Re: [tor-talk] Unsigned Mac OS X binary for TorBrowser
On 11/10/12 2:40 AM, and...@torproject.is wrote: > On Fri, Nov 09, 2012 at 06:05:58PM -0500, mfi...@mfisch.com wrote 1.0K bytes > in 18 lines about: > : TorProject should be registered as an Apple software developer, and the > binary should be signed, both to increase credibility of the torproject and > the safety of users. > > No. The last time we reviewed the Apple Developer Agreement it is hostile > to Tor as an organization. We at Tor cannot sign Apple's ToS/Agreements > to use their systems. You are forced to give up all legal rights to > Apple and they have final say. I just tried to view the agreement again, > and I cannot do so without a valid ADP account. > > In discussions with Apple, it comes down the facts that we cannot edit > their agreement, and take it or leave it as it is. It's clear developer > do not read these agreements, or do not understand them, or don't care > because they are distracted by the potential money they can make in > the Apple App Store. > > For legal protection, we may have to create a subsidiary to sign these > agreements. Just have someone else, with no effective legal authority on Tor Project, to sign the ADP agreement and "rent you for free" the account. If you want you can register as "me" representing Tor Project (i've no relationship with Tor Project Inc), with my personal credit card, in clear violation of ADP (i don't care that much). Whatever apple would try to do against Tor Project, Apple will have to sue me or ask me their rights! :P Maybe it's the italian way of doing things :P Imho you cannot really fight apple ADP agreement on paper, they will probably always win and this is the direction taken by most major vendors "application stores" and "development program". So a third party organization, handling Apple Account to you, so you do not have to sign any legal agreement with apple maybe a quick work-around. In any case, i'd suggest to start evaluating technically how to do it, because for how TBB is done (many independent software started up and intercommunicating with TCP as IPC) it maybe very complicated (or even very simple). Fabio ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] Unsigned Mac OS X binary for TorBrowser
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 On 10/11/12 6:49 PM, Fabio Pietrosanti (naif) wrote > > Whatever apple would try to do against Tor Project, Apple will have to > sue me or ask me their rights! :P Or they could just revoke your developer certificate, and cause a lot of grief for the users of tor that has been signed with your certificate, as it will no longer run. This also probably wouldn't give tor a terribly good reputation either for reliability.. P. -BEGIN PGP SIGNATURE- Version: GnuPG/MacGPG2 v2.0.18 (Darwin) Comment: GPGTools - http://gpgtools.org Comment: Using GnuPG with Mozilla - http://www.enigmail.net/ iF4EAREIAAYFAlCePzAACgkQO53zpHJ/C/BJHwEAvLCqasUMBYJPfFChrlWAaLeA cnqY6lLgVBmXE/Ou6+QA/jJtA0lYK+YCHWjb09r0YtebzZMY5aGoM9LpPcr+1+pQ =7OSa -END PGP SIGNATURE- ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] check.torproject.org
Peter Tonoli: > > I'm more than happy to help as well, however, how does that fix the > issue of torcheck not starting on reboot? > Some ideas... File a ticket with the issue. Offer help. Solving other tickets removes load from the Tor developers. Go to irc.oftc.net #tor-dev and offer help. Research possibilities in torcheck with distributed trust and mirrors. Help making torcheck redundant. It's only a hack so or so. Find out for what it is used right now. Everything can be probable replaced with other checks. Tor should figure out itself if connected to Tor: https://trac.torproject.org/projects/tor/ticket/6546 Tor Browser update mechanism has also much space for improvement: - https://trac.torproject.org/projects/tor/ticket/5236 - https://trac.torproject.org/projects/tor/ticket/3994 - Thandy! Yes, that's it. Lots of possibilities to help. Too difficult? Still interested? > On 10/11/12 7:37 AM, adrelanos wrote: >> Become a torcheck developer. Help with these tickets: > > > https://trac.torproject.org/projects/tor/query?status=accepted&status=assigned&status=new&status=reopened&component=Tor+Check&order=priority&col=id&col=summary&col=type&col=status&col=priority&col=milestone&col=component > >> Simon Brereton: >>> Can I help? What would you need? >>> On Nov 9, 2012 1:55 PM, "Roger Dingledine" wrote: >>> On Fri, Nov 09, 2012 at 01:08:15PM -0500, TorOp wrote: > Same here, but it just now responded. Yes. Apparently it doesn't start on reboot. Also, it's old and buggy. We're looking into ways to improve it, but all the Tor developers are distracted by other things, so it keeps falling out of the priority > list. > > > ___ > tor-talk mailing list > tor-talk@lists.torproject.org > https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk > ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] Unsigned Mac OS X binary for TorBrowser
