Re: [tor-talk] SPDYv3 [WAS:You could use ModX to create .onion sites, ]

shm...@riseup.net: > > > Georg Koppen: > >> SPDY has some nice tracking features we don't want and which we need to >> cope with first: >> >> https://www.torproject.org/projects/torbrowser/design/ >> >> "However, because SPDY can store identifiers and has extremely long >> keepalive duration, it

[tor-talk] OTFC IRC issues - new Tor friendly IRC network?

Hi! At times OFTC bans Tor users. [1] Such as for the last days. Should we at least have a temporary alternative place to meet up. Any suggestions? Cheers, Patrick [1] http://www.oftc.net/Tor/ -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go t

Re: [tor-talk] OTFC IRC issues - new Tor friendly IRC network?

On Tue, 01 Jul 2014 11:55:40 + Patrick Schleizer wrote: >Hi! > >At times OFTC bans Tor users. [1] Such as for the last days. > >Should we at least have a temporary alternative place to meet up. Any >suggestions? > >Cheers, >Patrick > >[1] http://www.oftc.net/Tor/ Hello Patrick, 37lnq2veifl4

Re: [tor-talk] Illegal Activity As A Metric of Tor Security and Anonymity

On 06/30/2014 09:14 PM, Mark McCarron wrote:> Mick, > > I would be very careful what you claim in your emails. I have the capability of suing you into oblivion, that email constitutes defamation. Nothing like that was ever said, either retract it or I will take you for everything that you've

Re: [tor-talk] Illegal Activity As A Metric of Tor Security and Anonymity

Krishna, Please. You are a PC repair guy who can install Linux. Regards, Mark McCarron > Date: Tue, 1 Jul 2014 00:10:28 -0400 > From: k...@cyblings.on.ca > To: tor-talk@lists.torproject.org > Subject: Re: [tor-talk] Illegal Activity As A Metric of Tor Security and > Anonymity > > (tl;

Re: [tor-talk] Illegal Activity As A Metric of Tor Security and Anonymity

Please Mccarron, The discussion is dead. You killed it yourself by not adding anything meaningful as far as I have seen. You just repeat yourself again and again as if it's a mantra. You got statistics to back up your claims? Good - show them! You got the script you used to track the onions? A

Re: [tor-talk] Illegal Activity As A Metric of Tor Security and Anonymity

Alex, You must be living in a fantasy land. The problem still remains, Tor is vulnerable to a global view and that global view exists according to Snowden. Further, it would appear that Tor was designed to fit into that global view and provide US intelligence with the locations of both users

[tor-talk] Tor identification Research

Hi All, I'm doing some research on Tor identification, and it seems that Tor recently implemented different type of defenses by enabling HTTP pipelining, padding, and packet relaying and randomizing the pipeline size as well as the order of requests. which one of these are implemented and which

Re: [tor-talk] Illegal Activity As A Metric of Tor Security and Anonymity

On Tue, Jul 01, 2014 at 06:32:27PM +0100, Mark McCarron wrote: > Alex, > > You must be living in a fantasy land. The problem still remains, > Tor is vulnerable to a global view and that global view exists > according to Snowden. Further, it would appear that Tor was > designed to fit into that g

Re: [tor-talk] Illegal Activity As A Metric of Tor Security and Anonymity

On Tue, 1 Jul 2014 18:32:27 +0100 Mark McCarron wrote: > Alex, > > You must be living in a fantasy land. The problem still remains, Tor > is vulnerable to a global view and that global view exists according > to Snowden. Further, it would appear that Tor was designed to fit > into that global

[tor-talk] StartCom certs untrusted

Hi, I'm using Tor Browser 3.6.2-MacOS. I have a site that uses a free class 1 SSL cert from StartCom . Recent versions of Chrome and Firefox don't seem to have this problem, but Tor Browser gives the untrusted error. Is there a reason this CA isn't included? Best, GP --

Re: [tor-talk] Illegal Activity As A Metric of Tor Security and Anonymity

Paul, I was doing anonymous socks proxy chaining long before Tor was around, so I am well versed in the issues. I agree that it has been stated from the very outset that Tor was vulnerable to a global view. With respect to hidden services, the key problem is that hidden services' and end use

Re: [tor-talk] Illegal Activity As A Metric of Tor Security and Anonymity

On Tue, 1 Jul 2014 14:36:08 -0400 Paul Syverson wrote: > > People have denied over and over your allegations that Tor was somehow > designed to be intentionally vulnerable in some way. Tor is vulnerable to your so called ´global´ adversaries. That is inherent to tor´s design.

Re: [tor-talk] Illegal Activity As A Metric of Tor Security and Anonymity

On Tue, Jul 01, 2014 at 08:31:00PM +0100, Mark McCarron wrote: > Paul, > [snip] > Eliminating this correlation attack is trivial. So you keep saying. Everybody who has worked on this who has responded has said that they don't know how and that they find this a hard problem. But your response is

Re: [tor-talk] Illegal Activity As A Metric of Tor Security and Anonymity

Juan, Traffic analysis depends on visibility. Tor attempts to obfuscate the source of a connection by proxying packets through a network, or chain, of systems. If an attacker has visibility of the entire process, or even just two ends of that communication, then a range of information can be

Re: [tor-talk] Illegal Activity As A Metric of Tor Security and Anonymity

On Tue, Jul 01, 2014 at 04:41:30PM -0300, Juan wrote: > On Tue, 1 Jul 2014 14:36:08 -0400 > Paul Syverson wrote: > [snip] > > >It's hard to imagine what would satisfy you at this point but > > perhaps this will help: I designed Tor with Roger and Nick. At all > > times we designed it to be as se

[tor-talk] Fw: confirm [whatever]

What does this mean? Excessive bounces? --- On Mon, 6/30/14, tor-talk-requ...@lists.torproject.org wrote: > From: tor-talk-requ...@lists.torproject.org > > Subject: confirm 2f46a3f2170a69c943fccd83ed3ef5ea29118c4b > To: bobbybrewster...@yahoo.com > Date: Monday, June 30, 2014, 3:01 PM > Your

Re: [tor-talk] Illegal Activity As A Metric of Tor Security and Anonymity

The bottom line here is, can the software be compromised? The answer is yes. The solution is to fix it. Only those with an agenda won't want that, or will try to subvert that process. So, as Paul says we don't need to take him at his word, we just ask can the software be compromised and what

Re: [tor-talk] Illegal Activity As A Metric of Tor Security and Anonymity

Paul, Paul, What you are seeking a full design for a distributed Web Hosting platform within Tor. Let's see... We can use the existing mechanisms for hidden services, but rather than directing packets to/from a externally hosted site, we direct the packets internally within onion land. On a

Re: [tor-talk] Fw: confirm [whatever]

On 7/1/2014 3:41 PM, Bobby Brewster wrote: /What does this mean? Excessive bounces?/ --- On Mon, 6/30/14, tor-talk-requ...@lists.torproject.org wrote: /As a reminder, your membership password is sxxx /If you have any questions or problems, you can contact the list owner at/

Re: [tor-talk] Bruce Schneier's Guardian Article about N_S_A and Tor.

On 2014-06-29 06:22, Roger Dingledine wrote: On Sat, Jun 28, 2014 at 09:38:05PM +, williamwin...@openmailbox.org wrote: I don't understand what Schneier means by this: "After identifying an individual Tor user on the internet, the NSA uses its network of secret internet servers to redirect

Re: [tor-talk] Illegal Activity As A Metric of Tor Security and Anonymity

Mark McCarron wrote: > Tor was designed to fit into that global view and provide US intelligence > with the locations of both users and hidden services, whilst pretending to > provide anonymity. [citation needed] > I don't see anyone denying it. Do you? Its been 6 days already. There's also

Re: [tor-talk] Bruce Schneier's Guardian Article about N_S_A and Tor.

On 2014-06-30 22:33, Geoff Down wrote: On Mon, Jun 30, 2014, at 10:15 PM, Bobby Brewster wrote: But how can the person's computer be identified since all that is seen is the connection between the exit node and the destination target_website.com The point, surely, is that real time code inj

Re: [tor-talk] Fw: confirm [whatever]

On Tue, Jul 1, 2014, at 10:16 PM, Joe Btfsplk wrote: > On 7/1/2014 3:41 PM, Bobby Brewster wrote: > > /What does this mean? Excessive bounces?/ No point replying - he's on Yahoo and they are bouncing list emails, as previously reported, and he doesn't give an alternative... -- http://www.fastma

Re: [tor-talk] Illegal Activity As A Metric of Tor Security and Anonymity

Except that we know that such an attack is underway through PRISM and that no one made any moves to fix it. How long has it been now??? A year??? By any measure I am sure we can call that material assistance. Regards, Mark McCarron > Date: Tue, 1 Jul 2014 17:55:18 -0400 > From: grif...@crypt

Re: [tor-talk] Bruce Schneier's Guardian Article about N_S_A and Tor.

On Tue, Jul 1, 2014, at 10:54 PM, williamwin...@openmailbox.org wrote: > On 2014-06-30 22:33, Geoff Down wrote: > > If the code is injected between the target_website.com and the exit > > node, the exit node will relay it faithfully back through the Tor > > network to the client. > > It's all

Re: [tor-talk] Illegal Activity As A Metric of Tor Security and Anonymity

I hope that the list moderators will forgive me for saying that you're terrible. And, I note how you don't acknowledge the points which tear yours apart. I guess that is one way to try to create the impression that you've won an argument. On 07/02/2014 01:23 AM, Mark McCarron wrote: > E

[tor-talk] Liability to Prosecution for Operating Tor Nodes in Austria

Hi, FYI (both only in German): https://network23.org/blackoutaustria/2014/07/01/to-whom-it-my-concern/ (via https://blog.fefe.de/?ts=ad4dd623) (I'm not familiar with the language of law, just try to summarize it to inform you; maybe someone else could translate it more accurately...) A court in

Re: [tor-talk] Liability to Prosecution for Operating Tor Nodes in Austria

On 7/1/2014 6:35 PM, flapflap wrote: Hi, FYI (both only in German): https://network23.org/blackoutaustria/2014/07/01/to-whom-it-my-concern/ (via https://blog.fefe.de/?ts=ad4dd623) (I'm not familiar with the language of law, just try to summarize it to inform you; maybe someone else could trans

[tor-talk] Tor Exit Operator convicted in Austrian lower court

There are little details on this case: https://network23.org/blackoutaustria/2014/07/01/to-whom-it-may-concern-english-version/ Does the Tor project has a defense support fund or a list of committed pro bono lawyers in different countries for such cases?

Re: [tor-talk] Bye from the Mindware group.

Its been nice talking with you guys, I hope its been constructive. Am busy coding my master piece, maybe one day in a few years time you may see the Mindware Satellite network on the net as a major project. I will be off radar for a while coding. I just don't have time to dredge through loads of

Re: [tor-talk] Bruce Schneier's Guardian Article about N_S_A and Tor.

On 7/2/14, Geoff Down wrote: > On Tue, Jul 1, 2014, at 10:54 PM, williamwin...@openmailbox.org wrote: >> On 2014-06-30 22:33, Geoff Down wrote: >> > If the code is injected between the target_website.com and the exit >> > node, the exit node will relay it faithfully back through the Tor >> > ne

Re: [tor-talk] Illegal Activity As A Metric of Tor Security and Anonymity

On 7/2/14, Mark McCarron wrote: > Alex, > > You must be living in a fantasy land. The problem still remains, Tor is > vulnerable to a global view and that global view exists according to > Snowden. Further, it would appear that Tor was designed to fit into that > global view and provide US intel

Re: [tor-talk] Tor Exit Operator convicted in Austrian lower court

On Tue, Jul 1, 2014 at 10:42 PM, wrote: > There are little details on this case: > https://network23.org/blackoutaustria/2014/07/01/to-whom-it-may-concern-english-version/ > > Does the Tor project has a defense support fund or a list of committed pro > bono lawyers in different countries for such

Re: [tor-talk] Liabilitoperator to Prosecution for Operating Tor Nodes in Austria

I would think that a good lawyer would point out the absurdity of the node operator having any responsibility. Just because someone builds a road and that road is used to commit a crime does it make the road builder responsible? Of course not. Node operators are not monitoring or filtering traff

Re: [tor-talk] Tor Exit Operator convicted in Austrian lower court

While I am not currently operating an exit node this only makes me want to try again. I would certainly tell the court to stuff it. Just because a Montblanc pen is used to write a bankrobbery note on Southworth paper both of which were purchased from Smith's Stationary, in no way makes Montblac,

[tor-talk] Fwd: twister-core 0.9.22: Tor support available

Hi people, We have just reached an important milestone: twister is now compatible with Tor! http://twister.net.co/ As some people may be aware, the blocking issue from Tor compatibility was the DHT part. Because our DHT requires UDP and Tor doesn't support it (and I'd guess it may probably never

Re: [tor-talk] OTFC IRC issues - new Tor friendly IRC network?

BlueStar88: > 37lnq2veifl4kar7.onion:6697 is up and running fine. > > When connecting with `screen torsocks irssi -c 37lnq2veifl4kar7.onion -p 6697` I get the error message: [(status)] [Jul 01 22:33:27] WARNING torsocks[26459]: [connect] Connection to a local address are denied since it might b

Re: [tor-talk] StartCom certs untrusted

On Tue, 01 Jul 2014 11:49:03 -0700 Garth Patil wrote: > Hi, > I'm using Tor Browser 3.6.2-MacOS. I have a site that uses a free class > 1 SSL cert from StartCom . Recent versions of > Chrome and Firefox don't seem to have this problem, but Tor Browser > gives the untrus

[tor-talk] How to identify owners of .onion services?

With all the talk about the N_S_A targeting traffic between exit nodes and destination websites, I am wondering how this may work for hidden services (.onion domains). There are no exit nodes as everything occurs within the hidden services network. How would it be possible for an adversary t

[tor-talk] Freehaven-dev archives

Do these exist anywhere? If dead, can a simple tarball be put up? http://archives.seul.org/freehaven/dev/ -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

Re: [tor-talk] tor-talk Digest, Vol 42, Issue 7

I just found this from the EFF, which may be helpful. (https://www.eff.org/torchallenge/faq.html) Will EFF represent me if I get in trouble for running a Tor relay? *Maybe.* While EFF cannot promise legal representation for all Tor relay operators, it will assist relay operators in asses