On Thu, May 02, 2019 at 04:01:52PM -0400, grarpamp wrote:
> On 5/2/19, Herbert Karl Mathé wrote:
> > I strongly believe certain issues need be brought up into conscious, and
> > into presence: into discussion, actually.
> >
> > Therefore appreciating this as it might fit too well into context
> >
On Sat, Sep 29, 2018 at 04:28:46PM -0700, Mirimir wrote:
> On 09/29/2018 09:29 AM, panoramix.druida wrote:
> >
> > ‐‐‐ Original Message ‐‐‐
> > El sábado, 29 de septiembre de 2018 11:58, J B
> > escribió:
> >
> >> Hi,
> >> Could you please explain in what sequence the two should be acti
You may be interested in our paper "HSTS Supports Targeted Surveillance"
that we will present at FOCI next week
https://www.usenix.org/conference/foci18/presentation/syverson
Amongst other things, it discusses some of the issues raised in this thread.
They will post the paper on Tuesday, but if so
On Wed, Sep 20, 2017 at 07:53:35AM -0400, krishna e bera wrote:
> On 20/09/17 06:00 AM, Alec Muffett wrote:
[snip]
> >
> > I'd really love to see Tor, TBB and TBB-Plugin mechanisms upgraded to run
> > over single-onion, for instance. It would make sense.
> >
> > -a
> >
>
> If by single-oni
On Wed, Aug 30, 2017 at 11:28:13AM -0700, Seth David Schoen wrote:
> Roger Dingledine writes:
>
> > I think finding ways to tie onion addresses to normal ("insecure web")
> > domains, when a service has both, is really important too. I'd like to
> > live in a world where Let's Encrypt gives you an
On Wed, Aug 30, 2017 at 01:18:36PM -0400, Roger Dingledine wrote:
> On Wed, Aug 30, 2017 at 03:07:37PM +0100, Ben Tasker wrote:
> > So his suggestion is portrayed as not sacrificing much, but actually
> > sacrifices quite a lot.
>
> This is a really important point. Thinking of onion space right n
On Wed, Aug 23, 2017 at 03:40:22AM -0400, Roger Dingledine wrote:
> On Mon, Aug 21, 2017 at 11:49:22PM -0700, Yuri wrote:
> > Here is the white paper with MTor design:
> > https://www.degruyter.com/downloadpdf/j/popets.2015.2016.issue-2/popets-2016-0003/popets-2016-0003.pdf
> >
> >
> > So, what
On Mon, Aug 07, 2017 at 09:32:20AM +0200, Jon Tullett wrote:
> On 4 August 2017 at 02:05, Paul Syverson wrote:
> > On Thu, Aug 03, 2017 at 04:38:49PM -0700, Jacki M wrote:
> >> Comments on Paul Syverson Proposed attack?
> >> Paul Syverson - Oft Target: Tor adversary
On Thu, Aug 03, 2017 at 04:38:49PM -0700, Jacki M wrote:
> Comments on Paul Syverson Proposed attack?
> Paul Syverson - Oft Target: Tor adversary models that don't miss the mark
> https://www.youtube.com/watch?v=dGXncihWzfw
>
Ermm, brilliant. ;>)
More seriously. The point of
On Sun, Jun 18, 2017 at 10:22:19AM -0400, krishna e bera wrote:
> On 18/06/17 05:50 AM, Alec Muffett wrote:
> >In other news, the FB Onion, for some time after it launched, geolocated to
> >London. I can't imagine why.
>
> How can a .onion geolocate anywhere? Arent they supposed to be entirely in
On Mon, Feb 20, 2017 at 10:19:23AM +, Alec Muffett wrote:
> On 20 February 2017 at 09:45, Georg Koppen wrote:
>
> > I don't think so as I don't see how next generation .onion services
> > solve the underlying problem.
>
Griffin Boyce and I published a paper not quite a year ago with a
secti
On Thu, Jan 19, 2017 at 07:06:00AM +, Ivan Markin wrote:
> radio...@chscene.ch:
> > Firefox message:
> > Server not found
> > Firefox can’t find the server at facebookcorewwwi.onion
>
This is an onion address. Ordinarily configured Firefox will not recognize
it as such and simply generate a DN
On Sat, Aug 27, 2016 at 02:15:37PM +, krist...@ovpn.se wrote:
> Hello,
> my company decided to start a Tor exit relay recently. We now want
> to show some statistics on the DirFrontPage which we think people
> will find interesting.
> The statistic will only be basic and already public informa
On Sun, Jul 31, 2016 at 01:35:19PM -0400, grarpamp wrote:
> On 7/21/16, grarpamp wrote:
> > [doc request[
>
> Since this seems to have been ignored by Tor Project Inc for more
> than a week, and people have indicated further interest, it has now
> been lodged as a formal ticket. Requests to updat
On Fri, Jul 08, 2016 at 08:17:05AM -0400, Sci Fith wrote:
>
> I've tested for research purposes running both proxychains and
> openvpn setups using 2-3 VPSs with private ip addresses from bolt vm
> for really cheap per month. Worked really well as an alternative to
> using Tor.
>
> Question, If y
On Tue, Jul 05, 2016 at 05:33:53PM -0400, krishna e bera wrote:
> On 07/05/2016 12:30 AM, Paul Syverson wrote:
> > On Mon, Jul 04, 2016 at 10:55:25PM +, Cannon wrote:
> >>
> >> Just a paper I found, thought you all might find it interesting.
> >
On Mon, Jul 04, 2016 at 10:55:25PM +, Cannon wrote:
>
> Just a paper I found, thought you all might find it interesting.
> What are your thoughts on this?
>
>
> http://www.ohmygodel.com/publications/usersrouted-ccs13.pdf
A work of penetrating pathos and unwavering brilliance, one that surel
On Wed, Jun 29, 2016 at 11:54:04AM -0400, Mansour Moufid wrote:
> On Thu, Jun 23, 2016 at 11:56 AM, Paul Syverson
> wrote:
>
> > Vitriol aside, the problem is that you don't get to just apply your
> > own intuitive decisions about the meaning of technical terms and
On Mon, Jun 27, 2016 at 01:18:11AM -0700, Spencer wrote:
> Hi,
>
> >
> >Paul Syverson:
> >the meaning of technical terms
> >
>
> So that I may verify and understand meaning, what terms?
>
'Anonymity', more specifically communications anonymi
On Thu, Jun 23, 2016 at 11:10:36AM -0400, Chris Dagdigian wrote:
>
> Seriously? I spent some time trying to parse Juan's various messages
> yesterday to try to understand his point of view ... if you remove all of
> the insults and snide remarks the only concrete position I could discern was
> th
On Wed, Jun 22, 2016 at 02:09:30PM +0200, carlo von lynX wrote:
> Paul, I thank you for the honor of "proofreading" that page.
>
> On Wed, Jun 22, 2016 at 07:16:21AM -0400, Paul Syverson wrote:
> > On Tue, Jun 21, 2016 at 07:39:22PM +0200, carlo von lynX wrote:
> >
On Tue, Jun 21, 2016 at 07:39:22PM +0200, carlo von lynX wrote:
> On Tue, Jun 21, 2016 at 12:48:38PM -0400, Paul Syverson wrote:
> > Well there's things like alpha-mixing (better tau-mixing) as that
>
> Yes, alpha-mixing would be a great step forward I guess.
> Would you sa
On Tue, Jun 21, 2016 at 01:28:12PM +0200, Aymeric Vitte wrote:
>
>
> Le 21/06/2016 à 06:19, Paul Syverson a écrit :
> > We published a design in 2010 that essentially turns a
> > solution against a passive adversary into a solution against an active
> > adversary. I
vations
> of those involved, this behavior is an attack that needs to be defended
> against.
>
> On June 20, 2016 6:25:53 PM PDT, Paul Syverson
> wrote:
> >On Mon, Jun 20, 2016 at 09:19:27PM -0300, juan wrote:
> >> On Mon, 20 Jun 2016 18:50:10 -0500
> >> An
On Tue, Jun 21, 2016 at 01:37:05AM -0400, grarpamp wrote:
> Voce Syverson:
> > I invented onion
> > routing (with David and Michael) and designed Tor (with Roger and
> > Nick).
> > ...
> > I believe we invented the design of a network that utilizes
> > layers of public-key crypto to lay a cryptogra
On Mon, Jun 20, 2016 at 11:52:47PM -0300, juan wrote:
> On Mon, 20 Jun 2016 21:25:53 -0400
> Paul Syverson wrote:
>
>
> >
> > I know I'm feeding the troll, but this is just crap. I invented onion
> > routing
>
> You mean, you invented the name?
On Mon, Jun 20, 2016 at 09:19:27PM -0300, juan wrote:
> On Mon, 20 Jun 2016 18:50:10 -0500
> Anthony Papillion wrote:
>
> > -BEGIN PGP SIGNED MESSAGE-
> > Hash: SHA512
> >
> > On 6/20/2016 6:35 PM, juan wrote:
> > > On Mon, 20 Jun 2016 18:07:12 -0500 Anthony Papillion
> > > wrote:
> > >
On Sun, Jun 05, 2016 at 05:20:24PM -0400, Allen wrote:
> >
> > So randomizing the times that traffic enters the network and exits the
> > network wouldn't work? Like it enters a note and 30 ms after received or
> > another random delay couldn't it exit. It would be harder to correlate the
> > traff
On Tue, May 31, 2016 at 04:02:37PM -0700, Seth David Schoen wrote:
> NTPT writes:
>
> > There is no motivation to make exploits and other stuff on rare OSses..
>
> There's a certain circularity to this: if you use rare OSes because
> attackers aren't interested in them and you convince lots of p
On Mon, May 30, 2016 at 09:18:48PM -0400, Nathan Freitas wrote:
> On Mon, May 30, 2016, at 09:08 PM, Seth David Schoen wrote:
> > Paul Templeton writes:
> >
> > > Where Tor may fit...
> > >
> > > The Tor network would provide the secure transport - each site would
> > > create an onion address.
On Tue, Mar 22, 2016 at 05:08:35PM -0700, Mike Perry wrote:
> Ben Stover:
> > As far as I know TorBrowser switches automatically every 10 minutes the
> > node chain resp. the IP of the ExitNode.
> >
> > Can I somehow extend this timeout time to another value e.g. 30 minutes?
> >
> > Or (even bet
On Sun, Feb 28, 2016 at 10:53:13PM +0100, Guido Witmond wrote:
> On 01/16/16 22:22, Rejo Zenger wrote:
> > Hi!
> >
> > I'm wondering...
> >
> > - How can a user reliably determine some .onion address actually
> >belongs to intended owner?
>
> Hi Rejo,
>
> I think that in general, .onion a
On Thu, Feb 25, 2016 at 12:26:02AM +0100, Guido Witmond wrote:
>
> I don't want *people* to exchange keys. I envision people to exchange
> names and let computers do the key lookup.
>
The description below sounds a fair amount like Keybase (https://keybase.io)
Perhaps it would be helpful to cont
I think it could be a good topic for face-to-face discussion.
I also think it dovetails with our trust-aware approach. I'm
not sure I think ID in the usual official sense will mean much
in this context (but we can discuss); however, if a useful notion
of identity can be introduced it could be one o
lob/master/SP_SPSI-2015-09-0170.R1_Syverson.pdf
for a description of both how people are using GPG now, and for
the situation and plans for certs in the future.
See also Juha Nurmi's related post to this list about booby trapped
onion sites.
aloha,
Paul
On Tue, Jan 26, 2016 at 02:04:54PM -0500
This is false.
First of all '.onion' is an officially recognized reserved top level
domain according to IETF RFC 7686.
Second, a CA _will_ validate a .onion address, but only to provide an
EV (extended validation) Cert. EV Certs are typically only
had by big companies etc. Typical browsers repre
On Sun, Jan 24, 2016 at 04:13:18PM -0800, Spencer wrote:
> >
> >leave the route selection to Tor
> >
>
> Is this that trust thing people are always talking about?
>
A little terse to know, but onion routing is designed around diversity
of trust. Just to be clear, this does not mean 'let the Tor
On Sat, Jan 16, 2016 at 10:22:50PM +0100, Rejo Zenger wrote:
> Hi!
>
> I'm wondering...
>
> - How can a user reliably determine some .onion address actually
>belongs to intended owner?
>
> - How is the provider of .onion service supposed to deal with a lost or
>compromised private key
On Thu, Jan 14, 2016 at 05:58:50PM +0100, Markus Hitter wrote:
>
> On 32C3 a few weeks ago ...
>
> https://media.ccc.de/v/32c3-7322-tor_onion_services_more_useful_than_you_think
>
> ... Roger cheered a lot about Facebook offering a hidden service.
>
> To be honest, this surprises me quite a bit
On Wed, Oct 14, 2015 at 04:42:07PM +0200, aka wrote:
> US Navy wanted a mesh network for their ships so an adversary couldn't
> determine by passively listening what ship is the flagship.
In a word, No. That was not an application we had in mind when we
proposed looking at the question of how to s
oncerns?
>
> -V
>
> On Sat, 19 Sep 2015 at 22:42 Paul Syverson
> wrote:
>
> > You are also not vulnerable to any DNS hijack since address lookup
> > does not use the DNS system. Likewise BGP hijacks are diminished in
> > value. But perhaps more important tha
You are also not vulnerable to any DNS hijack since address lookup
does not use the DNS system. Likewise BGP hijacks are diminished in
value. But perhaps more important than either of these, any CA hijack
or shenanigans are greatly diminished in usefulness. You might want to
look at a short positio
On Fri, Sep 04, 2015 at 06:50:57PM +, Harmony wrote:
>
> After several television appearances over the past few years, Tor made
> its literary debut last month in the fourth installment of the late
> Stieg Larsson’s Millennium series. A warm Tor community welcome to
> Lisbeth Salander — though
ly unaffected.
aloha,
Paul
> Tom
>
>
>
>
> > On 27 Aug 2015, at 14:57, Paul Syverson wrote:
> >
> >> On Thu, Aug 27, 2015 at 10:08:26AM +0200, Tom van der Woerdt wrote:
> >> In some corporate environments this would be a reasonable thing to
> >> do.
On Thu, Aug 27, 2015 at 10:08:26AM +0200, Tom van der Woerdt wrote:
> In some corporate environments this would be a reasonable thing to
> do. And the article that started this thread is about corporate
> networks.
>
> If you work in a call center with a company computer, you have
> absolutely no
for your time in answering my question
Glad I could help.
-Paul
>
> On Mon, Aug 3, 2015 at 7:17 PM, Mirimir wrote:
>
> > On 08/03/2015 10:02 AM, Paul Syverson wrote:
> > > Hi Cari,
> > >
> > > On Mon, Aug 03, 2015 at 06:38:07PM +0300, Cari Machet wrote:
&
rch Laboratory. The Navy
is a standard place for me to apply to with any funding proposal.
Perhaps this will help
http://www.nrl.navy.mil/doing-business/
And, for any proposal, we _don't_ know that we can get funding for it
till a funder agrees.
HTH,
Paul
>
> On Mon, Aug 3, 2015
On Mon, Aug 03, 2015 at 03:58:59PM +0800, Virgil Griffith wrote:
> > You did that on purpose, right? You obviously knew the kind of
> > answers your question would generate.
>
> I was hoping for responses like those from Dr. Syverson. I was not
> interested in debating the ethics
On Thu, Jul 30, 2015 at 03:36:52AM +0800, Virgil Griffith wrote:
> > old at that point.) We had a picture where the ordering
> > information went over the Web from the Pentagon to Domino's and was
> > routed by an enemy (Iraq at the time of the putative pizza channel
> > concern). I remember a poi
Hi Virgil,
On Wed, Jul 29, 2015 at 12:32:56PM +, Virgil Griffith wrote:
> intending to use Tor for?
>
> I know the classic story of US intelligence agents wanting to phone home
> from Beijing hotels without Chinese intelligence knowing they were phoning
> home as a partial motivation for open
On Thu, Jun 25, 2015 at 10:04:31AM -0700, Seth David Schoen wrote:
> Seth David Schoen writes:
>
> > If you read the original Tor design paper from 2004, censorship
> > circumvention was actually not an intended application at that time:
> >
> > https://svn.torproject.org/svn/projects/design-pape
On Tue, Jun 23, 2015 at 12:06:41AM -0400, grarpamp wrote:
> Longer reply may come, but I think it is useful to again say
> that it may be that you must disassociate the classical "tor
> centric" idea of fill away from the idea of filling the "tor circuit".
> Of course any circuit level fill from en
On Sun, Jun 21, 2015 at 05:27:56AM +, n...@cock.li wrote:
> grarpamp:
> > http://shofarnexus.com/Blog-2015-01-13
>
> Under "The hole in TOR":
> > If you see a 456 byte message sent from computer A and a moment later
> > the same or similar size message arrive at computer B you could draw
> > a
leazebags and crooks" are.
>
> And it's "Tor", not "TOR", not "the onion router". Paul Syverson said
> some very witty things about that, some years ago.[0]
>
> [0] http://freehaven.net/anonbib/cache/entropist.pdf (page 14, note 7)
Thanks for the
Hi Ben,
On Sun, May 17, 2015 at 11:26:41AM -, Ben wrote:
> Hi all,
>
> I've got a (www) site that I'm debating making available as a Hidden
> Service, and I was wondering what peoples thinking on doing this was
> nowadays.
>
I'm presenting a short paper I wrote with Griffin Boyce "Genuine
o
On Mon, Apr 06, 2015 at 07:53:55PM -0300, Juan wrote:
> On Mon, 6 Apr 2015 14:35:40 +1000
> Zenaan Harkness wrote:
>
> > On 4/6/15, Juan wrote:
> > > On Mon, 6 Apr 2015 12:51:31 +1000
> > > Zenaan Harkness wrote:
>
> >
> > Well, I haven't read a lot, but I think there was this history of TOR
If s/he is using Tor and hasn't done something odd to reconfigure, then
the DNS resolve is done at the exit relay. His local DNS resolver is
never contacted. Also, original poster said that local resolution
worked correctly (presumably the correct IP address is known); only
over Tor was there a pr
On Wed, Mar 11, 2015 at 09:54:28AM +, Aaron Gibson wrote:
[snip]
>
> The suggestions I made were:
>
[snip]
>
> 2. CloudFlare should ensure that they have presence within AS or datacenters
> where Tor Exits are present, and that their GeoDNS correctly points requests
> from Tor to the nearest
On Wed, Feb 04, 2015 at 06:58:28AM +0100, CJ wrote:
>
>
> On 02/04/2015 06:19 AM, Seth wrote:
> > On Tue, 03 Feb 2015 20:01:36 -0800, Andrew Roffey
> > wrote:
> >> - there is a cost of obtaining HTTPS signatures.
> >
> > Not certain if the deal is still being offered, but for quite a while
> >
On Mon, Feb 02, 2015 at 01:44:05PM -0800, Seth wrote:
> On Mon, 02 Feb 2015 13:37:58 -0800, Paul Syverson
> wrote:
>
> >The point was that there was a bunch of stuff we started doing at NRL
> >in 1995 we called "onion routing" including what we eventually called
On Mon, Feb 02, 2015 at 01:14:15PM -0800, spencer...@openmailbox.org wrote:
> >mirimir[at]riseup.net:
> >>spencerone[at]openmailbox.org:
> >>>paul.syverson[at]nrl.navy.mil:
> See p. 129 of
> http://www.acsac.org/2011/program/keynotes/syverson.pdf
> also
> https://www.torproject.org/
On Mon, Feb 02, 2015 at 01:32:06PM -0700, Mirimir wrote:
> On 02/02/2015 11:56 AM, spencer...@openmailbox.org wrote:
> > Paul Syverson paul.syverson at nrl.navy.mil:
> >> See p. 129 of http://www.acsac.org/2011/program/keynotes/syverson.pdf
> >> also
> >
On Sun, Feb 01, 2015 at 12:36:30AM -0700, Mirimir wrote:
> On 01/31/2015 11:53 PM, Seth wrote:
> > On Sat, 31 Jan 2015 17:47:20 -0800, Mirimir wrote:
>
[snip]
>
> that getting your anonymity more privately makes it less anonymous.
Whoa! That phrase blew my mind and is almost certainly the phras
On Fri, Jan 30, 2015 at 07:15:30PM -0700, Mirimir wrote:
> On 01/30/2015 06:48 PM, grarpamp wrote:
> > On Fri, Jan 30, 2015 at 7:54 PM, Mirimir wrote:
> >> JonDoNym / JAP
> >
> > I'm seeing references to this tool pop up recently in various
> > places. Keep in mind the controversie from years ago
On Fri, Jan 30, 2015 at 10:05:46AM +, Squeak wrote:
> Hello,
>
> Relative newbie here, and I was wondering if someone could help me with
> something please. I keep seeing people describing connections to the Tor
> and is VPN connections in the following two ways:
>
> Tor -> VPN
> VPN -> Tor
On Thu, Jan 29, 2015 at 11:24:18AM -0800, spencer...@openmailbox.org wrote:
> Krishna,
>
> krishna e bera keb at cyblings.on.ca:
> >Tor (not an uppercased acronym)
> >
>
> Why?
>
See p. 129 of http://www.acsac.org/2011/program/keynotes/syverson.pdf
also
https://www.torproject.org/docs/faq.html.
On Sun, Dec 14, 2014 at 10:29:49PM -0700, Mirimir wrote:
> On 12/14/2014 09:28 PM, Paul Syverson wrote:
> > On Sat, Dec 13, 2014 at 01:04:06PM -0700, Mirimir wrote:
> > [snip]
> >>
> >> However, Tor is by design a Chaum-style network of untrusted nodes. As
> &g
On Sat, Dec 13, 2014 at 01:04:06PM -0700, Mirimir wrote:
[snip]
>
> However, Tor is by design a Chaum-style network of untrusted nodes. As
> long as one of the three nodes in a circuit is honest, users remain
> anonymous. Even simultaneous attacks by non-colluding adversaries can
> protect users'
On Sun, Nov 16, 2014 at 02:50:53AM -0800, Virgil Griffith wrote:
> Right now I perceive consensus in accepting the term "onion services"
> as a synonym for "hidden services", and when it's specifically a
> website, also suggesting the more specific term, "onion site".
For reasons I stated (separat
This is also nice because it further emphasizes the distinction
between the thing that the user is setting up and the network that
is providing secure/hidden/private/location-protected/whatever access to it.
'Onion service' to me doesn't as cleanly conceptually separate the
service that is protecte
On Wed, Oct 15, 2014 at 09:26:59PM -0600, Mirimir wrote:
> On 10/15/2014 08:57 PM, Paul Syverson wrote:
> > On Wed, Oct 15, 2014 at 06:15:37PM -0600, Mirimir wrote:
> >>
> >> "Web of Trust" is problematic for those who chose pseudonymity. Over the
> >>
On Wed, Oct 15, 2014 at 06:15:37PM -0600, Mirimir wrote:
>
> "Web of Trust" is problematic for those who chose pseudonymity. Over the
> years, I've come to trust several pseudonyms based on interactions via
> discussion forums and email, signed documents and software, apparent
> integrity, and so
On Tue, Oct 14, 2014 at 01:05:57PM -0400, Nick Mathewson wrote:
> On Tue, Oct 14, 2014 at 12:17 PM, Greg Norcie wrote:
> > Hi all,
> >
> > I'm working on doing a study on user tolerance of delays (for example,
> > latency on Tor).
> >
> > During our discussion, a bit of a debate occured about the
On Mon, Oct 06, 2014 at 07:49:38PM -0600, Mirimir wrote:
> On 10/06/2014 07:26 PM, Virgil Griffith wrote:
> > I'm attempting to quantify the proportion of traffic used by hidden
> > services. When connecting to hidden services, are exit nodes ever used
> > (unless the exit node also has a guard fla
On Tue, Jul 08, 2014 at 09:30:07AM +0200, Anders Andersson wrote:
> On Tue, Jul 8, 2014 at 2:32 AM, Joe Btfsplk wrote:
> > On 7/7/2014 6:04 PM, I wrote:
> >> As for freedom of speech Australia has none legislated and does have
> >> severe laws against sedition.
> >> What other developed country ca
On Tue, Jul 01, 2014 at 10:06:38PM +0100, Mark McCarron wrote:
> Paul,
>
> Paul,
>
> What you are seeking a full design for a distributed Web Hosting
> platform within Tor. Let's see...
Well even a sketch (which you begin to provide below) would be more
helpful to be able to comment on whether
On Tue, Jul 01, 2014 at 04:41:30PM -0300, Juan wrote:
> On Tue, 1 Jul 2014 14:36:08 -0400
> Paul Syverson wrote:
>
[snip]
>
> >It's hard to imagine what would satisfy you at this point but
> > perhaps this will help: I designed Tor with Roger and Nick. At all
>
On Tue, Jul 01, 2014 at 08:31:00PM +0100, Mark McCarron wrote:
> Paul,
>
[snip]
> Eliminating this correlation attack is trivial.
So you keep saying. Everybody who has worked on this who has responded
has said that they don't know how and that they find this a hard
problem. But your response is
On Tue, Jul 01, 2014 at 06:32:27PM +0100, Mark McCarron wrote:
> Alex,
>
> You must be living in a fantasy land. The problem still remains,
> Tor is vulnerable to a global view and that global view exists
> according to Snowden. Further, it would appear that Tor was
> designed to fit into that g
To see more than you probably care to know on the history of the
names 'onion routing' and 'Tor' cf. pages 129, 135 of
http://www.acsac.org/2011/program/keynotes/syverson.pdf
Two things that I see were not mentioned there: Nick Mathewson pointed
out to me and I confirmed in email exchanges that w
On Wed, May 14, 2014 at 12:00:49PM -0300, J.M. Porup wrote:
> On Wed, May 14, 2014, at 11:53, Patrick Schleizer wrote:
> > Nicolas Vigier:
> > > It's a little sad that so many people like to use the word "DarkWeb"
> > > to talk about .onion websites, because it sounds like something scary
> > > or
On Mon, Mar 17, 2014 at 01:00:32PM +0100, Maimun Rizal wrote:
> Dear All,
>
> Where I can find information about the fundamental differences
> between Onion Routing (OR) and The Onion Router (TOR)?
First off Tor not "TOR" and The Onion Routing not "The Onion Router"
cf. https://www.torproject.org
On Sun, Mar 09, 2014 at 10:21:52AM +0100, Fabio Pietrosanti (naif) wrote:
> Il 3/8/14, 8:39 PM, Paul Syverson ha scritto:
> > If you naively view Tor as Yet Another Pulbic Proxy, I agree. But this
> > is the same thinking that leads you to block all encrypted traffic you
> >
On Sat, Mar 08, 2014 at 11:24:12AM -0500, Andrew Lewman wrote:
> On Sat, Mar 08, 2014 at 05:00:04AM -0500, grarp...@gmail.com wrote 0.9K bytes
> in 0 lines about:
> : Noticed that the frontpage mentions location/anonymity
> : but doesn't actually say anything about encryption shielding
> : your th
On Sat, Mar 08, 2014 at 08:06:11PM +0100, Fabio Pietrosanti (naif) wrote:
> Il 2/7/14, 4:46 AM, grarpamp ha scritto:
> > What can we do, as a collective social entity, to put an end to
> > this madness?
> >From a "Security-Wise" point of view, if i was the IT Security Manager
> of a company, i wou
On Fri, Mar 07, 2014 at 11:29:22AM +, Miguel Regala wrote:
> There are some interesting papers on TOR anonymity, not really sure if all
> of them have been addressed.
>
> Some:
> http://ieeexplore.ieee.org/xpl/articleDetails.jsp?tp=&arnumber=6407715&queryText%3Dtor
> http://ieeexplore.ieee.org
On Mon, Feb 24, 2014 at 12:01:43PM -0500, Griffin Boyce wrote:
> On 2014-02-23 22:21, Anon wrote:
>> Why so many bugfixes?
>>
>> 455 tor.git Changelog entries with names "(Major|Minor) Bugfixes".
>>
>> Do tor need better testing?
>
> There was just a major event where there was extensive testing
On Fri, Feb 07, 2014 at 12:33:08AM -0800, Al Jigong Billings wrote:
> Or maybe people got tired of the minority of trolls and nazis that seem to
> come through Tor to infest some sites. I know people who block Tor. It is
> usually because a disproportionate amount of the abuse on their site comes
>
On Wed, Jan 08, 2014 at 02:40:11PM +0100, Andreas Krey wrote:
> On Wed, 08 Jan 2014 13:17:47 +, Mark McCarron wrote:
> ...
>
> > No, its not. Traffic obfuscation techniques can eliminate the
> > global view. It just needs to be implemented correctly.
>
> How? A user can only interact with a
Topposting cause I'm tired and lazy. Sorry.
So I designed exactly this type of thing
c. fifteen years ago. Cf.
"Weakly Secret Bit Commitment: Applications to Lotteries and Fair Exchange"
and a journal version of some of that in
"Temporarily Hidden Bit Commitment and Lottery Applications"
Also, Rog
On Wed, Nov 20, 2013 at 11:27:36AM +0100, Moritz Bartl wrote:
> On 11/20/2013 04:41 AM, Jonas Bruun wrote:
> > I'm currently conducting research for a graduate class paper at University
> > of Texas at Austin. My research topic is the Dark / Deep web. Due to the
> > anonymous character of the users
On Thu, Oct 17, 2013 at 10:46:57AM +0200, Andreas Krey wrote:
> On Wed, 16 Oct 2013 19:42:41 +, Joe Btfsplk wrote:
> ...
> > One thing jumps out, Tor doesn't know for sure who's running Guard or
> > exit nodes - & can't unless they start doing (regular, repeated)
> > extensive personal interv
On Mon, Sep 16, 2013 at 07:55:08PM -0300, Juan Garofalo wrote:
[SNIP]
> >>
> >> There's an interesting ambiguity here, it seems. First it's
> >> stated that onion routing doesn't protect against 'big' (in
> >> network terms) adversaries. But then no hard data is given
> >>
On Sat, Sep 14, 2013 at 09:32:58PM +, mirimir wrote:
[SNIP]
>
> That sums it up well, I think.
>
> Given Tor's design, numerous parties, including many sets of bitter
> enemies, can cooperate to provide common anonymity. The design is open,
> so all parties can identify weaknesses and contrib
Last try, as I've already spent more cycles on this
than I generally have for such.
On Fri, Sep 13, 2013 at 08:02:31PM -0300, Juan Garofalo wrote:
>
> >
> >I said nothing about being clueful in technical matters. I said that
> >if you make clueful constructive criticisms you are typically likely
On Wed, Sep 11, 2013 at 10:59:55PM -0300, Juan Garofalo wrote:
>
> At 02:31 PM 9/11/2013 -0400, Paul Syverson wrote:
>
> > Most people involved in creating Tor
> >including, e.g., Andrew Lewman, now Executive Director, of the Tor
> >Project Inc. first got invo
For some reason, just the message to which I'm responding below out of
this entire thread got caught in a spam trap that I rarely check (once
every month or three) because it very rarely catches messages I
want. The thread has long ago moved on. I respond inline below, but
feel free to ignore.
On
On Sun, Sep 08, 2013 at 11:47:06AM -0400, Nathan Suchy wrote:
> Would my traffic still be secure?
>
To do what, and secure against whom and to what degree?
It is reasonable to assume that if NSA is running Tor nodes, then they
are probably using good operational security. So against someone
brea
On Fri, Aug 30, 2013 at 04:38:21PM +0200, Sebastian G. wrote:
> 30.08.2013 Juan Garofalo:
> > At 02:16 AM 8/30/2013 -0700, you wrote:
> >> Juan Garofalo:
> >>> At 02:14 PM 8/29/2013 -0700, you wrote:
[snip]
> >>
> >> 1. Respect our efforts on this front. We're doing our best with
> >> what we hav
On Tue, Aug 27, 2013 at 11:24:18AM -0400, grarpamp wrote:
> On Tue, Aug 27, 2013 at 3:08 AM, Roger Dingledine wrote:
> > Check out
> > https://metrics.torproject.org/users.html
> > The number of Tor clients running appears to have doubled since August 19:
> > And it's not just a fluke in the metri
1 - 100 of 140 matches
Mail list logo
