Re: Problem with downloading attachments in torbrowser for osx

[krishna e bera]

Bugs tend to get fixed faster and/or more efficiently 
when they are entered into the bug tracking system.
I copied this email into a new one at
https://trac.torproject.org/projects/tor/ticket/2542

It would be helpful if you can add information such as your
- Operating system version
- Tor version
- Polipo or Privoxy version
- Torbutton version
- Firefox version
- Torbrowser or Vidalia bundle version.

and does it work if you use "Save As" instead?



On Sat, Feb 12, 2011 at 05:08:17AM +, M wrote:
> Hey guys,
> 
> I thought i would bring this to the attention of those concerned in case they
> already did not know. I am still unable to download any attachments, whether
> yahoo or gmail, when running tor. The message which appears is
> 
>  "[JavaScript Application]
> 
> Torbutton blocked direct Tor load of plugin content.
> 
> Use Save-As instead.
> 
> 
> This is a real pain and i was hoping it would be fixed with the update, but
> alas
> 
> 
> Also, the same message appears sometimes on normal pages, such as when you 
> fill
> forms, or just loading pages like: http://groups.yahoo.com/group/
> X-clusive_Stuffs
> 
> 
> Please try to fix this issue in the next update... its a real pain!!!
***
To unsubscribe, send an e-mail to majord...@torproject.org with
unsubscribe or-talkin the body. http://archives.seul.org/or/talk/

Re: "cease and desist" from my vps provider...

[krishna e bera]

On Thu, Feb 03, 2011 at 05:59:03PM +0100, Eugen Leitl wrote:
> On Thu, Feb 03, 2011 at 05:36:09PM +0100, Andrea Trentini wrote:
> 
> > self suggestion: I asked hetzner if they accept a tor node, they
> > told me "yes, but you're responsible" (of course)
> 
> Interesting. Hetzner is officially down on anything which causes
> them trouble (benji said so himself, repeatedly), so they're 
> effectively accepting of a Tor middleman, but Tor exits are 
> probably going to be pretty short-lived in Hetzner space.

i added seflow.it to this page
https://trac.torproject.org/projects/tor/wiki/TheOnionRouter/GoodBadISPs

please feel free to change it when you have updates 
or wish to modify the hetzner entry as well.
***
To unsubscribe, send an e-mail to majord...@torproject.org with
unsubscribe or-talkin the body. http://archives.seul.org/or/talk/

Re: System time in anonymity oriented LiveCDs

[krishna e bera]

On Mon, Jan 03, 2011 at 04:06:44PM +0100, anonym wrote:
> Hi list,
> 
> Liberté Linux has a novel solution to this problem[4] -- it sets the
> system time according to the Tor consensus' valid-after/until values,
> which essentially removes Tor's time skew check. We T(A)ILS developers
> are tempted to implement the same solution, but first we'd like to ask
> here if this is safe, or if it opens up for any unexpected type of
> attacks or problems.
> 
> If any one has a completely different solution for the system time issue
> we're very interested in hearing that out as well.
> 
> Cheers!
> 
> [1] https://amnesia.boum.org

The latest T(A)ILS is using HTP instead of NTP
https://amnesia.boum.org/contribute/design/HTP/

(I hesitated to post this but it doesnt seem to have come up 
here so far even though people linked to the T(A)ILS site.)
***
To unsubscribe, send an e-mail to majord...@torproject.org with
unsubscribe or-talkin the body. http://archives.seul.org/or/talk/

Re: Tor 0.2.2.20-alpha is out (security patches)

[krishna e bera]

On Mon, Dec 20, 2010 at 11:49:36PM -0500, Justin Aplin wrote:
> Because I like to tinker, and since the PPC version of Vidalia is out of date,
> I'd thought about building Vidalia itself from source, but http://
> www.vidalia-project.net/ isn't working for me. Is the current source publicly
> available at the moment?

https://www.torproject.org/projects/vidalia
***
To unsubscribe, send an e-mail to majord...@torproject.org with
unsubscribe or-talkin the body. http://archives.seul.org/or/talk/

Re: Fwd: Re: DMCA Infringement Notification: Copies of 14 complaints

[krishna e bera]

On Sat, Dec 18, 2010 at 11:20:46AM -0700, scar wrote:
> misconceptions, the part referring to section 7 of the service agreement
> seems relevant.  suggestions?
> 
> 
> Dmca violations are treated seriously by Qwest and if they continue you
> will lose your DSL service.
> You mentioned you were operating a "Tor exit router" which normally is
> used for the purpose of
> hiding ip addresses. If you are allowing people on the internet to hide
> their ip addresses by routing
> through your DSL  "Tor exit router", then you are violating your DSL
> service agreement with Qwest.
> You can find the Qwest DSL service agreement at
> http://www.qwest.com/legal/highspeedinternetsubscriberagreement.
> Under "7. Service Conditions" it state that your residential DSL service
> is only for the use of your  pcs
> within your home. You cannot allow others, outside your house,  to use
> it for the purpose of hiding their ip addresses.
> You also are responsible for any harmful or illegal traffic that comes
> from your DSL modem. The fact that
> your "Tor service" is a configured to block the most common ports
> associated with abuse does not release
> you from this responsibility. If you are charging money for the use of
> the "Tor service" then you are violating the terms of both your
> residential phone service and your residential DSL service with Qwest
> as you are not allowed to use either for running a business.

Unfortunately this clearly brands Qwest as a Bad ISP
https://trac.torproject.org/projects/tor/wiki/TheOnionRouter/GoodBadISPs
so the wiki can be updated accordingly if negotiation is impossible.
I had the same problem with my cable provider and switched to a friendly ISP.
To avoid changing providers you could make your relay a non-exit or bridge.

***
To unsubscribe, send an e-mail to majord...@torproject.org with
unsubscribe or-talkin the body. http://archives.seul.org/or/talk/

Re: Bitcoin And The Electronic Frontier Foundation

[krishna e bera]

How are bitcoins relevant to Tor?
Can a relay generate them just by processing traffic?
***
To unsubscribe, send an e-mail to majord...@torproject.org with
unsubscribe or-talkin the body. http://archives.seul.org/or/talk/

Re: Hints and Tips for Whistleblowers - their comments on Tor and SSL - I don't understand.

[krishna e bera]

The bad advice may be a misinterpretation or poor rephrasing
of this advice in the Tor FAQ Wiki:
https://trac.torproject.org/projects/tor/wiki/TheOnionRouter/TorFAQ#WhyisitbettertoprovideahiddenserviceWebsitewithHTTPratherthanHTTPSaccess
***
To unsubscribe, send an e-mail to majord...@torproject.org with
unsubscribe or-talkin the body. http://archives.seul.org/or/talk/

Re: 0.2.2.17 issue?

[krishna e bera]

On Sun, Oct 10, 2010 at 05:30:27PM +0200, Udo van den Heuvel wrote:
> Hello,
> 
> 0.2.2.15 ran fine on my Fedora 13 box.
> 0.2.2.17 has exited twice without much reason...
> Any ideas why?

https://trac.torproject.org/projects/tor/wiki/TheOnionRouter/TorFAQ#MyTorkeepscrashing.


***
To unsubscribe, send an e-mail to majord...@torproject.org with
unsubscribe or-talkin the body. http://archives.seul.org/or/talk/

Re: StrictNodes

[krishna e bera]

On Tue, Oct 05, 2010 at 07:57:42PM +0100, Geoff Down wrote:
> "[warn] The configuration option 'StrictExitNodes' is deprecated; use
> 'StrictNodes' instead."
>  It would help if such an option were documented in
> https://www.torproject.org/tor-manual.html.en
> or shipped in the expert install package.
>  Where is it documented please?
> GD

https://www.torproject.org/faq#ChooseEntryExit
clearly needs updating.

