Re: I wish to see one video on you tube
On 08/02/11 22:56, Praedor Atrebates wrote: On Tuesday, February 08, 2011 05:45:37 pm you wrote: On Tue, Feb 8, 2011 at 3:49 PM, Martino Papessomart...@papesso.com wrote: Hallo I live in Italy. I have firefox portable version with tor download from here : http://www.torproject.org/dist/torbrowser/tor-browser-1.3.17_it.exe . I wish to see this video http://www.youtube.com/watch?v=AmhApE1kIgAfeature=player_embedded. In Italy is not possible. For one friend in Romania is possible to see this video(http://img806.imageshack.us/img806/7321/31962895.png). I tried to watch the video using tor but did not succeed. I'm not very handy when using tor. Could you help me for to see this video please. Is there one person who speak Italian? Many thanks. Ciao. Martino Clicking the link you post for the video, http://www.youtube.com/watch?v=AmhApE1kIgAfeature=player_embedded, this is what I get here in the USA. This video contains content from Sony Music Entertainment. It is not available in your country. Which tells me it is not available here either. Makes me wonder which country's are allowed to watch it. Jon Odd. I tried it originally via tor and the first time got it but didn't get it to play (noscript addon blocking) and then I got a denial as above. I then started firefox without tor in the USA and was able to view/listen no problem. It is restricted when I connect with my UK IP. With my Swiss VPN IP I can view it. However, can one actually view videos via Tor. Surely they demand too great a level of bandwith? *** To unsubscribe, send an e-mail to majord...@torproject.org with unsubscribe or-talkin the body. http://archives.seul.org/or/talk/
Re: I wish to see one video on you tube - question about flash.
On 08/02/11 22:08, Praedor Atrebates wrote: The video is from Silent Hill 2 OST. You MAY be able to play it if 1) you enable flash in your firefox browser and 2) you select an exit from a country not restricted (like Romania). I say MAY because if they use flash to check your location, sidestepping tor, then you will get the same restricted message. I know that the Metasploit people have a script which checks the IP via Flash. But how common would it be for a commercial provider to do this? Would there be a way of finding out if YouTube of whatever are employing this technique? praedor On Tuesday, February 08, 2011 04:49:28 pm you wrote: Hallo I live in Italy. I have firefox portable version with tor download from here : http://www.torproject.org/dist/torbrowser/tor-browser-1.3.17_it.exe . I wish to see this video http://www.youtube.com/watch?v=AmhApE1kIgAfeature=player_embedded. In Italy is not possible. For one friend in Romania is possible to see this video(http://img806.imageshack.us/img806/7321/31962895.png). I tried to watch the video using tor but did not succeed. I'm not very handy when using tor. Could you help me for to see this video please. Is there one person who speak Italian? Many thanks. Ciao. Martino *** To unsubscribe, send an e-mail to majord...@torproject.org with unsubscribe or-talkin the body. http://archives.seul.org/or/talk/ *** To unsubscribe, send an e-mail to majord...@torproject.org with unsubscribe or-talkin the body. http://archives.seul.org/or/talk/
Re: Sent e-mails going into spam folders.
Am 07.02.2011 20:00, schrieb Matthew: I am wondering to what degree people on this list have problems with e-mails going into spam folders because they are using tor nodes. Many Tor nodes are listet in some anti-spam DNSBL. We have had a discussion here about SORBS DNSBL some times ago. All tor nodes are listet in the The Abusive Hosts Blocking List www.ahbl.org The IP address of the tor exit node appears in the mail header. It is the senders IP addres. If the recipients mail provider uses a DNSBL which contains many tor nodes the mail will be flagged as spam. You can use a clean exit node for sending mail with SMTP. Check your prefered exit nodes at http://www.dnsbl.info/dnsbl-database-check.php If it is not listet, you can add a map address to your torrc: MapAddress smtp.provider.tld smtp.provider.tld.$6D3EE...(Fingerprint) The GPF keeps one exit node clean from DNSBL. The tor node gpfTOR3 is only listet at www.ahbl.org (impossible to remove it, because all nodes are listet). You can use this if you did not find an other. ATTENTION: It will decrease your privacy! Use only very well trusted nodes. (I did found an other solution for SMTP) Greetings Karsten N. *** To unsubscribe, send an e-mail to majord...@torproject.org with unsubscribe or-talkin the body. http://archives.seul.org/or/talk/
Re: Sent e-mails going into spam folders.
Am 09.02.2011 10:06, schrieb Karsten N.: (I did found an other solution for SMTP) Sorry - I did NOT found an other solution. :-( For webmail it is the same problem. Most webmail provider add the sender IP address to the mail header: Received: from 23.23.23.23 (SquirrelMail authenticated user medium) by mail.provider.tld with HTTP; Date: Fri, 14 May 2010 07:37:04 +0300 (EAT) If 23.23.23.23 was a tor node, some mail providers will set the spam flag if a DNSBL was used. May be, some mail providers does not add the sender IP address to the mail header? Google Mail does not add it. Any other? Greetings Karsten N. *** To unsubscribe, send an e-mail to majord...@torproject.org with unsubscribe or-talkin the body. http://archives.seul.org/or/talk/
Re: I wish to see one video on you tube - question about flash.
Hi, On 09.02.2011 09:13, Matthew wrote: I know that the Metasploit people have a script which checks the IP via Flash. But how common would it be for a commercial provider to do this? Would there be a way of finding out if YouTube of whatever are employing this technique? In this particular case, does it matter? However, can one actually view videos via Tor. Surely they demand too great a level of bandwith? There are several techniques to download videos from Youtube, so bandwidth doesn't matter that much if you can just wait. -- Moritz Bartl http://www.torservers.net/ *** To unsubscribe, send an e-mail to majord...@torproject.org with unsubscribe or-talkin the body. http://archives.seul.org/or/talk/
Re: Sent e-mails going into spam folders.
On 09.02.2011 10:18, Karsten N. wrote: May be, some mail providers does not add the sender IP address to the mail header? Google Mail does not add it. Any other? Set up your own on a server not running Tor and remove the lines yourself. I have documented the process for Postfix: http://moblog.wiredwings.com/archives/20100501/Remove-IPs-from-Outgoing-Mail-Postfix-SMTP.html My outgoing mails are passed over my small exit anonymizer1.torservers.net, my home IP cleansed, to my ISPs mail server (see my mail headers). I haven't had problems with mail delivery so far. -- Moritz Bartl http://www.torservers.net/ *** To unsubscribe, send an e-mail to majord...@torproject.org with unsubscribe or-talkin the body. http://archives.seul.org/or/talk/
Re: Sent e-mails going into spam folders.
On 09/02/2011 09:50, Moritz Bartl wrote: May be, some mail providers does not add the sender IP address to the mail header? Google Mail does not add it. Any other? Set up your own on a server not running Tor and remove the lines yourself. I have documented the process for Postfix: http://moblog.wiredwings.com/archives/20100501/Remove-IPs-from-Outgoing-Mail-Postfix-SMTP.html My outgoing mails are passed over my small exit anonymizer1.torservers.net, my home IP cleansed, to my ISPs mail server (see my mail headers). I haven't had problems with mail delivery so far. This is slightly going off on a tangent, but I wonder if any services like the following exist...? I'd like to set up an SMTP server as a hidden service to accept incoming email. It would need a gateway from the Internet though. So if somebody on the Internet emailed: usern...@myhiddenservice.example.com A machine on the Internet would accept that email and forward it on over Tor to: username@myhiddenservice.onion It would be trivial to set up such a gateway. Just set up a wildcard MX record on *.example.com, and configure up an MTA. Just wondering if it has been done though? -- Mike Cardwell https://grepular.com/ https://twitter.com/mickeyc Professional http://cardwellit.com/ http://linkedin.com/in/mikecardwell PGP.mit.edu 0018461F/35BC AF1D 3AA2 1F84 3DC3 B0CF 70A5 F512 0018 461F signature.asc Description: OpenPGP digital signature
Re: Sent e-mails going into spam folders.
On Wed, 09 Feb 2011 10:18 +0100, Karsten N. tor-ad...@privacyfoundation.de wrote: Am 09.02.2011 10:06, schrieb Karsten N.: (I did found an other solution for SMTP) Sorry - I did NOT found an other solution. :-( For webmail it is the same problem. Most webmail provider add the sender IP address to the mail header: Received: from 23.23.23.23 (SquirrelMail authenticated user medium) by mail.provider.tld with HTTP; Date: Fri, 14 May 2010 07:37:04 +0300 (EAT) If 23.23.23.23 was a tor node, some mail providers will set the spam flag if a DNSBL was used. May be, some mail providers does not add the sender IP address to the mail header? Google Mail does not add it. Any other? Fastmail, maybe Gawab.com GD -- http://www.fastmail.fm - Same, same, but different... *** To unsubscribe, send an e-mail to majord...@torproject.org with unsubscribe or-talkin the body. http://archives.seul.org/or/talk/
Re: Design Change Causing More Traffic?
