It's not very clear to me. The Date and Message-ID would leak the
computer timezone. Are there other issues with 0.11 available on
mozilla addons?
___
tor-talk mailing list
tor-talk@lists.torproject.org
Found some interesting news on reddit.I dont know the tech behind
it, but is sounds like playing with Clock allows you to get the IP
address of the hidden service
http://www.reddit.com/r/onions/comments/10usgv/clock_skewing_a_clever_unconventional_means_of/
http://pastebin.com/PfXUm3VQ
I forgot to say:
Thunderbird says the connection was refused. Also, I have not been
directed to a captcha.
On 09/28/2012 10:33 PM, Commence Without Illusions wrote:
It's more than a captcha for me, it almost always involves setting a new
password.
On 09/27/2012 03:30 PM, Sukhbir Singh
antispa...@sent.at:
It's not very clear to me. The Date and Message-ID would leak the
computer timezone. Are there other issues with 0.11 available on
mozilla addons?
We suggest using 0.0.13 - we've fixed a lot of bugs. It is pending
approval from Mozilla - so download it here:
I forgot, there was:
https://accounts.google.com/DisplayUnlockCaptcha
Sign in using the application you want to authorize access to your
account within the next ten minutes. Google will remember the
application after it signs in, and will allow it to access your
account in the future as long
- Forwarded message from Ted Smith te...@riseup.net -
From: Ted Smith te...@riseup.net
Date: Wed, 03 Oct 2012 11:09:00 -0400
To: Eugen Leitl eu...@leitl.org
Cc: cypherpu...@al-qaeda.net
Subject: Re: [tor-talk] clockskewer attack
The attack assumes that the targeted hidden service is
On Wed, Oct 3, 2012, at 16:27, Jacob Appelbaum wrote:
antispa...@sent.at:
It's not very clear to me. The Date and Message-ID would leak the
computer timezone. Are there other issues with 0.11 available on
mozilla addons?
We suggest using 0.0.13 - we've fixed a lot of bugs. It is pending
Hello,
Since it dont work with tor, I would like to see app like Little Snitch on
Mac for tor connections. It look like this:
http://www.filescrunch.com/images/downloads/screenshots/4000/3511-1.jpg
Does anyone work on this type of app? What is some not GUI way of doing it now?
--
Jerzy
On Wed, Oct 3, 2012 at 6:02 PM, Jerzy Łogiewa jerz...@interia.eu wrote:
Hello,
Hi,
Since it dont work with tor, I would like to see app like Little Snitch on
Mac for tor connections. It look like this:
http://www.filescrunch.com/images/downloads/screenshots/4000/3511-1.jpg
Does anyone
From the script (pastebin link):
#!/usr/bin/env python2.7
#
# clockskewer.py -- skewers http servers in onionland to an ip address
#
# This script takes advantage of the fact that no one
# in onionland configures their http server correctly
# by having it send datetime stamps in every
On Wed, Oct 03, 2012 at 01:21:19PM -0400, Ted Smith wrote:
# calculates the clockskew and then finds a corrilating
# tor relay with an open http server with the same skew
So it actually assumes that the targeted hidden service is running a Tor
relay _and_ an open HTTP server.
In theory
I don't want to lamely bump this posting, but I wonder if there is some
flaw in my reasoning below ? Is this not a use case that is interesting
to folks ?
Thanks.
On Mon, 1 Oct 2012, John Case wrote:
Date: Mon, 1 Oct 2012 04:10:44 + (UTC)
From: John Case c...@sdf.org
Reply-To:
Hi,
A. Kong:
I forgot, there was:
https://accounts.google.com/DisplayUnlockCaptcha
Sign in using the application you want to authorize access to your
account within the next ten minutes. Google will remember the
application after it signs in, and will allow it to access your
account in
Hi,
antispa...@sent.at:
We suggest using 0.0.13 - we've fixed a lot of bugs. It is pending
approval from Mozilla - so download it here:
https://www.torproject.org/dist/torbirdy/torbirdy-0.0.13.xpi
https://www.torproject.org/dist/torbirdy/torbirdy-0.0.13.xpi.asc
Thank you Jacob!
Still,
IPsec is trivially easy to block. Most countries do it at the edge with simple
port based firewalls.
SSL VPN/Tor/Stunnel/OpenSSH are all better options then IPsec to beat filtering
at the moment.
With that said I am not sure if Iran blocks IPsec, but I'd be surprised if they
didn't.
On Wed, Oct 3, 2012, at 21:02, Sukhbir Singh wrote:
Is TorBirdy completely safe? Not yet, but we are getting there! Is it
safer than manually configuring Thunderbird (or other mail clients) for
use with Tor? Definitely yes. I think you should give TorBirdy a try and
see if it matches up to the
On Thu, 2012-10-04 at 05:07 +0300, Sampo Syreeni wrote:
On 2012-10-03, Ted Smith wrote:
So it actually assumes that the targeted hidden service is running a
Tor relay _and_ an open HTTP server.
The basic attack pattern is extensible to a relay and any service which
can be correlated
On Wed, Oct 03, 2012 at 10:20:26PM +0200, esolvepol...@gmail.com wrote 0.5K
bytes in 13 lines about:
: I noticed that for some TBB packages on linux, the browser are with
: shockwave flash plugin, while in some other TBB packages, there is no flash
: plugin?
We don't ship TBB with flash on any
On Wed, Oct 03, 2012 at 06:05:51PM +, c...@sdf.org wrote 2.5K bytes in 64
lines about:
:
: I don't want to lamely bump this posting, but I wonder if there is
: some flaw in my reasoning below ? Is this not a use case that is
: interesting to folks ?
So, to unwind this a bit. It sounds like
On Wed, Oct 03, 2012 at 01:02:55PM -0400, jerz...@interia.eu wrote 0.6K bytes
in 9 lines about:
: Does anyone work on this type of app? What is some not GUI way of doing it
now?
In the Mac specific context, you could deny all outgoing connections
and then only allow the tor process to exit.
20 matches
Mail list logo