.3.1.2-alpha.tar.gz
> https://dist.torproject.org/tor-0.3.1.2-alpha.tar.gz.asc
Doesn't matter much. One should check the signatures anyway...
Do we trust the CAs now? ;)
--
Ivan Markin
--
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.
(OR)
can exit (ExitPolicy is not set to `reject *:*`) and has no Exit flag
there may be some non-standard actors that can use your relay to exit.
tl;dr ExitPolicy == exit traffic allowed, Exit flag == (confoming) clients
can use your exit.
[1] https://gitweb.torproject.org/torspec.git/tree/di
stuff - whether
it's relay or any upstream provider. What relays never should do is
to intrefere with user's traffic in any way (BadExit).
Just educate the users about the threat models and use e2e encryption.
--
Ivan Markin
--
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or chan
false).
Probably Safari has also got implementation for RFC 7686 but I don't
know whether it's possible to go around it.
--
Ivan Markin
--
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
should use Tor Browser.
> https://www.torproject.org/projects/torbrowser.html
I guess the OP is already aware of all of the downsides of Transparent
Proxying.
--
Ivan Markin
--
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torprojec
lso check whether DNS settings are not overridden in your OS/browser
(e.g. by DHCP).
--
Ivan Markin
--
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
is. `--with-zlib-dir` works only if either
`--enable-static-zlib` or `--enable-static-tor` is set. This options are
meant to be for solely for *static* linking.
For dynamic linking you may want to tune LDFLAGS variable or `--libdir`
option.
--
Ivan Markin
--
tor-talk mailing list - tor-talk@lists.tor
correct time (e.g. via NTP aka "network time"). Consult
your OS documentation on how to do so.
--
Ivan Markin
--
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
HS connection attempts but only relate them to
> ephemeral service key for the duration of the key.
--
Ivan Markin
--
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
that it doesn't.
And it has bugs that can be exploited. Remotely. By anyone (there is no
such a thing as NOBUS). If they're exploited then *ALL* your
firewalls/sandboxes/whatever are meaningless. This won't seize to be a
problem if you focus on other problems. Both should be solved.
--
Ivan Markin
--
service (one per
cluster) for this? (Donncha actually mentioned this in the docs).
It may be fun today but tomorrow it won't work.
[1] Not now since they're not implemented. :)
--
Ivan Markin
--
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
ges.
Another branch would be messy and hard to catch up with "upstream".
[*] Other species/AI are also welcome.
[1] Most of them.
[2] E.g. RowHammer or plain stupid bitflips of non-ECC RAM.
[3] I'm not just complaining. I'm happy to fix this if I had more time.
--
Ivan Markin
--
tor-talk mai
if you're doing web).
Many of these problems should be gone after prop224 got implemented.
--
Ivan Markin
--
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
to serve over either
DirPort or begindir. But your client still has it (somehow).
> I'm using an old version of Tor (0.2.5.x) for various reasons.
This it really old. I'm curious about what are reasons behind it.
Please don't run relays on that old versions.
--
Ivan Markin
--
tor-talk maili
e paper you've mentioned?
Thanks,
--
Ivan Markin
--
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
sonably well performing
> circuit.
Huh, it's true. I've noticed that Tor performs way better than clearnet
connections over bad/faulty networks (mostly wireless ones). In case of
packet loss, routing failures, DNS outage, bandwidth trottling etc Tor
actually solves these problems magically.
--
Ivan
ment when the lantency advance doesn't matter
anymore (the difference is negligible). When this will happen there is
no reason to use VPN for general user. We definetely can get there using
faster crypto on faster crypto-accelerated/parallell hardware.
--
Ivan Markin
--
tor-talk mailing list -
sensus (public) --> no Exit flag --> clients will not be able to
exit through this relay*.
* Without torrc/code modifications.
--
Ivan Markin
--
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/
ki/org/roadmaps/Tor/IPv6
--
Ivan Markin
--
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
hip.
2. It's not that hard to separate traffic originating from you and exit
traffic from the Tor network.
3. This setup is not anonymous since all your traffic exits from one IP.
4. Note about secondary liability in your local legal code before
running an exit node.
--
Ivan Markin
--
tor-talk mailing lis
e.
I'm aware of Belarus and it clearly visible, e.g. on OnionMap.
[1] https://meduza.io/en/news/2015/02/25/belarus-bans-tor
--
Ivan Markin
--
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
a beautiful Tor monitor called Nyx (previously arm) [1].
[1] https://www.atagar.com/arm/
--
Ivan Markin
--
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
зде.
Просто под разным соусом. Тут больше проблема философии.
Я сам книгу тоже не читал, но я понимаю ее как исследовательский
текст/статью. Вообще согласен, что ее в России не купить и что это печально.
--
Ivan Markin
--
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change
n case of this passive attack no attacker "fails".
--
Ivan Markin
--
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
. Or maybe it
was just a test.
It looks like the most obvious way to crack Tor _right now_ and
_forever_ at low price is to perform a country-scale traffic
confirmation attack. Russia already has capability to do so. It's called
SORM. With this contract they possibly want to "do math"
e CA in your computer
already installed?
I recommend to switch now, meek doesn't work in this case as it's
supposed to. But it's all about your threat model and up to you.
--
Ivan Markin
signature.asc
Description: OpenPGP digital signature
--
tor-talk mailing list - tor-talk@lists.to
s broken via CA cert then it's broken (no matter which).
--
Ivan Markin
--
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
r connection. It is
just encapsulated into HTTP (without TLS in your case) and easily
detectable with tools like tcpflow.
Try to use PTs other than meek like obfs4/ScrambleSuit.
--
Ivan Markin
signature.asc
Description: OpenPGP digital signature
--
tor-talk mailing list - tor-talk@lists.to
(looks too problematically when it comes to the
reasons of this censorship, but possible) try another Pluggable Transport.
--
Ivan Markin
signature.asc
Description: OpenPGP digital signature
--
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
ating TLS (meek in this case). And then fire you for using Tor.
--
Ivan Markin
signature.asc
Description: OpenPGP digital signature
--
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
instance, they can sniff SOCKS5 TBB<->tor connection.
In other case just delete malicious CA certs (if you have these
permissions).
--
Ivan Markin
signature.asc
Description: OpenPGP digital signature
--
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change ot
Tor for that if you don't like your ISP's
throttling and other nasty stuff? (you're already at tor-talk! :) )
--
Ivan Markin
--
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Перестали работать карты VISA
Do you have some details? Is it true that most of the traffic is routed
though Russia?
Есть какие-нибудь подробности? Действительно ли большинство трафика идет
через Россию?
--
Ivan Markin
signature.asc
Description: OpenPGP digital signature
--
tor-talk maili
- Enigmail Security Info
... - copy keyid from an alert window -
'$ torsocks gpg --recv-key KEYID'.
Also you can specify keyserver via `--keyserver` option.
--
Ivan Markin
--
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org
34 matches
Mail list logo