Re: [tor-talk] Clarification of Tor's involvement with DARPA's Memex

Mirimir: > Nothing implemented at useful scale provides better anonymity than Tor. > I2P and JonDonym are interesting, but (other issues aside) are too > small. I believe that combining Tor with other systems, using nested > chains and remote workspaces, is the best approach available. agreed. als

Re: [tor-talk] SIGAINT email service targeted by 70 bad exit nodes

On Thu, Apr 23, 2015 at 07:30:57PM +, nusenu wrote: > > Almost all of them were younger than one month and they seem to > > have joined the network in small batches. I uploaded Onionoo's > > JSON-formatted relay descriptors, so everybody can have a look: > >

Re: [tor-talk] TorBirdy seems to connect to the same exit node again and again

Hi Sophie, Hmm...Perhaps Atlas isn't the best choice here. At any given time the exits you can choose from are those you know of locally. It might be better to focus on TorBirdy instead. When using Tor Browser, the tor process is kind enough to take notice when using certain ports (WarnPlaintext

Re: [tor-talk] Clarification of Tor's involvement with DARPA's Memex

On 04/23/2015 01:23 PM, Andreas Krey wrote: > On Thu, 23 Apr 2015 11:31:18 +, benjamin barber wrote: > ... >> ... , and actively >> steering people away from tor, if they are looking for real anonymity or >> security. > > Where do you steer them *to*? > > Andreas Nothing implemented at usefu

Re: [tor-talk] Clarification of Tor's involvement with DARPA's Memex

On 4/24/15, Zenaan Harkness wrote: > On 4/24/15, Andreas Krey wrote: >> On Thu, 23 Apr 2015 11:31:18 +, benjamin barber wrote: >> ... >>> ... , and actively >>> steering people away from tor, if they are looking for real anonymity or >>> security. >> >> Where do you steer them *to*? > > At th

Re: [tor-talk] Clarification of Tor's involvement with DARPA's Memex

On 4/24/15, Andreas Krey wrote: > On Thu, 23 Apr 2015 11:31:18 +, benjamin barber wrote: > ... >> ... , and actively >> steering people away from tor, if they are looking for real anonymity or >> security. > > Where do you steer them *to*? At this point in time, there's no I2PBrowser for exam

Re: [tor-talk] SIGAINT email service targeted by 70 bad exit nodes

-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Hi, supp...@sigaint.org: > The attacker had been trying various exploits against our > infrastructure over the past few months. would you mind sharing some timestamps? (useful for data correlation) thanks -BEGIN PGP SIGNATURE- iQIcBAEBCgA

Re: [tor-talk] SIGAINT email service targeted by 70 bad exit nodes

-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Hi, >> Almost all of them were younger than one month and they seem to >> have joined the network in small batches. I uploaded Onionoo's >> JSON-formatted relay descriptors, so everybody can have a look: >>

Re: [tor-talk] SIGAINT email service targeted by 70 bad exit nodes

nusenu, I just looked at your list at https://lists.torproject.org/pipermail/tor-talk/2015-April/037384.html I don't know which ones are the relevant exit nodes now, I am just throwing this in, in no particular order, just picking whatever sounds familiar. Chrysanthos (or chrysanthemon) means gold

Re: [tor-talk] Analyzing the (little) spike in relays on 2015-04-01 (Family@Choopa LLC)

-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 > by looking at https://metrics.torproject.org/platforms.html > https://metrics.torproject.org/versions.html I noticed a little > spike in relays at the beginning of the month (actually I was > visiting metrics to see if some ticket made progress ;)

Re: [tor-talk] SIGAINT email service targeted by 70 bad exit nodes

>The question to me is: Do they all have something in common? What was the >vector of compromise? >Curiously enough, they all run Debian stable (according to the SSH version >string "SSH-2.0->OpenSSH_6.0p1 Debian-4+deb7u2” *ALL* of them spit out on port >22 — no exception!). FWIW a lot of Rasb

Re: [tor-talk] SIGAINT email service targeted by 70 bad exit nodes

-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Hi Philipp, > Almost all of them were younger than one month and they seem to > have joined the network in small batches. I uploaded Onionoo's > JSON-formatted relay descriptors, so everybody can have a look: >

Re: [tor-talk] Clarification of Tor's involvement with DARPA's Memex

On Thu, 23 Apr 2015 11:31:18 +, benjamin barber wrote: ... > ... , and actively > steering people away from tor, if they are looking for real anonymity or > security. Where do you steer them *to*? Andreas -- "Totally trivial. Famous last words." From: Linus Torvalds Date: Fri, 22 Jan 2010

Re: [tor-talk] SIGAINT email service targeted by 70 bad exit nodes

-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 > I guess that leads to the next question: how long were these > relays around, and with what patterns did they join the network? I noticed them signing up 20 relays on 2015-04-01: https://lists.torproject.org/pipermail/tor-talk/2015-April/037384.h

Re: [tor-talk] Clarification of Tor's involvement with DARPA's Memex

It has been said time and time again, that tor is not robust enough to protect you from state actors, who ultimately control the underlying network. The tor project has answered criticisms of collaboration and security, with the doxxing and harassment campaign against journalists while claiming tha

Re: [tor-talk] Looking for some Tor love at HotPETS15

Dear Tor friends, This is just a reminder that HotPETs talk proposals are due *tomorrow* (April 24th). You can email your proposal to (2 pages max, for details see ). We would love to have the exciting recent developments in the design and use of

Re: [tor-talk] SIGAINT email service targeted by 70 bad exit nodes

The relays you referred to all appear to come from vultr.com 21 BadExit relays come from this provider. The names are as follows: Enddeli, Tanworton, Enthory, Orod, Engbeli, Samest, Lucrece, Ravid, Maximianus, Menelaus, Keyar, Moslald, Rothtai, Bybaru, Imeld, Darctur, Gartora, Dardyn, Obana, Byni

Re: [tor-talk] SIGAINT email service targeted by 70 bad exit nodes

If it's any help, I remember seeing some sort of list on the tor-talk mailing list regarding the names of the (now) BadExit relays: name such as "samest" "engbeli" "enthory", imeld, darctur, lakin, orod, rengmarg. If someone can pull up a search tool and find it in previous threads, it would be a g

Re: [tor-talk] tor-talk Digest, Vol 51, Issue 39

//bugzilla.mozilla.org/show_bug.cgi?id=1157235 . > > Now that Firefox handles internally the non-saving of private > tabs/windows, we believe that this should have no impact. It would be > great if someone working on TBB could confirm that we are not breaking >

Re: [tor-talk] Upcoming change to Firefox internals that hopefully shouldn't break TBB

Hi, David Rajchenbach-Teller: > Hi everyone, > > We are planning to land a change in Firefox that has a small chance of > impacting TBB. The patch is here: > https://bugzilla.mozilla.org/show_bug.cgi?id=1157235 . > > Now that Firefox handles internally the non-saving of private > tabs/windo

[tor-talk] Upcoming change to Firefox internals that hopefully shouldn't break TBB

Hi everyone, We are planning to land a change in Firefox that has a small chance of impacting TBB. The patch is here: https://bugzilla.mozilla.org/show_bug.cgi?id=1157235 . Now that Firefox handles internally the non-saving of private tabs/windows, we believe that this should have no impact.

Re: [tor-talk] SIGAINT email service targeted by 70 bad exit nodes

Le 23/04/2015 06:08, Roger Dingledine a écrit : >I know we could SSL sigaint.org, but if it is a state-actor they could just >use one of their CAs and mill a key. This is not great logic. You're running a website without SSL, even though you know people are attacking you? Shouldn't your users

Re: [tor-talk] Clarification of Tor's involvement with DARPA's Memex

"We will help collecting metadata to punish opsec failures of Tor users, since the data is public anyway. Also if we don't do it, someone else will." Judging by comments on technews sites, it's highly paradox that Torproject wants to develop a data retention and indexing service for a domain which

Re: [tor-talk] SIGAINT email service targeted by 70 bad exit nodes

>> I think we are being targeted by some agency here. That's a lot of exit >> nodes. > > See above question about number of relays vs capacity of the relays -- > it would be great to learn more information before jumping to conclusions. > Some very dedicated jerk can probably spin up VPSes at a bu