Re: [tor-dev] adding smartcard support to Tor

This may be not quite what you want, but the Estonia E-resident card supports basic crypto with the private key on the smart card---i.e., you have to physically have the card to be able to read the encrypted mail. There are probably more elegant solutions than plugging into the Estonia E-resident

Re: [tor-dev] [GSoC16] A website to improve Tor fingerprinting defenses

It's unclear to me how this would be different than standard panopticlick with >50% of the users using TBB. But those not using TBB with had browser statistics like the rest of the web (for example, all of the tor2web traffic). -V On Sunday, 24 April 2016, Pierre Laperdrix

Re: [tor-dev] putting 'Nuke MyFamily' to vote (#6676)

> On 16 Apr 2016, at 17:13, Virgil Griffith <i...@virgil.gr <javascript:;>> > wrote: > > > > I'm not wholly in favor of keeping MyFamily in its current form. In > Roster we simply need a way to identify when two relays are owned by the > same operator. Wor

Re: [tor-dev] putting 'Nuke MyFamily' to vote (#6676)

I'm not wholly in favor of keeping MyFamily in its current form. In Roster we simply need a way to identify when two relays are owned by the same operator. Worst comes to worst we could use the email address in the ContactInfo, or some such. There have been proposals to do more creative

Re: [tor-dev] Configuring Single Onion Services

For whatever it's worth I never found the compile-time option for tor2web mode to be offensive. I remember Roger's original rebuttal against tor2web mode was, "Virgil, I'm not going to make a 'Make Tor Go Faster Button' to be pressed by people who don't know what they are doing." I always

Re: [tor-dev] Advice regarding Cloudflare

On Sun, Apr 3, 2016 at 4:04 PM, Yawning Angel wrote: > Well, I did write an addon that just fetches content from archive.is > whenever I get a Captcha. Does that count? That's cool Yawning. Got a link to that? I'd like to try it. -V

[tor-dev] Is it possible to specify voluntary delays in my Tor client?

I.e., if I want the extra resistance to traffic analysis that higher latency connections provide, is there a way to specify that in my Tor config? -V ___ tor-dev mailing list tor-dev@lists.torproject.org

Re: [tor-dev] Is it possible to specify voluntary delays in my Tor client?

at 1:37 PM, grarpamp <grarp...@gmail.com> wrote: > On Tue, Jan 19, 2016 at 3:03 AM, Virgil Griffith <i...@virgil.gr> wrote: >> I.e., if I want the extra resistance to traffic analysis that higher latency >> connections provide, is there a way to specify that in my Tor

Re: [tor-dev] How many exits exit from an IP address different than their OR address? (10.7%)

In our quantifications of relay diversity, knowing the IP addresses that traffic exits from is important. Ways to have this information correctly reported would be very helpful. -V On Thu, 14 Jan 2016 at 03:01 grarpamp wrote: > On Wed, Jan 13, 2016 at 4:27 AM, coderman

Re: [tor-dev] Proposal: Stop giving Exit flags when only unencrypted traffic can exit

Tom, to ensure I understand you clearly, is your argument that relays that export only unencrypted shouldn't get the Exit Flag because insecure/unecrypted traffic "isn't what Tor is intended for?" I want to be sure that I'm fully understanding your proposal. -V On Wed, 6 Jan 2016 at 17:57 Moritz

Re: [tor-dev] Proposal: Stop giving Exit flags when only unencrypted traffic can exit

I would argue that the existence of this longer policy discussion, with no obvious solution, is why it behoves us to separate policy (as much as possible) from Tor's core mechanism. -V On Wed, 6 Jan 2016 at 21:42 Peter Tonoli wrote: > Quoting Tim Wilson-Brown - teor

Re: [tor-dev] Proposal: Stop giving Exit flags when only unencrypted traffic can exit

> Other protocols (SSH, IMAP, > POP3, SMTP) are indeed more popular but I feel that those less reflect > the goals of the project, and they are certainly abused more. I hear you that these are abused more. But I personally think of Tor as a mere mechanism than a mechanism+policy. For example,

[tor-dev] Traffic correlation attacks on Hidden Services

I've been looking into simple graph-theoretic metrics for Roster to quantifying Tor's susceptibility to traffic correlation attacks, mostly using BGPStream, https://bgpstream.caida.org/ . All of the academic literature I've read talks about the risk to Tor users of an AS being in the path between

Re: [tor-dev] Proposal: Adding x-namespace to relay descriptor for key:value pairs

On Mon, Nov 9, 2015 at 10:01 PM, isis wrote: >If you need some application to have the ability to associate your LinkedIn >address with your relay, then write a program which uses (one of) your For what it's worth, the LinkedIn reference was my attempt at humor to

Re: [tor-dev] Proposal: Adding x-namespace to relay descriptor for key:value pairs

suggestion for allowing people to specify things like Bitcoin addresses I'm all ears, but this was the path I was explicitly placed on. I will correct the errors (A), (E), (G), (F). I am all ears on how to fix (H). -V On Mon, Nov 9, 2015 at 10:01 PM, isis <i...@torproject.org> wrote: > Virgi

Re: [tor-dev] Desired exit node diversity

Instead of WOT, it seems more desirable, and better fit diversity, to have both your best friends and worst enemies on the same circuit. Ergo, minimizing chance of collaboration. -V On Mon, 26 Oct 2015 at 01:30 grarpamp wrote: > On Wed, Sep 23, 2015 at 8:44 AM, tor-dev had:

Re: [tor-dev] [tor-talk] Desired exit node diversity

is motivation above is a plausible reason to have more "non-activist" types running Tor relays---we just have too many friends, a few foes would be a welcome addition! -V On Wed, Oct 28, 2015 at 1:11 PM Tim Wilson-Brown - teor <teor2...@gmail.com> wrote: > > > On 28 Oct 201

[tor-dev] Time-to-first-byte on trac.torproject.org

I started using Trac a bit more and the slowness is a little unpleasant. Here are some stats: http://www.webpagetest.org/result/151019_RW_387/ The time-to-first-byte is *painful* on both the first load as well as reload. Are there some ways we could improve this? If it's sever-power I'm

[tor-dev] Getting meek covered by a CDN for free

I met with some CDNs today and they have expressed interest in doing meek for us. Is there someone at Tor Project I can forward the CDNs to who are more serious about hosting meek? -V ___ tor-dev mailing list tor-dev@lists.torproject.org

Re: [tor-dev] Proposal: HTTP header distinguish TBB users

2015 at 2:13 PM Tim Wilson-Brown - teor <teor2...@gmail.com> wrote: > > On 3 Oct 2015, at 14:10, Virgil Griffith <i...@virgil.gr> wrote: > > (2) If we (Tor Project) is going to ask MaxMind to do something special to > distinguish TBB users, it seems reasonable we should

[tor-dev] Proposal: HTTP header distinguish TBB users

Yesterday Lief compellingly argued that if a TBB user accidentally clicks on a link to my tor2web proxy (onion.link), that they should be redirected to the .onion address. It hadn't occurred before that a Tor user might accidentally click a onion.link URL, but yes I completely concur and I told

Re: [tor-dev] Proposal: HTTP header distinguish TBB users

> TBB plugin: T2W-OE - tor2web onion everywhere. > Fork HTTPS-E. > Maintain list of known t2w's. > Plugin update from tpo. > Matching engine rewrites t2w URL's to onions in TBB before the fetch. You are correct my good sir! This is indeed the better way. Thank you! I made a pull request to

Re: [tor-dev] Proposal: HTTP header distinguish TBB users

> That'll be half a BTC please, lol: 161JvwnowBsojF4rRcdjMRcztoLb7R1qkN My pleasure. You saved me half a BTC! -V On Sun, Oct 4, 2015 at 3:59 AM grarpamp <grarp...@gmail.com> wrote: > On Sat, Oct 3, 2015 at 6:59 PM, Virgil Griffith <i...@virgil.gr> wrote: > > You

[tor-dev] Proposal: Adding x-namespace to relay descriptor for key:value pairs

Filename: ExtraRelayDescriptorFields.txt Title: Adding x-namespace to relay descriptor for key:value pairs Author: Virgil Griffith Created: 2015-09-30 Status: Open 1. Motivation We wish to allow developers to build new applications atop relays. Towards this end, we wish to add the ability

Re: [tor-dev] Proposal: Adding x-namespace to relay descriptor for key:value pairs

Yes I did. Here's the modified proposal. Filename: ExtraRelayDescriptorFields.txt Title: Adding X-namespace to extra-info descriptor for key:value pairs Author: Virgil Griffith Created: 2015-09-30 Status: Open 1. Motivation We wish to allow developers to build new applications atop relays

Re: [tor-dev] Desired exit node diversity

Apologies for quick post. If we want to a socially connected link, seems we can use the same infrastructure for doing keysignings parties but we just use relay public keys. That seems a nice distributed way of doing this. On Thu, 24 Sep 2015 at 13:42 Virgil Griffith <i...@virgil.gr> wrote:

Re: [tor-dev] Desired exit node diversity

e for their opinion and recommendation. Is there one? -V On Wed, Sep 23, 2015 at 2:47 PM Roger Dingledine <a...@mit.edu> wrote: > On Wed, Sep 23, 2015 at 06:26:47AM +, Yawning Angel wrote: > > On Wed, 23 Sep 2015 06:18:58 + > > Virgil Griffith <i...@virgil.gr>

[tor-dev] Desired exit node diversity

Let's try a simple special case. In an idealized Tor network, what would the distribution of exit nodes look like? * Would each exit node have the same bandwidth? Or would there instead be only one exit node per AS? * Would the number of exit nodes constitute exactly 1/3 of all Tor nodes? Would

Re: [tor-dev] Desired exit node diversity

f the situation. Re: socially connected. That's interesting. I'll see what I can do. Chat more in Berlin. -V On Thu, 24 Sep 2015 at 13:19 Roger Dingledine <a...@mit.edu> wrote: > On Wed, Sep 23, 2015 at 06:18:58AM +, Virgil Griffith wrote: > > Exit nodes seem a nice place to star

Re: [tor-dev] . tor-roster's geo diversity badge and self-ref relays

We'll remove it. -V On Mon, 14 Sep 2015 at 05:20 Tom van der Woerdt wrote: > > On 13 Sep 2015, at 22:09, teor wrote: > > > On 13 Sep 2015, at 18:18, Sean Saito wrote: > > >"No Self-Referencing Relays" > > >I'm not sure what exactly you

Re: [tor-dev] tor's definition of 'median'

Is there some implementation-specific reason not to use the standard mathematical definition of median? If not, I propose changing the implementation to become it. -V On Tue, Aug 11, 2015 at 2:44 AM Nick Mathewson ni...@alum.mit.edu wrote: On Mon, Aug 10, 2015 at 1:11 PM, nusenu

Re: [tor-dev] tor's definition of 'median'

the mean very much. -j Virgil Griffith: Is there some implementation-specific reason not to use the standard mathematical definition of median? If not, I propose changing the implementation to become it. -V On Tue, Aug 11, 2015 at 2:44 AM Nick Mathewson ni...@alum.mit.edu wrote

Re: [tor-dev] Roster introduction

Probably not graphs. But the rest yes. -V On Wed, 29 Jul 2015 at 03:33 nusenu nus...@openmailbox.org wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Hi, do you plan to add CW,CW fraction, measured bw (as soon as available via onionoo [1]), guard/exit probability, ... graphs to

[tor-dev] Roster introduction

Hello everyone. This is my first report on the Roster project and I wanted to give you all an introduction what it is and where it's going. I'm interested in seeing Tor grow. Current work towards this is tor2web and now Roster. Roster is the rebranded continuation of the Torati proposal which

Re: [tor-dev] Bi-directional families in Onionoo and consensus weight as measure of relayed bandwidth

One proposal I've liked is to socially discourage asymmetrical families by giving them with bad badges on Roster. If A says B is part of their family but B doesn't reciprocate, A gets a penalty to their bandwidth points. I think right now the proposals are to either: (1) move forward using

Re: [tor-dev] Researching Tor: Quantifying anonymity against a global passive adversary

This is my favorite paper on quantifying anonymity: http://dimacs.rutgers.edu/Workshops/Anonymous/bagai.pdf -V ___ tor-dev mailing list tor-dev@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev

Re: [tor-dev] #15060: Decide the fate of MyFamily / prop242 better families

So, what do we think? I'd say that MyFamily is likely to continue to Virgil's gamification site needs a MyFamily, ergo I am in favor of keeping MyFamily, whether it be in the current, prop242, or alternative form. Obviously the prop242 form is a much better rendition of MyFamily, but unless we

Re: [tor-dev] Suggestions for Projects

If you're into android Orbot always comes to mind. On Tuesday, December 16, 2014, Abhiram Chintangal abhiram.chintan...@gmail.com wrote: Hello, I am a student and I am thinking of getting myself more involved in the tor project over the winter break. Previously, I worked briefly on the

Re: [tor-dev] New documentation for Tor Metrics website

At the top of the page, *And if you come across something that is missing here, please let us know. For let us know, put an href to an email address/contact-info for submitting ideas. -V ___ tor-dev mailing list tor-dev@lists.torproject.org

Re: [tor-dev] Potential projects for SponsorR (Hidden Services)

- Opt-in HS indexing service I offer to captain and lead development of this one. -V ___ tor-dev mailing list tor-dev@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev

Re: [tor-dev] Optimising Tor node selection probabilities

Will a longer version of this paper be coming out, particularly one for developers? -V ___ tor-dev mailing list tor-dev@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev

Re: [tor-dev] Scaling tor for a global population

To avoid squashing the Tor network with all of these new clients, the company would almost certainly have to run some big relays to help compensate for the additional load. Another proposal would be some sort of incentive for running relays. -V ___

Re: [tor-dev] [GSoC] Consensus diffs - Sixth report

Aside from future incorporations into Tor, do you currently have the ability to have two consensus files and output the relays/data that have changed? -V ___ tor-dev mailing list tor-dev@lists.torproject.org

[tor-dev] I propose a kickstarter for Roger, Nick, or Paul to receive a free Tor tattoo of his choice

e.g. https://imgur.com/sZUKADG I will donate. -V ___ tor-dev mailing list tor-dev@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev

[tor-dev] Revised spec for on adding extra torrc fields

Damian and I worked through this off-list and this is the output of our consensus. URL: https://dl.dropboxusercontent.com/u/3308162/ExtraRelayDescriptorFields.v3.txt Any further revisions to be made before adding this to torspec? -V ___ tor-dev

[tor-dev] Torspec proposal for adding new X- fields to relay descriptor

URL: https://dl.dropboxusercontent.com/u/3308162/ExtraRelayDescriptorFields.txt Fulltext below. Comments appreciated. -V === Filename: ExtraRelayDescriptorFields.txt Title: Adding new X- fields to relay descriptor Author: Virgil Griffith, Nick Mathewson Created: 2014-06-03

Re: [tor-dev] Torspec proposal for adding new X- fields to relay descriptor

Hi griffin! Come join me at the Mozilla room and liberate this key from my grasp! In response to your concern, I modify the proposal that there be a torrc schema which forbids unknown keys (unless they start with X-). And the Tor program rejects the relay if the torrc doesn't match the schema.

Re: [tor-dev] I have a group at internet archive that are, interested in buying a lot of OnionPi's

It's already established that, for clients, onion-pi's are discouraged---onion-pi wifi doesn't protect enough (I.e., at all) from browser-based attacks. Given that, The question is now, Are onion-pi's are good enough to be useful relays? Roger said no. Is there a more informed opinion on this

Re: [tor-dev] I have a group at internet archive that are interested in buying a lot of OnionPi's

Roger et al, I'm interested in something like onion-pi to be a Tor relay. Is there something with enough COU to be viable? I know nothing about this embedded scene. -V ___ tor-dev mailing list tor-dev@lists.torproject.org

[tor-dev] I have a group at internet archive that are interested in buying a lot of OnionPi's

What is the current state of the art on this, and if it is ready for larger deployment want to buy about 50-100 of them. -V ___ tor-dev mailing list tor-dev@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev

Re: [tor-dev] Proposal for improving social incentives for relay operators

Also, theconcept of naming authorities is about to be phased out [1], so better not build new services that rely on nicknames. Karsten I love you. Not only do you have fine ideas, you are the greatest feedback provider in the world. Agreed 100%. Replace key-by-nickname with

Re: [tor-dev] [Tor2web] Proposal for improving social incentives for relay operators

as a component of the reputation social incentive. -Virgil On Tue, Jun 10, 2014 at 1:19 AM, Karsten Loesing kars...@torproject.org wrote: [Attempting to move this discussion to tor-dev@ to avoid cross-posting; assuming my Reply-To: header won't get eaten by Mailman..] On 10/06/14 02:26, Virgil

[tor-dev] Proposal for improving social incentives for relay operators

For a while I've been seeking to grow the Tor network in both size and goodput. Towards this end, I've explored various avenues such as increasing user-awareness via tor2web. More recently, I've been exploring financial incentives like TorCoin. Not wanting to strictly limit ourselves to

[tor-dev] Has there been a security evaluation of the Hola routing software?

www.hola.org First impression it looks they aim to do the same things Tor does. ___ tor-dev mailing list tor-dev@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev

[tor-dev] updated two tor-spec proposals

The URLs are the same. They are: (1) http://dl.dropbox.com/u/3308162/230-quicken-tor2web-mode.txt (2) http://dl.dropbox.com/u/3308162/231-remittance-addresses.txt I clarified them a bit and corrected the formatting. Previously people asked for more details such as what other specs will be

[tor-dev] Two torspec proposals

I have two proposals to add to the torspec.git. They are: (1) http://dl.dropbox.com/u/3308162/230-quicken-tor2web-mode.txt (2) http://dl.dropbox.com/u/3308162/231-remittance-addresses.txt If someone with commit rights will add them that'd be lovely and we can ignore the rest of this message.

[tor-dev] Request for references for anonymous blocklisting (blacklisting)

I'm putting together a proposal for adding anonymous blocklisting into the Tor such that websites that block Tor can block single problematic users instead of all Tor exit nodes. Towards this end, I am looking for papers/prior work in this area to draw from. Pointers anyone? Enjoyed the Iceland