[tor-dev] Circuit times

Anything going to blow up if set anywhere from 1k to 1M? CBT_NCIRCUITS_TO_OBSERVE ___ tor-dev mailing list tor-dev@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev

Re: [tor-dev] Prop279 and DNS

On 04/03/2017 05:01 PM, Jeremy Rand wrote: > Maybe this topic has already been brought up, but in case it hasn't, > I'll do so. I notice that Prop279 (onion naming API) defines its own > API rather than using DNS. I guess that this is because of security > concerns about the centralization of

Re: [tor-dev] Control-port filtering: can it have a reasonable threat model?

It's worth noting that controllers able to run SETCONF can ask the tor process to execute arbitrary programs: man torrc | grep exec So if you want a controller to have any less privileges than the tor daemon does, you need a control port filter for SETCONF at the very least. Without a

[tor-dev] Prop279 and DNS

-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Hello! Maybe this topic has already been brought up, but in case it hasn't, I'll do so. I notice that Prop279 (onion naming API) defines its own API rather than using DNS. I guess that this is because of security concerns about the centralization

Re: [tor-dev] Control-port filtering: can it have a reasonable threat model?

For what it's worth, since there's a filter that's shipped and nominally supported "officially"... On Mon, 3 Apr 2017 14:41:19 -0400 Nick Mathewson wrote: > But I could be wrong! Maybe there are subsets that are safer than > others.

Re: [tor-dev] Control-port filtering: can it have a reasonable threat model?

Nick Mathewson writes: > But I could be wrong! Maybe there are subsets that are safer than > others. So, I guess the "main" use-case for this stuff would be the current users of control-port filters (like Subgraph and Whonix; others?). It seems what these things *really*

Re: [tor-dev] [prop269] [prop270] Ideas from Tor Meeting Discussion on Post-Quantum Crypto

Nick Mathewson transcribed 2.9K bytes: > On Fri, Mar 31, 2017 at 10:20 PM, isis agora lovecruft > wrote: > > Hey hey, > > > > In summary of the breakaway group we had last Saturday on post-quantum > > cryptography in Tor, there were a few potentially good ideas I wrote down,

Re: [tor-dev] Proposition: Applying an AONT to Prop224 addresses?

> Date: Sun, 26 Mar 2017 14:24:41 +0200 > From: Alec Muffett > > This is a point of significant concern because of issues like phishing and > passing-off - by analogy: t0rpr0ject.0rg versus torproject.org - and other > games that can be played with a prop224 address now,

[tor-dev] Control-port filtering: can it have a reasonable threat model?

Hi! As you may know, the Tor control port assumes that if you can authenticate to it, you are completely trusted with respect to the Tor instance you have authenticated to. But there are a few programs and tools that filter access to the Tor control port, in an attempt to provide more restricted

Re: [tor-dev] Proposition: Applying an AONT to Prop224 addresses?

On Mon, Apr 03, 2017 at 10:48:26AM -0400, Ian Goldberg wrote: > The other thing to remember is that didn't we already say that > > facebookgbiyeqv3ebtjnlntwyvjoa2n7rvpnnaryd4a.onion > > and > > face-book-gbiy-eqv3-ebtj-nlnt-wyvj-oa2n-7rvp-nnar-yd4a.onion > > will mean the same thing? Did we?

Re: [tor-dev] Proposition: Applying an AONT to Prop224 addresses?

Following the Layer-2 Addressing analogy means that Ian, here: > If the daily descriptor uploaded to the point >> Hash(onionaddr, dailyrand) contained Hash(onionaddr, dailyrand) *in* it >> (and is signed by the master onion privkey, of course), then tor >> could/should check that it reached that

Re: [tor-dev] Proposition: Applying an AONT to Prop224 addresses?

On 3 April 2017 at 16:59, Ian Goldberg wrote: > How about this, though: I know that Tor doesn't want to be in the business > > of site reputation, but what if (eg) Protonmail offers a Onion "Safe > > Browsing" extension some day, of known-bad Onions for malware reasons? >

Re: [tor-dev] Proposition: Applying an AONT to Prop224 addresses?

On Mon, Apr 03, 2017 at 04:40:52PM +0100, Alec Muffett wrote: > On 3 Apr 2017 3:48 p.m., "Ian Goldberg" wrote: > > The other thing to remember is that didn't we already say that > > facebookgbiyeqv3ebtjnlntwyvjoa2n7rvpnnaryd4a.onion > > and > >

Re: [tor-dev] Proposition: Applying an AONT to Prop224 addresses?

On 3 Apr 2017 3:48 p.m., "Ian Goldberg" wrote: The other thing to remember is that didn't we already say that facebookgbiyeqv3ebtjnlntwyvjoa2n7rvpnnaryd4a.onion and face-book-gbiy-eqv3-ebtj-nlnt-wyvj-oa2n-7rvp-nnar-yd4a.onion will mean the same thing? So we're already

Re: [tor-dev] GSoC 2017 - unMessage: a privacy enhanced instant messenger

Here is an update with the final proposal I submitted to GSoC. Thanks, -Felipe # unMessage: an anonymity enhanced instant messenger In an age where spying, surveillance and censorship evidently became regular practices by various kinds of attackers, it is sensible to be concerned about instant

Re: [tor-dev] Proposition: Applying an AONT to Prop224 addresses?

On 3 April 2017 at 13:04, George Kadianakis wrote: > I'm calling it weird because I'm not sure how an > attacker can profit from being able to provide two addresses that > correspond to the same key, but I can probably come up with a few > scenarios if I think about it.

Re: [tor-dev] GSoC 2017 - Project "Crash Reporter for Tor Browser"

Tom, thanks for review, I've sent the proposal final version through gsoc site. __ >It would be cool to build the browser with https://github.com/google/sani tizers this way you could get bug reports for bugs that don't >panic the browser Hi Antonio, Thanks for your reply! I've add it to the

Re: [tor-dev] [prop269] [prop270] Ideas from Tor Meeting Discussion on Post-Quantum Crypto

On Fri, Mar 31, 2017 at 10:20 PM, isis agora lovecruft wrote: > Hey hey, > > In summary of the breakaway group we had last Saturday on post-quantum > cryptography in Tor, there were a few potentially good ideas I wrote down, > just in case they didn't make it into the meeting

Re: [tor-dev] Rethinking Bad Exit Defences: Highlighting insecure and sensitive content in Tor Browser

On 28 Mar (11:19:45), Tom Ritter wrote: > It seems reasonable but my first question is the UI. Do you have a > proposal? The password field UI works, in my opinion, because it > shows up when the password field is focused on. Assuming one uses the > mouse to click on it (and doesn't tab to it

Re: [tor-dev] Proposition: Applying an AONT to Prop224 addresses?

On Mon, Apr 03, 2017 at 03:04:47PM +0300, George Kadianakis wrote: > Hey people, > > thanks for the R here. I'm currently trying to balance the tradeoffs > here and decide whether to go ahead and implement this feature. > > My main worry is the extra complexity this brings to our address >

Re: [tor-dev] Comments on proposal 279 (Name API)

On Mon, Apr 3, 2017 at 8:20 AM, George Kadianakis wrote: > Nick Mathewson writes: >> Section 2.1 and elsewhere: >> >> I suggest that we require all address suffixes to end with .onion; >> other TLDs are not reserved like .onion is, and maybe we

Re: [tor-dev] GSoC: Questions on allowing for more DNS request types

On Sun, Apr 2, 2017 at 10:20 AM, Lucille Newman wrote: > Hello, > > I was interested in the project for allowing any kind of DNS support in Tor > for GSoC, or, since it is late for that deadline, then also otherwise. After > reading proposal 219, I have some questions. >

Re: [tor-dev] Comments on proposal 279 (Name API)

Nick Mathewson writes: > Hi ! I'll make some comments here on the draft onion naming API at > > https://gitweb.torproject.org/torspec.git/tree/proposals/279-naming-layer-api.txt > > (Some of these are probably things you already meant, or already said > elsewhere.) >

Re: [tor-dev] Tor in a safer language: Network team update from Amsterdam

z...@manian.org transcribed 12K bytes: > Rust seems like the best available choice for Tor in a safer language. > > Rust has several issues with securely obtaining a Rust toolchain that the > Tor community should be attentive to. Interesting development, but logical. Leaving the obvious issues

Re: [tor-dev] GSoC 2017 - Feedback Extension for Tor Browser

Isn't there any difference in the draft and the first application we have submitted...Plz answer soon as I've to submit mine before 2130 hrs tonight... Best, Veer On 02-Apr-2017 8:16 PM, "Jayati Dev" wrote: > Dear Mentor, > > > Please find my draft application here:

Re: [tor-dev] Proposition: Applying an AONT to Prop224 addresses?

Ian Goldberg writes: > On Mon, Mar 27, 2017 at 01:59:42AM -0400, Ian Goldberg wrote: >> > To add an aside from a discussion with Teor: the entire "version" field >> > could be reduced to a single - probably "zero" - bit, in a manner perhaps >> > similar to the distinctions