Re: [tor-talk] Tor
On Mon, 19 Oct 2015 21:03:19 -0500 Justinwrote: > Actually, you’re totally wrong. According to a top secret NSA > document, which you can view online: Tor is the king of high secure, > low latency anonymity. No contender awaits the throne. funny how tor capos don't seem to agree with you http://www.ohmygodel.com/publications/usersrouted-ccs13.pdf neither do users https://www.reddit.com/r/AgMarketplace/comments/3idznd/agora_to_pause_operations/ (your 'top secret' document is public? that's kinda strange no?) > That would > clearly indicate that you know absolutely nothing about Tor, Onion > routing, or anonymity in general. Hell, you probably don’t even know > how to use the Internet since you’re just a little five year old > having your stupid ass friend type your emails for you. We Do Not > want you in our community. Fuck Off! Have some kool aid sonny. Also, you shouldn't use foul language. Jesus will get angry. -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
[tor-talk] How the NSA breaks Diffie-Hellmann
Hello, the paper "How is NSA breaking so much crypto?" got the Best Paper Award at ACM CCS im Oct. 2015. https://freedom-to-tinker.com/blog/haldermanheninger/how-is-nsa-breaking-so-much-crypto/ Diffie-Hellman is a cornerstone of modern cryptography used for VPNs, HTTPS websites, email, and many other protocols. The paper shows that many real-world users of Diffie-Hellman are likely vulnerable to state-level attackers. A state-level attacker like NSA can pre-compute the most common used 1024 bit DH parameter sets which are recommend in RFC 2409. If pre-computation was done for the two most common used DH parameter sets the NSA can braek 2/3 of VPN connections, 1/4 of SSH connections and 1/5 of SSL/TLS connections on-the-fly. EFF.org recommends to disable DHE cipher in Firefox and Chrome: "How to Protect Yourself from NSA Attacks on 1024-bit DH" https://www.eff.org/deeplinks/2015/10/how-to-protect-yourself-from-nsa-attacks-1024-bit-DH An other more advanced solution for TorBrowser would be possible. You can increase the min. length for DH parameter to 2048 bit in NSS lib. Min. length for DH parameter was set to 1024 in NSS 3.19.1 to avoid Logjam attack. May be, it is time to increase it to 20148 bit? https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.19.1_release_notes Karsten N. -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] How the NSA breaks Diffie-Hellmann
Hi, > I guess quite a lot which makes me wondering whether this could be a >feature for the level "High" on the security slider. I would recommend it for the "Medium High" level too, because I think, this level works almost good for users with high security requirements. (See recommendation of Mike Perry here on the list.) Karsten N. -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
[tor-talk] ethical repo criteria
GNU has an "ethical repository criteria" with Tor making a prominent appearance:https://www.gnu.org/software/repo-criteria.html It's nice to see that access over Tor is necessary to get anything above a failing grade. -Jonathan -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] ethical repo criteria
On Tue, Oct 20, 2015 at 06:19:14PM +, Jonathan Wilkes wrote: > GNU has an "ethical repository criteria" with Tor making a prominent > appearance:https://www.gnu.org/software/repo-criteria.html > > It's nice to see that access over Tor is necessary to get anything above a > failing grade. > -Jonathan Fun list! Thanks for pointing it out. It's also made me open https://trac.torproject.org/projects/tor/ticket/17393 --Roger -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] Iovation insinuates Tor Users are bad
A: Hi, I would like to order some snakeoil for my business. B: Would you like to try a new shitty startup waiting to be bought by big players? A: Yes, that sounds nice. B: We serve it as a parallax hipster website hacked together in bootstrap. A: I love to oversimply threats and put all actors into "bad guys" categories... B: ...We got you covered! A: Do you misspell "Tor" with capital letters? B: Of course! grarpamp wrote: > https://www.iovation.com/ > -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] How the NSA breaks Diffie-Hellmann
On Tue, Oct 20, 2015 at 4:52 AM, Lluís <2015@gmail.com> wrote: > I understand, from a post to this list, than tor is switching from RSA > to elliptic curve key generation. > > What would we expect from that update ? > For encryption, it already happened back in 0.2.4, with the introduction of the ntor protocol. (And with the use of ecdhe in tls where available.) The remaining use of RSA is for authentication, and should be mostly phased out over the next 8 months. -- Nick -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] Meek Problems
Hi Justin, I just tried connecting with meek-google and it works fine so I would assume that your IT department has a proxy running which is filtering some URLs. Try to connect with meek-amazon, works fine on my schools network. Best Regards Am 19.10.2015 03:22 schrieb "Justin": > Hello, > When I connect to Tor at school without bridges, it works fine. The issue > is that my IT department has a DPI unit that can tell I’m using Tor, so I > tried using Meek. When Tor starts, it boot straps to 10%, then stops. > When I click Open Settings, it says Tor failed to establish an encrypted > directory connection. Somehow, Meek is being broken by the sensor. I > thought the sensor might be doing a man in the middle on Google, but when I > load the web site, I don’t get any MITM warnings. OBFS 3 and 4 and > Scramblesuit work just fine, along with regular Tor. My question to you > guys is, what would the filter be doing to break Meek? > The funny thing is that I don’t think it’s breaking Meek on purpose. > Thanks, > Justin. > -- > tor-talk mailing list - tor-talk@lists.torproject.org > To unsubscribe or change other settings go to > https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk > -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] Tor
What about starting your own list, Juan? Robert -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] Tor
Just forget about him/her/it. Am 20.10.2015 um 15:23 schrieb I: > What about starting your own list, Juan? > > Robert > > -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk