Re: vidalia source tarball is missing
On Tue, 12 Oct 2010 01:21:30 +0300 Erdem Bayer eba...@bayer.gen.tr wrote: Hi After last website update, vidalia source tarball link goes missing from this address: http://www.torproject.org/projects/dist/vidalia-0.2.9.tar.gz However it is still referred on this page, but the download link is broken: http://www.torproject.org/projects/vidalia.html.en Thanks for the notice, I fixed it this morning, http://archives.seul.org/or/cvs/Oct-2010/msg00293.html -- Andrew pgp 0x31B0974B *** To unsubscribe, send an e-mail to majord...@torproject.org with unsubscribe or-talkin the body. http://archives.seul.org/or/talk/
Virtual Machines - what is their use?
Hello, There are, from time to time, exhortations to use Virtual Machines alongside Tor. If an individual is using Tor, Polipo, Torbutton, NoScript, and BetterPrivacy then why is a VM needed? How can VMs improve one's Tor experience? Thanks.
Re: tor-ramdisk 20101011 released for i686 only
One option for providing feedback on the health of the relay would be arm ( www.atagar.com/arm) with the following config changes to keep with the aims of tor-ramdisk: # would prevent any connection related information from being queried startup.blindModeEnabled true # crops log messages after a day features.log.entryDuration 1 This would provide the user with: - ps information (cpu/mem usage, uptime) - basic relay information (fingerprint, flags held, version, etc) - config (currently loaded torrc) - the last day's worth of logs - graph of the bandwidth usage The last two give a very good indication for if the relay's working right or not. If this is too much information then I'd be happy to augment arm to meet your needs. Cheers! -Damian On Mon, Oct 11, 2010 at 8:25 PM, Anders Andersson pipat...@gmail.comwrote: On Mon, Oct 11, 2010 at 11:16 PM, Jacob Appelbaum ja...@appelbaum.net wrote: On 10/11/2010 10:52 AM, Anthony G. Basile wrote: Hi everyone I want to announce to the list that a new release of tor-ramdisk is out. Tor-ramdisk is an i686, x86_64 or MIPS uClibc-based micro Linux distribution whose only purpose is to host a Tor server in an environment that maximizes security and privacy. Security is enhenced by hardening the kernel and binaries, and privacy is enhanced by forcing logging to be off at all levels so that even the Tor operator only has access to minimal information. Finally, since everything runs in ephemeral memory, no information survives a reboot, except for the Tor configuration file and the private RSA key, which may be exported/imported by FTP. Via FTP? It's probably not a good idea to export a private key without using encryption... All the best, Jake My first thought as well. Pretty much every protocol invented is better than FTP, in this case and most other cases. Another question regarding the logging: I hope you include enough to know if the node is working correctly or not. The logs that are generated could also be deleted after a couple of minutes or an hour as well, which might make it possible to log some more information if necessary to verify functionality. Great project though, a lot of people request this. *** To unsubscribe, send an e-mail to majord...@torproject.org with unsubscribe or-talkin the body. http://archives.seul.org/or/talk/
Re: Virtual Machines - what is their use?
On Tue, 2010-10-12 at 16:01 +0100, Matthew wrote: If an individual is using Tor, Polipo, Torbutton, NoScript, and BetterPrivacy then why is a VM needed? How can VMs improve one's Tor experience? Presume you are being pursued by the Illuminati, because you alone have knowledge of the Holder of the Fourth (you lucky devil, you). They have 0-day exploits for Firefox (because Mozilla is actually a front for the Illuminati - sorry I had to be the one to tell you), and are thus able to circumvent Torbutton and Noscript and execute arbitrary code from the user account that is running Firefox. If you are running Firefox as your normal user account with no further limitations on it, the Illuminati will be able to go into your pictures folder and see what you look like, or modify your .bashrc and your PATH to install a malicious wrapper program that pings their server every time you start vim (better switch to Emacs). If you're running Firefox as a user on a VM, and running it over a forwarded X session, all the Illuminati can do is access files on the VM and try to exploit your X server. This is a case of the security principle of defense-in-depth: running torified programs in VMs allows some degree of risk mitigation if you assume the program in question has been compromised, so even if you assume you're running malicious code, you can contain the damage, remain anonymous, and evade the Illuminati. signature.asc Description: This is a digitally signed message part
Updated standard .torrc online?
My .torrc file says: Last updated 12 April 2009 for Tor 0.2.1.14-rc Does this matter (is it outdated) and, if so, is their a way to get the latest .torrc file without having to install from scratch? Thanks.
Re: Virtual Machines - what is their use?
Hello, I think there are two useful usecases for a vm in combination with tor: For Hidden Services: If you run your HS inside a VM, it is harder for a imaginary attacker to gather the location / identity of the HS. For a simple User: If you run all the applications inside a vm, it is easier for you to ensure that there is no leaking application, which means that an application sends traffic which does not go through tor. good day, Jan Am 12.10.2010 17:01, schrieb Matthew: Hello, There are, from time to time, exhortations to use Virtual Machines alongside Tor. If an individual is using Tor, Polipo, Torbutton, NoScript, and BetterPrivacy then why is a VM needed? How can VMs improve one's Tor experience? Thanks. *** To unsubscribe, send an e-mail to majord...@torproject.org with unsubscribe or-talkin the body. http://archives.seul.org/or/talk/