Re: Tor on the iPhone

[w]

Interesting. Well, I ask this one because I've always found that my battery 
drains the fastest when using the 3G or EDGE connection. Significantly faster 
than playing an intensive 3D game, even...

.w





On May 16, 2010, at 5:57 AM, Marco Bonetti wrote:

> Backgrounding itself is completely negligent, what affects the battery life 
> are cryptography operations tor will ask the CPU to carry out,

***
To unsubscribe, send an e-mail to majord...@torproject.org with
unsubscribe or-talkin the body. http://archives.seul.org/or/talk/

Re: Help translate Orbot

[w]

Fantastic Marco!

A few questions:

1) The iPhone, especially the basic 3G model, seem pretty strapped for free 
resources (RAM and CPU cycles)... How does Tor fare with those limitations? How 
much RAM does it really need anyway?

2) Is Privoxy/Polipo needed for iPhone apps?

3) How does the Tor background process affect battery life?

.w





On May 16, 2010, at 5:25 AM, Marco Bonetti wrote:

> Don't worry: I'm working on it :-P
> See http://sid77.slackware.it/iphone/

***
To unsubscribe, send an e-mail to majord...@torproject.org with
unsubscribe or-talkin the body. http://archives.seul.org/or/talk/

Re: Traffic shaping?

[W]

In this case, purposely 'shaping' the traffic so that it looks like something 
other than what it actually is (ie, not Tor traffic).

.w





On May 15, 2010, at 11:18 PM, and...@torproject.org wrote:

> What do you mean by traffic shaping?

***
To unsubscribe, send an e-mail to majord...@torproject.org with
unsubscribe or-talkin the body. http://archives.seul.org/or/talk/

Preventing 502s?

[W]

Hi all,

I am getting a lot of these messages lately -- how can I increase the wait time?

502 Server dropped connection

The following error occurred while trying to access http://xxx

502 Server dropped connection

Generated Sat, 15 May 2010 19:37:54 EDT by Polipo on xxx.local:8118.

.w***
To unsubscribe, send an e-mail to majord...@torproject.org with
unsubscribe or-talkin the body. http://archives.seul.org/or/talk/

Traffic shaping?

[W]

Does Tor do any kind of traffic shaping?

.w





***
To unsubscribe, send an e-mail to majord...@torproject.org with
unsubscribe or-talkin the body. http://archives.seul.org/or/talk/

Re: Help translate Orbot

[W]

Wow Runa, while I unfortunately can't help with any translations, I just want 
to say that that app looks wonderful and wish you the best of luck with it. 
Wish I had something like that on my iPhone!

.w





On May 15, 2010, at 2:20 PM, Runa A. Sandvik wrote:

> As many of you probably know, Tor is available for Android by
> installing a package named Orbot:
> https://www.torproject.org/docs/android.html. Right now, Orbot is only
> available in English and Spanish, but I am hoping that this will
> change really soon.
> 
> I have added Orbot to the Tor translation portal, along with the
> following languages: Norwegian, German, Spanish, French and Polish.
> See https://translation.torproject.org/projects/orbot/. Please send an
> email to tor-translat...@torproject.org if you want me to add another
> language.
> 
> Thanks,

***
To unsubscribe, send an e-mail to majord...@torproject.org with
unsubscribe or-talkin the body. http://archives.seul.org/or/talk/

Re: How to "wrap" applications in Mac OS X?

[W]

Responding to part of what you said in the Exit Node Sponsorship thread, this 
makes me think that something which could be really useful -- and which could 
certainly lessen the newbie-not-effectively-using-Tor-syndrome: a sort-of 
launcher and "dashboard" for apps that are to be "Torified" (using torsocks, 
dsocks, or whatever else). In other words, a panel that they open up, drag apps 
into, and -- if they are launched from this panel -- get properly wrapped. A 
simple, green light / red light metaphor could then be used to indicate whether 
or not they are being run through Tor.

Is that conceivable?

I imagine that from there they could also get warnings if the app is leaking 
DNS requests and so on (couched of course in simpler terms, 'warning: although 
Tor is trying to protect you, this application is giving away your private 
information. Click here to see a recommended replacement')... Leading to a web 
tool which recommends replacements for 'unsafe' apps.

I can try mocking all of this up if it would be helpful. I imagine that no one 
would have time to implement it for a while, but if Tor use is starting to 
become more mainstream the conceptual direction could perhaps be at least 
mildly useful?

.w





On May 14, 2010, at 12:59 AM, and...@torproject.org wrote:

> If by GUI applications you mean native OS X carbon/cocoa apps, unlikely
> unless you can launch them from the command line. 

***
To unsubscribe, send an e-mail to majord...@torproject.org with
unsubscribe or-talkin the body. http://archives.seul.org/or/talk/

Re: Tor Exit Node Sponsorship - looking for partners

[W]

This is not an entrepreneurial proposition all. I'm merely talking about 
exposing the end-users to the financial realities of operating the service, and 
inviting them to help in a more obvious way. I'm NOT suggesting blatant 
nagware. "Gentle" is the word used, and I certainly never said pop-ups.

Forget my comment about technically-minded users for a moment. My question 
really should read: "Are there a significant body of end users of Tor who do 
not understand how it fundamentally works?"

Think about it: Once Tor is setup properly, how often is the average user going 
to return to the website to be reminded that they should donate, or that Tor 
organizationally is in need of this or that? Yes, the speed of the network 
should be some indicator, but I am suggesting that not everyone will know that, 
so perhaps a message like "Tor exit nodes are heavily congested. Click here to 
help . . . " would have a beneficial impact.

All this being said, I completely understand, even even fully empathize with 
your reaction. I would never want to see Tor be packaged with crapware!

.w



On May 13, 2010, at 8:31 PM, Jon wrote:

> I can not speak for everyone else, but for my self, if I read this
> right, imo, there is no difference or very little difference between
> nagware popups and splash screens that have reminders or ads on them.
> 
> There is enough ' crap '  ware out there with those pop ups, etc. As a
> relay operator, if i had to see this everytime an upgrade was done or
> had to reboot for whatever reason, those screens/popups would be
> enough after a while to stop being a relay.
> 
> I am not in the ' technically-minded ' user base, but I am among the
> relay user database that donates time, bandwidth, money to the cause
> here. As just like several hundred others.
> 
> Again, imo, I get the feeling beginning from the topic, that it
> appears to be more to this then meets the eye. It seems to me that
> some one other than TOR is going to benefit more from this.
> 
> I may be wrong in the way I am reading this, but sure seems like to me
> that this is an entrepreneur proposition for some one to make money
> on/with.

***
To unsubscribe, send an e-mail to majord...@torproject.org with
unsubscribe or-talkin the body. http://archives.seul.org/or/talk/

Re: Tor Exit Node Sponsorship - looking for partners

[W]

Well, assuming that it is only a technically-minded userbase that installs Tor, 
then maybe! Do you guys have any sense of whether or not that's actually true?

.w





On May 13, 2010, at 6:57 PM, Martin Fick wrote:

> I would think that the slowness of the network would be 
> reminder enough, no?
> 
> -Martin

***
To unsubscribe, send an e-mail to majord...@torproject.org with
unsubscribe or-talkin the body. http://archives.seul.org/or/talk/

How to "wrap" applications in Mac OS X?

[W]

Is there a "torify" equivalent for Mac OS X, or does Torify work on that 
platform... And if so, can it wrap GUI applications as well? Asking because I'd 
like certain applications on my system without individual proxy settings to use 
Tor, and certain apps of the same class not to...

.w





***
To unsubscribe, send an e-mail to majord...@torproject.org with
unsubscribe or-talkin the body. http://archives.seul.org/or/talk/

Re: Tor Exit Node Sponsorship - looking for partners

[W]

Back to the Kickstarter idea, while I fully understand and agree with most of 
your points, my thought was one of publicly creating awareness of need. 
Whatever the appropriate platform, I really think it needs to move in that 
direction.

Let's hypothesize for a moment that a suitable basic payment platform is found. 
What if Tor, the application itself (not making a distinction between Tor and 
Vidalia here), were to make people more aware of the need for exit node 
donations? I'm not necessarily suggesting nagware pop-ups, but I am talking 
about something like, perhaps, a splash screen with a reminder -- and a button 
-- upon launch. I am also talking about gentle nudges in the initial setup 
process. "Tor development is only possible with your support!" etc etc.

And the Tor Browser Bundle? How about making its default page an explanation of 
the need for more exit notes, statistics, and some kind of visualization of 
what the impact would be for a given amount donated?

And make it beautiful and simple, like this: http://www.charitywater.org/donate/

.w





On May 12, 2010, at 1:11 PM, Moritz Bartl wrote:

> I first planned to offer a certain bandwidth push for one-time
> donations, eg. 1Mbit/s for one month for 2 Euro. The system could be
> automated to automatically update the Tor node configuration

***
To unsubscribe, send an e-mail to majord...@torproject.org with
unsubscribe or-talkin the body. http://archives.seul.org/or/talk/

Re: Tor Exit Node Sponsorship - looking for partners

[W]

Have you guys thought organizing a (very) public Kickstarter.com project for 
the purpose of raising the funds and creating awareness of need?

.w





On May 10, 2010, at 8:06 PM, Moritz Bartl wrote:

> Hi,
> 
> At the moment, 25% of all traffic exits through Blutmagie (thanks
> Olaf!). I guess we all agree that this situation is far from optimal.
> 
> Judging from the number of requests in the last months where people
> were looking for friendly ISPs, help with setting up, running and
> managing Tor nodes, and especially abuse handling advice, I think there
> is enough interest to fund another big node.
> 
> I've been in contact with several ISPs lately, asking specifically for
> high bandwidth Tor exit node hosting. I have also added their responses
> to the GoodBadISPs wiki.
> 
> What I am planning is either a large node (split like Blutmagie), if I
> can find enough people to sponsor it, and/or smaller nodes on virtual
> machines, eg. for hidden services hosting. I will personally order the
> machine, manage it, keep Tor(s) running with mostly unrestricted exit
> policies and handle all abuse. The companies selected will not shut
> down the serve but pass all abuse to me, WHOIS notices will be adjusted
> when possible (unfortunately, only a few of them offered that), RDNS
> and notice pages will be set up accordingly.
> 
> I know that this is a controversial topic, and that it would be better
> to have completely independent nodes, but I hope that I can earn your
> trust. I will happily sign an agreement that I will not log/sniff
> traffic. :-) The configuration will be published among sponsors.
> 
> I am open to suggestions here: You as a sponsor might also be
> interested in an additional private VPN service, or use the large drive
> space as backup purposes, I2P etc. You can of course also be mentioned on
> the notice page as sponsor, complete with your company logo.
> 
> If you're interested, feel free to contact me directly. Tell me what
> you'd want to give, and what you'd expect for your money.
> 
> At the moment, I am thinking about something like these (monthly):
> 
> $200 100TB - http://www.100tb.com/
> $160 100Mbit/s - http://fdcservers.net/
> 50€  10Mbit/s  - http://www.netrouting.nl/
> 
> All depending on how many people are willing to participate.
> 
> -- 
> Moritz Bartl
> GPG 0xED2E9B44
> http://moblog.wiredwings.com/
> ***
> To unsubscribe, send an e-mail to majord...@torproject.org with
> unsubscribe or-talkin the body. http://archives.seul.org/or/talk/

***
To unsubscribe, send an e-mail to majord...@torproject.org with
unsubscribe or-talkin the body. http://archives.seul.org/or/talk/

Re: Problems with irc because of tor?

[Alexander W. Janssen]

Ted Smith wrote:
> On Thu, 2008-11-20 at 22:39 +0100, Alexander W. Janssen wrote:
>> Robert Hogan wrote:
>>> Do you run a server yourself? If so, your real IP may be on the irc 
>>> server's 'tor blocklist'.
>> I don't think so, Freenode wouldn't send the error-message with
>> 127.0.0.1 then, but with his public IP-address.
>>
>> Alex.
>>
> 
> No, speaking from experience freenode sends 127.0.0.1 if you're on their
> blacklist, torified or no. They're also very slow to update; I've not
> been running my exit for some time, but for a long time I was still
> forced to use the hidden service. I'd probably still be banned if I
> hadn't had to reboot my router.

What blacklist is Freenode using then? Do they run their own?
Any chance to check if it's really that? Sounds sensible though...

Alex.



signature.asc
Description: OpenPGP digital signature

Re: Problems with irc because of tor?

[Alexander W. Janssen]

Robert Hogan wrote:
> Do you run a server yourself? If so, your real IP may be on the irc 
> server's 'tor blocklist'.

I don't think so, Freenode wouldn't send the error-message with
127.0.0.1 then, but with his public IP-address.

Alex.



signature.asc
Description: OpenPGP digital signature

Re: Problems with irc because of tor?

[Alexander W. Janssen]

Praedor Atrebates wrote:
> Now I'm really lost on this.  Tor quit running (I cannot run 
> tor-0.2.1.7-alpha 
> for more than a couple minutes, so it seems.  It just suddenly quits without 
> any errors.  It's running then suddenly it isn't.

OK, that's another thing.

> Looks like it is back to the previous version again...
> 
> That said, tor is down/off and I STILL get the same messages for my IRC 
> client.  It seems that simply running tor briefly is enough to bork my IRC 
> client from then on (at least until I reboot)?

N, no way. A couple of questions:

1) You run some kind of transparent proxy?
2) If not, check if Tor is really disabled. Use ps in UNIX or the
Windows Taskmanager to check. Shut down Tor.
3) Check all your IRC-client's settings.

To be more precise:
4) What operating system are you using?
5) What IRC-Client are you using?

The error-message you're describing is hand-crafted for people who want
to use the Freenode-network with Tor. It wouldn't appear for any other
users (unless Freenode borked up their scanners).

By the way, the message "Closing Link: 127.0.0.1 (Banned)" seems to
indicate that you're using some kind of proxy.

If you give us more details, we might be able to help.

Alex.



signature.asc
Description: OpenPGP digital signature

Re: Problems with irc because of tor?

[Alexander W. Janssen]

Sebastian Hahn wrote:
>> -Ursprüngliche Nachricht- Von: "Praedor Atrebates"
>> <[EMAIL PROTECTED]> Gesendet: 20.11.08 21:10:08 An:
>> or-talk@freehaven.net Betreff: Problems with irc because of tor?
>> Why does running tor suddenly cause me to be unable to connect to
>> freenode?  I am NOT running a torified irc client.  Also, where's
>> the address 127.0.0.1 coming from?  Why is my REAL IP address now
>> invisible (apparently) and tor causing sites to think I am trying
>> to use the  localhost IP?
>> 
>> praedor
>> 
> 
> Unfortunately, some service providers choose to not accept Tor users
> as part of their userbase and block connections from exit nodes. 

That wasn't the question, he was wondering why he was using Tor at all
though he told his client not to use it.

Praedor: Sure you don't use a proxy in your IRC-client? Also, check - if
you're using some flavour of UNIX - if you have some variable like
http_proxy set.

Alex.



signature.asc
Description: OpenPGP digital signature

Re: GnuPG through Tor

[Alexander W. Janssen]

misc wrote:
> Is there any way at all to get keys from LDAP server through Tor?

LDAP uses TCP, so yes, it should be working if you configure GnuPG to
use a proxy.

