[tor-talk] Fwd: add a fake cell in tor
Hi I need to implement an attack called a protocol level attack against tor which link is:Protocol level attack against tor linkhttp://www.umac.mo/rectors_office/docs/weizhao_cv/pub_refereed_journals/2013_ref_journals/ProtocolLevelAttackAgainstTor_CN_2013.pdf. And I need to add or delete a cell form a connection in a circuit. I dont know how to add a fake cell to a connection. how can I do this? -- --- Sina Najafi MSc Student of Data and Network Securioty Department of Computer Engineering SHarif University of Technology -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] Finger printing
Tor Button provides certain protections already. That's why its important to use Tor properly. Tor Browser Bundle is shipped with Tor Button installed: https://www.torproject.org/torbutton/ --SiNA On May 9, 2013 8:56 AM, Andrew F andrewfriedman...@gmail.com wrote: Some one in Tor-Dev said that finger printing of the system and video card in particular allows someone to be tracked as well as having a cookie on there system. That sound pretty serious to me. Anyone working on this issue? Do we have any projects on obfuscating Finger print data? Seems like it should be a top priority. ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] Cowardice and Hypocrisy
Hey Alex, You are correct, your IP is in the header and you got all kinds of open ports on your VM. If you mattered at all, you would have been owned by now. Learn how to use iptables, it will do you some good. I really tried to ignore you but you managed to get my attention :/ --SiNA Alex M (Coyo): Also note how I am not a coward. My IP address is right there in the headers. -- “Be the change you want to see in the world.” Gandhi ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] Can OpenVPN servers be run as Tor hidden services?
Yes its very much possible. You would have the client connect via socks proxy over Tor to .onion VPN server. On Mar 26, 2013 9:11 PM, mirimir miri...@riseup.net wrote: OpenVPN clients connect with servers via Tor in TCP mode. But can OpenVPN servers be run as Tor hidden services? I searched quite a bit, but didn't find anything. That's surprising, because (in retrospect) the idea seems so obvious. What am I missing? ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] Torproject.org Being Censored in Canada
Hi! Growing up in Toronto, I have many memories at Tim Hortons :) It seems that Tim Hortons is using some Wifi service that is rewriting torprojects.org's website: http://www.datavalet.com/index.php/en/services/guess-access-networks Can you try connecting to some mirrors: http://torproject.is/dist/ https://www.torservers.net/mirrors/torproject.org/dist/ All the best, SiNA Try Andrew Paolucci: Hello Gents, I made a disturbing discovery for me and my fellow Canucks today when I was sitting at a Tim Hortons(very popular coffee chain in Canada that provides free WiFi) enjoying my coffee while working on my laptop. When I went to venture to torproject.org to go lookup some documentation I encountered a invalid cert page from chrome, upon further investigation I found the cert that the server was providing was from a that provides IT services to said coffee chain. I also quick popped up nmap and did a quick traceroute and found the server not to be one of the ones regularly in the tor projects regular pool. At this point I am not sure how to proceed to see that this injustice is fixed. Below is a link to screenshots that I took and a export version of the bad cert. http://imgur.com/a/h3kXB https://dl.dropbox.com/u/3449800/badtor.cer Regards, -- “Be the change you want to see in the world.” Gandhi ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] Tor Community in Orange County - California
I am having a hard time reaching interested people ... But let's try to make this happen anyways, everyone needs privacy. Even if they live in #OC ;) Newspaper reporters and social activists are probably a good crowd to target. On Feb 24, 2013 1:46 PM, Runa A. Sandvik runa.sand...@gmail.com wrote: On Tue, Feb 19, 2013 at 7:51 PM, SiNA Rabbani s...@redteam.io wrote: I'm wondering if there would be enough interest to hold a Tor hack-fest/training or even a Crypto party in Orange County, California. I would love to host such events in my work space, if you think you maybe interested please reply. I'd be up for it. -- Runa A. Sandvik ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] Problem about Tor website
If you download from http, then there is nothing protecting you from downloading modified, malware inserted binaries. HTTPS is providing confidentiality and authentication. Of course you want to verify signatures once you download from HTTPS not HTTP. There are curious eyes everywhere, use encryption to protect yourself ;) --SiNA On Feb 23, 2013 3:26 PM, k e bera k...@cyblings.on.ca wrote: On Sat, 23 Feb 2013 17:21:18 -0500 Andrew Lewman and...@torproject.is wrote: On Sat, 23 Feb 2013 19:03:17 +0900 Nam Su namfree...@gmail.com wrote: I know Tor http website redirects Https version website but http site couldn't open or slowly than Tor connection. Is it government's sensor? http://torproject.org redirects to https://www.torproject.org automatically on our webservers. If you cannot get to torproject.org, likely someone is censoring you. The question may also have been: Why does Tor Project not offer unencrypted duplicate content over HTTP, for those users not allowed to connect to port 443 or setup SSL connections? For example a user might want to download the TorBrowserBundle which would enable them to circumvent the censorship from that point onwards. ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
[tor-talk] Tor Community in Orange County - California
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 I'm wondering if there would be enough interest to hold a Tor hack-fest/training or even a Crypto party in Orange County, California. I would love to host such events in my work space, if you think you maybe interested please reply. All the best, SiNA - -- “Be the change you want to see in the world.” Gandhi XMPP: i...@jabber.ccc.de a5dae15f45a37e9768f6deae7b54807fc4942ec9 twitter.com/wwwiretap -BEGIN PGP SIGNATURE- iQIcBAEBCgAGBQJRI9ehAAoJEDxieAEiLOmoeKUQALwYJvzeanS1rzjC0g1CXy7V 2uRaE+wyevLFt0afdVUG5THP3brH7O9vxYxQ+XFLFyQR/wMHx9wZqEGnTbJ3w2re 5aUSk3Zr0U5awlejJBK3sgW/vKZh6Jb8OQAMyhyTfGz6kr2XLVCHFyFM5AnhqQrZ se+I5gFdN5lWPp1IcwhWmFABT7MnPourp2wqnkGJxkWHumm+E3MFJkmQuqwAVmr0 Am0OQbDIpVZYIVRKXMzLACvivkTIS7M4GCymZd89d3OxTnKW+i9/w3fAPpm+bMgt XaDT260M8mk5MAb9WG7FI9T2blK8IKthNwe7m9GpxsBldFLL6pevFUw0ojKEGfhe 6/ZLczeXpBnB44qGZ4TtCx78tLXEnjqlcFMBqm6W8XfjrZVNQaqfMRjlSsAQb7+7 MkJnXkQjwie8Y7nx/8lAqc2I9GztCbP5lkTqGR16guEpOfIe407ezZEViswzhIhY GWSOBt5mCdd2vsNzDs6wPk4nx27b2ypf8nmbqiEHJ1uPKmGM4cyVJKknLhrSzekh WU6QCwW5dR6+3qTtQYUx3lxT4uO9gLxcf/c8Le10t5w7TQL1SG+DT+OJ+QM0EL9N MOwXezOWY+9RiJWLxg9GKWtRr4oUN5yxu6xRVCarRfQ3qWpRKbbjFGpnwPZT74Yx EnKjbJR316MIBnBFcaxS =5x2U -END PGP SIGNATURE- ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] Mail service requires java script enabled
Java or JavaScript? Do not use email service that requires plugins such as Java. On Jan 14, 2013 7:26 PM, andr...@fastmail.fm wrote: In trying to access an email, web based, the service said that java has to be enabled. What's the best course of action here? Will enabling java create an IP leak or in some way defeat the purpose of using Tor to access the mail? Does Tor browser bundle even have the ability to use java? . -- http://www.fastmail.fm - A no graphics, no pop-ups email service ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] William was raided for running a Tor exit node. Please help if you can.
perhaps we can ask William for his exit node fingerprint or IP to verify? I'd like to make a donation if I can confirm the message. On Nov 29, 2012 6:40 AM, David Carlson carlson...@sbcglobal.net wrote: Has anyone checked to see whether this is another scam? If not, send me some too. From: Eugen Leitl eu...@leitl.org To: tor-talk@lists.torproject.org Sent: Thu, November 29, 2012 7:59:12 AM Subject: [tor-talk] William was raided for running a Tor exit node. Please help if you can. - Forwarded message from Chris cal...@gmail.com - From: Chris cal...@gmail.com Date: Thu, 29 Nov 2012 08:04:02 -0500 To: NANOG list na...@nanog.org Subject: William was raided for running a Tor exit node. Please help if you can. I'm not William and a friend pasted a link on IRC to me. I'm going to send him a few bucks because I know how it feels to get blindsided by the police on one random day and your world is turned upside down. Source: http://www.lowendtalk.com/discussion/6283/raided-for-running-a-tor-exit-accepting-donations-for-legal-expenses From the URL: Yes, it happened to me now as well - Yesterday i got raided for someone sharing child pornography over one of my Tor exits. I'm good so far, not in jail, but all my computers and hardware have been confiscated. (20 computers, 100TB+ storage, My Tablets/Consoles/Phones) If convicted i could face up to 6 years in jail, of course i do not want that and i also want to try to set a legal base for running Tor exit nodes in Austria or even the EU. Sadly we have nothing like the EFF here that could help me in this case by legal assistance, so i'm on my own and require a good lawyer. Thus i'm accepting donations for my legal expenses which i expect to be around 5000-1 EUR. If you can i would appreciate if you could donate a bit (every amount helps, even the smallest) either by PayPal (any currency is ok): https://paypal.com/cgi-bin/webscr?cmd=_s-xclickhosted_button_id=2Q4LZNBBD7EH4 Or by Bank Transfer (EUR only please): Holder: William Weber Bank: EasyBank AG (Vienna, Austria) Account: 20011351213 Bank sort number: 14200 IBAN: AT031420020011351213 BIC: EASYATW1 I will try to pay them back when i'm out of this (or even before) but i can obviously not guarantee this, please keep this in mind. This money will only be used for legal expenses related to this case. If you have any questions or want to donate by another way (MoneyBookers, Webmoney, Bitcoin, Liberty Reserve, Neteller) feel free to send me a mail (will...@william.si) or a PM, or contact me in LET IRC. Thanks! William -- --C The dumber people think you are, the more surprised they're going to be when you kill them. - Sir William Clayton - End forwarded message - -- Eugen* Leitl leitl'http://leitl.org;leitl http://leitl.org __ ICBM: 48.07100, 11.36820 http://www.ativel.com http://postbiota.org 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] William was raided for running a Tor exit node. Please help if you can.
Running an exit node from home DSL or Cable is bad idea. One must look for a Tor friendly ISP and have balls made of steel! --SiNA On 11/29/2012 11:31 AM, Eugen Leitl wrote: People will spend time and money securing their home wireless so their neighbor can't steal their internet, but willingly allow strangers from anywhere in the world to use their connections no strings attached. It's hilarious. -- “Be the change you want to see in the world.” Gandhi OTR: i...@jabber.ccc.de a5dae15f45a37e9768f6deae7b54807fc4942ec9 ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] Limiting number of outbound TCP connection from One Circuit
I think nmap is smart enough to adjust the number of packets and delay between them automatically. On Nov 20, 2012 6:25 AM, Andreas Krey a.k...@gmx.de wrote: On Tue, 20 Nov 2012 14:02:14 +, Fabio Pietrosanti (naif) wrote: ... So, rather than Blocking it would be really nice to be able to apply certain Rate Limits to the amount of outgoing, new TCP connection that can be done over an established circuit. Let's say that outgoing circuit change by default once every 10 minutes. That would be changed by the potential portscanner pretty quickly when he discovers your limitation. He would then change identities much faster, to the computational detriment of your node, and a few others. Andreas -- Totally trivial. Famous last words. From: Linus Torvalds torvalds@*.org Date: Fri, 22 Jan 2010 07:29:21 -0800 ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] Private mail server (Was: i saw your response on the Tor TTFtalk list)
The law enforcement needs a warrant to enter your home. So yep, at least you'll know about it. I wonder if getting a warrant to pull a server from co-lo takes the same amount of effort and paperwork as getting a warrant to enter someone's home? On Nov 18, 2012 4:26 PM, Andrea Shepard and...@torproject.org wrote: On Sun, Nov 18, 2012 at 09:50:20AM +0100, Jérémy Bobbio wrote: There are some clear advantages of running your own email server regarding surveillance and overall control. If you have your own email server, you can decide of your logging policy; and not necessarily keep a trace of all your exchanges. Another advantage in this unpleasant age of warrantless searches and NSLs - if Big Brother has taken an interest in your mail, you can be sure *you will know about it*; with gmail they could be getting a copy of all your messages and have a gag order prohibiting anyone from telling you. -- Andrea Shepard and...@torproject.org PGP fingerprint: 3611 95A4 0740 ED1B 7EA5 DF7E 4191 13D9 D0CF BDA5 ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] Can I trust Tormail
Trust nobody with that data, including Tormail. On Nov 3, 2012 4:10 AM, HardKor hardkor.i...@gmail.com wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Hello, I wonder if someone knows more about the team that is behind Tormail. I see a lot of people using this service and I would like to have an idea about how much I could trust the Tormail admins to not read / expose my communications. Thank you, HardKor 5845 16EB 0589 B89A 5E6E 98DE 74F5 F875 6D34 45F9 -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.12 (GNU/Linux) iQIcBAEBCgAGBQJQlPpSAAoJEHT1+HVtNEX5l4AQAJyc74cbvofJtjn8+PYPvXK6 hI28Kn9sLCRJIDkA37RjfQQvey2Ars//TS8k/j94SIslsq2mQNabzztr6UN7Hwe3 Pj7zD/woM2a8Nr+C7xBM8nw1FDtKzvBcoqZP2xxUd8I+CXStIpLQPpebtHulJzcb AhRbRaOGJY3Hnalg9eVnbxAMvj+zhIa9fTAv7yOpZRgbB+wwN/9P64pCFNLRDkR9 HphiN5FaFyqeE7lv+J8eXJstO8JzuyZEAfo5w3qPjNTPmJeUa8VNuwjaS0ucVPKG sLd2BPaB1QIq9Bks6R3KiV55O9cHhaQchFKWrXrC5zPqN3V1N1goTa4vUtf2KJmL myaMjwHImq2pf7c+eg8z8n14GcFRWUSGWO0uA46bo1IGEJBk7KdhxhjumEpGBYBn syootdLUKWQYNeOZxeqEmaXrDufmWy/27HkiOLZAptIFGuW5en7n9DVu2VK9/3BS s4fpquEjAnW2fheszC9MfzEVW4zNnpplYefR/l8LNwqxou88ykbQqhRu12OKTIIT awq9e4k07ecE/swcZOsY0GjfHWo/41wY8nPa/LZ6g0jrhi2vEqz92b6iu5lb8UYZ J4artN1+BHCkM1pee65AyEC/qUuN9hyg3yjpNGI2rftpapAxzaPHbxxDagWHE0Dv p2jzyhgaK832fU4YEC6g =EjHM -END PGP SIGNATURE- ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] Hidden Service Question
This would only work inside the same machine that is running the hidden service. He is trying to develop for an .onion website without actually having to work over Tor. On 10/22/2012 09:46 AM, Bernd wrote: 2012/10/20 SiNA Rabbani s...@redteam.io: I am not sure why you would want to do that, but if I understand the question... you can add your .onion hostname with your local IP to /etc/hosts. That way the .onion would resolve to your local IP. No. If this worked then there would be a serious flaw in his configuration. It should not even try to resolve the hostname without the help of tor. ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk -- “Be the change you want to see in the world.” Gandhi OTR: i...@jabber.ccc.de d32b31b0e24b605f02218a3195e7576226aea546 ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] help us:Korean government started to fine netizen who download child pornography without child
Julian, thank you for speaking your mind. I am also disgusted by the term and whatever it is supposed to represent. I don't contribute to Tor, so some dude in Korea can watch youth being abused in the name of entertainment, where some see pleasure and fun, I see misery and suffering. --SiNA On Oct 20, 2012 1:11 PM, Julian Yon jul...@yon.org.uk wrote: On Sat, 20 Oct 2012 19:34:48 + Lee Whitney l...@whitneyland.com wrote: Eugen do you have children? Not attacking you based on this but I'm curious how it affects perspective. In my mind it's pretty easy to drawn the line, things that have victims should usually be illegal and things that are unpopular but don't hurt anyone usually should be legal. No slippery slope necessary. I am willing to declare that I do have children, and previously worked with kids. I also have experience of victims of abuse. In the case of pornography, there is a *massive* moral/ethical difference between images which clearly state “only adults are involved” and those which purport to actually involve children. I don't think “obviousness” of a fake is a viable criterion for determining the appropriateness of such material. I am an anarchist and don't think that legislation is ever the “right” solution to a problem, but as we don't yet live in an anarchy sometimes it's the best we're going to get for now. As anarchism is about protecting *everybody's* right not to be abused, campaigning for the legalisation of a crime with obvious victims (especially ones such as children who are naturally vulnerable) is not something I see as helpful. I don't think it's helpful for Tor (or Tor users) to be associated with that either, hence my decision to respond. -- 3072D/F3A66B3A Julian Yon (2012 General Use) pgp.2...@jry.me ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] questioning tor circumvention
We need all kinds of different users from every country in the world. I think the balance between the users and relay operators are related to each other. More users = more operators. And don't worry too much about the people of Iran. They don't need the west to overthrow dictatorship. As far as contribution back to the network, I assure you that Iranians outside of iran will run relays to keep the balance. On Oct 21, 2012 4:26 AM, fakef...@tormail.org wrote: Curious... Why help censored people to circumvent? Whats the big deal? They are lechers. They just add load to the network... Will not host tor servers... Why give iran countries circumvention with tor? U.S. army and secret service wants to phone home from iran? Allow Iranian people to read western news and to allow them communicate to plan revolt? ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] Hidden Service Question
I am not sure why you would want to do that, but if I understand the question... you can add your .onion hostname with your local IP to /etc/hosts. That way the .onion would resolve to your local IP. This only works inside of your internal network. On Oct 20, 2012 6:56 AM, Webmaster webmas...@felononline.info wrote: Hello, Hopefully this is a simple question. I have a hidden service running on a local computer. Currently to access it I can either SSH into the 192.168.x.x address or I can Access it with the .onion address over tor. My question is can I access the .onion Address Locally So I dont have the lag/delay with running over tor? __**_ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/**cgi-bin/mailman/listinfo/tor-**talkhttps://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] Hidden Service Question
If you are working on a remote machine, you can do ssh port forwarding and make the .onion hostname locally available through the tunnel. Then add an entry to your local system's /etc/hosts so .onion gets the local IP of the remote server. On Oct 20, 2012 7:41 AM, Webmaster webmas...@felononline.info wrote: Im working on redesigning and configuring the site. Most of the work has to be done using the http: interface.so after I make a change the refresh of the page takes some time (tor delay)I'd like to be able to access the .onion site locally so I can work a bit faster. On 10/20/2012 10:11 AM, SiNA Rabbani wrote: I am not sure why you would want to do that, but if I understand the question... you can add your .onion hostname with your local IP to /etc/hosts. That way the .onion would resolve to your local IP. This only works inside of your internal network. On Oct 20, 2012 6:56 AM, Webmaster webmas...@felononline.info wrote: Hello, Hopefully this is a simple question. I have a hidden service running on a local computer. Currently to access it I can either SSH into the 192.168.x.x address or I can Access it with the .onion address over tor. My question is can I access the .onion Address Locally So I dont have the lag/delay with running over tor? ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talkhttps://lists.torproject.org/**cgi-bin/mailman/listinfo/tor-**talk https://lists.**torproject.org/cgi-bin/**mailman/listinfo/tor-talkhttps://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk __**_ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/**cgi-bin/mailman/listinfo/tor-**talkhttps://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk __**_ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/**cgi-bin/mailman/listinfo/tor-**talkhttps://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] software activation
Its very much possible and very easy as long as the software supports socks proxy. Even if the software does not provide proxy support you can try transparent proxy and activate over Tor. On Oct 13, 2012 12:27 AM, Achter Lieber zzretro...@email2me.net wrote: Hello. Has anyone any experience with activating a software online through Tor? I have to do that soon but I use Tor for most of my internet. Many sites are blocked where I live so it has become common or normal routine for me to use Tor but I haven't tried it yet for activation. Now I just remember I had purchased a software some years ago but everytime I tried to download an upgrade of new fish, it wouldn't update, until I forgetfully did it while running Tor, and it worked! Jeez, am I answering my own question? If I am, thank you very much. What a quick response!!! Amazing. Thanks ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] Legitimate list?
Sounds like someone is trying to get you to give up your bridge IP addresses, I wonder if that someone is related to one of those countries mentioned in the email x) Can you post the invitation email with full headers? --SiNA Runa A. Sandvik: On Wed, Oct 10, 2012 at 5:48 AM, eliaz el...@tormail.org wrote: I hope tor-talk is an appropriate place to post this query. I've been invited to a mailing list that is purportedly for bridge runners. The introduction to the list states: This list will be devoted to providing TOR bridges to help people in censored areas reach the free internet. Subscribers to this list can submit ip addresses and once a week, a limited list of bridges will be released to subscribers to help people (such as Syrians, Chinese, Iranian etc reach for these bridges to access the internet. I know and trust the folks who administer the list server software, but have no idea who is managing the particular mailing list. I've posted a query to the list requesting some sort of authentication, but so far have received no reply. Should I trust this list with my bridge details? Can anyone suggest a method of authentication, other than a facemeet, that I can suggest on the list? Finally, if anyone here recognizes the list I'm talking about, please post your experiences. Thanks, eliaz This list is not run by anyone at the Tor Project. -- “Be the change you want to see in the world.” Gandhi OTR: i...@jabber.ccc.de d32b31b0e24b605f02218a3195e7576226aea546 ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
[tor-talk] Covert Browser By Stephan Hoffmann
Has anyone checked this software out? http://itunes.apple.com/us/app/covert-browser/id477438328?mt=8 When I searched for ipad tor they came up first :/ -- “Be the change you want to see in the world.” Gandhi OTR: i...@jabber.ccc.de d32b31b0e24b605f02218a3195e7576226aea546 ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] Covert Browser By Stephan Hoffmann
My bad! Andrew Lewman: On Mon, 08 Oct 2012 18:00:07 + SiNA Rabbani s...@redteam.io wrote: Has anyone checked this software out? http://itunes.apple.com/us/app/covert-browser/id477438328?mt=8 When I searched for ipad tor they came up first :/ Ahem. https://lists.torproject.org/pipermail/tor-talk/2012-September/025560.html Please stop cross-posting. Thanks! -- “Be the change you want to see in the world.” Gandhi OTR: i...@jabber.ccc.de d32b31b0e24b605f02218a3195e7576226aea546 ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] TorBirdy doesn't work with Gmail?
