Oh that. Figures. That's always the last thing to notice when Windows
doesn't even warn you if it blocks a file.
--leeroy
--
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Hi,
Maybe also check DEP settings.
1. Click Start, click Control Panel, and then double-click System. (or
right-click My Computer and choose Properties)
2. Click the Advanced tab. Then, under Performance, click Settings.
3. Click the Data Execution Prevention tab.
4a. Click, Turn on DEP for essen
Hi,
Say I modify some software under Tor Project license. Can I
amend/update the copyright to include extra contributors without
removing existing content? Is this allowed or would this mean an EFF
lawyer is going to be unhappy?
thanks
--leeroy
--
tor-talk mailing list - tor-talk@lists.torprojec
Hi,
At least for OFTC you should be able to connect using tor if you
authenticate. Authenticate during connect [0] and use SSL. Seems to
work well.
Hope that helps,
--leeroy
[0] http://www.oftc.net/NickServ/CertFP/
--
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or chang
Hi nusenu,
I'm glad you asked. Why don't they have the exit flag? It probably has
something to do with MinMeasuredBWsForAuthToIgnoreAdvertised being 500
by default. If you look at consensus-health [0] you see much more than
500. This means, and I'm only quoting the spec [1], that these relay
need
To add to what Roger said,
"Roger Dingledine" wrote:
> But even full scale padding, ignoring the practical side
> of how to get a Tor network that can afford to waste so
> much bandwidth, doesn't provide protection in the face of
> active attacks where you induce a gap on one side and
> then o
Hi,
So I was thinking, perhaps incorrectly, that ng-rend-spec doesn't do
enough to protect very public onion services. Sure, there are
advantages to the proposed changes. What if the adversary is also
someone who can derive the credentials? Encrypted descriptors don't do
much if you can throw SIGI
[0] https://www.torproject.org/projects/torbrowser/design/
--
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Hello,
To answer your question you might find the Tor Browser design document
[0] a useful read. Font support leads to browser/system
fingerprinting. Plugins and scripts can extract font support lists,
html5 canvas elements can be used together with font
support/rendering, and the way fonts are re
Hello,
As described on the contact page of torproject.org:
If you found a security issue in one of our projects or our
infrastructure, please email the respective maintainer. You can find
their GPG fingerprint/key on our developer ldap search page. Due to
the many different projects we have, we d
everything in the
plugin.
On 5/26/2015 at 6:40 PM, "l.m" wrote:I'd like to point out that if
you decide to use another SOCKS proxy
you may encounter another problem. Suppose I bypass the port assigned
to your custom proxy and instead point to the usual tor proxy. This
might occur if
I'd like to point out that if you decide to use another SOCKS proxy
you may encounter another problem. Suppose I bypass the port assigned
to your custom proxy and instead point to the usual tor proxy. This
might occur if a user manually configures the proxy and cannot tell
the difference between th
Hi Jeremy,
Thank you for the thoughtful and thorough reply! I think the users of
your software will appreciate you wanting to minimize attack surface.
One thing I've noticed about mitmproxy is that it appears to only
support SOCKS upstream proxies *without* authentication. It's also a
http pro
:o
Oh, nevermind I see you're already associated with that team.
Cool extension. So why the shift from plugin to proxy?
--leeroy
--
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Hi,
Is the Socks-to-Socks proxy absolutely necessary? This could be done
as a browser plugin couldn't it? You might find the work of the
FreeSpeechMe team interesting. They have the objective of integration
with tor which sounds a lot like what you describe. It's probably not
vetted to your standa
If tor had a more modular path selection system like pluggable
transports then work like this would be easier. Instead of forking tor
(perfectly fine of course), researchers could propose alternative path
selection algorithms. The proposals could go through a review then
implementation stage. Then
>You plan to
>deploy on a locally run user site yet you claim to be conscious of
>breaking the production server. It does not follow.
More typo. You stated somewhere you intend to deploy to a test site
run locally. Something to that effect. I hope I'm not quoting you out
of context. Which would me
>> If you accept payments by certain methods
>> (non-anonymous) your liability skyrockets
>> when those payments are issued using the onion.
>There you go, there's a reason against.
Incorrect. It's a reason to not accept those payment methods from the
onion.
>>I'd be curious whether you can fi
>So they try to prove identity using a CA-cert,
>then wrap encrypted onion traffic in another layer of
>encryption.
Typo. Not enough coffee. Enclose https in onion encryption. Worse even
than using a tor exit.
--
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change othe
Ben,
Oh wondrous challenges-by-example
About the https. I would just like to point out that FB using https
amounts to nothing more than a glorious kludge to win back people
who've moved on due to privacy concerns. So they try to prove identity
using a CA-cert, then wrap encrypted onion traffic in
Ben,
No, because, as I've said. Your deployment of www-front induces the
same design choices. A HS-front is nothing more than a gloriously
encrypted version of the www-front. Same challenges as www-front but
more resources, more computation, more headers, more proxying, more
concern for latency an
>>Oh, there are many, *many* more reasons to have an onion site for
your website than just that. :-)
Such as? A hidden service is by definition hidden. So if you're
willing to have both a HS-front and www-front, how is it that it's not
the only consideration. A tor exit hides the client-origin so
Hi,
I think you're putting too much thought into making your site
available as both hidden service and on www. It's not about if you
can, or should you do it. It can be reduced to one thing: do you want
to hide the origin server for the hidden service? If yes, you have to
consider the complexity o
Hi Chris,
Besides filling out a ticket you might try running TBB in debug mode.
Open a terminal and navigate to the folder you extracted TBB. It has a
folder called Browser and start-tor-browser.desktop. Now run:
./Browser/start-tor-browser --verbose
Which you will see from the script starts TBB
I'm looking at the archives. Where did they choose to reply on
tor-talk a second-time. I'm blind. Won't you please point me to the
right response. I see providing a contact, not details of research.
Enlighten me. When did they disclose that information after it was
requested.
Does you know? Didn't
Hi Jon,
You're using obfs3-bridges and you're not able to connect to them. If
you're sure there's no firewall interference on your computer you
should try the following. When you start Tor Browser click Open
Settings, Configure, Yes, then try changing the Transport type to one
of the meek-bridges.
Hi Cam,
What kind of web email? Could you be more specific?
--leeroy
--
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Hi Vincent,
> However, how can I validate that the emails were
> actually sent over the TOR network?
If you don't have access to the email on the other end you wont be
able to verify the headers. One way you might achieve your goal would
be to access the TorBirdy preferences and using the Test P
> There may be other security implications of a shared Tor client.
Such as
1. All users that share a tor client also share a threat model. The
tor configuration is shared. This may not be an ideal property.
2. If one user of the shared tor client breaks the process--it's
broken for all others. Wh
>Pretending an attempt didn't occur to force disclosure doesn't change
>the fact that it didn't happen.
In before Andreas, that should be didn't->did
--
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman
>> The people who operate them are public
>> figures too.
>You're the only one claiming that.
>
>Neither did Roger force the Aachen operator
>out - nobody except for LE even can do that.
I'm pretty sure I defended the researcher's right not to disclose
anything. Had nothing been disclosed these r
>relays are inherently public
Relays are a machine, an ip, a server, with a public relay descriptor.
You ISP has a similar descriptor for your CPE connected to their
infrastructure. So the ip you use is public without precaution. Does
that automatically make the association of you with that ip an
>"Dodgson, Dodgson, we've got Dodgson here!"
>... in other words, relays are inherently public.
What? did you actually contribute to the conversation? What the hell
does that even mean?
Fine. Relays are public. The people who operate them are public
figures too. To hell with privacy.
HS descri
Wow. You just blew my mind. So anonymity and privacy for users, but
not contributors that make said privacy features possible? By that
reasoning ContactInfo would be mandatory, which it's not. It also
follows that MyFamily would become a high-priority (mandatory) feature
to implement rather than so
How hypocritical. You like to change the subject, again. You and Roger
crossed the line when you didn't accept the operator's response and
leave them alone. They only responded because you *forced* them to. A
relay descriptor is not a person. It's a machine processing digital
blips on a wire. A pub
I didn't say wondering about an anomaly is disrespectful. Assuming you
have the right bring their relay's to everyone's attention is
disrespectful. This is a network around privacy and anonymity
after-all. Isn't there a better way to start a witch hunt? Like
discovering relay's that do something wr
I'm not trying to upset anyone but do we really have to stalk every
researcher who adds relays? Honestly, does there need to be a report
on x-number of relays were added, constituting a spike this month to
date? I mean this purely out of respect for tor-related research
worldwide. Engaging in t
Hi Sophie,
>If I would like to suggest to add a warning to the "Before
>using TorBirdy", where would be the right place to do so?
If you would like to submit the feature request what you would first
do is connect to Tor's bug tracker [0]. From there you can either
register for your own account o
Hi Yuri,
>If this is the concern that request to check.torproject.org might
>compromise security, this is the clear indication that TorBirdy/TBB
>aren't adequate for the requirements. Clearly, such people should
switch
>to VM isolation, and there is no need to ever go to
check.torproject.org
>
Hi,
"Lodewijk andré de la porte" wrote:
>And just trying not to be dragnetted at all times. It's important
>to sometimes use Tor, just so that when you actually do (one
>day, for whatever reason!) it doesn't seem suspicious :)
If you're trying to avoid suspicion you should use Tor for
*everything
>The ip check hidden behind a warning dialog hinders obtaining
>useful data. I'll keep that in mind.
On second thought there is an advantage to discouraging the use of the
check. If something went wrong with the socks port setting using the
check would leak the intention to use tor by connecting
Hi Sophie,
>Options b) and c) would be very luxurious, but option a) really
>solved my problem, and seems quite important for those who
>come from a different background.
There's a strong correlation between the perceived usefulness to
end-users and their support for a FOSS project :) A simple
Hi teor,
You could run TorBirdy through its own instance of the tor client
software, with a separate socks port.
This would avoid many of the issues you're trying to work around in
b) and c), as TorBirdy could happily send NEWNYM to its own client
instance all it liked. There is a slightly inc
Hi Sophie,
Hmm...Perhaps Atlas isn't the best choice here. At any given time the
exits you can choose from are those you know of locally. It might be
better to focus on TorBirdy instead.
When using Tor Browser, the tor process is kind enough to take notice
when using certain ports (WarnPlaintext
Hi again,
To demonstrate further the importance of port choice I think a
clarification is in order. From tor's spec [0] an exit may specify an
accept or reject policy. So the number of exits that may allow your
exiting traffic (in this case mail) is those that "accept" and those
that don't "reject
Hi Sophie,
"Sophie Hassfurther" wrote:
>How do I look up which ports work on which exit
>nodes? I tried searching Atlas, but I didn't find
>out how to do a reverse search.
Glad to see the problem appears sorted. To find exit policies I used
the cat and grep commands on microdesc data. This dat
Hi Yuri,
I, er, don't think what you're proposing is the answer to the OP's
problem.
If they're using a port which is only supported by 3 exits they'll
still have the problem. If one exit is blocked and they choose that
one the mail server will see further attempts as possibly malicious.
At least
Hi Yuri,
"Yuri" wrote:
>I understand your concerns. But I would also like to
>point out that "New Identity" for most implies new
>identity for everything. This is how, I believe, majority
>of technically not very savvy mass users thinks.
The new identity feature is documented to make *new* co
Hi Yuri,
"Yuri" wrote:
>I suggested adding new signal to also terminate old
>connections.
>https://trac.torproject.org/projects/tor/ticket/15660
The problem of closing the connections gracefully is generally left to
the application. In tor's spec it's explicitly stated that it's the
responsibil
Hi Sophie,
"Sophie Hassfurther" wrote:
>[...] so far choosing a new
>identity in Tor did not work for me, but restarting the
>Tor Browser worked. So maybe some circuits did not
>close?
>
>Just a general question: is it normal to get connected to
>the same exit node almost all the time, when I
You might also try exiting TorBirdy completely. Then use new identity
in Tor Browser. Then reopen TorBirdy and see if it's still reporting
the same exit.
--leeroy
--
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cg
Hi,
I would like to ask if you're using the Tor Browser bundle with or
without modification. When the new identity is used in Tor Browser
(it's my understanding--please correct if wrong) that the circuits
related to open tabs are allowed to close. This is because the NEWNYM
signal is issued while
Hi,
evervigil...@riseup.net wrote:
> If anyone has good intel on some really secure DNS
> addresses that would be great currently I'm using
> my VPN provider DNS servers and would like to
> have some more numbers to add to my list.
You might consider security and DNS a bit of a joke in that sec
> If you'd quote properly instead of cutting the context [...]
To put it bluntly. I read what you typed and saw a justification for
blocking tor. Whether you actually ascribe to the tactic is beside the
point. You typed: if I have no reason to accept tor on my server then
blocking it makes sen
On Thu, 12 Mar 2015 14:16:44 +, ma...@wk3.org wrote:
> On Wed, 11 Mar 2015 12:35:53 -0400
> "l.m" wrote:
>
> > Which site blocks tor exit entirely? I haven't seen one recently.
>
> https://pad.okfn.org/p/cloudflare-tor
>You apparently don't k
> https://pad.okfn.org/p/cloudflare-tor
That's a list of sites that use CF captchas. I meant CF-enabled sites
which block Tor access entirely with only a message box for the
site-admin. I just figured since the subject was "Protest Blocking..."
that there would be specific sites where this is poss
Which site blocks tor exit entirely? I haven't seen one recently. Most
of the time I just get the copy/paste if Javascript is off. If
Javascript is on I either don't get the copy/paste or I get the
browser fingerprinting page. If I'm not mistaken the browser
fingerprinting site is the only one a fr
On 3/5/2015 at 5:41 AM, "Dan Cristian Octavian" wrote:
>"It's a novel idea to prevent detection of the PT-server by
tunneling in some other traffic" instead of being sarcastic, maybe
you can focus on wording your message better, I find it quite hard to
follow what you write :)
I don't think i
ma...@wk3.org wrote:
> This could be mitigated by configuring
> the mailserver to require TLS, couldn't it?
Hi Malte,
It's certainly the case that you can enforce TLS. But which one? SMTPS
(TLS Wrapper) depends on the client enforcing and maintaining TLS on
port 465 using client-talks-first. It
Hi,
A good try at solving the problem but one which requires all mail
server to get onboard in the presence of established alternatives.
The proof of work system you propose doesn't address the problem of
tampered email contents or if the email was wanted. It *might* prevent
exits from being a
Hi Tomas,
There are two sources for certificates. The personal db and the
hard-coded db. Hard-coded is what TBB uses by default and is located
in the libnssckbi module. Also known as Builtin Object Token. This db
is read-only which is why those entries come back. The personal db is
disabled by def
Hi, It would be useful to know how the email account is setup in
general. Whether POP, IMAP, SMTP is used. SSL (TLS Wrapper) or
STARTTLS. Have any changes been made to default configuration of
Torbirdy preferences or non-default tor ports.
--leeroy
--
tor-talk mailing list - tor-talk@lists.torpr
Hi,
It sounds like you need to do a little introspection on why you want
to torify your ssh. You've already confessed to having a lack of faith
in your own technical ability. You need to ask yourself the
question--what is my threat model? You want to connect to a VPS--how
did you pay for this VPS?
>I want to login to my VPS over SSH.
>Is torsocks still a safe way to do this? A lot of the
>documentation (such as it is) is several years old.
Hi,
I cannot comment on using torsocks but you can achieve the same result
using netcat and the proxycommand of ssh/ssh_config. I found a Tor
Wiki rel
Wouldn't it be more accurate to say it's takes non-deterministic
latency and non-deterministic signalling to fix anonymity? Since if
either are deterministic by analysis of the application then said
anonymity is provably breakable by signals intelligence. So TCP isn't
enough, neither is padding or
>Leeroy, to avoid being indexed by Googlebot et al, place the
>appropriate /robots.txt at your root. It's described in the FAQ.
Yes I'm aware of the faq. It's just that in using google you'll always
be incomplete compared to ahmia.fi but thats ok by me.
--leeroy
--
tor-talk mailing list - tor-
>Alas no. I'm aware this is suboptimal. I see GOOG search engine as
a
>temporary-ladder just to get the ball rolling. I am open to using
any
>other index. For what it's worth I'm very pleased with GOOG's
>performance---right now it's searching an index of 650k onion pages
and the
>number grows
Hi,
Thanks for hosting a Tor2web proxy. I think I'm using the search wrong
though. What exactly is it supposed to do? If I type in duckduckgo I
don't find a useable link to the hidden service. If I type in the
onion for duckduckgo I don't get any indication that the link is,
well, duckduckgo. To b
"Patrick Schleizer" wrote:
>Being able to use the tor-launcher graphical user
>interface is what this proposal is for.
You still can. Tor launcher is an extension for firefox. It's not the
same as Vidalia. You would still need to launch the tor process
separately for system use. You could use To
"Ben Tasker" wrote:
Leeroy - I think what he meant was that if anyone can actually get
through
to someone to talk to (and get a response) - as opposed to breaching a
real
firewall and leaking staff details, at least that's the way I read it.
Good point. My apologies if that's the case. I might ha
"Mirimir" wrote:
Sorry, I wasn't clear. I meant that nobody here has made an argument
that "VPN -> Tor" is "definitely not good". I agree that leeroy seems
to
favor Case 2 aka "Using a VPN to connect to Tor".
Well lets try to setup an experiment. I'll get you started. It doesn't
require you to be
"Larry Brandt" wrote:
If anyone can penetrate their personnel firewall, please
disclose to this group. In most on my dealings, CenturyLink was too
under-employed to respond to my requests.
The problem hasn't even been confirmed as censorship of Tor and you
want to dox them publically using Tor
"Joe Btfsplk" wrote:
I gather the one with "more variables in my favor" is Case 2 - Using
VPN
to connect to Tor?
That is the one (some) have said is definitely not good - yes? Still
others may have said that VPN connecting to Tor, isn't as bad as some
have indicated?
Observation: There are a
Actually, my apologies. I forgot that if you use the method I
mentioned previously you'll need to issue NEWNYM to the control port
and you won't be able to use the improved new identity feature of Tor
Browser. A better solution.
1. Use a separate script to launch the tor process as previously
ment
"Patrick Schleizer" wrote:
To rephrase this proposal in an alternative way... At the moment, when
you download the TBB package, your only chance to use
tor-launcher/Tor/pluggable transports is to also start Tor Browser. No
way to do that without starting Tor Browser. What is being suggested
here,
nathan...@moltennetworks.co.uk wrote:
[...] I then enabled Pluggable Transports
(meet-google or something like that) and now I'm able to connect to
Tor without any issues. This really concerns me as I was able to
repeat the crash by launching Tor Browser Bundle and crash the router
again.
"Joe Btfsplk" wrote:
This VPN & Tor (or Tor & VPN) subject - and its discussion here has
become complex.
Maybe too complex for all but a handful of folks?
What's complex? Intelligence agencies are reportedly targeting all VPN
providers. Governments are targeting encryption of communications in
t
spencer...@openmailbox.org wrote:
>Understanding very little about WebRTC and STUN servers, what does
this
>mean for people?
It means:
1) The network configuration of linux is more secure than the network
configuration of windows. Even when using a VPN. Unless the VPN drops
(and leaks).
2) If
"grarpamp" wrote:
>>Lara wrote:
>>I have a OpenWRT router. And I can install tor on that. I would like
to
>>have a middle relay. Can I hook up my TBB (computer linked over
wifi) to
>>that tor session? Is it a bad idea? It would be on the same
subnetwork.
>TBB likely deploys and expects a specific
"krishna e bera" wrote:
>They are tapping the cables and getting ip addresses of browsers,
then
>sharing that with other "intelligence" agencies. E.g. you could be
>stopped at the border if someone in your house clicked on a monitored
site.
>Another reason to use Tor (not an uppercased acronym) a
"Patrick Schleizer" wrote:
>Being able to use the components, tor-launcher, Tor and pluggable
>transports that come with the TBB tarball for system use on Debian.
For
>use without or with the Tor Browser. Being able to use these
components,
>without being forced to run Tor Browser.
Your main conce
On 1/31/2015 at 11:13 AM, "aka" wrote:Hi,
I am using multiple Tor instances on the same machine and my CPU-usage
goes goes way up for a few seconds in exact one hour intervals. Is
this
regular behavior (generating new RSA keys?) or is it an anomaly of an
ongoing attack?
Every hour a new consensus
"Joe Btfsplk" wrote:
>But what I find happens - more than a few times, when a
>site doesn't like an Tor exit (it's IP, or it's location), using New
>Identity often selects another circuit *very* similar to the
previous;
Yes, Tor attempts to reuse known good exits from the past hour.
>It's bec
"Joe Btfsplk" wrote:
>I don't know that Vidalia is still considered "anonymity safe", in
>later TBB versions - like 4.02, 4.03.
>COMMENTS on that?
>Can someone explain about using the following methods - mentioned
earlier?
> You might try adding TrackHostExits ..
> You might also try AllowDo
"Josef 'veloc1ty' Stautner" wrote:Long story short: What type of
relay helps the TOR project more?
Exit-Relay or Middle-relay? Is it really the "job" from TOR to provide
an exit to the normal internet resources or should the focus be on
hidden services?
First, thank you for operating a Tor node. S
You can try running Tor Browser by issuing the command:
firefox --class "Awsum It Works" -profile
path-to-torbrowser-default-profile www.site.ru
If you get an error 'Couldn't load XPCOM' you need to set your
LD_LIBRARY_PATH to the location of the libstdc++.so.6 included with
your Tor Browser do
You're probably the only one viewing that site using Tor. That would
explain why you didn't have any problem at first. Now they've noticed.
It might be the changing exit node from new identity. Some exits get
listed in well known blacklists. Then the site operators start to pay
attention and they b
I know it's off topic but if you do use DNSCrypt by forcing DNS over
TCP make sure you don't use OpenDNS servers. If you're familiar with
OpenDNS you know they have a control panel where you can admin the
service wrt it's external ip relation. DNS based filtering and
monitoring of requests. If you
After missing signature it's now not listed in current consensus. Did
I miss some event?
-- leeroy
--
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
> i am concerned about https not being enough to protect tor2web
> users. In particular, I am concerned about what subdomain a user is
> visiting being leaked. Are there any established ways of preventing
> the subdomain from being leaked? Because none spring to my mind.
Where might this be a p
Oh wait, unless, did you mean same ip? So you'll have clients using
your bridge while you make connections to a guard. Current Tor
implements guard rotation mitigation. Observe directory connection
during bootstrap and associate timing with your initially chosen
guards. If clients later connect to
Nick Mathewson wrote:
> Personally, if I were doing something like this, I'd aim closer to
> Yawning's "Basket" protocol, which uses an established PQ
construction
> (ntru in Basket's case) rather than trying to invent a novel one.
While you're asking --
Isn't that like saying who needs SHA-3
Virgil Griffith wrote
> For example, if you run an exit node, your regular traffic is
disguised
> by exit traffic also coming from your ip#
I'm not sure I would call that use case more private. An observer
could
categorize your traffic incoming from an intermediary relay and time
that
traffic
Hi Hartmut,
I tried to reproduce your problem on Windows. You may have stumbled
onto a bug. Here are my results. Upon loading Tor-Browser, and after
automatic resize, the window has an extra large 32 pixel border along
the bottom edge. The content area is 1000x600 (for my display).
Producing one
> Perhaps the new implementation of the hidden services will be better
?
> How is it going ?
I don't see anything in the improvements suggested for hidden services
that would help this situation. Though I would be grateful for being
corrected.
First, I just want to say I only meant sheep(s) to e
Fine I'll remove the replies.
If a normal browser--without Tor works. Then don't worry about the
rules I mentioned.
If the only problem is you get a broken site using the onion address.
Then what is your HiddenServicePort in torrc.
Finally. In a normal browser--without Tor. Do you connect using
Hi, those are not good results. I recommend trying a couple more tests
on panopticlick.
1. After maximizing, then closing, then reopening Tor-Browser, it
resizes automatically--after a couple seconds. Test at this window
size.
2. Use Tor-Button to change identities. The window should resize
automa
I think it's also worth mentioning this may be an attack on your
service via your server's service provider. It's not impossible to
have one HS work fine but many cause timeouts as you begin to enable
all HS. As you begin to increase traffic to guards you give away that
your services are online.
the HiddenServicePort that is..
-- leeroy bearr
On 12/1/2014 at 6:59 AM, "l.m" wrote:A normal browser session
(without tor) works? Then don't worry about
the rules.
When you use the .onion address you have problems? What is your hidden
service configuration in torrc?
-- leeroy
or browser with .onion address, than only
markup loads up, and images also not loading including scripts &
stylesheets. About rules, what kind of rules do i need to set and how.
I
also have read Tor Relays & Bridges, is that what you're are refering
to?
Please advise. thanks...
On Mon,
1 - 100 of 110 matches
Mail list logo
