Re: [tor-talk] torproject forum hosted by 3rd party?
On Mon, Jan 17, 2022 at 03:09:45PM +0100, mpan wrote: > There are two concerns I wish to address here. First is about the 3rd > party hosting, the other is about a move to forum software in general. > > TPO is not hosted in organisation members’ basements. It’s already under > control of other parties like Hetzner. Switching to Discourse is merely > carving out a part of traffic and moving it to another entity. We may > discuss whether diversifying operators is beneficial or detrimential for > privacy, users’ freedoms, security and usability. We may argue if that > particular operator is better or worse. But the third party harm argument is > already moot: we are being passed through a 3rd party service right now and > even your message is being conveyed to GMail. > > I am concerned about the move to a forum. I do see a value in increasing > accessibility for the general population, while the ML is mostly dead and > undermaintained, so the move seems reasonable. But that’s not the case for > other MLs. Since Discourse already supports access over email, could it be > possible to enable it for Tor Forums? > Hi mpan, Yes, the mailing list mode feature is very cool and it's available on the Tor Forum. Users need to enable it manually. A simple how-to: 1. Visit your forum "Preferences". 2. Click on "Emails". 3. Check "Enable mailing list mode". And that's it! Tip: If you're subscribed to tor-relays mailing list, I recommend muting the subcategory "mailing-lists/tor-relays": https://forum.torproject.net/c/mailing-lists/tor-relays/25 cheers, Gus > -- > tor-talk mailing list - tor-talk@lists.torproject.org > To unsubscribe or change other settings go to > https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk -- The Tor Project Community Team Lead signature.asc Description: PGP signature -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] torproject forum hosted by 3rd party?
There are two concerns I wish to address here. First is about the 3rd party hosting, the other is about a move to forum software in general. TPO is not hosted in organisation members’ basements. It’s already under control of other parties like Hetzner. Switching to Discourse is merely carving out a part of traffic and moving it to another entity. We may discuss whether diversifying operators is beneficial or detrimential for privacy, users’ freedoms, security and usability. We may argue if that particular operator is better or worse. But the third party harm argument is already moot: we are being passed through a 3rd party service right now and even your message is being conveyed to GMail. I am concerned about the move to a forum. I do see a value in increasing accessibility for the general population, while the ML is mostly dead and undermaintained, so the move seems reasonable. But that’s not the case for other MLs. Since Discourse already supports access over email, could it be possible to enable it for Tor Forums? OpenPGP_signature Description: OpenPGP digital signature -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
[tor-talk] torproject forum hosted by 3rd party, not least of problems
On 1/13/22, nusenu wrote: > Since tor-talk is apparently going to be closed down soon [1], > here are a few suggestions: > > [1] https://gitlab.torproject.org/tpo/community/support/-/issues/40057 > > let us know whether/when you will be closing tor-relays as well https://lists.torproject.org/pipermail/tor-talk/2021-October/045779.html " I was surprised to learn that the forum is _not_ self-hosted on torproject infrastructure. It is hosted by "Civilized Discourse Construction Kit, Inc." the company behind discourse.org. That means the torproject does not have full control over the infrastructure and its security and logging practices. The forum privacy policy mentions that IPs get logged and stored over an extensive amount of time https://forum.torproject.net/privacy As Jérôme pointed out [5] the forum is also subject to discourse's privacy policy " Lol. Not to mention that hosted and "web" based means that users can, unlike distributed standalone email, now be more central exploited on attack surface from server side in browser/JS/etc by rogue, bought, mole'd staff, corp changeup, court order, etc at these companies. And who cares what the channel is when every single Tor Project communication channel has been intentionally "bricked up" and 100% fully and completely censored for *years* by the Tor Project Inc to avoid embarassement, avoid being called out, preserve their personal cashflows, keep users from learning all of tor's weaknesses and then forking or developing better, more variety, and or more resistant anon overlay projects etc. After all, Tor's monetary captured people rake in multiple millions of dollars every year, including by problematic fundraising nft drops, off a conveniently Govt funded design that's well over 20+ years old, that even the NSA was quoted well over 10+ years ago saying that the NSA could exploit tor. NSA GCHQ FVEY and myriad private and GovCorp adversaries have all since then advanced their attacks and technology light years ahead of tor's baked design. While Tor adds irrelavant non-design trappings and periphery and social-activism, decides to cancel users free concious choice to use v2 Onioncat IPv6+UDP transport for whatever they want and terminates that entire good class of usage, innovation, and app development within onionland, censors user and operator knowledge of same, ejects people who like code but refuse to apologize for Tor or/play its socio-politic, game, monoculture, and more, Tor's Government funded social marketing engine also consumes and starves out a lot of funding from and steers messaging in a space that needs a distributed nature in all things. If the world knew how the Tor Project Incorporated has become total hypocrites of the Freedom of Speech they claim to support, Tor Project would be defunded, users would leave in disgust, and the crypto overlay network space would flourish anew generation again. The fact of Tor Project's secret censorship agenda alone is enough. Add in refusing to routinely acknowledge and publicly disclose for users in exceedingly prominent places that Traffic Analysis and Sybil are in operation, actually removing warnings from their website, pasting over them with safe sounding phrases, putting users at risk that way, among many other problems... makes things even more serious. https://www.hackerfactor.com/blog/index.php?/categories/19-Tor " Today, the Tor Project seems to be more focused on fund raising than actual privacy, anonymity, or anti-censorship. " "Tor Stinks -- NSA" -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] torproject forum hosted by 3rd party?
