Re: Uzbl browser
On Tue, July 21, 2009 16:44, Jon Cosby wrote: > What's this about "selective killing?" I don't find any mention of it in > the TorButton preferences, or on google for that matter. quotes are mine, I still haven't a short description for it. TorButton only kills certain types of dangerous javascript functions but not others which should be completely safe for your anonymity, this way you can still browse web sites with a minimum of usability: web2.0 thing is quite harsh when browsed with js completely off ;-) ciao -- Marco Bonetti BT3 EeePC enhancing module: http://sid77.slackware.it/bt3/ Slackintosh Linux Project Developer: http://workaround.ch/ Linux-live for powerpc: http://workaround.ch/pub/rsync/mb/linux-live/ My GnuPG key id: 0x86A91047
Re: Uzbl browser
On Tue, 2009-07-21 at 10:55 +0200, Marco Bonetti wrote: > Uzbl looks like a nice browser but I don't think it will be good for Tor > usage: anonymous surfing is not just a matter of enabling a proxy setting. > The user has to secure the code which arrives to his browser, either > turning javascript completely off or using TorButton "selective killing", > then he has to look for those html tags which could do nasty things like > opening side channels and when he thinks it's all over he should start > looking at which informations he send to the web server, in order to blend > in the crowd, either stripping them off or changing his settings > accordingly (like the user agent or the program's window size). What's this about "selective killing?" I don't find any mention of it in the TorButton preferences, or on google for that matter. Jon
Re: Re: My tor exit node is STILL gone from the node list
> >However, as I see, your problem's already fixed? > Actually, it was Alexandru reporting the problem, not I, but it's not > obvious that it is fixed. kyirong2 has been missing from the consensus > for quite a few hours now. I don't know whether that means he is trying > different Xen tricks, is working with his ISP, or some other possibility > that would leave his node down or unreachable for now. I didn't change anything. The node is "up", eg. moria flags it as "Running", but as you said it disappeared from the concensus again shortly after being reported up. I can traceroute the main server (.106), but not the dom0 (.109). I will contact my ISP now with that information. -- Alexandru -- - www.posta.ro - Romanias first free webmail since 1998! _ - powered by www.posta.ro
Re: Tor Exit Node Notice
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 thus Alexandru Cezar spake: | Hi Timo, | |> besides the routing stuff I saw that on the mentioned IP (see above) |> there's a nice disclaimer-like website that impresses me. I'm still not |> sure whether to pimp my node to be an exit node or not (due to the |> supressing that happens here in Germany). However, this suits me well. |> Is this a usual practice for TOR admins, and if yes, is there a |> multilingual approach? | | I basically got it from | https://tor-svn.freehaven.net/svn/tor/trunk/contrib/tor-exit-notice.html | and slightly modified the template. Feel free to use it. Thanks. :) | I don't know of any multilingual approaches, but I guess it would be nice | to have that. I could provide a germany template soon, but I have to look up the proper legal stuff (which is different in Germany). However, there's a law here (Grundgesetz, Paragraph 13) which states that it *should* not be too easy to enter your private rooms (flat, appartment, house, whatever) without having *serious* reasons for doing so. I don't see how running an exit node could endanger other persons lives (which is stated as an example for being 'serious'). IANAL, though... Timo | -- | Alexandru -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.5 (GNU/Linux) Comment: Using GnuPG with CentOS - http://enigmail.mozdev.org iD8DBQFKZY3qfg746kcGBOwRAifJAJ9nfOH3UzimT/19aXiL6hUjHRQuogCcC8hC mMMazwvuwZiG+/Y+whhbOMs= =8JIY -END PGP SIGNATURE-
Tor Exit Node Notice (was: Re: Re: My tor exit node is STILL gone from the node list)
