Re: [tor-relays] Hashed password behaviour

2017-10-14 Thread teor
> On 14 Oct 2017, at 20:33, Geoff Down wrote: > > Hello all, > what sort of crazy bug would make Tor give different hashes for the same > password? > > $ tor --hash-password hello > 16:735E6FA5355D4146606AFE25B61B411DF419878C99705164D038FC99BC > $ tor --hash-password

[tor-relays] Hashed password behaviour

2017-10-14 Thread Geoff Down
Hello all, what sort of crazy bug would make Tor give different hashes for the same password? $ tor --hash-password hello 16:735E6FA5355D4146606AFE25B61B411DF419878C99705164D038FC99BC $ tor --hash-password hello 16:8201E7D35BB8CACB60BF8947B49A3480BA1A17E77EDA8BE45790746884 $ tor --version Tor

Re: [tor-relays] Using ContactInfo to publish additional relay properties in a standardized way (opt-in)

2017-10-14 Thread Iain R. Learmonth
Hi, On 14/10/17 23:01, nusenu wrote a proposal. The ContactInfo field doesn't need to be overloaded again. ): See proposal 234 [0] for adding bitcoin/zcash/etc addresses. Maybe we can work out new fields for extrainfo documents [1] that could contain some of this information. I do think this

[tor-relays] Using ContactInfo to publish additional relay properties in a standardized way (opt-in)

2017-10-14 Thread nusenu
Status: WIP please send your comments until 2017-10-27 I'm writing this with the following motivation: - make it easier for current and future relay operators to find (rarely used) hosters for tor relays by increasing the information sharing between relay operators. -> help the tor

Re: [tor-relays] Relay DDoS attack?

2017-10-14 Thread teor
> On 14 Oct 2017, at 01:59, Peter Rogers wrote: > > Hi! > > I've been running a Tor non-exit node at my business for a few months now. So > far it's been great! Except yesterday when I noticed my internet was at a > crawl. I traced the problem back to a large number

Re: [tor-relays] hi-jacking an onion address

2017-10-14 Thread Toralf Förster
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 On 10/14/2017 09:58 AM, Jacki M wrote: > tor will guarantee that you’re visiting the correct website/onion > and not allow any man in the middle attacks to occur, Thx for clarification. /me is reading the spec in the mean while - -- Toralf PGP

Re: [tor-relays] hi-jacking an onion address

2017-10-14 Thread Jacki M
If the user enters a onion address inside their browser tor will guarantee that you’re visiting the correct website/onion and not allow any man in the middle attacks to occur, because of the self authentication. Sent from my iPad > On Oct 14, 2017, at 12:47 AM, Toralf Förster

Re: [tor-relays] hi-jacking an onion address

2017-10-14 Thread Toralf Förster
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 On 10/14/2017 09:41 AM, Jacki M wrote: > Look at the Tor Rendezvous Specification rend-spec-v3.txt > , the > onion addresses that a user enter are Self authenticating, Because the >

[tor-relays] hi-jacking an onion address

2017-10-14 Thread Toralf Förster
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 I do wonder how Tor handles the case that a malicious Tor relay provides the same onion address as another Tor relay ? - -- Toralf PGP C4EACDDE 0076E94E -BEGIN PGP SIGNATURE-

[tor-relays] Relay DDoS attack?

2017-10-14 Thread Peter Rogers
Hi! I've been running a Tor non-exit node at my business for a few months now. So far it's been great! Except yesterday when I noticed my internet was at a crawl. I traced the problem back to a large number of inbound connections that completely overwhelmed my little router. (4096 connections,