[tor-dev] Research problem: better guard rotation parameters

The next in my series of research blog posts is up: https://blog.torproject.org/blog/research-problem-better-guard-rotation-parameters What algorithm should we use to assign Guard flags such that a) we assign the flag to as many relays as possible, yet b) we minimize the chance that Alice will

Re: [tor-dev] Survey on Tor Trac usage and how you manage your tasks

On Mon, Aug 22, 2011 at 02:29:09PM +0200, Karsten Loesing wrote: 1 Using Trac features 1.1 Which of the reports (stored ticket queries) do you use most often? Basically none of them. Every once in a while I use {12} Tor: Active Tickets by Milestone 1.2 What are typical custom queries that

Re: [tor-dev] Survey on Tor Trac usage and how you manage your tasks

On Tue, Sep 06, 2011 at 10:44:11AM +0200, Karsten Loesing wrote: The Component field (10, 1, 1) is used to find/filter tickets and guess who's paying attention to a ticket. 1 person said that the many Tor components make it hard to refer to the software tor and that it's easier to look at

Re: [tor-dev] Proposal 187: Reserve a cell type to allow client authorization

On Wed, Oct 19, 2011 at 08:08:12PM -0400, Nick Mathewson wrote: We reserve a new variable-length cell type, AUTHORIZE. We specify that any number of PADDING or VPADDING or AUTHORIZE cells may be sent by the client before it sends a VERSIONS cell. Servers that do not require client

Re: [tor-dev] Draft sketch document with ideas for future crypto ops

On Mon, Oct 31, 2011 at 09:25:58PM -0400, Nick Mathewson wrote: The point of this document is to discuss what crypto we ought to be using. Thanks Nick! - To make sure that the extending node is talking to the right next node when sending an extend cell. The new extend cell

Re: [tor-dev] Browser-based proxies for circumvention

On Wed, Dec 21, 2011 at 09:31:52PM -0800, David Fifield wrote: A few months ago, Roger wrote about ideas for getting more bridge addresses (https://blog.torproject.org/blog/strategies-getting-more-bridge-addresses). One of the ideas is to make lightweight bridges that can run in a web

Re: [tor-dev] Windows Alternative of torsocks/tsocks ?

On Sun, Jan 22, 2012 at 04:11:03PM -0500, Catalin Patulea wrote: On 1/22/12 11:28 AM, Roger Dingledine wrote: See also TorCap2: http://www.virtualventures.ca/~cat/ but I've never succeeded at getting a license statement out of the author. Roger, I'm sorry if I seemed uncooperative when you

Re: [tor-dev] Extending BridgeDB to reallocate bridges from a blocked country to others that do not block.

On Sun, Jan 15, 2012 at 09:34:49AM -0800, Aaron wrote: This proposal outlines the required changes for BridgeDB to reallocate bridges from a blocked country to others that do not block. I guess I'll be the grumpy one here, but: doesn't bridgedb already do that, just based on how it picks

Re: [tor-dev] Obfsproxy client for Android

On Fri, Feb 10, 2012 at 07:56:04AM -0500, Nathan Freitas wrote: Thoughts on attempting to port and ship Obfsproxy client functionality to Android? We have a good number of Iranian users it seems, and I think we can pull it off in a few days, if it isn't insanely complex. Where should we

Re: [tor-dev] New IP-address for directory authority maatuska

On Tue, Feb 28, 2012 at 08:05:27PM +0100, Linus Nordberg wrote: maatuska orport=80 no-v2 v3ident=49015F787433103580E3B66A1707A00E60F2D15B - 213.115.239.118:443 BD6A 8292 55CB 08E6 6FBE 7D37 4836 3586 E46B 3810, + 171.25.193.9:443 BD6A 8292 55CB 08E6 6FBE 7D37 4836

Re: [tor-dev] SkypeMorph

On Sun, Mar 25, 2012 at 07:18:44PM -0400, Hooman wrote: 2- SkypeMorph and pluggable transports: Although our code can potentially be used as a pluggable transport, there is a minor difficulty with the pluggable transport framework that needs to be addressed before it can host our code. As

Re: [tor-dev] GSoC Intro: Stegotorus

On Mon, Jun 04, 2012 at 03:02:12PM +0200, Philipp Winter wrote: Is there any technical documentation or paper regarding Stegotorus available? I failed to find something on the Internet. There is a paper, but it's stuck in under submission limbo. I think the paper is going to want some

Re: [tor-dev] Proposal 189: AUTHORIZE and AUTHORIZED cells

On Sun, Nov 06, 2011 at 01:45:43AM +0100, George Kadianakis wrote: 3.1. AUTHORIZE cell The AUTHORIZE cell is a variable-sized cell. The generic AUTHORIZE cell format is: AuthMethod [1 octet] MethodFields [...]

