Sounds like an interesting idea. Another potential solution is
Namecoin, which supports mapping memorable .bit addresses to .onion
addresses. In theory, the only way to seize/censor a .bit address is a
51% attack. I believe there are already some .onion addresses using
.bit addresses.
On 2
Not correct; Namecoin supports mapping names to Tor hidden services, as
well as I2P and Freenet sites. Obviously you need to use a Namecoin
implementation that's a proxy instead of a DNS server, but that's not a
big deal (nmcsocks already implements this).
On 2/24/2012 3:22 PM, Andreas Krey w
On 9/10/2012 5:16 AM, antispa...@sent.at wrote:
Pidgin is one. But I have read about it having leaks, thus the removal
from the TBB. Jake Applebaum talked about Jitsi. Truly a Skype
replacement on steroids. Only it needs Java. And I have no idea if it
leaks. Do you know any clients built with ano
e trusted... the Namecoin developers are
actively looking at solutions such as SPV+UTXO, which has much better
trust properties than trusting a quorum of 3 random relays, and
doesn't use much storage or bandwidth.
Any questions, feel free to ask -- we're more than interested in
working with
at feature yet.
Namecoin would also give you human-readable names.
(Also Namecoin isn't anonymous, which might or might not be a problem
depending on the use case.)
- -Jeremy Rand
-BEGIN PGP SIGNATURE-
Version: GnuPG v1
iQEcBAEBAgAGBQJUJ6RLAAoJEFgMI9bDV/
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 09/30/2014 05:28 PM, coderman wrote:
> On 9/27/14, Jeremy Rand wrote:
>> ... Namecoin would make this pretty easy. Last I checked the
>> current Namecoin domain name spec only supports round-robin DNS
>> for IPv4/IPv6 and not
ing-customers-150102/
In
>
case anyone wants to go digging through the bill, here's what I
think is the relevant text:
http://www.parl.gc.ca/HousePublications/Publication.aspx?Language=E&Mode=1&DocId=5697419&File=72
Look for 41.25 and 41.26
The usual "I'm not a
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Hello,
I'm interested in having a SOCKS proxy sitting between the end user
and the Tor-provided SOCKS proxy, which can do really simple stuff
like redirect from one host to another. (Just on the level of the
host requested via SOCKS, not HTTP heade
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
On 05/24/2015 06:21 AM, Tom van der Woerdt wrote:
> Hi Jeremy,
>
> After reading your message I wonder whether a simple TCP proxy is
> what you want. Maybe have a look at haproxy?
>
> Tom
Hi Tom,
The intention is to have end user applications lik
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
On 05/24/2015 06:42 AM, s7r wrote:
> Hi Jeremy
>
> Why do you want this and why do you think this is a good idea?
> What are you trying to solve? The socks5 which Tor open is not a
> simple socks5 protocol implementation, it has some customizations
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
On 05/24/2015 08:54 AM, l.m wrote:
> Hi,
>
> Is the Socks-to-Socks proxy absolutely necessary? This could be
> done as a browser plugin couldn't it? You might find the work of
> the FreeSpeechMe team interesting. They have the objective of
> integra
On 06/23/2014 12:11 PM, Joe Btfsplk wrote:
> I noticed there are at least 2 different references in Torbrowser for
> useragent over ride strings.
>
> The Panopticlick site picks up this one: "/Mozilla/5.0 (Windows NT 6.1;
> rv:24.0) Gecko/20100101 Firefox/24.0/," though there's another shown in
>
> https://facebookcorewwwi.onion/
>
It's theoretically possible to use naming systems like Namecoin to
specify TLS fingerprints for connections to Tor hidden services, which
would eliminate the need for a CA. I'm hoping to have a proof of
concept of such funct
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
On 08/09/2015 01:04 AM, Seth David Schoen wrote:
> Jeremy Rand writes:
>
>> It's theoretically possible to use naming systems like Namecoin
>> to specify TLS fingerprints for connections to Tor hidden
>> services, which
have the same fingerprint as each other, which the
TorBrowser devs seem to be doing a good job on.
Cheers,
- -Jeremy Rand
-BEGIN PGP SIGNATURE-
Version: GnuPG v2
iQIcBAEBCAAGBQJWBvWBAAoJEAHN/EbZ1y06EoQP/2s4V0dsGFyism2rSSpsd6fo
gt0a40kLdIBb2wegtYbpWtjdL2N9hvc6HWgcob
with DKIM to know if the DKIM signature is sufficient
to prove that I received such an email.
- -Jeremy Rand
-BEGIN PGP SIGNATURE-
Version: GnuPG v2
iQIcBAEBCAAGBQJWfI8CAAoJEAHN/EbZ1y06NDsP/0bGwLD/cfuiOzLiJCO3JFGj
f9MqK6QNbTICgeT0i4vGgRYfXzxtzk0zevGzTA+FjBsmDyrDqpj7hcSY/sjYA7Um
w/fgpA28r0M
e at home, GoldBug falsely claimed to be
a project of EFF and CCC. It would be wise to assume that BitMail is
malware or backdoored unless proven otherwise. As with all other
software hosted by SourceForge these days.
- -Jeremy Rand
-BEGIN PGP SIGNATURE-
Version: GnuPG v2
iQIcBAEBC
:26AM -0500, Scfith Rise up
>>>>> wrote:
>>>>>> Here is the exact link:
>>>>> https://metrics.torproject.org/hidserv-dir-onions-seen.html
>>>
>>>>>
>>>
>>>>>> it jumped from 4 to 6 in the past
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
On 02/19/2016 01:44 AM, CANNON NATHANIEL CIOTA wrote:
> On 2016-02-19 01:40, Jeremy Rand wrote: On 02/19/2016 01:37 AM,
> CANNON NATHANIEL CIOTA wrote:
>>>>
>>>> That chat program you are referring to would be ricochet
to
make tracking less effective without resorting to a blacklist [1], so
in theory you don't need a blacklist anyway.
Cheers,
- -Jeremy Rand
[1] Of course, Tor Browser is imperfect in this area, so it is at
least plausible that a blacklist might help in some limited
circumstances. I
Firefox for Android is not sufficient for good anonymity. Something like Orfox
or Orweb is probably much safer.
(Sorry for top post, I'm on a phone.)
On February 24, 2016 3:18:14 PM CST, libertyinpe...@riseup.net wrote:
>Did a factory reset on the droid tablet. Was finally able to properly
>do
said this at his CCC
talk.)
- -Jeremy Rand
-BEGIN PGP SIGNATURE-
Version: GnuPG v2
iQIcBAEBCAAGBQJXPS0CAAoJEAHN/EbZ1y06gK4QAIYJPkT4/w1akaPZX+j2z7Au
aoPBN3FcVMMSHlUfPCmuMNt+CYpexjoSOTFU6maxXPMxqIJsEyK/Y6JUcwIjmVeJ
NwihmFAlgMHmgP+CjTCVPj6EK2w5XisqDHYyT8JHo5Bzk/TnuR
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
On 05/18/2016 10:28 PM, Jonathan Wilkes wrote:
>> If I recall correctly, Mike Perry considered pressure on
>> individual
> developers to be sufficiently threatening that it was a major
> reason why he set up reproducible builds. (I believe he said t
that isn't particularly accurate. It's not fun to engage
in such discussions, but it is sometimes worthwhile.
Cheers,
- -Jeremy Rand
-BEGIN PGP SIGNATURE-
Version: GnuPG v2
iQIcBAEBCAAGBQJXaOKqAAoJEAHN/EbZ1y06jQQQAMTMCMXAum1wl5haUZ5TXQtS
yq9rEZ6K0G+SzV8td2xHMg2kNm3B/Z9iE5H
?
- -Jeremy Rand
-BEGIN PGP SIGNATURE-
Version: GnuPG v2
iQIcBAEBCAAGBQJXfTzoAAoJEAHN/EbZ1y06dPkQAJJ3vHUBLXeUZcdLdZw5ow+l
23M0DSIvIOSptFEydB8mCBBSR8BTwAcDZK6CKmzOgs8BcYgE7gLPInjsdNu8WfgS
q0LqT1tBMPE38oOOd5WIUd89g5j02gUrjNjeCfcQ+cP7RwJJzjxaavMVJWXbLZL3
PMF4PIY2++rX9dt6sO1IrYdRULLcEW8RIAfnBLpdq8N
the last of these
> technologies I would opt for.
>
> What else is around?
AFAIK ZeroNet doesn't rely on Bitcoin's PoW for anything. It only
relies on Namecoin's PoW as an optional naming system. Freenet
doesn't have a decentralized naming system at
has encountered
this issue in Fedora (or any other distros), that would be greatly
appreciated.
Cheers,
-Jeremy Rand
signature.asc
Description: OpenPGP digital signature
--
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
grarpamp:
> On 8/13/16, Jeremy Rand wrote:
>> #zeronet IRC
>> I've obtained permission to post a partial chatlog.
>
> It's a public channel, on an insecure server, plugged into clearnet.
> Do you have any idea how many users, publicly accessible archives,
>
xtra usability issues in order to get
better anonymity? Even some blogposts would be great -- perhaps some of
the projects like Tails, Qubes, Whonix, and Subgraph might be willing to
collaborate with Tor on some blogposts explaining how the threat models,
usability, and intended audiences diff
er Bitmessage is a protocol that makes sense from an
engineering perspective is an entirely orthogonal issue, which I've
heard concerns raised about, but which I'm probably not qualified to
make any statements on.
Cheers,
-Jeremy Rand
signature.asc
Description: OpenPGP digital signatu
t remember ever being blocked from it due to
coming from a Tor exit. I wonder why your experience differs from mine.
Cheers,
-Jeremy Rand
signature.asc
Description: OpenPGP digital signature
--
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other
Joe Btfsplk:
>
>
> On 9/25/2016 12:15 AM, Jeremy Rand wrote:
>> hi...@safe-mail.net:
>>> You can't use Google Translate at all with most Tor exit nodes, while
>>> there are no sane reaons why they would block Tor users from just
>>> translating text
Joe Btfsplk:
> On 9/26/2016 11:57 PM, Jeremy Rand wrote:
>> If it matters, I usually have Tor Browser in Medium-High security level,
>> so Javascript is enabled for HTTPS sites (including Google Translate).
>>
>> Cheers,
>> -Jeremy
>>
> Yep, mine can be
that location-anonymity isn't desired, and
that all we want is the integrity/authencitity/encryption properties
that .onion gives you, wouldn't .tlsexplicit be a lot more efficient and
a lot less complex?
Cheers,
-Jeremy Rand
signature.asc
Description: OpenPGP digital signature
--
tor-talk
Jeremy Rand:
> Alec Muffett:
>> Irregardless of the political and privacy issues there are also technical
>>> benefits to using Tor for day to day traffic.
>>
>>
>> Totally. So many people are fixated on "anonymity" and completely ignore
>> the
Andreas Krey:
> Hi there,
>
> is there anybody else using tweetdeck via tor?
>
> I have the strange phenomenon that I get a
> '... Something went wrong. Please try again.'
> on the initial tweetdeck.twitter.com screen,
> and, while I can log into twitter.com, tweetdeck
> itself won't work. The in
Alec Muffett:
> In my previous e-mail I suggested removing Tor from Debian precisely
> because of this future-staleness problem.
>
> I still believe that this is a decent idea, because stale code sucks.
>
> Another possible solution would be creation of a "Tor Server Bundle" -
> designed and main
hi...@safe-mail.net:
> https://duckduckgo.com has become increasingly better lately. Only during
> the past 6 months or so, their search results have become almost on par
> with the big ones, like Google, Bing, etc.
>
> In regards to Google, it all comes down to censorship and anti-privacy.
La
ing Tor Browser from connecting to Tor (which would presumably
be 127.0.0.1:9150).
I wouldn't expect this to be caused by Tor being unable to talk to the
Internet.
Cheers,
--
-Jeremy Rand
Lead Application Engineer at Namecoin
Mobile email: jeremyrandmob...@airmail.cc
Mobile PGP: 2158 0643 C
is the path to improving it.
>
> //Sidju
It wasn't obvious to me whether OP intends to give their analysis to the
Tor Browser devs (seems ethical) or instead keep it for proprietary
purposes (seems unethical).
Can OP clarify on this point?
Cheers,
--
-Jeremy Rand
Lead Applicati
x27;m curious if someone
has already tried to tackle this, or if there's a better way.
(H/t to pabouk at https://tor.stackexchange.com/a/118 for the idea of
using strace.)
Cheers,
- --
- -Jeremy Rand
Lead Application Engineer at Namecoin
Mobile email: jeremyrandmob...@airmail.cc
Mobile OpenPGP:
erfere
with the remainder of the test (and therefore make it difficult to
tell whether any additional leaks were made undetectable by the change
in program behavior caused by the initial leak being blocked).
Hope I'm making sense, and apologies if my initial post was unclear.
Cheers,
- --
- -
cess. I will explore this idea to see if it
> would work for my usecase.
>
> Is there any comments on the way Whonix gateway and TBB work
> together?
You might find this documentation on Whonix with physical isolation
interesting:
https://www.whonix.org/wiki/Dev/Build_Documentatio
data
being exchanged?
Some Googling didn't yield anything, other than this unanswered
StackExchange question:
https://tor.stackexchange.com/questions/760/what-is-the-reasoning-behind
- -keeping-hidden-service-onion-rsa-keys-at-1024-lengt
Cheers,
- --
- -Jeremy Rand
Lead Application Engineer a
d a good experience with cock.li so far (been using them for
about a year). A little bit of occasional downtime every now and
then, but I can't say I expect a service run by one guy for fun to be
as reliable as Gmail.
Cheers,
- --
- -Jeremy Rand
Lead Application Engineer at Namecoin
Mobile
you're
concerned that asking questions in the Trac thread would harm the
signal-to-noise ratio there.
Cheers,
- --
- -Jeremy Rand
Lead Application Engineer at Namecoin
Mobile email: jeremyrandmob...@airmail.cc
Mobile OpenPGP: 2158 0643 C13B B40F B0FD 5854 B007 A32D AB44 3D9C
Send non-security-
the UX issues that caused Flash Proxy to be deprecated.)
(Full disclosure: I'm not super familiar with the details of Snowflake,
so maybe I've made errors in the above. Anyone who's more knowledgeable
about Snowflake is encouraged to correct any errors in what I stated, if
there are a
tuations) where the Tor daemon and the application are in
separate trust domains, and in those threat models, there is an
advantage to using TLS combined with onion (compared to only onion),
because TLS is terminated in the application rather than the Tor daemon.
Cheers,
--
-Jeremy Rand
Lead Applica
ith the start of
> 2020?
>
> thanks,
> nusenu
I signed into TweetDeck with Tor Browser today with no issues. So,
there are probably some additional variables at play here.
Cheers,
--
-Jeremy Rand
Lead Application Engineer at Namecoin
Mobile email: jeremyrandmob...@airmail.cc
Mobile Op
gt;
> Jason
Tor Browser, last I checked, has a transproxy mode (enabled via an
environment variable) that I suspect would make it work fine without
Tor. No idea if it's documented properly; I've only seen it mentioned
on the Whonix wiki (in the "disable stream isolation&qu
e
following links:
36C3 CDC Slides:
https://www.namecoin.org/resources/presentations/36C3/Adventures_and_Experiments_Adding_Namecoin_to_Tor_Browser_36C3_CDC.pdf
36C3 CDC Video: https://youtu.be/mc51zyflpa8?t=22638
Cheers!
--
-Jeremy Rand
Lead Application Engineer at Namecoin
Mobile email: jeremyrandmob...@airmail.cc
Mobile OpenPGP: 2158 0643 C13B B40F
Jeremy Rand:
> Hi Tor community!
>
> As we all know, onion services have rather unwieldy randomly derived
> base32-encoded names. This is, of course, a reasonable design, given
> the design constraints that onion services have to deal with. And it
> works pretty well, all
nment variables to customize the official Tor Browser binaries'
behavior.
More info here:
http://www.dds6qkxpwdeubwucdiaord2xgbbeyds25rbsgr73tbfpqpt4a6vjwsyd.onion/wiki/SecBrowser
The usual warnings about "this isn't endorsed by The Tor Project" apply.
Cheers,
--
-Jeremy Rand
Lead Application Eng
53 matches
Mail list logo
