logs archiveIRC Archive / Oftc / #tor / 2009 / November / 19 / 1
JOseph
what personal data should you delete to maintain strong anonymity and what can you keep when you're not worried about someone getting a hold of your computer?
like cookies, history, cache etc?
LSOs
edeca
Use something which doesn't write that data in the first place.
JOseph
edeca: that doesnt answer my question but brings up another interesting question. What doesn't write those things in the first place?
edeca
Why don't you just use full disk encryption to mitigate your question?
I'm unsure how the tor browser bundle handles history, i.e. whether it writes and deletes or whether it is entirely in-memory
Sebastian
it shouldn't write anything sensitive
edeca
What is considered sensitive? I'm interested, not pedantic :)
JOseph
the first question concerned tor, the second one edeca created concerned using another proxy, so tor button is not a possibility.
edeca
Personal data has _nothing_ to do with tor. Tor is a connection remixer and as long as you don't have logging on, no data is stored.
It has everything to do with what applications are using tor. I assumed a web browser as you mentioned cookies/history/cache
You could throw the proxy into the mix quite rightly, but again just make sure logging is off :)
JOseph
can't they track you with cookies?
and cache
why are turning these off an option in torbutton?
         

arma
edeca: you are right about tor being only about connection anonymity. but that's why we have torbutton too.
Sebastian
edeca: tbbt should not allow the browser to write any state to disc
afaik
JOseph
hey is there anyone in here who can give me an actual answer instead of just bullsh*t?
arma
joseph: your question is complex and vague. i fear complex and vague answers are the best you can hope for.
joseph: perhaps you should take a look at the torbutton design document?
JOseph
how can I make my question clearer? I asked what data I need to erase and what is safe to keep if I want to maintain anonymity while using tor.
arma
torbutton with its default settings should do it for you.
JOseph
i changed all of tor buttons settings
nevermind. there is a restore defaults button
arma
it's still possible to screw yourself with the default torbutton settings, though.
for example, don't open any .doc files you get from the internet
(Action) wonders if he should unsubscribe this guy from or-talk before we get 25 other posts with random confusing questions
dr|z3d
arma: Oh, you mean a troll? ;)
JOseph
isn't that what this channel is for?
nickm
arma: I'd err on the side of caution and assume "knows just enough to confuse himself" before I'd assume troll.
then again, he knows enough to confuse himself quite deeply and thorougly.
dr|z3d
(Action) chuckles.
arma
yeah, he's not a troll, but that doesn't mean he can't DoS our mailing list with one question every 4 minutes. :)
(Action) pries himself away from almost answering the confusing posts, to go back to editing this confusing oakland paper
sve
hi is there a client version for windows mobile ?
arma
i think the answer might be no. there isn't any real reason there couldn't be. just nobody has done it.
phobos
gsmk.de has done it, but not sure if they released their source for the changes
and they did it with an old version of tor, circa 1.1.x
sve
ok
phobos
i think you can take the current tor and compile it for winmobile
sve
now a days these devices are getting more and more powerful and with internet access, i think it would be a good direction for Tor project, to have a bundle for windows mobile too.
phobos
it's on the roadmap
         

sve
ok
phobos
the challenge isn't just building a binary and calling it done
sve
is there a build environment for windows mobile ? for windows itself i saw the instructions
phobos
it's building the binary, seeing what leaks, analyzing what traces are left behind
sve
ok
leaks ?
phobos
and figuring out what other anonymity topics need research/doing since mobile devices are designed to know where you are
dns leaks, information leaks, browser leaks,
cell location/gps leaks
etc
sve
well, a windows mobile is now as good as laptop only more portable, so it would be very useful to have it
phobos
be the first to do it, and be the envy of the world
;)
sve
oh i see what you mean aobut leaks from outside tor
yes, the s/w that uses it must be good too without these leaks :)
;-)
i wish, if you can give me some suggestions on how to proceed, i can spend the time
is there a build environment to do this ?
phobos
I would guess msft has one
sve
hmm i am a complete novice here, msft is a build environment ?