On Fri, 9 Nov 2012 18:05:58 -0500 Matthew Fisch wrote: > The installer can be verified with PGP using the published signature and GPG > or PGP software. > This however, is beyond the technical prowess of the vast majority of Mac OS > X users of the torbrowser bundle. Well maybe those users need to get their priorities straight? Do they want anonymity and freedom on the internet, or do they want to use a proprietary and restricting OS the parent company of which is as unfriendly to third-party software developers as it can possibly be. -- With respect, Roman signature.asc Description: PGP signature ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] Unsigned Mac OS X binary for TorBrowser
Fabio Pietrosanti (naif): > On 11/10/12 2:40 AM, and...@torproject.is wrote: >> On Fri, Nov 09, 2012 at 06:05:58PM -0500, mfi...@mfisch.com wrote 1.0K bytes >> in 18 lines about: >> : TorProject should be registered as an Apple software developer, and the >> binary should be signed, both to increase credibility of the torproject and >> the safety of users. >> >> No. The last time we reviewed the Apple Developer Agreement it is hostile >> to Tor as an organization. We at Tor cannot sign Apple's ToS/Agreements >> to use their systems. You are forced to give up all legal rights to >> Apple and they have final say. I just tried to view the agreement again, >> and I cannot do so without a valid ADP account. >> >> In discussions with Apple, it comes down the facts that we cannot edit >> their agreement, and take it or leave it as it is. It's clear developer >> do not read these agreements, or do not understand them, or don't care >> because they are distracted by the potential money they can make in >> the Apple App Store. >> >> For legal protection, we may have to create a subsidiary to sign these >> agreements. > Just have someone else, with no effective legal authority on Tor > Project, to sign the ADP agreement and "rent you for free" the account. > > If you want you can register as "me" representing Tor Project (i've no > relationship with Tor Project Inc), with my personal credit card, in > clear violation of ADP (i don't care that much). Not sure if that is legal, what the consequences (probable not too much, no jail) of that are and if torproject wants to go any non-legal ways. > Whatever apple would try to do against Tor Project, Apple will have to > sue me or ask me their rights! :P Not sure if that would put torproject into a good light either. ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] Unsigned Mac OS X binary for TorBrowser
Roman Mamedov: > On Fri, 9 Nov 2012 18:05:58 -0500 > Matthew Fisch wrote: > >> The installer can be verified with PGP using the published signature and GPG >> or PGP software. >> This however, is beyond the technical prowess of the vast majority of Mac OS >> X users of the torbrowser bundle. > > Well maybe those users need to get their priorities straight? Dream on. With that kind of attitude, which I can understand, the Tor network will be too small to provide any kind of anonymity. > Do they want > anonymity and freedom on the internet, or do they want to use a proprietary > and restricting OS the parent company of which is as unfriendly to third-party > software developers as it can possibly be. I don't think they are able, have the time or are willing to understand such kind of issues. As long things just work those people are happy. They need to miserably suffer from being careless before they even think. Try to communicate that with the affected users. You'll probable fail in 99% of cases getting through. ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] Unsigned Mac OS X binary for TorBrowser
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 On 10/11/12 11:02 PM, Roman Mamedov wrote: > On Fri, 9 Nov 2012 18:05:58 -0500 > Matthew Fisch wrote: > >> The installer can be verified with PGP using the published signature and GPG or PGP software. >> This however, is beyond the technical prowess of the vast majority of Mac OS X users of the torbrowser bundle. > > Well maybe those users need to get their priorities straight? Do they want > anonymity and freedom on the internet, or do they want to use a proprietary > and restricting OS the parent company of which is as unfriendly to third-party > software developers as it can possibly be. Are they mutually exclusive? With that attitude, you may as well propose that those who use Tor under repressive regimes should 'get their priorities straight' and just up and move to a different country - oh, and that the Windows port should be dropped as well. -BEGIN PGP SIGNATURE- Version: GnuPG/MacGPG2 v2.0.18 (Darwin) Comment: GPGTools - http://gpgtools.org Comment: Using GnuPG with Mozilla - http://www.enigmail.net/ iF4EAREIAAYFAlCeSeEACgkQO53zpHJ/C/BcWwEAs8S4WvJn52VMYTY3ACGAOU2G /xEwPmQSA52xEUogPp4BAJEK7lDH9WLgo5wG6aBwOomGpxFzzGHZnuffQ11oDo1A =9612 -END PGP SIGNATURE- ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] Unsigned Mac OS X binary for TorBrowser
