Re: [tor-talk] Fox News bans my Tor Browser
Hello l.m, Thursday, January 15, 2015, 4:42:47, you wrote: You're probably the only one viewing that site using Tor. That would explain why you didn't have any problem at first. Now they've noticed. Pity, that. I had been enjoying being able to read, daily, news from a dozen sources WW and not worry somebody was profiling what I saw as 'germane' . Albeit to me. It might be the changing exit node from new identity. I did try changing identities. After numerous tries, I was successful onto FoxNews. Then shortly that too changed and I was backed to being blocked. You might try adding TrackHostExits .. You might also try AllowDotExit. torrc-defaults located in /Browser/TorBrowser/Data/Tor I shall give them a try. tnx I'll report back. -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] GSOC 15
On Thu, Jan 15, 2015 at 11:46 PM, Akhil Koul akhil.ko...@gmail.com wrote: Hello I am a third year undergrad Computer Engineering student from Pune Institute of Computer Technology, India. My area of interest is in Networking and Network Security. I would like to get involved in Tor Community by contributing for Tor in GSoC 2015. I have been actively using Tor so far and would love to be a part of this wonderful project. I would like to know about the ways in which i can contribute for Tor development as a part of GSoC 2015. Hello! To begin: Google has not announced the list of organizations in GSoC 2015, so we don't know whether we're selected or not. We hope we are, of course, but we can't take their selection for granted. But assuming we are selected, a student's best chances for being selected are making sure that they have a good portfolio of well-written, well-designed software that they wrote. It also helps if a student has written a few small, thoughtful, well-designed patches for Tor in the past, so we have a feeling of what it's like to work with them. -- Nick -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] Cryptographic social networking project
Dear evervigilant, no we do not consider running Diaspora behind Tor since that is not a good idea in both terms of anonymity and scalability. Diaspora already has scalability issues, it would certainly not improve if each transaction travels across six Tor relays. And the way each Diaspora node has a pretty large view of the entire social graph makes it an easy target for de-anonymization of that graph as shown by the 2009 De-anonymizing Social Networks paper I mentioned earlier. See also Scalability Paranoia in a Decentralized Social Network concerning the safety of having social data on federated servers and VPS in the clear. Back to Ms or Mr Sharebook, What I wrote earlier: If in a distant future the encryption fails us, attackers would be able to decrypt what they see right there plus how much they have been keeping as a full take or Tor snapshot. That I hope is different from being able to access the entire history of all social network interactions, because they're all in that cloud. On Thu, Jan 15, 2015 at 10:04:02PM +, cont...@sharebook.com wrote: Criticizing cloud storage in the case of a cryptanalysis breakthrough is unrealistic. attackers wiretap communications and pickup cipher-texts in transit not just from servers. They can easily detect cipher-texts (e.g PGP encrypted emails) from plain-texts to store them forever so assuming that we didn't stored cipher-text on a server won't help anyone if attackers break ciphers themselves. There is no plain text involved in the communication architecture we are talking about. Not in ours and I hope also not in yours. So making a reference to the dangers of using PGP is moot here. Also, being the guy who collected 15 reasons not to start using PGP I am kind of familiar with what you say ( http://secushare.org/PGP ). And no, it is not unrealistic to criticize cloud architectures this way. I have heard from several sources that the NSA does not archive P2P/file sharing interactions. Copyright infringement is even less of their concern as pedophilia. Even GCHQ's full take is thrown away after a certain time. What they do is archive each and every e-mail, PGP or not, for indefinite time - because it is so obvious to do. They may be archiving Tor traffic for as long as it is affordable, although by the forward secret nature of Tor it isn't even a very worthwhile exercise even if decryption were feasible, but if we additionally teach Tor to be multicast scalable, then Tor would start homing a lot of social networking and maybe even forms of multi-recipient streaming. That drives the cost of archival pretty high, possibly out of the range of reasonable affordability. I think this is an advantage worth