Re: [tor-dev] First five Tor tech reports

On Thu, Jul 12, 2012 at 03:12:22PM +0200, Karsten Loesing wrote: Hi Roger, hi Nick, here are the first five metrics tech reports that I'd like to turn into Tor tech reports (see #5405 for the idea behind this). If you agree that this is a good idea, I'll push the sources to tech-reports.git

Re: [tor-dev] IRC meeting to plan sponsor L milestones on Wed July 18, 15:00 UTC in #tor-dev

On Thu, Jul 19, 2012 at 11:38:30PM -0400, Andrew Lewman wrote: All of that said, I totally agree that for #1, we need to be sure Andrew and the funder both understand that we can't promise that we'll deploy any particular transport protocol -- the first step is research, and that means

Re: [tor-dev] keep .onion address

On Sat, Aug 04, 2012 at 10:54:42AM +0200, Salva . wrote: Hello, I have an .onion website, I need to format my HDD and I don't wanna to lose my .onion address. How can I keep this address after formatting my HDD ? Thanks u all guys In the future, this is

[tor-dev] Next Tor release timeframes?

1) Do we have any requirements to release an 0.2.4.1-alpha at any particular date? I haven't been following e.g. the latest SponsorG timelines. 2) Nick was enthusiastic about an 0.2.2.38 with the latest fix. Nick, do you still think that's important? My sense is that it's a totally esoteric

Re: [tor-dev] Parallel release series for directory authorities?

On Sat, Sep 01, 2012 at 12:36:51AM +0200, Linus Nordberg wrote: Just a thought. A few of the directory authorities, I think at least three, as well as the bridge authority run packages/ports only, not builds from source. We'd have to package our -da branch ourselves for those I guess. But

[tor-dev] (FWD) Re: known attacks on Tor

it as background for my discussions at the upcoming Dagstuhl: http://www.dagstuhl.de/no_cache/en/program/calendar/semhp/?semnr=12381 --Roger - Forwarded message from Roger Dingledine a...@mit.edu - If you have any suggestions about which paper on each attack is most likely to provide

Re: [tor-dev] resistance to rubberhose and UDP questions

On Thu, Oct 04, 2012 at 01:50:47PM -0400, Robert Ransom wrote: 18:04 +eleitl I wonder why they didn't choose UDP Presumably because TCP was easier. Yep. 18:05 @cjd you need to fall back on tcp in case you're firewalled to hell 18:05 +eleitl Apparently, they're thinking about it

[tor-dev] The Tor Project is looking for a Pluggable Transport developer

We have funding initially for part-time work, and hopefully it will grow into full-time work. Please spread the word! This job is for the development and maintenance of the flash proxy circumvention system, with a focus on deployment and getting tools in the hands of users:

Re: [tor-dev] Proposal 214: Allow 4-byte circuit IDs in a new link protocol

On Tue, Nov 06, 2012 at 09:36:34PM -0500, Nick Mathewson wrote: Relays are running out of circuit IDs. It's time to make the field bigger. I don't doubt the second sentence, but is the first sentence actually true? Do we have any evidence / measurements / something here? (Since circids

Re: [tor-dev] Proposal 214: Allow 4-byte circuit IDs in a new link protocol

On Tue, Nov 06, 2012 at 10:10:15PM -0500, Nick Mathewson wrote: And if a very few do, maybe the solution is to move to a new TLS connection for those rare cases, rather than impose a 2-byte penalty on every cell in all cases.) Maaaybe, but I sure can't think of a sane testable design for

Re: [tor-dev] Proposal 205: Remove global client-side DNS caching

On Sun, Nov 25, 2012 at 07:54:51PM -0500, Nick Mathewson wrote: [tl;dr: We should make client-side DNS cacheing off by default.] Be careful -- we seem to rely on the client-side dns cache to let us move on to a new circuit if the current circuit's exit policy doesn't like the stream. See in

Re: [tor-dev] Flashproxy alpha bundles

On Thu, Dec 13, 2012 at 06:38:03PM +, adrelanos wrote: Have you considered Hole punching techniques? [1] TCP, UDP, ICMP hole punching... There are many techniques. I don't know if the WebSocket protocol would prevent it. STUN [2] like techniques where a third non-firewalled server helps

Re: [tor-dev] Proposal 205: Remove global client-side DNS caching

On Thu, Nov 29, 2012 at 06:14:23PM +, Julian Yon wrote: (3) Don't bother trying to ascertain the full exit policy, but rather maintain a simple table of exit/IP/port combinations that have been rejected and consult it when building/using circuits. This requires no protocol changes (win!)

