Tom Ritter:
> On 28 May 2013 16:33, Mike Perry wrote:
> > Additionally, as far as I can see, if you can control the introduction
> > points using the attack from the first part of the paper, you could also
> > perform this attack against a *user* as well (which is the threat model
> > strongbox r
Hello everyone!
I am a Tor GSoC student who will be working on the pluggable transports this
summer. My mentor is Steven and my co-mentor is George Kadianakis. It is great
to be part of the Tor community!
Steven already kicked off the discussion about how to build better transports.
The origi
On Tue, May 28, 2013 at 02:33:40PM -0400, Tom Ritter wrote:
> I have another idea. (Not "another" in the sense of "do this instead", but
> "another" in the sense of "maybe do this additionally").
>
> Can a country block SSH? Surely state-sponsored network operations take
> place over SSH, so I s
On Tue, May 28, 2013 at 2:50 AM, Damian Johnson wrote:
> So far, so good. By my read of the man pages this means that gzip or
> python's zlib module should be able to handle the decompression.
> However, I must be missing something...
>
> % wget http://128.31.0.34:9131/tor/server/all.z
>
> [...]
>
Greetings!
I'm a student who will be working on the Searchable Tor descriptor archive
as part of Google Summer of Code. Yay!
I've been following Tor development for a while and hope that this
opportunity will be my way of sneaking into the development kitchen of Tor.
In any case, I hope to stay a
Hello!
(@tor-dev: will also write a separate email, introducing the GSoC project
at hand.)
This GSoc idea started a year back as a searchable descriptor search
> application, totally unrelated to Onionoo. It was when I read Kostas'
> proposal that I started thinking about an integration with Onio
Hi All,
I'm Hareesan, I'm going to work on a browser extension (for firefox)
in this summer to detect steganographically and asymmetrically
encrypted content embedded in website content such as images, videos ,
audios and etc. At the same time these addons are caplble of encrypt
contents steganogra
On 2013-05-28 4:42 PM, adrelanos wrote:
The more pluggable transports, the better.
Maybe if there are enough transports, the other side just gives up.
My interest is piqued by this statement and similar sounding ones that I
hear, and myself also think, when talking about censorship.
I suspect
On 28 May 2013 16:33, Mike Perry wrote:
> Additionally, as far as I can see, if you can control the introduction
> points using the attack from the first part of the paper, you could also
> perform this attack against a *user* as well (which is the threat model
> strongbox really tries to address)
>> Is there a suggested entry to the control command parser for new
>> commands? Or a dummy template that one should follow?
>
> Not AFAIK
Ok, when I get to the control part I'll clone the interface of some
similar command action.
> patch to control-spec.txt should look like before you get too fa
Tom Ritter:
> On 28 May 2013 14:51, adrelanos wrote:
>
>> How good are SSH connections with hiding what's inside?
>>
>> Website fingerprinting has demonstrated, that SSH connections may hide
>> communication contents, but which website was visited, could be guessed
>> with a fairly good results.
Roger Dingledine:
> On Mon, May 27, 2013 at 11:39:06AM -0700, Micah Lee wrote:
> > Would it be fair to say that using the techniques published in this
> > paper an attacker can deanonymize a hidden service?
>
> Yes, if you're willing to sustain the attack for months.
>
> But actually, this Oakla
On Tue, May 28, 2013 at 02:33:40PM -0400, Tom Ritter wrote:
> Can a country block SSH? Surely state-sponsored network operations take place
> over SSH, so I suspect a country cannot block it quickly, easily, and without
> internal retaliation from it's legitimate users. Bureaucracy.
There woul
On 28 May 2013 14:51, adrelanos wrote:
> How good are SSH connections with hiding what's inside?
>
> Website fingerprinting has demonstrated, that SSH connections may hide
> communication contents, but which website was visited, could be guessed
> with a fairly good results.
>
> Tor isn't a websi
On Tue, May 28, 2013 at 03:59:15PM +0100, Steven Murdoch wrote:
> Hi Chang,
>
> We've been discussing how to build better pluggable transports for Tor as
> part of your application to Google Summer of Code. Now that you've been
> accepted, I thought it would be good to bring this discussion to t
How good are SSH connections with hiding what's inside?
Website fingerprinting has demonstrated, that SSH connections may hide
communication contents, but which website was visited, could be guessed
with a fairly good results.
Tor isn't a website, but if SSH leaks which website has been visited
e
I have another idea. (Not "another" in the sense of "do this instead", but
"another" in the sense of "maybe do this additionally").
Can a country block SSH? Surely state-sponsored network operations take
place over SSH, so I suspect a country cannot block it quickly, easily, and
without internal
On Tue, May 28, 2013 at 11:13 AM, grarpamp wrote:
> I'm implementing a new control command to print some info
> requested from the network and/or internal state, similar to getinfo.
> Found the function that it will call and am making those changes.
> Is there a suggested entry to the control comm
I'm implementing a new control command to print some info
requested from the network and/or internal state, similar to getinfo.
Found the function that it will call and am making those changes.
Is there a suggested entry to the control command parser for new
commands? Or a dummy template that one s
Hi Chang,
We've been discussing how to build better pluggable transports for Tor as part
of your application to Google Summer of Code. Now that you've been accepted, I
thought it would be good to bring this discussion to tor-dev so that others can
contribute.
The basic idea behind the project
On 5/28/13 1:50 AM, Damian Johnson wrote:
> Hi Karsten. I'm starting to look into remote descriptor fetching, a
> capability of metrics-lib that stem presently lacks [1][2]. The spec
> says that mirrors provide zlib compressed data [3], and the
> DirectoryDownloader handles this via a InflaterInput
21 matches
Mail list logo