ficus at robocracy dot org continued to work on Tor Router for a while.
Thread: "[tor-dev] Status of Torouter project"
What happened to this contribution / contributor?
___
tor-dev mailing list
tor-dev@lists.torproject.org
https://lists.torproject.org/cg
d also be the one who may make such decisions.
Cheers,
adrelanos
___
tor-dev mailing list
tor-dev@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev
Lunar:
> So we need WordPress to interact with the ControlPort, here. This opens
> a new set of potential problem. It would be great if we could allow tor
> to only accept a very limited set of commands.
That is https://trac.torproject.org/projects/tor/ticket/8369 by the way.
_
Nima:
> Sherief Alaa:
>> But this is all an endless chain because lets say I download TBB, then
>> download gpg to verify it but then how do I make sure that gpg it self
>> wasn't tampered with? (assuming I don't have it installed already.)
>
> Indeed that's an endless chain and turtles all the wa
ons
how they would accept, then implement it and get Linux distributions to
install it by default. The actual implementation could then also be done
in python.
I'd do it myself, but I am already maintaining a Free Software project
(Whonix), so I am happy that you showed up, interested t
I don't think tor-dev is appropriate for this. tor-talk seems more
suited. (Could be wrong. I am not affiliated with The Tor Project.)
> What do you think about OnionMail?
With that giant list of nice features, without providing source code and
license, it looks like varpoware and I think few wil
Nick Mathewson:
> TUF was a successor/fork of Thandy, not the predecessor:
Sure. (Thats what I meant to write. :)
>> TUF is written in python, and after all those years, TUF developers are
>> still maintaining it and actively developing it. I think in future TUF
>> will become a mature and widesp
> For TBB 3.0, we should use the Firefox updater. We should audit the
Firefox updater for issues, and triage which of Thandy's features we
should merge to it. (For example, we might want to sign the metadata
file if it isn't signed; timestamp it if it isn't timestamped, add
multiple-signature suppo
Zack Weinberg:
> How technically difficult would it be to remove Vidalia from an
> already-packaged TBB?
For *nix?
I'd say trivial, once you figured out how (with basic sysadmin skills).
Win*: no idea.
Continuing for *nix...
As for the figure out part, for TBB stable, see:
https://trac.torproje
David Goulet:
> Of what I can see, proxychains and tsocks have not been updated since
> 2006 and 2002 (http://sourceforge.net/projects/proxychains/). I'm not
> sure how "alive" these projects are.
The sourceforge project is dead.
There are two forks, maybe alive by your definition.
8 months ago:
Before rewriting torsocks, would it make sense to takeover proxychains
development either and/or to fork it?
___
tor-dev mailing list
tor-dev@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev
Tom Ritter:
> On 28 May 2013 14:51, adrelanos wrote:
>
>> How good are SSH connections with hiding what's inside?
>>
>> Website fingerprinting has demonstrated, that SSH connections may hide
>> communication contents, but which website was visited, could be gu
How good are SSH connections with hiding what's inside?
Website fingerprinting has demonstrated, that SSH connections may hide
communication contents, but which website was visited, could be guessed
with a fairly good results.
Tor isn't a website, but if SSH leaks which website has been visited
e
George Kadianakis:
> If we move to the higher security of (e.g.) 128-bits, the base32 string
> suddenly becomes 26 characters. Is that still conveniently sized to pass
> around, or should we admit that we failed this goal and we are free to
> crank up the security to 256-bits (output size of sha-25
David Vorick:
> Why are so many bits necessary? Isn't 128bits technically safe against
> brute force? At 256 bits you are pretty much safe from any volume of
> computational power that one could fathom within this century. The only
> real danger is a new computational model that is nondeterministic
George Kadianakis:
> Thoughts?
Can you make .onion domains really long and therefor really safe against
brute force?
Or have an option for maximum key length and a weaker default if common
CPU's are still too slow? I mean, if you want to make 2048 bit keys the
default because you feel most hidden
Roger Dingledine:
> On Thu, May 09, 2013 at 09:47:19AM -0400, Tom Ritter wrote:
>> My network operator does not threaten my person safety
>
> 1) This is also the first point I thought of here -- in the past we've
> said that some people should be using a bridge for an extra layer of
> "it's not so
Griffin Boyce:
> Hello all,
>
> So I'm part of a team working on wireless mesh, and Torouter has come up
> a few times this week. Is it actively being developed? Given the state of
> the roadmap [1], I'd sort of assumed it was inactive or on hiatus, but
> others had heard differently.
