I read in this blog
http://www.hermann-uwe.de/blog/howto-anonymous-communication-with-tor-some-hints-and-some-pitfalls
in the comment/reply section:
Not meant for privacy It seems like there's a slight
misunderstanding here. This setup is not going to anyonymize all of your
A quick note:
I mean skype sms and skypeout calls, both types are to non-skype mobile phones
instead of to another skype user.
sy16 [EMAIL PROTECTED] wrote:
If I send a text message in skype through tor, is it or is it not encrypted by
tor?
If I make a skype call through tor, is the voice
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hi,
- From what it sounds your destinations are normal phones. In that case
your calls will not be encrypted. Actually, Tor could encrypt your
call up to the point where it arrives at a gateway that connects to
the public phone network. From there
I am new to Tor so please forgive my ignorance...
When I use Vidalia to start and then stop Tor I get the following
messages in my Log.
Mar 05 15:13:24:072 [Notice] Tor v0.1.2.9-rc. This is experimental
software. Do not rely on it for strong anonymity.
Mar 05 15:13:24:078 [Notice] Enabling
That all looks correct to me.
As for the error? It looks like it is saying that it is logged at
error level of importance -- important enough that you see it. It
does not mean that it's actually an error.
On 3/6/07, Jason Edwards [EMAIL PROTECTED] wrote:
(I forgot the subject line in my
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Yeah, from what I know, catching signal TERM, exiting cleanly just
means Tor is shutting down but will wait (30 secs I think) before
doing so to allow clients to find a new circuit first (hope that was
correct). So it's all working as intended
Thank you for explaining, it's good to know that VOIP calls are encrpted. About
configuring skype to use tor, can I just set proxy server to localhost, port
9050, using HTTPS? Or is it necessary to install freecap?
Enigma [EMAIL PROTECTED] wrote: -BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hi again,
I can't answer your question directly since I don't use Skype.
However, in general you should set the proxy option in your
application to localhost and the respective port. Just try it out and
see if it works or wait for an answer by
Thanks for the help guys :)
Jay
Enigma wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Yeah, from what I know, catching signal TERM, exiting cleanly just
means Tor is shutting down but will wait (30 secs I think) before
doing so to allow clients to find a new circuit first (hope that
On Tue, Mar 06, 2007 at 02:16:00PM -0500, Roger Dingledine wrote:
Step one would be to force Skype to use TCP only. I'm not sure how to do
this; one option would be to firewall yourself so only the Tor process
can send outbound traffic (don't ask me how to do that in Windows, it's
probably
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Oh yeah, I forgot to mention that. Sly16, I read somewhere Skype is
just encrypting its own protocol but not the traffic itself. Not sure
whether it's true or not. In any case Skype users rely on a closed
source protocol so no one really knows if
On Tue, Mar 06, 2007 at 11:49:56AM -0500, Jason Edwards wrote:
Mar 05 15:16:43:073 [Error] Catching signal TERM, exiting cleanly.
Is everything working correctly?
Why do I get an error message when I stop Tor?
Good point. The 0.1.2.10-rc release will call that a 'notice',
not an 'error',
The problem is that Skype uses either UDP or TCP, depending on the
situation. If it chooses TCP, Freecap will intercept it
Roger,
Would you agree that Tor should be able to tunnel UDP traffic too?
There's a /lot/ of UDP-based applications that it would make sense to
tunnel over tor.
On Tue, Mar 06, 2007 at 08:50:59PM +0100, Juliusz Chroboczek wrote:
The problem is that Skype uses either UDP or TCP, depending on the
situation. If it chooses TCP, Freecap will intercept it
Would you agree that Tor should be able to tunnel UDP traffic too?
There's a /lot/ of UDP-based
Would you agree that Tor should be able to tunnel UDP traffic too?
One day I'd like to support this, yes. It's hard though:
http://wiki.noreply.org/noreply/TheOnionRouter/TorFAQ#TransportIPnotTCP
Forwarding raw IP is difficult, I agree. But it's UDP I'd like you to forward.
Considering
I've just switched to 0.1.2.8, and when trying to access a hidden
service that doesn't exist, I'm getting SOCKS 5 error number 6
``TTL expired''.
That's a somewhat unexpected error -- I'd expect to get error 4 ``host
unreachable''.
Juliusz
On Tue, Mar 06, 2007 at 02:55:28PM -0500, Roger Dingledine wrote:
On Tue, Mar 06, 2007 at 08:50:59PM +0100, Juliusz Chroboczek wrote:
The problem is that Skype uses either UDP or TCP, depending on the
situation. If it chooses TCP, Freecap will intercept it
Would you agree that Tor
I don't know how to force skype to use only tcp, but one way to know whether it
is using tcp (therefore tor) is to look at the little flag before the place
where you enter the phone number. When it is different from where I am, it is
probably using tor.
