Re: [tor-talk] Tor

[Juan]

On Mon, 19 Oct 2015 21:03:19 -0500
Justin  wrote:

> Actually, you’re totally wrong.  According to a top secret NSA
> document, which you can view online: Tor is the king of high secure,
> low latency anonymity.  No contender awaits the throne. 


funny how tor capos don't seem to agree with you 

http://www.ohmygodel.com/publications/usersrouted-ccs13.pdf

neither do users 


https://www.reddit.com/r/AgMarketplace/comments/3idznd/agora_to_pause_operations/


(your 'top secret' document is public?  that's kinda
strange no?) 



> That would
> clearly indicate that you know absolutely nothing about Tor, Onion
> routing, or anonymity in general.  Hell, you probably don’t even know
> how to use the Internet since you’re just a little five year old
> having your stupid ass friend type your emails for you.  We Do Not
> want you in our community.  Fuck Off!


Have some kool aid sonny. Also, you shouldn't use foul language.
Jesus will get angry. 






-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

[tor-talk] How the NSA breaks Diffie-Hellmann

[karsten . n]

Hello,

the paper "How is NSA breaking so much crypto?" got the Best Paper Award
at ACM CCS im Oct. 2015.

https://freedom-to-tinker.com/blog/haldermanheninger/how-is-nsa-breaking-so-much-crypto/

Diffie-Hellman is a cornerstone of modern cryptography used for VPNs,
HTTPS websites, email, and many other protocols. The paper shows that many
real-world users of Diffie-Hellman are likely vulnerable to state-level
attackers.

A state-level attacker like NSA can pre-compute the most common used 1024
bit DH parameter sets which are recommend in RFC 2409. If pre-computation
was done for the two most common used DH parameter sets the NSA can braek
2/3 of VPN connections, 1/4 of SSH connections and 1/5 of SSL/TLS
connections on-the-fly.

EFF.org recommends to disable DHE cipher in Firefox and Chrome: 
"How to Protect Yourself from NSA Attacks on 1024-bit DH"
https://www.eff.org/deeplinks/2015/10/how-to-protect-yourself-from-nsa-attacks-1024-bit-DH

An other more advanced solution for TorBrowser would be possible. You can
increase the min. length for DH parameter to 2048 bit in NSS lib. Min.
length for DH parameter was set to 1024 in NSS 3.19.1 to avoid Logjam
attack. May be, it is time to increase it to 20148 bit?
https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.19.1_release_notes

Karsten N.
-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

Re: [tor-talk] How the NSA breaks Diffie-Hellmann

[karsten . n]

Hi,

>   I guess quite a lot which makes me wondering whether this could be a
>feature for the level "High" on the security slider.

I would recommend it for the "Medium High" level too, because I think,
this level  works almost good for users with high security requirements.
(See recommendation of Mike Perry here on the list.) 

Karsten N.
-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

[tor-talk] ethical repo criteria

[Jonathan Wilkes]

GNU has an "ethical repository criteria" with Tor making a prominent 
appearance:https://www.gnu.org/software/repo-criteria.html

It's nice to see that access over Tor is necessary to get anything above a 
failing grade.
-Jonathan

-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

Re: [tor-talk] ethical repo criteria

[Roger Dingledine]

On Tue, Oct 20, 2015 at 06:19:14PM +, Jonathan Wilkes wrote:
> GNU has an "ethical repository criteria" with Tor making a prominent 
> appearance:https://www.gnu.org/software/repo-criteria.html
> 
> It's nice to see that access over Tor is necessary to get anything above a 
> failing grade.
> -Jonathan

Fun list! Thanks for pointing it out.

It's also made me open
https://trac.torproject.org/projects/tor/ticket/17393

--Roger

-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

Re: [tor-talk] Iovation insinuates Tor Users are bad

[aka]

A: Hi, I would like to order some snakeoil for my business.
B: Would you like to try a new shitty startup waiting to be bought by
big players?
A: Yes, that sounds nice.
B: We serve it as a parallax hipster website hacked together in bootstrap.
A: I love to oversimply threats and put all actors into "bad guys"
categories...
B: ...We got you covered!
A: Do you misspell "Tor" with capital letters?
B: Of course!


grarpamp wrote:
> https://www.iovation.com/
> 
-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

Re: [tor-talk] How the NSA breaks Diffie-Hellmann

[Nick Mathewson]

On Tue, Oct 20, 2015 at 4:52 AM, Lluís <2015@gmail.com> wrote:
> I understand, from a post to this list, than tor is switching from RSA
> to elliptic curve key generation.
>
> What would we expect from that update ?
>

For encryption, it already happened back in 0.2.4, with the
introduction of the ntor protocol.  (And with the use of ecdhe in tls
where available.)

The remaining use of RSA is for authentication, and should be mostly
phased out over the next 8 months.

-- 
Nick
-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

Re: [tor-talk] Meek Problems

[Dominik Ungar]

Hi Justin,

I just tried connecting with meek-google and it works fine so I would
assume that your IT department has a proxy running which is filtering some
URLs. Try to connect with meek-amazon, works fine on my schools network.

Best Regards
Am 19.10.2015 03:22 schrieb "Justin" :

> Hello,
> When I connect to Tor at school without bridges, it works fine.  The issue
> is that my IT department has a DPI unit that can tell I’m using Tor, so I
> tried using Meek.  When Tor starts, it boot straps to 10%, then stops.
> When I click Open Settings, it says Tor failed to establish an encrypted
> directory connection.  Somehow, Meek is being broken by the sensor.  I
> thought the sensor might be doing a man in the middle on Google, but when I
> load the web site, I don’t get any MITM warnings.  OBFS 3 and 4 and
> Scramblesuit work just fine, along with regular Tor.  My question to you
> guys is, what would the filter be doing to break Meek?
> The funny thing is that I don’t think it’s breaking Meek on purpose.
> Thanks,
> Justin.
> --
> tor-talk mailing list - tor-talk@lists.torproject.org
> To unsubscribe or change other settings go to
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
>
-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

Re: [tor-talk] Tor

[I]

What about starting your own list, Juan?

Robert


-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

Re: [tor-talk] Tor

[Josef 'veloc1ty' Stautner]

Just forget about him/her/it.

Am 20.10.2015 um 15:23 schrieb I:
> What about starting your own list, Juan?
>
> Robert
>
>

-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk