Re: 25 tbreg relays in directory

Arjan wrote: > Niels Elgaard Larsen wrote: > [...] >> I run an TOR-access-point. Users have no way of upgrading TOR on it. They >> probably do not >> even know that they are using TOR. If I fail to upgrade the access-point at >> we lock it >> out, the users loose the internet connection. And the

Re: 25 tbreg relays in directory

Arjan wrote: > > Jim McClanahan wrote: > [...] > > Certainly, protecting > > the network is a priority. Protecting "uninformed or unsuspecting" > > users gets trickier IMHO. I'll admit this is a bit of a hot-button > > issue for me and I may have overreacted. But I think care needs to be > > ta

Re: 25 tbreg relays in directory

Martin Fick wrote: > --- On Thu, 7/2/09, Arjan wrote: >> He may end up on a government watch list, because they know that all >> TOR users are potential child pornographers / terrorists. > > > Give me a break, so are all internet users, so are all people > of the world. This kind of silly slu

Re: 25 tbreg relays in directory

--- On Thu, 7/2/09, Arjan wrote: > He may end up on a government watch list, because they know that all > TOR users are potential child pornographers / terrorists. Give me a break, so are all internet users, so are all people of the world. This kind of silly slurring of tor users is really

Re: 25 tbreg relays in directory

Niels Elgaard Larsen wrote: [...] > I run an TOR-access-point. Users have no way of upgrading TOR on it. They > probably do not > even know that they are using TOR. If I fail to upgrade the access-point at > we lock it > out, the users loose the internet connection. And the users are not that >

Re: 25 tbreg relays in directory

Jim McClanahan wrote: [...] > Certainly, protecting > the network is a priority. Protecting "uninformed or unsuspecting" > users gets trickier IMHO. I'll admit this is a bit of a hot-button > issue for me and I may have overreacted. But I think care needs to be > taken before cavalierly shutting

Re: 25 tbreg relays in directory

I resend this since it was deleted by greylisting. Original Message Subject: Re: 25 tbreg relays in directory Date: Wed, 01 Jul 2009 17:19:34 +0200 From: Niels Elgaard Larsen To: or-talk@freehaven.net References: <200906290445.n5t4jolj007...@mp.cs.niu.edu> <4a48a

Re: 25 tbreg relays in directory

On Wed, 01 Jul 2009 19:46:49 -0400 Marcus Griep wrote: >On Wed, 2009-07-01 at 17:15 -0600, Jim McClanahan wrote: >> I remain unconvinced that what happened in the case of "tbreg" should be >> determining policy for the Tor project, at least as far as client >> activity is concerned. To the e

Re: 25 tbreg relays in directory

On Wed, 2009-07-01 at 17:15 -0600, Jim McClanahan wrote: > I remain unconvinced that what happened in the case of "tbreg" should be > determining policy for the Tor project, at least as far as client > activity is concerned. To the extent the people who installed really > didn't know it involved T

Re: 25 tbreg relays in directory

Edward Langenback wrote: > Jim McClanahan wrote: > > I probably should have canned the sarcasm, but I do think that any > > disabling of the client from the network should be easily reversible. > > Part of that is just my philosophy. But it also has a practical element > > in terms of what is requ

Re: 25 tbreg relays in directory

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Jim McClanahan wrote: > Scott Bennett wrote: >> On Mon, 29 Jun 2009 07:13:42 -0600 Jim McClanahan >>> Scott Bennett wrote: On Mon, 29 Jun 2009 05:14:25 -0600 Jim McClanahan wrote: > Scott Bennett wrote: > >>

Re: 25 tbreg relays in directory

Scott Bennett wrote: > > On Mon, 29 Jun 2009 07:13:42 -0600 Jim McClanahan > >Scott Bennett wrote: > >> > >> On Mon, 29 Jun 2009 05:14:25 -0600 Jim McClanahan > >> > >> wrote: > >> >Scott Bennett wrote: > >> > > >> >> Ouch. This provides another example in support of having a wa

Re: 25 tbreg relays in directory

Hello! [Please reply to list only. Thanks.] Scott Bennett wrote to or-t...@seul.org, punkle.jo...@gmail.com on Tue, 30 Jun 2009 02:15:32 -0500 (CDT): > I haven't lately looked at the distribution of relays over version strings, Just quick stat from perl -e ' while (<>) { $tor{$1}+

Re: 25 tbreg relays in directory

On Tue, 30 Jun 2009 01:13:13 -0500 punkle jones wrote: >On Mon, Jun 29, 2009 at 2:59 PM, Scott Bennett wrote: > >> On Mon, 29 Jun 2009 09:19:21 -0500 punkle jones < >> punkle.jo...@gmail.com> >> wrote: >> >Unlurking for the first time, I think. >> >> Welcome to the fray! ;) >> > >>

Re: 25 tbreg relays in directory

On Mon, 29 Jun 2009 07:13:42 -0600 Jim McClanahan wrote: >Scott, when I did a "reply" on your email, it (tried to) sent it your >personal email account rather than the list. You probably were replying to the message sent directly to you, so that is quite likely. :-) > >-- > >Scott B

Re: 25 tbreg relays in directory

On Mon, Jun 29, 2009 at 2:59 PM, Scott Bennett wrote: > On Mon, 29 Jun 2009 09:19:21 -0500 punkle jones < > punkle.jo...@gmail.com> > wrote: > >Unlurking for the first time, I think. > > Welcome to the fray! ;) > > > >Why not join forces with a popular freeware/shareware product like Aim

Re: 25 tbreg relays in directory

Remotely disabling Tor nodes is a slippery slope. So it sounds like somebody is abusing the Tor network to do auction fraud, but that kind of stuff occasionally happens with a system like Tor. Should we filter exit nodes because we know this is going on? I wouldn't think anybody would answer yes to

Re: 25 tbreg relays in directory

punkle jones (punkle.jo...@gmail.com) wrote (in part) (on 2009-06-29 at 10:19): Unlurking for the first time, I think. Why not join forces with a popular freeware/shareware product like Aim or Winamp, with an "uncheck to opt out" option and a description of tor. Such a bundle could be pre

Re: 25 tbreg relays in directory

On Mon, 29 Jun 2009 09:19:21 -0500 punkle jones wrote: >Unlurking for the first time, I think. Welcome to the fray! ;) > >Why not join forces with a popular freeware/shareware product like Aim or >Winamp, with an "uncheck to opt out" option and a description of tor. Such >a bundle coul

Re: 25 tbreg relays in directory

On Mon, 29 Jun 2009 07:47:23 -0500 Edward Langenback wrote: >Scott Bennett wrote: >> On Sun, 28 Jun 2009 20:09:25 +0800 Pei Hanru >> wrote: >>> On 2009-04-27 18:27 CST, Scott Bennett wrote: torstatus currently shows 25 different relays that are all named "tbreq" and

Re: 25 tbreg relays in directory

Unlurking for the first time, I think. Why not join forces with a popular freeware/shareware product like Aim or Winamp, with an "uncheck to opt out" option and a description of tor. Such a bundle could be preset to relay, and there's got to be a magic bandwidth that most western users could tole

Re: 25 tbreg relays in directory

Scott, when I did a "reply" on your email, it (tried to) sent it your personal email account rather than the list. -- Scott Bennett wrote: > > On Mon, 29 Jun 2009 05:14:25 -0600 Jim McClanahan > wrote: > >Scott Bennett wrote: > > > >> Ouch. This provides another example in suppor

Re: 25 tbreg relays in directory

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Scott Bennett wrote: > On Sun, 28 Jun 2009 20:09:25 +0800 Pei Hanru > wrote: >> On 2009-04-27 18:27 CST, Scott Bennett wrote: >>> torstatus currently shows 25 different relays that are all named >>> "tbreq" >>> and appear to be in China.

Re: 25 tbreg relays in directory

On Mon, 29 Jun 2009 05:14:25 -0600 Jim McClanahan wrote: >Scott Bennett wrote: > >> Ouch. This provides another example in support of having a way >> for the directory authorities to render insecure versions ... >> and only usable as clients to connect to the tor project's web site to

Re: 25 tbreg relays in directory

Scott Bennett wrote: > Ouch. This provides another example in support of having a way > for the directory authorities to render insecure versions ... > and only usable as clients to connect to the tor project's web site to > download a current version of tor. This kind of thinking baffles

Re: 25 tbreg relays in directory

On Mon, June 29, 2009 12:07, Pei Hanru wrote: > Someone hinted in a local forum that those "tbreg"s are related with > Taobao. So I googled and found out what I've described. That's it. like this: http://translate.google.com/translate?js=n&prev=_t&hl=en&ie=UTF-8&u=http%3A%2F%2Fwww.wintaobao.com%2Fh

Re: 25 tbreg relays in directory

On 2009-06-29 13:24 CST, Curious Kid wrote: [...] >> I finally got a plausible answer a few days ago. >> > > Can you tell us how you came upon this information? I would be very > interested to know. Someone hinted in a local forum that those "tbreg"s are related with Taobao. So I googled and fou

