trac.torproject.org/projects/tor/ticket/19513
I'm fine with who joins to the Tor Project.
The difference to the code is reviewable by the community using diff tool.
I'm disappointed the fact that you, Tor Project, hide this truth without
sharing to the Tor users.
signature.asc
Description: Ope
On Sun, 25 May 2014 18:49:14 +
Nusenu wrote:
> Hello,
>
> I'm running Torbrowser on a system that is transparently routed through
> Tor. Is it OK to disable the TorLauncher Addon within Torbrowser in such
> a setup or has that any negative consequences?
>
> Is it ok to start TBB via directl
At first, the local interceptor can extracts private authentication key
from heartbleeded guard. Then emulate connection to IP of this guard (a
substituted faked MiTM-ed version of the Guard) for the targeted users.
Something like this can be done at the any parts of the Tor-network for
MiTMing an
Thank you for closing the problem in:
https://trac.torproject.org/projects/tor/ticket/11256
--
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
I download the files:
https://www.torproject.org/dist/torbrowser/3.5.3/sha256sums.txt
https://www.torproject.org/dist/torbrowser/3.5.3/sha256sums.txt-mikeperry.asc
https://www.torproject.org/dist/torbrowser/3.5.3/tor-browser-linux64-3.5.3_en-US.tar.xz.asc
https://www.torproject.org/dist/torbrowser
On Thu, 6 Feb 2014 02:00:02 -0500
Soul Plane wrote:
> Is it ok to use the Tor Browser without Tor? I don't need Tor but I like
> the privacy features that the browser offers.
Yes you can. I use that way for transparent torifycation in Linux,
manually restarting Browser and changing tor-circuits
See a Russian prime time "Central News" video
in the middle of the records there is a reportage
about Tor:
http://www.ntv.ru/peredacha/CT/m23400/o201340
Tor and Bitcoin depicted in highly dark and
criminal ways to organise networks for drugdealers,
illegal weapons, killers, etc.
No words about d
On Sat, 2 Nov 2013 13:50:18 +0100
wrote:
> 1) Create a list of tor exit nodes that do not block port 25
> 2) Command the tor daemon to exit those nodes exclusively.
SSL-SMTP configured to works over 465 port in most cases.
--
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubsc
Using "Web of Trust" you sacrifice your anonimity,
forward secrecy and deniability for the sake of privacy
in the term of "security and integrity of a message context".
The graph of your contacts disclosured,
timing information leaked for traffic analysis etc.
This is a cross purpose to the go
On Fri, 13 Sep 2013 14:06:45 -0700
Mike Perry wrote:
> harmony:
> > Mike Perry:
>
> Maybe. It depends on if you resizing the window is actually as "random"
> as you think it is. If you keep doing that, and you're one of the few
> people who does, you might stand out over time? On the other han
On Mon, 19 Aug 2013 12:55:13 -0700
Max wrote:
> Hallo Tor-Devs,
>
> considering that D-Wave now claims to have a programmable quantum
> computer, wouldn't it be nice for Tor to use post-quantum cyrptography?
Unfortunately, a lot of quantum "secure" cryptography already broken without
any quant
Thnx, now everything is OK
___
tor-talk mailing list
tor-talk@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
At the time of writing:
https://www.torproject.org/dist/torbrowser/linux/tor-browser-gnu-linux-x86_64-2.3.25-9-dev-en-US.tar.gz
OpenPGP signature broken.
https://www.torproject.org/dist/torbrowser/linux/tor-browser-gnu-linux-x86_64-2.3.25-10-dev-en-US.tar.gz
OpenPGP signature missing.
Why unsi
On Sat, 6 Apr 2013 23:54:34 -0400
cmeclax wrote:
> *The NSA runs a Tor relay called Eve. It's picked as the rendezvous point for
> a hidden service. Can Eve read the plaintext?
No.
Encryption with HS is end-to-end in any case.
Eve cannot reroute data to fake HS without knowledge of onion ide
On Wed, 30 Jan 2013 11:58:01 -0800
Micah Lee wrote:
> If you want more than one TBB at a time you won't be able to install
> them from the package manager anyway. This is true of all software. If
> you want to run more than one apache2 server at the same time, you'll
> need to do it manually.
Ye
On Wed, 30 Jan 2013 15:49:54 -0400
Mike Perry wrote:
> Longer term, I'm interested in having some form (or better: many forms)
> of multipath consensus validation:
May be that algo is relevant to independed control of consensus data:
https://en.wikipedia.org/wiki/Linked_timestamping
Any Tor nod
On Wed, 30 Jan 2013 12:17:04 -0600
Raynardine wrote:
> What happens if a government (such as the United States)
> demands the private keys for the Directory Authorities? Would you even
> know if it has already happened years ago?
And what? Everyone can run your own tor node and see in the consen
On Wed, 30 Jan 2013 09:26:22 +0100
Jérémy Bobbio wrote:
> > >> Releasing updated versions is simple. The update would include a new TBB
> > >> tarball and the launcher script would include a new version, so the next
> > >> time a user runs Tor Browser it will extract the new version in their
> >
On Tue, 29 Jan 2013 19:49:23 -0600
Raynardine wrote:
> I just wanted to ask here in Tor-Talk where the efforts to decentralize
> the Tor directory servers have gone so far?
One of the goals of centralizing is protect Tor against attacks
based on the desynchronisation and dividing stats for users
OK, now all signatures at the place, thanks.
On Sun, 6 Jan 2013 13:30:56 +
unknown wrote:
>
> https://www.torproject.org/dist/torbrowser/linux/
>
> https://www.torproject.org/dist/torbrowser/linux/tor-browser-gnu-linux-i686-2.3.25-2-dev-en-US.tar.gz
> https://www.torp
https://www.torproject.org/dist/torbrowser/linux/
https://www.torproject.org/dist/torbrowser/linux/tor-browser-gnu-linux-i686-2.3.25-2-dev-en-US.tar.gz
https://www.torproject.org/dist/torbrowser/linux/tor-browser-gnu-linux-i686-2.4.7-alpha-1-dev-en-US.tar.gz
https://www.torproject.org/dist/torbro
On Sun, 11 Nov 2012 20:19:56 +
Dan Hughes wrote:
> Hello,
>
> Does browsing with TBB installed on the HD or a USB stick
> and downloading files (.PDFs, S&M vids etc.;)) to a USB stick (but
> not opening online) result in the content of what's browsed or
> downloaded being written to the H
On Fri, 21 Sep 2012 18:28:57 +
James Brown wrote:
> Putin's fascist junta intend to ban the Tor and other anonimous
> services: http://izvestia.ru/news/535724
Please keep in sight the facts but ignore political hysteria.
___
tor-talk mailing list
On Wed, 19 Sep 2012 02:05:30 -0400
Gregory Maxwell wrote:
> It seems to me that there is a common expectation is that onion urls
> provide a degree of name privacy— generally, if someone doesn't know
> your name they can't find you to connect to you. If someone violates
> that expectation it risk
On Mon, 27 Aug 2012 12:33:51 +0200
intrigeri wrote:
> Hi,
>
> we are told that Tor 0.2.3.x is good enough for Tails,
> so a bunch of Tails developers have eventually spent some time
> thinking what could be the initial step towards basic usage of Tor
> stream isolation within Tails.
>
Using se
On Fri, 6 Jul 2012 12:12:56 +0200
Matej Kovacic wrote:
> Hi,
>
> I know this is a bit off-topic, but since here are people who know a lot
> about security and since I was unable to find relevant answers I would
> like to ask one question.
Virtually still not existing today
but interesting proj
On Fri, 4 May 2012 07:27:35 +0200
"Fabio Pietrosanti (naif)" wrote:
> > Any potential DNS-leakage can be prevented with iptables (Debian GNU/Linux
> > way):
>
> Well, this can also be prevented if the "starter" of TBB would be a
> binary/executable rather than a shell script, and that binary
On Wed, 2 May 2012 22:43:52 +
Robert Ransom wrote:
> See
> https://blog.torproject.org/blog/firefox-security-bug-proxy-bypass-current-tbbs
> for the security advisory.
>
>
> Robert Ransom
> ___
> tor-talk mailing list
> tor-talk@lists.torproject.
In theory smart adversary can reduce anonimity set with statisticaly profiling
any non-TBB downloaders on the service side or through intercepting exit node
traffic. Wget'll get a different responce than standart TBB or another
downloaders to cookies and active elements injection, fonts manipula
On Sun, 12 Feb 2012 17:00:59 +0100
Martin Hubbard wrote:
> RefControl set to spoof referrer as host webroot is also useful, I think.
> - Original Message -
> From: Brian Franklin
> Sent: 02/12/12 09:53 AM
> To: tor-talk@lists.torproject.org
> Subject: [tor-talk] Adblock Plus and Ghostery
On Thu, 26 Jan 2012 14:41:06 +0100
wrote:
> Hi,
>
> are there any issues in controlling email-boxes through the provider-
> webfrontends (gmail, gmx, etc.) using tor?
> I read for example about referers in between entering account information and
> being redirected to mail-provider-http-sites f
On Sun, 30 Oct 2011 23:35:18 -0700
Jacob Appelbaum wrote:
> On 10/30/2011 05:37 PM, Roger Dingledine wrote:
> > On Sun, Oct 30, 2011 at 05:31:34PM -0700, Jacob Appelbaum wrote:
> >> otherwise, I sometimes use a
> >> HTTP proxy with proxychains to prevent DNS leaky applications that have
> >> not
On Fri, 28 Oct 2011 18:52:12 +
unknown wrote:
> Sorry for the misinformation. ps aux always displays numerical ID's for long
> usernames.
> I trying to repeat this situation on another Debian Linux machine with
> similar versions updates and
> iptables setting
On Fri, 28 Oct 2011 17:44:59 +
unknown wrote:
> If I run previous version of tor Linux-Debian packages and type 'ps aux |
> grep tor'
> then the first field is the user "debian-tor".
>
> After upgrade that field displays only uid (106) but /etc/passwd f
If I run previous version of tor Linux-Debian packages and type 'ps aux | grep
tor'
then the first field is the user "debian-tor".
After upgrade that field displays only uid (106) but /etc/passwd for debian-tor
is correct.
I use transparent firewalling for rerouting local traffic into Tor
and
On Fri, 14 Oct 2011 17:20:08 +
unknown wrote:
> Debian/Linux/(other Unix-like) has two choices now:
>
> 1. Officialy recommended: use TBB as is, starting from start-tor-browser.sh,
> with Vidallia and "local-tor with-users-rights" -- from your own username.
>
On Fri, 14 Oct 2011 12:00:15 +0200
Marco Bonetti wrote:
> - Original Message -
> > it's files to debian-tor with: chown -R debian-tor tor-browser_en-US/
> maybe "chown -R debian-tor:debian-tor tor-browser_en-US/" should be a little
> better
Mixing permissions from "local-browser-tor" fr
On Thu, 13 Oct 2011 20:28:52 +0100
Julian Yon wrote:
> OOI, what's your rationale for believing that your globally configured
> tor is more secure than the one in TBB?
1. Globally configured tor provided specially for Debian-Linux from
http://deb.torproject.org .
Signigicant part of Tor-netwo
>
> > : Hope that Debian packages with separated tor-daemon itself, Tor-browser
> > and
> > : Tor-browser-plugins will be created sometime
> >
> > This is unlikely unless someone else does the work.
>
Dirty workaround recipe:
1. Leave your transparency torifying iptables-firewall rules as is
On Wed, 12 Oct 2011 14:01:33 -0400
wrote:
> did it call a different profile?
Before this I just use full path without start-script and not bother about
profiles.
This version not working without changing $HOME environment variable to `pwd`
in start-script.
OK, I use relative path to start To
On Wed, 12 Oct 2011 17:18:14 +
unknown wrote:
> On Mon, 3 Oct 2011 21:39:46 +0400
> unknown wrote:
>
> > We talk about it day ago on some web-resource. Possible with you personally
> > :-)
> >
> > Linux provided system Tor-daemon seems more secur
On Mon, 3 Oct 2011 21:39:46 +0400
unknown wrote:
> We talk about it day ago on some web-resource. Possible with you personally
> :-)
>
> Linux provided system Tor-daemon seems more secure then tor started from user.
>
> I propose next steps but concern about any &quo
On Mon, 3 Oct 2011 22:46:08 -0500
David Carlson wrote:
>
> In the Windows download section there is a variation called Vidalia
> Bundle which allegedly sets up an environment within which the standard
> Windows version of Firefox is expected to behave nicely. As a Windows
> user, this is what I
We talk about it day ago on some web-resource. Possible with you personally :-)
Linux provided system Tor-daemon seems more secure then tor started from user.
I propose next steps but concern about any "Gotcha!" here:
1) Download, check gnupg signatures and unpack tor-browser.
Keep system Tor-
On Tue, 22 Mar 2011 18:26:34 +
unknown wrote:
> Too many users dislikes of annoying web elements -- banners, popups, scripts,
> strange frames. They use a tools to blocks that elements or change webpage
> rendering.
>
> Traditional programs for filtering is a local proxy
Too many users dislikes of annoying web elements -- banners, popups, scripts,
strange frames. They use a tools to blocks that elements or change webpage
rendering.
Traditional programs for filtering is a local proxys -- privoxy or polipo are
examples with
close relation to Tor and used actively
46 matches
Mail list logo