nusenu: - enable HSTS preloading on torproject.net for the safety of tor users https://hstspreload.org/?domain=torproject.net https://gitlab.torproject.org/tpo/tpa/team/-/issues/40582 -- https://nusenu.github.io -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] torproject forum hosted by 3rd party?
Since tor-talk is apparently going to be closed down soon [1], here are a few suggestions: - please provide a timeline when the forum will be hosted at TPO infrastructure - enable HSTS preloading on torproject.net for the safety of tor users https://hstspreload.org/?domain=torproject.net [1] https://gitlab.torproject.org/tpo/community/support/-/issues/40057 let us know whether/when you will be closing tor-relays as well -- https://nusenu.github.io -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] torproject forum hosted by 3rd party?
Gaba pointed out on mastodon: We have plans on moving it to our own infrastructure but it will take a little more time. ok, great to hear that. So lets wait for it. Does that also mean that the forum will then be located at forum.torproject.org after the planed migration to torproject infrastructure? -- https://nusenu.github.io -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] torproject forum hosted by 3rd party?
bo0od: - no IP logging - no external resources You shouldnt trust TPO on not doing that either (not because they do that but because there is no control on that from user side so you should assume the worst when it comes to security/privacy/anonymity). I see your point as an end user here, but from the torproject's point of view it would expect a more cautious approach with tor user information and practice harm reduction strategies instead of saying 'Oh, you didn't use tor browser to protect yourself when you accessed our support forum? It's your fault' to avoid a future where discourse gets compromised and someone publishes/leaks all forum logs. If you don't log it in the first place, there is less data that can harm you afterwards. Expecting users to never open an url in the "wrong" browser window is a bit unrealistic. It is also a matter of leading by example - especially for a privacy focused project. At the end user need to trust an entity to make discourse functional, TPO or not doesnt matter. I believe it does make a difference where you host something that requires some level of trust especially when it is visible in the url bar, because users trust some entities (or domains) more then others. kind regards, nusenu -- https://nusenu.github.io -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] torproject forum hosted by 3rd party?
> - no IP logging > - no external resources You shouldnt trust TPO on not doing that either (not because they do that but because there is no control on that from user side so you should assume the worst when it comes to security/privacy/anonymity). And allowing JS in order to participate in the forum thats also an issue. (Good thing you can read the forum topics while JS disabled, But you cant login,type..etc) At the end user need to trust an entity to make discourse functional, TPO or not doesnt matter. (I agree on seeing google or amazon or ..etc from shitty corporations thats the worst thing user want to see when using Tor or any other anonymity tools and should be prohibited) nusenu: Hi, the Torproject is about to launch the new Discourse based forum next week [1] https://forum.torproject.net With this email I'd like to initiate a discussion on whether it is a good idea to externalize hosting of what might become a important platform for the tor community. I believe discourse is a great platform, but I was surprised to learn that the forum is _not_ self-hosted on torproject infrastructure. It is hosted by "Civilized Discourse Construction Kit, Inc." the company behind discourse.org. That means the torproject does not have full control over the infrastructure and its security and logging practices. Discourse's third party hosting also does not support onion services [2]. The forum privacy policy mentions that IPs get logged and stored over an extensive amount of time https://forum.torproject.net/privacy As Jérôme pointed out [5] the forum is also subject to discourse's privacy policy, so maybe it would be good to include a link to https://www.discourse.org/privacy on https://forum.torproject.net/privacy. Especially since this forum will be used for tor browser support it will also include people's IP addresses when they are unable to use tor browser to protect themselves. When you open https://forum.torproject.net in a browser it will fetch resources from multiple places: fonts.googleapis.com (Google) fonts.gstatic.com (Google) aws1.discourse-cdn.com avatars.discourse-cdn.com (proinity LLC, AS44239) forum.torprojec.net/torproject1.hosted-by-discourse.com (CNAME) Hurricane Electric LLC To quote Gaba from the gitlab ticket [3]: If there is a risk on running this forum outside TPA infrastructure then we need to change this and host Discourse in TPA. (TPA is the torproject admin team https://gitlab.torproject.org/tpo/tpa/team) I agree with Gaba and I'm glad anarcat (torproject admin team) is not totally against self-hosting [4] even though discourse is docker based. Self-hosting would also allow for: - better domain: forum.torproject.org (the torproject.net domain is basically unknown and I guess many people will be confused. I agree with anarcat to use the .net domain when it is not run on TPA infrastructure) - no IP logging - no external resources - no troubles for tor browser users should discourse decide to enable CAPTCHA or use a CDN that enforces CAPTCHAs in the future What is the main reasoning for using a 3rd party hosted Discourse instance instead of a self-hosted instance? (besides the obvious 'so we don't have to patch and maintain it ourselves') related gitlab ticket: https://gitlab.torproject.org/tpo/tpa/team/-/issues/40183 https://gitlab.torproject.org/tpo/web/team/-/wikis/Plan-To-Launch-Tor's-Forum kind regards, nusenu [1] https://lists.torproject.org/pipermail/tor-community-team/2021-October/000423.html [2] https://gitlab.torproject.org/tpo/tpa/team/-/issues/40183#note_2740700 [3] https://gitlab.torproject.org/tpo/tpa/team/-/issues/40183#note_2749919 [4] https://gitlab.torproject.org/tpo/tpa/team/-/issues/40183#note_2750060 [5] https://gitlab.torproject.org/tpo/tpa/team/-/issues/40183#note_2751283 OpenPGP_signature Description: OpenPGP digital signature -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] torproject forum hosted by 3rd party?
Hi Nusenu, Thanks for your concern about the Tor Forum. As I said on my previous emails[1], we've decided to go with their free hosting plan for open source projects. Qubes community also followed that path: started with their free hosting plan and moved to a self-hosted instance. I also pointed that 'information collected' is mitigated using Tor Browser and/or 'mailing list' mode, where you don't need to use the web interface. Gus [1] https://lists.torproject.org/pipermail/tor-relays/2021-October/019940.html [2] https://lists.torproject.org/pipermail/tor-relays/2021-October/019941.html On Fri, Oct 29, 2021 at 04:00:50PM +0200, nusenu wrote: > Hi, > > the Torproject is about to launch the new Discourse based forum next week [1] > https://forum.torproject.net > > With this email I'd like to initiate a discussion on whether it is a good > idea to externalize > hosting of what might become a important platform for the tor community. > > I believe discourse is a great platform, but > I was surprised to learn that the forum is _not_ self-hosted on torproject > infrastructure. > It is hosted by "Civilized Discourse Construction Kit, Inc." the company > behind discourse.org. > That means the torproject does not have full control over the infrastructure > and its security and logging practices. > Discourse's third party hosting also does not support onion services [2]. > > The forum privacy policy mentions that IPs get logged and stored over an > extensive amount of time > https://forum.torproject.net/privacy > As Jérôme pointed out [5] the forum is also subject to discourse's privacy > policy, so maybe it would be good to include a link > to https://www.discourse.org/privacy on https://forum.torproject.net/privacy. > > > Especially since this forum will be used for tor browser support it will also > include people's IP addresses > when they are unable to use tor browser to protect themselves. > > > When you open https://forum.torproject.net in a browser it will fetch > resources from multiple places: > > fonts.googleapis.com (Google) > fonts.gstatic.com (Google) > aws1.discourse-cdn.com > avatars.discourse-cdn.com (proinity LLC, AS44239) > forum.torprojec.net/torproject1.hosted-by-discourse.com (CNAME) Hurricane > Electric LLC > > > To quote Gaba from the gitlab ticket [3]: > > If there is a risk on running this forum outside TPA infrastructure then we > > need to change this and host Discourse in TPA. > > (TPA is the torproject admin team https://gitlab.torproject.org/tpo/tpa/team) > > I agree with Gaba and I'm glad anarcat (torproject admin team) is not totally > against self-hosting [4] even though > discourse is docker based. > > > Self-hosting would also allow for: > > - better domain: forum.torproject.org (the torproject.net domain is basically > unknown and I guess many people > will be confused. I agree with anarcat to use the .net domain when it is not > run on TPA infrastructure) > - no IP logging > - no external resources > - no troubles for tor browser users should discourse decide to enable CAPTCHA > or use a CDN that enforces CAPTCHAs in the future > > > What is the main reasoning for using a 3rd party hosted Discourse instance > instead of a self-hosted instance? > (besides the obvious 'so we don't have to patch and maintain it ourselves') > > > related gitlab ticket: > https://gitlab.torproject.org/tpo/tpa/team/-/issues/40183 > https://gitlab.torproject.org/tpo/web/team/-/wikis/Plan-To-Launch-Tor's-Forum > > > > kind regards, > nusenu > > > > [1] > https://lists.torproject.org/pipermail/tor-community-team/2021-October/000423.html > [2] https://gitlab.torproject.org/tpo/tpa/team/-/issues/40183#note_2740700 > [3] https://gitlab.torproject.org/tpo/tpa/team/-/issues/40183#note_2749919 > [4] https://gitlab.torproject.org/tpo/tpa/team/-/issues/40183#note_2750060 > [5] https://gitlab.torproject.org/tpo/tpa/team/-/issues/40183#note_2751283 > > -- > https://nusenu.github.io > -- > tor-talk mailing list - tor-talk@lists.torproject.org > To unsubscribe or change other settings go to > https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk -- The Tor Project Community Team Lead signature.asc Description: PGP signature -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
[tor-talk] torproject forum hosted by 3rd party?
Hi, the Torproject is about to launch the new Discourse based forum next week [1] https://forum.torproject.net With this email I'd like to initiate a discussion on whether it is a good idea to externalize hosting of what might become a important platform for the tor community. I believe discourse is a great platform, but I was surprised to learn that the forum is _not_ self-hosted on torproject infrastructure. It is hosted by "Civilized Discourse Construction Kit, Inc." the company behind discourse.org. That means the torproject does not have full control over the infrastructure and its security and logging practices. Discourse's third party hosting also does not support onion services [2]. The forum privacy policy mentions that IPs get logged and stored over an extensive amount of time https://forum.torproject.net/privacy As Jérôme pointed out [5] the forum is also subject to discourse's privacy policy, so maybe it would be good to include a link to https://www.discourse.org/privacy on https://forum.torproject.net/privacy. Especially since this forum will be used for tor browser support it will also include people's IP addresses when they are unable to use tor browser to protect themselves. When you open https://forum.torproject.net in a browser it will fetch resources from multiple places: fonts.googleapis.com (Google) fonts.gstatic.com (Google) aws1.discourse-cdn.com avatars.discourse-cdn.com (proinity LLC, AS44239) forum.torprojec.net/torproject1.hosted-by-discourse.com (CNAME) Hurricane Electric LLC To quote Gaba from the gitlab ticket [3]: If there is a risk on running this forum outside TPA infrastructure then we need to change this and host Discourse in TPA. (TPA is the torproject admin team https://gitlab.torproject.org/tpo/tpa/team) I agree with Gaba and I'm glad anarcat (torproject admin team) is not totally against self-hosting [4] even though discourse is docker based. Self-hosting would also allow for: - better domain: forum.torproject.org (the torproject.net domain is basically unknown and I guess many people will be confused. I agree with anarcat to use the .net domain when it is not run on TPA infrastructure) - no IP logging - no external resources - no troubles for tor browser users should discourse decide to enable CAPTCHA or use a CDN that enforces CAPTCHAs in the future What is the main reasoning for using a 3rd party hosted Discourse instance instead of a self-hosted instance? (besides the obvious 'so we don't have to patch and maintain it ourselves') related gitlab ticket: https://gitlab.torproject.org/tpo/tpa/team/-/issues/40183 https://gitlab.torproject.org/tpo/web/team/-/wikis/Plan-To-Launch-Tor's-Forum kind regards, nusenu [1] https://lists.torproject.org/pipermail/tor-community-team/2021-October/000423.html [2] https://gitlab.torproject.org/tpo/tpa/team/-/issues/40183#note_2740700 [3] https://gitlab.torproject.org/tpo/tpa/team/-/issues/40183#note_2749919 [4] https://gitlab.torproject.org/tpo/tpa/team/-/issues/40183#note_2750060 [5] https://gitlab.torproject.org/tpo/tpa/team/-/issues/40183#note_2751283 -- https://nusenu.github.io -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk