-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Marco Bonetti wrote:
(snip)
> An interesting hack.
> There's one "flaw": the core mechanism is javascript based, using
> tobutton-dev will stop it from working :)
> Some of the js code can be moved to server-side (e.g. the user-agent
> query) but, ag
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Anon Mus wrote:
(snip)
> Not quite true.
(snip)
> 3. Attacker has a list of known public/private key pairs. These are
> generated over the years by government security service supercomputers
> and their own secure network computers (around the world)
I think I figured out that Tor needs time since it periodically
downloads new router descriptors. However, although the Tor status
page (and the directory servers ) show the 3 Tor nodes I am using to
be up, I am still unable to build a circuit, even though I downloaded
the full list of descriptors.
On Thu, Feb 14, 2008 at 2:32 PM, Marco Bonetti
<[EMAIL PROTECTED]> wrote:
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA1
>
>
> Jens Kubieziel wrote:
> > * Dieter Zinke schrieb am 2008-02-14 um 18:39 Uhr:
> >> http://torstatus.kgprog.com/
> >> http://kgprog.com/
> >> unable to connect says
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Jens Kubieziel wrote:
> * Dieter Zinke schrieb am 2008-02-14 um 18:39 Uhr:
>> http://torstatus.kgprog.com/
>> http://kgprog.com/
>> unable to connect says my browser.
odd :)
it was online when I wrote the mail. kgprog should also host the source
code r
* Dieter Zinke schrieb am 2008-02-14 um 18:39 Uhr:
> http://torstatus.kgprog.com/
> http://kgprog.com/
> unable to connect says my browser.
There are a few others mentioned at
http://www.torproject.org/documentation#NeatLinks>
Besten Gruß
--
Jens Kubieziel http
On Thu, Feb 14, 2008 at 04:54:42PM +0100, [EMAIL PROTECTED] wrote 0.7K bytes in
18 lines about:
: Yes but the true magic of this method is working without JS, just with xhtml
as I understood it? So it would also detect you using torbutton and calculate
the hash on serverside for you.
Well, the
All,
I found out that some router descriptors are not being downloaded. For
example, on https://torstat.xenobite.eu (the Tor status page), it
shows that 1000rpm is up and running. When I start Tor (I just
upgraded to the latest stable version to make sure it was not a
version issue), it says
rout
Sorry Marco
http://torstatus.kgprog.com/
http://kgprog.com/
unable to connect says my browser.
--- Marco Bonetti <[EMAIL PROTECTED]> wrote:
> On Thu, February 14, 2008 13:59, Dieter Zinke wrote:
> > But this link seem to be dead. Is there another
> source
> > to get router infos?
> try http://
On Thu, 14 Feb 2008 16:25:21 +0100 (CET)
"Marco Bonetti" <[EMAIL PROTECTED]> wrote:
> On Thu, February 14, 2008 16:17, kazaam wrote:
> > What do you think about this?
> An interesting hack.
> There's one "flaw": the core mechanism is javascript based, using
> tobutton-dev will stop it from working
On Thu, February 14, 2008 16:17, kazaam wrote:
> What do you think about this?
An interesting hack.
There's one "flaw": the core mechanism is javascript based, using
tobutton-dev will stop it from working :)
Some of the js code can be moved to server-side (e.g. the user-agent
query) but, again, tor
Jan Reister schrieb:
Il 14/02/2008 13:36, Anon Mus ha scritto:
A. Attacker obtains genuine private keys by,
1. Attacker sets up a number of genuine tor servers
2. Attacker infects genuine tor nodes with spyware
Setting up rogue (or compromised) nodes won't work for getting the
directory aut
Hi,
I found this article called "total recall on firefox":
http://0x00.com/index.php?i=520&bin=101000 it describes a method of
calculating hashes for a surfer depending on which plugins he uses. While I
think that this wouldn't allow to determine one person it could decrease the
user-gr
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hello fellow Tor-users :),
I'm trying to run a Tor node that will only serve Directory information.
My hoster doesn't allow me to run a Tor relay, but I want to let him
donate his bandwidth to the Tor project by serving Directory
information. But when
Il 14/02/2008 13:36, Anon Mus ha scritto:
A. Attacker obtains genuine private keys by,
1. Attacker sets up a number of genuine tor servers
2. Attacker infects genuine tor nodes with spyware
Setting up rogue (or compromised) nodes won't work for getting the
directory authority private keys. T
On Thu, February 14, 2008 13:59, Dieter Zinke wrote:
> But this link seem to be dead. Is there another source
> to get router infos?
try http://torstatus.kgprog.com/ and mirrors.
--
Marco Bonetti
Slackintosh Linux Project Developer: http://workaround.ch/
Linux-live for powerpc: http://workaround.
I didn' t use tor for a year or so. So things might
have changed. I use tor with a shell script that
excludes tor from using specific european countries.
German and belgium servers for example. To run this
script i need router information. Got those from
http://serifos.eecs.harvard.edu/cgi-bin/exi
Jan Reister wrote:
> Il 13/02/2008 20:55, Marco Bonetti ha scritto:
>> that's the whole point of encrypting the communications and sharing
the
>> public keys fingerprints inside tor sources.
>> a man in the middle can reroute traffic through his nodes but it
will be
>> useless (except for sending y
On Thu, Feb 14, 2008 at 08:42:07AM +0100, anon ymous wrote:
> Well, that's all good and valid.
> But as an ISP controls all internet-access
> of the client, it can with little effort fake
> the tor-web+svn-server and some sites
> where tor-packages for distributions are hosted.
> (Unless they are s
On Thu, February 14, 2008 08:42, anon ymous wrote:
> Well, that's all good and valid.
> But as an ISP controls all internet-access
> of the client, it can with little effort fake
> the tor-web+svn-server and some sites
> where tor-packages for distributions are hosted.
> (Unless they are signed lik
20 matches
Mail list logo
