Re: Active Attacks - Already in Progress?
I don't take issue with these particular nodes, nor the method in which they are multiplied. What concerns me is that any single entity (person/organization) is capable of convincing my Tor client to use it in the majority of circuits I build. The clusters I pointed out before have been vouched for by the community, and that's fine, let's assume they're not evil. But the fact remains that nobody - good or evil - should be capable of making themselves a party in my circuit with such reliability. -- Theodore Bagwell torus...@imap.cc On Thu, 25 Nov 2010 14:46 +0100, Olaf Selke olaf.se...@blutmagie.de wrote: On 25.11.2010 08:17, Damian Johnson wrote: The reason the operators of the largest tor relays (Blutmagie, TorServers, and Amunet) operate multiple instance is because this is the best way in practice for utilizing large connections. yep, all four blutmagie nodes are running on a single quad core cpu. The Tor application doesn't scale very well with the number of cores. Thus starting multiple instances on a single piece of hardware is the cheapest option to make use of a gigabit uplink. Olaf *** To unsubscribe, send an e-mail to majord...@torproject.org with unsubscribe or-talkin the body. http://archives.seul.org/or/talk/ -- http://www.fastmail.fm - Email service worth paying for. Try it for free *** To unsubscribe, send an e-mail to majord...@torproject.org with unsubscribe or-talkin the body. http://archives.seul.org/or/talk/
Re: Tor 0.2.2.19-alpha is out
Can I please clarify something. The latest stable release for Windows and Ubuntu is called 0.2.1.27. My version for Ubuntu is 0.2.1.26. If one has placed the correct commands in one's /etc/apt/sources.list as detailed here (https://www.torproject.org/docs/debian.html.en) then why is it that Synpaptic Package Manager has not asked me if I want to download 0.2.1.27? I have also just done sudo apt-get upgrade and sudo apt-get update and still I am using 0.2.1.26. I see that you can manually download and install the 0.2.1.27 with the tarball but here (https://www.torproject.org/docs/tor-doc-unix.html.en) the page says to use the sources.list option if one is using Ubuntu. I am curious how to get 0.2.1.27 in the preferred way when using Ubuntu. Thanks! On 25/11/10 23:41, Roger Dingledine wrote: Yet another OpenSSL security patch broke its compatibility with Tor: Tor 0.2.2.19-alpha makes relays work with OpenSSL 0.9.8p and 1.0.0.b. https://www.torproject.org/download/download Changes in version 0.2.2.19-alpha - 2010-11-21 o Major bugfixes: - Resolve an incompatibility with openssl 0.9.8p and openssl 1.0.0b: No longer set the tlsext_host_name extension on server SSL objects; but continue to set it on client SSL objects. Our goal in setting it was to imitate a browser, not a vhosting server. Fixes bug 2204; bugfix on 0.2.1.1-alpha. o Minor bugfixes: - Try harder not to exceed the maximum length of 50 KB when writing statistics to extra-info descriptors. This bug was triggered by very fast relays reporting exit-port, entry, and dirreq statistics. Reported by Olaf Selke. Bugfix on 0.2.2.1-alpha. Fixes bug 2183. - Publish a router descriptor even if generating an extra-info descriptor fails. Previously we would not publish a router descriptor without an extra-info descriptor; this can cause fast exit relays collecting exit-port statistics to drop from the consensus. Bugfix on 0.1.2.9-rc; fixes bug 2195.
Re: glibc Errors for TBB 1.0.17
On Sat, 27 Nov 2010 21:51:00 +1000 cgp3cg cgp...@gmail.com wrote: Just upgraded from Tor Browser Bundle 1.0.14 to 1.0.17 for Linux i686, running on Debian lenny/5.0.6. Getting glibc errors: Launching Tor Browser Bundle for Linux in /path/to/tor-browser_en-US ./App/vidalia: /lib/i686/cmov/libc.so.6: version `GLIBC_2.9' not found (required by /path/to/tor-browser_en-US/Lib/libQtGui.so.4) ./App/vidalia: /lib/i686/cmov/libc.so.6: version `GLIBC_2.10' not found (required by /path/to/tor-browser_en-US/Lib/libQtNetwork.so.4) ./App/vidalia: /lib/i686/cmov/libc.so.6: version `GLIBC_2.9' not found (required by /path/to/tor-browser_en-US/Lib/libQtCore.so.4) Current installed version of glibc is 2.7 (standard Debian version). I guess this reflects a change in the build environment for TBB? Yes, and it looks like a bug to me. Added to Trac as #2225 (https://trac.torproject.org/projects/tor/ticket/2225). I run Tor from a USB drive, so the portable all-in-one Tor/Vidalia/FF bundle is excellent. Happy to build the TBB from source/components ... are there instructions for the process? Or some other way around the problem? See https://gitweb.torproject.org/torbrowser.git for the build scripts, but we would prefer to fix this bug. Robert Ransom signature.asc Description: PGP signature
Re: Tor 0.2.2.19-alpha is out
On Sun, Nov 28, 2010 at 08:56:13PM +, pump...@cotse.net wrote 5.4K bytes in 125 lines about: : I am curious how to get 0.2.1.27 in the preferred way when using : Ubuntu. Thanks! You are doing it correctly. Packages for ubuntu/debian for 0.2.1.27 aren't created yet. We announce the source release before the binary packages we create are available. It's generally a few days from source release to binary package availability. The exception here is OS X PPC, which lacks a build machine right now. -- Andrew pgp key: 31B0974B *** To unsubscribe, send an e-mail to majord...@torproject.org with unsubscribe or-talkin the body. http://archives.seul.org/or/talk/
Re: Active Attacks - Already in Progress?
Thus spake Theodore Bagwell (torus...@imap.cc): I don't take issue with these particular nodes, nor the method in which they are multiplied. What concerns me is that any single entity (person/organization) is capable of convincing my Tor client to use it in the majority of circuits I build. The clusters I pointed out before have been vouched for by the community, and that's fine, let's assume they're not evil. But the fact remains that nobody - good or evil - should be capable of making themselves a party in my circuit with such reliability. Unfortunately, Exit bandwidth is really hard to maintain if it is not centralized, and all bandwidth is much much cheaper in bulk. It is very hard to convince an ISP to put up with the noise, attacks, and abuse complaints if you are a low budget node: https://blog.torproject.org/blog/tips-running-exit-node-minimal-harassment Rather than cripple the network by forcing more clients to use slower nodes more often, we have opted to try to document the process of running a high capacity Tor exit node: http://archives.seul.org/tor/relays/Aug-2010/msg00034.html We have to do the best with the situation we actually have. Trying to force the network to route as if it were the network we *wish* we had will only make it completely unusable. Please help us to create the network we *wish* we had. -- Mike Perry Mad Computer Scientist fscked.org evil labs pgpR0O77gJTaV.pgp Description: PGP signature