-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Hi all. i just wanted to give some updates regarding my router cave
and experiences so far with running a Tor exit on my Qwest home DSL
internet.
Where we last left off, i had gotten permission from a Qwest
representative to continue to run a Tor
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
well, i think i have good news. although the rep from EFF said that my
internet agreement could be construed to at least cause [me] problems
with retaining [my] service, if not to win a lawsuit against [me] i
decided to respond to Qwest's response
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
when i receive update for Tor in the update manager, update-manager, i
see, This change is not coming from a source that supports changelogs.
down in the lower pane when i expand Description of update
-BEGIN PGP SIGNATURE-
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Runa Sandvik @ 03/13/2010 01:49 AM:
On Sat, Mar 13, 2010 at 5:01 AM, scar s...@drigon.com wrote:
no repository yet?
Sure, there is a repository for Ubuntu 9.10. I suggest that you take a
look at https://www.torproject.org/docs/debian.html.en
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
no repository yet?
-BEGIN PGP SIGNATURE-
iEYEAREIAAYFAkubDhgACgkQXhfCJNu98qBrvQCgrcTWwsMzS+0R0/WDAJLRnSPi
yeMAni3nOcQI3pnPk/dQ4l42BGkzEDIM
=kMhb
-END PGP SIGNATURE-
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Mike Perry @ 01/28/2010 02:04 PM:
After all, in normal operation, your history leaks one fuckload of a
lot of bits. And that's a technical term. Sensitive ones too, like
what diseases and genetic conditions you may have (via Google Health
url
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
thanks for the suggestions, 7v5w7go9ub0o.
i also read through [1] and am trying out the LinkStatus add-on[2].
it seems to work, and is kind of useful in that it tells me in the
status bar the time i last visited a link.
1.
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Praedor Atrebates @ 11/20/2008 01:08 PM:
[snip]
Why does running tor suddenly cause me to be unable to connect to freenode?
I
am NOT running a torified irc client.
if you have tor configured as an exit node on the same IP address, then
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
scar @ 11/23/2008 11:45 PM:
Praedor Atrebates @ 11/20/2008 01:08 PM:
[snip]
Why does running tor suddenly cause me to be unable to connect to freenode?
I
am NOT running a torified irc client.
if you have tor configured as an exit node
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Luis Maceira @ 2008/10/23 13:54:
The steps to configure Filezilla 3.x to use Tor in
http://www.torproject.org Toryfing apps...
seem not correct as I can't find under Settings... the Generic Proxy to
point to 127.0.0.1
port 9050.Only an ftp
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
misc @ 2008/10/21 08:21:
I have a real problem downloading public keys of Hushmail users. I don't
want to install java, which is required to download their keys through the
browser. They don't propagate their keys to public HKP servers (which I
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
misc @ 2008/10/20 19:48:
Is it possible to run GnuPG through Tor? (when connecting to LDAP and HKP
servers to exchange keys)?
LDAP: no, i don't think. HKP: yes, as that is just HTTP (or something).
just define your http_proxy and https_proxy
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
from what i understand, Torbutton should take care of this. make sure
all of the crucial (or critical ... can't remember) settings are
activated inside Torbutton. then, if your IM doesn't work, torbutton is
doing its job. if your IM is working
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Grant Heller @ 2008/08/21 23:41:
On 8/21/08, *John Mosgrove* [EMAIL PROTECTED]
mailto:[EMAIL PROTECTED] wrote:
[snip]
I'm sure that yahoo is hardly a 'safe' place to email
from/to, do you recommend any other potentially less compromise
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Jonathan Addington @ 2008/08/09 13:22:
This is also on the Gmail blog, which notes that going to
https://mail.google.com always had the same effect. (At least
hopefully!)
it did not have the same effect, unfortunately. ;) perhaps they are
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
[EMAIL PROTECTED] @ 2008/08/05 07:24:
So the profilers feed the
spammers? :-)
what's with the happy face? you get a kick out of this, playing detective?
most of us already assume this is happening. we don't need your statistics.
as is said in
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Scott Bennett @ 2008/07/22 23:21:
On Tue, 22 Jul 2008 14:02:10 +0200 Ansgar Wiechers [EMAIL PROTECTED]
wrote:
On 2008-07-21 Scott Bennett wrote:
On Tue, 22 Jul 2008 05:24:22 +0200 =?UTF-8?Q?Tom=C3=A1s_Arribas?=
[EMAIL PROTECTED]
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
[EMAIL PROTECTED] @ 2008/07/17 09:03:
Dominik Schaefer:
[EMAIL PROTECTED] schrieb:
Can you explain what the threat scenario is for what I'm doing?
One possible issue comes to my mind here. You mentioned, you delete
your logs after 24h (after
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Ringo Kamens @ 2008/07/05 15:06:
Dawney Smith wrote:
Hello,
Are there any figures on how much bandwidth an idle tor client uses just
to tick over? Ie, when it's not actually being used. Also, are there any
configuration parameters that can be
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
See [1] and especially [2] and [3] (which also apply to Thunderbird).
1. http://support.mozilla.com/kb/Firefox+makes+unrequested+connections
2.
http://support.mozilla.com/kb/Firefox+makes+unrequested+connections#Link_prefetching
3.
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
F. Fox @ 2008/06/26 02:39:
7v5w7go9ub0o wrote:
(snip)
This actually creates another question (not to be argumentative :-) ).
Given that there is no exit node, would an OnionCat to OnionCat
connection over TOR need to be encrypted? Is it
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
[EMAIL PROTECTED] @ 2008/06/12 21:22:
Hi,
How does one search the
archives, via. some google trick?
yes. you can use site:archives.seul.org/or/talk search terms
-BEGIN PGP SIGNATURE-
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Robert Hogan @ 2008/06/11 18:48:
On Wednesday 11 June 2008 06:17:38 Roger Dingledine wrote:
snip
He may also be referring to attacks where a local application (like the
browser, but it doesn't have to be) can be tricked into connecting to
your
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
defcon @ 2008/06/06 02:20:
for http connections im worried about cookie sidejacking as well since
some sites only authenticate via https and set a cookie, what can we do
in this regard?
there's nothing to do in this case either. you have to
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
when i click on the history menu, my history is displayed, even though
block history reads during tor is checked. before, with 1.1.17, i am
pretty sure, the history menu would come up blank. is this ok? thx.
-BEGIN PGP SIGNATURE-
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Dave Page @ 2008/04/18 06:19:
On Fri, Apr 18, 2008 at 03:11:52PM +0200, Hans Schnehl wrote:
I was told in the UK you are obliged to deliver your private gpg/pgp
keys to the authorities as soon as you use one of these programs for
yourself.
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
does anyone know what's happened to wikileaks.org?
https://secure.wikileaks.org has usually worked, but i cannot even
access the service using any of the 15-20 other cover names i've
bookmarked nor the tor hidden service each request just times
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Paul Gigg @ 2008/04/15 06:13:
Hi
Got to Wikileaks with this link
http://88.80.13.160/wiki/Wikileaks
and that doesn't even work, at the moment.
so, even the many different wikileaks servers and hostnames around the
world cannot hold up to
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Bill Weiss @ 2008/03/06 17:42:
Better Gmail 2 [1] claims to force SSL on all gmail connections. I
haven't tested it to verify that it is correct.
Sorry, no general-case solution, just some help for the Gmail users :)
[1]
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
defcon @ 2008/03/02 19:02:
| What is a good way to enforce a good cookie policy
| for firefox?
this was discussed a bit not too long ago.[1] check that thread for
some useful links as well.
i learned that cookies have a security attribute which
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Chris Palmer @ 2008/03/05 17:05:
| scar writes:
|
| i also learned, that by using a cookie editor, you cannot force a cookie
| to be sent over an encrypted connection.
|
| Which cookie editor(s) did you try? I use Add 'n' Edit Cookies, a Firefox
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Chris Palmer @ 2008/03/02 14:15:
| defcon writes:
|
| I have been using tor for a while now, and I absolutely love it, although
| the only thing keeping me from using it, is the insecurities of the exit
| nodes. I know to truly stay anonymous you
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
like others have said, scroogle ssl is probably the way to go. however,
it doesn't seem to handle special google queries yet (like define:foo
or convert 1 gram to lbs, etc.). so, if you must use google (see
below)
Roger Dingledine @ 2008/02/08
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
something for the EFF to consider?
The U.S. Congress is funding a modest assault on the great firewall of China.
The newly approved budget for the U.S. State Department includes $15 million
for developing “anti-censorship tools and services”
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
accept no limits @ 2008/01/03 12:41:
shinjiru explicitly allows anonymous hosting.
how does anonymous money transfer work in this case?
I got this question in personal mails after my posting, too.
yes this is a rather useful topic.
