Re: [tor-talk] Which reputable webmail providers function well with Tor?
On Tue, Jun 07, 2016 at 03:40:37PM +0200, carlo von lynX wrote: > On Tue, Jun 07, 2016 at 02:44:40AM -0500, Crypto wrote: > > RiseUp actually has .onion addresses for all of their various services. > > They list them in their Help->Security section. > > I don't understand why people still use mail services under > Patriot Act.. er.. I mean Freedom Act jurisdiction? It's > like searching with DuckDuckGo.. even if the majority of > employees is sooo convinced that they are not collaborating > with authorities, the law says they are. Exactly my thoughts. Duckduckgo and other services under US jurisdiction *by law* saving logs, mails etc. .and now in the latest release of TBB we have DuckDuckGo as search engine by default > > Laws are one of the few things on earth that still tell the > truth. Once you read them, you understand why the earth is shite. > The fact, only a minority does, allows general population (and > the media by reflection) to think of reality as something else > than what it is. > > > -- > E-mail is public! Talk to me in private using encryption: > http://loupsycedyglgamf.onion/LynX/ > irc://loupsycedyglgamf.onion:67/lynX > https://psyced.org:34443/LynX/ > -- > tor-talk mailing list - tor-talk@lists.torproject.org > To unsubscribe or change other settings go to > https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk > -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] Which reputable webmail providers function well with Tor?
On Wed, May 25, 2016 at 07:55:15PM +, blo...@openmailbox.org wrote: > Can anyone suggest a reputable webmail provider that is not totally > anti-Tor. I don't have a problem with yandex.ru many years. > > Cock.li and Sigaint and Unseen.is and Mail2Tor are out as the names look > weird to "normal" people. > > Ruggedinbox is unreliable as the site is often down. VFEmail used to work > but I can't seem to sign-up now. > > ProtonMail demands SMS validation. > > Tutanota seems OK but on this list a poster said that they closed his > accounts down for no reason. > > RiseUp requires an invitation. > > > -- > tor-talk mailing list - tor-talk@lists.torproject.org > To unsubscribe or change other settings go to > https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk > -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] Has anyone HEARD from IOError since his last tweet?
On Sun, Jun 05, 2016 at 07:20:34PM -0400, notfrien...@riseup.net wrote: > On 2016-06-05 19:08, Cecilia Tanaka wrote: > >Hi Anthony. > > > >I am really worried about Jake and contacted some friends in common > >yesterday and today. I had no news until now. > > > >I really don't know if he is receiving my messages or reading them and I > >tried to contact some CCC friends, but I don't know if he is in Berlin or > >not. > > > >He is, probably, very stressed and confused in this moment. Jake has much > >more scars in his soul than he usually exposes in public and I know very > >well how hard can be living with deep pain. I don't know if God exists or > >not, but I am sincerely praying for him. > > > >Cecilia > > I find it concerning we haven't heard from him. His website is also offline > (the one listed on his twitter) which is also worrying. I think he in custody now with all such accusations. So why worry? Also how would you have behaved in his place with all such arguments from both sides? Of course you would be silent. It is right decision in my poin of view. I don't stand for any sides. We don't have any evidence. It is work for Germany's LE. So let they do their work. And after we see result - it make sense to discuss something. -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] Tor Browser for OpenBSD update
On Tue, Feb 23, 2016 at 05:49:46PM -0500, George wrote:
> The Tor BSD Diversity Project (https://torbsd.github.io/) has done some
> substantial overhauling of TB for OpenBSD in the past week, with a bunch
> of releases aimed at refining the port.
>
> We are still at version 5.5 and are in development mode, but we'll be
> working on 5.5.2 in the near future. We are fully aware of the
> vulnerabilities in version 5.5 and 5.5.1.
>
> Getting TB into the OpenBSD ports would be an enormously important step.
> OpenBSD maintains fanatical and refreshing attention to clean, correct
> code. For instance, OpenBSD project forked OpenSSL in 2014 with LibreSSL
> (.org), which is a tighter, more secure implementation that is fully
> portable.
>
> The README files for installation directions are located in the
> appropriate architecture directory at
> http://mirrors.nycbug.org/pub/snapshots/packages/{amd64,i386}/
>
> A short list of recent changes includes:
>
> * the creation of i386 TB packages
> * elimination of unnecessary packaging in favor of native Mozilla
> mechanisms wherever possible
> * reworking of run-dependencies and the addition of a meta port to aid
> in installation
> * reworking of the Firefox addon .xpi packaging to be kinder to the
> filesystem (torbutton, tor-launcher, noscript, https-everywhere)
>
> We are getting very useful feedback from the main OpenBSD developer who
> is focused on Mozilla porting.
>
> We are regularly keeping the blog updated at
> https://torbsd.github.io/blog.html as we make progress.
>
> Feedback always welcome for the testers and code-readers out there.
I see your correspondence in OpenBSD's ports mailing list, but I don't have
clear understanding about future OpenBSD 5.9 release. Whether the inclusion
of the port of tbb in it? I mean stable port tree for OpenBSD 5.9.
Thank you.
--
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] Escape NSA just to enter commercial surveillance?
On Thu, Jan 14, 2016 at 05:58:50PM +0100, Markus Hitter wrote: > > On 32C3 a few weeks ago ... > > https://media.ccc.de/v/32c3-7322-tor_onion_services_more_useful_than_you_think > > ... Roger cheered a lot about Facebook offering a hidden service. > > To be honest, this surprises me quite a bit. Tor is for anonymisation, > so one can escape tax paid surveillance by NSA, GCHQ & Co., which is > useful. And then such a Tor user connects to Facebook, where one has to > log in, making this anonymisation completely pointless? At least I don't > get the point. > > Even assuming that Facebook doesn't regularly exchange user data with > NSA, this makes mass surveillance trivial. Useful, welcome, or not, > Facebook does mass surveillance on its own, as stated business practice. > Also, I'm pretty sure if another Manning-like case appears, NSA would > immediately command Facebook to offer the related user identification. > > If there's cheering about Facebook hidden services, shouldn't always a > note be added that logging in there identifies a user, making Tor > (almost) pointless? I'm absolutly agree with this point of view. Even more, in today world, I think, greatest danger *for most people* comes from corporations like Google, Facebook, Twitter etc whose money - our privacy, not from NSA/GCHQ/FSB/... The latter, in theory, in democratic countries, called to serve the good of the people. The first - serve their pockets. I think, in crypto-privacy-tor-i2p-... communities this problem is very underrated. The main enemy - NSA & Co., not the companies whose main goals are our desires, preferences, dreams, pain and suffering - those things through which we easily manipulated. Facebook and Co. have enough power and money to manipulate/lobby their interests. I don't think they need any support from Tor developers. -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] TorChat or other for IRC?
On Wed, Jan 06, 2016 at 04:06:32PM +0100, Flipchan wrote: > I use irssi and proxy it throw tor , usewithtor irssi Is it possible to connect to freenode? I remember they were banned TOR network. -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] Why most democratic contries are most active users of TOR... except Russia of course
On Sun, Jan 03, 2016 at 11:00:21AM +0100, karste...@mailbox.org wrote: > Hi, > > On January 2, 2016 at 10:49 PM Justin wrote: > > I really doubt that 1.5 million bots are using Tor everyday by the way. > > The Mevade.A botnet had 4 million bots, which were using Tor in summer > 2013. Some links: > > http://blog.fox-it.com/2013/09/05/large-botnet-cause-of-recent-tor-network-overload/ > http://blog.trendmicro.com/trendlabs-security-intelligence/the-mysterious-mevade-malware/ > > Mevade.A has done some mistakes by switching all bots in a short time to > Tor. This behaviour attracts more attention to the botnet: > > https://threatpost.com/moving-to-tor-a-bad-move-for-massive-botnet/102284/ > > I think, Tor usage is a mirror of real world problems. Everybody, who want > s to have a little anonymity, is using Tor. Malicious bots hiding C > communication, criminals selling drugs, people watching all kinds of porn, > intelligence agencies and military cyber forces are using Tor and so > on. > > Human rights activists in bloody regimes with murderous dictators are a > very very small group in real world and it is a very small group among Tor > users too. Sad sum: tor community is a helper for cyber criminals, bloody (and not very) regimes and biggest distributer of kids porn. Lol :) Hi, mommy, you're rare exception, who sometimes read blocked in Russia opposition sites, like Грани.ру. I love you, mom, you're the best! =) -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] Russia actually kind of cracked (?) Tor
On Thu, Nov 26, 2015 at 02:46:50AM +, Anton Nesterov wrote: > It's not like western LI. LI means there is order which ISP execute. In > SORM there is no such thing, just some black box with full traffic > mirrored on it installed at every ISPs with direct link to FSB (other > agencies get access mostly via FSB, but some install their own SORM). I > said, it's very similar to country-wide NarusInsight, or to much broader > Tempora. BTW that boxes not only intercept traffic, but also store and > analyze it. > > I recommend you read The Red Web by Andrei Soldatov and Irina Borogan, > it describe Russian surveillance in details. Мне совершенна не понятна логика Солдатова и Бороган. Почему книга выпущенна на английском и нет перевода на русском. На Западе подобных изданий - вагон и маленькая тележка. Мне, по большому счёту, нечего посоветовать людям почитать. Их мало интересует, что происходит на Западе. Людей интересует то, что происходит у нас, в России. Ну т.е. можно конечно дать почитать что-то типа этого: http://www.agentura.ru/projects/identification/ Но ктож это в таком формате читать будет? (кстати, agentura.ru, насколько я понял, проект Солдатова/Бороган). Одним словом, какая-то попытка развлечь западную публику нашими проблемами, которые, к слову, им мало интересны. У них у самих они "интереснее". Не знаю. Саму книгу ещё не читал, из этого треда о ней узнал. Но отсутствие её перевода на русский печалит и вызывает негативное отношение к авторам: собрать информацию из открытых источников, проанализировать и выпустить книгу на английском предназначенную для русских. Класс, что скажешь. -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] Tor in the command line Linux
On Sun, Nov 01, 2015 at 04:47:04PM +, Leo Francisco wrote: > This should be reported as an urgent accessibility bug to the Tails team > also. If anyone could help this gentleman out with that process, that > would be really amazing. > > It's super important that Tor/Tails is usable for people with extra > accessibility requirements. In fact I am interesting too how to configure transports without Firefox/GUI -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] [tor-dev] TB 5.0.3 for OpenBSD released
On Tue, Oct 27, 2015 at 12:14:29PM -0600, attila wrote: > The Tor BSD Diversity Project (TDP) is proud to announce the release of > Tor Browser (TB) version 5.0.3 for OpenBSD. Thank you very much for your effort. It is long awaited effort for people like me on OpenBSD. I have only one suggestion. Can you please build Tor Browser not only for -current but also for stable version like 5.7 and 5.8? Thank you very much! -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] TPP
On Tue, Oct 06, 2015 at 10:24:32AM -0700, AMuse wrote: > > Um, running TOR nodes to help keep a free internet alive. Then will come Americans and as always all be bombed and upend. > > On 2015-10-06 06:32, Danny Despair wrote: > > > Where do we even begin countering the catastrophe that is the Trans Pacific > > Partnership? Apparently it passed through today. Where were you when the > > internet officially died? > > > -- > tor-talk mailing list - tor-talk@lists.torproject.org > To unsubscribe or change other settings go to > https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk > -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] p2p(skype and other VOIP) blocked in .UZ
On Mon, Sep 14, 2015 at 03:11:19AM -0400, Griffin Boyce wrote: > For video chatting, I like using Talky.io . Using Skype with Tor doesn't > work very well. But Tor does work in Uzbekistan and Russia. During some > blocking events, you may need to use a bridge or obfs3 bridge to connect to > the Tor network. Tor perfectly work in Russia. I'm writing through tor right now. -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] Privacy Badger
On Fri, Aug 28, 2015 at 08:05:17PM -0700, Mike Perry wrote: Garrett Robinson: On 8/28/15 7:01 PM, Mike Perry wrote: sg.i...@email-postfach.info: Hi guys and girls, are there security issues using the privacy badger from eff.org with the tor browser ? Or: Is there are a need to use privacy badger or is this utility dispensable ? The filters in use by Privacy Badger are fingerprintable - it is possible for sites to determine that you have it installed. Since Privacy Badger uses a learning heuristic based on the sites you visit, it actually might possible for it to leak information about your browsing history too. Yikes! I didn't know this. This is especially bad, especially if Privacy Badger has custom storage mechanisms for this that aren't cleared regularly (which you touch on below). It may also result in browsing history leaking to disk, which wouldn't normally happen in the default Tor Browser. Mike, I'm interesting, You personaly are using some adblockers or Noscript in Your everyday webserfing? -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] Profiling Tor users via keystrokes
On Fri, Jul 31, 2015 at 10:42:49AM +0200, fatal wrote: win10 analyses keystrokes by default: Windows 10 generates advertising-IDs for everyone. The informations Win10 transmitts by default are (among other things): - location of device - browser history - favorites - which Aaps are installed from the windows store - and data for input-personification. this includes biometrical data of pronunciation (cortana), writing style (handwirting) and how the user types on windows devices. *unbelievably* I am realy don't understand Windows users. How is it possible to tolerate such an attitude to yourself by Microsoft, for-profit corporation. -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] Invaded by disconnect.me
On Fri, Jun 05, 2015 at 09:06:32PM -0500, Joe Btfsplk wrote: Don't know much about Disconnect, except what their Privacy Policy states. (and that they are a U.S. company?) https://disconnect.me/privacy 3. We share your personal info only when legally required, or when reasonably necessary to prevent harm in an emergency situation. 4. We retain your personal info, excluding info you make public, for no more than 30 days _after you request_ deletion. They have already changed Privacy states. Now they sound more pleasant and wordy. Shit tactics. -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] Invaded by disconnect.me
On Fri, Jun 05, 2015 at 09:06:32PM -0500, Joe Btfsplk wrote: Don't know much about Disconnect, except what their Privacy Policy states. (and that they are a U.S. company?) https://disconnect.me/privacy Yes, they are US company. -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] Invaded by disconnect.me
