lated
to the Tor Browser, since the network level issues are already very well
studied. For this project, only the Tor Browser is being considered.
I suppose, then, that I should call it the "Tor Browser Friendliness
Scanner," but I didn't give that much thought to the name. Sor
ping a method for determining if content is dynamically
generated (and therefore different every time), or broken.
I hope this addressed all concerns, and if not, or if there is more
feedback, please let me know!
Thanks,
Kevin
--
Kevin Gallagher
Ph.D. Candidate
Center For Cybersecurity
NYU Tandon Sc
Hello tor-dev!
My name is Kevin and I'm a PhD student at NYU. Recently I've been
working on creating a "Tor Friendliness Scanner" (TFS), or a scanner
that will measure what features of a given website are broken
(non-functional) when accessed on the Tor Browser (TB), al
> Is the Address option set on this relay?
Address is not set because it is generated from this template, which
does not set Address:
https://github.com/nusenu/ansible-relayor/blob/dev/templates/torrc.
> Maybe we need to change this part of the warning:
>> If you have a static public IPv4 address
I can answer your questions because I'm the one that filed the issue
previously referenced by nusenu.
> What are the exact torrc lines?
One relay where I see these log messages has a public address of
51.15.48.254 while the relevant torrc lines are as follows:
ORPort 10.8.169.135:443
ORPort [200
I hadn't found that - thanks!
-Kevin
On 15/09/16 20:26, spriver wrote:
> Hi,
> you may have a look at (maybe you already did) at OnionCircuits[0],
> which does sort of the same job.
>
> Cheers!
> spriver
>
> [0] https://git-tails.immerda.ch/onioncircuits/
>
>
, so I
thought I'd put it out there in case someone else finds it useful.
OnionView uses the excellent Stem library, so make sure you have that
installed. It works with Python 2 and 3.
All feedback and advice welcome!
-Kevin
___
tor-dev mailing lis
I think we should (1) make pyptlib easier to use but (2) wait until the new
PT spec. is settled upon.
Let's pick this back up when the spec. is complete.
-Kevin
On Tue, Sep 8, 2015 at 5:56 PM, isis wrote:
> George Kadianakis transcribed 1.4K bytes:
> > Kevin P Dyer writes:
&g
The background: I've been trying to get the fteproxy package into debian.
In the code review process, the dependency on obfsproxy was flagged as a
not-so-great thing. I agree, and was hoping there's an easy solution...
-Kevin
On Mon, Sep 7, 2015 at 5:03 PM, Kevin P Dyer wrote:
Response inline.
On Mon, Sep 7, 2015 at 3:29 PM, Yawning Angel
wrote:
> On Mon, 7 Sep 2015 14:37:07 -0700
> Kevin P Dyer wrote:
>
> > ...and it shouldn't.
> >
> > Fortunately, the dependency is isolated to a single file. See [1].
> >
> > My un
...and it shouldn't.
Fortunately, the dependency is isolated to a single file. See [1].
My understanding is that pyptlib [2] is no longer maintained.
wiley/asn/etc. - What's the proper way to remove this dependency, but make
it easy for fteproxy to be a PT?
-Kevin
[1] https://
On Sat, Aug 22, 2015 at 12:43 AM, Yawning Angel
wrote:
> On Fri, 21 Aug 2015 17:51:20 -0700
> Kevin P Dyer wrote:
>
> > On Wed, Aug 19, 2015 at 11:58 AM, Yawning Angel
> > wrote:
> >
> > > [snip]
> > >
> > > The FTE semantic attack they pr
id something silly.
(Even though I tested it against bro, wireshark, etc.)
How is it pathologically malformed?
> [snip]
>
-Kevin
___
tor-dev mailing list
tor-dev@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev
Finally, we’ll be working on a full version of this paper with additional
results. If anyone is interested in reviewing and providing feedback, we’d
love to hear it. (Philipp - do you mind if I reach out to you directly?)
-Kevin
[1] https://github.com/liangw89/obfs-detection
Hi Juro,
Thanks for your interest in working on fteproxy this summer! Unfortunately,
as Fred highlighted [1], Tor won't be a host organization this year.
I'll send you an email directly. We'll figure something out.
-Kevin
[1] https://lists.torproject.org/pipermail/tor-dev/20
Hi Karsten,
Still looks like the graphs aren't automatically updating. Just a friendly
reminder to have a look at them, when you have a moment to spare. (These
graphs have been helpful to identify FTE-related issues!)
-Kevin
On Wed, Dec 31, 2014 at 8:01 AM, Karsten Loesing
wrote:
> --
The "Bridge users by transport" [1] graph on metrics.torproject.org
abruptly stops at Dec. 12 for all transports.
Has anyone had an opportunity to troubleshoot this issue?
-Kevin
[1]
https://metrics.torproject.org/userstats-bridge-transport.html?graph=userstats-bridge-transport&st
Hi SiNA,
Can you provide the last few lines of output from var/build.log?
-Kevin
On Wed, Sep 17, 2014 at 8:03 PM, SiNA Rabbani wrote:
> Dear Team,
>
> I need some help getting gitian-build to work for the Tor Browser. Can
> anyone help with this error please?
>
> ./m
hould have
been the case that failover worked properly. So, my guess is that (1) some
of the FTE bridges listed in the Tor Browser are not properly reporting
stats or (2) failover isn't working properly.
It's on my TODO list to investigate this further.
-Kevin
On Tue, Sep 16, 2014 at 2:
On Sat, Jul 26, 2014 at 5:30 PM, David Fifield
wrote:
> On Sat, Jul 26, 2014 at 03:08:38PM +0100, Kevin P Dyer wrote:
> > Are there any roadblocks that prevent us from doing the following?
> >
> > 1. Remove the hard-coded bridge_prefs.js in the TBB.
> > 2. Set me
acquired bridge_prefs.js to connect to Tor
as normal.
Ostensibly, this doesn't do a better job of hiding bridge addresses.
However, it allows us to modify bridge addresses without releasing a new
TBB.
-Kevin
___
tor-dev mailing list
to
I would like to be able to bind to privileged ports when running a
PT-enabled bridge in managed mode --- will any changes to little-t-tor be
required for this feature?
-Kevin
On Fri, Jul 11, 2014 at 9:51 AM, George Kadianakis
wrote:
> Hello Roger and Nick,
>
> as far as I know, bridg
that explains where your work will
live in the network stack? (Doesn't need to be fancy, even a pencil+paper
diagram scanned.) Specifically, is it your goal to build a link-padding PT
that's composable with other PTs?
-Kevin
On Fri, May 30, 2014 at 9:05 AM, Marc Juarez <
marc.j
there
is a correspond tor-browser update. Hopefully, this should resolve the
issue of fteproxy breaking the nightly TBB build.
Thanks!
-Kevin
[1] https://github.com/kpdyer/fteproxy/releases/tag/0.2.14
[2] https://github.com/kpdyer/tor-browser-bundle
[3] https://trac.torproject.org/projects/t
On Mon, Apr 28, 2014 at 11:06 AM, George Kadianakis wrote:
> Kevin P Dyer writes:
>
> > Hi Mike,
> >
> > It looks like [1] broke FTE [2].
> >
> > Can you hold off on pushing any releases public, until we resolve #11629?
> >
> > George - Can we re
Hi Mike,
It looks like [1] broke FTE [2].
Can you hold off on pushing any releases public, until we resolve #11629?
George - Can we revert obfsproxy back to 0.2.4, to give me time to sort
this out?
-Kevin
[1]
https://gitweb.torproject.org/builders/tor-browser-bundle.git/commit
[3] from [4], which wasn't
reported on in [1], I believe.
-Kevin
[1] https://kpdyer.com/publications/oakland2012-peekaboo.pdf
[2] https://github.com/kpdyer/website-fingerprinting
[3]
https://github.com/kpdyer/website-fingerprinting/blob/master/classifiers/ESORICSClassifier.py
[4] http://dl.acm.or
ed from me to merge these changes upstream?
-Kevin
[1] https://trac.torproject.org/projects/tor/ticket/10362
[2] https://trac.torproject.org/projects/tor/ticket/10362#comment:21
[3] https://github.com/kpdyer/tor-browser-bundle/tree/fte
On Wed, Feb 5, 2014 at 1:51 PM, David Fifield wrote:
> O
Hi all,
Please see [2] for a patch that integrates fteproxy into dcf's 3.6-beta
branch [3] of the TBB.
This integration targets version v0.2.6 of fteproxy [1].
asn/mikeperry - What do you need from me to merge this patch to master?
-Kevin
[1] https://github.com/kpdyer/fteproxy/releas
have a look at [1] and [2]. They explore the related
setting of website fingerprinting attacks and defenses (including the
one you suggest.)
-Kevin
[1] https://kpdyer.com/publications/oakland2012-peekaboo.pdf
[2] http://cacr.uwaterloo.ca/techreports/2013/cacr2013-30.pdf
___
Hi George,
On Sat, Jan 4, 2014 at 7:12 AM, George Kadianakis wrote:
>> On Fri, Jan 3, 2014 at 6:20 AM, George Kadianakis
>> wrote:
>>> Hello Kevin,
>>>
>>> I saw your recent changes to the FTE codebase. The code looks nice!
>>>
>>> I then
On Fri, Jan 3, 2014 at 6:20 AM, George Kadianakis wrote:
> Hello Kevin,
>
> I saw your recent changes to the FTE codebase. The code looks nice!
>
> I then tried to test it, but I got a bit confused by the CLI. I wanted to
> try the good ol' ncat test, where I put FTE
/output of our (un)ranking algorithms.
I look forward to feedback on v0.2.2!
-Kevin
[1] https://trac.torproject.org/projects/tor/ticket/10362#comment:2
[2] https://github.com/kpdyer/fteproxy/tree/384a4b0ba5a5
___
tor-dev mailing list
tor-dev@lists.torp
ing
$ sudo apt-get --reinstall install linux-image-generic
>>>
I did not encounter this problem when building [2] last week. When the
failure occurs, var/build.log contains the "invalid instruction
suffix" errors as reported in [3].
-Kevin
[1] https://gitweb.torproject.org/us
that has logic
for building the pluggable transports? Or is that still an open task?
-Kevin
[0] http://eprint.iacr.org/2012/494
[1] https://gitweb.torproject.org/builders/tor-browser-bundle.git
[2] https://gitweb.torproject.org/builders/gitian-builder.git
egrate FTE into the PTTBB. My fork is available at [3].
The source code [4] for fteproxy is available on github.
-Kevin
[1] https://trac.torproject.org/projects/tor/ticket/9941
[2] https://git.torproject.org/pluggable-transports/bundle.git
[3] https://github.com/kpdyer/bundle
[4] https://github.
?
-Kevin
On Sun, Nov 17, 2013 at 6:22 AM, dardok wrote:
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA512
>
> George Kadianakis:
>> dardok writes:
>>
>>> Hi, I am quite new in here but I am interested to help and
>>> improve the TOR system. I am interested i
e PT standup on Friday. To get my head around the current
design, it would be great if we could discuss a few use cases beyond
obfsproxy+flashproxy.
-Kevin
[1] https://trac.torproject.org/projects/tor/ticket/7167
On Sun, Nov 10, 2013 at 3:43 AM, George Kadianakis wrote:
> Hello Kevin,
>
&g
On Wed, Oct 9, 2013 at 12:22 PM, David Fifield wrote:
> On Wed, Oct 09, 2013 at 12:02:20PM -0400, Kevin P Dyer wrote:
>> On Sun, Oct 6, 2013 at 3:30 PM, David Fifield wrote:
>> This is a good start and goes a long way towards automating the build
>> process. However, I&#
Hi David!
Thanks for the detailed response. My thoughts are inline.
On Sun, Oct 6, 2013 at 3:30 PM, David Fifield wrote:
> On Sat, Oct 05, 2013 at 11:08:40AM -0400, Kevin P Dyer wrote:
>> Sorry I missed the most recent Pluggable Transport bi-weekly meeting.
>>
>> In regar
ut I don't have a better solution.
I anticipate this will be a non-trivial effort to get working
correctly. So, it would be great if you could help me adjust my plan
to minimize headache!
Thanks!
-Kevin
___
tor-dev mailing list
tor-dev@lists.
heir intended schedule with potential inaccuracies caused, or
the 2 minute interval is not a 2minute interval. I think we should aim
for the latter and warn the user when they have made schedules like the
above.
- Another option is to break up experiments into chunks, where overall
only one
rf being a
> bunch of scripts. I'd rather not want to write a single script for
> Torperf to do what it's supposed to do, but design it in a way that it
> can already do all the things we want it to do. Accumulating results
> and presenting them is part of these things.
"Torperf should just measure performance and display data", displaying
aggregate data is displaying data! :P
But, surely if Torperf just achieves this by wget'ing stuff, and the
user doesn't have to worry about anything other than setting a remote
server and an interval to poll, that would be considered done? (Torperf
handles the scheduling and managing of the data files)
>>>>> results database Store request details, retrieve results, periodically
>>>>> delete old results if configured.
>>>>
>>>> Not sure if we really need a database. These tests look pretty simple to
>>>> me.
>>>
>>> Rephrased to data store. I still think a database makes sense here, but
>>> this is not a requirement. As long as we can store, retrieve, and
>>> periodically delete results, everything's fine.
>>>
>>
>> Cool!
I don't think we need a database for the actual results (but a flat file
structure is just a crap database! :). I do however think, once we start
to provide the data visualisation aspects, it will need a database for
performance when doing queries that are more than simple listings.
regards,
Kevin
___
tor-dev mailing list
tor-dev@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev
attached changes.
:)
> Well, thanks for your input! As I said above, it would help a lot if
> you added these ideas to the appropriate sections of the design document.
>
> Please see attached.
Regards,
Kevin
0001-Added-some-ideas-on-ex
e are new clients available to run as latest? Would it be useful to be
able to specify that some experiments should be run on 'master' or a gitref
and that it would be pulled between runs? That's probably not practical.
Apologies for the length and lack of order!
Kevin
___
tor-dev mailing list
tor-dev@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev
Hi all,
Will we be having the first Pluggable Transport Weekly tomorrow?
I'm working towards getting a build environment setup for the PTTBB and
would like to chat about it, to ensure I'm not duplicating previous efforts.
Thanks,
Kevin
On Fri, Sep 6, 2013 at 1:58 AM, Vmon wrote:
Hey Jeroen,
Thanks for your feedback, please see inline.
On 12 September 2013 09:03, Jeroen Massar wrote:
> On 2013-09-12 09:25 , Kevin Butler wrote:
>
> [generic 203 proposal (and similar http scheme) comments]
>
> - HTTPS requires certificates, self-signed ones can ea
(This email got way out of hand from a basic 'I'll bounce an idea here',
here's to hoping I haven't made some huge oversight.)
I've been thinking about the https frontend after reading the basic problem
when I started looking into Tor dev but never took the time to read the
actual proposal. When I
[Taking this discussion to tor-dev.]
On Sun, Sep 1, 2013 at 6:32 AM, George Kadianakis wrote:
> Kevin P Dyer writes:
>
> > Hi George/David,
> >
>
> Hi Kevin,
>
> > I spoke with Roger at USENIX. He said you're the pluggable transport (PT)
> > gateke
he 32-bit/64-bit linux binaries were
compiled on RHEL6.4 with GLIBC 2.12.
Please let me know if this resolves the issue you encountered.
-Kevin
On Wed, Jul 24, 2013 at 10:51 PM, Kevin P Dyer wrote:
> Hi George,
>
> Thanks for trying FTE!
>
> Apologies, this is my fault. I built
lease new
binaries ASAP.
-Kevin
On Wed, Jul 24, 2013 at 7:44 PM, George Kadianakis wrote:
> Hi Kevin,
>
> I tried the bundles in https://kpdyer.com/fte/ .
>
> For some reason, when I fire up 'start-tor-browser' I don't get
> 'fte_relay' listener to bi
onth, we've successfully tunneled Tor through the Great Firewall of
China, using FTE to make our traffic "look like" HTTP.
We're eager for feedback on this alpha release, so please do not
hesitate to contact us with questions.
-Kevin P Dyer (and his co-authors)
[1] https://lis
On Thu, Sep 6, 2012 at 3:30 PM, David Fifield wrote:
> On Thu, Sep 06, 2012 at 09:25:58AM -0700, Kevin P Dyer wrote:
>> Following my email to this list, dated 29/07/2012, I direct your
>> attention to the IACR eprint document http://eprint.iacr.org/2012/494,
>> "Form
igned to detect HTTP traffic.
We consider this preliminary technical report on a work-in-progress.
In fact, we can already do more than what is reported (e.g. greater
variety of languages, better system performance), but we will save
these advances for a future release.
Cheers,
Kevin P Dyer (and
eport and
I'll point you guys to it.
At that point ---should be just a couple of weeks--- I'll be happy to
explain more details about our work, share code, etc. There will, of
course, be lots of interesting questions remaining about practical
deployme
You can only allow the site to be accessed 127.0.0.1.
On Sun, Jul 22, 2012 at 4:08 AM, Salva . wrote:
> Hello, I have launched a website in TOR and I can access it through the
> .onion address and also typing the ip of my server in my brower.
> I want my site was only accessible from TOR and not
D'oh! I hope this wasn't the wrong place to ask this. I couldn't seem
to find anywhere else to ask this.
___
tor-dev mailing list
tor-dev@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev
I am utterly dumbfounded by this (it's probably because I'm really
tired), but in rendservice.c in the rend_service_t structure, there is
a smartlist_t for the ports. How exactly are the [source and
destination] ports stored in there?
Tha
> By the way, where can I find the md5 or sha digests for the Experimentor?
You can find the ExperimenTor tools and optional virtual machine instances at
this link:
http://crysp.uwaterloo.ca/software/exptor/download.html
We don't publish any digests for these downloads.
ction.
>>> 5. The proxy connects to a Tor relay, then begins copying data between
>>>its two sockets.
>>
>> Where is the list of all facilitators?
>
> There is only one (not that there couldn't be more), and its address is
> hardcoded into the pro
> Assuming you mean "stream" instead of "circuit" here, then, as above, I
> think most HTTP connections would be in this category. It might be
> interesting to examine some HTTP traces to see, though. target="Kevin">Kevin, you were looking at s
61 matches
Mail list logo