In the Changelog entry for 0.2.2.7-alpha - 2010-01-19 it says
...
  o Major features (relay selection options):
- Switch to a StrictNodes config option, rather than the previous
  "StrictEntryNodes" / "StrictExitNodes" separation that was missing a
  "StrictExcludeNodes" option.
- If EntryNodes, ExitNodes, ExcludeNodes, or ExcludeExitNodes
  change during a config reload, mark and discard all our origin
  circuits. This fix should address edge cases where we change the
  config options and but then choose a circuit that we created before
  the change.
- If EntryNodes or ExitNodes are set, be more willing to use an
  unsuitable (e.g. slow or unstable) circuit. The user asked for it,
  they get it.
- Make EntryNodes config option much more aggressive even when
  StrictNodes is not set. Before it would prepend your requested
  entrynodes to your list of guard nodes, but feel free to use others
  after that. Now it chooses only from your EntryNodes if any of
  those are available, and only falls back to others if a) they're
  all down and b) StrictNodes is not set.
- Now we refresh your entry guards from EntryNodes at each consensus
  fetch -- rather than just at startup and then they slowly rot as
  the network changes.


***
To unsubscribe, send an e-mail to majord...@torproject.org with
unsubscribe or-talkin the body. http://archives.seul.org/or/talk/

Re: tor-proxy.net is official proxy site of TOR? [Sorry, i meant to say http://torproxy.net/]

[krishna e bera]

That new site does not respond.

Also, the same design flaw applies to ANY remote web-based proxy:
it is a single concentrator and can thus is a magnet to be attacked
or have its incoming connections monitored.  If the connections
are SSL (https) it might be slightly more difficult to snoop on, 
but most people do not check certificates so MITM could still occur.

It does not matter what the site is using on the back end.


On Thu, Jul 22, 2010 at 03:38:50PM +0530, emigrant wrote:
> guys, sorry,
> i meant to say:
> http://torproxy.net/
> 
> not tor-proxy.net
> 
> thanks a lot.
> 
> On Wed, 2010-07-21 at 08:28 -0700, Damian Johnson wrote:
> > No, it's not related to tor and be aware that the design (shown in
> > their FAQ) looks like you're sending your traffic via this
> > "Tor-Proxy.net" thing, which means you're trusting them in the same
> > fashion as a single hop proxy. -Damian
> > 
> > On Wed, Jul 21, 2010 at 8:14 AM, emigrant
> >  wrote:
> > or is it safe enough?
> > 
> > thanks a lot.
> > 
> > 
> > ***
> > To unsubscribe, send an e-mail to majord...@torproject.org
> > with
> > unsubscribe or-talkin the body.
> > http://archives.seul.org/or/talk/
> > 
> 
> 
> 
> ***
> To unsubscribe, send an e-mail to majord...@torproject.org with
> unsubscribe or-talkin the body. http://archives.seul.org/or/talk/
***
To unsubscribe, send an e-mail to majord...@torproject.org with
unsubscribe or-talkin the body. http://archives.seul.org/or/talk/

Re: Fwd: Posting of links to inappropriate sites on children's website via Tor

[krishna e bera]

some alternatives that dont require blocking Tor:
- authenticate new members by non-electronic means
- disallow posting of links by new members
- moderate content



On Tue, Jun 29, 2010 at 01:10:28AM +0200, Moritz Bartl wrote:
> (Forwarded with permission)
> 
>  Original Message 
> Subject: Posting of links to inappropriate sites on children's website
> via Tor
> Date: Mon, 28 Jun 2010 18:44:26 -0400
> From: Amos Blanton 
> To:   ab...@torservers.net
> 
> Greetings,
> 
> I help manage the community on the Scratch website. Scratch is a
> programming language for kids developed and provided for free by an
> educational research group at MIT. You can check it out here:
> 
> http://scratch.mit.edu/
> 
> There is a teenager in New York who has decided to create new accounts
> to post links to trolling sites like lemmonparty.org
>  etc. on the Scratch website, which allows kids
> to share projects and comments. It being a site for kids ages 8 and up,
> that's not good. :(
> 
> This is the node that was most recently used:
> http://173.244.197.210/
> 
> I think we can find the originating IP from our records, if that would help.
> 
> In the past this person created accounts to post links in our forums
> using free web proxies, and now they're moving on to posting them in
> comments via TOR.  I guess we'll have to block new accounts from TOR
> nodes - but do you guys have any alternatives you can recommend? I
> understand and accept your mission to support privacy, but unfortunately
> I can't see any good alternatives to blocking Tor nodes right now. I
> have read the FAQ, but I thought I'd see if you have any other ideas.
> 
> Thanks very much for your time,
> Amos Blanton
> Scratch Team
> 
> -- 
> _
> Amos
> 
> ***
> To unsubscribe, send an e-mail to majord...@torproject.org with
> unsubscribe or-talkin the body. http://archives.seul.org/or/talk/
***
To unsubscribe, send an e-mail to majord...@torproject.org with
unsubscribe or-talkin the body. http://archives.seul.org/or/talk/

Re: Reducing relays = reducing anonymity ? Tortunnel.

[krishna e bera]

On Wed, May 19, 2010 at 03:21:15PM -0400, Stephen Carpenter wrote:
> On Wed, May 19, 2010 at 1:48 PM, Sebastian Hahn  
> wrote:
> 
> >> Is tortunnel evil since it maybe hacks Tor-cirucits to reduce the number
> >> of relays ?
> >
> > Yes, unfortunately quite a few people use it.
> > It hurts the network by endangering exit node operators, and
> > by completely ignoring any of the load balancing that happens
> > in normal Tor.
> 
> I agree with most of what you have had to say, though, this gets to
> the heart of why its not just "bad for you" but "abusive to the
> community". However, I am not sure that I understand how this is the
> case.
> 
> Certainly there is a certain amount of sense to the idea that
> tortunnel traffic may use another system that focuses more on speed if
> tortunnel was unavailable. However, an assumption is an assumption and
> I am not sure how much I buy the truth of it.
> 
> Is there an argument for the problem beyond this? What load balancing
> mechanisms is it ignoring? Is this ignorance a symptom of what it
> tries to do, or a symptom of ignorant design (ie just plain ignoring
> network information that it is the client's job to respect?).
> 
> I ask for two reasons. The first is logical accuracy, what its trying
> to do, while bad for user anonymity, doesn't, on its face, seem like a
> real problem for tor exit node runners. The second is that I have
> considered writting a client myself (I have some things that I want to
> play with that is a bit beyond what the current client can do... like
> rendezvous nodes that don't publish in the public directory) and I
> wouldn't want to end up being considered an abuser

If single-hop users of exit nodes become common
it then becomes worthwhile for Tor adversaries to 
seize or compromise or tap traffic going into exit nodes
in order to locate those single-hop users.

I have been using the alpha versions that detect 
anomalous connections from nodes claiming to be tor relays
for several weeks and have seen some (but not majority) activity.
Although tortunnel-like code can be used for detecting bad exits,
i wouldnt be surprised if someone adapted it for p2p botnets spamming etc.
***
To unsubscribe, send an e-mail to majord...@torproject.org with
unsubscribe or-talkin the body. http://archives.seul.org/or/talk/

Re: Tor-friendly dedicated hosting

[krishna e bera]

On Sat, Apr 17, 2010 at 12:58:57PM -0500, Bill Weiss wrote:
> My apologies if there's some canonical source for this I'm missing.  I
> didn't see anything in the archives of the list for the last couple of
> months, and I don't remember seeing anything like this any time recently.
>...
> My soon-to-be-former dedicated hosting company, 1&1, has informed me they
> are terminating my account at the end of this billing cycle (~1 month).
> The reason for this is repeated DMCA notices about my tor node (clanspum).
> I didn't get much warning about this.  There have been a total of 5
> (including the one with the "get lost" note attached) forwarded to me by
> their legal department at a rate of about one per month.  I don't know
> what started this trend, as I hadn't had one in the 3+ years before that
> running an exit on one of their machines.
 
https://wiki.torproject.org/noreply/TheOnionRouter/GoodBadISPs
Please fee free to update that page under the appropriate region heading
if your ex-ISP is not listed.  Laws and practice and availability vary
quite a bit with country and ISP.  I think there was an ISP policy 
comparison project underway but i cannot find the reference atm.

See also this blog posting for prevention of problems in future:
https://blog.torproject.org/blog/tips-running-exit-node-minimal-harassment

FWIW i also get about one abuse notice a month for my node that carries
about 300KB/s or 1.6TB/month.  They have been about DMCA, spam, and IRC.


