On Sat, 14 Nov 2015 21:37:08 +0100, Uwe Werler wrote:
> On Sat, Nov 14, 2015 at 08:40:40PM +0100, Pascal Stumpf wrote:
> > On Fri, 13 Nov 2015 17:37:12 -0500, Michael McConville wrote:
> > > Uwe Werler wrote:
> > > > Hello list,
> > > >
> > > > I'd like to add a Flavor to tor which allows
IMO the potential risk is high and if I read correctly
we haven't seen any numbers how many users need this flavor,
just Uwe? :)
j.
On Sun, Nov 15, 2015 at 07:29:23AM -0500, Jiri B wrote:
> IMO the potential risk is high and if I read correctly
> we haven't seen any numbers how many users need this flavor,
> just Uwe? :)
>
> j.
>
Maybe most people don't see a real scenario for this mode. Ok.
The potential risk to die is
On Sun, Nov 15, 2015 at 01:15:03PM +0100, Pascal Stumpf wrote:
> On Sat, 14 Nov 2015 21:37:08 +0100, Uwe Werler wrote:
> > On Sat, Nov 14, 2015 at 08:40:40PM +0100, Pascal Stumpf wrote:
> > > On Fri, 13 Nov 2015 17:37:12 -0500, Michael McConville wrote:
> > > > Uwe Werler wrote:
> > > > > Hello
On Sun, Nov 15, 2015 at 07:29:23AM -0500, Jiri B wrote:
> IMO the potential risk is high and if I read correctly
> we haven't seen any numbers how many users need this flavor,
> just Uwe? :)
>
> j.
>
And now my last five ct.
OpenBSD ships with *sane defaults*.
Possible dangerous features You
Stefan Sperling:
> On Sun, Nov 15, 2015 at 01:32:25PM -0500, Raul Miller wrote:
>> But treating this as "extremely dangerous" without offering a path
>> forward means that people need to "roll their own" approaches when
>> faced with related needs.
>
> The way forward is use tor properly to
On Sun, Nov 15, 2015 at 08:15:57PM +0100, Stefan Sperling wrote:
> On Sun, Nov 15, 2015 at 01:32:25PM -0500, Raul Miller wrote:
> > But treating this as "extremely dangerous" without offering a path
> > forward means that people need to "roll their own" approaches when
> > faced with related
Uwe Werler wrote:
> On Sun, Nov 15, 2015 at 08:15:57PM +0100, Stefan Sperling wrote:
> > On Sun, Nov 15, 2015 at 01:32:25PM -0500, Raul Miller wrote:
> > > But treating this as "extremely dangerous" without offering a path
> > > forward means that people need to "roll their own" approaches when
>
On Sun, Nov 15, 2015 at 09:42:23PM +0100, Uwe Werler wrote:
> On Sun, Nov 15, 2015 at 08:15:57PM +0100, Stefan Sperling wrote:
> > On Sun, Nov 15, 2015 at 01:32:25PM -0500, Raul Miller wrote:
> > > But treating this as "extremely dangerous" without offering a path
> > > forward means that people
On Sun, Nov 15, 2015 at 7:15 AM, Pascal Stumpf wrote:
> This is exactly one of those scenarios that are extremely dangerous. An
> attacker can trivially expose whistleblowers by inspecting the traffic
> at the reverse proxy's end.
The danger here is that browsers send
On Sun, Nov 15, 2015 at 01:32:25PM -0500, Raul Miller wrote:
> But treating this as "extremely dangerous" without offering a path
> forward means that people need to "roll their own" approaches when
> faced with related needs.
The way forward is use tor properly to access hidden services.
On 2015/11/14 00:50, Uwe Werler wrote:
> On Sat, Nov 14, 2015 at 12:35:32AM +0100, Stefan Sperling wrote:
> > On Sat, Nov 14, 2015 at 01:05:12AM +0100, Rafael Sadowski wrote:
> > > I prefer to enable by default:
> >
> > " Using Tor2web trades off security for convenience and usability."
> >
On Sat, Nov 14, 2015 at 12:53:23PM +, Stuart Henderson wrote:
> On 2015/11/14 00:50, Uwe Werler wrote:
> > On Sat, Nov 14, 2015 at 12:35:32AM +0100, Stefan Sperling wrote:
> > > On Sat, Nov 14, 2015 at 01:05:12AM +0100, Rafael Sadowski wrote:
> > > > I prefer to enable by default:
> > >
> > >
On Sat, Nov 14, 2015 at 08:40:40PM +0100, Pascal Stumpf wrote:
> On Fri, 13 Nov 2015 17:37:12 -0500, Michael McConville wrote:
> > Uwe Werler wrote:
> > > Hello list,
> > >
> > > I'd like to add a Flavor to tor which allows Tor2webMode:
> >
> > This seems like a rare enough use-case that it
On Fri, 13 Nov 2015 17:37:12 -0500, Michael McConville wrote:
> Uwe Werler wrote:
> > Hello list,
> >
> > I'd like to add a Flavor to tor which allows Tor2webMode:
>
> This seems like a rare enough use-case that it probably isn't worth a
> flavor.
I tend to agree. A tor2web proxy is an
Uwe Werler wrote:
> On Fri, Nov 13, 2015 at 05:37:12PM -0500, Michael McConville wrote:
> > Uwe Werler wrote:
> > > Hello list,
> > >
> > > I'd like to add a Flavor to tor which allows Tor2webMode:
> >
> > This seems like a rare enough use-case that it probably isn't worth a
> > flavor. It also
On Fri Nov 13, 2015 at 05:59:23PM -0500, Michael McConville wrote:
> Uwe Werler wrote:
> > On Fri, Nov 13, 2015 at 05:37:12PM -0500, Michael McConville wrote:
> > > Uwe Werler wrote:
> > > > Hello list,
> > > >
> > > > I'd like to add a Flavor to tor which allows Tor2webMode:
> > >
> > > This
On Fri, Nov 13, 2015 at 05:37:12PM -0500, Michael McConville wrote:
> Uwe Werler wrote:
> > Hello list,
> >
> > I'd like to add a Flavor to tor which allows Tor2webMode:
>
> This seems like a rare enough use-case that it probably isn't worth a
> flavor. It also runs the risk that people will
Uwe Werler wrote:
> Hello list,
>
> I'd like to add a Flavor to tor which allows Tor2webMode:
This seems like a rare enough use-case that it probably isn't worth a
flavor. It also runs the risk that people will think "Tor2web" is what
they need (plausible, based on the name) and thereby
Hello list,
I'd like to add a Flavor to tor which allows Tor2webMode:
##
--- net/tor/Makefile.orig Fri Nov 13 05:25:33 2015
+++ net/tor/MakefileFri Nov 13 04:26:09 2015
@@ -12,6 +12,9 @@
# BSD
PERMIT_PACKAGE_CDROM= Yes
+PSEUDO_FLAVORS = tor2web
+FLAVOR ?=
+
Stefan Sperling:
> On Sat, Nov 14, 2015 at 01:05:12AM +0100, Rafael Sadowski wrote:
>> I prefer to enable by default:
>
> " Using Tor2web trades off security for convenience and usability."
> https://tor2web.org/
>
> Please don't.
>
I think there's some confusion on this.
Tor2Web is a tool
On Sat, Nov 14, 2015 at 12:35:32AM +0100, Stefan Sperling wrote:
> On Sat, Nov 14, 2015 at 01:05:12AM +0100, Rafael Sadowski wrote:
> > I prefer to enable by default:
>
> " Using Tor2web trades off security for convenience and usability."
> https://tor2web.org/
>
> Please don't.
>
>From man:
On Sat Nov 14, 2015 at 12:35:32AM +0100, Stefan Sperling wrote:
> On Sat, Nov 14, 2015 at 01:05:12AM +0100, Rafael Sadowski wrote:
> > I prefer to enable by default:
>
> " Using Tor2web trades off security for convenience and usability."
> https://tor2web.org/
>
> Please don't.
We are talking
On Sat, Nov 14, 2015 at 01:05:12AM +0100, Rafael Sadowski wrote:
> I prefer to enable by default:
" Using Tor2web trades off security for convenience and usability."
https://tor2web.org/
Please don't.
On 2015/11/13 17:59, Michael McConville wrote:
> Uwe Werler wrote:
> > On Fri, Nov 13, 2015 at 05:37:12PM -0500, Michael McConville wrote:
> > > Uwe Werler wrote:
> > > > Hello list,
> > > >
> > > > I'd like to add a Flavor to tor which allows Tor2webMode:
> > >
> > > This seems like a rare
25 matches
Mail list logo