[tor-talk] Mashup: Tor with MAD
Hi all, joyoftech has a tor reference today, mashed up with a MAD reference: http://www.joyoftech.com/joyoftech/joyarchives/1925.html (MAD, in turn, beside being the publication that first published Donald Knuth, is the acronym for 'Militärischer Abschirmdienst' the german military secret service.) Andreas -- Totally trivial. Famous last words. From: Linus Torvalds torvalds@*.org Date: Fri, 22 Jan 2010 07:29:21 -0800 -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] Fwd: [rt.torproject.org #15873] Re: Another way that people can be watched
Hey folk! This essay was very instructive. Talking about Linux + Tor, what do you think is more secure, Tails or Whonix? Thanks. Marcos (Brasil) From: intrig...@boum.org To: tor-talk@lists.torproject.org Date: Sun, 10 Nov 2013 20:41:41 +0100 Subject: Re: [tor-talk] Fwd: [rt.torproject.org #15873] Re: Another way that people can be watched Chuck wrote (10 Nov 2013 19:18:31 GMT) : I recommend sending this email to the tor-talk mailing list, you will get a lot more useful answers than here. https://lists.torproject.org/pipermail/tor-talk/ Sorry to redirect you once again, but tails-support is probably more appropriate given the topic: https://tails.boum.org/support/ Cheers! -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
[tor-talk] SimpleMail
Has the security of Simple Mail been discussed yet? If so, can someone tell me where I can find the past discussions? If not, Simple Mail is a mail client add on for Firefox. It allows you to get notified, read and write messages for multiple email accounts inside Firefox. Does it maintain the privacy associated with the TOR Firefox browser? -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] SimpleMail
On 11/14/2013 5:27 PM, Missouri Anglers wrote: Has the security of Simple Mail been discussed yet? If so, can someone tell me where I can find the past discussions? If not, Simple Mail is a mail client add on for Firefox. It allows you to get notified, read and write messages for multiple email accounts inside Firefox. Does it maintain the privacy associated with the TOR Firefox browser? Maybe others have direct experience w/ it. The general problem w/ many extensions, plugins, even clients - is they don't follow the rules of staying w/in the Tor network AND not revealing data that may leak your identity / location. It's a case by case basis, but for Tor, most don't use extensions / plugins - for email - like you're talking. They're not developed w/ extreme anonymity in mind. Not that they don't work for general, non anonymous use. You want what everyone does - ultimate convenience high anonymity. They rarely exist together. You can search the archives of Tor-talk for previous discussions. -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
[tor-talk] P2P Data Not Private, But It Could Be
Interesting article by Bennett Haselton in Slashdot today. I mention here for those who may have missed it: /A court rules that law enforcement did not improperly 'search' defendants' computers by downloading files that the computers were sharing via P2P software. This seems like a reasonable ruling, but such cases may become rare if P2P software evolves to the point where all downloads are routed anonymously through other users' computers. Another interesting point: /Bandwidth continues to get faster and cheaper. Today, if you download a 100-megabyte file by routing your download through three other users' computers, it will usually be much slower and more inconvenient than if you'd downloaded the file directly. In a few years, you won't notice the difference. It's a good read; probably worth a few minutes. I'd post the link but that creeps some folks out. Just go to Slashdot (.org) and look for it. Posted today (11/14). Title same as subject line above. Rick -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
[tor-talk] Can Google location system track TOR users?
Hi, I am surprised how google maps was able to track my location, with few meters of error, by using the Share Location feature. It is not clear how they are tracking the location with such accuracy. For sure is not using the IP. I guess they are crossing the information about the SSID wireless networks available near-by my location, which physical location was collected by google street view, with the wireless networks SSID my computer is able to see. My own internet wireless connection is very new and was not installed when google street view did the survey on my city, so they must to be using the networks near-by. Maybe they are using the wireless signal intensity to triangulate my position, improving the accuracy. I did some tests. The tracking location was very accurate on Firefox 25, with an error of few meters, but Firefox 16 was able to identify just my city, with an error over 20 Kilometers. This means that the tracking is a feature built-in the browser, probably submitting the required information to the google geo-location servers, and is able to by-pass tricks like set VPN to mask the IP. I guess the tracking system is submitting to google servers other information as well, as the MAC address, that may be used to identify the user across different location and internet access points. Firefox is developed by Mozilla. Google donates 90% of the Mozilla Foundation funds. Who pays is the patron and give the orders. Google's core business is track people and sell the information to governments. Is there any chance to have in Firefox a hidden tracking that may compromise TOR? Sukhoi -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] SimpleMail
I suppose the best way to test this is to send myself an email using simple Mail and then run the headers through something like SPAMCOP.NET and see if there is a trace of my ip address/ISP found. I am not really tech enough to go much beyond that. Is there something else I can do to test this? On Thu, 14 Nov 2013 19:22:47 -0600 Joe Btfsplk joebtfs...@gmx.com wrote: On 11/14/2013 5:27 PM, Missouri Anglers wrote: Has the security of Simple Mail been discussed yet? If so, can someone tell me where I can find the past discussions? If not, Simple Mail is a mail client add on for Firefox. It allows you to get notified, read and write messages for multiple email accounts inside Firefox. Does it maintain the privacy associated with the TOR Firefox browser? Maybe others have direct experience w/ it. The general problem w/ many extensions, plugins, even clients - is they don't follow the rules of staying w/in the Tor network AND not revealing data that may leak your identity / location. It's a case by case basis, but for Tor, most don't use extensions / plugins - for email - like you're talking. They're not developed w/ extreme anonymity in mind. Not that they don't work for general, non anonymous use. You want what everyone does - ultimate convenience high anonymity. They rarely exist together. You can search the archives of Tor-talk for previous discussions. -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk -- Missouri Anglers missouri.angl...@gmail.com -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] Can Google location system track TOR users?
Sukhoi wrote: Hi, I am surprised how google maps was able to track my location, with few meters of error, by using the Share Location feature. It is not clear how they are tracking the location with such accuracy. For sure is not using the IP. Did you have called GPS (Global Positioning System) enabled? I'm pretty sure Share Location turns on GPS. Erik -- -- Erik de Castro Lopo http://www.mega-nerd.com/ -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] Can Google location system track TOR users?
On 15/11/2013 00:27, Erik de Castro Lopo wrote: Sukhoi wrote: Hi, I am surprised how google maps was able to track my location, with few meters of error, by using the Share Location feature. It is not clear how they are tracking the location with such accuracy. For sure is not using the IP. Did you have called GPS (Global Positioning System) enabled? I'm pretty sure Share Location turns on GPS. No. I did everything using my notebook and no GPS was connected to it. Possibly they use GPS too, on devices with this functionality, but was not my case. Sukhoi -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] SimpleMail
In addition, you will need to check for DNS leaks, since the e-mail client will do a MX host lookup for each recipient's e-mail domain. Elysius On 11/15/13 02:18, Missouri Anglers wrote: I suppose the best way to test this is to send myself an email using simple Mail and then run the headers through something like SPAMCOP.NET and see if there is a trace of my ip address/ISP found. I am not really tech enough to go much beyond that. Is there something else I can do to test this? On Thu, 14 Nov 2013 19:22:47 -0600 Joe Btfsplk joebtfs...@gmx.com wrote: On 11/14/2013 5:27 PM, Missouri Anglers wrote: Has the security of Simple Mail been discussed yet? If so, can someone tell me where I can find the past discussions? If not, Simple Mail is a mail client add on for Firefox. It allows you to get notified, read and write messages for multiple email accounts inside Firefox. Does it maintain the privacy associated with the TOR Firefox browser? Maybe others have direct experience w/ it. The general problem w/ many extensions, plugins, even clients - is they don't follow the rules of staying w/in the Tor network AND not revealing data that may leak your identity / location. It's a case by case basis, but for Tor, most don't use extensions / plugins - for email - like you're talking. They're not developed w/ extreme anonymity in mind. Not that they don't work for general, non anonymous use. You want what everyone does - ultimate convenience high anonymity. They rarely exist together. You can search the archives of Tor-talk for previous discussions. -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] Can Google location system track TOR users?
The other WiFi networks in range of your Wifi gave Google location information. Google has built an extensive database of Wifi SSID's etc via their google maps cars. It has nothing to do with Tor. Elysius On 11/15/13 03:29, Sukhoi wrote: On 15/11/2013 00:27, Erik de Castro Lopo wrote: Sukhoi wrote: Hi, I am surprised how google maps was able to track my location, with few meters of error, by using the Share Location feature. It is not clear how they are tracking the location with such accuracy. For sure is not using the IP. Did you have called GPS (Global Positioning System) enabled? I'm pretty sure Share Location turns on GPS. No. I did everything using my notebook and no GPS was connected to it. Possibly they use GPS too, on devices with this functionality, but was not my case. Sukhoi -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
[tor-talk] Firefox DNS leak?
ubuntu 12.0.4 lts updated ff 25.0 (ubuntu, not tbb) set proxy all to tor via socks5 set dns proxy socks surf to stackexchange.com see udp dns leak via tcpdump any confirmation / fixes ? -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] Firefox DNS leak?
grarpamp: ubuntu 12.0.4 lts updated ff 25.0 (ubuntu, not tbb) set proxy all to tor via socks5 set dns proxy socks surf to stackexchange.com see udp dns leak via tcpdump any confirmation / fixes ? There is a known DNS leak in WebSockets. Does it happen if you set 'network.websocket.enabled' to false in about:config? Another possibility is WebRTC, which can leak more than just DNS. http://net.ipcalf.com/ will use WebRTC mechanisms to probe your IP for testing purposes. I believe you can disable WebRTC by setting media.peerconnection.enabled to false, but there may be other prefs involved too. -- Mike Perry signature.asc Description: Digital signature -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] Firefox DNS leak?
any confirmation / fixes ? https://trac.torproject.org/projects/tor/ticket/5741 websockets Year and a half and mozilla still hasn't fixed upstream. -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
[tor-talk] Private email
In my attempt to set up a secure anonymous email system I thought it might be easier to sign up for a free web based email account while using the TOR browser. Do you know how hard it is to do that with java script disabled? I must have tried 30-40 different places such as yahoo, gmail, gmx, hotmail, etc No java script, no account. I assumed if I signed up while using the TOR browser then they would never have an IP address associated with the email address. I finally found ATLAS.CZ which let me sign up without java script enabled. However during the process I realized the CAPTCHA code they wanted me to retype was using symbols I did not have on my keyboard. I finally solved that problem and now have a working email address (in Czech) that has never been exposed to my real IP address. (I was using TOR browser through the entire process) My question is, Can I count on being anonymous if I continue using the TOR browser to log into the web based account and send emails? (java script is always disabled). -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk