On Tue, Feb 8, 2011 at 2:09 AM, bao song michaelw...@yahoo.com.au wrote:
...
On the Bootcamp side (Windows 7 Professional 64), 'Test port forwarding'
always fails to find a valid UPnP, and no one ever manages to access my
bridge.
check your firewall. usually this is the windows or
On Mon, Feb 7, 2011 at 12:47 AM, Marco Predicatori ma...@predicatori.it wrote:
morphium, on 02/04/2011 03:08 PM, wrote:
Oh and yes, they took only my hardware @ home, not the Server in
the data center that actually DID run Tor and that the bad IP
belonged to.
That's interesting, because it
On Fri, Feb 4, 2011 at 6:08 AM, morphium morph...@morphium.info wrote:
...
Oh and yes, they took only my hardware @ home, not the Server in the
data center that actually DID run Tor and that the bad IP belonged
to.
this is interesting.
just to clarify: you had traffic of interest from a
On Wed, Jan 12, 2011 at 3:11 AM, intrigeri intrig...@boum.org wrote:
...
(do Tor Live CDs need a new kexec target for memtest sweeps / ram
zeroisation? :)
As far as I understand, this seems like enhancements over the cold
boot attack, and one more reason why Tor Live CDs should wipe the
On Wed, Jan 12, 2011 at 7:57 AM, Klaus Layer klaus.la...@gmx.de wrote:
...
Error creating network socket: No buffer space available
errors. The numtcpsocks parameter limit is set to 550 on the vserver. Before
asking the ISP to increase the value I would like to ask you what a reasonable
On Wed, Jan 12, 2011 at 5:44 AM, berta...@ptitcanardnoir.org wrote:
...
explicit ordered zeroisation is handy. (starting with keys and key
schedules, working cipher state, then on to user data, before
completing a full pass or three. this takes a smart kexec or other ham
fisted - still worth
On Thu, Dec 23, 2010 at 2:03 PM, Praedor Atrebates prae...@yahoo.com wrote:
I just finished installing VMWare Player, fired it up, and then installed the
latest tor_vm.iso (Ubuntu) as the OS/system in the VM. It has stalled here:
Bootstrapped 25%: Loading networkstatus consensus.
where in
On Thu, Dec 23, 2010 at 3:08 PM, Praedor Atrebates prae...@yahoo.com wrote:
... I want the VM system because I want to be able to browse without having
to deactivate java, javascript, and flash... I want the VM so I can access
these websites while still being anonymous, thus the necessity of
On Sat, Nov 20, 2010 at 8:57 PM, John Case c...@sdf.lonestar.org wrote:
...
That's what I thought...
So, would a sparc T3 be an interesting platform upon which to run bitcoin
? Or are the fermi based GPUs still orders of magnitude faster ?
a T3 would be a great platform for a Tor relay,
On Sat, Nov 20, 2010 at 7:45 PM, slush sl...@centrum.cz wrote:
... Yours complaints are on the same level as if
you say 'I have only 486DX, those guys with Quad cores driving me crazy'.
...
maximum ~200
blocks per day, because it is limit of network.
...
Regards to wasting electricity.
On Wed, Nov 17, 2010 at 3:02 PM, grarpamp grarp...@gmail.com wrote:
...
So long as users are covering their bandwidth with giveback [1], I
think it's safe to assume the rest of their overhead is also covered
by the addition of that node to the network.
there's always a catch. ;)
...
[1]
On Wed, Nov 17, 2010 at 5:20 PM, Andrew Lewman and...@torproject.org wrote:
...I wish people would stop cross-posting between -dev and -talk...;)
mea culpa; i shall curb my reply-all enthusiasm!
grarpamp: i'll follow this up with links for various UDP Tor papers
and discussions. i've got a
On Tue, Nov 16, 2010 at 7:00 AM, TheGravitator
thegravita...@googlemail.com wrote:
Its not all i7's, only the i7-980X (extreme series) about $1000.
AES-NI is pretty slick. now if only we could get RSA/DSA/DH on die... :)
[the benchmarks in question show 875MB/s AES256 on PhenomII X6 1090T @
On Wed, Oct 27, 2010 at 11:49 AM, Jan Weiher j...@buksy.de wrote:
... I'm
not aware of any negative impacts on privacy due to the usage of
https://,
client certificates, although fortunately these are difficult to
leverage surreptitiously...
