[tor-talk] Use Tor in a right track.

[Jason Long]

Hello,
I want to secure the internet connection of an application like Telegram. If I 
set the Telegram proxy to use Socks5(127.0.0.1:9150) then is it enough?

Thank you.
-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

[tor-talk] Tor vs Tor Browser

[Jason Long]

Hello,In the Tor Browser, we have some options like "Security Level". How about 
Tor in CLI? How can I define it?
Thank you.
-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

[tor-talk] A security concern about Tor.

[Jason Long]

Hello Tor Team,
I read some articles about Tor security and some of them said that if the 
governments see your real IP address then they can't see
the Tor traffic or websites that visited by Tor and if they can sniff Tor 
traffic then they can't see your real IP.
Is it true?
How Tor team members are sure about it? If the governments use any special 
devices for sniffing Tor traffics then why
they should reveal it?
If a user use the Telegram messenger with Sock5(Tor) proxy, then is it secure?

Thank you.
-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

Re: [tor-talk] How to configure Tor for use a built-in bridg

[Jason Long]

Thank you, but the Tor is censored and with Tor-Browser and built-in 
bridge(obfs4) I can open Tor, but with Tor CLI I can't. It just has %45 
progress.I copied the torrc from Tor-Browser into "/etc/tor" but not worked :(

Sent from Yahoo Mail on Android 
 
  On Wed, Nov 6, 2019 at 12:35 PM, Jonathan Marquardt wrote: 
  On Sun, Nov 03, 2019 at 01:10:39PM +0000, Jason Long wrote:
> Hello,I installed Tor on Debian 10.1 x86_64 and I want to configure 
> "/etc/tor/torrc" for use built-in bridge obfs4.An idea?

Run (as root):

# apt install obfs4proxy

Add the following lines to torrc:

UseBridges 1
ClientTransportPlugin obfs4 exec /usr/bin/obfs4proxy

Then, you need to add some further bridge lines. I recommend that you don't 
use the "built-in bridges" (they're only built into Tor Browser, not into Tor 
itself), as you need to add the bridges manually anyways. I recommend that you 
go to https://bridges.torproject.org/ and get yourself some bridge 
configuration lines.

Then, add your bridge lines to torrc, but add the string "Bridge " to the 
beginning to each of your lines.

So it looks like this:

Bridge obfs4 154.35.22.10:15937 8FB9F4319E89E5C6223052AA525A192AFBC85D55 
cert=GGGS1TX4R81m3r0HBl79wKy1OtPPNR2CZUIrHjkRg65Vc2VR8fOyo64f9kmT1UAFG7j0HQ 
iat-mode=0
Bridge obfs4 192.99.11.54:443 7B126FAB960E5AC6A629C729434FF84FB5074EC2 
cert=VW5f8+IBUWpPFxF+rsiVy2wXkyTQG7vEd+rHeN2jV5LIDNu8wMNEOqZXPwHdwMVEBdqXEw 
iat-mode=0
Bridge obfs4 109.105.109.165:10527 8DFCD8FB3285E855F5A55EDDA35696C743ABFC4E 
cert=Bvg/itxeL4TWKLP6N1MaQzSOC6tcRIBv6q57DYAZc3b2AzuM+/TfB7mqTFEfXILCjEwzVA 
iat-mode=1

If you really want to use the "built-in bridges", those lines can be found 
here: 
https://gitweb.torproject.org/builders/tor-browser-bundle.git/tree/Bundle-Data/PTConfigs/bridge_prefs.js

But again, I don't think you should.
-- 
OpenPGP Key: 47BC7DE83D462E8BED18AA861224DBD299A4F5F3
            https://www.parckwart.de/pgp_key  
-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
On Sun, Nov 03, 2019 at 01:10:39PM +, Jason Long wrote:
> Hello,I installed Tor on Debian 10.1 x86_64 and I want to configure 
> "/etc/tor/torrc" for use built-in bridge obfs4.An idea?

Run (as root):

# apt install obfs4proxy

Add the following lines to torrc:

UseBridges 1
ClientTransportPlugin obfs4 exec /usr/bin/obfs4proxy

Then, you need to add some further bridge lines. I recommend that you don't 
use the "built-in bridges" (they're only built into Tor Browser, not into Tor 
itself), as you need to add the bridges manually anyways. I recommend that you 
go to https://bridges.torproject.org/ and get yourself some bridge 
configuration lines.

Then, add your bridge lines to torrc, but add the string "Bridge " to the 
beginning to each of your lines.

So it looks like this:

Bridge obfs4 154.35.22.10:15937 8FB9F4319E89E5C6223052AA525A192AFBC85D55 
cert=GGGS1TX4R81m3r0HBl79wKy1OtPPNR2CZUIrHjkRg65Vc2VR8fOyo64f9kmT1UAFG7j0HQ 
iat-mode=0
Bridge obfs4 192.99.11.54:443 7B126FAB960E5AC6A629C729434FF84FB5074EC2 
cert=VW5f8+IBUWpPFxF+rsiVy2wXkyTQG7vEd+rHeN2jV5LIDNu8wMNEOqZXPwHdwMVEBdqXEw 
iat-mode=0
Bridge obfs4 109.105.109.165:10527 8DFCD8FB3285E855F5A55EDDA35696C743ABFC4E 
cert=Bvg/itxeL4TWKLP6N1MaQzSOC6tcRIBv6q57DYAZc3b2AzuM+/TfB7mqTFEfXILCjEwzVA 
iat-mode=1

If you really want to use the "built-in bridges", those lines can be found 
here: 
https://gitweb.torproject.org/builders/tor-browser-bundle.git/tree/Bundle-Data/PTConfigs/bridge_prefs.js

But again, I don't think you should.
-- 
OpenPGP Key: 47BC7DE83D462E8BED18AA861224DBD299A4F5F3
 https://www.parckwart.de/pgp_key-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

[tor-talk] How to configure Tor for use a built-in bridge?

[Jason Long]

Hello,I installed Tor on Debian 10.1 x86_64 and I want to configure 
"/etc/tor/torrc" for use built-in bridge obfs4.An idea?
Thanks.
-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

[tor-talk] A question about the Tor Bulk Exit List exporting tool.

[Jason Long]

Hello.Can I use the IP addresses that 
"https://check.torproject.org/cgi-bin/TorBulkExitList.py; show me as a proxy?

Thanks.
-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

Re: [tor-talk] How to hide using Tor browser?

[Jason Long]

Thanks for your reply.
Some websites blocked Tor and...






On Monday, July 1, 2019, 1:49:42 AM GMT+4:30, Roger Dingledine 
 wrote: 





On Sat, Jun 29, 2019 at 09:21:32AM +, Jason Long wrote:

> HelloSome website blocked Tor browser and you can't open them by Tor browser. 
> Any method to hide using Tor browser?


Alas, there are no great answers here.

Here's a related FAQ answer:
https://2019.www.torproject.org/docs/faq#HideExits

You could conceivably find an open proxy or a vpn and chain that at
the end of your circuit, but (a) it is messy (hard) to do that from a
practical perspective, and (b) it probably harms your anonymity.

The better answer is to find the people who run those websites, and
help teach them about the value of users who care about privacy:
https://2019.www.torproject.org/docs/faq-abuse#Bans
But that suggestion will work better on some sites than others.

For even more to read, check out
https://blog.torproject.org/call-arms-helping-internet-services-accept-anonymous-users

--Roger

-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

[tor-talk] How to hide using Tor browser?

[Jason Long]

HelloSome website blocked Tor browser and you can't open them by Tor browser. 
Any method to hide using Tor browser?
Thanks.

Sent from Yahoo Mail on Android
-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

Re: [tor-talk] Tor-Browser and CLI.

[Jason Long]

Redesign?

Sent from Yahoo Mail on Android 
 
  On Thu, Jun 13, 2019 at 9:02 PM, Damon H. (TheDcoder) 
wrote:   Ah! Thanks for pointing it out, I vaguely recall finding it initially
after the redesign of Tor browser, but I had forgotten about it.

On 12/06/19 3:47 PM, Nicolas Vigier wrote:
> On Tue, 11 Jun 2019, Damon H. (TheDcoder) wrote:
>
>> Tor browser used to have this option to refresh the circuits but it
>> seems to be removed in the current version as I cannot find it now
>> (correct me if I am wrong).
> You can still ask Tor Browser to use a new circuit for a site, if you
> click on the left of the URL bar.
>
-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
  
-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

Re: [tor-talk] Tor-Browser and CLI.

[Jason Long]

 No, I want to do it via CLI because I need it in a bash script.
On Wednesday, June 12, 2019, 3:04:10 PM GMT+4:30, Nicolas Vigier 
 wrote:  
 
 On Tue, 11 Jun 2019, Damon H. (TheDcoder) wrote:

> Tor browser used to have this option to refresh the circuits but it
> seems to be removed in the current version as I cannot find it now
> (correct me if I am wrong).

You can still ask Tor Browser to use a new circuit for a site, if you
click on the left of the URL bar.

-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
  
-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

Re: [tor-talk] Tor-Browser and CLI.

[Jason Long]

 Thanks, but I'm using Tor-Browser.
On Tuesday, June 11, 2019, 3:06:52 PM GMT+4:30, Damon H. (TheDcoder) 
 wrote:  
 
  
Tor browser used to have this option to refresh the circuits but it seems to be 
removed in the current version as I cannot find it now (correct me if I am 
wrong).
 
If you are using Tor directly, you will need to use a controller to instruct 
Tor to form new circuits. Nyx seems to be the most popular option :)
 
 On 11/06/19 11:37 AM, Jason Long wrote:
  
 Hello.When Tor-Browser launched then how can I work with Tor deamon via CLI? 
Something like, renew IP address via CLI.
Thanks.
 
   
-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

[tor-talk] Tor-Browser and CLI.

[Jason Long]

Hello.When Tor-Browser launched then how can I work with Tor deamon via CLI? 
Something like, renew IP address via CLI.
Thanks.
-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

[tor-talk] Tor and iptables

[Jason Long]

Hello.My iptables rules are as below:
-P INPUT DROP-P FORWARD DROP-P OUTPUT DROP-A INPUT -s 127.0.0.0/8 -d 
127.0.0.0/8 -i lo -j ACCEPT-A INPUT -m state --state RELATED,ESTABLISHED -j 
ACCEPT-A INPUT -j REJECT --reject-with icmp-port-unreachable-A FORWARD -j 
REJECT --reject-with icmp-port-unreachable-A OUTPUT -p tcp -j ACCEPT-A OUTPUT 
-p udp -j ACCEPT-A OUTPUT -p icmp -j ACCEPT-A OUTPUT -j REJECT --reject-with 
icmp-port-unreachable
When I open Tor then I got below Log:
03/01/2018 14:12:29.400 [NOTICE] DisableNetwork is set. Tor will not make or 
accept non-control network connections. Shutting down all existing connections. 
03/01/2018 14:12:37.800 [NOTICE] DisableNetwork is set. Tor will not make or 
accept non-control network connections. Shutting down all existing connections. 
03/01/2018 14:12:37.800 [NOTICE] DisableNetwork is set. Tor will not make or 
accept non-control network connections. Shutting down all existing connections. 
03/01/2018 14:12:37.800 [NOTICE] DisableNetwork is set. Tor will not make or 
accept non-control network connections. Shutting down all existing connections. 
03/01/2018 14:12:37.800 [NOTICE] Opening Socks listener on 127.0.0.1:9150 
03/01/2018 14:12:39.000 [NOTICE] Bootstrapped 5%: Connecting to directory 
server 03/01/2018 14:12:39.000 [NOTICE] Bootstrapped 10%: Finishing handshake 
with directory server 03/01/2018 14:13:09.200 [WARN] Proxy Client: unable to 
connect to 38.229.1.78:80 ("general SOCKS server failure") 03/01/2018 
14:13:09.200 [WARN] Proxy Client: unable to connect to 38.229.33.83:80 
("general SOCKS server failure") 03/01/2018 14:13:13.500 [WARN] Proxy Client: 
unable to connect to 192.95.36.142:443 ("general SOCKS server failure") 
03/01/2018 14:13:16.400 [WARN] Proxy Client: unable to connect to 
85.17.30.79:443 ("general SOCKS server failure") 03/01/2018 14:13:20.500 [WARN] 
Proxy Client: unable to connect to 154.35.22.11:80 ("general SOCKS server 
failure") 03/01/2018 14:13:21.200 [WARN] Proxy Client: unable to connect to 
83.212.101.3:50002 ("general SOCKS server failure") 03/01/2018 14:13:24.100 
[WARN] Proxy Client: unable to connect to 154.35.22.10:80 ("general SOCKS 
server failure") 03/01/2018 14:13:24.100 [WARN] Proxy Client: unable to connect 
to 192.99.11.54:443 ("general SOCKS server failure") 03/01/2018 14:13:24.100 
[WARN] Proxy Client: unable to connect to 154.35.22.9:443 ("general SOCKS 
server failure") 03/01/2018 14:13:33.200 [WARN] Proxy Client: unable to connect 
to 109.105.109.147:13764 ("general SOCKS server failure") 03/01/2018 
14:13:37.500 [WARN] Proxy Client: unable to connect to 154.35.22.13:16815 
("general SOCKS server failure") 03/01/2018 14:13:39.000 [WARN] Proxy Client: 
unable to connect to 85.31.186.98:443 ("general SOCKS server failure") 
03/01/2018 14:13:39.000 [WARN] Proxy Client: unable to connect to 
85.31.186.26:443 ("general SOCKS server failure") 03/01/2018 14:13:39.100 
[WARN] Proxy Client: unable to connect to 37.218.245.14:38224 ("general SOCKS 
server failure") 03/01/2018 14:13:39.100 [WARN] Proxy Client: unable to connect 
to 109.105.109.165:10527 ("general SOCKS server failure") 03/01/2018 
14:13:39.300 [WARN] Proxy Client: unable to connect to 37.218.240.34:40035 
("general SOCKS server failure") 03/01/2018 14:14:46.300 [WARN] Proxy Client: 
unable to connect to 154.35.22.12:4304 ("general SOCKS server failure") 
03/01/2018 14:33:09.200 [WARN] Proxy Client: unable to connect to 
38.229.1.78:80 ("general SOCKS server failure") 03/01/2018 14:33:09.200 [WARN] 
Proxy Client: unable to connect to 38.229.33.83:80 ("general SOCKS server 
failure") 03/01/2018 14:33:13.500 [WARN] Proxy Client: unable to connect to 
192.95.36.142:443 ("general SOCKS server failure") 03/01/2018 14:33:16.400 
[WARN] Proxy Client: unable to connect to 85.17.30.79:443 ("general SOCKS 
server failure") 03/01/2018 14:33:20.500 [WARN] Proxy Client: unable to connect 
to 154.35.22.11:80 ("general SOCKS server failure") 03/01/2018 14:33:21.200 
[WARN] Proxy Client: unable to connect to 83.212.101.3:50002 ("general SOCKS 
server failure") 03/01/2018 14:33:24.100 [WARN] Proxy Client: unable to connect 
to 192.99.11.54:443 ("general SOCKS server failure") 03/01/2018 14:33:24.100 
[WARN] Proxy Client: unable to connect to 154.35.22.10:80 ("general SOCKS 
server failure") 03/01/2018 14:33:24.100 [WARN] Proxy Client: unable to connect 
to 154.35.22.9:443 ("general SOCKS server failure") 03/01/2018 14:33:33.200 
[WARN] Proxy Client: unable to connect to 109.105.109.147:13764 ("general SOCKS 
server failure") 03/01/2018 14:33:37.500 [WARN] Proxy Client: unable to connect 
to 154.35.22.13:16815 ("general SOCKS server failure") 03/01/2018 14:33:39.000 
[WARN] Proxy Client: unable to connect to 85.31.186.98:443 ("general SOCKS 
server failure") 03/01/2018 14:33:39.000 [WARN] Proxy Client: unable to connect 
to 85.31.186.26:443 ("general SOCKS server failure") 03/01/2018 14:33:39.100 
[WARN] Proxy Client: unable to connect to 37.218.245.14:38224 

Re: [tor-talk] What does this log mean?

[Jason Long]

 Yes but It is a little slow :(
On Saturday, January 6, 2018, 1:39:36 AM PST, Nathan Freitas 
<nat...@freitas.net> wrote:  
 
 On Sat, Jan 6, 2018, at 3:24 AM, Jason Long wrote:
> Hello.What does this log mean?

It means you successfully connected to Tor, using Orbot. Congratulations!

You are using one of the Meek Bridge servers, which has a lot of users, which 
is likely why you received the message about the overloaded node.

Is everything else working for you?



> Set background service to FOREGROUNDOrbot is starting…Orbot is starting…
> updating settings in Tor serviceupdating torrc custom 
> configuration...success.Orbot is starting…Waiting for control 
> port...Connecting to control port: 5SUCCESS connected to Tor control 
> port.SUCCESS - authenticated to control port.Starting Tor client… 
> complete.adding control port event handlerSUCCESS added control port 
> event handlerTor started; process id=2192Starting polipo processPolipo 
> is running on port:8118Polipo is runningNOTICE: Bootstrapped 80%: 
> Connecting to the Tor network NOTICE: Bootstrapped 85%: Finishing 
> handshake with first hop NOTICE: Bootstrapped 90%: Establishing a Tor 
> circuit Circuit (1) BUILT: TorLandMeekCircuit (2) BUILT: 
> cymrubridge02NOTICE: Your Guard 
> $B9E7141C594AF25699E0079C1F0146F409495296 
> ($B9E7141C594AF25699E0079C1F0146F409495296) is failing more circuits 
> than usual. Most likely this means the Tor network is overloaded. 
> Success counts are 141/213. Use counts are 59/72. 195 circuits 
> completed, 16 were unusable, 37 collapsed, and 19 timed out. For 
> reference, your timeout cutoff is 163 seconds. Circuit (4) BUILT: 
> TorLandMeek > Hindenburg > AccessNow001NOTICE: Tor has successfully 
> opened a circuit. Looks like client functionality is working. NOTICE: 
> Bootstrapped 100%: Done Circuit (3) BUILT: TorLandMeek > bonjour2 > 
> tollanaCircuit (6) BUILT: TorLandMeek > ieditedtheconfig > 
> morecowbellCircuit (7) BUILT: TorLandMeek > ymkeo > norco176.10.99.201 
> Switzerland (SOFTplus Entwicklungen GmbH)Circuit (5) BUILT: TorLandMeek 
> > PartitoPirata > Multivac85.248.227.164 Slovakia (BENESTRA, 
> s.r.o.)176.121.10.45 Ukraine (Global Data Networks LLC)176.107.185.22 
> Ukraine (PE Freehost)163.172.53.84 France (Online S.a.s.)
> 
> Thank you.
> -- 
> tor-talk mailing list - tor-talk@lists.torproject.org
> To unsubscribe or change other settings go to
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk  
-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

[tor-talk] What does this log mean?

[Jason Long]

Hello.What does this log mean?
Set background service to FOREGROUNDOrbot is starting…Orbot is 
starting…updating settings in Tor serviceupdating torrc custom 
configuration...success.Orbot is starting…Waiting for control port...Connecting 
to control port: 5SUCCESS connected to Tor control port.SUCCESS - 
authenticated to control port.Starting Tor client… complete.adding control port 
event handlerSUCCESS added control port event handlerTor started; process 
id=2192Starting polipo processPolipo is running on port:8118Polipo is 
runningNOTICE: Bootstrapped 80%: Connecting to the Tor network NOTICE: 
Bootstrapped 85%: Finishing handshake with first hop NOTICE: Bootstrapped 90%: 
Establishing a Tor circuit Circuit (1) BUILT: TorLandMeekCircuit (2) BUILT: 
cymrubridge02NOTICE: Your Guard $B9E7141C594AF25699E0079C1F0146F409495296 
($B9E7141C594AF25699E0079C1F0146F409495296) is failing more circuits than 
usual. Most likely this means the Tor network is overloaded. Success counts are 
141/213. Use counts are 59/72. 195 circuits completed, 16 were unusable, 37 
collapsed, and 19 timed out. For reference, your timeout cutoff is 163 seconds. 
Circuit (4) BUILT: TorLandMeek > Hindenburg > AccessNow001NOTICE: Tor has 
successfully opened a circuit. Looks like client functionality is working. 
NOTICE: Bootstrapped 100%: Done Circuit (3) BUILT: TorLandMeek > bonjour2 > 
tollanaCircuit (6) BUILT: TorLandMeek > ieditedtheconfig > morecowbellCircuit 
(7) BUILT: TorLandMeek > ymkeo > norco176.10.99.201 Switzerland (SOFTplus 
Entwicklungen GmbH)Circuit (5) BUILT: TorLandMeek > PartitoPirata > 
Multivac85.248.227.164 Slovakia (BENESTRA, s.r.o.)176.121.10.45 Ukraine (Global 
Data Networks LLC)176.107.185.22 Ukraine (PE Freehost)163.172.53.84 France 
(Online S.a.s.)

Thank you.
-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

Re: [tor-talk] Why Tor can't load on my Linux?

[Jason Long]

 
Hello.I'm using Debian 8.9 x64 and when I open Tor browser then it can't work. 
Tor Logs are:
10/08/2017 18:49:03.900 [NOTICE] DisableNetwork is set. Tor will not make or 
accept non-control network connections. Shutting down all existing connections. 
10/08/2017 18:49:09.300 [NOTICE] DisableNetwork is set. Tor will not make or 
accept non-control network connections. Shutting down all existing connections. 
10/08/2017 18:49:09.300 [NOTICE] DisableNetwork is set. Tor will not make or 
accept non-control network connections. Shutting down all existing connections. 
10/08/2017 18:49:09.300 [NOTICE] DisableNetwork is set. Tor will not make or 
accept non-control network connections. Shutting down all existing connections. 
10/08/2017 18:49:09.300 [NOTICE] Opening Socks listener on 127.0.0.1:9150 
10/08/2017 18:49:10.700 [NOTICE] Bootstrapped 5%: Connecting to directory 
server 10/08/2017 18:49:10.700 [NOTICE] Bootstrapped 10%: Finishing handshake 
with directory server 10/08/2017 18:49:10.700 [WARN] Proxy Client: unable to 
connect to 2001:470:b381:bfff:216:3eff:fe23:d6c3:443 ("general SOCKS server 
failure") 10/08/2017 18:49:10.900 [WARN] Proxy Client: unable to connect to 
192.99.11.54:443 ("general SOCKS server failure") 10/08/2017 18:49:48.300 
[WARN] Proxy Client: unable to connect to 85.17.30.79:443 ("general SOCKS 
server failure") 10/08/2017 18:49:52.900 [WARN] Proxy Client: unable to connect 
to 83.212.101.3:50002 ("general SOCKS server failure") 10/08/2017 18:50:04.900 
[WARN] Proxy Client: unable to connect to 109.105.109.147:13764 ("general SOCKS 
server failure") 10/08/2017 18:50:09.200 [WARN] Proxy Client: unable to connect 
to 154.35.22.13:16815 ("general SOCKS server failure") 10/08/2017 18:50:10.700 
[WARN] Proxy Client: unable to connect to 154.35.22.12:80 ("general SOCKS 
server failure") 10/08/2017 18:50:10.700 [WARN] Proxy Client: unable to connect 
to 38.229.1.78:80 ("general SOCKS server failure") 10/08/2017 18:50:10.700 
[WARN] Proxy Client: unable to connect to 85.31.186.98:443 ("general SOCKS 
server failure") 10/08/2017 18:50:10.700 [WARN] Proxy Client: unable to connect 
to 154.35.22.9:443 ("general SOCKS server failure") 10/08/2017 18:50:10.700 
[WARN] Proxy Client: unable to connect to 38.229.33.83:80 ("general SOCKS 
server failure") 10/08/2017 18:50:10.700 [WARN] Proxy Client: unable to connect 
to 85.31.186.26:443 ("general SOCKS server failure") 10/08/2017 18:50:10.800 
[WARN] Proxy Client: unable to connect to 37.218.245.14:38224 ("general SOCKS 
server failure") 10/08/2017 18:50:10.800 [WARN] Proxy Client: unable to connect 
to 109.105.109.165:10527 ("general SOCKS server failure") 10/08/2017 
18:50:10.900 [WARN] Proxy Client: unable to connect to 37.218.240.34:40035 
("general SOCKS server failure") 10/08/2017 18:51:17.900 [WARN] Proxy Client: 
unable to connect to 154.35.22.11:16488 ("general SOCKS server failure") 
10/08/2017 18:51:17.900 [WARN] Proxy Client: unable to connect to 
154.35.22.10:15937 ("general SOCKS server failure") 10/08/2017 19:02:00.700 
[NOTICE] Closing no-longer-configured Socks listener on 127.0.0.1:9150 
10/08/2017 19:02:00.700 [NOTICE] DisableNetwork is set. Tor will not make or 
accept non-control network connections. Shutting down all existing connections. 
10/08/2017 19:02:00.700 [NOTICE] Closing old Socks listener on 127.0.0.1:9150 
I'm using "obfs4".
Any idea?
Thank you.
On Monday, October 9, 2017, 8:38:57 AM PDT, Jason Long 
<hack3r...@yahoo.com> wrote:  
 
 Hello.I'm using Debian 8.9 x64 and when I open Tor browser then it can't work. 
Tor Logs are:
10/08/2017 18:49:03.900 [NOTICE] DisableNetwork is set. Tor will not make or 
accept non-control network connections. Shutting down all existing connections. 
10/08/2017 18:49:09.300 [NOTICE] DisableNetwork is set. Tor will not make or 
accept non-control network connections. Shutting down all existing connections. 
10/08/2017 18:49:09.300 [NOTICE] DisableNetwork is set. Tor will not make or 
accept non-control network connections. Shutting down all existing connections. 
10/08/2017 18:49:09.300 [NOTICE] DisableNetwork is set. Tor will not make or 
accept non-control network connections. Shutting down all existing connections. 
10/08/2017 18:49:09.300 [NOTICE] Opening Socks listener on 127.0.0.1:9150 
10/08/2017 18:49:10.700 [NOTICE] Bootstrapped 5%: Connecting to directory 
server 10/08/2017 18:49:10.700 [NOTICE] Bootstrapped 10%: Finishing handshake 
with directory server 10/08/2017 18:49:10.700 [WARN] Proxy Client: unable to 
connect to 2001:470:b381:bfff:216:3eff:fe23:d6c3:443 ("general SOCKS server 
failure") 10/08/2017 18:49:10.900 [WARN] Proxy Client: unable to connect to 
192.99.11.54:443 ("general SOCKS server failure") 10/08/2017 18:49:48.300 
[WARN] Proxy Client: unable 

[tor-talk] Why Tor can't load on my Linux?

[Jason Long]

Hello.I'm using Debian 8.9 x64 and when I open Tor browser then it can't work. 
Tor Logs are:
10/08/2017 18:49:03.900 [NOTICE] DisableNetwork is set. Tor will not make or 
accept non-control network connections. Shutting down all existing connections. 
10/08/2017 18:49:09.300 [NOTICE] DisableNetwork is set. Tor will not make or 
accept non-control network connections. Shutting down all existing connections. 
10/08/2017 18:49:09.300 [NOTICE] DisableNetwork is set. Tor will not make or 
accept non-control network connections. Shutting down all existing connections. 
10/08/2017 18:49:09.300 [NOTICE] DisableNetwork is set. Tor will not make or 
accept non-control network connections. Shutting down all existing connections. 
10/08/2017 18:49:09.300 [NOTICE] Opening Socks listener on 127.0.0.1:9150 
10/08/2017 18:49:10.700 [NOTICE] Bootstrapped 5%: Connecting to directory 
server 10/08/2017 18:49:10.700 [NOTICE] Bootstrapped 10%: Finishing handshake 
with directory server 10/08/2017 18:49:10.700 [WARN] Proxy Client: unable to 
connect to 2001:470:b381:bfff:216:3eff:fe23:d6c3:443 ("general SOCKS server 
failure") 10/08/2017 18:49:10.900 [WARN] Proxy Client: unable to connect to 
192.99.11.54:443 ("general SOCKS server failure") 10/08/2017 18:49:48.300 
[WARN] Proxy Client: unable to connect to 85.17.30.79:443 ("general SOCKS 
server failure") 10/08/2017 18:49:52.900 [WARN] Proxy Client: unable to connect 
to 83.212.101.3:50002 ("general SOCKS server failure") 10/08/2017 18:50:04.900 
[WARN] Proxy Client: unable to connect to 109.105.109.147:13764 ("general SOCKS 
server failure") 10/08/2017 18:50:09.200 [WARN] Proxy Client: unable to connect 
to 154.35.22.13:16815 ("general SOCKS server failure") 10/08/2017 18:50:10.700 
[WARN] Proxy Client: unable to connect to 154.35.22.12:80 ("general SOCKS 
server failure") 10/08/2017 18:50:10.700 [WARN] Proxy Client: unable to connect 
to 38.229.1.78:80 ("general SOCKS server failure") 10/08/2017 18:50:10.700 
[WARN] Proxy Client: unable to connect to 85.31.186.98:443 ("general SOCKS 
server failure") 10/08/2017 18:50:10.700 [WARN] Proxy Client: unable to connect 
to 154.35.22.9:443 ("general SOCKS server failure") 10/08/2017 18:50:10.700 
[WARN] Proxy Client: unable to connect to 38.229.33.83:80 ("general SOCKS 
server failure") 10/08/2017 18:50:10.700 [WARN] Proxy Client: unable to connect 
to 85.31.186.26:443 ("general SOCKS server failure") 10/08/2017 18:50:10.800 
[WARN] Proxy Client: unable to connect to 37.218.245.14:38224 ("general SOCKS 
server failure") 10/08/2017 18:50:10.800 [WARN] Proxy Client: unable to connect 
to 109.105.109.165:10527 ("general SOCKS server failure") 10/08/2017 
18:50:10.900 [WARN] Proxy Client: unable to connect to 37.218.240.34:40035 
("general SOCKS server failure") 10/08/2017 18:51:17.900 [WARN] Proxy Client: 
unable to connect to 154.35.22.11:16488 ("general SOCKS server failure") 
10/08/2017 18:51:17.900 [WARN] Proxy Client: unable to connect to 
154.35.22.10:15937 ("general SOCKS server failure") 10/08/2017 19:02:00.700 
[NOTICE] Closing no-longer-configured Socks listener on 127.0.0.1:9150 
10/08/2017 19:02:00.700 [NOTICE] DisableNetwork is set. Tor will not make or 
accept non-control network connections. Shutting down all existing connections. 
10/08/2017 19:02:00.700 [NOTICE] Closing old Socks listener on 127.0.0.1:9150 
I'm using "obfs4".
Any idea?
Thank you.
-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

Re: [tor-talk] How to find trust nodes?

[Jason Long]

Excuse me if I say it, but your answers make me confuse more!!! I guess there 
is no guarantee about Tor nodes. Governments and bad people can launch a Tor 
node and sniff Tor users traffic and... 

On Thu, 9/28/17, Seth David Schoen  wrote:

 Subject: Re: [tor-talk] How to find trust nodes?
 To: tor-talk@lists.torproject.org
 Date: Thursday, September 28, 2017, 1:41 AM
 
 George writes:
 
 > But ultimately, Tor's topography
 mitigates against one of the three
 >
 nodes in your circuit being compromised. If the first hop
 is
 > compromised, then they only know who
 you are, but not where your
 > destination
 is. If the last hop is compromised, they only know where
 > you're going, but not who you are
 (unless your providing clear text of
 >
 personally identifying information).
 
 A challenge is that there are threat models in
 which a considerable number
 of Tor users may
 be exposed, at least for some of their circuits.
 
 * If a single adversary runs
 several fast nodes that are popular and whose
   relationship to each other is undisclosed, a
 pretty high amount of traffic
   may select
 that adversary's nodes as entry and exit nodes for the
 same
   circuit.  The guard node design
 gives a relatively low probability of this
   happening to any individual user with
 respect to any individual
   adversary in
 any specific time period, but doesn't guarantee that
 it
   would be a particularly rare event for
 Tor users as a whole.
 
 * If
 adversaries cooperate, they can get benefits equivalent to
 running many
   nodes even though each one
 only runs a few.
 
 * If an
 adversary can monitor network activity and see both entry
 and exit
   points, for a given circuit, it
 can perform correlations even though
   it
 doesn't operate any nodes.  Or, an adversary that can
 monitor some
   networks can increase its
 chance of getting visibility of both ends of
   a connection by also operating some nodes,
 since some users whose entry
   or exit
 activity the adversary otherwise wouldn't have been able
 to
   monitor from network surveillance
 alone may sometimes randomly choose to
  
 use that adversary's nodes in one of these positions.
 
 * An adversary that can
 monitor some kind of public or private online
   activity can perform coarse-grained timing
 correlation attacks between
   its own entry
 nodes (or parts of the Internet where it can see Tor
   node entry) and the online activity that it
 can see.  For example, if a
   user
 regularly uses Tor to participate in some kind of public
 forum,
   public chat, etc., the adversary
 could gather data about how entry
   traffic
 that it can see does or doesn't correlate with that
 participation.
   Or if an adversary can
 obtain logs about the use of a particular online
   service, even though those logs aren't
 available to the general public,
   it can
 also correlate that statistically with entry data that it
 has
   available for some other reason.
 
 The "good news" is
 that a given Tor user is probably not very likely to
 be vulnerable to many of these attacks from
 many adversaries when using
 Tor infrequently
 or for brief periods.  Yet many of these attacks would
 work at least some of the time against a pretty
 considerable amount of
 Tor traffic.
 
 I agree with your point that
 just having more random people run nodes
 helps decrease the probability of success of
 several of these attacks.
 
 -- 
 Seth Schoen  
 Senior Staff Technologist             
          https://www.eff.org/
 Electronic Frontier Foundation           
       https://www.eff.org/join
 815 Eddy Street, San Francisco, CA  94109   
    +1 415 436 9333 x107
 -- 
 tor-talk mailing list - tor-talk@lists.torproject.org
 To unsubscribe or change other settings go
 to
 https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
 
 -Inline Attachment Follows-
 
 
-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

Re: [tor-talk] How to find trust nodes?

[Jason Long]

How can I find a good node that configured strongly?

On Wed, 9/27/17, George <geo...@queair.net> wrote:

 Subject: Re: [tor-talk] How to find trust nodes?
 To: tor-talk@lists.torproject.org
 Date: Wednesday, September 27, 2017, 11:18 PM
 
 Jason Long:
 >
 Hello.
 > How can I sure a Tor node that I
 connected to it is secure and is not a NSA or CIA node?
 
 
 You can't ensure
 that none of the Tor nodes in a particular three-node
 circuit aren't run by some three-letter
 government agency.
 
 There
 are regular checks about expired versions of Tor, poorly
 configured Tor policies on nodes, or other
 explicit bad things, but
 those only catch
 the most obvious insecurities.
 
 You can run your own relay or bridge, which
 could at least ensure one
 hop isn't
 compromised, not to mention the benefit for the many other
 Tor
 users.
 
 But ultimately, Tor's topography mitigates
 against one of the three
 nodes in your
 circuit being compromised. If the first hop is
 compromised, then they only know who you are,
 but not where your
 destination is. If the
 last hop is compromised, they only know where
 you're going, but not who you are (unless
 your providing clear text of
 personally
 identifying information).
 
 This happens to be why that quiet individual
 who runs one bridge or
 relay is so vital to
 the integrity of the network.
 
 g
 
 -- 
 
 
 
 5F77 765E 40D6 5340 A0F5 3401 4997 FF11 A86F
 44E2
 -- 
 tor-talk mailing
 list - tor-talk@lists.torproject.org
 To unsubscribe or change other settings go
 to
 https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
 
-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

Re: [tor-talk] Tor with static IP.

[Jason Long]

You can use Tor as VPN on your cell phone and not TorBrowser needed.

On Thu, 8/17/17, krishna e bera <k...@cyblings.on.ca> wrote:

 Subject: Re: [tor-talk] Tor with static IP.
 To: tor-talk@lists.torproject.org
 Date: Thursday, August 17, 2017, 12:57 AM
 
 On 12/08/17 07:08 AM, Jason Long
 wrote:
 > Hello.Can I use Tor with static IP? I
 don't like my IP changed.
 
 Your own IP address is not changed by the Tor
 network.
 What the Tor network changes
 periodically is route taken to wesites you
 visit in Torbrowser.  Each route will use 2 or
 3 different IP addresses
 (the entry guard
 plus a middle node plus an exit node).
 The
 websites you visit do not know (and cannot find out) what
 your own
 IP address is, they can only see
 the exit node's IP address.
 
 If you want to visit websites and have them see
 your own IP address each
 time, use the
 normal browser that comes with your operating system.
 
 -- 
 tor-talk
 mailing list - tor-talk@lists.torproject.org
 To unsubscribe or change other settings go
 to
 https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
 
-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

Re: [tor-talk] Tor with static IP.

[Jason Long]

When you register at origin.com then you can't use it with a new IP.

On Wed, 8/16/17, Petrusko <petru...@riseup.net> wrote:

 Subject: Re: [tor-talk] Tor with static IP.
 To: tor-talk@lists.torproject.org
 Date: Wednesday, August 16, 2017, 9:37 PM
 
 I think it's against the Tor
 rule ?
 Tor is here to help you about
 privacy, and changing circuits/IP will be
 the start to achieve this goal ;)
 
 
 
 Jason
 Long :
 > Hello.Can I use Tor with static
 IP? I don't like my IP changed.
 >
 Thank you.
 
 -- 
 Petrusko
 C0BF 2184 4A77 4A18
 90E9 F72C B3CA E665 EBE2 3AE5
 
 -- 
 tor-talk mailing list - tor-talk@lists.torproject.org
 To unsubscribe or change other settings go
 to
 https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
 
 -Inline Attachment Follows-
 
 
-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

[tor-talk] Tor with static IP.

[Jason Long]

Hello.Can I use Tor with static IP? I don't like my IP changed.
Thank you.
-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

[tor-talk] Why Tor can't connect?

[Jason Long]

Hello.I use Debian 8.6 amd64 and the last version of TorBrowser.When I run my 
TorBrowser and like to use "obsf4" or others it show me below error:
01/02/2017 19:54:02.500 [NOTICE] DisableNetwork is set. Tor will not make or 
accept non-control network connections. Shutting down all existing connections. 
01/02/2017 19:54:02.500 [NOTICE] DisableNetwork is set. Tor will not make or 
accept non-control network connections. Shutting down all existing connections. 
01/02/2017 19:54:02.500 [NOTICE] DisableNetwork is set. Tor will not make or 
accept non-control network connections. Shutting down all existing connections. 
01/02/2017 19:54:02.500 [NOTICE] Opening Socks listener on 127.0.0.1:9150 
01/02/2017 19:54:02.500 [NOTICE] Renaming old configuration file to 
"/home/jason/Desktop/Tors/tor-browser_en-US/Browser/TorBrowser/Data/Tor/torrc.orig.1"
 01/02/2017 19:54:05.600 [NOTICE] Bootstrapped 5%: Connecting to directory 
server 01/02/2017 19:54:05.600 [NOTICE] Bootstrapped 10%: Finishing handshake 
with directory server 01/02/2017 19:54:06.600 [NOTICE] Bootstrapped 15%: 
Establishing an encrypted directory connection 01/02/2017 19:54:07.100 [NOTICE] 
Bootstrapped 20%: Asking for networkstatus consensus 01/02/2017 19:54:07.700 
[NOTICE] new bridge descriptor 'wisctorbridge03' (fresh): 
$A17A40775FBD2CA1184BF80BFC330A77ECF9D0E9~wisctorbridge03 at 128.105.214.163 
01/02/2017 19:54:07.700 [NOTICE] I learned some more directory information, but 
not enough to build a circuit: We have no usable consensus. 01/02/2017 
19:54:08.400 [NOTICE] new bridge descriptor 'wisctorbridge02' (fresh): 
$FC562097E1951DCC41B7D7F324D88157119BB56D~wisctorbridge02 at 128.105.214.162 
01/02/2017 19:54:08.400 [NOTICE] I learned some more directory information, but 
not enough to build a circuit: We have no usable consensus. 01/02/2017 
19:54:09.600 [NOTICE] Bootstrapped 25%: Loading networkstatus consensus 
01/02/2017 19:54:16.200 [NOTICE] I learned some more directory information, but 
not enough to build a circuit: We have no usable consensus. 01/02/2017 
19:54:16.500 [NOTICE] Bootstrapped 40%: Loading authority key certs 01/02/2017 
19:54:16.700 [WARN] Our clock is 11 hours, 5 minutes behind the time published 
in the consensus network status document (2017-01-03 15:00:00 UTC).  Tor needs 
an accurate clock to work correctly. Please check your time and date settings! 
01/02/2017 19:54:16.700 [NOTICE] I learned some more directory information, but 
not enough to build a circuit: We have no recent usable consensus. 01/02/2017 
19:54:35.600 [WARN] Proxy Client: unable to connect to 131.252.210.150:8080 
("TTL expired") 01/02/2017 19:55:36.900 [WARN] Our clock is 12 hours, 4 minutes 
behind the time published in the consensus network status document (2017-01-03 
16:00:00 UTC).  Tor needs an accurate clock to work correctly. Please check 
your time and date settings! 01/02/2017 19:55:36.900 [NOTICE] I learned some 
more directory information, but not enough to build a circuit: We have no 
recent usable consensus. 01/02/2017 19:56:26.300 [NOTICE] Closing 
no-longer-configured Socks listener on 127.0.0.1:9150 01/02/2017 19:56:26.300 
[NOTICE] DisableNetwork is set. Tor will not make or accept non-control network 
connections. Shutting down all existing connections. 01/02/2017 19:56:26.300 
[NOTICE] Closing old Socks listener on 127.0.0.1:9150 01/02/2017 19:56:26.600 
[NOTICE] Delaying directory fetches: DisableNetwork is set. 

Why?
Thank you.
-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

Re: [tor-talk] Mirai Botnet Relocates To Onions

[Jason Long]

How we can protect themselves?

On Sun, 12/18/16, Flipchan  wrote:

 Subject: Re: [tor-talk] Mirai Botnet Relocates To Onions
 To: tor-talk@lists.torproject.org
 Date: Sunday, December 18, 2016, 9:24 AM
 
 There is alot of botnets that run
 over Tor , there is alot of assholes. 
 
 But if You can identify THE malware You can pretty easy find
 the source code and then THE default cred to shut it down. 
 
 grarpamp 
 skrev: (18 december 2016 06:11:17 CET)
 >https://www.bleepingcomputer.com/news/security/security-firms-almost-brought-down-massive-mirai-botnet/
 >
 >"Following a failed takedown attempt, changes made to
 the Mirai
 >malware variant responsible for building one of today's
 biggest
 >botnets of IoT devices will make it incredibly harder
 for authorities
 >and security firms to shut it down," reports Bleeping
 Computer.
 >Level3 and others" have been very close to taking down
 one of the
 >biggest Mirai botnets around, the same one that
 attempted to knock the
 >Internet offline in Liberia, and also hijacked 900,000
 routers from
 >German ISP Deutsche Telekom.The botnet narrowly escaped
 due to the
 >fact that its maintainer, a hacker known as BestBuy, had
 implemented a
 >domain-generation algorithm to generate random domain
 names where he
 >hosted his servers.
 >Currently, to avoid further takedown attempts from
 similar security
 >firms, BestBuy has started moving the botnet's command
 and control
 >servers to Tor. "It's all good now. We don't need to pay
 thousands to
 >ISPs and hosting. All we need is one strong server," the
 hacker said.
 >"Try to shut down .onion 'domains' over Tor," he
 boasted, knowing that
 >nobody can.
 >-- 
 >tor-talk mailing list - tor-talk@lists.torproject.org
 >To unsubscribe or change other settings go to
 >https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
 
 -- 
 Sincerly flipchan - LayerProx dev
 -- 
 tor-talk mailing list - tor-talk@lists.torproject.org
 To unsubscribe or change other settings go to
 https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
 
-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

Re: [tor-talk] Tor and iptables.

[Jason Long]

Did you see my iptables rules? What is my problem?


On Sun, 12/11/16, Jonathan Marquardt <m...@parckwart.de> wrote:

 Subject: Re: [tor-talk] Tor and iptables.
 To: tor-talk@lists.torproject.org
 Date: Sunday, December 11, 2016, 7:24 AM
 
 On Sun, Dec 11, 2016 at
 12:26:47PM +, Jason Long wrote:
 >
 Excuse me, I must allow input to my system? It is so bad :(,
 I don't like to allow everyone.
 
 This has nothing to do with Tor. It's just
 the general way how the IP protocol 
 works.
 Without allowing stateful input, you couldn't do any
 useful traffic. 
 You always need to make
 sure that there's a way to the destination (output) 
 and a way for the target server to reply to you
 (input).
 
 But using stateful
 inspection, only input that is a reply to your output is 
 allowed. There should't be any security
 risk because of this. It's what your 
 home router is doing as well to allow the
 servers you want to talk to to 
 reply.
 
 See also: https://en.wikipedia.org/wiki/Stateful_firewall
 --
 
 tor-talk mailing list - tor-talk@lists.torproject.org
 To unsubscribe or change other settings go
 to
 https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
 
-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

Re: [tor-talk] Tor and iptables.

[Jason Long]

Did you see my iptables rules? What is my problem?


On Sun, 12/11/16, Jonathan Marquardt <m...@parckwart.de> wrote:

 Subject: Re: [tor-talk] Tor and iptables.
 To: tor-talk@lists.torproject.org
 Date: Sunday, December 11, 2016, 7:24 AM
 
 On Sun, Dec 11, 2016 at
 12:26:47PM +, Jason Long wrote:
 >
 Excuse me, I must allow input to my system? It is so bad :(,
 I don't like to allow everyone.
 
 This has nothing to do with Tor. It's just
 the general way how the IP protocol 
 works.
 Without allowing stateful input, you couldn't do any
 useful traffic. 
 You always need to make
 sure that there's a way to the destination (output) 
 and a way for the target server to reply to you
 (input).
 
 But using stateful
 inspection, only input that is a reply to your output is 
 allowed. There should't be any security
 risk because of this. It's what your 
 home router is doing as well to allow the
 servers you want to talk to to 
 reply.
 
 See also: https://en.wikipedia.org/wiki/Stateful_firewall
 --
 
 tor-talk mailing list - tor-talk@lists.torproject.org
 To unsubscribe or change other settings go
 to
 https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
 
-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

Re: [tor-talk] Tor and iptables.

[Jason Long]

can anyone edit my rules and tell me what is my problem? 

On Monday, December 12, 2016 1:23 AM, Jonathan Marquardt 
 wrote:
 

 On Mon, Dec 12, 2016 at 01:52:22AM -0700, Mirimir wrote:
> Sorry about missing the typo in my initial reply. It _was_ an invalid
> rule. But accepting lo is necessary with default deny, right?

Yes, sorry, you're right. My bad.
-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk


   
-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

Re: [tor-talk] Tor and iptables.

[Jason Long]

My iptables rules are :
*filter:INPUT ACCEPT [0:0]:FORWARD ACCEPT [0:0]:OUTPUT ACCEPT [0:0]-A INPUT -j 
ACCEPT -m state --state RELATED,ESTABLISHED-A INPUT -i lo -j ACCEPT#-A INPUT -d 
127.0.0.0/8 ! -i lo -j REJECT --reject-with icmp-port-unreachable-A INPUT -m 
state --state RELATED,ESTABLISHED -j ACCEPT-A INPUT -p tcp -m tcp --dport 80 -j 
ACCEPT-A INPUT -p tcp -m tcp --dport 443 -j ACCEPT-A INPUT -p tcp -m tcp 
--dport 22 -m state --state NEW -m recent --set --name DEFAULT --mask 
255.255.255.255 --rsource-A INPUT -p tcp -m tcp --dport 22 -m state --state NEW 
-m recent --update --seconds 180 --hitcount 4 --name DEFAULT --mask 
255.255.255.255 --rsource -j DROP-A INPUT -p tcp -m state --state NEW -m tcp 
--dport 22 -j ACCEPT-A INPUT -p icmp -m icmp --icmp-type 8 -j ACCEPT-A INPUT -m 
limit --limit 5/min -j LOG --log-prefix "iptables denied: " --log-level 7-A 
INPUT -m recent --rcheck --seconds 86400 --name portscan --mask 255.255.255.255 
--rsource -j DROP-A INPUT -m recent --remove --name portscan --mask 
255.255.255.255 --rsource-A INPUT -p tcp -m tcp --dport 139 -m recent --set 
--name portscan --mask 255.255.255.255 --rsource -j LOG --log-prefix 
"portscan:"-A INPUT -p tcp -m tcp --dport 139 -m recent --set --name portscan 
--mask 255.255.255.255 --rsource -j DROP-A INPUT -j REJECT --reject-with 
icmp-port-unreachable-A INPUT -i lo -j ACCEPT-A INPUT -m state --state 
RELATED,ESTABLISHED -j ACCEPT-A INPUT -s 10.0.0.0/8 -j DROP-A INPUT -s 
169.254.0.0/16 -j DROP-A INPUT -s 172.16.0.0/12 -j DROP-A INPUT -s 127.0.0.0/8 
-j DROP-A INPUT -s 192.168.0.0/24 -j DROP-A INPUT -s 224.0.0.0/4 -j DROP-A 
INPUT -d 224.0.0.0/4 -j DROP-A INPUT -s 240.0.0.0/5 -j DROP-A INPUT -d 
240.0.0.0/5 -j DROP-A INPUT -s 0.0.0.0/8 -j DROP-A INPUT -d 0.0.0.0/8 -j DROP-A 
INPUT -d 239.255.255.0/24 -j DROP-A INPUT -d 255.255.255.255/32 -j DROP-A INPUT 
-p icmp -m icmp --icmp-type 17 -j DROP-A INPUT -p icmp -m icmp --icmp-type 13 
-j DROP-A INPUT -p icmp -m icmp --icmp-type 13 -m limit --limit 1/sec -j 
ACCEPT-A INPUT -m state --state INVALID -j DROP-A INPUT -p tcp -m tcp 
--tcp-flags RST RST -m limit --limit 2/sec --limit-burst 2 -j ACCEPT-A INPUT -m 
recent --rcheck --seconds 86400 --name portscan --mask 255.255.255.255 
--rsource -j DROP-A INPUT -m recent --remove --name portscan --mask 
255.255.255.255 --rsource-A INPUT -p tcp -m tcp --dport 139 -m recent --set 
--name portscan --mask 255.255.255.255 --rsource -j LOG --log-prefix 
"portscan:"-A INPUT -p tcp -m tcp --dport 139 -m recent --set --name portscan 
--mask 255.255.255.255 --rsource -j DROP-A INPUT -p tcp -m tcp --dport 80 -j 
ACCEPT-A INPUT -p tcp -m tcp --dport 443 -j ACCEPT-A INPUT -p tcp -m tcp 
--dport 22 -j ACCEPT-A INPUT -p icmp -m icmp --icmp-type 8 -j ACCEPT-A INPUT -j 
REJECT --reject-with icmp-port-unreachable-A FORWARD -j REJECT --reject-with 
icmp-port-unreachable-A FORWARD -m recent --rcheck --seconds 86400 --name 
portscan --mask 255.255.255.255 --rsource -j DROP-A FORWARD -m recent --remove 
--name portscan --mask 255.255.255.255 --rsource-A FORWARD -p tcp -m tcp 
--dport 139 -m recent --set --name portscan --mask 255.255.255.255 --rsource -j 
LOG --log-prefix "portscan:"-A FORWARD -p tcp -m tcp --dport 139 -m recent 
--set --name portscan --mask 255.255.255.255 --rsource -j DROP-A FORWARD -m 
state --state INVALID -j DROP-A FORWARD -m recent --rcheck --seconds 86400 
--name portscan --mask 255.255.255.255 --rsource -j DROP-A FORWARD -m recent 
--remove --name portscan --mask 255.255.255.255 --rsource-A FORWARD -p tcp -m 
tcp --dport 139 -m recent --set --name portscan --mask 255.255.255.255 
--rsource -j LOG --log-prefix "portscan:"-A FORWARD -p tcp -m tcp --dport 139 
-m recent --set --name portscan --mask 255.255.255.255 --rsource -j DROP-A 
FORWARD -j REJECT --reject-with icmp-port-unreachable-A OUTPUT -j ACCEPT-A 
OUTPUT -m state --state INVALID -j DROP-A OUTPUT -o lo -j ACCEPT-A OUTPUT -m 
state --state RELATED,ESTABLISHED -j ACCEPT-A OUTPUT -p tcp -m tcp --dport 80 
-j ACCEPT-A OUTPUT -p tcp -m tcp --dport 443 -j ACCEPT-A OUTPUT -p tcp -m tcp 
--dport 22 -j ACCEPT-A OUTPUT -p icmp -m icmp --icmp-type 8 -j ACCEPT-A OUTPUT 
-j REJECT --reject-with icmp-port-unreachable-A OUTPUT -j ACCEPT -m state 
--state RELATED,ESTABLISHEDCOMMIT
What is my problem? Why I can't use "obfs4" ? 

On Sunday, December 11, 2016 10:33 PM, Mirimir <miri...@riseup.net> wrote:
 

 On 12/10/2016 07:16 AM, Jason Long wrote:
> Hello.
> I like to close all INPUT connections via iptables but I like to use 
> TorBrowser, Then Which port(s) must be open?
> 
> -A OUTPUT -p tcp -m tcp --dport 9151 -j ACCEPT
> 
> 
> Is it enough? How about "INPUT"? Must I open any input port too?
> 
> Thank you.

You only need to allow input and output for the tor process. And input
for SSH, if you need that. Plus related/established, of course.

In Debian, run "id -u debian-tor". 

Re: [tor-talk] Tor and iptables.

[Jason Long]

Excuse me, I must allow input to my system? It is so bad :(, I don't like to 
allow everyone.



On Sunday, December 11, 2016 2:44 AM, Jonathan Marquardt  
wrote:
You always need to allow some input as well in order for the Tor guard node to 
talk to your computer. Stateful Inspection is used for this. Here's a complete 
ruleset to accomplish what you asked for. All output is allowed, but no input, 
except it belongs to some output your computer previously did.

# Stateful inspection for input and output
iptables -A INPUT -j ACCEPT -m state --state RELATED,ESTABLISHED
iptables -A OUTPUT -j ACCEPT -m state --state RELATED,ESTABLISHED

# Allow loopback traffic
iptables -A INPUT -i lo -j ACCEPT

# Reject any other input
iptables -A INPUT -j REJECT

# Accept all output
iptables -A OUTPUT -j ACCEPT

Note that you also want to accout for IPv6 using ip6tables. It depends on your 
network though.
-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

[tor-talk] Tor and iptables.

[Jason Long]

Hello.
I like to close all INPUT connections via iptables but I like to use 
TorBrowser, Then Which port(s) must be open?

-A OUTPUT -p tcp -m tcp --dport 9151 -j ACCEPT


Is it enough? How about "INPUT"? Must I open any input port too?

Thank you.
-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

Re: [tor-talk] Tor and iptables.

[Jason Long]

Tor can't connect and show me below error:

12/09/2016 17:41:40.300 [NOTICE] DisableNetwork is set. Tor will not make or 
accept non-control network connections. Shutting down all existing connections. 
12/09/2016 17:41:40.300 [NOTICE] Opening Socks listener on 127.0.0.1:9150 
12/09/2016 17:41:42.100 [NOTICE] Bootstrapped 5%: Connecting to directory 
server 
12/09/2016 17:41:42.100 [NOTICE] Bootstrapped 10%: Finishing handshake with 
directory server 
12/09/2016 17:42:16.500 [WARN] Proxy Client: unable to connect to 
192.95.36.142:443 ("general SOCKS server failure") 
12/09/2016 17:42:23.600 [WARN] Proxy Client: unable to connect to 
154.35.22.11:80 ("general SOCKS server failure") 
12/09/2016 17:42:24.100 [NOTICE] Closing no-longer-configured Socks listener on 
127.0.0.1:9150 
12/09/2016 17:42:24.100 [NOTICE] DisableNetwork is set. Tor will not make or 
accept non-control network connections. Shutting down all existing connections. 
12/09/2016 17:42:24.100 [NOTICE] Closing old Socks listener on 127.0.0.1:9150 
12/09/2016 17:42:32.300 [NOTICE] DisableNetwork is set. Tor will not make or 
accept non-control network connections. Shutting down all existing connections. 
12/09/2016 17:42:32.300 [NOTICE] DisableNetwork is set. Tor will not make or 
accept non-control network connections. Shutting down all existing connections. 
12/09/2016 17:42:32.300 [NOTICE] DisableNetwork is set. Tor will not make or 
accept non-control network connections. Shutting down all existing connections. 
12/09/2016 17:42:32.300 [NOTICE] Opening Socks listener on 127.0.0.1:9150 
12/09/2016 17:45:58.400 [NOTICE] Closing no-longer-configured Socks listener on 
127.0.0.1:9150 
12/09/2016 17:45:58.400 [NOTICE] DisableNetwork is set. Tor will not make or 
accept non-control network connections. Shutting down all existing connections. 
12/09/2016 17:45:58.400 [NOTICE] Closing old Socks listener on 127.0.0.1:9150 
12/09/2016 17:45:59.100 [NOTICE] Delaying directory fetches: DisableNetwork is 
set. 





On Saturday, December 10, 2016 6:16 AM, Jason Long <hack3r...@yahoo.com> wrote:

Hello.

I like to close all INPUT connections via iptables but I like to use 
TorBrowser, Then Which port(s) must be open?


-A OUTPUT -p tcp -m tcp --dport 9151 -j ACCEPT



Is it enough? How about "INPUT"? Must I open any input port too?


Thank you.
-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

Re: [tor-talk] Hacker and Tor

[Jason Long]

You said hidemyass work for government then why I must use it?

On Fri, 12/2/16, Flipchan  wrote:

 Subject: Re: [tor-talk] Hacker and Tor
 To: tor-talk@lists.torproject.org
 Date: Friday, December 2, 2016, 10:28 AM
 
 Hidemyass did deanonymize
 and gave out information to the goverment about One if their
 own users. If dns is your problem run dns throw Tor. Use
 dnscrypt throw Tor . A cpanel is often just some php script
 sure it might record ur ip and useragent But that is mostly
 the Web server that does that. If You have a fake usr agent
 and are running Tor You can do like a online browser leakage
 test. I would not(and this is my opinion use hidemyass).
 
 techl...@123mail.org
 skrev: (2 december 2016 19:21:55 CET)
 >>  > Hello.
 >>  > If you browse a Cpanel via Tor
 for deface
 >>  > a website then
 can
 >>  > provider or Website
 >>  > admin find your real IP with
 some
 >>  > tricks? Any
 experiences?
 >
 >
 >cPanel security system has been set up to
 grab the DNS of Tor proxies
 >used to log
 in, they will find out your real IP looking at the logs
 and
 >you will end up in jail.
 >
 >But Hide My Ass, a
 high security proxy, protects you from DNS caching
 >security system in cPanel:
 >
 >https://www.hidemyass.com/
 >-- 
 >tor-talk mailing
 list - tor-talk@lists.torproject.org
 >To unsubscribe or change other settings go
 to
 >https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
 
 -- 
 Sincerly
 flipchan - LayerProx dev
 -- 
 tor-talk mailing list - tor-talk@lists.torproject.org
 To unsubscribe or change other settings go
 to
 https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
 
-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

Re: [tor-talk] Hacker and Tor.

