Re: [tor-talk] Bridge Communities?
Alex M (Coyo) c...@darkdna.net wrote: I must have somehow missed it. I would really appreciate a link. I cannot seem to find it on my own. Thank you in advance. Here are the common ways: roll a bunch of bridges using Amazon's cloud [1], have friends/allies/interesting frenemies run bridges using Vidalia [2], or just use a garden-variety VPN/proxy before entering the Tor network. ~Griffin [1] https://cloud.torproject.org/ [2] https://www.torproject.org/download/download.html.en -- Please note that I do not have PGP access at this time. OTR: sa...@jabber.ccc.de / fonta...@jabber.ccc.de ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] Bridge Communities?
Thus spake Seth David Schoen (sch...@eff.org): Alex M (Coyo) writes: It concerns me that you [Mike Perry] refer to we as though you contribute anything to the tor project. https://gitweb.torproject.org/ https://www.torproject.org/torbutton/en/design/index.html.en https://www.torproject.org/projects/torbrowser/design/ https://gitweb.torproject.org/https-everywhere.git/blob/HEAD:/src/chrome/content/about.xul No no dude don't do that! Now they know why they should kill me! Aww fuck it. Well, if anyone asks why I died, the official answer is now that it was totally the fault of doubleclick.net (or their current majority shareholder ;). P.S. Thanks, Seth. ;) -- Mike Perry signature.asc Description: Digital signature ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] Bridge Communities?
On 04/13/2013 01:29 AM, Mike Perry wrote: Thus spake Alex M (Coyo) (c...@darkdna.net): On 04/13/2013 12:13 AM, Mike Perry wrote: If you have a specific list of design flaws that aren't couched in long rants, we can perhaps help instruct you on how you might solve them in your redesign with Mr Disney, or at least point you toward some tickets you two should read and follow during that process. Otherwise, thanks for your concern/veiled threats/trolling. Though, with that attitude of yours, I'm afraid I'm uninterested in any assistance you may deign to bestow upon Gregory Disney and I. I'm confident we can do just fine without your arrogance. Ooh. A flame war. I love these. *Boop* I just took your nose over TCP/IP. You wish. It concerns me that you refer to we as though you contribute anything to the tor project. It's called solidarity. I won't stand idly by while you suggest that Tor developers and relay volunteers could be murdered or threatened to sabotage our project. As if such tactics would even work without someone instantly running to EFF/ACLU or proposing a design change... I wonder why you insist on claiming that I intend to murder coders and activists? It's not like you're going to spark an investigation. Dream on. Perhaps I'm just annoyed you didn't include my name among the death threats in your first rant. Now you know better, I hope. Protip: It's because you don't matter. At all. I'm sure the tor coders are going to be more than happy to support the foss ideals in this case in regards to codebase forking rights. Dude, the source code is BSD/MIT licensed. Sell binaries with your own secret sauce to others if you wish. We don't care. Just don't tell people you're giving them Tor. P.S. Cite your specific design concerns or this is my last reply to you on this list. (I totally promise.. Flame wars are bd... Mmmkay?) FYI: This is my I totally care about what you have to say face. :P ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] Bridge Communities?
On 04/13/2013 01:54 AM, Griffin Boyce wrote: Alex M (Coyo)c...@darkdna.net wrote: I must have somehow missed it. I would really appreciate a link. I cannot seem to find it on my own. Thank you in advance. Here are the common ways: roll a bunch of bridges using Amazon's cloud [1], have friends/allies/interesting frenemies run bridges using Vidalia [2], or just use a garden-variety VPN/proxy before entering the Tor network. ~Griffin [1]https://cloud.torproject.org/ [2]https://www.torproject.org/download/download.html.en That is extremely unhelpful. Merely running bridges on a huge ridiculously insecure public cloud does not equal running bridge authorities independent of the bridge authority run by the tor project. I have still not gotten a straight answer about whether or not the bridge community featureset has been released in the stable tor client. ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] Bridge Communities?