***
To unsubscribe, send an e-mail to majord...@torproject.org with
unsubscribe or-talkin the body. http://archives.seul.org/or/talk/

Re: Eventdns: All name servers have failed

[krishna e bera]

On Fri, Apr 16, 2010 at 02:44:30PM -0500, Jon wrote:
> After several hours of searching thru the archives, googling, etc;
> trying to find answers for what is causing this error and what to do
> about it.
> 
> I could find a lot of bug tickets, and a lot of issues about it, but
> didn't seem to locate a fix for it except there were several for the
> Linux OS.
>...
> Was there a fix or a solution for it, or was it determined that it was
> not important enough to worry about at the time, since generally it
> would correct it self with in less than a second most of the time and
> continue to work till it happened again?

i have been seeing these for a couple of years
while running Tor servers on debian and ubuntu and
nobody deemed them important enough to worry about
and they didnt seem to affect the machine much.
perhaps they are of concern for Tor network performance?

> I have had 5 of these warnings now in 12 hrs today. To me that seems
> kind of excessive, but maybe its just me.
> 
> The last 2 warnings were exactly 1 hour apart. But as I mentioned
> earlier, it lasts for last than a second.

Yes that is the pattern i see too.

***
To unsubscribe, send an e-mail to majord...@torproject.org with
unsubscribe or-talkin the body. http://archives.seul.org/or/talk/

Re: TOR Not Starting after upgrade

[krishna e bera]

On Thu, Apr 15, 2010 at 09:45:56PM -0500, Edward Langenback wrote:
> > I've just upgraded to vidalia-bundle-0.2.1.25-0.2.7.exe and now TOR is
> > not starting at all.  I've tried a full uninstall-reinstall with no
> > changes.
> 
> Any ideas what the problem is?  I'm still getting the same behavior
> after several reboots and complete re-installs.

1) Your insecurity software may have detected changed .exe files and
   therefore blocked Tor from starting (it is easy to miss the prompt).

2) The Tor might have started but browsing though it with Firefox 
   not be working due to a legacy Privoxy hanging around (it was not
   automatically uninstalled by previous bundles for some reason)
   and occupying port 8118 so Polipo cannot start.

3) Check the Tor log file for other possibilities.  Check the Windows
   Events log for related System and Application events.



signature.asc
Description: Digital signature

Re: Anti-Virus software for windows server

[krishna e bera]

Though the comic makes a good point,
some people are coerced by circumstances into running such software.

There is Free virus scanner called clamwin http://www.clamwin.com/
but it can only scan and remove, it does not block activity.
Since Windows Server users have money for licenses
most "security" software companies have products for them:
http://en.wikipedia.org/wiki/List_of_antivirus_software.

Note that Microsoft recommends not to scan various files:
http://support.microsoft.com/kb/822158
(I have seen updates fail due to automatically acting on false positives.)



On Sun, Mar 21, 2010 at 12:35:54PM -0400, Flamsmark wrote:
>[1]http://xkcd.com/463/
> 
>If you administer your server in a reasonable way, you shouldn't need any
>antivirus software.
> 
>On 21 March 2010 12:19, Jon <[2]torance...@[3]gmail.com> wrote:
> 
>  Seems to me I saw in one of the messages awhile back about anti-virus
>  software for servers. I cant seem to locate it in the archives. What
>  anti-virus programs are being used for windows servers?
> 
>  Specifically, win 2003 or win 2008 ?
> 
>  Thanks.
>  Jon
***
To unsubscribe, send an e-mail to majord...@torproject.org with
unsubscribe or-talkin the body. http://archives.seul.org/or/talk/

Re: can i ask questions about privoxy here...?

[krishna e bera]

On Sat, Jan 02, 2010 at 04:29:19PM +0100, Gitano wrote:
> emigrant wrote:
> 
> > is that possible?
> 
> Which question(s) beside 'http://www.privoxy.org/faq/index.html'?

see also 
http://www.torproject.org/docs/tor-doc-unix.html.en#polipo
there is a sample Privoxy config for use with Tor
***
To unsubscribe, send an e-mail to majord...@torproject.org with
unsubscribe or-talkin the body. http://archives.seul.org/or/talk/

Re: tor-proxy.net

[krishna e bera]

On Fri, Jan 01, 2010 at 06:39:39PM +, M wrote:
>thanks for the info. I understand that it cant be safer than the real
>stuff, but objectively, i do� believe its safer than other online proxies,
>such as anonymouse? Am i correct?

It may even be less safe because
it is a single collection point for connection info AND data
and people may be fooled into trusting it.
The site admits it is a middleman for regular and SSL connections.
Also, it is in Germany so it is subject to their data retention laws,
regardless how nice the owner is.

The only thing i might use such a site for would be convenience, e.g.
if i can't install Tor and would like to access a .onion website.


>On Fri, Jan 1, 2010 at 1:39 PM, <[1]and...@torproject.org> wrote:
> 
>  On Fri, Jan 01, 2010 at 03:52:17AM +, [2]moeedsa...@gmail.com wrote
>  0.8K bytes in 22 lines about:
>  : [3]tor-proxy.net
>  : Is it a good alternative if i am out without my TorBrowser Bundle?
> 
>  To be clear, this service has nothing to do with us as the Tor Project.
>  Years ago we asked
>  for a disclaimer, [4]http://tor-proxy.net/?q=en/node/1#official. �He
>  didn't
>  get the Tor url correct.
> 
>  : Whats the diff between the First option (express)and the third?
> 
>  You should ask him, [5]http://tor-proxy.net/index.php?q=en/node/7.
> 
>  I don't think anyone from Tor has actually met the operator, Ben. �I
>  can't make a value judgement on if this is good or not. �I like the fact
>  there is no client install, just connect and use Tor. �I'm concerned
>  that even if Ben is an upstanding privacy activist and truly logs
>  nothing, the connection to his dedicated server could still be watched
>  and logged by someone else.
> 
>  Perhaps Ben is on or-talk and can explain his experiences and the setup
>  of [6]tor-proxy.net in more detail.
>  --
>  Andrew Lewman
>  The Tor Project
>  pgp 0x31B0974B
> 
>  Website: [7]https://torproject.org/
>  Blog: [8]https://blog.torproject.org/
>  Identi.ca: torproject
>  ***
> 
> References
> 
>Visible links
>1. mailto:and...@torproject.org
>2. mailto:moeedsa...@gmail.com
>3. http://tor-proxy.net/
>4. http://tor-proxy.net/?q=en/node/1#official
>5. http://tor-proxy.net/index.php?q=en/node/7
>6. http://tor-proxy.net/
>7. https://torproject.org/
>8. https://blog.torproject.org/
***
To unsubscribe, send an e-mail to majord...@torproject.org with
unsubscribe or-talkin the body. http://archives.seul.org/or/talk/

Re: Location privacy preserving location based service with Tor

[krishna e bera]

On Thu, Dec 31, 2009 at 11:33:49AM -0500, Xinwen Fu wrote:
>Dear All,
> 
>We integrated Tor with a location based service to implement a location
>privacy preserving location based service.
>1. Tor is used to hide the identity (IP) of a user, who sends her location
>to a location based service server for points of interest. Hiding IP is
>also necessary for hiding the user location since IP may imply the user's
>location.
>2. Of course, the user's location coordinates are also perturbed to hide
>her exact location.
> 
>Here is the link of the software:
>http://www.seas.gwu.edu/~nzhang10/cap/cap/Welcome.html. 

Thanks.  Where is the source code?
I see only a MS-Windows binary on the download page.


> The paper is
>here:
>http://www.seas.gwu.edu/~nzhang10/cap/cap/Welcome_files/paper.pdf.
> 
>Happy new year!
> 
>Xinwen Fu
***
To unsubscribe, send an e-mail to majord...@torproject.org with
unsubscribe or-talkin the body. http://archives.seul.org/or/talk/

Re: Pidgin with TOR

[krishna e bera]

On Thu, Dec 31, 2009 at 08:30:57AM -0500, krishna e bera wrote:
> Also, the link you quoted in your other message is out of date -
> we do not use the wiki on noreply.org anymore.

Sorry, it was Freemor who gave the old URL.

Yahoo instant messaging on Pidgin under Ubuntu 
seems to work via Tor with socks5 (at least i can see my buddies).
***
To unsubscribe, send an e-mail to majord...@torproject.org with
unsubscribe or-talkin the body. http://archives.seul.org/or/talk/

Re: Pidgin with TOR

[krishna e bera]

On Thu, Dec 31, 2009 at 05:37:26PM +0530, emigrant wrote:
> i am using the pidgin with ubuntu. and i installed TOR as well.
> i want to set up TOR to one of the yahoo accounts in pidgin.
> so i went to proxy settings and changed the gnome proxy setttings into
> socks5 and host 127.0.0.1 and port 9050.
> but each time i restart pidgin the yahoo account wont' start. i think
> its may be due to yahoo email is opened?

As it says on the second part of 
https://wiki.torproject.org/noreply/TheOnionRouter/TorifyHOWTO/InstantMessaging#Pidgin
if you want Pidgin to work with a specific account,
go to Accounts (in Pidgin) and modify the proxy settings there.
The GNOME proxy settings will not work for this.

The screen capture on that wiki page is out of date -
i am uploading a new one now.

Also, the link you quoted in your other message is out of date -
we do not use the wiki on noreply.org anymore.
***
To unsubscribe, send an e-mail to majord...@torproject.org with
unsubscribe or-talkin the body. http://archives.seul.org/or/talk/

Re: Why governments fund TOR?

[krishna e bera]

On Wed, Dec 30, 2009 at 10:49:12PM +0530, arshad wrote:
> forgive me for my ignorance.

are you having difficulties reading the website or understanding some pages,
perhaps due to your native language?

> may i know why governmetns fund TOR. i read 49% funds coming from
> government. TOR is usually considered for passing government restriction
> by journalists and activists. so why should governments fund this?

http://www.torproject.org/torusers.html.en

***
To unsubscribe, send an e-mail to majord...@torproject.org with
unsubscribe or-talkin the body. http://archives.seul.org/or/talk/

Re: legislative problem in Slovakia

[krishna e bera]

On Thu, Dec 10, 2009 at 10:48:54PM -0500, Andrew Lewman wrote:
> On 10/26/2009 08:54 AM, Vita Cizek wrote:
>  > In September, the Slovak Ministry of Transport, Post and
> Telecommunication
> > prepared an amendment of the Electronic Communication Act.
> > The Ministry of Internal Affairs integrated their suggestions, which
> > include prohibition of anonymizing services.
> > 
> > A link (in slovak) to the appended part is here :
> > http://www.ictlaw.sk/elektronicke-komunikacie/historia-pravnej-upravy-v-c-s-sr-a-sr/zakon-c-610-2003-z-z-o-elektronickych-komunikaciach/Siedma_novela_ZoEK-pripomienky_vznesene_v_ramci_MPK.rtf/view
> 
> 
> What ever became of this?  We're hearing Poland is considering the same
> thing.


Canada's parliament is considering 3 new laws that might make anonymizing 
services 
difficult to operate, because of the loss of common carrier status:
overview http://www.michaelgeist.ca/content/view/4594/159/

another analysis:
http://www.zeropaid.com/news/86462/canadian-surveillance-legislation-dissected-bill-c-46/
http://www.zeropaid.com/news/86463/canadian-surveillance-legislation-dissected-bill-c-47/

more recent look at C-58 says it is mostly pointless legislation
http://www.michaelgeist.ca/content/view/4563/125/
so exit snooping becomes troublesome for anyone except law enforcement agents.
***
To unsubscribe, send an e-mail to majord...@torproject.org with
unsubscribe or-talkin the body. http://archives.seul.org/or/talk/

Re: Reduce hops when privacy level allows to save Tor network bandwidth

[krishna e bera]

On Thu, Nov 19, 2009 at 11:46:12AM -0500, Erilenz wrote:
> This is one of those ideal/practical arguments. Idealistically, Tor
> would only have 3 hop circuits and those who want "simple circumvention"
> wouldn't use it. That doesn't make it the practical truth of what is
> happening though.

Even if your theory about overall traffic savings is correct,
will the number of exit nodes rise to handle increased usage?
If that happens, Tor exit nodes will lose whatever reputation
we have built for them so far as being fruitless to seize.
It is hard enough to get people to run them now.
***
To unsubscribe, send an e-mail to majord...@torproject.org with
unsubscribe or-talkin the body. http://archives.seul.org/or/talk/

Re: Kaspersky wants to make Tor illegal and supports a globalized policed internet.

[krishna e bera]

On Tue, Nov 10, 2009 at 12:29:26PM -0500, Brian Mearns wrote:
> On Sun, Oct 18, 2009 at 9:04 PM, John Case  wrote:
> > On Sun, 18 Oct 2009, Jacob Todd wrote:
> [clip]
> >>> I'd like to change the design of the Internet by introducing
> >>> regulation--Internet passports, Internet police and international
> >>> agreement--about following Internet standards. And if some countries
> >>> don't agree with or don't pay attention to the agreement, just cut
> >>> them off.
> >
> >
> > Let's say this is successful ... it will simply lead to a parallel, mostly
> > wireless network that is even more decentralized than the current Internet.
> >  How much does it cost these days to link 10mbps across 10 km ?
> >
> > In a few years, with "n" hardware flooding the market, how much will it cost
> > to link 100mbps across 50 km ?
> [clip]
> 
> Agreed. You would think a man at the head of an Internet Security firm
> would have a better understand of Internet vs. internet. His comment
> about the Internet being "designed" illustrates to me that he doesn't
> actually know much about the history of networking, and apparently
> doesn't even have a good understanding of how ad-hoc these things
> really are.
> 
> Anyway, like I said, I totally agree with your point. If The Internet
> is restricted in such ridiculous ways as Kaspersky suggests, then
> other internets will just spring up to replace it. Maybe to this end
> we should all make an effort to establish de-centralized networks in
> our own worlds: connect a few neighbors together with CAT5, or hell,
> even RS232, and you've got a network. Connect one of these to the
> neighbors on the next block, and you've got an internet. How about
> Sneakernets? Onion routing by snail-mail and courier? Packet
> transmission by encrypted email? The Internet grew out of nothing,
> once, and that when network theory was only in its infancy. There's no
> reason we couldn't go it again.
> 
> -Brian

I havent read Kaspersky's report but the general argument is supportable.
The hardware on which the high speed internet runs is increasingly concentrated
under fewer owners.  How many internet access providers exist where you live
and do they significantly differ in Terms of Service, i.e. friendly to privacy?
Google alone now carries from 6 to 10% of all the traffic.
viz. http://www.wired.com/epicenter/2009/10/youtube-bandwidth/

The laws governing (or attempting to) what is allowed on the internet
are also swinging in favour of more control and traceability.  
Indeed, if the ACTA currently being negotiated is implemented,
https://www.eff.org/deeplinks/2009/11/leaked-acta-internet-provisions-three-strikes-and-
Tor could well become illegal, (a) because it can be used to circumvent
restriction of copyrighted content by country and (b) because you can use it
to hide identity while filesharing (even though we discourage that).
EFF and friends succeeded in repealing some PATRIOT act insanity,
but national insecurity and corporate greed continue to infect
all areas of law and social reality including the internet.

Anyway, there is a volunteer project which may help Tor work 
on the kind of grassroots internet you describe:
https://www.torproject.org/volunteer.html.en
Simulator for slow Internet connections 
***
To unsubscribe, send an e-mail to majord...@torproject.org with
unsubscribe or-talkin the body. http://archives.seul.org/or/talk/

Re: (FWD) Load external content? message seems inappropriate

[krishna e bera]

On Sat, Oct 31, 2009 at 07:23:24AM -0400, downie - wrote:
>> Date: Sat, 31 Oct 2009 01:17:13 -0400
>> From: a...@mit.edu
>> To: or-talk@freehaven.net
>> Subject: (FWD) Load external content? message seems inappropriate
>>
>> [Forwarding to the list since this address isn't subscribed.
>>
>> My first question is: what is the content-type header provided by the
>> webserver? Perhaps it was something that your browser recognized and
>> thought it couldn't display by itself?
>>
>> My second thought is: this might be a Torbutton bug, and might want
>> to go into bugs.torproject.org.
>>
>> --Roger]
>>
>> - Forwarded message from owner-or-t...@freehaven.net -
>>
>> Date: Wed, 28 Oct 2009 21:11:52 -0500
>> Subject: Load external content? message seems inappropriate
>> From: Thomas Anderson 
>> To: or-t...@seul.org
>>
>> I was playing around with Tor Browser to see what it was like and
>> tried to download a small 1mb file from a server of mine. In the
>> process, I got the following message:
>>
>> -
>>
>> An external application is needed to handle:
>>
>> http://domain.tld/path/to/my/file.ext
>>
>> NOTE: External applications are NOT Tor safe by default and can unmask
>you!
>>
>> -
>>
>> My question is... why is an external package being loaded? All I
>> want to do is to download a file via HTTP to my hard drive. I don't
>> want to open it up in whatever application would be appropriate and
>> even if I did, it's not as if that application would be the one that
>> downloads the file - Tor Browser would still download it and just
>> place it in the Windows temporary directory or where ever.
>>
>> All in all, the message seems inappropriate. Sure, if I was
>> downloading, say, an *.exe, that *.exe might connect me to the
>> internet, but even then, the message seems misleading, since, at that
>> point, it's not that an external package is needed to handle the file
>> so much as the file *is* an external package.
>>
>> - End forwarded message -
>>
> 
>This is a Torbutton message. Your operating system might automatically
>open a downloaded file with another application - which might in turn
>connect to the internet directly.
>Since Torbutton has no way of knowing what your OS is set up to do, it's
>an appropriate warning.
>GD


That happens to me when downloading a file from Sourceforge 
with Torbutton 1.2.2 and Firefox 3.5.4.
It asks the question above and when i click to Launch External Application
Firefox shows the Opening dialog with only the Save or Cancel available.
Perhaps launching a (new in Firefox 3.5) download worker thread 
looks like launching an external application.

The Content-Type header i saw trying this twice was application/octet-stream.
http://downloads.sourceforge.net/project/bitcoin/Bitcoin/bitcoin-0.1.5.rar/bitcoin-0.1.5.rar?use_mirror=mesh
but i also got application/rar a bunch of times.

I tried downloading a .exe file and the header was application/x-msdos-program.
http://audacity.sourceforge.net/latest/audacity-win/audacity-win-1.2.6.exe
***
To unsubscribe, send an e-mail to majord...@torproject.org with
unsubscribe or-talkin the body. http://archives.seul.org/or/talk/

Re: [OT]RE: Unsubscribe

[krishna e bera]

On Wed, Sep 23, 2009 at 10:28:32PM -0600, Jim McClanahan wrote:
> Having seen this situation on this list multiple times, it occurs to me
> that beyond "To", "From", and "Date", many people have probably never
> seen the headers.  Most non-techies probably don't even know it exists.
> I believe most GUI mail clients, by default, only show the abbreviated
> version I just mentioned.  I know mine does.


alternatively, majordomo v1 has a configuration option 
to bounce messages with such words in the subject or first few lines
to the list manager as administrative requests.

Re: Tor a carrier for Botnet traffic?

[krishna e bera]

On Tue, Sep 01, 2009 at 04:20:42PM +0200, Folkert van Heusden wrote:
> Hi,
> 
> The Tor anonimity network is a generic carrier for all kinds of (TCP)
> traffic. Its goal is enabling people to use the internet without anyone
> between them and the destination point being able to determine what is
> happening. It also allows you to offer services without anyone being
> able to trace back these services to you.
> Now botnets need to communicate with a central instance which lets them
> know what to do (e.g. send spam, ddos websites, etc.). Tor is an ideal
> carrier for this: no outsider can see what kind of traffic comes out of
> a system running such a bot and no-one is able to see whereto this
> traffic goes. So you can't stop the traffic between the bot and its
> master without blocking the whole Tor network and it is kind of hard as
> well to find where all this traffic goes to (the botnet master node).
> So; what should we do? Dis-allow hidden services in Tor? Or block Tor
> totally?

There is quite a bit of overhead incurred running a tor client,
which is not desirable for a typical parasitic bot infection.
Also, the Tor client doesnt try to hide itself on the system
so some modifications to the code would be required.
Botnet owners can get lower latency and higher throughput 
just continuing to infect unsecured boxes.  Regarding DDoS see
http://www.torproject.org/faq-abuse.html.en

Until some security forensics people document that Tor is being used
in real botnets, i don't think new policies restricting Tor usage 
are called for.

Re: Doubt

[krishna e bera]

On Tue, Aug 11, 2009 at 01:23:40PM -0300, Wilson Goes wrote:
> Using TOR
> Is there any way to garantee that I will receive diferent IP adress
> every time during a periodo off 24 hours  ?

If you also use Vidalia or Tork or another Tor controller
you can tell it to get a "new identity" or send the NEWNYM command
which causes Tor to build a new circuit and thus gets you a new exit node.

Re: Comcast throws down gauntlet to residential accounts

[krishna e bera]

On Mon, Aug 10, 2009 at 01:39:44PM -0500, Scott Bennett wrote:
>[...]
> to the cablemodem.  I was told that having *any* ports "open facing the
> Internet" was a violation of Comcast's Acceptable Use Policy (AUP) for
> residential accounts.  [...]

This would be crippling if true - residential VOIP and instant messaging
requires open ports and does so be default.  Luckily the person was incorrect.

There are only two relevant lines in their AUP at 
http://www.comcast.net/terms/use/
Under Technical Restrictions it says you must not

* use or run dedicated, stand-alone equipment or servers from the Premises that 
provide network content or any other services to anyone outside of your 
Premises local area network (“Premises LAN”), also commonly referred to as 
public services or servers. Examples of prohibited equipment and servers 
include, but are not limited to, e-mail, Web hosting, file sharing, and proxy 
services and servers;
* use or run programs from the Premises that provide network content or any 
other services to anyone outside of your Premises LAN, except for personal and 
non-commercial residential use;

As you can see proxies are specifically named; 
say bye to your Tor relay under Comcast residential contract.


signature.asc
Description: Digital signature

Re: Conspiracy: Piratebay owned by CIA (TOR involved, also)

[krishna e bera]

Could someone post the contact addresses for cashing in?
And perhaps some proof that they do (or do not) pay?


On Tue, Jun 23, 2009 at 03:55:57PM +0200, Timo Schoeler wrote:
> thus Tom Hek spake:
>> On Jun 23, 2009, at 15:01 PM, Harry Hoffman wrote:
>>
>>> At $0.20USD/MB I was able to supplement my regular income. Soon I'll  
>>> be able to quit my regular job. It's like all of those emails say, 
>>> let your computer work for you!
>>
>> You get payed $0.20USD/MB? I only got an offer of 0,05 euro/MB from the 
>> AIVD (the Dutch intelligence service). Maybe I should think about 
>> moving to the VS..
>>
>> -Tom
>
> :D
>
> Well, I just bought a nice house at the sea side in south west Portugal  
> (paid by BND, for my exit nodes running ;).
>
> SCNR

Re: Help Iranian dissidents

[krishna e bera]

On Sat, Jun 20, 2009 at 06:01:27PM +0200, Nils Vogels wrote:
>On Sat, Jun 20, 2009 at 11:09 AM, Karsten N.
><[1]tor-ad...@privacyfoundation.de> wrote:
> 
>  And I hope, tor will stay political neutral.
> 
>IMHO, Tor is, much like any other software, a tool. A tool is used to
>accomplish a goal. In this case, the goal is freedom of information for
>the Irani people or phrased otherwise evasion of lawful interception in
>Iran.
>Now, one may think whatever one wants about the way a tool is used (a
>hammer can be used to make a shed, or it can be used to permanently
>ventilate brains), but the tool is still the tool. A tool cannot have a
>political view, and I am convinced Roger et al will do their best not to
>let their personal views on any matter bleed too much into the codebase of
>tor.
>Greets,
>Nils

This is really not the place for a political argument.
If it were, i would be pointing out that aquiescence to
any existing regime *is* taking a political stance.

However, as noted on the Who Uses Tor page,
https://www.torproject.org/torusers.html.en
Tor is useful to people from all ends of the spectrum
including dissidents and governments.
Therefore it is not necessary to debate motives or politics
but rather to educate everyone about it
and further its development.

Re: Tor query

[krishna e bera]

On Thu, May 21, 2009 at 07:30:45PM +0100, Steffan Wood wrote:
> What is the link to manage Tor mailing lists? (delete account, set  
> digest format etc)

or-talk is a Majordomo mailing list,
so management of your subscription is done by emailing to
  majord...@seul.org
with no subject and the body containing 
  command or-talk
where "command" is one of the words described at
http://www.educationaldevelopment.net/elt2/majrdomo.htm
(there are other majordomo info sites but that one was at hand).


signature.asc
Description: Digital signature

Re: Multiple Tor Installs

[krishna e bera]

On Tue, Apr 07, 2009 at 12:11:32AM -0400, Ringo wrote:
> Is it possible to just call Tor multiple times while specifying multiple
> configs? I figure this might work but I wanted to check in case there
> might be anonymity/security problems.
> 
> I'm currently on Ubuntu Ibex.
> 
> Thanks,
> Ringo

You can compile once and use different config files for each runtime instance.
The config file contains ports and identities and locations of data directories.
For example:
/usr/local/bin/tor -f /usr/local/etc/tor/torrc1
/usr/local/bin/tor -f /usr/local/etc/tor/torrc2

I don't use the deb package but compile from source with the default options.
I have Xubuntu Intrepid.

Re: TBBundle, Browser javascript

[krishna e bera]

i wrote:
>  However, javascript is not required for either Torbutton or
>  Tor Browser Bundle functionality, so you can turn javascript off
>  for additional security.

Ack! For some reason i thought Torbutton was implemented purely in XUL
but a lot of it is actually implemented in javascript.
Sorry for misleading - i should have read the pages i pointed to :(
On the other hand, so far i have not found a test with javascript off
that leaks info or uncloaks Torbutton...

Re: TBBundle, Browser javascript

[krishna e bera]

On Tue, Mar 24, 2009 at 09:57:49PM +, Lee wrote:
> I'm trying out the Tor Browser Bundle, and I see Javascript is enabled  
> in the browser. Can I turn this off or is that option required left on  
> for certain functionality in the bundle?

Torbutton, when enabled, protects you from many different types of
threats to anonymity and security, even when javascript is turned on.  
See https://torbutton.torproject.org/ 
for more information on what exactly it does and does not do.

However, javascript is not required for either Torbutton or 
Tor Browser Bundle functionality, so you can turn javascript off
for additional security.

Re: Abuse ticket

[krishna e bera]

I have gotten two abuse complaints relating to posting of spam onto Craigslist
via my Tor exit node.  In each case i sent the complainant and my ISP a note 
about 
Tor (modified EFF DMCA response) as well as a suggestion that part of the 
problem
is the website's failure to require users to authenticate and confirm postings.
Forum users can be anonymous but still maintain a solid internet reputation.
Even anonymous users can be identified and located based on repeated abusive 
behaviour at other forums.

Also, it would be overkill for the website to ban the entire IP space of your
VPS provider since they need only ban the IP that your Tor node has (or all Tor
exits e.g. using TorDNSEL service 
https://www.torproject.org/tordnsel/index.html.en)

Good luck!

On Tue, Mar 17, 2009 at 01:18:10AM +0100, slush wrote:
>Hi,
> 
>Im running Tor on VPS and I have some problems with abusive Tor traffic.
>Firstly, I had problem with DMCA and BitTorrents, so I close non-HTTP(s)
>ports and everything was OK for few months. Now, some dumbass wrote
>abusive message to some web forum, which was reported to police. They
>located my server as source. Last message from VPS admin is:
> 
>---
>Hello Marek
> 
>While running a Tor node is not against our TOS, allowing traffic to pass
>through your servers that results in our IP space being banned certainly
>is.
> 
>This is your first abuse ticket, so we will set it to auto-close in 48
>hours. �If we do receive additional complaints we will need to ask you to
>remove Tor from your Linode.
> 
>Regards,
>*
>--
> 
>I dont want to close HTTP ports 8-), but next report of abusive traffic
>will lead to shutting down Tor or whole VPS :-(. So is there any "best
>practice", what I should do now? DMCA response is probably not fitting to
>this issue...
> 
>Thanks,
>Marek

Re: Some Tor w/ Firefox Questions

[krishna e bera]

On Sat, Jan 03, 2009 at 05:15:15PM +0100, sigi wrote:
> Hi, 
> 
> On Sat, Jan 03, 2009 at 05:26:57AM -0500, Ringo Kamens wrote:
> > 
> > 3. One of the common criticisms of NoScript+Tor is that a malicious exit
> > node can pretend to be any site it wishes. What about enabling js on
> > file:// urls? If I understand them correctly, the browser won't make any
> > external requests and then there would be no threat of an attack.
> > 
> 
> Here on my machine, browsing the web with tor and firefox is not 
> possible, with addons noscript and torbutton enabled. I had to disable 
> noscript to use the torbutton first. 
> 
> sigi.

As noted at https://www.torproject.org/torbutton/faq.html.en
you can use Torbutton instead of NoScript 
for good anonymity and security with Tor and Firefox.

Re: Need help with MPAA threats

[krishna e bera]

On Sun, Dec 21, 2008 at 01:00:38PM -0800, Curious Kid wrote:
> Industry organization putting pressure on Tor exit node operators to filter 
> leads to chilling effects.
> 
> As nodes start to filter, that traffic will seek out non-filtering exits. 
> That would work like a funnel, as a majority of traffic of that sort will 
> exit through a decreasing number of exits, thereby making those non-filtering 
> nodes appear to be large-scale violators.
> 
> Has it occured to any of you that these organizations are being conspiciously 
> aggressive with certain people with the complete knowledge that they are Tor 
> exit node operators and what their exit policies are? They want complete 
> network filtering, and that includes the Tor network.


It was in the news today that RIAA is switching strategies
away from suing individuals toward pressuring ISPs.
http://online.wsj.com/article/SB122966038836021137.html

In USA the EFF might help with legal defense if you are sued or charged,
but that doesnt preserve your server or internet connection if your ISP just 
cuts you off.
Read your Terms and Conditions and Acceptable Use Policy and switch providers 
if necessary.
Help lobby against big government and fascist (corporate+police/military) 
states, etc.
Encourage everyone to use Free Software and strong encryption, and produce 
works licensed CC-by-sa.
What else can we do?

Nevertheless, some Tor operators (myself included) do so for specific reasons.
We might not help at all if we could not choose our exit policies.
Some who don't want to deal with complaints choose to run middle nodes.
I'm grateful for every byte of bandwidth.


signature.asc
Description: Digital signature

Re: SSH and Telnet ports

[krishna e bera]

On Sun, Dec 14, 2008 at 10:36:13AM -0800, Christopher Davis wrote:
> How practical is SSH password cracking over Tor? Wouldn't the latency
> deter attackers?

SSH password attacks from single sources can be deterred with watcher programs 
such as Fail2Ban which modify the firewall to discard connections from an 
offending ip address 
after a chosen number of login failures for a chosen period of time (e.g. 1 
hour).
Some have suggested rate limiting new connections using iptables rules as well.
To counter this, SSH crackers devised distributed attack schemes
which try login only a few times from each of many different ip addresses.
However there are now also distributed versions of the watcher software
( http://denyhosts.sourceforge.net/ )
which pool the information about attackers and victims.

The latency from Tor wouldnt bother either sort of attacker,
but concentration of attack ip addresses via exit nodes might counter the 
distributed aspect
(until such time as we reach a much larger population of exit nodes).
It might be interesting to see how many ip addresses listed at DenyHosts are 
Tor exits.

Re: Need help with MPAA threats

[krishna e bera]

It is unlikely that the content in question was ever on your computer at all,
because Tor does not transfer UDP packets (used by bittorrent for data) and 
the default exit policy rejects the common bittorrent ports.
The MPAA investigators are likely seeing the Tor users' access to the tracker 
website
which is done via http.

However, imo your best legal course in USA is as phobos suggested.

I'm in Canada, where the DMCA does not really apply, 
but my network provider was getting annoyed receiving DMCA notices every day
and threatening to cut off my server.  
The template letter i adapted from Torproject and
was sending to the DMCA complainants (cc my network provider) was not enough
because it did not stem the tide of notices.
I thought about getting a cease-and-desist order against the complainants
but i have no idea how (and no money) to go about international legal actions.

After looking at several dozen automated DMCA letters, 
i noticed that all but a few point to tracker websites for ThePirateBay.
I decided to add the ip addresses for those tracker websites to my reject list
and have not received a DMCA notice for a few weeks now.
Although this technically rejects some web (http) traffic,
it seems to me just an extension of the exit policy rejecting bittorrent ports
because those tracker ip addresses are primarily used for setting up p2p 
transfers.
I'm paying $100 a month in bandwidth fees to facilitate anonymous communication 
for activists etc - not to subsidize consumption of games and movies.
Yes i know p2p can carry all sorts of content;
if there is lots of "legitimate" stuff available via ThePirateBay my attitude 
could change.
Feedback on this is welcome.



On Sat, Dec 13, 2008 at 05:17:48PM +0100, Nicky van Etten wrote:
>The MPAA still has to prove you realy have the content which they claim
>you downloaded stored on your computer or any other storage device afaik.
> 
>On Sat, Dec 13, 2008 at 4:34 PM, Matthew McCabe <[1]mate...@mrmccabe.com>
>wrote:
> 
>  Hello-
> 
>  Time Warner shut off my connection again last night due to a complaint
>  from the MPAA.  They claim that I downloaded 2 movies and 1 TV show.
>   This traffic, in fact, must have come through my Tor exit node.
> 
>  I explained to the customer service agent that I am running a Tor exit
>  node and that the traffic must have come through the Tor network.  He
>  said that because this is the 3rd complaint, the MPAA may take me to
>  court and sue me for $100,000 per violation.  He also claimed that
>  "others in similar situations" have lost in court...whatever that means.
> 
>  Here is where I need your help.  First, is there a good way to filter
>  out torrents in my exit policy?
> 
>  Second, have any exit node operators in the US had similar complaints
>  from the MPAA?  If so, how did you handle the complaints?
> 
>  Lastly, has anyone in the US gone to court as a result of using Tor?  If
>  so, do you have a reference for a good lawyer?  At this point, I want to
>  continue running a Tor exit node but also want to investigate my legal
>  options if the MPAA takes me to court.
> 
>  Thank you for your help!
> 
>  -Matt
> 
>--
>Ciphered/Signed email preferred!
>GnuPG KeyID: 0x42435F30
>GnuPG DSA2 KeyID: 0x23286031
> 
> References
> 
>Visible links
>1. mailto:mate...@mrmccabe.com


signature.asc
Description: Digital signature

Re: German data rentention law

[krishna e bera]

On Sun, Oct 19, 2008 at 01:45:22PM +0200, Dominik Schaefer wrote:
> As already said, much more difficult is the part about anonymizing
> services, which brings us right to the still missing 'technical
> directive'.
> That will define the specifics: who is exempted (e.g. WLAN hotspots in
> hotels are said to be exempted, WLAN hotspots at airports not), what
> format has to be used for transmitting the data to law enforcement,
> what precision the timestamps must have, what 'immediate response' to
> a request from a law enforcement actually means, what availability the
> systems for data retrieval must have and so on...
> Most of that will be defined first by the European Telecommunications
> Standards Institute. Then the german agency, which has to supervise
> the implementation of the law, will adopt that directive. That is
> expected to happen in spring 2009.
> Curiously, the telecommunication service providers in germany
> now have to log stuff, but know nearly nothing about the technical
> implementation and that is even worse for small service providers or
> private persons.
> The conclusion is more or less: nobody knows for sure if Tor relays
> have to log or not. It seems, that some courts will have to decide that.

The data retention law seems to be partly an attempt to 
make private operators do the government's work of law enforcement.
However, suppose the technical implementation is something like requiring ISPs 
to allow wholesale teeing of the pipes as is now done at AT&T in the USA,
at government/taxpayer expense.
Then we will not know whether some or all of the data is logged.
Further, what prevents European (or Chinese etc) data spies from cooperating
with American data spies, enabling monitoring both ends of most connections?

Re: Abuse complaint

[krishna e bera]

On Tue, Oct 07, 2008 at 04:21:32PM -0400, Michael Holstein wrote:
[...]
> http://help.twcable.com/html/twc_misp_aup.html
>
> However, like many ISPs, it still contains this clause :
>
> The ISP Service may not be used to breach or attempt to breach the  
> security, the computer, the software or the data of any person or  
> entity, including Operator, to circumvent the user authentication  
> features or security of any host, network or account, to use or  
> distribute tools designed to compromise security, or to interfere with  
> another's use of the ISP Service through the posting or transmitting of  
> a virus or other harmful item to deliberately overload or flood that  
> entity's system.
>
> ... and they make no distinction between YOU (as in the real you) and  
> TOR (as in traffic that appears to come from you, but isn't the real  
> you) .. all they care about is what comes out of your pipe.
[...]

Would it be useful to set up some pages on the wiki
with pointers to Tor-friendly and Tor-unfriendly ISPs, 
organized by country?
For example, Rogers Cable in Canada still had the "no servers" rule in their 
TOS this year,
but TekSavvy does not.
One concern might be proliferation of stale information.


signature.asc
Description: Digital signature

Re: how much does opera leak?

[krishna e bera]

This is not a site, it is a mailing list.
In every message that appears on this list, 
you will find a header with the instructions you seek.
The header starts like this:
   X-To-Get-Off-This-List
If you are using flawed email software such as Microsoft Outlook Express,
you may have to select View, Options while viewing a message to see the headers.

(I answer this way instead of directly with details 
because many mailing lists are similar so it is useful to learn
and this list might bounce the message to moderator if it contains management 
keywords.)


On Sun, Oct 05, 2008 at 07:39:44AM -0700, J B wrote:
> does anyone know how i can unsubscribe from this site these emails are 
> getting way too many? thanks

Re: Update to default exit policy

[krishna e bera]

I'm not clear on how authentication (on any port) stops spam,
other than the ISP cutting off a given userid after complaints.
A lot of spam already comes from malware infected computers 
via their legitimately configured email.
Those computers are probably not using Tor, let alone transparent proxy, 
but malware could grab their credentials and then 
use Tor on another host to send out spam over port 587,
if that port was allowed in exit policies.

Re: e-mail and anonymity

[krishna e bera]

Yahoo and Gmail both have degraded versions of webmail available
for when javascript is not enabled, last time i checked (spring 2008).

Re: [OT] message formats (was: browser footprint)

[krishna e bera]

Supporting only ASCII (which essentially means English-only) in this day 
and age is a form of cultural imperialism.  Tor needs users in every country, 
in every language, to be fully effective and available.
So even if we speak only English on this listserv, it would seem inappropiate 
to fault people for using standards-compliant unicode-capable mailers,
or ask them to override default behaviour of their software to support 
apps on legacy proprietary operating systems.

Source code is available for other mail packages for Solaris,
as well as packages like GNU recode.
If you choose not to use one, then in the rare case someone posts
a base64-encoded message on a subject of interest, you could 
ask someone to send you the trancoded message.

Re: browser footprint

[krishna e bera]

Thanks for running a check site and helping with privacy/anonymity!

I believe torbutton does this sort of scrubbing.
You can see what it does and why at
https://torbutton.torproject.org/dev/design/

It would be nice to have a torbutton for Konqueror.

Re: No Tor server exists that allows exit to 127.0.0.1:80. Rejecting.

[krishna e bera]

On Mon, Jul 07, 2008 at 12:12:54AM -0400, [EMAIL PROTECTED] wrote:
> I noticed this in my tor client log [Tor v0.2.0.28-rc (r15188) with
> SafeLogging 0 in torrc]:
> 
> [notice] No Tor server exists that allows exit to 127.0.0.1:80. Rejecting.
[snip] 
> like this." - http://archives.seul.org/or/talk/Mar-2007/msg00404.html

That could be caused by someone mapping certain domains to 127.0.0.1 in their 
local DNS service,
which when returned would cause your browser or http-proxy to request a 
document from localhost.
I used to map doubleclick.net to 127.0.0.1 in my router, for example.
Some malware and anti-malware software makes that kind of mapping in the 
Windows hosts file.
Thus i don't think a Tor node is doing it, though from a client point of view
one might consider a Tor exit node and its DNS as a single service.
Perhaps it could be logged at the exit node itself as a possible 
misconfiguration warning.

You can see your current exit node using Vidalia.
I don't know how to find out past exit nodes, or if it is a bad idea to keep 
that kind of info around.

Re: (Windows) does e-mail scanning with AVG Free work for all unsecured mails going through Tor?

[krishna e bera]

AVG (and other antivirus software) inserts a proxy that catches the email 
traffic you mention.

The risk with any examining or altering of traffic is that you may be 
giving up your legal and moral claim to status as a common carrier or safe 
harbour
which is perhaps the only thing protecting you from DMCA and other prosecution 
in the USA.

Microsoft and friends recommend against email scanning
http://www.microsoft.com/windows/ie/community/columns/filecorruption.mspx
at least for your own email as it may confuse your email software and cause 
corruption
and you are protected anyway due to the antivirus software's file access 
scanning.

Thirdly the default exit policy does not allow exit to port 25
because it can be used by spammers and worms and 
your ISP may cut off your access as it will think you are the source.

Re: icann opening up of tld's

[krishna e bera]

According to the announcement:
"Trademarks will not be automatically reserved.  But there will be an 
objection-based mechanism for trademark owners where their arguments for 
protection will be considered."

How expensive or practical is it to trademark .onion for purposes of the Tor 
network?

"There will be a limited application period where any established entity from 
anywhere in the world can submit an application that will go through an 
evaluation process."

Is an application to ICANN being considered?  The Tor project and network is a 
well established entity, having an office etc and thousands of relay nodes (by 
next year).

Re: Blocked by my ISP?-Solved.But Additional Question.

[krishna e bera]

On Sat, Jun 21, 2008 at 09:13:02PM -0700, Luis Maceira wrote:
> The question: can I use the FQDN or IP preferably,
> instead of nicknames,in torrc entrynodes,exclude
> nodes,exitnodes options?I have read something
> lately about the functioning of the Tor system,
> and it seems the directory servers/client initial
> dialog to determine the running nodes is protected
> by strong authentication,but when I access
> a listing of running nodes(by country,etc.)
> using https://stat.xenobite.eu(for example) with a
> webbrowser,how do I have assurance that the
> nicknames correspond to the real IP address?


Nicknames are not guaranteed to be unique.
You can use the router fingerprint instead,
wherever it says to specify a nickname in the torrc manual.

https://www.torproject.org/svn/trunk/doc/spec/dir-spec.txt
"
   2.3. Nonterminals in router descriptors

  nickname ::= between 1 and 19 alphanumeric characters ([A-Za-z0-9]),
 case-insensitive.
  hexdigest ::= a '$', followed by 40 hexadecimal characters
 ([A-Fa-f0-9]). [Represents a server by the digest of its identity
 key.]
"

> Does Tor check based on the strong authenticated
> listing received upon initial dialog with the
> directory servers the authenticity of the pairs
> nicknames/computers we could set up in exitnodes etc.
> of torrc?

The above cited document describes in section 3.3 
how nickname-to-identity-key mappings are maintained
and how the Named flag could be conferred upon your router.

Re: ktorrent and tor

[krishna e bera]

Please explain how these clients can be used to spy the Tor network.
I think the only risk of exposing real ip adddresses would be to 
other users of bittorrent.

The latest version of KTorrent is supposed to support socks5 directly,
but we do not want the data packets going over the Tor network
due to the load and also the liability to exit node operators.
https://wiki.torproject.org/noreply/TheOnionRouter/TorifyHOWTO/BitTorrent

I saw on the Ktorrent support forum that some problems making it work with 
proxy 
might be due to KDE having its own settings that take effect regardless
of what is done in KTorrent.  If you ask there you will likely get more
informed answers.



On Thu, Jun 19, 2008 at 04:17:12AM -0700, Dieter Zinke wrote:
>NOBODY should reply to questions of this kind.
>tor with ktorrent?
>tor with azureus?
>Tsss ...
> 
>All list members should be highly alarmed if somebody asks for help using
>azureus or shareaza. Both clients in the hands of experienced programmes
>can be used to spy the tor network. Yes, i know this is not the case this
>time. A kid asked for help in downloading ilegal (?) music via anonymous
>tor network, which is idiotic and no serious tor user should answer
>questions like this. But again, be alarmed if someone asks for help using
>shareaza or azureus. Both clients are used to spy the tor network.
> 
>-dieter
> 
>--- On Sat, 6/14/08, sigi <[EMAIL PROTECTED]> wrote:

Re: Tor 0.2.1.1-alpha is out

[krishna e bera]

On Wed, Jun 18, 2008 at 12:25:37AM -0400, Roger Dingledine wrote:
> Changes in version 0.2.1.1-alpha - 2008-06-13
>   o Memory fixes and improvements:
> - Add a malloc_good_size implementation to OpenBSD_malloc_linux.c,
>   to avoid unused RAM in buffer chunks and memory pools.
> - Speed up parsing and cut down on memory fragmentation by using
>   stack-style allocations for parsing directory objects. Previously,
>   this accounted for over 40% of allocations from within Tor's code
>   on a typical directory cache.

Does this mean linux users should always specify --enable-openbsd-malloc ?

> - Never use OpenSSL compression: it wastes RAM and CPU trying to
>   compress cells, which are basically all encrypted, compressed,
>   or both.

Is compression negotiation (or lack thereof) visible to sniffers?

Re: Phish filters on exit nodes

[krishna e bera]

Would it be useful to add an item to the "Step Three: Once it's working" 
document
https://www.torproject.org/docs/tor-doc-relay.html.en#after
such as

18. Protect your exit node's reputation by ensuring that its DNS resolution 
isn't hijacked.
Examples: 
- if you use OpenDNS, turn off the anti-phishing support[*]
  [*]http://archives.seul.org/or/talk/Jun-2008/msg00096.html
- if your node is behind a router, change the router admin password from 
the default
  to prevent malware from altering your DNS providers[*]
  
[*]http://blog.washingtonpost.com/securityfix/2008/06/malware_silently_alters_wirele_1.html

Re: SPD talk: "Simulating a Global Passive Adversary for Attacking Tor-like Anonymity Systems"?

[krishna e bera]

On Thu, Jun 12, 2008 at 04:26:48PM -0700, Mike Perry wrote:
> 3. Based on my measurements last year, only the top ~5-10% nodes are
> capable of transmitting this much data in an individual stream, and
> only if all of the nodes in your path are from this set. Furthermore,
> as load balancing improves (and we still have more work to do here
> beyond my initial improvements last year), these averages should in
> theory come down for these nodes (but increase for slower nodes). So
> how they will fair once we figure out the bottlenecks of the network
> is unknown. They could do better in this case, but it is probably more
> likely the average stream capacity for most nodes will drop below
> their detection threshold.

I've seen several users in the IRC asking
how they can ensure their traffic flows only over fast relays.
The above note would seem to indicate (another) good argument against doing 
that.

Re: How are hackers breaking Tor and trojan users?

[krishna e bera]

You allege there is an exploitable flaw in current Tor versions 
and have not informed Tor developers of details yet??
I would hope DefCon does not accept presenters having such ethics.


On Tue, Jun 10, 2008 at 12:50:10PM -0500, Arrakis wrote:
> Yes, it can be done.
>
> If the talk is accepted at DefCon, it will be demonstrated live.
>
>
>
> MadAtTorHackers wrote:
>> I read that hackers are breaking Tor and turning into a trojan/rootkit?  Is
>> this possible?  How can they do this?
>>
>> In post: http://www.wilderssecurity.com/showpost.php?p=1257878&postcount=722
>> says XeroBank:

tor legal help in canada

[krishna e bera]

i run Tor exit node cyblings01 which is in Canada.
i got a notice of copyright infringement from my ISP Rogers:
http://cyblings.homelinux.net/tor/rogers-abuse-email.txt
i have drafted a reply as follows:
http://pastebin.ca/1001809
any comments appreciated before i send final copy, tomorrow evening.

also does anyone have relevant legal tips and templates for Tor operators in 
Canada?