Re: [Tails-dev] A really basic question.

[intrigeri]

Hi Marco!

It's been a while, I'm happy to see you're still around.

Marco Calamari wrote (05 Aug 2012 13:01:09 GMT) :
> Apart from remembering it (more difficult with age) or reasoning
> starting from kernel version, is there any way to know what version
> of Tails is in use?

Yes. Run the "tails-version" command in a terminal.

BTW, someone wanted to do Italian translation for Tails, but was
unfortunately alone, and we're not too happy with single members l10n
teams, so in case you want to help him bootstrap a team, please drop
an email to tails-l...@boum.org :)
___
tails-dev mailing list
tails-dev@boum.org
https://mailman.boum.org/listinfo/tails-dev

[Tails-dev] A really basic question.

[Marco Calamari]

Apart from remembering it (more difficult with age) or reasoning
starting from kernel version, is there any way to know what version of
Tails is in use?

I think that should be evident somewhere; is the base of the
 warning system..

But maybe is already there, so pls help me to find ...

Ciao.Marco
-- 
+--- http://www.winstonsmith.org  ---+
| il Progetto Winston Smith: scolleghiamo il Grande Fratello |
| the Winston Smith Project: unplug the Big Brother  |
| Marco A. Calamari mar...@marcoc.it  http://www.marcoc.it   |
| DSS/DH:  8F3E 5BAE 906F B416 9242 1C10 8661 24A9 BFCE 822B |
+ PGP RSA: ED84 3839 6C4D 3FFE 389F 209E 3128 5698 --+


signature.asc
Description: This is a digitally signed message part
___
tails-dev mailing list
tails-dev@boum.org
https://mailman.boum.org/listinfo/tails-dev

[Tails-dev] separate Tor streams

[adrelanos]

I don't know your policy who is permitted to edit Tails's TODO items, so
I share my comments regarding separate Tor streams [1] here. For readers
who never heard about stream isolation please see the Tor manual.
(Isolate...) [7]

Thanks for considering separate Tor streams. Since I already added [5]
separate Tor streams to aos [2] I made a summary aos's implementation.

It is preferred to add one SocksPorts per application to /etc/torrc. Of
course only for applications which are expected to issue network
activity. Configure all applications, which support socks settings, to
point to their designated SocksPort.

Alternatively you could also re-use one SocksPort multiple times and use
different socks passwords. I preferred not to do that, because not all
applications do support socks passwords and because I trust applications
more to have a bug free socks port implementation than socks password
implementation. (Because much more users do use socks ports than socks
passwords.) Also for simplicity it was easier to use separate SocksPorts
for everything.

By the way, you may ask yourself, using ten or more SocksPorts does not
result in opening more circuits than usual, at least not that I ever
observed.

Unfortunately, not all applications support socks settings. Somehow they
have to be pointed to their own SocksPort anyway.

Tor does not include (multiple) HttpPort(s) [8] and it's not on the
horizon. I requested a similar feature for privoxy [9] but chances are
very low. There is another discussion about this on tor-talk [10] but
the suggested solution [11] is imho unfeasible and error prone.

torsocks's usewithtor unfortunately doesn't support choosing different
SocksPorts by using parameters. The torsocks configuration file has to
be changed. Also if the user types wget in console it should be
torified. Therefore I made a fork of torsocks's usewithtor, which I call
uwt. [13] [14] Wrappers are used (hint given by interigi) to let wget
etc. when issued in console or by other applications to use uwt, thus
getting separate SocksPorts.

(Adding that feature upstream is unlikely. torsocks is practically
unmaintained, no progress with torsocks's issues for a long time [15]
and other issues. [12] torsocks could need a new (co-)maintainer.)

A hack how to force non-socks (and non-proxy) aware applications to use
separate SocksPorts is documented. (uwt) [13]

Cheers,
adrelanos

[1] https://tails.boum.org/todo/separate_Tor_streams/
[2] https://trac.torproject.org/projects/tor/wiki/doc/TorBOX/
[3] https://trac.torproject.org/projects/tor/wiki/torbirdy#Privoxy
[4] https://lists.torproject.org/pipermail/tor-talk/2012-July/024782.html
[5]
https://trac.torproject.org/projects/tor/wiki/doc/TorBOX/ApplicationWarningsAndNotes#Identitycorrelationthroughcircuitsharing
[6]
https://github.com/adrelanos/aos/blob/devel/aos_shared/usr/local/bin/torcheck
[7] https://www.torproject.org/docs/tor-manual-dev.html.en
[8] https://trac.torproject.org/projects/tor/ticket/6060
[9]
http://sourceforge.net/tracker/?func=detail&aid=3541363&group_id=8&atid=361118
[10] https://lists.torproject.org/pipermail/tor-talk/2012-June/024497.html
[11] https://lists.torproject.org/pipermail/tor-talk/2012-June/024498.html
[12] https://trac.torproject.org/projects/tor/ticket/6155
[13] https://trac.torproject.org/projects/tor/wiki/doc/torsocks
[14]
https://github.com/adrelanos/aos/blob/devel/aos_shared/usr/local/bin/uwt
[15] https://code.google.com/p/torsocks/
[16]
TorBrowser (socks proxy settings), XChat (socks proxy settings),
Thunderbird with TorBirdy (socks proxy settings to socks port, http
proxy to privoxy [3] [4] and privoxy also gets a separate SocksPort,
Instant Messenger (socks proxy settings), apt-get (uwt wrapper), gpg
(uwt wrapper), ssh (uwt wrapper), git (uwt wrapper), htpdate (uwt
wrapper), wget (uwt wrapper), torcheck [6] (uwt wrapper), BitCoin (socks
proxy settings), privoxy (socks proxy settings), polipo (socks proxy
settings)
___
tails-dev mailing list
tails-dev@boum.org
https://mailman.boum.org/listinfo/tails-dev

Re: [Tails-dev] tails_htp: exit node can fingerprint Tails users until exit node is changed

[intrigeri]

Hi,

adrelanos wrote (23 Jul 2012 01:36:26 GMT) :
> Because Tails doesn't use stream isolation and uses tails_htp over
> Tor, the exit node can see "Hello, this is a Tails user!". (Who else
> uses tails_htp over Tor.) The problem persists until the exit node
> is changed.

To be on the safe side, I'll assume the underlying unproven assumption
(that "tails_htp"'s fingerprint is that easily recognizable by an exit
node) is true, which is probably the case in the current state
of things.

> Proposed solution: use stream isolation, run tails_htp/wget over
> a different SocksPort.

Great idea, thanks!
I've added it to this ticket:
https://tails.boum.org/todo/separate_Tor_streams/
___
tails-dev mailing list
tails-dev@boum.org
https://mailman.boum.org/listinfo/tails-dev

Re: [Tails-dev] trail widget for the documentation

[intrigeri]

hi,

sajolida wrote (22 Jul 2012 17:24:15 GMT) :
> As suggested earlier on this list, I started to implement
> a navigation widget for the documentation using the trail plugin of
> ikiwiki [1]. This is meant to provide "Previous" "Next" links inside
> each section of the documentation.

Great!

> By default, ikiwiki places it both under the title of the page, and
> at the beginning of the footer. I'm not sure that's the best thing
> we can do. The GNOME Style Guide, for example, places it only at the
> bottom of the page [2].

I think bottom only is best.
___
tails-dev mailing list
tails-dev@boum.org
https://mailman.boum.org/listinfo/tails-dev