Alex.




signature.asc
Description: OpenPGP digital signature

Re: Attempting to connect to nodes in bogon space

[Alexander W. Janssen]

Arjan wrote:
> My tor middle node (0.2.0.31) tries to connect to some bogon IP
> addresses and I was wondering why it does that.
[... bogons ...]

To meet general internet sanity, why not include bogons as blacklisted
into the default Tor-policy?

I know, "every node counts", but bogons don't.

Alex.



signature.asc
Description: OpenPGP digital signature

Re: Fwd: Post Confirmation 807ccc3983b12bd9

[Alexander W. Janssen]

Jonathan Addington wrote:
> Can someone explain why I get this message every time I post? Or
> delete whatever email address sends this back to me?

You're maybe posting not with the same email-address as you subscribed.

> I don't post often, but it is annoying when I do.

Maybe it's just that.

Alex.



signature.asc
Description: OpenPGP digital signature

Re: flash won't work with Tor enabled

[Alexander W. Janssen]

Kasimir Gabert wrote:
> If you really need to access a flash script you could set up CGIProxy
>  (http://www.jmarshall.com/tools/cgiproxy/) to route through Tor, and
>  then connect to a local CGIProxy proxy with it's settings enabled
> for rewriting scripts.  This will not, of course, guarantee your 
> anonymity.  I would combine it by putting the CGIProxy on another 
> machine (or virtual machine), then set your firewall to block any/all
>  requests that are not to that machine or localhost.  This should
> help protect against failed rewrites by CGIProxy, and potentially
> retain the anonymity provided by Tor.  Please correct me if I am
> wrong!

Hm, I wonder if running your browser explicitly through torify would
help? All network system-calls would be replaced by SOCKS-calls then.

Can anyone comment on this? Not sure if that applies to plugins though.

> Kasimir

Alex.




signature.asc
Description: OpenPGP digital signature

Re: icann opening up of tld's

[Alexander W. Janssen]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Geoff Down wrote:
> Presumably any problems could be avoided by changing the pseudo-tld to
> something really obscene...

.onionporn?

SCNR

Alex.
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.7 (MingW32)

iQCVAwUBSGYzuBYlVVSQ3uFxAQJXkgP8DOB4xMsvV3U9TI9EAnsS4rfqkn7K3VQS
kiTYZ/8PIAkYj4JYwy5YwNvpVi/4OHkxN6epzrh2IiFETbQ/jgKQBicKu40/S9xg
G8QIFZ1fzMiddR+9pjGMn1fsSIUvraqFtWuFeWJtblAWad3rvFb2ddjCeI00LMsm
PszeQmW9PmU=
=CuzM
-END PGP SIGNATURE-

Re: German Fed???

[Alexander W. Janssen]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Karsten N. wrote:
> Hi,
> 
> I have found this at core.onion (http://eqt5g4fuenphqinx.onion/page/31)
> 
>> gpfTOR1-4: Those are operated by a front end of the German
>> Verfassungsschutz.

Wtf? :-)

> Is it only the paranoia of some individuals or disinformation?

I guess a bit of both.

> And I have a question: Why looks our organisation like a front end of
> the German Verfassungsschutz. Any help?

Don't take the bait. I bet those weirdos who put that information up the
Web are just playing with their wieners, drooling over your disgust.

> Karsten N.

Alex.
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.7 (MingW32)

iQCVAwUBSGNlqxYlVVSQ3uFxAQJVbgQAkkv50Ec45j8YDgUMZzLwm8gQP6IyoZDf
Y9pE2uElUxBYB93cyT1XzgtGuokhxC27LtyGwfIFLBQxe/dJrL1hzNHtUqrScKiv
ea41+utVfXf0D8rNkpuTCgbdU+ZMgc49f7TvO1QrycxzwErS5F2fW+tPRrQORk3h
Df45tHpSwLg=
=i/VX
-END PGP SIGNATURE-

Re: Problem w/ Using tor(k) for Geostreaming Live-Videos

[Alexander W. Janssen]

Works here with torify, though painfully slow. You might chose a stream
which uses less bandwidth:

$ ./torify mplayer -playlist
http://wstreaming.zdf.de/zdf/veryhigh/080609_smm.asx
...
STREAM_ASF, URL:
mms://c36000-o.w.core.cdn.streamfarm.net/36000zdf/ondemand/3546zdf/zdf/zdf/08/06/080609_smm_vh.wmv
Resolving c36000-o.w.core.cdn.streamfarm.net for AF_INET...
Connecting to server c36000-o.w.core.cdn.streamfarm.net[217.243.250.24]:
1755...
Connected
...

By the way, Switzerland-Turkey 1:1 :-)

Have fun,
Alex.

[EMAIL PROTECTED] schrieb:
> Hi there,
> 
> here offers German Tv a live stream for soccer matches of the euro 2008! 
> 
> It is shielded by geostreaming! And even more, since due to some
> technical stuff on their side, not all German IPs are allowed accidentally..
> 
> Thus I need to use tor in order to become another German IP via an exit node, 
> so that I can also watch them in real time!
> 
> mplayer -playlist 
> http_proxy://127.0.0.1:8118/http://wstreaming.zdf.de/zdf/veryhigh/080609_smm.asx
> 
> It seems that tor is checking out the url in the "playlist" file but then 
> goes there straight without the proxy? I have tried also regular German
> public proxies like http://www.publicproxyservers.com/page1.html but no 
> success either.. It is an rtsp stream after all, the live video...
> 
> How can I run tor(k) so that I can view the games???
> 
> Erich
> 
> PS: Please reply to the list and to my email address so that I can read the 
> replies before the daily digest with the others topics of this list..
> 
> 
> Jetzt komfortabel bei Arcor-Digital TV einsteigen: Mehr Happy Ends, mehr 
> Herzschmerz, mehr Fernsehen! Erleben Sie 50 digitale TV Programme und 
> optional 60 Pay TV Sender, einen elektronischen Programmführer mit Movie Star 
> Bewertungen von TV Movie. Außerdem, aktuelle Filmhits und spannende Dokus in 
> der Arcor-Videothek. Infos unter www.arcor.de/tv




signature.asc
Description: OpenPGP digital signature

Re: Tor with secure Gmail

[Alexander W. Janssen]

Man Man schrieb:
> Hi!

Aloha!

> I am using Gmail at https://mail.google.com/ with tor.
> 
> When I am at login, browser will state that the connection is only
> partially secure, ie. some items (I do not know what) are not
> encrypted. However, once I untor, I am able to get into the fully
> secure Gmail login page.

What browser are you using?
Can you tell us the exact words of the error-message?
Does it say something like "self-signed certificate", "security
certificate belongs to other hostname", "certificate expired" or what?
Click the little button which looks like a lock on your browser's lower
right side (for IE and Mozilla-clones).

> I tried this for many times and got this result each time. As I live
> in an unsafe country, I am worried my government is adding code to
> network traffic to identify users.

So please state what exact error-messages you're getting.

> Thanks in advance.

Alex.



signature.asc
Description: OpenPGP digital signature

Re: Applications Recommended For Use With Tor +++ PROPOSAL, DRAFT +++

[Alexander W. Janssen]

Kyle Williams schrieb:
> Hello Alex,

Aloha Kyle!

> I've already logged into the Wiki and updated the Test Procedures section.
> Seeing as I've found lots of IP disclosure vulnerabilities in the past
> (and future?), I for one would be more than happy to help with this.

Thanks. The whole section is quite a draft and seriously: it needs more
details than we have right now, even with your corrections.

> One application that should never show up on this list is Internet
> Explorer.  I've got two 0-days right now for IE, and they would totally
> compromise your anonymity and security.  Don't worry, they've been
> reported through 3Com's ZDI program and I'm waiting to see the fixes
> come out (who knows when).
> If you use Tor, DO NOT USE INTERNET EXPLORER!

Actually that's not the point about this wiki-page; it's more about what
specific things can go wrong, not about what kind of special exploits a
several application is suffering of.
Even all those Mozilla-browsers have their own problems so i want to
keep this specific section open.

The questions are:
* Where do those applications compromise anonymity?
* What plugins are known to be shit?

That's fairly generic - there's no need for another "my browers's better
than yours"-thing.

Thanks for your input anyway! :-)

> Let the bug hunting continue!!  w00t!

Oh yeah. I'll be testing me very own setup on thursday.

> - Kyle

Alex.



signature.asc
Description: OpenPGP digital signature

Applications Recommended For Use With Tor +++ PROPOSAL, DRAFT +++

[Alexander W. Janssen]

Hi all,

following up a discussion on #tor I made up a Wiki-article about the
abovementioned subject.

https://wiki.torproject.org/noreply/RecommendedSoftware

Abstract: To create a list of "Applications Recommended For Use With
Tor" [2]. Those applications must obey the rules of
1) using the proxy supplied
2) not leaking any information around the proxy

Disclaimer: This is work in progress. This is only meant for your
information. It's not a formal process, nor a written thing. I just put
it for discussion. It's up to you to define the rules.

Motivation: Tonight we were discussing if [1] is a reasonable thing or
not. I pointed out that Tor, as a layer-3 routing-software, can't solve
layer-4+ problems and that it should be up to "downstream-proxies" to
solve the "untrusted TCP-port"-problem.

However, several people disagreed with my opinion, pointing out that the
real problem are the applications using Tor, compromising the anonymity
of the user and the IP-address-obfuscation of the router.
The real thing would be solving all those problems directly in the
applications instead of sailing around the problems, using proxies and
the such.

Later, the point about Tor-safe and not-safe applications popped up -
thinking of DNS-leakage, unsafe browser plugins. Those problems were
reported before on this list about several products - related to several
versions of those individual applications - but except the archive of
this list this pieces of information _were never consolidated_. We just
have a bunch of warnings that a certain application $foo in version $bar
leaks DNS.

Goal: To create a list of "Applications Recommended For Use With Tor".
That'd give users a certain degree of confidence that the application
(s)he's using isn't leaking information to the world when using Tor.

I'd appreciate your comments and I'm awaiting your corrections on all
the articles in the Wiki. (free registration required).

The Wiki-article isn't linked to anywhere in the Wiki yet. That's on
purpose until we sorted our all the basic questions.
I'll be willing to set up a dedicated mailing-list for this subject,
unless we can have on elsewhere.

Cheers,
Alex.

[1]
https://www.torproject.org/svn/trunk/doc/spec/proposals/129-reject-plaintext-ports.txt
[2] Name made up by Nick. I like it, though I found it to be too bold.



signature.asc
Description: OpenPGP digital signature

Re: Ports 443 & 80

[Robert W Capps II]

Oops, the DirPort section of the sample should have read:

  ## Optional: what port to advertise for TOR directory connections.
  DirPort 80
  DirListenAddress 2.2.2.2:9091




On May 18, 2008, at 10:38 AM, Robert W Capps II wrote:

I've not tried to setup a TOR node with your config, but I'll tell  
you how I got mine to work :


Assumptions for the following configuration:

 1.1.1.1 - Public IP address of Firewall (assumes you are using NAT  
internally)

 2.2.2.2 - Private IP address in use on the TOR server
 :9090 - Private OR Port
 :443   - Public OR Port
 :9091 - Private DIR Port
 :80 - Public DIR Port

First I set my firewall up to accept the following external ports,  
and forward them to the TOR server - basically port forwarding with  
NAT:


 1.1.1.1:443 -NAT and port forward to-> 2.2.2.2:9090
 1.1.1.1:80   -NAT and port forward to-> 2.2.2.2:9091

The TOR server was then configured to listen locally for TOR traffic  
on 2.2.2.2:9090 and 2.2.2.2:9091, so you'll need to set the  
following items in your torrc file:


 ## The IP or FQDN for your server. Leave commented out and Tor will  
guess.

 Address 1.1.1.1

 ## Required: what port to advertise for Tor connections.
 ORPort 443
 ORListenAddress 2.2.2.2:9090

 ## Optional: what port to advertise for TOR directory  
connections.Uncomment this to mirror the directory for others.

 DirPort 80
 DirListenAddress 192.168.3.20:9091


So, without validating your firewall setup, I would think you need  
to modify your 'ORListenAddress' and 'DIRListenAddress' to reflect  
the ACTUAL IP address (not 0.0.0.0) of your TOR server, and set your  
'Address' value to the actual public IP address of your firewall  
(note, no port required on the 'Address' value).


Hope this helps!

Robert



On May 17, 2008, at 4:53 PM, Nathaniel Dube wrote:

I read somewhere that you can use ports 443 and 80 to help out  
people stuck
behind really restrictive firewalls.  I've been trying to manually  
configure
Tor to do just that.  I've configured the router for port  
forwaring.  I'm
pretty sure I did the same for my Linux firewall.  I told the  
firewall to
listen on ports 443/80 and redirect to 9090/9091.  So the way I  
understand it
is, Tor servers/clients should be trying to connect to ports 443/80  
--> my
router listens on 443/80 and bounces to my firewall --> my firewall  
listens
to 443/80 and bounces to 9090/9091 which the tor server is really  
listening
in on.  I'm running openSUSE 10.3.  I used yast to set the  
firewall.  If I
understand what I'm doing I use the "Masquerading" section to do  
firewall
port forwaring.  Which I'm pretty sure I did correctly but for some  
reason

servers/clients are still unable to connect to my tor server.

I could really use some help getting this working.  I can get the  
normal ports
working no problem and have my server join the tor network.  It's  
when I try

doing the port 443/80 trick that things get harry.

Here are screenshots of my configuration screens I did for the port
forwarding.

http://img246.imageshack.us/img246/303/443zb6.png
http://img265.imageshack.us/img265/1403/80xv7.png
http://img253.imageshack.us/img253/483/yastmasqsm4.png
http://img253.imageshack.us/img253/2820/yastrulesyl0.png
http://img338.imageshack.us/img338/5127/routerpn3.png

Here's portions of tor's config file.  I Xed out stuff that might be
considered a security risk on my part.

SocksPort 9050
SocksListenAddress 127.0.0.1
DataDirectory /home/tor/.tor
ControlPort 9051

ORPort 443
ORListenAddress 0.0.0.0:9090
DirPort 80
DirListenAddress 0.0.0.0:9091

Also, here's the log when I run tor in Konsole as root.  I know,  
don't run Tor
as root.  I'm just doing that to test it to make sure it's working  
before I

set it to start on boot under the "tor" user.