and you suggesting just compile tor (for start) using this build environment ? doesn';t it need new make file sor something like that ?
phobos
i have no idea how to do it in practice
i'm guessing microsoft has a build environment/tool for windows mobile
and that taking the tor source code, and trying to build/compile it inside this environment is the first step
sve
ok
i guess tor project itslef providing an exe is probably at least several months away ? :)
phobos
if not more
first off, we lack windows mobile hardware to test
zeroth off, we lack someone with experise to do the work
keb
sve : that could be you :)
nsa
or: phobos committed revision 20976 (/website/trunk): add links to instructional videos for those that exist.
or: coderman committed revision 20977 (/website/trunk/torvm/en): Improve description of what Tor VM is.
or: coderman committed revision 20978 (/website/trunk/torvm/en): Proofreading == good
or: phobos committed revision 20979 (/projects/misc-sysadmin): dnsel changes.
or: phobos committed revision 20980 (/projects/misc-sysadmin): once last bit
keb
the LSB becomes very significant after a ROR
StrangeCharm
is it possible to run tor on google's app engine?
phobos
no idea
isn't google's app engine java?
StrangeCharm
i think that it has other languages too
is there a java interpreter for c?
phobos
apparently it's python and java
at least according to http://code.google.com/appengine/kb/
StrangeCharm
well, that puts paid to that being easy
though, if someone contructed an app engine 'app' with a java/python interpreter or port, it might make for a whole load of easy nodes
is there a tor sandbox, or virtual machine, where i can run the leakiest program in the world, and still have it be unable to find its real ip?
keb
well if you only enable ipx/spx it wont have an ip ;)
phobos
https://www.torproject.org/torvm/
StrangeCharm
so: with torvm, all the 'tor' user's connections go via tor?
phobos
all the tcp traffic goes over tor
StrangeCharm
but udp won't?
phobos
i don't know what happens to udp
perhaps it's dropped
coderman: what happens to udp in torvm
coderman
i firewall change to redir to trans udp port, if supported. otherwise the Tor to uplink part is the same.
and i'm assuming the UDP implementation will still support SOCKS/TransPort via the whole userspace stack part.
UDP is dropped right now
unless it is DNS then it goes to DNSPort
EMULTITASKFAIL
StrangeCharm: also one more clarification - all of the host traffic goes over Tor. You are expected to only be using risky Internet applications with Tor as the restricted Tor user though.
(the Vidalia and Tor VM windows reside on the administrator desktop of whatever admin user you launched it as.)
StrangeCharm
that seems pretty clear
sharp
how does the hidden service database work/
Sebastian
I think you're confusing something, there is no hidden service database
unless you mean the old hidden service protocol, which had a single hidden service authority
nickm
Sebastian: perhaps sharp is considering the new DHT-like lookup system as a distributed database.
sharp
yes, and yes
StrangeCharm
nickm, what is this new dht-like lookup system?
sharp
i didn't know it was distributed
the website leads me to believe otherwise
nickm
StrangeCharm: see proposal 114, which was fully implemented as of 0.2.1.6-alpha
Sebastian
sharp: my apologies in this case. I just woke up :)
nickm
and largely implemented as of earlier-than-that.
Sebastian probably remembers more details there than I
sharp
where can i find this proposal/
Sebastian
https://git.torproject.org/checkout/tor/master/doc/spec/proposals/114-distributed-storage.txt
nickm
for the whole picture, see rend-spec.txt, one directory up.
well, the whole how-hidden-servies-work picture.
