site's embed page. If there's
much interest in this, I'll switch to a dedicated site since it's maybe not
fair to send that many requests to them ^_^;
Input, ideas, and tomatoes welcome =)
Best,
Griffin Boyce
--
What do you think Indians are supposed to look like?
What's the real difference between
to the proxy program quickly.
David Fifield
Sounds good to me. I don't think it would be too difficult to get a couple
thousand users through the Chrome Web Store.
Best,
Griffin Boyce
___
tor-dev mailing list
tor-dev@lists.torproject.org
https
SiNA Rabbani s...@redteam.io wrote:
Are we also interested in translating this to other languages? Perhaps
we can get the Farsi done ASAP, since we now have a country obfsproxy
users coming to this page soon :)
All the best,
SiNA
If everyone's open to interface ideas, a rough number of
Hey all,
After talking to Wendy Seltzer, I decided to bring this up on the list.
I frequently talk to people who would like to run an exit node, but who
aren't as good a sysadmin as they'd like to be. It would be great if there
were server images that could be fairly easily installed and then
Fabio Pietrosanti (naif) li...@infosecurity.ch wrote:
To fix that need it would be nice to make a sort of hosting provider
(using existing tool for customer management, payments,
server/application deployment maintenance) to host Tor Exit.
This would definitely be cool, though honestly I
Rather than going through a large process to reach hidden services without
the Tor bundle, I'd suggest instead using Tor2Web or Onion.to. Tor2Web is
also open-source, but both are fairly reliable.
Example: DuckDuckGo
Tor only: http://3g2upl4pq6kufc4m.onion
http://3g2upl4pq6kufc4m.tor2web.org
While I'm not quite sure it's what you're looking for, cross-cultural
factors come into play a lot and seriously affect trust. I work with an
organization that (in turn) works with Chinese activists organizers.
It's a bit of a catch-22 that tools and guides in Chinese dialects are
critically
David Fifield da...@bamsoftware.com wrote:
I moved the flash proxy facilitator to a new domain, fp-facilitator.org.
This is to get it away from bamsoftware.com, which also has a lot of
unrelated stuff. The old facilitator name tor-facilitator.bamsoftware.com
will continue to work (the DNS for
Jacob Appelbaum ja...@appelbaum.net wrote:
Yes, it is. I'm working on it and so are a number of other people.
All the best,
Jacob
Good to hear. Is there a tentative date for a beta release?
best,
Griffin
___
tor-dev mailing list
Matthew Finkel matthew.fin...@gmail.com wrote:
So I think we should make some terms clear (just for the sake of
clarity). We have, I guess, three different naming-system ideas
floating here: petnames, (distibuted) namecoin-ish, and centralized
consensus-based - rough summary.
Some months
I've updated the Cupcake extension already. Thanks for the heads up. :)
~ Griffin
--
Sent from a phone, please excuse fatfingers and grammatical errors.
On Jun 30, 2013 5:55 PM, David Fifield da...@bamsoftware.com wrote:
On Thu, Apr 25, 2013 at 01:32:08AM -0700, David Fifield wrote:
I
I would actually really appreciate the old numbers (from ~2007-8/2013)
being kept online. Estimating growth over time and mapping spikes is
kind of a big deal to me. =)
~Griffin
On 09/16/2013 02:28 PM, Karsten Loesing wrote:
Hi everyone,
some of you may already know our new approach to
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 09/16/2013 09:51 PM, Liste wrote:
Work complete for the version 0.0.0Beta
Any chance you could upload your project to github, or a similar site
so that people can review it before downloading? Github also uses SSL,
which does offer some
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
So the lack of OTR support in Instantbird is nearly a dealbreaker for
me, as it makes it a bit more likely than a rogue exit could intercept a
user's communications. Though this depends in part on SSL/TLS support
and whether a user *actually
Hi all,
I'm looking at possibly replacing the images used by Cupcake with
inline SVG XML, to reduce the possibility of fingerprinting/identifying
Cupcake users who use Chrome [1]. One of the more talked-about methods
of identifying a user's browser extensions is to look for images used by
the
On 10/29/2013 07:30 PM, Tom Lowenthal wrote:
Any questions or suggestions?
-Tom
Is this a tor dev thing, or a devs who work on tor-related projects
but who are not part of tor thing?
~Griffin
--
Cypherpunks write code not flame wars. --Jurre van Bergen
#Foucault / PGP: 0xAE792C97 / OTR:
Nick Mathewson wrote:
establishing the precedent that if you make a P2P network that uses a
new virtual TLD, you can officially own that TLD forever for free
Well, if the barrier-to-entry is ten(ish) years of hardcore
development, a robust research community, and hundreds of thousands of
So I'm hiring translators for Cupcake, for Persian and
Urdu translations. As it turns out, this is surprisingly inexpensive.
Because I'm hiring translators anyway, I want to go ahead and donate
translations of Tor project strings. (Especially Urdu, which is
inexpensive, but difficult to find
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Nima Fatemi wrote:
I didn't find it on torproject page. but anyways here it is:
https://www.transifex.com/projects/p/cupcake/language/fa/
Please donate the /whatever amount of/ money you had in mind for this
translation to Tor Project.
My
Sorry for taking so long to respond to this thread. Responses are
(mostly) inline below.
At a training event a couple of days ago, a user was sketched out by
the warning her Mac gave her -- in spite of the advance notice she'd
been given by the trainers.
Erinn Clark wrote:
Please see Ralf's
Fabio Pietrosanti (naif) wrote:
I mean supporting many hardware devices, rather than going with a custom
hardware?
Hey Naif,
Access Labs' openwrt-based torouter firmware is still the best and
most stable. It worked pretty well for me back in August on a TP-Link
N750, and earlier on a
Hey Ximin,
I don't think it's been discussed in-depth before (at least not
on-list), but I've thought a fair bit about it. While it's an
interesting idea, I don't think that the risks for deploying it far
outweigh any minor reward that could come of it. This idea has come up
several times
Ximin Luo wrote:
In my understanding, the anonymity set doesn't apply to use of PTs
since this is only at the entry side. The exit side does not know[1]
what PT the originator is using, so is unable to use that information
to de-anonymise.
[1] at least, in theory should not know, perhaps
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
OpenITP TA3M have had a python dev ask if STEM or txtorcon need
assistance =) For more details, talk to Sandy (sandraordo...@openitp.org).
~Griffin
- Original Message
Subject: [OpenITP Dev] Do u needa Python Javascript
On 2014-02-24 12:59, Roger Dingledine wrote:
I see this was answered on irc, but to answer it here for completeness:
it is my understanding that the Tuesday dev meeting will be held on
Tuesday this week. :)
Is this for little-t tor, or more user-facing projects like TBB?
~Griffin
Nathan of Guardian wrote:
Github? Maybe not whole sites, but specific files.
I've been working with users who have networks in censored countries
to expand access to specific software bundles (not just Tor). My two
approaches right now are Google Web Store and torrents attached to a
stable
Nathan Freitas wrote:
Have you looked into BitTorrent Sync? You can do semi-private (I
believe) Dropbox-like Torrent shares, that could be provisioned based on
emails or other requests from users.
There is a really nice mobile BitTorrent Sync app, so I have
particularly been interested in
David Fifield wrote:
GitHub is how Chinese users download GoAgent. It's a little weird, but
they keep the binary right there in their source tree (goagent.exe).
https://github.com/goagent/goagent/tree/3.0/local
GitHub is great because it's HTTPS only, projects are subdirectories
rather
Hello all,
Is there a plan to port TBB for chromebooks?
___
tor-dev mailing list
tor-dev@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
In your git config, you can define a pushurl that is different from
url. Which effectively means that you can pull from github but push
to tor.
So in .git/config, your entry would look something like this
(double-check pushurl syntax):
[core]
Hey all,
Got a report from a friend* who noticed that twitch.tv stops letting
him watch broadcasts while flashproxy is in an active state. He uses
Cupcake, which shows flashproxy's status in the icon bar, and he only
has an issue when the cupcake icon has a mustache.
Has anyone noticed
quinn jarrell wrote:
Hi everyone,
My name is Quinn Jarrell and I'm a student University of Illinois at
Urbana Champaign. I'm excited to join GSoC and I'll be working on
building a pluggable transporter this summer for Google summer of
code. The pluggable transports combiner will allow
In addition to explicitly forbidding newlines, perhaps it would be a good idea
to either strip them entirely or ignore any value with a newline.
--
Sent from my tracking device. Please excuse brevity and cat photos.___
tor-dev mailing list
isis wrote:
Do you have a better suggestion for what to call vanilla bridges?
I keep calling them standard bridges (as opposed to fancy,
monocle-wearing bridges). People seem to understand immediately that
other types of bridges are special somehow if I call
regular/vanilla/non-obfs
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Lunar wrote:
We can't just make Tor Browser stop accepting obfs2 because some
people are using obfs2 bridges right now. But we shouldn't add more
people to the set of users of a broken protocol.
We should really be reaching out to those running
This is similar, though not *quite* the same. A while back ioerror
released FreeNote[1], which makes it easier to broadcast audio and video
on a hidden service. This is a pretty cool idea and works pretty well.
AND it should be pointed out that two one-way conversations can be a
two-way
Hello all!
I am wondering whether to force-uninstall Debian's popularity-contest
package as part of Stormy's installation process. It would be good to
have an idea how popular Stormy is, but on the other hand, I'm not sure
how anonymous the reporting is on Debian's end.
This is also
On 2014-09-21 11:32, Fabio Pietrosanti (naif) wrote:
Have you considered just distributing Tails USB sticks along with the
.onion
address on a piece of paper?
We've considered it, but it was outside the logistically doable
opportunity, as far as i understood.
Sounds like the most apparently
Roger Dingledine wrote:
h) Back to the community again. There have recently appeared a few
messaging protocols that are inherently using HSes to provide link
layer confidentiality and anonymity [1]. Examples include Pond,
Ricochet and TorChat.
There are also a fair few IRC and XMPP
So most of my work over the next three days is writing and editing
documentation on hidden services.
I'm in Boston and the purpose of this trip is to rewrite existing documentation
to be more useful, but with authenticated hidden services, what's available is
extremely sparse. GlobaLeaks and
On 2014-11-09 15:30, Fabio Pietrosanti - lists wrote:
On 11/9/14 8:58 PM, Jacob Appelbaum wrote:
For example, it would be interesting if TBB would allow people to
input a password/pubkey upon visiting a protected HS. Protected HSes
can be recognized by looking at the authentication-required
Lee wrote:
c) Get .onion IANA reserved
It doesn't look like that's going to happen.
Yeah. Though the biggest use-case for cert+onion is when trying to
match a clearnet service to a hidden service -- such as Facebook or
Erowid.
~Griffin
___
Hello all,
So as some of you know, I've been working on installers for hidden
services, to ideally make very common services (such as blogs and plain
websites) easy to deploy and automatically update. This is a very rough
version of the one-click hidden service installer, but I'd love to
Hey all,
Sorry for the delay in responding -- comments inline.
Fabio Pietrosanti - lists wrote:
I would suggest to add a Tor2web policy that, looking at X-Tor2web:
HTTP
header, enable or disable access to the Blog trough he internet:
What is your reasoning for disabling access via
Fabio Pietrosanti (naif) - lists wrote:
On 12/10/14 7:53 PM, Chuck Peters wrote:
The torrent files are available through https with a valid
certificate.
We would love to distribute Tor Browser Bundle via Tor2web, useful for
specific use-cases:
SiNA Rabbani wrote:
We can also use S3's bit-torrent feature:
http://docs.aws.amazon.com/AmazonS3/latest/dev/S3Torrent.html It's
relatively painless. Tor has its own Amazon account, I am also more
than happy to provide my own S3 for to mirror Tor's binaries.
Hi Sina,
Thanks for this - I
grarpamp wrote:
Is there a project to collect, index and archive all the relevant
papers
from all the various internet sites, homepages, anonbib, etc... into
one central, easily mirrored and referenced repository? git would
seem more useful for this than the various disparate http resouces
of
Tyrano Sauro wrote:
This is funny
Oh, I agree :D There was an outtake where Karen (development
director) was walking around with a tiny orange tree saying Orange
Routing! Orange Routing! It was pretty great ^_^
~Griffin
--
“Sometimes the questions are complicated and the answers are
David Fifield wrote:
I don't know if there's a place where they're all in a single file, but
you can get them for historical releases here:
https://archive.torproject.org/tor-package-archive/torbrowser/
Thanks! That's perfect :D Satori's new version will detect version
based on the hash.
Hey all,
I was just wondering if it's possible to get a gpg-signed list of
sha256 checksums for the Tor Browser. The website only shows the
current version's list of hashes. Which is really useful, but it would
be great to have them all if possible.
thanks,
Griffin
--
“Sometimes the
So, what do we think? I'd say that MyFamily is likely to continue to
MyFamily is also critical for people who are running a lot of relays.
It's ideal to list keys, but in a scenario where I run two dozen relays
or more, having a good shorthand for them would make it easier to group
them.
Sukhbir Singh wrote:
I am sure other users
from India/Pakistan can back this up, but personally, even though my
native language is Punjabi and Hindi, I have always selected English
when installing Debian. Similary, I have almost never seen a copy of
Windows in any of the local languages,
Mike Perry wrote:
David Fifield:
Here's the summary of meek's CDN fees for April 2015.
total by CDN $3292.25 + $3792.79 + $0.00 = $7085.04 grand total
https://metrics.torproject.org/userstats-bridge-transport.html?graph=userstats-bridge-transportstart=2015-02-01end=2015-04-30transport=meek
Hello all,
Whenever I attend events with a large Pakistani or Indian contingent,
I'm asked why there isn't an Urdu or Hindi translation of Tor Browser.
And I'm not totally sure what to say. There's clearly a large need,
given Pakistan's history internet censorship. At a recent event in
So, just to clarify, this would be 10pm EST on Tuesday or Wednesday
night, correct?
~Griffin
On 2015-04-06 16:31, Brandon Wiley wrote:
I can't do 0200 UTC on Wednesdays. I could potentially do 0200 on some
Thursdays.
On Mon, Apr 6, 2015 at 3:06 PM, isis i...@torproject.org wrote:
Last
Hey all,
It seems like time to give the tor-dev list an update on Stormy's
development. Right now, the scripts are undergoing third-party testing
to identify any obvious bugs before sending them to security auditors.
Testing should be finished imminently, any bugs found will be fixed this
Hello all,
I came across a blog post that might interest you all. @techdad did a
quick analysis of public images from online black markets (such as Silk
Road et al)[2] from 2011-2015, and came to the following conclusion:
After parsing hundreds of thousands of images, I came across about
Georg Koppen wrote:
Nima Fatemi:
Lunar:
Tor Browser folks have been tagging tickets with tbb-usability:
https://trac.torproject.org/projects/tor/tags/tbb-usability
Do you want an extra tag for those?
This is a good question. I'm aware of tbb-usability tag and have
already
added it to my
Serene wrote:
Q: Why is it called Snowflake?
There's a bunch of "ICE" negotiation happening for WebRTC, and it also
involves a great abundance of ephemeral and short-lived (and special!)
volunteer proxies...
Anyhow, if Snowflake seems like it would be useful / desired here, it
would be awesome
Hey all,
There have been quite a few bug reports that discuss incompatibility with
various Firefox extensions and with websites. In most cases, I can't
replicate
these bugs -- either because the extension in question has been patched,
the
website reported no longer exists, or the issue can't
Yawning Angel wrote:
Inspired by https://trac.torproject.org/projects/tor/ticket/18361
I've been working on way to improve the situation.
Neat. In the thread someone mentions that it's possible to derive the
answer for the old-style street number captchas using tesseract [1].
How do you transmit an elephant? One byte at a time...
But on a serious note, it's possible to transfer 2.6TB over Tor in small
pieces (such as file by file or via torrent). Given the size, however, I'd
suspect they mailed hard drives after establishing contact with
journalists. Even on a
Thanks for the heads up
On December 6, 2018 3:52:43 PM EST, Karsten Loesing
wrote:
>Hi,
>
>if you're not pulling CSV files from the Tor Metrics website in an
>automated fashion, you can stop reading now.
>
>We just scheduled some changes to the Tor Metrics CSV files in the
>Performance and
63 matches
Mail list logo