[Jason Long]

It just a question.

On Tue, 11/29/16, Flipchan <flipc...@riseup.net> wrote:

 Subject: Re: [tor-talk] Hacker and Tor.
 To: tor-talk@lists.torproject.org
 Date: Tuesday, November 29, 2016, 1:38 PM
 
 May i remind You that
 this is Tor talk mailing list, Tor is made to protect the
 privacy of people globaly and missuseing Tor is not helping
 make the Internet safer. Might i suggest that You hack on
 some vm's instead? Try vulnhub.com
 
 Jason Long <hack3r...@yahoo.com>
 skrev: (29 november 2016 19:55:18 CET)
 >Any idea?
 >
 >On Sun, 11/27/16, Jason Long <hack3r...@yahoo.com>
 wrote:
 >
 > Subject:
 Hacker and Tor.
 > To: "tor-talk@lists.torproject.org"
 <tor-talk@lists.torproject.org>
 > Date: Sunday, November 27, 2016, 12:56
 AM
 > 
 > Hello.
 > If you browse a Cpanel via Tor for deface
 a website then can
 > provider or Website
 admin find your real IP with some
 >
 tricks? Any experiences?
 > 
 > Thank you.
 > 
 >-- 
 >tor-talk mailing
 list - tor-talk@lists.torproject.org
 >To unsubscribe or change other settings go
 to
 >https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
 
 -- 
 Sincerly
 flipchan - LayerProx dev
 -- 
 tor-talk mailing list - tor-talk@lists.torproject.org
 To unsubscribe or change other settings go
 to
 https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
 
-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

Re: [tor-talk] Hacker and Tor.

[Jason Long]

Any idea?

On Sun, 11/27/16, Jason Long <hack3r...@yahoo.com> wrote:

 Subject: Hacker and Tor.
 To: "tor-talk@lists.torproject.org" <tor-talk@lists.torproject.org>
 Date: Sunday, November 27, 2016, 12:56 AM
 
 Hello.
 If you browse a Cpanel via Tor for deface a website then can
 provider or Website admin find your real IP with some
 tricks? Any experiences?
 
 Thank you.
 
-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

Re: [tor-talk] OBFS4 Blocking (Cyberoam demo)

[Jason Long]

Can it mean that they found how Tor working?

On Sun, 11/27/16, David Fifield  wrote:

 Subject: Re: [tor-talk] OBFS4 Blocking (Cyberoam demo)
 To: "Yphone" 
 Cc: tor-talk@lists.torproject.org
 Date: Sunday, November 27, 2016, 3:14 PM
 
 On Thu, Nov 17, 2016 at 11:53:39AM
 -0600, Yphone wrote:
 > Cyberoam calls it Tor. Not sure about iboss but I would
 guess it calls it Tor as well
 
 I just learned that Cyberoam has an online demo.
 
 https://demo.cyberoam.com/ (username: guest, password:
 guest)
 
 In the Application Filter config, there's a "TOR Proxy"
 entry.
 http://ngdemo.cyberoam.com/corporate/webpages/index.jsp#79830
 
 Name: TOR Proxy
 Category: Proxy and Tunnel
 Risk: 5 - Very High
 Characteristics: Tunnels other apps,Vulnerabilities,...
 Technology: Client Server
 -- 
 tor-talk mailing list - tor-talk@lists.torproject.org
 To unsubscribe or change other settings go to
 https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
 
-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

Re: [tor-talk] OBFS4 Blocking (Cyberoam demo)

[Jason Long]

Can it mean that they found how Tor working?

On Sun, 11/27/16, David Fifield  wrote:

 Subject: Re: [tor-talk] OBFS4 Blocking (Cyberoam demo)
 To: "Yphone" 
 Cc: tor-talk@lists.torproject.org
 Date: Sunday, November 27, 2016, 3:14 PM
 
 On Thu, Nov 17, 2016 at 11:53:39AM
 -0600, Yphone wrote:
 > Cyberoam calls it Tor. Not sure about iboss but I would
 guess it calls it Tor as well
 
 I just learned that Cyberoam has an online demo.
 
 https://demo.cyberoam.com/ (username: guest, password:
 guest)
 
 In the Application Filter config, there's a "TOR Proxy"
 entry.
 http://ngdemo.cyberoam.com/corporate/webpages/index.jsp#79830
 
 Name: TOR Proxy
 Category: Proxy and Tunnel
 Risk: 5 - Very High
 Characteristics: Tunnels other apps,Vulnerabilities,...
 Technology: Client Server
 -- 
 tor-talk mailing list - tor-talk@lists.torproject.org
 To unsubscribe or change other settings go to
 https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
 
-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

[tor-talk] Hacker and Tor.

[Jason Long]

Hello.
If you browse a Cpanel via Tor for deface a website then can provider or 
Website admin find your real IP with some tricks? Any experiences?

Thank you.
-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

[tor-talk] What is the different between Official TorBrowser and Browser4Tor?

[Jason Long]

Hello.
I found a version of Tor in "http://torbrowser.sourceforge.net/;, But what is 
the different between it and official TorBrowser? Is it a trust version?

Thank you.
-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

Re: [tor-talk] Find Real IP via ISP.

[Jason Long]

Are you kidding? Iranian relays are good in this scenario? Why?

On Wed, 11/23/16, Jonathan Marquardt <m...@parckwart.de> wrote:

 Subject: Re: [tor-talk] Find Real IP via ISP.
 To: tor-talk@lists.torproject.org
 Date: Wednesday, November 23, 2016, 7:16 AM
 
 Yes, luckily that's
 not happening yet. At least not on a large scale.
 
 In order for that technique to
 really work out, all ISPs in all countries your 
 Tor connection goes through would need to work
 together. The more 
 geographically and
 politically diverse the countries your Tor circuit goes 
 through get, the harder the tracking gets.
 Depending on how much of an 
 orwellian world
 you want to imagine, it might be that some day all countries
 
 in Europe collaborate, for example. So
 it's good to have some Tor 
 relays 
 outside of that continent. In fact, the iranian relays you
 recently 
 were worried about, Jason, might
 be very helpful in such a scenario.
 
 On Tue, Nov 22, 2016 at 12:23:15PM +, Jason
 Long wrote:
 > Oh, You mean is that all
 ISPs contribute to each other?
 > 
 > 
 > 
 > On Tuesday, November 22, 2016 3:41 PM,
 juanjo <jua...@avanix.es>
 wrote:
 > No, your ISP can't see your
 Tor exit IP.
 > 
 > Of
 course, if all ISP form all the world started to log all
 connections 
 > they could follow the path
 and find your original IP. This is something 
 > UK is starting to do now...  and many
 goverments want.
 > 
 >
 
 > El 22/11/2016 a las 13:02, Jason Long
 escribió:
 > > Thus, ISP can't see
 my Tor IP?
 > >
 >
 >
 > >
 > > On
 Tuesday, November 22, 2016 3:27 PM, juanjo <jua...@avanix.es>
 wrote:
 > > ISP can't see that the
 user "changed" his IP adress on Tor. What you
 > > said could work on single-hop proxies
 or VPN, but not on Tor, remember
 > >
 on Tor you have not one but three hops. ISP can only see you
 are
 > > connecting to the first hop,
 not the remaining two (middle and exit,
 >
 > exit is the IP that the website will see).
 > >
 > >
 > >
 > > El
 22/11/2016 a las 12:48, Jason Long escribió:
 > >> Hello.
 >
 >> As "Seth David Schoen" said, Governments
 can see that users using tor but can't see what they are
 doing. My questions is that if an ISP see that an IP
 address, For example, 100.100.100.1 connected to the Tor
 network and user IP address changed to 200.200.200.1 then if
 the user visit a website with Tor then if the websites
 owners show 200.200.200.1 to the ISP then can ISP give
 100.100.100.1 to the website owner?
 >
 >>
 > >> Thank you.
 > 
 > 
 > -- 
 > tor-talk mailing
 list - tor-talk@lists.torproject.org
 > To unsubscribe or change other settings go
 to
 > https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
 > -- 
 > tor-talk mailing
 list - tor-talk@lists.torproject.org
 > To unsubscribe or change other settings go
 to
 > https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
 --
 
 tor-talk mailing list - tor-talk@lists.torproject.org
 To unsubscribe or change other settings go
 to
 https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
 
-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

Re: [tor-talk] Find Real IP via ISP.

[Jason Long]

Are you kidding? Iranian relays are good in this scenario? Why?

On Wed, 11/23/16, Jonathan Marquardt <m...@parckwart.de> wrote:

 Subject: Re: [tor-talk] Find Real IP via ISP.
 To: tor-talk@lists.torproject.org
 Date: Wednesday, November 23, 2016, 7:16 AM
 
 Yes, luckily that's
 not happening yet. At least not on a large scale.
 
 In order for that technique to
 really work out, all ISPs in all countries your 
 Tor connection goes through would need to work
 together. The more 
 geographically and
 politically diverse the countries your Tor circuit goes 
 through get, the harder the tracking gets.
 Depending on how much of an 
 orwellian world
 you want to imagine, it might be that some day all countries
 
 in Europe collaborate, for example. So
 it's good to have some Tor 
 relays 
 outside of that continent. In fact, the iranian relays you
 recently 
 were worried about, Jason, might
 be very helpful in such a scenario.
 
 On Tue, Nov 22, 2016 at 12:23:15PM +, Jason
 Long wrote:
 > Oh, You mean is that all
 ISPs contribute to each other?
 > 
 > 
 > 
 > On Tuesday, November 22, 2016 3:41 PM,
 juanjo <jua...@avanix.es>
 wrote:
 > No, your ISP can't see your
 Tor exit IP.
 > 
 > Of
 course, if all ISP form all the world started to log all
 connections 
 > they could follow the path
 and find your original IP. This is something 
 > UK is starting to do now...  and many
 goverments want.
 > 
 >
 
 > El 22/11/2016 a las 13:02, Jason Long
 escribió:
 > > Thus, ISP can't see
 my Tor IP?
 > >
 >
 >
 > >
 > > On
 Tuesday, November 22, 2016 3:27 PM, juanjo <jua...@avanix.es>
 wrote:
 > > ISP can't see that the
 user "changed" his IP adress on Tor. What you
 > > said could work on single-hop proxies
 or VPN, but not on Tor, remember
 > >
 on Tor you have not one but three hops. ISP can only see you
 are
 > > connecting to the first hop,
 not the remaining two (middle and exit,
 >
 > exit is the IP that the website will see).
 > >
 > >
 > >
 > > El
 22/11/2016 a las 12:48, Jason Long escribió:
 > >> Hello.
 >
 >> As "Seth David Schoen" said, Governments
 can see that users using tor but can't see what they are
 doing. My questions is that if an ISP see that an IP
 address, For example, 100.100.100.1 connected to the Tor
 network and user IP address changed to 200.200.200.1 then if
 the user visit a website with Tor then if the websites
 owners show 200.200.200.1 to the ISP then can ISP give
 100.100.100.1 to the website owner?
 >
 >>
 > >> Thank you.
 > 
 > 
 > -- 
 > tor-talk mailing
 list - tor-talk@lists.torproject.org
 > To unsubscribe or change other settings go
 to
 > https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
 > -- 
 > tor-talk mailing
 list - tor-talk@lists.torproject.org
 > To unsubscribe or change other settings go
 to
 > https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
 --
 
 tor-talk mailing list - tor-talk@lists.torproject.org
 To unsubscribe or change other settings go
 to
 https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
 
-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

Re: [tor-talk] Find Real IP via ISP.

[Jason Long]

Thus we must not Visit a site with and without Tor in a same time?



On Tuesday, November 22, 2016 5:25 PM, Mirimir <miri...@riseup.net> wrote:



On 11/22/2016 04:48 AM, Jason Long wrote:
> Hello.
> As "Seth David Schoen" said, Governments can see that users using
> tor but can't see what they are doing. My questions is that if an
> ISP see that an IP address, For example, 100.100.100.1 connected
> to the Tor network and user IP address changed to 200.200.200.1
> then if the user visit a website with Tor then if the websites
> owners show 200.200.200.1 to the ISP then can ISP give
> 100.100.100.1 to the website owner?
> 
> Thank you.

As others have pointed out, ISPs don't know Tor exit IP addresses.
Websites, of course, know Tor exit IP addresses. Because they see them
when users connect. But knowing them doesn't allow them, or even help
them, find users' ISP-assigned IP addresses.

However, let's say that you've used a website without Tor. And let's say
that you have an account. If you subsequently login to that account
using Tor, the website operator could contact your ISP (which it knows
from your prior use without Tor) and ask what you were doing at the time
you logged in. And they would learn that you were using Tor.

Even without an account, cookies could mark you just as well.

Even so, ISPs generally won't provide that sort of information without a
court order. So you would need to attract major attention from the
website, or interested third parties, before you'd be at risk.

There's also the possibility of website fingerprinting. So if you had
used a website without Tor, your ISP could have collected data that
allows them to identify connections to that website. Consider
<http://hubblesite.org/gallery/wallpaper/>. There are many images, and
they tend to load in a particular order. So the network traffic pattern
is relatively unique. Many porn sites, for example, also have distinct
fingerprints.

But generally, if a website has never seen you without Tor, they have no
chance of even tracking you back to your ISP. Let alone getting your
identity from the ISP.
-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

Re: [tor-talk] Find Real IP via ISP.

[Jason Long]

Oh, You mean is that all ISPs contribute to each other?



On Tuesday, November 22, 2016 3:41 PM, juanjo <jua...@avanix.es> wrote:
No, your ISP can't see your Tor exit IP.

Of course, if all ISP form all the world started to log all connections 
they could follow the path and find your original IP. This is something 
UK is starting to do now...  and many goverments want.


El 22/11/2016 a las 13:02, Jason Long escribió:
> Thus, ISP can't see my Tor IP?
>
>
>
> On Tuesday, November 22, 2016 3:27 PM, juanjo <jua...@avanix.es> wrote:
> ISP can't see that the user "changed" his IP adress on Tor. What you
> said could work on single-hop proxies or VPN, but not on Tor, remember
> on Tor you have not one but three hops. ISP can only see you are
> connecting to the first hop, not the remaining two (middle and exit,
> exit is the IP that the website will see).
>
>
>
> El 22/11/2016 a las 12:48, Jason Long escribió:
>> Hello.
>> As "Seth David Schoen" said, Governments can see that users using tor but 
>> can't see what they are doing. My questions is that if an ISP see that an IP 
>> address, For example, 100.100.100.1 connected to the Tor network and user IP 
>> address changed to 200.200.200.1 then if the user visit a website with Tor 
>> then if the websites owners show 200.200.200.1 to the ISP then can ISP give 
>> 100.100.100.1 to the website owner?
>>
>> Thank you.


