[tor-talk] Encryption and Bridges

to use. If I type in an OBFS4 address will Orbot/Tails know that it needs to connect to the bridge using OBFS4? Thanks everyone, Justin. -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor

Re: [tor-talk] Tor in the command line Linux

the commands and an example that would be great. > On Nov 1, 2015, at 7:55 AM, I <beatthebasta...@inbox.com> wrote: > >> ..because I am >> visually impaired so I figured the screen reader will read the command >> line to me because the graphical way is ina

[tor-talk] Elliptic Curve Crypto and the NSA

ECC? Thanks, Justin. -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

[tor-talk] Meek Problems

guys is, what would the filter be doing to break Meek? The funny thing is that I don’t think it’s breaking Meek on purpose. Thanks, Justin. -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor

Re: [tor-talk] Tor

Actually, you’re totally wrong. According to a top secret NSA document, which you can view online: Tor is the king of high secure, low latency anonymity. No contender awaits the throne. That would clearly indicate that you know absolutely nothing about Tor, Onion routing, or anonymity in

Re: [tor-talk] TOR and Obfsproxy packet size

Hello, I’m not sure what the answer to your question about regular Tor is. When it comes to Obfsproxy changing the 586 byte size, it’s to evade filters that use that to help block Tor. The other packet length fluctuations would indicate that Obfsproxy makes the sizes of packets different so

Re: [tor-talk] [OT] shocking incident in software incident

Ok? I’m just going to say that the article has nothing to do with Tor. > On Nov 29, 2015, at 9:45 AM, Bob wrote: > > Dear list, > > A shocking incident in software industry has been reveled recently. I'm > sharing it here so that more people can support the cause. > >

Re: [tor-talk] Why most democratic contries are most active users of TOR... except Russia of course

Hello, You’re partially correct when you say don’t take the metrics as real users. Some of them may be bots, but can you please give us a link to an article about those events that you discussed? I really doubt that 1.5 million bots are using Tor everyday by the way. > On Jan 2, 2016, at

Re: [tor-talk] MITM attack on TLS

is going after me, I will use Tails. That should certainly stop them. > On Nov 20, 2015, at 4:33 PM, Ivan Markin <t...@riseup.net> wrote: > > Justin Davis: >> Just to give more information, the >> attack will be done by having every network user install a root cert >&g

Re: [tor-talk] MITM attack on TLS

Allen, SSH is probably more dangerous than OBFS4 because it coulee be detected with a DPI fingerprint. They might question that. I think Tor with transports is good. > On Nov 20, 2015, at 5:16 PM, Allen wrote: > >> You should remove these CAs > > Or they might fire you.

Re: [tor-talk] MITM attack on TLS

<t...@riseup.net> wrote: > > Justin: >> Also, I have no option but to keep the cert because if I don’t the >> filter may use DPI to block TLS for me. > > Funny! I mean that you're already have no TLS, because actual TLS is > terminated at your ITDep. You should

Re: [tor-talk] MITM attack on TLS

Hello, I know. OBFS4 makes the traffic unrecognizable to a DPI unit. That’s why I switched from Meek to it. > On Nov 21, 2015, at 4:14 AM, Ivan Markin <t...@riseup.net> wrote: > > Justin: >> I won’t get into trouble because I’m not using regular Tor. I’m >> using

Re: [tor-talk] MITM attack on TLS

Hello, You would be correct normally, but at school, I know the IT guy very well. I have calculated that he is probably too lazy to check his logs. He usually doesn’t check things out until someone tells him that a problem is occurring. Even if Meek-Google is broken, I got more information

Re: [tor-talk] MITM attack on TLS

that the Amazon and Azure versions may be broken. Should they all be broken, I will switch to another transport. > On Nov 21, 2015, at 5:26 PM, Ivan Markin <t...@riseup.net> wrote: > > Justin: >> I have calculated that he is probably too lazy to check his logs. > >

[tor-talk] MITM attack on TLS

Hello, I won’t get into trouble because I’m not using regular Tor. I’m using pluggable transports, which hide the Tor traffic and make it unrecognizable to a DPI box. This should be good enough even if Meek’s TLS is broken. -- tor-talk mailing list - tor-talk@lists.torproject.org To

[tor-talk] Tor Sensorship

Hi, I was wondering does anyone have a list of countries that are currently blocking Tor? I know China, Ethiopia, Iran are doing it but I think I may have missed one or two others. Thanks, Justin. -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings

Re: [tor-talk] Tor Sensorship

Wow. I wonder if they’re going to ask Bluecoat for help on that so they can nail the vanilla bridges next? I hope not. Thanks. > On May 25, 2016, at 5:04 PM, Green Dream wrote: > > It's been reported here that Mexico's largest ISP is blocking exits and > directory

Re: [tor-talk] Tor Sensorship

Are they using DPI? If so, what company sold them the filter? > On May 25, 2016, at 5:55 PM, Chris wrote: > > >> I was wondering does anyone have a list of countries that are >> currently blocking Tor? >> I know China, Ethiopia, Iran are doing it but I think I may have

Re: [tor-talk] FortiGuard firewall blocks meek by TLS signature

Hi, That’s not surprising. Wonder if we’ll see other filtering companies start blocking Meek this way. > On Jul 24, 2016, at 3:04 AM, David Fifield wrote: > > Recently, we had reports of Cyberoam firewalls blocking meek by TLS > signature: >

[tor-talk] Cyberoam is again blocking Meek

TLS signature. Meek-Amazon gets stopped at 25% of bootstrapping, and I’m not sure what Cyberoam is fingerprinting. Any ideas? Thanks, Justin. -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman

Re: [tor-talk] Cyberoam is again blocking Meek

Meek works on Orbot still. I wonder why? > On Aug 1, 2016, at 8:36 AM, Nathan Freitas <nat...@freitas.net> wrote: > > On Mon, Aug 1, 2016, at 09:31 AM, Justin wrote: >> I’ve been conducting some more tests against a Cyberoam with Meek, and >> over the past t

Re: [tor-talk] What prevents China from manually requesting bridges and than blocking them?

Hi, From what I know, you’re correct. The Chinese use a lot of people to get bridges, or maybe they created a bonnet that can do it for them, either way they’ve done exactly what you said. They have managed to block the automated bridge distribution methods. > On Jul 8, 2016, at 10:49 AM,

[tor-talk] Tor protocol classification

is recognized and blocked by DPI equipment from Cyberoam. Keep in mind this is Vanilla Tor, no PT are used. Thanks very much, Justin. -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor

Re: [tor-talk] New Pluggable Transports

Hi, I think Dpi boxes are fingerprinting OBFS4 because of it’s randomness. A paper was published a wile ago that talked about the same type of attack. It’s on https://sensorbib.nymity.ch <https://sensorbib.nymity.ch/> Thanks, Justin. > On Aug 18, 2016, at 11:34 AM, Ivan Markin <t..

[tor-talk] Tor DNS Deanonymization

Hi, Not too long ago, a paper was published that talks about how Tor users can be deanonymized through their DNS lookups. Is this something I should be concerned about? Thanks, Justin. -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https

[tor-talk] OBFS4 Blocking

mode 1 and 2 worked no matter how much load the bridges had on them. Hopefully this information can help people understand a little more about how these transports are filtered. Thanks, Justin. -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go

Re: [tor-talk] OBFS4 Blocking

016, at 3:13 PM, Flipchan <flipc...@riseup.net> wrote: > > Did u only try to connect to a bridge and proxy data throw it? > > Justin <davisjustin...@gmail.com> skrev: (17 november 2016 12:16:49 CET) >> Hi everyone, >> I’ve been doing research to see how some of

[tor-talk] OBFS4 iat-mode

Hi, I’m curious about the iat-mode in obfs4. What is the difference between iat-mode 1 and 2? Thanks, Justin. -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

Re: [tor-talk] Do the OS X Vidalia bundles work on 10.4 for anyone?

I've been running Japnonymous on a 10.4 ppc machine using this package for some time now. Haven't run into any issues yet (Full disclosure, I don't use Polipo at all, only Tor and Vidalia). ~Justin Aplin On Mar 31, 2011, at 12:18 PM, Erinn Clark wrote: Hello everyone, I hear mixed

Re: [tor-talk] How to choose to get connected to a specific relay?

.6297b13a687b521a59c6bd79188a2501ec03a065.exit ~Justin Aplin ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

Re: [tor-talk] Downloading Firefox add-ons trough Tor. Safe?

/latest/722/addon-722-latest.xpi?src=browse And TorButton: https://www.torproject.org/dist/torbutton/torbutton-current.xpi ~Justin Aplin ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

Re: [tor-talk] Downloading Firefox add-ons trough Tor. Safe?

On Jul 10, 2011, at 11:12 PM, hi...@safe-mail.net wrote: Original Message From: Justin Aplin jap...@gmail.com HTTPS transport should prevent the type of modification you're talking about, so just double-check your URIs before downloading anything. For example, I

Re: [tor-talk] Any problem installing TBB Vidalia bundle on same machine?

, but the result should be worth it if you use both often. ~Justin Aplin ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

Re: [tor-talk] Any problem installing TBB Vidalia bundle on same machine?

On Aug 15, 2011, at 9:37 AM, Joe Btfsplk wrote: On 8/14/2011 7:47 PM, Justin Aplin wrote: something like an option / preference don't close TBB when Firefox closes sounds like a solution. Technically, it'd be don't close Tor / Vidalia wouldn't it, because TBB includes Tor? Firefox in TBB

Re: [tor-talk] New Tor Browser Bundles with Firefox 6

and beta branches tend to include new features, and since the majority of new features in Tor are geared toward improving security, the same logic as above applies. ~Justin Aplin ___ tor-talk mailing list tor-talk@lists.torproject.org https

Re: [tor-talk] NT Service installation does not handle ``bridge relay'' option in torrc file

the --nt-service tag, and adding -f C:\blah\torrc to the tail end of it. Alternatively, you could guess where Tor is looking for the torrc (probably Application Data\Vidalia in the service account's home directory) and try placing a copy of your torrc there. ~Justin Aplin On Tue, Sep 20, 2011

Re: [tor-talk] Updating problem - failed to fetch URL

Not Found [IP: 86.59.30.36 80] What should I change my update source to? Use the Lucid repos, or use the instructions here to build your own .debs: https://www.torproject.org/docs/debian.html.en#source ~Justin Aplin ___ tor-talk mailing list tor-talk

Re: [tor-talk] using bridge directly

to specify a particular *exit* in the address bar, check out the AllowDotExit entry in the manual. Picking a particular *entry* node, as far as I know, would require you to use the Bridge and UseBridges entries in your torrc, which isn't nearly as flexible. ~Justin Aplin Best, Kamyar, On Sat

Re: [tor-talk] How can I get Vidalia to work when I am loading Tor with a custom torrc file?

option pointing to your custom torrc? ~Justin Aplin ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

Re: [tor-talk] Automatic vulnerability scanning of Tor Network?

is really the best way to go here. ~Justin Aplin ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

Re: [tor-talk] shutdown latencies

, or that Vidalia's just waiting for the shutdown timeout to run its course? As far as I know, the red icon indicates the former, as my nodes have a 30 second wait time, but frequently only sit in the red phase for 10-15 seconds. ~Justin Aplin ___ tor-talk

Re: [tor-talk] shutdown latencies

On 2/15/2012 3:31 PM, eliaz wrote: Thanks, this gives me someplace to start. On 2/15/2012 1:52 PM, Justin Aplin wrote: On Feb 15, 2012, at 12:48 PM, eliaz wrote: I've set ShutdownWaitLength to 30 minutes in torrc. If this is actually set to 30 minutes, and not 30 seconds, I believe that's

[tor-talk] Win32 expert bundle link broken

The link to the win32 expert bundle on the project website is broken and should be corrected to https://www.torproject.org/dist/win32/tor-0.2.3.12-alpha-win32.exe Thanks, ~Justin Aplin ___ tor-talk mailing list tor-talk@lists.torproject.org https

Re: [tor-talk] Tor directory servers

as in the data directory of every running client. There's nothing secret about it. As far as blocking exit nodes, the Tor DNSBL is publicly provided for this reason precisely. ~Justin Aplin ___ tor-talk mailing list tor-talk@lists.torproject.org https

Re: [tor-talk] How tor skip firewall ?

to the site itself occurs at the exit node. ~Justin Aplin ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

Re: [tor-talk] Tor relay data usage

internet activities (in which case, I'd set it to, say, 80% of your provider's advertised bandwidth, or whatever else you find appropriate, which will limit Tor enough to leave your internet connection usable, but still run up against the limit set by AccountingMax eventually). ~Justin Aplin

Re: [tor-talk] fingerprint/IP

per IP (or even several nodes per box, if CPU core usage is topping out before bandwidth usage) isn't terribly uncommon. ~Justin Aplin ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

Re: [tor-talk] Is my ISP censoring my access to Tor?

used to randomize port selection seems to trigger an inordinate number of antivirus warnings. ~Justin Aplin ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

Re: [tor-talk] transfer .onion addreess to another server

descriptors (which will result in odd behavior, like your hidden service only being reachable some of the time). If you plan to continue running a Tor node on the old hardware, a new set of keys and a new fingerprint will automatically be generated. ~Justin Aplin

Re: [tor-talk] Disable anything but hidden services

like to know the solution if there is one, though. [1] https://www.torproject.org/docs/tor-hidden-service.html.en ~Justin Aplin ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

Re: [tor-talk] Disable anything but hidden services

On Sep 5, 2012, at 3:15 AM, Andreas Krey wrote: On Wed, 05 Sep 2012 02:15:21 +, Justin Aplin wrote: ... ExitPolicy accept 127.0.0.1:* ExitPolicy reject *:* This will allow exiting (connecting) to the local machine (where the hidden service should be listening) on all ports

Re: [tor-talk] Tor 0.2.4.11-alpha is out

] This version of Tor (0.2.4.11-alpha) is newer than any recommended version, according to the directory authorities. Recommended versions are: 0.2.2.39,0.2.3.24-rc,0.2.3.25,0.2.4.5-alpha,0.2.4.6-alpha,0.2.4.7-alpha,0.2.4.8-alpha,0.2.4.9-alpha,0.2.4.10-alpha Anything to worry about? ~Justin Aplin

Re: [tor-talk] geoip6

won't show up on Vidalia's map. Traffic won't be affected in any way. [1] https://gitweb.torproject.org/tor.git/blob_plain/HEAD:/src/config/geoip6 ~Justin Aplin ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin

[tor-talk] Can't log in

-- tor-talk mailing list - tor-talk@lists.torproject.org To unsusbscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

[tor-talk] (no subject)

-- tor-talk mailing list - tor-talk@lists.torproject.org To unsusbscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

Re: [tor-talk] europa.eu blocks Tor?

) ns2bru.europa.eu (158.169.131.32) ns1lux.europa.eu (158.169.9.11) ns2eu.bt.net ns1.bt.net ns1.be.colt.net Keys: Please visit www.eurid.eu for more info. - -- Best Regards, Justin Bull E09D 38DE 8FB7 5745 2044 A0F4 1A2B DEAA 68FD B34C -BEGIN PGP SIGNATURE- Version

Re: [tor-talk] PrivateCore Demonstrates Industry’s First PRISM-Proof Tor Server in Public Cloud

It would appear PRISM-proof is the new military grade. Brace yourselves, snake oil is coming. Sent from mobile. On 2013-10-28 1:47 AM, Michael Wolf mikewol...@gmail.com wrote: It still runs in a VM on stock x86 hardware... what stops the NSA/provider from viewing the virtual CPU's state,

Re: [tor-talk] PrivateCore the real deal or snake oil?

in that matter. I've CC'd the list on the chance others interpreted my curt, snarky reply the same way. [0]: With the exception of one-time pads, of course ;-) On Tue, Oct 29, 2013 at 2:24 PM, Oded Horovitz o...@privatecore.com wrote: Justin, If you are interested to hear more about our architecture

[tor-talk] FTe Bridges

Hello, When I try to use FTE bridges from the bridge db email service, they don't work. Keep in mind I've only tried this once, but has anyone else had this issue with FTE or any other pluggable transport bridges given out from bridge db? Thanks, Justin. -- tor-talk mailing list - tor-talk

[tor-talk] Tor in the command line Linux

so I figured the screen reader will read the command line to me because the graphical way is inaccessable with Orca. Thanks, Justin. -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

[tor-talk] MITM attack on TLS

Hello, I just learned that the IT department of an organization where I am will begin mass decryption on TLS traffic. Would this effect the use of the Meek pluggable transport? Just to give more information, the attack will be done by having every network user install a root cert in our

[tor-talk] obfs4

provements they are welcome. Thanks, Justin. -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

[tor-talk] obfs4

provements they are welcome. Thanks, Justin. -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk