Re: [tor-talk] UseEntryGuards: 0?

On Sun, Aug 15, 2021 at 04:22:53PM +0200, Fran wrote: > I run some onion v3 services, some are also available in the "clear net", some > only as onion services. I monitor[1] reachability of the onion services which > results > in quite some false positives, although I configured alertmanager to

Re: [tor-talk] Tor browser 10.5 lost all saved passwords

On Tue, Jul 06, 2021 at 10:18:54PM +0200, Jerome Lille wrote: > I just updated to version 10.5 and all the saved logins are gone!! > > Can they be recovered? Check out https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/40506 Apparently they're not gone, they're just...

Re: [tor-talk] Bad signature of tor expert bundle

On Sat, May 08, 2021 at 12:44:37PM +0800, Lu Wei wrote: > I need a most recent version of the Windows Expert Bundle that could > run on Windows XP. Version 0.4.5.7 do not work for me. Firefox doesn't work on Win XP anymore, and so Tor Browser doesn't work either. In theory the Tor program itself

Re: [tor-talk] tor as Onion Service (only) Wrote about "Requested exit point" in .log

On Fri, Apr 30, 2021 at 07:16:08PM -0400, d...@foundingdocuments.org wrote: > Why would tor running as an onion service write this to its log? > > Apr 29 02:06:22.000 [warn] {APP} Requested exit point > ???$1FINGER-PRINT-XYZ*??? is not known. Closing. It's just a terminology confusion. What

[tor-talk] Help test the v3 onion service patch if you like

Hi people-who-enjoy-building-their-Tor-from-source, We have an experimental fix for making v3 onion services work, both client-side and service-side, even while the network is in a degraded state. (More background: https://gitlab.torproject.org/tpo/core/tor/-/issues/40237

Re: [tor-talk] I don't understand two things about the node 'freja'.

On Thu, Jul 02, 2020 at 10:12:19AM -, sean_sulli...@danwin1210.me wrote: > The only reason I'm interested in "freja" is because I saw it's IP was the > last login to one of my accounts. I checked the IP with WHOIS and got > concerned. Then I checked "torstatus" and was relived that it was a

Re: [tor-talk] I don't understand two things about the node "freja".

On Tue, Jun 30, 2020 at 10:13:37PM -, sean_sulli...@danwin1210.me wrote: > I have questions about the Tor node “freja”. > > First, according to https://torstatus.rueckgr.at/, the node is at > 194.88.143.66 which is in Italy. Yet WHOIS says the addresses > 194.88.142.0-194.88.143.255 are in

Re: [tor-talk] Full storage OS doesnt give warning signal to Tor Browser thus not upgrading

On Fri, Mar 27, 2020 at 10:15:54AM +, bo0od wrote: > no matter how many time you upgrade TB it wont upgrade (which is rational > because there is no space). But a notification telling the user that would > be better. > > (same goes for plugins upgrade, tested on FF-esr manual download and

Re: [tor-talk] How secure is a hidden service?

On Thu, Feb 20, 2020 at 07:25:32AM +0100, Robin Lee wrote: > I'm wondering how hidden a hidden service actually is? Because last > week charges were brought against Flugsvamp, a Swedish darknet drug > shop. In the documents made public for the court case the police states > that is was able to

Re: [tor-talk] Tor and sources.list

On Tue, Feb 04, 2020 at 11:14:14PM -, mimb...@danwin1210.me wrote: > I ran the commands from the Ubuntu section of > https://2019.www.torproject.org/docs/debian.html.en and it updated to > 0.4.2.6. Yep. The Tor 0.4.2.6 debs have now arrived in Debian as well as deb.torproject.org. I talked

Re: [tor-talk] Tor Browser without Tor

On Sun, Feb 02, 2020 at 01:16:24PM +0100, Jason Evans wrote: > A similar question that was asked recently is, "how can I connect to local > IPs with the Tor Browser?". For example, my home SAN is on 192.168.1.X and > it's not reachable with the Tor Browser. >[...] > Firefox still has an "No proxy

Re: [tor-talk] Tor and sources.list

On Mon, Feb 03, 2020 at 02:02:54AM -, mimb...@danwin1210.me wrote: > In my /etc/apt/sources.list I have: > > deb https://deb.torproject.org/torproject.org bionic main > deb-src https://deb.torproject.org/torproject.org bionic main > > My version of tor is 0.4.2.5. Am I correct that, at some

Re: [tor-talk] Are 'StrictNodes 1' actually strict?

On Mon, Feb 03, 2020 at 01:14:39AM -, mimb...@danwin1210.me wrote: > I don't want to come across as critical but ExitNodes with one node just > doesn't work. > > Looking at the Tor Circuits, it starts with 'hands' but then moves on to > other exit nodes. > > My torrc is simply: > >

Re: [tor-talk] Are 'StrictNodes 1' actually strict?

On Fri, Jan 31, 2020 at 11:54:40PM -, mimb...@danwin1210.me wrote: > That said, I have used the StrictNodes / ExitNodes combination many times > recently and it has worked. > > For example: > > StrictNodes 1 > ExitNodes {ro} > > or: > > StrictNodes 1 > ExitNodes example_one > ExitNodes

Re: [tor-talk] Are "StrictNodes 1" actually strict?

On Wed, Jan 29, 2020 at 02:45:01PM -, mimb...@danwin1210.me wrote: > I have StrictNodes 1 and ExitNodes hands in my torrc. > > However, when using TBB, I discovered that I was often using other exit > nodes. Clicking "New Circuit for this site" then placed hands back as the > exit node. > >

Re: [tor-talk] Ports required for Tor and hidden services

On Sat, Jan 25, 2020 at 01:30:34PM +, Forst wrote: > In that case, what would be best approach to achieve that all traffic is > forced though Tor and direct internet connection blocked, preferably even > if/when the system is breached? Here are two approaches that are worth exploring: (A)

Re: [tor-talk] Tor vs Tor Browser

On Sat, Jan 18, 2020 at 07:01:07AM +, Jason Long wrote: > Hello,In the Tor Browser, we have some options like "Security Level". How > about Tor in CLI? How can I define it? The "security slider" in Tor Browser is about disabling pieces of browser functionality, to reduce surface area.

Re: [tor-talk] TBird & torbirdy

On Sat, Nov 16, 2019 at 04:59:50PM -0500, eliaz wrote: > I just installed Thunderbird 68.22 on a new machine and find out that the > torbirdy extension cannot be installed in versions above 60. I've been > running Thunderbird with the -p flag so that when I run over the Tor Browser > Bundle 9.01 I

Re: [tor-talk] Brave Review Mentions Tor

On Sat, Nov 16, 2019 at 01:50:18PM -0700, Mirimir wrote: > On 11/15/2019 11:57 AM, d...@foundingdocuments.org wrote: > > A few-days-old review. > > > > Since Brave is the browser for OnionBrowser on iOS, I figured I???d read > > the article. I'm going to flag that one as "citation needed".

Re: [tor-talk] TorBrowser is only showing a black windows after today's update

On Wed, Oct 23, 2019 at 11:49:22AM +0200, Nirgal wrote: > I'm using Tor Browser Bundle on Debian stable, with xfce. > > After last update, tor is only showing a black windows. My guess is that you are using torbrowser-launcher, not actual tor browser (as obtained from torproject.org). There

Re: [tor-talk] How to hide using Tor browser?

On Sat, Jun 29, 2019 at 09:21:32AM +, Jason Long wrote: > HelloSome website blocked Tor browser and you can't open them by Tor browser. > Any method to hide using Tor browser? Alas, there are no great answers here. Here's a related FAQ answer:

Re: [tor-talk] Surge in Users

On Fri, Jun 07, 2019 at 01:01:38PM +, iwanle...@cock.li wrote: > Can Directory Authorities analyze hostnames of relay users and publish them? They could, but I don't think that would be a good idea, at least until somebody has thought through how to do it in a safe way. As a start for that

Re: [tor-talk] Surge in Users

On Thu, Jun 06, 2019 at 01:21:09PM +0300, Van Gegel wrote: > Take into account that statistics are number of unique user's IPs >connected to bridges per day. My cellular provider change my local GPRS >IP exactly every hour and my external IP also changed to random value of >provider's pool. Each

Re: [tor-talk] Tor Glitch?

On Mon, May 06, 2019 at 07:43:21PM -0400, Barely Passable Name wrote: > So Tor Browser says NoScript is not compatible I couldn't get a screenshot. > Any Help? You want to upgrade your Tor Browser to the new version which fixes this Firefox bug:

Re: [tor-talk] What is the weirdest/creepiest thing you have found on the dark web?

On Sun, Apr 07, 2019 at 09:19:11PM -0400, Seth Caldwell wrote: > I know the dark web can be a terrible place, with content not suitable for > anyone, basically. Like illegal drug cartel, fake passports/IDs,creepy > websites, and generally all around messed up stuff. If you feel comfortable >

Re: [tor-talk] How dangerous are malicious entry guards?

On Sat, Mar 30, 2019 at 08:20:18PM -0400, hi...@safe-mail.net wrote: > I???ve got a technical question: How dangerous are malicious entry guards? It depends what you're worried about, and what you're trying to protect. > I???ve read undocumented claims about information/security agencies now

Re: [tor-talk] Data collection by Tor Browser

On Fri, Mar 01, 2019 at 08:00:17PM -0800, npdflr wrote: > Does Tor browser itself collect any data (Technical data, Web activity data, > Personal data etc)? > > As Tor is a modified Firefox ESR, does Tor browser follow the Firefox Data > Collection Practice?

Re: [tor-talk] Getting Involved in the Tor Project

On Sun, Feb 17, 2019 at 07:49:21AM +, J.S. Evans wrote: > how do I join the Tor Project organization as a official > contributor/volunteer? For example, last year I did a presentation at the > OpenSUSE Conference on using containers to build .onion services. This year I > would like to do

Re: [tor-talk] Why some optional weights of router bandwidths are set to 10000?

For those of you wondering what the heck we're talking about: these are parameters that clients read from the consensus that help clients choose paths in a way that is globally optimal for load balancing. The idea stems from the realization that relays that can handle exiting are going to get a

Re: [tor-talk] Onion v3 Services in 2019

On Tue, Jan 01, 2019 at 09:15:15PM +0100, Nathaniel Suchy wrote: > At some point in 2019 will TorProject.org get an Onion v3 Address. I believe we, like debian and others, are waiting for onionbalance support in the v3 design. It turns out to be quite hard to change the v3 design to support the

Re: [tor-talk] Abuse complaint 418289

On Wed, Dec 26, 2018 at 06:36:52PM +, potlatch wrote: > One of my VPS providers has requested that I block exit output to ports 22, > 465 and 576. I have never received a request like this before even though I > have (now or in the past) operated almost 40 Tor exit relays in diverse >

Re: [tor-talk] "Tor Circuit" list in TBB displaying incorrect exit node and IP address

On Sun, Dec 23, 2018 at 03:10:00PM -, jiggytwi...@danwin1210.me wrote: > The odd behavior only happens with certain sites: > https://bitcointalk.org/, https://www.cato.org/, > https://www.whatismyip.com/ (for example - there must be many more) > > It does not happen with Google, Gmail,

Re: [tor-talk] Tor official list of new .onion addresses?

On Tue, Dec 04, 2018 at 04:14:46PM +, iwanle...@cock.li wrote: > The descriptors seem to indicate onion addresses. So if I act a relay, I > seem to be able to get the addresses. Then how? ... Could someone skilled > try to get the lists? :D Please don't. In particular, if we notice that your

Re: [tor-talk] Tor VoIP PBX Architecture Discussion

On Mon, Oct 22, 2018 at 05:13:39PM +0100, Iain Learmonth wrote: > It might also be that half-duplex communication (even if implemented > with humans saying "over") could bring benefits as this would allow you > to increase the buffer sizes without having people talking over each other. Reminds me

Re: [tor-talk] Questions about Directory Authority Servers

On Mon, Oct 15, 2018 at 08:08:03PM +, panoramix.druida wrote: > From my understanding when a Tor proxy is started it downloads a list of > relays from one of the ten Directory Authority Servers listed here: > https://metrics.torproject.org/rs.html#search/flag:authority > > Am I right?

Re: [tor-talk] website typos (was re: Tor 0.3.4.6-rc is released)

On Sat, Sep 08, 2018 at 09:07:17AM +0100, Colin Baxter wrote: > There's a typo in https://www.torproject.org/docs/tor-doc-unix. That > page says "src/or/tor" runs tor directly from the git directory. The > path should be "src/app/tor" Thanks -- I've fixed it. (Actually, it wasn't wrong yet: that

Re: [tor-talk] Tor 0.3.4.6-rc is released

On Tue, Aug 07, 2018 at 08:09:10PM -0400, Nick Mathewson wrote: > Changes in version 0.3.4.6-rc - 2018-08-06 > Tor 0.3.4.6-rc fixes several small compilation, portability, and > correctness issues in previous versions of Tor. This version is a > release candidate: if no serious bugs are

Re: [tor-talk] Firewall setting in Tor Browser not working?

On Wed, Aug 01, 2018 at 04:06:27PM +0200, Cristian Consonni wrote: > I have a couple of questions about the "Tor Network settings" in Tor > browser. > > Tor browser can be configure to use bridges and/or pluggable transport > if needed. However it may happen that these PT are exposed on port that

Re: [tor-talk] How do tor users get past the recapacha and it's super short 2min exemption

On Tue, Jul 10, 2018 at 06:44:26PM -0700, Mirimir wrote: > For example, how did Facebook come around to have an > onion? Was it just that Alec Muffett championed it? Did complaints from > excluded users play a role? Positive or negative? They did some internal measurements and realized that the

Re: [tor-talk] Cannot access tor onion sites via FF

On Sun, Jul 08, 2018 at 06:35:40PM -0400, David Niklas wrote: > 2. Where is the source code? Building Tor Browser is ugly because of another critical feature that it provides: reproducible, aka deterministic, builds. You can read more about that feature here: https://reproducible-builds.org/ and

Re: [tor-talk] Cannot access tor onion sites via FF

On Sat, Jul 07, 2018 at 11:19:49PM -0400, David Niklas wrote: > Hello, > I'm running firefox 61.0.1. I am trying to access the media outlet > defcon's onion site. https://media.defcon.org/ points me to: > http://m6rqq6kocsyugo2laitup5nn32bwm3lh677chuodjfmggczoafzwfcad.onion/ > > I have

Re: [tor-talk] Who controls Tor's DNS Traffic?

On Fri, May 11, 2018 at 03:08:54AM +0500, Roman Mamedov wrote: > "Level 3" on the charts is most likely the notorious 4.2.2.2...4.2.2.6. > Those absolutely should not be used, aside from all the other reasons outlined > in the article, they also hijack NXDOMAIN results for monetization of the >

Re: [tor-talk] Tor 4

On Sun, Mar 18, 2018 at 07:40:01AM -0400, Wanderingnet wrote: > 'Do it yourself' is in my view one of the astounding problems with Linux and > the anon-sec issue. Dear Wanderingnet, Please consider that there are many thousands of people on this list, and while a variety of discussion topics

Re: [tor-talk] catastrophe: ip-api.com sees me

On Mon, Jan 29, 2018 at 12:38:32PM +0200, Anon Hyde wrote: > ip-api.com sees me, it means not only one > Why he sees my ip in the Chrome and Opera, but under TBB does not > What is the matter?!! Nothing is the matter, and everything sounds like it's working as intended? Using any browser with

Re: [tor-talk] Using a public relay as a bridge?

On Fri, Jan 12, 2018 at 04:25:58PM +0100, Marco Gruß wrote: > the other day I just for the fun of it tried using a public > relay as a non-obfuscated bridge - it actually works. There are actually still some subtle bugs, e.g. https://trac.torproject.org/1776 (I know it's closed, but I think

Re: [tor-talk] some websites are blocking me now

On Mon, Jan 08, 2018 at 03:25:09PM -0800, jbclem wrote: > Since I started using Tor browser I can't reach certain websites. > www.craigslist.org is a good example. I get an error message that "this ip > has been automatically blocked". > > I wonder if using Tor is causing this, or if I've

Re: [tor-talk] CCC self-organised session - Tor research presentation

On Thu, Dec 28, 2017 at 07:39:42PM +0200, Andre Wingor wrote: > On 12/28/17, COLLIER Ben wrote: > > initial findings from my sociological research on Tor at a self-organised > > so it is easy to recover all secret users of ! > good try, officer Ben Hello angry person who

Re: [tor-talk] What is mean "Guard context default"

On Sat, Nov 04, 2017 at 04:32:48PM +0200, Andre Wingor wrote: > I'm under harassment, always under watching. At several year I have > accumulated a collection of bad (aggressive) tor hosts and networks.I > append those to torrc > https://goo.gl/XKdEoT (google docs) You're probably not doing

Re: [tor-talk] [tor-announce] Tor Browser 7.0.9 is released

On Fri, Nov 03, 2017 at 08:47:51PM +0100, Nicolas Vigier wrote: > Note: Tor Browser 7.0.9 is a security bugfix release for macOS and > Linux users only. Users on Windows are not affected and stay on Tor > Browser 7.0.8. >[...] > The bug got reported to us on Thursday, October 26, by Filippo

Re: [tor-talk] Ongoing client problem

On Sun, Oct 29, 2017 at 06:48:00PM +, George wrote: > The route to determining the issue probably comes down to this error: > > Oct 29 12:50:06.000 [info] onion_skin_ntor_client_handshake(): Invalid > result from curve25519 handshake: 4 Right. That message comes when you tried to do a

Re: [tor-talk] Need a stable .onion address hosted by the Tor project.

On Wed, Oct 25, 2017 at 07:22:18PM +0200, Rob van der Hoeven wrote: > > Keep in mind the false positives caused by crappy networks that just > > resolve _all_ domains and then serve ads, a captive portal, etc. on > > whatever IP address. Checking the https://check.torproject.org/api/ip > >

Re: [tor-talk] Why Tor can't load on my Linux?

On Tue, Oct 10, 2017 at 01:38:23PM -0400, grarpamp wrote: > Seems like either unset/remove "DisableNetwork" in your torrc, It is definitely not this. Tor Browser uses DisableNetwork when it first starts to make sure that your Tor doesn't try to interact with the network before you've selected

Re: [tor-talk] Multiplexing TCP streams within a circuit similar to EWMA

On Thu, Oct 05, 2017 at 03:18:07PM +0300, Yasir Al-Agl wrote: > I've been working for some time on Tor multiplexing and circuit scheduling > from a security perspective. I stumbled across the great work of Tang and > Goldberg and their implementation of EWMA (2010), and while their main > purpose

Re: [tor-talk] "the bad Tor like CP or drugs"

On Sun, Sep 17, 2017 at 10:08:54PM -0400, Random User wrote: > Take the example of a photo of a child I also set the "moderated" bit on this person. Please take your dog whistles elsewhere. This is not what Tor is for or about. Sorry for the distraction everyone. --Roger -- tor-talk mailing

Re: [tor-talk] can't connect data bases and scientific journals

On Fri, Sep 15, 2017 at 04:24:45PM -0400, Benjamin Sullivan wrote: > I have breaking news Sorry for the disturbance everybody. This person is off-topic for tor-talk, and I have set the person's "moderated" bit. (A good thing too, since it caught a half dozen further emails before they made it out

Re: [tor-talk] "recently-used.xbel" file in TBB directory, stores data on accessed, downloaded files

On Mon, Sep 18, 2017 at 01:34:49PM -0500, Joe Btfsplk wrote: > Why is there a *"recently-used.xbel"*, file in my Tor Browser installation > directory - in path shown and  labeled as file TYPE: "XBEL bookmarks" > recording ACTUAL local file names, dates, times - they were accessed AND > some

Re: [tor-talk] Advertised Bandwidth in tor atlas

On Sun, Sep 17, 2017 at 06:36:12PM +0200, tor-l...@jluehr.de wrote: > I'm running > https://atlas.torproject.org/#details/D91F0F2683A264D8A6FDA7736D75FBC327F3F4F5 > > Atlas shows, that the advertised bandwidth is around 54 KiB/s. > > The machine is running in a data center (hetzner) having: > >

Re: [tor-talk] Tor users in US up by nearly 100,000 this month

On Fri, Sep 01, 2017 at 08:08:30PM -0700, Seth David Schoen wrote: > I'd be happy to ask CloudFlare if they'd be willing to share this data > (maybe in relative rather than absolute numeric terms, like "the number > of people successfully completing a CAPTCHA per day from a Tor exit > node on

Re: [tor-talk] Neal Krawetz's abcission proposal, and Tor's reputation

On Wed, Aug 30, 2017 at 03:07:37PM +0100, Ben Tasker wrote: > So his suggestion is portrayed as not sacrificing much, but actually > sacrifices quite a lot. This is a really important point. Thinking of onion space right now as the sum total of all that it can be is cutting off all of the future

Re: [tor-talk] TBB User Agent - how decided?

On Sat, Aug 26, 2017 at 04:57:45PM -, blo...@openmailbox.org wrote: > How did TBB project people decide on the user agent which is: > > Mozilla/5.0 (Windows NT 6.1; rv:52.0) Gecko/20100101 Firefox/52.0 > > Panopticlick shows 1 in 30 browsers use it. I assume it's the most generic at > this

Re: [tor-talk] MTor (multicast tor), is it going to be released?

On Mon, Aug 21, 2017 at 11:49:22PM -0700, Yuri wrote: > Here is the white paper with MTor design: > https://www.degruyter.com/downloadpdf/j/popets.2015.2016.issue-2/popets-2016-0003/popets-2016-0003.pdf > > And here is an implementation based on tor-0.2.3.25: >

Re: [tor-talk] Is DNS required to connect to an entry node?

On Thu, Aug 17, 2017 at 11:02:54PM +0200, Aeris wrote: > > Every time you enter a URL in the browser address line, your browser > > requests the IP address of that URL from the DNS server. You can > > instead enter the IP address yourself along with the webpage requested. > > You could also just

Re: [tor-talk] Motivations for certificate issues for onion services

On Wed, Aug 09, 2017 at 03:53:59PM -0700, Seth David Schoen wrote: > There was also > a long-standard concern about cryptographic strength mismatch in the > sense that the cryptography used by onion services was weaker than the > cryptography that's now used in TLS. (I think this concern was

Re: [tor-talk] tor 0.3.0.9 release notes

On Sat, Jul 22, 2017 at 05:34:49PM +0200, Udo van den Heuvel wrote: > On 22-07-17 17:25, krishna e bera wrote: > > On 22/07/17 08:14 AM, Udo van den Heuvel wrote: > >> Where can I find the tor ReleaseNotes for 0.3.0.9 that actually mention > >> details about changes in 0.3.0.9? > > > > These? > >

Re: [tor-talk] My ISP, university, etc. just sent me a DMCA notice. What should I do?

On Thu, Jul 20, 2017 at 11:19:06PM +, Paul Templeton wrote: > I got a cold caller email for the TOR mirror I have... > > >> Hi Paul, > > >>I appreciate you're busy but I just wanted to follow up on the email I sent > >>you the other day. I've included a copy below for reference. It's a

Re: [tor-talk] Beware of insecure mobile Tor apps such as Orion/Torion

On Tue, Jul 18, 2017 at 11:30:44AM -0400, InterN0T wrote: > The developer basically took Mike Tigas' iOS app and introduced several > vulnerabilities to it that could be used to track users To be clear, right now there are no ios apps that are on par with the protections that Tor Browser

[tor-talk] Is the recent growth in Ukrainian users confusing google's geoip?

Motivated by a blog post comment: https://blog.torproject.org/comment/269237#comment-269237 It looks like a growing number of connections from Tor exits are being treated by Google as being Ukrainian. Anecdotally, I've experienced it too -- Google news keeps wanting to give me Ukrainian news.

Re: [tor-talk] Use of TBB behind a physically isolated Tor router?

On Sun, May 21, 2017 at 09:50:14PM +, CANNON wrote: > Tor browser bundle is generally recommended for privacy due to > its ability to blend in more with other people by having a > commonly shared browser fingerprint. Right. For more on what Tor Browser does (and doesn't do) at the

[tor-talk] Stipends available for the Privacy Enhancing Technologies Symposium

Hi tor-talk! The PETS conference is where all of the academic privacy / anonymity experts gather each year: https://petsymposium.org/ This year it's in Minneapolis, July 18-21. Please consider joining us -- and if you do, be sure to stay for the hike on July 22, which is where many interactions

Re: [tor-talk] A Pluggable Transport based on i2p?

On Thu, Mar 16, 2017 at 01:44:06AM +0100, m.aj...@tuta.io wrote: > I was playing with the SAM protocol of I2Pd. When I typed some control > characters by pressing some Ctrl+Alphabet keys in telnet window, the I2Pd on > the other side crashed with a seg fault. It really freaked me out. This

Re: [tor-talk] A Pluggable Transport based on i2p?

On Wed, Mar 15, 2017 at 06:20:53AM -0400, Lolint wrote: > Hi, > > Could it be possible to implement a pluggable transport using i2p? The way > this could work > is that a server would function as a bridge node, and will also have the i2p > router installed, > and the client will connect to this

Re: [tor-talk] What is preventing Bridge Enumeration?

On Wed, Feb 15, 2017 at 12:10:05PM -0500, Philipp Winter wrote: > On Wed, Feb 15, 2017 at 02:32:32PM +0100, BVpTuvb AVMV wrote: > > What is preventing an attacker to start up a few mid-nodes and > > enumerating all IPs and substracting those from the list of publicly > > known entry-nodes to get a

Re: [tor-talk] Published bridge?

On Sun, Feb 05, 2017 at 08:15:07PM +0100, Maxxer wrote: > A couple of days ago I've set up a new bridge. I've tested it in my config > and works fine Great! Thanks for setting up a bridge. :) >, but I've doubts it's getting published on the bridge > database. > > I've configured it on both IPv4

Re: [tor-talk] TAILS people

On Tue, Jan 24, 2017 at 03:44:15PM -0800, I wrote: > The requested URL /torrents/files/tails-i386-2.10~rc1.torrent was not found > on this server. Probably because you don't want the release candidate. https://blog.torproject.org/blog/tails-210-out https://tails.boum.org/install/download/

[tor-talk] Tor 0.3.0.2-alpha is out!

(Also, Tor 0.2.9.9 is out. If you didn't know, you should subscribe to the tor-announce list and/or read the Tor blog!) Tor 0.3.0.2-alpha fixes a denial-of-service bug where an attacker could cause relays and clients to crash, even if they were not built with the --enable-expensive-hardening

Re: [tor-talk] [GetTor] Simple way of getting Tor countering TorProject.org and its mirrors censorship using the Internet Archive's Wayback Machine

On Fri, Jan 06, 2017 at 03:58:53PM -0300, ilv wrote: > We also trust other providers like > Google and Dropbox, so I don't see why we couldn't trust archive.org. Sounds like a great addition! I wouldn't want to use that logic to add *any* website, but I think we like archive.org at least as

Re: [tor-talk] List of ways to attack Tor

On Thu, Jan 05, 2017 at 12:25:20PM +1030, windows95@national.shitposting.agency wrote: > I'm tasked with doing a short report on the ways in which Tor can be > attacked. > I've brainstormed and done research for few hours and this is the > list I've come up with. > Is there anything big that I've

Re: [tor-talk] 33c3 and tor?

On Tue, Dec 20, 2016 at 02:37:19PM +0100, fatal wrote: > And will there be a tor relay operators meetup? Julius reserved a workshop room for us on day 2, from 21:30 to 23:00, in Hall B: https://events.ccc.de/congress/2016/wiki/Session:Tor So you should feel free to come by and we'll talk about

Re: [tor-talk] Mirai Botnet Relocates To Onions

On Sat, Dec 17, 2016 at 10:59:37PM -0700, Mirimir wrote: > > "Try to shut down .onion 'domains' over Tor," he boasted, knowing that > > nobody can. > > OK. However, it's not hard to scan for connections to Tor servers. And > you don't expect them for random devices. But maybe Mirai is setup to >

[tor-talk] How to unsubscribe (was Re: confusion over verification instructions for build verification on Mac OS X)

On Tue, Dec 13, 2016 at 04:33:16AM +, Jedd Casella wrote: > unsubscribe >[...] > tor-talk mailing list - tor-talk@lists.torproject.org > To unsubscribe or change other settings go to > https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk These instructions are at the bottom of every

Re: [tor-talk] Ahmia search engine works normally again

On Thu, Dec 08, 2016 at 02:06:30PM -0500, scfith riseup wrote: > First, not sure why you want to list .onion domains. The key here is that > they are HIDDEN services. But I am sure you have reasons. Actually, that's part of the reason for the shift into calling them "onion services" -- many

Re: [tor-talk] Javascript exploit

On Wed, Nov 30, 2016 at 02:28:52PM -0500, Roger Dingledine wrote: > * The blog post about the 6.0.7 Tor Browser update will go up any > moment. I see that the Tor Browser team has already put the packages in > https://dist.torproject.org/torbrowser/6.0.7/ And there it

Re: [tor-talk] Javascript exploit

On Wed, Nov 30, 2016 at 12:08:00PM +, Georg Koppen wrote: > FWIW: We plan to release 6.0.7 with the patch Mozilla developed in a > couple of hours. Updates to the alpha and hardened series will we > provided as well thereafter. Update: * The blog post about the 6.0.7 Tor Browser update will

Re: [tor-talk] Javascript exploit

On Tue, Nov 29, 2016 at 09:55:23PM -, firstwa...@sigaint.org wrote: > This is an Javascript exploit Thanks. I pointed some folks on irc to this mail, and Daniel Veditz (Mozilla Security Team) said "the Firefox team was sent a copy of that this morning. We've found the bug being used and are

Re: [tor-talk] Will Quantum computing be the end of Tor and all Privacy?

On Mon, Nov 28, 2016 at 05:44:15PM +0100, Flipchan wrote: > I dont think so, quantum 4times at fast so we just need to generate 4times as > strong keys the entropy will just be bigger, But as Long as we are not useing > like 56 bit des keys its okey No, it's way more complicated than this. The

Re: [tor-talk] Orbot control port

On Sun, Nov 13, 2016 at 08:05:06PM +0100, arrase wrote: > Orbot control port is randomized every run, is there a way to know the port > by other app? I would like to write an app who manages his own hidden > service. Check out the ControlPortWriteToFile torrc option. You can instruct Tor to write

Re: [tor-talk] TorChat for Android

On Sun, Nov 13, 2016 at 02:57:15AM +0100, arrase wrote: > Is there an app like TorChat for Android? The idea of ??TorChat is > interesting but the current implementation is very basic for normal use Careful! You should be aware that "TorChat" is not made or endorsed or anything by the Tor

Re: [tor-talk] ShellCode-Exploit deleivery over TOR

On Sat, Nov 12, 2016 at 11:54:35PM +0100, John Doe wrote: > Maybe it is also a false positive. Have to check this. Right -- my assumption whenever I hear of strange antivirus behavior is that the antivirus program is mis-tuned. After all, one of their main techniques is to look in every file and

Re: [tor-talk] Tor and macOS Sierra

On Fri, Oct 28, 2016 at 06:39:03PM +0200, tort...@nym.hush.com wrote: > Thanks, Flipchan! Nope, as far as I can see, I am not running > anything else on that port... > > http://tinypic.com/r/212d2xc/9 > > Still "could not connect to Tor control port"... > > Any idea? It is possible you are

Re: [tor-talk] Authority Search and 4th Amendment

On Sun, Oct 09, 2016 at 03:10:06PM +0200, tort...@arcor.de wrote: > Second, some readers argued that a Tor user loses a reasonable expectation of > privacy in IP addresses because the user must disclose his true IP address to > Tor. I think this reasoning represents a deep misunderstanding of

Re: [tor-talk] Wily repository

On Wed, Sep 21, 2016 at 05:21:10AM -0400, 128Ko wrote: > Some month ago, i have installed tor on Ubuntu Wily with the methode > described here : > https://www.torproject.org/docs/debian.html.en It looks like your Ubuntu version is end-of-life:

Re: [tor-talk] How do i check the archives?

On Tue, Sep 20, 2016 at 05:51:50PM -0400, grarpamp wrote: > It would *greatly* help readers if the full raw maildir > or mbox archives could be provided for download. > Thus seeding their MUA's and search tools and indexes. Here's a tarball I just made from the seul.org archives:

Re: [tor-talk] Tor Browser 6.0.5 Released Early

On Mon, Sep 19, 2016 at 12:27:52PM -0400, Random User wrote: > I'm just wondering what accounts for TB 6.0.5 being released at least > several days ahead of the date announced (20 Sept.) https://blog.torproject.org/blog/tor-browser-605-released has your answer (and is also the page that Tor

Re: [tor-talk] benefits of onion services (was Re: getting Tor to be default browser)

On Sun, Sep 18, 2016 at 10:34:45PM -0400, Random User wrote: > What is your basis for saying that HS .onion sites are "likely harder to > attack" than "public HTTPS" sites? Well, one feature is that the onion service design limits the surface area to only that service. So you can't break in by

Re: [tor-talk] Running a relay for some months

On Sat, Sep 17, 2016 at 09:46:48PM +0200, Tor Dev wrote: > I see now. My apologies! I pressed the button indeed multiple times, but the > window with the mail didn???t close after pressing the button. Even disabling > GPG signatures made no difference. After a few minutes I force quitted my >

Re: [tor-talk] Tor Bridge vs Tor Exit?

On Sat, Aug 20, 2016 at 12:58:55AM -0700, George Grantham wrote: > I've heard that Tor Bridges and Tor exits are both within serious demand. > > At this point in time within the Tor Network, are Tor Bridges with obfs4 > pluggable transports at a greater need, or are Tor exit nodes? I think exit

Re: [tor-talk] tor 0.2.8.5-rc connecting to 18.0.0.1

On Fri, Aug 19, 2016 at 04:05:07AM +0100, land...@tutanota.com wrote: > I'd like to ask why is tor-win32-0.2.8.5-rc.zip and > torbrowser-install-6.5a2_en-US.exe connecting to 18.0.0.1 ? >[...] > is tor 0.2.8.5-rc binding a socket to 18.0.0.1 ? or is it something else?  if > so why is this not on

Re: [tor-talk] A community concern that needs to be addressed,

On Thu, Aug 18, 2016 at 08:49:04PM -0400, myz...@openmailbox.org wrote: > I feel like Tor has become increasingly user-friendly > and the Tor Browser Bundle is by far less 'intimidating' to perform > first time configuration than it was a few years ago. Yay! Sign me up. There are many millions

Re: [tor-talk] Practical deanonymization using CPU load covert channels

On Fri, Jul 15, 2016 at 11:18:38AM -0400, Ethan White wrote: > Also, unfortunately, I'm going to be away from all things internet > for the next week or so, and thus unable to answer many > questions. Sorry for essentially commiting and leaving. Neat! Hopefully that away-from-the-net part means

Re: [tor-talk] Tor routing algorithm questions

On Thu, Jul 07, 2016 at 10:57:00PM +, Patrick Schleizer wrote: > scenario A) > > Let's assume someone's Tor client picked an entry guard on IP > AAA.BBB.CCC.EEE. And then [without knowing and/or by chance] tried to > make a torified connection to [1] IP AAA.BBB.CCC.EEE. > > - Would Tor use

  1   2   3   4   5   6   >