considering, whereas a cloud system already provides for the optimal archival for later decryption. Also, who pays for Utah-like storage requirements? What is your business model for financing the sharebook cloud servers? it's not Utah-like. We can get donations if people really use the application in mass scales (think of wikipedia) Well, I would like to challenge the likes of Facebook, not make yet another social network for aware minorities. You are trading in scalability for what you think is the necessary cryptography but researches seem to be of a different opinion as the following papers show. 2009, De-anonymizing Social Networks by Arvind Narayanan and Vitaly Shmatikov is about correlating Twitter and Flickr users. Is this really what you mean? Sounds pretty off-topic to me. why do you think our one-to-many pseudonyms graph would be different from Flickr? pubsub attach some metadata to pseudonymous vertices that can be used for analyzing them I like that you are using our while speaking of the secushare model, I assume you are considering joining forces. ;) Since it is necessary to take over all involved relay nodes for each distribution tree, I think that it is a very expensive operation trying to obtain even parts of the social graph. If you only have some parts of the tree, you should not be able to correlate which parts belong to the same tree. Only after you have somehow managed to obtain pieces of the social graph you can attempt a de-anonymization according to the paper you cited - that in our scheme means you either take over a lot of relay nodes, or - much easier - you obtain information from the user's laptops and smartphones as they access the social network. That unfortunately is a weak point that all social applications on the Internet will always have - and a much cheaper point of weakness than the threat of being able to figure out the structure of a multicast distribution happening across the network. Still, the paper we cited above states explicitly that the operation of de-anonymization works best if it has access to large social graphs. That was easy to do with Flickr vs Twitter, but it isn't at all if all you have is unnamed nodes in unstructured pieces of trees. That is how I
Re: [tor-talk] Fox News bans my Tor Browser
Just add them to the wall here... https://trac.torproject.org/projects/tor/wiki/org/doc/ListOfServicesBlockingTor -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] Where's longclaw
On 2015-01-15 15:56, Damian Johnson wrote: Yup, longclaw is down. Its operator has been notified... https://lists.torproject.org/pipermail/tor-consensus-health/2015-January/005500.html On Thu, Jan 15, 2015 at 12:42 PM, l.m ter.one.lee...@hush.com wrote: After missing signature it's now not listed in current consensus. Did I miss some event? -- leeroy -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk Riseup Networks has been getting DDoS'd sporadically these couple of days, this probably explains the outage of their dir auth. -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] Fox News bans my Tor Browser
On 1/16/2015 5:41 AM, Rocky_Tor wrote: It might be the changing exit node from new identity. I did try changing identities. After numerous tries, I was successful onto FoxNews. Then shortly that too changed and I was backed to being blocked. For me, TBB is sometimes blocked on sites where it generally is not. My description here has worked on *some* sites, but fails on others. Like, https://ixquick.com/do/search Startpage. When they block, those 2 sites usually give a captcha. On those 2 sites ( a fair # of others) just clicking the new identity on tor button often removes the captcha, or other site access issues, if no captcha. New identity sometimes fails to allow access - even on sites it normally works. Maybe ? because of the geo-location of new identity is near the old one; or new identity's IPa is also on a spam list, etc? I still (sometimes) use Vidalia [1], - allows more quickly choosing a new identity w/ exit relays far from the one getting blocked. Often, if clicking New Identity on TorButton doesn't solve a site access issue, selecting a exit in a much different geo-location solves it. [1] I don't know that Vidalia is still considered anonymity safe, in later TBB versions - like 4.02, 4.03. COMMENTS on that? On Cloudfront supplied captchas on sites, I still find that entering captchas or changing identities to be mostly unsuccessful. Can someone explain about using the following methods - mentioned earlier? You might try adding TrackHostExits .. You might also try AllowDotExit. -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
[tor-talk] What relay does really help the TOR project?