Hi Timo, > besides the routing stuff I saw that on the mentioned IP (see above) > there's a nice disclaimer-like website that impresses me. I'm still not > sure whether to pimp my node to be an exit node or not (due to the > supressing that happens here in Germany). However, this suits me well. > Is this a usual practice for TOR admins, and if yes, is there a > multilingual approach? I basically got it from https://tor-svn.freehaven.net/svn/tor/trunk/contrib/tor-exit-notice.html and slightly modified the template. Feel free to use it. I don't know of any multilingual approaches, but I guess it would be nice to have that. -- Alexandru -- - www.posta.ro - Romanias first free webmail since 1998! _ - powered by www.posta.ro
Re: Uzbl browser
Uzbl looks like a nice browser but I don't think it will be good for Tor usage: anonymous surfing is not just a matter of enabling a proxy setting. The user has to secure the code which arrives to his browser, either turning javascript completely off or using TorButton "selective killing", then he has to look for those html tags which could do nasty things like opening side channels and when he thinks it's all over he should start looking at which informations he send to the web server, in order to blend in the crowd, either stripping them off or changing his settings accordingly (like the user agent or the program's window size). I admit, however, that perception of "good anonymity" is quite personal, so I think it's ok if the user will surf with a new browser while being conscious of the related problems, or, maybe, it will be cool if someone will start developing TorButton features into other browsers as well ;-) ciao -- Marco Bonetti BT3 EeePC enhancing module: http://sid77.slackware.it/bt3/ Slackintosh Linux Project Developer: http://workaround.ch/ Linux-live for powerpc: http://workaround.ch/pub/rsync/mb/linux-live/ My GnuPG key id: 0x86A91047
Re: My tor exit node is STILL gone from the node list
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 thus Scott Bennett spake: | On Tue, 21 Jul 2009 08:41:46 +0200 Timo Schoeler | wrote: |> thus Scott Bennett spake: | Actually, no, I didn't, but I did write :-) : |> | On Tue, 21 Jul 2009 00:03:10 +0300 "Alexandru Cezar" |> | wrote: |> |>> Best of luck getting your provider to straighten out the routing. |> |> I have limited experience in running servers. From what I found out, |> my Xen dom0 is traceable |> |> (89.248.169.106), while the virtual host running TOR is not |> (89.248.169.109, vif-bridge). I can |> |> still access the web server running on 109 though. |> |> Is this a Xen misconfiguration? I can't think of anything that I have |> changed. |> |> |> | I've never worked with Xen, so I can't answer that. However, it is |> | certainly possible to misconfigure other virtualization environments in |> | ways that would probably cause those symptoms. OTOH, it strikes me as |> | more likely that the host system's packet filtering/redirection/NAT |> software |> | may be misconfigured. Xen doesn't yet run on the BSDs, AFAIK, so I'll |> guess |> | that it's running on a LINUX system of some flavor, so iptables is |> probably |> | the filtering package. Beyond that, I can't tell you much. Some of the |> | LINUX users on this list ought to be able to give you some help in |> figuring |> | out whether the problem is with Xen or with the host system. |> | |> | |> | Scott Bennett, Comm. ASMELG, CFIAG |> |> hi, |> |> a vif-bridge in Xen does, what it's name says: It bridges. So when your |> domU has a 'proper' (plain standard seen from within the domU itself) IP |> setup, there's no difference to a bare metal host. |> |> However, as I see, your problem's already fixed? |> | Actually, it was Alexandru reporting the problem, not I, I know; sorry for my misleading eMail. I was responding to the thoughts WRT Xen. | but it's not | obvious that it is fixed. kyirong2 has been missing from the consensus | for quite a few hours now. I don't know whether that means he is trying | different Xen tricks, is working with his ISP, or some other possibility | that would leave his node down or unreachable for now. I came across the web page on the machine after I scanned it, to be honest. The results from this scan show a 'healthy' node regarding its network configuration (except one little thing that I will tell the TS), so it might be a routing issue (ISP) or an application problem. Best, Timo | Scott Bennett, Comm. ASMELG, CFIAG -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.5 (GNU/Linux) Comment: Using GnuPG with CentOS - http://enigmail.mozdev.org iD8DBQFKZXolfg746kcGBOwRAusqAJ9QpPp92OX8752nd3b12KZHW/8eiwCfUhO5 5lB8KIOFbfvYW/q7E27Eui4= =oLl/ -END PGP SIGNATURE-
Re: My tor exit node is STILL gone from the node list
On Tue, 21 Jul 2009 08:41:46 +0200 Timo Schoeler wrote: >thus Scott Bennett spake: Actually, no, I didn't, but I did write :-) : >| On Tue, 21 Jul 2009 00:03:10 +0300 "Alexandru Cezar" >| wrote: >|>> Best of luck getting your provider to straighten out the routing. >|> I have limited experience in running servers. From what I found out, >my Xen dom0 is traceable >|> (89.248.169.106), while the virtual host running TOR is not >(89.248.169.109, vif-bridge). I can >|> still access the web server running on 109 though. >|> Is this a Xen misconfiguration? I can't think of anything that I have >changed. >|> >| I've never worked with Xen, so I can't answer that. However, it is >| certainly possible to misconfigure other virtualization environments in >| ways that would probably cause those symptoms. OTOH, it strikes me as >| more likely that the host system's packet filtering/redirection/NAT >software >| may be misconfigured. Xen doesn't yet run on the BSDs, AFAIK, so I'll >guess >| that it's running on a LINUX system of some flavor, so iptables is >probably >| the filtering package. Beyond that, I can't tell you much. Some of the >| LINUX users on this list ought to be able to give you some help in >figuring >| out whether the problem is with Xen or with the host system. >| >| >| Scott Bennett, Comm. ASMELG, CFIAG > >hi, > >a vif-bridge in Xen does, what it's name says: It bridges. So when your >domU has a 'proper' (plain standard seen from within the domU itself) IP >setup, there's no difference to a bare metal host. > >However, as I see, your problem's already fixed? > Actually, it was Alexandru reporting the problem, not I, but it's not obvious that it is fixed. kyirong2 has been missing from the consensus for quite a few hours now. I don't know whether that means he is trying different Xen tricks, is working with his ISP, or some other possibility that would leave his node down or unreachable for now. Scott Bennett, Comm. ASMELG, CFIAG ** * Internet: bennett at cs.niu.edu * ** * "A well regulated and disciplined militia, is at all times a good * * objection to the introduction of that bane of all free governments * * -- a standing army." * *-- Gov. John Hancock, New York Journal, 28 January 1790 * **
Re: My tor exit node is STILL gone from the node list
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 thus Alexandru Cezar spake: | Hi list, | | I am still struggling to get my server back on the list of Tor nodes. For several months it | was among the top 5 nodes, pumping 15TB a month. I am paying a lot of money for that machine, | and I don't see why it just doesn't work any more. | | Let me reiterate what's happening: Since April, the node disappears from the node list after a | few hours of running. I have tried to change exit policies, node name, node keys, ports and IP | (within the same subnet). After the IP change the node was listed (and used) for several hours | before it vanished. There's nothing about in the log file. | | It seems as if the node is unreachable from some of the authority servers, but I have no idea | what to do about that. My ISP says that routing is fine and everything should work as | expected. I don't understand why the node stays listed for a few hours before disappearing. | Can someone please help me get this >100EUR/mnth node up again? | | Information about the node: | | Current IP 89.248.169.109 (previously 89.248.169.108) | Nickname kyirong2 (previously kyirong) | Fingerprint D3EB 3132 99A0 082A 4A4E 10E0 EB75 8E4F 0163 F4F0 | (Old fp: A8BD 32A9 C2F2 0C4F 8ED2 C26C E477 0A24 85E3 CD22) | | Tor 0.2.1.17-rc Debian | DirPort 80, ORPort 8080 | | | -- | Alexandru Hi again, besides the routing stuff I saw that on the mentioned IP (see above) there's a nice disclaimer-like website that impresses me. I'm still not sure whether to pimp my node to be an exit node or not (due to the supressing that happens here in Germany). However, this suits me well. Is this a usual practice for TOR admins, and if yes, is there a multilingual approach? Best, Timo -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.5 (GNU/Linux) Comment: Using GnuPG with CentOS - http://enigmail.mozdev.org iD8DBQFKZWkwfg746kcGBOwRAlwMAJ0XgV8rkGMq+5r4pc8yO+KI/RsMdwCguzb1 fErXJrwX3tlaUXGvtqlcr1Y= =z1Ji -END PGP SIGNATURE-