On 11/18/2015 04:36 PM, Justin Davis wrote:
I just learned that the IT department of an organization where I am
will begin mass decryption on TLS traffic. Would this effect the use
of the Meek pluggable transport? Just to give more information, the
attack will be done by having every network
Hi,
as I was announcing few days ago, RPM keys rotated.
Since there seems to be bug in repo_gpgcheck validation of repomd.xml.asc, I
regenerated repo and package signatures. Both 0.2.6.10 and 0.2.7.2 were
re-signed.
The new key's fingerprint is:
E273 44C4 BD24 BEDF E4F4 C741 803F EFB7 F4B8
Hi,
since the old RPM key signing key expires today, so I created a new one with
following fingerprint:
E273 44C4 BD24 BEDF E4F4 C741 803F EFB7 F4B8 5E0F
The Tor RPM page is updated with the new fingerprint for double-checking
(https://www.torproject.org/docs/rpms.html.en).
The new key is at
On 05/19/2015 12:57 AM, Christian Stadelmann wrote:
Thank you, that's exactly the bug I am running into. Thanks for the
links anyway!
In my case, removing the gstreamer-ffmpeg package fixed the problem. That was
EL6 case. You didn't specify which distro you used, but if gstreamer-ffmpeg
isn't
On 10/23/2014 10:44 PM, Nusenu wrote:
I use vidalia to connect to a system tor (via HashedControlPassword
authentication).
Regarding the control port I had the following two lines in my torrc:
ControlPort 9051
HashedControlPassword x
after the upgrade to tor 0.2.5.9-rc vidalia
Hi,
since the latest versions - 0.2.4.23 stable and 0.2.5.6 beta - there are EL7
packages available.
I did some testing on CentOS 7 VM installation and they seem to work fine. Let
me know if something is broken.
The howto is added onto the usual RPM page:
Hi,
On 07/30/2014 01:43 PM, Mike Fikuart wrote:
I am aware that there is a Project Idea (under
https://www.torproject.org/getinvolved/volunteer.html.en#improvedDnsSupport)
point q. Improved DNS support for Tor;
I am the author of the proposal 219.
If you want DNS, you can make it work today
On 03/29/2014 01:34 PM, Kus wrote:
FYI, today OpenDNS and Google public DNS servers are blocked too. Other
than that, they're redirecting DNS queries to ISP servers automatically if
you try to use Google or OpenDNS servers. Probably, they're started to use
transparent DNS proxy. Btw, they're
Hi,
On 03/03/2014 11:47 PM, Duncan Drury wrote:
I'm trying to install Tor on my Centos5 server. I have been running an old
version of Tor as a relay for several years, installed via yum from one of
the Centos repos. I realised I wasn't doing anyone any favours by running
an old version, and
On 09/07/2013 07:10 PM, Benedikt Gollatz wrote:
On 2013-09-07 19:03, Nick Mathewson wrote:
On Sat, Sep 7, 2013 at 12:44 PM, Martin Skjöldebrand
shieldf...@gmail.com wrote:
On Friday, September 06, 2013 10:28:22 PM Nick Mathewson wrote:
Yup. Please upgrade, people. 0.2.4 is looking pretty
On 03/10/2013 12:51 AM, Abel Luck wrote:
Ondrej Mikle:
Hi,
new packages are finally at deb.torproject.org from my local repo. 0.2.3.25
and
0.2.4.6, namely.
The just-released Tor 0.2.4.7 should be packaged shortly (in a few days).
Sorry for the delays, I have no more travelling
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Hi,
there will be a temporary pause in packaged RPMs for Fedora and RHEL. The
latest 0.2.3.24-rc and 0.2.4.5-alpha got uploaded today.
Since I'll be leaving to travel in several days and be off the net most of the
time, this is probably latest RPM
On 10/24/2012 03:35 PM, adrelanos wrote:
esolve esolve:
hi, I know this question may seems strange, but I have some tests to do
over tor
I set up a LAMP, php webserver
and I want to access html pages on this server locally
but it seems to me that TBB can't connect to localhost, the error
On 08/27/2012 08:31 PM, Robert Marquardt wrote:
Then I tried to reinstall Tor with the following result:
http://deb.torproject.org/torproject.org/rpm/el/5/i386/repodata/primary.xml.gz:
[Errno -3] Error performing checksum
It looks like Repositories created using RHEL6's
On 08/27/2012 08:31 PM, Robert Marquardt wrote:
Hi,
All RPM repositories on deb.tpo (outside the OBSOLETE/ directory)
contain the current -rc release 0.2.3.20-rc .