... but without, there is the danger of
On Sat, Oct 23, 2010 at 5:59 PM, Robert Ransom rransom.8...@gmail.com wrote:
On Sat, 23 Oct 2010 12:42:11 -0700
Julie C ju...@h-ck.ca wrote:
Has anyone come across any TCP stack implementation vulnerability research?
... At this point in my education it strikes me that the TCP stack
on any
On Sun, Oct 24, 2010 at 8:28 PM, coderman coder...@gmail.com wrote:
...
1. remote ring0 do happen, c.f. CORE-2007-0219: OpenBSD's IPv6 mbufs
remote kernel buffer overflow.
Forgot to link to the announce in question; it is worthy of a read if
only to emphasize why any claim of immunity from
On Wed, Oct 20, 2010 at 4:47 PM, and...@torproject.org wrote:
...
: However, my ISP does not see the DNS requests (or the website since
: all traffic flows through the encrypted VPN).
It depends on the VPN. Many vpns don't touch your dns settings,
therefore your local resolver sees the
On Sat, Sep 25, 2010 at 5:04 PM, Mike Perry mikepe...@fscked.org wrote:
...
however, if an attacker has access to read this locally they've
already compromised you to a degree that random mac affords no
protection...
Is this really true?
yup. for the very few situations it is not true,
On Fri, Sep 24, 2010 at 4:01 PM, Jacob Appelbaum ja...@appelbaum.net wrote:
...
Try the following by hand:
sudo ifconfig eth1 hw ether 00:00:00:00:00:00 ...
you'll likely need to have the interface down before changing mac:
sudo ifconfig eth1 down
sudo ifconfig eth1 hw ether random mac
sudo
On Wed, Sep 1, 2010 at 2:28 PM, John Case c...@sdf.lonestar.org wrote:
...
I really do think some subset of that discussion should be included in your
lore, at the very least the parts pertaining to the built-in crypto
acceleration included in recent sparc CPUs, which appear to be the only
On Sat, Aug 28, 2010 at 3:25 PM, intrigeri intrig...@boum.org wrote:
...
Another cost mentioned by coderman was elevated privs for
accelerated virtualization / para-virtualization. AFAIK VirtualBox
does not need any special privileges (once the kernel part of the
software is installed
On Sat, Aug 28, 2010 at 3:25 PM, intrigeri intrig...@boum.org wrote:
...
Please don't misunderstand me. I'm not a fan of VM-based solutions and
pretty much prefer the bare-metal + Live OS approach, but I feel we
need to consider their pros and cons in a more detailed way than
discarding them
On Tue, Aug 24, 2010 at 8:27 AM, Mike Perry mikepe...@fscked.org wrote:
...
# Set the hard limit of open file descriptors really high.
# Tor will also potentially run out of ports.
ulimit -SHn 65000
typically in /etc/security/limits.conf. i like to append:
* softnofile
On Sat, Aug 21, 2010 at 5:55 PM, Gregory Maxwell gmaxw...@gmail.com wrote:
...
I think it's obvious that the best way of using tor is running your
torrified apps in a VM which can only access the outside world via
TOR. This provides the highest protection from network leaks and also
partially
On Sun, Aug 1, 2010 at 8:02 PM, Gregory Maxwell gmaxw...@gmail.com wrote:
...
The overhead of padding schemes that I've seen, either end to end
type, or hop-based for free routed networks as presented above, are
simply too large to be practical.
perhaps DLP with SFQ and datagram transport.
On Fri, Jul 30, 2010 at 12:32 PM, Seth David Schoen sch...@eff.org wrote:
...
The researchers suggest that web application developers should use
padding to make different activities on their sites less
distinguishable. That sounds pretty optimistic to me. I've heard
other privacy
on
breaking anonymity, so hopefully some of those will chime in. Kyle
Williams, or coderman maybe?
hah; sadly i lack the discipline to be expert in this subject.
you've seen the anobib, right?
in general i agree that at the level of scrutiny being discussed here
you're either off the radar
On Thu, Jul 29, 2010 at 2:17 PM, Matthew pump...@cotse.net wrote:
...
When I use Tor, I disable Flash.
good!
However, when not using Tor, sometimes I do use Flash.
we all have our vices...
I was surprised today to discover in my .macromedia folder on Ubuntu dozens
of flash cookies.
On Thu, Jul 29, 2010 at 5:34 PM, coderman coder...@gmail.com wrote:
...
an easier consideration, are you consistent about always using a
recent and signature verified release of the browser bundle?
having looked at the download page i see the Linux bundle is at 1.0.9
and beta, while the usual
On Mon, Jul 5, 2010 at 6:49 PM, Jacob Appelbaum ja...@appelbaum.net wrote:
...
I haven't seen a PERL version of the program - do you have a link to the
source?
this is the only copy i have on hand. i believe there is an updated
version in bsd ports archive (no longer in current mirrors).
best
#!/usr/bin/perl
#
# dns-proxy-tor
#
# This script has been dedicated to the public domain.
# See LICENSE file included with this distribution for the dedication.
#
use strict;
use warnings;
our $VERSION = '0.0.6';
{
package Log;
use strict;
use warnings;
use constant INFO = 0;
use
On Sun, Jul 4, 2010 at 3:17 PM, coderman coder...@gmail.com wrote:
...
a better wording:
... ultimately, any application that uses DNS or UDP may compromise
your anonymity.
i should mention that the Tor Browser Bundle when used as directed has
been and continues to be most resilient
On Mon, Jul 5, 2010 at 6:49 PM, Jacob Appelbaum ja...@appelbaum.net wrote:
...
Nice catch. Do you want to provide some test cases for this? I guess it
would be nice to see how wide-spread this problem is - it would also
help us build in some protection mechanisms.
to manually test:
1. route
great info! my comments below...
On Fri, Jul 2, 2010 at 6:15 PM, Jacob Appelbaum ja...@appelbaum.net wrote:
...
While Tor users should always use Torbutton[-1] for their web browsing,
not all applications have an equivalent plugin available. Torbutton
addresses DNS leaks from within Firefox
On Sun, Jul 4, 2010 at 3:17 PM, coderman coder...@gmail.com wrote:
... this type
of attack affects all VPN or transparent proxy configurations that do
not use a /29 point-to-point router path.
apologies; that should read: /31 point-to-point router path.
i've been dealing with service provider
On Sat, Mar 27, 2010 at 3:44 AM, Mike Perry mikepe...@fscked.org wrote:
... we've come to the conclusion that we need to do a bit more to
protect our users against Firefox...
In addition, we've decided to try to deploy a list of popular sites
that have insecure https functionality that can be
On Fri, Feb 19, 2010 at 4:22 PM, wuiv yccwg wuivyc...@googlemail.com wrote:
...
Basically, I am after some feedback and maybe a wish list or
suggestions. What Tor community would like to see in such kind of
service provider?
Tor is a decentralized architecture. why use Tor in your
On Thu, Feb 11, 2010 at 11:15 AM, Peter Farver farv...@auburn.edu wrote:
TOR is now blocked campus-wide at Auburn University (for all 24,000 students)
because of apparent attacks emanating from the TOR network.
can you elaborate on that?
are these apparent attacks coming _from_ the Tor exits
On Thu, Jan 28, 2010 at 2:33 PM, Mike Perry mikepe...@fscked.org wrote:
... I want to point out that Torbutton's obfuscation features
are only intended to make you appear uniform amongst other Tor users.
Tor users already stick out like a sore thumb because of using exit
IPs, and the small
EFF has an interesting tool available:
https://panopticlick.eff.org/
technical details at
https://www.eff.org/deeplinks/2010/01/primer-information-theory-and-privacy
an interesting look at exactly how distinguishable your default
browser configuration may be...
best regards,
On Tue, Jan 12, 2010 at 4:23 PM, downie - downgeo...@hotmail.com wrote:
This may have consequences for demand for (or attacks against) Tor:
http://googleblog.blogspot.com/2010/01/new-approach-to-china.html
weaponized 0days in IE leveraged for this assault are a disturbing escalation.
the
On Thu, Jan 14, 2010 at 4:52 PM, Ted Smith ted...@gmail.com wrote:
...
Opposing censorship (not on moral grounds, but they've attacked us so
we're leaving grounds) is very different from supporting anonymity.
right. hence would be nice as a qualifier. in any case, it is
interesting that these
On Mon, Oct 26, 2009 at 8:52 AM, John Case c...@sdf.lonestar.org wrote:
... I am particularly interested in
whether there are performance advantages to be had in running Tor on
dedicated network hardware.
maybe.
yes in that network hardware often provides hardware accelerated
crypto
On Mon, Aug 31, 2009 at 9:44 PM, grarpampgrarp...@gmail.com wrote:
Noticed today that gmail is again requiring
new account creation to use SMS verification.
someone should set up a gmail invite spooler on a hidden service. many
gmail users probably have 100 or so invites sitting around...
On Thu, Aug 20, 2009 at 4:55 AM, Ringo2600den...@gmail.com wrote:
...
I can't connect to any websites, but I can send requests out. Is there
anything obvious I'm missing or a something I should add?
...
try adding:
iptables -A INPUT -p tcp -m state --state ESTABLISHED -j ACCEPT
before:
On Thu, Aug 20, 2009 at 9:05 AM, Curious
Kidletsshareinformat...@yahoo.com wrote:
..
How is entropy gathered in virtual machines? Will it tell you if there is not
enough entropy to support unpredictable routing and encryption? (Or is that
even an issue at all with Tor?)
hi Curious,
entropy
On Wed, Aug 12, 2009 at 10:23 PM, Peternecedema...@gmail.com wrote:
I'm not complaining about it, I'm just saying, if you want widespread
adoption, a kernel driver is the way to go. And moreover, a kernel
driver is easier to write and support than a VM.
hi Peter,
there are various reasons
On Sat, Aug 8, 2009 at 2:06 AM, D-503d-...@awxcnx.de wrote:
... I'm just wondering if this will or is
already causing problems like aborting connections or I can just improve
my node behavior with some settings.
you are already causing some problems; if someone tries to extend a
circuit or
On Fri, Aug 7, 2009 at 8:53 AM, D-503d-...@awxcnx.de wrote:
...
I'm not allowed to raise the ulimit above 1024
then you've got a problem. you may not be able to run a useful relay
in this situation. can you contact your hosting provider and see if
they'll make an exception?
...
Yes I read
On Sat, Aug 1, 2009 at 9:19 AM, Mr. Bluetrashd...@yahoo.com wrote:
My requirements are:
1) It must have privoxy's functionality: hide-tor-exit-notation header filter
to remove the Tor exit node notation in Host and Referer headers.
exit notation as used this way is a deprecated feature. it
On Sun, Aug 2, 2009 at 10:12 AM, Cedric Follcedric.f...@gmail.com wrote:
...
I'm trying to create a private tor network..
i assume you've read the FAQ entry, and you might find an earlier
thread on the subject informative.
On Sat, Jul 25, 2009 at 3:26 AM, Ringo2600den...@gmail.com wrote:
...
For some reason qemu doesn't want to redir port 80 to the guest's port
80. I'm sure nothing else is listening on my host's 80. Any other ideas
or possible solutions to this?
unfortunately you must run qemu as root to bind
On Sat, Jul 25, 2009 at 7:55 PM, downie -downgeo...@hotmail.com wrote:
Hi,
is DirPortFrontPage only available to Directory Mirror operators?
difficult to have a DirPort open otherwise :)
If so, what is the additional overhead of mirroring the Directory?
someone else can speak to the
On Mon, Jul 13, 2009 at 12:06 AM, Ringo2600den...@gmail.com wrote:
... When I visit
the wordpress directory, I get a timeout and Firefox tries to go through
port 5022.
this is wordpress sucking. it tries to be helpful and always
explicitly list non-80 ports in complete URI's.
you can try
On Tue, Jul 7, 2009 at 10:38 PM, Ringo2600den...@gmail.com wrote:
...
I still feel like there's got to be a simpler way to do this.
iptables owner match (by process uid) is simpler, both LAMP and Tor in
a single VM. restrict outbound for LAMP user processes.
lightweight appliance type virtual
i had the best luck positioning Tor relay contribution as a way to
support the Sarbanes-Oxley Act whistleblower retaliation provision
with my last employer. but even that was a stretch...
best regards,
On Tue, Jul 7, 2009 at 6:10 PM, Ringo2600den...@gmail.com wrote:
...
One could.. run Tor inside the vm and have that torrc contain the
instructions for the hidden service. The problem then, is that the vm
has to access the web. ...
Of course, one could always run a hidden service on the host
On Sat, Jun 27, 2009 at 8:50 AM, Udo van den Heuveludo...@xs4all.nl wrote:
On 2009-06-27 17:47, Kris Linquist wrote:
Is this expected ...?
Traffic shaping.
http://lartc.org/wondershaper/
see also http://git.torproject.org/checkout/tor/master/contrib/linux-tor-prio.sh
On Sun, Jun 21, 2009 at 11:04 PM, Scott Bennettbenn...@cs.niu.edu wrote:
...Where would I find that, please? The only pointer I have at present
for the proposals is..
try https://git.torproject.org/checkout/tor/master/doc/spec/proposals/
best regards,
On Fri, May 15, 2009 at 2:00 PM, unknown unkn...@pgpru.com wrote:
... Any possible vulnerabilities here?
make sure control port is disabled or properly authenticated;
otherwise a good setup.
an improvement is white listing Tor process with direct access and all
other traffic is transparently
On Wed, Apr 22, 2009 at 11:34 AM, Marcus Griep tormas...@xpdm.us wrote:
... When you restore your
computer from hibernation, Tor picks up right where it left off, but
notes that the system clock has jumped forward...
circuits may now be invalid,...
while this is not a problem for clients (they
On Sun, Mar 8, 2009 at 8:20 PM, downie - downgeo...@hotmail.com wrote:
...
A few days ago I had some overnight broadband outages.
FWIW the clock synchronises to Apple's server, I'm not sure how often, and I
haven't had any warnings about being out of sync.
you could check /var/log/system.log
On Sun, Mar 8, 2009 at 6:16 PM, downie - downgeo...@hotmail.com wrote:
...
[warn] Your system clock just jumped 160 seconds forward; assuming
established circuits no longer work.
There are big blocks of these errors occuring 3 minutes 40 seconds or so
apart, for 3 hours.
The reported clock
On Mon, Feb 23, 2009 at 8:23 AM, Arjan
n6bc23cpc...@list.nospam.xutrox.com wrote:
...
It would be nice if Tor was using bigger blocks, but I've not looked at
the code yet.
i think you mean buffers (or at least multiples of 16 byte blocks);
and yes the 4096 byte or larger buffers would be nice
On Thu, Feb 19, 2009 at 4:17 AM, Erilenz eril...@gmail.com wrote:
...
Lots of people simply don't know how to use Tor safely.
agreed. i always recommend two things when using HTTPS over Tor:
- install the petname toolbar. this will also notify you if some
rogue CA is suddenly signing the
On Mon, Feb 23, 2009 at 8:27 AM, Andy Dixon a...@andydixon.com wrote:
...
Who do you use as a VPS provider..?
note that because a Virtual private server is usually sharing kernel
networking resources with other vservers you're likely to encounter
limits of some kind that will cause problems.
On Mon, Feb 23, 2009 at 12:29 PM, Arjan
n6bc23cpc...@list.nospam.xutrox.com wrote:
...
My upload speed is much too slow to run into this problem, but could the
compression be (partially) disabled for middle nodes? I'm assuming that
the data they are relaying has already been compressed +
On Mon, Feb 23, 2009 at 12:29 PM, Arjan
n6bc23cpc...@list.nospam.xutrox.com wrote:
Noscript has some options (Options, Advanced, HTTPS) that may help.
Disclaimer: I've not used these options and I don't know if it's secure.
from https://www.torproject.org/torbutton/faq.html
Which Firefox
On Wed, Feb 18, 2009 at 6:36 AM, downie - downgeo...@hotmail.com wrote:
...
There was a geoip-cache file from November, which I guess is the last time
it worked.
I renamed that in case it was corrupted. A new one hasn't been created, I
don't think.
the behavior you describe is exactly as if
On Tue, Feb 17, 2009 at 6:15 PM, downie - downgeo...@hotmail.com wrote:
...
Hmm,
If I set logging to Info,
try debug, i should have mentioned this before. it will be
exceptionally noisy though :/
... start Tor from Vidalia, and watch the Connection
box in the Network Map, I see a
On Mon, Feb 16, 2009 at 10:02 AM, downie - downgeo...@hotmail.com wrote:
Hi,
Vidalia has not been showing any geographic data for me for a couple of
months now
the service works, you can verify yourself by making a request to
https://geoip.vidalia-project.net:1443/cgi-bin/geoip
one thing i
On Wed, Jan 21, 2009 at 1:43 AM, Scott Bennett benn...@cs.niu.edu wrote:
...
