[tor-talk] Is tor server now to heavy for a Raspberry Pi 2 Model B ?

Specs: Raspberry Pi 2 Model B Rev 1.1 ARMv7 Processor rev 5 (v7l) 923mb RAM / 1gb swap For tor releases I usually switch between the current GA release and one of the prerelease alphas. Is this box too anemic for modern Tor serving as an exit node? Thanks! Chris -- tor-talk mailing

Re: [tor-talk] Node Down and Old Version Notifications

I think someone else is already doing this -- at least for down nodes I run a small exit node and when the box gets OOM and hangs I get an email with the subject: "[Tor Weather] Node Down!" And that has a URL about the maintainer and code: The original Tor Weather was decommissioned by the To

[tor-talk] Looking for legit dump sitez

Anyone have any good card dump sites to get sum burners that workpieces conviction -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

Re: [tor-talk] Onion Service stock photo anyone?

How about this one, featuring Alexandra Elbakyan, founder of the sci-hub project (which is available via a Tor onion url): https://upload.wikimedia.org/wikipedia/commons/thumb/8/8b/Wiki-award_2016_114.JPG/1024px-Wiki-award_2016_114.JPG ...or this one: http://maxpixel.freegreatpicture.com/Code-Vi

Re: [tor-talk] Using Raspberry Pi as Tor relay is bad idea??

I run a tor exit node off of a raspberry pi. Works fine. The pi has more than enough CPU power to run your relay unless you are dedicating a gig pipe to it or something ... Regards, Chris /* Sent via phone - apologies for typos & terseness */ > On Aug 1, 2017, at 12:57 PM, Tom Tom

Re: [tor-talk] Did Australian Authorities hack (US) computers with Tor's help?

On 2016-08-21 10:18 AM, Cannon wrote: On 08/21/2016 01:06 AM, Chris wrote: Microsoft Windows is a threat to your security. All proprietary software is a threat. Intel and AMD are a threat to your security. There is remote control functionality built into every Intel and AMD CPU since 2009 and

Re: [tor-talk] Did Australian Authorities hack (US) computers with Tor's help?

On 2016-08-20 06:54 PM, tort...@arcor.de wrote: Hi! I found two articles which may have something in common. 1. Some Tor users (29.000) got deanonymized by authorities while up/downloading childporn. 2. Someone claims that "Tor suddenly dump over 30 megabloats of steaming faeces onto a file syst

Re: [tor-talk] Tor is anti-censorship software

Seriously? I spent some time trying to parse Juan's various messages yesterday to try to understand his point of view ... if you remove all of the insults and snide remarks the only concrete position I could discern was that he was legit upset over the marketing/PR approach of the Tor projec

Re: [tor-talk] Eyewitnesses Recount Tor Developer Jacob Appelbaum’s Unwanted Sexual Advances

I'm indifferent to the full cut and paste but welcome the posting of URLs and stories as more and more people come forward with names attached. It's a counterbalance to the folk who vehemently claim that the accusations are an 'anonymous smear job' or state actor conspiracy -- especially th

Re: [tor-talk] RIP Tor

One small upside at least -- I'll selfishly admit that having a /redpill type pop up to excrete rants about "SJWs" did allow me to win a small bet. I've almost got my MRA buzzword bingo card filled out. Having it arrive via the cock.lu domain was just extra sprinkles on the flaccid little cupc

Re: [tor-talk] Any updates from Tor Project on ioerror?

It's sorta disgusting to see the creep defenders come out in force on this list - especially the ones who talk big about anti-establishment stuff and post anonymously from privacy friendly ISPs who suddenly and magically have decided to start proclaiming their love for the rule of law and the

Re: [tor-talk] Tor Sensorship

On 2016-05-25 07:39 PM, Justin wrote: Are they using DPI? If so, what company sold them the filter? Let me clarify that. I only attempted to access the Tor project web site and it was blocked. On May 25, 2016, at 5:55 PM, Chris wrote: I was wondering does anyone have a list of

Re: [tor-talk] Tor Sensorship

I was wondering does anyone have a list of countries that are currently blocking Tor? I know China, Ethiopia, Iran are doing it but I think I may have missed one or two others. I know the courthouse in Nashua, New Hampshire, USA is censoring Tor, and other civil rights web sites, humorously.

[tor-talk] Tor Opsec Questions

is is done and how that is done and such, however, any hints of good research/technical papers and such would be greatly appreciated. And of course, anyone willing to specifically talk about it anonymously would also be hugely appreciated. Chris -- tor-talk mailing list - tor-talk@lists.torprojec

[tor-talk] Raid of LFM studio over supposed access of onion site by unknown party

I thought I'd just bring to the attention of the Tor community a very public (it was recorded and those involved have spoken about it) raid that occurred upon which the FBI listed in the warrant an onion site that was connected to what appears to have been Playpen where child porn was being dis

Re: [tor-talk] Exit Traffic classification and discrimination

ility - at least it sounds like you got most of your stuff back via dropbox. Regards, Chris PALMERS CONSULTING LLC wrote: Dear Sirs, I had Dropbox professional and they restore the all files stored in Dropbox. I can offer this solution to you. And I wish "GO TO HELL" to the tor-p

Re: [tor-talk] Metrics shows drop of users

Well, if they've had the kind of luck that i've had with the tor nework:; then they've made "quiting the tor net", their New Years " resolution". As I have. On Jan 4, 2016 11:41 PM, "Karsten Loesing" wrote: > -BEGIN PGP SIGNED MESSAGE- > Hash: SHA1 > > On 04/01/16 09:23, Karsten Loesing w

Re: [tor-talk] Bandwidth / RAM: When does it make sense to operate a tor relay (non-exit)

Quick reply ... - I run a tor exit node with a raspberry PI 2 model B. The prior generation struggled a bit to run under load but the 2B works fine - Experience has been fantastic; tor builds and run just fine from source and my only outages were upstream or power related over the last year

Re: [tor-talk] Removing viruses from the BIOS Chip to Vladimir and Matthew Kaufman

Because his response was helpful, earnest and legit? It is a fairly common security practice for privacy minded people to walk into a store and purchase with cash a laptop from a random store so as to minimize the potential that the device was intercepted and interfered with in-transit (as the

Re: [tor-talk] Running a relay on a raspberry pi

I run an exit node on a raspberry pi 2 just fine, 'arm' reports that it's pushed 2.4TB over the last 90 days. The previous B+ model also worked OK but the '2' model does more with less load. Flipchan November 14, 2015 at 3:32 AM Have anyone done this with a raspb

Re: [tor-talk] tor-talk Digest, Vol 56, Issue 43

To bad that Orfox does not work on my Galaxy Note 4. I tried all alpha versions of it and now the beta version. Orbot connects just fine and Orweb works but Orfox just can't connect no matter what I do. On September 27, 2015 1:49:06 PM PDT, tor-talk-requ...@lists.torproject.org wrote: >Send tor

Re: [tor-talk] Onionmap, a free software worldmap of Tor relays

roups" (NATO, EU, Arab League, ...). -- Chris Barry -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

Re: [tor-talk] Library installs Tor exit node; pulls plug after pressure from DHS

On 2015-09-11 07:19 PM, grarpamp wrote: A lot of support should be lent right now to the city managers, library board, and the community. You don't want the first one to be publicly quashed by a bunch of shameful LEA fearmongering. Show up the board meeting, you can bet they will. Someone sho

[tor-talk] ConnLimit issues with tor-0.2.7.2-alpha

iling. .. despite setting ConnLimit to 1024 in torrc and testing the OS via "ulimit -H -n" I still see the "Failing" message as the last updated line in tor notices.log Anyone else see this? The docs seem light on this argument except to say "you probably never need to

Re: [tor-talk] Historically speaking, what was the U.S. navy /military

+1 for creating a tor-opentalk list if we need to satisfy the keyboard philosophers, communal fetishists and other interesting characters who need an audience to preen/preach in front of. Although I did find the the original start of this thread to be pretty interesting. Like many others lur

Re: [tor-talk] Tor shirt

Sorry to re-open an old thread but I wanted to mention that T-shirts are being sent out. Just picked mine up at the post office this afternoon. I did email though to ask as I did not get an automatic notice. People on the other end of the email were fast to respond and nice to interact with

[tor-talk] Fighting human trafficking (on Tor and elsewhere) with Python

thout diminnishing the usefulness of the system and the service it provides, to help root out and possibly ostricize pedo / sexual exploitation sites. http://podcastinit.com/episode-12-eric-schles-on-fighting-human-trafficking-with-python.html -Chris -- Christopher Patti - Geek At Large | GTalk: cpa...@gmai

Re: [tor-talk] Fw: German University signs up 24 tor relays

benjamin barber wrote: Tor ethics board response is as follows: Heh. Thought you had turned over a new leaf as your last few posts forgot to include the now obligatory b barber mantrum on the horrific evil of Tor putting out an anti-harassment policy and publicly standing by team members ge

[tor-talk] Cost offset

How can i contribute, when i can't access the"tor web net"? I don't know, or understand, all of this tech talk. It's an excellent gauntlet of security; but, for a computer-illiterate dumbass, (like myself), i still don't know what I'm being asked to contribute to. -- tor-talk mailing list - tor-ta

Re: [tor-talk] Quantum Insert detection for everyone

I run a US-based exit node and would be interested in a way to run this software without compromising the users exiting my node. Looking forward to your additional writeups - especially anything geared towards exit nodes and quantum insert detection. -Chris David Stainton

Re: [tor-talk] Are webmail providers biased against Tor?

o be a source of bad actors, it's incumbent upon those providers to do something about it. IMO Google's response - trying to balance a desire to enable genuine users to use Tor while barring the bad actors, is commendable. It's a tough problem folks, we should all recognize that.

Re: [tor-talk] What relay does really help the TOR project?

With that philosophy of yours maybe you'd be better off running an unlisted bridge ("bridge relay") ? Those seem aimed squarely at helping people evade government censorship and national firewalls. May be more close to the type of service you'd like to be providing ? Josef 'veloc1ty' Stau

Re: [tor-talk] Running a Tor node on a Rasberry Pi

I'm running a tor exit on a very new Raspberry Pi B+ node and I just posted a message about it here 2 days ago wondering if it was perhaps under powered for the job. Here are my quick thoughts: 1: I'm still trying to prove if the Pi is underpowered. I got the 'stable' flag back and now I'm

Re: [tor-talk] running a stable exit node on a Raspberry Pi B+ (can it handle it?)

Colin Mahns wrote: I wouldn't recommend using a rPi for a Tor bridge/relay. It's far too underpowered in my mind to be useful for anyone. If anything, it might harm the network by introducing slow hops. A spare computer or a VPS would be better here. As far as your bandwidth settings those

[tor-talk] running a stable exit node on a Raspberry Pi B+ (can it handle it?)

I'm running a brand new US exit node on a dedicated B+ model Raspberry Pi server (relay nickname: sonsorolDotNet ) configured per all the guides and running the reduced exit policy. Trying to avoid being one of the new folks who obsess about flag status but the relay lost the Stable flag so

Re: [tor-talk] GMail spam blocks

It might be short sighted but I couldn't honestly blame them either. When I ran an exit relay (not just a relay) the reason I had to take it down is some idjit was using my exit node to hijack Gmail accounts. On Thu, May 1, 2014 at 12:07 PM, Gordon Morehouse wrote: > -BEGIN PGP SIGNED MES

[tor-talk] No more Onion Key after upgrade to 0.2.4.19

Hi, i've updated yesterday both of my relays to the new version 0.2.4.19 as recommended. So i have noticed two strange things at the moment. Both relays do not have a Onion Key anymore. The signing Key is still there. I have also browsed through torstatus page and recognized that some of 0.2.4.

Re: [tor-talk] "Safeplug"

I very rarely (if ever) comment on this list (I like to read and learn). That said, I've been looking into building a TOR router using Pi. This is because I have elements within my home that are technically inept and thus are a danger to themselves and everyone else (ageing parents...what can you

Re: [tor-talk] Indirect Tor question

llions of dollars to fund something that is validatable and NSA-free. > > Sent from my Android so do not expect a fast, long, or perfect response... > On Sep 9, 2013 2:53 PM, "Chris" wrote: > >> >> >> I'm wondering about any and all similar tor-based systems wh

Re: [tor-talk] Indirect Tor question

>> I'm wondering about any and all similar tor-based systems wherein there >> is ANY portion that is not opensource. > > Scrutiny is a good thing. I suggest using the vrms tool to find non-free > software. [10] [11] Parts of this non-free software may come without > source code being available. Fr

Re: [tor-talk] Tor 0.2.4.17-rc is out

o keep enjoying the niceties like /etc/init.d scripts and the like and don't want to overwrite/corrupt the package managed binaries if I can at all help it, but my linode is being hammered to death (non exit relay) and I need to do something :) Thanks, -Chris On Thu, Sep 5, 2013 at 6:36 AM, Rog

Re: [tor-talk] A safe social network

hort explanation if it >> were possible and how the TOR-Project could be a big link to handle >> that? Sure, it was a "what if", but we are seriously interested in >> this to know. >> >> Thank you in advance, >> >> Chris >> > Hello, &g

Re: [tor-talk] Tragedy of the commons.

I understood the legal implications. See my above note about the abuse report from Linode. I'm not complaining, just noting that it's unfortunate that folks have to abuse things. On Fri, May 24, 2013 at 3:34 PM, Roman Mamedov wrote: > On Fri, 24 May 2013 13:39:31 -0400 > Ch

Re: [tor-talk] Tragedy of the commons.

To be clear, it was my choice. Linode received an abuse complaint, so I could either shut down the relay or have my account nuked. I chose to shut down the relay. -Chris On Fri, May 24, 2013 at 3:07 PM, Joe Btfsplk wrote: > On 5/24/2013 12:39 PM, Chris Patti wrote: > >> I just

[tor-talk] Tragedy of the commons.

I just had to shut my relay down because someone was using it to hijack someone else's Gmail account :\ Dunno how I could get around this other than by blocking port 80, which is kind of the point :) -Chris -- Christopher Patti - Geek At Large | GTalk: cpa...@gmail.com | AIM: chrisfeoh

Re: [tor-talk] Tor's reputation problem with pedo, some easy steps the community could take

er for new folks to avoid this kind of content. That's all. -Chris On Mon, Apr 29, 2013 at 4:11 PM, h0ost wrote: > Calls such as these, to begin systematic attempts at flagging > directories and removing links, are nothing but thinly disguised > attempts at imposing censorshi

Re: [tor-talk] Tor's reputation problem with pedo, some easy steps the community could take

that doing this isn't easy due to large scale vandalism. We'd need something like a Wikipedia with a dedicated group of volunteers willing to undo each vandalistic act and keep links clearly labeled. -Chris On Mon, Apr 29, 2013 at 4:03 PM, Roger Dingledine wrote: > On Mon, Apr

Re: [tor-talk] Tor's reputation problem with pedo, some easy steps the community could take

Agreed, but understand - I'm not suggesting that *the Tor project* itself cull this content, merely that directory / wiki operators make a concerted effort to at least clearly label the pedo dens so they can be easily avoided by those of us who have a real issue with them. -Chris On Mon, A

Re: [tor-talk] Tor's reputation problem with pedo, some easy steps the community could take

ere more > onions on tor non-crime related that were interesting in ways that > clear-web sites are not interesting, Tor may be able to overcome it's > reputation. It will also be an easier transition if using Tor is made to be > as convenient as using the normal internet. > > &g

