Re: Sent e-mails going into spam folders.
Am 13.02.2011 00:54, schrieb Matthew: Incidentally, in http://torstatus.blutmagie.de/ gpfTOR4 is listed as being in the Czech Republic while gpfTOR5 and gpfTOR6 are in Netherlands. Is this correct? Yes, coorect. In the last years we see much less trouble by using non-German ISPs for our Tor nodes. gpfTOR4 is hosted by coolhousing.net, gpfTOR5 and gpfTOR6 are hosted by leaseweb.nl. Greetings Karsten N. *** To unsubscribe, send an e-mail to majord...@torproject.org with unsubscribe or-talkin the body. http://archives.seul.org/or/talk/
Re: I wish to see one video on you tube
Am 12.02.2011 13:27, schrieb Martino Papesso: I say MAY because if they use flash to check your location, sidestepping tor, then you will get the same restricted message. If you location was checked with Flash you can use a proxifier like ProxyCap or Widecap to redirect all traffic from the Flash player to Tor. A tutorial for using ProxyCap or Widecap for Flash anonymisation was written by JonDonym. Replace Port 4001 with the Tor listen port 9050 and it will work: https://anonymous-proxy-servers.net/en/help/proxifier2.html how to run the second point(you select an exit from a country not restricted...)? You can define a map address in your torrc file: MapAddress youtube.com youtube.com.{RO} Greetings Karsten N. *** To unsubscribe, send an e-mail to majord...@torproject.org with unsubscribe or-talkin the body. http://archives.seul.org/or/talk/
Re: Sent e-mails going into spam folders.
Am 07.02.2011 20:00, schrieb Matthew: I am wondering to what degree people on this list have problems with e-mails going into spam folders because they are using tor nodes. Many Tor nodes are listet in some anti-spam DNSBL. We have had a discussion here about SORBS DNSBL some times ago. All tor nodes are listet in the The Abusive Hosts Blocking List www.ahbl.org The IP address of the tor exit node appears in the mail header. It is the senders IP addres. If the recipients mail provider uses a DNSBL which contains many tor nodes the mail will be flagged as spam. You can use a clean exit node for sending mail with SMTP. Check your prefered exit nodes at http://www.dnsbl.info/dnsbl-database-check.php If it is not listet, you can add a map address to your torrc: MapAddress smtp.provider.tld smtp.provider.tld.$6D3EE...(Fingerprint) The GPF keeps one exit node clean from DNSBL. The tor node gpfTOR3 is only listet at www.ahbl.org (impossible to remove it, because all nodes are listet). You can use this if you did not find an other. ATTENTION: It will decrease your privacy! Use only very well trusted nodes. (I did found an other solution for SMTP) Greetings Karsten N. *** To unsubscribe, send an e-mail to majord...@torproject.org with unsubscribe or-talkin the body. http://archives.seul.org/or/talk/
Re: Sent e-mails going into spam folders.
Am 09.02.2011 10:06, schrieb Karsten N.: (I did found an other solution for SMTP) Sorry - I did NOT found an other solution. :-( For webmail it is the same problem. Most webmail provider add the sender IP address to the mail header: Received: from 23.23.23.23 (SquirrelMail authenticated user medium) by mail.provider.tld with HTTP; Date: Fri, 14 May 2010 07:37:04 +0300 (EAT) If 23.23.23.23 was a tor node, some mail providers will set the spam flag if a DNSBL was used. May be, some mail providers does not add the sender IP address to the mail header? Google Mail does not add it. Any other? Greetings Karsten N. *** To unsubscribe, send an e-mail to majord...@torproject.org with unsubscribe or-talkin the body. http://archives.seul.org/or/talk/
Re: Tor-BlackBelt Privacy
Am 05.01.2011 00:03, schrieb and...@torproject.org: It's been around for a few years, previously called black belt tor by Cav Edwards. We've had some interaction with Cav Edwards over the years, but nothing substantial. Hi, sorry, I forgott to send the torrc file. I leave out the values for Vidalia an post only the specific Black Belt Privacy values: CircuitBuildTimeout 10 NumEntryGuards 10 ConstrainedSockSize 256 KB ExcludeNodes IL ExcludeExitNodes IL Thats all. I con not see any reason for more speed in this configuration. Best regards Karsten N. *** To unsubscribe, send an e-mail to majord...@torproject.org with unsubscribe or-talkin the body. http://archives.seul.org/or/talk/
Tor-BlackBelt Privacy
Hi, Tor-BlackBelt Privacy wants to seed up Tor with a special configuration: http://sourceforge.net/projects/blackbeltpriv/ The project says, the original code of tor is used with some improvements in configuration to speed up the tor client. I have done a small test. It seems, high performance nodes are prefered. The project page offers only a binary download. What do you think about the project. Is it serious? Is the preference of high power nodes useful or does it have a bad influence on the load balancing of the tor network like the Cloakfish idea two years ago? Thanks for your opinion. Karsten N. *** To unsubscribe, send an e-mail to majord...@torproject.org with unsubscribe or-talkin the body. http://archives.seul.org/or/talk/
Re: Torbutton, CSS3 and window size
Am 10.12.2010 04:29, schrieb Mike Perry: The JonDoNym test is only using the Javascript versions of these attacks, and therefore the JonDoFox profile they provide is given a green pass against them The JonDonym test uses CSS3 to detect the browser window inner size. The test works without Javascript. JonDoFox is not green for this test too. JonDos does not have a solution for this attack but the anonymity test shows the problem. Greetings Karsten N. *** To unsubscribe, send an e-mail to majord...@torproject.org with unsubscribe or-talkin the body. http://archives.seul.org/or/talk/
Re: leaker-optimized versions of Tor
Am 08.12.2010 14:17, schrieb Eugen Leitl: I'm thinking about high-latency (suitable for nonrealtime things like leaking and email/messaging) anonymity-enhanced versions of Tor. The I2P project have an addon like this. See http://i2pbote.net/ It uses the anonymity network only for transports and adds a higher level protokoll for storage an delivery of mails. The I2P-Bote mails are stored 20x and encrypted in a DHT. Bevor storing the message, it can be send over 3,5... I2P nodes to hide the sender. (Tahoe-LAFS stores 7x and can restore with 3 storage nodes.) May be, it is more easy to use the Tor hidden services in a way like TorChat and add a higer lever service for asynchronous messaging? Best regards Karsten N. *** To unsubscribe, send an e-mail to majord...@torproject.org with unsubscribe or-talkin the body. http://archives.seul.org/or/talk/
Re: leaker-optimized versions of Tor
Am 08.12.2010 14:17, schrieb Eugen Leitl: I'm thinking about high-latency (suitable for nonrealtime things like leaking and email/messaging) anonymity-enhanced versions of Tor. The I2P project have an addon like this. See http://i2pbote.net/ It uses the anonymity network only for transports and adds a higher level protokoll for storage an delivery of mails. The I2P-Bote mails are stored 20x and encrypted in a DHT. Bevor storing the message, it can be send over 3,5... I2P nodes to hide the sender. (Tahoe-LAFS stores 7x and can restore with 3 storage nodes.) May be, it is more easy to use the Tor hidden services in a way like TorChat and add a higher lever service for asynchronous messaging? Best regards Karsten N. *** To unsubscribe, send an e-mail to majord...@torproject.org with unsubscribe or-talkin the body. http://archives.seul.org/or/talk/
to the admin of gpfTOR7test
Hello, since yesterday there is a tor node online with the nickname gpfTOR7test. This node is not a tor node supported by the German Privacy Foundation. Router information: https://server.privacyfoundation.de/torstatus/router_detail.php?FP=2eaba9aca523d79a53ed3b1997e981340c43cb00 We do not know, who operates the node. The contact info points to a non-existing page to the GPF web server https://www.awxcnx.de If the admin wants to get protection by the German Privacy Foundation he may contact me, please. Only set a nick name and a wrong contact information does not help. Greetings Karsten N. *** To unsubscribe, send an e-mail to majord...@torproject.org with unsubscribe or-talkin the body. http://archives.seul.org/or/talk/
Re: to the admin of gpfTOR7test
Am 08.10.2010 17:31, schrieb stars: Actually i see some realy with name similar as existing one Hi, gpfTOR, gpfTOR2, gpfTOR5 and gpfTOR6 are running by the German Privacy Foundation. Contact info is tor-admin(at)privacyfoundation.de (I know, the admins of gpfTOR6 are late and did not update the torrc, but MyFamily and ContactInfo will be updated for this node too.) gpfTOR7test I do not know. But seems, it is down now. Best regards Karsten N. *** To unsubscribe, send an e-mail to majord...@torproject.org with unsubscribe or-talkin the body. http://archives.seul.org/or/talk/
Re: shadowserver.org
Am 14.06.2010 16:02, schrieb alex-...@copton.net: I am running the exit-node tor-readme.spamt.net. My provider, server4you, keeps getting abuse reports from shadowserver.org. Hi, server4you is not a good provider for exit nodes. They take down servers only because of spam abuses. :-( My recommendation is: use an other provider soon as possible. Until you can close your contract with server4you you may close ports for sending mails (465 and 587). May be, it will help a little bit. For your new server it may be the best choice to use a provider, who can set the RIPE-DB entry of the IP address to your contact address. (I was taught last time some provider offer this feature, but I have no more informations at the moment.) All abuses will go directly to you and not to your ISP. It is a very usefull feature for tor exit nodes. ;-) Best regards Karsten N. *** To unsubscribe, send an e-mail to majord...@torproject.org with unsubscribe or-talkin the body. http://archives.seul.org/or/talk/
Re: Server Setup
On 08/06/10 08:51, Andy Dixon wrote: Any outbound traffic ends up going through a different public IP address. Hi Andy, you have to set the outbound address too in your torrc. Address parameter is only for the listen interface: Address 123.123.123.123 OutboundBindAddress 123.123.123.123 For the DirPort problem, please check your firewall. If ORPort is reachable at the same listen address it looks like a firewall rule. Regards Karsten N. *** To unsubscribe, send an e-mail to majord...@torproject.org with unsubscribe or-talkin the body. http://archives.seul.org/or/talk/
Re: Quick question on Torbutton and NoScript
Ringo schrieb: Does the TorButton hook dangerous javascript function still work if you tell noscript to allow scripts on certain pages/sites? In my opinion there is no sequence of working for the plugins in firefox. The last working plugin will win (or the first?). Sometimes TorButton will block the dangerous scripts, sometimes NoScript will allow the execution. It may change version by version. If NoScript and TorButton does not work together, it can not be clear, how the combination of both will handle Javascript. It is a bad solution, to use two plugins, which will do the same. Regards KArsten N. *** To unsubscribe, send an e-mail to majord...@torproject.org with unsubscribe or-talkin the body. http://archives.seul.org/or/talk/
Re: tor-proxy.net
M schrieb: tor-proxy.net Is it a good alternative if i am out without my TorBrowser Bundle? Have a look at the privacy statement of tor-proxy.net https://tor-proxy.net/index.php?q=en/node/28 In the context of the use of Tor-Proxy.NET various data (so-called Logs) results, which do not link to a person directly. To it belong: * the IP address of the calling * the used Browser * the used operating system * the Website visited last (so-called Referrer) * the prefered language * the screen resolution * the called URL * Time of the access Your IP address will be logged together with the called URL and timestamp! I do not know, why Benjamin is logging like full data rentention. (May be, I did not see the ads?) There are two log data free tor web proxies online: https://www.awxcnx.de/tor-i2p-proxy-en.htm https://privacybox.de/tor-proxy.en.html Both web proxies do not write any access log file. Both proxies were setup to enable access to hidden services without installing tor. Best regards Karsten N. *** To unsubscribe, send an e-mail to majord...@torproject.org with unsubscribe or-talkin the body. http://archives.seul.org/or/talk/
Re: Kaspersky wants to make Tor illegal
Hi, But that problem is more than that bla-bla-bla from Mr. Kaspersky. Mr. Kaspersky is only a dirty prostitute of the bloody new Russian Putin's and Medvedev's dictatorial regim. His words about fighting anonimity and the Tor is only executing of instructions of Putin's satraps. I think, fighting again anonymity is not a specific russian or chinese problem. IP traceback is under development for years In Germany our old minister of justice (Zypires) gives her vision of a new internet, which contains a unique address (IPv6?) for every user. The new electronic personal document (ePA) may get a key role for access to the web. Only by authentication with a personal document you will be able to connect to the internet Time for realization are 5 years (in her opinion). (???) Step-by-Step more and more people gives such advices for an internet without anonymity to increase the security. But only the same few people are speaking about the human rights of private communications and the reasons for it. :-( Greetings Karsten N. *** To unsubscribe, send an e-mail to majord...@torproject.org with unsubscribe or-talkin the body. http://archives.seul.org/or/talk/
Re: New tor debs repo live
Andrew Lewman schrieb: You can find the updated signing key and instructions at https://www.torproject.org/docs/debian#ubuntu May be, you can add the fingerprint of the OpenPGP signing key to the instructions. Thanks. Karsten N.
