Re: exit node config for egypt IP range

http://www.renesys.com/blog/2011/01/egypt-leaves-the-internet.shtml seems very little of egypt (if any) is currently routed signature.asc Description: Digital signature

Re: Anonymity easily thwarted by flooding network with relays?

On Fri, Nov 19, 2010 at 10:33:38AM -0500, Paul Syverson wrote: :Better go have another espresso ;>) further through the coffee now and wishing if I had to have said thout out loud I'd at least not sent from my MIT addresss :) next your going to tell me I didn't really win the Nigerian national l

Re: Anonymity easily thwarted by flooding network with relays?

On Thu, Nov 18, 2010 at 11:03:41PM -0500, Roger Dingledine wrote: :On Thu, Nov 18, 2010 at 06:19:03PM -0800, Theodore Bagwell wrote: :> I nominate this paper as a founding reason why Tor should permit users :> to increase the number of relay nodes used in each circuit above the :> current value of

Re: Tor Project 2008 Tax Return Now Online

While I do think it's good to see the funding there are two points that are important to remember. 1) this is a freesoftware project the code is there for all to see, hopefully clueful people other than the US Government are reading it. 2) no matter who's funding it the US gov't could read the c

Re: Why you need balls of steel to operate a Tor exit node

On Wed, Sep 09, 2009 at 05:08:58PM -0400, Ted Smith wrote: :There's a lot of FUD thrown around about how "you need balls of steel to :operate a Tor exit node", I'll throw in my anecdotal $0.02 When I was running an exit I had two semi serious incidents. One was a phone call from a sherif's offic

Re: Can Tor run WITHOUT Pivoxy ?

On Fri, Dec 28, 2007 at 05:03:30PM +0100, kazaam wrote: :And If I use Tor just for anonymous chatting? There's no need to put an http-proxy into tor. Also not everyone uses privoxy but polipo... Also if you are only running a server there's no need for privoxy, and other proxies could probably be

Re: Encrypted Web Pages?

On Mon, Dec 17, 2007 at 09:25:13AM -0800, Martin Fick wrote: :> It's an interesting threat model though :) : :Yes, but it really is a fairly simple one. :I am surprised that HTML does not seem :to have some extension to deal with this :already. It is not much different from :encrypted email conc

Re: Encrypted Web Pages?

On Mon, Dec 17, 2007 at 08:52:30AM -0800, Martin Fick wrote: :> I may be missing something about the :> implications of HTTPS, but you could :> certainly key pgp public keys to x.509 :> identities if you wanted to keep static :> data gpg encrypted on the server. : :I'm not sure that I understan

Re: Encrypted Web Pages?

On Sat, Dec 15, 2007 at 11:12:46PM +0600, Vlad SATtva Miller wrote: :Considering the amount of bugs and weaknesses found regularly (and not :found) in common browser software (open source or not), it's not a :well-advised practice to trust a browser handling of sensitive private keys. While I agr

Re: two unseemly tor behaviors

On Tue, Jul 03, 2007 at 05:51:14PM -0500, Scott Bennett wrote: : Do you think that they prefer to have their server crash, rather than :to issue an error message and continue operations? Yes. If I restart a service I want to be sure it restarted not have to go check and see if it really di

Re: nighteffect.us gone

On Mon, May 21, 2007 at 11:13:05PM -0700, Steven Colbert wrote: :Without the use of GnuPG, or something along those lines, how would we :know that the "I'm OK message" was really from Joe...? well we don't, but to paraphrase Ron Rivest paranoia is infinitely recursive. If it was signed maybe THEY

Re: tor proxy chain

On Mon, Feb 12, 2007 at 03:16:32PM +0100, giorgio m wrote: :Why a proxy shouldn't accept connections coming from tor? To prevent abuses? :Can you tell me how to do this proxychaining? Because then anyone using tor can use your proxy and any crimes/harassment they commit come from your proxy. hav

Re: tor proxy chain

On Mon, Feb 12, 2007 at 02:47:54PM +0100, giorgio m wrote: :First of all, thanks for your polite and fast answer. :To simplify the problem, I say that I would like to do this: : :perl_script-> tor -> standard_http_proxy -> web_site : :I want the web site to see the ip of the standard_http_proxy, no

Re: [or-talk] ABC blocking Tor servers?

On Mon, Dec 11, 2006 at 12:39:50PM -0500, Sam Creasey wrote: :On Mon, Dec 11, 2006 at 08:07:10AM -0800, Brian C wrote: :> ABC makes available some full episodes of their TV programs from their :> website. I operate a tor server from the single static IP assigned to :> me by my ISP. My ISP is a Co

Re: ABC blocking Tor servers?

On Mon, Dec 11, 2006 at 05:18:51PM +0100, David Kammering wrote: :Doesn't seem to be an issue with Tor. I get the same message from a :non-Torr'ed IP address in Germany registered to Arcor (a big ISP in :Germany). Point is he got this message from a US based IP which also happens to be a TOR se

Re: Stephen Soghoian on U.S. Gov't Attitudes Toward Tor

On Thu, Nov 30, 2006 at 10:35:21AM -0500, Michael Holstein wrote: :Simple. It's okay for them to be sneaky to avoid *US* (the citizens) :from knowing what they're up to, but *NOT* okay when we try to hide from :them. Probably true of the people paraphrased, but I'm sure ONR folks understand if

Re: Stephen Soghoian on U.S. Gov't Attitudes Toward Tor

On Thu, Nov 30, 2006 at 03:30:27PM +0100, George W. Maschke wrote: : at least the two represented at the meeting, strongly disapprove of : Tor - and in particular, thought that research universities such as : IU, MIT, Georgia Tech, Harvard and others : have no

Re: Anonymous Blogging

Hi, I'd highly recommend reading teh "Design Documents" at http://tor.eff.org/documentation.html.en TOR is *not* designed to protect against a global passive adversary. The US government is certainly capable of being that, now would they put that much effort into you personally, who's to say. T

Re: torrc Clientonly

On Mon, Sep 11, 2006 at 09:20:44AM -0500, Arrakistor wrote: :Fabian, : :I'm familiar with the man page. That didn't answer my question at all. entry, middleman, and exit are all server functions, if you aren't running a server you will not be acting in any of those capacities. -Jon : :Regards, :

Re: Tor Defense Fund...an idea.

On Mon, Sep 11, 2006 at 03:32:26PM +0200, Juliusz Chroboczek wrote: :> Well, I know Roger, Nick, etc are against it but making Tor run as a :> server by default may be worth more consideration (I2P does this). : :What about people behind NAT/firewalls that they don't control? : :What about people w

Re: Tor server question regarding hidden services.

You do not need to run an exit node to run a hidden service. -Jon

Re: Traffic Logging Suggestion

On Thu, Aug 17, 2006 at 10:36:01PM +0200, David T. wrote: :>I do believe one Russian exit node (was/is?) doing that .. by posting :>usernames/passwords (I guess they're dunning dsniff or whatever on their :>TOR box and piping the output to a webserver). :> :>Their stated motivation for this was to

Re: A map of the TOR network (geolocation)

On Tue, Jun 13, 2006 at 09:40:10AM +0200, Jan Reister wrote: : 4. Speaking of geolocation data, somebody should draw a map of the :Earth with a pin-point for each Tor server. Bonus points if it updates :as the network grows and changes. Unfortunately, the easy ways to do :this involve sending al

Re: Did you see this?

On Fri, May 19, 2006 at 07:22:00PM +0100, Tony wrote: :I didn't say a false key, I said a dummy key. One that will work, but :would unlock a dummy outer volume - but not all data within it. There is :no way of telling the inner contents of such a drive from random data. :There are several products

Re: Did you see this?

On Fri, May 19, 2006 at 03:11:20PM +0100, Tony wrote: :2. Keep multiple keys (e.g. a dummy volume). : :The act specifies that if there is more than one key, you can choose which key to give up! That just means you can revoke the key when they're done. Giving a false key is not giving a key.

Re: Sum legl trubs wid TOR en France + more

So the summary on drives is: * There's no point in being overly paranoid about wiping these because $they already got them and can be presumed to have a copy if they want it, the only point in wiping is the removal of potential malware, any reforam will do that. * Given sufficient time and

Re: [off topic] Configuring an IP blind Apache server

Thanks all, rinetd seems the simplest solution. I've already implemented it in fact...I figure if someone wants to guess which port I'm running on so they can have their IP logged I don't mind :) Thanks, -Jon

Re: [off topic] Configuring an IP blind Apache server

On Mon, May 01, 2006 at 04:09:28PM -0400, Michael Holstein wrote: :>It seem like there should be a way to plumb in privoxy or something, :>but I can quite think how. Any suggestions or pointers? : :Wouldn't it just be easier to edit your httpd.conf to change the log :format to *not* log the IP ad

[off topic] Configuring an IP blind Apache server

Hi, My appologies in advance this is clearly off topic, but couldn't think where else to ask...so please reply directly to me. I'd like a _reverse_ anonymizing proxy, something that blinds Apache to the incoming IP adresses in client HTTP requests. I run a webserver with a couple of virtual serv