May 16 23:09:16.449 [notice] Tor v0.1.2.19. This is experimental  
software. Do

not rely on it for strong anonymity.
May 16 23:09:16.450 [notice] Initialized libevent version 1.3b  
using method

epoll. Good.
May 16 23:09:16.450 [notice] Opening OR listener on 0.0.0.0:9090
May 16 23:09:16.450 [notice] Opening Directory listener on  
0.0.0.0:9091

May 16 23:09:16.450 [notice] Opening Socks listener on 127.0.0.1:9050
May 16 23:09:16.450 [notice] Opening Control listener on  
127.0.0.1:9051
May 16 23:09:16.451 [warn] You are running Tor as root. You don't  
need to, and

you probably shouldn't.
May 16 23:09:16.642 [notice] Your Tor server's identity key  
fingerprint

is 'XXX'
May 16 23:09:18.240 [notice] We now have enough directory  
information to build

circuits.
May 16 23:09:18.438 [notice] Guessed our IP address as X.
May 16 23:09:21.856 [notice] Tor has successfully opened a circuit.  
Looks like

client functionality is working.
May 16 23:09:21.856 [notice] Now checking whether 

Re: Ports 443 & 80

[Robert W Capps II]

I've not tried to setup a TOR node with your config, but I'll tell you  
how I got mine to work :


Assumptions for the following configuration:

  1.1.1.1 - Public IP address of Firewall (assumes you are using NAT  
internally)

  2.2.2.2 - Private IP address in use on the TOR server
  :9090 - Private OR Port
  :443   - Public OR Port
  :9091 - Private DIR Port
  :80 - Public DIR Port

First I set my firewall up to accept the following external ports, and  
forward them to the TOR server - basically port forwarding with NAT:


  1.1.1.1:443 -NAT and port forward to-> 2.2.2.2:9090
  1.1.1.1:80   -NAT and port forward to-> 2.2.2.2:9091

The TOR server was then configured to listen locally for TOR traffic  
on 2.2.2.2:9090 and 2.2.2.2:9091, so you'll need to set the following  
items in your torrc file:


  ## The IP or FQDN for your server. Leave commented out and Tor will  
guess.

  Address 1.1.1.1

  ## Required: what port to advertise for Tor connections.
  ORPort 443
  ORListenAddress 2.2.2.2:9090

  ## Optional: what port to advertise for TOR directory  
connections.Uncomment this to mirror the directory for others.

  DirPort 80
  DirListenAddress 192.168.3.20:9091


So, without validating your firewall setup, I would think you need to  
modify your 'ORListenAddress' and 'DIRListenAddress' to reflect the  
ACTUAL IP address (not 0.0.0.0) of your TOR server, and set your  
'Address' value to the actual public IP address of your firewall  
(note, no port required on the 'Address' value).


Hope this helps!

Robert



On May 17, 2008, at 4:53 PM, Nathaniel Dube wrote:

I read somewhere that you can use ports 443 and 80 to help out  
people stuck
behind really restrictive firewalls.  I've been trying to manually  
configure
Tor to do just that.  I've configured the router for port  
forwaring.  I'm
pretty sure I did the same for my Linux firewall.  I told the  
firewall to
listen on ports 443/80 and redirect to 9090/9091.  So the way I  
understand it
is, Tor servers/clients should be trying to connect to ports 443/80  
--> my
router listens on 443/80 and bounces to my firewall --> my firewall  
listens
to 443/80 and bounces to 9090/9091 which the tor server is really  
listening
in on.  I'm running openSUSE 10.3.  I used yast to set the  
firewall.  If I
understand what I'm doing I use the "Masquerading" section to do  
firewall
port forwaring.  Which I'm pretty sure I did correctly but for some  
reason

servers/clients are still unable to connect to my tor server.

I could really use some help getting this working.  I can get the  
normal ports
working no problem and have my server join the tor network.  It's  
when I try

doing the port 443/80 trick that things get harry.

Here are screenshots of my configuration screens I did for the port
forwarding.

http://img246.imageshack.us/img246/303/443zb6.png
http://img265.imageshack.us/img265/1403/80xv7.png
http://img253.imageshack.us/img253/483/yastmasqsm4.png
http://img253.imageshack.us/img253/2820/yastrulesyl0.png
http://img338.imageshack.us/img338/5127/routerpn3.png

Here's portions of tor's config file.  I Xed out stuff that might be
considered a security risk on my part.

SocksPort 9050
SocksListenAddress 127.0.0.1
DataDirectory /home/tor/.tor
ControlPort 9051

ORPort 443
ORListenAddress 0.0.0.0:9090
DirPort 80
DirListenAddress 0.0.0.0:9091

Also, here's the log when I run tor in Konsole as root.  I know,  
don't run Tor
as root.  I'm just doing that to test it to make sure it's working  
before I

set it to start on boot under the "tor" user.

May 16 23:09:16.449 [notice] Tor v0.1.2.19. This is experimental  
software. Do

not rely on it for strong anonymity.
May 16 23:09:16.450 [notice] Initialized libevent version 1.3b using  
method

epoll. Good.
May 16 23:09:16.450 [notice] Opening OR listener on 0.0.0.0:9090
May 16 23:09:16.450 [notice] Opening Directory listener on  
0.0.0.0:9091

May 16 23:09:16.450 [notice] Opening Socks listener on 127.0.0.1:9050
May 16 23:09:16.450 [notice] Opening Control listener on  
127.0.0.1:9051
May 16 23:09:16.451 [warn] You are running Tor as root. You don't  
need to, and

you probably shouldn't.
May 16 23:09:16.642 [notice] Your Tor server's identity key  
fingerprint

is 'XXX'
May 16 23:09:18.240 [notice] We now have enough directory  
information to build

circuits.
May 16 23:09:18.438 [notice] Guessed our IP address as X.
May 16 23:09:21.856 [notice] Tor has successfully opened a circuit.  
Looks like

client functionality is working.
May 16 23:09:21.856 [notice] Now checking whether ORPort XXX:443  
and
DirPort :80 are reachable... (this may take up to 20  
minutes --

look for log messages indicating success)
May 16 23:29:18.900 [warn] Your server (XXX:443) has not  
managed to
confirm that its ORPort is reachable. Please check your firewalls,  
ports,

address, /etc/hosts file, etc.
May 16 23:29:18.900 [warn] Your server (XX:80) has not  
manage

Re: Reregister after key change?

[Robert W Capps II]

Based on a thread from last October, I don't believe they are  
registering 'named' nodes anymore.


I think the loss of the 'named' status is the worst part of the key re- 
gen process - for those of us that run legacy, named nodes.


Now, time to roll keys on my nodes . . . .

Robert


On May 15, 2008, at 7:13 PM, F. Fox wrote:


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

[EMAIL PROTECTED] wrote:
(snip)

Anyway, since I changed my onion key because of the ssl vulnerability
should I send another email somewhere?

(snip)

I did.

It's [EMAIL PROTECTED] , I believe.

- --
F. Fox
AAS, CompTIA A+/Network+/Security+
Owner of Tor node "kitsune"
http://fenrisfox.livejournal.com
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.6 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iQIVAwUBSCzt4Oj8TXmm2ggwAQhh5RAAwFt2pwwiu9FUrZnQ/Iv5SMyJzDZWAZmd
lSK2r46i4TkN3sHpa6rTtbBONR5ai1e70RBkZdWDOTaKKtqjkXaxF9aSjgDAzYd/
xEnyX8zAqYbwb05E5uvjQN+/P9S2jX4sls4GjOoTGuX7kT8cUgayCJowgp4EdmO5
fCPCUNuOUVKTUdjXx9xE7lz93isGlXl+bfyaITa6xs5aLAq0Zq2GAZwrKzi50jpn
3iYCwQC70U7ZQmh6M5k6OKs4VCtdVbTuPsoUf6zC+l8OuQnkiYcI2eXJIv5ePLcw
4r9+XGF3z8Vs+kYJyGplwGvYlp+on682Vci12RfKpqzMFByX3n3s1lKDpVJcmsbC
I/xdK07SWuAuwmmJkxtew07SaODAqZFOxHsHc+6qKD8Pd2Q31SsC/49zBMh/MaZI
zZ8tcmPxe21r6IoHHlatyC4iT0PKEKjsXP8t4AKjP61C/EH39eZNezd86fWDg7bU
eM19vbKuG9MlfweZwiREA7Tn54Jp18Xrg7NPIbn/cjaeB4hMx6sNM4cHRF8Njr1A
cdmqi9MzAA9YxoW8OwIHpuUA6At19i5VOI4Fb4lU/JqNAAA9hm+gAARjjqojI1Dc
+Df5Z96AvMuv/PCCnpEH2l6eBkMhOHSklef+M6ercYiRXBHEAlkqXhq6hkTH33MV
8dpQdZb+rz4=
=u+WU
-END PGP SIGNATURE-

Re: TOR slowing down other network services

[Alexander W. Janssen]

Oh, and memory might be an issue too. If your machine starts paging and
swapping it'll suffer from it.

at-sar helps there too.

Alex.



signature.asc
Description: OpenPGP digital signature

Re: TOR slowing down other network services

[Alexander W. Janssen]

Rochester TOR Admin schrieb:
> A few other environment factors:
>  - my firwall is a pretty old machine with a very slow NIC
>  - my tor server NIC is very cheap [<$10]
> 
> Could anyone give me some insight about what they think might be going on?

I'm not sure... what's a "pretty old machine"? I mean, Tor uses quite
quite a lot of crypto-stuff, which is expensive. Maybe the CPU is
overcomitted.

Have you checked the load of your system? at-sar might give you some
insight.

> Thanks in advance...

Cheers, Alex.



signature.asc
Description: OpenPGP digital signature

Re: Tor relay shutted down by ISP

[Alexander W. Janssen]

Tom Hek schrieb:
> Thanks :) My ISP reconnected me again but I had to promise to never run
> Tor again. Tomorrow I'm going to call them and try to change their
> minds. XS4ALL is a ISP who stands for freedom of speech, they are
> against censorship, etc etc. If they knew what Tor was they wouldn't
> disconnect me for running Tor..

Yeah, that's what I thought too... I mean XS4ALL has quite a good
reputation. It puzzles me that they acted like you described it.

However, good luck and keep us updated.

Cheers, Alex.



signature.asc
Description: OpenPGP digital signature

Re: Tor operator raided in Finland

[Alexander W. Janssen]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Scott Bennett wrote:
>  In the United States, knowingly giving false information to a federal
> law enforcement officer is a felony, so as soon as they found out you had
> deceived them, they would likely charge you with that crime.

That sounds a bit misleading - if you're a suspect you don't need to
tell the truth. You don't need to say anything.
Though if you're a witness, you *must* testify (as long as you're not
accusing your kids or spouse) *and* tell the truth.

However, if you lie in court as a witness, you're in big trouble.

Alex.
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.7 (MingW32)

iQCVAwUBR5807hYlVVSQ3uFxAQJnWAP+J/76s/iaLVUIPkkXrxxxfobjYGBlBsr1
DolPN2v7JrWUnsQIbPBIlGCYjfEvZXd30HC8jpDM75+LUJXj3ueuRUUbaNHzdNOw
jPgLxiwp+SMioiRyrt5J9t7w360Fe51EJu6pE2paxTqpxiIUEJXvNbr8DeNM2yDQ
Qw2JwrYg1UU=
=fm2N
-END PGP SIGNATURE-

Re: unusual connection activity?

[Alexander W. Janssen]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

[...snip...]

A bit of quoting[1] would've been nice. It's hard to follow that email.

Alex.

[1] http://www.netmeister.org/news/learn2quote.html
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.6 (GNU/Linux)

iQCVAwUBR5jUqRYlVVSQ3uFxAQJBHwP/bAIPKg9JLbqdMDVbzP5cAkZHSSR4/AKe
mC7i++w2wcG8uRtJ8x5EKDWGzjn7+dkN9S4+eIs6G2xa7A33sPGDp94w9MVO9gIL
Skfp9U50vaCpxnNK1eR82aw42MmhYwkMqWlaExpII1HMxFvmY/9zZnfruBGeyHOi
t2V2Wvzrs1o=
=9/Ml
-END PGP SIGNATURE-

Re: Why is TorButton and not FoxyProxy so much supported by the tor project?

[Alexander W. Janssen]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

kazaam schrieb:
> Hi, I myself am using the foxyproxy plugin and not torbutton. With
> foxyproxy I simply make a blacklistrule which routes evertyhing
> through tor and only whitelist pages I'm really trusting.
> 
> With TorButton I see many problems:
[...]

To make a long story short, the new development-version of Torbutton has
improved dramatically. See
http://itnomad.wordpress.com/2008/01/02/try-new-torbutton-firefox-plugin/
for instance. (shameless advertisement for my blog;)

Cheers, Alex.
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.6 (GNU/Linux)

iQCVAwUBR4UdnBYlVVSQ3uFxAQJM8AQAlI7LU5xXzzHFTRPZYqxI8zRqqsVGc/Ml
rFOBlABVdGWqo5T8ZpgLOZSdwj4ahW8PZe6NMfQ2lBRjfQvAe8hfNXBTr4/6BmyL
/3XIVtAFayuhfRuYAvUUujT1Iq9Iq5qPCtlpARBb8eue7W7iF3f+b8AfxH7SZ+Xb
eQhVyrcoN5c=
=wVYb
-END PGP SIGNATURE-

Re: shinjiru closed exit node acceptnolimits

[Alexander W. Janssen]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

accept no limits schrieb:
> Now the server has new IPs and this exit node will soon be back.

Congratulations!

>  Bye
>  accept no limits

Alex.
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.6 (GNU/Linux)

iQCVAwUBR4OxdRYlVVSQ3uFxAQL7EgQAqQUPYZLGzK2rBDOXBNl3kCzma/8wKAGc
8x2TqmtGPQ2f/wUE42C81hs0nP9/hFp5QKUl9wXaGNyvnJ9Au3qYy78lT8+ywTvI
uVveJWRyTueeCFqFxqCd/r+9lYtyGjn2VDxTJNRWw/0IC+F1IUfJl3QZ71VoqVtJ
FxzEQf9hjGU=
=ggIF
-END PGP SIGNATURE-

Re: What to do at IP number change?

[Alexander W. Janssen]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Scott Bennett schrieb:
>  On Mon, 7 Jan 2008 20:55:36 +0100 Tom Hek <[EMAIL PROTECTED]>
> wrote:
> 
>>> i'm changing my public IP number ten times per day and to avoid  
>>> confusion,
> 
>  *Ten times per day?*  Please tell us again why it is you're bothering
> to run a tor server if you also feel you have to hide its existence.

That's not what he said. He thinks he's helping the Tor-infrastructure
through stopping the software before the IP-change and starting it up
afterwards.

Think of /etc/ppp/if.up and if.down.

He's not hiding it's existence. He wants our advice.

Alex.
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.6 (GNU/Linux)

iQCVAwUBR4KHVRYlVVSQ3uFxAQJzkgP+Kfv/XFw8msTVU5yLjiv7l6dritIUCG96
GJVITYLNFTrRVdgYZvfNG0+3wy1fQgoe/V5fHV2DVw2HNG1RjsXdofw6eEoaLY47
fnnCeYUpBqmhFQ0pl2UECvrzupXgunUI1NvA6QMFVhIoqSBJ+Rq04um0j/helM9h
x628dDWvD5A=
=nlHz
-END PGP SIGNATURE-

Re: Tor server using Vista?

[Alexander W. Janssen]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Eugen Leitl wrote:
> On Fri, Jan 04, 2008 at 03:09:16PM +0100, Alexander W. Janssen wrote:
> 
>> I ain't no Windows-advocate but I find this argument a bit weak.
>> Nowadays all the modern operating systems have the same problems: To
> 
> http://openbsd.org/ is not a modern operation system? FreeBSDs?
> Even modern Linux distros, with security hardening?

That's not what I said. OpenBSD might be a rare exception, but you need
to take into account that it's mostly used by people who know what
they're doing. As for Linux, even though some distributions have SELinux
enabled by default, most of the people seem to shut it down for
convenience reasons.

>> much installed services by default, weak administration and the general
>> reluctance of users to pay attentions to security-updates and
>> best-practise when it comes to using common sense.

That's my explanation which is still valid.

Alex.
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.7 (MingW32)

iQCVAwUBR35MnBYlVVSQ3uFxAQLkTAQAnTAChoaCg6L6KRN81vW7UP7Za/0zDlyp
97W1Fj6W9ig1KdjrbMY0NJdhLTUOKOGxkG2nFW2sQq5YBzFxG5FYViU3ruuf8cqQ
mdJYmY4A8aVDUvWekceLhzPDV8M8lfuZlwhUmo7exdARKszgD2rGBmAHqCrlXmdd
l6WBqVGwD2o=
=SzTM
-END PGP SIGNATURE-

Re: Tor server using Vista?

[Alexander W. Janssen]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Ringo Kamens wrote:
> This is certainly not adviseable because of the lack of security built
> into windows and the possible backdoors.

I ain't no Windows-advocate but I find this argument a bit weak.
Nowadays all the modern operating systems have the same problems: To
much installed services by default, weak administration and the general
reluctance of users to pay attentions to security-updates and
best-practise when it comes to using common sense.

Though there's a technical problem with Windows which Roger explained on
his talk at 24C3 [1], it eventually runs out of sockets due to the way
Windows allocates non-pageable memory-areas.

> Comrade Ringo Kamens

Alex.

[1]
http://outpost.h3q.com/fnord/24c3-torrents/24c3-2325-en-current_events_in_tor_development.mkv.torrent
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.7 (MingW32)

iQCVAwUBR34+ChYlVVSQ3uFxAQJcQwP+IuGKXu1XCpruFPGOk4J62wBvH/5X575E
z0Bf/ubzBQTckD31kBa/fxGezk4pnWW8GfR++viBfNefV3R15/ZFK6pwn51vR+3v
RbUDyeLLZuUrrI0e8niHwxVS2EFW7ZmvlPiBgJK4heLenGjnQge2Gom9zd+Cen10
4ypC2Z9SpAQ=
=wdZT
-END PGP SIGNATURE-

Re: TLS errors

[Alexander W. Janssen]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Hans Schnehl wrote:
> Hi,

Hi!

> Jan 02 12:46:06.204 [debug] TLS error: 
> (errno=54: Connection reset by peer) Jan 02 12:46:06.204 [info]
> connection_read_to_buf(): tls error [connection reset]. breaking
> (nickname NoNickNode, address 111.112.113.114).

It looks like one of the nodes you have a connection too just kicked you
out for some reason ("connection reset by peer"). This is pretty normal.
Could be the remote node shutting down the software, rebooting and such.

> Jan 02 12:46:14.711 [debug] crypto error while performing RSA
> decryption: oaep decoding error (in rsa
> routines:RSA_padding_check_PKCS1_OAEP)

Not sure about those, but it could be consecutive errors resulting from
the encrypted connection (TLS) being shut down.

> Tor is running, but appears to be using only fractions of the
> bandwidth it is supposed to. Can someone please give a short
> explanation?

No idea about that though. But it usually takes some time until everyone
learned about your node - from my experience it takes up to 24 hours
until the bandwidth is fully utilized.

I'm just guessing from my generic experience :)

> Hans

Alex.
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.7 (MingW32)

iQCVAwUBR3uQZBYlVVSQ3uFxAQK9BwP+Ir5XUmyxYPttIdC6u3K/B/0Zyf8zE5p1
7Xm7xm43gNlGRG5ypimO/rhsaA2Lb9AegTbWKjGcxQo2ysn9RwrXMOAq4BNf3U1J
kXY/xPEydo9UdMtT6+E4UZii1NbKYvDGAyU6IsiB8cYX9LyO+r0c+qrg5CIaZTta
i99biZT6/G0=
=JAjN
-END PGP SIGNATURE-

Re: Google becomes usefull for us again

[Alexander W. Janssen]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

F. Fox schrieb:
> Alexander W. Janssen wrote:
>> F. Fox schrieb:
>>> [I was going to leave your quoted message in... but my Lord, is your
>>> monitor as wide as a football field?! =xoD ]
>> Since you're using Icedove, a little hint: If you go to the "Edit"-menu,
>> you'll find a nice "rewrap message" function... :-)
> (snip)
> 
> LOL, thank you. =:o) That will come in handy in the future...

Sure! It works surprisingly well! Though I'd like to see a whitespace
between the >>>>> thingies... But I'm sure you can configure that elsewhere.

> I can't get over how wide that message was, though; usually, things are
> too *narrow* to be efficient for this monitor. It's a 1280x768 LCD
> panel... =:oD

If you look at MUAs like Outlook - they just don't wrap correct, so the
user has to type "Enter" just to make it look right. Blargh. So users
just tend to write without pressing "Enter", hoping that the receiver's
MUA wraps it correctly. Not true for Thunderbird and derivates though.

But actually it's correct - from a typographic point of view - that a
paragraph is written without individual linefeeds, but that collides
with best practise when it comes to plaintext-emails...
But I'm just being a smartass there :)

Back to topic now. And happy new year!

Alex.

-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.6 (GNU/Linux)

iQCVAwUBR3qkfBYlVVSQ3uFxAQJAuwP+J0r+p2tj+qccUYwI5irtbJqSOyVGHVYQ
IKL/Q9toEi8aqHrbTZcDDdy26SkiB+5lGtEBtpWzj6FJoU1toX8vYVNYq6Vr1YPr
DPfqPpc+C/KtFTYhOGBnzbiuqA1Aq0zQKtW3Ah2GAGID9LkZ4CTCqR/lP+dEI7xX
Hn8Slc5Iw8Y=
=Pie9
-END PGP SIGNATURE-

Re: Google becomes usefull for us again

[Alexander W. Janssen]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

F. Fox schrieb:
> [I was going to leave your quoted message in... but my Lord, is your
> monitor as wide as a football field?! =xoD ]

Since you're using Icedove, a little hint: If you go to the "Edit"-menu,
you'll find a nice "rewrap message" function... :-)

Alex.
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.6 (GNU/Linux)

iQCVAwUBR3qenRYlVVSQ3uFxAQIIGQP8C9iAP54NzW2VWLwTT2usIhGGVMzB1084
VTb6S+AzzLn8mNyGuhuJRdj7toHdZJUUkOBkJ1oomSu1xz1ZMvTVUd+wDArF+vkd
fLKor2XzK/nu/xo+C4SMrwBdYwbOHhCdA8heoAzyhoYTq4Wqer2q31dx/P0GfCju
CWcmf8vhZNc=
=x+yj
-END PGP SIGNATURE-

Re: Is there something similar like "Torbutton" FF plugin for the Internet Explorer ?

[Alexander W. Janssen]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Ben Stover schrieb:
> Is there something similar like "Torbutton" FF plugin for the
> Internet Explorer ?

A quick check on Google revealed:
http://www.geocities.com/claudias_za/
http://swodum.com/

Not sure if any of those are any good though.

If you test it, give us feedback :)

> Ben


Alex.
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.6 (GNU/Linux)

iQCVAwUBR3i+VRYlVVSQ3uFxAQLP8gP/VZjgooMfe/Uh10Kf/KGznSCshxSAZIIS
BW5EtBPTkCLLIKGosiFKRxfTXWd3IUfBE/yIj/aKiN411hI1tp9SLM5irRq1gATb
B0ZMLF2wMm1yr308u62lfl4mD0VNSpAEeWklW1cqM+hU6jpd6lc1nAe6zWgbF00H
9pEQIQwrkO4=
=UesW
-END PGP SIGNATURE-

Re: TOR and non-contineous internet connections

[Alexander W. Janssen]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Florian D. wrote:
> Hi folks,
> I like the TOR project and want to participate. My question: Is it a
> good idea to set up a server, which is not connected to the internet
> contineously? -- i.e. I turn on my computer, when I come home from
> work and turn it off at bedtime, so it runs several hours a day - is
> this "enough"? Each time the server goes down, the session for the
> user gets interrupted, right? So, where is the line to draw?

Every Tor-server helps, although I wouldn't advice you run a Tor-node at
home if you want to be an Exit-Node.

> cheers, Florian

Hope that helps,
Alex.
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.7 (MingW32)

iQCVAwUBR3fi+RYlVVSQ3uFxAQJLhAP/WYOe8FrW8ax4A3xAVWtxSqdq1PM9KUCg
Mw724NVx/7yZdSYXLvsmZ1klQrAh9NyKj11/rYTY/TLpj1wPftGWQq8+2kfpBQfr
1bcC7WC9M2hOZcuOyfUl0tpz0SAR/QAPx/32dpfO9l+iuiAjZCgXqYlArz9htJ7o
YsXvfejy1G8=
=3i5R
-END PGP SIGNATURE-

Spam Feedback [was: [ANNOUNCE] Tor-UPNP. Need feedback.]

[Alexander W. Janssen]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Ringo Kamens schrieb:
> Just so you know, gmail filtered this as spam.

Not for my gmail-account though...

> Comrade Ringo Kamens

Alex.
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.6 (GNU/Linux)

iQCVAwUBR3S4dBYlVVSQ3uFxAQJmjwQAwW7Q66EhlSHbFhkh6OKZ7pQwzKJsPDAI
QCPG1dexS5KxBbYtI0cMZLOPbcNjIQNmBs1O979/dvJ/FZTYsTYC3N3caHWIhf7A
GwbGOxthYspBHdnDI7fD2uD6PYDQl0+FJS1a8P8/VBOq1+/jpg51ByulNOxdKGV5
0vZTQ0MbbHE=
=gnBm
-END PGP SIGNATURE-

Re: Please run a bridge relay! (was Re: Tor 0.2.0.13-alpha is out)

[Brian W. Carver]

> Brian wrote:
>> I sort of understand what the error is saying but I don't know how to
>> fix
>> it.  Suggestions?
> http://archives.seul.org/or/talk/Dec-2007/msg00284.html ;-)
>
> - --
> Marco Bonetti

Ah, thanks.  Now tor started without error.  But, how can I tell if the
bridge is working?  The log file doesn't seem to contain any different
messages from when I ran a regular tor server.  Does it show up on the
various tor server statistics pages as a bridge?

Brian

Re: Please run a bridge relay! (was Re: Tor 0.2.0.13-alpha is out)

[Brian W. Carver]

Trying to run a bridge I get the following error:

Starting tor daemon: tor...
Dec 24 08:13:15.454 [notice] Tor v0.2.0.14-alpha (r12937). This is
experimental software. Do not rely on it for strong anonymity. (Running on
Linux x86_64)
Dec 24 08:13:15.456 [notice] Initialized libevent version 1.1a using
method epoll. Good.
Dec 24 08:13:15.456 [notice] Opening OR listener on 0.0.0.0:443
Dec 24 08:13:15.456 [warn] Could not bind to 0.0.0.0:443: Permission denied
Dec 24 08:13:15.456 [warn] Failed to parse/validate config: Failed to bind
one of the listener ports.
Dec 24 08:13:15.456 [err] Reading config failed--see warnings above.

I sort of understand what the error is saying but I don't know how to fix
it.  Suggestions?

> On Sat, Dec 22, 2007 at 05:00:28AM -0500, Roger Dingledine wrote:
>> The harder way is to edit your torrc file manually
>> https://wiki.torproject.org/noreply/TheOnionRouter/TorFAQ#torrc
>> and add the following lines:
>>   ORPort 443
>>   BridgeRelay 1
>>   PublishServerDescriptor bridge
>>   ExitPolicy reject *:*
>>   RelayBandwidthRate 50 KBytes
>
> Minor fix: if you use this last line, you'll also want this line
> RelayBandwidthBurst 50 KBytes
>
> --Roger

-- 
Brian

Re: Encrypted Web Pages?

[Alexander W. Janssen]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Martin Fick wrote:
> Yes, but it really is a fairly simple one. I am surprised that HTML
> does not seem to have some extension to deal with this already.  It
> is not much different from encrypted email concepts, just that the 
> browser needs the ability to do the decrypting instead of your mail
> program. The simplest fallback may be to simply open the web page
> with the user's mailer (if their mailer supports that,)

Why not simply use the Firegpg-extension for Firefox?

Step 1: Open encrypted file in webbrowser
http://yalla.ynfonatic.de/media/firegpg-demo/step1.png

Step 2: Mark the stuff and chose "decrypt"
http://yalla.ynfonatic.de/media/firegpg-demo/step2.png

Step 3: After entering your passphrase, a result-window pops up and
shows you the content.
http://yalla.ynfonatic.de/media/firegpg-demo/step3.png

Obviously that's only working perfectly with text-files, but you could
possibly try to make up your own XPI for Firefox.

> -Martin

Alex.
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.7 (MingW32)

iQCVAwUBR2a2xxYlVVSQ3uFxAQIP8wP9F++o1A72KA2Ekl4IzfBTjnpq/SbYsOHl
65o7dub/FLq0+yQ8T6iM+DDtkkD2+82ntqtExTx2whTqXi+rPztS819CI6qYzqVt
dhnCMEJURnVjklcMTWUQhx3oCMCuGNl8p/StDJD8YY706LD8+SKhMzfoo+uA8KhZ
uYMTZ2+S5Ns=
=+gxd
-END PGP SIGNATURE-

Re: storage privacy

[Alexander W. Janssen]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Alexander W. Janssen wrote:
> [EMAIL PROTECTED] wrote:
>> I guess you can read one persons attack but are blind to others
> 
> What attack?

OK, i swept back through the postings and /dev/ass wasn't nice too. Got
that, Eugen?

Whatever.

Back to business.

If you feel inclined to talk out of /dev/ass or you feel like you want
to tell someone to fuck him/herself, go off-list.

We're publicy offical civilized people after all? And with Sheila
Broflovski's words: "Senseless violence is allowed as long as it doesn't
contain any naughty words."

So go and get a gun.
Just kidding.

Alex.
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.7 (MingW32)

iQCVAwUBR1s9kBYlVVSQ3uFxAQIPfQP+Opn+NUBCvi1ELs704L9RbagmHYsU8wcS
XCYeHslFAUBNYQi4FCxRuwxFUfH3I3+JpZsJd4eIYDxrdJpUeG8Q8a8wTZTMoo8N
JKHnOZ0gl206hnUSFiSL+fGZNDkP4Slw+wtW81AaCYmgAcXN/y4sXfGXkonY8DiF
KBuQ0u4LNFA=
=6Etk
-END PGP SIGNATURE-

Re: storage privacy (was: Nice quiet, private, anonymous life??)

[Alexander W. Janssen]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

[EMAIL PROTECTED] wrote:
> I guess you can read one persons attack but are blind to others 

What attack?

> And I thought the people on this list were against censorship, unless
> they, of course, are doing the censoring.

I'm trying to follow the thread (which went quite bizarre), but from my
personal judgment Andrew is right to tell you that personal attacks are
not acceptable.

And this has nothing to do with censorship. This is a public list of
people discussing Tor and sometimes even politics.
But this ain't no place to insult other people.

What you encounter here, are opinions which don't match yours.
And certainly no one is censoring here. If we'd censor here, we wouldn't
even see your posting. THAT'D BE censorship.

If you think you're insulted by something Eugene said, tell us - or even
better, discuss your problems off-list.

