Re: [tor-talk] Vidalia has been replaced with Tor Launcher

[Nathan Suchy]

I'm unsure, The New Identity function is critical, I think Tor Button has
it, but Network might be a deprecated function...


On Sat, Jan 25, 2014 at 8:33 AM, Katya Titov  wrote:

> TT Security:
> > 1. So "Network Map" and "New Identity" are absent now. When these
> > functions will be add to the TBB?
>
> Vidalia is now a stand-alone package. Details:
>
> https://www.torproject.org/docs/faq#WhereDidVidaliaGo
> --
> kat
> --
> tor-talk mailing list - tor-talk@lists.torproject.org
> To unsubscribe or change other settings go to
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
>



-- 
Nathan Suchy
m...@nsuchy.net
-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

Re: [tor-talk] Those Broken-Record Questions

[Nathan Suchy]

As an alternative to unsubscribing to the Tor Mailing Lists you can do a
few things:

If you use Gmail-
Go into your settings and create a filter to move all mail from the mailing
list to go to trash and be marked as read

If you run your own mail server-
You could use iptables to firewall the emails away.


On Sun, Jan 19, 2014 at 6:35 PM,  wrote:

> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA1
>
> How about people not wanting to receive [tor-talk] or [tor-relays] mailing
> list emails anymore? Apparently people need a hand with that.
>
> Cheers
>
> Ramo
>
>
>
> On Sun, Jan 19, 2014 at 08:32:07AM +, David wrote:
> > Hey everyone,
> >
> > I run a small tutorial website, and was looking into writing an article
> > to try and answer all those questions/criticisms that we all seem to
> > face almost daily when it comes to Tor. For example, "Tor is funded by
> > the government, so it must be backdoored", "exit-relays are all
> > malicious and always sniff your traffic, so dont use Tor", and the world
> > famous, "the NSA runs MILLIONS of relays!".
> >
> > I was just wondering if anyone had any input, i.e standard questions or
> > criticisms about Tor that you face regularly that you would like to see
> > answered in more places on the web.
> >
> > I should note that I'm not trying to dissuade healthy skepticism in
> > this. I'm simply hoping to increase the range of documentation on these
> > basic topics so that instead of someone having to ask and us having to
> > answer, they can just find a quick explanation online.
> >
> > Cheers!
> > -David
> > --
> > tor-talk mailing list - tor-talk@lists.torproject.org
> > To unsubscribe or change other settings go to
> > https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
> -BEGIN PGP SIGNATURE-
> Version: GnuPG v1.4.11 (GNU/Linux)
>
> iQEcBAEBAgAGBQJS3GFMAAoJEAXQWoW8lug/ZZQH/A6YrhGv9D92D9IeLuRz4kEC
> M/Y3tlqvttVMfqYh+6HLO4hmAZ6glL/1W1fz8dZYmD3H/F6aIXKkfjoubueHpsc4
> 6///yQegQzb/mEuBlKwmbuV1UwiEYIJ37/RvGrw2yQnf77WnPeWMZH5Wo6c6y+IC
> scUgOlROp7ExoS18TxEusWyQ+QWVS4DAOhU2SKD/rLArhsKNhE1Gp4x0tgD1wTpA
> x6qmaVsv8/YYpQcWSMKPkaFlZMn2OpSPa+uENVH+4RVF1yoLMaeoKD8Ttu4tH84Q
> MSx15PbAgBH72jTsSQrosFcsMl+1P7JjHSoAwB7c3xAVmVqF7AWFpLrlm1z/hDk=
> =8OBh
> -END PGP SIGNATURE-
> --
> tor-talk mailing list - tor-talk@lists.torproject.org
> To unsubscribe or change other settings go to
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
>



-- 
Nathan Suchy
m...@nsuchy.net
-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

Re: [tor-talk] giving up pseudonymity after collecting experiences with pseudonymous project development

[Nathan Suchy]

I only use anonymity when I don't want data to be stored about me. I trust
Google and this domain is hosted with Google Apps for Business (nsuchy.net).
I use TBB as my real incognito browser.
On Jan 18, 2014 8:26 AM, "Patrick Schleizer"  wrote:

> You may have noticed that I, previously known only known under the
> pseudonym adrelanos, decided to give up my pseudonymity. It was an
> interesting experience to pseudonymously maintain a Linux distribution
> (Whonix). I've learned a lot during these ~ 2 years.
>
> I didn't have too bad luck in the lottery of life and are won a
> citizenship, which is at low risk compared to less lucky ones. Living in
> a country, where pseudonymity for this kind of activity isn't crucial.
> Fortunately, according to latest press, neither the US nor Germany are
> killing their own citizen for criticizing "the system". That is, the
> mass surveillance police state, the military industrial complex, the
> system of economy, that needs exponential growth to prevent imploding.
> And so it doesn't become even worse, and better for the less lucky ones,
> it is important to speak out in public and to take action.
>
> Staying pseudonymous for such a long time became more and more a burden.
> For me, it is not healthy for psychology. When pseudonymously working a
> a project, you cannot tell anyone about it and they're wondering with
> what you never tell much. You need to constantly second guess every tiny
> action. Concentrate on not messing up. Also you'll never know if you
> already messed up and if "they" already know who you are. You only need
> to mess up once, and you're always linked to that project. Lucky me, I
> wasn't forced to stay pseudonymous for ever.
>
> I am looking forward to continue contributing to the awesome Free (as in
> freedom) Software community. Being no longer pseudonymous allows me to
> speak at conferences, to attend key singing parties, to meet up with
> other developers, to voice chat with other developers, to chat on IRC
> without fear of leaking too much information, to be less paranoid,
> sometimes even running searches in clearnet if that is more convenient,
> and so forth.
> --
> tor-talk mailing list - tor-talk@lists.torproject.org
> To unsubscribe or change other settings go to
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
>
-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

Re: [tor-talk] [IDEA] Google App Engine, Tor Hidden Service Viewer

[Nathan Suchy]

If I got a complaint I would address it with Google.
On Jan 13, 2014 12:56 PM, "Seth David Schoen"  wrote:

> Nathan Suchy writes:
>
> > Explain what you mean by reach your mirrored and why would I get a
> > complaint for proxy service? I already do this and many others do too
> with
> > ease. Google protects it's members.
>
> You might have a different experience with a web-to-web proxy and a
> web-to-Tor-hidden-services proxy.  The first allows people to reach
> things that they already could with their web browser (unless they
> have a censored connection), maybe with a little more anonymity from
> their local network and less anonymity from you and Google.  The
> second allows people to reach things that they would otherwise only
> have been able to reach with Tor Browser.
>
> Tor2web also allows linking to and spidering of hidden service sites,
> which you might or might not intend to allow.  In that configuration,
> it's hard for some people to understand that the proxy isn't actually
> hosting the hidden sites.  They don't realize that it's a proxy to
> something that exists elsewhere.
>
> --
> Seth Schoen  
> Senior Staff Technologist   https://www.eff.org/
> Electronic Frontier Foundation  https://www.eff.org/join
> 815 Eddy Street, San Francisco, CA  94109   +1 415 436 9333 x107
> --
> tor-talk mailing list - tor-talk@lists.torproject.org
> To unsubscribe or change other settings go to
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
>
-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

Re: [tor-talk] [IDEA] Google App Engine, Tor Hidden Service Viewer

[Nathan Suchy]

I'm not saying it's secure enough for illegal activity but it could
download a couple of pirated ebooks or whatever people want. Just keep a
Java Back end. Yeah there would be logs. Not anonymous or secure but eh
it's so useful.
On Jan 13, 2014 10:11 AM, "Fabio Pietrosanti (naif)" 
wrote:

> Il 1/13/14, 4:17 PM, Nathan Suchy ha scritto:
> > Explain what you mean by reach your mirrored and why would I get a
> > complaint for proxy service? I already do this and many others do too
> with
> > ease. Google protects it's members.
> Some comments on this idea:
>
> * It's not possible to prevent Google from logging the access to the Tor
> Hidden Service and to provide those access logs following an authorized
> request from a governmental agencies, thus possibly exposing
>
> * It's not possible to configure the SSL/TLS Ciphers of Google App
> Engine, so the connection could not have Perfect Forward Secrecy
>
> * Google App Engine does not let you have an always-on process server
> side, enforcing a maximum execution time (last time i checked, some
> years ago, it was 30 seconds) . Tor connection process keep some time in
> order download the descriptors, connect. So it may create some
> additional load over Tor network by the need to connect and disconnect
> to the Tor network and does some Guard/Directory traffic.
>
> So i'd consider to be careful in which kind of "use case" are defined
> for such kind of project, especially when compared to Tor2web
>
> --
> Fabio Pietrosanti (naif)
> HERMES - Center for Transparency and Digital Human Rights
> http://logioshermes.org - http://globaleaks.org - http://tor2web.org
>
> --
> tor-talk mailing list - tor-talk@lists.torproject.org
> To unsubscribe or change other settings go to
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
>
-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

Re: [tor-talk] [IDEA] Google App Engine, Tor Hidden Service Viewer

[Nathan Suchy]

Explain what you mean by reach your mirrored and why would I get a
complaint for proxy service? I already do this and many others do too with
ease. Google protects it's members.
On Jan 12, 2014 8:41 PM, "Roger Dingledine"  wrote:

> On Sun, Jan 12, 2014 at 08:00:46PM -0500, Nathan Suchy wrote:
> > Hello,
> >
> > I just had the greatest idea that came into my head. There is a Tor
> > implentation of Tor called JTor written in Java, and Google App Engine
> > offers Free to Low Cost Application Hosting. Why not use JTor and modify
> it
> > as Java Backend to connect to Tor Hidden Services and combine it with the
> > Mirrorrr <https://github.com/bslatkin/mirrorrr> (through a modified
> version
> > of Jython). It would allow people to view Tor Hidden Services from a
> > standard web browser with a limited amount of anonymity. What do you guys
> > think of this project? I'm going to learn Java and this is going to be my
> > project. "JTHSV" (Java Tor Hidden Service Viewer). I'm not a programmer
> yet
> > but is this project do-able?
>
> Sounds like it would work.
>
> But I also suspect that somebody will eventually get upset at some
> content that somebody tries to reach through your mirrorrr, and I bet
> Google App Engine will be pleased to shut you off at the first complaint.
>
> See http://tor2web.org/ for a project that already does all of this
> (though not with Java and not with Google App Engine). You should learn
> about their work building a community of people willing to host the
> tor2web proxies.
>
> --Roger
>
> --
> tor-talk mailing list - tor-talk@lists.torproject.org
> To unsubscribe or change other settings go to
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
>
-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

[tor-talk] [IDEA] Google App Engine, Tor Hidden Service Viewer

[Nathan Suchy]

Hello,

I just had the greatest idea that came into my head. There is a Tor
implentation of Tor called JTor written in Java, and Google App Engine
offers Free to Low Cost Application Hosting. Why not use JTor and modify it
as Java Backend to connect to Tor Hidden Services and combine it with the
Mirrorrr  (through a modified version
of Jython). It would allow people to view Tor Hidden Services from a
standard web browser with a limited amount of anonymity. What do you guys
think of this project? I'm going to learn Java and this is going to be my
project. "JTHSV" (Java Tor Hidden Service Viewer). I'm not a programmer yet
but is this project do-able?
-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

Re: [tor-talk] Greypony.org - Need Help

[Nathan Suchy]

How about this:

Please paste the following without the quotes into key.pgp or what:
"
--Start PGP Key--
*
10 lines of random junk
*
"
Would that work?

Sent from my Android so do not expect a fast, long, or perfect response...
On Sep 23, 2013 6:51 PM, "adrelanos"  wrote:

> Rock:
> I've attached my key.
>
> Looks like the mailing list software scrubbed it.
> --
> tor-talk mailing list - tor-talk@lists.torproject.org
> To unsusbscribe or change other settings go to
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
>
-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsusbscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

Re: [tor-talk] development interests

[Nathan Suchy]

This thread is soo confusing with 3 different conversations :D

Sent from my Android so do not expect a fast, long, or perfect response...
On Sep 26, 2013 11:26 AM, "Eugen Leitl"  wrote:

> On Thu, Sep 26, 2013 at 10:29:14AM -0400, David Green wrote:
>
> > Upgrading to Leopard (10.5) has always been an option for myself, but I
> > invariably find, with minor work, upgrading is never required -- and yes,
> > IMHO, I have never been insecure or threatened in any IT way.
>
> I run the system headless just for server (fax, mail, etc)
> purposes, and I doubt Tor itself gives extra attack surface
> to be remotely exploited. Putting into DMZ would be a good
> idea, so at least the soft white underbelly of your LAN
> doesn't get clawed.
>
> Arguably, some systems considered obscure today
> (Alpha, SPARC, PowerPC) add additional work for the
> adversary, though no doubt the spooks have enough
> exploit/shellcode libraries for such "obsolete" systems.
> --
> tor-talk mailing list - tor-talk@lists.torproject.org
> To unsusbscribe or change other settings go to
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
>
-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsusbscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

Re: [tor-talk] development interests

[Nathan Suchy]

Wow are you guys really going to argue over what operating system or
version the guy uses? He just wants help getting Tor to work on his old
operating system. Personally I think Tor should work on Windows 95+
Computers and should be kept light weight as possible... Also sorry to hear
about your head injury that must be hard to deal with :'(

Sent from my Android so do not expect a fast, long, or perfect response...
On Sep 26, 2013 1:22 AM, "scarp"  wrote:

> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA512
>
> David Green:
> > Hello, I am an Ex 'low-level' programmer (assembler, C and C++) of
> > many years back -- well, nothing amazing -- officially some ~13
> > years ago, due to a head injury.
> >
>
> Then you should be able to figure it out yourself. You probably won't
> get much help here as MacOSX Tiger users represent such a small market
> share.
>
> Given that Apple don't spend any time on it the tools used to build
> Tor probably won't either. It might work in theory, but don't expect
> support. That is why it is called an "unsupported" operating system.
>
> I'd rather not see the Tor Project or anyone else waste time with
> unsupported operating systems. There are better things you could be
> doing with your time.
>
> If you need anonymity then you also need security. Using a system that
> has outstanding/unknown unresolved CVEs doesn't sound like a good idea
> if you want to keep your anonymity.
>
> If you want to be particularly conservative about updates your best
> bet is to use something like RHEL/Centos or Debian. Those usually have
> a life cycle of around 10 years.
>
> At the end of this year or so RHEL/Centos 7 will be out and that will
> be probably supported until 2030 or thereabouts.
>
> - --
> scarp | A4F7 25DB 2529 CB1A 605B  3CB4 5DA0 4859 0FD4 B313
> -BEGIN PGP SIGNATURE-
>
> iQIcBAEBCgAGBQJSQ8R0AAoJEF2gSFkP1LMTpvgP/irdHQM4MesZ5dhwx6rlJzf5
> eltcYgCBc7iPLw7/sf1BXWHFpZWmeUY2bN6HoKPt/yQgjkURNcjTv7GP4/v1GpWl
> UfRFczqW7MAAoX4j9c8TRFR1F5iV6Q3eZnjYSIyoGaL1Lo4KC7tG6bp9jmsbooqt
> w/WyVKG5q6/dHFc8v+o+6bQpSqETZl4E+Qy0In+m22y+H1nR3P08Du+GQo4JkREe
> sw2dhJGz15e7bHUzIDjI+8xgko4vMTGa46454ClLo1ZGkYzYgTTAZ2Rf31ctmz7Z
> 6gbVipbajfjZyXnxQTN0q5oPZeoSFs1boEHWqEFstGPhHSMbz0PJN40rb0qVfl5M
> ztcZ/AkgNdJpK7GuLoOtON+KD/YUrm96qnFHs6kRPhOCBuG+bT36+6FvEb1049aS
> n5MW/VFaxrBwi1M35p5p4tLB23AxMEpQWlW5/Q1ARFim7qJY5TVv9TWnNE1zEOR6
> PldX8ieDtV5RMMllMgWYYuwlfebDr0XKc9GWIctuIO5OFGZRF2JLvLLLHvWx6YaD
> OtyH3LtOa717BW80k83lvFDiuRLT9UpCgVDU7hSNUtbMpisLir07Du2Hn8gNxcdU
> SMiuZltw1vFaolcrIaKeXisFqKjj5wLotMd8aJii4J1E3Y7b+awL1y/Ctmxt9fzg
> KqrQCeAwavmoUz1nEPPq
> =7/mD
> -END PGP SIGNATURE-
> --
> tor-talk mailing list - tor-talk@lists.torproject.org
> To unsusbscribe or change other settings go to
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
>
-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsusbscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

Re: [tor-talk] (no subject)

[Nathan Suchy]

Yes. You can download the Tor browser bundle which works fine on all major
linux distributions...

Sent from my Android so do not expect a fast, long, or perfect response...
On Sep 25, 2013 4:31 PM, "Robert K"  wrote:
>
> Does the tor project properly work on a Ubuntu operating system. I watched
> the video below and it looks like it would work well, but I figure I
> should ask here first anyway.
>
> http://www.youtube.com/watch?v=I1z2K1Izur4
>
> I have a ASUS 1015E-DS03 with Ubuntu if it matters.
> --
> tor-talk mailing list - tor-talk@lists.torproject.org
> To unsusbscribe or change other settings go to
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsusbscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

[tor-talk] I want Pie!!!

[Nathan Suchy]

Alright I want all Tor Users who own a Raspberry Pie and are able to port
forward to run Tor Relays. I'm setting mine up soon to do this and it'll
run 24/7 :-)

Now I'm hungry for Pie, I'd also take chocolate cake :-D
-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsusbscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

Re: [tor-talk] Increasing TOR Users.

[Nathan Suchy]

Latest version fixs a lot of problems...

Sent from my Android so do not expect a fast, long, or perfect response...
On Sep 23, 2013 5:32 AM, "Norman Rieß"  wrote:

> Am 23.09.2013 11:17, schrieb Maimun Rizal:
> > Dear All,
> >
> > I just surprised,
> > just a view minutes ago, I read TOR user statistic. and i found, TOR
> > users are increasing madly. On July, when i did VoIP experiment on TOR
> > network, at that time, TOR users was around 50 users, but now more
> > than 4 million.
> >
> > who can explain this? what happen with TOR network? is it botnet attacks?
> > next week, I plan to make another VoIP experiment, I will analyze effect
> > of increasing tor users to Quality of Service VoIP call.
> >
> > I am looking forward to hear from you all.
> >
> > Thanks,
> >
> > Best Regards,
> >
> > MR
>
> Please read the last 2 months messages on this list.
> It seems to be a botnet using tor to connect to the c&c server.
> Please update to the latest tor version to avoid problems.
>
> Norman
> --
> tor-talk mailing list - tor-talk@lists.torproject.org
> To unsusbscribe or change other settings go to
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
>
-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsusbscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

Re: [tor-talk] Is this a problem?

[Nathan Suchy]

Most likely the result of the botnet attack. Tor is fine just retry to
connect...

Sent from my Android so do not expect a fast, long, or perfect response...
On Sep 18, 2013 10:54 AM, "Torop"  wrote:

> Sep 18 09:57:03.620 [Notice] Tor v0.2.4.17-rc (git-00fb525b23cf070f)
> running on Windows 7 with Libevent 2.0.21-stable and OpenSSL 1.0.0k.
> [snip]
> Sep 18 09:57:07.880 [Notice] Bootstrapped 100%: Done.
> Sep 18 09:57:09.846 [Warning] Your Guard safdef ($**
> 09C0E63BD41FE86A31CB3FB27C4D54**F7D49A1F7C) is failing a very large
> amount of circuits. Most likely this means the Tor network is overloaded,
> but it could also mean an attack against you or potentially the guard
> itself. Success counts are 76/170. Use counts are 11/11. 78 circuits
> completed, 0 were unusable, 2 collapsed, and 2 timed out. For reference,
> your timeout cutoff is 361 seconds.
> Sep 18 09:57:25.774 [Warning] Your Guard torpidsDEmyloc ($**
> 1FFC29F7BDB710119F47AF932C60A2**AFBCA8A9E4) is failing a very large
> amount of circuits. Most likely this means the Tor network is overloaded,
> but it could also mean an attack against you or potentially the guard
> itself. Success counts are 100/247. Use counts are 12/12. 101 circuits
> completed, 0 were unusable, 1 collapsed, and 0 timed out. For reference,
> your timeout cutoff is 297 seconds.
> --
> tor-talk mailing list - tor-talk@lists.torproject.org
> To unsusbscribe or change other settings go to
> https://lists.torproject.org/**cgi-bin/mailman/listinfo/tor-**talk
>
-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsusbscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

Re: [tor-talk] Media: VICE Magazine about "the Darknet"

[Nathan Suchy]

This is interesting. I wish I could read it but it's not in English :((


On Tue, Sep 17, 2013 at 3:54 PM, Adrian Crenshaw wrote:

> Nice, thanks. I like Vice's min-documentaries.
>
> Adrian
>
>
> On Tue, Sep 17, 2013 at 2:04 PM, Moritz Bartl 
> wrote:
>
> > http://motherboard.vice.com/de/blog/eine-dokumentation-ueber-das-darknet
> >
> > Featuring Karsten Nohl an me. They cut some of my most important
> > sentences, but all in all the thing is okay.
> >
> > --
> > Moritz Bartl
> > https://www.torservers.net/
> >
> >
> > --
> > tor-talk mailing list - tor-talk@lists.torproject.org
> > To unsusbscribe or change other settings go to
> > https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
> >
>
>
>
> --
> "The ability to quote is a serviceable substitute for wit." ~ W. Somerset
> Maugham
> "The ability to Google can be a serviceable substitute for technical
> knowledge." ~ Adrian D. Crenshaw
> --
> tor-talk mailing list - tor-talk@lists.torproject.org
> To unsusbscribe or change other settings go to
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
>



-- 
Nathan Suchy
If this email was not intended for you delete it and any copies you have of
it. The email was intended for "FirstName LastName". Information in this
email may be confidential and releasing it may be a violation of US law.
-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsusbscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

Re: [tor-talk] Help with getting a good automated sign up script for an email service on TOR

[Nathan Suchy]

You should send email from a separate server in a different location and
have legal protection. Keep it in a Europe country that would help...

Sent from my Android so do not expect a fast, long, or perfect response...
On Sep 17, 2013 5:45 PM, "Conrad Rockenhaus"  wrote:

> Nathan,
>
> That's exactly what I'm doing with this project.
>
> Internet<>MTAs(Just running Postfix with ABSOLUTELY no logging) also
> running TOR as a (client only)<-->Data Server(Running as Hidden Service
> only, no logging)<->TOR End User
>
> Basically, to the normal Internet, it will just be a plain jane email
> address that is coming from a plain jane MTA.  The MTAs will not know the
> IP address of the data servers because they will only deliver the email via
> TORified SMTP to the data server.
>
> Of course, standard SPAM limiting measures will be in place (limits on
> number of addressees in a message, limits on how many messages can be sent
> per minute, per hour, etc.)
>
> Now I've got the MTAs, I'm just perfecting the configuration and trying to
> figure out a good domain name to use for the service (I would rather not
> use networks.rockenhaus.com, which is the placeholder for now.)  I also
> need to come up with a secondary domain name in case people start blocking
> emails from the domain.
>
> I'm funding the initial proof of concept.  What I'll be asking for is
> either a honor system payment (so those who can't afford to pay can still
> use the service) or a donation based model, and also try to fund the
> service with tor based web hosting (which I doubt will bring in any needed
> cash) and ask for donations of bandwidth and servers.
>
> The primary main objective, heh, is to ensure a failsafe system to provide
> freedom of expression, freedom of government intrusion, and freedom of
> ensuring access to an experimental anonymous email system that won't turn
> over anything on it's servers, as if authorities seize MTAs, they won't
> find any evidence on there, and if they seize a data server, there's
> another data server standing by to automatically fail over (not putting the
> eggs in one basket like tormail.)  The only lines of compromise are
> sniffing the traffic in the MTAs, most TOR users are capable of utilizing
> encryption for their emails anyway.
>
> Sorry for the long response.  I just wanted to paint a picture of how it
> would work.
>
> Now, for those who are curious about a guy who appeared out of no where and
> started building this - I've been lurking for a while, and I didn't want to
> say anything until I had the resources to build this.  If you want further
> information about me please feel free to contact me and I'll let you know
> who I am and why I am very pro free speech and pro tor, even when it's used
> to personally attack me.
>
> Thanks,
>
> Rock
>
>
> On Tue, Sep 17, 2013 at 3:51 PM, Nathan Suchy <
> theusernameiwantista...@gmail.com> wrote:
>
> > If your willing to use a few servers one could be a Tor Node and one
> could
> > be an Email Relay which seemed normal and custom code your project..
> >
> > Sent from my Android so do not expect a fast, long, or perfect
> response...
> > On Sep 17, 2013 10:26 AM, "Conrad Rockenhaus" 
> > wrote:
> >
> > > Thanks. The service that I'm starting up is connecting to external mtas
> > > that aren't tor exit nodes.  So basically, the way tormail was set up
> to
> > a
> > > degree. Starting out small until so I can prove the viability so people
> > > will start using and hopefully donating either bandwidth or etc to keep
> > it
> > > alive.
> > >
> > > There's going to be one major difference between this project and
> tormail
> > > though - the data/web backend won't be in one place. More on that
> later,
> > > I'm trying to get the proof of concept off the ground.
> > >
> > > -Rock
> > > On Sep 17, 2013 10:11 AM, "Harold Naparst" 
> wrote:
> > >
> > > > > http://eq4xhu6y7nmemcb2.onion/squirrelmail
> > > >
> > > > > is almost online.  Working out some kinks and need to get the
> bigger
> > > MTAs
> > > > > set up.  However, I need to find a good automated sign up script
> > > because
> > > > I
> > > > > don't feel like coding one.  Anyone know of a good one?  I've tried
> > the
> > > > > Google and came up empty handed.
> > > >
> > > > Rock, you can check out mine:  http:

Re: [tor-talk] Help with getting a good automated sign up script for an email service on TOR

[Nathan Suchy]

If your willing to use a few servers one could be a Tor Node and one could
be an Email Relay which seemed normal and custom code your project..

Sent from my Android so do not expect a fast, long, or perfect response...
On Sep 17, 2013 10:26 AM, "Conrad Rockenhaus"  wrote:

> Thanks. The service that I'm starting up is connecting to external mtas
> that aren't tor exit nodes.  So basically, the way tormail was set up to a
> degree. Starting out small until so I can prove the viability so people
> will start using and hopefully donating either bandwidth or etc to keep it
> alive.
>
> There's going to be one major difference between this project and tormail
> though - the data/web backend won't be in one place. More on that later,
> I'm trying to get the proof of concept off the ground.
>
> -Rock
> On Sep 17, 2013 10:11 AM, "Harold Naparst"  wrote:
>
> > > http://eq4xhu6y7nmemcb2.onion/squirrelmail
> >
> > > is almost online.  Working out some kinks and need to get the bigger
> MTAs
> > > set up.  However, I need to find a good automated sign up script
> because
> > I
> > > don't feel like coding one.  Anyone know of a good one?  I've tried the
> > > Google and came up empty handed.
> >
> > Rock, you can check out mine:  http://secmailmzz5xe4do.onion
> >
> > I haven't had time to add a CAPTCHA yet, because I'm more interested in
> > working on getting mail sent to non-onion sites to use the tor network
> > without leaking DNS and so on.  The registration script depends on how
> you
> > are storing your login information, and there are a lot of ways to do
> that.
> >  I'm using vpopmail, and I hacked vqregister, which is mentioned in the
> > squirrelmail plugins page.  Vqregister is truly horrible, and I had to
> hack
> > it pretty badly to get it to work.  If you want it, though, you can have
> > it.  But probably you're using something else (like
> postfix/postfixadmin),
> > and so the architecture won't work for you.
> >
> > This hidden mail service will probably only be useful for mail to other
> > .onion sites, because most large e-mail providers block e-mail from tor
> > exit nodes, as I found out during testing.
> >
> > Harold
> > --
> > tor-talk mailing list - tor-talk@lists.torproject.org
> > To unsusbscribe or change other settings go to
> > https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
> >
> --
> tor-talk mailing list - tor-talk@lists.torproject.org
> To unsusbscribe or change other settings go to
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
>
-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsusbscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

Re: [tor-talk] Torrenting

[Nathan Suchy]

Why abuse a Tor for Torrents? Just pay $5 for a VPN...

On 9/17/13, grarpamp  wrote:
> Some Russian torrent indexes are beginning to appear as onions,
> link to TPO/TBB, etc. No doubt due to recent laws there.
> --
> tor-talk mailing list - tor-talk@lists.torproject.org
> To unsusbscribe or change other settings go to
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
>


-- 
Nathan Suchy
If this email was not intended for you delete it and any copies you have of
it. The email was intended for "FirstName LastName". Information in this
email may be confidential and releasing it may be a violation of US law.
-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsusbscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

Re: [tor-talk] Your computer is too slow...

[Nathan Suchy]

gNkT8+BAAoAXBqu4/O2Cs5FSWWZpzgScNEgq7
> uHhOKeYmRfgKlOUPoYlPB1DBqdOAXSKb9OvsmyOvpoGnqijB7aAJBoyQYW/OCQgd
> U8L4eTCf4yRZnfFLdgskcPfN1p0Rs/yinGEooBJFtYa7mT6J0UTW2JjCLZK2AFCW
> oF+KBu5JICXGBXigb2ZbX1jWjxP5H1RidQw6HF5z4z34SjLWAOOeZ8B/Xfz6Fs0s
> IAuLu2O4HE4DI8Qu196LhSVHHgr3uMTkvN1t5nKwyjrRQztwXXk9qIomII3ydNYb
> BYAGdWNNMfLb1kmDwC5wQHAFvSP1aiMF3aKAY+gl2wXSGO6JqM0SteJS3dytIljI
> kzu0atc9HuGs/HDQgdmpAS4WU2YefEr/WieltSiAKlwuC+3wg+CONJ6TE1vgNDU/
> axerttb0jq7UQb/nAp05bsrB7XH1Vs+1ON9lUPEfWRmwQcrVK5JUrUWa/4tA/UeM
> XvFcPFtFluGTlLewgJIqcvjPXFwpbDZprXJsMkwew/A6B6n3+0sbgf7p3QSGkVbi
> dwQAymTbHdYqLnbcnKZhjto3Wjw1J5QB2wuiRYlpjV3i7AWTGlqoSTOWCCV+HamQ
> qeFYNYAWNFx3+J/oi7xDi8t9bHVNA205equ+y2sj3G5uGJ6LSHQ8AXp9uOipUUvU
> 1MJN0yLXr9PIwvi5Ag0EUfv3swEQAL0+MnxHGrTjSYdfdua4SBpmytDONM1EngeY
> s+WyaC/760MughKbaysI/nK2LB1vnwEY7f3NM4fxBx8u2T7VBm6Ez6Fs23Bb8Rkz
> f97bPSdxCmg64GPHfLA9uwTIXcYS+MpI86WOf6eWY0rRpf7Y9Nl7YoUNvzOyUPqc
> ggdcnHce8zYv7A/WS8flZDm8tVFPsHrQDEwNMws7ZhiNnHkeZeRJrvCuB7oEVich
> O/ROYoA5o6NozWYQbjxe1f6Yur4Q10qgVcxVnyLFJSbg6vZSzL7KYh3Z5iBOzPHt
> 7cwEDrW8W4Kl2Qj8rhJ4Wxs94CAtua7IXK44sVZWQbyHcOXRikgGMZKkEZzVCQa5
> KD1u1ZrcBCyuMAir0hsmS3jhCUwpiE2c3SRk8O8CgixhTcBk0X/k9ZFu3Hbi1JMB
> FLzs/Nq3tYAYvVivhPloSxmYBPsafYHCZM83yBNNsralXh5zjB+di90G+AMXt2PN
> LTcdovZuWtC0s8/jrx+zv/AA4FAGYU9OVl+YL9ybFX8gSdMEcixyzQcKfiFBjpWv
> 5iFrwIuDlaXMcheyrhc9aGOxfx44OXc505+VjO/1Q/8EOWlJ6UwOi6GMkj5T+RFJ
> MDyP0UixS7dt6wTuD5t6PRuyWWxZswgrbL9hjwGFr154Z19TWeNWc23pWtUvQJos
> UCxl2nFHABEBAAGJBD4EGAECAAkFAlH797MCGy4CKQkQhN8ffmrgNkTBXSAEGQEC
> AAYFAlH797MACgkQJEPd69lQ0evA+Q/+M7lSFlrQWiRsFqDjh+kTJc+0OEBCvnfo
> N2KPyXXbfc//qup55PfEygE6C60zvrlv3WE33GZ5GS5MLuDMP82b+a5Yt16NQU7L
> WtAg1g0S0BvazW+28TgnfO8bhbGaFeE9ccw3xLmlbwZQ3f3LtMKdwFIROiG6hvAs
> 9U54QYti3tv9DowRYYWpdr0Ga8RqeGNtCKc0v2opy51MpzKWjwUW0i3XlSlyY8Lj
> 1KT8PyznNPw32nYpmDizz+0OUJNnn/kT+GnFoR3DJnFosTOrnxFJp+N+nejMp/gW
> r9NM0/E7H+P53IiytBOt5/0vsOaCFGdYGhKEjmJi3dHS4Xk1ObD1mjdD1YDOlWWU
> 3Md6BDHd4W7Q8gT7oQfTIMLd3HzV+WNPIdocPLBaeA/tRD8Pg5CCmncAmSub4F5T
> An7FlnACtSOv3cIWQ0TymS42DihDaJ5d1RvNzKw+zHYdPvf471JFZR3TDhkPbLIr
> 9czR7kbpnXRwchgwXQn306NVWf37TgA8wpbnFTazZ38iOeqcb9oKprqnbgEdr3PN
> OhKSlMTkzAqf3MEi2Fyua4BADMhS3oBwCRgDTlt6wquEytpNSlZaHnyiyIgOpekF
> Uy5K3w8NhHqeifRPrNb/UcCbXtXz+puqIEZHMenpv6FRlTTKpdoHoVXSkp1TPMGN
> /VaCiLbP4Z3xEw/9EbAJJkhmmx1Qw3ueoqc4h1MmhUtIdxSZ/oA9SjwlnY++zvaZ
> 6w1wTS4P+OUkETNDtItdpxXMJ9qfSy9voAQc2K43WMZCCmpPJYSdqaZZNPFj+Ne8
> 6FNtNKuUkXREybpHwlVAXnHzInmFOOM9RAmF70r3zEmKt77W1ztBLo2o9X79gPgL
> u9ThgrH6Oc2k46n+9nc3joccr7miiX/bp976DNWcWdOYThiSSOCb8Zw9/Zs935i1
> wUVkYTj24tmBH4H5ov9ib7RPmU21ru458RbUKG0ONAqBtAHNyXHzUnXsrke+D4VW
> MI06YcXSk8YeYgQ8GxgHQc+W2bb8LIbKN1hEYJ0wzM62vKR2/Oiwuf8lXutIKTuz
> +v7Vj1PQd66DGHsxtWRaWnr1c54JTL2wICHJYKFH4grp7864+GL/uQ1O/Z/XxVku
> E1JQ/AnwBGU1M1S6otwWGWVRjzEzQtxsfcCEPvV/9td3FIFQAbGTPb+48XFU+TY9
> 8AlcXBlDzXq7c5f8Evn/oSIsZDt63K4HNTmMGqOTl/p1aA0e4eyX76LczY06rDP5
> GMSNs+AHmYgZiS4RYhRUIvS9uLXMnnDAMYst0SDl2orDUUeHBTzu0rchyknBZMGP
> p5wQuWQ9CFlV+dj3UYbrBwC1lTkAMXRG2vlhA0V0TZqos7A5D4VHgSUQQjE=
> =otlL
> - -END PGP PUBLIC KEY BLOCK-
> -BEGIN PGP SIGNATURE-
> Version: APG v1.0.8
>
> iQJcBAEBCABGBQJSM3m1PxxlbHJpcHBvIChrZWVwIHlvdXIgZGF0YSBlbmNyeXB0
> ZWQpIDxlbHJpcHBvQGVscmlwcG9pc2xhbmQubmV0PgAKCRAkQ93r2VDR6+YXD/9K
> j+PNQGNBNGD5fEgIhNhJT8bo4Ji+e33Azntr4wsC4p4vE30Ysj19znaQv7Psxx6/
> PePBZcAR+gRJI9543WsnPqiUb/XPaAOQRoWr4bnuSI9lkSaCLhoLl6WwcJPmvG7m
> i3n0rM0JItWsWqF22Wv9hPTvbdTDB6ngbxvbeXMMtd9Bt+/8naj8ioXfn5GW9Mos
> wjtBJ4Lbh9PoY/YeZ61lAa89HzCJAOCuTcu9DRlvyBg/BWcbdvf5B8cf6vsnTFyO
> KR6/LcHKj+t4zS8rvG9dcBoTu3dg2cuuT44bmFCT9bh0iJTE4bHo+hd/egSUJgoA
> UOBLlXuV1XyT0H1EueSO2pelQR2hgOLas2EB3BCQPHceoN33JIm2VKo+FJnnvgKZ
> ig80L4FcBDEnkfHJ5wdm/Ksway74c23MAvKWR/TLXwB9BZGBGLkl3xGO6oSMoymx
> QX9Xi5lGeFDhbRsmPqg+maQTKMjlpzgp2rAOH1NxqGovoS/psU/BTLZH52ufZ68S
> ZcqR8ldy7S+PeSqp/yP5N0+cfbwBb1a195y9R/xRjM+7rp11hyXUDegcapPu7J6V
> 3DSd3ZV08qCF1eUVbhGQyaZQNj9HKiArPapu6TbskhP26zmI3OA4HBAhFm+HsEZ0
> AbsSGMFLvl1sVCvB9JW+FdbMVQVCZCN+zeXEztjOBg==
> =Gl87
> -END PGP SIGNATURE-
>
> --
> tor-talk mailing list - tor-talk@lists.torproject.org
> To unsusbscribe or change other settings go to
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
>



-- 
Nathan Suchy
If this email was not intended for you delete it and any copies you have of
it. The email was intended for "FirstName LastName". Information in this
email may be confidential and releasing it may be a violation of US law.
-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsusbscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

Re: [tor-talk] FBI Admits It Controlled Tor Servers Behind Mass Malware Attack

[Nathan Suchy]

They need to just get over themselves, stop attacking the innocents and
track down murders instead!


On Fri, Sep 13, 2013 at 6:13 PM, mirimir  wrote:

> > FBI Admits It Controlled Tor Servers Behind Mass Malware Attack
> >
> > By Kevin Poulsen  09.13.13  4:17 PM
> >
> > It wasn’t ever seriously in doubt, but the FBI yesterday acknowledged
> > that it secretly took control of Freedom Hosting last July, days
> > before the servers of the largest provider of ultra-anonymous hosting
> > were found to be serving custom malware designed to identify visitors.
> >
> > ...
>
> http://www.wired.com/threatlevel/2013/09/freedom-hosting-fbi/
> --
> tor-talk mailing list - tor-talk@lists.torproject.org
> To unsusbscribe or change other settings go to
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
>



-- 
Nathan Suchy
If this email was not intended for you delete it and any copies you have of
it. The email was intended for "FirstName LastName". Information in this
email may be confidential and releasing it may be a violation of US law.
-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsusbscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

Re: [tor-talk] Indirect Tor question

[Nathan Suchy]

Hmm...

Sent from my Android so do not expect a fast, long, or perfect response...
On Sep 13, 2013 5:13 AM, "Eugen Leitl"  wrote:

> On Thu, Sep 12, 2013 at 05:40:57PM -0400, Nathan Suchy wrote:
> > I like that idea. We need processer companies to stop owning their
> products
> > and to just let them go after we buy the product. It sucks being locked
> > into one solution...
>
> Parallella Epiphany is soon shipping with a 85 kGate FPGA (Zynq 7020).
>
>
> http://www.linux.com/news/embedded-mobile/mobile-linux/730380-zynq-arm-fpga-comes-of-age
>
> That's not an awful lot, but you can squeeze a small open core
> in there, if you don't trust the ARM cores it ships with.
>
> I don't know whether the FPGA is reconfigurable after boot,
> if it isn't, you can load a verified blob with e.g. crypto
> functions, allowing you to build an open hardware TPM which
> runs outside of OS trust zone.
>
> --
> tor-talk mailing list - tor-talk@lists.torproject.org
> To unsusbscribe or change other settings go to
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
>
>
-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsusbscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

Re: [tor-talk] Tor for ChromeBook

[Nathan Suchy]

I use that but I can't get Tor browser bundle because I run Samsung arm
chrkmebook. Manually installed Tor and make Firefox route that way...

Sent from my Android so do not expect a fast, long, or perfect response...
On Sep 13, 2013 10:06 AM, "Nathan Freitas"  wrote:

>
>
> Joe Wechter  wrote:
> >Could it be possible to make a Chrome browser extension which connected
> >to Tor?  Currently, the newest O/S on the market doesn't have Tor coded
> >for it.
>
> You can use a project like Crouton to run Debian chroot on your ChromeBook
> simultaneously with ChromeOS. You can use that to run Tor, and then install
> whatever Chrome browser add-ons you would like.
>
> You can also runs full Linux GUI under Crouton, enabling you to run Tor
> Browser Bundle as well.
> --
> tor-talk mailing list - tor-talk@lists.torproject.org
> To unsusbscribe or change other settings go to
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
>
-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsusbscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

Re: [tor-talk] Indirect Tor question

[Nathan Suchy]

I like that idea. We need processer companies to stop owning their products
and to just let them go after we buy the product. It sucks being locked
into one solution...


On Thu, Sep 12, 2013 at 1:15 PM, The Doctor  wrote:

> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA1
>
> On 09/09/2013 05:27 PM, Eugen Leitl wrote:
>
> > Even coreboot helps you very little, as there is simply too much
> > proprietary crap in a typical PC platform where you can drop
> > undetectable (out of band) malware.
>
> For everyone who is sufficiently motivated to start working on this
> problem, the following archive will undoubtedly be interesting:
>
> http://opencores.org/
>
> - --
> The Doctor [412/724/301/703] [ZS]
> Developer, Project Byzantium: http://project-byzantium.org/
>
> PGP: 0x807B17C1 / 7960 1CDC 85C9 0B63 8D9F  DD89 3BD8 FF2B 807B 17C1
> WWW: https://drwho.virtadpt.net/
>
> "You and the chief are the only ones in this section whose bodies
> don't come with a warranty."
>
> -BEGIN PGP SIGNATURE-
> Version: GnuPG v2.0.20 (GNU/Linux)
> Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/
>
> iEYEARECAAYFAlIx9psACgkQO9j/K4B7F8FG9QCg2/bTWgW4j1sCstDzmOWZJC2Z
> kT4AoL91bAt+JPeQaAwNfXyMTDAEAZZF
> =4gnk
> -END PGP SIGNATURE-
> --
> tor-talk mailing list - tor-talk@lists.torproject.org
> To unsusbscribe or change other settings go to
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
>



-- 
Nathan Suchy
If this email was not intended for you delete it and any copies you have of
it. The email was intended for "FirstName LastName". Information in this
email may be confidential and releasing it may be a violation of US law.
-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsusbscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

Re: [tor-talk] My reason to stop using Tor

[Nathan Suchy]

That really stinks. Have you considered hosting a Tor node on a cloud
server?

Sent from my Android so do not expect a fast, long, or perfect response...
On Sep 11, 2013 3:38 PM, "Antonio J. Delgado" 
wrote:

> Hi,
> I just receive a letter from my ISP abuse department. Someone tried to do
> some SQL injection attack using my tor node and my IP address is now banned
> from a lot of services and websites (not Google or Facebook, more important
> sites for me like the EU site and universities). Yes, it's not fare, I can
> cry to my ISP saying that the agreement is not fare. But I will lose. And
> of course there is no other option for me, than disconnect tor.
> I wanted to post this message somewhere, where persons that use tor to
> hack into other system can read it, hope this is a good place. You're
> killing tor, dude!
> I began working with computer for knowledge, and hacking is one great way
> to know more. But hacking is not what people do when they hide using tor.
> This is cracking, this is not knowledge, this is not activism.
> So, maybe I'm just one, but probably I'm just the one who took sometime to
> post about this before closing you a door.
> Regards
>
>
>
>
> Antonio J. Delgado
> "Desapruebo lo que usted dice, pero defender hasta la muerte que pueda
> decirlo." (Evelyn Beatrice Hall citando a François Marie Arouet alias
> Voltaire)
> --
> tor-talk mailing list - tor-talk@lists.torproject.org
> To unsusbscribe or change other settings go to
> https://lists.torproject.org/**cgi-bin/mailman/listinfo/tor-**talk
>
-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsusbscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

Re: [tor-talk] Updating Tor Browser Bundle

[Nathan Suchy]

Because chrome does not use Tor for DNS and that's an issue.

Sent from my Android so do not expect a fast, long, or perfect response...
On Sep 10, 2013 6:07 PM, "Ryan Winner"  wrote:

> Is there a functional reason Tor uses Firefox for the TBB?  I personally
> like Chromium, so I have the Tor packages installed in Ubuntu and use that
> system wide instead of the TBB.
>
>
> On Tue, Sep 10, 2013 at 11:14 AM, ziggy  wrote:
>
> > While using Tor Browser Bundle, I sometimes get notified about updates
> > that are available.
> >
> > Is there an easy way to apply the updates while preserving my bookmarks
> > and extensions I've added?  Thanks
> >
> > --
> > tor-talk mailing list - tor-talk@lists.torproject.org
> > To unsusbscribe or change other settings go to
> > https://lists.torproject.org/**cgi-bin/mailman/listinfo/tor-**talk<
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>
> >
>
>
>
> --
> Ryan The Winner 
> --
> tor-talk mailing list - tor-talk@lists.torproject.org
> To unsusbscribe or change other settings go to
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
>
-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsusbscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

Re: [tor-talk] Indirect Tor question

[Nathan Suchy]

t is unknown to the masses which needs solving).
> >>
> >> The solution to the hardware problem is to focus on increasing demand
> >> for
> >> free software friendly hardware and using that demand to get concessions
> >> from the large cooperations designing the chipsets. I'm not a big fan of
> >> reverse engineering and feel it is in large part a loosing battle. RMS
> >> sparked my attention at 2013 LibrePlanet with a speech he gave. He
> >> talked
> >> about the difficulties of reverse engineering and the need for the
> >> community to design hardware from scratch (essentially). It may seem
> >> unrealistic right now due to cost, the lack of expertise, and how far
> >> behind anything would be once it reached the market although I think the
> >> only thing really holding such projects back is a scattered community.
> >> We
> >> have this community that hasn't shown it's willing to put its money
> >> where
> >> its mouth is. People too concerned about saving a dollar here or there.
> >> Fortunately there is a whole large set of new and less tech savvy users
> >> who care getting on board all the time. They aren't afraid to spend a
> >> little extra. I think from that such challenges may be overcome. If
> >> there
> >> is any hope it probably lies with them.
> >>
> >> What I'd still like to see is more people thinking about how we can get
> >> more people concerned about free software friendly hardware (and
> >> software;
> >> ie Adobe Flash, etc). Right now most companies advertising "Linux"
> >> compatible hardware I'd advise avoiding. The ones who aren't advertising
> >> it seem to be more in tune with cooperating on the release of code (HP
> >> is
> >> a good example; great job on code releases, but never advertise Linux /
> >> GNU on the package). Good PR doesn't make up for the lack of code either
> >> (NVIDIA/AMD w ATI).
> >>
> >> What is extremely disappointing to me is that some of our smaller
> >> competitors aren't helping the situation any. There are things they
> >> could
> >> do easily and aren't. For instance shipping with free software friendly
> >> wifi cards. Even if your going to offer systems with a non-free
> >> dependent
> >> graphics chip (because of performance advantages) there is no reason you
> >> can't ship with a free software friendly wifi card.
> >> --
> >> tor-talk mailing list - tor-talk@lists.torproject.org
> >> To unsusbscribe or change other settings go to
> >> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
> >>
> > --
> > tor-talk mailing list - tor-talk@lists.torproject.org
> > To unsusbscribe or change other settings go to
> > https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
> >
>
> --
> tor-talk mailing list - tor-talk@lists.torproject.org
> To unsusbscribe or change other settings go to
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
>



-- 
Nathan Suchy
If this email was not intended for you delete it and any copies you have of
it. The email was intended for "FirstName LastName". Information in this
email may be confidential and releasing it may be a violation of US law.
-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsusbscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

Re: [tor-talk] Indirect Tor question

[Nathan Suchy]

We are not concerned about the price but rather we are concerned about our
freedoms to share change etc the source code to suit our needs. Furthmore
some of us are very paranoid. Also why can't u make a open source bios?
What are u hiding from us? Your NSA backdoor!

Sent from my Android so do not expect a fast, long, or perfect response...
On Sep 9, 2013 2:53 PM, "Chris"  wrote:

>
> >> I'm wondering about any and all similar tor-based systems wherein there
> >> is ANY portion that is not opensource.
> >
> > Scrutiny is a good thing. I suggest using the vrms tool to find non-free
> > software. [10] [11] Parts of this non-free software may come without
> > source code being available. From a quick curious look into the Tails
> > source code greping for "nonfree", I found "firmware-linux-nonfree".
> >
> > There may be more good reasons to add such packages than against adding
> > such packages. (Because not adding those may result in such poor
> > hardware support, that there aren't enough users in the first place to
> > even theoretically provide anonymity.)
>
> ...
>
> >
> > The development version of Whonix (we'll probably make a new release
> > soon) includes a check using vrms (while building from source code),
> > which provides safety against installing non-free software.
> >
> > (Tails aiming to be run on hardware may not be so easily be able to drop
> > all non-free packages. It's much easier for Whonix when aiming at
> > Virtual Machines - I am not saying this solves the problem - it leaves
> > the user alone with the decision to install such non-free packages on
> > the host.)
>
>
> I don't usually chime in on the Tor-talk list although my company is
> following Tor / supporting Tor / Tails, etc. We have been working with the
> FSF and other entities to improve the availability of free software
> friendly hardware and get the companies designing various pieces to
> release the complete set of code. It's a lot of work. Check out
> fsf.org/ryf.
>
> In any case I thought I'd chime in because it's what I work on.
>
> In any case while you won't find a 100% free x86 system you can avoid
> dependence on most non-free firmware. ThinkPenguin (I'm the founder & CEO)
> has a catalog of hardware of which 100% of the catalog is compatible with
> 100% free distributions. That is all core features should work on any
> device / system (wireless, sound, ethernet, USB, graphics, etc) without
> any non-free firmware. The BIOS in the laptops and desktops are non-free
> and there is undoubtedly non-free microcode all over the place (probably
> the biggest problem that is unknown to the masses which needs solving).
>
> The solution to the hardware problem is to focus on increasing demand for
> free software friendly hardware and using that demand to get concessions
> from the large cooperations designing the chipsets. I'm not a big fan of
> reverse engineering and feel it is in large part a loosing battle. RMS
> sparked my attention at 2013 LibrePlanet with a speech he gave. He talked
> about the difficulties of reverse engineering and the need for the
> community to design hardware from scratch (essentially). It may seem
> unrealistic right now due to cost, the lack of expertise, and how far
> behind anything would be once it reached the market although I think the
> only thing really holding such projects back is a scattered community. We
> have this community that hasn't shown it's willing to put its money where
> its mouth is. People too concerned about saving a dollar here or there.
> Fortunately there is a whole large set of new and less tech savvy users
> who care getting on board all the time. They aren't afraid to spend a
> little extra. I think from that such challenges may be overcome. If there
> is any hope it probably lies with them.
>
> What I'd still like to see is more people thinking about how we can get
> more people concerned about free software friendly hardware (and software;
> ie Adobe Flash, etc). Right now most companies advertising "Linux"
> compatible hardware I'd advise avoiding. The ones who aren't advertising
> it seem to be more in tune with cooperating on the release of code (HP is
> a good example; great job on code releases, but never advertise Linux /
> GNU on the package). Good PR doesn't make up for the lack of code either
> (NVIDIA/AMD w ATI).
>
> What is extremely disappointing to me is that some of our smaller
> competitors aren't helping the situation any. There are things they could
> do easily and aren't. For instance shipping with free software friendly
> wifi cards. Even if your going to offer systems with a non-free dependent
> graphics chip (because of performance advantages) there is no reason you
> can't ship with a free software friendly wifi card.
> --
> tor-talk mailing list - tor-talk@lists.torproject.org
> To unsusbscribe or change other settings go to
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
>
-- 
tor-talk mailing list - tor-talk@lists.torp

Re: [tor-talk] The reasoning behind the 'exit' flag definition

[Nathan Suchy]

Interesting how the flag works. I think it should be just at least one port
with access to one IP address. Also can you really get banned from Gmail? I
access my accounts from normal inet, VPN, and Tor depending on what I'm
doing... For example I have some emails I only access via Tor...

Sent from my Android so do not expect a fast, long, or perfect response...
On Sep 9, 2013 3:46 PM, "Roger Dingledine"  wrote:

> On Mon, Sep 09, 2013 at 07:25:06PM +, tagnaq wrote:
> > I'd like to understand why the exit flag is defined as it is.
> >
> > The current definition can be found in the directory spec [1]:
> >
> > "
> > "Exit" -- A router is called an 'Exit' iff it allows exits to at
> >least two of the ports 80, 443, and 6667 and allows exits to at
> >least one /8 address space.
> > "
>
> The Exit flag used to not matter at all.
>
> Now it matters because clients use it for load balancing. (If you have
> the Exit flag then it's likely that other clients are using you as their
> exit, so we should avoid using you for non-exit positions in our path.)
>
> > I assume the exit flag was meant to be used by tor clients only [2]
> > because destination port 80/443 are probably amongst the most
> > frequently accessed services, but was than (mis)used to generate
> > (inaccurate) 'Tor exit IP address lists' (?).
>
> Does anybody actually do that?
>
> My experience is that people make a list of all Tor relays at all, and
> think of all of them as exiting anywhere, because they've never heard
> of exit policies at all.
>
> > This means that there is no way to tell if a relay actually allows
> > exiting (any) traffic simply by looking at relay flags. To actually
> > tell you would have to parse exit policies.
>
> Correct. Consensus flags aren't meant for that.
>
> > Which one of the following proposals would be more likely too be
> > accepted by the Tor Project (if any at all):
> >
> > - change the definition of the 'exit' flag to include all nodes that
> > allow *any* exiting traffic.
>
> This one is a poor idea, since it will ruin the load balancing which
> is the only thing it's used for.
>
> > - introduce a new flag that is set on all relays allowing *any* exit
> > traffic (leaving the current definition of the 'exit' flag unchanged)
>
> I guess we could do that. But I think it would be a burden on the network,
> to say something that doesn't matter in any way and have every client
> download it every few hours.
>
> > As an alternative, better tools to create 'tor exit lists' as
> > suggested in [4] and [5], might also do the job. Is someone aware of a
> > tool that implements something like that already?
>
> You don't like https://check.torproject.org/cgi-bin/TorBulkExitList.py ?
>
> --Roger
>
> > Something along the lines of:
> >
> > ./get-tor-exits [relay-IP] target-service-IP[/mask][:port],...
> >
> > output: boolean if relay-IP is given,
> > if no relay IP was given: print a list of all relay IP addresses that
> > would allow accessing (any) service in the target IP (range).
>
> https://www.torproject.org/tordnsel/exitlist-spec.txt
>
> This is up and running now (exitlist.torproject.org answers these dns
> queries), but unmaintained.
>
> See also
> https://trac.torproject.org/projects/tor/ticket/9204
> and
> https://trac.torproject.org/projects/tor/ticket/9529
>
> --Roger
>
> --
> tor-talk mailing list - tor-talk@lists.torproject.org
> To unsusbscribe or change other settings go to
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
>
-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsusbscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

Re: [tor-talk] Indirect Tor question

[Nathan Suchy]

The only secure thing is Tor Tails booted from USB.

Sent from my Android so do not expect a fast, long, or perfect response...
On Sep 9, 2013 11:37 AM, "adrelanos"  wrote:

> Speaking as a maintainer of Whonix...
>
> Before answering this, there is some prerequisite knowledge. There is a
> difference between:
> - Free Software and free software
> - Open Source and open source
>
> When I am using capitalized Open Source, I am referring to OSI approved
> [1] licenses (by the Open Source Initiative). When I am using
> capitalized Free Software, I am referring to FSF approved [2] licenses
> (by the Free Software Foundation).
>
> I try to prevent using the terms "open source" (which could refer to,
> you can get the source code, perhaps for no charge) and free software.
> The terminology is seriously messed up, but that's not my fault and no
> one is listening to me.
>
> Praedor Atrebates:
> > In light of the recent revelations of how the NSA has broken commercial
> > software all over the place, I wonder about the security of Oracle's
> > VirtualBox VM software used by Whonix (and other?) tor-based anonymity
> > systems.
>
> We're probably all hosed anyway. Already for other reasons, backdoors in
> plain source code. (I will address the concern of about being
> non-opensource mail below.) Another reason is, when it comes to C and
> C++ code, even in the source code you can add subtle, difficult to spot
> backdoors. And I quote Ken Thompson:
>
> "The moral is obvious. You can't trust code that you did not totally
> create yourself. (Especially code from companies that employ people like
> me.) No amount of source-level verification or scrutiny will protect you
> from using untrusted code. In demonstrating the possibility of this kind
> of attack, I picked on the C compiler. I could have picked on any
> program-handling program such as an assembler, a loader, or even
> hardware microcode. As the level of program gets lower, these bugs will
> be harder and harder to detect. A well installed microcode bug will be
> almost impossible to detect." [3]
>
> Solution?
> 1) Let's ditch decades of effort in writing C code.
> 2) Create an operating system with minimal C code.
> 3) Freeze the C code base. Only allow most critical changes.
> 4) Re-implement all other software in higher level languages. Accept the
> performance penalty or wait for faster hardware.
> 5) Also somehow get trustworthy, backdoor-free hardware. [Really Hard (tm)]
> I am not in position to suggest such changes.
>
> > A large portion of VirtualBox is open source but some
> > libraries used are of different licenses...so perhaps somewhere in those
> > non-opensource libs lay an NSA backdoor?
>
> To my knowledge, VirtualBox does not include portions where no source
> code is available for download.
>
> VirtualBox is in Debian contrib, because it requires a non-free
> (according to Debian DFSG [4] and FSF).
>
> The openwatcom compiler is considered non-free because it's under the
> "Sybase Open Watcom Public License version 1.0". FSF says
>
> "This is not a free software license. It requires you to publish the
> source code publicly whenever you “Deploy” the covered software, and
> “Deploy” is defined to include many kinds of private use." [5]
>
> I think Debian also does not use openwatcom compiler, because that
> compiler is not in Debian due to packaging difficulties. [6]
>
> According to the Debian VirtualBox license file [7], "Upstream provides
> pre-built BIOS images which is used instead."
>
> There is also a VirtualBox bug report "Compiling BIOS requires Open
> Watcom compiler" [8], which won't be fixed, but still contains
> interesting information. It says,
>
> "By the way, we provide alternative sources (assembly) of the components
> that normally get built with OpenWatcom, so VirtualBox can be built
> without it. There is nothing missing, we even use them ourselves when
> build the Solaris distribution of VirtualBox. For some reason this seems
> not to be sufficient for all distros." [9]
>
> I don't know if the Debian VirtualBox license file refers to this
> assembly. The thing Debian (rightly so) complains about might be, that
> it's not nicely-commented and formatted assembly source code, but
> assembly binary code?
>
> Anyhow. Realistically, lets assume it was nicely-commented and formatted
> assembly source code. I like to refer back to what I wrote above subtle
> backdoors in plain source code.
>
> Your concern is a valid one. For too long, the rumor, that Open Source
> provides strong security and prevents backdoors has been spread.
>
> There is also just another issue. A non-deterministically build
> operating systems.
>
> Open Source does not automagically prevent backdoors [12], unless the
> user creates its own binaries from source code itself. The ones who
> compile, upload and distribute (also the webhost) the binaries could add
> a backdoor without publishing the backdoor code. Nothing prevents one to
> claim, that a certain bin

Re: [tor-talk] odd notice on tor for GUARD

[Nathan Suchy]

We need to fix Tor's network...

Sent from my Android so do not expect a fast, long, or perfect response...
On Sep 8, 2013 3:39 AM, "Lunar"  wrote:

> s:
> > Sep 07 17:36:05.834 [Notice] Your Guard KOPA
> > ($2386038C4233F8900768EDC03AB6050AD2A04CF0) is failing more circuits
> > than usual. Most likely this means the Tor network is overloaded.
> > Success counts are 174/263. Use counts are 68/69. 185 circuits
> > completed, 1 were unusable, 10 collapsed, and 22 timed out. For
> > reference, your timeout cutoff is 60 seconds.
>
> “Most likely this means the Tor network is overloaded” which exactly the
> case right now…
>
> --
> Lunar 
>
> --
> tor-talk mailing list - tor-talk@lists.torproject.org
> To unsusbscribe or change other settings go to
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
>
>
-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsusbscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

Re: [tor-talk] What if I connect to all nsa Tor nodes?

[Nathan Suchy]

Is it possible for me to force my client to connect to my tor exit as the
middle node?


On Sun, Sep 8, 2013 at 1:11 PM, Paul Syverson wrote:

> On Sun, Sep 08, 2013 at 11:47:06AM -0400, Nathan Suchy wrote:
> > Would my traffic still be secure?
> >
>
> To do what, and secure against whom and to what degree?
>
> It is reasonable to assume that if NSA is running Tor nodes, then they
> are probably using good operational security. So against someone
> breaking into those nodes and then attacking you, you are probably
> more secure than using random nodes. (But see below.)
>
> If you mean secure against the NSA node operators, then no. Any
> adversary that owns all the nodes in your route should be able to
> learn pretty much everything about your traffic patterns, who you're
> talking to and when. This is true for the NSA or anybody else.
>
> If you mean intentionally selecting some subset of nodes because you
> trust them more or because you are trying to avoid them as adversary
> nodes, there is a tradeoff between the potential better security that
> might provide and what your choice might reveal about you. cf.
> "Trust-based Anonymous Communication: Adversary Models and Routing
> Algorithms". There's currently research advances but no simple advice
> on that score.
>
> This all assumes adversaries just live at the nodes rather than also
> at the ISPs, the ASes, the IXPs, etc. It is hard to say anything more
> about such an adversary without more details. You might want to see
> "Users Get Routed: Traffic Correlation on Tor By Realistic
> Adversaries" and some of the earlier work on this issue cited therein.
>
> HTH,
> Paul
> --
> tor-talk mailing list - tor-talk@lists.torproject.org
> To unsusbscribe or change other settings go to
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
>



-- 
Nathan Suchy
If this email was not intended for you delete it and any copies you have of
it. The email was intended for "FirstName LastName". Information in this
email may be confidential and releasing it may be a violation of US law.
-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsusbscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

[tor-talk] Is my Tor Node getting normal traffic?

[Nathan Suchy]

Hey I'm averaging 1.5MBPS Up and Down, 1001 inbound, 628 outbound, and 28
exit connections. Is this normal traffic? I know Tor is under heavy load
from the new bot net but this is a huge amount of traffic...

-- 
Nathan Suchy
-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsusbscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

Re: [tor-talk] What if I connect to all nsa Tor nodes?

[Nathan Suchy]

So if the NSA controls the guard middle then exit could they track me?

Sent from my Android so do not expect a fast, long, or perfect response...
On Sep 8, 2013 12:56 PM, "harmony"  wrote:

> Nathan Suchy:
> > Would my traffic still be secure?
> >
> > Sent from my Android so do not expect a fast, long, or perfect
> response...
> >
>
> The answer is the same as when you asked 'how private is Tor' - what
> does 'secure' mean?
>
> The attacker would be able to identify your location and destination in
> all circumstances. If you were browsing over https, they would have no
> more access to the content of your traffic than if you were connecting
> directly to the secure website (unless they separately found a way
> around that as well).
>
> If you were not using https, the content of your transactions would be
> readable and modifiable by the attacker (as it normally is by any exit
> node operator in that situation).
>
> So if you were browsing over https (and heeded any certificate
> warnings), and you were concerned only about the content of your
> communications, then being attacked by all three nodes would not change
> your level of security. If your definition of security includes not
> having your machine associated with a list of destinations on the
> internet by an observer then in this case, even with https, your traffic
> would no longer be secure.
>
> Somebody correct me if I'm wrong.
> --
> tor-talk mailing list - tor-talk@lists.torproject.org
> To unsusbscribe or change other settings go to
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
>
-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsusbscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

[tor-talk] What if I connect to all nsa Tor nodes?

[Nathan Suchy]

Would my traffic still be secure?

Sent from my Android so do not expect a fast, long, or perfect response...
-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsusbscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

Re: [tor-talk] WP: The feds pay for 60 percent of Tor’s development. Can users trust it?

[Nathan Suchy]

You can check the source code. No back doors. Plus people at the FBI have
used it for anonymity...

Sent from my Android so do not expect a fast, long, or perfect response...
On Sep 6, 2013 8:14 PM, 
wrote:

>
> http://www.washingtonpost.com/blogs/the-switch/wp/2013/09/06/the-feds-pays-for-60-percent-of-tors-development-can-users-trust-it/
>
>
> --
> tor-talk mailing list - tor-talk@lists.torproject.org
> To unsusbscribe or change other settings go to
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
>
-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsusbscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

Re: [tor-talk] VPNGate

[Nathan Suchy]

Well in China they need Tor to write their illegal speech...

And be patient pages shouldn't need to load in 2 seconds. I don't mind
waiting for my safety...

Sent from my Android so do not expect a fast, long, or perfect response...
On Sep 3, 2013 9:45 PM, "Percy Alpha"  wrote:

> What about Tor obfuscated bridges?
> Tor has published a blog post on normal bridges automatically probed by
> GFW.
> Some say that obfuscated bridges are also probed.
> https://trac.torproject.org/projects/tor/ticket/8591
>
>
> >
> > And what about Tor over VPN?
> >
> It will work. But users in China want to avoid censorship rather than
> remain anonymous. VPN or any circumvention method is already slow enough in
> China. Adding tor is useless for almost all users in China
> --
> tor-talk mailing list - tor-talk@lists.torproject.org
> To unsusbscribe or change other settings go to
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
>
-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsusbscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

Re: [tor-talk] DistroWatch.com donates to TorProject

[Nathan Suchy]

Only $350US?

Sent from my Android so do not expect a fast, long, or perfect response...
On Sep 2, 2013 11:00 PM, "Moritz Bartl"  wrote:

> http://distrowatch.com/weekly.**php?issue=20130902#donation
>
> "We are happy to announce that the recipient of the August 2013
> DistroWatch.com donation is the Tor project which provides software tools
> and maintains a network infrastructure for increased anonymity on the
> Internet. It receives US$350.00 in cash.
>
> With recent revelations of unprecedented online surveillance by many
> governments and their various secret agencies, the question of online
> anonymity has started to gain prominence among the public in a number of
> countries. As a result, many people have turned to Tor which is probably
> the best-known project that develops tools and maintains infrastructure
> that attempts to preserve what little is left from our anonymity while
> using the Internet.
>
> [...]"
>
> --
> Moritz Bartl
> https://www.torservers.net/
> --
> tor-talk mailing list - tor-talk@lists.torproject.org
> To unsusbscribe or change other settings go to
> https://lists.torproject.org/**cgi-bin/mailman/listinfo/tor-**talk
>
-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsusbscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

Re: [tor-talk] Tor using KVM/bridge/iptable filters

[Nathan Suchy]

I like the idea. You could download Tor Tails and run it in a VM...

Sent from my Android so do not expect a fast, long, or perfect response...
On Sep 4, 2013 7:58 AM, "Jimmy Olson"  wrote:

> Hi I am following the instructions on this page except it was wrong and
> the comment here fixes the problem
>
>
> http://www.howtoforge.com/how-to-set-up-a-tor-middlebox-routing-all-virtualbox-virtual-machine-traffic-over-the-tor-network#comment-34269
>
> I would like a VM to use tor and be able to use flash and anything w/o
> leaks. My problem is I don't understand this part of linux and how to use
> iptables. I'd like to drop everything except TCP. I don't know what DNS
> lookup uses (is it TCP?) but there are plenty of other protocols besides
> tcp and udp http://en.wikipedia.org/wiki/Internet_Control_Message_Protocol
>
> How do I write rules that will drop everything except TCP and route it
> through tor?
>
> My other question is instead of setting up a bridge on the host machine
> I'd like to do it on a VM. Then have qemu/kvm use the said bridge on the
> VM. However I don't know how to make the host machine see the bridge. Or
> how to create a bridge that goes from
> TorGuestVM<-(->HostMachine<-)->TorHostVM
>
> I'm open to other ways as long as I can have a VM running with qemu/kvm
> that cannot communicate to the internet except through tor. Which I prefer
> to be in its own VM but the host is ok if I must.
>
> I have looked at qubes. Qubes and xen doesn't seem to work on my hardware
> which is a disappointment.
>
>
> --
> tor-talk mailing list - tor-talk@lists.torproject.org
> To unsusbscribe or change other settings go to
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
>
-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsusbscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

Re: [tor-talk] Privacy of Tor,

[Nathan Suchy]

OK. I also keep a paid VPN for which does not keep logs so websites that
block Tor can see my VPN and allow it.

Sent from my Android so do not expect a fast, long, or perfect response...
On Sep 6, 2013 1:16 PM, "Frank Lanitz"  wrote:

> On Fri, 6 Sep 2013 11:44:07 -0400
> Nathan Suchy  wrote:
>
> > So I need to use SSL and TSL?
>
> As you need without Tor.
>
> Cheers,
> Frank
>
> --
> tor-talk mailing list - tor-talk@lists.torproject.org
> To unsusbscribe or change other settings go to
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
>
>
-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsusbscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

Re: [tor-talk] 28 minutes is missing

[Nathan Suchy]

That does not mean Tor will use all of the bandwidth...

Sent from my Android so do not expect a fast, long, or perfect response...
On Sep 6, 2013 2:50 PM, "Trigger Happy"  wrote:

> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA512
>
> Hi,
>
> I'm running a relay on vps and i saw today strange notice in Arm :
> "Read the last day of bandwidth history from state file (28 minutes
> are missing". I'm also flagged as "Unnamed" but i see name of my node
> on Atlas or at blutmagie.de. My bandwidth is also much higher than
> detected (avg. 1,1Mb/sec vs. 70KB/s)
>
> - --
> Trigger Happy
> jabber: triggerha...@jabber.ccc.de
>
>
> -BEGIN PGP SIGNATURE-
>
> iQIcBAEBCgAGBQJSKiPdAAoJEEtm9wC9fGLFmfQQALyqN/MYGhst2oA+zdtitKJ2
> b+NKC9jPT38wQQs+THyRcQ0oWi4hjZKN5AMlSmYqN1f44DIxC/OaJopNzyFbA1CB
> DC+H96+OQgGSCSoVLSo5RxwAYTDWzMlA7a/HHmOzJP9uBYga2XM2UfSCpVXhA+Hs
> LU3qt5kPe6UBgrdudfDeZgPhTzKP28Q3niUiWFxNMGuMUrehLiW3nGx03Hn/y++x
> yp8t5cqHDNeAHX8Pdvf0ic3u/j49V3lK16+fQfQgLwhOuPXBRTDQQv2f+Y0zsMAh
> u2aCTNTqyk95kASv8zH/fR7V0jNFqHqHqtnSdZY9N7HLojr4vbrn30FYmaOqzY4f
> vArB7TYWEUhTohiA3kUlxCLd9FqfUf5usxGeIUXhLrd5Ac7XfH7BnuCds06iMSKe
> T3NqRSBF8z2LVplst64ABfCP0eiBbkx4DEEMEKxq+jQVon1w7RTe86aqVzFobkUc
> 8jk1rbtYXEmsK9QRh9uhXSUvSCIhSZ6hYXrHlwrWGd9SJuYHLiGnK0VKBib+Enlm
> kdKVOFVX574jUHs5tkY+/t+5qdoTlDaG6ZAoB4DPqqOsTF2xZisWoPHd2zgNtpIC
> Xa41LnIhO5ZYEiKtgycRLxzxEfWrowBvMKN3QrVTbEH3EW3w1JZdJfsxvu8o7bTN
> IlwG7HrpEaTPRLOo4UvR
> =ELE0
> -END PGP SIGNATURE-
> --
> tor-talk mailing list - tor-talk@lists.torproject.org
> To unsusbscribe or change other settings go to
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
>
-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsusbscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

[tor-talk] Disable Tor in the browser bundle,

[Nathan Suchy]

Sometimes I'll need to use a forum and some of them block Tor but not my
VPN. Is there a way to disable Tor in the browser bundle? I thought the
button did it but...

Sent from my Android so do not expect a fast, long, or perfect response...
-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsusbscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

Re: [tor-talk] Exit node stats collection?

[Nathan Suchy]

I really hate it when people don't build there own criminal network and
instead steal our bandwidth!

Sent from my Android so do not expect a fast, long, or perfect response...
On Sep 5, 2013 9:43 PM, "Pokokohua"  wrote:

> Oh that makes so much more sense now ;) thanks for that.
>
>
> On Fri, Sep 6, 2013 at 12:26 PM, mirimir  wrote:
>
> > On 09/05/2013 11:42 PM, Pokokohua wrote:
> >
> > > Still hard for me to imagine such a large scale infection of what I
> > assume
> > > is home user computers without anyone other than TOR'ists picking up on
> > it.
> > > According to the stats its sitting at about 25 million new users?
> >
> > No, it's 2.5 million new users.
> >
> > There are several botnets that contain millions of bots.
> >
> > .tsop pot t'nod esaelp ,oslA
> >
> > > On Fri, Sep 6, 2013 at 10:13 AM, mirimir  wrote:
> > >
> > >> On 09/05/2013 09:42 PM, Pokokohua wrote:
> > >>
> > >> See the "[tor-talk] Many more Tor users in the past week?" thread.
> > >>
> > >> It's an existing botnet that's being converted to Tor for C&C.
> > >>
> >
> > --
> > tor-talk mailing list - tor-talk@lists.torproject.org
> > To unsusbscribe or change other settings go to
> > https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
> >
> --
> tor-talk mailing list - tor-talk@lists.torproject.org
> To unsusbscribe or change other settings go to
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
>
-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsusbscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

Re: [tor-talk] Privacy of Tor,

[Nathan Suchy]

So I need to use SSL and TSL?

Sent from my Android so do not expect a fast, long, or perfect response...
On Sep 6, 2013 8:50 AM, "Niklas Hennigs"  wrote:

> Am 06.09.2013 um 13:03 schrieb Nathan Suchy <
> theusernameiwantista...@gmail.com>:
>
> > I know how to use Tor and I've run nodes before but what is the likely
> hood
> > of my traffic being watched or even changed by a rouge exit node?
>
> I think you should assume a probability of 100%.
>
> Regards,
> Niklas
> --
> tor-talk mailing list - tor-talk@lists.torproject.org
> To unsusbscribe or change other settings go to
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
>
-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsusbscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

Re: [tor-talk] Fwd: SOPA back

[Nathan Suchy]

Its important to Tor because we should advocate to stop it so our Tor Nodes
don't get deleted for copyright infringement...

Sent from my Android so do not expect a fast, long, or perfect response...
On Sep 4, 2013 9:32 PM, "krishna e bera"  wrote:

> How is this directly related to Tor?
>
> Perhaps it is more effective to support EFF and tell your non-tech
> correspondents about SOPA.
>
>
> On 13-09-04 05:22 PM, Nathan Suchy wrote:
> > Sent from my Android so do not expect a fast, long, or perfect
> response...
> > -- Forwarded message --
> > From: "Tiffiniy Cheng" 
> > Date: Sep 4, 2013 12:11 PM
> > Subject: SOPA back
>
> --
> tor-talk mailing list - tor-talk@lists.torproject.org
> To unsusbscribe or change other settings go to
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
>
-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsusbscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

Re: [tor-talk] post

[Nathan Suchy]

This is a funny thread. We should continue it. I'm going to be completely
random and ask who likes to eat popcorn...

Sent from my Android so do not expect a fast, long, or perfect response...
On Sep 4, 2013 10:30 AM, "Bernard Tyers - ei8fdb"  wrote:

> On 4 Sep 2013, at 14:51, "D. Collins"  wrote:
>
> > hello i just joined your ommunity and would like the ability to post
> messages. username is cindelle. let me know if you need ny other
> information. Thank you
>
> You just did it!
>
> --
> Bernard / bluboxthief / ei8fdb
>
> IO91XM / www.ei8fdb.org
>
>
> --
> tor-talk mailing list - tor-talk@lists.torproject.org
> To unsusbscribe or change other settings go to
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
>
>
-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsusbscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

Re: [tor-talk] Tor users are not anonymous

[Nathan Suchy]

If your so paranoid then encrypt your Tor Browser Bundle with TrueCrypt
then wipe the hard drive and destroy the computer when your done. Traffic
Correlation is next to impossible via Tor. You could also use a VPN then
Tor for more security...

Sent from my Android so do not expect a fast, long, or perfect response...
On Sep 5, 2013 6:43 PM, "sigi"  wrote:

> Hi,
>
> two main german technology news sites are spreading news about the
> study: »Users Get Routed: Traffic Correlation on Tor by Realistic
> Adversaries« [1]
>
> They write about 'broken anonymity' for Tor-users:
> Tor-Nutzer surfen nicht anonym - Tor users do not surf anonymously
> <
> http://www.golem.de/news/anonymisierung-tor-nutzer-surfen-nicht-anonym-1309-101417.html
> >
>
> Tor-Benutzer leicht zu enttarnen - Tor users to easily expose
> <
> http://www.heise.de/security/meldung/Tor-Benutzer-leicht-zu-enttarnen-1949449.html
> >
>
> The articles are german-only - The main point was always stated by the
> Tor-devs [2], that anonymity »fails when the attacker can see both ends
> of the communications channel« - can anyone out there assess how
> serious or new this really is?
>
> Regards,
> sigi
>
> [1] http://www.ohmygodel.com/publications/usersrouted-ccs13.pdf
> [2] https://www.torproject.org/docs/faq.html.en#EntryGuards
> --
> tor-talk mailing list - tor-talk@lists.torproject.org
> To unsusbscribe or change other settings go to
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
>
-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsusbscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

Re: [tor-talk] Privacy of Tor,

[Nathan Suchy]

I know how to use Tor and I've run nodes before but what is the likely hood
of my traffic being watched or even changed by a rouge exit node?

