john doe:
> On 11/21/2018 3:27 PM, Patrick Schleizer wrote:
>>> Whonix: A High Security Method of Surfing the Internet
>>>
>>> Whonix is a desktop operating system designed for advanced security and
>>> privacy. Whonix mitigates the threat of common attack v
> Whonix: A High Security Method of Surfing the Internet
>
> Whonix is a desktop operating system designed for advanced security and
> privacy. Whonix mitigates the threat of common attack vectors while
> maintaining usability. Online anonymity is realized via fail-safe, automatic,
> and deskto
Hi,
is it possible to derive an hidden service onion v3 private key from a
mnemonic seed [1]?
Cheers,
Patrick
[1] https://en.bitcoin.it/wiki/Seed_phrase
--
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/ma
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
After more than two years of development, the Whonix Project is proud
to announce the release of Whonix 14.
Whonix 14 is based on the Debian stretch (Debian 9) distribution which
was released in June 2017. This means users have access to many new
so
TLDR:
1) How can one easily hack TBB to use clearnet? [1] (idea [2])
2) How can one enable cookies to persist in TBB?
3) How can one re-enable the Firefox password manager in TBB so one can
store passwords?
To archive that I've disabled private browser and tinkered with lots of
torbutton Firefo
A ticket was created just recently by me for that.
Tor TransparentProxy documentation: add IPv6 support / port to nftables
https://trac.torproject.org/projects/tor/ticket/21397
Can you edit
https://trac.torproject.org/projects/tor/wiki/doc/TransparentProxy
please or if you are shy create a new t
Slashdotdash:
> Hi folks, I'm working on a transparent proxy app for Gnome and I'm
> trying to get a Torbrowser instance running that launches without
> Vidalia. It's currently using the TOR_SKIP_LAUNCH=1 and
> TOR_TRANSPROXY=1 flags, which works except that it then modifies some
> key settings in
Patrick Schleizer:
> A number of advanced deanonymization attacks. These do not just apply to
> Whonix, but any anonymity system. Some are also general security issues.
>
> Rather than exploiting bugs in the hypervisor to break out, some of
> these attacks rely on the design of
A number of advanced deanonymization attacks. These do not just apply to
Whonix, but any anonymity system. Some are also general security issues.
Rather than exploiting bugs in the hypervisor to break out, some of
these attacks rely on the design of the underlying hardware to bypass
privilege sepa
CVE-2016-5696 and its effects on Tor
https://blog.patternsinthevoid.net/cve-2016-5696-and-its-effects-on-tor.html
--
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
s/tor/wiki/doc/TorPlusVPN
#
Related:
- [tor-talk] Tor routing algorithm questions
https://lists.torproject.org/pipermail/tor-talk/2016-July/041753.html
Cheers,
Patrick
Roger Dingledine:
> On Thu, Jul 07, 2016 at 10:57:00PM +, Patrick Schleizer wrote:
>> scenario A)
>>
>&g
Hi!
scenario A)
Let's assume someone's Tor client picked an entry guard on IP
AAA.BBB.CCC.EEE. And then [without knowing and/or by chance] tried to
make a torified connection to [1] IP AAA.BBB.CCC.EEE.
- Would Tor use that entry guard to establish the connection?
- If so, wouldn't that open up
Network Manager etc.
3) Now, Tails would remember FreeWifi358235892435 and assign entry guard B.
intrigeri:
> Hi,
>
> Patrick Schleizer wrote (09 Feb 2016 23:42:22 GMT) :
>> intrigeri:
>>> [can you please decide what mailing-list this discussion should happen
>>>
[quoting you in full since this mail was eaten by the whonix-devel list
for some reason even though I manually allowed it]
intrigeri:
> Hi,
>
> [can you please decide what mailing-list this discussion should happen
> on, and then we can stop cross-posting over 4 mailing-list?]
Comment (by yawning):
Is there an IRC network that won't start blocking Tor connections when
the usual suspects get unhappy and decide to spam/DoS the IRC
channels/servers?
https://trac.torproject.org/projects/tor/ticket/18002#comment:1
--
tor-talk mailing list - tor-talk@lists.torproject.org
T
sajolida:
> Patrick Schleizer:
>> Please suggest Tor-friendly IRC networks.
>>
>> Ideally ones, that would welcome the Tor community and actively
>> ensure/prioritize keeping it functional for Tor users.
>
> In Tails, we're moving our meetings to xmpp://confe
Flipchan:
> andr...@fastmail.fm skrev: (6 januari 2016 15:56:42 CET)
>> Is TorChat the usual program used for IRC?
No. TorChat is unrelated to IRC.
--
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/
Please suggest Tor-friendly IRC networks.
Ideally ones, that would welcome the Tor community and actively
ensure/prioritize keeping it functional for Tor users.
Cheers,
Patrick
--
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.t
Created a ticket for this.
move away from OFTC to new functional, Tor-friendly IRC network
https://trac.torproject.org/projects/tor/ticket/18002
Cheers,
Patrick
--
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/c
What are your experiences with OFTC and Tor blocking recently?
Cheers,
Patrick
--
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
sajolida:
> https://tails.boum.org/blueprint/persistent_Tor_state/
Persistent Tor state would be a good improvement. Could be the first
iteration. It would make Tails less fingerprintable and more secure for
people staying in the same location and/or not carding about
AdvGoalTracking.
But I
Hi!
Is it possible to derive and/or estimate the system clock by observing
TCP sequence numbers?
Jacob Appelbaum [1]:
> In the Linux kernel, TCP Sequence numbers embed the system clock and
then hash it. Yet another way to leak the system clock to the network.
As I understand the paper 'An Improv
Hi Roger!
Roger Dingledine:
> The first problem you're going to have here is that hidden services
> don't work unless your time is approximately correct. So you will have a
> chicken-and-egg problem using them to get an accurate time if you don't
> already have one.
Indeed. This is something I am
Griffin Boyce:
> The services that I trust the most are the ones I operate myself, and
> for myself.
Forgot to say, they need to be for public use.
> Aside from those, the duckduckgo hidden service has been
> really useful and has good uptime as well.
Good one.
--
tor-talk mailing list - to
meejah:
>
> Certainly not "great amouts of traffic",
Indeed. That is too much of a requirement.
> but the hidden-service which
> serves txtorcon docs and releases is stable:
>
> http://timaq4ygg2iegci7.onion/
Good one.
--
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe o
TLDR:
What web servers do you consider trustworthy, to take great care of
their visitors' privacy, that are stable and that get great amounts of
traffic, and most important, are reachable over .onion as a Tor Hidden
Service?
Please post them here.
--
Long:
Background... For distributed
Hello, I a developer of an anonymity-centric distribution. Called
Whonix, it's similar to TAILS but optimized for virtual machines.
We need to use a source to calibrate our system clock. For obvious and
non-obvious reasons, that source can't be NTP. The way we do it at the
moment is to fetch HTTP
AntiTree:
> It appears the repo has moved or been deleted? https://github.com/rustybird/
> corridor
>
> Is this on purpose while addressing the issue that Gavin brings up?
I don't think so. Looks like rustybird [Or someone else? Unlikely?]
deleted the whole account. See https://github.com/rustybi
l.m:
>
> "Patrick Schleizer" wrote:
> To rephrase this proposal in an alternative way... At the moment, when
> you download the TBB package, your only chance to use
> tor-launcher/Tor/pluggable transports is to also start Tor Browser. No
> way to do that without s
l.m:
> "Patrick Schleizer" wrote:
>> Being able to use the components, tor-launcher, Tor and pluggable
>> transports that come with the TBB tarball for system use on Debian.
> For
>> use without or with the Tor Browser. Being able to use these
> component
tacting us by E-Mail.
Patrick Schleizer (project leader)
adrelanos at riseup dot net
fortasse (webmaster)
fortasse at riseup dot net
Sponsorship contract possible with Patrick Schleizer if desired.
--
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other
See also:
https://trac.torproject.org/projects/tor/wiki/doc/TorPlusVPN
--
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Gavin Wahl:
>> I think the topic Bridge Firewall is also related here:
>>
> https://trac.torproject.org/projects/tor/wiki/doc/TorifyHOWTO/BridgeFirewall
>
>
>>
>> (The topic didn't move there yet, but it's all very similar ideas
>> we're discussing here.)
>
> Isn't corridor exactly what that a
Libertas:
> On 01/24/2015 11:51 PM, Patrick Schleizer wrote:
>> This feature wouldn't make anything worse for regular TBB users. Just
>> those who would like to use it as "system Tor" would be free to do so.
>
> Remember that every TB user that is identifia
carlo von lynX:
> I like Patrick's initiative.
Thanks! :)
> Please, make it possible
> to have Tor solutions that are more timely than debian
> but less intrusive than TAILS (I hate when I can't have
> my own unix configuration with all of my preferred apps).
Tails has the same issue. They're a
Libertas:
> On 01/24/2015 05:43 PM, Aeris wrote:
>> Currently, I also need something more like Vidalia or ARM, for system wide
>> usage, than TB, very limited for usage outside the web.
>
> What platform are you on? I'm pretty sure you can just use a daemon, the
> original way to use Tor.
He can
Libertas:
> On 01/24/2015 11:07 AM, Patrick Schleizer wrote:
>> We would like to use TBB as "system Tor". Using TBB not just as
>> integrated browser bundle, but as as Tor, Vidalia (Tor GUI), pluggable
>> transports replacement on the system level. For any appli
Hi!
TLDR
We would like to use TBB as "system Tor". Using TBB not just as
integrated browser bundle, but as as Tor, Vidalia (Tor GUI), pluggable
transports replacement on the system level. For any application. Not
just the browser.
Long
Why?
- Most, latest technology fo
Michael O Holstein:
> Although he doesn't say it directly (this time)
Did he say so directly some other time?
--
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Hi!
Could you please explain how to interpret Jacob Appelbaum's talk at
31c3? [1]
See also. [2] [3]
Is (almost) all traffic that is protected by the usual SSL CA's browser
encryption being monitored by NSA and friends?
Cheers,
Patrick
[1]
http://media.ccc.de/browse/congress/2014/31c3_-_6258_-_
Hi,
since updates downloaded by Tor Browser's Internal Updater [1] [2] are
unverified [3] we at Whonix project [4] are wondering [5] how to disable it.
Especially since updates are downloaded over Tor in case of Whonix.
Ideally, is there some way to disable it without recompiling / forking TBB?
Roger Dingledine wrote:
> I'm pretty sure by now if you say "onion service" people will know what
> you mean, so that might be another vote in its favor.
onion service looks nice. Not all onion services are location hidden
servers. Some use it as an alternative domain.
--
tor-talk mailing list -
Whonix is an operating system focused on anonymity, privacy and
security. It's based on the Tor anonymity network, Debian GNU/Linux and
security by isolation. DNS leaks are impossible, and not even malware
with root privileges can find out the user's real IP.
Whonix consists of two parts: One sole
I'd also appreciate if users could choose at first start of TBB rather
than at download time.
Sebastian G. :
> Upsides:
+ would also make multi language support easier for Whonix.
--
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://list
Cypher:
> On 08/24/2014 09:43 PM, Michael Wolf wrote:
> The article was very interesting - except the part about 'here's how you
> might want to fix this'. I certainly hope that the Tor project /is not/
> accepting patches submitted by NSA or GCHQ! Sure, I realize those
> agencies could very easily
Hi isis!
Thank you a lot for your detailed answer!
isis:
> for second in `seq 1 15` ; do
> sleep 1
> if `kill -0 $pid 2>&1 >/dev/null ` ; then
> wait "$pid"
> exitcode="$?"
> printf "Tor Browser exited suddenly! Exit code: %s\n" "$exitcode"
> exit "$exitcod
RD:
> Hello Tor,
>
> Despite my check-marking 'Make Tor Browser the Default browser', wherever
> I click on a link from an email regular Firefox opens up.
>
> How do I make Tor Browser always be the default?
>
> thanks
>
Hi,
if this about Linux or Windows?
If it is about Linux...
We're usin
isis:
> This should be fixed (for Linux) in an upcoming Tor Browser 4.0 release. I've
> added these things to the `start-tor-browser` script. There are:
>
> - Instructions for use, including additional Firefox preferences that
> you'll need to set (to tell Tor Button where your ControlPo
mick:
> On Tue, 29 Jul 2014 15:54:10 +0100
> mick allegedly wrote:
>
>> I have just checked on my tails mirror and I get the slightly
>> depressing results below:
>>
>> cat tails.log.1 | grep tails-i386-1.1.iso | grep -v .sig | sort -t. +0
>> -3 -u | wc -l
>>
>> 1774
>>
>> cat tails.log.1 | grep
shm...@riseup.net:
> in 3.6.3 TBB linux amd-64 i changed the port to 9050
>
> my local install of Tor is on the jessie alpha channel
>
> when i close & restart TBB i get:
>
> Something Went Wrong!
> Tor is not working in this browser.
This happens because of missing Tor ControlPort access.
The
Cypher:
> With the recent discussion about what your ISP can see when you use Tor,
> I ended up on the Tor Bridges page. On that page is the following statement:
>
> "I need an alternative way of getting bridges!
>
> Another way to get bridges is to send an email to
> brid...@torproject.org. Plea
ideas buenas:
> I don't trust Gmail nor Yahoo.
Okay.
> Roger, found another way.
You probably mean "Roger, find another way!" - which I would find offensive.
> No excuses, please.
This is offensive.
Nevertheless, on topic...
Go for private bridges. You must set it up. Someone else should do
Patrick Schleizer:
> Артур Истомин:
>> On Mon, Jul 14, 2014 at 12:17:14PM +, Patrick Schleizer wrote:
>>> Nice graphic. Looks similar for any country! Exponential growth of
>>> debts. But not because mainly more and more money is wasted, it is the
>>> money
Артур Истомин:
> On Mon, Jul 14, 2014 at 12:17:14PM +0000, Patrick Schleizer wrote:
>> Nice graphic. Looks similar for any country! Exponential growth of
>> debts. But not because mainly more and more money is wasted, it is the
>> money system itself that is broken. One of th
Mark McCarron:
> With the US military it is a case of take your pick, from hypersonic
> delivery systems and satellite laser shields, to brain scanning and
> strong AIs, I suppose any one or all of them could qualify.
>
> Take a look at the US federal debt, even though the wars have been
> winding
Hi!
Nusenu:
>>> I'm running Torbrowser on a system that is transparently routed
>>> through Tor. Is it OK to disable the TorLauncher Addon within
>>> Torbrowser in such a setup or has that any negative
>>> consequences?
>>
>> Using TOR_SKIP_LAUNCH is tested by more people. See:
>> https://trac.to
Tor disabled, no ETA [1]
Looks like this could take a while.
Isn't this enough reason to switch to a network that is explicitly
Tor-friendly?
[1] #oftc on irc.oftc.net topic
--
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torp
BlueStar88:
> On Wed, 02 Jul 2014 09:15:47 +
> Patrick Schleizer wrote:
>
>> BlueStar88:
>>>
>>> 37lnq2veifl4kar7.onion:6697 is up and running fine.
>>
>> Who runs that server? Inoffical one?
>>
>> I was more looking for a scal
BlueStar88:
> On Tue, 01 Jul 2014 11:55:40 +
> Patrick Schleizer wrote:
>
>> Hi!
>>
>> At times OFTC bans Tor users. [1] Such as for the last days.
>>
>> Should we at least have a temporary alternative place to meet up. Any
>> suggest
Hi!
At times OFTC bans Tor users. [1] Such as for the last days.
Should we at least have a temporary alternative place to meet up. Any
suggestions?
Cheers,
Patrick
[1] http://www.oftc.net/Tor/
--
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go t
Hi Moritz!
Moritz Bartl:
> On 06/06/2014 01:57 AM, ondesmarte...@riseup.net wrote:
>> Can you point me to any documentation relating to maintaining your relay's
>> security? I know that computer security is a large and complex problem,
>> but just some basic information on likely threats and tips
Nusenu:
> I'm running Torbrowser on a system that is transparently routed through
> Tor. Is it OK to disable the TorLauncher Addon within Torbrowser in such
> a setup or has that any negative consequences?
Using TOR_SKIP_LAUNCH is tested by more people. See:
https://trac.torproject.org/projects/to
Luther Blissett:
> On Wed, 14 May 2014 16:52:15 -0600 Mirimir
> wrote:
>
>> On 05/14/2014 04:21 PM, Patrick Schleizer wrote:
>>> Zenaan Harkness:
>>>> On the humour front:
>>>>
>>>> Dark net -> Light net
>>>
>>>
The discussion "Tor needs a forum" is old.
I see two problems on that topic.
1) Tor has no competition
("In the NSA's "Tor Stinks" presentation, they call Tor "the king of
high-secure [sic] low-latency Internet anonymity" with "no contenders
for the throne in waiting" [you find that quote on sea
Cypher:
> Hey Everyone,
>
> I have a an account on an anonymous mail service that I created via
> Tor. I'd like to access this account via POP3/SMTP using Thunderbird.
> According to the docs[1], Thunderbird is not safe to use with Tor.
> This advice was from 2012. Have things changed? Is Thunderb
Akater:
> How to use Tor as proxy? How are average users supposed to find that out?
They are not. As I understand, The Tor Project moved along from being a
proxy to shipping application bundles. Because they learned a thing over
years, that just setting proxy setting doesn't make it.
Best there i
Zenaan Harkness:
> On the humour front:
>
> Dark net
> -> Light net
Better.
> -> Illuminet
> -> so we are the Illuminetti ? :)
Please not. Iluminati is another negatively perceived term surrounded by
conspiracy theories.
> On a new brand:
> How about the Free Speech Network ?
Okay.
> The
Nicolas Vigier:
> On Tue, 13 May 2014, Patrick Schleizer wrote:
>> darkweb-everywhere
>>
>> "HTTPS Everywhere rulesets for hidden services and eepsites."
>>
>> https://github.com/chris-barry/darkweb-everywhere
>>
>> Just sharing it, be
Michael Wolf:
> On 5/14/2014 4:23 AM, Mike Cardwell wrote:
>> * on the Tue, May 13, 2014 at 08:51:28PM -0400, Michael Wolf wrote:
>>> I had an idea recently that might be an improvement (or might not?) on
>>> the darkweb-everywhere concept. What if we introduced an HTTP header
>>> similar to HSTS
Mike Cardwell:
> * on the Tue, May 13, 2014 at 08:51:28PM -0400, Michael Wolf wrote:
>
>>> darkweb-everywhere
>>>
>>> "HTTPS Everywhere rulesets for hidden services and eepsites."
>>>
>>> https://github.com/chris-barry/darkweb-everywhere
>>>
>>
>> I had an idea recently that might be an improvemen
Michael Wolf:
>> And vice versa, should .onion addresses send a HTTP header
>> > `X-Clearnet-Address`?
> I don't see any advantage to doing this.
When the .clearnet domain authenticates/advertises the .onion domain, I
think also the .onion domain should authenticate/advertise the .clearnet
domain.
Michael Wolf:
> On 5/13/2014 7:24 PM, Patrick Schleizer wrote:
>> darkweb-everywhere
>>
>> "HTTPS Everywhere rulesets for hidden services and eepsites."
>>
>> https://github.com/chris-barry/darkweb-everywhere
>>
>
> I had an idea recentl
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
darkweb-everywhere
"HTTPS Everywhere rulesets for hidden services and eepsites."
https://github.com/chris-barry/darkweb-everywhere
Just sharing it, because I thought it's an interesting follow up to
our previous discussion "Using HTTPS Everywhere
Gregory Maxwell:
> On Sun, May 4, 2014 at 5:14 PM, Griffin Boyce wrote:
>> Hey all,
>>
>> So Satori is this app for Google Chrome that distributes circumvention
>> software in a difficult-to-block way and makes it easy for users to check if
>> it's been tampered with in-transit.
>
> You might b
Griffin Boyce:
> Patrick Schleizer wrote:
>> terrific project! Especially the integrated hash verification is a big
>> security gain!
>>
>> Is a port to firefox planned?
>>
>> Do you take project suggestions?
>>
>> I'd be interested to see Wh
Hi Griffin,
terrific project! Especially the integrated hash verification is a big
security gain!
Is a port to firefox planned?
Do you take project suggestions?
I'd be interested to see Whonix added.
Cheers,
Patrick
--
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or c
Bernard Tyers:
> Hi there,
>
> Genuine question from someone today:
>
> - they use a VPN service (I think Witopio?)
> - they want to use Tor browser to surf safely
>
> They asked can they "safely" use Tor through their VPN service. When
> questioned they meant "will Tor give me enough protection
Gareth Owen:
> Does tor do any form of time synchronisation?
No. See also:
https://trac.torproject.org/projects/tor/ticket/8170
Cheers,
Patrick
--
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/lis
Mike Perry:
> At this point, you will see a FIN ACK or RST ACK packet appear in your
> tcpdump window. That packet has leaked past the iptables firewall rules,
> and past the transproxy rules. It went straight to Google.
Can you post an example log please how it's the tcpdump output is
looking whe
Has this bug been reported upstream against the Linux kernel on kernel.org?
--
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Soul Plane:
> I have an Ubuntu middlebox to torify. It uses TransListenAddress,
> TransPort. One interface accepts incoming traffic that will be torified.
> The connections to the tor network go out on the other interface which can
> access the internet unrestricted. I can't find the original direc
Nima Fatemi:
> Jeff:
>> Hi... can you tell me why my download speeds are so slow ?
>> I've reduced the upload speed to minimum but lately the download speed has
>> been 2-3kbps when downloading movies. It has been 1mbps at times, but its
>> mostly the lower figure. Regards, Jeff
>>
>>
TLDR:
Future Directions - Where Whonix wants to be in 2 or 5 years?
Do we want Whonix to be for average users or just for those with unix
knowledge?
Whonix is a useful tool for some already, got many fans. How can we make
Whonix really user friendly to allow mass adaption by regular people who
n
Griffin Boyce:
> Patrick Schleizer wrote:
>> The Whonix project has currently two job offers:
>
>> - https://www.whonix.org/blog/project-coordinator/ -
>> https://www.whonix.org/blog/job-offer-developer/
>
>> We don't have founding for these yet, but hopef
The Whonix project has currently two job offers:
- https://www.whonix.org/blog/project-coordinator/
- https://www.whonix.org/blog/job-offer-developer/
We don't have founding for these yet, but hopefully soon.
Cheers,
Patrick
--
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscrib
Joe Btfsplk:
> 1) I doubt you'll be able to run > 1 instance of TBB - at once - if
> that's part of what you want.
> Others can correct me, if wrong.
This is possible. Simpler since TBB 3.x. Although undocumented. Bits can
be found here:
- https://trac.torproject.org/projects/tor/wiki/doc/TorifyHO
Roger Dingledine:
> That said, the question in my mind is how to move this from "if you're
> very smart, you can write your own https-everywhere rule for yourself"
> to "ordinary TBB users get this benefit". I don't really want to get
> into the business of writing an /etc/hosts file for public web
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Whonix is an operating system focused on anonymity, privacy and
security. It's based on the Tor anonymity network, Debian GNU/Linux and
security by isolation. DNS leaks are impossible, and not even malware
with root privileges can find out the user's
I've added corridor to the comparison of Whonix, Tails, Tor Browser and
Qubes OS TorVM.
https://www.whonix.org/wiki/Comparison_with_Others
Hopefully this makes the differences a bit clearer. Please feel free to
hit the edit button if anything looks wrong or tell me.
--
tor-talk mailing list - to
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Rusty Bird:
>> It's an documented and automated process.
>
> What is that process?
https://blog.torproject.org/blog/lifecycle-of-a-new-relay
https://gitweb.torproject.org/torspec.git/blob/HEAD:/dir-spec.txt#l1768
(search
for "Guard")
>>> But a fre
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Rusty Bird:
> Patrick Schleizer:
>> The problem is, any Whonix-Workstation behind Whonix-Gateway -
>> once compromised - can claim to be another Whonix-Workstation,
>> thus not being stream isolated anymore.
>>
>>
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
I think the topic Bridge Firewall is also related here:
https://trac.torproject.org/projects/tor/wiki/doc/TorifyHOWTO/BridgeFirewall
(The topic didn't move there yet, but it's all very similar ideas
we're discussing here.)
>> What's the threat mode
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Hi Rusty,
this is an interesting concept.
Do you know Whonix [0]? (Full disclosure: I am a maintainer of
Whonix.) It is an Isolating Proxy [1] with an additional Transparent
Proxy [2] (Anonymizing Middlebox), which can be optionally disabled.
Rust
Moritz Bartl:
> On 02/12/2014 02:30 AM, Soul Plane wrote:
>> Ok thanks. I checked the blog today and saw that 3.5.2 was released. I
>> didn't get any announcement. Why not announce the releases through
>> tor-announce? I'm subscribed to that but I didn't get any notice. Is there
>> a list or RSS fe
Missouri Anglers:
> Hulu requires JavaScript to work properly.
> If you enable JavaScript when visiting the site
> does that not defeat the purpose of using TOR?
Note: JavaScript is not the same as Java. Please also see:
https://www.torproject.org/docs/faq.html.en#TBBJavaScriptEnabled
--
tor-ta
Soul Plane:
> Is it ok to use the Tor Browser without Tor?
What do you mean by "ok"?
Ethical? Sure.
Legal? In most countries, where Firefox/Tor Browser is legal, this would
be legal as well.
Possible? Yes.
Useful? The more people doing it, the better.
> I don't need Tor but I like
> the privacy f
TheMindwareGroup:
> Programs can automatically add themselves to the windows firewall
> found some code that does it here:-
>
> http://msdn.microsoft.com/en-us/library/windows/desktop/aa366421%28v=vs.85%29.aspx
>
> Making useless against attacks from the inside.
It has already been said, that fi
TheMindwareGroup:
> Windows firewall is useless.
Citation required.
I guess Windows firewall does what it promises. You can have some
services reachable on lan, but not on wan. Which is the original purpose
of a firewall. You're probably looking for filtering outgoing traffic?
That is flawed conc
and...@torproject.is:
> Cc
> Bcc:
> Subject: Re: [tor-talk] giving up pseudonymity after collecting experiences
> with pseudonymous project development
> Reply-To:
> In-Reply-To: <52da7d13.4010...@riseup.net>
> X-PhaseofMoon: "The Moon is Waning Gibbous (95% of Full)"
>
> On Sat, Jan 18, 2014 a
You may have noticed that I, previously known only known under the
pseudonym adrelanos, decided to give up my pseudonymity. It was an
interesting experience to pseudonymously maintain a Linux distribution
(Whonix). I've learned a lot during these ~ 2 years.
I didn't have too bad luck in the lotter
1 - 100 of 101 matches
Mail list logo