Ok, I thought the latest RC is 0.2.2.35.
The 0.2.2.38 is latest stable, 0.2.3.20 is the RC for 0.2.3.x series. The plan
was
Hi,
if you're using Redhat-based distro you probably noticed that the RPMs got a bit
outdated.
I updated the old RPM build scripts and could use a bit help in testing the RPMs
before they could be used officially (there are quite a few distro/arch
combinations).
Notes:
- the repository only
Hi,
I've started a DNS/DNSSEC hidden service at b36iqwi6e4l4eyvf.onion. The
service listens on two ports:
- 53 (plain DNS over TCP)
- 44353 (DNS over TLS)
The TLS version is an experiment - paradoxically not for security
(unbound currently does not check the certificate), but as a hackish
On 04/29/2012 03:49 PM, Tom wrote:
On 29 April 2012 12:53, anonym ano...@lavabit.com wrote:
So, you have to switch from using Google's DNS (which blocks Tor
nowadays) to OpenDNS or whatever DNS server you trust. You'll still be
unable to do multiple DNS requests at a time, though.
Yes,
On 04/29/2012 07:01 PM, Jacob Appelbaum wrote:
On 04/29/2012 12:15 PM, Ondrej Mikle wrote:
I wrote a HOWTO for DNS/DNSSEC over Tor with unbound+socat (IMHO if you're
using
unbound, drop ttdnsd altogether):
https://labs.nic.cz/page/993/dnssec-validation-over-tor--linux-/
Click 'English
On 04/29/2012 10:38 PM, Gitano wrote:
ttdnsd-665a534 does not compile on my server Ubuntu 12.04 (kernel
3.2.0-24-generic #37-Ubuntu):
### root@server:~/ttdnsd-665a534# make install /usr/bin/gcc -g -O2
-D_FORTIFY_SOURCE=2 -fstack-protector-all -fwrapv -fPIE --param
ssp-buffer-size=1 -Wall
On 04/25/2012 04:06 PM, Low-Key² wrote:
Recently, I'd come across some chatter that suggested that connecting to a
VPN via TOR was not a good idea and, rather, the better idea was to connect
to a VPN that then used Tor. I've not found any articles on the net that
really discuss this issue.
On 04/21/2012 08:41 PM, Pascal wrote:
MAC addresses are used by layer 2 protocols (see
https://en.wikipedia.org/wiki/OSI_model ). Once an IP packet traverses a
layer
3 device (such as a router) the srcMac has been changed to that of the
router's
egress interface. Unless your ISP provided
).
-Pascal
On 4/21/2012 1:05 PM, Ondrej Mikle wrote:
If the ISP's records store [srcIP, srcPort, srcMac, dstIP, dstPort,
size,
startTime, endTime] for every TCP connection, then it's definitely
doable; note
that srcMac is MAC of client visible from ISP's side of the router to
internet
(so
On 04/22/2012 01:25 AM, torsi...@tormail.org wrote:
Hi,
Is there anything to worry about if using curl with the below configuration?
(I don't want to use a virtual machine)
Only debian-tor can go online:
iptables -F OUTPUT
iptables -A OUTPUT -j ACCEPT -m owner --uid-owner debian-tor
On Thu, Apr 19, 2012 at 4:52 PM, Nick Mathewson ni...@freehaven.net wrote:
Hi, all!
It looks like there is an openssl security advisory affecting some but
not all of the ASN.1 parsing code. The announcement is here:
http://openssl.org/news/secadv_20120419.txt
And the full-disclosure
Hm, you're right, wget 1.12 does not leak DNS if you use http protocol. I just
realized I tested it also with https when the leak happened (wget requires
explicit 'https_proxy' to use CONNECT for https even if you use the same http
proxy).