Re: [tor-dev] All the problems about Stegotorous

On Thu, Jan 10, 2013 at 12:18:17PM -0700, vmonmoonsh...@gmail.com wrote: I was talking to Roger yesterday on the IRC, and he mentioned that [S]tegotorus ... has a whole lot of problems. I have heard this many times in different forms by now (in Florence, The sponsor F discussion, etc). But I

Re: [tor-dev] Vidalia 2.0 - an complete rewrite

On Thu, Feb 21, 2013 at 06:11:59PM -0500, Roger Dingledine wrote: This list is misleading, since I moved a few of Vidalia's tickets over to Tor's trac well after most Vidalia development had completed. Unfortunately, I believe the old Vidalia domain, and trac, are offline now. I am wrong! We

Re: [tor-dev] Obfs Links on dist are Suddenly Gone

On Thu, Mar 14, 2013 at 11:57:12PM +, Nima wrote: This is a very critical time for Iranian ppl as we're getting close to presidential election in Iran. This is the first serious election after what happened back in 2009 and the gov is doing it's best to keep ppl away from internet. I just

[tor-dev] More-static throttling parameters

Hi Rob, We spoke at the dev meeting about how throttling that's a function of number of clients introduces new anonymity vulnerabilities (for those following along at home, see the upcoming PETS paper Balancing Performance with Anonymity in Tor). It seems to me that we want to explore more static

[tor-dev] Tor trademark (was Embedding tor in an application and using tor) without opening a port

(Sorry for the brief diversion from technical stuff folks, but this looked like a good opportunity for some trademark education and clarification.) On Mon, Apr 15, 2013 at 03:44:17AM +0100, wac wrote: I changed from libTor to libtor as Tor is a registered trademark but lowercase tor is not.

Re: [tor-dev] Tor Launcher UI feedback follow up

On Thu, May 09, 2013 at 09:47:19AM -0400, Tom Ritter wrote: My network operator does not threaten my person safety 1) This is also the first point I thought of here -- in the past we've said that some people should be using a bridge for an extra layer of it's not so obvious that I'm using Tor,

Re: [tor-dev] Tor Launcher UI feedback follow up

On Mon, May 13, 2013 at 08:38:53AM +, adrelanos wrote: So what's the ethical thing to do? Totally deprecate the hide the fact, you're using Tor use case? Have a button My network operator threatens my person safety, which is honest and explains, Tor can't help Actually, Tor can help.

Re: [tor-dev] Your server has not managed to confirm that its ORPort is reachable

On Fri, May 17, 2013 at 11:11:33PM -0700, Christian Kujau wrote: Hm, an hour later it succeeded: May 17 20:40:43.000 [warn] Your server (...:9001) has not managed to confirm that its ORPort is reachable. May 17 21:00:43.000 [warn] Your server (...:9001) has not managed to confirm that its

Re: [tor-dev] Questions pertaining to client to directory authority communications

On Sun, May 19, 2013 at 02:40:13PM -0400, Jon Smithe wrote: I have been reading through the various tor specifications trying to understand how this all works, so please forgive any ignorance of the protocol on my part. There seems to be a fair amount of gaps about specifically how various

Re: [tor-dev] Trawling for Tor Hidden Services: Detection, Measurement, Deanonymization

On Mon, May 27, 2013 at 11:39:06AM -0700, Micah Lee wrote: Would it be fair to say that using the techniques published in this paper an attacker can deanonymize a hidden service? Yes, if you're willing to sustain the attack for months. But actually, this Oakland paper you're looking at is a

Re: [tor-dev] Haskell packages?

On Thu, Jun 06, 2013 at 10:21:19AM +0400, Nikita Karetnikov wrote: I'd like to improve my Haskell skills. Are there any opportunities? I've been told there is at least one project that uses Haskell, which is not maintained. (For example, this page [1] mentions TorDNSEL, which was replaced

Re: [tor-dev] atlas.torproject.org question

On Sat, Jul 06, 2013 at 09:36:32AM -0400, Ian Goldberg wrote: Ah, my bridge is configured as BridgeRelay 1 PublishServerDescriptor 0 Does the latter mean that stats are also not pushed to onionoo? It's set that way for one of the funders, but it would be great if I could somehow

Re: [tor-dev] Retiring old user number estimates

On Mon, Sep 16, 2013 at 08:28:21PM +0200, Karsten Loesing wrote: Here's the plan: - Compute user numbers for 2012 and before; the current numbers start on January 1, 2013. This is going to take at least until September 23. Sounds good. That sounds like it will resolve Griffin's question

Re: [tor-dev] Retiring old user number estimates

On Mon, Sep 16, 2013 at 06:02:14PM -0400, Roger Dingledine wrote: I think it would be good to write a paragraph or two to answer Matthew's question -- why are these new numbers different, and what makes us think they're better? Speaking of which: https://metrics.torproject.org/users.html

Re: [tor-dev] Retiring old user number estimates

On Tue, Sep 17, 2013 at 11:53:15AM +0200, Karsten Loesing wrote: Here are the three graphs just for September, all ending on the same day: https://metrics.torproject.org/users.html?graph=direct-usersstart=2013-09-01end=2013-09-13country=allevents=off#direct-users

[tor-dev] What to read to analyze Tor's use of NTor?

Hi Nick, Ian, I've been pointing people to Section 6 of http://citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.228.6223; when they ask what NTor is. But then I realized that that's not the best (single) place to send cryptographers when I ask them to analyze whether we've designed or built it

[tor-dev] Using TorPS to estimate chances of all-TAP paths

Hi Aaron, Sathya, I have another use for your fine path simulator. :) See https://trac.torproject.org/projects/tor/ticket/9777 The first question is: for a recent consensus, what's the chance that your middle hop and your exit hop will both be running 0.2.4.7-alpha or earlier? The extra credit

[tor-dev] Help make the Tor stackexchange beta succeed

Hello Tor developers and anonymity researchers, Our Stackexchange beta is underway: http://area51.stackexchange.com/proposals/56447/tor and we could use some more participation from actual Tor developers, anonymity researchers, and so on. The goals include a) building a good set of answers to

[tor-dev] Criteria for prioritizing pluggable transport work

Below is my first go at a list of criteria to consider when evaluating pluggable transports for readiness of deployment to users. The goal isn't to say that every transport has to pass each question -- rather, I'm hoping to fund a researcher-developer at some point soon to polish some of the

Re: [tor-dev] [tor-commits] [tor/master] Clarify who learns about ContactInfo.

On Wed, Oct 09, 2013 at 01:45:26PM +, ni...@torproject.org wrote: diff --git a/src/config/torrc.sample.in b/src/config/torrc.sample.in index c667efc..78013c2 100644 --- a/src/config/torrc.sample.in +++ b/src/config/torrc.sample.in @@ -120,9 +120,12 @@ ## is per month) #AccountingStart

Re: [tor-dev] Help me guague how full your plate is via regular check-in conversations

On Tue, Oct 29, 2013 at 11:30:24AM -0700, Tom Lowenthal wrote: When applying for grants, planning future work, and otherwise thinking about what capacity we have leftover to do things in the future, it's really useful to know who's doing what and how much of it. I get some of this information

Re: [tor-dev] Proposal 221: Stop using CREATE_FAST

On Mon, Aug 12, 2013 at 09:14:19PM -0400, Nick Mathewson wrote: I propose that in 0.2.5.x, Tor clients stop sending CREATE_FAST cells, and use CREATE or CREATE2 cells instead as appropriate. I'm a fan. Especially since some relays (like mine) have upgraded to Tor 0.2.5.x but their OpenSSL

Re: [tor-dev] Proposal 221: Stop using CREATE_FAST

On Mon, Aug 12, 2013 at 09:14:19PM -0400, Nick Mathewson wrote: I propose that we change FastFirstHopPK from a boolean to also allow a new default auto value that tells Tor to take a value from the consensus. I propose a new consensus parameter, usecreatefast, default value taken

Re: [tor-dev] recreated website png diagrams as svg

On Mon, Nov 11, 2013 at 02:42:24PM +, Ximin Luo wrote: Whilst we're on that topic, labelling the final link from the exit node to the destination as unencrypted is unnecessarily scary as well Perhaps we could reword it to encrypted if destination service is encrypted and the other links to

Re: [tor-dev] Review of Proposal 147: Eliminate the need for v2 directories in generating v3 directories

On Wed, Jan 15, 2014 at 01:08:03PM +0100, Karsten Loesing wrote: I talked to Roger on IRC, and here's why this proposal may indeed be overkill: As of January 2013, there is only a single version 3 directory authority left that serves version 2 statuses: dizum. moria1 and tor26 have been

Re: [tor-dev] Projects to combat/defeat data correlation

On Mon, Jan 20, 2014 at 05:30:27PM +0100, Philipp Winter wrote: On Sat, Jan 18, 2014 at 01:40:43AM +, Matthew Finkel wrote: obfs3 is supposed to be fairly difficult to detect because entropy estimation is seemingly more difficult than typically assumed, and thus far from what has been

Re: [tor-dev] Looking up bridges in Globe et al. by fingerprint

On Mon, Feb 10, 2014 at 10:09:10PM +0100, Christian wrote: Christian, does this make sense to you? Shall we move these ideas to Trac tickets? Sounds good, but you don't need to create a ticket for this. I'm almost done with this feature. We still like having tickets for things that are

Re: [tor-dev] Request for references for anonymous blocklisting (blacklisting)

On Sun, Feb 23, 2014 at 07:46:55AM +, Virgil Griffith wrote: I'm putting together a proposal for adding anonymous blocklisting into the Tor such that websites that block Tor can block single problematic users instead of all Tor exit nodes. Towards this end, I am looking for papers/prior

Re: [tor-dev] Weekly Tor dev meeting: Tuesday 25 Feb, 20:00 UTC

On Mon, Feb 24, 2014 at 12:09:38PM -0500, David Goulet wrote: It will be 3pm EST and 12:00 noon PST. Unless I am mistaken, that's 20:00 UTC. but I've been travelling for a while, and adding five is hard. What day of the week? :) I see this was answered on irc, but to answer it here for

Re: [tor-dev] GSOC14 Idea

On Sun, Feb 23, 2014 at 05:38:23PM +0530, Devang Thakkar wrote: Its Devang here, a coding enthusiast studying at IIT Bombay. I am looking forward to contribute to Tor for the upcoming Google Summer of Code 2014 as a prospective student. So I wanted to know if there was a provision for

Re: [tor-dev] GSOC Proposal - Improve the testing framework Chutney

On Wed, Feb 26, 2014 at 03:51:55PM +0530, Punit wrote: I think that Chutney can be turned into a great tool for testing Tor (for example, after every commit) and analyse how the Tor network works after the commit. What is needed is a way to prepare some Test cases (and to provide a simple

Re: [tor-dev] Request to expunge project 'torsocks' on Google Code

On Wed, Feb 26, 2014 at 02:06:25PM +0100, Jeroen Massar wrote: On 2014-02-26 13:46, Jacob Appelbaum wrote: I think this is a fine idea - if no one objects, I'll purge it. No objection per-se, but a recommendation/check-up: Sounds great to me -- disabling it seems like the best option, along

Re: [tor-dev] GoSC - Website Fingerprinting project

On Mon, Mar 10, 2014 at 06:00:13PM +0100, Marc Juarez wrote: I'm a PhD student at COSIC (COmputer Security and Industrial Cryptography) in KU Leuven, Belgium. My research topic is related to network traffic analysis and I'm now focused in the more specific problem of website fingerprinting

Re: [tor-dev] Implications of switching to a single guard node: some conclusions

On Tue, Mar 25, 2014 at 01:41:43PM -0700, Mike Perry wrote: Nicholas Hopper: I modified Aaron Johnson's TorPS simulator to simulate 50K clients ** The reason I ask is because I suspect there is actually an interplay between the current circuit build timeout code and the pool of 3 guards.

Re: [tor-dev] Implications of switching to a single guard node: some conclusions

On Thu, Mar 13, 2014 at 10:21:38PM +, George Kadianakis wrote: From {2}, we see that the Tor network has 6000MiB/s advertised guard bandwidth (orange line), but supposedly is only using the 3500MiB/s (yellow line). This means, that supposedly we are only using 3/5ths of our guard capacity:

Re: [tor-dev] [RFC] Proposal draft: The move to a single guard node

On Wed, Mar 26, 2014 at 11:57:08AM -0500, Nicholas Hopper wrote: We can try to mitigate this phenomenon by giving higher priority to young guards to be picked as guards: I'm pretty sure this section has it backwards from what was the intent of the discussion of guard age at the dev

[tor-dev] Implications of openssl bug on directory authorities

Part one: Facts as I understand them There are 9 directory authorities, and clients only believe a consensus networkstatus if it's signed by a majority (5) of them. Two (moria1 and urras) of the directory authorities were unaffected by the openssl bug, and

Re: [tor-dev] Implications of openssl bug on directory authorities

On Mon, Apr 14, 2014 at 03:02:39PM -0400, Nick Mathewson wrote: I've got a draft patch for this up at https://trac.torproject.org/projects/tor/ticket/11464 , but I need a list of bad authority signing keys and/or certs. Who can get me that?

Re: [tor-dev] Revising Proposal 140

On Thu, May 01, 2014 at 10:02:30AM +0200, Daniel Martí wrote: * Regarding their size, #140 suggests that they are not useful past 16 hours. I thought we could compare the compressed size of the diffs when creating them, since they may be of use for a longer time. We could do this

Re: [tor-dev] Hidden Service Scaling

On Tue, May 06, 2014 at 03:29:03PM +0100, Michael Rogers wrote: I'm interested in your work because the hidden service protocol doesn't seem to perform very well for hidden services running on mobile devices, which frequently lose network connectivity. I wonder if the situation can be improved

Re: [tor-dev] Proposal for improving social incentives for relay operators

On Mon, Jun 09, 2014 at 05:26:28PM -0700, Virgil Griffith wrote: I propose the following system for harnessing warm glow and reputation for Tor relay operators. Hi Virgil, I agree with your direction here, and I'd love to see some more work on it. In fact, the per relay page idea is nearly in

Re: [tor-dev] I have a group at internet archive that are interested in buying a lot of OnionPi's

On Sat, Jun 28, 2014 at 10:11:24PM +0200, Moritz Bartl wrote: On 06/27/2014 09:44 PM, Virgil Griffith wrote: What is the current state of the art on this, and if it is ready for larger deployment want to buy about 50-100 of them. In my eyes, an access point that has a captive portal that

Re: [tor-dev] Silly (or not so silly) question

On Wed, Jul 23, 2014 at 11:24:47PM +0100, Noel David Torres Taño wrote: What would happen if a Tor node changes behaviour and uses four or five relay steps instead of three? Would it enhance Tor's security? I assume you mean a Tor client? https://www.torproject.org/docs/faq#ChoosePathLength

Re: [tor-dev] What are some aspects of Tor that are suffering right now due to lack of speed?

On Fri, Jul 25, 2014 at 04:10:50AM +0100, Virgil Griffith wrote: Hidden services quickly come to mind. Are there other candidates? I can imagine people deciding not to view certain content through Tor because of speed (e.g., pornhub). But I suspect I am missing some use cases. Hi Virgil,

Re: [tor-dev] Symlink to latest sources

On Mon, Sep 08, 2014 at 12:09:31PM -0400, Peter Swire wrote: Dear Tor-dev, On the dist page ( https://www.torproject.org/dist/ ) all the sources are listed by version number. It would be awesome if there was a symlink to the latest stable release, called something like tor-latest.tar.gz

Re: [tor-dev] Defending against guard discovery attacks by pinning middle nodes

On Sat, Sep 13, 2014 at 04:07:13PM +0300, George Kadianakis wrote: So let's say that along with our guard, we also pick 6 second-tier guards (middle nodes) that also get pinned for 2-3 months. This makes us look like this: - middle1 - middle2 HS - guard - middle3 -

Re: [tor-dev] Is PublishServerDescriptor needed to collect metrics?

On Mon, Oct 13, 2014 at 09:44:24PM -0700, David Fifield wrote: If a bridge has PublishServerDescriptor 0 does that prevent it from counting in metrics? Correct. If it's set to 0, it never goes to the bridge authority, so none of the metrics databases ever see it. If so, what's the

Re: [tor-dev] Potential projects for SponsorR (Hidden Services)

On Mon, Oct 20, 2014 at 02:37:49PM +0100, George Kadianakis wrote: this is an attempt to collect tasks that should be done for SponsorR. You can find the SponsorR page here: https://trac.torproject.org/projects/tor/wiki/org/sponsors/SponsorR Thanks for getting this going! == Safe statistics

Re: [tor-dev] Running a Separate Tor Network

Hi Tom! Neat stuff. Let me try to point you in useful directions. On Wed, Oct 15, 2014 at 08:39:12PM -0500, Tom Ritter wrote: One of the first things I ran into was a problem where I could not get any routers to upload descriptors. [...] I imagine what would actually happen is Noisebridge

Re: [tor-dev] Link protocol version

On Tue, Oct 28, 2014 at 02:19:17PM +0400, ?? wrote: I'm trying to understand link protocol versions, but I have some problems. I requested descriptor from the root server and it contains line protocols Link 1 2 Circuit 1. Then I connected to the node, sent

Re: [tor-dev] Link protocol version

On Tue, Oct 28, 2014 at 07:32:09AM -0400, Roger Dingledine wrote: Then I connected to the node, sent VERSIONS cell and got a responce: 00 00 07 00 04 00 03 00 04. That said, what relay is this? It seems weird that it would tell you that it supports link versions 4, 3, and 4. Ah ha. I

Re: [tor-dev] yes hello, internet supervillain here

On Sat, Nov 08, 2014 at 10:10:23PM +, Fears No One wrote: If you have any questions/clarifications, just ask. [...] All of these files are in the hands of the cops anyway (And I have no plans of bringing doxbin back), so there are 0 real-time opsec concerns. Hello Mr. Supervillain, Can

Re: [tor-dev] The Sniper Attack: Anonymously Deanonymizing and Disabling the Tor Network

On Thu, Nov 27, 2014 at 11:10:43AM +0100, Liste wrote: http://www.nrl.navy.mil/itd/chacs/biblio/sniper-attack-anonymously-deanonymizing-and-disabling-tor-network I will see your url and raise you one, by the same authors:

Re: [tor-dev] Best way to client-side detect Tor user without using check.tpo ?

On Sat, Feb 07, 2015 at 01:59:05PM +0100, Fabio Pietrosanti (naif) - lists wrote: we're introducing client-side checking if a user it's on Tor or not on the GlobaLeaks Javascript client. So, the TorButton approach is to load https://check.torproject.org/?TorButton=true . Note that the

Re: [tor-dev] Fwd: Orbot v15-alpha-3 with VPN and Meek!

On Sat, Feb 14, 2015 at 12:08:10AM -0800, David Fifield wrote: An upstream HTTP proxy should work, either through torrc HTTPProxy or the --proxy option. Careful! The torrc HTTPProxy line is only for non-tunneled directory fetches. It's the HTTPSProxy line that most people want -- that causes

Re: [tor-dev] Progress on hidserv-stats Metrics integration, request for code review

On Thu, Mar 12, 2015 at 06:01:13PM +, George Kadianakis wrote: Karsten Loesing kars...@torproject.org writes: The question is, what graphs do we want on Metrics? How about: - Total hidden-service traffic in Mbit/s (per day, using weighted interquartile mean, like lower graph on page

Re: [tor-dev] Future Onion Addresses and Human Factors

On Sat, Aug 08, 2015 at 11:36:35AM +, Alec Muffett wrote: 5) taking a cue from World War Two cryptography, breaking this into banks of five characters which provide the eyeball a point upon which to rest, might help:

Re: [tor-dev] [tor-commits] [tor/master] Remove the HidServDirV2 and VoteOnHidServDirectoriesV2 options

Isis: I'd like to highlight this change for you, since it means that the bridge authority's networkstatus files are now going to have HSDir flags on the bridge status lines. I don't know if this is going to be a problem for any of your parsing code in any way (hopefully not), but I figured now's

Re: [tor-dev] Proposal 246: Defending Against Guard Discovery Attacks using Vanguards

On Sat, Jul 18, 2015 at 03:11:26AM +0300, s7r wrote: I still see the third hop (speaking from hidden service server start point) is the weak part here. An attacker can connect to a hidden service at his malicious relay selected as rendezvous. Before you know it, all relays in third_guard_set

Re: [tor-dev] Proposal: Merging Hidden Service Directories and Introduction Points

On Sun, Jul 12, 2015 at 05:48:12PM -0400, John Brooks wrote: Filename: xxx-merge-hsdir-and-intro.txt Title: Merging Hidden Service Directories and Introduction Points Author: John Brooks, George Kadianakis Created: 2015-07-12 Thanks! I have added it as proposal 246. --Roger

Re: [tor-dev] Proposal 247: Defending Against Guard Discovery Attacks using Vanguards

On Fri, Jul 10, 2015 at 04:58:28PM -0400, George Kadianakis wrote: I'm attaching a proposal draft that should help us defend against guard discovery attacks. Thanks George. I have added this proposal as 247. (Sorry for the numbering confusion -- let that be a lesson to others who try to pick a

Re: [tor-dev] Status of remaining SVN repositories

On Tue, Oct 27, 2015 at 12:48:11PM +0100, Jens Kubieziel wrote: > Tor has a SVN with several repositories in it. The ticket #4929 deals > with migrating them to git > (). I made a > table within the ticket to track the current status. Most

Re: [tor-dev] running a BWauth

On Tue, Nov 03, 2015 at 09:32:26PM -0800, Jesse V wrote: > Yep, I've run Mike Perry's code before. It's all in torflow. I was also on a > 1 gbits link, but as I recall it wasn't that saturated so you might be able > to get away with a 500 mbits. I've been running it on a 100mbit link, and it

Re: [tor-dev] packaging advice needed

On Fri, Jul 10, 2015 at 10:35:57PM -0400, Magnus Hedemark wrote: I tried searching the site for advice for packagers but haven't found any. If I've overlooked it, I'd appreciate a nudge in the right direction. I think our current advice is do it like the deb does it.

Re: [tor-dev] CollecTor data: mapping bridge-network-status to bridge-server-descriptor to bridge-extra-info

On Wed, Jul 08, 2015 at 07:45:04PM -0700, David Fifield wrote: I'm trying to use CollecTor data to find out how much bandwidth is offered by different pluggable transports over time. I.e., I want to be able to say something like, On July 1, bridges with obfs3 offered X MB/s, bridges with obfs4

Re: [tor-dev] CollecTor data: mapping bridge-network-status to bridge-server-descriptor to bridge-extra-info

On Thu, Jul 09, 2015 at 12:04:52PM -0700, David Fifield wrote: On Wed, Jul 08, 2015 at 11:39:54PM -0400, Roger Dingledine wrote: It seems rare that the bridge-server-descriptor is missing. In the 2015-07 tarball, it happened for 5891/477496 relays (1.2%). [snip] How do you handle cases

Re: [tor-dev] . tor-roster's geo diversity badge and self-ref relays

On Sun, Sep 13, 2015 at 11:20:11PM +0200, Tom van der Woerdt wrote: > I agree, and this one in particular is important to some operators: by > allowing a relay to specify itself in the family, one can just have a single > configuration file for all relays in a family. Maybe somebody wants to

Re: [tor-dev] Special-use-TLD support

On Mon, Sep 28, 2015 at 03:20:47PM +0200, Jeff Burdges wrote: > I proposed that Tor implement NameService rules using UNIX domain > sockets, or ports, since that's how GNUNet works, but maybe Tor should > instead launch a helper application it communicates with via stdin and > stdout. I donno if

Re: [tor-dev] Desired exit node diversity

On Wed, Sep 23, 2015 at 06:26:47AM +, Yawning Angel wrote: > On Wed, 23 Sep 2015 06:18:58 + > Virgil Griffith wrote: > > * Would the number of exit nodes constitute exactly 1/3 of all Tor > > nodes? Would the total exit node bandwidth constitute 1/3 of all Tor > >

Re: [tor-dev] Desired exit node diversity

On Wed, Sep 23, 2015 at 06:18:58AM +, Virgil Griffith wrote: > Exit nodes seem a nice place to start concretizing what's meant when we say > we want relay diversity. Comments immensely appreciated because as-is I > don't know the answers to these questions. Hi Virgil, I've been pondering the

Re: [tor-dev] Revisiting prop224 overlap descriptor logic and descriptor lifetimes

On Mon, Jun 13, 2016 at 03:48:39PM +0300, George Kadianakis wrote: > The main issue for me right now is that I can't recall how this helps with > clock skewed clients, even though that was a big part of our discussion in > Montreal. > > Specifically, I think that clients (and HSes) should

Re: [tor-dev] Proposal: Rendezvous Single Onion Services

I made some hopefully uncontroversial changes to the proposal in git, but here are the comments that you might want to think about or disagree with before acting on. :) On Fri, Oct 23, 2015 at 01:54:50AM +1100, Tim Wilson-Brown - teor wrote: >Rendezvous single onion services have a few

Re: [tor-dev] Proposal xxx: Filtering malicious rendezvous points at hidden service server side

On Sat, Jan 23, 2016 at 11:38:00PM +0200, s7r wrote: > The attacker is also a Sybil (holds an unknown % of the bandwidth in > the Tor network). By making the hidden service server build many > circuits to his evil rendezvous points, the attacker gets a high > probability that the hidden service

Re: [tor-dev] Notes from the prop259 proposal reading group

On Fri, Mar 25, 2016 at 01:51:53PM +0200, George Kadianakis wrote: > In the future we should make it so that all Guards are both Stable and Fast, > so that this stupid check does not need to happen [TODO: I should open a > ticket for this if it doesn't already exist].

  1   2   >