On Fri, Jun 05, 2015 at 09:06:32PM -0500, Joe Btfsplk wrote: Don't know much about Disconnect, except what their Privacy Policy states. (and that they are a U.S. company?) https://disconnect.me/privacy 3. We share your personal info only when legally required, or when reasonably necessary to prevent harm in an emergency situation. 4. We retain your personal info, excluding info you make public, for no more than 30 days _after you request_ deletion. Would that raise questions if it's the best choice for Tor users? I raised the same question, with almost the same arguments in another thread. But they are donating money (as it became known in another thread too) so... -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] Invaded by disconnect.me
On Tue, Jun 02, 2015 at 12:54:55AM -0600, Mirimir wrote: On 06/02/2015 12:37 AM, Andreas Krey wrote: On Mon, 01 Jun 2015 20:06:47 +, Mirimir wrote: ... DuckDuckgo's search results are pretty much useless, a waste of time. In my experience ddg got a lot better recently (year-ish); I stayed there during the startpage default. Seldom needed to go to google. But then, you can just select what you like to use (modulo anonymity set). Andreas Fair enough. Maybe I'm pickier, and care less about anonymity ;) But what do you think of the current Disconnect default? It's US company (StartPage not), they're obligated disclose ALL requisite information to USG. Also from their Terms: By submitting, posting, or displaying content as part of the Services, you give Disconnect the right to use such content It is VERY questionable to enable Disconnect as search engine by default in TBB. It is doubly questionable after their money donation. -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] Invaded by disconnect.me
On Mon, Jun 01, 2015 at 02:55:39AM -, Paul A. Crable wrote: Perhaps someone could help me here. On version 4.5.1 of the Tor (Firefox) browser, the search field, to the right of the place to enter the URL, now has a symbol on it that is proprietary to disconnect.me. I have also found that while working on the WWW, from time to time a screen comes up from direct.me asking me to enter search terms and to select the search engine to use. It appears that disconnect.me has hijacked the search field in Foxfile, and also found a way to interpose it's own search screen when URL's cannot be found. I have done nothing to make this happen, and unfortunately don't know what I can do to make it go away. Can anyone explain why this is happening? Until now the default search engine for Tor was Start Page, but that's gone. Is Tor no longer using Start Page as the default search engine? I expect this kind of thing with a standard browser, but I thought Tor and Foxfile had pretty well locked things down to prevent this kind of thing happening. Start Page was changed to disconnect.me in one of the latest releases as search engine by default. -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] TorBirdy and Gmail (continuation)
On Sun, May 24, 2015 at 05:46:20PM +0100, James Anslow wrote: `using Two-Factor Authentication (mobile phone) and assigning an Application password to Thunderbird` I have used 2FA since creating my account and created an application specific password for Thunderbird (icedove actually). Still, the issue persists. What's the purpose using TOR when Google already know who you are and even know your phone number? -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] TorBirdy and Gmail (continuation)
On Sun, May 24, 2015 at 07:04:45PM +, Juan Miguel Navarro Martínez wrote: Артур Истомин: On Sun, May 24, 2015 at 05:46:20PM +0100, James Anslow wrote: `using Two-Factor Authentication (mobile phone) and assigning an Application password to Thunderbird` I have used 2FA since creating my account and created an application specific password for Thunderbird (icedove actually). Still, the issue persists. What's the purpose using TOR when Google already know who you are and even know your phone number? Because you may have two Email Service Provider groups: Used-in-clearnet ESP accounts: Hotmail, Gmail, Yahoo, etc... Tor-only ESP accounts: Riseup, Lavaboom, Openmailbox, Austiciti, Cock.li, etc... The problem is Thunderbird+TorMail doesn't have a specific proxy configuration for each account. So every account will use Tor Socks5 proxy. If Hotmail, Gmail or Yahoo has problems with Tor being used, you need to find a way for it to work. Hotmail isn't complaining about Tor as far as I know, Gmail does but should be solved and I don't know about Yahoo. Perhaps Thunderbird's profiles more convenient way for you: http://mzl.la/1ApHkva -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] Hi!
On Sat, Apr 04, 2015 at 12:56:45AM +0400, gary02121...@openmailbox.org wrote: How could I speed up my Tor connection? It's slow again :( You need kill 3 child before. It's proved method. On 04/04/2015 12:46 AM, blo...@openmailbox.org wrote: On 2015-04-03 20:13, Alexis Wattel wrote: Sure! Glad to help! PS. I know this is vague but please ask away for anything you guys are not clear about or something. Malicious uses of Tor include child raping through the use of an anonymising onion condom. This is not funny. I was raped by Tor condom last year and now I am totally fucked up. I go mad and do crazy shit. My mom is so upset with Tor. She sued for 1 billion dollars but the Tor people are really well connected. They are evil and worship Satan. -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] Are webmail providers biased against Tor?
On Mon, Mar 16, 2015 at 01:40:08PM -0600, Mirimir wrote: On 03/16/2015 04:52 AM, blo...@openmailbox.org wrote: I have noticed that when I try to login to my Gmail or Hotmail accounts with Tor, I invariably get asked to validate myself (e.g. receive an SMS). This is understandably due my IP being in a different country from the usual IPs that I use to sign in. However, I have experimented with StrictExitNodes. I am in New York and have used a number of New York exit nodes. I still get asked to verify. I am wondering if Tor developers or experienced users know (for a fact) whether or not this is normal or whether using an exit node automatically makes Gmail and Hotmail think that a hacker is attempting to access the accounts. This is not a case of a website e.g. Craigslist blocking Tor. It is whether the use of an exit node IP automatically engenders scrutiny from whatever security algorithms certain webmail providers use. Use a Tor-friendly email provider, such as https://vfemail.net [available at https://344c6kbnjnljjzlz.onion] or https://cock.li [sense of humor required]. All big russian e-mail service tor-friendly. E.g. Yandex.ru, biggest from them (i am with them throught tor). Other rambler.ru and mail.ru. -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] Belarus just banned Tor and other censorship circumvention tools
On Wed, Feb 25, 2015 at 02:22:29PM +, Anton Nesterov wrote: 11. If government inspection find Internet resources or anonymity tools (proxy servers, anonymous networks like Tor, and so on), which can be used to get access for Internet resources with limited access, they should add identifier of that Internet resources or anonymity tools to the list of limited access. http://pravo.by/main.aspx?guid=12551p0=T21503059p1=1p5=0 text (Russian) It is bad. But in fact it is that all developed states doing right now (e.g. UK) -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] Russia to ban Tor (?)
On Sun, Feb 15, 2015 at 08:57:40AM +, W. Greenhouse wrote: Артур Истомин art.is...@yandex.ru writes: Russian business is heavily VPN/proxy-dependent not more than US business in US. Or Indian business in India. Fair enough; the РБК article cited 25 percent of Russian Internet users as being VPN/proxy users and also mentioned the reliance of particular sectors like ATMs on proxied connections. It's hard to know what such a data point means without comparison to other countries, though. We also have a negative experience with blocking Internet resources. People are very skeptical (and sarcastic) about the explanations of these blocks (PD, terrorism etc). Blocks cause irritation to people when they do not see their true causes. So no, I do not think that such initiatives will take place in the next few years. I hope, and suspect, that you're correct, especially if this has been debated every year since 2012 with no result. Actualy, I am calm about it because there is *no debate*, neithere in parliament nor in IT-community. Quite simply, the man jush expressed his opinion. -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] Russia to ban Tor (?)
On Sun, Feb 15, 2015 at 12:55:40AM +, W. Greenhouse wrote: Oops, I meant 5 February--it's even right there in the url. :-P According to this article, the part of this bill that might be overreach is that Russian business is heavily VPN- and proxy-dependent. A regulation trying to impose ID requirements on users of public wifi died because even the City of Moscow (which provides wifi in public parks, awesome) disn't want to enforce it. I wonder if this will die similarly. Russian business is heavily VPN/proxy-dependent not more than US business in US. Or Indian business in India. We have many very stupid legislators. From time to time, such idiotic proposals received. But it must be said that parlamient in Russia avoids enact technical laws, because historicaly they have almost always faiiled. We also have a negative experience with blocking Internet resources. People are very skeptical (and sarcastic) about the explanations of these blocks (PD, terrorism etc). Blocks cause irritation to people when they do not see their true causes. So no, I do not think that such initiatives will take place in the next few years. -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] Platform diversity in Tor network [was: OpenBSD doc/TUNING]
On Wed, Nov 05, 2014 at 10:15:48AM -0600, Tom Ritter wrote: On 5 November 2014 03:04, grarpamp grarp...@gmail.com wrote: On Tue, Nov 4, 2014 at 12:25 PM, Libertas liber...@mykolab.com wrote: I think it would be a good idea to add OpenBSD to doc/TUNING because [...] promoting OpenBSD relays benefits the Tor network's security. Absolutely. Not just due to OpenBSD's security positioning, but moreso from network diversity. Windows is its own world. I tried installing OpenBSD once... it was tough, heh. Coming from a Windows background, I like the idea of running more nodes on (up-to-date, maintained) Windows servers. Using Windows + Tor contradicts with the fact of collusion US corporations with US government to commandeer Internet. I'll also throw out the obvious that if we're talking about diversity for the purposes of security, the network-accessible parts of tor rely on OpenSSL, which would probably be difficult to swap out, but might be worth it as an experiment. Even if it's to LibreSSL. Maybe the zlib library also, but that one's had a lot fewer problems than OpenSSL. If I remember correctly there was commit(s) for libressl support. -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] go impeachman go 2
On Mon, Nov 03, 2014 at 06:37:47PM +, raiogam mestri wrote: Position yourself against the Bolivarian communist expansion in Brazil promoted by the administration of Dilma RousseffOn 10/26, Dilma Rousseff was reelected, and will continue his party's plan to establish a communist regime in Brazil - the Bolivarian molds propounded by the Foro de São Paulo. We know that in the eyes of the international community, the election was fully democratic, but the ballot boxes used are not reliable, apart from the fact the heads of the judiciary, are mostly members of the winning party. Social policies also influenced the choice of the president, and people were threatened with losing their food allowance if they do not re-elect Dilma. We call a White House position in relation to communist expansion in Latin America. Brazil does not want and will not be a new Venezuela, and the USA that need help the promoters of democracy and freedom in Brazil. What's wrong with communism? One-third of my life I lived in USSR. With all the negative aspects of the regime that was in the Soviet Union, I want to tell you about the three things that I perceive as the abnormal, but which were the norms, when my country rush into capitalism: 1. Misery. The first time I gave alms in the early 90s in Moscow. I vividly remember this moment, because at that time my father had to explain to me what the heck is going on and why these people are sitting and begging for money. We did not know that this is the norm. 2. Education. We did not know that education may not be available to someone or that it can be paid and unequal access. My grandfather was educated at BMSTU (it's something like the US's MIT). Free. He was from rural areas. Today, to get an education at this university, you must be either a genius or rich or have a clout. 3. Paid health care. My parents visit only private clinics. We visit only paid dentists. My sister gave birth in a private room and she was submitted by individual nurse. It is good that we have money. Yes, I forgot to say that my family is on average much wealthier than the general population of Russia. Last week I bought 300 square meters of office space in the city center. Eighteen months later, I'm counting my welfare increase in the half. ..Paid health - nonsense. All people should have equal access to health care. Totaly free. Give people three things: food, warmth and shelter. And you do not have to call for help to the United States to combat the evil and dangerous сommunists. -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] Facebook brute forcing hidden services
On Sat, Nov 01, 2014 at 04:22:22AM -0400, grarpamp wrote: I would never use this unless you were actually censored from accessing facebook via clearnet. All it will do is serve to officially tell facebook that you are a tor user that FB can then further discriminate against as a class in the future once they start to lock down clearnet against exit nodes, travelers, etc or whatever their scheme is or will be. Remember, FB's official policy is still: - Real Names required - Phone Numbers / ID required - DOB required - Gender required - Email required - Etc required - Users are the product that is being mined and sold and shared. Such non optional elements, and choices, powers and rights removed from the user, are in direct opposition to the principles of Tor and anonymity. Normally support for onion/i2p is good thing, but when still backed by crap like this it's largely meaningless. I think your point is very true. Also I forsee that such strategy will be adopted by another corporations like Google, Twitter and other. It is absolutely pointless to create another entry point for users, except for the purpose of categorization of users to facilitate their further monetization. This is done in the interests of corporations, not in the interests of the people. I believe we should boicot such initiative from corporations in favor our onw interests. They should create equal conditions for access to information for all users. -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] DogecoinDark Cryptocurrency is now fully dark using Tor
On Sat, Nov 01, 2014 at 07:50:24PM -0700, bm-2cuqbqhfvdhuy34zcpl3pngkplueeer...@bitmessage.ch wrote: Please stop doing masked advertising to this mail list. What makes a client sure that DogecoinDark software protects them against malicious peers feeding them scrambled data? What are the protections? Why the hell would someone use DogecoinDark anyway? Who si that dumb? Tor community is not a suitable target for cheap scams using altcoins. Users here are much more smarter than that. DogecoinDark is yet another altcoin appeared like a mushroom after the rain, with no solid background and no academic research, designed to make someone rich over night for a thing which very well might fail (and it will). If anyone would use a cryptocurrency, they will use Bitcoin for so many reasons, starting with technical specification which is much better researched and understood by academics and developers (ECDSA, SHA256) and the enormous sum invested in mining hardware as well as electricity bill for these machines. P.S. Rather than naming altcoins fancy (like dogecoin, dogecoindark, dogecoinlight, DogecoinSpicy, DogeCoinSweet, DogeCoinSalted, FeatherCoin, whatever (source http://coinmarketcap.com/), you should name them as: scamcoin1 scamcoin2 scamcoin3 scamcoin4[...]scamcoin150 makes it easier for people to make reference to them. Why so much negative emotions? :) Dogecoin one of three most famous cryptocurrency. Or are you against cryptocurrency in general? -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] Bitcoin over Tor isn’t a good idea (Alex Biryukov / Ivan Pustogarov story)
On Thu, Oct 30, 2014 at 08:31:14AM +0100, Öyvind Saether wrote: How it affect innocent bitcoin users with tainted bitcoins? Bitcoins come back to user' wallets? Do not worry about tained coins or likely-US-government-agent Mike Hearn (who I, just for the record, view as a total doucebag). All Bitcoins are equal or BTC is a worthless currency. Imagine going into a store with a $1000 bill and being told that you can not pay with it because someone used it to snort cocaine at some point (90% of those in circulation really do have traces of cocaine on them). Would you trust the USD, accept it or use it after such an experience? If those tained coins coins advocates get that idiotic idea into Bitcoin when you'll see BTC at $0.01 within days and some altcoin will take it's place. I absolutely agree with your point. But I more worry about what will happen with bitcoins sending through such nodes. If I understand correctly bitcoin protocol/net (but I have very superficial knowledge about it), bitcoins in such case should return to sender's wallet after a while. -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] Bitcoin over Tor isn’t a good idea (Alex Biryukov / Ivan Pustogarov story)
On Mon, Oct 27, 2014 at 03:58:56PM -0400, grarpamp wrote: On Thu, Oct 23, 2014 at 7:35 PM, Erik de Castro Lopo mle+to...@mega-nerd.com wrote: http://arxiv.org/pdf/1410.6079v1.pdf Could this situation be improved if people ran limited exit nodes that only alloed the bitcoin p2p protocol to exit? I for one don't have enough There are about ten exit nodes that do only this today. [One of which is run by Mike Hearn who has advocated building in censorship capabilities to Tor, and blocking (historically) tainted coins (such as you have now or might receive through otherwise completely innocent transactions with you, or from your own trans/mixing with others).] How it affect innocent bitcoin users with tainted bitcoins? Bitcoins come back to user' wallets? -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] Putin to isolate Russia’s internet?
On Fri, Sep 19, 2014 at 11:33:57PM +0100, Nick Sheppard wrote: Interesting Guardian article today: Putin considers plan to unplug Russia from the internet 'in an emergency'. http://www.theguardian.com/world/2014/sep/19/vladimir-putin-plan-unplug-russia-internet-emergency-kremlin-moscow Yes, I'm tired of explaining to all my relatives and friends that the internet is the last thing they think about in the case of such 'emergency'. And yes, my much loved parents now have another argument against the bloody regime of Putin. -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
[tor-talk] torsocks with mutt
System: Debian testing with all latest updates torsocks version: 2.0.0 from repo tor version from latest Tor browser bundle Relevant part of torsocks's log file: DEBUG torsocks[7646]: [getpeername] Requesting address on socket 5 (in tsocks_getpeername() at getpeername.c:37) DEBUG torsocks[7646]: [getaddrinfo] Requesting 127.0.0.1 hostname (in tsocks_getaddrinfo() at getaddrinfo.c:44) DEBUG torsocks[7646]: [getaddrinfo] Node 127.0.0.1 will be passed to the libc call (in tsocks_getaddrinfo() at getaddrinfo.c:104) DEBUG torsocks[7646]: [getaddrinfo] Requesting 127.0.0.1 hostname (in tsocks_getaddrinfo() at getaddrinfo.c:44) DEBUG torsocks[7646]: [getaddrinfo] Node 127.0.0.1 will be passed to the libc call (in tsocks_getaddrinfo() at getaddrinfo.c:104) DEBUG torsocks[7646]: [getaddrinfo] Requesting darkstar hostname (in tsocks_getaddrinfo() at getaddrinfo.c:44) DEBUG torsocks[7646]: Resolving darkstar on the Tor network (in tsocks_tor_resolve() at torsocks.c:485) DEBUG torsocks[7646]: Setting up a connection to the Tor network on fd 6 (in setup_tor_connection() at torsocks.c:331) DEBUG torsocks[7646]: Socks5 sending method ver: 5, nmethods 0x01, methods 0x00 (in socks5_send_method() at socks5.c:212) DEBUG torsocks[7646]: Socks5 received method ver: 5, method 0x00 (in socks5_recv_method() at socks5.c:245) DEBUG torsocks[7646]: [socks5] Resolve for $HOSTNAME sent successfully (in socks5_send_resolve_request() at socks5.c:613) ERROR torsocks[7646]: Unable to resolve. Status reply: 4 (in socks5_recv_resolve_reply() at socks5.c:657) Am I right that it is mutt's request for resolving $HOSTNAME (it is local machine's name)? Are there any perils to request to resolve local machine's name _to Tor network_ (yes, I know about local machine's name also in mail's headers)? -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] Wired Story on Uncovering Users of Hidden Services.
On Wed, Sep 10, 2014 at 12:26:03AM -0400, Griffin Boyce wrote: Kyle Maxwell wrote: Griffin Boyce wrote: Actually, no, I *am* surprised that they decided to not even bother trying to gift malware to Mac or Linux users. Probably just playing the odds, I'd suspect. Though they could've examined the access logs at some point - do we know either way on that? Hey Kyle, With Freedom Hosting, I actually don't know. It seems like few technical details have come out of that case. However, I *do* know that they'd been hacked at various points, and the service had very poor security overall. The restrictions in place did not actually prevent php files from creating *other* types of scripts... Their sandboxing was reputedly quite bad, and for years they had no restrictions on resources that users could utilize. So creating an app designed to expand to occupy all resources on the server until it crashed was highly effective. The server itself may not even have kept access logs. It's unclear. With SilkRoad[2], supposedly investigators imaged the entire drive, so this should still be possible. In any case, I think it's important to avoid taking the investigators' statements at face value. Weev mentioned that investigators made dubious technical statements in some places, and while I haven't read all of the documents to come out about this case, that's certainly within the realm of possibility. There are likely still details that haven't come out yet about both cases (though I can't know for sure) and it's not entirely clear what level of technical expertise various people have. Things that are important to note for hidden service operators: - Firewall rules are really useful for keeping out unwarranted scrutiny. - Don't hardcode your IP address in any links (though this is one of the least-likely theories). - Having a pseudonym isn't a replacement for excellent security practices. - Don't run a hidden service host. - For best security, run your own services rather than relying on someone else's security. I feel like this is often overlooked in the name of easiness but it's really important IMO. [1] Is it does not contradict with previous statement about don't run a hidden service host? -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] Wired Story on Uncovering Users of Hidden Services.
On Mon, Sep 08, 2014 at 04:31:30AM -0400, Griffin Boyce wrote: Mirimir wrote: Also interesting is the fact that Magneto is a _Windows_ executable ;) Unsurprising Facts: Volume 1 ;-) Actually, no, I *am* surprised that they decided to not even bother trying to gift malware to Mac or Linux users. apparently all pedos are windoz-users -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] Tor Browser Bundle 3.6.3: bad start
On Sun, Sep 07, 2014 at 11:36:59AM +0100, Geoff Down wrote: Same problem on Win7 with 3.6.5 - browser sometimes fails to open. On Sun, Sep 7, 2014, at 08:51 AM, Hartmut Haase wrote: Hi, sometimes when I try to start Tor, firefox will also be started, but there is no Tor Browser-window. I have to start several times until it works. That's not really helpfull. On Linux the same problem sometime. -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] BBC Horizon: Inside the Dark Web
On Fri, Sep 05, 2014 at 09:24:21PM -0700, bm-2cu3w6ptnehgt249n69qkxueashdyvc...@bitmessage.ch wrote: I'm still watching it, but it seems relatively balanced, and features interviews with Bruce Schneier, Jacob Applebaum, Julian Assange, Tim Berners-Lee and so on. until the pathologically press starved JA twins appeared-desperate for relevance-almost decent was the episode. beyond me why tor continues to fund and care about these two. for jakey's nearly $100,000 salary, tor could hire fleet of half-drunk russian coders to fix all bugs and flaws in the code. would cut down on the amount of crapware produced by the same drunks and do the world a favor. Ok, I'am here. No need fleet ) -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] website-design
On Fri, Aug 15, 2014 at 10:52:15AM +0200, Tim Jahn wrote: hi! i'm a graphic designer from austria and want to make you an offer: i would like to do a free redesign of your website, inclusive a new logo, within the next few months. i will restructure the site, optimize the hierarchies and give it a new appearance. if you like it you can take it, if you think of a few changes, we can talk about them and if you don't want to take it you leave it and i have done some work for my portfolio Stop doing anything with logo! Last time, the new logo looked like a dead man's dessected balls ;( i look forward to hearing from you soon. tim jahn -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] Questions about NSA monitoring of Tor users.
On Mon, Jul 14, 2014 at 12:17:14PM +, Patrick Schleizer wrote: Nice graphic. Looks similar for any country! Exponential growth of debts. But not because mainly more and more money is wasted, it is the money system itself that is broken. One of the biggest frauds ever. Who has the right to create fiat money out of nothing? How exactly does money creation work? Why is it that almost all countries are indebted? And those not indebted, have minor funds in comparison to others debt, don't hold the balance that others owe to them. If you take a balance of all governments worldwide, debts are exponentially growing. To whom do they owe the money? In the fiat money system, amount of money in circulation equals debts. Yes, even if you personally don't have any debts, all paper and book money is only in circulation, because someone else made a debt. Pay back a loan, and money gets literally destroy. If everyone could pay back their loan, there would be no more money in circulation. One problem with this system is, someone earns interest for the money in circulation. So I can only encourage you to learn about the money system. Get information from official sources. Read different opinions on how to interpret it. Then try to conclude if it is a fair system or a fraud system where few get richer at expense of everyone else. Interesting think. What do you advise to read? -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] Are there any reputable .onion hosting providers?
On Fri, Jul 11, 2014 at 08:33:52PM +, simonsn...@openmailbox.org wrote: I don't understand how to set-up an .onion domain. I've read this (https://www.torproject.org/docs/tor-hidden-service.html.en) but, for now, I would like a hosting provider to host my .onion domain. Finding one, however, isn't easy. I paid 0.1 BTC to http://7zzohostingx4mes.onion/terms.html although, almost two weeks later, I've not had any kind of reply to my numerous requests. Can anyone please provide me with the address of a reputable .onion hosting company? I can't say about reputable onion hosting providers, but hoster http://cyruservvvklto2l.onion subscribed to this mail-list and sometimes writing here. Also here is some links http://cyruservvvklto2l.onion/forums/business/why-your-service-better-34 I have no relation to any of them. About http://cyruservvvklto2l.onion I learned from signature one e-mail from this mail-list (I guess this is the hoster). It is very young business, so don't trust anyone without one-two positive comments and/or free trial. -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] Flash executables keep starting in background when using TBB
On Tue, Jun 17, 2014 at 02:12:37PM -0500, Joe Btfsplk wrote: On 6/17/2014 12:33 PM, Артур Истомин wrote: On Tue, Jun 17, 2014 at 11:23:53AM -0500, Joe Btfsplk wrote: I'd still really like some help on finding what calls / causes the 2 flash .exe files to start in background. They're ALWAYS shown by Process Explorer, in the *same process tree - directly under TBB.* Is there a way to determine / log, *if another process is calling* those 2 files, or if determine if TBB, or Flash, is calling the 2 files to start? Even though _no Flash vids are ever played_. Below - Some additional replies to previous comments. I can't reproduce your problem. There are two legitimate flash-player processes under firefox (not tor's firefox). 1. Update your system. Update flash-player (there is version 14 already). Update tor-browser if not already. Run antivirus. Reboot. 2. Do not run any software. Run only tor-browser. Make sure flash-player disabled in settings. Go to https://helpx.adobe.com/flash-player.html Click Check Now (Not installed? Good.) 3. Run Process Explorer. Make screenshot with tor process and upload it for us. Are you saying you have Flash processes running under Fx (not TBB)? 1) Did you use Flash player in Fx, that would have started them, or do you not know what started them? It was started after visiting https://helpx.adobe.com/flash-player.html and clicking Check Now 2) Updating Flash: this has existed _over many Flash TBB versions_. Each Flash ver. is completely uninstalled, before installing new one. Each TBB version is installed to new folder. An infection is very low probability. No other signs AV doesn't detect anything. Besides, AFAIK, the Flash files just sit there. They show a very few I/O bytes after starting, then nothing - for hours after the starting time stamp. I tested in virtual machine with almost clean installed Windows 7. Can't reproduce. 3) Yeah, I'd be happy to upload a Process Explorer screen - not sure I can do that, unless the list *will allow jpg attachments?* Will it? any image hosting, dropbox, zalil.ru 4) It's been very hard to predict or catch the Flash files starting. When I try visiting sites w/ Flash content that might start them, they don't start (short of playing Flash content, which I never do in TBB). It hasn't happened in last several days of using TBB. 5) /Do not run any software. Run only tor-browser/ That would mean a *long time* w/o use of my computer - possibly days, weeks. It's not like it happens within 30 min. (or at all), every time I use TBB. It does not happen every TBB session. When I catch the files running, I've tried re-visiting pages I may have visited recently, w/o success at reproducing it. But, sometimes the files have been running a good while revisiting every single page PLUS *repeating exact navigation / clicks* on all pages may be nearly impossible. That's why I'm here. If it was easily quickly reproducible, I probably wouldn't need to ask for help. I have no proof yet, but one theory is some websites could have java script, or 3rd parties - that NoScript somehow doesn't block. I generally don't leave Scripts globally allowed enabled. That doesn't mean something can't slip by. Occasionally, sites require js from their base domain to even load or navigate a page. If you enable it, there could? be code, that tries to start Flash player, to automatically load or play some content. I'm just guessing. It is all possible. But it is serious security bug. There are two instances firefox.exe in Process Explorer if you run ordinary firefox and tor-browser. One - Mozilla Firefox, second - Tor Firefox. Both named firefox.exe and differ in icons. First has descendants - plugin-container.exe and flash players, if you visit page with flash. Second - one descendant - tor.exe. Can be in this confusion? Maybe you confused these two processes and their respective descendants? -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] Flash executables keep starting in background when using TBB
On Tue, Jun 17, 2014 at 11:23:53AM -0500, Joe Btfsplk wrote: I'd still really like some help on finding what calls / causes the 2 flash .exe files to start in background. They're ALWAYS shown by Process Explorer, in the *same process tree - directly under TBB.* Is there a way to determine / log, *if another process is calling* those 2 files, or if determine if TBB, or Flash, is calling the 2 files to start? Even though _no Flash vids are ever played_. Below - Some additional replies to previous comments. I can't reproduce your problem. There are two legitimate flash-player processes under firefox (not tor's firefox). 1. Update your system. Update flash-player (there is version 14 already). Update tor-browser if not already. Run antivirus. Reboot. 2. Do not run any software. Run only tor-browser. Make sure flash-player disabled in settings. Go to https://helpx.adobe.com/flash-player.html Click Check Now (Not installed? Good.) 3. Run Process Explorer. Make screenshot with tor process and upload it for us. -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] Non-free country law preventing Tor from getting donations
On Sun, Jun 15, 2014 at 04:17:44PM -0500, Joe Btfsplk wrote: As long as funding doesn't come with strings, there's no problem with accepting it. Very true - more so w/ people already using Tor or those that would never look at how Tor is funded. But if some sayings were ever true, it's, Perception is reality, and You're judged by the company you keep. People on the outside looking in, see an organization, whose primary purpose is to provide means to protect privacy, *especially* from gov't agencies, but the major portion of their funding comes FROM a gov't agency. I'm sorry - but no matter how much I or anyone else loves Tor, to many thinking outsiders, it would appear quite fishy (if they know that funding fact). It just don't look right. I think it's fishy - _ I like Tor_. If I'd actually known that fact before I used it, I'd have thought something wasn't right. It may be, if they really want to grow the Tor user base (continually), it may have to appeal to a broader audience, for many of whom the funding source issue may well be a stumbling block. Very true. In Russia, question do you know who funded torproject? (assuming US gov.) arises constantly in disputes about the safety of tor. It is a very stupid argument. But with anti-American sentiment in mind, it sounds convincing for people not versed in the matter. -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] Non-free country law preventing Tor from getting donations
On Sun, Jun 15, 2014 at 03:52:05PM -0400, grarpamp wrote: If Torproject ending it's close ties w/ U.S. military funding (by some means) isn't important for it's reputation appearance to the broader internet community, I'm not sure what is. The code is open for inspection so it's not an overt issue, and the cash funds a lot of good research. Outright bribery or force here's a million or an NSL/order, don't implement this, has a reasonably good chance of resulting in a sitdown protest closure of the project. So the only issue I see is covert, here's a million, go research this (which might keep you too busy to discover or implement this other thing we don't like). Yes, the US is a curious home for tor in these regards. Yet moving it someplace else will have a different set of pressures (though probably lesser), a different set of donors, coders, etc. Ordinary people do not know this word code (especially open source). They believe that the piper calls the tune. And in fact it is very difficult to argue with such a statement without falling into the technical details (code is open) -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] Non-free country law preventing Tor from getting donations
On Mon, Jun 16, 2014 at 09:00:24AM +0200, Öyvind Saether wrote: Ordinary people do not know this word code (especially open source). They believe that the piper calls the tune. And in fact it is very difficult to argue with such a statement without falling into the technical details (code is open) code is open means NOTHING, so sorry - just look at OpenSSL. That open code is somehow safe is a completely false myth. It is very easy to insert bugs that result in huge security holes into any open code project and we have seen more than enough examples of this to keep wearing blinders and pretend that the code is available means that the code is safe. Much easier insert backdoor into proprietary software. Even hide nothing/nowhere code is audited means a tiny bit more. I would really like to see some truly independent audit. Such an audit could (like Tor itself) be funded using cryptocurrencies like Bitcoin so that governments can not easily prevent donations. Agreed 100%. Today it is more important than auditing TrueCrypt. -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] Non-free country law preventing Tor from getting donations
On Mon, Jun 16, 2014 at 04:28:06PM -0300, Juan wrote: On Mon, 16 Jun 2014 05:41:32 + Артур Истомин art.is...@yandex.ru wrote: Very true. In Russia, question do you know who funded torproject? (assuming US gov.) arises constantly in disputes about the safety of tor. It is a very stupid argument. Not at all. It is a perfectly rational line of reasoning. But with anti-American sentiment in mind, it sounds convincing for people not versed in the matter. ´anti american sentiment´ is a rational response to the actions of the US government and its supporters. If you are not revolted by the criminal actions of these sick animals., then there´s something wrong with your moral sentiments. I take it that you as a russian dont trust your own government. And that ´anti russian sentiment´ is rational. However distrusting the russian governmet while trusting the american government is...a pretty bad idea. Anti-American sentiment in Russia - 50% propaganda. Both govs are sick animals IMO. I don't trust any of them. -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] Non-free country law preventing Tor from getting donations
On Mon, Jun 16, 2014 at 04:26:43PM -0300, Juan wrote: On Mon, 16 Jun 2014 08:43:06 + Артур Истомин art.is...@yandex.ru wrote: On Mon, Jun 16, 2014 at 09:00:24AM +0200, Öyvind Saether wrote: Ordinary people do not know this word code (especially open source). They believe that the piper calls the tune. And in fact it is very difficult to argue with such a statement without falling into the technical details (code is open) code is open means NOTHING, so sorry - just look at OpenSSL. That open code is somehow safe is a completely false myth. It is very easy to insert bugs that result in huge security holes into any open code project and we have seen more than enough examples of this to keep wearing blinders and pretend that the code is available means that the code is safe. Much easier insert backdoor into proprietary software. Even hide nothing/nowhere Irrelevant. The discussion isnt about closed vs open source. That open code is somehow safe is a completely false myth... How is it irrelevant? But since you mention it... people ´trust´ open source code more because it is allegedly harder to subvert. It may be harder. Or not. But at the end of the day, subverted open source code is as bad, or worse, than subverted closed source code. empty words code is audited means a tiny bit more. I would really like to see some truly independent audit. Such an audit could (like Tor itself) be funded using cryptocurrencies like Bitcoin so that governments can not easily prevent donations. Agreed 100%. Today it is more important than auditing TrueCrypt. -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] Case examples of people deanonymized while using Tor?
On Tue, Jun 10, 2014 at 07:58:19AM -0400, Adrian Crenshaw wrote: In hindsight, most don't have time to watch, so here are the slides if you want to wade through them: https://www.dropbox.com/s/dfen626aruv89b3/Dropping%20Docs%20on%20Darknets%20How%20People%20Got%20Caught.pptx Thank you very much, Adrian. p.s. it is not about time, it is about understanding spoken English for people like me :) On Tue, Jun 10, 2014 at 7:47 AM, Adrian Crenshaw irong...@irongeek.com wrote: Sorry, I forgot to come back to post this Dropping Docs On Darknets: How People Got Caught - Adrian Crenshaw http://www.irongeek.com/i.php?page=videos/showmecon2014/2-03-dropping-docs-on-darknets-how-people-got-caught-adrian-crenshaw It was also accepted at Defcon, but Defcon is a pretty geeky crowd and I should not have to spend as much time to explain how Tor works to them. What other things should I add? On Tue, Mar 25, 2014 at 11:43 AM, Артур Истомин art.is...@yandex.ru wrote: On Thu, Mar 20, 2014 at 09:16:46AM +, Adrian Crenshaw wrote: It will be public after ShowMeCon. Going to do a private one next week as practice. Can you paste link on talk here after ShowMeCon please? -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk -- The ability to quote is a serviceable substitute for wit. ~ W. Somerset Maugham The ability to Google can be a serviceable substitute for technical knowledge. ~ Adrian D. Crenshaw -- The ability to quote is a serviceable substitute for wit. ~ W. Somerset Maugham The ability to Google can be a serviceable substitute for technical knowledge. ~ Adrian D. Crenshaw -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] Tor Icon Redesign
On Fri, May 02, 2014 at 05:07:04PM +0200, Frederic Jacobs wrote: Hi all, A friend of mine, designed a Tor logo for fun as a replacement of the current logo. Here’s what it looks like in the dock of a Mac: https://twitter.com/fredericjacobs/status/462239895055261696 And here’s a higher res version of it: http://cl.ly/VK82/firefox.png Feedback very welcome. It's sucks. Looks like dissected ball of deadman. -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] Orbot v14 alpha: obfsclient, Tor 0.2.5.3-alpha
On Fri, May 02, 2014 at 10:09:39PM -0400, Nathan Freitas wrote: On May 2, 2014 6:34:25 PM EDT, intrigeri intrig...@boum.org wrote: Hi, Nathan Freitas wrote (02 May 2014 19:44:35 GMT) : We are also experimenting with a switch to Polipo (https://github.com/jech/polipo.git) from Privoxy. Jacob was strongly advocating that we do the exact opposite change in Tails, so I'm curious why. Yes, it seems that when Polipo was removed from TBB (since it was no longer needed for Firefox proxying), that around the same time (2011?) there were some serious security bugs discovered, and development on Polipo was dormant. This led to Tor switching back to recommending Privoxy as the HTTP proxy for those that need one. However, Polipo is being actively maintained again, and the known issues addressed. I wanted to explore its use with Orbot because it does seem to use less memory than Privoxy, and is a bit faster as well. It is also cleaner to integrate due to the project being available as a git repo. If there is conclusive evidence or a community decision that Polipo must not be used, I am willing to follow that, but for now, we are experimenting in alpha-ville. But as I can say in TBB does not used nor polipo nor privoxy. What is the purpose of proxy for Orbit? -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] OTP two-factor auth in TAILS
On Thu, Apr 17, 2014 at 10:57:15AM -0300, J.M. Porup wrote: Would the TAILS developers consider including `oathtool` in the next release? This would enable those of us who run TAILS on DVD to use 2F auth in a secure manner. It is in debian repos, you can safely install it manualy. -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] Heartbleed bug / Mainstream information
On Mon, Apr 14, 2014 at 02:22:20PM -0400, Christopher J. Walters wrote: On 4/13/2014 4:54 PM, Артур Истомин wrote: On Sun, Apr 13, 2014 at 04:01:09PM -0400, Christopher J. Walters wrote: .snip. Yeah, we all know about this shit. But problem not NSA (they need a bomb under their building), problem about how many devices/software not fixed and can not be fixed, how many people suffer because of this? You can speak for everyone? That's amazing. I disagree on the NSA. They are a major part of the problem - they introduce vulnerabilities into the Internet Infrastructure and block them from being fixed. I have to wonder how many of their contractors had knowledge of this bug, and how many hackers got information about it from NSA contractors. I agree that it is a big problem of how many sites have not/will not/cannot be fixed and how many people will be hurt by it. It is also an issue of whether the fix for this bug *actually* fixes the bug, and whether this fix introduces new vulnerabilities into the software. So what is the problem? Let's demolish it! NSA - the moral and ethical issue for all humanity. This is not just spying on citizens of its own state or backdooring software/devices worldwide. -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] Heartbleed bug / Mainstream information
On Mon, Apr 14, 2014 at 10:19:52PM +0100, mick wrote: On Mon, 14 Apr 2014 16:48:04 -0400 Christopher J. Walters cwal...@comcast.net allegedly wrote: On 4/14/2014 4:40 PM, mick wrote: On Mon, 14 Apr 2014 15:03:09 -0400 Christopher J. Walters cwal...@comcast.net allegedly wrote: Or maybe Snowden really was just an attention seeker, who really knew nothing. That must be why the US sent a CIA kill squad after him - so he wouldn't spread conspiracy theories around. Do you have a reference (independent reporting) for that assertion that you could share? Mick What assertion? Never mind. This story is very old, and frankly I don't care whether you believe whatever assertion you are talking about. You asserted that the US sent a CIA kill squad after Snowden. I simply asked for an independent reference for that story. I am independent reference. I can confirm that such behavior of Empires is as old as hills. What references do you want for obvious and axiomatic things? -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] Is Tor network still vulnerable to Heartbleed?
On Mon, Apr 14, 2014 at 01:45:16PM +, antispa...@sent.at wrote: In his announcement, arma noted it would be a good idea to stay away from the Internet. Is it ok? Yeah, let's go to FIDO! :) The more you wait (without Internet), the more servers will be updated less likely that you'll find yourself a victim of this vulnerability in OpenSSL. But now this will probably never be zero. So relax and be happy :) -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] Heartbleed bug / Mainstream information
On Sun, Apr 13, 2014 at 04:01:09PM -0400, Christopher J. Walters wrote: The discussion on the Heatbleed bug has apparently stopped here, and just about everywhere else, but I found (courtesy of another mailing list), some more reports on it, that you may have not seen. These reports suggest the the NSA knew about and exploited the bug for at least two years, and may have even worked to stop it from being reported and fixed. http://www.bloomberg.com/news/2014-04-11/nsa-said-to-have-used-heartbleed-bug-exposing-consumers.html Shorter link to the above article: http://tinyurl.com/mq8owa2 Also, http://www.sfgate.com/opinion/editorials/article/Encryption-security-compromised-in-a-heartbeat-5396510.php Shorter link to the above article: http://tinyurl.com/kmmqkfv The NSA, or course, denies any knowledge, or exploitation of the bug, but you can read the article and make your own decisions on that. Yeah, we all know about this shit. But problem not NSA (they need a bomb under their building), problem about how many devices/software not fixed and can not be fixed, how many people suffer because of this? -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] Flight MH370 Missing makes me laugh
On Sat, Apr 12, 2014 at 08:53:52AM +0200, elrippo wrote: Hy community. Though this doesn't relate directly to TOR, it is a warning sign for the Future. None of this is in the news, broad media, people don't even talk about it. Watch the videos, read the articels and build your own opinion. https://www.youtube.com/watch?v=fzgQwDeP7eM https://www.youtube.com/watch?v=q2w3u8fcriA German - http://alles-schallundrauch.blogspot.co.at/2014/04/sind-die- passagier-in-diego-garcia.html Original - http://jimstonefreelance.com/phillipwood.html happy reading :D TLDR please! :) -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
[tor-talk] CAPTCHA for getting bridges too strong
It is very strong. I was trying more than ten times and did not solve it. I am realy do not need bridges, but for those who need, this way getting bridges (through web page and CAPTCHA) is useless. -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] Case examples of people deanonymized while using Tor?
On Thu, Mar 20, 2014 at 09:16:46AM +, Adrian Crenshaw wrote: It will be public after ShowMeCon. Going to do a private one next week as practice. Can you paste link on talk here after ShowMeCon please? -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] giving up pseudonymity after collecting experiences with pseudonymous project development
On Sat, Jan 18, 2014 at 01:09:39PM +, Patrick Schleizer wrote: You may have noticed that I, previously known only known under the pseudonym adrelanos, decided to give up my pseudonymity. It was an interesting experience to pseudonymously maintain a Linux distribution (Whonix). I've learned a lot during these ~ 2 years. I didn't have too bad luck in the lottery of life and are won a citizenship, which is at low risk compared to less lucky ones. Living in a country, where pseudonymity for this kind of activity isn't crucial. Fortunately, according to latest press, neither the US nor Germany are killing their own citizen for criticizing the system. That is, the mass surveillance police state, the military industrial complex, the system of economy, that needs exponential growth to prevent imploding. And so it doesn't become even worse, and better for the less lucky ones, it is important to speak out in public and to take action. Staying pseudonymous for such a long time became more and more a burden. For me, it is not healthy for psychology. When pseudonymously working a a project, you cannot tell anyone about it and they're wondering with what you never tell much. You need to constantly second guess every tiny action. Concentrate on not messing up. Also you'll never know if you already messed up and if they already know who you are. You only need to mess up once, and you're always linked to that project. Lucky me, I wasn't forced to stay pseudonymous for ever. I am looking forward to continue contributing to the awesome Free (as in freedom) Software community. Being no longer pseudonymous allows me to speak at conferences, to attend key singing parties, to meet up with other developers, to voice chat with other developers, to chat on IRC without fear of leaking too much information, to be less paranoid, sometimes even running searches in clearnet if that is more convenient, and so forth. I don't understand purpose of your post. Are you promote openness and transparency? -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
[tor-talk] News servers with tor-access
Are there any NNTP-servers with tor access? I tried reader443.eternal-september.org and news.aioe.org. Both rejected me posting due to tor using. Thanks. -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] Vidalia.
On Sat, Jan 04, 2014 at 09:57:19AM -0800, Bobby Brewster wrote: I see that Vidalia is no longer part of the TBB. What is the best way to monitor bandwith throughput? I always found this helpful when assessing the quality of the connection. It can be installed separately from https://people.torproject.org/~erinn/vidalia-standalone-bundles/ See answer to question Where did the world map (Vidalia) go? from https://trac.torproject.org/projects/tor/wiki/doc/TorBrowserBundle3FAQ -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