Hello List, I first heard from TOR after the leaks of snowden and started to read a lot about TOR but never used it - and I still don't use it (I just don't have the need for it). Before christmas I started a tor relay on my dedicated server. To be clear: Just a normal middle relay with 100 MBit/s advertised and 200 MBit/s burst. While the holidays more and more traffic was going over the network card. After a week I decided to increase the speed to 200 MBit/s advertised bandwidth. A day later I took the reduced exit rules and kicked out some more ports. So now I'm running an exit relay. The past days I made some short tcpdump traces to find out what people use TOR for. Well, it's kind of sad. A short analyse of the hostnames gave me the result: 80% Porn, 10% site crawling, 5% Wordpress comment spam and 5% human traffic. I don't get why people use TOR for watching porn. Now I dived deeper into the TOR architecture. I read that now that I'm running an exit relay I'm not able to be a normal middle relay (please tell me if I'm wrong). Since I'm not willing to help people with my exit relay just to watch anonymous porn on the web, I would rather help the people inside the network stay anonymous and speedup the network itself - thus just running a normal relay. I'm aware that the porn traffic will still be running through the relay but also the better/wanted relay-to-relay traffic. Long story short: What type of relay helps the TOR project more? Exit-Relay or Middle-relay? Is it really the job from TOR to provide an exit to the normal internet ressources or should the focus be on hidden services? Thanks in advance for your comments/suggestions, Josef P.S.: I'm posting this to the normal tor-talk Mailinglist because I want to catch the opinion from the community and don't have a probleme with the relay software itself. signature.asc Description: OpenPGP digital signature -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] What relay does really help the TOR project?
With that philosophy of yours maybe you'd be better off running an unlisted bridge (bridge relay) ? Those seem aimed squarely at helping people evade government censorship and national firewalls. May be more close to the type of service you'd like to be providing ? Josef 'veloc1ty' Stautner mailto:he...@veloc1ty.de January 16, 2015 at 3:40 PM Hello List, I first heard from TOR after the leaks of snowden and started to read a lot about TOR but never used it - and I still don't use it (I just don't have the need for it). Before christmas I started a tor relay on my dedicated server. To be clear: Just a normal middle relay with 100 MBit/s advertised and 200 MBit/s burst. While the holidays more and more traffic was going over the network card. After a week I decided to increase the speed to 200 MBit/s advertised bandwidth. A day later I took the reduced exit rules and kicked out some more ports. So now I'm running an exit relay. The past days I made some short tcpdump traces to find out what people use TOR for. Well, it's kind of sad. A short analyse of the hostnames gave me the result: 80% Porn, 10% site crawling, 5% Wordpress comment spam and 5% human traffic. I don't get why people use TOR for watching porn. Now I dived deeper into the TOR architecture. I read that now that I'm running an exit relay I'm not able to be a normal middle relay (please tell me if I'm wrong). Since I'm not willing to help people with my exit relay just to watch anonymous porn on the web, I would rather help the people inside the network stay anonymous and speedup the network itself - thus just running a normal relay. I'm aware that the porn traffic will still be running through the relay but also the better/wanted relay-to-relay traffic. Long story short: What type of relay helps the TOR project more? Exit-Relay or Middle-relay? Is it really the job from TOR to provide an exit to the normal internet ressources or should the focus be on hidden services? Thanks in advance for your comments/suggestions, Josef P.S.: I'm posting this to the normal tor-talk Mailinglist because I want to catch the opinion from the community and don't have a probleme with the relay software itself. -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] What relay does really help the TOR project?
Hello Chris, apart from that I'm also running a bridge on a different IP. The point is really the relay. ~Josef Am 16.01.2015 um 21:54 schrieb Chris Dagdigian: With that philosophy of yours maybe you'd be better off running an unlisted bridge (bridge relay) ? Those seem aimed squarely at helping people evade government censorship and national firewalls. May be more close to the type of service you'd like to be providing ? Josef 'veloc1ty' Stautner mailto:he...@veloc1ty.de January 16, 2015 at 3:40 PM Hello List, I first heard from TOR after the leaks of snowden and started to read a lot about TOR but never used it - and I still don't use it (I just don't have the need for it). Before christmas I started a tor relay on my dedicated server. To be clear: Just a normal middle relay with 100 MBit/s advertised and 200 MBit/s burst. While the holidays more and more traffic was going over the network card. After a week I decided to increase the speed to 200 MBit/s advertised bandwidth. A day later I took the reduced exit rules and kicked out some more ports. So now I'm running an exit relay. The past days I made some short tcpdump traces to find out what people use TOR for. Well, it's kind of sad. A short analyse of the hostnames gave me the result: 80% Porn, 10% site crawling, 5% Wordpress comment spam and 5% human traffic. I don't get why people use TOR for watching porn. Now I dived deeper into the TOR architecture. I read that now that I'm running an exit relay I'm not able to be a normal middle relay (please tell me if I'm wrong). Since I'm not willing to help people with my exit relay just to watch anonymous porn on the web, I would rather help the people inside the network stay anonymous and speedup the network itself - thus just running a normal relay. I'm aware that the porn traffic will still be running through the relay but also the better/wanted relay-to-relay traffic. Long story short: What type of relay helps the TOR project more? Exit-Relay or Middle-relay? Is it really the job from TOR to provide an exit to the normal internet ressources or should the focus be on hidden services? Thanks in advance for your comments/suggestions, Josef P.S.: I'm posting this to the normal tor-talk Mailinglist because I want to catch the opinion from the community and don't have a probleme with the relay software itself. signature.asc Description: OpenPGP digital signature -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] What relay does really help the TOR project?