Thus spake Jim (jimmy...@copper.net): I am on dialup and so I am very sensitive to the amount of traffic overhead in the operation of Tor. Lately that seems to have increased significantly. Assuming I am not just imagining it (I have no objective measurements to back this up) is this just because of the build-out of the network or has then there been a design change that would cause this? I've just realized that this could be more people adopting the Reduced Exit Policy, which takes up a ton more space in the Tor router directory than does the Default Exit Policy: https://trac.torproject.org/projects/tor/wiki/TheOnionRouter/ReducedExitPolicy I bet Karsten could tell us for sure, using the descriptor archive set. We need to standardize a more succinct way to represent this policy, once we converge on a set of ports that we like for it. Either that, or create a way to represent the policy in the consensus just once, and have nodes declare their conformity to that policy by only specifying the token for it from the consensus... -- Mike Perry Mad Computer Scientist fscked.org evil labs pgpKyWf7NgC3f.pgp Description: PGP signature
Re: Is gatereloaded a Bad Exit?
On Mon, 31 Jan 2011 11:09:51 +0100 Olaf Selke olaf.se...@blutmagie.de wrote: On 31.01.2011 10:52, morphium wrote: As I stated above, it's not a good idea to BadExit them, because it puts more load on the servers, that DO support https i.e. - and makes them slower. I disagree Morphium's position mainly for the same reasons Mike and Jake already pointed out. If the operators really care about their nodes they'll certainly contact Tor admins. Damaging Tor's reputation in the public due to exit sniffing imo is much more worse than loosing some bandwidth. I think Mike's and Jake's implied claims of clairvoyance regarding an exit node operator's intentions in writing the exit policy for his/her node call for some supporting evidence. Instead, one of them has already admitted that they have no evidence because they have no way to detect any. And I don't see ANY point in BadExit'ing 5 random Nodes, suggesting that no one could capture your unencrypted traffic now. those five high bandwidth nodes with suspicious exit policies haven't been chosen randomly. Olaf, you run four high-capacity exit nodes, each of which allows unencrypted exits. You have a longstanding capacity record, so it wouldn't be random at all to choose to flag your nodes as bad exits; rather, it would simply be recognizing that you have the ability to sniff a significant portion of all unencrypted exit traffic. To avoid having your four nodes flagged as bad exits, perhaps you should block port 80 and all the thousands of other ports that are usually unencrypted. Now, you might point out that Mike's criterion for avoiding BadExit flagging is that you can continue to do your sniffing of unencrypted exit traffic, provided you also allow encrypted exits on a handful of ports. This is all silliness. The tor project until very lately has always promoted end user understanding and responsibility. Now the project *appears* to be undergoing a major philosophical change toward nannying the tor user community, a direction I find very unappealing, to say the least. Horrifying might be a more appropriate word. Scott Bennett, Comm. ASMELG, CFIAG ** * Internet: bennett at cs.niu.edu * ** * A well regulated and disciplined militia, is at all times a good * * objection to the introduction of that bane of all free governments * * -- a standing army. * *-- Gov. John Hancock, New York Journal, 28 January 1790 * ** *** To unsubscribe, send an e-mail to majord...@torproject.org with unsubscribe or-talkin the body. http://archives.seul.org/or/talk/
Re: Is gatereloaded a Bad Exit?
On Mon, 31 Jan 2011 11:17:27 +0100 morphium morph...@morphium.info wrote: 2011/1/31 Olaf Selke olaf.se...@blutmagie.de: I disagree Morphium's position mainly for the same reasons Mike and Jake already pointed out. If the operators really care about their nodes they'll certainly contact Tor admins. Damaging Tor's reputation in the public due to exit sniffing imo is much more worse than loosing some bandwidth. Sniffing is worse than loosing bandwidth, right. But sniffing still occurs, we just don't know where. And we can't tell wether they did. I think concluding only 80: he is sniffing is wrong (and even would be 80 and 443: he is a good guy). And if those nodes really are ran by the bad guys, I don't think it's a problem for them now to setup a new node on a new subnet that allows their old ports + 443 and continue sniffing. Exactly, on all points. I can not see the Tor project won _anything_ with this decision. Well, they've made clear that they know what's good for exit operators better than those exit operators do. Perhaps they should arrange ISP choices, contracts, and bill payment methods for those exit operators next? Scott Bennett, Comm. ASMELG, CFIAG ** * Internet: bennett at cs.niu.edu * ** * A well regulated and disciplined militia, is at all times a good * * objection to the introduction of that bane of all free governments * * -- a standing army. * *-- Gov. John Hancock, New York Journal, 28 January 1790 * ** *** To unsubscribe, send an e-mail to majord...@torproject.org with unsubscribe or-talkin the body. http://archives.seul.org/or/talk/
Re: Is gatereloaded a Bad Exit?
On Sat, 29 Jan 2011 23:23:55 -0800 Mike Perry mikepe...@fscked.org wrote: Thus spake Eddie Cornejo (corn...@gmail.com): I believe that allowing these nodes sends a message that we are OK with people monitoring plaintext traffic, because it is anonymized. We have never been OK with this. =20 Ok, I accept that this might send a message to 50ish nodes (if you ban all 50+) but if someone was so inclined they could still do this by allowing encrypted traffic and throttling it/blocking it outside of TOR (transparent proxy perhaps?) I predict this is worse as the user client will believe node A will honestly relay encrypted traffic and will select it on this basis, only to find their connection is slow or doesn't fully connect. Admitedly, this won't be a huge problem unless a good number of nodes started doing this. We can detect nodes that fail encrypted connections. We currently scan for failure of port 443. We also detect throttling by virtue of our bw authorities measuring using 443. 443 is the second-most trafficed port by byte on the Tor network, occupying only ~1% of the traffic. If stingy exit nodes really want to And port 80 is the highest-traffic port. Exits to port 80 allow unencrypted access to webmail sites with user ids and passwords transmitted in the clear. Using your argument, all nodes allowing exits to port 80 that do not eliminate all webmail sites by way of their exit policies should be flagged as BadExit. That would certainly be a strange way to put tor into the dustbin of computer history, but it would indeed accomplish that. waste hours to pinch pennies from their malicious exit policy, they gatereloaded is among the top 60 nodes in the network by traffic capacity and is unlikely therefore to be pinching pennies on it. It is a valuable entry and middle node. If the operator wishes to offer in addition some exit services for a handful of ports that are unlikely to trigger problems from the operator's ISP, that is merely added gravy for tor users. can try crafting a throttling policy that we can't detect. Seems like there are better ways to spend their time. Like reading other people's email. So no, I'm not terribly concerned about second-order effects of this. People use plaintext at their own risk, and yes, they should know better, but this does NOT mean that we are comfortable feeding them to the wolves. =20 My argument is that you're not identifying wolves. If you were serious about identifying wolves then could I suggest you create some dummy accounts, send your password through all exit nodes individually and see which of your accounts are accessed. This would positively identify wolves. All you're achieving by soley looking at exit policies is identifying things that may or may not be wolves and ignoring the larger body of exit nodes that may or may not include wolves. I submit your testing is flawed. We're not trying to identify wolves. We are sending a message to the community. =20 If said exits are really interested in helping, they should alter their exit policy to allow encryption and then rekey. They will be banned by identity key, not by IP. Rekeying without fixing the exit policy will just result in IP bans. =20 I'm not sure I'm comfortable with dictating how an exit nodes exitpolicy should be defined. Each policy should be up to the exit node owner to decide. Just my 2c I second that discomfort. I further note that the tor project team has repeatedly claimed that there is an ongoing shortage of exit nodes, although it has not often noted for which ports there is a shortage. One of the selling points for potential exit operators is that the exit operator can set an exit policy of his/her choice. The ability to do that means the operator can evaluate his/her own situation vis-a-vis his/her ISP, data rate capacity, etc. and decide upon a policy that will not cause him/her a level of grief unacceptable to him/her. Not really. In reality, it's up to those who write the code to decide what is available and how it works ;). Welcome to The Golden Path. At some point, we intend to shrink exit policies further as Tor scales to more decentralized schemes. Those exit policies will likely be represented as bits representing subsets of ports. When that time comes, we will very likely combine encrypted and unencrypted versions of ports together, removing this option entirely. Here you threaten that the tor project would someday severely reduce the control that an exit operator would have over his/her node. How would such a reduction help to entice more people to run exit nodes? How would such a reduction not cause at least some existing exit operators to stop offering exit services because they could no longer set an exit policy that they found acceptable in their circumstances? Scott Bennett, Comm. ASMELG, CFIAG