Sent from my Android so do not expect a fast, long, or perfect response...
On Sep 5, 2013 6:15 PM, "mirimir"  wrote:

> On 09/05/2013 09:55 PM, krishna e bera wrote:
>
> > On 13-09-05 03:59 PM, Nathan Suchy wrote:
> >> How private is Tor?
> >
> > What do you mean by private?
> >
> > The Users of Tor article shows several types of users with different
> > privacy needs.  https://www.torproject.org/about/torusers.html.en
> >
> > The notes on the Tor download page give some hints how to ensure you get
> > the best available anonymity out of using Tor and TBB:
> > https://www.torproject.org/download/download-easy.html.en#warning
>
> This is probably not a good time to be learning how to use Tor.
>
> Better to wait for the dust to settle :(
> --
> tor-talk mailing list - tor-talk@lists.torproject.org
> To unsusbscribe or change other settings go to
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
>
-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsusbscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

[tor-talk] Could we redesign Tor to...

[Nathan Suchy]

Handle a massive amount of nodes. Just give us random nodes from the list
so the network can handle having more middle and exit nodes. I'd like to
see Tor actually make all clients a middle node so we have more internal
bandwidth...

Sent from my Android so do not expect a fast, long, or perfect response...
-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsusbscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

[tor-talk] Privacy of Tor,

[Nathan Suchy]

How private is Tor?

Sent from my Android so do not expect a fast, long, or perfect response...
-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsusbscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

[tor-talk] Fwd: SOPA back

[Nathan Suchy]

Sent from my Android so do not expect a fast, long, or perfect response...
-- Forwarded message --
From: "Tiffiniy Cheng" 
Date: Sep 4, 2013 12:11 PM
Subject: SOPA back
To: 
Cc:

 SOPA is back. Well, one of the harshest and most ridiculous parts of it,
anyway. The Obama Administration wants to make unauthorized streaming a
felony -- with years of jail time.

If this passes, sharing a video of yourself singing karaoke could land you
in prison. Singing “Happy Birthday” with your family and videotaping it
would be a felony. Click here to say NO to SOPA
censorship.

This latest push to crack down on everyday internet activity comes from the
Commerce Department’s Internet Policy Task Force1. They want to make it so
that any streaming or sharing of copyrighted content could be punishable by
years in jail. Just imagine. If these recommendations become law, kids
could be locked up for singing pop songs on Youtube.

Tell Obama: No SOPA-style censorship.
Ever.

The prospect of teenagers going to jail for uploading their bands’ cover
songs is terrifying, but the good news is that Congress is still pretty
shaken up from the SOPA strike last year 2. We’ve got a good chance of
stopping this toxic legislation before it gets anywhere, but we need to let
everyone know, right now.  So far the mainstream media hasn’t paid much
attention to this, and there’s a danger that this censorship bill could fly
under the radar and pass if we don’t act now.

Tell your friends like you did last year. It’s time for the web to freak
out again to defend itself.

If you’re on facebook, click here to
share.

If you’re on twitter, click here to
tweet.

Even better, forward this email to 10 people, or to any email lists that
you’re on. We can’t waste any time in getting the word out. We fought tooth
and nail last year to keep the internet free from SOPA-style censorship, we
can’t let this bill sneak through and kill the open web.

People shouldn’t go to prison for sharing a video. Click here to fight
censorship.

We’re counting on you,

-Tiffiniy, Holmes, and Evan

Fight for the Future

P.S. this latest attempt at SOPA-style legislation is a reminder that the
fight for internet freedom will be long and hard. Can you chip in $10 today
to keep us fighting for the long haul? Click here to
donate.

SOURCES:

1) Washington Post, “SOPA died in 2012 but the Obama Administration wants
to revive part of it.”

2) Techdirt, “Don’t get SOPA’d is the new mantra on Captiol
Hill”

--
*Want more awesome more often?*
*Likeus
on Facebook
*Follow us on 
Twitter
*Donateto
keep us fighting.

Click here to 
unsubscribe
 **
-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsusbscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

[tor-talk] Offtopic but... Is DotTk really that bad?

[Nathan Suchy]

I don't really do a lot of controversial writing and I like the free
domains and the extension name in general. Is DotTk really that bad? Also
if your worried you buy the domain name...

Sent from my Android so do not expect a fast, long, or perfect response...
-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsusbscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

Re: [tor-talk] VPNGate

[Nathan Suchy]

Most of the time if you use a Tor reduced exit policy abuse is low...

Sent from my Android so do not expect a fast, long, or perfect response...
On Sep 2, 2013 6:05 AM, "Crypto"  wrote:

> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA1
>
> On 9/2/2013 4:27 AM, grarpamp wrote:
> > On 9/2/13, Roman Mamedov  wrote:
> >> http://www.vpngate.net/en/
> >>
> >> even running a Tor Exit node can be dangerous (even though you
> >> have bullet-proof deniability of any knowledge of the source,
> >> you can still get into legal trouble)
> >
> > You chose to provide last hop services (whether exit or vpn), any
> > trouble you catch does not depend on deniability of the source.
> > Further, as a transit provider, you have the generally recognized
> > provider immunity provided you follow the immunity rules.
> >
> >> Insanity?
> >
> > No, it's just another model... Tor exit ops are happy to run Tor
> > exits. VPNGate ops are happy to run VPN nodes. The risks and
> > services of both are known to the ops and users. Users are happy
> > to use both.
> >
> > I encourage them all to continue operating their unique model. The
> > world needs more models for more use cases (eg: Tor doesn't offer
> > VPN bindings or other protocols natively yet, they do). They don't
> > claim to be anything they're not and they tell you what they are.
> > I don't see any droids here.
> >
> >> From the looks of it all the volunteers effectively operate open
> >> proxies for anyone who connects to this service.
> >
> > Works for me, where do I donate...
> >
>
> I've been using them for a month so far. I really like the service and
> even though they log for 2 weeks I use the VPN to enter the Tor
> network. So all they will see is me using Tor.
>
> - --
> Crypto
>
> Keywords: terrorism, bombs, jogging, suntan lotion,
> nails, pellets, knives, shoes, underwear, milk, socks,
> hair, toenails, masturbation, gasoline, cooking oil,
> mayonnaise, bananas, Obama, Clinton, EFF, NSA, FBI,
> PGP, USA, pressure cooker, marathon, fertilizer
>
> Keywords are not necessarily in order of importance
> -BEGIN PGP SIGNATURE-
> Version: GnuPG v2.0.21-beta27 (MingW32)
> Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/
>
> iQIcBAEBAgAGBQJSJGLBAAoJENm5+F4XN2I5OnsP/jSU+8IeQb1VdAckNhbOmFok
> An1lOSAib7ssLK1sfQwQlipqruPpDHb46T4boO5QhXJhB12+755QLCKBXuw8HPjD
> ovQyT5z8MEzNY5W1PjHY00tCnjE+QWwFjA5OyYuARcq7rGscPtJ++MGIezX5zlH6
> 5dnlqbCC1WcJox4XuTwiYg1yys9jKyXE9jE9hnrGeGwA1ayJk5+LOW++14dx6Opb
> 74iLE1N7QX/Fa+/2C4YXKqzQ5TJhSuhVRSX0BizJXj8tnAYVAl2mulyVbSBPc6YN
> OVEbktNvD8yz1JT/BtUEx5GvKyLYlmZzorzLMg40GCZk2A3lW6YC4MhU0fb0AlkI
> kWqAk+a8QfeeSQMYkpR81rPZz1PMhujRUxSBsrHrllePU211sxpQkyeIFse+Lr8o
> 2Epr1McqtdH5zS/D//gjRQQAWSCEIQ8Zehw5uQAc2GZNJ2laGJ6U7IxrJ+0+xKWU
> /yAjHvEGhNIfLLdC3wjKgB4ZDvx3hwWCJ+PlpydphOH+Gi6B1rfcF3FSqop97HIg
> NQ2uxhVDuHEllFz6VpkH+/y509cECGFLbRSXLiS/dQpc8H+t+qIZ8is8AzL6eSbL
> xEq5F7zkI0YgVO4LYuu+UgpbPvyHVuAa+Q6RMOgx43AzkFtNDaTdfNsPfBoeTC5g
> yFsGaHZsnMIC3X3R0SIE
> =nRXy
> -END PGP SIGNATURE-
> --
> tor-talk mailing list - tor-talk@lists.torproject.org
> To unsusbscribe or change other settings go to
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
>
-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsusbscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

Re: [tor-talk] About time to make BitTorrent work over Tor,

[Nathan Suchy]

OK. I'll consider i2p.
On Aug 30, 2013 3:21 PM, "grarpamp"  wrote:

> On 8/30/13, Jan-Frode Myklebust  wrote:
> >> > On Mon, Aug 26, 2013 at 2:46 PM, Nathan Suchy
> >> >> I don't want this for piracy as I have a paid VPN account that is
> much
> >> >> faster for that if I decide to pirate. I think we need BitTorrent
> >> >> though
> >> >> to
> >> >> work on Tor so Tor Users can securely share files with one another.
>
> >> > AFAIK the most obvious issue with this (among more subtle side-channel
> >> > attack / decloaking problems) is network scalability. Total relay
> >> > bandwidth
> >> > available is, while seemingly increasing in general, very limited
> given
> >> > such use cases. [1]
> >> > How does one scale BitTorrent on top of that?
>
> > By adding TOR exit-node functionality into the bittorrent clients, and
> > giving bittorrent credit score to clients with lots of TOR-traffic. That
> > would scale the TOR network ...
>
> Tor does not currently scale as simply as that. Therefore whatever
> you try to scale on top of Tor will not scale either. All using exits will
> do (roughly speaking) is cause Tor to fail 1/2 as fast as using the
> purely internal approach would. BT is further badly hampered since
> UDP and inbound bindings are unavailable under the current exit model.
>
> Tor's design is generally "move a lot of browsers over a few exits",
> anything else is bonus, at least historically. At the moment, if you're
> trying to move to millions of p2p users, not just hundreds of tinkerers,
> you're better off enhancing Tor first or writing or finding another secure
> transport that scales better. Then moving it all off the clearnet once and
> for all. But that appears to be beyond the typical scope of thinking in the
> BT space, you know, because it's not fast and it's sooo harrrd man.
>
> Tor is good stuff, but like anything else, only good when used within
> its model. Supposedly i2p welcomes torrenting. Millions? Ask i2p.
>
> > ... and also give plausible deniability to
> > direct downloads ("wasn't me, it was the TOR exit" ;-)
>
> No, not really.
> --
> tor-talk mailing list - tor-talk@lists.torproject.org
> To unsusbscribe or change other settings go to
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
>
-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsusbscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

Re: [tor-talk] Default clients to be non-exit relay LibTech x

[Nathan Suchy]

That's a good idea. My ISP CenturyLink blocks incoming traffic I think...
On Aug 27, 2013 8:22 PM, "Griffin Boyce"  wrote:

> On 08/27/2013 07:29 PM, Percy Alpha wrote:
> > There're few problems with ISP when running non-exit relay. Users in
> > moderately censored areas can act as non-exit relay without causing
> problem
> > to the circuit. So why doesn't Tor default to non-exit relay?  Users with
> > problems(e.g crappy hardware, ISP fireware) can manually change it to
> > client only to improve performance/trouble shooting.
>   Honestly, I suspect that if the 500k-900k users that Tor has every day
> became middle nodes or bridges, it would probably overload the network.
> Not that directory authorities couldn't handle it (though sometimes I
> wonder), but then each end-user would have to download a far larger list
> of relays before using Tor.  For someone using a bridge to connect, the
> latency could reach Pyongyang levels :P  Theoretically, the directory
> authority could serve up a set of a thousand random nodes, and then the
> client software could select a random set to use initially.
>
>   It's an interesting architecture problem.
>
>   Beyond that though, geography is problematic.  How does the network
> restrict nodes coming from hostile geographic areas, without notifying
> the authorities "Hey, this person is trying to help others bypass
> censorship" ?
>
>   Maybe an intermediate step would be to offer two browser bundles for
> download -- one configured to be a bridge or middle-hop, and one that is
> just a client.
>
>   What are your thoughts on it?
>
> ~Griffin
>
> --
> "Cypherpunks write code not flame wars." --Jurre van Bergen
> #Foucault / PGP: 0xAE792C97 / OTR: sa...@jabber.ccc.de
>
> My posts, while frequently amusing, are not representative of the thoughts
> of my employer.
>
> --
> tor-talk mailing list - tor-talk@lists.torproject.org
> To unsusbscribe or change other settings go to
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
>
-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsusbscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

Re: [tor-talk] Inquiry about Vidalia/Tor bundle

[Nathan Suchy]

again id say check my laptop any files?


On Tue, Aug 27, 2013 at 9:20 PM, Griffin Boyce wrote:

> On 08/27/2013 08:37 PM, Nathan Suchy wrote:
> > Even if you used traffic correlation you could not prove that it was
> their
> > traffic...
>
>   Unfortunately, that's not *really* true.  Assuming that there's one
> tiny data point tying you to a given VPN, it would be hard to prove that
> you were the one blogging (or whatever).  But when you're using a VPN
> for all of your traffic, it becomes fairly trivial to identify the
> source.  Deniability is dead.  And this is especially true in areas
> where  need not prove beyond a shadow of a doubt that a
> specific individual is doing .  Secret police don't have to
> prove that a single person wrote something against  -- they'll
> just narrow it down to a handful of possibilities and start arresting
> people.
>
> ~Griffin
>
> --
> "Cypherpunks write code not flame wars." --Jurre van Bergen
> #Foucault / PGP: 0xAE792C97 / OTR: sa...@jabber.ccc.de
>
> My posts, while frequently amusing, are not representative of the thoughts
> of my employer.
>
> --
> tor-talk mailing list - tor-talk@lists.torproject.org
> To unsusbscribe or change other settings go to
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
>



-- 
Nathan Suchy
If this email was not intended for you delete it and any copies you have of
it. The email was intended for "FirstName LastName". Information in this
email may be confidential and releasing it may be a violation of US law.
-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsusbscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

Re: [tor-talk] Inquiry about Vidalia/Tor bundle

[Nathan Suchy]

Even if you used traffic correlation you could not prove that it was their
traffic...


On Tue, Aug 27, 2013 at 4:52 PM, Griffin Boyce wrote:

> On 08/27/2013 04:02 PM, Nathan Suchy wrote:
> > Not a joke. I thought we were talking about TBB. Tor secures all traffic
> > you send through it. In reality though wouldn't a secure VPN with no logs
> > be just as safe?
>
>   Short answer: no.  It's easy to map out your connection to the VPN
> with traffic coming from the VPN.  Even if the VPN providers were honest
> and had privacy policies, you'd still be open to traffic-correlation and
> analysis.  It's not a big deal for someone in  looking to play
>  or bypass a YouTube block. But journalists and other people
> who need actual privacy shouldn't rely on a VPN to protect them.
>
> ~Griffin
>
> --
> "Cypherpunks write code not flame wars." --Jurre van Bergen
> #Foucault / PGP: 0xAE792C97 / OTR: sa...@jabber.ccc.de
>
> My posts, while frequently amusing, are not representative of the thoughts
> of my employer.
>
> --
> tor-talk mailing list - tor-talk@lists.torproject.org
> To unsusbscribe or change other settings go to
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
>



-- 
Nathan Suchy
If this email was not intended for you delete it and any copies you have of
it. The email was intended for "FirstName LastName". Information in this
email may be confidential and releasing it may be a violation of US law.
-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsusbscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

Re: [tor-talk] Many more Tor users in the past week?

[Nathan Suchy]

The Pirate Browser does not use Tor. Anyone who did any reading would
realize this. I feel that the more usage of Tor the better. The Pirate
Browser needs to have some warning on extraction...


On Tue, Aug 27, 2013 at 6:53 PM, mirimir  wrote:

> On 08/27/2013 10:40 PM, mirimir wrote:
>
> > On 08/27/2013 04:26 PM, grarpamp wrote:
> >
> >> On Tue, Aug 27, 2013 at 11:56 AM, Missouri Anglers
> >>  wrote:
> >>> PirateBay is pushing the Pirate browser on their website.
> >>> People are not searching for it. They are discovering it while
> downloading torrents.
> >>
> >> Oh, seems there's a bolded link on the bottom of piratebay.sx ...
> >> now that might actually do it. It went up on Aug 9/10 I think.
> >>
> >> Try asking piratebrowser.com for usage stats. 500k?
> >
> > In Alexa's top sites list, their global rank is currently 73. It was
> > about 90 yesterday.
> >
> > By comparison:
> >
> > wordpress.org  -  66
> > flickr.com  -  67
> > adobe.com  -  68
> > vube.com  -  72
> > thepiratebay.sx  -  73
> > blogspot.in  -  75
> > godaddy.com  -  77
> > huffingtonpost.com  -  79
> > about.com  -  82
> >
> > Is that consistent with 500k?
>
> That was stupid of me.
>
> In Alexa's top sites list, it's thepiratebay.sx that currently has a
> global rank of 73. Alexa shows piratebrowser.com at about 35,000.
>
> --
> tor-talk mailing list - tor-talk@lists.torproject.org
> To unsusbscribe or change other settings go to
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
>



-- 
Nathan Suchy
If this email was not intended for you delete it and any copies you have of
it. The email was intended for "FirstName LastName". Information in this
email may be confidential and releasing it may be a violation of US law.
-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsusbscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

Re: [tor-talk] Tor Mail Gateway

[Nathan Suchy]

Yes. Edward Snowden did a good job and probably had smart tactics for
securing his Internet traffic before meeting with them. It being a
condition may have been the case but even then he is already public so what
we need to focus on is that. If he really needed security he should of used
TorMail as it is secure and it is hard to trace as access is only on the
inside but forwards to external relay servers. Down time is an issue though.


On Tue, Aug 27, 2013 at 4:57 PM, krishna e bera  wrote:

> On 13-08-27 02:06 PM, Bernard Tyers - ei8fdb wrote:
> >
> > On 27 Aug 2013, at 18:44, The Doctor  wrote:
> >
> >> Signed PGP part
> >> On 08/26/2013 07:29 AM, Nathan Suchy wrote:
> >>> First off Edward Snowden did not need anonymity. He went public on
> >>> this.
> >>
> >> Is it known if he chose to go public, or if it was a condition of the
> >> leak being published by the Guardian?
> >
> > From memory, the first interview he did with Greenwald and Poitras (sp?)
> he said he decided to go public, along the lines that he couldn't stand up
> and stay quiet. (I am paraphrasing, and from memory.)
>
> There is/was a lot of preparation before going public as a
> whistleblower. You have to make contacts in the press and work with them
> to ensure the story gets published at all, nevermind keeping it focused
> on the facts and not on yourself as the press is wont to do.  That takes
> time, during which you could be noticed, tracked down and silenced.
>
>
>
> --
> tor-talk mailing list - tor-talk@lists.torproject.org
> To unsusbscribe or change other settings go to
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
>
>


-- 
Nathan Suchy
If this email was not intended for you delete it and any copies you have of
it. The email was intended for "FirstName LastName". Information in this
email may be confidential and releasing it may be a violation of US law.
-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsusbscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

Re: [tor-talk] Many more Tor users in the past week?

[Nathan Suchy]

I think the more Tor Usage the better as it protects Tor and gives more
people a reason to run nodes...
On Aug 27, 2013 8:18 AM, "mick"  wrote:

> On Tue, 27 Aug 2013 07:39:58 +
> mirimir  allegedly wrote:
>
> > On 08/27/2013 07:08 AM, Roger Dingledine wrote:
> >
> > >
> > > Check out
> > > https://metrics.torproject.org/users.html
> > > (for posterity, the longer-term link will be
> > >
> https://metrics.torproject.org/users.html?graph=direct-users&start=2013-05-29&end=2013-08-27&country=all&events=off#direct-users
>
> > > Anybody know details? It's easy to speculate (Pirate Browser
> > > publicity gone overboard? People finally reading about the NSA
> > > thing? Botnet?), but some good solid facts would sure be useful.
> >
> > I suspect PirateBrowser, given that PirateBay users probably outnumber
> > privacy lovers by 2-3 orders of magnitude.
>
> Source?
>
> Mick
>
> -
>
>  Mick Morgan
>  gpg fingerprint: FC23 3338 F664 5E66 876B  72C0 0A1F E60B 5BAD D312
>  http://baldric.net
>
> -
>
>
> --
> tor-talk mailing list - tor-talk@lists.torproject.org
> To unsusbscribe or change other settings go to
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
>
>
-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsusbscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

Re: [tor-talk] Inquiry about Vidalia/Tor bundle

[Nathan Suchy]

Not a joke. I thought we were talking about TBB. Tor secures all traffic
you send through it. In reality though wouldn't a secure VPN with no logs
be just as safe?
On Aug 27, 2013 8:19 AM, "mirimir"  wrote:

> On 08/27/2013 11:43 AM, Nathan Suchy wrote:
>
> > It goes through a guard, middle, and exit node which does not anything
> > about each other than the next and last hop. It is by far more secure.
> Its
> > probably secure enough for anything. Even illegal speech. It should keep
> > you safe.
>
> Is that a joke?
>
> Did you notice Roger Dingledine's comment: "From what I heard (it's
> Windows-only so I haven't tried running it or decompiling it to find
> out what it is really), it includes Foxyproxy, configured to only go
> through Tor for a select set of sites that are commonly censored.
> The rest of the sites bypass Tor."
>
> Are you claiming that PirateBrowser in fact uses Tor for everything?
>
> > On Aug 27, 2013 2:46 AM, "mirimir"  wrote:
> >
> >> On 08/26/2013 11:08 PM, Roger Dingledine wrote:
> >>
> >>> On Mon, Aug 26, 2013 at 05:58:22PM -0500, Missouri Anglers wrote:
> >>>> I downloaded and installed "PirateBrowser" which is a Firefox
> >>>> browser configured to use vidalia/tor.
> >>>
> >>> Not quite -- it is a bundle that includes a variety of software
> >>> including Firefox, Vidalia, and Tor, configured in the way they
> >>> wanted to configure it.
> >>>
> >>> Specifically, don't be confused into thinking this is a Tor product,
> >>> or that it will keep you safe in some particular way.
> >>>
> >>> In fact, they even have a disclaimer saying that it's not an
> >>> anonymity tool. And in this case that's not just a disclaimer, it's
> >>> an accurate statement.
> >>
> >> That's true, but their disclaimer
> >> <http://piratebrowser.ca/faq_piratebrowser.html> is still extremely
> >> misleading:
> >>
> >>> Does it make me surf the net anonymously?
> >>>
> >>> No, Pirate Browser is not intended to be a TOR Browser, while it uses
> >>> the Tor network, which is designed for anonymous surfing, this
> >>> browser is ONLY intended to circumvent censorship. The Tor network is
> >>> used to help route around the censoring / blocking of websites your
> >>> government doesn't want you to know about.
> >>>
> >>> If you are looking for something more secure you may want to try a
> >>> VPN like PrivacyIO.
> >>
> >> They could have at least pointed people at TBB!
> >>
> >>>> I assume this is simply just a browser set up to use an anonymous
> >>>> proxy?
> >>>
> >>> From what I heard (it's Windows-only so I haven't tried running it
> >>> or decompiling it to find out what it is really), it includes
> >>> Foxyproxy, configured to only go through Tor for a select set of
> >>> sites that are commonly censored. The rest of the sites bypass Tor.
> >>
> >> That should be clearly stated in the summary under "Search" at the top
> >> of <http://piratebrowser.ca/>. What they're doing is totally reckless.
> >>
> >>>> I am not exactly a beginner when it comes to using anonymous
> >>>> proxies. I have been gathering proxy lists, scanning them with
> >>>> software to see if they are valid/anonymous and configuring my
> >>>> browser to use them for years. However I am no expert.
> >>>>
> >>>> This Vidalia/Tor has me confused.
> >>>
> >>> Again, please remember this is somebody else's program, called
> >>> Pirate Browser, and not anything made by Tor. Though it does include
> >>> tools written by Tor, but tools-written-by-Tor only perform the way
> >>> Tor had in mind if you configure them that way.
> >>>
> >>>> The program loads, connects to the Tor network and everything looks
> >>>> and acts well. However when I check my stats at various websites
> >>>> that I use such as (http://www.lagado.com/proxy-test) my IP address
> >>>> is revealed along with my ISP amd other accurate information.
> >>>>
> >>>> I also checked https://check.torproject.org/ and it says that it is
> >>>> not working.
> >>>
> >>> That sounds compatible with my Foxyproxy theory above.
> >>>
> >>> Hope that helps, --Roger
> >>>
> >>
> >> --
> >> tor-talk mailing list - tor-talk@lists.torproject.org
> >> To unsusbscribe or change other settings go to
> >> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
> >>
>
> --
> tor-talk mailing list - tor-talk@lists.torproject.org
> To unsusbscribe or change other settings go to
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
>
-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsusbscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

Re: [tor-talk] Orbot relays not grouped by family

[Nathan Suchy]

If I'm not mistaken you need to edit all Tor node torrecs and have the
servers Hash's in the lists.
On Aug 26, 2013 1:14 PM, "Nathan Freitas"  wrote:

> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA1
>
> On 08/01/2013 03:37 PM, lee colleton wrote:
> >
> > If I run multiple relays, shouldn't they be grouped into a node
> > family? I see no way of doing this with Orbot on Android, which
> > lists only an option for setting the node nickname.
>
> Just saw this comment!
>
> We hope to provide the ability to directly edit the torrc for non-root
> Orbot users shortly, allowing full access to the Tor setting for
> advanced uses such as this.
>
> For now, if your device is rooted, you can edit torrc by navigating to
> /data/data/org.torproject.android and somewhere under there you will
> find it.
>
> +n
> -BEGIN PGP SIGNATURE-
> Version: GnuPG v1.4.11 (GNU/Linux)
> Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/
>
> iQIcBAEBAgAGBQJSG4zpAAoJEKgBGD5ps3qpTXYP/3QK0+u9MjWbsiAuOGgrRJOg
> NKGn5uzdczud9N1rJ2RhvT+Ute5DK0UJJIgpCsxxnRMbes47AjazoS+FKyJiLC/c
> 6Xmd62++xQ59PJLwshTqaY6I1FmvzrnHPFCmvSaDVlr8D+T0D5GrbNYqckbZEH1/
> 1I39FhVKqMErBcapi7eJDXFp1SNDhite+FSWuxV1D4nIHcHpJc66SP98WcHKp/oU
> YqbfB/9qYl4d1+c/TbdcMq4gEwiSPkC8bFwaNS9R0iMKAPvSvBpMOVu+7VGH6URZ
> FlRBEcUpuEN5MU343GsyaimHmcW6eyUecx/JmvWA/7jbiMJwxId5jWfAW+l7pcZF
> our+gWHcVQUgJb/Fok7+HHFjazgZmuO9WkBJFntREbhZ/nCnYSCuppFDGgXKes3U
> G2fXluvP2VDL2g/ZsBrzMVY3yHyRBuWjKRuVuve+lbpZ5jV55eet7iiveymLFRkr
> rk/hAKUqadbCMym+Tk/D5WyzmLN09oBQS4aaYUJMZQnTNrNb62RZZppBf/Lvrje3
> TsbxXnFQDsHJyofU/23EyDeABl/X6pxmm4+LwDz7dERYrs3Sz0/qpHAh0oUzW3Om
> IYSXTUXWGjKhkO88ZLoO2eIue6odorRRATuHudPVL1oa4qxy8BfCro8FKWyuOPI8
> vHuwkVbC/GoPnyL3HQLg
> =iRfW
> -END PGP SIGNATURE-
> --
> tor-talk mailing list - tor-talk@lists.torproject.org
> To unsusbscribe or change other settings go to
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
>
-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsusbscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

Re: [tor-talk] hardened *nix for Lenovo X60

[Nathan Suchy]

I would recommend patching Debian maybe include AppArmor/SELinux/one other
tool can't remember the name but starts with a "Ba..."
On Aug 26, 2013 12:54 PM, "kendrick eastes"  wrote:

> On Mon, Aug 26, 2013 at 9:09 AM, Eugen Leitl  wrote:
>
> >
> > I've managed to lay my hands onb a couple of Lenovo X60's that are
> > in pretty good shape and would like to use them as a moderately secure
> > communication/development system. (I'm not trusting my desktops,
> > servers or mobile devices for obvious reasons). I'm loath to modify
> > the hardware at this point, so I expect to only flash coreboot
> > upon it.
> >
> > What kind of security-minded Linux or *BSD would you guys
> > recommend? Liberte looks a bit too stable (cough, sorry Максим)),
> > Kali is more for security h4x0rs. Anything else what is well-maintained
> > yet borderline secure from *untargeted* TLA-level scrutiny?
> >
>
> as a general rule (older and more experienced minds can and probably will
> disagree with me) any consistently updated *nix based OS (and by extension
> *BSD) are safe against untargeted scrutiny. From what we know the various
> TLAs have network taps, and so internet communication is where you are
> vulnerable. changing network habits (to impede statistical analysis), and
> using tor and a handful of other tools (tor, especially as a relay, and OTR
> messaging come to mind first) you can minimize what the TLAs can gather on
> you, but not stop it entirely. on the other hand a sudden spike of
> encrypted traffic may make you more interesting from their point of view.
>
> >
> > I'm okay with text-mostly distros, or minimalistic window
> > managers. It shouldn't be a kitchensink of stuff I don't need,
> > but on the other hand it's shouldn't be so secure it's
> > unusable, either.
> >
>
> if you feel paranoid enough and have enough time to learn it you might
> think about Gentoo Linux, only source is distributed, so all packages are
> compiled in stiu, and are (theoretically) free of malware.
>
> >
> > Pointers to any HOWTOs or SOPs highly welcome. Tanks & machine guns.
> > --
> > tor-talk mailing list - tor-talk@lists.torproject.org
> > To unsusbscribe or change other settings go to
> > https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
> >
> --
> tor-talk mailing list - tor-talk@lists.torproject.org
> To unsusbscribe or change other settings go to
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
>
-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsusbscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

Re: [tor-talk] Inquiry about Vidalia/Tor bundle

[Nathan Suchy]

It goes through a guard, middle, and exit node which does not anything
about each other than the next and last hop. It is by far more secure. Its
probably secure enough for anything. Even illegal speech. It should keep
you safe.
On Aug 27, 2013 2:46 AM, "mirimir"  wrote:

> On 08/26/2013 11:08 PM, Roger Dingledine wrote:
>
> > On Mon, Aug 26, 2013 at 05:58:22PM -0500, Missouri Anglers wrote:
> >> I downloaded and installed "PirateBrowser" which is a Firefox
> >> browser configured to use vidalia/tor.
> >
> > Not quite -- it is a bundle that includes a variety of software
> > including Firefox, Vidalia, and Tor, configured in the way they
> > wanted to configure it.
> >
> > Specifically, don't be confused into thinking this is a Tor product,
> > or that it will keep you safe in some particular way.
> >
> > In fact, they even have a disclaimer saying that it's not an
> > anonymity tool. And in this case that's not just a disclaimer, it's
> > an accurate statement.
>
> That's true, but their disclaimer
>  is still extremely
> misleading:
>
> > Does it make me surf the net anonymously?
> >
> > No, Pirate Browser is not intended to be a TOR Browser, while it uses
> > the Tor network, which is designed for anonymous surfing, this
> > browser is ONLY intended to circumvent censorship. The Tor network is
> > used to help route around the censoring / blocking of websites your
> > government doesn't want you to know about.
> >
> > If you are looking for something more secure you may want to try a
> > VPN like PrivacyIO.
>
> They could have at least pointed people at TBB!
>
> >> I assume this is simply just a browser set up to use an anonymous
> >> proxy?
> >
> > From what I heard (it's Windows-only so I haven't tried running it
> > or decompiling it to find out what it is really), it includes
> > Foxyproxy, configured to only go through Tor for a select set of
> > sites that are commonly censored. The rest of the sites bypass Tor.
>
> That should be clearly stated in the summary under "Search" at the top
> of . What they're doing is totally reckless.
>
> >> I am not exactly a beginner when it comes to using anonymous
> >> proxies. I have been gathering proxy lists, scanning them with
> >> software to see if they are valid/anonymous and configuring my
> >> browser to use them for years. However I am no expert.
> >>
> >> This Vidalia/Tor has me confused.
> >
> > Again, please remember this is somebody else's program, called
> > Pirate Browser, and not anything made by Tor. Though it does include
> > tools written by Tor, but tools-written-by-Tor only perform the way
> > Tor had in mind if you configure them that way.
> >
> >> The program loads, connects to the Tor network and everything looks
> >> and acts well. However when I check my stats at various websites
> >> that I use such as (http://www.lagado.com/proxy-test) my IP address
> >> is revealed along with my ISP amd other accurate information.
> >>
> >> I also checked https://check.torproject.org/ and it says that it is
> >> not working.
> >
> > That sounds compatible with my Foxyproxy theory above.
> >
> > Hope that helps, --Roger
> >
>
> --
> tor-talk mailing list - tor-talk@lists.torproject.org
> To unsusbscribe or change other settings go to
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
>
-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsusbscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

Re: [tor-talk] Number of New relays and exit nodes

[Nathan Suchy]

It just means people need less bandwidth but Tor has more to give. It means
for example more people can use VOIP and Video Chat over Tor as less people
are using Tor and there are more exit relays :-)
On Aug 20, 2013 12:22 PM, "Jon"  wrote:

> I am wondering with the increase of number of new relays and exit nodes how
> this might be affecting the other ( exisiting ) relays and exits?
>
> I have noticed over the past several months that the amount my exit relay
> was being used has drastically dropped as the new relays and new exits have
> come online.  Is this normal to see the usage to drop noticeably?
>
> Is this going to be a continuing trend as new relays and exits join with
> what we already have, that some relays / exits will see a lower usage from
> their nodes?
>
> Thanks
> --
> tor-talk mailing list - tor-talk@lists.torproject.org
> To unsusbscribe or change other settings go to
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
>
-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsusbscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

Re: [tor-talk] Exit bridges / Tor VPN terminals

[Nathan Suchy]

Basically it is a complicated way to configure Tor to be a point of entry
for a VPN Server. Why not just configure PPTPD then connect to it via Tor?
On Aug 23, 2013 9:35 AM, "Sebastian G. " <
bastik@googlemail.com> wrote:

> 23.08.2013 03:22, Andrew Lewman:
> > On Thu, 22 Aug 2013 20:20:52 -0400
> > grarpamp  wrote:
> >
> >>> There are no official "exit bridges" provided as part of Tor
> >>> network. However you could setup your traffic to go through Tor to
> >>> a regular VPN or proxy service and then exit to the destination you
> >>> want.
> >>
> >> - This exit bridges is interesting idea.
> >
> > I know of a few orgs which run an exit relay, but set
> > "PublishServerDescriptor 0" option so only their social graph knows of
> > the exit relay. I forget how they force their exit relay when they need
> > it, but I've seen it work and the orgs are happy with their solution.
> >
>
> How is it possible to use a publicly unknown exit, which should have no
> exit flag, not appear in the consensus and therefore should not be used
> by unmodified clients?
>
> (I'm assuming that a client would only use exits if they are exits in
> the consensus.)
>
> Well, a bridge with an exit-policy won't be used as exit, even if
> SingleHop is allowed. Or am I wrong?
>
> (I remember that this is the case, since a bridge would see what a
> client uses Tor for and is not bound by the Guard implementation)
>
> Regards,
> Sebastian G.
> --
> tor-talk mailing list - tor-talk@lists.torproject.org
> To unsusbscribe or change other settings go to
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
>
-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsusbscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

Re: [tor-talk] Isn't it time to ADMIT that Tor is cracked by now??

[Nathan Suchy]

It's sad what happened to FreedomHosting. I guess that's just our
government. Will anything happen to the poor admin?


On Mon, Aug 26, 2013 at 4:48 PM, Juan Garofalo  wrote:

> At 05:05 PM 8/25/2013 -0400, you wrote:
> >The US feds did actually take down FH, which was a HIDDEN SERVICE! They
> >found it and arrested the admin! Period!
> >
> >Hidden services vaporize like water in death valley these days. And don't
> >you guys want answers?? It's time to take off the blinders and take a look
> >around!!
>
>
> Yeah. I find it kind of odd that no one here is saying anything
> about freedom hosting. I saw some discussion in Roger Dingledine's blog,
> but it was just one post (plus hundred of comments), but a blog isn't the
> best medium for discussion, it seems.
>
>
>
>
> >If they can find hidden services, finding regular tor clients would be
> even
> >easier!
> >--
> >tor-talk mailing list - tor-talk@lists.torproject.org
> >To unsusbscribe or change other settings go to
> >https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
>
> --
> tor-talk mailing list - tor-talk@lists.torproject.org
> To unsusbscribe or change other settings go to
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
>



-- 
Nathan Suchy
If this email was not intended for you delete it and any copies you have of
it. The email was intended for "FirstName LastName". Information in this
email may be confidential and releasing it may be a violation of US law.
-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsusbscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

Re: [tor-talk] Tor Mail Gateway

[Nathan Suchy]

Just don't manage or store PGP keys. That would destroy security!
On Aug 26, 2013 11:35 AM, "Fabio Pietrosanti (naif)" 
wrote:

> Il 8/26/13 1:29 PM, Nathan Suchy ha scritto:
> > First off Edward Snowden did not need anonymity. He went public on this.
> > Second gateways compromise network security by granting outsiders
> internal
> > access. Encryption is another thing but would be pretty easy. I'm not
> > saying this is a bad project but you need to put protections in it.
> I think that the proposed Tor2mail gateway is ok like it has been designed.
>
> It only speak SMTP/TLS and only accept to forward email that are
> encrypted with OpenPGP (not even saving it into the mail server queue if
> it's in clear text).
>
> I don't think it's the goal of a piece of software like this to process
> email body by apply security to the content of the message.
>
> It's goal is to enable internet<->darknet encrypted email exchange,
> strictly over SMTP/TLS connections for inbound and outbound. .
>
> We probably would need another, different piece of software, to provide
> easy "encryption gateways" .
>
> --
> Fabio Pietrosanti (naif)
> HERMES - Center for Transparency and Digital Human Rights
> http://logioshermes.org - http://globaleaks.org - http://tor2web.org
>
> --
> tor-talk mailing list - tor-talk@lists.torproject.org
> To unsusbscribe or change other settings go to
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
>
-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsusbscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

Re: [tor-talk] Discrimination of Tor Traffic

[Nathan Suchy]

OK. Tracking even to protect the law is stupid...
On Aug 26, 2013 10:23 AM,  wrote:

> >Date: Mon, 26 Aug 2013 07:37:32 -0400
> >From: Nathan Suchy 
> >To: tor-talk@lists.torproject.org
> >Subject: [tor-talk] Discrimination of Tor Traffic,
>
> >Why do services such as Google discriminate or block Tor Traffic? It does
> >not truly prevent abuse as crimals buy and sell better networks for that.
> >Tor can be abused but it is not the best platform for it.
>
>
> I can't speak for Google. But if you really want to know why some services
> and websites block Tor, you should ask the people who block Tor instead of
> asking the people who not only don't block Tor but are violently opposed
> to Tor being blocked.  You can find people who do block tor on the thread
> linked below:
>
> http://www.spambotsecurity.com/forum/viewtopic.php?f=15&t=2095
>
> Read the thread and then ask people on that forum why they block Tor.
>
> Warning: I suspect you probably can't log in or comment at that site using
> Tor.
>
> Lucia
>
>
>
> --
> tor-talk mailing list - tor-talk@lists.torproject.org
> To unsusbscribe or change other settings go to
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
>
-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsusbscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

