Re: [tor-talk] PGP fiddly-diddly - action required
> On 16 May 2018, at 9:42 pm, Lara <lara@emails.veryspeedy.net> wrote: > > On Wed, 16 May 2018, at 11:31, Sydney wrote: >> >> encrypted email.” >> >> This could easily be interpreted — especially by someone that doesn’t >> natively speak English — that PGP is not safe. > > Hence the corollary: if you are not a native speaker wait for a > translation. > >> This is how I initially read the article. > > Stop reading PGP email means "everyone would be able to read ALL my > email". A problem it is, but language is not. It’s a effectively security alert; it warrants caution. I’m a native speaker and read it the same way. You need to pull your head in. -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] PGP fiddly-diddly - action required
> On 16 May 2018, at 6:34 pm, Lara <lara@emails.veryspeedy.net> wrote: > >> So now everyone would be able to read all of may emails. > > I doubt even EFF would have written such a thing. >> The EFF website still has the following, which you actively chose to ignore: “...and temporarily stop sending and especially reading PGP-encrypted email.” This could easily be interpreted — especially by someone that doesn’t natively speak English — that PGP is not safe. This is how I initially read the article. I agree with ProtonMail when they said: “We agree that the @EFF warning is overblown and disproportionate... we think that stories claiming "PGP is vulnerable" are inaccurate.” (https://www.reddit.com/r/ProtonMail/comments/8jabm6/pgp_is_broken/) Sydney. -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] How do the OBFS4 "built-in" Bridges work?
Hi Nathaniel, There’s no reason bridges can’t run on “non-standard ports”. I run a bridge on port 8080 (common alternative to port 80) with obfs4 and it gets utilised quite a bit. The server running the bridge runs a fairly innocuous website to avoid attention being drawn to it, however, that prevents me using ports 80 and 443. The website itself is also bandwidth heavy, to reduce the suspicions of a casual observer like a public WiFi operator (but not a powerful adversary). Cheers, Sydney > On 30 Apr 2018, at 5:41 am, Nathaniel Suchy (Lunorian) <m...@lunorian.is> > wrote: > > Thank you for clarifying that. The obfs4 bridges you can get at > bridges.torproject.org also pose an interesting risk, the ports each > Bridge IP Address is using seem to be non-standard, I'm in the US and > most networks I am at do not censor although sometimes certain ports at > public wifi networks are blocked, could a threat actor threatening you > or tor users in general realize an IP Address was a Tor Bridge by > identifying a large amount of traffic to a non-standard port on random > datacenter IP Addresses? > > You can tell Tor Browser your Firewall only allows connections to > certain ports which I assume when used with bridges would help further > hide the fact you are using Tor. > > The fact I email here obviously shows I am a Tor user, although I'd like > more technical measures built into Tor Browser to obfuscate the times I > am using Tor. > > Cheers, > Nathaniel Suchy > > -- > tor-talk mailing list - tor-talk@lists.torproject.org > To unsubscribe or change other settings go to > https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk signature.asc Description: Message signed with OpenPGP -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
