Re: Hints and Tips for Whistleblowers - their comments on Tor and SSL - I don't understand.

On 28/10/10 00:41, Joe Btfsplk wrote: On 10/27/2010 2:35 PM, krishna e bera wrote: The bad advice may be a misinterpretation or poor rephrasing of this advice in the Tor FAQ Wiki:

Re: Hints and Tips for Whistleblowers - their comments on Tor and SSL - I don't understand.

On 10/28/2010 1:11 AM, Matthew wrote: On 28/10/10 00:41, Joe Btfsplk wrote: https://trac.torproject.org/projects/tor/wiki/TheOnionRouter/TorFAQ#WhyisitbettertoprovideahiddenserviceWebsitewithHTTPratherthanHTTPSaccess ***

Hints and Tips for Whistleblowers - their comments on Tor and SSL - I don't understand.

Hello, There is a Hints and Tips for Whistleblowers Guide available at http://ht4w.co.uk/. The section on proxies includes Tor-related information which I fail to understand: You may actually get more anonymity when using the Tor cloud by *not* using the https:// version of a web page

Re: Hints and Tips for Whistleblowers - their comments on Tor and SSL - I don't understand.

Hi, I don't understand, too and in my opinion, this is utter nonsense. I'm not aware of any negative impacts on privacy due to the usage of https://, but without, there is the danger of eavesdropping at the exit node. best regards, Jan Am 27.10.2010 20:19, schrieb Matthew: Hello, There

Re: Hints and Tips for Whistleblowers - their comments on Tor and SSL - I don't understand.

On Oct 27, 2010, at 8:19 PM, Matthew wrote: Hello, There is a “Hints and Tips for Whistleblowers Guide” available at http://ht4w.co.uk/ . The section on proxies includes Tor-related information which I fail to understand: You may actually get more anonymity when using the Tor cloud by

Re: Hints and Tips for Whistleblowers - their comments on Tor and SSL - I don't understand.

On 10/27/2010 1:19 PM, Matthew wrote: Hello, There is a Hints and Tips for Whistleblowers Guide available at http://ht4w.co.uk/. Thanks for the link. -How on earth can it be mistaken to insist on using https:// encryption? Why would using https:// betray the real IP addresses?

Re: Hints and Tips for Whistleblowers - their comments on Tor and SSL - I don't understand.

Hi, Am 27.10.2010 20:55, schrieb Joe Btfsplk: On 10/27/2010 1:19 PM, Matthew wrote: Hello, There is a Hints and Tips for Whistleblowers Guide available at http://ht4w.co.uk/. Thanks for the link. I'm not sure this is a good ressource, due to the misinformation it is spreading. Don't

Re: Hints and Tips for Whistleblowers - their comments on Tor and SSL - I don't understand.

On Wed, Oct 27, 2010 at 11:49 AM, Jan Weiher j...@buksy.de wrote: ... I'm not aware of any negative impacts on privacy due to the usage of https://, client certificates, although fortunately these are difficult to leverage surreptitiously... ... but without, there is the danger of

Re: Hints and Tips for Whistleblowers - their comments on Tor and SSL - I don't understand.

On Wed, 27 Oct 2010 19:19:02 +0100 Matthew pump...@cotse.net wrote: There is a Hints and Tips for Whistleblowers Guide available at http://ht4w.co.uk/. The first problem is the content is actually served up by hostingprod.com and not ht4w.co.uk. As far as the content in question, it is

Re: Hints and Tips for Whistleblowers - their comments on Tor and SSL - I don't understand.

Am 27.10.2010 21:04, schrieb Andrew Lewman: On Wed, 27 Oct 2010 19:19:02 +0100 Matthew pump...@cotse.net wrote: There is a Hints and Tips for Whistleblowers Guide available at http://ht4w.co.uk/. The first problem is the content is actually served up by hostingprod.com and not

Re: Hints and Tips for Whistleblowers - their comments on Tor and SSL - I don't understand.

The bad advice may be a misinterpretation or poor rephrasing of this advice in the Tor FAQ Wiki: https://trac.torproject.org/projects/tor/wiki/TheOnionRouter/TorFAQ#WhyisitbettertoprovideahiddenserviceWebsitewithHTTPratherthanHTTPSaccess

Re: Hints and Tips for Whistleblowers - their comments on Tor and SSL - I don't understand.

Jan Weiher writes: Hi, I don't understand, too and in my opinion, this is utter nonsense. I'm not aware of any negative impacts on privacy due to the usage of https://, Session resumption can be used to recognize an individual browser that connects from different IP addresses, or even over

Re: Hints and Tips for Whistleblowers - their comments on Tor and SSL - I don't understand.

On Wed, 27 Oct 2010 15:35:27 -0400 krishna e bera k...@cyblings.on.ca wrote: The bad advice may be a misinterpretation or poor rephrasing of this advice in the Tor FAQ Wiki:

Re: Hints and Tips for Whistleblowers - their comments on Tor and SSL - I don't understand.

On Wed, Oct 27, 2010 at 07:19:02PM +0100, Matthew wrote: There is a Hints and Tips for Whistleblowers Guide available at http://ht4w.co.uk/. The section on proxies includes Tor-related information which I fail to understand: You may actually get more anonymity when using the Tor cloud

Re: Hints and Tips for Whistleblowers - their comments on Tor and SSL - I don't understand.

On 10/27/2010 2:35 PM, krishna e bera wrote: The bad advice may be a misinterpretation or poor rephrasing of this advice in the Tor FAQ Wiki: https://trac.torproject.org/projects/tor/wiki/TheOnionRouter/TorFAQ#WhyisitbettertoprovideahiddenserviceWebsitewithHTTPratherthanHTTPSaccess

Re: Hints and Tips for Whistleblowers - their comments on Tor and SSL - I don't understand.

Thus spake Seth David Schoen (sch...@eff.org): Hi, I don't understand, too and in my opinion, this is utter nonsense. I'm not aware of any negative impacts on privacy due to the usage of https://, Session resumption can be used to recognize an individual browser that connects from

Re: Hints and Tips for Whistleblowers - their comments on Tor and SSL - I don't understand.

Mike Perry writes: Thus spake Seth David Schoen (sch...@eff.org): Hi, I don't understand, too and in my opinion, this is utter nonsense. I'm not aware of any negative impacts on privacy due to the usage of https://, Session resumption can be used to recognize an individual