Peter Tonoli: > > On 10/11/12 11:02 PM, Roman Mamedov wrote: >> On Fri, 9 Nov 2012 18:05:58 -0500 >> Matthew Fisch wrote: > >>> The installer can be verified with PGP using the published signature > and GPG or PGP software. >>> This however, is beyond the technical prowess of the vast majority of > Mac OS X users of the torbrowser bundle. > >> Well maybe those users need to get their priorities straight? Do they want >> anonymity and freedom on the internet, or do they want to use a > proprietary >> and restricting OS the parent company of which is as unfriendly to > third-party >> software developers as it can possibly be. > > Are they mutually exclusive? > > With that attitude, you may as well propose that those who use Tor under > repressive regimes should 'get their priorities straight' and just up > and move to a different country - oh, and that the Windows port should > be dropped as well. Yes, I agree. And in a mature and intelligent society there is no war, poverty, etc. and therefore no need for Tor altogether. ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] Unsigned Mac OS X binary for TorBrowser
On 11/10/12 12:49 PM, Peter Tonoli wrote: > > On 10/11/12 6:49 PM, Fabio Pietrosanti (naif) wrote > > > Whatever apple would try to do against Tor Project, Apple will have to > > sue me or ask me their rights! :P > Or they could just revoke your developer certificate, and cause a lot of > grief for the users of tor that has been signed with your certificate, > as it will no longer run. This also probably wouldn't give tor a > terribly good reputation either for reliability.. If Apple decide to revoke your developer certificate, you don't have anything that you can do, regardless who is the "Formal owner" of the developer certificate. In any case, if you don't bother to use "Apple signature" as identification system, you may just ask several trust-able organizations (EFF, NoiseBridge, CCC, TorServers, etc) to apply for a Developer Certificate and then provide it for free to Tor Project Inc. That way Tor Project Inc would not have any kind of legal liability or contractual relationship with Apple Corp, and you fixed the problem. Fabio ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] Unsigned Mac OS X binary for TorBrowser
On 11/10/12 1:19 PM, adrelanos wrote: > If you want you can register as "me" representing Tor Project (i've no > relationship with Tor Project Inc), with my personal credit card, in > clear violation of ADP (i don't care that much). > Not sure if that is legal, what the consequences (probable not too much, > no jail) of that are and if torproject wants to go any non-legal ways. It is legal that you publish an application on behalf of someone else in your account and you, as ADP account owner, are the ultimate liability responsible person for that. As said previously, you may just ask several trust-able organizations (EFF, NoiseBridge, CCC, TorServers, etc) to apply for a Developer Certificate and then provide it for free to Tor Project Inc, assuming themselves the "liabilities" for the ADP program. In any case, i continue to think that Tor should: a) became a software platform (that 3rd party can integrate and use) b) became widely available trough commonly used application distribution platforms (app stores) Fabio ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] Orbot blocks internet connection when off wifi (issues when on mobile data network only)
Hi Nathan, I am using Transparent proxying for all apps. The only firewall type app i can think of is Lookout (but I believe my issue of not connecting while off wifi was occurring before I installed). Other than that I don't have any other app installed that would act as a firewall. Btw, I have cleared the cashe and data. This did not clear up issue however. Pete On Thu, Nov 8, 2012 at 11:50 PM, Nathan Freitas wrote: > On 11/09/2012 07:38 AM, Pete K wrote: > > Is this the most up to date version? Are there any additional settings I > > should consider? > > Yes rc6 is the most up to date. One thing I would do is go into the > Application manager and clear the cache and data. This will ensure the > latest Tor binary is installed as well. > > A few more questions, apologies if you already stated this: > > 1) Are you using Transparent Proxying for all apps or one by one? > > 2) Are you using any other firewall, vpn or iptables-related apps? > > 3) Any other custom device fw/kernels I should know about? > > +n > ___ > tor-talk mailing list > tor-talk@lists.torproject.org > https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk > ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] Unsigned Mac OS X binary for TorBrowser
I think the idea of getting an organization such as the EFF (with credibility Apple couldn't afford to deny) to sign off on the binaries sounds like the only plausible solution -- though I understand the politics of this aren't exactly trivial. I didn't realize legal kung-fu was necessary when you don't plan to submit to the app store. This type of thing is something that should be investigated long-term however especially considering the Mountain Lion default of denying unsigned binaries, and the Tor Project's mission of increasing use of Tor by mainstream users to increase credibility of the project. All that said, there is a simple short-term fix: A warning and subtle protest of Apple's closed gatekeeper methodology should be included in the OS X download webpage. This is actually a great technology to protect users computers from privacy invasions by rogue software, it's just in Apple's blood to exert a bit more control than desktop users find comfortable. Also, uploaded some screenshots to google drive to highlight the simple but unintuitive workaround, once the application is added to the gatekeeper exception list no further warnings will be produced: https://docs.google.com/folder/d/0B1pT3gU1bGZiYWVaQTFVR05QUmc/edit ^^ three images labelled step 1, 2 and 3. Also, I think it's important not to totally discredit the gatekeeper technology. If users turn this off they significantly increase risk exposure to their machines despite any idealogical concerns. -Matt Matthew Fisch mfi...@mfisch.com ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] misconfigured mailing list (mailman software) for torproject discloses passwords in plaintext (stores too?)
As long as the password isn't used elsewhere, it's not a huge deal - security savvy users probably just use a throwaway password. The main threat here is if you are reusing passwords. Preset passwords might be a good idea, but I think in the grand scheme of things, it's a minor issue. Is this behavior that is easily changed in Mailman? -- Greg Norcie (g...@norcie.com) GPG key: 0x1B873635 On 11/9/12 8:25 PM, and...@torproject.is wrote: > On Fri, Nov 09, 2012 at 06:09:36PM -0500, mfi...@mfisch.com wrote 0.7K bytes > in 16 lines about: > : Upon signing up for the mailing list on the list server, my password was > emailed to me in plaintext. In the year 2012 this is extremely bad security > practice. At the very least the sign-up page should warn users to make the > password unique. > > Right. This is the default mailman process. Getting mailman to improve > their defaults hasn't worked so far. > > : The password may also be stored in reverseable format. > : > : I used a unique random password for this mailing list, I'm going to guess > however a significant portion of the mailing list either uses this password > in other locations, a significant subset of them probably can't trust their > mailbox to be secure. > > A significant number of people join via email, not the web interface, > and therefore mailman picks a password for them. > > What's more secure mailing list software that is in debian repos and works > for non-technical users? > ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] Unsigned Mac OS X binary for TorBrowser
Maybe crosspost to Libtech? A lot of EFF people read there, and there's a lot of people with a legal/policy background who could give some good insights. -- Greg Norcie (g...@norcie.com) GPG key: 0x1B873635 On 11/10/12 11:30 AM, Matthew Fisch wrote: > I think the idea of getting an organization such as the EFF (with credibility > Apple couldn't afford to deny) to sign off on the binaries sounds like the > only plausible solution -- though I understand the politics of this aren't > exactly trivial. I didn't realize legal kung-fu was necessary when you don't > plan to submit to the app store. This type of thing is something that should > be investigated long-term however especially considering the Mountain Lion > default of denying unsigned binaries, and the Tor Project's mission of > increasing use of Tor by mainstream users to increase credibility of the > project. > > All that said, there is a simple short-term fix: > > A warning and subtle protest of Apple's closed gatekeeper methodology should > be included in the OS X download webpage. This is actually a great technology > to protect users computers from privacy invasions by rogue software, it's > just in Apple's blood to exert a bit more control than desktop users find > comfortable. Also, uploaded some screenshots to google drive to highlight the > simple but unintuitive workaround, once the application is added to the > gatekeeper exception list no further warnings will be produced: > > https://docs.google.com/folder/d/0B1pT3gU1bGZiYWVaQTFVR05QUmc/edit > ^^ > three images labelled step 1, 2 and 3. > > Also, I think it's important not to totally discredit the gatekeeper > technology. If users turn this off they significantly increase risk exposure > to their machines despite any idealogical concerns. > > -Matt > > > Matthew Fisch > mfi...@mfisch.com > > ___ > tor-talk mailing list > tor-talk@lists.torproject.org > https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk > ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
[tor-talk] Slides about the Tor Project and the Flash Proxy
Hi, At the request of David, I'm sending the link to some slides about the Tor Project and the Flash Proxy: http://www.slideshare.net/uyjco0/tor-project-overview Kind regards, Jorge Couchet ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] Slides about the Tor Project and the Flash Proxy
On Sat, Nov 10, 2012 at 11:23:20PM +0100, Jorge Couchet wrote: > At the request of David, I'm sending the link to some slides about the Tor > Project and the Flash Proxy: > > http://www.slideshare.net/uyjco0/tor-project-overview This is quite an impressive summary of the technology involved. The blocking of port 25, preventing flashproxy-reg-email from working, is a real issue. I've started making usability notes here: https://trac.torproject.org/projects/tor/wiki/FlashProxyUsability You marked some question in red circles, so I will answer them. > Page 5, "If I'm only interested in anonymity: is it safer to use Flash > proxies anyway?" Flash proxies are not going to give you better anonymity. You are basically in the same situation as someone having to use a bridge, in that your first hop is always the same, except that there is additionally a flash proxy in front of that first hop. Here is a ticket about the use of dumb proxies (like flash proxies) instead of Tor relays as bridges: https://trac.torproject.org/projects/tor/ticket/2764 > Page 6, "The Server Transport Plugin is just a Websocket Transport > Plugin (i.e. there isn't the need to implement a special Flash Proxy > Plugin as in the Client computer)? Where is it implemented?" That is correct. We are using a third-party WebSocket proxy called websockify: https://github.com/kanaka/websockify. But there is a ticket to make our own implementation, so it can work as a managed proxy and provide better metrics. https://trac.torproject.org/projects/tor/ticket/5575 > Page 7, "Why isn't possible for the FP ask to the client for the Entry > node? Is for speed up the connection stablishment? Is the FP only > choosing for Entry nodes from the Tor Bridges?" Allowing the client to choose the entry relay would require some meta-protocol like SOCKS to happen inside the flash proxy, which would also mean that the client has to somehow embed an address in its communication with the flash proxy, which increases fingerprintability. Additionally, we don't want to allow a malicious client to connect someone's browser to an arbitrary address. The flash proxy JavaScript takes its orders of what relay to use from the facilitator. The facilitator only hands out Tor relays supporting the websocket transport. > Page 10, "How is working it related with the 'Client proxy' > configuration and with the Tor Server (i.e. in which address and port > the 'Server Proxy' is listening the outside connection and how is it > sending the information to the Tor Server)? How knows the 'Client > Proxy' where to connect to the 'Server Proxy'?" The client doesn't know the address and port of the server transport plugin. The flash proxy learns that information from the facilitator, and the client gets connected to wherever the flash proxy connects. Remember that the client transport plugin doesn't actually "connect" to anything; it only receives connections from outside (from flash proxies), and doesn't control where those connections come from. You give an address in the Bridge line only because the protocol requires it. It is a fake address (0.0.1.0:1) and is not used. David Fifield ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] Denied with disposable/free mail services?
> http://information.rapid7.com/Nexpose-Enterprise-Full-Trial.html?LS=121655 Too funny. Must be a luxury to be able to turn away potential business like that. Maybe they've never seen a business card before, seems printing @freemails on them is quite popular. > Also speaking of tormail I'm fairly sure that in the past facebook > prevented using a tormail email address in the past but I think > now it is permitted. I've not tested facebook yet. It would be nice if they did permit everyone though. As to why any potential change in their position... ... and even just about tormail itself... they will tonight have registered over 134,250 accounts at an estimated rate of 3750 new this week. ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] Denied with disposable/free mail services?
> I wonder why the sites that aren't banning > them? Unless somehow their servers, software, etc., don't even let most > spam hit their server. They may use some other suggested approaches instead... - Simply deleting the offending account - Implementing statistical sinks (dspam, crm114, markov, etc) with bounce notification if the destination is unseen (like with email... mail you send is assumed to make it to @recipient's personal filter or be bounced, not be silently sunk by your provider before it makes the internet hop to @recipient, or by @recipient's provider without filing it in a spam folder for @recipient.) - Community moderation - Delayed registration - Captcha > Once it hits the server, even if filtered out, it's already increased data > load Email, sure the background data load is high in relation to human count. Forum spam is more annoying since the above filters are rare, but absent a crapflood, the data traffic underlying it is relatively negligible. Again, it's probably more interesting to analyze the actions or notice sites take in relation to smaller full yet free email services than the more known ones like gmail/yahoo/hotmail or mailinator or tormail type cases. ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] misconfigured mailing list (mailman software) for torproject discloses passwords in plaintext (stores too?)
Excerpts from Roger Dingledine's message of Fri Nov 09 18:41:06 -0500 2012: > On Fri, Nov 09, 2012 at 06:09:36PM -0500, Matthew Fisch wrote: > > I used a unique random password for this mailing list, I'm going to > >guess however a significant portion of the mailing list either uses this > >password in other locations, a significant subset of them probably can't > >trust their mailbox to be secure. > > I won't use the phrase "industry standard mailing list software" because > I hate it when other people use that phrase. But really, this is how > every free-software mailing list system works these days. > > I'd be surprised if more than a trivial number of users on the Tor > lists picked a password at all. Typically people just let it choose > a random password for them, and it's nice to have that reminder sent > monthly because nobody ever knows their list password (for good reason -- > there's barely a need to have a password for a mailing list subscription > in the first place). > > Maybe we should find a way to wrestle it into not letting you pick a > password for yourself? What I've done for this is to simply remove the password fields from the form. Then it autoassigns you a password. You can see that here: http://lists.acm.jhu.edu/mailman/listinfo/acm (Viewing the source, I see what I did instead was to put it in an HTML comment.) I brought that trick with me to other domains, e.g. http://lists.openhatch.org/mailman/listinfo/devel Contrast with e.g. https://mail.gnome.org/mailman/listinfo/asia-summit-list where the password form is visible. It's fairly simple edit to the default mailman template, as I recall, and these changes I made have successfully stuck around across upgrades and more. Users will still need to use the list password to do things like change one's email address on the list and a few other obscure things. My hack is just a UI fix that papers over the deep insanity of Mailman passwords, and I rank it quite high for cost-effectiveness. So please consider it! I hope it fits y'all's needs. -- Asheesh. ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