On 13.04.2013 04:30, Alex M (Coyo) wrote: Is Tor ever going to include support for isolated, independent bridge relay communities that can host their own bridge directory authorities I'm working on setting up (yet) another non-profit organization with limited liability in Germany (gGmbH). Over time, the goal is for it to become a European Tor. One of its projects will be torservers.net, and torservers.net is an independent network of organizations that run Tor exits and Tor bridges in larger scale. For that entity, it would be easy to run a bridge authority, and I will look into how to do this properly as soon as (a) the paperwork is done and (b) time permits and (c) funding is on the horizon. If anyone wants to help, just do it! :) We're happy about every hand we can get. -- Moritz Bartl https://www.torservers.net/ ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] Bridge Communities?
Alex M (Coyo): I have still not gotten a straight answer about whether or not the bridge community featureset has been released in the stable tor client. It's all in there. https://www.torproject.org/docs/tor-manual.html.en AlternateBridgeAuthority [nickname] [flags] address:port fingerprint ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] Bridge Communities?
Alex M (Coyo): On 04/13/2013 12:13 AM, Mike Perry wrote: Otherwise, thanks for your concern/veiled threats/trolling. Because obviously criticism and actual concern for the well-being of a foss project is always trolling and threats. I hope you aren't a contributor. See https://www.torproject.org/about/corepeople.html.en ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] Bridge Communities?
Alex M (Coyo) c...@darkdna.net wrote: On 04/13/2013 01:54 AM, Griffin Boyce wrote: Here are the common ways: roll a bunch of bridges using Amazon's cloud [1], have friends/allies/interesting frenemies run bridges using Vidalia [2], or just use a garden-variety VPN/proxy before entering the Tor network. ~Griffin [1]https://cloud.torproject.**org/ https://cloud.torproject.org/ [2]https://www.torproject.org/**download/download.html.enhttps://www.torproject.org/download/download.html.en That is extremely unhelpful. Merely running bridges on a huge ridiculously insecure public cloud does not equal running bridge authorities independent of the bridge authority run by the tor project. I have still not gotten a straight answer about whether or not the bridge community featureset has been released in the stable tor client. The answer to your second question is no, because private bridges are used in a setting where heavy censorship exists (eg, China), very few people want to expose their private bridge networks to outsiders like yourself. People frequently roll a set of bridges *for their own use*. Of course, if you truly have a problem with the Tor network, you're not obligated to use it. =P Other options still exist for a reason. ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] Bridge Communities?
Alex M (Coyo): On 04/12/2013 10:37 PM, adrelanos wrote: Hi Alex, these are interesting thoughts. I wrote something related a while ago. Tor: lobbies vs lobbies - Who will prevail?: https://lists.torproject.org/pipermail/tor-talk/2012-August/025109.html Alex M (Coyo): Is Tor ever going to include support for isolated, independent bridge relay communities that can host their own bridge directory authorities without relying on the centralized tor directory hosted by Peter Palfrader, Jacob Appelbaum and associates? Good idea in general. (Although I don't share your reasons for it.) What reasons would you have, then? Competition and more people involved always pushes projects forward faster. From lurking here on the mailing lists and other places, Jacob and other core Tor staff and advocates generally seem to have a worryingly optimistic attitude toward the possibility of coordinated Tor censorship, crackdowns, network manipulation and attack, coordinated government raids upon Tor directory servers, I am interested, where did they say so? I am too tired and physically ill with an upper-respiratory infection to dig through mailing list archives at the moment. If it is important that I shoulder the burden of proof, remind me later when I'm not coughing up blood. Keep your time. or even assassinations against Jacob Appelbaum and other core staff and volunteers involved in the Tor project. Why assassinations? I've heard the some mafia style groups have a better method than violence. They catch a child after school, make up some Your parents told me to catch you today, I am your Uncle Sam. story, aren't violent or threatening at all and go into some Disney land copy, bring back the child afterwards. Not sure if that happens in reality, but I am sure that works better than violence. May I ask for a clarification here? Yes. I do not understand how taking a