Sebastian
StrangeCharm: the old hdiden service protocol needed to go to a central hidden service authority, that could map a hidden service address to an introduction point. This has some obvious weaknesses, so this centralized hidden service authority was replaced by a distributed lookup mechanism. New Tors automatically only use the new lookup mechanism
StrangeCharm, sharp: I'm afraid both the rend-spec.txt and the website might not be fully up to date. If you find something confusing, please let me know. I'm slowly working on things
sharp
thanks
Sebastian
hrm
obviously, the website is perfect
atari
mh, "TLS error: unexpected close while renegotiating" - openssl-0.9.8l
what to do? using an older openssl-version?
nickm
Either that, or a newer Tor version.
atari
nickm: when will 0.2.2.6 will be released?
nickm
any day now.
if you grab the latest code from git, it should work fine.
the fix is in the 021 branch too
Or you can cherry-pick the ce0a89e2624471272ffc4950c5069d9b81a7f0b9 patch at http://archives.seul.org/or/cvs/Nov-2009/msg00029.html
atari
nickm: ok, thx :)
weasel
(or use the debian packages)
atari
weasel: i do (for the main server), but this time it's for the Torstatus
ok, works now
nickm
great; which approach did you take?
atari
git
nsa
or: pootle committed revision 20981 (/translation/trunk/projects/website): added zh_CN
or: runa committed revision 20982 (/translation/trunk/projects/website): new and updated po files
or: runa committed revision 20983 (/translation/trunk/tools/gsoc09): updated the documentation
or: pootle committed revision 20984 (/translation/trunk/projects/website/nb): Commit from The Tor Translation Portal by user runa. 1 of 22 messages translated (0 fuzzy).
or: runa committed revision 20985 (/translation/trunk/tools/gsoc09): updated the documentation again
or: phobos committed revision 20986 (/website/trunk/en): #1 translator asked about #6 coding, #1 coder on #6 suggests it's done.
or: runa committed revision 20987 (/translation/trunk/projects/website): updated the po files
MayaT
hello
Runa
hi
MayaT
hi runa
are u using tor?
Mathiasdm
I'm trying to get my browser running using Tor (it worked a few weeks ago)
when I try now, I keep getting 'Notice, we tried for 15 seconds to connect to ...'
I even set up a bridge connection, in case the ISP started blocking tor
but it doesn't seem to solve the problem
phobos
any warnings?
keb
tor takes a while to wake up after its been idle
Mathiasdm
no, no warnings, phobos
ah, could just be that it's slow
I have been trying for 20 minutes now though
keb
hmm it should work by then
are you trying chec.torproject.org
are you trying check.torproject.org
Mathiasdm
"The proxy server is refusing connections"
dr|z3d
Sounds like polipo/privoxy's not running..
Mathiasdm
ah, hm
check.torproject.org just gives a warning sign and 'add an exception'
but no text like a usual warning
hi, dr|z3d :)
dr|z3d
(Action) waves to Mathiasdm
keb
if tor is giving notices of failing to connect, the requests must be getting through to it
via polipo or privoxy
unless you are using tor for soemthing else
dr|z3d
Mathiasdm: You haven't tweaked the circuit timeouts too low, have you? Sounds like that could be an issue... 15 seconds is not default timeout.. 60 seconds is..
Mathiasdm
it is? I didn't change them at all
I installed privoxy, tor and torbutton
and didn't change anything
except adding 3 bridges
dr|z3d
Ok, not that then.
Add some more bridges, if you want to use them.. as many as you can.
However, I'd not use bridges at all for now. I doubt your ISP is blocking Tor.
Mathiasdm
well, it was just a try
I'll disable the bridges again
oh, and I have vidalia running too
the problem seems to persist
I'll try increasing those limits from 15 to 60 seconds
dr|z3d
Mathiasdm: Can you turn on info level logging, leave it to generate some stuff for aminute or 2, and then pastebin?
keb
what version of tor do you have
dr|z3d
(In Vidalia).
Mathiasdm
0.2.1.19, apparently
it's generating as we speak, dr|z3d
keb
0.2.1.19 isnt the latest but it shouldnt have serious problems connecting
Mathiasdm
http://pastebin.com/d37aa20f4
it didn't show the notices anymore, but it's not working either
maybe it is something with privoxy, but I didn't change any settings
keb
sometimes you have to restart privoxy or polipo
Mathiasdm
I'm now getting that I'm not using Tor
even though torbutton says 'Tor enabled'
keb
there is a testing button in the torbutton preferences
« prev 1 2 next »