Re: [tor-dev] "Seeing through Network-Protocol Obfuscation"

On Wed, Aug 19, 2015 at 11:58 AM, Yawning Angel wrote: > [snip] > > The FTE semantic attack they presented isn't the easiest one I know of > (the GET request as defined by the regex is pathologically malformed). > Very interesting! This is news to me. I'm assuming I did something silly. (Even th

Re: [tor-dev] "Seeing through Network-Protocol Obfuscation"

Hey Philipp! Thanks for the interest! I'm one of the authors on the paper. My response is inline. On Wednesday, August 19, 2015, Philipp Winter wrote: > > > > They claim that they are able to detect obfs3, obfs4, FTE, and meek > usin

Re: [tor-dev] Hash Visualizations to Protect Against Onion Phishing

I like the idea of a drop down notification type deal that displays that you have not visited this site before. And implement that as a default off option in TBB. This lets the user decide if they accept that tradeoff. On Fri, Aug 21, 2015 at 5:11 PM Tom Ritter wrote: > On 20 August 2015 at 09:2

Re: [tor-dev] Hash Visualizations to Protect Against Onion Phishing

On 20 August 2015 at 09:24, Jeff Burdges wrote: > > I first learned about key poems here : > https://moderncrypto.org/mail-archive/messaging/2014/000125.html > If one wanted a more language agnostic system, then one could use a > sequence of icons, but that's probably larger than doing a handful o

Re: [tor-dev] Number of directory connections

Original Message From: Yawning Angel Subject: Re: [tor-dev] Number of directory connections Date: Fri, 21 Aug 2015 16:49:18 + >> It looks like when the consensus is older than 5 days, a directory authority >> is used (and the >> UseEntryGuardsAsDirGuards setting basically

Re: [tor-dev] Number of directory connections

On Fri, 21 Aug 2015 12:45:05 -0400 tordev...@safe-mail.net wrote: > I can't think of a good reason for that behavior. Is there a valid > security issue using an old consensus to fetch the current one from > the entry guard? Your entry guard being rejected as malicious by the DirAuths in the interv

Re: [tor-dev] Number of directory connections

Original Message From: "l.m" Subject: Re: [tor-dev] Number of directory connections Date: Fri, 21 Aug 2015 09:31:25 -0400 > Oh I see, so they happened before. I wasn't sure about that. In that case the > last consensus stored locally must have been many days old. If that's the

Re: [tor-dev] Feature freeze plans for Tor 0.2.7: Please read if you hack Tor!

On 8/19/15 5:40 PM, Nick Mathewson wrote: > Hi, all! > > Here's the schedule we worked out for the Tor 0.2.7 feature freeze. > > (These are defaults, not promises. We can make exceptions, but please > remember that delaying a freeze will delay release, and every day we > delay a release will del

Re: [tor-dev] tor callgrinds

On 2/16/07, Christopher Layne wrote: > Thought you guys might find this interesting. I did a couple of callgrind > runs ... yes, really back to 2007 to find a callgrind on a relay. does anyone have a more recent profile of a busy relay, by chance? if none exist, what do i need to bribe you with

Re: [tor-dev] [RFC] On new guard algorithms and data structures

Hi Leeroy, On Fri, Aug 21, 2015 at 08:09:13AM -0400, l.m wrote: > Hi, > > I'm curious what analysis has been done against a gateway adversary. > In particular dealing with the effectiveness of entry guards against > such an adversary. There's a part of me that thinks it doesn't work at > all for

Re: [tor-dev] Number of directory connections

Original Message From: George Kadianakis Subject: Re: [tor-dev] Number of directory connections Date: Fri, 21 Aug 2015 15:02:02 +0300 > There are many unlucky people whose guard is not a directory cache, so they > have > to reach out to additional guards to get directory docume

Re: [tor-dev] Number of directory connections

Oh I see, so they happened before. I wasn't sure about that. In that case the last consensus stored locally must have been many days old. If that's the case you would bootstrap from dirauths then use your guard for tunneling later directory request. --leeroy __

Re: [tor-dev] moved from [Tor-censorship-events] Improving the censorship event detector.

Hi George, You sell yourself short. It was a good first attempt. Now I should clarify. The last time I spoke to Karsten about this they indicated that the measurement team has other priorities (not obvious from the outdated roadmap). Karsten quoted an approximation of a year+ before a replacement

Re: [tor-dev] Number of directory connections

Original Message From: "l.m" Subject: Re: [tor-dev] Number of directory connections Date: Fri, 21 Aug 2015 08:02:22 -0400 > UseEntryGuardsAsDirGuards defaults to 1 in torrc. > > So if you did not change this default you will use entry guards for tunneling > directory connecti

Re: [tor-dev] [RFC] On new guard algorithms and data structures

Hi, I'm curious what analysis has been done against a gateway adversary. In particular dealing with the effectiveness of entry guards against such an adversary. There's a part of me that thinks it doesn't work at all for this case. Only because I've been studying such an adversary at the AS-level

Re: [tor-dev] Number of directory connections

Hi, UseEntryGuardsAsDirGuards defaults to 1 in torrc. So if you did not change this default you will use entry guards for tunneling directory connections. --leeroy On 8/21/2015 at 7:46 AM, tordev...@safe-mail.net wrote: Original Message From: Mike Perry Subject: [tor-dev] Prop

Re: [tor-dev] Number of directory connections

tordev...@safe-mail.net writes: > Original Message > From: Mike Perry > Subject: [tor-dev] Proposal: Padding for netflow record resolution reduction > Date: Thu, 20 Aug 2015 21:12:54 -0700 > >> Tor clients currently maintain one TLS connection to their Guard node to >> carry act

[tor-dev] Number of directory connections

Original Message From: Mike Perry Subject: [tor-dev] Proposal: Padding for netflow record resolution reduction Date: Thu, 20 Aug 2015 21:12:54 -0700 > Tor clients currently maintain one TLS connection to their Guard node to > carry actual application traffic, and make up to 3 ad

Re: [tor-dev] Hash Visualizations to Protect Against Onion Phishing

Yawning Angel: > As much as all of these are important issues, if we search for a > solution that works for absolutely everyone, then we will never > implement anything, because IMO no such thing exists. > > I sort of have mixed feelings about this in general, but since enough > people seem to thi

Re: [tor-dev] [RFC] On new guard algorithms and data structures

s7r writes: > Hi, > Hello, thanks for the feedback! I pushed some small updates to my branch based on your comments. You can check them out here: https://gitweb.torproject.org/user/asn/tor.git/tree/src/or/guardlist.c?h=bug12595 > On 8/20/2015 2:28 PM, George Kadianakis wrote: >> Hello ther

Re: [tor-dev] [RFC] On new guard algorithms and data structures

isis writes: > George Kadianakis transcribed 5.2K bytes: >> >> - This new design focuses on protecting against path bias attacks, by >> slightly >> damaging our reachability. >> >> Specifically, the old design is better at recovering in filtered networks, >> because it will keep on adding