On 10/15/12, Maxim Kammerer m...@dee.su wrote:
On Mon, Oct 15, 2012 at 7:58 PM, Robert Ransom rransom.8...@gmail.com
wrote:
https://bugs.torproject.org/2653
Thanks, I must have read this ticket some a year or so ago — explains
the identical sorting approach (forgot about weighting
, this might or might not help.
Please note that (a) this will provide NO ANONYMITY, and (b) any web
browsing that you perform through the same Tor client will also be
deanonymized by these other applications' traffic.
Robert Ransom
___
tor-talk mailing list
competently.
Robert Ransom
___
tor-talk mailing list
tor-talk@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
the first quarter of the base16 encoding of the SHA-1
hash, instead of the first half of the SHA-1 hash itself.
Robert Ransom
___
tor-talk mailing list
tor-talk@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Narrator, and it did
not speak the labels or contents of any 'controls' within Vidalia
either.
Robert Ransom
___
tor-talk mailing list
tor-talk@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
it to remove
its content).
Robert Ransom
___
tor-talk mailing list
tor-talk@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
*will* put excessive load
on the network in several ways, in addition to wasting users' CPU time
and making the Tor instances involved generally flake out.
Robert Ransom
___
tor-talk mailing list
tor-talk@lists.torproject.org
https://lists.torproject.org/cgi-bin
On 9/3/12, adrelanos adrela...@riseup.net wrote:
Nick Mathewson:
Failing that, torsocks is indeed a way pretty good option.
I don't think so. It's only a hack. Doesn't work on Windows.
APT doesn't work on Windows either.
Robert Ransom
___
tor
On 8/31/12, shupert1 shupe...@privatdemail.net wrote:
I found a short info (somewhere on Tor's GitHub account)
What do you mean by “Tor's GitHub account”?
Robert Ransom
___
tor-talk mailing list
tor-talk@lists.torproject.org
https
ports TBB-Tor is listening on, and there is no way
for any such program to determine what control-port password Torbutton
will need in order to send TBB-Tor a ‘SIGNAL NEWNYM’ command (required
for the ‘New Identity’ command to work). (See also
https://bugs.torproject.org/6609 .)
Robert Ransom
expect him/her/it to be able
to learn how to use a library by reading its website or source code?
Robert Ransom
___
tor-talk mailing list
tor-talk@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
On 8/24/12, adrelanos adrela...@riseup.net wrote:
Robert Ransom:
On 8/24/12, Aaron Paden aaronbpa...@gmail.com wrote:
So I'm not an expert in shell or anything. I know there are a lot of
gotchas. It seems like it should be possible, though. Is there something
wrong with using pgrep
node's start time).
This bug was already reported (https://bugs.torproject.org/6601) and a
fix will be in the next release of Vidalia.
Robert Ransom
___
tor-talk mailing list
tor-talk@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman
connections with different server ports in different
ways.
Robert Ransom
___
tor-talk mailing list
tor-talk@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
unspecified (or set to 2).
To fix this, either (a) persuade the dirauth operators to increase
this value or (b) get more IP addresses and run at most two relays on
each of them.
Robert Ransom
___
tor-talk mailing list
tor-talk@lists.torproject.org
https
will you wait for the QA process before making this
security-fix release available to users?
* How long will you wait before removing the current stable release
from the list of ‘recommended versions’ of TBB?
Robert Ransom
___
tor-talk mailing list
tor
support SSL? Does it support SSL on port 6697?
Robert Ransom
___
tor-talk mailing list
tor-talk@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
See
https://blog.torproject.org/blog/firefox-security-bug-proxy-bypass-current-tbbs
for the security advisory.
Robert Ransom
___
tor-talk mailing list
tor-talk@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
for English-speakers to help you if you ran “export LC_ALL=C” in your
terminal before compiling a program, to tell compilers to use the
POSIX standard ‘locale’.)
‘sudo apt-get install build-essential’ might help.
Robert Ransom
___
tor-talk mailing list
distributors might have
messed with it, or failed to update it to the version shipped in
recent wget source distributions.)
And that's not even the potential information leak that folks who are
familiar with ‘anonymous FTP’ would check for first.
Robert Ransom
configuration of wget makes it use Tor ‘100% safe’ly?
Robert Ransom
___
tor-talk mailing list
tor-talk@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Please open a Trac ticket for this.
(Also, this is a problem with the TBB build scripts; TBB doesn't have
an installation script.)
Robert Ransom
On 2012-04-05, James Brown jbrownfi...@gmail.com wrote:
make -f linux.mk build-all-binaries
/scratchbox/tools/bin/wget --no-check-certificate
couldn't figure that out on your
own, you really *really* should be using the FreeBSD port for Tor.
Robert Ransom
___
tor-talk mailing list
tor-talk@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
(the public modulus
in an RSA key, or the group parameters in a DLP-based key). Changing
the timestamp may be useful for DSA or ElGamal keys (I'm not convinced
of that), but it's not helpful in generating an RSA key with chosen
key ID.
Robert Ransom
___
tor
) computers.
Robert Ransom
___
tor-talk mailing list
tor-talk@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
On 2012-03-30, Maxim Kammerer m...@dee.su wrote:
On Fri, Mar 30, 2012 at 06:06, Robert Ransom rransom.8...@gmail.com wrote:
Shallot computes a single public modulus p*q and searches for a public
exponent e which produces a SHA-1 hash with the desired properties.
For some reason I thought
hours.
Robert Ransom
___
tor-talk mailing list
tor-talk@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
/bittorrent-over-tor-isnt-good-idea .
Robert Ransom
___
tor-talk mailing list
tor-talk@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
it from?
On a Unixoid operating system, recompiling Tor with the
--enable-openbsd-malloc configure option would probably help. But
that code isn't currently Windows-compatible.
Robert Ransom
___
tor-talk mailing list
tor-talk@lists.torproject.org
https
a single TLS handshake.)
Robert Ransom
___
tor-talk mailing list
tor-talk@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
of TorBOX. It provides
pseudonymity, not anonymity, but most people will think that it
provides anonymity.
Robert Ransom
___
tor-talk mailing list
tor-talk@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
never got around to
that back when I did think I was capable of it.)
Robert Ransom
___
tor-talk mailing list
tor-talk@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Tor client with microdescriptors disabled, too.
Maybe that will help us find (and fix) #1776, if it's still around in
0.2.3.x.
Robert Ransom
___
tor-talk mailing list
tor-talk@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor
.
Robert Ransom
___
tor-talk mailing list
tor-talk@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
about; we'll
downgrade its severity in future releases of Tor so normal users won't
see it.
Robert Ransom
___
tor-talk mailing list
tor-talk@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
as
efficiently as addresses in the current format? Can a human proofread
addresses in this form for errors as efficiently as addresses in the
current format?
Robert Ransom
___
tor-talk mailing list
tor-talk@lists.torproject.org
https://lists.torproject.org/cgi
clients which
do not have a particular dictionary would be easily distinguishable
from those which do have it.)
Robert Ransom
___
tor-talk mailing list
tor-talk@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
On 2012-02-09, intrigeri intrig...@boum.org wrote:
Robert Ransom wrote (09 Feb 2012 13:14:46 GMT) :
I've heard that a later version of torsocks does work correctly on
programs which use non-blocking sockets.
torsocks 1.2-3 from Debian unstable should be installable as is on
a Squeeze system
gpg: aka Erinn Clark er...@double-helix.org
Is the sign of tor-browser-gnu-linux-x86_64-2.2.35-7.2-dev-en-US.tar.gz
right sing?
See: https://blog.torproject.org/blog/new-tor-browser-bundles-linux
Robert Ransom
___
tor-talk mailing list
tor instance
via netfilter.
Are you using the iptables rules shown on
https://trac.torproject.org/projects/tor/wiki/doc/TransparentProxy ?
Robert Ransom
___
tor-talk mailing list
tor-talk@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman
Inc/OU=www.digicert.com/CN=DigiCert High Assurance EV CA-1':
Unable to locally verify the issuer's authority.
To connect to github.com insecurely, use `--no-check-certificate'.
I'm running OpenBSD 4.9 on this system, sooon to be upgraded to 5.x.
Install a CA certificate bundle.
Robert Ransom
(or a program on your computer)
tried to use that Tor instance as a client to connect to a server
which wasn't running at the time.
Robert Ransom
___
tor-talk mailing list
tor-talk@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman
# applications.
SocksListenAddress 127.0.0.1
what do I to be able to change it to go into hidden service?
See https://www.torproject.org/docs/tor-hidden-service and
https://www.torproject.org/docs/tor-manual .
Robert Ransom
___
tor-talk mailing list
tor
https://bugs.torproject.org/4927 seems to have been effective. We
just need to hunt down and fix some obfsproxy (server-side) crash bugs
and get a good list of very-high-bandwidth obfsproxy bridges before we
tell everyone where to find a Tor+obfsproxy client bundle.
On 2012-02-10, Watson Ladd
has not been updated since it was split out of the README
file in April 2009. That statement is no longer true.
Robert Ransom
___
tor-talk mailing list
tor-talk@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
.
Robert Ransom
___
tor-talk mailing list
tor-talk@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
-scripts/remove-shared-lib-symlinks#l182),
so that if that script ever misbehaves, I (or whoever else has to
debug it) can find out what it did and what it was trying to do
without having to rebuild all of TBB.
Robert Ransom
___
tor-talk mailing list
tor-talk
Add UseMicrodescriptors 0 to your torrc.
___
tor-talk mailing list
tor-talk@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
why I get this error because I am 'root' not
'debian-tor'. Su-ing into root then running tor provides the same error
message:
See /usr/share/doc/tor/README.Debian . /var/run/tor needs to be owned
by the debian-tor user and group.
Robert Ransom
.
Robert Ransom
___
tor-talk mailing list
tor-talk@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
On 2011-12-27, andr...@fastmail.fm andr...@fastmail.fm wrote:
Can't get Tor bridges anymore through the Vidalia Network setting or the
bridges.torproject web page.
Any chance that'll be fixed?
Yes, it's fixed now. Thanks for the report!
Robert Ransom
idea is not one of them.
Robert Ransom
___
tor-talk mailing list
tor-talk@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
to be in a position to run arbitrary code already; and
Tails does not configure Tor to use another SOCKS proxy.
Please correct me if needed.
Your understanding is correct.
Robert Ransom
___
tor-talk mailing list
tor-talk@lists.torproject.org
https
at 10, I get labeled as 10. Correct ?
The ‘bandwidth authority’ currently measures exits' available
bandwidth by exiting to a test HTTPS server on port 443. See
https://gitweb.torproject.org/torflow.git/blob/HEAD:/NetworkScanners/BwAuthority/README.spec.txt
for more information.
Robert Ransom
and
such in aurora and send new identity command to tor.
No. The ‘New Identity’ command in Torbutton's popup menu clears state
in the browser; Vidalia's ‘New Identity’ command does not.
Robert Ransom
___
tor-talk mailing list
tor-talk@lists.torproject.org
https
and TOR.
Or use it on a live disc, would be most secure.
Malicious bullshit like this is not helpful.
Robert Ransom
___
tor-talk mailing list
tor-talk@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
for the few notes we have online from when we discussed bridge
concealment at the Tor developer meeting this summer.
Robert Ransom
___
tor-talk mailing list
tor-talk@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
that circuit to fail
completely (with high probability); if the exit node on a circuit *is*
compromised, the entry node doesn't need to muck with the circuit data
-- logging circuit-extension times is sufficient to trace the circuit.
Robert Ransom
___
tor-talk
. (I don't think we realized that
was a problem before we deployed this update notifier and shouted
‘Wolf! Wolf!’ at our users.))
Robert Ransom
___
tor-talk mailing list
tor-talk@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo
On 2011-10-10, Arturo Filastò a...@globaleaks.org wrote:
On 10/10/11 9:44 AM, Robert Ransom wrote:
On 2011-10-10, Fabio Pietrosanti (naif) li...@infosecurity.ch wrote:
is anyone evaluating whenever to include PGP encryption support into the
default Tor Browser Bundle as a Firefox extension
in trying to build
https://gitweb.torproject.org/torbrowser.git + GPG +
https://github.com/kylehuff/webpg-npapi .
Ugh.
Robert Ransom
___
tor-talk mailing list
tor-talk@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
consider Firefox the 'best of Web Browsing' or GPG the 'best
of encryption'. They are only the crap tools we're stuck with for
now.
Robert Ransom
___
tor-talk mailing list
tor-talk@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo
is impossible, because it
is infeasible on most filesystems and operating systems and many
storage devices.
Robert Ransom
___
tor-talk mailing list
tor-talk@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
running a web server and sending e-mail messages. The less obvious
ways include opening an outbound TLS connection and running a cron job
with externally observable effects (e.g. an automatic update
downloader).
Robert Ransom
___
tor-talk mailing list
/projects/tor/ticket/2874 ). There were
plenty of other changes to audit as well; look through Tor's bug
tracker if you're interested.
Robert Ransom
___
tor-talk mailing list
tor-talk@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman
until client-versions
forces said clients (and testers) and their v0 queries out.
tor26 is configured as a v0 hidden-service authority.
=== item 4 ===
Remove blank line at 252 and rewrap :)
No. That blank line was intentional.
Robert Ransom
signature.asc
Description: PGP signature
.
If it blocks Tor, use Tor bridges.
If it blocks Tor bridges, we would like to probe that filter.
Robert Ransom
signature.asc
Description: PGP signature
___
tor-talk mailing list
tor-talk@lists.torproject.org
https://lists.torproject.org/cgi-bin
state of the Tor DNS resolver, we're forced to use
ttdnsd by default, and only use the Tor resolver for .onion/.exit...
unless I missed something.
So I'm curious what the rationale for the empty reply behavior is.
Any ideas?
This looks like a bug. Please open a Trac ticket for it.
Robert
to), or when Tor connects to an ‘exit enclave’ (a Tor relay
running on a server you are trying to connect to). Tor also often
builds four-hop circuits while connecting to hidden services.
Robert Ransom
signature.asc
Description: PGP signature
___
tor-talk
On Sun, 5 Jun 2011 13:13:29 +0200
Jerzy Łogiewa jerz...@interia.eu wrote:
so how many users is estimated tor has around the world?
https://metrics.torproject.org/users.html
is a stats site made?
https://metrics.torproject.org/
Robert Ransom
signature.asc
Description: PGP signature
On Sat, 4 Jun 2011 12:56:15 -0700
Mike Perry mikepe...@fscked.org wrote:
Thus spake Robert Ransom (rransom.8...@gmail.com):
On Sat, 4 Jun 2011 12:09:52 -0700
Mike Perry mikepe...@fscked.org wrote:
Thus spake Robert Ransom (rransom.8...@gmail.com):
My understanding was that EFF
on
https://trac.torproject.org/ in the ‘Tor bundles/installation’
component, but we plan to remove Polipo from as many of our bundles as
possible as soon as possible, so we might just ignore a Trac ticket for
this issue.
Robert Ransom
signature.asc
Description: PGP signature
at the
exit node, to forger a malicious webpage to client. Notice that this is not
modifying webpage response from the server, but forger attacker's webpage to
the client. Could some one please give a hint about where I need to modify.
No.
Robert Ransom
signature.asc
Description: PGP signature
-alpha will remove items from its extra-info descriptor or drop
its e-i descriptor entirely (and still publish a relay descriptor) if
the e-i descriptor would otherwise exceed the 50-kiB limit. That's not
the problem this time. (But we don't know what the problem is yet.)
Robert Ransom
74 matches
Mail list logo