>
> tha
Mike Perry:
> We could do this same thing to promote uncensored Tor clients to various
> types of pluggable transports.
I asked this some time ago:
"[tor-talk] anonymity: bridge users vs. entry guard users" [1]
If everyone only uses pluggable transports... That's quite an
interesting idea. You wo
Andrew Lewman:
> On Fri, 3 May 2013 16:05:15 -0400
> "Runa A. Sandvik" wrote:
>
>> I disagree. The Tor help desk sees a ton of requests from users saying
>> that Tor is unable to connect, and the simple fix is to give them a
>> bridge or two. Not all users know what they need to connect, and not
Mike Perry:
> In those situations (which are the real reason we're asking *before*
> connecting - we don't want those people to touch the public Tor network
> before giving them the option not to), simply checking their system
> proxy settings might not be sufficient. The user only needs their prox
Tom Ritter:
> Sweet! However I think this Wizard is a super-technical version of
> something that should be much simpler if we intend to be targeting
> non-technical users.
>
> Feedback:
> http://trial.pearlcrescent.com/tor/torlauncher/2013-05-03/SetupWizard/screen1-proxyYesNo.png
>
> Question 1
Runa A. Sandvik:
> On Fri, May 3, 2013 at 3:44 PM, Andrew F wrote:
>> Users who need these connections will have them and those that don't,
>> probably won't know what they are and thats ok.
>
> I disagree. The Tor help desk sees a ton of requests from users saying
> that Tor is unable to connect
Looks good.
I think it needs it's own trac component.
___
tor-dev mailing list
tor-dev@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev
> I think that having a web server to handle Tor requests would defeat the
> purpose of obfuscation because the server's IP address would be public and
> censors could easily block any connections to it rendering it useless.
It's not so easy if users host their own torified CGIproxies on their
o
Any news?
___
tor-dev mailing list
tor-dev@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev
e "Windows" and "MacOS" as well.
What's left is
"2.3.25-6-Linux",
remove the ", using sed,
remove the other " using sed.
Whats left is "2.3.25-6-Linux", remove the "-Linux" with sed and you're
done, ending up with "2.3
are not called alpha?
The overall look and feel is very good.
Cheers,
adrelanos
___
tor-dev mailing list
tor-dev@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev
Asking the other way around:
Is there any comparable website of any comparable Open Source project,
like torproject.org, which successfully relies on the community for
translations?
And how do they manage it?
___
tor-dev mailing list
tor-dev@lists.torpr
Ok, a python rewrite sounds good. I'd speculate that it eases
development and more people are speaking it and willing to contribute.
These are the issues I see so far with Vidalia.
- I am running Tor under Debian and they set it up to run under the
debian-tor user account. Vidalia should run unde
Mike Perry:
> Our plan over the next few months is to create a super-simplified Tor
> Controller as a Firefox extension for TBB that can configure
> proxies/bridges/pluggable transports (but nothing else), launch Tor, and
> display a bootstrap progress bar *inside* the browser window while it
> wai
I think if it become as good as Vidalia and better, that would be most
welcome.
Questions are:
* What is missing in Vidalia?
* Why has development of Vidalia stopped?
* Time to switch to python?
* Time for a rewrite or better improve the existing code base?
Before developing it, I'd make a list
Micah Lee:
> On 02/19/2013 06:39 PM, adrelanos wrote:
>>> What operating system are you using?
>>
>> Debian Wheezy.
>
> Weird, that's what I'm running Wheezy too. But just to be safe, I
> decided I'd make a new Debian Squeeze vm and try to build
Micah Lee:
> On 02/19/2013 03:29 AM, adrelanos wrote:
>> I followed the readme for dependency installing, building and installing
>> from the develop branch. Running into two issues trying this...
>>
>> LC_ALL and LANG is not set on my system.
>>
>> deve
I followed the readme for dependency installing, building and installing
from the develop branch. Running into two issues trying this...
