.sig или .asc) должен быть >> первым указан в командной строке. > > And the next question, that as I can see there are TBB for Linux > 2.2.35-9 in repos but 2.2.35-8 in sources, why? Sorry: > LANG=C; gpg --verify tor-browser-2.2.35-8-src.tar.gz.asc > tor-browser-2.2.35-8-src.tar.gz > gpg: no valid OpenPGP data found. > gpg: the signature could not be verified. > Please remember that the signature file (.sig or .asc) > should be the first file given on the command line. ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] About sources of TBB
On 24.03.2012 15:01, James Brown wrote: > On 24.03.2012 14:57, James Brown wrote: >> I have got TBB-sources from here: >> https://www.torproject.org/projects/torbrowser-details.html.en#build >> >> But when I try to verify that, I have so strange result: >>> ~$ gpg --verify tor-browser-2.2.35-8-src.tar.gz.asc >>> tor-browser-2.2.35-8-src.tar.gz >>> gpg: не найдено данных формата OpenPGP. >>> gpg: Не могу проверить подпись. >>> Файл подписи (.sig или .asc) должен быть >>> первым указан в командной строке. >> >> And the next question, that as I can see there are TBB for Linux >> 2.2.35-9 in repos but 2.2.35-8 in sources, why? > > Sorry: > >> LANG=C; gpg --verify tor-browser-2.2.35-8-src.tar.gz.asc >> tor-browser-2.2.35-8-src.tar.gz >> gpg: no valid OpenPGP data found. >> gpg: the signature could not be verified. >> Please remember that the signature file (.sig or .asc) >> should be the first file given on the command line. Probably attached file is not a signature: https://www.torproject.org/dist/torbrowser/tor-browser-2.2.35-8-src.tar.gz.asc ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] Verifying signatures
On 03/20/2012 01:46 AM, Achter Lieber wrote:
Hullo (',')
In light of some fairly recent postings about making it easier to
verify signatures on new Tor downloads,
On 3/21/2012 9:35 AM, Christian Siefkes wrote:
On 03/21/2012 12:46 PM, Jude Young wrote:
Sorry if this has been responded to, I've lost a few emails...
I don't believe the TBB has been high-jacked, but the TorButton Firefox
extension certainly has.
(Forgive my faulty memory
linky:http://www.securitynewsdaily.com/1201-anonymous-hackers-child-porn.html)
"Anonymous" apparently convinced firefox (or someone at FireFox? No one was
ever clear on this..) to upload a modified version.
Uh, TorButton is free software, didn't you know that? Everybody can create
and distribute a modified version, and that's what happened. It certainly
proves that you shouldn't download software from untrusted sources (neither
the Tor Project nor Mozilla was involved) and that you should verify the
signatures of the software to use. None of that is news, of course.
Which was the point of OP, Achter. Perhaps it could be made easier,
tutorials on the Tor site, etc., to verify signatures.
___
tor-talk mailing list
tor-talk@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] trouble changing Aurora menu button color - userChrome.css
On 3/22/2012 11:28 AM, Joe Btfsplk wrote:
Do others find that Aurora (no longer says Aurora) has almost the same
orange color as Firefox for main menu button, to be confusing, when
have TBB & Firefox both open (I believe the UI element name is
"appmenu-button.")?
I'm unable to correctly edit the userChrome.css file in TBB profile,
to change the color from orange to green (or what ever). I hope when
it changes the menu button color, it'll also change the icon color in
the Windows tray.
I've edited the userChrome & userContent.css files before, but this
doesn't work in TBB. I'm assuming that Aurora WILL use the
userChrome.css file, if proper commands w/ proper syntax are entered?
Here's the command I found on Lifehacker to change the app-menu button
color (using rgba instead of rgb). I edited the userChrome.css file
that's in the path "E:\Temp\Tor Browser\TBB 2.2.35-8\Tor
Browser\FirefoxPortable\Data\profile\chrome". This is same main path
(folder) where I launch TBB, using "Start Tor browser.exe."
/* This changes color of orange Firefox menu button. */
#appmenu-button {
background-color: rgba(0,128,0,.8) !important;
I also tried putting spaces between the decimal values: rgba(0, 128,
0, .8) which made no difference.
Can anyone see the problem - if there's one w/ syntax? Or is there
another issue I'm overlooking w/ Aurora / TBB?
