Arjan wrote:
> Niels Elgaard Larsen wrote:
> [...]
>> I run an TOR-access-point. Users have no way of upgrading TOR on it. They
>> probably do not
>> even know that they are using TOR. If I fail to upgrade the access-point at
>> we lock it
>> out, the users loose the internet connection. And the
Arjan wrote:
>
> Jim McClanahan wrote:
> [...]
> > Certainly, protecting
> > the network is a priority. Protecting "uninformed or unsuspecting"
> > users gets trickier IMHO. I'll admit this is a bit of a hot-button
> > issue for me and I may have overreacted. But I think care needs to be
> > ta
Martin Fick wrote:
> --- On Thu, 7/2/09, Arjan wrote:
>> He may end up on a government watch list, because they know that all
>> TOR users are potential child pornographers / terrorists.
>
>
> Give me a break, so are all internet users, so are all people
> of the world. This kind of silly slu
--- On Thu, 7/2/09, Arjan wrote:
> He may end up on a government watch list, because they know that all
> TOR users are potential child pornographers / terrorists.
Give me a break, so are all internet users, so are all people
of the world. This kind of silly slurring of tor users is
really
Niels Elgaard Larsen wrote:
[...]
> I run an TOR-access-point. Users have no way of upgrading TOR on it. They
> probably do not
> even know that they are using TOR. If I fail to upgrade the access-point at
> we lock it
> out, the users loose the internet connection. And the users are not that
>
Jim McClanahan wrote:
[...]
> Certainly, protecting
> the network is a priority. Protecting "uninformed or unsuspecting"
> users gets trickier IMHO. I'll admit this is a bit of a hot-button
> issue for me and I may have overreacted. But I think care needs to be
> taken before cavalierly shutting
I resend this since it was deleted by greylisting.
Original Message
Subject: Re: 25 tbreg relays in directory
Date: Wed, 01 Jul 2009 17:19:34 +0200
From: Niels Elgaard Larsen
To: or-talk@freehaven.net
References: <200906290445.n5t4jolj007...@mp.cs.niu.edu>
<4a48a
On Wed, 01 Jul 2009 19:46:49 -0400 Marcus Griep
wrote:
>On Wed, 2009-07-01 at 17:15 -0600, Jim McClanahan wrote:
>> I remain unconvinced that what happened in the case of "tbreg" should be
>> determining policy for the Tor project, at least as far as client
>> activity is concerned. To the e
On Wed, 2009-07-01 at 17:15 -0600, Jim McClanahan wrote:
> I remain unconvinced that what happened in the case of "tbreg" should be
> determining policy for the Tor project, at least as far as client
> activity is concerned. To the extent the people who installed really
> didn't know it involved T
Edward Langenback wrote:
> Jim McClanahan wrote:
> > I probably should have canned the sarcasm, but I do think that any
> > disabling of the client from the network should be easily reversible.
> > Part of that is just my philosophy. But it also has a practical element
> > in terms of what is requ
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Jim McClanahan wrote:
> Scott Bennett wrote:
>> On Mon, 29 Jun 2009 07:13:42 -0600 Jim McClanahan
>>> Scott Bennett wrote:
On Mon, 29 Jun 2009 05:14:25 -0600 Jim McClanahan
wrote:
> Scott Bennett wrote:
>
>>
Scott Bennett wrote:
>
> On Mon, 29 Jun 2009 07:13:42 -0600 Jim McClanahan
> >Scott Bennett wrote:
> >>
> >> On Mon, 29 Jun 2009 05:14:25 -0600 Jim McClanahan
> >>
> >> wrote:
> >> >Scott Bennett wrote:
> >> >
> >> >> Ouch. This provides another example in support of having a wa
Hello!
[Please reply to list only. Thanks.]
Scott Bennett wrote to or-t...@seul.org, punkle.jo...@gmail.com on Tue, 30 Jun
2009 02:15:32 -0500 (CDT):
> I haven't lately looked at the distribution of relays over version strings,
Just quick stat from
perl -e '
while (<>) {
$tor{$1}+
On Tue, 30 Jun 2009 01:13:13 -0500 punkle jones
wrote:
>On Mon, Jun 29, 2009 at 2:59 PM, Scott Bennett wrote:
>
>> On Mon, 29 Jun 2009 09:19:21 -0500 punkle jones <
>> punkle.jo...@gmail.com>
>> wrote:
>> >Unlurking for the first time, I think.
>>
>> Welcome to the fray! ;)
>> >
>>
On Mon, 29 Jun 2009 07:13:42 -0600 Jim McClanahan
wrote:
>Scott, when I did a "reply" on your email, it (tried to) sent it your
>personal email account rather than the list.
You probably were replying to the message sent directly to you, so that
is quite likely. :-)
>
>--
>
>Scott B
On Mon, Jun 29, 2009 at 2:59 PM, Scott Bennett wrote:
> On Mon, 29 Jun 2009 09:19:21 -0500 punkle jones <
> punkle.jo...@gmail.com>
> wrote:
> >Unlurking for the first time, I think.
>
> Welcome to the fray! ;)
> >
> >Why not join forces with a popular freeware/shareware product like Aim
Remotely disabling Tor nodes is a slippery slope. So it sounds like
somebody is abusing the Tor network to do auction fraud, but that kind
of stuff occasionally happens with a system like Tor. Should we filter
exit nodes because we know this is going on? I wouldn't think anybody
would answer yes to
punkle jones (punkle.jo...@gmail.com) wrote (in part) (on 2009-06-29
at 10:19):
Unlurking for the first time, I think.
Why not join forces with a popular freeware/shareware product like
Aim or Winamp, with an "uncheck to opt out" option and a description
of tor. Such a bundle could be pre
On Mon, 29 Jun 2009 09:19:21 -0500 punkle jones
wrote:
>Unlurking for the first time, I think.
Welcome to the fray! ;)
>
>Why not join forces with a popular freeware/shareware product like Aim or
>Winamp, with an "uncheck to opt out" option and a description of tor. Such
>a bundle coul
On Mon, 29 Jun 2009 07:47:23 -0500 Edward Langenback
wrote:
>Scott Bennett wrote:
>> On Sun, 28 Jun 2009 20:09:25 +0800 Pei Hanru
>> wrote:
>>> On 2009-04-27 18:27 CST, Scott Bennett wrote:
torstatus currently shows 25 different relays that are all named
"tbreq"
and
Unlurking for the first time, I think.
Why not join forces with a popular freeware/shareware product like Aim or
Winamp, with an "uncheck to opt out" option and a description of tor. Such
a bundle could be preset to relay, and there's got to be a magic bandwidth
that most western users could tole
Scott, when I did a "reply" on your email, it (tried to) sent it your
personal email account rather than the list.
--
Scott Bennett wrote:
>
> On Mon, 29 Jun 2009 05:14:25 -0600 Jim McClanahan
> wrote:
> >Scott Bennett wrote:
> >
> >> Ouch. This provides another example in suppor
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Scott Bennett wrote:
> On Sun, 28 Jun 2009 20:09:25 +0800 Pei Hanru
> wrote:
>> On 2009-04-27 18:27 CST, Scott Bennett wrote:
>>> torstatus currently shows 25 different relays that are all named
>>> "tbreq"
>>> and appear to be in China.
On Mon, 29 Jun 2009 05:14:25 -0600 Jim McClanahan
wrote:
>Scott Bennett wrote:
>
>> Ouch. This provides another example in support of having a way
>> for the directory authorities to render insecure versions ...
>> and only usable as clients to connect to the tor project's web site to
Scott Bennett wrote:
> Ouch. This provides another example in support of having a way
> for the directory authorities to render insecure versions ...
> and only usable as clients to connect to the tor project's web site to
> download a current version of tor.
This kind of thinking baffles
On Mon, June 29, 2009 12:07, Pei Hanru wrote:
> Someone hinted in a local forum that those "tbreg"s are related with
> Taobao. So I googled and found out what I've described. That's it.
like this:
http://translate.google.com/translate?js=n&prev=_t&hl=en&ie=UTF-8&u=http%3A%2F%2Fwww.wintaobao.com%2Fh
On 2009-06-29 13:24 CST, Curious Kid wrote:
[...]
>> I finally got a plausible answer a few days ago.
>>
>
> Can you tell us how you came upon this information? I would be very
> interested to know.
Someone hinted in a local forum that those "tbreg"s are related with
Taobao. So I googled and fou
- Original Message
> From: Pei Hanru
> To: or-talk@freehaven.net
> Sent: Sunday, June 28, 2009 2:09:25 PM
> Subject: Re: 25 tbreg relays in directory
>
> On 2009-04-27 18:27 CST, Scott Bennett wrote:
> > torstatus currently shows 25 different relays that a
On Sun, 28 Jun 2009 20:09:25 +0800 Pei Hanru
wrote:
>On 2009-04-27 18:27 CST, Scott Bennett wrote:
>> torstatus currently shows 25 different relays that are all named "tbreq"
>> and appear to be in China. I wonder whether these are due to some benighted
>> user restarting tor after clea
Nice work tracking that down.. Thanks for the info and time. I'm not a
Tor dev but as a person working with/in IT, I can appreciate the time
and legwork involved.. so thanks.
--
free...@gmail.com
free...@yahoo.ca
This e-mail has been digitally signed with GnuPG - ( http://gnupg.org/ )
signatu
On 2009-04-27 18:27 CST, Scott Bennett wrote:
> torstatus currently shows 25 different relays that are all named "tbreq"
> and appear to be in China. I wonder whether these are due to some benighted
> user restarting tor after clearing its key files every time, or whether there
> may be sever
On Mon, May 25, 2009 at 08:04:13PM -0600, scr...@nonvocalscream.com wrote 0.6K
bytes in 17 lines about:
: Has this been discussed with the Ubuntu packagers? Is there a link to the
: discussion I can read... I'm a user of Ubuntu and would be very interested
: in being able to update via apt (repo
Roger Dingledine wrote:
[...]
> But yes, there is definitely a tradeoff here. I'm not sure where the
> right point in the tradeoff is. But my intuition is that cutting 0.1.2.x
> relays out of the network would hurt more than help at this point. But
> for the few remaining 0.1.1.x relays? Hm.
You s
On Tue, May 26, 2009 at 1:24 PM, Sebastian Hahn wrote:
> In short: Tor provides working Ubuntu packages in the noreply repositories,
> so users can simply use those to get working, up-to-date, secure versions.
> Because Tor is in Ubuntu Universe, no security updates are provided by
> Ubuntu itself
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On May 26, 2009, at 8:35 AM, Nils Vogels wrote:
On Tue, May 26, 2009 at 4:04 AM, wrote:
On Mon, 25 May 2009 16:59:33 -0400, Roger Dingledine
wrote:
But you're right, this is a real problem. Some of our users use
Linux
packaging systems
On Tue, May 26, 2009 at 4:04 AM, wrote:
>
> On Mon, 25 May 2009 16:59:33 -0400, Roger Dingledine wrote:
>
>> But you're right, this is a real problem. Some of our users use Linux
>> packaging systems that keep them mostly up to date. But some are on
> Ubuntu
>> (...insert expletives here). And
On Mon, 25 May 2009 16:59:33 -0400, Roger Dingledine wrote:
> But you're right, this is a real problem. Some of our users use Linux
> packaging systems that keep them mostly up to date. But some are on
Ubuntu
> (...insert expletives here). And some are on BSD, which either provides
> no easy upg
On Mon, Apr 27, 2009 at 11:57:17PM -0500, Scott Bennett wrote:
> That brings up something that has bothered me for a long time. When
> tor discovers that its version doesn't match any in either client-versions
> or server-versions, it currently writes complaints about it to the log(s),
> but
On Thu, 30 Apr 2009 16:59:58 -0400 Andrew Lewman
wrote:
>On Mon, 27 Apr 2009 23:57:17 -0500 (CDT)
>Scott Bennett wrote:
>
>In general, these options seem a fine way to partition the tor
>network. Possibly more so for new releases and arbitraging the time
>during which clients and relays upg
On Mon, 27 Apr 2009 23:57:17 -0500 (CDT)
Scott Bennett wrote:
In general, these options seem a fine way to partition the tor
network. Possibly more so for new releases and arbitraging the time
during which clients and relays upgrade. Tor clients already don't
trust the relays. The risk is possib
On Tue, 28 Apr 2009 23:14:35 -0500 (CDT)
Scott Bennett wrote:
> Those methods are all very nice, but do not address the clients'
> security problems. Warm and fuzzy feelings that tor node operators,
> who often do *not* put contact information into their torrc files,
Yes, these are warm, fu
On 30.04.09 00:24, Tripple Moon wrote:
> Yes I agree that those other factors, which were not mentioned yet, are
> ofcourse also elements to take into account for differences. And like i
> previously already admitted this is a difficult topic to make foolproof.
Actually you don't come with any co
Tripple Moon wrote:
> IMHO, all and i mean *all* modifications of the original code and/or design
> should be committed to the development-tree, that's how things get improved
> and fixed etc by the community that maintains the development of the project.
The problem with your logic (leaving as
--- On Wed, 4/29/09, Dominik Schaefer wrote:
> From: Dominik Schaefer
> Subject: Re: Version checking (was Re: 25 tbreg relays in directory)
> To: or-talk@freehaven.net
> Date: Wednesday, April 29, 2009, 7:18 AM
> On 29.04.09 12:33, Tripple Moon wrote:
> >> Also what wo
Nils Vogels wrote:
> IMHO, just adding a list of allowed versions in the consensus will
> accomplish just that, without the need of all that extra traffic and
> CRC complexity.
Use as much donated network capacity as possible without reducing
anonymity by treating exit nodes and other nodes diffe
On Wed, 29 Apr 2009 04:04:42 -0700 (PDT) Tripple Moon
wrote:
>--- On Wed, 4/29/09, Scott Bennett wrote:
>[cut]
>> >All of the above can be waifed void, when those
>> versions are announced on the mailing list.
>>
>> "Waifed"? What language are you borrowing
>> that from? And what doe
On 29.04.09 12:33, Tripple Moon wrote:
>> Also what would be gained from a CRC based on the *binary*?
>> Wouldn't that change according to the system that compiled it?
> Yes it *will* chance depending on the compiled (source-)version and
> architecture and compiler used.
> But those variables are
Tripple Moon (29.04.2009 17:33):
>> And if somebody wanted to circumvent, I would think the
>> client could be
>> modified so that when it claimed to be uploading itself, it
>> was actually
>> uploading a copy of an unmodified binary. Am I missing
>> something?
> Well yea thats upto the implementa
--- On Wed, 4/29/09, Scott Bennett wrote:
[cut]
> >All of the above can be waifed void, when those
> versions are announced on the mailing list.
>
> "Waifed"? What language are you borrowing
> that from? And what does
> it mean? "Waif" in English is a noun having a
> meaning that bears n
On Wed, 29 Apr 2009 03:13:52 -0700 (PDT) Tripple Moon
wrote:
>first off, please only reply to the mailing-list address otherwise ppl like me
>are getting your messages double, just like you will get now...
>
My apologies. You did request that before, and I simply forgot.
It is accepted
--- On Tue, 4/28/09, Ted Smith wrote:
> From: Ted Smith
> Subject: Re: Version checking (was Re: 25 tbreg relays in directory)
> To: or-talk@freehaven.net
> Date: Tuesday, April 28, 2009, 10:51 PM
> On Tue, 2009-04-28 at 03:01 -0700, Tripple Moon wrote:
> > --- O
--- On Tue, 4/28/09, Jim McClanahan wrote:
> From: Jim McClanahan
> Subject: Re: Version checking (was Re: 25 tbreg relays in directory)
> To: or-talk@freehaven.net
> Date: Tuesday, April 28, 2009, 12:01 PM
> > By "remotely calculated CRC-value of the
> client"
On 4/29/09, Tripple Moon wrote:
>
> > >IMHO, this kind of "login procedure to enter the tor-network"
> > >will make it more secure and manageable.
> >
> > More secure and manageable for whom?? Big Brother?
> > Obviously not for
> > the supposedly anonymous tor user...jeesh.
>
> Ofcourse not
first off, please only reply to the mailing-list address otherwise ppl like me
are getting your messages double, just like you will get now...
--- On Tue, 4/28/09, Scott Bennett wrote:
[cut for clarity]
> Laying aside for the moment the matter of how the rest
> of the tor nodes
> should d
On Tue, 28 Apr 2009 09:59:05 -0400 and...@torproject.org wrote:
>On Mon, Apr 27, 2009 at 11:57:17PM -0500, benn...@cs.niu.edu wrote 5.4K bytes
>in 107 lines about:
>: That brings up something that has bothered me for a long time. When
>: tor discovers that its version doesn't match any
On Tue, 28 Apr 2009 09:59:05 -0400 and...@torproject.org wrote:
>On Mon, Apr 27, 2009 at 11:57:17PM -0500, benn...@cs.niu.edu wrote 5.4K bytes
>in 107 lines about:
>: That brings up something that has bothered me for a long time. When
>: tor discovers that its version doesn't match any
On Tue, 2009-04-28 at 03:01 -0700, Tripple Moon wrote:
> --- On Tue, 4/28/09, Scott Bennett wrote:
>
> > From: Scott Bennett > Subject: Re: 25 tbreg
> relays in directory > To: or-talk@freehaven.net > Date: Tuesday, April
> 28, 2009, 12:57 AM [cut for clarity] >
Roger Dingledine wrote:
Now, is this because of a massive Chinese conspiracy to flood the Tor
network with a block of centrally controlled Windows relays, or is it a
whole lot of excited Tor users in China who really want to help out but
don't realize that they're using an insecure and old versio
> By "remotely calculated CRC-value of the client" i mean that the
destination does the CRC calculation of the connecting client.
> Yes this means the client needs to send all of its binary-self to the
> destination.
That would be a pretty big upload for a dial-up user!
I am also wondering what
On Mon, Apr 27, 2009 at 11:57:17PM -0500, benn...@cs.niu.edu wrote 5.4K bytes
in 107 lines about:
: That brings up something that has bothered me for a long time. When
: tor discovers that its version doesn't match any in either client-versions
: or server-versions, it currently writes compl
On Tue, 28 Apr 2009 03:01:30 -0700 (PDT) Tripple Moon
wrote:
>--- On Tue, 4/28/09, Scott Bennett wrote:
>
>> From: Scott Bennett
>> Subject: Re: 25 tbreg relays in directory
>> To: or-talk@freehaven.net
>> Date: Tuesday, April 28, 2009, 12:57 AM
>[cut fo
--- On Tue, 4/28/09, Scott Bennett wrote:
> From: Scott Bennett
> Subject: Re: 25 tbreg relays in directory
> To: or-talk@freehaven.net
> Date: Tuesday, April 28, 2009, 12:57 AM
[cut for clarity]
> That brings up something that has bothered me for a
> long time. When
&g
On Mon, 27 Apr 2009 17:32:16 -0400 Roger Dingledine
wrote:
>On Mon, Apr 27, 2009 at 05:27:38AM -0500, Scott Bennett wrote:
>> torstatus currently shows 25 different relays that are all named "tbreq"
^
I se
On Mon, Apr 27, 2009 at 05:27:38AM -0500, Scott Bennett wrote:
> torstatus currently shows 25 different relays that are all named "tbreq"
> and appear to be in China. I wonder whether these are due to some benighted
> user restarting tor after clearing its key files every time, or whether the
Scott Bennett wrote:
torstatus currently shows 25 different relays that are all named "tbreq"
and appear to be in China. I wonder whether these are due to some benighted
user restarting tor after clearing its key files every time, or whether there
may be several that are all owned by one or
torstatus currently shows 25 different relays that are all named "tbreq"
and appear to be in China. I wonder whether these are due to some benighted
user restarting tor after clearing its key files every time, or whether there
may be several that are all owned by one organization. All but fo
66 matches
Mail list logo