Hi Josef, Exit nodes provide most value to the network, as they will also be able to handle entry and middle traffic. As for porn: maybe the wiki page on porn legality [1] explains it. Also note that this kind of traffic helps to mask other kinds of Tor traffic, essentially helping the network (not to mention the popularity gain). Oh, and don't forget that the normal internet also has quite a high share of this kind of traffic. Tom [1]: https://en.wikipedia.org/wiki/Pornography_by_region Josef 'veloc1ty' Stautner schreef op 16/01/15 om 21:40: Hello List, I first heard from TOR after the leaks of snowden and started to read a lot about TOR but never used it - and I still don't use it (I just don't have the need for it). Before christmas I started a tor relay on my dedicated server. To be clear: Just a normal middle relay with 100 MBit/s advertised and 200 MBit/s burst. While the holidays more and more traffic was going over the network card. After a week I decided to increase the speed to 200 MBit/s advertised bandwidth. A day later I took the reduced exit rules and kicked out some more ports. So now I'm running an exit relay. The past days I made some short tcpdump traces to find out what people use TOR for. Well, it's kind of sad. A short analyse of the hostnames gave me the result: 80% Porn, 10% site crawling, 5% Wordpress comment spam and 5% human traffic. I don't get why people use TOR for watching porn. Now I dived deeper into the TOR architecture. I read that now that I'm running an exit relay I'm not able to be a normal middle relay (please tell me if I'm wrong). Since I'm not willing to help people with my exit relay just to watch anonymous porn on the web, I would rather help the people inside the network stay anonymous and speedup the network itself - thus just running a normal relay. I'm aware that the porn traffic will still be running through the relay but also the better/wanted relay-to-relay traffic. Long story short: What type of relay helps the TOR project more? Exit-Relay or Middle-relay? Is it really the job from TOR to provide an exit to the normal internet ressources or should the focus be on hidden services? Thanks in advance for your comments/suggestions, Josef P.S.: I'm posting this to the normal tor-talk Mailinglist because I want to catch the opinion from the community and don't have a probleme with the relay software itself. -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] What relay does really help the TOR project?
On 2015-01-16 12:40, Josef 'veloc1ty' Stautner wrote: The past days I made some short tcpdump traces to find out what people use TOR for. Well, it's kind of sad. A short analyse of the hostnames gave me the result: 80% Porn, 10% site crawling, 5% Wordpress comment spam and 5% human traffic. I don't get why people use TOR for watching porn. For all the same reason as any other type of traffic? Porn is illegal (or quite restrictive) in many parts of the world, and if you know your ISP is observing traffic, why give them information that could be potentially used against you, even if only to embarrass you? I have trouble seeing why it matters what type of traffic people are generating, unless it's abusive toward any of the networks involved (including the internet at large). -- Dave Warren http://www.hireahit.com/ http://ca.linkedin.com/in/davejwarren -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] Where's longclaw
lu...@riseup.net wrote (16 Jan 2015 19:18:06 GMT) : Riseup Networks has been getting DDoS'd sporadically these couple of days, this probably explains the outage of their dir auth. s/days/weeks/ Actually, that DDoS has started at the beginning of 31C3 :/ Cheers, -- intrigeri -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] What relay does really help the TOR project?
Josef 'veloc1ty' Stautner wrote:Long story short: What type of relay helps the TOR project more? Exit-Relay or Middle-relay? Is it really the job from TOR to provide an exit to the normal internet resources or should the focus be on hidden services? First, thank you for operating a Tor node. Second, I would like to suggest a simple solution to your question. Tor is already designed to make the best use out of any node. The most important thing is to make your node the most useful you can manage. Try to keep it stable and running. If your service provider allows you to operate an exit make your exit policy reflects this. I'm not trying to question your stance on allowing porn. What I think is important is that some random user of Tor may have stumbled onto your exit and, noticing it's usefulness, may have targeted your node using dotexit notation. I'm sure lots of users single out good exits in this opportunistic manner and for many reasons. That aside, if you make your node as stable and useful as you can then the algorithms take over. Your node will be used in the best way possible by default. See the dir-spec and path-spec [1] for more details. The benefit of this approach is that if network conditions change your node may change it's primary role on an hourly basis. -- leeroy [1] https://gitweb.torproject.org/torspec.git/tree -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] Fox News bans my Tor Browser
Joe Btfsplk wrote: I don't know that Vidalia is still considered anonymity safe, in later TBB versions - like 4.02, 4.03. COMMENTS on that? Can someone explain about using the following methods - mentioned earlier? You might try adding TrackHostExits .. You might also try AllowDotExit. TBB's new identity feature is considered more anonymity safe [1]. Vidalia's new identity doesn't consider how inter-tab traffic can identify you. It also doesn't consider how changes to the browser window make you unique (and trackable) across changed identities. TBB will close open tabs and shutdown any traffic that may cross identities. It also resets the browser window to some common size within Tor's user-base. TrackHostExits host -- try to reuse exits for the host [2] AllowDotExit -- specify an exit to use with an address using dot notation [2] -- leeroy [1] https://www.torproject.org/projects/torbrowser/design/#new-identity [2] https://www.torproject.org/docs/tor-manual.html -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] What relay does really help the TOR project?
On 01/16/2015 02:00 PM, Tom van der Woerdt wrote: Hi Josef, Exit nodes provide most value to the network, as they will also be able to handle entry and middle traffic. As for porn: maybe the wiki page on porn legality [1] explains it. Also note that this kind of traffic helps to mask other kinds of Tor traffic, essentially helping the network (not to mention the popularity gain). Oh, and don't forget that the normal internet also has quite a high share of this kind of traffic. The Internet Is For Porn https://www.youtube.com/watch?v=LTJvdGcb7Fs Tom [1]: https://en.wikipedia.org/wiki/Pornography_by_region Josef 'veloc1ty' Stautner schreef op 16/01/15 om 21:40: Hello List, I first heard from TOR after the leaks of snowden and started to read a lot about TOR but never used it - and I still don't use it (I just don't have the need for it). Before christmas I started a tor relay on my dedicated server. To be clear: Just a normal middle relay with 100 MBit/s advertised and 200 MBit/s burst. While the holidays more and more traffic was going over the network card. After a week I decided to increase the speed to 200 MBit/s advertised bandwidth. A day later I took the reduced exit rules and kicked out some more ports. So now I'm running an exit relay. The past days I made some short tcpdump traces to find out what people use TOR for. Well, it's kind of sad. A short analyse of the hostnames gave me the result: 80% Porn, 10% site crawling, 5% Wordpress comment spam and 5% human traffic. I don't get why people use TOR for watching porn. Now I dived deeper into the TOR architecture. I read that now that I'm running an exit relay I'm not able to be a normal middle relay (please tell me if I'm wrong). Since I'm not willing to help people with my exit relay just to watch anonymous porn on the web, I would rather help the people inside the network stay anonymous and speedup the network itself - thus just running a normal relay. I'm aware that the porn traffic will still be running through the relay but also the better/wanted relay-to-relay traffic. Long story short: What type of relay helps the TOR project more? Exit-Relay or Middle-relay? Is it really the job from TOR to provide an exit to the normal internet ressources or should the focus be on hidden services? Thanks in advance for your comments/suggestions, Josef P.S.: I'm posting this to the normal tor-talk Mailinglist because I want to catch the opinion from the community and don't have a probleme with the relay software itself. -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk