CloudFlare CEO Matthew Prince just posted this blog post
https://blog.cloudflare.com/the-trouble-with-tor/
which I think is worth a read for people on this list.
TL;DR: CloudFlare is serving CAPTHAs to Tor users not by design but as a
consequence of the way their IP reputation system works.
On Sun, Nov 01, 2015 at 10:15:08PM -0500, Michael McConville wrote:
> Dual_EC_DRBG, a random number generation algorithm, was very likely
> backdoored by the NSA. Tor doesn't use it. There is little evidence that
> other EC algorithms have been subverted, although it's possible.
I agree with this
On Sat, Sep 19, 2015 at 09:19:12AM +0300, Qaz wrote:
> What good does https://facebookcorewwwi.onion/ bring? I think there are
> but not much and not that far away from the benefits one can have
> logging in via mainstream browsers such as Firefox and Chrome.
Perhaps you're on a secret mission som
On Sun, Aug 30, 2015 at 05:01:53PM +0200, Andreas Krey wrote:
> On Sun, 30 Aug 2015 11:01:42 +0000, Martijn Grooten wrote:
> ...
> > But a company that blocks Tor because, as IBM puts it, a lot of
> > malicious actors use Tor is making a sensible security decision.
>
> But
On Fri, Aug 28, 2015 at 12:14:52AM -0400, grarpamp wrote:
> Some places allow tor for personal use for the explicit reason that
> they don't wish to be involved with policing employees freetime
> traffic on break, want to offer segregation, etc, in exactly the same
> way they don't regulate your ce
On Tue, Jun 16, 2015 at 01:21:56PM -0400, Roger Dingledine wrote:
> The behavior detection aspect is especially vexing here -- many antivirus
> tools have a "Not enough of our users have told us about this exe yet,
> therefore it is scary by default" feature.
There's also the simple fact that "an
On Sun, May 03, 2015 at 12:36:05AM -0400, Mansour Moufid wrote:
> "gpg ciphertexts with RSA 1024 were returned as fails"
>
> http://cr.yp.to/factorization/batchnfs-20141109.pdf
That's an interesting paper (I wasn't aware of it and I like their
approach; thanks for sharing) but I don't think its c
On Mon, Mar 02, 2015 at 04:15:26PM +0100, Fabio Pietrosanti (naif) - lists
wrote:
> at GlobaLeaks we're encountering a lot of issues related to sending of
> email notification behind Tor, with almost any email provider.
>
> If the sender provider don't block you today, it will block you tomorrow
On Wed, 4 Sep 2013, mirimir wrote:
China seems to know how to detect Tor traffic. Are their methods public
knowledge?
I don't know. But can they detect a Tor user (or bot) in Brazil connecting
to a hidden service running on a server in Sweden? For that's what would
matter here.
Growing a b
On Wed, 4 Sep 2013, mirimir wrote:
Also, if this were a botnet, I would expect it to show up in honeypots.
Wouldn't its bots be easily detected, through searching for Tor
connections?
That depends on what the botnet is doing.
If it were using Tor to connect to some service on the public Intern
On Fri, 30 Aug 2013, lucia wrote:
WRT: "May be a botnet is using Tor?"
Read the thread at
http://www.spambotsecurity.com/forum/viewtopic.php?f=15&t=2095 The title
is
"Anyone else get hit by TOR-cloaked(?) botnet?"
Bot with Tor addresses hitting sites and attempting SQL injection have
been seen
On Wed, 7 Aug 2013, Ivan Zaigralin wrote:
What I am talking about is a trivial attack, technically trivial. The feds
(at least in US and in Russia) have a complete list of unpatched Windows
vulnerabilities. They also have crackers on staff.
They don't have "a complete list", but they have many
12 matches
Mail list logo