So
when using IRC over Tor, very often my ident is munged into that string. once
is understandable. the peculiar part is how, if i change Tor circuits (exit
node also) and reconnect, i'm connected with that same ident. it's not
constrained to just one IRC network either: it appears to happen
[EMAIL PROTECTED] @ 2007/10/03 16:19:
Have more people experienced this bug, or am I the only one experiencing
this?
i have experienced this also on my windows xp box. i think it's an issue with
vidalia. for me, it has been occurring for a few versions of vidalia now.
i've never had tor
coderman @ 2007/09/10 18:16:
0. Web sites may transmit authentication tokens unencrypted
http://www.kb.cert.org/vuls/id/466433
... still no progress, with the companies in question dragging their
feet...
1. World's biggest websites no match for decade-old web bug
coderman @ 2007/06/21 11:33:
On 6/21/07, scar [EMAIL PROTECTED] wrote:
...
it seems to me that many addons which are downloaded
from https://addons.mozilla.org/ use different, non-https,
addresses to check for and download updates.
the problem exists when non https is used for updates. any
Arrakis @ 2007/07/26 22:39:
The question is if the stand-alone player, just like regular flash
player, phones home without regard to your proxy settings.
if that's the only concern, then one need only an open-source flash .swf
player. such a thing exist? or perhaps a firefox plugin that
OK, we all know the threats of watching flash .swf in the browser. but, what
about downloading the .swf via Tor and watching it in a stand-alone player? no
more threat to anonymity, or not? thanks.
signature.asc
Description: OpenPGP digital signature
after anonymously replying to a thread in the mozillazine forums (that is to
say, i was not logged in, cookies and javascript disabled also), i found my
post to be registered to a user as if it was posted by that user. i was also
logged in with this user's credentials and could view their
coderman @ 2007/05/30 00:00:
it would be trivial for a rogue exit to use this technique. public
wifi users should also take note.
check your firefox extensions!
http://paranoia.dubfire.net/2007/05/remote-vulnerability-in-firefox.html
A vulnerability exists in the upgrade mechanism
Benjamin Schieder @ 2007/06/21 10:03:
On 21.06.2007 05:11:24, JT wrote:
On Wed, 20 Jun 2007 17:09:22 +0200, Benjamin Schieder [EMAIL PROTECTED]
said:
I just put out ROCKate 0.4.0.0.
Could you include truecrypt in the next version ?
I already thought about encryption. I plan to use it for
Przemyslaw Orzechowski @ 2007/06/13 12:46:
Ok first i will attempt to translatie the complete error message:
Event type: Error
Event source: Service Control Manager
Event category:None
Event Id:7023
Date: 2007-06-10
Time:13:12:46
User: None
just to be clear, that path to executable should be:
C:\Program Files\Tor\tor.exe --nt-service
sorry if the extra quotes were confusing
signature.asc
Description: OpenPGP digital signature
Roger Dingledine @ 2007/05/31 15:35:
On Thu, May 31, 2007 at 03:32:37PM -0700, scar wrote:
while Tor is still able to build circuits, it doesn't seem to be
able to download updated lists of routers. then, after several days,
there is no way for Tor to build circuits. is this related
i am getting this message on the same system which uses the
__AllDirActionsPrivate, that is, WinXP now running the 0.1.2.14 version of Tor.
it shows every minute:
[Info] update_networkstatus_client_downloads(): Our most recent network-status
document (from nobody) is 1180650256 seconds old;
scar @ 2007/05/05 00:53:
i seem to be having trouble with this. i am using 0.1.2.13-win32.
if i first start tor without __alldiractionsprivate, everything works as
expected. then i add __alldiractionsprivate to torrc and reload. i have it
running on a laptop that gets shut off
i seem to be having trouble with this. i am using 0.1.2.13-win32.
if i first start tor without __alldiractionsprivate, everything works as
expected. then i add __alldiractionsprivate to torrc and reload. i have it
running on a laptop that gets shut off frequently, but it gets access to the
reading this has caused me to question my setting __AllDirActionsPrivate, and i
see this option is not even in the man page. should i be using HttpProxy, or
some other setting? or, is __AllDirActionsPrivate still valid? using
0.1.2.12-rc. thanks.
signature.asc
Description: OpenPGP
norvid @ 2007/04/05 17:18:
On 4/5/07, James Muir [EMAIL PROTECTED] wrote:
norvid wrote:
On 4/5/07, James Muir [EMAIL PROTECTED] wrote:
norvid wrote:
snip
I've heard that properly configuring a firewall can be tricky. In any
case, using a firewall still doesn't protect from Java
52 matches
Mail list logo