Re: [tor-talk] New relays and bridges.
> On 8/21/2016 3:59:42 PM, laurelai bailey (laurelaist...@gmail.com) wrote: > > Since some folks have declined to offer their services in this department i > thought it might be a good idea to start outreach to get more bridges and > relays setup. Ill be setting one up myself and encouraging others to do the > same across various platforms. Good luck. the Tor Browser is a very user friendly *client* interface. But when tor.exe got integrated into the Tor browser, windows users (at least me) have not been able to set up relays. It seems that Tor developers have abandoned the windows OS, and so made it impossible for the community of windows users to contribute bridges, let alone relays. I'd attempt to volunteer for that work, but I'm not a programmer. - eliaz -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] New relays and bridges.
On 24.08.16 15:20, eliaz wrote: On 8/21/2016 3:59:42 PM, laurelai bailey (laurelaist...@gmail.com) wrote: Since some folks have declined to offer their services in this department i thought it might be a good idea to start outreach to get more bridges and relays setup. Ill be setting one up myself and encouraging others to do the same across various platforms. Good luck. the Tor Browser is a very user friendly *client* interface. But when tor.exe got integrated into the Tor browser, windows users (at least me) have not been able to set up relays. I would like to use a TBB version without the Tor daemon integrated. It's so easy to install and run the Tor daemon on Linux, but TBB makes life hard. -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] New relays and bridges.
>tor.exe >windows >I would like to use a TBB version without the Tor daemon integrated. I kek'ed Maybe you should re-evaluate your priorities and stop being a botnet? -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] New relays and bridges.
On 8/21/2016 3:59:42 PM, laurelai bailey (laurelaist...@gmail.com) wrote: > But when tor.exe got integrated into the Tor browser, windows users (at > least me) have not been able to set up relays. From what I understand it is better if Tor relays and Bridges have longer term availability. It could be that only running a Relay for the 2 hours you are browsing the web and then cutting off all the connections that have been made through your Relay when you powerdown your desktop Windows PC and go to bed might not be desirable. I think it is rare for a desktop Windows machine to stay running 24/7. So don't feel too bad about it. On Wed, Aug 24, 2016 at 05:19:02PM +0300, m...@beroal.in.ua wrote: > I would like to use a TBB version without the Tor daemon integrated. > It's so easy to install and run the Tor daemon on Linux, but TBB makes > life hard. I completely agree. By running Tor as a system daemon you can run it under its own User (such as debian-tor) and then set up firewall rules to block all outbound traffic except that coming from the Tor user. This is how Tails prevents unintentional leaks that would have bypassed Tor and potentially revealed your real IP address. This is not possible when your unprivileged user starts Tor Browser and then some weird Firefox plugin automatically launches Tor. A download for just the Tor Browser without all the other crap mixed in would be nice but it's not a big deal. Having sane defaults for unsophisticated users is more important. -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] proxy servers compatible with tor and proxychains
On Fri, Aug 19, 2016, at 05:23 AM, grarpamp wrote: > > Proxy lists often contain ones no longer, or never were, working. > You'll just have to search for lists and scan through them. > And with the flux in proxies, each hop in your chain adds more > chance of a broken path. Keep in mind that free is hardly ever free... > it's either an adversary, cracked or used unbeknownst. Nor have heard > of free+tor friendly. Might be better served to pay a cheap vpn with btc. > If one's purpose is to be an ass, remember other users have higher needs. Could you elaborate on that last sentence. It is not clear to me what you meant. Thanks. -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] tor 0.2.8.5-rc / 2.8.6 connecting to 18.0.0.1
>In this case, it's likely that GetAdaptersAddresses failed to return any >addresses, >and to the UDP socket >hack is being used to find the client IP address. To confirm this, please >check >the info-level logs for >messages like: >Unable to load iphlpapi.dll >Unable to obtain pointer to GetAdaptersAddresses >GetAdaptersAddresses failed after setting Log info or log debug stdout.. i didnt get any info for the adapters. tor connects to the network and only references 127.0.0.1 with "Notice" "[Notice] Opening Socks listener on 127.0.0.1:" "DisableIOCP 0/1" wont push away tor connecting to 18... either but i tried just in case to see if the behavior from IOCP networking API would affect the connection. >Tor clients generate a new SSL certificate each time their IP address changes >- >this makes sure they >can't be tracked across different networks. >Tor uses two methods to find the address, GetAdaptersAddresses and the "UDP >>socket hack": asking >the machine the local address of a UDP socket. For the hack to work, the >socket >has to be associated >with a public IP address. Tor never sends data on the socket, it's entirely >safe to >block it with your >firewall. Tor's just using it to check if your local address has changed. yes blocking the ip does the trick for the fw while tor connects to the network. thank you for the explanation. -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
[tor-talk] Tor 0.2.9.2-alpha is released
Hi, all! There is a new alpha release of the Tor source code, with fixes for several important bugs, and numerous other updates. (If you are about to reply saying "please take me off this list", instead please follow these instructions: https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-announce/ . You will have to enter the actual email address you used to subscribe.) You can download the source from the usual place on the website. Packages should be up in a few days. (There is also a concurrent release of Tor 0.2.8-7; for stable announcements, please see tor-announce@ or the blog.) Changes in version 0.2.9.2-alpha - 2016-08-24 Tor 0.2.9.2-alpha continues development of the 0.2.9 series with several new features and bugfixes. It also includes an important authority update and an important bugfix from 0.2.8.7. Everyone who sets the ReachableAddresses option, and all bridges, are strongly encouraged to upgrade to 0.2.8.7, or to 0.2.9.2-alpha. o Directory authority changes (also in 0.2.8.7): - The "Tonga" bridge authority has been retired; the new bridge authority is "Bifroest". Closes tickets 19728 and 19690. o Major bugfixes (client, security, also in 0.2.8.7): - Only use the ReachableAddresses option to restrict the first hop in a path. In earlier versions of 0.2.8.x, it would apply to every hop in the path, with a possible degradation in anonymity for anyone using an uncommon ReachableAddress setting. Fixes bug 19973; bugfix on 0.2.8.2-alpha. o Major features (user interface): - Tor now supports the ability to declare options deprecated, so that we can recommend that people stop using them. Previously, this was done in an ad-hoc way. Closes ticket 19820. o Major bugfixes (directory downloads): - Avoid resetting download status for consensuses hourly, since we already have another, smarter retry mechanism. Fixes bug 8625; bugfix on 0.2.0.9-alpha. o Minor features (config): - Warn users when descriptor and port addresses are inconsistent. Mitigates bug 13953; patch by teor. o Minor features (geoip): - Update geoip and geoip6 to the August 2 2016 Maxmind GeoLite2 Country database. o Minor features (user interface): - There is a new --list-deprecated-options command-line option to list all of the deprecated options. Implemented as part of ticket 19820. o Minor bugfixes (code style): - Fix an integer signedness conversion issue in the case conversion tables. Fixes bug 19168; bugfix on 0.2.1.11-alpha. o Minor bugfixes (compilation): - Build correctly on versions of libevent2 without support for evutil_secure_rng_add_bytes(). Fixes bug 19904; bugfix on 0.2.5.4-alpha. - Fix a compilation warning on GCC versions before 4.6. Our ENABLE_GCC_WARNING macro used the word "warning" as an argument, when it is also required as an argument to the compiler pragma. Fixes bug 19901; bugfix on 0.2.9.1-alpha. o Minor bugfixes (compilation, also in 0.2.8.7): - Remove an inappropriate "inline" in tortls.c that was causing warnings on older versions of GCC. Fixes bug 19903; bugfix on 0.2.8.1-alpha. o Minor bugfixes (fallback directories, also in 0.2.8.7): - Avoid logging a NULL string pointer when loading fallback directory information. Fixes bug 19947; bugfix on 0.2.4.7-alpha and 0.2.8.1-alpha. Report and patch by "rubiate". o Minor bugfixes (logging): - Log a more accurate message when we fail to dump a microdescriptor. Fixes bug 17758; bugfix on 0.2.2.8-alpha. Patch from Daniel Pinto. o Minor bugfixes (memory leak): - Fix a series of slow memory leaks related to parsing torrc files and options. Fixes bug 19466; bugfix on 0.2.1.6-alpha. o Deprecated features: - A number of DNS-cache-related sub-options for client ports are now deprecated for security reasons, and may be removed in a future version of Tor. (We believe that client-side DNS cacheing is a bad idea for anonymity, and you should not turn it on.) The options are: CacheDNS, CacheIPv4DNS, CacheIPv6DNS, UseDNSCache, UseIPv4Cache, and UseIPv6Cache. - A number of options are deprecated for security reasons, and may be removed in a future version of Tor. The options are: AllowDotExit, AllowInvalidNodes, AllowSingleHopCircuits, AllowSingleHopExits, ClientDNSRejectInternalAddresses, CloseHSClientCircuitsImmediatelyOnTimeout, CloseHSServiceRendCircuitsImmediatelyOnTimeout, ExcludeSingleHopRelays, FastFirstHopPK, TLSECGroup, UseNTorHandshake, and WarnUnsafeSocks. - The *ListenAddress options are now deprecated as unnecessary: the corresponding *Port options should be used instead. These options may someday be removed. The affected options are: ControlListenAddress, DNSListenAddress, DirListenAddress,
Re: [tor-talk] Tor 0.2.9.2-alpha is released
On Wed, Aug 24, 2016 at 2:55 PM, Nick Mathewson wrote: > Hi, all! There is a new alpha release of the Tor source code, with > fixes for several important bugs, and numerous other updates. > It would be really helpful for both users and the Tor project if there were Windows binaries built so the alpha, beta and rc versions could be better tested. -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] Tor 0.2.9.2-alpha is released
There is a way to compile it yourself on Windows using NSIS but it's old (last change on 2014-06-05 and it uses openssl-1.0.1h, zlib-1.2.8, libevent-2.0.21 and tor-0.2.4.22) and may or may not be recommended. The link of the article and the download of the TXT with the compiling steps are here: http://www.mictronics.de/2014/04/how-to-build-tor-for-win32/ That said, and official way to compile it on Windows (or cross-compile from Linux) using a manual guide or scripts would be nice. On 2016-08-24 at 21:14, Allen wrote: > On Wed, Aug 24, 2016 at 2:55 PM, Nick Mathewson > wrote: > >> Hi, all! There is a new alpha release of the Tor source code, with >> fixes for several important bugs, and numerous other updates. >> > > It would be really helpful for both users and the Tor project if there were > Windows binaries built so the alpha, beta and rc versions could be better > tested. > -- Juan Miguel Navarro Martínez GPG Keyfingerprint: 5A91 90D4 CF27 9D52 D62A BC58 88E2 947F 9BC6 B3CF -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] Tor 0.2.9.2-alpha is released
IMO, having folks compile Tor themselves under Windows will cause the project more problems, not fewer. On Wed, Aug 24, 2016 at 4:17 PM, Juan Miguel Navarro Martínez < juanmi.3...@gmail.com> wrote: > There is a way to compile it yourself on Windows using NSIS but it's old > (last change on 2014-06-05 and it uses openssl-1.0.1h, zlib-1.2.8, > libevent-2.0.21 and tor-0.2.4.22) and may or may not be recommended. > > The link of the article and the download of the TXT with the compiling > steps are here: http://www.mictronics.de/2014/ > 04/how-to-build-tor-for-win32/ > > That said, and official way to compile it on Windows (or cross-compile > from Linux) using a manual guide or scripts would be nice. > > On 2016-08-24 at 21:14, Allen wrote: > > On Wed, Aug 24, 2016 at 2:55 PM, Nick Mathewson > > wrote: > > > >> Hi, all! There is a new alpha release of the Tor source code, with > >> fixes for several important bugs, and numerous other updates. > >> > > > > It would be really helpful for both users and the Tor project if there > were > > Windows binaries built so the alpha, beta and rc versions could be better > > tested. > > > > -- > Juan Miguel Navarro Martínez > > GPG Keyfingerprint: > 5A91 90D4 CF27 9D52 D62A > BC58 88E2 947F 9BC6 B3CF > -- > tor-talk mailing list - tor-talk@lists.torproject.org > To unsubscribe or change other settings go to > https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk > -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] sadly have to shut down my tor relay after less then 24 hours
No they did not as you saw in the excerpt I posted. I told them now all is well with out going into detail. I had 24 hours to send them an all clear or they would restrict my network bandwidth and I want the gigabit connection for all the services I run on my vps. So it has ben up and running I believe since Sunday now, or was it Monday. Now I wait for the full cycle to take effect and hope someone can use the 50mbps bandwidth I set up. Hopefully the network will be a lot faster as I'm not actually using that but for icecast and some streaming services. > On Aug 23, 2016, at 2:40 PM, Dave Warren wrote: > > That is not a DMCA complaint, a complaint under the DMCA is required to > be specific, and reports are made under oath and penalty of perjury that > the complainer owns the copyright for the item in question. > > However, your host may not be passing on all the details to you, that's > a matter of discussion between yourself and your host. > > On Tue, Aug 23, 2016, at 11:12 AM, Sarah Alawami wrote: >> No, the DMCA was not specific. That's all they told me was that copyright >> material were going through the vps and I was breaking the TOS. >>> On Aug 22, 2016, at 5:19 PM, Mike Perry wrote: >>> >>> Sarah Alawami: Hello to all. Sadly I have to shut down my tor relay after less then 24 hours, as I received a copyright violation and I don't want any network restrictions placed on me as I want the 150mbps speed. Sorry to all who were using it, but yeah there it is. >>> >>> Was this a DMCA takedown related to bittorrent traffic? When I ran an >>> exit, I had a lot of luck with this policy: >>> https://trac.torproject.org/projects/tor/wiki/doc/ReducedExitPolicy >>> >>> Basically restricting yourself to core internet services reduces the >>> chances that bittorrent clients choose a port from the policy. With a >>> 1Gbit exit and that policy, I went from 60 DMCA notices a day down to 0 >>> over the life of the exit (about 3 years). >>> >>> Unless something new is happening? Did the complaint(s) give specifics >>> about the location and type of infringing content that was accessed? >>> >>> More services are always better. I've been thinking about making that >>> policy into a torrc option, so it would be useful to know if the >>> situation has changed. >>> >>> -- >>> Mike Perry >>> -- >>> tor-talk mailing list - tor-talk@lists.torproject.org >>> To unsubscribe or change other settings go to >>> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk >> >> -- >> tor-talk mailing list - tor-talk@lists.torproject.org >> To unsubscribe or change other settings go to >> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk > > -- > tor-talk mailing list - tor-talk@lists.torproject.org > To unsubscribe or change other settings go to > https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] Tor 0.2.9.2-alpha is released
Allen: > IMO, having folks compile Tor themselves under Windows will cause the > project more problems, not fewer. We regularly compile tor and bundle it separately for Windows in our Tor Browser nightly builds, alpha builds and release builds. For the nightlies see: https://people.torproject.org/~linus/builds/ For recent alphas see: https://dist.torproject.org/torbrowser (https://dist.torproject.org/torbrowser/6.5a2/tor-win32-0.2.8.5-rc.zip is the one you got with the last alpha) And the release version is directly linked to from our website (the expert bundle. Georg > On Wed, Aug 24, 2016 at 4:17 PM, Juan Miguel Navarro Martínez < > juanmi.3...@gmail.com> wrote: > >> There is a way to compile it yourself on Windows using NSIS but it's old >> (last change on 2014-06-05 and it uses openssl-1.0.1h, zlib-1.2.8, >> libevent-2.0.21 and tor-0.2.4.22) and may or may not be recommended. >> >> The link of the article and the download of the TXT with the compiling >> steps are here: http://www.mictronics.de/2014/ >> 04/how-to-build-tor-for-win32/ >> >> That said, and official way to compile it on Windows (or cross-compile >> from Linux) using a manual guide or scripts would be nice. >> >> On 2016-08-24 at 21:14, Allen wrote: >>> On Wed, Aug 24, 2016 at 2:55 PM, Nick Mathewson >>> wrote: >>> Hi, all! There is a new alpha release of the Tor source code, with fixes for several important bugs, and numerous other updates. >>> >>> It would be really helpful for both users and the Tor project if there >> were >>> Windows binaries built so the alpha, beta and rc versions could be better >>> tested. >>> >> >> -- >> Juan Miguel Navarro Martínez >> >> GPG Keyfingerprint: >> 5A91 90D4 CF27 9D52 D62A >> BC58 88E2 947F 9BC6 B3CF >> -- >> tor-talk mailing list - tor-talk@lists.torproject.org >> To unsubscribe or change other settings go to >> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk >> signature.asc Description: OpenPGP digital signature -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] Number of onions online
On 8/22/16, Nurmi, Juha wrote: > - Looking tor2web proxy stats > - Looking leaked DNS requests (soon impossible) > - DHT spying (this should NOT be done and it's technically impossible in > the future) These are all basically spying, but they are useful and there are always those who research or publish them freely for others to use. Sure, legit researchers (by whatever standards) might heed discouragement, but it's important to remember that others have not since the day onions were first invented. That's why I always say users should use stealh or application level authentication until then and take precautions. Even after. How do you say leaking DNS is "soon [made] impossible" by anything tor does? ie: tor itself already never leaks what is sent to its socks5 port. Any such leaks come from user config and usage errors in their userland