This may be not quite what you want, but the Estonia E-resident card
supports basic crypto with the private key on the smart card---i.e.,
you have to physically have the card to be able to read the encrypted
mail.
There are probably more elegant solutions than plugging into the
Estonia E-resident
April 2016, Rob van der Hoeven
wrote:
> On Sun, 2016-04-24 at 19:01 +0800, Virgil Griffith wrote:
> > It's unclear to me how this would be different than standard
> > panopticlick with >50% of the users using TBB.
>
> Hi,
>
> I'm looking for data on the browser
It's unclear to me how this would be different than standard panopticlick
with >50% of the users using TBB. But those not using TBB with had browser
statistics like the rest of the web (for example, all of the tor2web
traffic).
-V
On Sunday, 24 April 2016, Pierre Laperdrix
wrote:
> Hi Tor Comm
We'd obviously lose some connections if we lost MyFamily. And I'd prefer
not to lose them. However, if there's other needs which require the nuking
of MyFamily, my/Roster's world would not end.
-V
On Sunday, 17 April 2016, Tim Wilson-Brown - teor
wrote:
>
> > On
I'm not wholly in favor of keeping MyFamily in its current form. In Roster
we simply need a way to identify when two relays are owned by the same
operator. Worst comes to worst we could use the email address in the
ContactInfo, or some such.
There have been proposals to do more creative signatur
For whatever it's worth I never found the compile-time option for tor2web
mode to be offensive.
I remember Roger's original rebuttal against tor2web mode was, "Virgil, I'm
not going to make a 'Make Tor Go Faster Button' to be pressed by people who
don't know what they are doing."
I always thought
On Sun, Apr 3, 2016 at 4:04 PM, Yawning Angel wrote:
> Well, I did write an addon that just fetches content from archive.is
> whenever I get a Captcha. Does that count?
That's cool Yawning. Got a link to that? I'd like to try it.
-V
___
tor-dev mail
2016 at 1:37 PM, grarpamp wrote:
> On Tue, Jan 19, 2016 at 3:03 AM, Virgil Griffith wrote:
>> I.e., if I want the extra resistance to traffic analysis that higher latency
>> connections provide, is there a way to specify that in my Tor config?
>
> Higher latency, in and of it
I.e., if I want the extra resistance to traffic analysis that higher
latency connections provide, is there a way to specify that in my Tor
config?
-V
___
tor-dev mailing list
tor-dev@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/list
In our quantifications of relay diversity, knowing the IP addresses that
traffic exits from is important. Ways to have this information correctly
reported would be very helpful.
-V
On Thu, 14 Jan 2016 at 03:01 grarpamp wrote:
> On Wed, Jan 13, 2016 at 4:27 AM, coderman wrote:
> >>> ... only que
I would argue that the existence of this longer policy discussion, with no
obvious solution, is why it behoves us to separate policy (as much as
possible) from Tor's core mechanism.
-V
On Wed, 6 Jan 2016 at 21:42 Peter Tonoli wrote:
> Quoting Tim Wilson-Brown - teor :
> > If we ensure that Exits
Tom, to ensure I understand you clearly, is your argument that relays that
export only unencrypted shouldn't get the Exit Flag because
insecure/unecrypted traffic "isn't what Tor is intended for?" I want to be
sure that I'm fully understanding your proposal.
-V
On Wed, 6 Jan 2016 at 17:57 Moritz B
> Other protocols (SSH, IMAP,
> POP3, SMTP) are indeed more popular but I feel that those less reflect
> the goals of the project, and they are certainly abused more.
I hear you that these are abused more. But I personally think of Tor as a
mere mechanism than a mechanism+policy. For example, sh
I've been looking into simple graph-theoretic metrics for Roster to
quantifying Tor's susceptibility to traffic correlation attacks, mostly
using BGPStream, https://bgpstream.caida.org/ .
All of the academic literature I've read talks about the risk to Tor users
of an AS being in the path between
On Mon, Nov 9, 2015 at 10:01 PM, isis wrote:
>If you need some application to have the ability to associate your LinkedIn
>address with your relay, then write a program which uses (one of) your
For what it's worth, the LinkedIn reference was my attempt at humor to
add levity to otherwise
lternative suggestion for
allowing people to specify things like Bitcoin addresses I'm all ears,
but this was the path I was explicitly placed on. I will correct the
errors (A), (E), (G), (F). I am all ears on how to fix (H).
-V
On Mon, Nov 9, 2015 at 10:01 PM,
is motivation above is a
plausible reason to have more "non-activist" types running Tor relays---we
just have too many friends, a few foes would be a welcome addition!
-V
On Wed, Oct 28, 2015 at 1:11 PM Tim Wilson-Brown - teor
wrote:
>
> > On 28 Oct 2015, at 14:31, Virgil
Instead of WOT, it seems more desirable, and better fit diversity, to have
both your best friends and worst enemies on the same circuit. Ergo,
minimizing chance of collaboration.
-V
On Mon, 26 Oct 2015 at 01:30 grarpamp wrote:
> On Wed, Sep 23, 2015 at 8:44 AM, tor-dev had:
> > I agree with Roge
I started using Trac a bit more and the slowness is a little unpleasant.
Here are some stats:
http://www.webpagetest.org/result/151019_RW_387/
The time-to-first-byte is *painful* on both the first load as well as
reload.
Are there some ways we could improve this? If it's sever-power I'm willing
I met with some CDNs today and they have expressed interest in doing meek
for us.
Is there someone at Tor Project I can forward the CDNs to who are more
serious about hosting meek?
-V
___
tor-dev mailing list
tor-dev@lists.torproject.org
https://lists.t
> That'll be half a BTC please, lol: 161JvwnowBsojF4rRcdjMRcztoLb7R1qkN
My pleasure. You saved me half a BTC!
-V
On Sun, Oct 4, 2015 at 3:59 AM grarpamp wrote:
> On Sat, Oct 3, 2015 at 6:59 PM, Virgil Griffith wrote:
> > You are correct my good sir! This is indeed the b
> TBB plugin: T2W-OE - tor2web onion everywhere.
> Fork HTTPS-E.
> Maintain list of known t2w's.
> Plugin update from tpo.
> Matching engine rewrites t2w URL's to onions in TBB before the fetch.
You are correct my good sir! This is indeed the better way. Thank you! I
made a pull request to HTTP
On Sat, Oct 3, 2015 at 2:13 PM Tim Wilson-Brown - teor
wrote:
>
> On 3 Oct 2015, at 14:10, Virgil Griffith wrote:
>
> (2) If we (Tor Project) is going to ask MaxMind to do something special to
> distinguish TBB users, it seems reasonable we should make the same effort.
> I know
Yesterday Lief compellingly argued that if a TBB user accidentally clicks
on a link to my tor2web proxy (onion.link), that they should be redirected
to the .onion address. It hadn't occurred before that a Tor user might
accidentally click a onion.link URL, but yes I completely concur and I told
Lie
Yes I did. Here's the modified proposal.
Filename: ExtraRelayDescriptorFields.txt
Title: Adding X-namespace to extra-info descriptor for key:value pairs
Author: Virgil Griffith
Created: 2015-09-30
Status: Open
1. Motivation
We wish to allow developers to build new applications atop r
Filename: ExtraRelayDescriptorFields.txt
Title: Adding x-namespace to relay descriptor for key:value pairs
Author: Virgil Griffith
Created: 2015-09-30
Status: Open
1. Motivation
We wish to allow developers to build new applications atop relays. Towards
this end, we wish to add the ability for
Apologies for quick post.
If we want to a socially connected link, seems we can use the same
infrastructure for doing keysignings parties but we just use relay public
keys. That seems a nice distributed way of doing this.
On Thu, 24 Sep 2015 at 13:42 Virgil Griffith wrote:
> Can we not use
f the situation.
Re: socially connected. That's interesting. I'll see what I can do. Chat
more in Berlin.
-V
On Thu, 24 Sep 2015 at 13:19 Roger Dingledine wrote:
> On Wed, Sep 23, 2015 at 06:18:58AM +, Virgil Griffith wrote:
> > Exit nodes seem a nice place to start concret
ing the more knowledgeable for their opinion
and recommendation. Is there one?
-V
On Wed, Sep 23, 2015 at 2:47 PM Roger Dingledine wrote:
> On Wed, Sep 23, 2015 at 06:26:47AM +, Yawning Angel wrote:
> > On Wed, 23 Sep 2015 06:18:58 +
> > Virgil Griffith wrote:
> >
Let's try a simple special case. In an idealized Tor network, what would
the distribution of exit nodes look like?
* Would each exit node have the same bandwidth? Or would there instead be
only one exit node per AS?
* Would the number of exit nodes constitute exactly 1/3 of all Tor nodes?
Would t
We'll remove it.
-V
On Mon, 14 Sep 2015 at 05:20 Tom van der Woerdt wrote:
>
> On 13 Sep 2015, at 22:09, teor wrote:
>
>
> On 13 Sep 2015, at 18:18, Sean Saito wrote:
>
> >"No Self-Referencing Relays"
>
> >I'm not sure what exactly you mean by that but I assume it is a MyFamily
>
> >config wh
I looked into this.
Apparently Tor often uses the "low median", in cases where it needs to be a
middle value, but an inbetween value is not allowed. This is chiefly for
voting.
On Tue, Aug 11, 2015 at 10:49 PM Andreas Krey wrote:
> On Tue, 11 Aug 2015 13:44:48 +, Virgil G
n your data, which typically affect the
> mean very much.
>
> -j
>
> Virgil Griffith:
> > Is there some implementation-specific reason not to use the standard
> > mathematical definition of "median"? If not, I propose changing the
> > implementation to bec
Is there some implementation-specific reason not to use the standard
mathematical definition of "median"? If not, I propose changing the
implementation to become it.
-V
On Tue, Aug 11, 2015 at 2:44 AM Nick Mathewson wrote:
> On Mon, Aug 10, 2015 at 1:11 PM, nusenu wrote:
> > -BEGIN PGP SI
Probably not graphs. But the rest yes.
-V
On Wed, 29 Jul 2015 at 03:33 nusenu wrote:
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA512
>
> Hi,
>
> do you plan to add CW,CW fraction, measured bw (as soon as available
> via onionoo [1]), guard/exit probability, ... graphs to tor-roster?
> (simi
Hello everyone.
This is my first report on the Roster project and I wanted to give you
all an introduction what it is and where it's going.
I'm interested in seeing Tor grow. Current work towards this is
tor2web and now Roster. Roster is the rebranded continuation of the
"Torati" proposal which
One proposal I've liked is to socially discourage asymmetrical families by
giving them with bad badges on Roster. If A says B is part of their family
but B doesn't reciprocate, A gets a penalty to their bandwidth points.
I think right now the proposals are to either:
(1) move forward using Obser
This is my favorite paper on quantifying anonymity:
http://dimacs.rutgers.edu/Workshops/Anonymous/bagai.pdf
-V
___
tor-dev mailing list
tor-dev@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev
> So, what do we think? I'd say that MyFamily is likely to continue to
"Virgil's gamification site" needs a MyFamily, ergo I am in favor of
keeping MyFamily, whether it be in the current, prop242, or
alternative form. Obviously the prop242 form is a much better
rendition of MyFamily, but unless
If you're into android Orbot always comes to mind.
On Tuesday, December 16, 2014, Abhiram Chintangal <
abhiram.chintan...@gmail.com> wrote:
> Hello,
>
> I am a student and I am thinking of getting myself more involved in the
> tor project over the winter break.
>
> Previously, I worked briefly o
At the top of the page,
> *And if you come across something that is missing here, please let us know.
For "let us know", put an href to an email address/contact-info for
submitting ideas.
-V
___
tor-dev mailing list
tor-dev@lists.torproject.org
https
> Thanks for offering to help!
>
> My main goal with this project would be to increase visibility of
> Hidden Services: make it easy for people to find Hidden Services that
> want to be found.
>
> Search engines are very important for this, since they basically make
> the Internet easy and fast to
> - Opt-in HS indexing service
I offer to captain and lead development of this one.
-V
___
tor-dev mailing list
tor-dev@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev
Will a longer version of this paper be coming out, particularly one for
developers?
-V
___
tor-dev mailing list
tor-dev@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev
To avoid squashing the Tor network with all of these new clients, the
company would almost certainly have to run some big relays to help
compensate for the additional load. Another proposal would be some sort of
incentive for running relays.
-V
___
tor-
Aside from future incorporations into Tor, do you currently have the
ability to have two consensus files and output the relays/data that have
changed?
-V
___
tor-dev mailing list
tor-dev@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/l
Hidden services quickly come to mind.
Are there other candidates? I can imagine people deciding not to view
certain content through Tor because of speed (e.g., pornhub). But I
suspect I am missing some use cases.
-V
___
tor-dev mailing list
tor-dev@li
e.g. https://imgur.com/sZUKADG
I will donate.
-V
___
tor-dev mailing list
tor-dev@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev
Damian and I worked through this off-list and this is the output of our
consensus.
URL:
https://dl.dropboxusercontent.com/u/3308162/ExtraRelayDescriptorFields.v3.txt
Any further revisions to be made before adding this to torspec?
-V
___
tor-dev mailin
Filename: ExtraRelayDescriptorFields.txt
Title: Adding new X- fields to relay descriptor
Author: Virgil Griffith, Nick Mathewson
Created: 2014-06-03
Status: Open
1. Motivation
We wish to allow developers to build new applications atop relays. Towards
this
end, we wish to add the ability for
Hi griffin! Come join me at the Mozilla room and liberate this key from my
grasp!
In response to your concern, I modify the proposal that there be a torrc
schema which forbids unknown keys (unless they start with X-). And the Tor
program rejects the relay if the torrc doesn't match the schema.
URL:
https://dl.dropboxusercontent.com/u/3308162/ExtraRelayDescriptorFields.txt
Fulltext below. Comments appreciated.
-V
===
Filename: ExtraRelayDescriptorFields.txt
Title: Adding new X- fields to relay descriptor
Author: Virgil Griffith, Nick Mathewson
Created: 2014-06-03
It's already established that, for clients, onion-pi's are
discouraged---onion-pi wifi doesn't protect enough (I.e., at all) from
browser-based attacks.
Given that, The question is now, "Are onion-pi's are good enough to be
useful relays?" Roger said no. Is there a more informed opinion on this
Roger et al, I'm interested in something like onion-pi to be a Tor relay.
Is there something with enough COU to be viable? I know nothing about
this embedded scene.
-V
___
tor-dev mailing list
tor-dev@lists.torproject.org
https://lists.torproject.org/c
What is the current state of the art on this, and if it is ready for
larger deployment want to buy about 50-100 of them.
-V
___
tor-dev mailing list
tor-dev@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev
> Also, theconcept of naming authorities is about to be phased out [1], so
> better not build new services that rely on nicknames.
Karsten I love you. Not only do you have fine ideas, you are the greatest
feedback provider in the world.
Agreed 100%. Replace key-by-nickname with key-by-finger
ed it, it's not endorsed by the Tor
> Project... and it'll never work.
> The non-financial-incentivizing ideas in your post sound OK... perhaps
> a bit unnecessary.
>
> Sincerely,
>
> David
>
>
> On Tue, Jun 10, 2014 at 12:26 AM, Virgil Griffith > wrote:
> >
ething
along the lines of "Tor Ninja". It's a positive term that one is
proud to call oneself. The name was
chosen as a component of the reputation social incentive.
-Virgil
On Tue, Jun 10, 2014 at 1:19 AM, Karsten Loesing
wrote:
> [Attempting to move this discu
For a while I've been seeking to grow the Tor network in both size and
goodput. Towards this end, I've explored various avenues such as
increasing user-awareness via tor2web. More recently, I've been exploring
financial incentives like TorCoin.
Not wanting to strictly limit ourselves to financia
www.hola.org
First impression it looks they aim to do the same things Tor does.
___
tor-dev mailing list
tor-dev@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev
The URLs are the same. They are:
(1) http://dl.dropbox.com/u/3308162/230-quicken-tor2web-mode.txt
(2) http://dl.dropbox.com/u/3308162/231-remittance-addresses.txt
I clarified them a bit and corrected the formatting. Previously
people asked for more details such as what other specs will be
affec
I have two proposals to add to the torspec.git. They are:
(1) http://dl.dropbox.com/u/3308162/230-quicken-tor2web-mode.txt
(2) http://dl.dropbox.com/u/3308162/231-remittance-addresses.txt
If someone with commit rights will add them that'd be lovely and we
can ignore the rest of this message.
I
Filename: ???-quickening-tor2webmode.txt
Title: Making Tor2Web mode faster
Author: Virgil Griffith, Fabio Pietrosanti, Giovanni Pellerano
Created: 2014-02-23
Status: Open
1. Introduction
While chatting with the Tor archons at the winter meeting, two speed
optimizations for tor2web mode [1] were
Sitting with David Goulet, it's problematic that when I search for
"torsocks" I get the old Google Code page instead of the up-to-date
page on http://gitweb.torproject.org
This is problematic because people report bugs to the Google Code
repository instead of the torproject repository.
Jake/Rober
I'm putting together a proposal for adding anonymous blocklisting into the
Tor such that websites that block Tor can block single problematic users
instead of all Tor exit nodes.
Towards this end, I am looking for papers/prior work in this area to draw
from. Pointers anyone?
Enjoyed the Iceland
65 matches
Mail list logo