Cheers, Alex.
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.7 (MingW32)

iQCVAwUBR1s6iRYlVVSQ3uFxAQKq0QP/bKM5vwwZeVG9wtM/41tldL4IjeS4yNCU
4nleLDikGF6Z/WPrpWc458InmYOso5JG1hsbEr16xvutRY1WfuliFUJDSGli6rnv
hJa20g4T2qzHnmmRudpxPf5EZNv8WkAMZVZR1kOakbUtpJGpoNrjnKA/6Jn0ansL
sKGsy8fIURA=
=0QX/
-END PGP SIGNATURE-

Re: storage privacy (was: Nice quiet, private, anonymous life??)

[Alexander W. Janssen]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

[EMAIL PROTECTED] schrieb:
> Judge: "Ok you are to be held in contempt and in jail xyz, until such
> time as you give us the pass phrase to your data"

Only a matter of the UK at the moment. Bad enough though.

> Most data overwrite programs take too long-you do not have that time
> when they are knocking down your door.

That's were strong encryption might work, along with enough entropy to
claim that this is random data, and not just encrypted files. I heard,
but haven't checked myself, that the "truecrypt"-suite offers something
meeting this requirements.

> A strong magnetic field close to the hard drive will completely destroy
> the data making it impossible to recover. I will also probably fuckup
> the drive mechanism, rendering the drive useless. Someone said consumer
> demagnetizers were not sufficently strong? How do you know this?

Come on, that's just a idea directly from the game "Uplink". You know
any of those "movie-grade"-demagnetisers? You might want to check
Powerlab's can-crusher[1] though, just for the fun of it ;-)

> I have not run a tor server, so I do not know the exact requirements.
> Can it be done from a ram drive?

It could, but you'd need to make sure it doesn't swap/page down to disk,
which would be bad.

> Explosives and incendiaries are a poor choice for obvious reasons. Want
> to add arson and terrorism to your charges?

I don't think is was meant to be serious...

> I am not saying magnetism is the only way or even the best way, but a
> way, assuming you have recent backups at an undisclosed, secure
> location.

It's the Star Trek way. Go for strong encryption. Everything else is
"The Science of 24". ("As seen on National TV!")

Alex.

[1] http://www.powerlabs.org/pssecc.htm
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.6 (GNU/Linux)

iQCVAwUBR1XC4hYlVVSQ3uFxAQKNUwP6A7kUkr9vtzUVIHDi7xIc/ZxjGLqevdez
mXtB+OeuEU1BUwaq2g6haOiu4BWtbDzGZCZobEzvn1bqFCAyWYx4AGXkzb2XR5eN
FngV5I/IZe2T7X4cEfxoK7zjQZBGYHdv2o+krVBnL2DpWIZItwKKE/FHWnLbyNBH
djWOo3hlxnA=
=QJeH
-END PGP SIGNATURE-

Re: Nice quiet, private, anonymous life??

[Alexander W. Janssen]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

[EMAIL PROTECTED] wrote:
> If I was in your position I might consider putting some bulk
> demagnetizers near my hard drives with a panic switch, with backups to a
> secure unknown location. 

Now this is definitively a bizarre idea... :-)

That reminds me of the "nuke gateway"-function in the game Uplink[1].

Alex.

[1] http://www.uplink.co.uk/
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.7 (MingW32)

iQCVAwUBR1MpERYlVVSQ3uFxAQLmXAP9FKqkC/3tqzYVgWK7DwqUlme+nOsMyVXw
kPjRjl/vbZAHC1MuRlMsakMP6caKladDpX0JH8nMcNfjmIcDbm7B5qDjmrw6UuVv
y+u9f8oNWth1Nv0w7Qty84cTABkrrs/68zwJnLwvUoZwNgBObIftUZcjDKHraazi
yHKZyQ51N34=
=yQ5u
-END PGP SIGNATURE-

Re: [Political/Legal] Passing ideas on German Tor nodes

[Alexander W. Janssen]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

F. Fox wrote:
> However, let's suppose that we're in a time when German Tor nodes are
> now actively keeping logs of all connections. What would be the best way to:

As I already said in an earlier posting, German Tor nodes won't be
starting logging before 1/1/2009 - if they'll log at all - there's still
a pending lawsuit against the data retention law in the supreme court.

And I bet that there will be a lot civil disobedience when it comes to
logging.

> [... idea ...]
> So, what if a maximum of one German Tor node were allowed in a circuit?
> Would that achieve both numbered goals?

If that's the idea, than it should only be the middleman node.
Entry-node might be possible too, but only if you make sure that this
node is the only German node in the circuit.

> Given the logging, it might be wise to not allow the German node to be
> the exit node; I'm not sure about the entry guard.

Considering the pressure which piled up in the last couple of months in
Germany, running an exit-node in Germany is not encouraged anyway.

> I would think that a German middleman node would be safe, though, right?

If it's the only German node in the circuit: Possibly.

Alex.

-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.7 (MingW32)

iQCVAwUBR1Mn5BYlVVSQ3uFxAQK/fQQAqe496ityWEiTZovIazse0XpBusyV0G+8
Zn5mVkZpREl9J0PZ4uKFRB6ydwBZ1TJNFsMIbgHZhhGsJqstGBQBfR8U5gAI2FtS
kAEv62vTm8EPBOAUWx7UZKwuekmo2veQD0c5b/t77jaXUph067Qbdnh/7PnqQ7vn
ESTZOMavZis=
=i84f
-END PGP SIGNATURE-

Re: Help me understand tor with SSL?

[Alexander W. Janssen]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Juliusz Chroboczek wrote:
> Firefox should in principle not use the DNS if
> 
>   network.proxy.socks_remote_dns
> 
> is set to true (in about:config).

Hm, I'm not sure - I thought this option only works if you're using a
SOCKS-proxy, e.g. connecting directly to the Tor-socks interface?

Is that also true for http-style proxies?

> Juliusz

Alex.
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.7 (MingW32)

iQCVAwUBR1MJExYlVVSQ3uFxAQKkpgQAoaO14Cdw+U9XcUKylFkUaT4c6PEoNlWr
G8DBZ8BwLtLw31I4mbNI5CwsGiqETG29c1zG0ydfXJHeHoPmCj9b8x7q3/sQpxQn
TgDWWlM2pNtx4EkczCQaprkbFjctu66dDk/pI2UYeosEvL26L0rRRqWt2NoAX6gg
sP+nszQAyxQ=
=gM35
-END PGP SIGNATURE-

Re: German Tor Legal Fund

[Alexander W. Janssen]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Onion wrote:
> That's why I'd also prefer a name covering all facets of OR like
> 'Deutsche Anonymisierserver Initiative - DASI gegen Stasi', with
> equivalent shorthand expressions ('British [...] Anonymisation Server
> Initiative' = 'BASI') easy to adapt to areas of other languages.

 (ignore at will)
Puh, although I get the pun I wouldn't like the Stasi-reference in the
organisation's name.
After all, the Stasi was an organisation known to abduct and kill, and
to harass an entire nation.
Though we're just facing some enormous changes in privacy- and
security-policy no one in Germany can say that "it's as bad as it was
with the Stasi". If someone really thinks that way, I'd advice to get a
good textbook on history...

I have no problems to use references to the Stasi in a polemic context,
but to make it your whole slogan wouldn't be fair to the victims of the
Stasi.

And yes, that also applies to the Gestapo and all the other Godwin-like
arguments.


We're just in the phase of making up the articles of the organisation.
The preliminary name for the organisation is "Privacy Legal Fund (Germany)".

> Kind regards
> 
> Onion

Alex.
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.7 (MingW32)

iQCVAwUBR01bcxYlVVSQ3uFxAQKlwQP/bVCZ+ExdHYJLPCLI+8yCIQw+gMxY7W3P
oiWqk8dG/TjhXszAim8lx5lWtDwtC5SylJdDyi6CNkexKIGzOUx2u5zX11PA3ero
A1D3cdkRqCkcgvEH0D+hKVVyahZZhICSC7uA5l2Np/ZgQi3RXCVaqAndMQRICakz
DZerdIcr2ow=
=7Fof
-END PGP SIGNATURE-

Re: Tor blocking german nodes

[Alexander W. Janssen]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Martin Senftleben wrote:
> Am Samstag, 24. November 2007 schrieb Alexander W. Janssen:
>> Andrew wrote:
>> 'Nuff said. Let's stop the nay saying ;) The law isn't active yet.
>> The law isn't even ratified. And no one even started logging. 
> 
> The latter isn't right. There are quite a few companies which log the 
> data of their customers and keep it for quite a while.

Well, I was specifically coining that to Tor... I know that some
companies - especially T-Com - are reluctant to follow valid
legislation, abusing citizen rights - but it's so convenient for the
government or people threatening to start a law-suit, that no one tries
to stop them.

Remember, the "Lex Voss" isn't available for everyone...

Cheers, Alex.
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.7 (MingW32)

iQCVAwUBR0gSJxYlVVSQ3uFxAQKR8wQAmBAKxBNe5mKmgJK7k2CWdyHYjAfPCeU0
FUXbEKdUWGiwbZhLt21Xj5PmALO0XdUIZ3fo57QWv+J2vqKIJCQzMdUkxIw/fwmL
mq4bJPQWERkCO8ehKLVoKvUBT0L11eFG3QvyxI4PtbPQ85rUic+3R+5/fmit+/AN
7yeSUdRU3hk=
=Kxyd
-END PGP SIGNATURE-

Re: Tor blocking german nodes

[Alexander W. Janssen]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Andrew wrote:
> Actually, it might be wise to develop a feature that lets the client
> choose no more than one node from _any_ country, since other EU
> countries might use the directive that led to the german law, to pass
> similar laws.

Which means, if you really want to block Tor nodes from countries who
make logging mandatory, you should do this for all EU-countries. After
all, Germany is "only following the EU's demand for such a data
retention act".

I bet a fiver: If Germany really passes that law and if the Supreme
Court doesn't rule against that law, everyone else in the EU will just
follow (except maybe Greece...)

'Nuff said. Let's stop the nay saying ;) The law isn't active yet. The
law isn't even ratified. And no one even started logging. The lawsuit,
which's underway, isn't even filed at the Supreme Court. Yet.

We're living in interesting times, but there's no need to overreact.

Alex.
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.7 (MingW32)

iQCVAwUBR0gLORYlVVSQ3uFxAQJz3QP+JzTLsafsqrl3tHnpJX+5qBuLg1nlXFAR
1eZ7a7G6bpJlB/M2/YlBfOuxB57VkDhdTgAfb4oz0S6VR3SCXH8r4JBxjilUNyEB
ZM6i2FtxplovNS1TInMb2pxJUn9asF91Xgov+Ju2DS915sCCWEkMpiG8jen7atuZ
5j8xFP4WIuk=
=rT3x
-END PGP SIGNATURE-

Evaluating exsisting resources, pondering about new organisations [was: German Tor Legal Fund]

[Alexander W. Janssen]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Ringo Kamens schrieb:
> I pledge $10 if the fund starts. Please allow mail donations.
> Hopefully others can also pledge.
> Comrade Ringo Kamens

Thanks Ringo, we appreciate that.

On another note: I'm currently reading all the emails and submissions I
got during the last couple of days. First: Sorry that I didn't reply
immediately, I was busy attending a seminar with my company the last
days and first had the chance to read my mails yesterday evening.

Also I got in touch with the Privacy Foundation and got some feedback
from the CCC. To make a long story short: Contrary to what I said
earlier, I think we should wait until the Privacy Foundation becomes
fully operational instead of founding yet-another-organization.

The Privacy Foundation was founded by lawyers and journalists who really
know what they're doing. I, as a layman when it comes to the german
"Vereinsrecht" ("Club Law"), couldn't do the whole thing without support
from experienced people anyway.

The Privacy Foundation wrote me an Email stating that they're thinking
of covering legal fees as soon as a critical mass of about 500 people
has been reached.
I just got in touch with them to discuss a couple of other things.

I noticed that at least one new mailinglist got created covering the
"Tor Legal Fund" thing and I'll be subscribing there.

Cheers,
Alex.

-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.6 (GNU/Linux)

iQCVAwUBR0HvkBYlVVSQ3uFxAQKMhQP+JfN7U8jiBzbQyC1gMzlXrESYQB6xlJSB
4X8k8v/hsWjjNf8yY9nsrFoJW9qt3KxqOGkOwyPVDbNgjfqM6JUNeD9JMBiWuSNZ
KteIf/2A0bSUdxIycfFF8QvdTodOOkFdZ3oT2/NtgzCdwOlucO5nBfXGRCjw5uBf
SfDccJQAyfM=
=pXyM
-END PGP SIGNATURE-

Re: German Tor Legal Fund

[Alexander W. Janssen]

Am Donnerstag, den 15.11.2007, 01:19 +0100 schrieb [EMAIL PROTECTED]:
> [... Privacy Foundation ...]

Ich habe gerade eine Anfrage an die Privacy Foundation geschickt und sie
gebeten, mir zur erklären, was folgender Passus[1] bedeutet:

"In Ausnahmefällen bietet die German Privacy Foundation e.V. auch
Rechtsbeistand für private Betreiber von Anonymisierung-Servern."

Gruss, Alex.

[1] http://www.privacyfoundation.de/index.php?id=37


signature.asc
Description: Dies ist ein digital signierter Nachrichtenteil

Re: German Tor Legal Fund

[Alexander W. Janssen]

Am Donnerstag, den 15.11.2007, 01:19 +0100 schrieb [EMAIL PROTECTED]:
> Hi,
> 
> > Nicht, dass ich wüsste. Soweit ich weiss, will sich die Pricacy
> > Foundation auf Lobbyarbeit beschränken. Das ist zumindestens mein
> > letzter Kenntnisstand.
> 
> Ich habe das zur Sprache gebracht, weil *jeder*, der mir im Blog oder per Mail
> irgendetwas zur Foundation erzählen wollte, genau davon sprach.

Ich dachte ja auch zuerst, dass die Privacy Foundation eine
Dachorganisation für Tor Exit-Nodes in Deutschland ist, was dann
hinterher verneint wurde.

Die Idee, einen Rechts-Pott für Operatoren aufzumachen ist ja nicht neu,
jedoch stört mich halt der "In Ausnahmefällen"-Passus[1].

> > Aber ich bin eher für einen Verein, der sich hauptsächlich darum
> > kümmert.
> 
> Ich wäre nur dafür, wenn eine bestehende oder gerade im Aufbau befindliche
> Organisation das nicht übernimmt, anstatt wieder einen neuen Verein für diesen
> Einzelzweck zu installieren. Wieviele halb-eingeschlafene und tote Vereine in
> diesem Bereich dümpeln in Deutschland herum.

Klar, gibt es. Ich würde das ja auch gerne unter dem Mantel der Privacy
Foundation sehen, jedoch steht im Vereinsprofil eher etwas über
Aufklärung und Information[2]. Nichts, was den Tor-Betreibern in
Deutschland wirklich mit Pfennig und Euro zur Handy steht.

> Aber das ist nur meine Meinung, darüber zu befinden haben imo am ehesten Tor
> Exit Node Betreiber, die schon betroffen waren/sind.

Nunja, ich würde mir ja wünschen, dass sich die Privacy Foundation
einmal, wenn sie bereit ist, vorstellt und etwas zu den "Ausnahmefällen"
sagt.