with their userland apps and packet filters. If you're talking TBB, that's something different. Other things like Whonix are not tor. > - Crawling onion sites > Anyway, you are not going to find every existing onion address. Custom spidering used to do a very good job here. Though growth broadened what could be effectively found and targeted that way, and targets are dropping out all the time as usual. So researcher and search portal discovery delay is now longer and the depth shallower. It's at the point you're better off buying a google search server and plugging it in. > How researches have been testing these addresses: > ... > Again, there are a lot of onions out there but nobody really knows what > services they are offering. So long as someone publishes their address, discovering service isn't hard. Yes there are clearly a lot of unpublished onions. My inbox always accepts lists people wish to publish to it. -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] Number of onions online
> Recent talk in onionland seems to be indicating somewhere > nearing 10,000 onions online, from spidering and whatnot. > Are there folks here involved in such projects that can contribute further graphs, lists, categorization, and commentary? I run the OnionScan project and have been looking at this stuff for the last year or so[1]. From my latest data I see about ~7000 onions online during any given crawl date - and these 7000 come from about ~8000 different onion hostnames (some onions are really inconsistently up). When I say online I mean is actively serving one of HTTP(S), SSH, FTP, SMTP, Bitcoin, IRC and a few other protocols. Overall we scan ~12000 known onion hosts found by crawling both onion sites and the clear web. This grew rapidly over the first few scans but generally only grows by a handful of onions per scan now - this means ~5000 of the onion hosts we have found have never been online or are defunct. This analysis obviously doesn't capture onions that have never been publicly listed or private authenticated onions. It also doesn't account for onion-dependent software like Ricochet which may not be online consistently enough for us to pick up. Finally if someone is hosting software on a non-standard port we won't currently detect it. Lately I've been looking into supplementing the crawl data with other sources e.g. clearnet listings (like /r/onions) or via general common crawl data - although early tests show this is about as effective as the current crawl mechanism for finding new onions. [1] https://mascherari.press/onionscan-report-june-2016/ -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] Number of onions online
I'm getting around 6500 per day give or take a few and about 70-100 new per day (most of which are short lived or mirrors of others or new addresses for previous services). -- FINGERPRINT: 97CD 1B42 2333 54EF 75C2 731C C71C BC5C 57D3 A771 On Aug 24, 2016, at 7:50 PM, Sarah Jamie Lewis wrote: >> Recent talk in onionland seems to be indicating somewhere >> nearing 10,000 onions online, from spidering and whatnot. >> Are there folks here involved in such projects that can contribute > further graphs, lists, categorization, and commentary? > > I run the OnionScan project and have been looking at this stuff for the > last year or so[1]. From my latest data I see about ~7000 onions online > during any given crawl date - and these 7000 come from about ~8000 > different onion hostnames (some onions are really inconsistently up). When > I say online I mean is actively serving one of HTTP(S), SSH, FTP, SMTP, > Bitcoin, IRC and a few other protocols. > > Overall we scan ~12000 known onion hosts found by crawling both onion > sites and the clear web. This grew rapidly over the first few scans but > generally only grows by a handful of onions per scan now - this means > ~5000 of the onion hosts we have found have never been online or are > defunct. > > This analysis obviously doesn't capture onions that have never been > publicly listed or private authenticated onions. It also doesn't account > for onion-dependent software like Ricochet which may not be online > consistently enough for us to pick up. Finally if someone is hosting > software on a non-standard port we won't currently detect it. > > Lately I've been looking into supplementing the crawl data with other > sources e.g. clearnet listings (like /r/onions) or via general common > crawl data - although early tests show this is about as effective as the > current crawl mechanism for finding new onions. > > [1] https://mascherari.press/onionscan-report-june-2016/ > > > > > > -- > tor-talk mailing list - tor-talk@lists.torproject.org > To unsubscribe or change other settings go to > https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
