sharing your idea.
> >
> > That said, there are a few big issues with your proposal:
> >
> > 1.) Centralization of trust: Giving a fixed group of “original volunteers”
> > special relay status adds centralized points of trust and failure. Tor has
> > al
Hey,
Thanks for sharing your idea.
That said, there are a few big issues with your proposal:
1.) Centralization of trust: Giving a fixed group of “original volunteers”
special relay status adds centralized points of trust and failure. Tor has
always aimed to avoid that — no single group
Hi tor, I wanted to contact you about an idea I want to share with you. My idea
is making all the original volunteers (who were in the project since the
project begun) run a new relay, it’s like some sort of shield. And no one else
other than the volunteers can make that shield node. The tor
com/Ch1ffr3punk/pluto
>
> I post it here, because on the regular Tor forum
> it did not yet received any attention, in form of replies.
>
> Best regards
> Stefan
___________
tor-dev mailing list -- tor-dev@lists.torproject.org
To
Hi gentlemen,
I would like to introduce you to pluto an smtp relay wich is
using ORBs and would like to know your thoughts.
https://githib.com/Ch1ffr3punk/pluto
I post it here, because on the regular Tor forum
it did not yet received any attention, in form of replies.
Best regards
Stefan
on gitlab, or to discuss here.
Discussion on the forum is also okay!
peace,
--
Nick
___
tor-dev mailing list -- tor-dev@lists.torproject.org
To unsubscribe send an email to tor-dev-le...@lists.torproject.org
___
tor-dev mailing list -- tor-dev@lists.torproject.org
To unsubscribe send an email to tor-dev-le...@lists.torproject.org
.
:w
___
tor-dev mailing list -- tor-dev@lists.torproject.org
To unsubscribe send an email to tor-dev-le...@lists.torproject.org
Onion Association authentication.
This proposal was written by Paul Syverson, I'm announcing it on his
behalf.
Feel free to open tickets on gitlab, discuss here, or also on the Tor
Forum.
--
Micah Anderson (he/him)
Director of Engineering
The Tor Project, Inc. <https://t
Onion Association authentication.
This proposal was written by Paul Syverson, I'm announcing it on his
behalf.
--
Micah Anderson (he/him)
Director of Engineering
The Tor Project, Inc. <https://torproject.org>
___
tor-dev mailing list -- tor-dev@list
Dear Tor team,
I recently submitted a proposal to Google Summer of Code 2025 titled
"Graph-Based Analysis of Relay Partitioning in the Tor Network", focused on
detecting partitioning patterns through graph data science techniques.
Although the project is still in its proposal pha
scuss here.
Discussion on the forum is also okay!
best wishes,
--
Nick
_______
tor-dev mailing list -- tor-dev@lists.torproject.org
To unsubscribe send an email to tor-dev-le...@lists.torproject.org
ikely to be _worse_ than our
current malleable relay encryption.
Please feel free to open tickets on gitlab, or to discuss here.
Discussion on the forum is also okay!
cheers,
--
Nick
_______
tor-dev mailing list -- tor-dev@lists.torproject.org
To unsubscribe
I added this as:
https://gitlab.torproject.org/tpo/core/tor/-/issues/41046
kind regards,
nusenu
--
https://nusenu.github.io
___
tor-dev mailing list -- tor-dev@lists.torproject.org
To unsubscribe send an email to tor-dev-le...@lists.torproject.org
On Tue, Apr 08, 2025 at 08:32:24AM -0400, Nick Mathewson via tor-dev wrote:
> > Is tor able to use secondary groups?
>
> Hm. In src/lib/process.setuid.c, it looks like we're only calling
> setgroups() with a single gid from the password database, not with any
> additio
we're going to change their state from
"Open" to "Accepted" in about a week. If anybody would like to
comment, either here or on the bugtracker
(https://gitlab.torproject.org/tpo/core/torspec/), that would be
great!
best wishes,
--
Nick
_____
On Thu, Apr 3, 2025 at 6:29 PM nusenu via tor-dev
wrote:
>
> Hi,
>
> given the following example, tor fails to access the familykeydir folder.
>
> familykeydir has the following permissions:
>
> drwxr-x--- 2 root tor_reader
>
> id _tor
> uid=996(_tor) gid=993(_tor
Hi,
given the following example, tor fails to access the familykeydir folder.
familykeydir has the following permissions:
drwxr-x--- 2 root tor_reader
id _tor
uid=996(_tor) gid=993(_tor) groups=993(_tor),994(tor_reader)
Is tor able to use secondary groups?
When using sudo to switch to user
the forum is also okay!
cheers,
--
Nick
___
tor-dev mailing list -- tor-dev@lists.torproject.org
To unsubscribe send an email to tor-dev-le...@lists.torproject.org
tickets on gitlab, or to discuss here.
Discussion on the forum is also okay!
cheers,
--
Nick
___
tor-dev mailing list -- tor-dev@lists.torproject.org
To unsubscribe send an email to tor-dev-le...@lists.torproject.org
https://spec.torproject.org/proposals/355-revisiting-pq.html
This proposal updates earlier proposals about postquantum cryptography
in Tor circuit extensions, to handle changes in Tor and the PQ
landscape since those proposals were written.
Please feel free to open tickets on gitlab, or to
scuss here.
Discussion on the forum is also okay!
cheers,
--
Nick
_______
tor-dev mailing list -- tor-dev@lists.torproject.org
To unsubscribe send an email to tor-dev-le...@lists.torproject.org
e pages on a daily basis ;) So in case
if it not a time critical, we get the information about a new release without
any need from your side to inform me :)
Regards
hefee
signature.asc
Description: This is a digitally signed message part.
___
tor-dev
s more processes, possibly of different archs (e.g. `torsocks bash
-c "wget ..."`)
Yes it would be nice, if torsocks could detect the arch correctly, but I also
thought at these complications about subprocesses.
Regards,
hefee
Thanks for reaching out!
-Jim
____
sibly of different archs (e.g. `torsocks bash
> -c "wget ..."`)
Yes it would be nice, if torsocks could detect the arch correctly, but I also
thought at these complications about subprocesses.
Regards,
hefee
signature.asc
Description: This is a digitally signed message part.
This looks basically ok to me. More below:
On 3/10/25 8:50 AM, Hefee via tor-dev wrote:
Hey,
in Debian we want to enable mutli-arch support for torsocks. To be able to run
different binaries of different archs.
We already splitted libtorsocks into own package, so you can now install
e.g
s-multi-arch-foreign-compatible.patch
The issue I see is this:
If arch from executable and the corresponding libtorsocks is not installed,
only a Error is printed, but still the executable is executed without routing
trough tor. The disabled check in torsocks could somehow catch this, if we
would knew the ar
.torproject.org/tpo/core/torspec/-/issues/307
Comment here is also acceptable.
--
Mike Perry
_______
tor-dev mailing list -- tor-dev@lists.torproject.org
To unsubscribe send an email to tor-dev-le...@lists.torproject.org
On 01/03/2025 17.33, techmetx11 via tor-dev wrote:
Are there any plans to revamp the algorithm for newer Tor versions?
I don't think so. All the focus right now is on getting Arti into a
state where it can replace all of Tor's current usage. Arti has just
gotten an RPC layer that
Although several parts of Tor have been redesigned and upgraded over
many years, the algorithm for the HashedControlPassword still remained
the same.
It still uses SHA-1 as the basis of the OpenPGP S2K algorithm, despite
the fact that the algorithm has long-since been obsolete by newer and
better
its dependencies.
So we need at least 1 new co-maintainer to take over this duty.
Metadata Cleaner is a Python GTK application built on top of mat2,
which does the heavy lifting of metadata cleanup. Fun fact: mat2
originates from MAT, which was created in 2011 as part of a Tails/Tor
GSoC project (h
Hi,
I noticed the following when checking journalctl logs from Tor:
> Nov 13 19:51:10 matrix tor[615]: Nov 13 19:51:10.000 [warn]
> tor_bug_occurred_(): Bug: src/core/or/relay.c:2354:
> connection_edge_package_raw_inbuf: Non-fatal assertion
> !(conn->base_.marked_for_close)
On Tuesday, October 22nd, 2024 at 11:24 PM UTC, Watson Ladd wrote:
>
>
> On Tue, Oct 22, 2024, 4:15 PM wrote:
>
> On Tuesday, October 22nd, 2024 at 9:04 PM UTC, Watson Ladd wrote:
>
> > On Tue, Oct 22, 2024 at 3:47 AM stifle_savage042--- via tor-dev
> > tor-
On Tuesday, October 22nd, 2024 at 9:04 PM UTC, Watson Ladd wrote:
> On Tue, Oct 22, 2024 at 3:47 AM stifle_savage042--- via tor-dev
> tor-dev@lists.torproject.org wrote:
>
> > Hi all,
> >
> > I want to promote some recent work of mine in the hope that someone here
>
x27;s the repository:
https://github.com/devnetsec/rand-num-consensus. The integrity of the entropy
can only be compromised if all nodes in the ring are malicious and coinciding.
Currently, a Tor client cannot anonymously connect to an onion service by
directly contacting the rendezvous point, beca
- I don't understand why SNI is being be discussed here, ESNI/ECH wouldn't
bring much to Tor, there are better ways than looking at the client hello to
detect a Tor relay, starting by its IP being public.
Hey, looks like you misunderstood me, I was not talking about relay detec
ick thoughts on this.
On Friday, October 4th, 2024 at 9:56 AM, Q Misell via tor-dev
wrote:
> Hi all,
>
> I know the discussion on how best to support UDP applications over Tor has
> dragged on for a long time, so I thought what better to do than to throw
> another item t
Hi all,
I know the discussion on how best to support UDP applications over Tor has
dragged on for a long time, so I thought what better to do than to throw
another item to bikeshed into the discussion :)
On a more serious note I think running Tor over QUIC would provide several
advantages - both
> >> monocultured libraries (libcurl) is an advisable approach.
> >
> > If Curl is outright banning ".onion" at the level of the Curl source
> > code, I would not support that on the grounds that are described in
> > bullet point 2 of section 2, here, which I will
ewson
> Created: 9 September 2024
> Status: Open
> ```
>
> ## Introduction
>
> Currently, Tor implementations use
> the SOCKS5 username and password fields
> to pass parameters for stream isolation.
> (See the `IsolateSocksAuth` flag in the C tor manual,
> and the "Stre
> Why not make an image that has an install wizard to set nicknames etc, and
> keeps other settings up to date to best current practices?
I think this could be a good idea, within the Tor installation panel you could
structure a page that firstly contains the question “Do you want to cont
On Donnerstag, 29. August 2024 08:40:08 CEST George Hartley via tor-dev wrote:
> 1. You MUST have read the manual, at least the entries explaining the
> settings in your Tor configuration file. Please take a look at it here:
> https://2019.www.torproject.org/docs/tor-manual.html.en
> The relays do not have a proper configuration, the standard nickname, etc.
Why not make an image that has an install wizard to set nicknames etc, and
keeps other settings up to date to best current practices?
Saying that you *must* have digested the inner workings of Tor first is a
lit
We want people to be knowledgeable, and these "do it one time and forget about
it" websites are not helping.
I personally believe, that if you want to host a Tor node:
1. You MUST have read the manual, at least the entries explaining the settings
in your Tor configuration file. Ple
On Sonntag, 25. August 2024 15:07:48 CEST Alessandro Greco via tor-dev wrote:
> I have been thinking about creating a web app that generates a script to
> configure a Tor node based on the settings defined by the user.
> I'm not sure if something like this already exists, but I thi
Hello everyone,
I have been thinking about creating a web app that generates a script to
configure a Tor node based on the settings defined by the user. Let me explain
a bit further.
This web app could work either entirely on the client side using JavaScript or
on the server side. I believe a
Cancel what exactly?
You can unsubscribe from the list by logging in to the account that you have
created.
Sincerely,
George
On Wednesday, August 21st, 2024 at 2:38 PM, tj wrote:
> Sent from my iPhone
> ___
> tor-dev mailing list
Dear Tor Project Developers,
I hope this email finds you well. I am writing to share with you a project [1]
I have been working on called Tor Watchdog Bot [2], and I believe it may be of
interest to you.
Tor Watchdog Bot is a Telegram bot designed to monitor the status of Tor relays
and
Hi,
I looked at the suggested solutions and I think there is another approach,
which is much easier.
I C it's pretty easy to encapsulate UDP segments inside TCP segments. Hence
there is no need to re-organize the connection logic of tor relays. Instead it
should be possible to make G
Dear Tor Volunteers and Developers,
We are reaching out to you today to seek your invaluable expertise and insights
in shaping the future of Tor relay updates. As part of an MSc Dissertation, a
comprehensive study is underway to gain a deeper understanding of the
significance of Tor relay
after
validation.
For Onion
Native Application (like Tor Browser), a TLS certificate is
trusted if it is issued by a trusted CA, or it has a valid onion
certificate seed extension. This means this certificate issue
model does not absolutely
. This allows non Tor Browsers user agents to
access the Tor network via a proxy (SOCKS etc), doing otherwise would
require all browsers to understand Tor. It also opens up new opportunities
such as payment processing as current PCI DSS requirements do not allow
non-standard TLS.
Current hidden
1:02:28PM +0100, Q Misell via tor-dev wrote:
> > Security Considerations:
> > The second layer descriptor is encrypted and MACed in a way that only
> a party
> > with access to the secret key of the hidden service could manipulate
> what is
> > published there.
Hi all,
I've spent some time working on ACME for Tor hidden services (you may have
seen discussion of this work on the onion-advisors mailing list). Full
details of the project are available at https://e.as207960.net/w4bdyj/AX8Ffqsd
Attached is my proposal for a change to the Tor Rende
Hi,
I was the one who raised the issue of DeepCorr being able to perform
traffic correlation with a high degree of accuracy but it seems like that
WTF-PAD which is currently implemented in Tor does defend against the
DeepCprr attack. I could be wrong but this seems to be my understanding.
The
a connection, it is well documented that they can
correlate with high accuracy and low false positives. And this was
understood, if not yet experimentally validated, not just when we
first made Tor, but for pre-Tor versions of onion routing.
The issue discussed in the paper is to be able to look
compelled to cooperate with the government making this attack plausible.
The ISP and the website operators are the two endpoints for this attack.
This attack was able to achieve a success rate of over 96% which
represents a serious threat to Tor users in these regions. The paper also
includes some
repo.
___
tor-dev mailing list
tor-dev@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev
Anyone knows how he did it? Seems kind of wierd he says he is against
oppressive regiments but doesn't give any useful information about what the
issue is.
Original Message
On Jan 9, 2023, 10:16 AM, wrote:
> Hi, https://github.com/scriptzteam/Tor-Bridges-Collector
Hi,
https://github.com/scriptzteam/Tor-Bridges-Collector
Seems an attacker has found a way to enumerate ~30 snowflakes and
many bridges. I couldn't find any discussion about this in the archive.
Thanks,
OpenPGP_0x45E5F8C1504CDA42.asc
Description: OpenPGP public key
OpenPGP_sign
Hello.
I am trying to make a tor only allow traffic through onion services and exit
nodes.
I would like to blacklist all domains first, as that is simple and does not
need to be updated,
then whitelist all onions and exits.
Reason: I am hosting an onion service, but I don't want any c
tic design flaws.
Am Do., 11. Aug. 2022 um 17:13 Uhr schrieb Martin Neuenhofen <
martinneuenho...@googlemail.com>:
> Sorry to bother again.
> An equally good solution to replacing
>
> *client_socket = socket.socket(socket.AF_INET,
> socket.SOCK_STREAM)client_socket.connect(ip,por
Sorry to bother again.
An equally good solution to replacing
*client_socket = socket.socket(socket.AF_INET,
socket.SOCK_STREAM)client_socket.connect(ip,port)*
with a TOR solution could be via a command line interface:
os.system("torsocketprogram -send 123.45.67.89 9000 filename.bytes&
Dear Tor Developers,
in my application, a client connects to a server via:
*client_socket = socket.socket(socket.AF_INET,
socket.SOCK_STREAM)client_socket.connect(ip,port)*
I want to replace these two lines to create a client_socket whose IP
address cannot be seen by the server. The application
Hello everyone.
I'm experimenting with Tor network and wanted to build a circuit via
unpublished relay (PublishServerDescriptor 0). To do so, I set up a
relay, got its authority descriptor, imported it with +POSTDESCRIPTOR in
the client using control port and tried to build a circuit
I had a conversation about this on OFTC #tor:
Is it intended that tor doesn't set supplementary groups when starting
as root and then doing setgid? This describes my issue:
https://tor.stackexchange.com/questions/23225/tor-cant-read-hiddenserviceport-unix-socket-through-group-permissions
Permissions are set so tor should be able to access through the
`postfix-test-queue` user:
> $ sudo ls -l /var/spool/postfix-test/public/smtpd
> srw-rw-rw- 1 postfix-test postfix-test 0 █
> /var/spool/postfix-test/public/smtpd
> $ sudo ls -l /var/spool/postfix-test
> # ...
Premise: I had already tried to write to this mailing list, I apologize
if I send another email.
Hi everyone I created a Firefox extension a few week ago that allows
users to use some of the Tor Browser torrc-related features through a
simple and intuitive graphical interface, like Orbot App
Hey all, I want to get to know the TOR codebase so I can contribute to the
project. To do this I have been doing a few projects of just doing sort of
basic tasks to get an idea for how it all works together. One thing that is
giving me a bit of trouble but seems like it should be simple is
Dear Tor-Dev,
My name is Alessandro Greco and I am an Italian computer science student, I am
finishing my studies and therefore I am working with my thesis and, as a topic,
my supervisor and I have chosen the Tor network.
The work done focuses entirely on the Tor Browser torrc configuration
Hi guys
A complete non-dev/programmer here so please go easy on me.
I'm trying to compile torsocks with 'mock', while 'tor'
compiles okey for 'torsock' I fail with:
...
configure.ac:20: comes from Automake 1.16.1. You should
recreate
configure.ac:20: acloc
key but you don't know which for privacy
>
> reasons".
>
> > As an operator, an alternative would be to generate one (authenticated)
> >
> > onion service per user and route them all to the same place with
> >
> > different Host headers, but that s
simple web of trust
>
> for relay operator IDs:
>
> https://gitlab.torproject.org/nusenu/torspec/-/blob/simple-wot-for-relay-operator-ids/proposals/ideas/xxx-simple-relay-operator-wot.md#a-simple-web-of-trust-for-tor-relay-operator-ids
>
> This is related to:
>
> https://gi
hority and can MiddleOnly the whole Tor network.
___________
tor-dev mailing list
tor-dev@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev
I saw an email on the Wiki mailing list concerning a multilingual
version of Tor. If that was made possible your language tag be used to
track you. This could break your anonymity. Your thoughts?
___
tor-dev mailing list
tor-dev@lists.torproject.org
Hello, I was going through the Tor proposals which have now been closed. I have
been looking for discussion regarding those proposals (here -
https://gitweb.torproject.org/torspec.git) Could you link me to some discussion
threads because I couldn't find much on them?
Than
On Wednesday 06 August 2014 05:04:48 David Fifield wrote:
> You probably need to kill your qemu process and start "build-alpha"
> again. See:
> https://trac.torproject.org/projects/tor/wiki/doc/TorBrowser/BuildingWithGit
> ian#AssemblyErrorsinMismatchedArchitectureCode
Thanks
op'
x86cpuid.s:225: Error: relocated field and relocation type differ in
signedness
x86cpuid.s:253: Error: invalid instruction suffix for `push'
x86cpuid.s:262: Error: invalid instruction suffix for `pop'
x86cpuid.s:270: Error: invalid instruction suffix for `push'
x86cpui
Hello David,
> Yes, UDP is simply not supported by Tor thus it will be rejected
> when opening the socket. Actually, it's not only UDP that should be
> blocked but *every* other protocol except TCP. For instance, there
> is no way to send icmp request through Tor thus we don'
alpha
>
> Georg
Thanks Georg. That resolved the error.
___________
tor-dev mailing list
tor-dev@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev
On Saturday 14 December 2013 19:26:41 Georg Koppen wrote:
>
> FWIW, this is probably https://trac.torproject.org/projects/tor/ticket/10153
>
> Georg
I am seeing the following error for the Mac bundle:
** Starting TorBrowser Component of Mac Bundle (2/3 for Mac) **
sha25
On Friday 13 December 2013 14:21:10 David Fifield wrote:
> Do you have the same symptoms we experienced? That is, during the build
> of tor for lucid-i386, you have a qemu process running with image
> target-precise-amd64.qcow2? And if you ssh into the VM with
&g
On Thursday 12 December 2013 09:35:45 Kevin P Dyer wrote:
> Hi Mike/dcf1,
>
> Building the pt branch [1] of tor-browser-bundle on Ubuntu 13.04,
> 64-bit resulted in the following error:
>
Same error here with Ubuntu 12.04 64-bit. My system runs with the linux-
image-generic (linux
it explicitly rejects UDP traffic. It would be possible
to block UDP traffic in InjectSOCKS as well. By the way, why does Tor
not support UDP via SOCKS?
The Torsocks documents also say that it blocks local traffic as well.
While implementing InjectsSOCKS I saw that some Windows software
needs local
ternet Explorer only works
partly) - but it's at least a proof of concept :-)
Regards,
ghostmaker
___________
tor-dev mailing list
tor-dev@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev
Hello,
I've first sent this e-mail to h...@rt.torproject.org and the answer
was to send a copy of it to the "tor-dev mailing list". So that's
what I do:
I just wanted to let you know that I've created a small new tool for
Windows called InjectSOCKS that can force othe
___
tor-dev mailing list
tor-dev@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev
This was a HTML5 video.
Thank you All for answers.
___
tor-dev mailing list
tor-dev@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev
Hi,
I've installed Tor Browser Bundle for Windows (tor-browser-2.3.25-2_ru)
I didn't change any settings. When I visit any html-page on which there is
a flash video i can see it, flash works! Why? It must not work!
In settings(plugins) "Flash plugin" is disabled and it is ina
On Sunday 05 May 2013 14:50:51 George Kadianakis wrote:
> It would be interesting to learn which ports they currently whitelist,
> except from the usual HTTP/HTTPS.
>
> I also wonder if they just block based on TCP port, or whether they
> also have DPI heuristics.
>
> On t
n
> source, 100% free, and you can even fork the project yourself on github.
>
> Its goal: Create a simple to use client side, RSA public key encryption
> for microblogging on the internet.
>
> The reason I am reaching out to you is I am I am interested in creating
> a clien
91 matches
Mail list logo
