This is particularly interesting and unexpected. Creating a way for an average Joe to use tails sounds great. Mind if I ask what is the 4k support like for those of us that have it? Thursday, 24 December 2015, 11:00pm +11:00 from [email protected] :
>Send tor-talk mailing list submissions to >[email protected] > >To subscribe or unsubscribe via the World Wide Web, visit >https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk >or, via email, send a message with subject or body 'help' to >[email protected] > >You can reach the person managing the list at >[email protected] > >When replying, please edit your Subject line so it is more specific >than "Re: Contents of tor-talk digest..." > > >Today's Topics: > > 1. Call for testing new tools and instructions to get started > with Tails (sajolida) > 2. A curious email from Twitter mentioning Tor Project (Akater) > 3. Re: A curious email from Twitter mentioning Tor Project > ([email protected]) > 4. Re: A curious email from Twitter mentioning Tor Project > (Jens Kubieziel) > 5. Re: A curious email from Twitter mentioning Tor Project (kytv) > 6. Re: torpoxy support for forced https (Katya Titov) > > >---------------------------------------------------------------------- > >Message: 1 >Date: Wed, 23 Dec 2015 15:08:48 +0000 >From: sajolida < [email protected] > >To: "discussions about user-experience of Tor products." >< [email protected] >, [email protected], List to be >used by Tor teachers and trainers to build a "community," circulate >training materials and get feedback >< [email protected] > >Subject: [tor-talk] Call for testing new tools and instructions to get >started with Tails >Message-ID: < [email protected] > >Content-Type: text/plain; charset=utf-8 > >We are aware that the process of getting started with Tails >(downloading, verifying, installing, starting, and configuring) might be >the main stumbling block for its wider adoption. > >Over 2015, we have worked very hard to make this process easier and >today we are happy to release a first beta version of the new process. > >We worked on: > >1. A Firefox add-on to automate the verification of the ISO image, > written by Giorgio Maone, the author of NoScript. > >2. The inclusion of Tails Installer directly in Ubuntu (and Debian > really soon), to avoid burning a DVD, using two USB sticks, or going > through the command line. > >3. New instructions on the website to present the process > step-by-step, according to your operating systems, skills, and > available hardware. > >We would love to have many diverse people test it and tell us what >they think. For example, if you tried to install or verify Tails in >the past but failed, your feedback will be much appreciated! > >It would be most helpful to point out: > > - Technical problems. If you think that something technical failed > during the process, try to describe in details what you were > trying to do and how it failed. > - Usability problems. If you fail to understand something, point us > to the part that is unclear; if you get a result different from > what you expected, tell us what surprised you in a bad way. > Please don't report problems that you think other people might > face, unless you are a usability expert > - Victories. For example, tell us if you found this super cool or > if it helped you install Tails for the first time! > >/!\ We know this beta version is not perfect. We still have many > details to improve but we wanted to give you all an opportunity to > try it out before it replaces the current documentation on the > website. > >If you're ready to give it a try, visit: > > https://tails.boum.org/install/ > >Please send your feedback to [email protected]. > > > >------------------------------ > >Message: 2 >Date: Thu, 24 Dec 2015 03:08:02 +0000 >From: Akater < [email protected] > >To: [email protected] >Subject: [tor-talk] A curious email from Twitter mentioning Tor >Project >Message-ID: < [email protected] > >Content-Type: text/plain; charset="utf-8" > >Note: I'm using Tor for Twitter for some time; however it is not (and >has never been) a particularly rock solid anonymity solution for me. I'm >mostly doing it for research: how an average Tor user, or a >privacy-seeking user in general, is welcomed these days. I've had some >issues with Twitter access recently. My post on this, as well as other >related threads on tor-talk, are linked below. [1--4] > >Given all this, the following email (Received 2015-12-11 from >[email protected]) is somewhat curious: > >> Dear @akater, > >> As a precaution, we are alerting you that your Twitter account is one >> of a small group of accounts that may have been targeted by state- >> sponsored actors. We believe that these actors (possibly associated >> with a government) may have been trying to obtain information such as >> email addresses, IP addresses, and/or phone numbers. > >> At this time, we have no evidence they obtained your account >> information, but we?re actively investigating this matter. We wish we >> had more we could share, but we don?t have any additional information >> we can provide at this time. > >> It?s possible your account may not have been an intended target >> of the suspected activity, but we wanted to alert you as soon as >> possible. We recognize that this may be of particular concern >> if you choose to Tweet using a pseudonym. For tips on protecting >> your identity online, you may want to visit the "Tor Project >> ( https://www.torproject.org/ )" or EFF?s "Protecting Yourself on >> Social Networks" >> ( https://ssd.eff.org/en/module/protecting-yourself-social-networks ). > >I've got nothing to comment on actually. Posting this just for the record. > >Tor+Twitter related links (archive.seul.org; if there's a better source >feel free to notify me in private), in reverse chronological order: > >[1] Re: [tor-talk] twitter tor block redux >http://archives.seul.org/tor/talk/Dec-2015/msg00001.html >[2] [tor-talk] twitter tor block redux >http://archives.seul.org/tor/talk/Nov-2015/msg00117.html >[3] [tor-talk] A little more hostility towards Tor from Twitter >http://archives.seul.org/tor/talk/Oct-2015/msg00189.html >[4] [tor-talk] tor + twitter issues >http://archives.seul.org/tor/talk/Sep-2015/msg00054.html > > > >-------------- next part -------------- >A non-text attachment was scrubbed... >Name: signature.asc >Type: application/pgp-signature >Size: 801 bytes >Desc: OpenPGP digital signature >URL: < >http://lists.torproject.org/pipermail/tor-talk/attachments/20151224/1d6fa233/attachment-0001.sig > > > >------------------------------ > >Message: 3 >Date: Thu, 24 Dec 2015 03:40:43 +0000 >From: " [email protected] " < [email protected] > >To: [email protected] >Subject: Re: [tor-talk] A curious email from Twitter mentioning Tor >Project >Message-ID: < [email protected] > >Content-Type: text/plain; charset=utf-8 > >Akater: >> Note: I'm using Tor for Twitter for some time > >I have been as well, and I've also received that notice from twitter. >I don't think I'm a particularly suspicious or special person to any >government, should we pass this off as a false alarm triggered by using >tor to twitter, or is there a really poor system out there trying to get >at people's accounts for the crime of association with people/projects >of interest? > >An odd coincidence too: my e-mail host had its drives confiscated by >authorities[1] about a week after twitter noticed me, but that is almost >certainly nothing to do with me.[2] > >[1] >http://arstechnica.com/tech-policy/2015/12/cock-li-e-mail-server-seized-by-german-authorities-admin-announces/ >[2] >https://motherboard.vice.com/read/the-story-of-cockli-the-site-used-to-shut-down-the-la-school-district > > > >------------------------------ > >Message: 4 >Date: Thu, 24 Dec 2015 11:53:23 +0100 >From: Jens Kubieziel < [email protected] > >To: [email protected] >Subject: Re: [tor-talk] A curious email from Twitter mentioning Tor >Project >Message-ID: < [email protected] > >Content-Type: text/plain; charset="us-ascii" > >* Akater schrieb am 2015-12-24 um 04:08 Uhr: >> Given all this, the following email (Received 2015-12-11 from >> [email protected]) is somewhat curious: > >Thanks for mentioning it. There were several users who received this >mail, see ><URL:https://twitter.com/qbi/lists/statesponsoredattack2015/members>. >This link is a Twitter list where I collect all people who mentioned >that they received this mail. > >Currently it is quite unclear what the reason for this mail is. Twitter >has confirmed that they sent it. Some people assumed that it has >something to do with Tor, but I found several others who never used Tor >with Twitter. > >-- >Jens Kubieziel http://www.kubieziel.de >-------------- next part -------------- >A non-text attachment was scrubbed... >Name: signature.asc >Type: application/pgp-signature >Size: 836 bytes >Desc: Digital signature >URL: < >http://lists.torproject.org/pipermail/tor-talk/attachments/20151224/a3a6157f/attachment-0001.sig > > > >------------------------------ > >Message: 5 >Date: Thu, 24 Dec 2015 11:32:00 +0000 >From: kytv < [email protected] > >To: [email protected] >Subject: Re: [tor-talk] A curious email from Twitter mentioning Tor >Project >Message-ID: < [email protected] > >Content-Type: text/plain; charset="us-ascii" > >On Thu, Dec 24, 2015 at 11:53:23AM +0100, Jens Kubieziel wrote: > >[..] > >> Currently it is quite unclear what the reason for this mail is. Twitter >> has confirmed that they sent it. Some people assumed that it has >> something to do with Tor, but I found several others who never used Tor >> with Twitter. > >Indeed. When I received the email I assumed it was due to using Tor with >Twitter since that seemed to me to be the most likely reason. That, or >some detection algorithm used by TWitter was touchier than it should >have been, causing it to trigger when it shouldn't have. > >After a couple of weeks (and finding no more than 46 confirmed "Persons >of Interest (by 'State Actors')", I'm at a loss as to why we received >it. Looking at the list members and our posts, nothing stands out as >being noteworthy. >-------------- next part -------------- >A non-text attachment was scrubbed... >Name: signature.asc >Type: application/pgp-signature >Size: 801 bytes >Desc: not available >URL: < >http://lists.torproject.org/pipermail/tor-talk/attachments/20151224/9e9f798f/attachment-0001.sig > > > >------------------------------ > >Message: 6 >Date: Thu, 24 Dec 2015 21:41:12 +1000 >From: Katya Titov < [email protected] > >To: [email protected] >Subject: Re: [tor-talk] torpoxy support for forced https >Message-ID: < [email protected] > >Content-Type: text/plain; charset=US-ASCII > >> I suggest torproxy could generate a random CA certificate when its >> installed and transparently convert all http to https, generating the >> required SSL certificates on-the-fly and signing them with the random >> CA certificate. The user would then have to add the random CA >> certificate to their browser, or better yet, this could somehow be >> automated for the Tor Browser. One open question with this scheme is >> whether torproxy would also need to rewrite html content to change >> http urls to https. > >This is similar to a method which oppressive governments use to monitor >their users. Not something that Tor should be involved in. > >> Alternately, the Tor Project could ask Mozilla and other browsers >> developers to add a switch for "treat .onion as secure". Or maybe it >> could be "treat .onion as secure but only if certain conditions hold, >> such as the proxy is running on the localhost and a to-be-determined >> status query of the proxy succeeds". > >.onion sites already are secure. I think what you are looking for is a >way to to signal to the user that HTTPS is not required for .onion >sites. I'd lean towards just using HTTPS because that means there is no >further education to be performed. Let's Encrypt could help here. >-- >kat > > >------------------------------ > >Subject: Digest Footer > >_______________________________________________ >tor-talk mailing list >[email protected] >https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk > > >------------------------------ > >End of tor-talk Digest, Vol 59, Issue 25 >**************************************** -- tor-talk mailing list - [email protected] To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