Ondrej
On 04/19/2012 10:54 PM, torsi...@tormail.net
On 04/18/2012 11:40 PM, torsi...@tormail.net wrote:
On Wed, Apr 18, 2012 at 4:56 AM, Maxim Kammerer m...@dee.su wrote:
On Wed, Apr 18, 2012 at 11:37, Robert Ransom rransom.8...@gmail.com
wrote:
Which version of wget did you audit? What information leaks did you
check for during your audit?
Hi,
I'm bit confused about the various bandwidth-limiting options, currently I've
set for a bridge running latest Tor alpha 0.2.3.13-alpha:
RelayBandwidthRate 512 KB
RelayBandwidthBurst 1024 KB
AccountingMax 90 GB
AccountingStart month 1 00:00
What I'm trying to achieve: I've got 90 GB traffic
Hi,
I've noticed that TBB linux-x86_64-2.2.35-7.2 won't start the browser. After
some debugging, the reason is that it depends on gtk2 = 2.20 which contains the
symbol gtk_widget_set_realized (RHEL-like distros have gtk2 2.18.9).
The issue popped up on Scientific Linux 6.2, but other RHEL-like
On 02/21/2012 06:48 PM, Andreas Krey wrote:
On Tue, 21 Feb 2012 14:26:06 +, Daniel .koolfy Faucon wrote:
...
Checking the software's signatures should ensure that you are not
bootstrapping from harcoded malicious fake nodes or looking at the wrong
nodes list, and obfsproxy makes sure
On 02/20/2012 05:06 PM, Ralf-Philipp Weinmann wrote:
On 2012-02-19 19:58 CET, Ondrej Mikle wrote:
Addendum for truly uberparanoid installation:
[various best practices]
With the uberparanoid installation, the greatest risk is a
return-to-libc-style
attack on Tor where attacker instructs
On 02/06/2012 02:39 PM, Phillip wrote:
Thanks for the link C, I did what it suggested vis modifying the
start-tor-browser script, but it ends up just launching another window
of Firefox and not Aurora...
Try adding option -no-remote to Firefox, it should start new process instead of
connecting
On 01/26/2012 05:38 PM, Klaus Layer wrote:
I am playing around with the tor_autocircuit script
(http://www.thesprawl.org/projects/tor-autocircuit/). When I start it, it
always aborts with an error from torctl lib:
[...]
INFO [ Thu Jan 26 16:05:18 2012 ]: kznx: Country code not found
INFO
On 01/14/12 18:56, Tor Relays at brwyatt.net wrote:
For some reason, FireFox doesn't do DNS resolution over SOCKS proxies
(this is a known bug). Using an HTTP proxy (such as Polipo) will fix this
(you have to also set FireFox to use it). The following tutorial should
help, but the basic idea is
Hi,
after a reviewer wrote on addons.mozilla.org that DNSSEC Validator add-on leaks
DNS (because it does direct queries), I've been looking how to hack around SOCKS
and Tor resolver deficiencies.
I've tried ttdnsd first, but it did not get along well with unbound (unbound was
complaining
On 01/05/12 05:18, Greg wrote:
Hi Andrew,
Thank you for taking a stab at this issue! I just tried this now, and
it still doesn't work. I don't remember precisely what the chain
looked, so I can't be sure I'm seeing anything different at all. I
restarted Chrome (but not Windows). Both
On 01/05/12 17:52, Greg wrote:
Hey Ondrej,
Here's some info from msinfo32:
OS Name Microsoft(R) Windows(R) Server 2003, Enterprise
EditionVersion 5.2.3790 Service Pack 2 Build 3790OS
ManufacturerMicrosoft Corporation
System Manufacturer MSI
System ModelMS-7350System Type
On 01/04/12 07:40, Greg wrote:
Hi,
I searched google for people having problems accessing torproject.org
from Chrome on Windows, but I didn't see much besides a discussion on
December 21 about an outage
(http://comments.gmane.org/gmane.network.tor.general/2514).
I can access torproject.org from
On 01/04/12 21:30, Pascal wrote:
Running www.digicert.com through that tool shows the 2nd intermediate
certificate that needs to be included.
Their tool is quite good, but not all-powerful. The suggested 2nd intermediate
certificate must have subject CN=DigiCert High Assurance EV Root CA.
39 matches
Mail list logo