Okay. I downloaded entrust_ssl_ca.der (the man page for wget(1) says
it wants DER or PEM format for certificates) and
i tend to use PEM; DER won't work with many wget installations.
wget
On Wed, Jan 14, 2009 at 10:20 PM, mikel.ander...@juno.com
mikel.ander...@juno.com wrote:
... it doesn't work on my limited-user accounts. Specifically, the Vidalia
control panel status reads, connecting to a relay directory failed(no route
to host). Is this due to the lack of administrator
Two packages for Windows are now available for testing the new Thandy
updater code for maintaining current versions of Tor in the Vidalia
bundle. These are test only releases and should not be used for
anything important; feedback on the package installation and ease of
use is solicited.
The
On Tue, Jan 13, 2009 at 7:59 PM, zmj zan...@gmail.com wrote:
windows xp+sp3+mingw
...
how did you invoke configure?
what version of mingw?
On Thu, Jan 1, 2009 at 6:56 PM, Adlesshaven adlessha...@embarqmail.com wrote:
Does anyone here jail, sandbox or chroot the applications they use with Tor?
... What is the best way
to isolate applications completely for use with Tor?
situations vary but my personal preference is for distinct
On Wed, Dec 31, 2008 at 12:21 AM, Scott Bennett benn...@cs.niu.edu wrote:
...
Nope. Instead I get:
ah the joys of PKI. Tor has been changing certs. new roots are
http://www.entrust.net/developer/index.cfm and Entrust Secure Server
CA is the one you want.
i believe the
On Tue, Dec 30, 2008 at 6:53 AM, Udo van den Heuvel udo...@xs4all.nl wrote:
...
I am using that patch (and others) to be sure that openssl uses the via
padlock hardware:
yes, you're fine. just a note: the no-rng is a good sign - you are
expected to use an entropy daemon that does fips sanity
On Tue, Dec 30, 2008 at 6:53 AM, Udo van den Heuvel udo...@xs4all.nl wrote:
...
I am using that patch (and others) to be sure that openssl uses the via
padlock hardware:
# openssl engine
(padlock) VIA PadLock (no-RNG, ACE)
another suggestion: you could try openssl 0.9.9 (devel) with the
On Mon, Dec 29, 2008 at 10:43 AM, Udo van den Heuvel udo...@xs4all.nl wrote:
...
Dec 29 19:09:21.991 [info] crypto_global_init(): Initializing OpenSSL via
tor_tls_init().
Hardware isn't used at all!?
you'll need to set HardwareAccel 1 like you mentioned. then you should see
Initializing
On Mon, Dec 29, 2008 at 11:04 AM, Udo van den Heuvel udo...@xs4all.nl wrote:
In main.c crypto_global_init is called with the contents of the
HardwareAccel setting; in crypto.c useAccel is tested and the tor_tls_init
line is printed although it is set to 1...
you are correct; my apologies.
by
On Tue, Dec 23, 2008 at 8:47 AM, Roc Admin onionrou...@gmail.com wrote:
... receive a completely valid certificate for a random domain
of his choosing without any questions or verification.
... the browser pre-trusted certificate authorities
really needs to be cleaned up.
this is why i am
On Sun, Dec 21, 2008 at 10:31 PM, Scott Bennett benn...@cs.niu.edu wrote:
...
is it possible you have an old openssl cacerts package without the
newer ev signing and root ca's?
Beats me.
yup, that appears to be it. (looking at the certs you got).
nothing nefarious, aside from another
On Fri, Dec 19, 2008 at 7:54 AM, Lee ler...@gmail.com wrote:
...
Manipulating
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\GlobalMaxTcpWindowSize
and TcpWindowSize to 0xfaf00 (1027840) seemed to increase the time to
failure when running Tor and BitTorrent.
seems
On Thu, Dec 18, 2008 at 7:30 PM, grego...@fastmail.fm wrote:
... WideCap is supposed to proxify
the whole OS I think and it handles DNS too.
by default nothing is proxied and the user interface requires
individual applications to be selected for proxy. as Kyle mentioned
this is insufficient
On Sun, Nov 23, 2008 at 12:53 AM, otto otto [EMAIL PROTECTED] wrote:
... -D__DARWIN_UNIX03 -DIPHONE
did you specify an architecture when invoking the configure script?
the config.log would be helpful but should probably go in a flyspray
report if needed.
best regards,
On Sat, Nov 22, 2008 at 5:48 AM, Matej Kovacic [EMAIL PROTECTED] wrote:
...