I'll check out zfone and probably
Hey guys...
I have some noobie questions if anyone has time.
When I visit showmyip.com it recognizes that I am using Tor ALTHOUGH the
information regarding my internet browser, operating system and type of
computer I use is still accurate. Am I doing something wrong or is that
unavoidable?
Is this a host unreachable case or a network unreachable case? As far as
I can tell, the socks5 error messages are totally undocumented beyond
the short phrase for each one.
It doesn't matter much in my case -- I'm just trying to ensure that
the user of Polipo gets an error message that makes
To answer some of your questions:
Privoxy does at least two things for you. It strips out some unwanted
cookie behavior, and it strips out unwanted advertisements.
Centralize advertisement sites are bad for several reasons. One is
that they get items like
I'm on somesite.com/page1.html, and
Looking at the volunteer page at tor.eff.org, I spotted this:
We need an official central site to answer Is this IP address a Tor
server? questions. This should provide several interfaces, including a web
interface and a DNSBL-style interface. It can provide the most up-to-date
answers by
A typical Tor circuit looks like
OP -- OR1 -- OR2 -- OR3
where the three -- links are all TLS connections. TLS protects the
OP's communications from adversaries outside the network, but another
layer of crypto (used inside TLS) is needed to protect them from the
onion routers themselves
Is it because the ORs don't know where they are in the circuit?
Of course OR3 knows it's at the end, but the others either recognize or
relay.
Steve
James Muir wrote:
A typical Tor circuit looks like
OP -- OR1 -- OR2 -- OR3
where the three -- links are all TLS connections. TLS protects
On tuesday, 2007-03-06 23:52 Jason Edwards wrote:
Hey guys...
I have some noobie questions if anyone has time.
When I visit showmyip.com it recognizes that I am using Tor ALTHOUGH
the information regarding my internet browser, operating system and
type of computer I use is still accurate.
Steve Southam wrote:
Is it because the ORs don't know where they are in the circuit?
Of course OR3 knows it's at the end, but the others either recognize or
relay.
I agree that not using k_1, d_1 would allow OR1 to determine that they
are the first node in a circuit. However, Tor clients
Most important seems an aware handling of cookies, js and so on.
Have a look at noscript https://addons.mozilla.org/firefox/722/
and flashblock http://flashblock.mozdev.org/
NoScript will also disable Flash in addition to JavaScript, although you
have to enable this in its config window. In
I'm not sure if this really happens, but if you have a connection open
to an OR and a new circuit is required through it,
couldn't ORn-1 send a CREATE_FAST to ORn?
Steve Southam wrote:
Is it because the ORs don't know where they are in the circuit?
Of course OR3 knows it's at the end, but
Well, first, this is just the normal exit node exposure of tor.
The exit node in your circuit gets to see the raw communication
between you and your destination. If you are using an SSL channel
(SSH, https, etc) then nothing is a problem. Otherwise, the exit node
can do things like spy on
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Also note that browsing with Firefox using the NoScript
http://noscript.net/ extension renders this attack and most others
useless, since that java applet never gets executed.
Michael_google gmail_Gersten wrote:
Well, first, this is just the normal
So here's an idea for an attack on tor.
We recently saw a paper that said that someone who puts in a lot of
routers, claiming to have high bandwidth, can correlate senders and
destinations, exposing the traffic analysis that tor is trying to
defend against. And, a response from the maintainers
Steve Southam wrote:
I'm not sure if this really happens, but if you have a connection open
to an OR and a new circuit is required through it,
couldn't ORn-1 send a CREATE_FAST to ORn?
I suppose that could happen, since the OP controls what commands are
sent down the circuit to OR_{n-1}.
Thus spake Fergie ([EMAIL PROTECTED]):
Hmmm.
http://blogs.zdnet.com/security/?p=114
Comments?
Will they write a ZDnet article about me when my node scanner starts
to delist his compromised exit nodes? ;)
There's of course no way that these nodes can be allowed to continue
to be exits if
Thus spake Mike Perry ([EMAIL PROTECTED]):
At any rate, I welcome a good open source implementation of this. If
nothing else, it will be nice to pit it against my scanner on a test
network to make sure this sort of thing can be reliably detected.
Oh, and we can also use this as an opportunity
Your proposal is quite realistic, though to get good bi-directional
bandwidth would probably cost a lot more than you project, as you'd
want colocated servers, not servers on DSL lines.
I believe that the exit nodes are one of the weakest points in a Tor
network. If you don't know who is
On Wed, Mar 07, 2007 at 12:56:22AM -0500, James Muir wrote:
http://blogs.zdnet.com/security/?p=114
The approaches suggested won't work if you use Firefox with NoScript set
to disable JavaScript, Java, Flash and any other plugins.
You still have to be careful though -- if you enable them
36 matches
Mail list logo