For those interested in changing the color or text of the menu button
(on Win version, now same orange & same label "Firefox" as vanilla
Firefox), I found the error of my ways & how to change either / or color
or button text. Add this code to the userChrome.css file in Tor Browser
profile. The profile located in the path: Tor
Browser\FirefoxPortable\Data\profile\chrome\userChrome.css.
If you don't have the chrome folder or the userChrome.css, create them.
Later versions of Firefox don't seem to include example versions of
userChrome.css. You can get an older copy of the file, or paste these
line at the beginning of the file. Enter any / all desired code
*_AFTER_* the line: "@namespace url("http://www.mozilla";
/*
* Edit this file and copy it as userChrome.css into your
* profile-directory/chrome/
*/
/*
* This file can be used to customize the look of Mozilla's user interface
* You should consider using !important on rules which you want to
* override default settings.
*/
/*
* Do not remove the @namespace line -- it's required for correct
functioning
*/
@namespace
url("http://www.mozilla.org/keymaster/gatekeeper/there.is.only.xul";);
/* set default namespace to XUL */
Then enter the code below. Choose either / or to change button color or
text (like to TBB, Torbrow, Aurora, etc.). Choose your own color or
text content, where "Torbrow " is shown.
/* This changes color of orange Firefox menu button. */
*
#appmenu-button {
background: #008000 !important;
}
*
/* This changes the appmenu-button text from "Firefox" to "Torbrow"*/
*
#appmenu-button dropmarker:before {
content: "TorBrow " !important;
}
#appmenu-button .button-text {
display: none !important;
}
___
tor-talk mailing list
tor-talk@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
[tor-talk] TOR bridge mailing list
Since I was not able to find a place to share tor bridges, I created a place... or rather a mailing list: https://lists.riseup.net/www/info/torbridges If you or people you know are interested in obtaining bridges or disseminating them, this would be a good list to be on. The idea is that people would set up bridges, and send the ip, port and print to this list, and every week I would send out a limited list of what has been collected. Borderguard ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] TOR bridge mailing list
On 2012-03-25, bordergu...@riseup.net wrote: > Since I was not able to find a place to share tor bridges, I created a > place... or rather a mailing list: > https://lists.riseup.net/www/info/torbridges By default, each Tor bridge publishes a descriptor to the ‘bridge authority’. Every hour, the bridge authority sends the descriptors of currently running bridges to bridges.torproject.org, which distributes them to users who request bridges over HTTPS and by e-mail. > If you or people you know are interested in obtaining bridges or > disseminating them, this would be a good list to be on. The idea is that > people would set up bridges, and send the ip, port and print to this list, > and every week I would send out a limited list of what has been collected. Distributing bridge addresses once a week is not useful. Most bridges move to a different IP address every 24 hours. Robert Ransom ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] AllowDotExit
Eric writes: > using https://xxx.com.foo.ext > is there a way i can keep the pages within .exit? > after the first page the succeeding pages opens in normal url outside the > .exit The trouble is that the site generates links that contain an explicit domain name and the browser simply follows those links. You could abuse HTTPS Everywhere to do what you want, because it's capable of doing arbitrary URL rewriting. HTTPS Everywhere is also preinstalled in the Tor Browser Bundle. If you make an HTTPS Everywhere rule to do your rewrite and then put it inside your tor-browser/Data/profile/HTTPSEverywhereUserRules directory, it should only affect the Tor Browser. The content of the rule would look something like https://example.com.foo.exit/"; /> This rewrites any URLs under http://example.com/, http://www.example.com/, https://example.com/, or https://www.example.com/ to instead point through https://example.com.foo.exit/. The browser will still show the unmodified links if you mouse over them, but it should use the modified links if you actually follow a link. I don't know whether the Tor Browser also edits the Host and the Referer headers in this case in a way that removes the .exit from the hostname to avoid confusing the site. -- Seth Schoen Senior Staff Technologist https://www.eff.org/ Electronic Frontier Foundation https://www.eff.org/join 454 Shotwell Street, San Francisco, CA 94110 +1 415 436 9333 x107 ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
[tor-talk] AllowDotExit
using https://xxx.com.foo.ext is there a way i can keep the pages within .exit? after the first page the succeeding pages opens in normal url outside the .exit ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
