On Wed, Mar 07, 2007 at 02:14:33PM -0600, Mike Perry wrote:
The Tor download page should have a concice Things to know before
downloading section that lists a few key points about the most easy
ways your identity can be revealed through Tor. Something like
Mike and I just whipped up an early
My suggestions as a no-tech user:
Perhaps the Warning should be put on top of the page, before the download links
- sometimes people don't go further than the download links.
Also, might I suggest NoScript to be used in conjunction with QuickJava? And
please add a line reminding users to
Thus spake sy16 ([EMAIL PROTECTED]):
My suggestions as a no-tech user:
Perhaps the Warning should be put on top of the page, before the
download links - sometimes people don't go further than the download
links.
Also, might I suggest NoScript to be used in conjunction with
QuickJava?
--- Mike Perry [EMAIL PROTECTED] wrote:
Perhaps he would be amenable to fixing his
extension against moore's on-the-fly HTML
generation. However his email address is not
listed on the author page :(
Well it looks like Mr. Greene prefers to receive
feature requests on his blog, not email.
Thus spake light zoo ([EMAIL PROTECTED]):
--- Mike Perry [EMAIL PROTECTED] wrote:
Perhaps he would be amenable to fixing his
extension against moore's on-the-fly HTML
generation. However his email address is not
listed on the author page :(
Well it looks like Mr. Greene prefers
Thus spake Mike Perry ([EMAIL PROTECTED]):
Thus spake light zoo ([EMAIL PROTECTED]):
--- Mike Perry [EMAIL PROTECTED] wrote:
Perhaps he would be amenable to fixing his
extension against moore's on-the-fly HTML
generation. However his email address is not
listed on the
Hello,
I just subscribed to the or-talk list and would be happy to answer any
questions related to the recent catching pedophiles article and the
decloak test tool. I am in the process of updating the decloak
demonstration to explain each of the tests and provide source code for
the
On Thu, Mar 08, 2007 at 04:12:10PM -0600, H D Moore wrote:
I am in the process of updating the decloak
demonstration to explain each of the tests and provide source code for
the components. What may not be obvious (especially from the ZDNet
article), is that I believe in the Tor project's
Thanks for the feedback! Keep in mind this is the first applet I have ever
written :-) Any information about the new API would be appreciated. Do
you happen to know what versions it is compatible with? Bizzare that they
would explicitly allow non-proxied connections. I used the Datagram
Socket
Thus spake H D Moore ([EMAIL PROTECTED]):
Thanks for the feedback! Keep in mind this is the first applet I have ever
written :-) Any information about the new API would be appreciated. Do
you happen to know what versions it is compatible with? Bizzare that they
would explicitly allow
Thus spake Roger Dingledine ([EMAIL PROTECTED]):
On Thu, Mar 08, 2007 at 04:12:10PM -0600, H D Moore wrote:
I am in the process of updating the decloak
demonstration to explain each of the tests and provide source code for
the components. What may not be obvious (especially from the
If there is a security manager, its checkConnect method is called
with the proxy host address and port number as its arguments. This
could result in a SecurityException.
Just configure the security manager to prevent unproxyed connections.
signature.asc
Description: OpenPGP digital
On Thursday 08 March 2007 19:05, Mike Perry wrote:
Actually, I'm also curious about your on-the-fly applet tag
generation. Were you aware that it would bypass that
security.enable_java setting or was it just a general evasive thing
you did for filtering? Do you have any information if this is
Looks like the Practical Onion Hacking paper covered many features I
was working on, as well as touching on the warez/movie/music leeches and
the child pornography traffic. I should have released this back in August
when I presented on it the first time :-)
The big differences are:
1) They
This is the second release candidate for the 0.1.2.x series. We made it
work better on Windows again -- this time for sure. :)
This is a release candidate! That means that we don't know of any
remaining show-stopping bugs, and this will become the new stable if
there are no problems. Please test
Watson Ladd wrote:
If there is a security manager, its checkConnect method is called
with the proxy host address and port number as its arguments. This
could result in a SecurityException.
Just configure the security manager to prevent unproxyed connections.
Even if all Java connections are
The following recent preprint deals with the subject of this thread:
A. Kate, G. Zaverucha and I. Goldberg
Pairing-Based Onion Routing pdf
CACR 2007-08
http://www.cacr.math.uwaterloo.ca/techreports/2007/cacr2007-08.pdf
-James
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
- -- James Muir [EMAIL PROTECTED] wrote:
The following recent preprint deals with the subject of this thread:
A. Kate, G. Zaverucha and I. Goldberg
Pairing-Based Onion Routing pdf
CACR 2007-08
http://www.securityfocus.com/news/11447
A number of comments made on the list are referred to in this story.
One of Nick's posts has been quoted.
-James
Flash is now supported:
http://metasploit.com/research/misc/decloak/
-HD
On Thursday 08 March 2007 20:33, H D Moore wrote:
Seems like two big items I need to add to decloak are Flash and the
shiny no-proxy Java connection mode (which seems to apply to TCP
sockets only).
I installed the bundled package posted on the site last week. I don't
know the Terminal well but this is what I get back...
jason-edwards-computer:~ Jason$ cd /Library/Tor
jason-edwards-computer:/Library/Tor Jason$ sudo -s
Password:
jason-edwards-computer:/Library/Tor root#
On 3/9/07, James Muir [EMAIL PROTECTED] wrote:
http://www.securityfocus.com/news/11447
A quote which worries me:
Tor servers meet the definition of an Internet service provider,
which means that operators are not required to know what data passed
through the server, said Kevin Bankston, staff
Thus spake Mike Perry ([EMAIL PROTECTED]):
Thus spake Roger Dingledine ([EMAIL PROTECTED]):
On Thu, Mar 08, 2007 at 04:12:10PM -0600, H D Moore wrote:
I am in the process of updating the decloak
demonstration to explain each of the tests and provide source code for
the components.
23 matches
Mail list logo