> tort...@arcor.de wrote:
>> It depends on what you want to read. If you want some scary rants
>> about Tor and 0 days you might want to read:
>>
>> http://arstechnica.com/security/2016/09/bug-that-hit-firefox-and-tor-browsers-was-hard-to-spot-now-we-know-why/
>> "Bug that hit Firefox and Tor
> When I was at HOPE in July, men and women were saying (to me at least)
> that they were happy that Tor is progressing, that they think we're
> growing as a community, and they look forward to volunteering.
Hi Griffin,Two questions for the Tor project:1) Do most, some, or any of the
core Tor
> However, if one's mum is willing to invest the time, they'll more than
likely install the system successfully.
Jon,If Haroon's simplification were to make sense to an audience of people who
aren't UX experts, it would be trivial to understand the constraints. For
example, if I say, "explain
athan
On Saturday, July 16, 2016 11:11 PM, Mirimir <miri...@riseup.net> wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 07/16/2016 08:21 PM, Jonathan Wilkes wrote:
>> I'm hardly asking for perfection. Just a little heads up for the
>> sheep.
> You're unwilling
> I'm hardly asking for perfection. Just a little heads up for the sheep.
You're unwilling to even describe non-technical users as human beings,
yet you want Tor to suggest a vastly more complex alternative for them?
--
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or
If that log is accurate, the most important part of that transcript IMO is the
discussion about funding. Both Mike Perry and Jacob Appelbaum agreed
in it that the current funding model "comprimises" the project (their word).
Preferably someone from Tor can answer this: Why can't Tor use a
> # Putting the "Tor" back in Torrent
https://gist.github.com/obvio171/addb26214a8c159f84a8
https://news.ycombinator.com/item?id=8022341
The problem is getting the software in the first place.
Popcorn Time #1 got bullied off the web, then sprouted
two forks, neither of which could keep a
On 2016-06-05 17:59, Jonathan Wilkes wrote:
>> Another idea is to use
>> search engines that protect your privacy such as ixquick or duckduckgo
>> (they store search queries but they don't track individuals (I.e they
>> don't store your IP Address, as far as we know that is).
>
@riseup.net"
<notfrien...@riseup.net> wrote:
On 2016-06-05 13:38, Jonathan Wilkes wrote:
>> Prediction market (place your bids):
>> "First networks utilizing fill traffic as TA countermeasure to
> emerge and reach early deployment by year end 2017..."
>
> So it’s not collecting sound played or recorded on a machine but rather
> harvesting the audio signature of the individual machine and using that as an
> identifier to track a web user.
"Audio signature" seems a bit broad. From what I can tell it could be doing
about three things:1)
> Now, as an NSL-issuing entity you need to come up with a source
code modification that induces a backdoor, and is reasonably
defensible by a dev, and then force that dev to include
this change into the git repo, and defend it in reviews.
But the FBI has as much proof in the field as you've
> "Hi, you're the one who is packaging tor, right?
Please[tm] run this program on the binary,
and don't tell anyone."
Developer from community that leverages gitian: I can totally do that.
Community that leverages gitian: Hm, this package looks different. Let's
quarantine it and let the world
> If I recall correctly, Mike Perry considered pressure on individual
developers to be sufficiently threatening that it was a major reason
why he set up reproducible builds. (I believe he said this at his CCC
talk.)
Are the current Tor binaries compiled from a deterministic build process?
> Go to https://www.torproject.org/download/download and click on 'source
code'.
Starting from the frontpage I click on the "Download" button and arrive
here:https://www.torproject.org/download/download-easy.html.en
And no obvious links to the source code.
So I look at the heading:"Home »
Small digression...
Is there a link to the source code for _Tor_ on http://www.torproject.org/ home
page?
Also-- it'd be nice if there were a clear link to a git repo that just includes
all
official Tor projects as submodules.
-Jonathan
On Friday, May 6, 2016 8:01 AM, isis
> The potential risks, really, are more a product of one
party being the endpoint for so many sites.
This is so important.
As things stand, it still accurate to categorize Tor as a functioning example of
"privacy by design"?
-Jonathan
On Sunday, April 24, 2016 7:13 PM, Ben Tasker
> It's like building a steel pipeline of Coca-Cola to a drought stricken
country and advertising that Coke is mostly composed primarily of water.
> Not exactly certain that 'grateful' is the right feeling here.
* Steel pipes can be copied for zero dollars* Various governments around the
world
This was an informative video, especially wrt unikernels. Certainly this
Haskell implementation can be a useful research tool.
However, the author strongly implies that it would/could be a "good thing"
having this other implementation running in the wild, side by side with the
current
> We don't know how large the risk of legally-compelled misissuance is,
but we have lots of lawyers who would be excited to fight very hard
against it. I think that makes us a less attractive target than other
CAs that might not find it as objectionable or have as many lawyers
standing by to
> some fucking arrogant shit but some info as well
Totally. He's so patronizing. Reminds me of the oracle from the Matrix, if
instead of baking cookies she had defended Phil Zimmerman in a
criminal investigation of PGP and helped win the crypto wars.
-Jonathan
On Friday, February 19,
> I suspect that Cicada 3301 is run by some old-time cypherpunks looking for
> more people who are interested in building and deploying tech and not just
> posting to a mailing list.
That seems odd, but then I don't know much about old-time cypherpunk
ethos.
Anyhow, are there examples of
Hi Tor,Suppose there are twitter users @Alice000...@Alice999 who all know each
other's public key. One of them is
a teacher of an online security class. The rest are students.
The class consists of the teacher sending the students a link to a Wikipedia
page each day, for an entire year. Each
Possibly related...
Say a well-funded attacker takes the Carnegie Mellon deanonymization attack and
introduces Sybil slowly over several months. What then is the defense?
-Jonathan
On Monday, December 7, 2015 10:56 PM, grarpamp wrote:
Hi Alec,Have you shown that link to the Twitter devs you know? If so, what
steps did they take in response to make Twitter more amenable to Tor?
-Jonathan
On Wednesday, October 28, 2015 2:21 AM, Alec Muffett <al...@fb.com> wrote:
> On Oct 27, 2015, at 9:31 PM, Jonath
Anyone know how Snowden posts to Twitter? Does he use Tor?
If someone could convince him and/or other celebrities to complain that
Twitter is denying them location anonymity, then that might make a difference.
There's some leverage here, too, because, "even Facebook let's you use
Tor if you
GNU has an "ethical repository criteria" with Tor making a prominent
appearance:https://www.gnu.org/software/repo-criteria.html
It's nice to see that access over Tor is necessary to get anything above a
failing grade.
-Jonathan
--
tor-talk mailing list - tor-talk@lists.torproject.org
To
On 5/28/2015 7:34 PM, Jonathan Wilkes wrote:
On 05/26/2015 09:13 PM, Mike Ingle wrote:
I tried out Bitmessage and it did not seem to deliver without the
sender and recipient online. It's supposed to, it just didn't.
Waiting for key exchange.
Any response from the devs/forum when you
On 05/29/2015 05:57 PM, Jonathan Wilkes wrote:
[...]
(Confidential to cryptography list lurkers: IMO we have plenty of Ben
Lauries
at this point, and could use a lot more Hal Finneys. :)
It just occurred to me how obscure that sentence is. Let me explain...
When Satoshi (or whoever
On 05/26/2015 09:13 PM, Mike Ingle wrote:
I tried out Bitmessage and it did not seem to deliver without the
sender and recipient online. It's supposed to, it just didn't. Waiting
for key exchange.
Any response from the devs/forum when you reported the bug?
It's also a bandwidth pig due to
On 05/26/2015 07:36 PM, carlo von lynX wrote:
On Thu, May 21, 2015 at 12:03:24PM -0700, Yuri wrote:
On one hand, Mailpile is after security, which is great. But on the
other hand they use node which doesn't sign packages, therefore
What a shame! Somebody please fix this node thing. I can't
On 05/22/2015 05:52 AM, Ben Tasker wrote:
What procedure did you use to try and make the package? I'm running
Mailpile and definitely don't have node set up.
If you're building the dev version, one of it's requirement's is nose so
perhaps there's a typo kicking about?
On Fri, May 22, 2015 at
Hi list,Imagine that the trickster god magically downgraded everyone running
Tor to the version of Tor from 2005. Additionally, the trickster god fixes any
bugs found in the past 10 years related to DOS but leaves everything else as it
was.
In such a system, would users of such a Tor network
On 03/05/2015 11:05 AM, Goltz, Jim (NIH/CIT) [E] wrote:
So you use your perceived authority of an upset citizen to mask your
incapacity to use filters?
Not all of us read this list on a MUA that has easy-to-use filters. We
generally subscribe to lists that contain useful information, have a
On 03/05/2015 12:28 AM, Mirimir wrote:
On 03/03/2015 01:17 AM, Lara wrote:
Travis Bean:
I am giving everyone on this mailing list a heads-up regarding what I
have uncovered about the Gestapo government here in the United States
and why corrupt government officials are so strongly opposed to
Hi Joe,I'm confused. If you don't hold the opinions of some in your first
paragraph, then what do they have to do with your first-person generalizations
in the second paragraph?
Anyway, the proper metaphor for people who don't understand technology is
certainly not historically inevitable
On 01/01/2015 10:54 AM, spencer...@openmailbox.org wrote:
Jonathan Wilkes jancsika at yahoo.com wrote:
This has long been a chicken-or-egg problem. A general audience (i.e.,
not digital security specialists) must know what hidden services do
before they get involved in hosting hidden services
On 12/31/2014 11:53 PM, Scott Arciszewski wrote:
Trigger warning: This entire reply is going to be shameless (though
non-profit) self-promotion.
The current state of diversity in Onion Land is disappointing. So many of
the sites still online emphasize things like drugs, porn, and hacking. I
Hi grarpamp,To what aim do you do this?
-Jonathan
On Tuesday, December 30, 2014 2:29 AM, grarpamp grarp...@gmail.com wrote:
I've blocked Mike's known nodes from my configs
as I simply do not agree with his apparent ethos
in this regard. That being themes of censorship, policing, etc.
Hi Tor people,
Does anyone here know about the Phantom Protocol:
https://code.google.com/p/phantom/
It looks like it's abandonware, although someone sent a message to the
list that they had done some tests with virtual machines.
My main question is this: how does it bootstrap?
I'm asking
On 12/12/2014 02:20 PM, Roger Dingledine wrote:
On Fri, Dec 12, 2014 at 03:23:42PM -0300, Juan wrote:
You might like
https://www.torproject.org/docs/faq#Backdoor
We won't put backdoors in Tor. Ever.
LOL!
You work for the pentagon and are subjects of the US state.
The
On 12/13/2014 03:04 PM, Mirimir wrote:
On 12/13/2014 11:28 AM, Jonathan Wilkes wrote:
On 12/12/2014 02:20 PM, Roger Dingledine wrote:
On Fri, Dec 12, 2014 at 03:23:42PM -0300, Juan wrote:
You might like
https://www.torproject.org/docs/faq#Backdoor
We won't put backdoors in Tor. Ever
Hi a,How would such a thing happen in your estimation?
There's no way I know of to change an anonymity overlay like Tor to implement
such a feature.
Best,Jonathan
On Friday, December 12, 2014 10:49 AM, a akademik...@googlemail.com
wrote:
#Feminism huh? How long till we see Your
grarpramp,If Tor only consisted of hidden services, wouldn't this class of
traffic-fudging problems go away? (I'm assuming the handful of centralized
services most people use would just generate vanity addys.)
-Jonathan
On Thursday, December 11, 2014 11:52 AM, grarpamp grarp...@gmail.com
Hi Gregory,Do you stand in solidarity with the Tor devs against online
harassment? A wish to refrain from deflecting a conversation isn't exactly the
same thing.
I stand in solidarity with the Tor community against online harassment. I also
wish to point out that I have noticed online
Hi list,
I'm experimenting with sending messages over Tor using the program Pure
Data. Pure Data (or Pd) is a graphical programming environment. It typically
runs two processes-- a tk GUI process, and the main process. The two
communicate over the loopback device 127.0.0.1. (Can't
45 matches
Mail list logo