child to a theme park relates in any way to Jacob Appelbaum being tagged and bagged. I don't know if Jacob has children and it's none of my business. Instead of mentally breaking a mastermind like Jacob, they rather threaten it's loved ones to make him stop working what he is working on it or to make him even working for them. Other than that, it seems obvious to me that killing people isn't effective as turning them around. Why wouldn't they rather use violence to force them to put a backdoor into next Tor version? That isn't quite as trivial as you make it sound, and really, it's unnecessary. Why it's not simple? It's well inside their budget. It is a general consensus that the united states federal government has full access to the directory authorities and majority of guard nodes and exit nodes within the united states. It is a general consensus that the Tor network provides only illusory anonymity to any user hostile to united states military supremacy. The Tor network is a historical toy created by the united states military, and is just as possessed and controlled by the united states military as it has been from day one. Let's assume that's true - no danger for Tor core people from the US. What about other countries? Tor gives network access to many people in countries who censor Tor. Couldn't they get totally mad if their technical fight fails and switch over to a secret service violent operating? As far I know no Tor developer has been harassed for Tor yet. (Please tell me if I am wrong.) Jacob has been harassed like in a totalitarian state because of his connections to wikileaks. I also wonder how Jacob could stay so calm after all what happened to him, not being already a broken man. I admire the Tor developers for doing their work in such a dangerous country (US), knowing about waterbording and that stuff. Is it really so difficult to conceive of situations that involve violent raids against the datacenters hosting Tor directory servers and their mirrors, attacks, possibly physically violent, involving full military force against Jacob Appelbaum and other critical developers, staff, volunteers and advocates? If that happens, that would be the worst case. I think without Tor servers in the US and without the Tor developers, there is more Tor network, since most Tor servers are in the US. Most other Tor servers are in countries which the US can pressure as well. When the US decides to take down Tor, it's pretty much over anyway. My point exactly. You really think the governments of the industralized first world countries won't stoop that low? Maybe they don't have to. When I understood Jacob in his speeches right, he doesn't believe that Tor does defeat the NSA. Why should they break Tor if it's an open book already to them already anyway? Tor is not designed (in its current form) to even attempt to contest NSA control and manipulation. One day, they will accuse Jacob and the other core developers of being domestic terrorists or whatever as
Re: [tor-talk] Bridge Communities?
I think you're right. On 04/13/2013 04:32 AM, Gregory Disney wrote: OnionCat? Anything more extreme than that is going to have be built from the ground up. On Sat, Apr 13, 2013 at 5:20 AM, Alex M (Coyo) c...@darkdna.net wrote: On 04/13/2013 01:54 AM, Griffin Boyce wrote: Alex M (Coyo)c...@darkdna.net wrote: I must have somehow missed it. I would really appreciate a link. I cannot seem to find it on my own. Thank you in advance. Here are the common ways: roll a bunch of bridges using Amazon's cloud [1], have friends/allies/interesting frenemies run bridges using Vidalia [2], or just use a garden-variety VPN/proxy before entering the Tor network. ~Griffin [1]https://cloud.torproject.**org/ https://cloud.torproject.org/ [2]https://www.torproject.org/**download/download.html.enhttps://www.torproject.org/download/download.html.en That is extremely unhelpful. Merely running bridges on a huge ridiculously insecure public cloud does not equal running bridge authorities independent of the bridge authority run by the tor project. I have still not gotten a straight answer about whether or not the bridge community featureset has been released in the stable tor client. ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] Bridge Communities?
On 04/13/2013 10:27 AM, adrelanos wrote: Alex M (Coyo): I have still not gotten a straight answer about whether or not the bridge community featureset has been released in the stable tor client. It's all in there. https://www.torproject.org/docs/tor-manual.html.en AlternateBridgeAuthority [nickname] [flags] address:port fingerprint Oh, wow! That's new! Good job, guys! How the heck did I miss that? I must have read that manual a hundred times, but I've never noted that particular command! Durp! ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] Bridge Communities?