Wenn sie sich wirklich zu so etwas bekennen kann (wenn das ihr
Verständniss ist), dann - klar! Machen wir es darüber, ich bin gerne
sofort zahlendes Mitglied.
Aber aufgrund der Informationen, die mir vorliegen, ist das nicht der
Vereinszweck.

Gruss, Alex.


[1] http://www.privacyfoundation.de/index.php?id=37 - Absatz "Tor und
Strafverfolgung"
[2] http://www.privacyfoundation.de/index.php?id=34 - Vereinsprofil


signature.asc
Description: Dies ist ein digital signierter Nachrichtenteil

Re: German Tor Legal Fund

[Alexander W. Janssen]

Am Donnerstag, den 15.11.2007, 00:58 +0100 schrieb [EMAIL PROTECTED]:
> Hi,

Hi!

> > Warum nicht einen Verein gründen? Spenden annehmen. Anwälte bezahlen.
> > Operator raushauen. So etwas gibt es in Deutschland noch nicht. Aber es
> > wird Zeit, dass wir so etwas bekommen.
> 
> Das verstehe ich jetzt nicht. Sollten genau diese Aufgaben nicht auch durch 
> die
> German Privacy Foundation e.V i.Gr. 
> wahrgenommen werden bzw. war das nicht ihre ursprüngliche Motivation?

Nicht, dass ich wüsste. Soweit ich weiss, will sich die Pricacy
Foundation auf Lobbyarbeit beschränken. Das ist zumindestens mein
letzter Kenntnisstand.

Auf der Webseite steht:
"In Ausnahmefällen bietet die German Privacy Foundation e.V. auch
Rechtsbeistand für private Betreiber von Anonymisierung-Servern."

Aber ich bin eher für einen Verein, der sich hauptsächlich darum
kümmert.

Aber wenn die Privacy Foundation sich dort mehr engagieren will, ist das
doch gerne gesehen! Aber so Ad-Hoc sehe ich dort keine finanzielle Hilfe
für Tor-Admins. In wie fern man auch Ausnahme definieren mag. Das lässz
sich ja bestimmt auch kombinieren.

Gruss, Alex.


signature.asc
Description: Dies ist ein digital signierter Nachrichtenteil

German Tor Legal Fund

[Alexander W. Janssen]

This is to all german Tor-operators about the possibilty to found a
german Tor legal fund. In german. Obviously.

Hallo Kameraden,

so langsam wird es Zeit. Ich hatte selber schon drei Verfahren gegen
mich, die mich jetzt schon viele hundert Euro an Anwaltsrechnung kosten.
Heute habe ich von jemanden gelesen, den es in einem Verfahren so
richtig erwischt hat: Keinen Freispruch, sondern Einstellung nach §153
StPO. Das kann es doch nicht sein.

Um es zusammenzufassen: Das Betreiben eines Tor-Nodes in Deutschland ist
(noch) nicht illegal.

So etwas wie Beihilfe gibt es nicht. Behilfe muss immer eine konkrete,
aktive Tat sein, die es bei Tor in dieser eng definerten Form nicht
gibt.

Eine Menge Leute haben nun schon mit der Strafverfolgung in der einen
oder anderen Art zu Tun gehabt.
Es gibt in Deutschland noch keine Organisation, die sich um Leute mit
geringen finanziellen Mittel kümmert.
Wenn es nicht zu einem Verfahren kommt und man nicht freigesprochen
wird, gibt es kaum eine Möglichkeite, irgendwie seine Kosten für die
Verteidigung wiederzubekommen.

Jedoch habe ich im engeren und erweitertem Bekanntenkreis doch schon
festgestellt, dass die Bereitschaft, für solche Vorfälle zu spenden,
eindeutig vorhanden ist.

Warum nicht einen Verein gründen? Spenden annehmen. Anwälte bezahlen.
Operator raushauen. So etwas gibt es in Deutschland noch nicht. Aber es
wird Zeit, dass wir so etwas bekommen.

Wer hat Zeit und das nötige Aussdauervermögen, so etwas durchzuziehen?
Wer kennt sich im Vereinsrecht aus? Wer hat sowas schon einmal gemacht?
Ich bin dabei.

Ich habe so langsam die Faxen dicke. Man wird von vorne bis hinten so
richtig durchgenudelt, obwohl man nur seine Bürgerrechte wahrnimmt.
Datenvorratsspeicherung hin oder her: So langsam muss Schluss sein.

Anfragen und Angebote bitte per Email *verschlüsselt* direkt an mich:
[EMAIL PROTECTED], keyid 90DEE171.

Bis bald!

Mit Ringos Worten:
Kamerad Alex.


signature.asc
Description: Dies ist ein digital signierter Nachrichtenteil

Re: News orgs should be interested in running tor nodes

[Alexander W. Janssen]

Am Mittwoch, den 14.11.2007, 22:48 +0100 schrieb Thomas Hluchnik:
> Has anyone ever tried to speak with the guys from SPIEGEL, FAZ, Sueddeutsche 
> and so on that they drive own tor nodes? This would be good PR for tor.

Hm, not me, althoug I know that some journalist organisations were
thinking about running their own Tor-nodes.

> If not yet, is there anybody who has contact to news orgs? If the great news 
> orgs in germany would have own tor nodes, they would become more sensitive 
> about what we are fighting for.

Well... uh... I possibly could do that, although I have quite a lack of
spare-time. And we still have the Privacy Foundation in Germany which
actually wants to care about that special topic.
However, I don't know how far they are and how well organised.

But, if there ain't no takers, I might volunteer in doing so. Anyone
inclined supporting me?

> Thomas

Alex.




signature.asc
Description: Dies ist ein digital signierter Nachrichtenteil

Re: court trial against me -

[Alexander W. Janssen]

Am Mittwoch, den 14.11.2007, 21:22 +0100 schrieb TOR Admin (gpfTOR1):
> Hi Mirko,
> 
> 1: by German law a Tor node admin is something like an access provider.
> You are not responsible for your traffic. If the court have only an IP
> address and you have a tor status log, they have nothing.

I'd point it out differently:

"Supporting a crime" - "Beihilfe" in German - is not someone can accuse
you just because you run Tor.

My lawyer clearly states, that in order to be guilty of "Beihilfe" you
need to actively support a certain crime. It's not "Beihilfe" just
because you provide the MEANS of a crime. Of some generic crime. It must
be a special incidident.

However, I can understand why you accepted the fact. A lawsuit is time-
and money-consuming. I'm just in the same situation and I already piled
up a couple of hundreds of Euros in lawyer-bills which I have to pay
myself.

On another note, good news: The court decided that I'm entitled for
compensation about the illegal search of my house. However, they forgot
to mention the arrest, so it's put back to court at the moment.

I don't know what that means so far, since being entitled doesn't mean
that I'd get any substantial money to cover my laywer-bills. It only
says that I can claim back money which arose from "physical damages".
And lawyer-bills and "mental" compensation is not "physical"...

However, Mirko, you should consider getting a lawyer and check if you
have the chances for an appeal. You need to be found unguilty. It's
important for you and for Tor in general.

If you need advice, drop me an email off-list.

Good luck!
Alexander.



signature.asc
Description: Dies ist ein digital signierter Nachrichtenteil

Re: court trial against me - the outcome

[Alexander W. Janssen]

Hi Mirko,

that sounds... disastrous. I'm facing the same thing at the moment, a quite
similar case - although my lawyer currently tries to fight off an actual case
at court, pointing out all the other incidents I suffered of earlier.

This stinks. "Beihilfe" my a**.

BTW, I'm currently reading
http://www.spiegel.de/politik/deutschland/0,1518,517232,00.html

That's stinks too...

Good luck for the future.

Cheers, Alex.

-- 
"I am tired of all this sort of thing called science here... We have spent
millions in that sort of thing for the last few years, and it is time it
should be stopped."
 -- Simon Cameron, U.S. Senator, on the Smithsonian Institution, 1901.


.

Re: no traffic?

[Alexander W. Janssen]

On 11/3/07, Udo van den Heuvel <[EMAIL PROTECTED]> wrote:
> Udo van den Heuvel wrote:
> > Alexander W. Janssen wrote:
> >>> no peaks.
> >>> Why is the traffic like it is?
> >> No idea. Did you ever update/restart your Tor-server?
> >> Could you share your MRTG-grahps with us?
> >
> > http://pindarots.xs4all.nl/mrtg/tor.html
>
> Any insights after seeing the graphs?

Not really, no. Have you ever updated/restarted the Tor-software?

Alex.

-- 
"I am tired of all this sort of thing called science here... We have spent
millions in that sort of thing for the last few years, and it is time it
should be stopped."
 -- Simon Cameron, U.S. Senator, on the Smithsonian Institution, 1901.


.

Re: no traffic?

[Alexander W. Janssen]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

On 10/31/07, Udo van den Heuvel  wrote:
> Hello,

Hi!

> In my mrtg graphs I see fair traffic until april, then less traffic
> until august and after august it is 2xx bytes/s in average with almost
> no peaks.
> Why is the traffic like it is?

No idea. Did you ever update/restart your Tor-server?
Could you share your MRTG-grahps with us?

> Udo

Alex.


- --
"I am tired of all this sort of thing called science here... We have spent
millions in that sort of thing for the last few years, and it is time it
should be stopped."
 -- Simon Cameron, U.S. Senator, on the Smithsonian Institution, 1901.


.
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.7 (MingW32)
Comment: http://firegpg.tuxfamily.org

iQCVAwUBRykT7hYlVVSQ3uFxAQL+rwP+OqeTwV5KvNDafvmo0DcqtTm2z13lYhGk
SaGGAJ+WxZubWdce3XOAmDo80Iby7z4wLbcqMuq1NTBYs4DT0OW6hbSSrkq7dyyX
8dwHnG1zSHH+NU8lxNEV9mtaFos9Tbs+FX4Ta4nGB76jdTQAVm/4XBuxWK1VGXco
DtN3oyBpLys=
=RTBm
-END PGP SIGNATURE-

Re: The Observer - "Ten ways to thwart Big Brother"

[Alexander W. Janssen]

On 10/30/07, Florian Reitmeir <[EMAIL PROTECTED]> wrote:
> Hi,
>
> On Mon, 29 Oct 2007, Dave Page wrote:
>
> > http://observer.guardian.co.uk/comment/story/0,,2200579,00.html
> > Mentions xB browser for anonymous browsing.
>
> and how is this Tor related?

xB is the new name for Torpark.
http://support.xerobank.com/wiki/doku.php?id=faq

Alex.


-- 
"I am tired of all this sort of thing called science here... We have spent
millions in that sort of thing for the last few years, and it is time it
should be stopped."
 -- Simon Cameron, U.S. Senator, on the Smithsonian Institution, 1901.


.

Re: Tor Defcon Talks

[Alexander W. Janssen]

On 10/15/07, Gregory Maxwell <[EMAIL PROTECTED]> wrote:
> I don't intend to troll... but wouldn't be ..er better if playing the
> videos didn't require using Flash?

My mplayer plays downloaded Flash-videos just fine.

Alex.


-- 
"I am tired of all this sort of thing called science here... We have spent
millions in that sort of thing for the last few years, and it is time it
should be stopped."
 -- Simon Cameron, U.S. Senator, on the Smithsonian Institution, 1901.


.

Re: Servers and the "Named" flag (was Re: time needed to register a serve)

[Robert W Capps II]

Thanks for clearing this up!  :)

Robert


On Oct 1, 2007, at 12:09 AM, Roger Dingledine wrote:


On Mon, Sep 24, 2007 at 05:38:18AM -0700, Robert W Capps II wrote:

Interesting, while the server config page clearly says the email may
not be answered, it does not indicate that the email will most likely
never be ACTIONED.

If it is the intention to not register names for servers, then that
should be clearly stated in the Server configuration guide.  It
sounds like it's time to delete Step Four: 'Let us know about your
server', since for all intents and purposes, the feature has been
abandoned.


I've removed step four, and also cleaned up some of the other items
so they don't contain scary-sounding words like "stdout". Thanks for
the nudge.


Am always good for a nudge now and then.




I for one would like to see some protection given to the names
assigned to long-term stable routers . . .


Me too. Keep your eyes out on the or-dev list for discussion about
how to do this in a more manageable way.



I'll keep an eye on or-dev for the discussion.


but that may just be a
personal preference of mine, I like to know which server ops take the
time to actually register their servers :)


Maybe we should instead assign them math problems to evaluate their
dedication. :)



If that happens, I'll have to find and pay a 5th grader to help me  
out.  ;)



Thanks,
--Roger

Re: dns_cancel_pending_resolve() message

[Alexander W. Janssen]

On 9/29/07, Watson Ladd <[EMAIL PROTECTED]> wrote:
> English is not easy, nor is it a lingua franca.

Everybody knows that Elbonian is the lingua franca in IT.

> Watson Ladd

Scnr, Alex.


-- 
"I am tired of all this sort of thing called science here... We have spent
millions in that sort of thing for the last few years, and it is time it
should be stopped."
 -- Simon Cameron, U.S. Senator, on the Smithsonian Institution, 1901.


.

Re: Servers and the "Named" flag (was Re: time needed to register a serve)

[Robert W Capps II]

Interesting, while the server config page clearly says the email may  
not be answered, it does not indicate that the email will most likely  
never be ACTIONED.


If it is the intention to not register names for servers, then that  
should be clearly stated in the Server configuration guide.  It  
sounds like it's time to delete Step Four: 'Let us know about your  
server', since for all intents and purposes, the feature has been  
abandoned.


I for one would like to see some protection given to the names  
assigned to long-term stable routers . . . but that may just be a  
personal preference of mine, I like to know which server ops take the  
time to actually register their servers :)


Robert


On Sep 23, 2007, at 1:37 PM, Roger Dingledine wrote:


On Tue, Sep 18, 2007 at 03:06:53AM -0500, Scott Bennett wrote:
 Does anyone have a sense of the current processing delay in  
registering
a server?  I ask only because I sent off the registration  
information to
[EMAIL PROTECTED] last Thursday evening, 13 Sept., and my  
server is still

showing up in the status documents without the "Named" flag in them.
 It's not a big deal; I'm just curious.  Processing of flight  
instructor
certificate renewals is now said to take more than six months, and  
the
certificates have to be renewed every 24 months.  (Your tax  
dollars at work,

of course. :-)


Alas, we've pretty much stopped assigning the Named flag to servers.
This is because it's a time-sink to manually go through and make sure
the server is actually acting correctly, go put the keys in the right
place, etc. There have been some proposals to make it easier, e.g.
https://tor.eff.org/svn/trunk/doc/spec/proposals/113-fast-authority- 
interface.txt

and at some point we should do one of them. See also the discussion
under http://archives.seul.org/or/dev/Apr-2007/msg00040.html
I'm a fan of solution #2 in the above url: there's no reason why a  
human
needs to be in the loop, and if we don't know the operator on the  
other
end, the "Named" flag doesn't mean what it meant in 2003 when we  
created

it anyway.

Once upon a time (2003 era), you needed to be manually approved or you
wouldn't be able to join the network. The primary reason was that we
needed to verify that your server was reachable, working, etc. Then
we got more than a dozen servers, including servers run by people we
didn't know, and we automated the process of testing reachability  
at the
directory authorities. Then we started to allow unnamed servers to  
join

the network and play pretty much the same role.

The only main difference at this point is from the client perspective:
if you manually specify a non-named server in your torrc or using the
foo.exit syntax, your Tor will complain to you (well, to your logs)
and suggest a hex digest that you should use instead.

Now, there is an argument for letting people remember nicknames rather
than hex digests. But I would eventually like to see some sort of
graphical "server picking" interface that most users would use, and it
would be smart enough to know the hex digest of the picked server. If,
that is, we need any sort of server picking to be happening at all --
most users I hear from who need to specify a specific server rather  
than
just let Tor pick for them seem to be doing it to get around crude  
access
controls on websites or other services, and I'm not sure that's an  
arms

race I want to get into.

There are other problems that need to be solved from a usability  
angle.
For example, if the nickname Alice picks is already registered,  
then when
she tries to sign up her server, it will print a mysterious message  
in her
logs ("there are logs? what's a log?") and her server won't be  
useful. We

need to make that simpler somehow, and the simplest approach for now
(by default) is to not have many Named servers. My preferred solution
would be to add an "Unnamed" flag that servers get when they're  
using a
nickname that is already registered -- the server will continue to  
be a
fine server, but it will be invisible from the perspective of  
referring

to servers by nickname.

And lastly, one of the crucial reasons for maintaining contact with  
server

operators is so they feel appreciated, and so we have an opportunity
to answer their questions, address their concerns and problems, etc.
Maintaining communication with the server community helps it to grow
and be stable. We are doing a poor job at that currently. A few years
ago I realized that I could choose between answering a whole lot
more mail (and having the number of good Tor servers keep going up)
and getting more development work done on Tor. Since Tor is nowhere
close to done, the latter was the clear choice -- as long as there
is *some* sort of Tor network, that's good enough for testing the new
scalability/anonymity/performance features and bugfixes.

Peter Palfrader then stepped up to answer mail for a while, but he
soon found it to be a flood too. My fix at the

Re: Load Balancing

[Alexander W. Janssen]

On 9/21/07, Nick Mathewson <[EMAIL PROTECTED]> wrote:
> Short answer: Tor tries to group many streams on a single circuit.  If
> we didn't, that would be way too much PK.

Means, if the browser opens up 6 instances to grab stuff from a site,
Tor consolidates all requests into a single circuit?

Makes sense from a performance point of view.

> yrs,
> Nick Mathewson

Alex.

-- 
"I am tired of all this sort of thing called science here... We have spent
millions in that sort of thing for the last few years, and it is time it
should be stopped."
 -- Simon Cameron, U.S. Senator, on the Smithsonian Institution, 1901.


.

Re: Load Balancing

[Alexander W. Janssen]

On 9/21/07, Arrakis <[EMAIL PROTECTED]> wrote:
> Does Tor care about the destination of the TCP request, when deciding to
> make a new circuit, and thus will use one because it is already dirtied
> by that domain?

s/domain/IP-address ?

However, that's all up to the implementation of the internal SOCKS-proxy, too!
Just think: Your browser might send out 6 different requests in
different connections, but you don't know what the SOCKS-interface of
Tor makes of it... It might try to be clever and queue it up to a
single circuit.

Not that this is bad, but interesting to know.

If we get an answer, we should put that up to the Tor Tech FAQ. It's a
pretty interesting question.

> Steve

Alex.

-- 
"I am tired of all this sort of thing called science here... We have spent
millions in that sort of thing for the last few years, and it is time it
should be stopped."
 -- Simon Cameron, U.S. Senator, on the Smithsonian Institution, 1901.


.

Re: Load Balancing

[Alexander W. Janssen]

On 9/21/07, Arrakis <[EMAIL PROTECTED]> wrote:
> Hey guys, quick question.
>
> If I have Tor process running, and request a url that has 10 images to
> load from the same domain, do all the requests go through the same
> circuit, or does the tor process split up the requests across all the
> circuits?

Interesting question. From what I understood a new circuit is created
for every TCP-connection. If your browser grabs, for instance, 6
images at the same time (6 loading instances == connections), Tor
should open 6 different circuits.

However, considering your question... It doesn't sound too efficient
to me... The slides say "If the user wants to access a different site,
Alice's Tor client selects a different path."
I'm curious how strict I should read that...

Site vs. TCP-connections?

Alex.

> Regards,
> Steve
>


-- 
"I am tired of all this sort of thing called science here... We have spent
millions in that sort of thing for the last few years, and it is time it
should be stopped."
 -- Simon Cameron, U.S. Senator, on the Smithsonian Institution, 1901.


.

Re: About HTTP 1.1 Cache

[Alexander W. Janssen]

The easiest solution would be just using different browser-profiles
and run them simultaneously. One for Tor, one for everything else.

Cheers, Alex.

-- 
"I am tired of all this sort of thing called science here... We have spent
millions in that sort of thing for the last few years, and it is time it
should be stopped."
 -- Simon Cameron, U.S. Senator, on the Smithsonian Institution, 1901.


.

Re: time needed to register a serve

[Robert W Capps II]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Funny, I was just coming to post this same question :)

I sent my first request to add a new node (BinaryBLENDER) on August  
23rd,
and then sent a follow-up today . . . still no named flag in the  
directory.


I would be happy to assist if there's a backlog of requests and a  
need for

volunteers to clear them.

Robert

-BEGIN PGP SIGNATURE-
Version: PGP Desktop 9.6.3 (Build 3017)

wj8DBQFG8LWrB7FAVdwjg9QRAgLnAJ9RcGutXPQ1g9v3Xy6gpVw0waT/hQCdGYx3
qzHZPS+bBgnSXfVSKSutdzM=
=F8So
-END PGP SIGNATURE-




On Sep 18, 2007, at 1:06 AM, Scott Bennett wrote:

 Does anyone have a sense of the current processing delay in  
registering
a server?  I ask only because I sent off the registration  
information to
[EMAIL PROTECTED] last Thursday evening, 13 Sept., and my  
server is still

showing up in the status documents without the "Named" flag in them.
 It's not a big deal; I'm just curious.  Processing of flight  
instructor

certificate renewals is now said to take more than six months, and the
certificates have to be renewed every 24 months.  (Your tax dollars  
at work,

of course. :-)


  Scott Bennett, Comm. ASMELG, CFIAG
**
* Internet:   bennett at cs.niu.edu  *
**
* "A well regulated and disciplined militia, is at all times a good  *
* objection to the introduction of that bane of all free governments *
* -- a standing army."   *
*-- Gov. John Hancock, New York Journal, 28 January 1790 *
**

Re: Arrested/surveillance/etc Tor-operators (was: [Fwd: Re: I break the silence: My arrest])

[Alexander W. Janssen]

Hi!

On 9/18/07, xiando <[EMAIL PROTECTED]> wrote:
> > A question to all Tor-operators:
> > I'd like to do a survey about all incidents which happened to
> > operators. Stuff like:
> >
> > * arrested
> > * confiscated equippment
> > * nastygram
> > * surveillance
> > * ...
> >
> > What would be possible other questions/point in the survey?
>
> I was put under surveillance and tortured by the Nowegian "Security" Police.
> Note that this is why I now run Tor-servers, not the other way around (I just
> assumed it would be a good thing to include in the survey).

What does torture mean in your case?

Alex.


-- 
"I am tired of all this sort of thing called science here... We have spent
millions in that sort of thing for the last few years, and it is time it
should be stopped."
 -- Simon Cameron, U.S. Senator, on the Smithsonian Institution, 1901.


.

Re: I break the silence: My arrest

[Alexander W. Janssen]

On 9/16/07, Ringo Kamens <[EMAIL PROTECTED]> wrote:
> If you set up a paypal account I would be willing to donate on a
> case-by-case basis (in this case, it would be to help with your legal
> fees). I think even if you don't need help with legal fees by
> receiving donations from all across the world it sends the message to
> German authorities that harassing and attacking tor node operators is
> not acceptable. Also, being able to mail in money would also be nice ;
> )

Well. There's an EFF Europe now and it has a coordinator, Erik
Josefsson, who's in cahrge with it. Maybe we should contact him and
let all the funds ran over the european EFF?

Erik, you're listening? Is there any possiblity to create a legal fund?

(Problem is: At leat german organisations can't accept donations
tax-free from foreign countries. Also I'd like to see someone official
in charge rather than some person - like me, who is pretty much unkown
and not trustworthy when it comes to money.)

> Comrade Ringo Kamens

Alex.

-- 
"I am tired of all this sort of thing called science here... We have spent
millions in that sort of thing for the last few years, and it is time it
should be stopped."
 -- Simon Cameron, U.S. Senator, on the Smithsonian Institution, 1901.


.

Re: I break the silence: My arrest

[Alexander W. Janssen]

On 9/16/07, Ringo Kamens <[EMAIL PROTECTED]> wrote:
> Is there any way that people can donate to help cover your legal fees?
> I'll commit to one US dollar. If half the people who read this message
> did that, it would at least take a small chunk out of that mountain of
> legal fees you're facing. Also, have you talked to the CCC (ccc.de)
> about this? They might be able to help.

Hi Ringo,

thanks for your offer, but I'm able to sort this out on my own.
However, your offer is valid and some kinda Tor Legal Fund (which was
discussed earlier) would make sense. There are still some open cases
(like morphiums's case, a student) which could need monetary help.
However, I'm not a lawyer and I don't know anything about how to set
up such a thing.

It's be easy to set up a Paypal-account, but it'd be not "non-profit",
means someone's got to pay taxes for this.

Any takers?

> Comrade Ringo Kamens

Alex.

-- 
"I am tired of all this sort of thing called science here... We have spent
millions in that sort of thing for the last few years, and it is time it
should be stopped."
 -- Simon Cameron, U.S. Senator, on the Smithsonian Institution, 1901.


.

Re: I break the silence: My arrest

[Alexander W. Janssen]

On 9/16/07, Ryan Wagner <[EMAIL PROTECTED]> wrote:
> There's still the possibility that a server op is using their Tor node
> as a scapegoat and really is doing bad things (I don't mean to imply
> that's the case here). Even if the police know that their suspect is
> running a Tor node, what Tor is, and what it's used for, they're still
> going to investigate him. All we can hope for is that they'd be a bit
> nicer about it.

Actually one guy from the police exactly asked me: "Can you prove that
the traffic is really from Tor and someone else and not from your
pretending this was Tor traffic?"

F*ck! This is insane. If i'd be an evildoer I would use *every other*
exitnode, but not mine! Why should I use mine? There'd be a chance
that they kick down my door! I'd handcraft my torrc in a way to
blacklist my very own node.

And why on earth should I, as the suspect, prove myself unguilty in
that case? I can't!
There's a saying: "Innocent until proven guilty". And it's good that
way. I don't need to prove my innocense. THEY have to prove I'm
guilty!

Never forget that. It's the law.

It's a stupid idea. Sorry. Bollocks.

Alex.

-- 
"I am tired of all this sort of thing called science here... We have spent
millions in that sort of thing for the last few years, and it is time it
should be stopped."
 -- Simon Cameron, U.S. Senator, on the Smithsonian Institution, 1901.


.

Re: I break the silence: My arrest

[Alexander W. Janssen]

On 9/16/07, Scott Bennett <[EMAIL PROTECTED]> wrote:
> >Actually what'd be more useful would be something like a tag in the
> >whois-database... But the average copper would probably either ignore
> >or not understand it :-(
> >
>  Um...and that would be more useful how?  I thought the suggestion was
> to provide them information that *would* convince the average cop not to
> bother.

No, but it'd mean that the copper might see that this is an exit-node,
rather than the real offender and think a bit before sending out the
SWAT-team.

Alex.

-- 
"I am tired of all this sort of thing called science here... We have spent
millions in that sort of thing for the last few years, and it is time it
should be stopped."
 -- Simon Cameron, U.S. Senator, on the Smithsonian Institution, 1901.


.

Re: I break the silence: My arrest

[Alexander W. Janssen]

On 9/16/07, Juliusz Chroboczek <[EMAIL PROTECTED]> wrote:
> > http://itnomad.wordpress.com/2007/09/16/tor-madness-reloaded/
> Alex, perhaps you or somebody could put up a web page, in German, that
> explains in simple terms what Tor is about, aimed at explaining to the
> average German police officer what tor is about.  This might (or might
> not) prove useful if other German tor operators get into a similar
> kind of situation.

Actually what'd be more useful would be something like a tag in the
whois-database... But the average copper would probably either ignore
or not understand it :-(

> Juliusz

Alex.


-- 
"I am tired of all this sort of thing called science here... We have spent
millions in that sort of thing for the last few years, and it is time it
should be stopped."
 -- Simon Cameron, U.S. Senator, on the Smithsonian Institution, 1901.


.

I break the silence: My arrest

[Alexander W. Janssen]

Hi all,

I made some dubious comments recently about ongoing investigations
against me. Today I got a letter from the lawyer of the state telling
me that I'm not longer a suspect.

Hereby I break my silence:
http://itnomad.wordpress.com/2007/09/16/tor-madness-reloaded/

Thanks for all the people who knew about it beforehand, for their
understanding and support. Especially to my wife who went through
hell.

Cheers, Alex.

-- 
"I am tired of all this sort of thing called science here... We have spent
millions in that sort of thing for the last few years, and it is time it
should be stopped."
 -- Simon Cameron, U.S. Senator, on the Smithsonian Institution, 1901.


.

Re: What do you think about this exit policy for germany?

[Alexander W. Janssen]

Just one contra:

"Supporting $some_crime" always means that you knew about that certain
case they're suing you about. Since you can only know about something
if you start sniffing - which is strictly forbidden - you can't
possibly know about a direct certain crime.
Unless you were it yourself, using your own Tor exit-node, trying to
veil yourself behind this clever coupe. (yes, that's what one
policeman thought of me once...)

However, that doesn't protect you from Mickey Mouse investigation.

Any lawyers here who can confirm/dissect my argument?

Alex.

-- 
"I am tired of all this sort of thing called science here... We have spent
millions in that sort of thing for the last few years, and it is time it
should be stopped."
 -- Simon Cameron, U.S. Senator, on the Smithsonian Institution, 1901.


.

Re: [german] Suche Strafrechtler (Vorwurf: Verbreitung KiPo)

[Alexander W. Janssen]

The interesting part in english:

1) The state filed two cases against me. There are ongoing
investigations for multiple accusations.
2) I'm OK.
3) I have a competent lawyer.
4) I've shut down my server "wormhole" to protect my family.
5) Don't gossip. I'll break the news when I know I'll be safe. To the
press: I won't comment on it.

On a sidenote, I just came back from the Linuxbeerhike 2007 in Crete,
where I gave a talk about the legal implications when running a
Tor-node. The slides are here:

http://yalla.ynfonatic.de/media/lbw2007/tor_talk-LBW2007.pdf

Feedback is welcome.

Alex.


-- 
"I am tired of all this sort of thing called science here... We have spent
millions in that sort of thing for the last few years, and it is time it
should be stopped."
 -- Simon Cameron, U.S. Senator, on the Smithsonian Institute, 1901.


.

