trac.torproject.org/projects/tor/ticket/19513
I'm fine with who joins to the Tor Project.
The difference to the code is reviewable by the community using diff tool.
I'm disappointed the fact that you, Tor Project, hide this truth without
sharing to the Tor users.
signature.asc
Description:
At first, the local interceptor can extracts private authentication key
from heartbleeded guard. Then emulate connection to IP of this guard (a
substituted faked MiTM-ed version of the Guard) for the targeted users.
Something like this can be done at the any parts of the Tor-network for
MiTMing
Thank you for closing the problem in:
https://trac.torproject.org/projects/tor/ticket/11256
--
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
On Thu, 6 Feb 2014 02:00:02 -0500
Soul Plane soulplan...@gmail.com wrote:
Is it ok to use the Tor Browser without Tor? I don't need Tor but I like
the privacy features that the browser offers.
Yes you can. I use that way for transparent torifycation in Linux,
manually restarting Browser and
On Sat, 2 Nov 2013 13:50:18 +0100
t...@lists.grepular.com wrote:
1) Create a list of tor exit nodes that do not block port 25
2) Command the tor daemon to exit those nodes exclusively.
SSL-SMTP configured to works over 465 port in most cases.
--
tor-talk mailing list -
Using Web of Trust you sacrifice your anonimity,
forward secrecy and deniability for the sake of privacy
in the term of security and integrity of a message context.
The graph of your contacts disclosured,
timing information leaked for traffic analysis etc.
This is a cross purpose to the goals
On Fri, 13 Sep 2013 14:06:45 -0700
Mike Perry mikepe...@torproject.org wrote:
harmony:
Mike Perry:
Maybe. It depends on if you resizing the window is actually as random
as you think it is. If you keep doing that, and you're one of the few
people who does, you might stand out over time?
On Mon, 19 Aug 2013 12:55:13 -0700
Max senffre...@fastmail.fm wrote:
Hallo Tor-Devs,
considering that D-Wave now claims to have a programmable quantum
computer, wouldn't it be nice for Tor to use post-quantum cyrptography?
Unfortunately, a lot of quantum secure cryptography already broken
Thnx, now everything is OK
___
tor-talk mailing list
tor-talk@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
At the time of writing:
https://www.torproject.org/dist/torbrowser/linux/tor-browser-gnu-linux-x86_64-2.3.25-9-dev-en-US.tar.gz
OpenPGP signature broken.
https://www.torproject.org/dist/torbrowser/linux/tor-browser-gnu-linux-x86_64-2.3.25-10-dev-en-US.tar.gz
OpenPGP signature missing.
Why
On Sat, 6 Apr 2013 23:54:34 -0400
cmeclax cmeclax-sa...@ixazon.dynip.com wrote:
*The NSA runs a Tor relay called Eve. It's picked as the rendezvous point for
a hidden service. Can Eve read the plaintext?
No.
Encryption with HS is end-to-end in any case.
Eve cannot reroute data to fake HS
On Wed, 30 Jan 2013 11:58:01 -0800
Micah Lee micahf...@riseup.net wrote:
If you want more than one TBB at a time you won't be able to install
them from the package manager anyway. This is true of all software. If
you want to run more than one apache2 server at the same time, you'll
need to do
On Tue, 29 Jan 2013 19:49:23 -0600
Raynardine raynard...@tormail.org wrote:
I just wanted to ask here in Tor-Talk where the efforts to decentralize
the Tor directory servers have gone so far?
One of the goals of centralizing is protect Tor against attacks
based on the desynchronisation and
On Wed, 30 Jan 2013 09:26:22 +0100
Jérémy Bobbio lu...@debian.org wrote:
Releasing updated versions is simple. The update would include a new TBB
tarball and the launcher script would include a new version, so the next
time a user runs Tor Browser it will extract the new version in
On Wed, 30 Jan 2013 12:17:04 -0600
Raynardine raynard...@tormail.org wrote:
What happens if a government (such as the United States)
demands the private keys for the Directory Authorities? Would you even
know if it has already happened years ago?
And what? Everyone can run your own tor node
On Wed, 30 Jan 2013 15:49:54 -0400
Mike Perry mikepe...@torproject.org wrote:
Longer term, I'm interested in having some form (or better: many forms)
of multipath consensus validation:
May be that algo is relevant to independed control of consensus data:
OK, now all signatures at the place, thanks.
On Sun, 6 Jan 2013 13:30:56 +
unknown wrote:
https://www.torproject.org/dist/torbrowser/linux/
https://www.torproject.org/dist/torbrowser/linux/tor-browser-gnu-linux-i686-2.3.25-2-dev-en-US.tar.gz
https://www.torproject.org/dist/torbrowser
https://www.torproject.org/dist/torbrowser/linux/
https://www.torproject.org/dist/torbrowser/linux/tor-browser-gnu-linux-i686-2.3.25-2-dev-en-US.tar.gz
https://www.torproject.org/dist/torbrowser/linux/tor-browser-gnu-linux-i686-2.4.7-alpha-1-dev-en-US.tar.gz
On Sun, 11 Nov 2012 20:19:56 +
Dan Hughes danhughes...@yahoo.co.uk wrote:
Hello,
Does browsing with TBB installed on the HD or a USB stick
and downloading files (.PDFs, SM vids etc.;)) to a USB stick (but
not opening online) result in the content of what's browsed or
downloaded
On Wed, 19 Sep 2012 02:05:30 -0400
Gregory Maxwell gmaxw...@gmail.com wrote:
It seems to me that there is a common expectation is that onion urls
provide a degree of name privacy— generally, if someone doesn't know
your name they can't find you to connect to you. If someone violates
that
On Fri, 4 May 2012 07:27:35 +0200
Fabio Pietrosanti (naif) li...@infosecurity.ch wrote:
Any potential DNS-leakage can be prevented with iptables (Debian GNU/Linux
way):
Well, this can also be prevented if the starter of TBB would be a
binary/executable rather than a shell script, and
On Wed, 2 May 2012 22:43:52 +
Robert Ransom rransom.8...@gmail.com wrote:
See
https://blog.torproject.org/blog/firefox-security-bug-proxy-bypass-current-tbbs
for the security advisory.
Robert Ransom
___
tor-talk mailing list
In theory smart adversary can reduce anonimity set with statisticaly profiling
any non-TBB downloaders on the service side or through intercepting exit node
traffic. Wget'll get a different responce than standart TBB or another
downloaders to cookies and active elements injection, fonts
On Sun, 12 Feb 2012 17:00:59 +0100
Martin Hubbard martin.hubb...@gmx.us wrote:
RefControl set to spoof referrer as host webroot is also useful, I think.
- Original Message -
From: Brian Franklin
Sent: 02/12/12 09:53 AM
To: tor-talk@lists.torproject.org
Subject: [tor-talk] Adblock
On Thu, 26 Jan 2012 14:41:06 +0100
superpl...@gmx.de wrote:
Hi,
are there any issues in controlling email-boxes through the provider-
webfrontends (gmail, gmx, etc.) using tor?
I read for example about referers in between entering account information and
being redirected to
On Sun, 30 Oct 2011 23:35:18 -0700
Jacob Appelbaum ja...@appelbaum.net wrote:
On 10/30/2011 05:37 PM, Roger Dingledine wrote:
On Sun, Oct 30, 2011 at 05:31:34PM -0700, Jacob Appelbaum wrote:
otherwise, I sometimes use a
HTTP proxy with proxychains to prevent DNS leaky applications that
On Fri, 28 Oct 2011 17:44:59 +
unknown unkn...@pgpru.com wrote:
If I run previous version of tor Linux-Debian packages and type 'ps aux |
grep tor'
then the first field is the user debian-tor.
After upgrade that field displays only uid (106) but /etc/passwd for
debian-tor is correct
On Fri, 28 Oct 2011 18:52:12 +
unknown unkn...@pgpru.com wrote:
Sorry for the misinformation. ps aux always displays numerical ID's for long
usernames.
I trying to repeat this situation on another Debian Linux machine with
similar versions updates and
iptables settings and got
On Fri, 14 Oct 2011 12:00:15 +0200
Marco Bonetti si...@slackware.it wrote:
- Original Message -
it's files to debian-tor with: chown -R debian-tor tor-browser_en-US/
maybe chown -R debian-tor:debian-tor tor-browser_en-US/ should be a little
better
Mixing permissions from
: Hope that Debian packages with separated tor-daemon itself, Tor-browser
and
: Tor-browser-plugins will be created sometime
This is unlikely unless someone else does the work.
Dirty workaround recipe:
1. Leave your transparency torifying iptables-firewall rules as is.
2. Run
On Thu, 13 Oct 2011 20:28:52 +0100
Julian Yon jul...@yon.org.uk wrote:
OOI, what's your rationale for believing that your globally configured
tor is more secure than the one in TBB?
1. Globally configured tor provided specially for Debian-Linux from
http://deb.torproject.org .
Signigicant
On Mon, 3 Oct 2011 21:39:46 +0400
unknown unkn...@pgpru.com wrote:
We talk about it day ago on some web-resource. Possible with you personally
:-)
Linux provided system Tor-daemon seems more secure then tor started from user.
I propose next steps but concern about any Gotcha! here:
1
On Wed, 12 Oct 2011 17:18:14 +
unknown unkn...@pgpru.com wrote:
On Mon, 3 Oct 2011 21:39:46 +0400
unknown unkn...@pgpru.com wrote:
We talk about it day ago on some web-resource. Possible with you personally
:-)
Linux provided system Tor-daemon seems more secure then tor started
On Wed, 12 Oct 2011 14:01:33 -0400
and...@torproject.org wrote:
did it call a different profile?
Before this I just use full path without start-script and not bother about
profiles.
This version not working without changing $HOME environment variable to `pwd`
in start-script.
OK, I use
On Mon, 3 Oct 2011 22:46:08 -0500
David Carlson carlson...@sbcglobal.net wrote:
In the Windows download section there is a variation called Vidalia
Bundle which allegedly sets up an environment within which the standard
Windows version of Firefox is expected to behave nicely. As a Windows
We talk about it day ago on some web-resource. Possible with you personally :-)
Linux provided system Tor-daemon seems more secure then tor started from user.
I propose next steps but concern about any Gotcha! here:
1) Download, check gnupg signatures and unpack tor-browser.
Keep system
Too many users dislikes of annoying web elements -- banners, popups, scripts,
strange frames. They use a tools to blocks that elements or change webpage
rendering.
Traditional programs for filtering is a local proxys -- privoxy or polipo are
examples with
close relation to Tor and used
37 matches
Mail list logo