[tor-talk] CAPTCHA for getting bridges too strong
It is very strong. I was trying more than ten times and did not solve it. I am realy do not need bridges, but for those who need, this way getting bridges (through web page and CAPTCHA) is useless. -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] CAPTCHA for getting bridges too strong
On Sun, Mar 30, 2014 at 12:58 AM, Артур Истомин art.is...@yandex.ru wrote: It is very strong. I was trying more than ten times and did not solve it. I am realy do not need bridges, but for those who need, this way getting bridges (through web page and CAPTCHA) is useless. Maybe they could do something like this instead: http://research.microsoft.com/en-us/um/redmond/projects/asirra/ -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
[tor-talk] About CAPTCHA and mailservice
Hello, I saw this service at https://funky-mail.net/ CAPTCHA is funny, not sure that any robot may break it? Mailservice is good to RECEIVE mails, tried it a few times. Sending Is not possible as it is a paid service with e-currencies that have disappeared. Site seems to be discontinued, anyway I have asked a free test to send mails and am expecting a reply :) -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
[tor-talk] DNS leak in FF 27.0?
Anyone seeing a dns leak in FF 27.0 when first visit of session is to bitcoincharts.com? socks_remote_dns is true. -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
[tor-talk] PoC: End-to-end correlation for Tor connections using an active timing attack
Making the rounds on various lists... http://git.thejh.net/?p=detour.git;a=blob;f=README;hb=HEAD -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] CAPTCHA for getting bridges too strong
On 03/30/2014 06:58 AM, Артур Истомин wrote: It is very strong. I was trying more than ten times and did not solve it. I am realy do not need bridges, but for those who need, this way getting bridges (through web page and CAPTCHA) is useless. This is a known problem, a fix is being worked on. -- Moritz Bartl https://www.torservers.net/ -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] CAPTCHA for getting bridges too strong
Moritz Bartl: On 03/30/2014 06:58 AM, Артур Истомин wrote: It is very strong. I was trying more than ten times and did not solve it. I am realy do not need bridges, but for those who need, this way getting bridges (through web page and CAPTCHA) is useless. This is a known problem, a fix is being worked on. Actually the new version of BridgeDB deployed 4 days ago should have vastly improved the situation. See: https://bugs.torproject.org/10809 -- Lunar lu...@torproject.org signature.asc Description: Digital signature -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
[tor-talk] fresh TBB is damaged and can't be opened on Mac OS X
Trying to open TorBrowserBundle_en-US from TorBrowserBundle-3.5.3-osx32_en-US.zip produces an error: TorBrowserBundle_en-US is damaged and can't be opened. You should move it to the Trash. What to do? --lee -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] fresh TBB is damaged and can't be opened on Mac OS X
On Sun, Mar 30, 2014 at 12:50:49PM -0700, lee colleton wrote: Trying to open TorBrowserBundle_en-US from TorBrowserBundle-3.5.3-osx32_en-US.zip produces an error: TorBrowserBundle_en-US is damaged and can't be opened. You should move it to the Trash. What to do? First check the signature and see if you have a genuine accurate copy of TBB. It sounds like you probably don't. If you don't it's probably because of a failed download, rather than somebody malicious -- try downloading it again? You might also like https://blog.torproject.org/blog/ways-get-tor-browser-bundle --Roger -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] Pirate Linux 2.0 alpha
Hi, AK wrote (30 Mar 2014 20:14:06 GMT) : More details are here: https://piratelinux.org/?p=567. Interesting, thanks! Where can I read about the threat model this system is meant to address? Cheers, -- intrigeri | GnuPG key @ https://gaffer.ptitcanardnoir.org/intrigeri/intrigeri.asc | OTR fingerprint @ https://gaffer.ptitcanardnoir.org/intrigeri/otr.asc -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] Pirate Linux 2.0 alpha
Hi I was expecting you to ask something like that :). Well for now it just an alpha version, so I would not count on it for robust security. In fact, security is not the main focus of this project (unlike Tails and Liberte). Of course, it should still be reasonably secure, but I am focusing more on ease of use and privacy, rather than bulletproof security. If there is enough interest, I will make a formal document outlining the model, since I have been asked this before. Cheers On Sun, Mar 30, 2014 at 2:33 PM, intrigeri intrig...@boum.org wrote: Hi, AK wrote (30 Mar 2014 20:14:06 GMT) : More details are here: https://piratelinux.org/?p=567. Interesting, thanks! Where can I read about the threat model this system is meant to address? Cheers, -- intrigeri | GnuPG key @ https://gaffer.ptitcanardnoir.org/intrigeri/intrigeri.asc | OTR fingerprint @ https://gaffer.ptitcanardnoir.org/intrigeri/otr.asc -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] fresh TBB is damaged and can't be opened on Mac OS X
Roger Dingledine: On Sun, Mar 30, 2014 at 12:50:49PM -0700, lee colleton wrote: Trying to open TorBrowserBundle_en-US from TorBrowserBundle-3.5.3-osx32_en-US.zip produces an error: TorBrowserBundle_en-US is damaged and can't be opened. You should move it to the Trash. What to do? First check the signature and see if you have a genuine accurate copy of TBB. If you still get the same message after verifying the signature of your download [0], press the Control-key, then click on the Tor Browser Bundle icon. Choose 'Open' from the shortcut menu, then click 'Open'. The app is saved as an exception to your security settings, and you will be able to open it in the future by double-clicking it, just like any authorized app [1]. Apple's condition regarding signing applications are currently not friendly at all to the security needs of a project like Tor. We will hopefully resolve the issue at some point [2]. [0]: https://www.torproject.org/docs/verifying-signatures [1]: https://support.apple.com/kb/PH14370?viewlocale=en_US [2]: https://trac.torproject.org/projects/tor/ticket/6540 -- Matt Pagan m...@pagan.io PGP: 0xE9284418E360583C -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] fresh TBB is damaged and can't be opened on Mac OS X
I've checked the signature on TBB and it's good. The security setting allows all binaries to be run but it's still a no-go. Any other ideas? --lee On Sun, Mar 30, 2014 at 1:58 PM, Matt Pagan m...@pagan.io wrote: Roger Dingledine: On Sun, Mar 30, 2014 at 12:50:49PM -0700, lee colleton wrote: Trying to open TorBrowserBundle_en-US from TorBrowserBundle-3.5.3-osx32_en-US.zip produces an error: TorBrowserBundle_en-US is damaged and can't be opened. You should move it to the Trash. What to do? First check the signature and see if you have a genuine accurate copy of TBB. If you still get the same message after verifying the signature of your download [0], press the Control-key, then click on the Tor Browser Bundle icon. Choose 'Open' from the shortcut menu, then click 'Open'. The app is saved as an exception to your security settings, and you will be able to open it in the future by double-clicking it, just like any authorized app [1]. Apple's condition regarding signing applications are currently not friendly at all to the security needs of a project like Tor. We will hopefully resolve the issue at some point [2]. [0]: https://www.torproject.org/docs/verifying-signatures [1]: https://support.apple.com/kb/PH14370?viewlocale=en_US [2]: https://trac.torproject.org/projects/tor/ticket/6540 -- Matt Pagan m...@pagan.io PGP: 0xE9284418E360583C -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] fresh TBB is damaged and can't be opened on Mac OS X
lee colleton: I've checked the signature on TBB and it's good. The security setting allows all binaries to be run but it's still a no-go. Any other ideas? --lee Yes, one more. First completely delete the Tor Browser you downloaded. From System Preferences (in the Apple menu) go to Security and Privacy. Under the General tab, select Allow downloaded applications from anywhere. Then download the Mac Tor Browser Bundle again, unpack it and run it. -- Matt Pagan m...@pagan.io PGP: 0xE9284418E360583C -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] Pirate Linux 2.0 alpha
On Sun, Mar 30, 2014 at 4:44 PM, AK aka...@gmail.com wrote: Hi I was expecting you to ask something like that :). Well for now it just an alpha version, so I would not count on it for robust security. In fact, security is not the main focus of this project (unlike Tails and Liberte). Of course, it should still be reasonably secure, but I am focusing more on ease of use and privacy, rather than bulletproof security. If there is enough interest, I will make a formal document outlining the model, since I have been asked this before. Cheers interest++ -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] fresh TBB is damaged and can't be opened on Mac OS X
On Mon, Mar 31, 2014 at 1:24 AM, lee colleton l...@colleton.net wrote: I've checked the signature on TBB and it's good. The security setting allows all binaries to be run but it's still a no-go. Any other ideas? Try deleting your current copy and download a new one? -- Runa A. Sandvik -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] Tor Project and Youtube is blocked in Turkey too
On Sat, Mar 29, 2014 at 9:48 PM, Ondrej Mikle ondrej.mi...@gmail.comwrote: On 03/29/2014 01:34 PM, Kus wrote: FYI, today OpenDNS and Google public DNS servers are blocked too. Other than that, they're redirecting DNS queries to ISP servers automatically if you try to use Google or OpenDNS servers. Probably, they're started to use transparent DNS proxy. Btw, they're blocked them one day before the election day. You can download and install unbound recursive validating DNS resolver: http://unbound.net/ . No need to use arbitrary DNS resolver, you have your DNS resolver locally. Won't save you if they are intercepting and tampering with DNS queries, but it might work for now. Ondrej To tries to recognize when random DNS queries are being hijacked by ad pushers, but i dont think it can tell when specific sites are blocked in this manner. Would it be possible for Exit Node operators in such an area to have a switch they can set to reject DNS queries through it but still accept exit traffic? ServerDNSTestAddresses seems to change the entire exit policy if specified domains fail. -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] Tor Project and Youtube is blocked in Turkey too
On Sun, Mar 30, 2014 at 10:23:10PM -0400, krishna e bera wrote: To tries to recognize when random DNS queries are being hijacked by ad pushers, but i dont think it can tell when specific sites are blocked in this manner. Would it be possible for Exit Node operators in such an area to have a switch they can set to reject DNS queries through it but still accept exit traffic? ServerDNSTestAddresses seems to change the entire exit policy if specified domains fail. It certainly won't be straightforward. Clients don't cache dns answers anymore because of various attacks: https://gitweb.torproject.org/torspec.git/blob/HEAD:/proposals/205-local-dnscache.txt So if you can't do dns resolves, you basically can't connect anywhere for users. See also https://gitweb.torproject.org/tor.git/blob/tor-0.2.4.21:/ChangeLog#l1149 https://trac.torproject.org/projects/tor/ticket/7570 --Roger -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk