On 01/24/2016 09:38 AM, Roger Dingledine wrote:
> On Sun, Jan 24, 2016 at 11:04:30AM +, Oskar Wendel wrote:
>> Attacker could easily tap into major VPN providers traffic and try to
>> correlate their traffic with hidden service traffic. And there are fewer
>> VPN providers than Tor entry guar
Hi Tor Talkers,
> Unless ofc you block javascript, but no human being
> can solve the Cloudflare captchas you get without javascript, so
> disabling javascript is pretty much non-existing.
There is a chance to circumvent the captcha thing with Tor. In former days you
simply had to add
ExitNodes
Hi,
Nobody [quoted and I snipped regarding Tor over Tor]:
undefined and potentially unsafe behavior ... it is not clear
if this is safe ... it has never been discussed ... we don't
understand.
These seem to be the valuable parts.
leave the route selection to Tor
Is this that trust th
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Flipchan :
> Instead of goin vpn->tor You could go i2p->tor
It's a bit offtopic, but still interesting. So you mean routing i2p
through Tor?
I conducted some experiments some time ago (I don't trust i2p enough to
run it through the clearnet and I
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Flipchan :
> Well i never liked vpn , like for example in the US the police can force
> the vpn provider to give out info without the vpn provider telling the
> client/customer about it, so u need to put alot of trust in these vpn
> providers,
Tha
aka :
> Why not Tor over Tor? Using a Tor exit to connect to the first hop.
> Would require traffic correlating twice.
It wouldn't. Traffic correlation doesn't care of the traffic content
itself. It doesn't break the traffic anonymity, it just correlates your
traffic with the traffic on the sit
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Roger Dingledine :
> It's a tradeoff -- if somebody somehow breaks the anonymity of your Tor
> circuit, it's nice to have another layer behind that. But if somebody
> guesses that you're using a particular VPN, or you pick a VPN that they're
> already
Instead of goin vpn->tor You could go i2p->tor
nobody skrev: (24 januari 2016 21:25:38 CET)
>-BEGIN PGP SIGNED MESSAGE-
>Hash: SHA512
>
>
>
>On 01/24/2016 03:22 PM, aka wrote:
>> Oskar Wendel:
>>> Today I thought about something...
>>>
>>> Let's assume that attacker (government) seizes t
aka:
>> George:
>> Moreover, if Facebook, etc, decide to employ hidden services, it is good
>> publicity against the "hidden services are for terrorists and other
>> evil-doers" meme.
> Absolutely this.
>
> Also Facebook's intention was to give citizens of oppressive regimes a
> simple way to acce
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
On 01/24/2016 03:22 PM, aka wrote:
> Oskar Wendel:
>> Today I thought about something...
>>
>> Let's assume that attacker (government) seizes the hidden service
>> and wants to run it and deanonymize its users with traffic
>> correlation.
>>
>> A
Oskar Wendel:
> Today I thought about something...
>
> Let's assume that attacker (government) seizes the hidden service and
> wants to run it and deanonymize its users with traffic correlation.
>
> Attacker could easily tap into major VPN providers traffic and try to
> correlate their traffic
> On 24 Jan 2016, at 12:08 AM, grarpamp wrote:
>
> On Sat, Jan 23, 2016 at 7:17 PM, Ken Cline wrote:
>> I reported a Tor crash, only to find it was caused by a failing disk.
>
> Apps should not crash due to failed i/o, rather should retry, block,
> fail, or exit, perhaps configurably. Especial
On Sun, Jan 24, 2016 at 11:04:30AM +, Oskar Wendel wrote:
> Attacker could easily tap into major VPN providers traffic and try to
> correlate their traffic with hidden service traffic. And there are fewer
> VPN providers than Tor entry guards (and much less than home connections
> around the
> George:
> Moreover, if Facebook, etc, decide to employ hidden services, it is good
> publicity against the "hidden services are for terrorists and other
> evil-doers" meme.
Absolutely this.
Also Facebook's intention was to give citizens of oppressive regimes a
simple way to access US controlled
Well i never liked vpn , like for example in the US the police can force the
vpn provider to give out info without the vpn provider telling the
client/customer about it, so u need to put alot of trust in these vpn
providers, i am acctually developing a better solution but its only in beta and
i
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Flipchan :
> Do u mean a vpn to tor? Or first tor then a vpn?
Tor over VPN. So we first purchase a VPN and then make Tor use it to
connect to the first hop.
- --
Oskar Wendel, o.wen...@wp.pl.remove.this
Pubkey: https://pgp.mit.edu/pks/lookup?searc
Hello,
following a discussion on Twitter on Tor and Cloudflare, i tried to
rationalize a possible multi-layer approach for fixing that issue by
leveraging Proof of Work.
Let's first try to define a couple of points:
1) The issue of Tor, on behalf of Tor users, with cloudflare is a
usability prob
Do u mean a vpn to tor? Or first tor then a vpn?
Oskar Wendel skrev: (24 januari 2016 12:04:30 CET)
>-BEGIN PGP SIGNED MESSAGE-
>Hash: SHA1
>
>Today I thought about something...
>
>Let's assume that attacker (government) seizes the hidden service and
>wants to run it and deanonymize its
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Today I thought about something...
Let's assume that attacker (government) seizes the hidden service and
wants to run it and deanonymize its users with traffic correlation.
Attacker could easily tap into major VPN providers traffic and try to
corre
19 matches
Mail list logo
