ece of paper to all attendees so they can access the minutes
and write up reports together in the future.
You really don't want to have all attendees bring their computer or
require them to meet with Elena at a later time.
Hope that helps,
--
Lunar
re going to get such graphs running as a way to measure the
amount of Tor Browser users, I wonder if we should not also try to
work with Tails' people to add their boot statistics, and maybe other
projects who include Tor Browser without using the automated update
mechanism.
- -
wn by operating systems if you
consider it a reasonable thing to do.
Seeing these graphs really made my day, I had been hoping for them for
a long time (#10675 which maybe should be closed). Thanks a lot!
Thanks,
--
Lunar
signature.asc
Description: O
is is a good framework for having a
discussion. (Should we move this to -project? Not sure.)
[1]: https://blog.torproject.org/blog/tor-social-contract
[2]: https://blog.torproject.org/blog/hidden-services-need-some-love
See “Attacks by Hidden Serv
lenty of people who type “riseup” in the Google search bar of
their browser to access their mailbox… They don't even want to/can't remember
an URL. Hardly a chance they will remember an onion address, whatever
its size.)
Maybe it would be worthwhile to ask the UX team
ban...@openmailbox.org:
> Thanks Lunar for the update. I thought the effort to upstream TBB had
> completely stalled because there was no activity on #3994. Good to know its
> still alive.
>
> Is there somewhere I could look to track progress besides that ticket?
Don't misu
-wide, getting a package should not be very hard.
Hope that helps,
--
Lunar
signature.asc
Description: Digital signature
___
tor-dev mailing list
tor-dev@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev
having to find
> scattered hardcoded strings through different HTML files.
Great! :) As long as it's properly i18nized, localizations can come
later. Although doing a first localization while i18ning might help you
spot missing strings.
--
Lunar
the whole thing. :)
Have you consider any internationalization?
If not all of this can be implemented over the summer, just keeping it
in mind in the design stage might help to add the required features
later.
--
Lunar
signature.asc
Description: D
4
option prototcp
option ipsettor-guards
option target ACCEPT
```
--- >8 ---
I think I made a few adjustments to the above scripts after more tests
since I took the above notes.
Hope that helps,
--
Lunar
t/tree/proposals
Once in a while Nick updates the status document giving a general
overview:
https://gitweb.torproject.org/torspec.git/plain/proposals/proposal-status.txt
--
Lunar
signature.asc
Description: Digital signature
So I want to humbly ask you to use
> the tag regardless of the help you may or may not need for that ticket.
Tor Browser folks have been tagging tickets with tbb-usability:
https://trac.torproject.org/projects/tor/tags/tbb-usability
Do you want a
ched
the other way around: if Tor distributes the signatures, is there I way
to stick them in the binaries I just built so that the signature is
valid and the bytes are the same as the ones distributed by Tor.
--
Lunar
signature.asc
Description: Dig
Hi!
Karsten Loesing:
> 2. Install Sikuli (http://www.sikuli.org/; thanks for Lunar for the
> suggestion!) either directly on these machines or on the virtual
> machine host or on a separate host in the same network.
>
> 3. Write a Sikuli script for each operating syst
e too?
Because obfs4proxy is in Go and statically linked. The same package can
be used on many distributions. It could not be built on every suite
though, as they don't have the needed build dependencies.
--
Lunar
signature.asc
Descriptio
de obfs4proxy in deb.torproject.org for Debian
You should now be able to get obfs4proxy by using:
deb http://deb.torproject.org/torproject.org obfs4proxy main
The package should work on most Ubuntu and Debian versions. It is
available for amd64 and i386.
--
Lunar
:
http://www.mingw.org/
MinGW is also what is used to build Tor for the Windows version of the
Tor Browser (run on GNU/Linux).
--
Lunar
signature.asc
Description: Digital signature
___
tor-dev mailing li
u've already asked your question to tor-talk. That's fine, be
patient.
--
Lunar
signature.asc
Description: Digital signature
___
tor-dev mailing list
tor-dev@lists.torproject.org
https://lists.
this is worth raising on a developer's mailing list:
https://lists.mayfirst.org/mailman/listinfo/guardian-dev
--
Lunar
signature.asc
Description: Digital signature
___
tor-dev mailing list
tor
works:
https://www.torproject.org/docs/documentation.html.en#UpToSpeed
Everything you want to know about Tor design is available:
https://gitweb.torproject.org/torspec.git
--
Lunar
signature.asc
Description: Digital signature
ject.org/torspec.git/blob/HEAD:/proposals/219-expanded-dns.txt
Please contribute if you can!
--
Lunar
signature.asc
Description: Digital signature
___
tor-dev mailing list
tor-dev@lists.torproject.org
https:
nts to work.
--
Lunar
signature.asc
Description: Digital signature
___
tor-dev mailing list
tor-dev@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev
t Android apps amongst tor-dev
subscribers. Maybe the Guardian Project's mailing list is more
appropriate?
https://lists.mayfirst.org/mailman/listinfo/guardian-dev
--
Lunar
signature.asc
Description: Digital signature
isis:
> Lunar transcribed 2.9K bytes:
> > Matthew Finkel:
> > > I agree, and I think it's safe to assume that some nation-state
> > > adversaries do not have these capabilities yet. Users should choose
> > > obfs3 over obfs2, but if a user has a reason for
ken protocol still be advertised? Why should addresses of
insecure bridge still be distributed when we can just avoid them?
What do users get out of retrieving obfs2 bridge addresses that they
can't get when retrieving obfs3?
What does the Tor Project get when misleading users?
[1]:
ven't yet seen a DPI box do it
> IRL. If you want me to only hand out the holy grail, I'm never going to hand
> anything out.
The holy grail will never exist, indeed. I fail too see why this would
be a reason to continue giving out solutions that ar
e haven't yet seen a DPI box do it
> IRL.
That's news to me. Any pointers?
--
Lunar
signature.asc
Description: Digital signature
___
tor-dev mailing list
tor-dev@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev
n't just make Tor Browser stop accepting obfs2 because some people
are using obfs2 bridges right now. But we shouldn't add more people to
the set of users of a broken protocol.
--
Lunar
signature
Tim:
> I've found a few typos in the first few sections of 224-rend-spec-ng.txt at
> https://gitweb.torproject.org/torspec.git/blob/HEAD:/proposals/224-rend-spec-ng.txt
Feel free to provide your fixes in the form of a patch.
`git format-patch` can help crafting an email.
roxying solutions, “client
computers are themselves responsible for torifying their own traffic.”
[16]:
https://lists.torproject.org/pipermail/tor-talk/2014-February/032152.html
[17]: https://github.com/rustybird/corridor
--
Lunar
signature.as
This is mostly David Fifield's words from an email exchange.
---
I re-read proposal 203 the other day and wondered how it was related to
the meek pluggable transport. As I might not be the only one, I thought
it could be worthwhile to share David's answer. Feel free to improve!
proposals/203-htt
Lunar:
> Tariq Elahi:
> > What we would really like in order of importance is 1) a design review
> > of our proposal, […]
>
> Maybe it's a non-issue but “better ask than sorry”.
>
> If I get it, the idea is to publish a list of visited domain names and
> ho
. Would the privacy of
users be respected if a website contains a link to a per-visitor
generated hostname (using DNS wildcards)?
--
Lunar
signature.asc
Description: Digital signature
___
tor-dev mailing l
ike, and how
> transports look under the encrypted layer that is visible to a censor.
This is a beautiful and helpful piece of work. Thank you!
--
Lunar
signature.asc
Description: Digital signature
acking system next time.
--
Lunar
signature.asc
Description: Digital signature
___
tor-dev mailing list
tor-dev@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev
Arturo Filastò:
> We are pleased to announce that ooniprobe 1.0.2 has been released.
> […]
> Soon the debian package for it will also be updated.
Done:
http://packages.qa.debian.org/o/ooniprobe/news/20140511T113409Z.html
--
Lunar
sign
Ahmed:
> Is this the latest version of Tor specification protocol?
>
> https://gitweb.torproject.org/torspec.git?a=blob_plain;hb=HEAD;f=tor-spec.txt
You will find the latest specifications in that Git repository, yes.
--
Lunar
sign
erimental:
http://packages.qa.debian.org/t/torsocks/news/20140317T212304Z.html
--
Lunar
signature.asc
Description: Digital signature
___
tor-dev mailing list
tor-dev@lists.torproject.org
https://lists.torprojec
//blog.torproject.org/blog/critique-website-traffic-fingerprinting-attacks
It outlines future research work in evaluating the efficiency of
fingerprinting attacks, and also mention a couple of promising defenses.
--
Lunar
re a network administrator, you don't care about ports. You
don't care about internal IP addresses. You just want to say: “I want to
make a blog available”; and have the software reply: “Done, it's at:
idnxcnkne4qt76tg.onion. Spread the address around.” I should not need to
kno
create to
tunnel TCP connections to a remote system through SSH over Tor.
I am not sure what is the right move here. Perhaps allowing listen on
Unix sockets and localhost? Or maybe allowing listen() entirely?
--
Lunar
signature.asc
Description: Digital
Hartmut Prochaska:
> I changed a function in sandbox.c to not use a goto statement. I didn't
> understood what use it had. Attached the patch file.
See <https://www.kernel.org/doc/Documentation/CodingStyle>, Chapter 7,
“Centralized exiting of functions” for a rati
code be used to augment pyptlib? I guess Extended
ORPort is probably something that all Python pluggable transport
implementations might want.
--
Lunar
signature.asc
Description: Digital signature
___
tor
ike the original order.
For readdir(3), have a look at:
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=719845#39
--
Lunar
signature.asc
Description: Digital signature
___
tor-dev mailing list
tor-dev@lists
t you pass the circuit ID (or an opaque
wrapper object, actually) to the scanning module, and have the scanning
module pass that to the stream attacher when it has a stream ready?
(Feel free to ignore me if that sounds like non-sense. I only had a
qui
latforms, think of all blogs at
*.wordpress.com or *.noblogs.org. Why would the longer onion addresses
be a problem in that regard?
--
Lunar
signature.asc
Description: Digital signature
___
tor-dev ma
e vast majority of
Tor relays are run on stable servers and most of the traffic flows
through high capacity servers, hosted in datacenters behind high
capacity links. So I think picturing a laptop might be misleading…
--
Lunar
m...@rndm.de:
> In addition i fixed the current tests to work with the new version
> and added a jshint task[1] in the build process.
Please, please, please, don't depend on jshint. It is non-free software:
<https://github.com/jshint/jshint/issues/12
not but I came up
> with the attached (trivial) solution. Could someone please check if it's ok?
Best course of action is probably to attach the patch to the ticket, and
set the status to “needs_review”. Andrea or Nick are likely to take a
look the next time they'll scan op
ct.org/pipermail/tor-dev/2013-July/005122.html>
But the situation might have changed since then.
--
Lunar
signature.asc
Description: Digital signature
___
tor-dev mailing list
tor-dev@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev
eadlocking, I think it'll be good enough. That's why I
suggested that patch (actually broken, it needs better #if/#else).
--
Lunar
signature.asc
Description: Digital signature
___
tor-d
Lunar:
> David Goulet:
> > Now the issue was detected with firefox which uses a custom malloc hook
> > meaning that it handles its own memory allocation. This hook uses mmap()
> > that firefox redefines to be a direct syscall(__NR_mmap, ...) and
> > remember that
g
answer is doing just that:
<http://stackoverflow.com/a/10008252>
--
Lunar
signature.asc
Description: Digital signature
___
tor-dev mailing list
tor-dev@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev
e Tor network itself.
>
> Having cached copies available remotely make it possible for the blogger
> to get on-line, publish content and go back off-line, minimizing the
> amount of time and traffic spent on the Internet.
This is a really good idea, but maybe this
ards
everytime it starts. This opens the door to more traffic correlation
attacks. See the relevant FAQ for more details about entry
guards: <https://www.torproject.org/docs/faq.html.en#EntryGuards>
--
Lunar
signature.asc
project.org/projects/tor/wiki/torbirdy#TorBirdywithTorandTorLauncher
I'd like to add that we can probably also leverage the work done on
using Mozilla's updater in TBB to perform automatic updates of an
Instantbird bundle.
--
Lunar
tom
async resolution logic. The code is not great to follow, that's why I
stopped the effort of trying to write a fix once Mikkel Krautz
acknowledged the issue.
--
Lunar
signature.asc
Description: Digital signature
___
erify GnuPG
signatures would not have the problem and seems like a good idea.
At least, shipping it through addons.mozilla.org give the user some
basic trust path.
--
Lunar
signature.asc
Description: Digital signature
___
ain SSH. The
prefix “tor-pt-” would not really be appropriate then.
--
Lunar
signature.asc
Description: Digital signature
___
tor-dev mailing list
tor-dev@lists.torproject.org
https://lists.torproject.org/
Karsten Loesing:
> Feedback in the form of patches to the LaTeX sources is most preferred,
> though email replies are of course fine, too.
See attachments.
--
Lunar
From 22fed7b7155481904cb92136f9d04777fad72fde Mon Sep 17 00:00:00 2001
From:
> Is there something special i have to do in the config to benefit from
> the new changes mad to quicker peerform the handshakes between the circuits?
Tor 0.2.4.17-rc will prioritize ntor handshakes over TAP handshakes. But
TAP handshakes are still processed, and they are not scarce at the
ocess to get it approved and check in the file. I have modified the
> file src/or/config.c Who should I talk to? Thanks
This is actually a duplicate of #1922, opened 3 years ago.
The proper process is likely to submit a patch and set the ticket to the
"needs_rev
obots.thoughtbot.com/post/48933156625/5-useful-tips-for-a-better-commit-message
http://ablogaboutcode.com/2011/03/23/proper-git-commit-messages-and-an-elegant-git-history/
This is quite thorough:
https://wiki.openstack.org/wiki/GitCommitMessages
--
Lunar
description email in there? This was
a good explaination of why the change was actually needed! :)
> "GHC was recently changed to not allow you to use newtypes in FFI
> imports unless the constructor of the newtype is in scope." [1]
>
> [1] http://ghc.haskell.org/trac/ghc/ticket/
unction.
> The third patch removes 'TorDNSEL.System.Timeout'. There is a similar
> module in 'base'. […] There is another reason to remove
> 'TorDNSEL.System.Timeout': it's the only module that is not i
ys' view. Not ideal.
* IMHO, the y-axis of the bandwidth graphs should always start at 0
so multiple relays can be compared by layout graphs side by side.
How close is this piece of code to have feature parity with Atlas?
--
Lunar
;m sure someone will come with
something better.)
Usability wise, I wonder if we could implement some kind of web links
that could quickly add a new name in the local address book (after user
confirmation).
--
Lunar
signature.asc
Description: Digital
to have a look at your
changes, if you want/need some reviews. :)
--
Lunar
signature.asc
Description: Digital signature
___
tor-dev mailing list
tor-dev@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev
d be great.
In any cases, it's already quite an improvement. :)
--
Lunar
signature.asc
Description: Digital signature
___
tor-dev mailing list
tor-dev@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev
ould say "The Tor Browser" instead of "Your browser". It is not
the user's usual browser. I think it's also worth being more specific
than "you are connected" because it might be understood as "connected to
the Internet". Something like &quo
ts/tor/ticket/8645>
--
Lunar
signature.asc
Description: Digital signature
___
tor-dev mailing list
tor-dev@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev
71 matches
Mail list logo