LC_ALL and LANG is not set on my system.
develop ~/torbrowser-launcher/dist/deb_dist $ torbrowser-launcher
Tor Browser Launcher
https://github.com/micahflee/tor
Leo Unglaub:
> Hey,
>
> On 2013-02-18 18:33, adrelanos wrote:
>> Right, for such users it wouldn't work anyway, because downloading
>> Tor Browser Launcher from the repository is unencrypted (but
>> signed) anyway.
>
> thats not 100% correct. You can use
Micah Lee:
> On 02/18/2013 02:31 PM, adrelanos wrote:
>> Why not phrase https://check.torproject.org/RecommendedTBBVersions ? No
>> updates planed for it even in long term as far I am following trac...
>
> Oh cool, so Tor already has a file with the recommended TBB ver
Jacob Appelbaum:
> adrelanos:
>> Micah Lee:
>>>>>
>>>>> Well, which should your users be using? From my perspective, I think you
>>>>> should give them the alpha and help them report bugs! :-)
>>> Interesting idea. Anyone else have op
Micah Lee:
>> >
>> > Well, which should your users be using? From my perspective, I think you
>> > should give them the alpha and help them report bugs! :-)
> Interesting idea. Anyone else have opinions on this? I think I'd be fine
> giving people the alpha, but I also don't want to annoy people w
Jacob Appelbaum:
> Micah Lee:
>> On 02/18/2013 12:15 AM, Jacob Appelbaum wrote:
>>> Do you plan to download TBB over Tor that is provided by the system, say
>>> by adding a dependency on a system Tor?
>>
>> I was assuming that making the launcher depend on a system Tor would be
>> troublesome. Howe
le online key (such
as only being protected by SSL) or a single offline key (such as most
software update systems use to sign files).
This can only be solved with Thandy, TUF or similar. I think it's a bit
far fetched for now, so no action required.
> extra by adrelanos:
> 'perma
Leo Unglaub:
> Hey,
>
> On 2013-02-18 18:33, adrelanos wrote:
>> Right, for such users it wouldn't work anyway, because downloading
>> Tor Browser Launcher from the repository is unencrypted (but
>> signed) anyway.
>
> thats not 100% correct. You can use
Jacob Appelbaum:
>> What about bridge users? They have to edit a system wide torrc and the
>> TBB torrc?
>>
>
> You're over thinking it. Connecting to the Tor Project website often
> fails - far more than the Tor network being blocked.
Ok.
>> What about users who don't want to ever connect to th
Jacob Appelbaum:
> Do you plan to download TBB over Tor that is provided by the system, say
> by adding a dependency on a system Tor?
There has been a bit discussion about this in
https://trac.torproject.org/projects/tor/ticket/5236 already. (Search
for "over Tor" to quickly navigate it it.)
I th
> Dear Guys,
>
> I am brand new to TOR and I feel like multiple TORs should be considered.
> The multiple tors I mentioned here are not only multiple instances, but
> also using different proxy ports for each, like what has been done here
> http://www.howtoforge.com/ultimate-security-proxy-with-tor
> Hi Adrelanos,
>
> I think adding http proxy support to tor sounds more interesting. But
> there
> seems to be a looong discussion on ticket #6060 whether to add this
> functionality inside tor or not.
> What is the final roadmap, if any?
I think it's undecided at
;cells=tiles
https://trac.torproject.org/projects/tor/wiki/doc/torsocks#Tickets
And if I am not mistaken, Vidalia is currently lacking development.
Cheers,
adrelanos
___
tor-dev mailing list
tor-dev@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev
Roger Dingledine:
> Whether these various "look, no hands" punching tools and tricks can be
> done using only websockets on the remote side is a great question for
> somebody to answer.
By the way, I found it in their design paper.
Quote:
The fact that clients must not be behind NAT is an impedi
Alexandre:
> You can get the full details on flash proxies here:
>
> https://crypto.stanford.edu/flashproxy/
I read the full paper. It's amazing.
___
tor-dev mailing list
tor-dev@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo
Roger Dingledine:
> On Thu, Dec 13, 2012 at 06:38:03PM +0000, adrelanos wrote:
>> Have you considered Hole punching techniques? [1] TCP, UDP, ICMP hole
>> punching... There are many techniques. I don't know if the WebSocket
>> protocol would prevent it.
>>
>>
>
> https://crypto.stanford.edu/flashproxy/
>
> Alex
>
>
> On 2012-12-13, at 12:10 PM, adrelanos wrote:
>
>> Alexandre:
>>> - Is configuring port forwarding insurmountable for you?
>>
>> It was always too much to ask the user to set up
Alexandre:
> - Is configuring port forwarding insurmountable for you?
It was always too much to ask the user to set up a port forwarding. Try
asking your non-technical friends or family. You'll see. Alternatively
search for RetroShare, emule, filesharing port forwarding and see how
many people hav
David Fifield:
> The next step is
> https://trac.torproject.org/projects/tor/ticket/7621, which is
> about installing these programs into a Tor Browser Bundle. Perhaps
> we should try to coordinate this into a combined pyobfsproxy/flash
> proxy bundle?
There is no need for one bundle with obfsprox
Clay Graham:
> This is one reason we would like to create a client side plugin for the TOR
> browser. Any ideas how this would be done?
What is the Tor specific question here?
I think this is a normal Firefox question "how to create a Firefox
Addon? or do I misunderstand? Just make sure your Addo
Clay Graham:
> This is one reason we would like to create a client side plugin for the TOR
> browser.
Firefox Addon, Firefox Plugin or Firefox Patch?
___
tor-dev mailing list
tor-dev@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listi
On the dev list I expect you to do basic searches with your favorite
search engine: "firefox user.js".
http://kb.mozillazine.org/User.js_file
> thanks, there is no user.js in the folder
>
>
>
> On Fri, Oct 5, 2012 at 4:37 PM, adrelanos wrote:
>
>> jiang
jiang song:
> Hi,
>
>I want to make the tor browser with certain size, eg. 650*650, so as to
> do some test on some webpages
>I used command line like:
>
>App/Firefox/firefox --profile Data/profile -height 650 -width 650
>
>but it doesn't work
>
>I tried to modify locals
e like this?
>
> and when opening a youtube link like this:
> http://www.youtube.com/embed/CistYoLwL7M
>
> is there any script or command line to automate clicking on the "play button"
> ?
> thanks!
>
> On 9/28/12, adrelanos wrote:
>> Tested again on
Tested again on Debian Wheezy.
cd ~
~/tor-browser_en-US/App/Firefox/firefox --profile Data/profile -new-tab
https://www.startpage.com
Works for me.
(Assumes TBB is installed to ~/tor-browser_en-US.)
___
tor-dev mailing list
tor-dev@lists.torproject.or
jiang song:
> Hi,
>
> If I use firefox, I can use a simple command line to open a link in a
> new tab automatically, like
>
> firefox www.google.com
>
> now I want to open TBB first, and then open a link in a new tab, is
> there any script or method to automate this operation? I nee
esolve esolve:
> Hi, all:
>
> I want to investigate on video streaming on tor. I want to use tor
> and browser to play some videos for many times so I want to automate the
> operation.
> Are there any scripts that can automate the playing of videos(like
> from youtube,etc)
>
> I
l stable 1.0.".)
> Sounds like you're volunteering to become a new maintainer of the
> project, adrelanos?
ficus's thread "[tor-dev] torrouter development)" may be seen as
application to become maintainer for Torrouter. Not me.
___
tor-dev mailing list
tor-dev@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev
fi...@robocracy.org:
> I would like to contribute to the torouter (aka TorRouter, aka
> OnionBox?) project, with the intention of getting a "functional"
> development image for the DreamPlug hardware released in the next few
> weeks.
Great!
> The goals of the torouter project seem a bit vague (e
(For those just seeing the thread, who don't know...)
Latest (public) statement on the topic:
https://lists.torproject.org/pipermail/tor-talk/2012-March/023799.html
___
tor-dev mailing list
tor-dev@lists.torproject.org
https://lists.torproject.org/cgi-bi
forgotten. Feel free to edit/correct/expand the wiki site. Add your wishes.
I cc'ed all effected people, if someone has been forgotten, feel free to
forward this mail.
Can we have this discussion on tor-dev?
Cheers,
adrelanos
[1] https://trac.torproject.org/projects/tor/ticket/5611#comment:43
[2]
65 matches
Mail list logo