But the problem is, that Ubuntu uses swap partition of the host machine.
this isn't much of a problem if you use encrypted swap with an
ephemeral / one time key. power off the host (and wait for DRAM to
drain :) and you
... xeromail is xerobank, right?
is this topletz incognito?
On Tue, Nov 11, 2008 at 5:09 PM, Jack [EMAIL PROTECTED] wrote:
Kyle, recently saw your latest contribution: TorVM.
Could you discuss the essential differences between TorVM and JanusVM?
Looking forward to giving this a try!!
On Sun, Nov 9, 2008 at 3:15 PM, slush [EMAIL PROTECTED] wrote:
... Im running Tor exit on VPS, version 0.2.0.x.
So each MB of memory is quite bit expensive for me
along with the 0.2.1.x memory improvements you may want to experiment
with the ConstrainedSockets option. there has been reported
On Wed, Nov 12, 2008 at 12:11 AM, Jack [EMAIL PROTECTED] wrote:
Negatori, my friend.
sorry. my apologies to yourself and Steve. (if he's reading :)
given that Tor in a VM is a work in progress not ready for common use
it is difficult to discuss differences. i'd say the essential
difference
On Sat, Oct 18, 2008 at 6:15 AM, otto otto [EMAIL PROTECTED] wrote:
I get the following error when trying to build tor-0.2.1.6-alpha on Sun
Solaris 10x86.
...
compat.c: In function `tor_lockfile_lock':
compat.c:509: warning: implicit declaration of function `flock'
it looks like the way to
On Mon, Sep 15, 2008 at 12:17 PM, Kyle Williams
[EMAIL PROTECTED] wrote:
...
I believe coderman has been using the TorVM as a server, so he would have a
better answer as to how much RAM it uses running as a server node.
i have been able to run a middle node with 32M guest VM (8M free below
32M
On Wed, Sep 10, 2008 at 1:53 PM, Olaf Selke [EMAIL PROTECTED] wrote:
... 10% less than the bw data collected by mrtg
i'd be curious to compare number of packets with the observed
bandwidth; how much of that 10% is TCP/IP protocol headers that aren't
visible to Tor's bandwidth accounting (which
On Thu, Aug 14, 2008 at 12:51 PM, Kyle Williams
[EMAIL PROTECTED] wrote:
...
I don't see any documentation on how to build your own
Browser Bundle...
instructions for building the browser bundle are at:
https://svn.torproject.org/svn/torbrowser/trunk/build-scripts/INSTALL
On Mon, Jul 14, 2008 at 8:43 AM, [EMAIL PROTECTED] wrote:
... do you blindly trust all other Tor operators until they show some
bad behaviour?
[that's] nothing but security by obscurity.
this is why use of SSL/TLS over Tor is so strongly encouraged.
Can you explain what the threat
On Wed, Jun 11, 2008 at 5:35 PM, scar [EMAIL PROTECTED] wrote:
...
If someone were to develop a browser-based exploit that managed to get
the 'authenticate', with no preceding bytes, to the controlport...
like this? http://www.janusvm.com/goldy/vuln/tor-controlport.html
that is a standard
On Tue, Jun 10, 2008 at 9:10 PM, Arrakis [EMAIL PROTECTED] wrote:
... you can stop the effects of 0-days altogether.
... janusvm or xb machine ... implementation removes the
attack landscape for 0-day attacks.
this is a pretty strong statement and unsupported for any more complex
attack
On Wed, Jun 4, 2008 at 9:33 AM, Wesley Kenzie [EMAIL PROTECTED] wrote:
... I'm investigating using Amazon EC2
and OpenSolaris on my server to address scalability.
i'm confused. you want to run a node on Solaris on EC2 to achieve
higher throughput?
this is not likely to work as well as you
On Mon, Jun 2, 2008 at 12:12 AM, luser [EMAIL PROTECTED] wrote:
...
If I believe that the majority of ... traffic over tor is ... unauthorised
how do you determine?
that is the crux, and since you cannot do so, you open yourself to
legal liability and target a subset of the legitimate users as
On Mon, Jun 2, 2008 at 4:33 PM, luser [EMAIL PROTECTED] wrote:
...
could protocols supporting en clair passwords be denied, a la smtp?
see proposal 129: rejecting plaintext ports:
https://www.torproject.org/svn/trunk/doc/spec/proposals/129-reject-plaintext-ports.txt
this would be quite useful,
1 - 100 of 197 matches
Mail list logo