On 04/13/2013 10:29 AM, adrelanos wrote: Alex M (Coyo): On 04/13/2013 12:13 AM, Mike Perry wrote: Otherwise, thanks for your concern/veiled threats/trolling. Because obviously criticism and actual concern for the well-being of a foss project is always trolling and threats. I hope you aren't a contributor. See https://www.torproject.org/about/corepeople.html.en I just got done rea-- OMFG, that dick is in there. lol TorButton and performance metrics. No wonder I missed his name. ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] Bridge Communities?
On 04/13/2013 10:35 AM, Griffin Boyce wrote: Alex M (Coyo) c...@darkdna.net wrote: On 04/13/2013 01:54 AM, Griffin Boyce wrote: Here are the common ways: roll a bunch of bridges using Amazon's cloud [1], have friends/allies/interesting frenemies run bridges using Vidalia [2], or just use a garden-variety VPN/proxy before entering the Tor network. ~Griffin [1]https://cloud.torproject.**org/ https://cloud.torproject.org/ [2]https://www.torproject.org/**download/download.html.enhttps://www.torproject.org/download/download.html.en That is extremely unhelpful. Merely running bridges on a huge ridiculously insecure public cloud does not equal running bridge authorities independent of the bridge authority run by the tor project. I have still not gotten a straight answer about whether or not the bridge community featureset has been released in the stable tor client. The answer to your second question is no, because private bridges are used in a setting where heavy censorship exists (eg, China), very few people want to expose their private bridge networks to outsiders like yourself. People frequently roll a set of bridges *for their own use*. Someone quoted the Tor manual, and noted that one of the options is: AlternateBridgeAuthority [nickname] [flags] address:port fingerprint That sounds a lot more like I'm looking for. All I need is patch an AlternativeDirectoryAuthority option, and there you go. :D Of course, if you truly have a problem with the Tor network, you're not obligated to use it. =P Other options still exist for a reason. Not very many! I mean, most overlays out there are NOT for anonymity, and they do NOT offer an equivalent featureset to Tor hidden services. Sure, i2P exists, but who wants to spin up a huge honking java virtual machine just to participate in that relay pool? Not only that, but i2P (last I checked) does not support IPv6 Eepsites, while Tor is (slowly) getting to that point. IPv6 eepsites/hidden services is an important feature to me. GNUnet or even more obscure overlays do not have stable featuresets regarding generic unmodified TCP or UDP services, be it over IPv4 or IPv6. Sure GNUnet has IPv6 private VPNs on the eventual roadmap, and sure you could extend that to virtual interfaces, and sure you could enable linux or whatever to act as a router between those interfaces, you could even enable Quagga or whatever to swap an (alternative) BGP peering table, but GNUnet has a lot of other priorities, and isn't likely to get around to that anytime within the next two decades. ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] Bridge Communities?
On Sat, Apr 13, 2013 at 01:14:16PM -0400, grarpamp wrote: Sure, i2P exists, but who wants to spin up a huge honking java virtual machine just to participate in that relay pool? It's actually pretty easy and can run on modest hardware as a node. I disagree about modest hardware. Anything Java (Freenet, ip2, etc.) reliably craps out after a few weeks of operation on lean but usable hardware (~2 GBytes RAM effectively, dual-core Atom). It's okay for fat desktops which run for maybe a few weeks. Anything Java in general makes me a sad panda. Not only that, but i2P (last I checked) does not support IPv6 Eepsites, while Tor is (slowly) getting to that point. ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
[tor-talk] Family path selection
Hi, Quote from the path-specification (2.2) https://gitweb.torproject.org/torspec.git/blob_plain/HEAD:/path-spec.txt We do not choose any router in the same family as another in the same path. Made me think that if one declares family for the entire network except his/her own nodes he would see the full path. At least he/she would be in an excellent position for end-to-end correlation, provided his/her nodes got the Guard and Exit flag(s). Quote from dir-specification (2.1) https://gitweb.torproject.org/torspec.git/blob_plain/HEAD:/dir-spec.txt family [...] If two ORs list one another in their family entries, then OPs should treat them as a single OR for the purpose of path selection. For example, if node A's descriptor contains family B, and node B's descriptor contains family A, then node A and node B should never be used on the same circuit. Seems to explain it better; like I would expect it to work. Only if two relays declare family with each other they will be excluded from being in the same path. I hope that my understanding is correct. Please tell me if