Re: [tor-talk] Surge in Users
bo0od: > no secure TLS or onion connection to the website, first insecurity note. Now the web page is under construction and project is only alpha. Although I do not quite understand the role of https for real security. It is more reliable to sign all related products with a PGP key, and this will necessarily be done when a relatively stable version appears: PGP PKI seems much better then web sertificates with private keys placed on remote web servers. The illusion of security is even more harmful than lack. Onion, of course, is much better in all respects. BR, Van. -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] Surge in Users
Take into account that statistics are number of unique user's IPs connected to bridges per day. My cellular provider change my local GPRS IP exactly every hour and my external IP also changed to random value of provider's pool. Each time IP was changed my Tor rebuild 3 new circuits to introduction points of mounted HS. So one mobile app with HS can generate 24*3 connecting events per day. BR, Van. -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] Surge in Users
Maybe after publication on popular Russian resource Habr: https://habr.com/ru/post/448856/ This is Android app for talking over Tor: http://torfone.org/download/Torfone.apk http://torfone.org/download/Torfone_Android_howto.pdf https://github.com/gegel/torfone https://github.com/gegel/torfone/blob/master/white.pdf BR, Van Gegel -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
[tor-talk] How keep the hidden service when changing IP interface?
Hello! Now I tune my cross-platform app for VOIP over a Tor. On the Android platform ( testing app: http://torfone.org/download/Torfone.apk and howto: http://torfone.org/download/Torfone_Android_howto.pdf ) I was faced with the problem of keeping of a hidden service after periodically changing the IP provided by the mobile operator as well as when switching between Wi-Fi and a cellular network. In such a case Tor should detect that the used circuits have become unavailable and build new ones and, possibly, republish rendezvous points for my hidden service. In most cases this happens automatically and the hidden service becomes available again within a few minutes. But sometimes it happens that the onion service becomes unavailable for a very long time (hours), and only the restart of Tor helps (but at this time Tor is successfully workable for outgoing connecting). Questions: - What is the algorithm for keeping the life of a hidden service implemented in Tor? - How to force verification / republish without restarting Tor in case the own HS is not available in the periodic self-test? - What settings in ‘torrc’ can I use to solve the problem? - What patches of the Tor source code can be applied (as an extreme case)? Van Gegel -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] Nice to meet you! / WhatsApp by Tor?
Seven years ago I performed the first tests for voice transmission over the Tor network. Recently I returned to this topic and reanimated the old project: it became cross-platform, modular and using modern cryptography. Alpha versions for Windows, Android and Linux (including ARM) are being tested now. There will also be versions for iOS and bare metal (RPi for Tor and transport + isolated Cortex M4 for crypto and voice). Features: open SW/HW, server-less, voice calls to onion-address, optional NAT traversal using Tor for p2p UDP connection, possibility of direct call to TCP IP:port including isolated local network. For direct calls added obfuscating similar to obfs4 (with elligator2 representations, random padding, timings, two-session connecting, proof of job etc). Source code (cross-platform core and GUI for all platforms) will be published a little later but now you can try the Android alpha version to evaluate the voice latency in Tor: http://torfone.org/download/Torfone.apk http://torfone.org/download/Torfone_Android_howto.pdf Note: after exchanging contacts during the first call next authenticated calls have a lower latency since several Tor circuits are used in parallel. There are no any IP leaks when working over Tor as the only single TCP connection to the onion-address is used (custom protocol for voice transfer optimized for Tor environment). Android APK includes the Tor executable compiled using standalone NDK from the repository https://github.com/n8fr8/tor-android -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] Voice over Tor: 1985phone
> A link for folks playing with voice over Tor... > > http://1985phone.com/ These guys want to make their analogue of Tor for VOIP by using the mobile clients based on iOS and Android as a nodes? And thus want circuits latency was less than Tor? It seems to me that all will end after collecting $50K donations... -- tor-talk mailing list - tor-talk@lists.torproject.org To unsusbscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] Secure email with limited usable metadata
In the case of access to e-mail from untrusted computer is convenient and reliable to use one-time password authentication using e-codebook - mobile Java applet for your phone. A one-time password is generated in response to RAND, generated by the mail server. QR-code can be used. For example see WebMoney enum authorization. ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] Routing Jitsi through Tor
Jitsi now cann't route RTP through Tor becouse not supported RTP over TCP. Only Skype, Mumble and my forks of PGPFone and SpeekFrealy, and maybe some other rare apps can use TCP as a transport layer for voice. It makes no sense to use Tor to connect to the XMPP server only. All the same, the server has information about your location from XML ICE invites, and also your provider will determine your subscriber via a direct connection. I2P theoretically supported UDP, but only one way streams for now. Now there is no 'out of box' solution to your for I2P. In addition, the I2P network today has significantly high latency and jitter than Tor. ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] Routing Jitsi through Tor
If you are using the latest TBB, try port 9150 The better way is check SocksPort in torrc file But explained to how you are going to use the SMPP server and Jitsi? Do you want to transmit voice over Tor or via a direct connection? ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
[tor-talk] Duplication of connections between Tor Hidden Services
I want to use the duplication of connections between TOR hidden services: After A connected to HS of B, B immediately establishes a connection to HS of A. All data between A and B are duplicated on both channels to reduce the overall latency. Periodically (every minute) the slowest connection reconnects. Question: how such a scheme is expected to affect the resistance to various attacks? > ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
[tor-talk] VOIP over Tor
I need to consult with Tor developers on the issues: - Will Tors of caller and calee use the same or new nodes for building circuit after the close and immediate reestablish the connection by caller (client) to calee (HS)? - How will the scheme described below affect the safety of connection against possible deanonymizing attacks? Please, help! >With 3 TOR nodes, from 100 call, only 21 call which have acceptable quality call, whereas with 2 tor >nodes, i got 36 acceptable quality call. I got similar results, so I try to establish a few connections, duplicate voip packets on all, receiving from the fastest and dynamically restarting the slowest. >By the way, why do you have to communicate from hidden service to hidden >service? Wouldn't it suffice if the callee would act as server and the >caller as client? I was misunderstood: caller is client, calee is HS. But they both built their circuits in the call. > ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
[tor-talk] VOIP over Tor
I found that this is a very old idea: https://lists.torproject.org/pipermail/tor-talk/2006-May/thread.html#13379 But why for 6 years no one is interested? I continue my experiments with VOIP over Tor and tried another old abandoned software SpeakFreely by changing it's protocol as RTP over TCP. It has found practical use and looks good: http://sourceforge.net/p/advtor/discussion/programs/thread/9d735faa Now I have an idea of using two or three hidden services on different ports instead of one. Caller simultaneously connects to them and duplicate packets to each channel. The first delivered package is used, other are discarded. Also collects statistics and every few minutes the slowest connection will closed and reestablished. This should reduce the average latency. There are questions: - Will Tors of caller and calee use the same or new nodes for building circuit after the close and immediate reestablish of connection with HS? - How will this affect the safety of connection against possible deanonymizing attacks? > ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] please re-consider Tor Trademark policy
adrelanos: > Since very few people shared my opinion Not so few people share your opinion, Adrelanos :) I think that too much care about the user is underestimating the user. Any adequate user at first MUST NOT to trust any of the software, including Tor. The user must decide how to use this software on the basis of the source code examination and own tests, but not on public recommendations signed by me or you or Tor Core or by God, otherwise he will ever have a problem with security. > It's sad, that a project encouraging free speech has a restrictive trademark policy. This is the first thing that many people feel who are faced with this. It would be a true loyal to nonprofit projects with open source, the quality of which the user is able to assess their own without intrusive advice of expert's. ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
[tor-talk] VOIP over Tor: PTT remark
I did some tests now and have comments to the PTT mode. I used TCP socket with disabled Nagle algorithm to send packets, the data is sent in portions of 140 bytes every 80 mS for recipient?s hidden service. Absolute delivery delay of the first packet was less than the average delay for continuous transmission, but subsequent packets jitter was considerably greater. I noticed that at least 10-20 seconds of continuous delivery is kind of tunnel adaptation and reduced jitter. Still, the beginning of the sentence was interrupted, some packages rejected by codec due to significant jitter. In addition, after transmission some of the data remains in the channel during tens of seconds and and delivered immediately only after the start of the new transmission. In TORFone 0.2 I have provided the possibility of transferring some dummy packages after each voice packet to ?push? it and saturate channel. Most likely, the dummy packages are also needed in voice chat, but it will significantly increase the load on the server. ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] TOR Fone - p2p secure and anonymous VoIP tool
Hi! Thank you for your comments and tips! I did not think this project as a finished product for practical use. This is only a platform to explore the possibility of transmission of voice over TOR. Also I tried to spend as little effort to research and choose the best for me platform for their experiments. Using these results any one can make similar changes to the other supported the project for example Jitsi. When I have free time I also try to adapt Jitsi according to your recommendations but I'm more interested in creating a concept than its practical implementation in the open source code. I am also very interested in the topic of anonymous encrypted voice multi chat. When I have free time I will try to present my implementation (*nix server + GPG + clients based on the SpeakFrealy or other suitable VOIP with C++ source), in any case does not aspire to a complete solution. Van. --- Исходное сообщение --- От кого: "Fabio Pietrosanti (naif)" Кому: tor-talk@lists.torproject.org Дата: 3 февраля 2013, 18:00:31 Тема: Re: [tor-talk] TOR Fone - p2p secure and anonymous VoIP tool > On 2/3/13 2:49 PM, adrelanos wrote: > Hi! > > I haven't seen TOR Fone discussions on this list. Description (selection > by adrelanos, see TOR Fone homepage [1] for original text). While i appreciate the effort, i think that the approach of TorFone (http://torfone.org/) is not good and cannot scale for several reasons: a) The TCP connection between two host over TorHS is already end-to-end encrypted with no need of additional encryption b) PGP encryption is not required c) The PGP source code used is "abbandonware" and is subject to known security vulnerabilities (likehttp://www.cvedetails.com/cve/CVE-2000-0678/) and probably others d) The PGPFone code use is "abbandonware" since +13 years and should be reasonably subject to vulnerabilities e) The PGPFone protocol even if opensource is an unaudited, not conforming with today's de-facto ZRTP's security requirements f) The system is not cross-platform, not easy portable, not easily maintainable (it cannot goes over Linux or Tails for example) For the reasons explained above, i do not consider the Torfone software something i would recommend to use. So, as a consideration i think that Torfone developer to look for a different approach, by using best-of-breed open-source multimedia system, re-writing TorFone with a completely different design. The most reasonable and maintainable approach is: - Use Jitsi (http://www.jitsi.org) - Introduce RTP over TCP support to Jitsi (to have RTP voice flow works over TCP rather than UDP) - Introduce Socks5 support to Jitsi (to have TCP - Adjust the jitter buffering of jitsi to works over Tor latency - Extend XMPP & Jingle support to works P2P (something is already there, it should be relatively simple) - Fix minor UI stuff With such approach you would have: - A cross-platform, opensource, secured voip client - A maintained and mainteinable source code - Using standard protocols with minor modifications - ZRTP encryption (if you want, but it's not needed due to end-to-end encryption of Tor Hidden Services) Regards, Fabio * Useful consideration about VoIP over Torhttps://guardianproject.info/2012/12/10/voice-over-tor/* Anonymous push to talk over Torhttps://guardianproject.info/2013/01/31/anonymous-cb-radio-with-mumble-and-tor/ ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
