If you add an icon for Wahay, it can more easily be added to the Menu
Editor in Internet as a "New Item". The icon makes it more readily
identifiable in the menu. Adding it to the menu is pretty
cut-and-dried. It does start in Kubuntu 18.04, but I have not attempted
yet to join any meetings
and
I had to use a LiveCD to go in and remove the program, then I logged back in
and purged all of the program.
If you have a laptop then your keyboard will still work and whatever comes with
the computer that is not connected
to a USB port.
If your particular distro does not have this program, the
h content - to refresh
the Website one then need of course to have Tor. This might be part of your
evaluation to store your URLs in a Database, as it is encrypted and
provides options to be searched and brought to your website.
Regards Tom
On Sun, Mar 31, 2019 at 1:56 AM anan wrote:
> Hi,
>
Looks fine, you're getting NXDOMAIN, not SERVFAIL.
What do you expect a DNS query for a .onion to return?
Op 11/09/2017 om 11:23 schreef C. L. Martinez:
> Hi all,
>
> I am trying to figure out the best way to handle DNS requests to both
> clearnet and Tor onionland. Currently, I am using two
I recently heard that Raspberry Pi could be used as various server, so I'd
like to buy and use Raspberry Pi as tor relay.
But Raspberry Pi performs slower than normal pc, so I thought it can't
perform as well as I expected.
1. Comparing normal pc and RPi as Tor relay, there are no performance
d
, some of these apps with a proxy over Tor provide it?
https://m.heise.de/ix/heft/Entzaubert-3754494.html
Regards Tom
-- Forwarded message --
From: grarpamp
Date: Mon, Jul 3, 2017 at 8:02 AM
> https://smokeappope.sourceforge.io/
https://smokeappope.sourceforge.io/#MobileScoreC
http://thehackernews.com/2017/07/ssh-credential-hacking.html?m=1
This post could be helpful. But how CIA could unveil the encryption?
Interesting and horrable...
2017. 7. 7. 오후 9:00에 님이 작성:
> Send tor-talk mailing list submissions to
> tor-talk@lists.torproject.org
>
> To subscribe or un
Hi Sebastian,
As far as I know there's no official Tor RPM channel anymore, and EPEL
won't ship alphas. There may be community run repos that have Tor
packages (I have one) but as a general rule you can't trust those and
they'll lag behind :-)
Maybe try compiling it from sou
Hi Sebastian,
0.2.8.8 is the latest version :-)
Tom
> On 9 Oct 2016, at 12:36, Sebastian Elisa Pfeifer
> wrote:
>
> Hi.
>
> I want to move my Tor Node from Debian to Fedora. The guide tells me to
> install the normal packages from the Fedora Repositories
> (https:/
Hello ja.talk,
if you are a man, then block yourself. The main distinction between men an
animals is that animals can't choose, they have to suffer their being as they
are. Men have always the choice. and are able to change themselfes.
So don't spread you stupid "I am an asshole". Think about w
Yes take care and look yourself or believe so called experts or
multiplicators. I agree that all closed source crypto is obsolete. Regards
Tom
Am 30.01.2016 11:47 schrieb "Jeremy Rand" :
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA256
>
> On 01/30/2016 04:30 AM, A
Anthony, you describe BitMail - http://bitmail.sf.net not, BitMessage,
please dont mix it up! Regards Tom
On Sat, Jan 30, 2016 at 3:06 AM, Anthony Papillion
wrote:
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA512
>
> On 01/29/2016 07:05 AM, anonymous coward wrote:
> &g
That's not a guide, it just says 'call us'
> On 15 Dec 2015, at 17:09, Fabio Pietrosanti (naif) - lists
> wrote:
>
> Hello,
>
> we asked on Twitter to Digicert to provide a quick guide on how order an
> x509v3 certificate for TLS for a .onion, they've just published this
> small guide:
> http
You can't fake a Tor relay, they are cryptographically protected. At best they
could tell that you're connected somewhere, or stop you from doing that, but
they can't see any of the contents, or MITM it.
Tom
> On 01 Nov 2015, at 11:23, Felix wrote:
>
> O.K., so if
Felix,
Guards' network speeds are assessed based on the view of the network, not the
client. What this means for your North Korea example is that the government
couldn't affect path selection by slowing down the network, as Tor will still
pick the same guards.
Tom
> On 01 No
Hi Marcos,
1. Do you run a relay yourself yet?
2. Combination of all of them
3. Current speed is good, in the future it will either get better, stay
the same, or get worse, depending on how much the community contributes.