Re: [german] Suche Strafrechtler (Vorwurf: Verbreitung KiPo)

[Alexander W. Janssen]

Hallo! (german - sorry)

On 9/8/07, TOR Admin (gpfTOR1) <[EMAIL PROTECTED]> wrote:
> "wormhole" ist bereits offline und braucht evtl. Hilfe

Ich will hier einmal proaktiv ein paar Informationen abgeben, um
Gerüchten, Spekulationen und der allgemeinen Paranoia zuvorzukommen:

1) Ja, gegen mich wird momentan in zwei verschiedenen Fällen
ermittelt, einer ist mir heute morgen erst ins Haus geflattert - der
andere ist schon sechs Wochen alt. Details will ich noch nicht nennen.
Mein Anwalt hat noch keine Akteneinsicht.
2) Ja, wormhole ist offline und wird es auch zunächst bleiben; ich
habe Familie, der ich momentan nicht noch mehr Druck zumuten kann.
3) Ich habe kompetenten Rechtsbeistand.
4) Mir geht es gut.
5) Bitte keine Gerüchte, Mutmassungen etc. an die Presse kolportieren.
Wenn es Neuigkeiten gibt, werde ich diese selber nennen. Falls die
Presse mitliest: Anfragen sind zwecklos, ich werde keinen Kommentar
abgeben.

Details, wenn ich sie nennen kann.

> Es wird Zeit, eine Organisation für TOR-Admins zu bilden, an die man
> sich wenden kann. Wir bräuchten Anwälte, Journalisten 

Dazu gibt es schon einige Ideen von verschiedensten Leuten. Ich werde
aber erst einmal meinen Kopf unten halten.

Ich komme gerade von der Linuxbierwanderung 2007 wieder, wo ich einen
Talk über die rechtliche Aspekte gehalten habe. Wen es interessiert,
die Slides sind hier:
http://yalla.ynfonatic.de/media/lbw2007/tor_talk-LBW2007.pdf

> Gruß

Alex.

-- 
"I am tired of all this sort of thing called science here... We have spent
millions in that sort of thing for the last few years, and it is time it
should be stopped."
 -- Simon Cameron, U.S. Senator, on the Smithsonian Institute, 1901.


.

Re: Proposal of a new hidden wiki

[Alexander W. Janssen]

On 8/7/07, Frozen Flame <[EMAIL PROTECTED]> wrote:
> Hello, guys.

Hi!

> Is anyone interested on the return of the hidden wiki?

Fire at will.

Alex.

-- 
"I am tired of all this sort of thing called science here... We have spent
millions in that sort of thing for the last few years, and it is time it
should be stopped."
 -- Simon Cameron, U.S. Senator, on the Smithsonian Institute, 1901.

Re: What happens when I shut down my Tor-server?

[Alexander W. Janssen]

OK, thanks for all your answer, I was a bit busy lately.

On 7/14/07, Scott Bennett <[EMAIL PROTECTED]> wrote:

Skipping your questions, I pose the following ones.
1) Which signal did you send tor to get it to shut down?


SIGINT


2) If SIGINT, had ShutdownDelay seconds passed within the 30-minute
   period to which you referred?


ShutdownWaitLength you mean? It's left to default - 30s. So yes to
your question.


3) Are there other network applications running on the same computer
   to which some/all of the traffic you claim to see could be
   attributed?


No.

Basically I shut down the server with "/etc/init.d/tor stop". (the
SYSV-style init-script Debian supplies)

What I found was that there were still lot's of differents sources
trying to reach my node on various ports, including ORPort. Well, if
that'd run for 5 minutes I wouldn't have written this email, but after
30 minutes I was still receiving lot's of stuff.

However; I'll try again with more thorough tests and come back if I
find anything even more weird stuff. So well, thanks all. Seems like
this is nothing to worry about, however, I thought (means: I haven't
checked the docs:) that after my node got deleted from the
directory-servers no inbound requests should happen anymore.

However, thanks :)

Alex.

--
"I am tired of all this sort of thing called science here... We have spent
millions in that sort of thing for the last few years, and it is time it
should be stopped."
-- Simon Cameron, U.S. Senator, on the Smithsonian Institute, 1901.

What happens when I shut down my Tor-server?

[Alexander W. Janssen]

Hi,

for maintenance-reasons I had to shut down my server today. However,
after shutting down the server I realized that there's still much
traffic, although shutdown was 30 minutes ago.

So, does the server tell it's peers that it's going down? Does it
deregister? Or is that stray-traffic?

Cheers, Alex.

--
"I am tired of all this sort of thing called science here... We have spent
millions in that sort of thing for the last few years, and it is time it
should be stopped."
-- Simon Cameron, U.S. Senator, on the Smithsonian Institute, 1901.

Re: Wanted feature / option

[Alexander W. Janssen]

On 5/30/07, Kyle Williams <[EMAIL PROTECTED]> wrote:

I was testing a spam-reply script and or-talk@freehaven.net got into it
somehow.

My bad, sorry.


YMMD :-)

Alex.

--
"I am tired of all this sort of thing called science here... We have spent
millions in that sort of thing for the last few years, and it is time it
should be stopped."
-- Simon Cameron, U.S. Senator, on the Smithsonian Institute, 1901.

Re: Tor Server Behind Reactive Firewall

[Alexander W. Janssen]

On 5/19/07, Rouslan Nabioullin <[EMAIL PROTECTED]> wrote:

Will a reactive firewall affect a middle-node Tor server? I am planning to
use a Smoothwall Linux firewall with the reactive mod
(http://community.smoothwall.org/forum/viewtopic.php?t=8206).


Well, what does "reactive" mean? I just had a short look at it and
those p2p.rules files seems to be covering what's mentioned at
http://www.snort.org/vrt/docs/ruleset_changelogs/changes-2006-04-12.html.
Tor isn't explictly mentioned there. But who knows what kind of rules
were included in the meantime, so you should check that beforehand.


I am concerned since when I ran a Tor server with Smoothwall, there were
hundreds of entries logged in IDS (intrusion detection system).


What kind of messages? Would be nice if you could share them so that a
Tor-specific rulefile could be created (if someone not already did
that?)


Try the Yahoo! Mail Beta.


No. :-)

Cheers, Alex.

--
"I am tired of all this sort of thing called science here... We have spent
millions in that sort of thing for the last few years, and it is time it
should be stopped."
-- Simon Cameron, U.S. Senator, on the Smithsonian Institute, 1901.

To the operator of the node "AoF"

[Alexander W. Janssen]

OK, that's half off-topic, sorry for that.

To the operator of the node "AoF":

You didn't give any contact-info, so I try to reach you on this way:
Your node doesn't seem to work very well, the squid-proxy you're using
ran out of sockets. If you try to use your node, you'll always end up
with the error-message:

--- snip ---
ERROR
The requested URL could not be retrieved

While trying to retrieve the URL: http://www.heise.de.aof.exit/

The following error was encountered:

   * Socket Failure

The system returned:

   (99) Cannot assign requested address

Squid is unable to create a TCP socket, presumably due to excessive
load. Please retry your request.
--- snap ---

Ulimits too low? Or the fault of your upstream-provider...?

Hope that helps...
Alex.

--
"I am tired of all this sort of thing called science here... We have spent
millions in that sort of thing for the last few years, and it is time it
should be stopped."
-- Simon Cameron, U.S. Senator, on the Smithsonian Institute, 1901.

Re: Another Method to Block Java Hijinks

[Alexander W. Janssen]

On 4/5/07, James Muir <[EMAIL PROTECTED]> wrote:

You may be interested to know that there is a Live CD which bundles Tor
and some ipchains rules.  It is mentioned in the Tor FAQ -- see "Virtual
Privacy Machine":


Actually Robert Hogan hacked together a Live-CD. Torrent here:
http://yalla.ynfonatic.de/media/TorLiveCD-TestingOnly.iso.torrent

See the thread "LiveCD for testing" for details. Not sure if he also
incorporated proper firewall-rules though. But I think he'd appreciate
feedback.


-James


Alex.

--
"I am tired of all this sort of thing called science here... We have spent
millions in that sort of thing for the last few years, and it is time it
should be stopped."
-- Simon Cameron, U.S. Senator, on the Smithsonian Institute, 1901.

Re: LiveCD For Testing

[Alexander W. Janssen]

Hi all,

since the tracker Robert used went down, I set up a tracker elsewhere.
The torrent Metafile can be accessed at
http://yalla.ynfonatic.de/media/TorLiveCD-TestingOnly.iso.torrent

The md5sum of the ISO is 0843b24fb08edf6e0ef64f82083e041b and it would
be good if Robert could confirm that.

I'm currently seeding with two machines, but I'm going to take the
second seeder down as soon as other people joined in to save
bandwidth; I noticed that a couple of people already completly
downloaded the ISO, so there's no need to download it again. Starting
your Client in the same directory where the original ISO is stored is
enough.

Cheers, Alex.

--
"I am tired of all this sort of thing called science here... We have spent
millions in that sort of thing for the last few years, and it is time it
should be stopped."
-- Simon Cameron, U.S. Senator, on the Smithsonian Institute, 1901.

Re: Is this for real?

[Alexander W. Janssen]

On 3/31/07, Karsten Loesing <[EMAIL PROTECTED]> wrote:

But who knows? Perhaps they have multiple strategies? :)


Sorry, I can't help myself, but I'm tempted to rename my node to
something intriguing just for the fun of it.
"Fear and Loathing in Fort Meade" :)

Names mean nothing.


Karsten


Alex.


--
"I am tired of all this sort of thing called science here... We have spent
millions in that sort of thing for the last few years, and it is time it
should be stopped."
-- Simon Cameron, U.S. Senator, on the Smithsonian Institute, 1901.

Re: Tor server crashes on a Linksys WRT54GL

[Alexander W. Janssen]

Well what you could do is remote-debugging.

Follow instructions to build gdb-sever for OpenWRT:
http://forum.openwrt.org/viewtopic.php?pid=29712

Install gdb-server

Run gdb-server on your WRT:
# gdb-server $ip:12345 /path/to/tor $myoptions
(Tor won't start immediately but will wait for a "cont" on the remote-debugger)

Set ulmits and run gdb an another machine on the network:
$ ulimit -c unlimited   # or whatever you consider a sane value
$ gdb
(gdb) target remote $ip:12345   # connect to WRT
(gdb) cont   # run Tor
...wait for crash and note output...

(Note: In the referenced URL above are more architecture-specific
notes for the WRT. I haven't tried this myself)

No idea if that will result in anything, but it might give some
information about what's really going on - like if it's a memory-issue
or something else. If the programm crashes with a SEGFAULT or
something, type "bt" in the remote gdb-session to show the backtrace.

Will be a lot of work, but maybe it's worth it.

HTH, cheers, Alex.

On 3/14/07, Mark Furner <[EMAIL PROTECTED]> wrote:

Hi Roger

The WRT54GL has about 16MB RAM. I was using an OpenWRT package of TOR version,
0.1.0.17. There is no gcc etc. on the box, and I doubt whether the thing
could be compiled on it: will TOR run on such as puny system?

Thanks for the tips about bandwidth changes. If I ever get this thing working,
I could donate more bandwidth when I ought be sleeping...

BTW nmap can scan higher port nos if you set with a port range (-p1-65535 )
but I take your point about netstat (on the box itself).

Thanks for the tips

Mark

On Wednesday 14 March 2007 08:20, Roger Dingledine (Roger Dingledine
<[EMAIL PROTECTED]>) may have written:
> On Wed, Mar 14, 2007 at 07:57:24AM +0100, Mark Furner wrote:
> > I am experimenting with a tor server on my Linux router, but it starts 5
> > processes and hogs all my CPU before crashing.
>
> Try the 0.1.2.10-rc release -- it will start only 2 processes and then
> hog all your cpu. ;)
>
> > I am using a Linksys WRT54GL
> > with OpenWRT (White Russian RC6).
>
> How much ram does your linksys have? I hear they have been selling them
> with less and less ram to discourage people from using them for anything,
> so the newer it is the less likely it will run Tor (or heck, Linux) well.
>
> > An nmap scan did not show the port open (I
> > have opened TCP ports 9001 and 9030 on my firewall). Any tips so I can
> > get this working?
>
> nmap won't scan all the ports. It is the wrong tool for that purpose.
> Try netstat instead.
>
> > I would like to donate more bandwidth during the night, and think I could
> > start/stop the tor server with a different torrc config file. If someone
> > has a better idea how to do this, then please also let me know.
>
> You may find
> http://wiki.noreply.org/noreply/TheOnionRouter/CronBandwidthLimit
> or
> http://wiki.noreply.org/noreply/TheOnionRouter/BandwidthLimitChangeControll
>er helpful.
>
> > Thanks for any help or pointers,
>
> Good luck,
> --Roger

--
x-x-x-x-x-x-x-x-x-x-x-x-x
Mark Furner, PhD
Lärchenstr. 39
CH 8400 Winterthur
Switzerland
T. 0041 (0)78 641 15 92
E. [EMAIL PROTECTED]




--
"I am tired of all this sort of thing called science here... We have spent
millions in that sort of thing for the last few years, and it is time it
should be stopped."
-- Simon Cameron, U.S. Senator, on the Smithsonian Institute, 1901.

Re: Security Focus story

[Alexander W. Janssen]

On 3/9/07, Eugen Leitl <[EMAIL PROTECTED]> wrote:

On Fri, Mar 09, 2007 at 08:37:58AM +0100, Alexander W. Janssen wrote:

> If TOR would legally qualify as an ISP, we're in deep trouble.

We don't provide access to the Internet, and we're not charging
for it. Last time I looked the data retention laws also allowed
a loophole for very small providers.


I hope so, although I wonder how "small" will be defined. How would
you tell how many users your have on your TOR-node?


> Keyword: the upcoming data-retention laws in Europe.

Even if you ran a Tor node with logging, and you gave
BKA a slice for the time window they ask you for, that
would be quite useless.


No; the point is if you'd qualify as an "access provider" you need to
enable "relevant logging". ETSI already defined interfaces and
data-sets which would come quite handy.

But I agree with you: The law isn't here yet.

Alex.


--
"I am tired of all this sort of thing called science here... We have spent
millions in that sort of thing for the last few years, and it is time it
should be stopped."
-- Simon Cameron, U.S. Senator, on the Smithsonian Institute, 1901.

Re: Security Focus story

[Alexander W. Janssen]

On 3/9/07, James Muir <[EMAIL PROTECTED]> wrote:

http://www.securityfocus.com/news/11447


A quote which worries me:
"Tor servers meet the definition of an Internet service provider,
which means that operators are not required to know what data passed
through the server, said Kevin Bankston, staff attorney with the
Electronic Frontier Foundation (EFF)"

If TOR would legally qualify as an ISP, we're in deep trouble.
Keyword: the upcoming data-retention laws in Europe.

Alex.

--
"I am tired of all this sort of thing called science here... We have spent
millions in that sort of thing for the last few years, and it is time it
should be stopped."
-- Simon Cameron, U.S. Senator, on the Smithsonian Institute, 1901.

Re: Building tracking system to nab Tor pedophiles

[Alexander W. Janssen]

On 3/7/07, Nick Mathewson <[EMAIL PROTECTED]> wrote:

[...] and fangirls reading harry/ron slashfic online.


The picture! It's burning into my brain-patterns! ARGH!

Cheers, Alex.

--
"I am tired of all this sort of thing called science here... We have spent
millions in that sort of thing for the last few years, and it is time it
should be stopped."
-- Simon Cameron, U.S. Senator, on the Smithsonian Institute, 1901.