Is your gmail account attached to a phone number? Did gmail ever make you do that when you originally signed up? On Oct 3, 2012 7:41 AM, A. Kong akagik...@gmail.com wrote: I forgot, there was: https://accounts.google.com/DisplayUnlockCaptcha Sign in using the application you want to authorize access to your account within the next ten minutes. Google will remember the application after it signs in, and will allow it to access your account in the future as long as it uses the correct password. There's no captcha here, I just click the continue button and Gmail keeps on refusing my connection until I disable TorBirdy. On 10/01/2012 05:58 PM, Sukhbir Singh wrote: Hi, Akagi Kong: Yes, its been a headache -- out of the box; I've had to change passwords several times on several Gmail accounts. I still can't get this setup to work. Yes we are aware of this issue. But once your account is locked, you _have to_ log in via the web interface (and possibly change your password) to fix this, so even if we do start a new circuit, it won't help much. Suggestions on how to fix this are welcome. proxy message: http://imagebin.org/230512 Thunderbird 15.0.1, Ubuntu 12.04, latest Tor bundle. Which version of TorBirdy are you using? We fixed this proxy issue in the latest release (0.0.13) [0], so try using that. [0] - https://github.com/downloads/ioerror/torbirdy/torbirdy-0.0.13.xpi ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] will html5 ruin the anonymity of Tor or TBB
HTML 5 is supported by the Tor Browser Bundle. Which makes it OK to use. On Oct 5, 2012 8:01 AM, jiang song luolisongji...@gmail.com wrote: We know that flash plugin is third-party stuff and may ruin the anonymity of Tor, how about HTML5, will it be a threat for tor or TBB? ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] TorBirdy 0.0.13 released - New translations desired
Consider Persian translation done. I am adding Ardeshir to CC line. On Sep 28, 2012 10:41 PM, Jacob Appelbaum ja...@appelbaum.net wrote: Hi! TorBirdy 0.0.13 is now out; we think it is the the best release so far and we encourage you to upgrade. This release is quick to follow version 0.0.12 to fix a known problem in for German speaking users. We believe this release will increase stability for German speaking users. It's still quite experimental - of course. Use at your own risk and especially if you're using it with Enigmail and GnuPG without a local[0] HTTP proxy. We've continued with updating the web page to show some TorBirdy screen shots: https://github.com/ioerror/torbirdy/wiki/Screen-shots Call for help: We're looking for assistance with Translations - if you'd like to translate TorBirdy, we'd gladly accept a patch that prepares TorBirdy for translation work. We now have German, English, Punjabi, Hebrew, Spanish and French! Even if you can't help translate, we'd love to know what languages matter to you or your friends - please let us know? We're especially looking for translations of TorBirdy into Arabic, Persian, Mandarin and Japanese - if you'd like to help us translate, please contact us! Release Highlights: 0.0.13, 28 Sept 2012 Translation updates: Add Hebrew translation (thanks to Sharon Dvir) Add French translation (thanks to N3b) Update German translation (thanks to Karsten N) Add Spanish translation (thanks to Juan Garofalo) Code cleanup: prefixed generically-named IDs with TorBirdy namespace The release from a few days ago has other important changes that are also relevant to other users: 0.0.12, 27 Sept 2012 TorBirdy now has localization support Current languages: English, German (translated by Karsten N.), Punjabi TorBirdy code cleanup: fix global namespace pollution Do not select the last selected account to prevent automatic login (TorBirdy selects 'Local Folders' on startup to prevent this) Restore proxy settings at TorBirdy uninstall (settings prior to installation of TorBirdy) TorBirdy now allows HTTP/SSL connections Users may opt-out from `--throw-keyids' Enhanced TorBirdy JonDo support (thanks to Karsten N.) Fix a bug in 0.0.11 that prevented account preferences from being set Add Screenshots directory TorBirdy no longer requires a configured HTTP proxy for full use with Tor TorBirdy now enforces the safest HTTP proxy usage possible with GnuPG TorBirdy attempts to disable all name resolution in GnuPG due to a serious SOCKS5 problem with GnuPG proxy options in how we invoke GnuPG; GnuPG only supports SOCKS5 when it is linked against libcurl (7.21.7) and hostnames are not used. This is outlined the following bug: https://trac.torproject.org/projects/tor/ticket/2846 General content anonymity caution note: TorBirdy has known leaks in the Message-ID and in the Date header, we're working on merging an upstream patch that will allow these leaks to be closed. There are no known proxy leaks unless you use additional extensions that do not respect the proxy settings of Thunderbird. If you use GnuPG and Enigmail, we encourage you to use it with a local HTTP proxy due to the issues mentioned[0] regarding GnuPG. Here's the wiki page for TorBirdy: https://trac.torproject.org/projects/tor/wiki/torbirdy Here's the latest XPI for TorBirdy: https://www.torproject.org/dist/torbirdy/torbirdy-0.0.13.xpi https://github.com/downloads/ioerror/torbirdy/torbirdy-0.0.13.xpi Here is a proper GPG signature for the latest XPI: https://www.torproject.org/dist/torbirdy/torbirdy-0.0.13.xpi.asc https://github.com/downloads/ioerror/torbirdy/torbirdy-0.0.13.xpi.asc Here is the sha1sum of torbirdy-0.0.13.xpi: 56d7615bbbd2ba64811307209ae1f22c1bdbf266 The GnuPG signature that signed this email is also the same key that signs the TorBirdy releases. To learn more about signature verification of Tor Project related software such as TorBirdy please visit this page: https://www.torproject.org/docs/verifying-signatures.html The plugin on AMO has been preliminarily reviewed and we are still in the review process. It is again possible (Hooray!) to install TorBirdy directly from Thunderbird or by downloading the extension in a web browser from Mozilla's website: https://addons.mozilla.org/en-US/thunderbird/addon/torbirdy/ We believe that users who installed previous versions from Mozilla's addons site should receive this update automatically. It may take some time before Mozilla approves this update but it should eventually show up as an available update. We now upload a full XPI and GnuPG signature for every new release to the Tor Project's web servers: https://www.torproject.org/dist/torbirdy/ All the best, Jacob [0] https://trac.torproject.org/projects/tor/ticket/2846
Re: [tor-talk] TorBirdy doesn't work with Gmail?