Tom
Op 13/10/15 om 19:38 schreef Marcos Eugenio Kehl:
Hello cripto
> Hello,
>
> for your further research: reports about Geo Location Routing
>
> https://alibi.cs.umd.edu/
> http://www.heise.de/tr/artikel/Surfen-mit-Alibi-2806120.html
>
http://www.heise.de/newsticker/meldung/Alibi-Routing-Peer-to-Peer-Technik-zur-Nutzer-Kontrolle-des-Datenverkehrs-2826970.ht
hould be taken with a barrel of
salt.
Tom
> On 27 Aug 2015, at 14:57, Paul Syverson wrote:
>
>> On Thu, Aug 27, 2015 at 10:08:26AM +0200, Tom van der Woerdt wrote:
>> In some corporate environments this would be a reasonable thing to
>> do. And the article that
seems reasonable.
Tom
> On 27 Aug 2015, at 08:47, Virgil Griffith wrote:
>
> "In general, networks should be configured to deny access to websites such
> as www.torproject.org"
>
> Blocking Tor exit nodes is one thing, but this is just bizarre. They could
> make a
Olaf,
If you can send me the source code and database (if any), I can continue to run
it from a more favorable location (say, Amsterdam or Frankfurt). I have the
resources/knowledge to do this.
Tom
> On 23 Aug 2015, at 16:22, Olaf Selke wrote:
>
> Hello folks,
>
> my h
ld like to find data to support my belief. Anyone know of such
research or statistics?
Thanks!
Drew
https://keybase.io/pdp7
Doing such research, where one would be snooping on Tor users' traffic
and most likely without their consent, would be "amoral".
Tom
--
tor-talk mail
Similar from me :
torsocks ab -c 10 -n 1 http://eujuuws2nacz4xw4.onion/
Tom
Ben schreef op 05/07/15 om 10:02:
Much the same, but with some stats (some of which are likely irrelevant,
but I poached the line from another script I use)
#!/bin/bash
torify curl -w
"%{http_code},\&
Hi Jeremy,
Yup, that's what I meant. Put haproxy between the user and the socks proxy and
it'll nicely pass sockets to Tor instances, transparently.
Tom
> On 24 May 2015, at 13:30, Jeremy Rand wrote:
>
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA256
>
>&
Hi Jeremy,
After reading your message I wonder whether a simple TCP proxy is what you
want. Maybe have a look at haproxy?
Tom
> On 24 May 2015, at 13:15, Jeremy Rand wrote:
>
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA256
>
> Hello,
>
> I'm inter
the the maximum limit of 7 hops is
> reached.
>
> That's maybe a bit too deep to explain in the slides so I guess 4 hops
> Client <-> Intro is good enough. :)
Yea, the extension quirk I think is a bit much, but I fixed the number
of hops - now that I think about it clos
. I can export it as powerpoint, html, images, or pdf and
send you any one of those five. (Or all of them.)
-tom
--
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
https://ritter.vg/p/tor-v1.2.pdf Yes - it is long.
There's a lot to tor these days :)
-tom
--
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
sn't a big deal.
Bridges might have some very small benefit from looking like an old
Firefox, but this is not proven. Also, pluggable transports completely
eliminate the need for fingerprint resistance in Tor.
Tom
Allen schreef op 01/05/15 om 07:41:
I didn't see an answer to this
Please clarify "secure"? Tor has its own built-in DNS resolution that
will ignore client-side settings.
If you're referring to relay DNS: I strongly recommend running a DNS
resolver locally, and enabling DNSSEC. That's as secure as you can get them.
Tom
evervigil...@r
I know of a good one.
-T
gary02121...@openmailbox.org schreef op 04/04/15 om 17:47:
Hi!
Are most hidden services bad? Are there more bad hidden services?
Thanks!
--
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject
network (not to mention the popularity gain).
Oh, and don't forget that the "normal" internet also has quite a high
share of this kind of traffic.
Tom
[1]: https://en.wikipedia.org/wiki/Pornography_by_region
Josef 'veloc1ty' Stautner schreef op 16/01/15 om 21:40:
H
Hi Lorenzo,
1Mbit is 125Kbyte. :)
Tom
> On 12 Jan 2015, at 08:18, Lorenzo Milesi wrote:
>
> Hi.
> I've recently set up a Tor node but bandwidth is running out quickly :)
> Since I don't want to throttle BW using Tor's options (which basically turns
> it do
Just wanted to point out that I think it's awesome Thomas is doing this!
Buy him a beer if you see him.
Tom
Thomas White schreef op 02/01/15 om 09:42:
Hey all,
So following my other mail, I just want to offer people on this
mailing list a chance to test something out before I go int
lays
that are mainly middle routers or guards.
Tom
--
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
the obvious that if we're talking about diversity
for the purposes of security, the network-accessible parts of tor rely
on OpenSSL, which would probably be difficult to swap out, but might
be worth it as an experiment. Even if it's to LibreSSL. Maybe the
zlib library also, but that o
a bridge though.
-tom
--
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
you from load balancing a single HS address across multiple nodes. If
you run 3 nodes, tell 1 of them to handle the introductions, and have
this node communicate with the other nodes which then handle the
rendezvous part. It might need some hacking in the Tor code, but this
should scale for se
a couple of Tor users. I would
> have used SSH to get to a 'unmonitored network', Tor and then mixmaster.
Which is exactly how we got a couple mixmaster nodes raided last year
by the FBI. (University of Philadelphia bomb threats) =(
-tom
--
tor-talk mailing list - tor-talk@lists.torp
they should look at the block closest(?) to 22:00.
--
Tom Fitzhenry
0. https://en.bitcoin.it/wiki/Difficulty
1. http://bitcoin.stackexchange.com/questions/146/what-are-bitcoin-confirmations
--
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
htt
NOTE: Sorry about sending that duplicate.
Best regards,
cl34r
On Fri, Oct 18, 2013 at 10:13 AM, Tom Goldman wrote:
> Recently, I stumbled upon a very interesting article at
> http://spectrum.ieee.org/telecom/security/can-you-trust-nist
> Does this mean that Tor could technically be
Recently, I stumbled upon a very interesting article at
http://spectrum.ieee.org/telecom/security/can-you-trust-nist
Does this mean that Tor could technically be weakened by the NSA?
Best regards,
cl34r
--
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other setti
Recently, I stumbled upon a very interesting article at
http://spectrum.ieee.org/telecom/security/can-you-trust-nist
Does this mean that Tor could technically be weakened by the NSA?
Best regards,
cl34r
--
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other setti
Just my 2 cents: trying to read that page using my (untorified) Web Browser
with NoScript enabled, those want to execute javascript:
twitter.com
cloudfront.net
google.com
googletagmanager.com
google-analytics.com
outbrain.com
tynt.com
chartbeat.com
ooyala.com
stumbleupon.com
ad-vice.biz
quantserv
eing as it's
likely the research stations are supplied internet through government
connections, I'd be interested in using Tor if I were on such a
station...
-tom
--
tor-talk mailing list - tor-talk@lists.torproject.org
To unsusbscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
is way
is likely to decrease, not increase, your security and anonymity.
-tom
--
tor-talk mailing list - tor-talk@lists.torproject.org
To unsusbscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Hey grarpamp,
You may have explained this elsewhere, but if so I missed it
(potentially while on an internet moratorium for the past week) - how
are you observing these statistics?
Thanks,
-tom
--
tor-talk mailing list - tor-talk@lists.torproject.org
To unsusbscribe or change other settings go
these sorts of questions once her slides go up
in a couple weeks.)
Regarding their ability to monitor EC2 - well it depends on what
datacenter. The bulk of EC2 is in the Virginia one - and yea the NSA
probably has a line on that one or it's upstream ;) But what about
the on
On Jul 11, 2013 11:41 PM, "cl34r" wrote:
>
> On 07/11/2013 11:24 PM, Gabrielle DiFonzo wrote:
>>
>> Hi there,
>>
> Hi
>
>> I am currently running Windows 7 and my usual browser is Internet
Explorer. If I download Tor, will I still be able to use Internet Explorer
when I want to?
>
> You can config
rt of
dump, containing all the data up until the last day, after they
shuttered a site, I would consider them as having COMPLETELY violated
the principles the site was founded on, and would go over to their
office (they're in NYC) and see if I could plead with them into giving
it to me on a th
logins, emails and passwords)
> could be retrieved through <http://data.stackexchange.com/>, but it
> looks a bit tedious to get a full export. Also, given there's a CAPTCHA,
> I am not sure backups could be automated.
Did they stop doing the database dumps?
-tom
___
tor-talk mailing list
tor-talk@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
mages run Obfs Bridges, so it's better to run one of those
than roll your own.
-tom
___
tor-talk mailing list
tor-talk@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
ases single points of failure. If you cannot
find a VPS you can afford to run an exit node on, consider running a bridge
or a relay node on a VPS that (you think) other people aren't also using.
Sorry there's no easy answer,
-tom
___
hat regard, HS are still good, because as you said "sources are forced to
use Tor, [with] end-to-end crypto without relying on CAs".
-tom
___
tor-talk mailing list
tor-talk@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
to deal with the complaints at all,
but they won't do that either.
-tom (who also uses Linode for his server, but runs it as a middleman)
___
tor-talk mailing list
tor-talk@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
On 24 May 2013 09:25, Andreas Krey wrote:
> On Fri, 24 May 2013 07:22:28 +0000, Tom Ritter wrote:
> ...
>> ... Actually that's not true. I could have bought a certificate for a
>> .onion address, any .onion address, from any CA until the end of 2015.
>
> How that?
.
talk to a HS over SSL, and
attempt to negotiate an anonymous, non-confidential ciphersuite (to
reduce the CPU needed) or make other provisions to accommodate it,
like ignore PKIX validation and showing no security indicators.
-tom
[0]https://code.google.com/p/mod-spdy/wiki/ConfigOptions#Debugging_
resource push features of SPDY
might be a hugely tremendous boone, without requiring re-architecture
web apps.
-tom
___
tor-talk mailing list
tor-talk@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
es and content (or even entire pages) that
the user is likely to want while they are browsing the page
f) potentially, I haven't tried this, using the new prefetch
directives for bleeding-edge browsers
Those are just off the top of my head, I'm sure there's more. It
e test of VLC as opposed to
my subjective hand-waving, but I'm not aware of one.
-tom
___
tor-talk mailing list
tor-talk@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
ypes of
bugs are pretty tricky to track down. I did want to point you in the
right direction for maybe finding the culprit though.
-tom.
___
tor-talk mailing list
tor-talk@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
anonymous proxy. I don't even care about paying 25% more at that
point, I just want to do it anonymously. These days, my opinion is
that I hope bitcoin matures to the point where a system like this is
both possible and widely implemented. [1]
-tom
[0] There's definitely some parallel
IP doesn't help. But it can still
make a proxy-circumventing request. Putting Flash in a VM and
restricting the VM from making any request except through the proxy
(or routing all requests through the proxy) alleviates that concern.
-tom
___
tor-t
t otherwise perhaps you can provide a little
more feedback, or elaborate on what areas you believe are factually
inaccurate?
-tom
___
tor-talk mailing list
tor-talk@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
itator communication channel go
up: it must now be bi-directional and support up to 1K of data or so.
- The signing of certificates would introduce a DOS channel. This can be
mitigated in some sense by rejecting requests for an IP if you've signed a
ce
a your alternate email or
phone) on the first login from an anonymous proxy service, after that
they flag your account so they don't bother you again.
I haven't test the limits or implementation of this.
-tom.
___
tor-talk mailing list
tor-talk@list
On 15 March 2013 18:34, Joe Btfsplk wrote:
> Don't know if this will always work, for all providers, but I have set torrc
> to use only exit nodes in my country
I don't think this should be a recommended practice, because (while
you are in that country) it explicitly enables your government to
pe
Hello! I'm Tom Lowenthal; we may have spoken before, but I can tell
you all about me later.
I'm Tor's new project coordinator, starting forthwith. I'm here to
deal with logistics and communication, and all kinds of other
interfering nonsense so that Tor folks can focus on th
On 9 January 2013 10:33, Alexandre Guillioud
wrote:
> Wooo thank's Tom ! First time using mailing lists, i'm going to like it :D
> (and it's not a problem to answer from work :DD).
> Ok, so i understand what you're meaning by high/low latency network.
>
>
algorithms for pooling, and we'll go into more detail about them and
> pool attacks later.
As a mix node, if I accumulate 8 same-size messages, and then send
them all out at once to 8 recipients, you can't use traffic analysis
to see who I sent which message out to -
Roger once, many moons ago, I recall he expressed the desire that
one day, in an ideal world, Alpha Mixing would indeed be the main
mixing of the network, to allow for transit of other types of things,
like email.
-tom
[0] http://www.freehaven.net/doc/alpha-mixing/alpha-mixing.pdf
bad).
That's all assuming you mean abuse from the perspective of the
recipient, and not abuse form the perspective of the remailer
operator.
-tom
___
tor-talk mailing list
tor-talk@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
I'm hoping this will be of interest to this list. To encourage
interest in the waning art of remailers, I'm starting what I aim to be
a long series on how they work, design choices, technical limitations,
and attacks. The first five are now live at https://crypto.is/b
nts out of a database and display them on the page.
Now the comments are stored elsewhere and the page in git has some
boilerplate javascript to load the comments. You can even let uses
markdown-style their comments.
-tom
___
tor-talk mailing list
tor-t
>
> Thanks. Niles.
>
Yes. At least based on what I see here:
https://gitweb.torproject.org/torbrowser.git/tree/HEAD:/src/current-patches/firefox
and in particular here:
https://gitweb.torproject.org/torbrowser.git/blob/HEAD:/src/current-patches/
I'd design as much or all of the db-parts of the site to load over AJAX as
possible, so you can put up a nice "Loading..." message. Keep a persistent
connection to the database; don't connect for every client (pconnect in
PHP). Maybe do a redundant design that aims for eventual consistency if
you
on a HS on a VPS outside the country. Or for
something that costs nothing, Host the blog on blogger.com or wordpress,
and connect to it over Tor, signing up using non personally identifiable
information
-tom
___
tor-talk mailing list
tor-talk@lists.torproje
ects/tor/wiki/doc/PreventingDnsLeaksInTor
- https://trac.torproject.org/projects/tor/wiki/doc/TorifyHOWTO
- https://trac.torproject.org/projects/tor/wiki/doc/TransparentProxyLeaks
It's long, but you're now doing work as a developer, not a user - you
owe it to the users of *your*
roblems to overcome would be to figure out a way to track
upstream easily and identifying use cases where people would really
benefit from specific tools, to focus on those first. TorPidginOTR
seems like it'd be a likely candidate... unless there'
I'm just thinking
aloud, and if the idea of exposing HS to the normal web through .onion
is desirable, we could start brainstorming in advance of the several
hundred pages of paperwork applying for a gTLD requires.
-tom
[0] If every DNS Request returned the IP of Entry Guard or similar
node,
st seems like it could be worth codifying a preference in the OpenPGP
standard. Potentially interpreting
http://tools.ietf.org/html/rfc4880#section-5.2.3.17 to also imply throw-keyid
or adding a new option.
- -tom
-BEGIN PGP SIGNATURE-
iEYEARECAAYFAlAJ/DwACgkQJZJIJEzU09tWhwCfbW9CKWh
trol to verify the certificate through external validators or
notify you if the certificate changes (respectively).
In other applications: IE, wget, curl, etc - there aren't any
'prebuilt' options - you'd have to write some sort of plugin or hook
yourself.
-tom
__
he blog. If you are,
perhaps a separate 'Tor Engineering' blog? If you do separate it into
a second blog, you could disable comments, simul-post to the tor-dev
list, and say all comments should go on-list
-tom
___
tor-tal
that important? It seems like it would be. As an example, go
through this thread, and see whose reply header is of the form "On X,
Y wrote:" and now you know who's not running the latest version.
-tom
[1] https://ritter.vg/blog-no_email_security.html
___
wall which
abstracts iptables to configuration files that make (more) sense.
-tom
___
tor-talk mailing list
tor-talk@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
On 29 April 2012 12:53, anonym wrote:
>
> So, you have to switch from using Google's DNS (which blocks Tor
> nowadays) to OpenDNS or whatever DNS server you trust. You'll still be
> unable to do multiple DNS requests at a time, though.
>
>
Yes, you are right! So for now I'm scraping the ttdns+un
Hello,
Inspired by Tails design documents I'm trying to set up DNS resolving
through Tor with Unbound and ttdnsd. Unfortunately I can't seem to get it
to work... This is what I have done so far:
ls /var/lib/ttdnsd
pid tsocks.conf ttdnsd.conf
cat /var/lib/ttdnsd/tsocks.conf
# This is the config
x27;s an added bonus.
If you'd like to talk, please drop me an email – t
chesh...@gmail.com. I'm happy to keep names anonymous and out of print if
you'd prefer.
My deadline is May 8.
Many thanks,
Tom
Tom Cheshire
Associate editor - WIRED magazine (UK)
_
dd another data point, Colin Percival has blogged about how he
terminates SSL connections in a jail to mitigate this risk.
http://www.daemonology.net/blog/2009-09-28-securing-https.html
-tom
___
tor-talk mailing list
tor-talk@lists.torpr
Nice work! Those are some seriously awesome improvements.
-Tom
On Sun, Jul 17, 2011 at 3:26 AM, Damian Johnson wrote:
> Hi all. A new release of arm (http://www.atagar.com/arm/) is now
> available. This completes the codebase refactoring project that's been
> a year in the work
89 matches
Mail list logo