mirror for archive.torproject.org
Hello, we have setup a mirror for archive.torproject.org: https://server.privacyfoundation.de/tor-archive/ Update is done by daily rsync. Traffic is not a problem for the server. Karsten N.
Re: Scott made me do it.
Andrew Lewman schrieb: I tested a few scenarios: The access to hidden service is important too (in my opinion). I have good experience using privoxy with: forwarded-connect-retries 3 Access to hidden services with socks5 in Firefox gives sometimes a timeout first. After 1-2 retries, the page is loaded. May be, it is possible to configure the timeouts in firefox, may be the connect retries of privoxy are essential? I do not know the answer. Can someone give an advice? For hidden services the fail count is more important than the time for load. Karsten N.
Re: Numbers of police-raids ?
Attac Heidenheim schrieb: Hi everybody, I think everybody who plans to become an exit-node is frightened of being raided by the police (even in Germany) because of the server. Are there any numbers of police-searches available, especially for Germany ? In Germany I know only one tor related raid over the last years: http://itnomad.wordpress.com/2007/09/16/tor-madness-reloaded/ (May be, it is the only one over the hole tor network?) If you were running a powerful tor exit node, you will get in trouble with the authorities. At most, all trouble can be solved by an interview with your local police office. After 10-20 interviews, you will be familiar with your police office, the police database contains enough entries about you and you can solve your trouble by a short phone call. ;-) At the moment, a police-search is not the main way used by authorities. Karsten N.
Re: Torbutton for Mozilla Thunderbird
James Brown schrieb: How can I get the Torbutton for the Mozilla Thunderbird? I use ProxyButton for this job. I does a proxy switch to Tor and rewrite my IP address in the header of the mail. Received: from [85.245.13.68] (helo=[0.0.0.0]) by n...@domain.tld download http://proxybutton.mozdev.org/installation.html Karsten N.
Re: tor-mirrors (mirrors of the Tor Project website)
Hi, some mirrors are out of date. Example: http://mirror.onionland.org Tor stable is 0.1.2.17 and dev. is 0.2.0.9-alpha on this site. Thats not good support for torproject.org. May be, out-of-date-mirrors can be removed from http://www.torproject.org/mirrors.html.en ? Karsten N.
Re: Help Iranian dissidents
Jon schrieb: And I hope, tor will stay political neutral. Political neutral... yes, I think that is important for a project such as this. If we have problems to introduce our bridges, we should search for a general solution and do not give all bridges exclusive to a political campaign. Seems I am not up to date. My last information was, a GMail account is used for publish bridges. It does not working? Is there a solution in development? May I help in any way? Karsten N.
Re: Help Iranian dissidents
I saw coloured revolutions in Georgia, Ukraine and Kirgisia. After successfull revolution these countries got corrupt regimes. I hope, iran will not go this way. And I hope, tor will stay political neutral. Karsten N.
OT: google cookie
(Its all not tor related - i know. Please ignore if it is not for you) In Germany nearly 80% of important websites using Google stuff like advertisements or google analytics. It covers websites of political organisations, online newspaper, blogs, commercial stuff... If your browser is personalized by a long life google cookie, you can be tracked over all these sites by google. If you create a google account, all collected data about you will have a real name. It is not a problem for me. I can install CookieSafe or CookieCuller an the job is done. But we have in Germany appox. 20% Firefox user. If only half them use firefox as it comes. The problem is not only the data collection about the user. Google is using the data collection for more than personalize ads. It is used to monitor the web and looking for new trends. So the company is faster than all others to buy a successful newcomer or adopt the ideas. Google will grow faster and faster A horrible version for me. German text about Google: https://www.awxcnx.de/handbuch_12.htm Sorry for off-topic post. It is only an answer to the posting below. Greetings Karsten N. Wesley Kenzie schrieb: In a similar vein, I used to wonder how google would send out probes to all the web sites that I visited - usually within a few minutes of my going to these web sites. I eventually realized it was the google toolbar watching my hopping habits and telling the master google bots to chase along after me on their own, to see what interesting tidbits they could find for themselves. I suspect many browser toolbars do this sort of thing. Google Chrome likely does it without any toolbars added on. IE? Firefox? Anyone know?
google cookie
Hi, I have a question about google cookies and tor hidden services. I use a Firefox with a separate profile for tor (Iceweasel Debian 5.0/lenny). I have installed the add-ons TorButton 1.2.1, CookieSafe and RefControl from the Mozilla website. Update of add-ons and search plug-ins is disabled. On normal startup Tor is activated and never disabled. And I use this firefox profile only for access tor hidden services. And I got cookies from google.com! Is it possible? I can not believe it. It is not a problem for me, I can disable cookies. But it is interesting. I checked it with two tor hidden services. I am sure, the hidden services do not send a cookie and do not cooperate with google.com. The cookies were not send at the index page, they were placed at the 2-3 access the hidden service. site: http://a5ec6f6zcxtudtch.onion/ cookie: name: PREF value: ID=689e4d6d5e36a136:TM=1244020340:LM=1244020340:S=eqC05F5sxOcAqVam domain: .google.com path: / secure: not site: http://c4wcxidkfhvmzhw6.onion/ cookie: name: PREF value: ID=71982272f824572a:TM=1244020772:LM=1244020772:S=oer4Z9PZ4yGhGcxs domain: .google.com path: / secure: not Any help, how this works? regards Karsten N.
Re: google cookie
Marco Bonetti schrieb: the answer is pretty boring, instead ;-) thanks, seems I am paranoid. ;-) Karsten
Re: Internet censorship in Germany is now official
James Brown schrieb: Is that means that German's owners of tor exit-nodes must save such logs or that rules concerns only internet providers? The logging concerns only internet providers. The access of the stop-pages has to be logged (or may be logged?) by the provider with more than 10.000 consumers. The log data will go to the German authorities (BKA). Tor nodes are not affected by the law. But may be, the traffic will increase. Karsten N.
Re: Gsoc Idea: Lunux Tor/Firefox Bundle
Hi Aaron, you can use our short work, to create an Portable Firefox for Linux. It is not ready at all (only a start), but you may have a look at: http://wiki.privacyfoundation.de/PortableLinuxApps?action=AttachFiledo=viewtarget=download-firefox-portable-EN.sh May be, it can help you. Karsten N. Aaron Lebahn schrieb: I am interested in taking up the challange of creating the Tor/Firefox bundle for Linux. I am knowledgeable in C++, with some familiarity in C and Bash scripting, and I am most familiar with Ubuntu Linux. I am not well versed in the development of Tor, but I intend to learn. I was thinking that the bundle should be in both source and binary form with potentially some distribution-specific packaging. There should also be a portable package much like the existing Windows bundle. I appreaciate feedback to enable me to create a full proposal. Thankyou in advance for your Help. Aaron Lebahn
info and a problem
Hi, only for information: We have setup a new tor status page: https://server.privacyfoundation.de/torstatus/ an because our first tor web proxy is working hard, we have setup a second web proxy for tor: https://privacybox.de/tor-proxy.en.html And I have a problem. A friend of me is running a tor node behind a DSL dial-in account. DynDNS setup is correct. Yesterday the node run well, today it do not work. He is using Debian 5.0, tor 0.2.0.34 (r18423) (noreply-package) Logfile: Tor 0.2.0.34 (r18423) opening log file. Your Tor server's identity key fingerprint is . We now have enough directory information to build circuits. Guessed our IP address as xx.yy.88.26. Tor has successfully opened a circuit. Looks like client functionality is working. Now checking whether ORPort xx.yy.88.26:443 is reachable... Our IP Address has changed from xx.yy.88.26 to xx.yy.67.255; rebuilding descriptor. Your server (xx.yy.67.255:443) has not managed to confirm that its ORPort is reachable. Please check your firewalls, ports, address, First, tor detects the correct IP of the DynDNS: xx.yy.88.26 After a short time, the IP Address has changed to: xx.yy.67.255 Why? He checked the IP of his dial-in Account by check.torproject.org, by showmyip.com by every service shows xx.yy.88.26. He connect my server by several protocols and I can see, his IP is xx.yy.88.26. The nick of his node is unique. What goes wrong? Karsten N.
mark surf pro
Hi, Mark Surf pro is a commercial version for using the tor network: http://www.thanksoft.com/products/mask-surf-pro/ Anybody knows a little bit about this product? Is it the same shit like Cloakfish? It is promoted by the German computer newspaper Chip. Karsten N.
Re: RequestPolicy: can people take a look at it?
Hi, I have installed RequestPolicy a week ago. It blocks requests to other websites than the called site and so it disables cross-site request forgery attacks and some other attacks, which are based on load of stuff from an other server than the called website. Sometimes you have to allow some sites to request some other stuff. Like other security plug-ins you have to train your exeptions. This is done like NoScript. If you were familiar with NoScript, it is not problem. For some mainstream sites there are predefined exeptions. I can not see any problems with NoScript, TorButton, CockieSafe at the moment. It works only with Firefox version 3.0 and above. greetings Karsten N. Roger Dingledine schrieb: Hi folks, A smart security person pointed me to the RequestPolicy firefox extension. I've had it on my todo list for a month but haven't found time to look at it. Anybody here want to take a look, give it a spin, decide if it solves an important problem, figure out how well it coexists with Noscript and Torbutton, etc? Thanks! --Roger
Re: No data retention in germany for donated services
Seth David Schoen schrieb: NO DATA RETENTION FOR FREE-OF-CHARGE SERVICES Original German text of this article Keine Vorratsdatenspeicherung für unentgeltliche Dienste is available at http://www.daten-speicherung.de/index.php/keine-vorratsdatenspeicherung-fuer-unentgeltliche-dienste/ Copyright 2008 Patrick Breyer; licensed under Creative Commons BY-2.0 (Germany) license. http://creativecommons.org/licenses/by/2.0/de/ Translation by Seth Schoen. This text version omits hyperlinks to the German text of laws, treaties, and court decisions which appear in-line in the original German version. The article by Patrick Breyer and the translation by Seth Schoen gives the information about one main reason, why Tor nodes are not affected by the EU data retention an the German data retention law §113a TKG. Supported by qualified lawyers, we have identified one or two more points, why tor nodes has to be data retention free, but these points are technical and more difficult to communicate with the judiciary. So we ask the tor community, to keep tor non-commercial at all. If a commercial version of tor was online, it will be much more difficult in the next time, to fight against data retention in EU. Yes, it is possible, to make a data retention law for donated services in EU too. But this will takes time. We can use this time, to make tor more robust against this attack. We will keep the German tor admins and the board of torproject.org up-to-date about the lawyers expert opinion but with respect to the recommendation of the lawyers, we will not publish it at the moment. Regards Karsten N.
Re: They know I'm using a proxy(Tor)...but how?
Geoff Down schrieb: FYI when I was running a relay (not an exit node) I was blocked (dynamically) from one site at least, presumably using the list at Moria. Unfair. May be, some webmasters are using a blacklist with all tor nodes, not only exit nodes. Thats not fair, you are right. A reason for this unfair behavior may be: Somebody can run a an exit relay only on port 443. In this case, the relay will not appear in the TorBulkExitList and tordnsel. A user can use this exit node for anonymous login This is not a real used version, but some webmasters are paranoid. How to ask the webmasters, to change the unfair behavior? Karsten N.
Re: They know I'm using a proxy(Tor)...but how?
Hi gregery, torproject.org supports two solution, to help webmasters to protect theire service for anonymous missuse. 1: Have a look at https://www.torproject.org/tordnsel It is a dynamic DNSBL with all tor exit nodes. 2: https://check.torproject.org/ offers an dynamic list of all tor exit nodes, which can connect to a webserver. (xx.xx.xx.xx has to be replaced by the IP of the webserver) http://check.torproject.org/cgi-bin/TorBulkExitList.py?ip=xx.xx.xx.xx Both service are using a IP list of tor exit nodes. Your settings in your browser are ok. Karsten N. gregery schrieb: Hey all, I am trying to register at a website forum and I get an error message when I try to register. The message basically says that it seems I am using an anonymous internet connection or a proxy. The site is not blocking Tor by exit-node because I get the same error message when I try to register at the site while using a public high-anonymous elite proxy (L1). I think the forum administrator is using headers to decide if a new member is using a anonymous connection or not. I use the current TorBrowser Bundle with current TorButton and RefControl to spoof the referrer headers. I also use vanilla Tor, Vidalia and Privoxy with the same result. I tired spoofing my user-agent away from the default TorButton U-A settings, I spoofed as a Mac, Firefox, IE, Opera, etc, all for not. Does anyone know how I can circumvent this block? I at least would like to know what in my headers is setting off red flags as that means all other Tor users in my anonymity set are potentially setting off red flags too. Thank you
Re: DoS attack
Roger Dingledine schrieb: On Wed, Oct 01, 2008 at 03:10:40PM +0200, Karsten N. wrote: the Tor node gpfa is for 10 hours target of a DoS attack. The attack is running on at the moment. Hi Karsten, How did this resolve? Hopefully it ended after a while? Thanks, --Roger The DoS attack was over 7 hours later (was running 17 hours at all). There was a posting here: Relax guys, and please verify the attack is over, a server went amok (I can not find ist now :-[ ) The nick of my tor node was gpfTOR1, sorry gpfa is the nick of the mixmaster on this server. Karsten N.
Re: is tor an email mixmaster?
Hi, someone has setup an open SMTP relay as hidden service: oogjrxidhkttf6vl.onionport: 587 May be, it works. I did not test it. :-( Karsten N. M. Peterson schrieb: Hi want to know, if tor is as well an email mixmaster, e.g. we have an email client, which is sending only pgp encrypted emails, then the ISP is excluded as he cannot read, but data retention laws allow to log the IP from where the email is sent and the email server knows the last exit point of the encrypted package (email). If now in this email client an onion routing system would be enabled, then all email (enc. Packages) would be routed, and some exit nodes would deliver them. Is this already possible with Tor? Are there enough exit nodes? would it be possible and useful for email services to force every node to be an exit node for encry. packets to email accounts? how much bandwidth is a node requiring then for mixing/forwarding emails only? are there developers working on that? or interested? Regards
Re: simple user question - someone please reply!
Hi Pat, what is your configuration. Are you using Firefox with Torbutton? How did you configure your proxy in firefox? [EMAIL PROTECTED] schrieb: Hello TOR community members, this question might seem stupid to you, but it is essential for TOR usage, and with my knowledge as a user-only, I couldn't answer it with the TOR documentation/FAQ. Why is it that when I enter a non-existant URL in Firefox/TOR (e.g. http://www.krachunddonner.de/ ), I receive a screen (http://alicesuche-de.aol.de/suche/alice_afe_landing.jsp?invocationType=500error_aliceq=www.krachunddonner.de/) from MY internet provider saying the requested site couldn't be found AND containing the requested URL in a search field? This means that whether I'm using TOR or not, my provider always knows the URLs of the sites I access (or try to access), right? TORs exit node is a step in front of my provider, so my provider can log which sites I access, and, in case I don't use encrypted connections, even all content I access. And he knows WHO's accessing it. Correct? How else can it be that I receive that screen containing the URL I tried to access? Please answer or tell where I can find an answer I can understand without a lot of technical knowledge. Thank you!! Pat
Re: Introducing Torsocks - Transparent socks for Tor
slush schrieb: If is anybody interested, on http://www.slush.cz/torsocks_1.0-beta-1_i386.deb is DEB package (made by checkinstall tool) for Debian (tested on unstable) and Ubuntu (tested on 8.10). Your DEB works well in Debian stable (etch) too. Karsten N.
Re: German data rentention law
Olaf Selke schrieb: Karsten N. wrote: I. part: A short overview about the data rentention law in Germany. @Karsten: that's the point of view how German police and German Ministry of the Interior would like to see the new data retention law interpreted. Yes, correct. It was may opinion, to wrote about this point of view. My own point of view may be useless for the tor developer, if they were looking for a solution. Karsten N.
German data rentention law
Hi, I. part: A short overview about the data rentention law in Germany. 1: ISPs have to log the start and end of a user dial-in with time stamp and IP address. They have not to log any content. 2: Public provider of electronic mail have to log all connections of users with time stamp, IP address, login account and the email addresses of sender and recipient for every mail (send and receive). 3: VoIP provider have to log all connections with timestamp, IP address and phone number of caller and recipient. 4: Fon and mobile fon provider have to log all connections and tries with timestamp, phone number and location. 5: Anon services have to log the rewrite of any information, which will be logged by a third party. (Thats all, not very clear.) At the moment, it seems not clear, how tor is affected by this law. I read some papers from the gouverment: An anon service (like tor or JAP) has to log, because the law will be useless otherwise. Some papers of non-gouverment organizations like ULD: Tor and JAP are not affected by the telecommunication law, because it is not a telecommunication service (in the case of law) and tor nodes have NOT to log. Together with the JonDos GmbH (JAP) the GPF try to get a legal non-logging solution for tor, but the result is open and we are late. (May be too late?) II. part: suggestion of a technical solution May be, tor can use geoip and divide the world in a logging area and a non-logging area. If the target host is inside the logging area (Germany), the exit node has to be outside. Otherwise a german node can be an exit too. In this case, we have two possibilities: 1: the target host is outside the logging area - no logging 2: the target host is inside the logging area - the exit is outside and writes no logs - an german entry or middle man has to log nothing, because it routes to a not logging exit. Because not all clients will update to a new version very quickly, we need a feature for german exit nodes to reject all routes from old clients, when the node is the exit of the route. Or, if it was more simple for the developer, a feature for exit nodes to define a country (based on geoip) to reject all exit routes. If all german relays used this feature, it may work. Otherwise, all german nodes have to switch to middle man. It is only one suggestion, not the really best solution. Karsten N.
Re: Hidden service gateway
Sven Anderson schrieb: is there any known hidden service gateway, that makes hidden services available without using tor? Yes, see: https://www.awxcnx.de/tor-i2p-proxy.htm (German) https://www.awxcnx.de/tor-i2p-proxy-en.htm (English) or https://tor-proxy.net Karsten N.
Re: Middleman node 'Gypsy' has been shut down by hoster 'ovh.de'.
The exit nodes 'gpfTOR4' and 'humanistischeunion1' has been shut down too by 'ovh.de' 2 week ago. No chance to get it back. We are looking for a new ISP. Karsten N. Gitano schrieb: On 2008-08-05 my Tor-Server 'Gypsy' has been shut down by 'ovh.de' - supposed due to massive violation of their standard form contracts. No chance to get it back.
Re: email hidden service
Dawney Smith schrieb: Are there any hidden service email services in existance? Yes: http://w6kb72k2phin5grc.onion/ (Onion Boxes, Etc) http://shells3nfdn3zk5h.onion/ (shells.onion) An overview about hidden services you may find at: http://oldd6th4cr5spio4.onion/(Hidden Wiki) http://anegvjpd77xuxo45.onion/wiki/HiddenServices (APE Wiki) and other wikis too. Karsten
browser footprint
I have read a thread at the JonDos forum about browser footprints. A browser is not only identified by the user-agent, it is possible to use the accepted language, the accepted content, accepted charsets... To create a highly anonymous group, many user should use the same settings for HTTP header values. You may check your browser at: https://www.jondos.de/de/anontest# At the page you will see the recommended settings. A developer of JonDos wrote, they are in contact with the tor dev team about this. Is it true? I can not find anything about this at torproject.org. In Firefox / Iceweasel you may set all recommendations at about:config intl.charset.default utf-8 intl.accept_charsets * intl.accept_languages en network.http.accept.default */* add a new string value to the configuration: general.useragent.override Mozilla/5.0 Gecko/20070713 Firefox/2.0.0.0 and use some plugins like RefControl, CookieSafe, NoScript For Konqueror I think, it is only possible, to set the following values in $HOME/.kde/share/config/kio_httprc Language=en SendUserAgent=true UserAgent=Mozilla/5.0 Gecko/20070713 Firefox/2.0.0.0 SendReferrer=false More options possible? Are there recommendations by others? Karsten N.
Re: Traffic routed through Sweden
M schrieb: First of all, some informationa about the situation: http://frapedia.se/wiki/Information_in_English We have Echelon, the Onyx project (Swiss) and other, smaller projects like this. The new FRA computer comes with more computation power but it is not really new. I think, it will not collect any new information about your server. Other traffic scanners have it already. But it is a good solution, to enable only SSL secured exits ports, if you were afraid about it. Karsten N.
German Fed???
Hi, I have found this at core.onion (http://eqt5g4fuenphqinx.onion/page/31) gpfTOR1-4: Those are operated by a front end of the German Verfassungsschutz. In APE-Wiki (http://anegvjpd77xuxo45.onion/wiki/HiddenServices) a5ec6f6zcxtudtch.onion - webinterface for Mixmaster remailer (Warning: German Fed, don't trust) Is it only the paranoia of some individuals or disinformation? The tor-nodes gpfTOR1-4 are operated by individual admins. The admins spend their time and money to keep the nodes running. We have 2 admins for each server and every admin has only access to max. 2 servers. For more information (only German, sorry) see our TOR-Partnerprogramm: http://www.privacyfoundation.de/themen/ The board of the German Privacy Foundation can not access the nodes. It gives support by law, press contacts, management of abuse messages... In the last time, my email address became a contact address for questions about our tor-nodes. I know, who operates the nodes, I go to the authorities, if it was necessary That's why gpfTOR1-4 have the same contact info. And I have a question: Why looks our organisation like a front end of the German Verfassungsschutz. Any help? Karsten N.
Re: How can a site still determine my browser language?
Steven schrieb: Yet, each time I go to www.gmail.com, Google redirects me to the German version of Gmail. If you used www.gmail.com SSL secured, privoxy can not fake anything and the real user-agent of your browser is send to gmail. To fake the user-agent for SSL connections, you have to fake it in your browser, because no proxy can change SSL secured data. Go to about:config in your firefox address line an add a new config value (string) by right click with your mouse and choose Neu - String general.useragent.override The value vor this config string is your: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1) Thats all, have fun Karsten N.
Re: Undeciperable message...
Paul Ferguson schrieb: Can anyone explain to me exactly what this message means: May 13 22:50:34.247 [Warning] You specified a server gpfTOR1 by name, but this name is not registered, so it could be used by any server, not just the one you meant. To make sure you get the same server in the future, refer to it by key, as $CFB88AC652AE0388D1F483A065E12A0BEDB868E8. gpfTOR1 is not a registered name. There is one node called gpfTOR1 and you may use this node. But if this gpfTOR1 went down, an other node may take this name and your config will use this new gpfTOR1 To be sure, your config takes the right node, you may use the fingerprint: $CFB88AC652AE0388D1F483A065E12A0BEDB868E8 of the actually gpfTOR1 Karsten
Re: Tor-only email
Noiano wrote: I've tried tormail. Thunderbird does connect to the remote server but an error message is displayed: something like an error has occurred. Remote server answered: and nothing more. Has anyone the same problem? How do I manage it? Sometimes I have seen this message too, not only for tor servers. I increase in the Thunderbird extended configuration the values for: mailnews.tcptimeout network.proxy.failover_timeout Now I did not seen this message for a long time. Karsten N.
Re: server
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Dark Clouds schrieb: hi there there's someone thinking of helping out tor by running a server. will one of the admins care to or please recommend someone nice enough to help on setting up one? I can offer you the help of the admin team of the German Privacy Foundation. Our admins have running more than 10 Servers in many possible configurations. Please contact me and describe, which kind of server you want to run (exit node, middle man, bridge, home server dsl connected) Contact: https://www.awxcnx.de/contact.htm Karsten N. -BEGIN PGP SIGNATURE- iD8DBQFH+f93oxeCSIpLQq0RAlgFAJ9CE8lq0/SoiCHlHpkAQQ6XUFB13wCgpkk5 DjeAB/j589TLvEJdvrlBMGw= =4oCA -END PGP SIGNATURE-
Re: Exit node to add to ExcludeNodes
[EMAIL PROTECTED] schrieb: The exit node ling Location: Wuhan, CN IP Address: 59.173.244.114 Platform: Tor 0.1.2.19 on Windows XP Service Pack 2 [workstation] {terminal services, single user} Bandwidth: 213 KB/s Uptime: 1 days 19 hours 7 mins 7 secs Tries to forge SSL certificate Yes, I saw it too. Seems, it is a bad exit. Karsten
Re: [hermetix] Tor relay going down
One interesting feature of having both is the possibility to offer better and safer anonymity to your users by providing access to the remailer services. Something likehttp://v6ni63jd2tt2keb5.onion/mm-anon-email.htm Or torify mixmaster will work in future with following settings in /etc/mixmaster/client.conf CHAIN gpfa,*,*,* SMTPRELAY lcr3k7ljvm436gli.onion Other ideas we can discuss off list. If you were interested in, please contact me. Karsten
Re: [hermetix] Tor relay going down
Hermetix is an anonymous remailer first, this won't change. Do you have problems, to run a remailer and tor node together on one server? I ask, because we will try this combination. Karsten
Re: A root-server for about 30€ for an exitnod e?
Hi Kaazam, Marco Gruß schrieb: http://www.ovh.de/produkte/isgenug.xml Not sure though if France is any better than Germany really... This server has only 256MB RAM. It seems very less for a tor server. My tor servers take 400 - 450MB RAM. May be, you need at least this one: http://www.ovh.de/produkte/start100m.xml Karsten N.
Re: Child pornography blocking again
Eugen Leitl schrieb: I'm certainly stop running Tor and switch to a different project if vigilantes ruin a yet another perfectly good tool. Don't like content? Filter it in your client. Problem is undecidable? Tough titty. Go offline, or learn to live with it. Same opinion! Child porn is very very bad, but is it not a task for tor, to remove this kind of stuff. If someone would to do something against this stuff, please help the justice. If tor was running a filter, we will have a new Great Wall for many kinds of content in a short time. Karsten
HTTP-mirror for incognito-live-CD
Hi, there is a faster HTTP-mirror for the icognito live CD online. You may add it to the project page. I will watch the OR-Talk for update announces and update the mirror as soon as possible: http://www.awxcnx.de/download/incognito-i686.iso http://www.awxcnx.de/download/incognitotiny-i686.iso You may use SSL encrypted download too: https://www.awxcnx.de/download/incognito-i686.iso https://www.awxcnx.de/download/incognitotiny-i686.iso The certificate of the server is signed by StartCom.org. No problems with FF and Konqueror, but it seems, IE does not like it. - little bit off-topic -- mixminion-smtp: At freshmeat.net you may find a small SMTP-server for mixminion written in Perl: http://freshmeat.net/projects/smtp2mix/?branch_id=69123 It relays outbound emails from your favorite email client to the mixminion remailer network. It is possible, to start the server as daemon at boot time. The archiv contains a Sys-V-init script. By default the server is listen at 127.0.0.1:8026 for incoming SMTP requests. May be, it is possible to add it to incognito? (for Thunderbird users) end off-topic --- Karsten N.
Re: HTTP-mirror for incognito-live-CD
Pat Double schrieb: there is a faster HTTP-mirror for the icognito live CD online. You may add it to the project page. I will watch the OR-Talk for update announces and update the mirror as soon as possible: Great! Can I add to my download page? Please add it to the download page. The server awxcnx is stable. Does Thunderbird allow configuring outgoing mail to use a specific sendmail location rather than SMTP ? My Thunderbird (1.5.0.12) does not allow the using of sendmail, only SMTP. Thats why I wrote the the SMTP servers for mixminion and mixmaster. Karsten N.
TOR for try without install
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 The TOR server knuffel offers the possibility to try TOR without installation of the software. It runs Privoxy and TOR. Privoxy is listen at 85.25.141.60 port 8080. Set the proxy in your browser to 85.25.141.60:8080. - - I know the security leaks of this version, no comments about is need! The traffic between your computer and the proxy is unencrypted! It is only for a trail, not for real use. - - It is only for try TOR without install all the software stuff, or if you are on the way, you can not install any software on the computer you find, but you need to comment a blog. May be, somebody will have a look at the Privoxy configuration. It runs Privoxy 3.0.6. After changing the proxy settings in your browser, you will find the settings at http://p.p Any ideas to use SSL encryption for the proxy? Karsten N. -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.2.2 (GNU/Linux) iQEVAwUBRkRxU3neknocEKQvAQJmsggAmFI+ce22SihfTZbH515+PaUEH9mgLWER 1K0Js81tiYM4Mk6XWonAjFoO/V0uyHRCIFMNEFTlQAZYcM+t+R037yd7Hj5AW4YQ Plo9sQfVddMWqX5pS0kVqE+/swv0g2jVLBJM7MA7J2l107Zn4S7jk4M5K0uV97aJ xt+c8PCAPcCnDB7JWkR+qUtgibbeS+apxXfHUxJbaI2U2nuJLHGUn4WUMQNgPjDs Xa6B/P1NkbeGYjUDTBVVRVANNULaM0tDXsjWGQL0nMo2L5+YK5Gnk4s2QFhxHrDW Bhxc7ru60VmAP0GRhvHJfc0QEhBIUvO5wvNIM3GEhBXSkjzkOafo/Q== =oDpS -END PGP SIGNATURE-
Re: Exiting only port 80
Am Montag, 30. April 2007 22:53 schrieb Mike Cardwell: Hi, Am I right in thinking that most people use Tor for web browsing, over ports 80 and 443? And am I right in thinking that most of tors bandwidth is used up by a minority of users, using services that require much higher amounts of bandwidth, such as ptp traffic? I think, many users use or like to use TOR for email to. I mean the connections for looking into the mailbox, the ports 995 and 465. It comes with not much traffic. I think, it is an important anonymity feature for my communication and it is possible, open this ports on an exit server too. Please remember, TOR is not only important for surfing. I understand your thinking of the higher amounts of bandwidth by minority of ptp-users, but there are other protokolls like POP3, IRC too. Karsten N.
Re: Tor nodes blocked by e-gold
Hi, I have checked a few long-runnig TOR nodes in the Sorbs SPAM blacklist: http://www.au.sorbs.net/lookup.shtml Many of this servers are blacklisted in the database of vulnerable/hacked servers: Likely Trojaned Machine, host running unknown trojan The nodes I checked are mostly well administrated and run actually software over a time of 1 year. It may be, they are listed in other SPAM blacklists too. Karsten N. [EMAIL PROTECTED] schrieb: Hi, Since 24 hours, e-gold has decided to block all TOR nodes, and not only. In fact they check 3 spam databases and if the user's IP is in one of them, e-gold just declines any operation, people cannot even login into their accounts. There are a few things here: It is the first time I see a website blocking IP that appear in SPAM databases! Spam is, as far as I know, an EMAIL problem, so why would a domain block surfing from these IP? About TOR particularly, I feel very strange that all exit nodes would be listed in spam databases, as most of them (if not all) don't accept sending mail requests. That is why I rather believe that e-gold in fact fetches the TOR exit nodes list, and directly block their IP addresses. A friend, connecting from his home in Germany without TOR, without any proxy, cannot enter his account as his IP address (a dynamic one from a dialup provider) was listed 2 months ago for spam!!! A few people are already complaining that they cannot get into their accounts, and so their money seems to be lost! E-gold was already known to block accounts without any warning and explanations, recently blocked accounts of all Iranian people and KEPT their funds, now they automatize the scam process! E-gold seems to be the next (or TODAY'S) major scam of the internet! F44
Re: [Fwd: High-traffic Colluding Tor Routers in Washington, D.C. Confirmed]
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 I would like to contribute some more Tor servers running at different providers across Germany (probably not in the same /16 network). My current server is a virtual server at 1blu that has a bandwidth of 931 KB/s which makes it the 71st fastest Tor server in the network. Maybe other providers are even faster than 1blu. Just as a comparison: the fastest Tor server at the moment has 4533 KB/s. Hi, do you run a TOR server on a virtual server without connection faults? A year ago, I tested a tor server on virtual hardware (Virtuozzo) and I got many TCP connection faults in /proc/user_beancounters. Is a TOR server now ready to run with less then 1024 TCP connections? Or do you have a virtual server, which does not have low limits for TCP connections? In this case the offer of 1blu is very nice for TOR. - - - Begin Off-Topic --- I know, it is a Tor list. But please let me write this: What do you think about a remailer (Mixmaster or Mixminion), something like TOR for emails. Emails are more private than surfing in my opinion. If you did have the power to admin a few tor server, you may run a remailer too. It may share a server together with TOR. The traffic is not very high: 5.000 mails per day. It uses at max. 16 TCP connections. And it can act as a middle-man like TOR. For Mixmaster a working MTA (exim4 or something else) is required, for a Mixminion middle-man nothing. The size of the remailer networks decreases in the last 6 month down to 35 nodes for Mixminion and less than 30 nodes for Mixmaster. Hope, we can stop this trend. Large networks for high anonymity are needed. I am ready for help, if somebody needed any docs. (in German too) - - -- End Off-Topic -- Karsten N. - --- [EMAIL PROTECTED] 0x1C10A42F - - - -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.2.2 (GNU/Linux) iQEVAwUBRiYl2XneknocEKQvAQLHewgAkFpzpcZEExkJ/Eydxog9d6czGX9sPYFY gFVJ32NXO/qNSQR1WQOYMBesjLhd9+DCOEYQ9tkJqBrCCoEQklRcihFMO+ttDHb4 M0Ktqhizi75VJo36IX0060f0GQ4tT184NdferpLicAOuiGGvOkGAqTSgXvEzWPE1 ExLz7vl9BgSqs4P+wddOr1VSK1stxEUE/vwcbTK01o+C0v6peYEG9fplQq4bw48Z lplBH3Fb/7ASmwR9faVfYoi8gXqLDtnRC1kHK+H+/JzWRPGZU9BKAADmiw+0+kql 9i0iv1yoPb7OWLofBHnbjuyxHC7gTdMmUyLAgSaK/67uOtp6sdbQ1Q== =8hj5 -END PGP SIGNATURE-
Re: Please add to download section of homepage
Am Donnerstag, 29. März 2007 12:15 schrieb JT: Hi, could you please add the following info to the download section of the homepage (you really want tor to work)? 1) firefox users please disable the send referer information and set it to 0 in about:config network.http.sendRefererHeader I think, it is better to set the referer information to the base of the actual website. It does not break down so many websites. Firefox user may use the the plug-in RefControl, it is more easy to change and save the settings for a few websites, which need a real referer: https://addons.mozilla.org/en-US/firefox/addon/953 A nice user agent switcher is uagen for privoxy written by Fabian Keil: http://www.fabiankeil.de/blog-surrogat/2006/01/26/firefox-user-agent-generator.html http://www.anon-web.de/anonym-surfen_privoxy.htm#uagen (Debian package) (both sites only in german, may be, some know a english site) Karsten N.