Re: [tor-talk] About time to make BitTorrent work over Tor,

[Nathan Suchy]

OK. Why not setup some automatic internal routing so we don't waste exit
bandwidth?
On Aug 26, 2013 8:00 AM, "Kostas Jakeliunas"  wrote:

> On Mon, Aug 26, 2013 at 2:46 PM, Nathan Suchy <
> theusernameiwantista...@gmail.com> wrote:
>
> > I don't want this for piracy as I have a paid VPN account that is much
> > faster for that if I decide to pirate. I think we need BitTorrent though
> to
> > work on Tor so Tor Users can securely share files with one another.
>
>
> AFAIK the most obvious issue with this (among more subtle side-channel
> attack / decloaking problems) is network scalability. Total relay bandwidth
> available is, while seemingly increasing in general, very limited given
> such use cases. [1] How does one scale BitTorrent on top of that? It's
> probably not the right way to look at it. Perhaps try delving into, for
> example, GNUnet [2, 3], which is explicitly designed to be compatible with
> your use cases (probably). There are bound to be interesting problems and
> possible solutions there.
>
> But perhaps there's still some discussion to be had. I'm sure this has been
> discussed myriads of times, however - maybe it's worth trying to browse
> through the mailing list archives.
>
> [1]: https://metrics.torproject.org/network.html#bandwidth
> [2]: https://en.wikipedia.org/wiki/GNUnet
> [3]: https://gnunet.org/
>
> --
>
> Kostas.
>
> 0x0e5dce45 @ pgp.mit.edu
> --
> tor-talk mailing list - tor-talk@lists.torproject.org
> To unsusbscribe or change other settings go to
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
>
-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsusbscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

[tor-talk] Anonymity Of Hidden Services

[Nathan Suchy]

Why don't we make hidden services more like clients where it connects to
hs-relays and they proxy the traffic? It would make hidden services more
secure. Also we talk about location staying the same well connecting to 3
hs-relays that proxy would solve this problem.
-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsusbscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

[tor-talk] About time to make BitTorrent work over Tor,

[Nathan Suchy]

I don't want this for piracy as I have a paid VPN account that is much
faster for that if I decide to pirate. I think we need BitTorrent though to
work on Tor so Tor Users can securely share files with one another.
-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsusbscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

Re: [tor-talk] Tor Mail Gateway

[Nathan Suchy]

First off Edward Snowden did not need anonymity. He went public on this.
Second gateways compromise network security by granting outsiders internal
access. Encryption is another thing but would be pretty easy. I'm not
saying this is a bad project but you need to put protections in it.
On Aug 19, 2013 6:35 AM, "grarpamp"  wrote:

> > I'd say the majority of SMTP w/ TLS servers are
> > using self-signed certificates.
>
> Which you can then can pin-on-first-sight, just like SSH, and verify
> as desired, which is better than automatically trusting any CA.
>
> Mo's stance may not be all that interoperable at first, but
> it's interesting politically. And for that I say go for it. Lots
> of nodes other people can run their own on if they want.
>
> I'd also say hello to the cypherpunks as they have interest
> in nodes for bringing mail mixes back to life.
> --
> tor-talk mailing list - tor-talk@lists.torproject.org
> To unsusbscribe or change other settings go to
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
>
-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsusbscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

Re: [tor-talk] google

[Nathan Suchy]

I agree. Even if Tor was illegal then just set it up and make a new gmail
and use it for tor-talk with a fake identity. Many of us use Tor for our
safety.
On Aug 21, 2013 7:13 AM, "mick"  wrote:

> On Tue, 20 Aug 2013 23:35:39 -0400
> William Conlow  allegedly wrote:
>
> > I'm a bit of a newb at this (all of it). But this email thread
> > (tor-talk) is completely unencrypted, right? And it has to be that
> > way?
> >
> It doesn't /have/ to be that way, but it is much more convenient (and
> useful to a much larger population) if it is structured that way.
> Arguably tor-talk (and/or other tor related lists) could be hosted on a
> hidden service, encrypyted (by a key trusted by a large group - which in
> itself is non-trivial to manage). But why? Usage of tor is not in
> itself illegal in the US (or in many other jurisdictions). Tor's
> designers and the relay operators (I am one) all want to see tor
> widely used so why hide discussion about it? Having a publicly readable
> archive of such discussion allows anyone interested in tor to follow
> earlier discussions and make up their own minds about whether they
> would wish to use tor. Hiding discussion would deny interested parties
> that right and would end up in futile "choir preaching".
>
> Best
>
> Mick
> -
>
>  Mick Morgan
>  gpg fingerprint: FC23 3338 F664 5E66 876B  72C0 0A1F E60B 5BAD D312
>  http://baldric.net
>
> -
>
>
> --
> tor-talk mailing list - tor-talk@lists.torproject.org
> To unsusbscribe or change other settings go to
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
>
>
-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsusbscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

[tor-talk] Discrimination of Tor Traffic,

[Nathan Suchy]

Why do services such as Google discriminate or block Tor Traffic? It does
not truly prevent abuse as crimals buy and sell better networks for that.
Tor can be abused but it is not the best platform for it.
-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsusbscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

Re: [tor-talk] block Skype in torrc

[Nathan Suchy]

Yep Skype probably checks the Tor DNSBL. Have you considered running a Tor
Bridge instead?
On Aug 24, 2013 4:02 PM, "ra"  wrote:

> On Friday 23 August 2013 20:56:09 scar wrote:
> > hello i would like to use Skype from my Tor exit node (which is running
> > Linux) but, for whatever reason, the powers that be at Skype have banned
> > my IP address.
>
> Skype blocks all Tor exit IP addresses since end of June 2013.
>
> Best,
> Robert
>
> --
> tor-talk mailing list - tor-talk@lists.torproject.org
> To unsusbscribe or change other settings go to
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
>
>
-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsusbscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

Re: [tor-talk] encrypted mailing lists

[Nathan Suchy]

If you need a truly secure contact method why not run a micro forum and use
SSL instead? You could install LAMP and phpBB and then manually approve
sign ups and use complex permissions.
On Aug 21, 2013 9:31 AM, "Griffin Boyce"  wrote:

> On 08/21/2013 03:44 AM, Matej Kovacic wrote:
> > All mail sent to the list should then be encrypted (recipient is mailing
> > list address and user has it's public GPG key). Mailing list would then
> > decrypt it, and deliver that message to it's users encrypted and signed.
>
>   Well, it may offer some benefit if you (as a subscriber) don't trust
> your email provider.  But it's not that useful if you don't trust the
> mailing list server. Even if you're sending your mail encrypted to the
> server, the server then would need to decrypt it before encrypting it to
> the recipients.  It also doesn't protect against someone you don't trust
> being added to the mailing list (thereby getting all emails) or someone
> on the mailing list sending mails outside or betraying people (which
> never happens).
>
>   tl;dr: Might be okay in some threat models, doesn't work in others.
> ;-)  Good for people who are trying to emphasize the active use of GPG.
> People who cross borders frequently are better served by full-disk
> encryption.
>
> best,
> Griffin
>
> --
> "Cypherpunks write code not flame wars." --Jurre van Bergen
> #Foucault / PGP: 0xAE792C97 / OTR: sa...@jabber.ccc.de
>
> My posts, while frequently amusing, are not representative of the thoughts
> of my employer.
>
> --
> tor-talk mailing list - tor-talk@lists.torproject.org
> To unsusbscribe or change other settings go to
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
>
-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsusbscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

Re: [tor-talk] IP Cloaking and the CFAA [Was: Appearing American]

[Nathan Suchy]

If you would trace Tor Clients which if you stay safe and smart then you
can't. A lot of Tor Traffic may in fact be illegal but what good is that
information unless you have the magic power to trace Tor?
On Aug 23, 2013 4:11 PM,  wrote:

> On Fri, Aug 23, 2013 at 01:46:51PM -0400, pse...@gmail.com wrote 1.4K
> bytes in 0 lines about:
> : IP Cloaking Violates Computer Fraud and Abuse Act, Judge Rules
> : 
> :
> : "A federal judge has ruled that circumventing an IP address blockade to
> : connect to a website is a breach of the Computer Fraud and Abuse Act, the
> : same law that was used to prosecute Aaron Swartzbefore he committed
> suicide
> : earlier this year."
>
> There's an "intent" behind doing it to circumvent a known block that
> the judge ruled illegal. See the EFF's write-up of the ruling,
>
> https://www.eff.org/deeplinks/2013/08/court-rules-accessing-public-website-isnt-crime-hiding-your-ip-address-could-be
> .
> The CFAA is a horrible law which needs to be rewritten or scrapped.
>
> --
> Andrew
> http://tpo.is/contact
> pgp 0x6B4D6475
> --
> tor-talk mailing list - tor-talk@lists.torproject.org
> To unsusbscribe or change other settings go to
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
>
-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsusbscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

Re: [tor-talk] Isn't it time to ADMIT that Tor is cracked by now??

[Nathan Suchy]

If the protocol was more secure we would not have to keep it in the same
place. Why not make hidden services more client like? A lot of servers of
exploit do why not a bundled server and php and mysql that goes through
Tor? If we did that it would secure hidden services.
On Aug 26, 2013 4:45 AM, "grarpamp"  wrote:

> On Sun, Aug 25, 2013 at 5:05 PM,   wrote:
> > And don't you guys want answers??
>
> Sure, please post your answers in the form of links to verifiable
> reports of hidden services being 'found and taken down' due to
> *exploited vulnerabilities in the Tor protocol*, not some other, or
> as yet unknown, reason.
>
> No one has posted any legal documents yet, just a bunch of
> 'news' and user error. That's not to say there won't be any,
> there very well could be...
>
> Tor has design writeoffs. Tor has known vulnerabilities.
> If those bother you, contribute research and fixes, or
> don't use Tor (or anything else for that matter since
> none in the field have been fully proofed).
> --
> tor-talk mailing list - tor-talk@lists.torproject.org
> To unsusbscribe or change other settings go to
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
>
-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsusbscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

Re: [tor-talk] Isn't it time to ADMIT that Tor is cracked by now??

[Nathan Suchy]

Tor is very secure software but its time we redesign hidden services to be
faster and more secure. We should bundle a hidden service server which
won't connect to the internet except through Tor and only knows it's Tor IP
address.
On Aug 25, 2013 7:58 PM, "Roger Dingledine"  wrote:

> On Sun, Aug 25, 2013 at 05:05:26PM -0400, hi...@safe-mail.net wrote:
> > The US feds did actually take down FH, which was a HIDDEN SERVICE! They
> > found it and arrested the admin! Period!
>
> Reminds me of my response when in 2011 some Dutch police broke into
> a hidden service:
> https://lists.torproject.org/pipermail/tor-talk/2011-September/021198.html
>
> "If you have an instant messaging conversation with a Tor user and
> convince her to tell you her address, did you break Tor? Having an
> http conversation with a webserver running over a Tor hidden service,
> and convincing it to tell you its address, is not much different."
>
> We don't know in this case if they did it through exploiting the software
> running on the other end of the hidden service, or by the old "follow
> the money" trick, or by having an insider provide the info, or what.
>
> It could in fact have been by attacking the Tor protocol directly (see
> below). But I think in many cases, even with the various known weaknesses,
> the above "just bypass Tor and attack them in other ways" approaches
> are even easier. (This observation should scare you more, not less.)
>
> The fact that somebody started serving malware on the various hidden
> services:
>
> https://blog.torproject.org/blog/tor-security-advisory-old-tor-browser-bundles-vulnerable
> makes me think that they got in via the software running the webserver.
> I mean, heck, I heard he let strangers run php scripts in his webserver.
>
> For another case of a hidden service being compromised, see
> https://blog.torproject.org/blog/trip-report-october-fbi-conference
> The summary sentence there is "Way before they switched to a Tor hidden
> service, the two main people used Hushmail to communicate."
>
> > If they can find hidden services, finding regular tor clients would be
> even
> > easier!
>
> This part is unfortunately (well, ok maybe fortunately, but either
> way) false. Hidden services are weaker than normal Tor circuits for two
> reasons: a) they stay in the same place over time, and b) you, the user,
> can choose how often they make circuits. These two properties combine
> to produce a variety of other problems. I described some of them briefly
> in the 29c3 talk this past December, but see
> https://blog.torproject.org/blog/hidden-services-need-some-love for
> many more details, including references to academic papers on the topic.
>
> --Roger
>
> --
> tor-talk mailing list - tor-talk@lists.torproject.org
> To unsusbscribe or change other settings go to
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
>
-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsusbscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

Re: [tor-talk] Appearing American

[Nathan Suchy]

I'd beg to differ. There are very good VPN providers that keep absolutely
no logs so you would have anonymity in that case. I think a commercial vpn
without logs is the best way to go but you could also handpick nodes (tor
needs to have a auto feature which can auto pick nodes by country. Covert
Browser for IOS allows you to pick your exit node.


On Wed, Aug 21, 2013 at 6:44 AM, mick  wrote:

> On Tue, 20 Aug 2013 18:33:47 -0400
> Greg Norcie  allegedly wrote:
>
> > Is the anonymity offered by a modified Tor utilizing only nodes in
> > the USA actually more anonymous than a VPN?
>
> I'd say yes, with caveats. Using a VPN implies divulging some
> personal identifier(s) to the VPN provider at the least. You do not
> need to do that when you use tor. However, tor usage flags you as
> someone who cares a lot about personal privacy and anonymity. That in
> itself can draw attention to you. (The old "what have you got to hide?"
> chestnut.) Of course VPN usage can imply much the same, but for the
> reason I gave above, it looks less likely.
>
>
> > I thought utilizing a
> > subset of nodes was considered a bad idea?
>
> The tor FAQ (at ../docs/faq.html) recommends against limiting entry
> and/or exit to specific locations on the grounds that it can "mess up
> your anonymity in ways that we don't understand." If the tor builders
> themselves profess not to understand the implications, then I'd be
> inclined to trust their recommendation against it.
>
> Best
>
> Mick
> -
>
>  Mick Morgan
>  gpg fingerprint: FC23 3338 F664 5E66 876B  72C0 0A1F E60B 5BAD D312
>  http://baldric.net
>
> -
>
>
> --
> tor-talk mailing list - tor-talk@lists.torproject.org
> To unsusbscribe or change other settings go to
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
>
>


-- 
Nathan Suchy
If this email was not intended for you delete it and any copies you have of
it. The email was intended for "FirstName LastName". Information in this
email may be confidential and releasing it may be a violation of US law.
-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsusbscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

Re: [tor-talk] How can I get Adobe Flash working in the Tor Browser Bundle?

[Nathan Suchy]

But will Flash go through Tor? Also I'm just looking through an Internet
Chatroom not activist work. The admin is a hacker but I don't think I'll
need to hide my IP other than from software...


On Sat, Aug 17, 2013 at 5:58 PM, harmony  wrote:

> Nathan Suchy:
> > I'm investigating a internet chat room and need to use Tor for anonymity
> of
> > my ip address. This chat room is powered by realchat which requires flash
> > player. Is there a way to get Adobe Flash to proxy through Tor in the Tor
> > Browser Bundle
>
> If you really want to enable it, just go to 'tools > add-ons', then
> 'plugins' and click 'enable' under 'shockwave flash', BUT:
>
> > and only go through Tor when using the Browser Bundle?
>
> This is a many-dollar question - see here
> https://trac.torproject.org/projects/tor/ticket/7008 for current
> thinking on the numerous things that could go badly wrong.
> --
> tor-talk mailing list - tor-talk@lists.torproject.org
> To unsusbscribe or change other settings go to
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
>



-- 
Nathan Suchy
If this email was not intended for you delete it and any copies you have of
it. The email was intended for "FirstName LastName". Information in this
email may be confidential and releasing it may be a violation of US law.
-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsusbscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

[tor-talk] How can I get Adobe Flash working in the Tor Browser Bundle?

[Nathan Suchy]

I'm investigating a internet chat room and need to use Tor for anonymity of
my ip address. This chat room is powered by realchat which requires flash
player. Is there a way to get Adobe Flash to proxy through Tor in the Tor
Browser Bundle and only go through Tor when using the Browser Bundle?
-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsusbscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

Re: [tor-talk] Introducing Tor Forums :-)

[Nathan Suchy]

B
ecause it's not a full forum! Plus an easier URL :-)
-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsusbscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

[tor-talk] Introducing Tor Forums :-)

[Nathan Suchy]

I
have taken the time to setup an Internet Discussion Board on Tor. It will
be as secure as possible and uses the PhpBB Forum Software. We will not
modify the PhpBB Software in any way other than adding Tapatalk but that
will not happen for a while. We are hosted by NFSN, Inc are cannot be taken
down except by a judge in the US. We will get a better domain name soon but
the current site name is http://www.torforums.tk/ I really hope you enjoy
the site :-)

Also if I could find some moderators and administrators that would be great
(create an account and give me your username). I need some people to help
with the site. I'd prefer that you have worked with phpBB or forum software
before.

Currently the site is kinda basic so if you have any theme suggestions let
me know and also let me know how you would like the forums to be further
organized.

If the URL does not work for you please wait as the DNS Systems are
updating as fast as possible.

I will try to make the forums as unlimited as possible and I really hope
you enjoy the fourms :-)

Admin of Tor Forums
http://www.torforums.tk/
-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsusbscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

Re: [tor-talk] Can the Hidden Service ever be FAST?

[Nathan Suchy]

Sorry it just can't. Maybe a private tor hidden service would be better
where you ran the entire tor network but that would ruin the anonymity.
400MS + network delays. In the end your connection ping will be around
1000MS.


On Sun, Aug 4, 2013 at 9:39 AM, Arian Sanusi  wrote:

> Hi Jerzy,
>
> both the client and the hidden service establish a three hop circuit to
> the same tor relay, where the connections are joint, so hidden services
> will have even double the delay of normal tor traffic. If relays were
> homogeneous distributed among the globe, two random relays will be 1/4
> earth circumference apart on average. This means that a round trip will
> have a speed of light delay of 12 hops * 10 000km each / 300 000 km/s speed
> of light. That's 400ms from finite speed of light. Switches, routers and
> relays along the way will add to that.
>
> So no, hidden services will never be responsive. Bandwidth is something
> else, there are no in-principle boundaries.
>
> On 04.08.2013 13:59, Jerzy Łogiewa wrote:
> > Hello everyone!
> >
> > I am wondering: Is it possible to make the Hidden Service in Tor work
> near speed of standard web? It seems more and more that many sites should
> be offering Tor services and Tor connection. Is Tor like Freenet where most
> use makes faster connections, or opposite? How can Hidden Service be made
> faster?
> >
> > --
> > Jerzy Łogiewa -- jerz...@interia.eu
> >
>
>
> --
> tor-talk mailing list - tor-talk@lists.torproject.org
> To unsusbscribe or change other settings go to
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
>
>


-- 
Nathan Suchy
If this email was not intended for you delete it and any copies you have of
it. The email was intended for "FirstName LastName". Information in this
email may be confidential and releasing it may be a violation of US law.
-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsusbscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

Re: [tor-talk] Time for porn on the Tor?

[Nathan Suchy]

Even if Tor is illegal people will still use it and people will still run
Tor. Just look at China. My server (in the cloud) (which has 2Cores (2GHZ
each) and 2GB of Ram) is running a webserver, seeding all ubuntu torrents
(the latest ones and the lts/alternate ones), and is running a Tor Exit
Node (reduced policy). I don't think it will be an issue. Also they could
buy prepaid visas and go to a coffee shop which their laptops which sole
purpose is setting up illegal servers (tor in the future maybe?) and then
go away. They is no way to stop this...