I used it with gmail IMAP just fine. On Sep 27, 2012 8:03 AM, A. Kong akagik...@gmail.com wrote: Hello, I lost track of TorBirdy, but today I realised it was complete and available, although it isn't even mentioned on the main Tor site. Gmail works fine when I disable TorBirdy. Which free email providers currently allow the use of TorBirdy? Mozilla/5.0 (X11; Linux i686; rv:15.0) Gecko/20120827 Thunderbird/15.0 ID:20120827103323 ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] VPS provider
Also make sure the ISP does not have root login to your VM. Some ISPs like Gandi install special daemons that can be used to login to the VM :/ I like Amazon EC2 service very much! --SiNA On 09/25/2012 10:33 AM, Moritz Bartl wrote: On 25.09.2012 19:31, Webmaster wrote: Can anyone suggest a vps provider that is friendly to tor hidden services. This would not be for an exit node. Hidden services should not be a problem for just about any VPS provider. Just make sure you stay within the bandwidth limits. ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] VPS provider
You cam lock down your .onion using this feature: HiddenServiceAuthorizeClient auth-type client-name,client-name,… If configured, the hidden service is accessible for authorized clients only. The auth-type can either be 'basic' for a general-purpose authorization protocol or 'stealth' for a less scalable protocol that also hides service activity from unauthorized clients. Only clients that are listed here are authorized to access the hidden service. Valid client names are 1 to 19 characters long and only use characters in A-Za-z0-9+-_ (no spaces). If this option is set, the hidden service is not accessible for clients without authorization any more. Generated authorization data can be found in the hostname file. Clients need to put this authorization data in their configuration file using HidServAuth. As far as getting a linux box with SSH, there are already some good recommendations in this email thread. --SiNA On 09/25/2012 03:10 PM, Webmaster wrote: This was something that has bothered me. I use VmBox for linux When Im running a machine there is a windows that shows me a preview of the current screen. Do admins have access to this preview or something similar? I intend to run a linux server console only. (no gui) so most of my work will be done using SSH. The only viewable page would be under the .onion site. Hopefully as long as the admins dont know the .onion. they cant see whats hosted. Non-illegal, but may be offensive in some countries. On 09/25/2012 04:00 PM, irregula...@riseup.net wrote: On 09/25/2012 10:18 PM, Matthew Finkel wrote: On 09/25/2012 01:42 PM, Flo wrote: +1 This. The problem is especially on container-virtualizations like OpenVZ is that the admins of the hostnodes must just type something like 'vzctl enter 123' and they have a shell in your VPS... So you should have at least Xen/KVM where you can use encryption Yes! Sadly there aren't too many KVM hosts, but providers are slowly offering more options. Xen has been stable for a longer amount of time, so there are more options available for that, Linode, et al. I personally have KVM boxes from http://buyvm.net/ and http://arpnetworks.com/, at times they leave something to be desired with regard to performance, but overall I have no complaints related to service or uptime. I don't currently use them for Tor related purposes, but if they're not going to serve as exit nodes, anything else shouldn't cause a problem (except bandwidth, as was noted). I'm planning to contact them in the future to determine their stance on Tor and see if I can move forward with some ideas I have, but that remains to be seen. Hey people I was under the impression that everyone having physical access to a running machine can get access to the operating system as well. Encryption makes no difference for a running computer, since cold boot attack may be used to dump the keys from memory. What's more, in a virtualization environment i guess that would be easier. If the above statements are generally correct, then you should trust a VPS provider, as long as you trust the administrator of the host machine *and* everyone else having physical access to it (for example the datacenter). ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] News from Iran
Finally after years of waiting we will get to see what a so called Halal Internet looks like. So far they have completed Phase One which is to disconnect all the governmental entities from Gmail and other foreign services. Next phase is to do the same with the entire population of Iran. It is hard for me to imagine the Internet getting completely shutdown. I suspect they will make SSL traffic very slow to a point that users would give up and look for other alternatives Today, Iran started to block Gmail at different ISP and cities all over Iran. The head of the unit that is in charge of blocking said that Because of the release of an anti-islam videos about prophet Muhammad on Youtube, which is owned by Google, *The People* have asked for these sites to be blocked! So we have decided to Block Google and Gmail service until further notice. --SiNA On 09/23/2012 03:19 PM, HardKor wrote: Hello, I just read in an online newspaper that Iran will block Google (and Youtube) very soon. The article also say that the whole network will be disconnected from the internet soon. Does any one have more detailed informations about what's going on over threre ? HardKor 5845 16EB 0589 B89A 5E6E 98DE 74F5 F875 6D34 45F9 ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] News from Iran
:/ On Sep 23, 2012 6:10 PM, Chris Smart csma...@cogeco.ca wrote: They won't be online much after the EMP :) --** CTS MASTERING, affordable and professional mixing and mastering: http://www.ctsmastering.com Twitter: https://twitter.com/#!/**CTSMASTERINGhttps://twitter.com/#!/CTSMASTERING BLOG: www.ctsmastering.com/blog Linked In: http://ca.linkedin.com/pub/**chris-smart/46/824/536http://ca.linkedin.com/pub/chris-smart/46/824/536 __**_ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/**cgi-bin/mailman/listinfo/tor-**talkhttps://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] Allow only tor connections to server
You can run a hidden service and make that service only accessible through Tor: https://www.torproject.org/docs/tor-hidden-service.html.en Then you would block all traffic to that port except traffic coming from 127.0.0.1. Good luck! -SiNA On 09/19/2012 01:26 AM, atra...@mailtor.org wrote: Hello, I am running Tor and dovecot (mail) on debian. No I can let listen the dovecot server on Listen *:1234 The problem is, that you also can access this server without tor. Is there a way to only accept tor connections? ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
[tor-talk] Italy - third highest number users
Somehow in August, Italy got a few thousand additional Tor users and became third as far as usage of Tor: https://metrics.torproject.org/users.html?graph=direct-userscountry=it#direct-users Country Mean daily users United States 60769 (14.30 %) Iran 43709 (10.28 %) Italy 37306 (8.78 %) Germany 36672 (8.63 %) Any insight? --SiNA ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
[tor-talk] Iran's Green Movement - URGENT ALERT - Please RT
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Mir Hossein Mousavi, former presidential candidate during the 2009 elections and leader of the Green Movement under illegal house arrest for approximately 18 months, was transferred to a cardiac hospital in down town Tehran under extreme security measures accompanied by his wife Zahra Rahnavard. 526 days after his illegal house arrest, Mir Hossein Mousavi who was reportedly suffering from extreme chest pain was reportedly transferred this morning, Thursday August 23rd, 2012, under extreme security measures to the Coronary Care Unit (CCU) at a cardiac hospital in central Tehran. It has been reported that security agents arrived at the hospital the night before Mousavi?s transfer, installing security cameras throughout the hospital. According to the same reports the security apparatus assigned to Mir Hossein Mousavi and his wife Zahra Rahnavard at the hospital includes tens of IRGC agents, security agents and plain clothes officers. The hospital personnel working in the unit where Mousavi has been admitted, have not been allowed to leave the building and Mousavi is said to be banned from all visitation. It has been reported that as a result of a blocked coronary artery, Mousavi under went a three hour angiogram. Upon completion of the operation, Mousavi was transferred back to the CCU unit where he is likely to remain for a longer period of time. In the event that Mousavi?s hospitalization is prolonged, there is speculation that he will be kept in isolation in a separate unit in the hospital. Source: Kaleme: http://kaleme.org/1391/06/02/klm-110814/ - -- The world will not be destroyed by those who do evil, but by those who watch them without doing anything. ~ Albert Einstein -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.11 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iQIcBAEBAgAGBQJQNob/AAoJEJPBwXYLR9VtKsMP/0n4JI31kN59wUuYt1dtdFhq qVs+Dw3B5M6TxUM83y/88W5kvqEMfUZj6PpEba4YJrCcJ3eXBepzNk8EaYe7DgEo 2fvWEmIvigiMDDD60GfF9khLDAKxaBxVk9AvQs0hJZ6etIMx6dGZ0Opfd2iOGtxd 5fRnVML4Y9b6MlZ29qETyYoZYvYm6cgJGxYbI3nKUGizpG4UVvD4ya8pv/N8bWwt kiMYCsM/gzAfIiV0MqJNmCkBIedfC0s66/P7JYDh6MCBGirAwlv7F/3oo8J94P/A YhLEz+zv1Fm4iSwyJjfo/odAh4KbMFd1/PEzhHrVN5pPmxUs9+aeCBJp4vYaNblz lPkYkJfFvnyHJdud2fAK8j8x5vtsEDiRcq9kkQM+mpJcJbCkC1r0vgGSYezbmp+M 1duFvxgHsIaGfjoQZ9n8Y5As/VgPWkOZBZetF0ozMtSdIYAbHrNXdjhKOLi2c9tS vKMXgJf8B2qnUb9ffFvjDs0juse5v28dMXwZKZIECokadLQTnX9LXHK0Ez4z+nyO 0h6x7dFVDJCzrixNMytXiHbDh461k0nLm6Laep/zGU1rCqHloPTiC19bGYK6Yjph ULCgRnS1pYIBMI0oYYKfnhbmJVQY1XOvm3nYs9EA4LBQneKWFl7Pf8Gjx2YDfXOf h2N/qb0JQMpH3cbXA2AQ =L3xe -END PGP SIGNATURE- ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] Iran's Green Movement - URGENT ALERT - Please RT
You are right. I am hoping it reaches my Tor friends all at once. --SiNA On Aug 23, 2012 12:45 PM, HardKor hardkor.i...@gmail.com wrote: Isen't this mailing list reserved to topics related with the Tor Project ? HardKor On Thu, Aug 23, 2012 at 9:39 PM, SiNA Rabbani s...@redteam.io wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Mir Hossein Mousavi, former presidential candidate during the 2009 elections and leader of the Green Movement under illegal house arrest for approximately 18 months, was transferred to a cardiac hospital in down town Tehran under extreme security measures accompanied by his wife Zahra Rahnavard. 526 days after his illegal house arrest, Mir Hossein Mousavi who was reportedly suffering from extreme chest pain was reportedly transferred this morning, Thursday August 23rd, 2012, under extreme security measures to the Coronary Care Unit (CCU) at a cardiac hospital in central Tehran. It has been reported that security agents arrived at the hospital the night before Mousavi?s transfer, installing security cameras throughout the hospital. According to the same reports the security apparatus assigned to Mir Hossein Mousavi and his wife Zahra Rahnavard at the hospital includes tens of IRGC agents, security agents and plain clothes officers. The hospital personnel working in the unit where Mousavi has been admitted, have not been allowed to leave the building and Mousavi is said to be banned from all visitation. It has been reported that as a result of a blocked coronary artery, Mousavi under went a three hour angiogram. Upon completion of the operation, Mousavi was transferred back to the CCU unit where he is likely to remain for a longer period of time. In the event that Mousavi?s hospitalization is prolonged, there is speculation that he will be kept in isolation in a separate unit in the hospital. Source: Kaleme: http://kaleme.org/1391/06/02/klm-110814/ - -- The world will not be destroyed by those who do evil, but by those who watch them without doing anything. ~ Albert Einstein -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.11 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iQIcBAEBAgAGBQJQNob/AAoJEJPBwXYLR9VtKsMP/0n4JI31kN59wUuYt1dtdFhq qVs+Dw3B5M6TxUM83y/88W5kvqEMfUZj6PpEba4YJrCcJ3eXBepzNk8EaYe7DgEo 2fvWEmIvigiMDDD60GfF9khLDAKxaBxVk9AvQs0hJZ6etIMx6dGZ0Opfd2iOGtxd 5fRnVML4Y9b6MlZ29qETyYoZYvYm6cgJGxYbI3nKUGizpG4UVvD4ya8pv/N8bWwt kiMYCsM/gzAfIiV0MqJNmCkBIedfC0s66/P7JYDh6MCBGirAwlv7F/3oo8J94P/A YhLEz+zv1Fm4iSwyJjfo/odAh4KbMFd1/PEzhHrVN5pPmxUs9+aeCBJp4vYaNblz lPkYkJfFvnyHJdud2fAK8j8x5vtsEDiRcq9kkQM+mpJcJbCkC1r0vgGSYezbmp+M 1duFvxgHsIaGfjoQZ9n8Y5As/VgPWkOZBZetF0ozMtSdIYAbHrNXdjhKOLi2c9tS vKMXgJf8B2qnUb9ffFvjDs0juse5v28dMXwZKZIECokadLQTnX9LXHK0Ez4z+nyO 0h6x7dFVDJCzrixNMytXiHbDh461k0nLm6Laep/zGU1rCqHloPTiC19bGYK6Yjph ULCgRnS1pYIBMI0oYYKfnhbmJVQY1XOvm3nYs9EA4LBQneKWFl7Pf8Gjx2YDfXOf h2N/qb0JQMpH3cbXA2AQ =L3xe -END PGP SIGNATURE- ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] http://torbrowser.sourceforge.net/
Do you need help with a brand new design? I am willing to buy you a custom template so you can have a great looking site and not look like Tor's official site. :) Just send me the link to one that you like: http://themeforest.net/ All the best, SiNA Randolph D.: Hello there is preparation draft work done to get the vidalia Qt plugin out for the TorBrowser based on Dooble Web Browser 1.35 with lots of security improvments. Is there something to change on the drafted website? http://torbrowser.sourceforge.net/ Can the Tor Onion be shown in the First Feature Box? Thanks Regards http://torbrowser.sourceforge.net/ ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk -- “If I had eight hours to chop down a tree, I’d spend the first six of them sharpening my axe.” -Abraham Lincoln ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
[tor-talk] Cryptome
Did that Cryptome guy get kicked off this list? http://cryptome.org/2012/07/tor-exits-usg-funds-2.htm -- “If I had eight hours to chop down a tree, I’d spend the first six of them sharpening my axe.” -Abraham Lincoln ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] Portuguese transation for free
That's great! There is a translation portal that you can use to help Translate for Tor: https://www.transifex.com/projects/p/torproject/ https://www.torproject.org/getinvolved/translation-overview.html.en Good Luck and thanks for your Interest! Pedro: Hi, I just want to let you guys know that I can help with the translations from English to Spanish and Portuguese for free. I'm trying to improve my English and I think that is a good oportunity for me, and a nice help for you to make your programs/interfaces available to other languages. I can't code, but i think translation is a nice way to help too. Enviado via iPhone ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk -- “If I had eight hours to chop down a tree, I’d spend the first six of them sharpening my axe.” -Abraham Lincoln ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
[tor-talk] Fwd: [liberationtech] FFII - European Commission net neutrality consultation excludes TOR users
fyi [ EU / Blocking / TOR ] == European Commission net neutrality consultation excludes TOR users == Brussels, 23 July 2012 -- The European Commission blocks TOR users' access to its web site. TOR is an internet anonymisation technology and became widely popular for its facilitating role in the Arab spring movement. This is ironic, the Commission is conducting a public consultation on net neutrality, and they already censor a part of the internet to access their site, finds FFII President Benjamin Henrion. He was troubled by the issue when he tried to access the consultation website from European Commissioner Neelie Kroes. The European Commission is seeking answers to questions on specific aspects of transparency, traffic management and switching in an Open Internet, the website says. But TOR users receive a less inviting message: Network Error (gateway_error) Server overloaded. The gateway may be temporarily unavailable, or there could be a network problem. === Links === EU Commission public consultation on specific aspects of transparency, traffic management and switching in an Open Internet http://ec.europa.eu/information_society/digital-agenda/actions/oit-consultation/index_en.htm All-in-one TOR Browser: https://www.torproject.org/projects/torbrowser.html.en Earlier reporting: EU sites blocked access by users of anonymizing services http://www.whioam.com/eu-sites-blocked-access-by-users-of-anonymizing-services.html Daten-speicherung.de: EU Commission gives up blocking TOR and VPN services [corrected 27 March 2012] http://www.daten-speicherung.de/index.php/eu-commission-gives-up-blocking-tor-and-vpn-services/ Swedish Study: How the great firewall of China is blocking TOR: http://www.cs.kau.se/philwint/static/gfc/ Permanent link to this press release: http://press.ffii.org/Press%20releases/European%20Commission%20net%20neutrality%20consultation%20excludes%20TOR%20users == Contact == FFII Office Berlin Malmöer Str. 6 D-10439 Berlin Fon: +49-30-41722597 Fax Service: +49-721-509663769 Email: office (at) ffii.org http://www.ffii.org/ == About FFII == The FFII is a not-for-profit association active in twenty European countries, dedicated to the development of information goods for the public benefit, based on copyright, free competition, open standards. More than 1000 members, 3,500 companies and 100,000 supporters have entrusted the FFII to act as their voice in public policy questions concerning exclusion rights (intellectual property) in data processing. ___ liberationtech mailing list liberationt...@lists.stanford.edu Should you need to change your subscription options, please go to: https://mailman.stanford.edu/mailman/listinfo/liberationtech If you would like to receive a daily digest, click yes (once you click above) next to would you like to receive list mail batched in a daily digest? You will need the user name and password you receive from the list moderator in monthly reminders. You may ask for a reminder here: https://mailman.stanford.edu/mailman/listinfo/liberationtech Should you need immediate assistance, please contact the list moderator. Please don't forget to follow us on http://twitter.com/#!/Liberationtech -- “If I had eight hours to chop down a tree, I’d spend the first six of them sharpening my axe.” -Abraham Lincoln ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] second gateway on router?
Hi, You would install a transparent Tor proxy on gateway 2: https://trac.torproject.org/projects/tor/wiki/doc/TransparentProxy It is very much possible. All the best, SiNA Jerzy Łogiewa: hello! is it possible to setup second gateway on common home router which passes all network activity to tor? for example: gateway 1 - 192.168.1.1 -- normal internet traffic gateway 2 - 192.168.1.2 -- data moved by tor maybe with dd-wrt or openwrt this is possible? -- Jerzy Łogiewa -- jerz...@interia.eu ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk -- “If I had eight hours to chop down a tree, I’d spend the first six of them sharpening my axe.” -Abraham Lincoln ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] Tor + VPN + DNS (?)
If you use a VPN and then connect to Tor, assuming your application is sending all packets through Tor's socks proxy, then the answer would be yes! --SiNA On 05/27/2012 01:46 PM, Aaron Whiteman wrote: I think that if I run Tor with a VPN (and that the VPN does the DNS) then Tor will still do the DNS at the exit node. Me VPN Tor Node 1 - Tor Node 2 -- Tor Node 3 (exit node) - Internet Correct? Thanks. ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk -- First they ignore you, then they laugh at you, then they fight you, then you win ~ Mahatma Gandhi ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] change /etc/hosts?
:0) On 05/28/2012 11:55 AM, Matthew Kaufman wrote: I'm pretty sure that is not his real IP address, lol ? On Monday, May 28, 2012, SiNA Rabbani wrote: inf0@anarchy:~$ telnet 123.123.123.123 443 Trying 123.123.123.123... Is port 443 open to the world from your router? I can't reach your 443 port from outside. --SiNA On 05/28/2012 11:25 AM, tim smy wrote: I have a server in a country where tor is not allowed I have changed the resolv.conf file so the server points to the tunnell nameserver the tunnel has a ptr record but here is the log message May 28 13:30:39.000 [notice] Now checking whether ORPort 123.123.123.123:443 is reachable... (this may take up to 20 minutes -- look for log messages indicating success) May 28 13:50:17.000 [warn] Your server (123.123.123.123:443) has not managed to confirm that its ORPort is reachable. Please check your firewalls, ports, address, /etc/hosts file, etc. should i change the /etc/hosts to tunnel name and IP address? thanks tim -- First they ignore you, then they laugh at you, then they fight you, then you win ~ Mahatma Gandhi ___ tor-talk mailing list tor-talk@lists.torproject.org javascript:; https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk -- First they ignore you, then they laugh at you, then they fight you, then you win ~ Mahatma Gandhi ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] *.onion performance tru onion.to
Sounds like there is some caching action on onion.to. --SiNA On 05/20/2012 02:50 PM, Jesus Cea wrote: I am thinking about deploying a few *.onion services, and I am getting a quite surprising result: accessing the services from the open web via onion.to proxy is *FAR* faster that going TOR native. What am I doing wrong?. Example of accessing burninetliliito5.onion Via onion.to proxy service: 3.44 seconds. Via TOR native: 9.21 seconds. ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk -- First they ignore you, then they laugh at you, then they fight you, then you win ~ Mahatma Gandhi ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] Basic questions from new user but...
https://help.riseup.net/en/email --SiNA On 05/12/2012 03:16 PM, Elena Johnson wrote: Much appreciated! Yes, can anyone suggest email providers that will protect privacy and still work easily with Tor (? that don't require j's). Date: Wed, 9 May 2012 22:04:58 -0500 From: joebtfs...@gmx.com To: tor-talk@lists.torproject.org Subject: Re: [tor-talk] Basic questions from new user but... On 5/9/2012 6:56 PM, Elena Johnson wrote: I have a feeling other newbies might benefit. 3 questions below (if tor-talk is not appropriate for these questions, PLEASE let me know what the appropriate contact is) . I have read the FAQ's, much documentation, and searched the broader web but still have questions about browsing the internet with Tor (I'm using the whole Tor Browser Bundle): 1) Can I ANONYMOUSLY allow scripts for hotmail, gmail and yahoo mail using Tor browser? - hotmail - I can’t sign in, I get the message: Windows Live ID requires JavaScript to sign in. If I allow the script, use https and HTML and sign in then, I can use NoScript to go through a series of allowing scripts from the following, but I still can't open the email https://snt130.mail.live.com https://secure.shared.live.com https://secure.wlxrs.com - gmail: Google requires scripts to create account (I WAS able to access HTML email without scripts - very very useful and good, THANKS) 2) If I allow scripts ONE TIME, does that blow my anonymity for ALL TIME or just during that browsing session. In other words, is the info then stored somewhere that can be retroactively analyzed to reveal my IP address? - I had this experience on the Tor site: - I'm going through the Tor FAQ page and try to link to: irc channel tor-talk@lists.torproject.org h...@rt.torproject.org -I'm assuming Tor is SAFE but for each of these, I get the MESSAGE: Load external content? An external application is needed to handle: mailto:h...@rt.torproject.org (etc.) NOTE: External applications are NOT Tor safe by default and can unmask you! If this file is untrusted, you should either save it to view while offline or in a VM, or consider using a transparent Tor proxy like Tails LiveCD or torsocks. - I'm guessing that YES! i can trust that I can use whatever external application will allow me to access these Tor support services, BUT I'M NOT ABSOLUTELY SURE. This leads to my third question: 3) Can I ANONYMOUSLY load external content using an external application? Does the answer depend on THE SITE I am browsing, the particulars of the external application needed, and the specific external content? Welcome! I'm not the foremost expert on Tor external apps. Others can chime in or correct my suggestions. You ARE using the Tor browser bundle - TBB - aren't you? 1) If you really want privacy / anonymity, maybe Live Mail, Gmail shouldn't be your choice - at least when using Tor. The companies behind them are noted for a lot of privacy invasions. A lot of mail providers seem to require js, but maybe others can suggest some (or methods) that don't require it. I'm quite sure some providers don't require js. 2) AFAIK just for that session. But, if it's for an email acct that you tried to create anonymously thru Tor - IF - say Gmail, tied you to a real IP address provider, then you don't have much anonymity for that acct from then on. That's assuming anyone, including Gmail cares to pursue it. I'm assuming it warning you about accessing h...@rt.torproject.org means using your mail client. In their default state, email clients CAN leak info about you. Which external content (type) which application is it trying to use? It does make a difference. Yes, some can leak certain data. Some apps can be torrified, to lesser or greater extents. Instructions used to be on the Tor documentation site for diff apps, but may have been removed. May also be wiki articles. 3) See ans. # 2. It's an it all depends question that comes up often. It's not so much the site (unless they use advanced tracking techniques you have js enabled, etc.), as the external app being used. In general, heed the warning about loading external content, if true anonymity is desired. The application could matter because it dictates the type of application needed. Part of it depends on what you're trying to conceal from whom.NSA? You may be screwed. You'll have to research IF the apps needed ( specific one you use) can be torrified or leaks worse than another. Probably look into Tails or torsocks. I've probably created more questions, but the upshot is, you have
Re: [tor-talk] Fwd: Active Hacker Protection For Your Site - Free
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 This is hilarious! I have been getting HackerProof in Google search results and every time it made me smile :) - -- SiNA pgp 0x0B47D56D On 04/22/2011 08:28 AM, Andrew Lewman wrote: On Fri, 22 Apr 2011 10:57:47 -0400 Nathan Freitas nat...@freitas.net wrote: Comodo offers a HackerProof service... hilarious! How much for comodoproof? ;) -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.10 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iQIcBAEBAgAGBQJNsab9AAoJEJPBwXYLR9VttzYP/31SQlN/D1oJ68V6U/1t9loP gyComCFvWxcqK0wfVyRrIeofjHzHI5kPOAs69DcsLM9R8oXjiOwh9UJPGolXvudL ek6Ma2TfuB8nb5294v/fcfpDCucoma8XfBA22KeLvB+dl1WZmpDQ9478VyCI0GcX XYOBeJbP6BJAShKR+rpYVFG3qTZFGc9tZ6nQAfIriYLh07eYawPHztkceKU4sIB7 33Bme4Sjh+XenNG7cvxJZglqPsUE4jaBuv45X6E1uLYK298THsr34pCOEGOnecQm 7enP5+liQRi64MefhY/3f7tWhvgn4MJMI3c5tlFJxr/o1/RL0UYdB/0oygcjXV5B qWgm+Wr2r+YQhZvWBoELEQCMU6facl2MSqW+gNlVdZ94pwhUz+Xesqx1z97VTjW1 t/V8oGip6dRvp/En+1WYs+UX2xX9+e1BRE5UQU8Jw+marrCfedrpT1nnUDcyVuau UTxu+6G8eukYwdIWU9q82Enn/6Spje2WXGFnrxZB63tVGSDhGTBSQCcoi2Hz2EBu 6PMPBerJY3qcmdfaq7wQXWbHFwBOFgim4fVrfgAKNRu49bt9p8ddt50dymSHKPoh 4DiHAMgx52hyhDY/EFoUhCr64sKp123LcWDGhmAAkFv2rdNNxH/aPAObiyu6aXCl jyKP1C8mypJBF3YFtM4d =75Fy -END PGP SIGNATURE- ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] Tor IM Bundle
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Why not just delete the entire Tor Bundle folder? You can also download this tool and erase your entire system by booting it from it: http://www.dban.org/download Have fun! - -- SiNA pgp 0x0B47D56D On 04/07/2011 02:17 PM, michael jefferson wrote: Hi there, I am new and searched the archives to find this before I asked but couldn't find the answer. I ask your forgiveness please if it is somewhere there but I couldn't find it. Thank you. I am just wondering, I have the Tor IM Browser Bundle with Firefox and Pidgin and am taking it off my old computer before I give my computer away. If I just delete the Pidgin folder that is self contained in the Tor Browser folder will that be enough to delete my Pidgin chat logs that I saved? Or are they saved in another place? Also, is there any browser history that I might need to delete? Again, I am very sorry that I couldn't find this answer and I very much appreciate any assistance you could provide. I would like to give my computer away to someone who doesn't have a computer and if I could delete these pidgin chat logs first that would be great. Thank you, Mikey ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.10 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iQIcBAEBAgAGBQJNnmcNAAoJEJPBwXYLR9VtC/sP/i5idhg+1hniiZbAheu2VGSm aY2CYD0MejeovW+15p8OMpUt2TIPbazrriZgOgeTtPJl9n2FFWOF0zcPDXJYEiwt reGWsZPOBu7E5GOlBLX9E1JduaYBkp8vafJtkW/uFlXbJSzNNdda008ZQujHErdW lrSQ0OC2PlmCBZoWNuZyMkC+BPDPJgC8VMOOHtF9iFu89jX9l49OhqQz80aijQu+ xn/fsYnzpAqNopQeUBUO3sGs8fzGxAXBEPBALUsC2kFBI9FpW2Xpl0P5SHHsXYSI 0c5EGUXpV5pf8qc+saM70NsdlKzlzwBN7/3NNcF/hZAZvyudT/lRFXN26/X12rXJ AQ6C2xTRbVBzXebgUSbHZ8NPReIITwz4rBsV2g8b8SKKto7HKGflIrBh+xOsVmUR ZquX0Ls72eaHUFt9/0n5VLuMk5CyfRwGO6noy+CT61mKi0l4Vs51qNCTV0ef2vgq +SuWFfTw9eY7knKblJOXH3aBGxnr4jqDnjJeWTAogF7Uu/qNS7ug1XxlUdqkbI10 TitUVisgQDUxKBPwlEGKwUZ9doPUG97gUWwyf/XeYf3pDB/veyi1M4hB4qK1v+j2 I7NtvoXM8+MN+u5Yo1h0ybXN3vwUH99pAxwSFLf8N3B06O9iC6xEy55AEWsaoSmX 2ZwB3BXd7tsaCC2eSDp+ =VdCJ -END PGP SIGNATURE- ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk