Re: [tor-talk] Operating system updates / software installation behind Tor Transparent Proxy

2012-03-03 Thread Mansour Moufid
On Sat, Mar 3, 2012 at 8:10 AM, Fabian Keil wrote: > Robert Ransom wrote: > >> On 2012-03-02, Andrew Lewman wrote: >> >> > The trick is, I like to think I know what I'm doing and that I'll >> > notice if apt-get or my VM image fails to transfer untouched. Whether >> > I'll actually notice a soph

Re: [tor-talk] Operating system updates / software installation behind Tor Transparent Proxy

2012-03-03 Thread grarpamp
> It's my impression that signed packages aren't a priority > for the BSDs in general. It will happen when one of their mirrors gets rooted, or one of their devs gets their machine, and thus their dev account, rooted. The kernel.org, gnu/fsf and debian[?] incidents all come to mind. Too bad it see

Re: [tor-talk] Operating system updates / software installation behind Tor Transparent Proxy

2012-03-03 Thread proper
> On Sat, 03 Mar 2012 15:00:51 +, Maxim Kammerer wrote: > > On Sat, Mar > 3, 2012 at 10:33, wrote: > > > The transparently > proxied operating system does not know it's real external IP, only it's Tor > exit IP. And can therefore never leak it's real external IP. > > > > I > see this claim ma

Re: [tor-talk] Operating system updates / software installation behind Tor Transparent Proxy

2012-03-03 Thread Andreas Krey
On Sat, 03 Mar 2012 15:00:51 +, Maxim Kammerer wrote: > On Sat, Mar 3, 2012 at 10:33, wrote: > > The transparently proxied operating system does not know it's real external > > IP, only it's Tor exit IP. And can therefore never leak it's real external > > IP. > > I see this claim made all

Re: [tor-talk] Operating system updates / software installation behind Tor Transparent Proxy

2012-03-03 Thread Maxim Kammerer
On Sat, Mar 3, 2012 at 10:33, wrote: > The transparently proxied operating system does not know it's real external > IP, only it's Tor exit IP. And can therefore never leak it's real external IP. I see this claim made all the time — is it actually true? Is Tor designed to withstand active attac

Re: [tor-talk] Operating system updates / software installation behind Tor Transparent Proxy

2012-03-03 Thread Fabian Keil
Robert Ransom wrote: > On 2012-03-02, Andrew Lewman wrote: > > > The trick is, I like to think I know what I'm doing and that I'll > > notice if apt-get or my VM image fails to transfer untouched. Whether > > I'll actually notice a sophisticated exploit in deb packages or my vm > > image modifi

Re: [tor-talk] Operating system updates / software installation behind Tor Transparent Proxy

2012-03-03 Thread grarpamp
> It's lame so or so. The exit node admins will have to deal with > copyright infringement complaints. 'All bulk data' was the intended meaning. Assuming copyright is not going away, certainly operators would want to see the complaint generating portion of bulk move solely and natively to the unde

Re: [tor-talk] Operating system updates / software installation behind Tor Transparent Proxy

2012-03-03 Thread proper
--- Ursprüngliche Nachricht --- Von: grarpamp Datum: 02.03.2012 07:45:20 An: tor-talk@lists.torproject.org Betreff: Re: [tor-talk] Operating system updates / software installation behind Tor Transparent Proxy > On Thu, Mar 1, 2012 at 11:31 PM, Andrew Lewman > wrote: > > bittorr

Re: [tor-talk] Operating system updates / software installation behind Tor Transparent Proxy

2012-03-03 Thread proper
> > I'm more > worried about the risks to user anonymity. It sucks to be > the user reading > about some sensitive subject when your apt cron job > decides to poke every > package source you install from. “Oh, that guy > who keeps reading about Foozer's > Disease must be in the > Antarctica/McMu

Re: [tor-talk] Operating system updates / software installation behind Tor Transparent Proxy

2012-03-02 Thread proper
> But apt uses GPG > (run with (necessarily) root privileges) to verify > the files it downloads. > Sucks to be a Debian user when someone finds > another code-exec bug in GPG's > parsing code. Indeed. Encrypted updates would be handy. I support http://brainstorm.ubuntu.com/idea/26541/. > > Or

Re: [tor-talk] Operating system updates / software installation behind Tor Transparent Proxy

2012-03-02 Thread Hggiu Uizzu
>rransom said: >I'm more worried about the risks to user anonymity. It sucks to be >the user reading about some sensitive subject when your apt cron job >decides to poke every package source you install from. “Oh, that guy >who keeps reading about Foozer's Disease must be in the >Antarctica/McMur

Re: [tor-talk] Operating system updates / software installation behind Tor Transparent Proxy

2012-03-02 Thread Moritz Bartl
On 02.03.2012 02:39, proper proper wrote: >> I don't see a difference between regular downloads >> and operating system >> updates. (I am speaking of Debian here, I don't know >> how other >> operating system or distributions handle package installation and >> updates.) Are regular downloads of '

Re: [tor-talk] Operating system updates / software installation behind Tor Transparent Proxy

2012-03-02 Thread intrigeri
Hi, Moritz Bartl wrote (02 Mar 2012 00:27:58 GMT) : > The second reason to avoid Bittorrent over Tor is that there is no > audited torrent client. There is none because of the first reason. In case someone wants to do this audit, they should get in touch with Jacob Appelbaum who offered Tails dev

Re: [tor-talk] Operating system updates / software installation behind Tor Transparent Proxy

2012-03-02 Thread grarpamp
> Robert Ransom wrote: > FreeBSD, apt, GPG, [etc] Unfortunately, I know of none that do OpenPGP right. Such as signing their git (sha-1 tree strength) repos upon init and each release tag, distributing keys with said releases/announcements, and integrating that so on down the chain, into updates,

Re: [tor-talk] Operating system updates / software installation behind Tor Transparent Proxy

2012-03-01 Thread grarpamp
On Thu, Mar 1, 2012 at 11:31 PM, Andrew Lewman wrote: > bittorrent trackers are fine, it's the bulk download of GB of data 7x24 > that loads up the network. Wanted to add a bit here from another view. I see no issue with bulk data transfer, so long as you give back empty bandwidth equal to your

Re: [tor-talk] Operating system updates / software installation behind Tor Transparent Proxy

2012-03-01 Thread grarpamp
> Robert Ransom wrote: > Use Tor 0.2.3.x-alpha, give the user 10 or more SocksPorts and 10 or > more DNSPorts to point things which really need to be anonymous at, > and no TransPort. I think both are useful. Using TransPort as a safety packet log and proxy catchall for whatever apps might defy So

Re: [tor-talk] Operating system updates / software installation behind Tor Transparent Proxy

2012-03-01 Thread Robert Ransom
On 2012-03-01, proper proper wrote: > I was told, to ask this question here. [3] > > Tor's transparent proxy feature is at the moment a bit complicated to take > advantage off and therefore unpopular. That might change in the future, > because a) documentation improves [1]; b) in the future (depen

Re: [tor-talk] Operating system updates / software installation behind Tor Transparent Proxy

2012-03-01 Thread proper
Ok, thanks for your reply! __ powered by Secure-Mail.biz - anonymous and secure e-mail accounts. ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/lis

Re: [tor-talk] Operating system updates / software installation behind Tor Transparent Proxy

2012-03-01 Thread Robert Ransom
On 2012-03-02, Andrew Lewman wrote: > The trick is, I like to think I know what I'm doing and that I'll > notice if apt-get or my VM image fails to transfer untouched. Whether > I'll actually notice a sophisticated exploit in deb packages or my vm > image modified in perfect way that gpg or sha25

Re: [tor-talk] Operating system updates / software installation behind Tor Transparent Proxy

2012-03-01 Thread Andrew Lewman
On Fri, 02 Mar 2012 00:12:44 +0100 "proper proper" wrote: > You ask the user not to use Bittorrent over Tor, as the network can > not handle the load. bittorrent trackers are fine, it's the bulk download of GB of data 7x24 that loads up the network. > What about operating system updates behind

Re: [tor-talk] Operating system updates / software installation behind Tor Transparent Proxy

2012-03-01 Thread proper
> "proper proper" writes: > > [...] > > >> > You can easily do so by separating traffic at user level (root vs. regular > users). Why do we need a special package for such a simple task? > > > > > That's not possible. Everything behind the transparent proxy, root or regular > user, has only two o

Re: [tor-talk] Operating system updates / software installation behind Tor Transparent Proxy

2012-03-01 Thread proper proper
--- Ursprüngliche Nachricht --- Von: Moritz Bartl Datum: 02.03.2012 01:27:58 An: tor-talk@lists.torproject.org Betreff: Re: [tor-talk] Operating system updates / software installation behind Tor Transparent Proxy > On 02.03.2012 00:12, proper proper wrote: > > You ask the user n

Re: [tor-talk] Operating system updates / software installation behind Tor Transparent Proxy

2012-03-01 Thread Christopher Schmidt
"proper proper" writes: [...] >> You can easily do so by separating traffic at user level (root vs. regular >> users). Why do we need a special package for such a simple task? > > That's not possible. Everything behind the transparent proxy, root or regular > user, has only two options, use T

Re: [tor-talk] Operating system updates / software installation behind Tor Transparent Proxy

2012-03-01 Thread proper proper
> "proper proper" writes: > > > I > was told, to ask this question here. [3] > > > > Tor's transparent proxy > feature is at the moment a bit complicated to take > > advantage off and > therefore unpopular. That might change in the future, because > > a) documentation > improves [1]; b) in the fut

Re: [tor-talk] Operating system updates / software installation behind Tor Transparent Proxy

2012-03-01 Thread Christopher Schmidt
"proper proper" writes: > I was told, to ask this question here. [3] > > Tor's transparent proxy feature is at the moment a bit complicated to take > advantage off and therefore unpopular. That might change in the future, > because > a) documentation improves [1]; b) in the future (depending on

Re: [tor-talk] Operating system updates / software installation behind Tor Transparent Proxy

2012-03-01 Thread Moritz Bartl
On 02.03.2012 00:12, proper proper wrote: > You ask the user not to use Bittorrent over Tor, as the network can not > handle the load. The problem is that Bittorrent opens a lot of concurrent connections to download many pieces at once. And all those "Tweak your Torrent client and get mighty migh

[tor-talk] Operating system updates / software installation behind Tor Transparent Proxy

2012-03-01 Thread proper proper
I was told, to ask this question here. [3] Tor's transparent proxy feature is at the moment a bit complicated to take advantage off and therefore unpopular. That might change in the future, because a) documentation improves [1]; b) in the future (depending on the outcome of this bug) there migh