-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

Re: [tor-talk] Find Real IP via ISP.

[Jason Long]

Thus, ISP can't see my Tor IP?



On Tuesday, November 22, 2016 3:27 PM, juanjo <jua...@avanix.es> wrote:
ISP can't see that the user "changed" his IP adress on Tor. What you 
said could work on single-hop proxies or VPN, but not on Tor, remember 
on Tor you have not one but three hops. ISP can only see you are 
connecting to the first hop, not the remaining two (middle and exit, 
exit is the IP that the website will see).



El 22/11/2016 a las 12:48, Jason Long escribió:
> Hello.
> As "Seth David Schoen" said, Governments can see that users using tor but 
> can't see what they are doing. My questions is that if an ISP see that an IP 
> address, For example, 100.100.100.1 connected to the Tor network and user IP 
> address changed to 200.200.200.1 then if the user visit a website with Tor 
> then if the websites owners show 200.200.200.1 to the ISP then can ISP give 
> 100.100.100.1 to the website owner?
>
> Thank you.


-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

[tor-talk] Find Real IP via ISP.

[Jason Long]

Hello.
As "Seth David Schoen" said, Governments can see that users using tor but can't 
see what they are doing. My questions is that if an ISP see that an IP address, 
For example, 100.100.100.1 connected to the Tor network and user IP address 
changed to 200.200.200.1 then if the user visit a website with Tor then if the 
websites owners show 200.200.200.1 to the ISP then can ISP give 100.100.100.1 
to the website owner?

Thank you.
-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

Re: [tor-talk] Please Remove Tor bridge and... from Censorship countries.

[Jason Long]

I worked with email later and I want to know the bridge that Tor provide is 
trusted and secure?

On Tue, 11/8/16, podmo <po...@sigaint.org> wrote:

 Subject: Re: [tor-talk] Please Remove Tor bridge and... from Censorship
countries.
 To: tor-talk@lists.torproject.org
 Date: Tuesday, November 8, 2016, 2:28 PM
 
 Jason Long writes:
 
 > How can I find a good list of secure Bridge?
 
 Go here for more information.
 https://www.torproject.org/docs/bridges#FindingMore
 
 Sounds like meek might work best for your scenario, so in
 that case you'd
 want to "Send an email to brid...@bridges.torproject.org
 with "get
 transport meek" by itself in the body of the email" from
 your Yahoo
 account.
 
 If you can VPN outside your country without it being
 blocked, you might
 also think about doing that and then running Tor through the
 VPN.
 
 
 -- 
 tor-talk mailing list - tor-talk@lists.torproject.org
 To unsubscribe or change other settings go to
 https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
 
-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

Re: [tor-talk] Please Remove Tor bridge and... from Censorship countries.

[Jason Long]

How can I find a good list of secure Bridge? 

On Tuesday, November 8, 2016 1:38 PM, Jonathan Marquardt 
<m...@parckwart.de> wrote:
 

 One thing should be clear:

If one is not using a bridge, it is trivial for any network observer 
(University firewall admin, Iran ISP) to see if one is using Tor. However, 
with the right bridge setup such a detection can ultimately be prevented. I 
guess meek is the best candidate for an undetectable bridge.

On Mon, Nov 07, 2016 at 09:56:01AM -0800, Seth David Schoen wrote:
> Jason Long writes:
> 
> > To be honest, I guess that I must stop using Tor It is not secure.I can 
> > remember that in torproject.org the Tor speaking about some peole that use 
> > Tor. For example, reporters, Military soldiers and...But I guess all of 
> > them are ads. Consider a soldier in a country that want send a secret 
> > letter to his government and he want to use Tor but the country that he is 
> > in there can sniff his traffic :( 
> 
> That soldier has a potential problem if the government is aggressively
> monitoring Internet traffic, because they can look at the time that the
> message was received and ask "who was using Tor in our country at that
> time?".  This happened in 2013 when someone sent a bomb threat using
> Tor on his university campus.  Apparently he was the only person using
> Tor on campus at the time the threat was sent.
> 
> http://www.dailydot.com/crime/tor-harvard-bomb-suspect/
> 
> The ability to do this doesn't require the government to operate any of
> the nodes and doesn't require them to be operated in the same country.
> For instance, Harvard University was able to identify this person even
> though he was using only Tor nodes that were outside of the university's
> network.  (It might have been much harder if he had been using a bridge
> that the university didn't know about, or if he had sent the threat
> from somewhere outside of the campus network.)
> 
> If there are ways of sending the letter that introduce a delay, then it
> might be harder for the government to identify the soldier because then
> there is some amount of Tor use at a time that's not obviously related
> to the sending of the letter.  There might still be a concern that the
> amount of data that the soldier transmitted over the Tor network is
> very similar to the size of the letter, which may be a unique profile.
> (That's a concern for systems like SecureDrop because people upload
> large documents with a unique size; the number of people who transmitted
> that exact amount of information on a Tor connection in a particular
> time frame will be very small.)
> 
> There's lots to think about and a good reminder that the Tor technology
> isn't perfect.  But I wouldn't agree with the idea that there's no point
> in using Tor.  Lots of people are getting an anonymity benefit from
> using it all of the time.
> 
> -- 
> Seth Schoen  <sch...@eff.org>
> Senior Staff Technologist                      https://www.eff.org/
> Electronic Frontier Foundation                  https://www.eff.org/join
> 815 Eddy Street, San Francisco, CA  94109      +1 415 436 9333 x107
> -- 
> tor-talk mailing list - tor-talk@lists.torproject.org
> To unsubscribe or change other settings go to
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk


   
-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

Re: [tor-talk] Please Remove Tor bridge and... from Censorship countries.

[Jason Long]

To be honest, I guess that I must stop using Tor It is not secure.I can 
remember that in torproject.org the Tor speaking about some peole that use Tor. 
For example, reporters, Military soldiers and...But I guess all of them are 
ads. Consider a soldier in a country that want send a secret letter to his 
government and he want to use Tor but the country that he is in there can sniff 
his traffic :( 

On Monday, November 7, 2016 10:34 AM, Seth David Schoen <sch...@eff.org> 
wrote:
 

 Jason Long writes:

> Not from ISP!! It is so bad because ISPs are under 
> governments control. If an ISP can see I use Tor then it is a good evidence 
> in censorship countries.You said " If a government is running the bridge, it 
> will know where the users are who are using that particular bridge.", In your 
> idea it is not silly? I mean was it and Tor must ban it.

My point is that people in other countries could still benefit from these
services, especially if they don't mind as much that the government of a
country where they don't live knows something about their Tor traffic.
For example, if I live in Germany, maybe I am more comfortable with my
Tor circuits going through Iran, compared to someone who lives in Iran
who is unhappy about that.  Both people might agree that the Iranian
government probably spies on the Tor network in a way they disagree
with, but the person who lives in Iran may see this as a very practical
important thing to worry about, while the perhaps who lives in Germany
may think it's not as practically important.  Or maybe someone living
in Argentina is trying to hide their location from a particular person,
but not from the government, and doesn't really mind if their data goes
through Tor nodes in their own country.

If you're using bridges to hide the fact that you use Tor at all, you
need some way to know if the particular bridges and technologies you
use can accomplish that goal.  That might include knowing the person
or organization who runs the bridge that you use.  If you use bridges
that are run by unknown people, you get a much greater risk that those
bridges are maliciously tracking your use of Tor, regardless of what
country they're physically located in.

I totally agree that surveillance by ISPs and governments is very serious
and very disturbing.  Tor's design is partly about letting people use
resources that are "somewhere else" so that perhaps they're not under
surveillance by the user's own government or ISP, or aren't all under
surveillance by the same people.  This will probably work less well
overall if the Tor developers try to single out particular countries as
extra-bad so that they can't participate in Tor at all.  That would mean
fewer countries overall participating in Tor, and an easier time for
people trying to do surveillance in the somewhat-less-bad countries.
And it would mean fewer choices for users about where to send their
traffic.

One thing that might be useful would be a way for Tor users to actively
pick what jurisdictions (or fiber optic cables or Internet exchange
points) they do or don't want their data to pass through, and have the
Tor client respect those preferences.  This is helpful both because
individual Tor users believe different things and because they have
different threat models.  I believe there's an old mechanism in the
torrc configuration file to avoid using nodes in particular countries,
but very few Tor users use this or understand how to use it.  Maybe it
could be made clearer and more convenient and integrated with the Tor
Browser interface in some way.

-- 
Seth Schoen  <sch...@eff.org>
Senior Staff Technologist                      https://www.eff.org/
Electronic Frontier Foundation                  https://www.eff.org/join
815 Eddy Street, San Francisco, CA  94109      +1 415 436 9333 x107
-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk


   
-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

Re: [tor-talk] Please Remove Tor bridge and... from Censorship countries.

[Jason Long]

Not from ISP!! It is so bad because ISPs are under 
governments control. If an ISP can see I use Tor then it is a good evidence in 
censorship countries.You said " If a government is running the bridge, it will 
know where the users are who are using that particular bridge.", In your idea 
it is not silly? I mean was it and Tor must ban it.

On Monday, November 7, 2016 12:08 AM, Seth David Schoen <sch...@eff.org> 
wrote:
 

 Jason Long writes:

> You said the governments can see a user bandwidth usage and it is so bad 
> because they can understand a user use Tor for regular web surfing or use it 
> for upload files and...  
> You said governments can see users usages but not contents but how they can 
> find specific users if Tor hide my IP?!!

Tor hides your IP address from the sites you're communicating with,
but not from your own ISP (for example), or from the Tor bridge or guard
node that you use.

In the original design of Tor there was absolutely no attempt to hide
who is using Tor, only what they are doing with it.  One idea was that
lots of people should use Tor for lots of things, so that it will be
hard to guess why a particular person uses Tor.

In the case of bridges for anticensorship, there is also some attempt
to hide who is using Tor (especially because of the idea that using
Tor can be forbidden or blocked in certain countries).  If a particular
bridge technology is unblocked, maybe the government doesn't know how
to detect it yet, so maybe they don't know who the Tor users who use
that technology are.  If a government is running the bridge, it will
know where the users are who are using that particular bridge.

-- 
Seth Schoen  <sch...@eff.org>
Senior Staff Technologist                      https://www.eff.org/
Electronic Frontier Foundation                  https://www.eff.org/join
815 Eddy Street, San Francisco, CA  94109      +1 415 436 9333 x107
-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk


   
-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

Re: [tor-talk] Please Remove Tor bridge and... from Censorship countries.

[Jason Long]

You said the governments can see a user bandwidth usage and it is so bad 
because they can understand a user use Tor for regular web surfing or use it 
for upload files and...  
You said governments can see users usages but not contents but how they can 
find specific users if Tor hide my IP?!!

On Sat, 11/5/16, Seth David Schoen <sch...@eff.org> wrote:

 Subject: Re: [tor-talk] Please Remove Tor bridge and... from Censorship 
countries.
 To: tor-talk@lists.torproject.org
 Date: Saturday, November 5, 2016, 11:36 PM
 
 Jason Long writes:
 
 > Hello Tor Developers and administrator.The
 Tor goal is provide Secure web surfing as free and Freedom
 but unfortunately some countries like Iran, China, North
 Korea and... Launch Tor bridges for spying on users and
 sniff their traffics and it is so bad and decrease Tor users
 and security. If Tor Project goal is Freedom and Anti
 Censorship then it must ban all bridges and Servers from
 those countries. Please consider it and do a serious
 job.
 
 Tor's
 approach to this issue is generally to look for
 ever-greater
 geographic diversity of
 servers.
 
 The Tor design
 assumes that there could be monitoring of servers in a
 particular network, but hopes that this
 won't be a big problem because
 most
 organizations monitoring Tor nodes can only see a part of
 the
 overall network.  In that case, they
 can hopefully only see a part of
 the path
 that a particular user's traffic takes, so they may not
 know
 where the user is and also whom the
 user is communicating with (though
 they
 might know one or the other).
 
 In this model, it's not necessarily bad to
 have nodes on networks that
 are hostile --
 because the people doing the monitoring get incomplete
 information.  At the same time, having nodes
 in many places can decrease
 how complete a
 picture any one network operator or government can get.
 For example, suppose that the U.S. government,
 the Chinese government,
 and the Iranian
 government are all trying to spy on Tor users whose
 traffic passes through their territory, but the
 governments don't directly
 cooperate
 with each other.  In that case, having a user use nodes in
 all
 3 jurisdictions is probably great for
 anonymity because each jurisdiction
 to some
 extent protects facts about the user's activity from the
 other
 jurisdictions, and it's hard for
 anyone to put the whole picture together.
 
 If people want to hide the
 fact that they're using Tor at all, and are
 using bridges for that reason, they probably
 should not use bridges
 inside their own
 country.  But those bridges could be useful to people
 in other countries who aren't trying to
 hide from the same adversary.
 
 If an exit node is unable to reach a lot of
 network resources because
 of censorship on
 the network where it's located, it should be possible
 to detect this through scanning and flag it as
 a BadExit so that clients
 will avoid using
 it in that role.
 
 There's still a problem when network
 operators pool their information or
 when
 governments can monitor networks outside of their own
 territory.
 This is a practical problem for
 path selection and also for assessing
 how
 much privacy Tor can actually provide against a particular
 adversary.
 For instance, if the U.K.
 government taps enough of the world's Internet
 links, or trades data about Tor users with
 other governments, it might
 be able to learn
 a lot about a high fraction of Tor users even if they
 don't use nodes that are in the U.K.  That
 could be hard to fix without
 adopting a
 different anonymity design or finding a way to prevent
 these
 taps and exchanges of data.
 
 People have been thinking
 about that kind of issue quite a bit, like in
 
 
https://www.nrl.navy.mil/itd/chacs/biblio/users-get-routed-traffic-correlation-tor-realistic-adversaries
 
 and other research projects,
 and to my mind the news isn't necessarily
 that good.  But the key point is that having
 nodes on an unfriendly
 network isn't
 necessarily bad in itself unless that network actually
 sees interesting data as a result (or actively
 disrupts traffic in a way
 that doesn't
 get blacklisted from clients' path selection).  And
 that can
 sometimes happen, but doesn't
 always have to happen, and people on other
 networks can still get a potential privacy or
 anticensorship benefit in
 the meantime.
 
 Notice that this argument
 doesn't depend on saying that what governments
 are doing is OK, or that they don't have
 ill will toward the Tor network
 or
 particular Tor users.  It also doesn't prove that
 governments will
 fail to monitor the
 network; there's a lot of uncertainty about how
 effective governments' capabilities in this
 area are.
 
 Finally,
 there's an issue about identifying which nodes are
 secretly
 run by the same organizations (or
 secretly monitored by the same
 organizations!) which fail to admit it.  This
 is a form of Sybil attack,
 where o

Re: [tor-talk] Please Remove Tor bridge and... from Censorship countries.

[Jason Long]

Any idea? 

On Wednesday, November 2, 2016 7:30 PM, Jason Long <hack3r...@yahoo.com> 
wrote:
 

 Hello Tor Developers and administrator.The Tor goal is provide Secure web 
surfing as free and Freedom but unfortunately some countries like Iran, China, 
North Korea and... Launch Tor bridges for spying on users and sniff their 
traffics and it is so bad and decrease Tor users and security. If Tor Project 
goal is Freedom and Anti Censorship then it must ban all bridges and Servers 
from those countries. Please consider it and do a serious job.

Thank you.

   
-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

[tor-talk] Please Remove Tor bridge and... from Censorship countries.

[Jason Long]

Hello Tor Developers and administrator.The Tor goal is provide Secure web 
surfing as free and Freedom but unfortunately some countries like Iran, China, 
North Korea and... Launch Tor bridges for spying on users and sniff their 
traffics and it is so bad and decrease Tor users and security. If Tor Project 
goal is Freedom and Anti Censorship then it must ban all bridges and Servers 
from those countries. Please consider it and do a serious job.

Thank you.
-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

Re: [tor-talk] Tor and forward email to Spam folder.

[Jason Long]

It is my problem and if webmail use mail server IP then why my email forwarded 
to Spam! 

On Sunday, October 30, 2016 6:19 PM, Ben Tasker  
wrote:
 

 So, it seems there are some differences which decide whether Google will 
include the client IP when using the web interface.
If you're using an "Apps for domain" account, the X-originating-ip header will 
be added every time, whether you use Webmail or the "Gmail" app on Android.
If you're using a @gmail.com address then it's not so consistent. I've not 
tracked down exactly what the difference are, but it adds it some of the time. 
Doesn't seem to be purely related to logging in from a new IP, could perhaps be 
related to the "reputation" of the IP you're connecting from? IPv4 vs IPv6 
doesn't make a difference as far as I can see. Presumably they only add it when 
they consider the connection is possibly a risk, otherwise you'd never add it 
(or always add it).
So the fuller answer, I guess, is "perhaps"
On Sun, Oct 30, 2016 at 1:21 PM, Ben Tasker  wrote:

That's not strictly true. 
Under various circumstances, when using webmail, google will add an additional 
header - X-Originating-IP - which contains the IP of the client (i.e. your 
browser) connected to the webmail interface.
Once upon a time, Hotmail used to do it to, though they moved to using a hashed 
version (and X-EIP as the header IIRC).
You won't see the webmail client in "received from" headers though.
On Sun, Oct 30, 2016 at 11:57 AM, Aeris  wrote:

> You wrong!!!
> Google can't reveal client IP. It is an email header, Can you tell me the IP
> address of sender?

It depends how you send your email.

If you use their webmail, your client IP is not send, because first sending
SMTP machine is a gmail one :
        Received: from imirhil.fr ([127.0.0.1]) Sun, 30 Oct 2016 11:44:18 +
(UTC)
        Received: from mail-it0-x229.google.com (mail-it0-x229.google.com
 [IPv6:2607:f8b0:4001:c0b:: 229])
        Received: by mail-it0-x229.google.com; Sun, 30 Oct 2016 04:43:55 -0700
(PDT)

If you use SMTP, your client IP is send because it’s the first sending SMTP
machine :
        Received: from imirhil.fr ([127.0.0.1]); Sun, 30 Oct 2016 11:45:00 +
(UTC)
        Received: from mail-wm0-x231.google.com (mail-wm0-x231.google.com
 [IPv6:2a00:1450:400c:c09:: 231]); Sun, 30 Oct 2016 11:44:40 + (UTC)
        Received: by mail-wm0-x231.google.com; Sun, 30 Oct 2016 04:44:40 -0700
(PDT)
        Received: from aeris.imirhil.fr ([***2001:41d0:fe85:b900::1*** ]); Sun, 
30
Oct 2016 04:44:38 -0700 (PDT)

This is why on my personal SMTP server, any client informations are dropped or
anonymized.
        /^\s*(Received: from)[^\n]*(.*)/ REPLACE $1 [127.0.0.1] (localhost
[127.0.0.1])$2
        /^\s*User-Agent:/        IGNORE
        /^\s*X-Enigmail:/        IGNORE
        /^\s*X-Mailer:/          IGNORE
        /^\s*X-Originating-IP:/  IGNORE


Regards,
--
Aeris
Individual crypto-terrorist group self-radicalized on the digital Internet
https://imirhil.fr/

Protect your privacy, encrypt your communications
GPG : EFB74277 ECE4E222
OTR : 5769616D 2D3DAC72
https://café-vie-privée.fr/
--
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/c gi-bin/mailman/listinfo/tor-ta lk





-- 
Ben Tasker
https://www.bentasker.co.uk





-- 
Ben Tasker
https://www.bentasker.co.uk



   
-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

Re: [tor-talk] Tor and forward email to Spam folder.

[Jason Long]

You wrong!!!
Google can't reveal client IP. It is an email header, Can you tell me the IP 
address of sender?

MIME-Version: 1.0
Received: by 10.103.2.209 with HTTP; Wed, 12 Oct 2016 12:02:10 -0700 (PDT)
In-Reply-To: 

References: 

Re: [tor-talk] Tor and forward email to Spam folder.

[Jason Long]

Thus google store my IP address? How can I see "X-Originating-Header"?



On Monday, October 24, 2016 3:57 PM, Ben Tasker <b...@bentasker.co.uk> wrote:
Gmail tends to add a header containing your client IP - X-Originating-Header

I've never looked to see whether any spam filters are set up to use it
though. If they were to, they'd see the IP of an exit node so might mark as
spam based on that.


On Mon, Oct 24, 2016 at 12:56 PM, Jason Long <hack3r...@yahoo.com> wrote:

> Hello.
> When I open my Gmail via Tor browser and send email them my Emails
> forwarded to Spam Folder why? I guess web mails never use clients IPs. Am I
> wrong?
>
> Thank you.
> --
> tor-talk mailing list - tor-talk@lists.torproject.org
> To unsubscribe or change other settings go to
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
>



-- 
Ben Tasker
https://www.bentasker.co.uk
-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

[tor-talk] Tor and forward email to Spam folder.

[Jason Long]

Hello.
When I open my Gmail via Tor browser and send email them my Emails forwarded to 
Spam Folder why? I guess web mails never use clients IPs. Am I wrong?

Thank you.
-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

Re: [tor-talk] tor and BlackBerry

[Jason Long]

BB devices made on Security and tor goal it is.



On Sunday, October 23, 2016 2:48 AM, Petrusko  wrote:
Yeah I'm agree too, it can be really helpful to have TBrowser available
for this OS...
But nothing found here... https://marketplace.firefox.com/



Joe Btfsplk :
> Wait - TBB won't run on FxOS?  So a modified Firefox won't run under
> Firefox OS?
> I've never checked into this, but assume there's a good reason?
>
> Is it going to matter if TBB won't run on FxOS?


-- 
Petrusko
PubKey EBE23AE5
C0BF 2184 4A77 4A18 90E9 F72C B3CA E665 EBE2 3AE5



-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

Re: [tor-talk] tor and BlackBerry

[Jason Long]

Not android? Then what os?

On Thu, 10/20/16, Joe Btfsplk <joebtfs...@gmx.com> wrote:

 Subject: Re: [tor-talk] tor and BlackBerry
 To: tor-talk@lists.torproject.org
 Date: Thursday, October 20, 2016, 7:09 PM
 
 On 10/20/2016 1:24 PM,
 Jason Long wrote:
 > Hello.
 > Tor developed for android but why not
 BlackBerry? BlackBerry devices based on security and why tor
 not developed for them?
 >
 I don't know the answer.  Maybe they
 developed for Android because there 
 are so
 many phones?  That reason alone doesn't mean it's a
 good idea.
 But doesn't it seem like
 using Android and trying to make it anonymous / 
 leakproof is starting with a huge
 disadvantage?
 
 If users
 really want anonymity, why start with Android (Google)?
 It seems like the same applies to using Gmail
 & complaining that it 
 doesn't work
 well with Tor Browser.  Why not use another provider - that
 
 *isn't* the world's most notorious,
 commercial privacy invader?
 
 Tor devs don't use Chrome in Tor Browser -
 for good reason.
 -- 
 tor-talk mailing list - tor-talk@lists.torproject.org
 To unsubscribe or change other settings go
 to
 https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
 
-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

Re: [tor-talk] tor and BlackBerry

[Jason Long]

Tor can run on firefox os?

On Fri, 10/21/16, Petrusko  wrote:

 Subject: Re: [tor-talk] tor and BlackBerry
 To: tor-talk@lists.torproject.org
 Date: Friday, October 21, 2016, 12:01 AM
 
 That's why a
 smartphone with Firefox OS (or Boot 2 Gecko now, by
 community) was my 1st choice... But sadly no
 way to use TBrowser as I
 wrote on another
 thread :(
 
 -Inline Attachment Follows-
 
 -- 
 tor-talk mailing
 list - tor-talk@lists.torproject.org
 To unsubscribe or change other settings go
 to
 https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
 
-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

[tor-talk] tor and BlackBerry

[Jason Long]

Hello.
Tor developed for android but why not BlackBerry? BlackBerry devices based on 
security and why tor not developed for them?

Thanks.
-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

Re: [tor-talk] I can't use Tor via "obfs3" or other methods.

[Jason Long]

Can "OONI" help us about finding a way? 


 On Monday, October 19, 2015 4:18 PM, Cubed <chasint...@emailcontrol.org> 
wrote:
   

 On Mon, 19 Oct 2015 00:05:49 +
isis <i...@torproject.org> wrote:


Aloha isis, 

Thanks for your input; you and I had the exact same thoughts on the
matter. I agree, it's odd, and I was wrong to assume the problem was a
hardware issue, ultimately. Some details that are relevant and were
left out of my original response: 

- Workstations, whether laptop of desktop (predominately laptops
  though), were all being used as Tails hosts. 
- The TBB, run in whatever nix flavor, and I even think weird OS's like
  Windows, was perfectly capable of running OBFS4 bridges. 

The workstations are not all physically in my reach and I have only
recently acquired a laptop that showed the problem. So once I was
finally able to control for the above variables, I found that, if
anything, it's a Tails-centric issue. 

The problem was replicatable on a variety of public and private
networks. Ultimately, I don't think the ISPs had anything to do with
it; it's not a censorship issue as far as I can tell. Based on where
it hangs, and the eventual work around I figured out, I think the
problem might have something to with building the initial Tor
directory. I almost feel like writing that as a question, to
communicate that I have not grokked the entire Tor circuit building
routine. 

But, in every case, OBFS3 bridges worked. So eventually I tossed in
one OBFS3 bridge along with a few OBFS4. Voila, Tor directory builds
off the OBFS3 bridge (as it appears in the logs and through viewing
the network map), and OBFS4 bridges are utilized immediately after.
Cancel the OBFS3 connection, and nothing changes; so the OBFS3 bridge
just needed to be there for the initial circuit building. 

And, if the Tails drive has persistence enabled with network
configuration saved, the problem seems to eventually stop altogether. 

Personally, I'm surprised practically no one else has reported similar
experiences (I follow the tails mailing list as well). It would seem to
me that Tails is doing something different than the TBB that results in
the bug. Which is plausible; Tails still uses Vidalia, which was
deprecated elsewhere a while back. Vidalia, in Tails, is basically a
hack that acts as an abstraction layer between the user and her torrc.
Also, while OBFS4 sounds like the latest version of OBFS, implying that
the two protocols are similar, 3 and 4 are actually quite different. 4
being closer to scramblesuit or something. 

Anyways, I've contributed the experience, I hope it saves someone an
hour or two and helps them gain a pint or three! I gotta get back to
figuring out how this baffling Windows registry works...

3



> Cubed transcribed 6.4K bytes:
> > On Wed, 30 Sep 2015 18:12:11 + (UTC)
> > Jason Long <hack3r...@yahoo.com> wrote:
> > 
> > 
> > First, sorry for the thread necromancy. Thought it was worth
> > responding too, though, since the OP didn't get much of an answer.
> > 
> > Second, hello Jason, I have been experimenting with various
> > configurations and OBFS3/4 compatibility. I first noticed problems
> > connecting to OBFS4 bridges while using Tails on an older ASUS
> > laptop. I thought it was an outlier until I found several other
> > laptop models that had similar issues with almost identical logs to
> > yours. 
> > 
> > I still don't know exactly what inhibits a network interface from
> > connecting to a bridge but do have some info that might help push
> > the issue forward and give you connectivity. Also, as you probably
> > inferred, I believe it has to do with the network device the laptop
> > or computer is using to connect. 
> > 
> > "iwlwifi" is a driver that has been part of debian stable for a long
> > time, AFAIK. This is the driver that a ton of laptops will assign to
> > the network interface. But on most newer lenovo's and some other
> > models, a different driver is used and with those laptops, OBFS4 and
> > sometimes OBFS3 will never connect. 
> > 
> > My troubleshooting steps have been as follows:
> > - Try connecting to OBFS4
> > - Try connecting to OBFS3
> > - Try both 3/4 but with only <obfs* {ip_address:port}
> > {fingerprint}>, and not including the cert, etc. 
> > - Try using a different interface like a USB wifi device, I've had
> >  positive results with most ralink chipsets.
> > - Try a direct ethernet connection.
> > 
> > I thought that the problem had something to do with how tails clones
> > are made but now I'm unconvinced this is a problem. If you connect
> > to tor via some other setup, these suggestions should help. 
> > 
> > In most of the configs I've worked on, ethernet h

Re: [tor-talk] I can't use Tor via "obfs3" or other methods.

[Jason Long]

I'm sure my Government blocked Tor.I use a PC and not Laptop. My motherboard 
model is "Asus B85 Plus". 


 On Sunday, October 18, 2015 1:31 AM, Cubed <chasint...@emailcontrol.org> 
wrote:
   

 On Wed, 30 Sep 2015 18:12:11 +0000 (UTC)
Jason Long <hack3r...@yahoo.com> wrote:


First, sorry for the thread necromancy. Thought it was worth responding
too, though, since the OP didn't get much of an answer.

Second, hello Jason, I have been experimenting with various
configurations and OBFS3/4 compatibility. I first noticed problems
connecting to OBFS4 bridges while using Tails on an older ASUS laptop.
I thought it was an outlier until I found several other laptop models
that had similar issues with almost identical logs to yours. 

I still don't know exactly what inhibits a network interface from
connecting to a bridge but do have some info that might help push the
issue forward and give you connectivity. Also, as you probably
inferred, I believe it has to do with the network device the laptop or
computer is using to connect. 

"iwlwifi" is a driver that has been part of debian stable for a long
time, AFAIK. This is the driver that a ton of laptops will assign to
the network interface. But on most newer lenovo's and some other
models, a different driver is used and with those laptops, OBFS4 and
sometimes OBFS3 will never connect. 

My troubleshooting steps have been as follows:
- Try connecting to OBFS4
- Try connecting to OBFS3
- Try both 3/4 but with only <obfs* {ip_address:port} {fingerprint}>,
  and not including the cert, etc. 
- Try using a different interface like a USB wifi device, I've had
  positive results with most ralink chipsets.
- Try a direct ethernet connection.

I thought that the problem had something to do with how tails clones
are made but now I'm unconvinced this is a problem. If you connect to
tor via some other setup, these suggestions should help. 

In most of the configs I've worked on, ethernet has provided me at
least OBFS3 connectivity. In another case, the user needed to include
at least 1 OBFS3 bridge and all the bridges would connect and work, but
if she used all OBFS4, tor directory would never download. 

Hope this helps.
three 

> Any tools exist that can help me for recognize my local network and
> help you for solve my problem?
> 
> 
> 
> On Wednesday, September 30, 2015 9:05 AM, isis <i...@torproject.org>
> wrote: Jason Long transcribed 7.1K bytes:
> > Isis Agora Lovecruft wrote:
> > > Hello Jason,
> > > 
> > > First, please try not to paste Bridge IP addresses and ports (i.e.
> > > "148.251.156.199:443") or Bridge fingerprints (i.e.
> > > "3BECEABD174AE41C5CCC17254A40DD24EC5372CD") into public
> > > communications channels. It's dangerous for you, because now
> > > people know which Bridges you are going to try to connect to when
> > > you start up Tor.  It's also potentially dangerous for other
> > > people, since there may be other people using these Bridges.
> > > Lastly, it's bad for the Bridges themselves, since they will
> > > likely now be blocked by several censors and will no longer work
> > > in those places.
> > > 
> > > To answer your question, it looks like your SSL connections are
> > > somehow dying. This could mean many things.  It could simply be
> > > that the router at your house/office/café/etc. is doing strange
> > > things.  Or, it might mean that someone somewhere is tampering
> > > with your connections.  Or it could mean something else entirely.
> > > 
> > > I would recommend that you email BridgeDB at
> > > mailto:brid...@torproject.org and request some new bridges.
> > > Perhaps try using obfs4 instead, if you can?
> >
> > Thank you so much and I didn't know this problem about Bridges. I
> > just copy Tor Log and nothing else :(.
> 
> No worries; it's not your fault at all.  I think we should be logging
> sensitive info at those levels anyway (see #17193). [0]
> 
> > I used all methods as I said and all of them have same problem :(.
> > "obfs4" , "fte" and...
> >
> > What is your idea? Can government blocking Tor?
> 
> Governments (and some other parties, like your network admin, your
> ISP, etc.) could certainly block Tor, including blocking Bridges.
> There are many ways that they could do this, some with various
> consequences (for that government/etc.). A simple example would be if
> your government only allowed traffic to http://cnn.com:80, and then
> block anything that doesn't look like plaintext HTTP of someone
> reading CNN articles.  Obviously, this would be ridiculous if a
> government did this, as pretty much all commerce, banking, online
> ed

Re: [tor-talk] I can't use Tor via "obfs3" or other methods.

[Jason Long]

Any tools exist that can help me for recognize my local network and help you 
for solve my problem?



On Wednesday, September 30, 2015 9:05 AM, isis <i...@torproject.org> wrote:
Jason Long transcribed 7.1K bytes:
> Isis Agora Lovecruft wrote:
> > Hello Jason,
> > 
> > First, please try not to paste Bridge IP addresses and ports (i.e.
> > "148.251.156.199:443") or Bridge fingerprints (i.e.
> > "3BECEABD174AE41C5CCC17254A40DD24EC5372CD") into public communications 
> > channels.
> > It's dangerous for you, because now people know which Bridges you are going 
> > to
> > try to connect to when you start up Tor.  It's also potentially dangerous 
> > for
> > other people, since there may be other people using these Bridges.  Lastly, 
> > it's
> > bad for the Bridges themselves, since they will likely now be blocked by 
> > several
> > censors and will no longer work in those places.
> > 
> > To answer your question, it looks like your SSL connections are somehow 
> > dying.
> > This could mean many things.  It could simply be that the router at your
> > house/office/café/etc. is doing strange things.  Or, it might mean that 
> > someone
> > somewhere is tampering with your connections.  Or it could mean something 
> > else
> > entirely.
> > 
> > I would recommend that you email BridgeDB at mailto:brid...@torproject.org 
> > and
> > request some new bridges.  Perhaps try using obfs4 instead, if you can?
>
> Thank you so much and I didn't know this problem about Bridges. I just copy
> Tor Log and nothing else :(.

No worries; it's not your fault at all.  I think we should be logging sensitive
info at those levels anyway (see #17193). [0]

> I used all methods as I said and all of them have same problem :(. "obfs4" ,
> "fte" and...
>
> What is your idea? Can government blocking Tor?

Governments (and some other parties, like your network admin, your ISP, etc.)
could certainly block Tor, including blocking Bridges.  There are many ways that
they could do this, some with various consequences (for that government/etc.).
A simple example would be if your government only allowed traffic to
http://cnn.com:80, and then block anything that doesn't look like plaintext HTTP
of someone reading CNN articles.  Obviously, this would be ridiculous if a
government did this, as pretty much all commerce, banking, online education, and
a million other things would completely stop.

However, without knowing more details about your specific situation, I can't
really determine if/how Tor is blocked for you.

[0]: https://bugs.torproject.org/17193


-- 
♥Ⓐ isis agora lovecruft
_
OpenPGP: 4096R/0A6A58A14B5946ABDE18E207A3ADB67A2CDB8B35
Current Keys: https://blog.patternsinthevoid.net/isis.txt

-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

Re: [tor-talk] I can't use Tor via "obfs3" or other methods.

[Jason Long]

Any idea?


On Tuesday, September 29, 2015 11:17 PM, Jason Long <hack3r...@yahoo.com> wrote:
Hello.
I can't use Tor via "obfs3" or other methods. I used Bridges too but not 
matter. What is your idea? my Tor log is :

09/29/2015 10:49:47.200 [NOTICE] DisableNetwork is set. Tor will not make or 
accept non-control network connections. Shutting down all existing connections. 
09/29/2015 10:50:02.500 [NOTICE] DisableNetwork is set. Tor will not make or 
accept non-control network connections. Shutting down all existing connections. 
09/29/2015 10:50:02.500 [NOTICE] DisableNetwork is set. Tor will not make or 
accept non-control network connections. Shutting down all existing connections. 
09/29/2015 10:50:02.500 [NOTICE] DisableNetwork is set. Tor will not make or 
accept non-control network connections. Shutting down all existing connections. 
09/29/2015 10:50:02.500 [NOTICE] Opening Socks listener on 127.0.0.1:9150 
09/29/2015 10:50:03.000 [NOTICE] Bootstrapped 5%: Connecting to directory 
server 
09/29/2015 10:50:03.200 [NOTICE] Bootstrapped 10%: Finishing handshake with 
directory server 
09/29/2015 10:55:07.000 [WARN] Problem bootstrapping. Stuck at 10%: Finishing 
handshake with directory server. (DONE; DONE; count 3; recommendation warn; 
host 3BECEABD174AE41C5CCC17254A40DD24EC5372CD at 148.251.156.199:443) 
09/29/2015 10:55:07.000 [WARN] 3 connections have failed: 
09/29/2015 10:55:07.000 [WARN]  2 connections died in state handshaking (Tor, 
v3 handshake) with SSL state SSL negotiation finished successfully in OPEN 
09/29/2015 10:55:07.000 [WARN]  1 connections died in state connect()ing with 
SSL state (No SSL object) 
09/29/2015 10:55:46.800 [NOTICE] Bootstrapped 15%: Establishing an encrypted 
directory connection 
09/29/2015 10:55:47.000 [NOTICE] Bootstrapped 20%: Asking for networkstatus 
consensus 
09/29/2015 10:55:48.400 [WARN] Problem bootstrapping. Stuck at 20%: Asking for 
networkstatus consensus. (No route to host; NOROUTE; count 4; recommendation 
warn; host 6E689CABD837ADE88A7179A4A9FD18EE73A00D2C at 133.236.115.222:100) 
09/29/2015 10:55:48.400 [WARN] 3 connections have failed: 
09/29/2015 10:55:48.400 [WARN]  2 connections died in state handshaking (Tor, 
v3 handshake) with SSL state SSL negotiation finished successfully in OPEN 
09/29/2015 10:55:48.400 [WARN]  1 connections died in state connect()ing with 
SSL state (No SSL object) 
09/29/2015 10:55:49.700 [NOTICE] new bridge descriptor 'puerta' (fresh): 
$3BECEABD174AE41C5CCC17254A40DD24EC5372CD~puerta at 148.251.156.199 
09/29/2015 10:55:49.700 [NOTICE] I learned some more directory information, but 
not enough to build a circuit: We have no usable consensus. 
09/29/2015 10:55:49.700 [NOTICE] Bootstrapped 25%: Loading networkstatus 
consensus 
09/29/2015 10:55:58.400 [WARN] Problem bootstrapping. Stuck at 25%: Loading 
networkstatus consensus. (No route to host; NOROUTE; count 5; recommendation 
warn; host 6E689CABD837ADE88A7179A4A9FD18EE73A00D2C at 133.236.115.222:100) 
09/29/2015 10:55:58.400 [WARN] 4 connections have failed: 
09/29/2015 10:55:58.400 [WARN]  2 connections died in state handshaking (Tor, 
v3 handshake) with SSL state SSL negotiation finished successfully in OPEN 
09/29/2015 10:55:58.400 [WARN]  2 connections died in state connect()ing with 
SSL state (No SSL object) 


I use Tor on Debian Jessie x64.

Thank you.
-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

Re: [tor-talk] I can't use Tor via "obfs3" or other methods.

[Jason Long]

Thank you so much and I didn't know this problem about Bridges. I just copy Tor 
Log and nothing else :(.
I used all methods as I said and all of them have same problem :(. "obfs4" , 
"fte" and...

What is your idea? Can government blocking Tor?



On Wednesday, September 30, 2015 4:03 PM, isis <i...@torproject.org> wrote:
Jason Long transcribed 3.4K bytes:
> 
> 
> Any idea?
> 
> 
> On Tuesday, September 29, 2015 11:17 PM, Jason Long <hack3r...@yahoo.com> 
> wrote:
> Hello.
> I can't use Tor via "obfs3" or other methods. I used Bridges too but not 
> matter. What is your idea? my Tor log is :
> 
> 09/29/2015 10:49:47.200 [NOTICE] DisableNetwork is set. Tor will not make or 
> accept non-control network connections. Shutting down all existing 
> connections. 
> 09/29/2015 10:50:02.500 [NOTICE] DisableNetwork is set. Tor will not make or 
> accept non-control network connections. Shutting down all existing 
> connections. 
> 09/29/2015 10:50:02.500 [NOTICE] DisableNetwork is set. Tor will not make or 
> accept non-control network connections. Shutting down all existing 
> connections. 
> 09/29/2015 10:50:02.500 [NOTICE] DisableNetwork is set. Tor will not make or 
> accept non-control network connections. Shutting down all existing 
> connections. 
> 09/29/2015 10:50:02.500 [NOTICE] Opening Socks listener on 127.0.0.1:9150 
> 09/29/2015 10:50:03.000 [NOTICE] Bootstrapped 5%: Connecting to directory 
> server 
> 09/29/2015 10:50:03.200 [NOTICE] Bootstrapped 10%: Finishing handshake with 
> directory server 
> 09/29/2015 10:55:07.000 [WARN] Problem bootstrapping. Stuck at 10%: Finishing 
> handshake with directory server. (DONE; DONE; count 3; recommendation warn; 
> host 3BECEABD174AE41C5CCC17254A40DD24EC5372CD at 148.251.156.199:443) 
> 09/29/2015 10:55:07.000 [WARN] 3 connections have failed: 
> 09/29/2015 10:55:07.000 [WARN]  2 connections died in state handshaking (Tor, 
> v3 handshake) with SSL state SSL negotiation finished successfully in OPEN 
> 09/29/2015 10:55:07.000 [WARN]  1 connections died in state connect()ing with 
> SSL state (No SSL object) 
> 09/29/2015 10:55:46.800 [NOTICE] Bootstrapped 15%: Establishing an encrypted 
> directory connection 
> 09/29/2015 10:55:47.000 [NOTICE] Bootstrapped 20%: Asking for networkstatus 
> consensus 
> 09/29/2015 10:55:48.400 [WARN] Problem bootstrapping. Stuck at 20%: Asking 
> for networkstatus consensus. (No route to host; NOROUTE; count 4; 
> recommendation warn; host 6E689CABD837ADE88A7179A4A9FD18EE73A00D2C at 
> 133.236.115.222:100) 
> 09/29/2015 10:55:48.400 [WARN] 3 connections have failed: 
> 09/29/2015 10:55:48.400 [WARN]  2 connections died in state handshaking (Tor, 
> v3 handshake) with SSL state SSL negotiation finished successfully in OPEN 
> 09/29/2015 10:55:48.400 [WARN]  1 connections died in state connect()ing with 
> SSL state (No SSL object) 
> 09/29/2015 10:55:49.700 [NOTICE] new bridge descriptor 'puerta' (fresh): 
> $3BECEABD174AE41C5CCC17254A40DD24EC5372CD~puerta at 148.251.156.199 
> 09/29/2015 10:55:49.700 [NOTICE] I learned some more directory information, 
> but not enough to build a circuit: We have no usable consensus. 
> 09/29/2015 10:55:49.700 [NOTICE] Bootstrapped 25%: Loading networkstatus 
> consensus 
> 09/29/2015 10:55:58.400 [WARN] Problem bootstrapping. Stuck at 25%: Loading 
> networkstatus consensus. (No route to host; NOROUTE; count 5; recommendation 
> warn; host 6E689CABD837ADE88A7179A4A9FD18EE73A00D2C at 133.236.115.222:100) 
> 09/29/2015 10:55:58.400 [WARN] 4 connections have failed: 
> 09/29/2015 10:55:58.400 [WARN]  2 connections died in state handshaking (Tor, 
> v3 handshake) with SSL state SSL negotiation finished successfully in OPEN 
> 09/29/2015 10:55:58.400 [WARN]  2 connections died in state connect()ing with 
> SSL state (No SSL object) 
> 
> 
> I use Tor on Debian Jessie x64.
> 
> Thank you.

Hello Jason,

First, please try not to paste Bridge IP addresses and ports (i.e.
"148.251.156.199:443") or Bridge fingerprints (i.e.
"3BECEABD174AE41C5CCC17254A40DD24EC5372CD") into public communications channels.
It's dangerous for you, because now people know which Bridges you are going to
try to connect to when you start up Tor.  It's also potentially dangerous for
other people, since there may be other people using these Bridges.  Lastly, it's
bad for the Bridges themselves, since they will likely now be blocked by several
censors and will no longer work in those places.

To answer your question, it looks like your SSL connections are somehow dying.
This could mean many things.  It could simply be that the router at your
house/office/café/etc. is doing strange things.  Or, it might mean that someone
som