> I never made the claim this was safer.
Of course, not quoted as such. Plaintext anywhere is risky. Yet
this entire thread is about sniffing. How plaintext-only exits
somehow equate to sniffing. And how badexiting plaintext-only exits
somehow equates to reducing that risk. Both are weak premises.
Can someone make sure all the new lists get submitted/added
to markmail?
As official archives in Maildir or Mbox are not yet provided (under
the curious guise of spam prevention), some alternative indexes
to the ones provided by the list engine would be valuable to
the community.
*
> You may like:
As I look through them, I think I've found at
least one answer with these so far. Thanks.
***
To unsubscribe, send an e-mail to majord...@torproject.org with
unsubscribe or-talkin the body. http://archives.seul
Simply because every good thing needs checks, balances and feedback.
> Thus spoke Msr. Bennett:
> The tor project until very lately has always promoted end user
> understanding and responsibility. Now the project *appears* to
> be undergoing a major philosophical change toward nannying the
> tor u
Been a fencesitter on this since posting the note about recording
traffic that helped send this thread over the top. For once, I'm
in agreement with Scott :) (and others)
Badexiting based on exit policy seems rather silly as it will prevent
nothing. And because of that, doing so is security theatr
> I dont see how to recognize if the traffic is recorded?
I know people who record exit traffic, lots of it. And they
do all sorts of things with it too. Does that news trouble
you? If so, you need to readjust your thinking.
***
T
n the useful and informative responses so far. It would
be worthwhile if more insight is desired sometime.
-- Forwarded message --
From: Paul Stauffer
Date: Thu, 27 Jan 2011 13:32:51 -0500
Subject: Re: Tor exits in .edu space
To: grarpamp
Cc: or-talk@freehaven.net, timothy
> The Republicants are back to pushing data retention legislation. :-(
> http://news.cnet.com/8301-31921_3-20029393-281.html
http://www.computerworld.com/s/article/9206379/DOJ_seeks_mandatory_data_retention_requirement_for_ISPs
http://yro.slashdot.org/story/11/01/26/0418200/DOJ-Seeks-Mandatory-Dat
Just noticed a couple Tor exits in American .edu space.
Wanted to see how that is working for you?
Any issues you have running it?
How do you handle 'abuse' issues?
What your justifications and approaches were to start
and ongoing?
Anything we can do to support more nodes in other edu space?
Etcete
Ok, I think it could be written as:
Each endpoint must always be in control three nodes, with whoever
chose the meetme using that as their third.
Assuming meetme's don't apply in other areas of Tor, I suppose it
could be further clarified as:
Each endpoint must always be in control of three nodes
https://gitweb.torproject.org/tor.git/blob/HEAD:/doc/spec/rend-spec.txt
https://gitweb.torproject.org/tor.git/blob/HEAD:/doc/spec/path-spec.txt
http://www.torproject.org/docs/hidden-services.html.en
As you've read and itemized the spec, which I'm off to read, here's
my itemized take on the web pag
> git clone git://git.wifi.pps.jussieu.fr/polipo
Do you have a gitweb? That would be nice.
> Chris's old branch is called polipo-chrisd
Oh, meaning 'chrisd/polipo' @ 20100113
193d95e3906967433081e0b10626a67c075ac131
> and his last tree is tagged ``polipo-chrisd-20100330''.
Oh, meaning 'polipo'
Here's FF's message and the SHA-1 at the message screen time.
Haven't examined the cert or the exit.
HTTPS. 68:AC...6D:9B
Secure Connection Failed
An error occurred during a connection to mail.google.com.
Peer reports incompatible or unsupported protocol version.
(Error code: ssl_error_protocol_ve
> I previously generated a fully anonymous gmail account early last year.
> Created it via the tor network without using any personally identifiable
> information, emails, or phone numbers.
This is in the past, well over a month old and thus irrelevant in
internet time. The recent threads about Gm
The second some kind of automation starts kicking
in, scanning for hidden services, I think this is a Bad Idea.
> scanning 36^16 possible hidden services is out of discussion...
It's actually 32^16. Considering 10k nodes processing 1 per
second would only take 3.9 trillion years to search port 80
I've commonly seen exits (or paths) reused within a certain period
of time after issuing a NEWNYM.
For the users that have such a need, it would be nice if Tor could
optionally keep a historical bucket of configurable entry length
(whether based upon time and/or number of prior nodes/paths used).
Wish mail could multiply thread replies. Here are combined thoughts
on the related 'Tor & Email?' and 'Tor and google groups' threads...
>> Maybe you should start up a gmail activation service! Or at least for
>> us here in the group!
How many accounts will gmail and the other online entities al
Within last two hour, I tested these four exits, all failed to create
new accounts. FF 3.6.1x, proxy set, dead common agent string. All
form fields randomly generated for each exit. No recovery address
supplied.
2bce68f1f3a84fb5986a09e6c2645f66ceb072d8
0ee6c3888c40a82a5bdc47d6e4d12edc41f4247f
c1b7
> We've generally suggested gmail because their bulk account creation
> process was good. It seems this is not the case any more.
What is this bulk account creation you speak of?
The session leak occurs with the non-https intro/splash/welcome
screen that appears right after new account creation.
>> The only recommended way to use email with Tor is to use web mail,
>> e.g. https connections to gmail.
Keep in mind that google does not allow new accounts to be
created via Tor. Unless you are willing to give up your phone
number. Also they expose the GX session key and other cookies during
th
>> >> Yes, please see https://www.torproject.org/docs/faq#ChooseEntryExit -
>> >> We recommend you do not use these — they are intended for testing and
>> >> may disappear in future versions.
What?! Disappearing?! People MUST have the ability to choose their exits.
To get around filters, make use
> From reading on OnionCat , the clients are essentially hidden services
> once a connection is made it is bidirectional.
No, OC is just a daemon shuffling data back and forth across a
Tor HiddenServicePort. Tor provides a bidir return path to the
source, which the listener (OC) can use, if it thi
> During preliminary testing we purely relied on communicating the
> hidden services names (that map to OnionCat IPv6 addresses) in a
> properly authenticated manner.
OnionCat has no authentication between it and and the node it is
running on and it's peers. It's somehwat possible though. There
we
> your residential DSL service
> is only for the use of your pcs
> within your home.
> You also are responsible for any harmful or illegal traffic that comes
> from your DSL modem.
When others among you are faced with contracts that state
these two things... it may be worthwhile to defer mention
Mostly off-topic, except in regard to a possible defense for
Tor relays/users in the event any go that far.
I'm amazed they are able to lodge cases based on
what appear to be BT scrapes of BT announcements.
Certainly your announcement could be just that, metadata
only. And your file could be /dev
> Is openssl 1.0.0c tor-safe?
Don't know what you mean by Tor-safe.
But I can say that tor 0.2.1.27, libevent 1.4.14b
and openssl 0.9.8q all compile and run fine
together on a legacy FreeBSD 4 box. A spot
check says 1.0.0c will too on an 8 box.
*
Two related questions for general comment:
1) Couldn't the directories to which hidden service
descriptors are published elect, or be ordered,
to decline to publish certain descriptors?
2) What happens in the event of a sustained global
DoS or a simple coordinated LEO/ISP shutdown of
the director
https://www.torproject.org/docs/tor-doc-unix
the above page says tsocks. it should say:
http://code.google.com/p/torsocks
***
To unsubscribe, send an e-mail to majord...@torproject.org with
unsubscribe or-talkin the body. http:
> A version should come
> as a convenient and containable virtual appliance, or packaged as
> plug computers.
What about the idea of a self aware virus running within/upon
any given [overlay] network. The network would provide an
execution platform. The virus would roam around, ferrying
data, keep
I'm testing a relay here a bit more in detail and would
like to know what mechanism will allow the soonest
detection of it by another unaffiliated client across
the globe?
I can pull and crunch the /.../.tor/ files. And via
the controller I can also 'getinfo desc/all-recent'.
Maybe there are sett
> I'm too obtuse to understand, just with your footnote alone,
> what a "hidden service trap" is - would you provide a further
> explanation, or a link to one ?
A hidden service trap is a hidden service run by any one/entity
you'd rather not be doing business with. A trap, a lure, a ruse,
a sting.
Some further thoughts on an already mixed thread...
> Would this increase anonymity? As pointed out previously, not much.
> Attacks against Tor anonymity usually relate to entry-point/exit-point
> traffic correlation... Regardless of how many segments are in the
> middle, if your adversary can "co
> might as well shit it. And, as in my post about torrent and non-bandwidth
LOL, that was one heck of a good typo :) Have a good weekend!
***
To unsubscribe, send an e-mail to majord...@torproject.org with
unsubscribe or-talki
> Does anyone have any comments on this paper? Any reassurance? Frankly,
> this is scary.
Yes, it's absolutely scary, and should be obvious. There's only maybe
3200 fingerprints out there. Heck, even the local computer club in a
major city could raise enough funds to deploy a handful of early guar
> grarpamp: i'll follow this up with links for various UDP Tor papers
> and discussions. i've got a bunch of bookmarks somewhere...
You don't have to or anything like that, or maybe for the wiki. I still
need to check out the project site and AnonBib more and will
pr
>> Wish the mbox or maildir archives were available/mirrored for easy
>> search, reading, reference and reply using native mail clients :)
>
> ...I wish people would stop cross-posting between -dev and -talk...;)
Hey, I might just be inclined to trade detailed examination and separation
of message
>> So long as users are covering their bandwidth with giveback [1], I
...
>> - indeed provided back to the network as a 'moral' condition by
>> those same users.
...
>> case) you need to give back at least 6x your use. So you will already
> there's always a catch. ;)
Heh, yeah, no one ever sugges
> "
> It's my understanding that BitTorrent is less of a bandwidth hog as it
> is a connections/circuits hog. These are expensive to create and you
> can't balance your BitTorrenting by hosting a high-bandwidth node
> because to have 0 net effect on the network, you'd have to host a
> circuit's wor
> In the past, this used to display the FQDN as the first thing
> that traversed a circuit, then the IP thereafter.
Hey, wait a minute, when using torsocks and netcat, this is for a site
that is unmapped:
2274 SUCCEEDED 37 amd.com:0
2278 SUCCEEDED 33 163.181.249.32:80
And this is for one that is
On occaision I watch this:
authenticate "pass"
usefeature extended_events
usefeature verbose_names
setevents stream
getinfo stream-status
In the past, this used to display the FQDN as the first thing
that traversed a circuit, then the IP thereafter.
1072 SUCCEEDED 24 torproject.org:0
1073 SUCCEE
It doesn't seem that Tor is binding and transporting IPv6 yet.
However the client could presumably set up a VPN
with a tunnel broker. And do some interesting things
with OnionCat as well. The last mention of IPV6 in the
release notes was 0.2.1.18.
On 11/4/10, Olaf Selke wrote:
> Hi,
>
> will Tor
Given a little script.
Plug it with an onion of your choice that is currently up.
Run script, sleep 15... repeat... repeat...
You may get:
HTTP/1.0 200 OK
[with descriptor attached]
HTTP/1.0 404 Not found
[with nothing attached]
[nothing at all]
[with nothing attached]
Why do some have no re
>>or is it still the general recommodation to
>> run hidden services without https?
>
> I would recommend that hidden services not use HTTPS. The Tor hidden
> service protocol does an adequate job of authenticating servers and
> encrypting traffic to them.
In the hidde
For the users who have checked all the c-s-d checkboxes and reviewed
all the firefox.edit.preferences pages...
For any given phase/method of browsing/usage, does torbutton clear
any additional state beyond what c-s-d clears?
Particularly with regard to transmittable data [whether remotely or
loca
Descriptor fingerprints look like this:
opt fingerprint 0001 AC1F 9AE6 9A00 3C5E 6F02 73CB D69E C6E7 6926
...
opt fingerprint FFEB 470C F379 9E9C 5956 8521 8627 9ED5 55AB 1340
It's an extra routine to remove or add the spaces for scripting, with
the control port, etc. And who really uses them in a
> And some would consider phony names used in email to show
> lack of courage of convictions when voicing opinions in public
Throughout history, some of the world's most important movements
and changes have originated with the Anonymous.
Anonymity is a tool whose use case is rightly selected sole
Another links regarding earlier posts on this topic:
http://www.ntop.org/blog/?p=1
http://www.alexonlinux.com/smp-affinity-and-proper-interrupt-handling-in-linux
http://www.alexonlinux.com/why-interrupt-affinity-with-multiple-cores-is-not-such-a-good-thing
*
The net already changes session keys.
If referring to the base key... no.
Because a compromised computer must be presumed broken until fixed.
Rotating keys would just churn the fingerprints, directories, etc... all while
the attacker continues to happily read whatever the Tor daemon is doing.
Pract
> a free VPN
> There are VPN providers that will let you pay anonymously.
Among others, I would be interested in reading posts
containing lists of VPN providers that offer one or more
of these two services. Thanks.
***
To unsubscr
> I think Polipo was a better cache, and since an HTTP proxy can't filter
> evil content out of HTTPS responses, Privoxy's filtering was not very
> useful.
Note though that the definition of evil can be game changed
by running your instance inside a secure sandbox, behind a nat,
and minding your
> Use the macchanger utility. Make sure you write down your original
> MAC first, in case you need to switch back to it later.
Original is commonly available in Unixlike boot dmesg output.
I'm as yet unaware of an available changer that
will burn the hardware itself, as opposed to simply
programm
Well, no rants, but I'm in qualified agreement with Scott [just
this once, heh]... that yes, those of us stuck in 80x25 terminals
and antique text comment databases could use a multiline format.
It the project is concerned about the replace vs. add semantics,
one could add two new exclude[exit]nod
> believe that the "global external passive adversary" does exist
> though (via ... secret rooms that splice cables and copy off
> traffic in transit)
The historical existence and use of taps, whether for international/local
intrigue, criminal, research or black/white ops, with or without clear le
> It is also worth noting that Craigslist prevents the use of Tor albeit in a
> very strange way.
I can second having similar problems with Craigslist, albeit from another
fixed, yet listed, location on the globe. Any Torizens in SF, feel free to swing
by CL and offer them your cluebat, I offer v
>>> I can see it could provide some protection against...
>> No. Why do you think it could?
> - because by default - lots of additional reasons...
The shim was just supposed to be a tool so you could hook into
an http[s] stream and do whatever with it, or nothing at all.
For instance, I've always
> > https://anonymous-proxy-servers.net/en/anontest
> As I understand it, Polipo can't scrub the headers of an HTTPS request,
Nothing in the open source field can do so yet afaik.
To do it, a shim needs to be coded and placed between the application and Tor.
user <-> browser <-> [optional tool]
On 8/19/10, Seth David Schoen wrote:
Exactly!
Even if any particular anon system was comprimiseable, why would
any comprimising organization [save the full disclosure types] wish
to play their trump card in public??? If any anon system is comprimisable,
far better to listen in, under the convenie
>> Are there any official (non-mirror) .onions run by the torproject itself?
> https://trac.torproject.org/projects/tor/wiki lists some hidden services,
> some of which are quite official, like the hidden service that points
> to archive.torproject.org.
axqzzpkfwezf3kku.onion - 'Sample Hidden S
> etc ?
And even though they wouldn't be much of a 'service',
include any official 'Hello World's under 'etc' too :-)
***
To unsubscribe, send an e-mail to majord...@torproject.org with
unsubscribe or-talkin the body. http://
Are there any official (non-mirror) .onions run by the torproject itself?
ie: servers/services falling within the administrative purview
of the torproject that are running the Tor daemon and
offer up hidden services.
website ?
file / rsync / mirror / archive / distribution services ?
git / trac r
> And once we're requiring both sides of the communication to install
> extra software, we might as well just have both sides just support SSL
> and be done with it.
Tor [exit nodes] can always attempt to initiate opportunistic IPSEC.
You might be surprised how many servers out there do run IKE
> By the way, Paypal is the most widely used paypent processor
Well, in the open social networking space, sure.
There's all sorts of traditional commercial processors such as:
https://www.authorize.net/solutions/merchantsolutions/pricing/
**
> Is there any working implementation of Phantom? I2P is widely in use,
> and I must say that I really begin to like it. Code also looks much
> cleaner to me (not: mature). Tor could use a complete rewrite.
Not as of yet. They have a specification whitepaper and a video with
slides to give you a
> The author is a security researcher, the tool is ages old and
> abandoned, as far as I know it doesn't work right away unless you
> change some of the code, and it was written to check what tor exit
> nodes where running sslstrip or in other ways were messing with the
> traffic.
>
> I'm not
So long as more nodes come online, and those nodes have proper family
statements, particularly regarding physical/geopolitical location...
I don't really see any problem with any form of organization doing
this. For profit or not.
Nor any problem with any level of transparency. From open books and
> I Don't have any information about the subject but would it be possible
> to buy own ip-range which would stay in my possession even if I switched
> ISP's. I don't think it comes very cheap...
>>> I have been thinking a long time how to run a stable exit node without
>>> getting constantly in
Wasn't there a user driven opensource geoip database project
somewhere? Sortof like DynDNS, users go to the website, it
pops up their ip address, they enter their location in the DB.
Thought it had some advanced stuff too, network admins
could enter CIDR blocks, contact info and such.
*
I'm running some automated widgets that connect to various onions.
The breakdown of 702 Polipo connects across about as many onions
is:
a 85 ok
b 1 ERROR 504: Connect to failed: General SOCKS server failure.
c 9 ERROR 504: Connect to failed: SOCKS connection not allowed.
d 99 ERROR 504: C
Found the repo:
git://git.torproject.org/git/torsocks
But the gitweb for torsocks is missing from:
http://gitweb.torproject.org/
It should be there, no?
This is the current torsocks home right?
Or did it move or go unmaintained again?
**
Note the double .tmp file extension.
There may be places where mkstemp(3) could be considered for use...
.tor, these files.
Restarted tor, watched .tor dir right after.
.tor hier went from:
lock
state
cached-descriptors.new
cached-descriptors
cached-consensus
cached-certs
to: same files as in fr
Excluding bandwidth as that's probably the easiest
to guesstimate [6x each user's use for onion2onion case].
Assuming whatever typical usage patterns exist today,
and expecting a partial shift to include more bandwidth
intensive apps...
What sort of issues exist as each new set of say
1K/10K/100K/
>> you have to have every bittorrent client in the swarm ALSO running
>> a location hidden service
> Correct. All users and trackers would have to have a .onion address.
> > I highly doubt any bittorrent client yet supports operating in this
> > manner.
> I have both a torrent tracker and client
> > a) You do all operations in Tor... NO use of exit relays, in other words,
> > entirely in onionspace. The smart reader will already know how to
> > configure this :)
>
> Well how exactly would you accomplish that? You could put the tracker
> on a location hidden service, that eliminates on
I don't think there's much of anything wrong with using Tor for bittorrent
provided:
a) You do all operations in Tor... NO use of exit relays, in other words,
entirely in onionspace. The smart reader will already know how to
configure this :)
b) You give back 6x the bandwidth you use in the form of
Thought this topic might come in handy as well.
Discuss those cards not requiring positive ID or any real world data
verification that the service depends upon. And whether they're
refillable or not, balance limits, shipping addresses, etc. These sorts of
cards also make great gifts as the purchase
> T-Mobile has 3 prepaid plans: "Pay as you go", "Pay by the day", and
> "Flexpay".
> Anyways, I thought I should report on all this research. I've been
> waiting so long for the day when I could walk into a store, give
> someone some money (hell, any amount!) and get ... access. You have
>
> Thanks for your stats Olaf, intresting and sad to see that there sue peoples
> for no good reason. In your case it's really a abus to become 7 inquieres in
> less 2 months :/
Yeah, they're just doing due diligence though.
This is actually good news. Because after at least seven inquiries, the
Since I doubt the suggested tests were performed, I did the work
instead. I reached the 'up' website, and timed out on the 'down'
one... both as expected. And I diffed the clearnet and tornet
versions of the 'up' one and they matched, sans 'alteration'.
If one can prove exo is the site with the ca
> passed the name to the exit node for SOCKS name-to-address resolution
Oh, I see, I missed that. For a sec I was thinking it was httpd
griping about Host:.
> b) "exoassist" is a bad exit that inserts a web page into the stream returned
> to the client when a connection cannot be made.
> >That
> When trying to fetch a web page from www.fibrlink.net, I was surprised to
> get an error page back from someplace in Australia,
That site is in Australia. And considering that that url is down right
now, and that they're fronting it with squid, who knows what all's
pooched on their end. Before d
> One is in the HTTP(S) header, which can indeed be stripped by privoxy.
HTTPS cannot be terminated, stripped and re-encapsulated by privoxy.
It passes straight through. I still offer a gold doubloon to anyone who knows
of a good unix TLS proxy/munger. One can dream.
> tor handles a .nickname.exi
And what, if any, $USD value per month/ per mbit would
such a service have to various people? And why?
Perhaps that is what really signifies such a need?
***
To unsubscribe, send an e-mail to majord...@torproject.org with
unsubscri
Hi. In regard to the current general discussion regarding Tor
operators who are getting disconnected for DMCA reports, etc...
Is there a need for a 'by the books' ISP/hoster based in the USA?
By 'by the books' (btb), I mean... one who isn't just going to kill
your node, blog, files, etc... becaus
> In addition, there is a mailinglist for exitnode-operators within Germany:
> http://archives.seul.org/or/talk/Mar-2008/msg00043.html
this pointer doesn't really help when the only available list archives
strip anything with an '@' in the message as a misguided spamfighting
attempt.
the address
> place a judical complaint on me, plus they charge me quite a lot of
> money (around 300$ so far). So I have to convince them that I dealt with
And any ISP who treates its customers like this should be shot.
Hundreds of $USD just to open a standard ticket and forward
some email, that's ludicrou
Infringing Work: 90210
First Found: 21 Jan 2010 xx:xx:xx EST (GMT -0500)
Last Found: 21 Jan 2010 xx:xx:xx EST (GMT -0500)
IP Address: 188.40.xxx.xxx
IP Port: 37278
Protocol: BitTorrent
Torrent InfoHash: D1A9A5301B873BB56944F9EA23B23A9C330687ED
Containing file(s):
90210.S02E12.Winter.Wonderland.HDTV
I was reading these two docs. They seemed to hint that such a thing
existed on the authoritative directories. As that seemed where the
HS nodes were uploading their descriptors/intro points to. Thus
maybe a disk or control port query would exist for such records.
Or with some minor source change,
ok, cool. thx guys.
would it make sense to sign the torbutton xpi's?
and torsocks?
perhaps since it all comes from the same git repo it isn't necessary.
***
To unsubscribe, send an e-mail to majord...@torproject.org with
unsubscri
As I wrote someone earlier...
It would be easier to just sign the git revision hashes at various intervals.
Such as explicitly including the revision hash that each release is
made from in the release docs itself. And then signing that release.
That way everyone... git repo maintainers, devels, mir
Is there an archive or a current snapshot
of these from any or all of the six servers
available? Thanks.
***
To unsubscribe, send an e-mail to majord...@torproject.org with
unsubscribe or-talkin the body. http://archives.seul.o
RBR is doc'd to be only relay rate + directory requests.
Is and if so, where is the client rate limited?
Is and if so, where is the HS [onion] rate limited?
Is and if so, where is there a distinction made between non-exit and exit rate?
And which rate, if any, is the parent rate?
Does BR = RBR +
>> It may be more proper to think of it as bandwith. Server serves a
>> stream 24x7x365 at 100,000bps. User consumes it 24x7x365.
> How so?
Some people think in terms of bytes transferred [the file case].
Some people think in terms of bandwidth [the stream case]. In either
case, the solution to th
Say a hidden service makes available a 100,000 byte file. Now
another user downloads that file. There was obviously some 'cost'
in bytes to the six hop relay system for doing that.
Say the user who downloaded that file feels obligated to repay his
usage back to the system by running his own non-ex
> wrote:
> >I built/installed openssl-0.9.8l on /usr/local/ssl/
> the tor configure script when run recognize according the messages
> this openssl
> (I used the configure option --with-openssl-dir=/usr/local/ssl/lib
He implies building it by hand.
He needs to remove the trailing '/lib' from hi
> In the meantime, I guess we're at a standoff.
> "What the fuck, freebsd? Why did you break a system library?"
Until FreeBSD updates their base, include a note in the source
release build docs in big block letters: BUILDING TOR ON FREEBSD...
That caveat and instructions would hopefully registe
> (when I no more could use tor)
You need to update openssl. Check the list archives for this month
about how to successfully do that using either canonical sources or
freebsd ports.
> Right. Unfortunately, it seems that FreeBSD patched openssl in such a way
> that it is entirely impossible for
> However, if one installs openssl from the ports tree, it will be
> version 0.9.8l instead.
> It is not necessary to link with static libraries. Here is an excerpt
It example of isolating everything as proof current tor and ssl is ok
and as alternative build concepts.
Static can be us
FreeBSD RELENG_8 20091229T1432 works fine from current sources:
openssl version -v -p
OpenSSL 0.9.8k 25 Mar 2009
platform: FreeBSD-i386
mkdir tor ; cd tor
tar -xf /.../openssl-0.9.8l.tar.gz
tar -xf /.../libevent-1.4.13-stable.tar.gz
tar -xf /.../tor-0.2.1.21.tar.gz
c () { /usr/bin/env - PATH=/us
try searching for privacy free speech no logs webhosting or something like that.
there were two companies i found in the usa while researching a couple
years back that offered it.
they were a bit pricy due to the manpower needed to fulfill
their obligation to shuffle various legal process around.
i
> On the contrary, in the United States, all ISPs are *required* by
> statute to record all URL requests that can be detected passing from their
> customers through their equipment.
False. ISP's in the US don't have to record any information of any
kind about their user or their data whatso
1 - 100 of 177 matches
Mail list logo