Re: [tor-talk] Tor's reputation problem with pedo, some easy steps the community could take

m while investigating Tor-space? Yes you can! And by doing so, you create an environment where people, taking advantage of the incredibly awesome work folks have done with OnionBrowser, who aren't necessarily Tor savvy can get a sense for what the system can do and come away with a p

[tor-talk] Tor's reputation problem with pedo, some easy steps the community could take

02 Thanks, -Chris -- Christopher Patti - Geek At Large | GTalk: cpa...@gmail.com | AIM: chrisfeohpatti | P: (260) 54PATTI "Technology challenges art, art inspires technology." - John Lasseter, Pixar ___ tor-talk mailing list tor-talk@lists.

Re: [tor-talk] DoS and TOR?

thanks Roger. :) At 03:39 PM 11/7/2012, you wrote: On Wed, Nov 07, 2012 at 03:35:38PM -0500, Chris Smart wrote: > Hi folks. > > Disclaimer: The following question refers to website testing, > vulnerability identification etc. > > Please bare in mind that I am an end

[tor-talk] DoS and TOR?

recommend LOIC. I'm using Windows 7 and the latest Tor Browser. How do I integrate LOIC and Tor? thanks Chris -- CTS MASTERING, affordable and professional mixing and mastering: http://www.ctsmastering.com Twitter: https://twitter.com/

[tor-talk] Tor on Plug PC running Arch

uctions: https://wiki.archlinux.org/index.php/Tor whenever I enter "# /etc/rc.d/tor start" I just get a busy signal. I'd like to run a bridge relay, or contribute in whatever way I can. It would be awesome if you could help. Thanks, Chris si

Re: [tor-talk] Porn make the world more free: Tor Porn Bundle?

t; https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk > ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk -

Re: [tor-talk] News from Iran

http://ca.linkedin.com/pub/chris-smart/46/824/536 ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

Re: [tor-talk] Download videos

ilman/listinfo/tor-talk -- CTS MASTERING, affordable and professional mixing and mastering: http://www.ctsmastering.com Twitter: https://twitter.com/#!/CTSMASTERING BLOG: www.ctsmastering.com/blog Linked In: http://ca.linkedin.com/pub/chris-smart/46/824/536 ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

Re: [tor-talk] Logging on to Tor

Hugh, Find the file on your system named "Start Tor Browser.exe". Right-click it and pick "Send To". From that sub-menu pick "Desktop (Create Shortcut). that will, not surprisingly, add a shortcut to your desktop. Chris, assu

Re: [tor-talk] TorBrowser Tweaks

What do you suggest in the way of Torbrowser or Win7 tweaks then? If any?? At 09:00 AM 9/11/2012, you wrote: On 9/11/12, Chris Smart wrote: > Several browser and Windows tweaks are listed in the Tor Wiki under > Hacking Firefox for Maximum Performance with Tor: > https://trac.torpr

Re: [tor-talk] Windows Screenreader Users?

ww.ctsmastering.com/blog Linked In: http://ca.linkedin.com/pub/chris-smart/46/824/536 ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

[tor-talk] TorBrowser Tweaks

, Torbutton and Windows XP, how much of the advice still applies if one is using TorBrowser and Win7 64-bit? thanks for any clarification, Chris -- CTS MASTERING, affordable and professional mixing and mastering: http://www.ctsmastering.com Twitter

[tor-talk] Windows Screenreader Users?

Hi folks. Are there any other blind or visually-impaired folks here, running Tor on Windows with a screen reader such as Jaws? I'm new to all of this, but would like to know in advance if any other folks have run into accessibility issues with Tor, Vidalia, etc.

[tor-talk] A bug in the Tor Browser Bundle?

I am hosting a tor exit server named grintor. I noticed that if I try to specify my exit server in the TBB using the .exit TLD it doesn't work. I have tried to go to google.com.grintor.exit to no avail. It also does not work with any other exit servers I have tried.

Re: [tor-talk] on the topic of tor's weaknesses

On Wed, Feb 29, 2012 at 4:17 PM, grarpamp wrote: > >>> It may take a while for a clientA to use said entry but when > >>> they do it seems it would be quite easy to time/count correlate > >>> or munge the HS traffic of clientA. And only require two nodes > >>> (hs, entry) and no GPA taps to do so

Re: [tor-talk] on the topic of tor's weaknesses

OK, so taking that all into account, is it more likely that you will be de-anonymized using public services through tor (ie browsing the web) or using hidden services through tor? On Wed, Feb 29, 2012 at 9:14 AM, Ralf-Philipp Weinmann wrote: > > On Feb 29, 2012, at 11:17 AM, grarpamp wrote: > > >

Re: [tor-talk] how can I direct specific ports to tor?

Proxycap On Feb 28, 2012 11:53 AM, "Jerzy Łogiewa" wrote: > do you know about this for platform other than windows? > > -- > Jerzy Łogiewa -- jerz...@interia.eu > > On Feb 26, 2012, at 12:57 PM, Chris Wheeler wrote: > > > You can use freecap with your appli

Re: [tor-talk] on the topic of tor's weaknesses

r TCP is believed not a good idea in terms of performance. > > > > On Sun, Feb 26, 2012 at 1:30 PM, Xinwen Fu wrote: > > > Hi Chris, > > > > On Sun, Feb 26, 2012 at 12:09 PM, Chris Wheeler > wrote: > > > >> Dr Fu, > >> > >> Ab

Re: [tor-talk] how can I direct specific ports to tor?

-- > Jerzy Łogiewa -- jerz...@interia.eu > > On Feb 25, 2012, at 8:45 PM, Chris Wheeler wrote: > > > This would be application specific. From the looks of it you are trying > to > > set up an email client to use tor. To do that you would need to have an > > email client

Re: [tor-talk] on the topic of tor's weaknesses

r out once per ms, if the buffer is not full pad it with zeros, if you have more than 5Kb to send cache it for the next ms buffer. What do you think? Chris On Sat, Feb 25, 2012 at 9:49 PM, Xinwen Fu wrote: > Here is a paper of mine on TCP Performance in Flow-Based Mix Networks: > http://www

Re: [tor-talk] how can I direct specific ports to tor?

This would be application specific. From the looks of it you are trying to set up an email client to use tor. To do that you would need to have an email client that supports SOCKS proxies. Most do I think. Just set up your mail client like you normally would if you were not using tor and then in th

Re: [tor-talk] on the topic of tor's weaknesses

toss them out. That would create more overhead but might be worth it. On Sat, Feb 25, 2012 at 3:49 PM, Joe Btfsplk wrote: > On 2/25/2012 12:41 PM, Xinwen Fu wrote: > >> Chris, >> >> An attack may only work under its own threat model (capabilities and >> resources an

[tor-talk] on the topic of tor's weaknesses

I have been reading a lot about end-to-end correlation attacks on tor. I am writing a paper on the subject and have a question which I can't seem to find an answer to. I understand these attacks rely on the attacker being able to view the traffic of the first relay a client is connecting to and the

Re: [tor-talk] Tor version in OpenWRT Backfire

This probably isn't a good approach. It would probably be better to write a program for the OpenWRT implementation that regularly checks for newer versions and downloads+installs as necessary automatically. You would need to have it check the asc file too of course. There isn't a need to include an

Re: [tor-talk] TBB and local TOR for Linux users

> ./App/Firefox/firefox -no-remote -profile ./Data/profile > > It seems to work without an issue.Is there any concern running it like > this? Interesting work around. I haven't tried this although there is another work around that doesn't quite work right and you still are using the TBB's firefox.

Re: [tor-talk] Real basic questions for linux

> On 03/01/12 16:44, Øyvind Sæther wrote: >> Just ignore the Browser bundle bullshit, that's for stupid Windows >> users and pointless on *nix systems. > > There's a good reason still to use the Tor Browser: it provides a > "standard" environment which is the same as every* other Tor user's. > Safe

Re: [tor-talk] Real basic questions for linux

You have to add the Tor repository to your distributions /etc/apt/sources.list file and then you will get the latest Tor software. In fact your system should automatically inform you of these new versions and ask you to update just like any other software in the main repository of your distribution

Re: [tor-talk] Automatic vulnerability scanning of Tor Network?

> > I agree too with Sebastian, i was running a Exit Relay at home a couple > years before i got some problems with autority but i has stoped to be > exit and only a "non-exit" relay and from that i never had new > problems I have 100 Mbits with no limit with the Traffic and it > will be sad t

Re: [tor-talk] browser with best privacy without using the Tornetwork

>> For various reasons it sounds like there is a lot of demand for >> separating >> Tor from the TBB. > > You mean separating Tor Browser from The Tor Browser Bundle (TBB)? > > Reasons I see here: > - using Tor as a transparent proxy > - wanting a browser with best privacy settings but without usin

Re: [tor-talk] browser with best privacy without using the Tor network

> We already offer this. See the Expert Bundle, > https://www.torproject.org/download/download.html.en#windows. That is for Microsoft Windows and am pretty confident that it is not the same thing. The TBB has plug-ins and other configuration changes in it to enhance security such as the HTTPS Eve

Re: [tor-talk] Tor - 1-click-compile-version

>> Tor has a vulnerability where there are only two or three bootstraping >> servers. They are spread out from my understanding although also a point >> of vulnerability. It requires 2 of three server currently I believe to >> compromise the service. If I recall correctly there is the possibility

Re: [tor-talk] browser with best privacy without using the Tor network

For various reasons it sounds like there is a lot of demand for separating Tor from the TBB. It would be nice if we could fund the development of features like this. I imagine some of us would be more willing to donate if certain features would be added as a result. I donate a fair amount of spare

Re: [tor-talk] Tor - 1-click-compile-version

There is probably a better way to solve this problem without having to compile the code yourself. The simple fact is that users are not going to be competent enough to evaluate the code or even evaluate the changes in the code from one release to the next. The threat here potentially comes from go

Re: [tor-talk] "If you have access to certain tools, you can completely ignore Tor."

>> > if you send an e-mail to a non-webmail client (like Thunderbird) which >> > does not go via Tor, then the IP can be determined when it loads the >> 1x1 >> > HTML pixel from the website >> >> Could you clarify the question? As Phillip mentioned, Tbird can be >> Torrified, but I've never been i

Re: [tor-talk] Automatic vulnerability scanning of Tor Network?

> Nope. The probes were annoying, but the killer was my all-in-one > consumer grade router/nat/dhcp server/firewall leaking packets into > what was supposed to be the secure part of my home network. Maybe you should fix the router? This blaming other people for your own mistakes is getting ridic

Re: [tor-talk] On verifying security of Tor Routers idea

>> I think the best approach is to send off an email with the new proposal >> to >> all node operators. > > Please do not send a mass-email to all relay operators, especially > while you're still in a planning phase. This seems pretty obvious, but > I wanted to make sure that it was clear - relay o

Re: [tor-talk] Automatic vulnerability scanning of Tor Network?

> All of these ideas about removing allegedly ‘insecure’ or > ‘vulnerable’ > relays from the network ignore the fact that someone who wants to > compromise Tor relays and use them to attack Tor users will just make > the relays appear to not be vulnerable, so that they can stay in the > ne

Re: [tor-talk] On verifying security of Tor Routers idea

> On 12/21/11, Fabio Pietrosanti (naif) wrote: > > A lot more than I'm willing to critique. My suggestions are > > Add a PHASE-0.5: Email out requests for permission to scan & > permission to publish the scan results to all tor node contact > addresses > > PHASE-1: b) Portscan all Tor Router>> th

Re: [tor-talk] janusvm still safe?

Tails won't or should not be run in a VM. It actively detects VMs and warns the user. I forget if it actually won't run or it just warns the user. > Couldn't one simply use Tails in a VM the way JanusVM was designed to run > and get the benefits of tails without having to reboot constantly from a

Re: [tor-talk] janusvm still safe?

> > What I liked about JanusVM is that it's very easy to install and use. I always thought JanusVM had a good central idea although wasn't implemented right. It is too easy to make a mistake. The same thing applies with TBB though. ___ tor-talk mailing

Re: [tor-talk] Automatic vulnerability scanning of Tor Network?

>> So please, don't bother with that justification, a scan like that would >> probably just be one scan of 1 you receive every week. > > The scan which happened yesterday was enough to get the attention of both > the > university network security team, and the sys-admins of the department > whi

Re: [tor-talk] Automatic vulnerability scanning of Tor Network?

> On Dec 20, 2011, at 2:54 PM, "Chris" wrote: > >>>> Security trough obscurity doesn't scale, so what' the problem? >>> >>> The problem is that I don't know you, I don't know your intentions, >>> and I haven't given y

Re: [tor-talk] Automatic vulnerability scanning of Tor Network?

> > Up to that point I hadn't thought of pranks as unethical behavior or > an abuse of trust.. but I realized that he was right. > > I guess that's my answer to "but everyone else is doing it." It's not > your server, you do not have permission to scan their machine. The > people that deserve r

Re: [tor-talk] Automatic vulnerability scanning of Tor Network?

>> Security trough obscurity doesn't scale, so what' the problem? > > The problem is that I don't know you, I don't know your intentions, > and I haven't given you permission to do a security audit, free or > otherwise, on my machine. You need to GET PERMISSION FIRST or you're > behaving exactly l

Re: [tor-talk] "If you have access to certain tools, you can completely ignore Tor."

Would any of these attacks work with HTML off? I ask mostly because the default in GNU/Linux is for these things to be off. Even my web mail GNU/Linux interface I write from has HTML off by default. > Thank you for that. > > Kmail (Kontact) appears perfectly safe. I also tested vs gmail in my > f

Re: [tor-talk] "If you have access to certain tools, you can completely ignore Tor."

> >>> From: >>> http://www.wired.com/vanish/2009/09/interview-with-pi-steve-rambam-evan-can-be-found/ >>> >>> Wired: How much can one do with IP addresses that have been run through >>> Tor? >>> >>> SR: If you have access to certain tools, you can completely ignore Tor. >>> You >>> can trap your su

Re: [tor-talk] "If you have access to certain tools, you can completely ignore Tor."

> From: > http://www.wired.com/vanish/2009/09/interview-with-pi-steve-rambam-evan-can-be-found/ > > Wired: How much can one do with IP addresses that have been run through > Tor? > > SR: If you have access to certain tools, you can completely ignore Tor. > You > can trap your subject’s IP address w

Re: [tor-talk] what to do with Captcha?

> Some websites have the Captcha thing to deal with when signing up for > something the offer. But with Scripts off you can't see the captcha > thing. > > How can you get around that problemsafelywhile using Tor? > I don't have a good answer for you although it is probably advisable not t

Re: [tor-talk] Tor Browser Bundle w Linux Packaging & TAILS improvements/new distribution

> On Mon, Dec 12, 2011 at 10:34:03PM -0500, Chris wrote: >> While I would not suggest eliminating the tarball completely as there is >> more to the world than just debian I do think the manual installation is >> cumbersome and risky for the user. It make no sens

Re: [tor-talk] Tor Browser Bundle w Linux Packaging & TAILS improvements/new distribution

> On Mon, 12 Dec 2011 22:34:03 -0500 > "Chris" wrote: >> While I would not suggest eliminating the tarball completely as there >> is more to the world than just debian I do think the manual >> installation is cumbersome and risky for the user. It make no sense &

Re: [tor-talk] TBB, iptables, and seperation of concerns

> Hi, > > Chris wrote (12 Dec 2011 08:35:01 GMT) : > >> 1. A user should not have to download a CD from a site every time an >> update comes out. > > What kind of better solution are you thinking of? > > We've got an incremental upgrade system in th

  1   2   >