it is NOT. (Thank you in advance) Would it make sense to clarify it in the path-specification? I mean I assumed it would work in the way that A AND B declare family with each other and if they do they get excluded form the same path, rather than just A declaring family with B leading to the same result. I looked into the path-specification, but didn't get enlightened. A, for me, understandable explanation was hidden in the dir-specification as I didn't expect to find something about families in it. It could be just me since I'm not a native speaker. For a native speaker it might be most likely clear that same family implies both relays agreeing on that, while for me it can say that, but doesn't have to. Best regards, Sebastian G. (bastik_tor) (Got longer than intended) ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] ExcludeEntryNodes
#5903 and #6523. There seems to have been some fiddling with both but no comments to speak of. Thanks for clearing up the reasoning behind your decision. Also a web search for ExcludeEntryNodes brought up a preparatory commit you seem to have made earlier this year [https://lists.torproject.org/pipermail/tor-commits/2013-February/052377.html]. I would have thought that the potential importance of the feature here described in avoiding traffic correlation would outweigh the possible disadvantage in having it behave unexpectedly, but I can't argue with your experience. Would listing all country codes except the one you wanted to avoid under 'EntryNodes' do for a temporary workaround? Is there a list of these that Tor uses, or do I have to enter them manually? (I'm not a programmer, evidently.) Thanks for your response. h Nick Mathewson: We removed it long ago when we were simplifying our node-selection options to make them actually work (and try to make them work as people expected). The previous implementation was buggy in some places, and it had usability issues that made people expect it to act differently than it actually did. It also interacted with guard nodes weirdly and confusingly IIRC. Check out the changelog entries for bug 1090 for the whole ugly story. I wouldn't mind taking a well-written, well-tested patch to add a feature like this again, if somebody can write one that actually does it right this time. There are two tickets open about this but neither has received comment. Which numbers? Yrs, ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] ExcludeEntryNodes
Nick Mathewson:
I think that's actually a false dichotomy, and an interesting one. In
order to help users get security, an option needs to work in a way
that they they expect. Otherwise, when they try to avoid using nodes
in one way, and they wind up telling Tor to do something else
entirely, they are likely not to get the security properties they
thought they were getting by asking for what they thought they were
asking for.
You're right, of course. You have to program for Tor's most at-risk
user, and I'm in the privileged position of occasionally being able to
play double-or nothing with my (ano/pseudo)nymity. It's just that this
particular issue is one often levelled as an accusation by the
Tor-is-broken brigade, and anything that could scupper traffic analysis
might alleviate their concerns. In any case, I hope your checklist goes
some way towards adding this feature into a future build; I wish I could
contribute.
Is there a list of these
that Tor uses, or do I have to enter them manually? (I'm not a
programmer, evidently.)
No trouble. I *am* a programmer, and I figure the least I can do here
is generate the list for you.
I made it with
perl -ne 'if (/,([A-Z][A-Z])$/) {print {\1},\n;}' src/config/geoip
|sort | uniq |fmt
though there are probably better ways.
Wicked. Clearly the next thing I have to do is learn Perl.
I hope nobody assassinates you in the near future.
Yours,
h
___
tor-talk mailing list
tor-talk@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] Bridge Communities?
Thus spake grarpamp (grarp...@gmail.com): It concerns me that you [Mike Perry] refer to we as though you contribute anything to the tor project. Mike does a good deal of fine work for the Tor project. And I'm happy to see the torbrowser project come in place with as part goal of working with Mozilla to finally upstream fix FF for benefit of native FF users worldwide. Much better long term approach than torbutton. While I appreciate people standing up for me, there's not really much need to defend me to a drama queen who can't be bothered to RTFM before suggesting features, and moreover who thinks that suggesting specific people will be murdered is the right way to contribute to a FOSS project or ensure the prioritization of their desired features. I mean, I had more than a few lullz patiently toying with this idiocy waiting for the doxx to drop (so to speak), that's for sure ;). -- Mike Perry signature.asc Description: Digital signature ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] Bridge Communities?
Let's not dread on things out of our control; IMO we should use these concerns to develop solutions then turn them into soultions that we can implement. Obviously we can't develop around assassinations nor state funded terrorism, but we can develop a solution for backdoors and information leaks. On Sat, Apr 13, 2013 at 10:15 PM, adrelanos adrela...@riseup.net wrote: Sebastian G. bastik.tor: (Fun part?) Not a fun part for me. It's sad that these concern have been raised by a troll (or someone who doesn't know how to behave). However, these concerns are valid, and from my perspective, I can't understand why they are easily dismissed. About assassinating (double ass) the (core?) Tor people I have read that you can hire assassins on hidden-services. Wouldn't it be ironic if one hires an assassin (or many of them) via hidden-services to take the lives or Tor people? They tend to pile up on something they call developers meeting (aka DevMeeting). It's kind of public when and where such a meetings will take place and who will attend to them. The US owns drones (and they love to use them), European states buy also drones so if someone gets accused for treason, which is probably Mr. Jacob Appelbaum because of his relation to wikileaks, while Tor is also a threat such a meeting would be a juicy target. With someone killed for treason or terrorism (or supporting it) the other dead bodies are just collateral damage. That doesn't scare me. It scares me. I'd never want that to happen. Me neither. If it doesn't look like an accident (in this case or any other) people will notice about them missing or being killed. I hope that people will fight murders. Tor might be dead, but people will be upset about the death of innocent people. Yes, people will be upset, too few to see things change. People tortured in Guantanamo, Bradley Manning, list goes on... go through things which are worse than death. What's more concerning is that they could back-door Tor, all it takes is to turn one developer around, let anyone know about the back-door and people will loose trust. Yes. That could kill Tor as well. Or people who could help will finally help pushing the deterministic build feature. Often a fail finally helps to make a change. ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
[tor-talk] Deterministic Builds - was: Bridge Communities?
Hi Gregory! Gregory Disney: Let's not dread on things out of our control; IMO we should use these concerns to develop solutions then turn them into soultions that we can implement. Obviously we can't develop around assassinations nor state funded terrorism, but we can develop a solution for backdoors and information leaks. Agreed! Let's talk about deterministic builds: https://trac.torproject.org/projects/tor/ticket/3688 It looks like the Bitcoin software already supports deterministic Builds with gitian: https://github.com/bitcoin/bitcoin/tree/master/contrib I assume you're the Gregory Disney who is also one builder of those Bitcoin deterministic builds? Since you're involved in Tor as well, I seems to me you could be a great help by providing some information about the Bitcoin build process. Where are the instructions how I (or someone else) not involved in Bitcoin development can produce bit identical builds of Bitcoin to match the hash sums which are also distribiuted on sourceforge? If there are none, could you provide them please? Can their system be applied for Tor as well or are there any differences? Cheers, adrelanos ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] Deterministic Builds - was: Bridge Communities?
On Sat, Apr 13, 2013 at 8:44 PM, adrelanos adrela...@riseup.net wrote: I assume you're the Gregory Disney who is also one builder of those Bitcoin deterministic builds? Since you're involved in Tor as well, I seems to me you could be a great help by providing some information about the Bitcoin build process. There is no Gregory Disney involved with Bitcoin as far as I know. Where are the instructions how I (or someone else) not involved in Bitcoin development can produce bit identical builds of Bitcoin to match the hash sums which are also distribiuted on sourceforge? If there are none, could you provide them please? They're included with the source: https://github.com/bitcoin/bitcoin/blob/master/doc/release-process.txt and https://github.com/bitcoin/bitcoin/tree/master/contrib/gitian-descriptors Can their system be applied for Tor as well or are there any differences? Yes. It may take a little jiggling to get the builds to actually be deterministic for any particular package, but they should be applicable to anything. ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