On Mon, Jul 22, 2013 at 9:27 AM, Fabio Pietrosanti (naif) <
li...@infosecurity.ch> wrote:

> Il 7/22/13 11:44 AM, Jerzy Łogiewa ha scritto:
>
>  Well this is quite some surprise: 
> http://www.bbc.co.uk/news/uk-**23401076<http://www.bbc.co.uk/news/uk-23401076>
>>
>> Wasn't it Star Wars? More and more the countries will tighten grip on
>> internet content, more will slip through? So now Tor bandwidth will be huge
>> for porn market.
>>
> In invite you to read the thread of "Tor Porn Bundle" idea here:
> https://lists.torproject.org/**pipermail/tor-talk/2012-**
> October/026115.html<https://lists.torproject.org/pipermail/tor-talk/2012-October/026115.html>
>
> -naif
>
> __**_
> tor-talk mailing list
> tor-talk@lists.torproject.org
> https://lists.torproject.org/**cgi-bin/mailman/listinfo/tor-**talk<https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>
>



-- 
Nathan Suchy
If this email was not intended for you delete it and any copies you have of
it. The email was intended for "FirstName LastName". Information in this
email may be confidential and releasing it may be a violation of US law.
___
tor-talk mailing list
tor-talk@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

Re: [tor-talk] NSA, Tempora, PRISM And Company always know who is behind Tor?

[Nathan Suchy]

The NSA cannot always know who is behind Tor. This is due to the fast that
tor uses a circut guard - middle - exit and unless the NSA can get access
to the guard's isp, the middle's isp, and the exit's isp which more than
one of them may be in a country that hates the US they can't see what your
doing and prove it was you. Also even if you had a .pcap of each networks
traffic it would be very difficult to put the information back together.


On Fri, Jul 19, 2013 at 5:04 PM, Ed Fletcher  wrote:

> On 19/07/2013 9:23 AM, Tom Ritter wrote:
>
>> On 19 July 2013 06:35, Ed Fletcher  wrote:
>>
>>> On a related note, does having (what I assume is) a serious percentage of
>>> the Tor relays in the Amazon cloud make it easier for the NSA to
>>> compromise
>>> anonymity?
>>>
>>
>> I don't think a 'series percentage' of relays are in EC2.  I would
>> politely ask you to research that and prove me wrong if you feel
>> strongly about it.  There might be a serious percentage of bridges,
>> but even that is questionable.  (Related: Runa is giving a talk at
>> Defcon on the Diversity of the Tor Network, so hopefully that will be
>> a canonical answer to these sorts of questions once her slides go up
>> in a couple weeks.)
>>
>
> My mistake.  I had thought that a bridge was a relay with extra
> functionality.  I'll have to do some more reading.  And thanks for the tip
> on the slides.  I'll look for them after Defcon is done.
>
> Ed
>
> __**_
> tor-talk mailing list
> tor-talk@lists.torproject.org
> https://lists.torproject.org/**cgi-bin/mailman/listinfo/tor-**talk<https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>
>



-- 
Nathan Suchy
If this email was not intended for you delete it and any copies you have of
it. The email was intended for "FirstName LastName".
___
tor-talk mailing list
tor-talk@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

Re: [tor-talk] Binary patch downloads (for updating TBB)?

[Nathan Suchy]

The TBB downloads fine over a tethered Sprint 3G connect at just .60MBPS
down and ping time of 160MS. I think you'll be ok...


On Sat, Jun 29, 2013 at 7:46 PM, David Balažic  wrote:

> Hi!
>
> You don't realize how big the TBB is until you're forced to use a slow
> connection.
>
> In that light, are there patches available to update between releases?
> It might reduce load on the servers too.
>
> Regards,
> David
> ___
> tor-talk mailing list
> tor-talk@lists.torproject.org
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
>



-- 
Nathan Suchy
If this email was not intended for you delete it and any copies you have of
it. The email was intended for "FirstName LastName".
___
tor-talk mailing list
tor-talk@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

Re: [tor-talk] Recommended method for updating an existing TBB

[Nathan Suchy]

I always delete the folder, download and extract then use the new Tor
Browser Bundle. If you actually need bookmarks then write them down with
pen and paper and burn the paper when done...


On Fri, Jun 28, 2013 at 11:00 AM,  wrote:

>
>
> > -Original Message-
> > From: tor-talk [mailto:tor-talk-boun...@lists.torproject.org] On Behalf
> Of
> > Lutz Horn
> > Sent: Friday, 28 June 2013 4:59 PM
> > To: tor-talk@lists.torproject.org
> > Subject: Re: [tor-talk] Recommended method for updating an existing TBB
> >
> > Hi,
> >
> > > I don't agree that changing settings in TBB/Firefox should be
> > > discouraged; you may have meant this in regards to some specific
> > > settings, but you'd have to elaborate for me to be sure. For example,
> > > I routinely enable the "Tell websites I do not want to be tracked"
> > > option.
> > > Is this discouraged? Why?
> >
> > Changing TBB settings and installing extensions is discouraged because it
> > makes you stand out of the crowd.
>
> Using crypto makes one stand out from the crowd in the first instance with
> those flat histograms
> By using Tor and other crypto one should realise their comms are far more
> likely to be of interest to authorities
> See https://en.wikipedia.org/wiki/Letter_frequency
>
>  Sending DNT if nobody else using TBB
> > does weakens your anonymity. The same goes for using ABP or other
> > extensions that alter your requests.
> >
> > Anonymity loves company.
> >
> > Lutz
> >
> > --
> > Opt out of PRISM, the NSA’s global data surveillance program.
> > Stop reporting your online activities to the American government with
> these
> > free alternatives to proprietary software.
> > http://prism-break.org/
> > ___
> > tor-talk mailing list
> > tor-talk@lists.torproject.org
> > https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
>
> ___
> tor-talk mailing list
> tor-talk@lists.torproject.org
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
>



-- 
Nathan Suchy
If this email was not intended for you delete it and any copies you have of
it. The email was intended for "FirstName LastName".
___
tor-talk mailing list
tor-talk@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

Re: [tor-talk] WebRTC via Tor

[Nathan Suchy]

I don't have a need for UDP as I mostly browse the web and stream Spotify
which can be done over HTTPS...


On Mon, Jun 10, 2013 at 11:57 PM, mirimir  wrote:

> On 06/10/2013 03:54 PM, Jeffrey Walton wrote:
>
> > On Mon, Jun 10, 2013 at 12:56 AM, David Huerta 
> wrote:
> >> -BEGIN PGP SIGNED MESSAGE-
> >> Hash: SHA1
> >>
> >> ... The problem is that
> >> Twilio WebRTC requires UDP connections over ports 10,000 to 60,000 and
> >> at least from my research (correct me if I'm wrong), Tor doesn't do
> >> onion routing for UDP traffic
> > UDP does not work on some smart phones because many carriers allow UDP
> > from the phone (send) but block UDP to the phone (receive). In the US,
> > you will have probably trouble with Verizon, Sprint, and AT&T (and
> > likely others).
>
> If traffic uses VPN via Tor, the carrier will see only TCP.
>
> ___
> tor-talk mailing list
> tor-talk@lists.torproject.org
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
>



-- 
Nathan Suchy
If this email was not intended for you delete it and any copies you have of
it. The email was intended for "FirstName LastName".
___
tor-talk mailing list
tor-talk@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

[tor-talk] My Tor Exit Node,

[Nathan Suchy]

I really love it.
Check out the Tor Atlas Page:
https://atlas.torproject.org/#details/AF32506D548DAE6C17C02BE7E9F824467D546DC9

It runs at average of 3.80MBPS but sometimes is pumping up to 10MBPS
according to Tor Arm. Also my server provider DigitalOcean has not send me
any abuse complaints since I verfied my account and set an exit policy of
only ports 80, 443, and 53 yet I have pumped almost 500GB. Gonna set a more
open policy...
___
tor-talk mailing list
tor-talk@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

Re: [tor-talk] Running a Tor exit node on a VPS: does location of node matter?

[Nathan Suchy]

>From what I heard an exit location never used...
On Jun 5, 2013 1:25 PM, "Joe Btfsplk"  wrote:

> On 6/5/2013 10:53 AM, Moritz Bartl wrote:
>
>> Hi,
>>
>> Ideally, one would place exits in countries that have little or no exit
>> probability.
>>
>>  Little or no exit *probability?*  (probability of what?)  Do you mean
> little liability?
> What would be the point of an exit that's never used?
> __**_
> tor-talk mailing list
> tor-talk@lists.torproject.org
> https://lists.torproject.org/**cgi-bin/mailman/listinfo/tor-**talk
>
___
tor-talk mailing list
tor-talk@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

Re: [tor-talk] Running a Tor exit node on a VPS: does location of node matter?

[Nathan Suchy]

In my opinion any exit capicity should be accepted. I run a exit node in
New York (via DigitalOcean). My node is offline for manitance...
On Jun 5, 2013 12:40 PM, "Moritz Bartl"  wrote:

> Hi,
>
> Ideally, one would place exits in countries that have little or no exit
> probability.
>
>
> https://compass.torproject.org/#/by_country?exit_filter=all_relays&links&sort=cw&sort_reverse&country=&by_country&top=30
>
> Make sure you know the legal implications in both your home country and
> the country where the node is.
>
> --
> Moritz
>
> On 05.06.2013 17:02, Bernard Tyers - ei8fdb wrote:
> > Hello all,
> >
> > I am researching running a Tor exit node on a hosted VPS. I am currently
> looking at a big list of VPSs (www.lowendbox.com - thanks Moritz).
> >
> > Most are similar - bandwidth, RAM, disk, IPs, etc.
> >
> > For me as the operator of the node, does the location of the node, or
> more importantly the location of the datacentre/s where the VPS will live
> have any impact?
> >
> > As a European country citizen does it make sense to locate the node in
> the US/Canada/Asia/Europe?
> >
> > NB: I have no intention of using this node for illegal purposes, but
> seeing as this is the Tor network I cannot guarantee illegal usage will not
> occur.
> >
> > Any thoughts?
> >
> > Thanks,
> > Bernard
> > --
> > Bernard / bluboxthief / ei8fdb
> >
> > IO91XM / www.ei8fdb.org
> >
> > ___
> > tor-talk mailing list
> > tor-talk@lists.torproject.org
> > https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
> >
>
> --
> Moritz Bartl
> https://www.torservers.net/
> ___
> tor-talk mailing list
> tor-talk@lists.torproject.org
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
>
___
tor-talk mailing list
tor-talk@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

Re: [tor-talk] TOR EXIT VPS & VPS.NET

[Nathan Suchy]

Ok I did they said fine but they cancle the server if abused. Just gonna
make a nonexit node
On May 31, 2013 5:00 PM, "Sherief Alaa"  wrote:

> Why don't you just ask their live chat support?
> On May 31, 2013 10:56 PM, "Nathan Suchy" <
> theusernameiwantista...@gmail.com>
> wrote:
>
> > I found a cloud vps provider called VPS.NET do they have a problem with
> > tor
> > exit nodes?
> > ___
> > tor-talk mailing list
> > tor-talk@lists.torproject.org
> > https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
> >
> ___
> tor-talk mailing list
> tor-talk@lists.torproject.org
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
>
___
tor-talk mailing list
tor-talk@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

[tor-talk] I'm creating a Tor Non-Exit Node,

[Nathan Suchy]

Hey Guys,

I use the Tor Network a lot (i admit that sometimes i use it for bulk
downloading, but i don't use it for piracy) and because of my usage I want
to give back but I don't have a lot of money so I am creating a high speed
Tor Non-Exit Node. The hosting provider is called DigitalOcean (
https://www.digitalocean.com). I am going to set it up tomorrow morning. It
should get speeds of 1GBPS (I am limiting the rate to 100MBPS). My VPS will
get around 3TB of bandwidth but I will be limiting the total monthly
bandwidth to 2.5TB. Wish me luck with my project :-)
___
tor-talk mailing list
tor-talk@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

[tor-talk] TOR EXIT VPS & VPS.NET

[Nathan Suchy]

I found a cloud vps provider called VPS.NET do they have a problem with tor
exit nodes?
___
tor-talk mailing list
tor-talk@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

Re: [tor-talk] Number of tor users

[Nathan Suchy]

Well that average is wrong. I get around 300kbps for my downloads...
On May 29, 2013 10:26 AM, "Maimun Rizal" 
wrote:

> Hi Karsten,
> Thank you for fast reply.
> So, now more clear for me to understand.
> I try to calculate average Bandwidth per User based on Data from
> metrics.torproject.org and I got around 30-40 Kbps/user. but it is total
> bandwidth/average daily user. if I want to calculate end-to-end bandwidth,
> the result i divide 3. with assumption we have 3 relays to establish
> connection (Entry, middle and exit). each relays have equal bandwidth (only
> assumption, in the reality, total bandwidth for 3 relays are different).
> then, average bandwidth connection is 10 - 15 Kbps.
> in VoIP case, we need 30-35 Kbps (iLBC and Speex codec) to have good
> quality calls.
> then my next question, does TOR ensure the bandwidth for users? at least
> each user can get minimum bandwidth around 30 Kbps.
> Thank you before,
>
> Regards,
> Maimun
>
>
> On 29/05/2013 11:53, Karsten Loesing wrote:
>
>> On 5/29/13 10:11 AM, Maimun Rizal wrote:
>>
>>> I would like to know, where i can find data average number of tor
>>> users? As I know, number of users in metrics.torproject.org are total
>>> number in a day. So how can I know a average?
>>>
>> Hi Maimun,
>>
>> this is a fine question.
>>
>> Actually, what you find on metrics.torproject.org *is* the estimated
>> average number of Tor users per day, not the total number.
>>
>> Here's how we calculate those numbers (simplified): we sum up daily
>> requests by Tor clients to the Tor directories to fetch the network
>> status document, assume that an average user makes 10 such requests per
>> day (some make just 1 or 2, others 15 or 20), divide the number of
>> requests by 10, and have our estimated average daily user number.
>>
>> But we don't have data to say whether two requests were made by the same
>> client or two different clients, mostly because clients can send their
>> requests to hundreds of directories which cannot exchange data on
>> requesting clients for obvious privacy reasons.  That's why we cannot
>> calculate total users per day, just averages.
>>
>> For more details, see these reports:
>>
>> https://research.torproject.**org/techreports/counting-**
>> daily-bridge-users-2012-10-24.**pdf
>>
>> https://research.torproject.**org/techreports/countingusers-**
>> 2010-11-30.pdf
>>
>> I wonder, why did you think metrics.torproject.org shows total users per
>> day, and how can we make it clearer that these are in fact daily averages?
>>
>> Thanks,
>> Karsten
>>
>
> __**_
> tor-talk mailing list
> tor-talk@lists.torproject.org
> https://lists.torproject.org/**cgi-bin/mailman/listinfo/tor-**talk
>
___
tor-talk mailing list
tor-talk@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

Re: [tor-talk] Number of tor users

[Nathan Suchy]

I agree you already took over one. Please stop...
On May 29, 2013 6:23 AM, "Karsten Loesing"  wrote:

> On 5/29/13 11:55 AM, Frederick Jakubowsi wrote:
> > OK, how do I use or even start TOR, it keeps saying cannot start
> Vidalia?
>
> Please don't hijack threads.
>
> You can contact h...@rt.torproject.org for support questions.
>
> Thanks,
> Karsten
>
> ___
> tor-talk mailing list
> tor-talk@lists.torproject.org
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
>
___
tor-talk mailing list
tor-talk@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

Re: [tor-talk] Stop e-mails

[Nathan Suchy]

Just go to lists.torproject.org and use it to unsubscribe...
On May 29, 2013 7:40 AM, "shm...@riseup.net"  wrote:

>
>
> Jim:
> > For some reason this didn't post the first time.  Trying again.
> >
> > Nathan Suchy wrote:
> >> You are being very rude. We can't do that please click the very simple
> link
> >> and unsubscribe.
> >
> > Perhaps it is not so much a matter of rudeness as not realizing that is
> > what that link is there for.  Tor moved beyond the technical crowd only
> > a long time ago.
> >
> >
> > Suggestion for the mailing list administrator:
> >
> > Perhaps the link to the list could be preceded by the words
> >
> > "To unsubscribe or change your subscription options please visit:"
>
> does anyone keep their welcome email ?
> [hint]
> Subject: Welcome to the "tor-talk" mailing list
>
> >
> > or similar.
> >
> >
> > BTW, I just visited that page and I had to look several times before I
> > spotted the unsubscribe option.  My eyes were not immediately drawn to
> it.
> >
> >
> > Best regards,
> >
> > Jim
> >
> >
> >
> >> On Sunday, May 26, 2013, lilo wrote:
> >>
> >>> On 26/05/2013 13:30, Frederick Jakubowsi wrote:
> >>>> Please stop e-mails to my address, thank you.
> >>>
> >>> unsubscribe can help you
> >>>
> >>>> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
> >>>
> >>>
> >>> --
> >>> lilo
> >>> http://wiki.debian.org/LILO
> >>> 
> >>> -Da grande faro' il cattivo esempio, questo e' uno stage formativo-
> >>> bit in rebels
> >>> GnuPG/PGP Key-Id: 0x5D172559
> >>> FINGERPRINT: AB62 DC0E 3CB3 2B83 6333 5DF4 9674 A4B3 5D17 2559
> >>> server: pgp.mit.edu
> >>>
> >>>
> >>> ___
> >>> tor-talk mailing list
> >>> tor-talk@lists.torproject.org 
> >>> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
> >>>
> >>
> >>
> >
> >
> >
> >
> >
> >
> >
> >
> > ___
> > tor-talk mailing list
> > tor-talk@lists.torproject.org
> > https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
> >
> ___
> tor-talk mailing list
> tor-talk@lists.torproject.org
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
>
___
tor-talk mailing list
tor-talk@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

Re: [tor-talk] Stop e-mails

[Nathan Suchy]

You just download the tor browser bundle and go...
On May 29, 2013 5:10 AM, "Frederick Jakubowsi" 
wrote:

> OK, I downloaded TOR to give it a try, but every time I try to run it it
> says
> cannot run Vidalia!  How do I set this thing up lol?
>
>
>
>
> 
> From: Jim 
> To: tor-talk@lists.torproject.org
> Sent: Wed, May 29, 2013 12:29:25 AM
> Subject: Re: [tor-talk] Stop e-mails
>
> For some reason this didn't post the first time.  Trying again.
>
> Nathan Suchy wrote:
> > You are being very rude. We can't do that please click the very simple
> link
> > and unsubscribe.
>
> Perhaps it is not so much a matter of rudeness as not realizing that is
> what that link is there for.  Tor moved beyond the technical crowd only
> a long time ago.
>
>
> Suggestion for the mailing list administrator:
>
> Perhaps the link to the list could be preceded by the words
>
> "To unsubscribe or change your subscription options please visit:"
>
> or similar.
>
>
> BTW, I just visited that page and I had to look several times before I
> spotted the unsubscribe option.  My eyes were not immediately drawn to it.
>
>
> Best regards,
>
> Jim
>
>
>
> > On Sunday, May 26, 2013, lilo wrote:
> >
> >> On 26/05/2013 13:30, Frederick Jakubowsi wrote:
> >>> Please stop e-mails to my address, thank you.
> >>
> >> unsubscribe can help you
> >>
> >>> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
> >>
> >>
> >> --
> >> lilo
> >> http://wiki.debian.org/LILO
> >> 
> >> -Da grande faro' il cattivo esempio, questo e' uno stage formativo-
> >> bit in rebels
> >> GnuPG/PGP Key-Id: 0x5D172559
> >> FINGERPRINT: AB62 DC0E 3CB3 2B83 6333 5DF4 9674 A4B3 5D17 2559
> >> server: pgp.mit.edu
> >>
> >>
> >> ___
> >> tor-talk mailing list
> >> tor-talk@lists.torproject.org 
> >> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
> >>
> >
> >
>
>
>
>
>
>
>
>
> ___
> tor-talk mailing list
> tor-talk@lists.torproject.org
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
> ___
> tor-talk mailing list
> tor-talk@lists.torproject.org
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
>
___
tor-talk mailing list
tor-talk@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk