On 2015-02-03 21:28, Andrew Roffey wrote:
Except for the few big names, most domain providers do not provide
inexpensive certificates so the point is not invalid (yet). I don't
think changing domain providers to bundle the cost is a reasonable
solution to the high costs of certificates.
HTTPS c
On Wed, Feb 4, 2015 at 7:07 PM, grarpamp wrote:
http://www.pcmag.com/article2/0,2817,2476275,00.asp
...you will very soon be kissing any rights to freedom and self managed
privacy you now enjoy on the internet goodbye forever.
I'm not, but some would say that LEAs & gov'ts figuring out how to
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
On 02/05/2015 12:15 AM, Max Bond wrote:
> What are you proposing we do?
>
*** You can help push the P2PNames Internet Draft through IETF to ensure
that there's at least a standard technical support for
censorship-resistant alternatives to global nam
What are you proposing we do?
On Wed, Feb 4, 2015 at 7:07 PM, grarpamp wrote:
> http://www.pcmag.com/article2/0,2817,2476275,00.asp
>
>
> Do not underestimate the precedence of the Chinese,
> Facebook and the rumblings in the UK/US/etc. Code all
> you want, but unless you start acting now in rea
http://www.pcmag.com/article2/0,2817,2476275,00.asp
Do not underestimate the precedence of the Chinese,
Facebook and the rumblings in the UK/US/etc. Code all
you want, but unless you start acting now in realworld politics
to prevent this type of stuff (ID/names, anti-crypto, etc), you
will very s
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
On 02/03/2015 06:25 PM, Seth David Schoen wrote:
> The Tor Project itself has found that users often don't verify GPG
> signatures on binaries (I think Mike Perry quoted some statistics
> about
This might provide some insight:
http://arstechnica
AntiTree:
> It appears the repo has moved or been deleted? https://github.com/rustybird/
> corridor
>
> Is this on purpose while addressing the issue that Gavin brings up?
I don't think so. Looks like rustybird [Or someone else? Unlikely?]
deleted the whole account. See https://github.com/rustybi
It appears the repo has moved or been deleted? https://github.com/rustybird/
corridor
Is this on purpose while addressing the issue that Gavin brings up?
On Wed Feb 04 2015 at 5:54:43 PM Gavin Wahl wrote:
> > https://github.com/rustybird/corridor/#pitfalls
> > > corridor cannot prevent malware
> https://github.com/rustybird/corridor/#pitfalls
> > corridor cannot prevent malware on a client computer from directly
> > contacting a colluding relay to find out your clearnet IP address.
I don't think this disclaimer is strong enough. With the 'getinfo address'
command, malware doesn't even n
We have a new alpha build of Orbot that uses the Android VPN API to
route all Android device traffic over Tor without root. This is
obviously focused on circumvention and not anonymity, allowing people to
use apps over Tor that are blocked in specific countries or contexts.
We are also considering
On Wed, Feb 4, 2015, at 06:23 AM, Alec Muffett wrote:
> Specifically, we will be testing some experimental code to support both
> “www-” and “m-site” onion addresses, which will bring to Tor the “mobile”
> Facebook website as described in the original announcement:
Just tried this today from Andro
Hi
When you have a website that is available from a tor secret service, how
do you forbid access to url restricted to ip=localhost?
I'm thinking of apache default http://x.onion/server-status for example.
Using "a2dismod status" is the obvious solution for that one, but does
anyone had a mor
On Tue, 03 Feb 2015 21:28:42 -0800, Andrew Roffey
wrote:
I don't suppose one could purchase a dummy domain with Namecheap and
then ask them to sign a certificate for the real domain (with another
provider)? I suspect not, but please correct me if I'm wrong.
That's a damn fine questionp. My gu
Just for the story about startssl, unlike Confidant Mail which should
use https, I think, despite of the fact that they don't trust it, like
all of us, it's still better than nothing, I have explained several time
here why we could not use https to retrieve the Peersm code.
There was an artifi
On 04/02/15 13:19, Paul Syverson wrote:
> On Wed, Feb 04, 2015 at 06:58:28AM +0100, CJ wrote:
>>
>>
>> On 02/04/2015 06:19 AM, Seth wrote:
>>> On Tue, 03 Feb 2015 20:01:36 -0800, Andrew Roffey
>>> wrote:
- there is a cost of obtaining HTTPS signatures.
>>>
>>> Not certain if the deal is st
On Wed, Feb 04, 2015 at 06:58:28AM +0100, CJ wrote:
>
>
> On 02/04/2015 06:19 AM, Seth wrote:
> > On Tue, 03 Feb 2015 20:01:36 -0800, Andrew Roffey
> > wrote:
> >> - there is a cost of obtaining HTTPS signatures.
> >
> > Not certain if the deal is still being offered, but for quite a while
> >
Tor Weekly News February 4th, 2015
Welcome to the fifth issue in 2015 of Tor Weekly News, the weekly
newsletter th
Hi All,
Apologies for mailshotting the list but it seems the most effective way to
share this information.
We’ve been busy here in Facebook's Security Infrastructure team, and my
colleague Michal Nanasi has been building additions to the Facebook Onion Site.
We intend to test some of the addit
18 matches
Mail list logo