Re: 25 tbreg relays in directory

- Original Message > From: Pei Hanru > To: or-talk@freehaven.net > Sent: Sunday, June 28, 2009 2:09:25 PM > Subject: Re: 25 tbreg relays in directory > > On 2009-04-27 18:27 CST, Scott Bennett wrote: > > torstatus currently shows 25 different relays that a

Re: 25 tbreg relays in directory

On Sun, 28 Jun 2009 20:09:25 +0800 Pei Hanru wrote: >On 2009-04-27 18:27 CST, Scott Bennett wrote: >> torstatus currently shows 25 different relays that are all named "tbreq" >> and appear to be in China. I wonder whether these are due to some benighted >> user restarting tor after clea

Re: 25 tbreg relays in directory

Nice work tracking that down.. Thanks for the info and time. I'm not a Tor dev but as a person working with/in IT, I can appreciate the time and legwork involved.. so thanks. -- free...@gmail.com free...@yahoo.ca This e-mail has been digitally signed with GnuPG - ( http://gnupg.org/ ) signatu

Re: 25 tbreg relays in directory

On 2009-04-27 18:27 CST, Scott Bennett wrote: > torstatus currently shows 25 different relays that are all named "tbreq" > and appear to be in China. I wonder whether these are due to some benighted > user restarting tor after clearing its key files every time, or whether there > may be sever

Re: Out-of-date Tors (was Re: 25 tbreg relays in directory)

On Mon, May 25, 2009 at 08:04:13PM -0600, scr...@nonvocalscream.com wrote 0.6K bytes in 17 lines about: : Has this been discussed with the Ubuntu packagers? Is there a link to the : discussion I can read... I'm a user of Ubuntu and would be very interested : in being able to update via apt (repo

Re: Out-of-date Tors (was Re: 25 tbreg relays in directory)

Roger Dingledine wrote: [...] > But yes, there is definitely a tradeoff here. I'm not sure where the > right point in the tradeoff is. But my intuition is that cutting 0.1.2.x > relays out of the network would hurt more than help at this point. But > for the few remaining 0.1.1.x relays? Hm. You s

Re: Out-of-date Tors (was Re: 25 tbreg relays in directory)

On Tue, May 26, 2009 at 1:24 PM, Sebastian Hahn wrote: > In short: Tor provides working Ubuntu packages in the noreply repositories, > so users can simply use those to get working, up-to-date, secure versions. > Because Tor is in Ubuntu Universe, no security updates are provided by > Ubuntu itself

Re: Out-of-date Tors (was Re: 25 tbreg relays in directory)

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On May 26, 2009, at 8:35 AM, Nils Vogels wrote: On Tue, May 26, 2009 at 4:04 AM, wrote: On Mon, 25 May 2009 16:59:33 -0400, Roger Dingledine wrote: But you're right, this is a real problem. Some of our users use Linux packaging systems

Re: Out-of-date Tors (was Re: 25 tbreg relays in directory)

On Tue, May 26, 2009 at 4:04 AM, wrote: > > On Mon, 25 May 2009 16:59:33 -0400, Roger Dingledine wrote: > >> But you're right, this is a real problem. Some of our users use Linux >> packaging systems that keep them mostly up to date. But some are on > Ubuntu >> (...insert expletives here). And

Re: Out-of-date Tors (was Re: 25 tbreg relays in directory)

On Mon, 25 May 2009 16:59:33 -0400, Roger Dingledine wrote: > But you're right, this is a real problem. Some of our users use Linux > packaging systems that keep them mostly up to date. But some are on Ubuntu > (...insert expletives here). And some are on BSD, which either provides > no easy upg

Out-of-date Tors (was Re: 25 tbreg relays in directory)

On Mon, Apr 27, 2009 at 11:57:17PM -0500, Scott Bennett wrote: > That brings up something that has bothered me for a long time. When > tor discovers that its version doesn't match any in either client-versions > or server-versions, it currently writes complaints about it to the log(s), > but

Re: 25 tbreg relays in directory

On Thu, 30 Apr 2009 16:59:58 -0400 Andrew Lewman wrote: >On Mon, 27 Apr 2009 23:57:17 -0500 (CDT) >Scott Bennett wrote: > >In general, these options seem a fine way to partition the tor >network. Possibly more so for new releases and arbitraging the time >during which clients and relays upg

Re: 25 tbreg relays in directory

On Mon, 27 Apr 2009 23:57:17 -0500 (CDT) Scott Bennett wrote: In general, these options seem a fine way to partition the tor network. Possibly more so for new releases and arbitraging the time during which clients and relays upgrade. Tor clients already don't trust the relays. The risk is possib

Re: 25 tbreg relays in directory

On Tue, 28 Apr 2009 23:14:35 -0500 (CDT) Scott Bennett wrote: > Those methods are all very nice, but do not address the clients' > security problems. Warm and fuzzy feelings that tor node operators, > who often do *not* put contact information into their torrc files, Yes, these are warm, fu

Re: Version checking (was Re: 25 tbreg relays in directory)

On 30.04.09 00:24, Tripple Moon wrote: > Yes I agree that those other factors, which were not mentioned yet, are > ofcourse also elements to take into account for differences. And like i > previously already admitted this is a difficult topic to make foolproof. Actually you don't come with any co

Re: Version checking (was Re: 25 tbreg relays in directory)

Tripple Moon wrote: > IMHO, all and i mean *all* modifications of the original code and/or design > should be committed to the development-tree, that's how things get improved > and fixed etc by the community that maintains the development of the project. The problem with your logic (leaving as

Re: Version checking (was Re: 25 tbreg relays in directory)

--- On Wed, 4/29/09, Dominik Schaefer wrote: > From: Dominik Schaefer > Subject: Re: Version checking (was Re: 25 tbreg relays in directory) > To: or-talk@freehaven.net > Date: Wednesday, April 29, 2009, 7:18 AM > On 29.04.09 12:33, Tripple Moon wrote: > >> Also what wo

Re: Version checking (was Re: 25 tbreg relays in directory)

Nils Vogels wrote: > IMHO, just adding a list of allowed versions in the consensus will > accomplish just that, without the need of all that extra traffic and > CRC complexity. Use as much donated network capacity as possible without reducing anonymity by treating exit nodes and other nodes diffe

Re: Version checking (was Re: 25 tbreg relays in directory)

On Wed, 29 Apr 2009 04:04:42 -0700 (PDT) Tripple Moon wrote: >--- On Wed, 4/29/09, Scott Bennett wrote: >[cut] >> >All of the above can be waifed void, when those >> versions are announced on the mailing list. >> >> "Waifed"? What language are you borrowing >> that from? And what doe

Re: Version checking (was Re: 25 tbreg relays in directory)

On 29.04.09 12:33, Tripple Moon wrote: >> Also what would be gained from a CRC based on the *binary*? >> Wouldn't that change according to the system that compiled it? > Yes it *will* chance depending on the compiled (source-)version and > architecture and compiler used. > But those variables are

Re: Version checking (was Re: 25 tbreg relays in directory)

Tripple Moon (29.04.2009 17:33): >> And if somebody wanted to circumvent, I would think the >> client could be >> modified so that when it claimed to be uploading itself, it >> was actually >> uploading a copy of an unmodified binary. Am I missing >> something? > Well yea thats upto the implementa

Re: Version checking (was Re: 25 tbreg relays in directory)

--- On Wed, 4/29/09, Scott Bennett wrote: [cut] > >All of the above can be waifed void, when those > versions are announced on the mailing list. > > "Waifed"? What language are you borrowing > that from? And what does > it mean? "Waif" in English is a noun having a > meaning that bears n

Re: Version checking (was Re: 25 tbreg relays in directory)

On Wed, 29 Apr 2009 03:13:52 -0700 (PDT) Tripple Moon wrote: >first off, please only reply to the mailing-list address otherwise ppl like me >are getting your messages double, just like you will get now... > My apologies. You did request that before, and I simply forgot. It is accepted

Re: Version checking (was Re: 25 tbreg relays in directory)

--- On Tue, 4/28/09, Ted Smith wrote: > From: Ted Smith > Subject: Re: Version checking (was Re: 25 tbreg relays in directory) > To: or-talk@freehaven.net > Date: Tuesday, April 28, 2009, 10:51 PM > On Tue, 2009-04-28 at 03:01 -0700, Tripple Moon wrote: > > --- O

Re: Version checking (was Re: 25 tbreg relays in directory)

--- On Tue, 4/28/09, Jim McClanahan wrote: > From: Jim McClanahan > Subject: Re: Version checking (was Re: 25 tbreg relays in directory) > To: or-talk@freehaven.net > Date: Tuesday, April 28, 2009, 12:01 PM > > By "remotely calculated CRC-value of the > client"

Re: Version checking (was Re: 25 tbreg relays in directory)

On 4/29/09, Tripple Moon wrote: > > > >IMHO, this kind of "login procedure to enter the tor-network" > > >will make it more secure and manageable. > > > >  More secure and manageable for whom??  Big Brother? > > Obviously not for > > the supposedly anonymous tor user...jeesh. > > Ofcourse not

Re: Version checking (was Re: 25 tbreg relays in directory)

first off, please only reply to the mailing-list address otherwise ppl like me are getting your messages double, just like you will get now... --- On Tue, 4/28/09, Scott Bennett wrote: [cut for clarity] > Laying aside for the moment the matter of how the rest > of the tor nodes > should d

Re: 25 tbreg relays in directory

On Tue, 28 Apr 2009 09:59:05 -0400 and...@torproject.org wrote: >On Mon, Apr 27, 2009 at 11:57:17PM -0500, benn...@cs.niu.edu wrote 5.4K bytes >in 107 lines about: >: That brings up something that has bothered me for a long time. When >: tor discovers that its version doesn't match any

Re: 25 tbreg relays in directory

On Tue, 28 Apr 2009 09:59:05 -0400 and...@torproject.org wrote: >On Mon, Apr 27, 2009 at 11:57:17PM -0500, benn...@cs.niu.edu wrote 5.4K bytes >in 107 lines about: >: That brings up something that has bothered me for a long time. When >: tor discovers that its version doesn't match any

Re: Version checking (was Re: 25 tbreg relays in directory)

On Tue, 2009-04-28 at 03:01 -0700, Tripple Moon wrote: > --- On Tue, 4/28/09, Scott Bennett wrote: > > > From: Scott Bennett > Subject: Re: 25 tbreg > relays in directory > To: or-talk@freehaven.net > Date: Tuesday, April > 28, 2009, 12:57 AM [cut for clarity] >

Re: 25 tbreg relays in directory

Roger Dingledine wrote: Now, is this because of a massive Chinese conspiracy to flood the Tor network with a block of centrally controlled Windows relays, or is it a whole lot of excited Tor users in China who really want to help out but don't realize that they're using an insecure and old versio

Re: Version checking (was Re: 25 tbreg relays in directory)

> By "remotely calculated CRC-value of the client" i mean that the destination does the CRC calculation of the connecting client. > Yes this means the client needs to send all of its binary-self to the > destination. That would be a pretty big upload for a dial-up user! I am also wondering what

Re: 25 tbreg relays in directory

On Mon, Apr 27, 2009 at 11:57:17PM -0500, benn...@cs.niu.edu wrote 5.4K bytes in 107 lines about: : That brings up something that has bothered me for a long time. When : tor discovers that its version doesn't match any in either client-versions : or server-versions, it currently writes compl

Re: Version checking (was Re: 25 tbreg relays in directory)

On Tue, 28 Apr 2009 03:01:30 -0700 (PDT) Tripple Moon wrote: >--- On Tue, 4/28/09, Scott Bennett wrote: > >> From: Scott Bennett >> Subject: Re: 25 tbreg relays in directory >> To: or-talk@freehaven.net >> Date: Tuesday, April 28, 2009, 12:57 AM >[cut fo

Version checking (was Re: 25 tbreg relays in directory)

--- On Tue, 4/28/09, Scott Bennett wrote: > From: Scott Bennett > Subject: Re: 25 tbreg relays in directory > To: or-talk@freehaven.net > Date: Tuesday, April 28, 2009, 12:57 AM [cut for clarity] > That brings up something that has bothered me for a > long time. When &g

Re: 25 tbreg relays in directory

On Mon, 27 Apr 2009 17:32:16 -0400 Roger Dingledine wrote: >On Mon, Apr 27, 2009 at 05:27:38AM -0500, Scott Bennett wrote: >> torstatus currently shows 25 different relays that are all named "tbreq" ^ I se

Re: 25 tbreg relays in directory

On Mon, Apr 27, 2009 at 05:27:38AM -0500, Scott Bennett wrote: > torstatus currently shows 25 different relays that are all named "tbreq" > and appear to be in China. I wonder whether these are due to some benighted > user restarting tor after clearing its key files every time, or whether the

Re: 25 tbreg relays in directory

Scott Bennett wrote: torstatus currently shows 25 different relays that are all named "tbreq" and appear to be in China. I wonder whether these are due to some benighted user restarting tor after clearing its key files every time, or whether there may be several that are all owned by one or

25 tbreg relays in directory

torstatus currently shows 25 different relays that are all named "tbreq" and appear to be in China. I wonder whether these are due to some benighted user restarting tor after clearing its key files every time, or whether there may be several that are all owned by one organization. All but fo