logs archiveIRC Archive / Oftc / #tor / 2009 / November / 23 / 1
misc
user123abc456def: like what ?
atari
the topic is outdated: 0.2.2.5-alpha ;)
keb
misc : maybe user123abc456def fell afoul of an exit node that uses opendns services
Sebastian
no
keb
or noticed the request for random hostnames that is used to test dns
Sebastian
There is a Tor option
ServerDNSRandomizeCase
keb
oic
Sebastian
this is used for _all_ outgoing dns requests
keb
that doesnt seem to be implemented in dns.c
         

Sebastian
it helps to defeat some dns cache poison attacks
oh, but it is
if (options->ServerDNSRandomizeCase)
SET("randomize-case:", "1");
else
SET("randomize-case:", "0");
keb
oic
can we still use that for handling cyrillic and chinese dns
Sebastian
try it? ;)
cheako
arma: browser->apache->perl->nagios->check_digdns->dig. What was your real question though?
perl-filesystem>nagios
perl-filesystem/logfile>nagios
2009-11-22 05:42:44] SERVICE ALERT: localhost;tordns;OK;SOFT;2;DNS OK - 0.804 seconds response time (broker.freenet6.net. 1800 IN A 81.171.72.10)
[2009-11-22 05:41:44] SERVICE ALERT: localhost;tordns;CRITICAL;SOFT;1;DNS CRITICAL - 0.680 seconds response time (No ANSWER SECTION found)
[2009-11-22 03:26:44] SERVICE ALERT: localhost;tordns;OK;SOFT;2;DNS OK - 0.014 seconds response time (broker.freenet6.net. 60 IN A 81.171.72.10)
[2009-11-22 03:25:54] SERVICE ALERT: localhost;tordns;CRITICAL;SOFT;1;CRITICAL - Plugin timed out while executing system call
Fairly consistently irregular.
More: http://pastie.org/710602
My only question is, since there is nothing in the logs about this, what else should I be looking at?
G00gle
does tor or any of the related tor programs (torbutton, privoxy, polipo etc) take care of LSOs? they are shared across all firefox profiles.
arma
lso?
G00gle
flash cookies
arma
torbutton disables plugins
G00gle
im not sure that you need flash on to have a flash cookie
they are permanent
arma
that would be a shame. if you learn that that's true, let us know :)
G00gle
well i have an addon called better privacy
and it asks me if i want to clear my LSOs every time I exit Firefox, whether I have flash on or not.
arma
do you have any flash cookies? or is it just a badly designed interface?
ShanePancake
(badly designed interface)
G00gle
what do you mean badly designed interface?
ShanePancake
arma: my thesis defense is tomorrow :X
arma
woo :)
ShanePancake
Also my apache module works, instead of modifying Tor to demonstrate it, I wrote a local java proxy which makes the apache connection then passes all bytes back and forth
arma
google: it asks you about clearing cookies even if there are no cookies. perhaps. never heard of the extension before.
(Action) goes to food, back later
G00gle
ShanePlonker please dont butt your head into my business
ShanePancake
Your business? This is a public irc channel
         

G00gle
its quite popular
phobos
you need to run flash to read/write flash cookies
ShanePancake
And you can't get flash cookies unless you install flash
because FLASH is what reads/writes flash cookies (see phobos' comment)
phobos
where flash is adobe flash
vs. gnash which is open-source freely available flash-compatible
gnash lets you control cookies
ShanePancake
Betterprivacy simply has opens a prompt to clear flash cookies on browser shutdown regardless of whether you have adobe flash installed, or flash cookies
-has
G00gle
ShamefulPhaggot:but it lists over 100 flash cookies
phobos: do you know what i should do
phobos
are they actual flash cookies?
if you uninstall flash
ShanePancake
Could a mod please ban G00gle
G00gle
yes
phobos
and wipe the macromedia directory
G00gle
which directory is that?
ShanePancake
G00gle: user error
phobos
which os?
G00gle
id rather not uninstall flash, if at all possible. it was a pain getting it installed on ubuntu
actually now that i think of it, this most recent installation was Super-OS
phobos
all your flash objects are stored in ~/.macromedia
G00gle
that's a Ubuntu sub flavor (for lack of a better definition)
ShanePancake
(7:41:52 PM) G00gle: im not sure that you need flash on to have a flash cookie
Yet you have flash?
G00gle
would it be under macromedia.com or #sharedobjects
phobos
i don't know, i wipe the entire dir
G00gle
i should wipe the entire directory?
cheako
G00gle: Kill it, kill it, before it puts cookies in all your folders.
phobos
you can do what you want :) I wipe the entire directory
or move it to something else and see what gets recreated
G00gle
so it wont hurt anything if i permanently delete every thing in the folder?
phobos
define hurt
if you rely on flash cookies to login to some flash-only website, then, you'll lose that
otherwise, no
G00gle
is there some way maybe, of backing them up? just copy the folder to another directory?
cheako
G00gle: If the names is changed, then the name is also deleted. mv will do this.
G00gle
what?
i didn't say anything about changing names
phobos
mv ~/.macromedia ~/.saved-macromedia
when you start up the flash plugin, it'll create a new .macromedia
ShanePancake
carful cheako, anyone "butting into his business" he will get snippy with: (7:50:25 PM) G00gle: ShanePlonker please dont butt your head into my business
cheako
G00gle: I didn't this the revers(a name is deleted when it is changed) was as interesting.
ShanePancake: I want to see if this is true for just you or every one.
ShanePancake
cheako, if you have never installed flash, you cannot have flash cookies is all I was saying.
(or any flash varient)
phobos
pretty sure ubuntu installs adobe flash by default now
cheako
ShanePancake: It's like saying the files you cat are not cat-able when cat is not running... right?
G00gle
ok that got rid of all my flash cookies
what were we doing that for again?
phobos
to get rid of flash cookies
G00gle
no we did it to see if betterprivacy was a legitimate addon
phobos
well, is it?
ShanePancake
not at all, how could an object exist if the program that creates them was never installed. It's like saying I have never had a web browser on my machine, yet I have all these web cookies. Sure some OTHER program could create web cookies, if that's what yall are trying to decide then that's fine.
phobos
ms office, open office are browsers
an increasing number of apps make http connections without telling you
and re-using whatever the default browser is, or rolling their own
ShanePancake
right
G00gle
so these cookies are real
ShanePancake
fu*k this, that guy was a di*k for know reason. He's clearly ignorant of what's installed on his own box, have fun running around on his ignorant wild goose chase
G00gle
and they are present in every profile
phobos
flash is shared between profiles
because flash is based on system user, not app profiles
G00gle
Waaa. could a mod please ban ShanePancake
phobos
use /ignore
the both of you
cheako
G00gle: Mum makes real cookies, every thing else is Betty Crocker.
G00gle
phobos: but you say you can not read or write flash cookies without using flash so i think im good
cheako
I liked it when gconf centeralised proxy configuration settings, do you think they will put cookies and bookmarks in there as well? That would be cool, but at the same time I can see many ignorant application developers assuming Fierfox, Epiphany, and Flash all have there own namespace for cookies.
phobos
if you go to tools, add-ons in firefox, it'll tell you what you have installed
cheako
Can't you just setup privoxy to take out all the cookies?
G00gle
who are you talking to
phobos:
phobos
cheako: not flash cookies
torbutton by default will keep tor and non-tor cookies distinct
cheako
phobos: wow... it's not just using http?
phobos
or you can configure either ff or torbutton to wipe all cookies
cheako: flash maintains it's own bucket of cookies, completely blind from apps
cheako
phobos: Privoxy is an http proxy, also completely blind from apps.
phobos
flash is a binary blob you download and then run
privoxy, nor firefox itself, can see inside binary blobs
cheako
phobos: Flash uses IP(TCP/UDP) also binary, but still vary flexible. I can see inside binary blobs and so can any AMD or Intel CPU.
phobos
ok, so write a privoxy filter to clean out flash cookies
cheako
phobos: Privoxy uses IP(TCP/UDP), so it leverages AMD and Intel's ability to run binary blobs.
phobos
what do I care, I don't run flash
cheako
phobos: You just tell privoxy to remove all cookies, that's what it's for.
phobos
ok
i suggest you test it out, write it up, and send it to or-talk, i'm sure many people would like to do that
cheako
phobos http://www.suselinuxsupport.de/wikka.php?wakka=HowToPrivoxyTorSquid
phobos
that doesn't clear flash cookies
cheako
phobos... why not?
phobos
do you have privoxy installed?
cheako
yes.
Privoxy can remove cookies sent by the remote server b4 they get to flash and can also remove them when sent by the client b4 they get to the server.
phobos
ok
is your privoxy set to remove cookies?
if so, go to a website that calls flash, see if it sets a flash cookie or not
assuming you have flash installed
last I checked, with privoxy 3.0.14 on win32, it couldn't stop nor clean up flash cookies
3.0.14-beta at least
cheako
yes.
Privoxy can remove cookies sent by the remote server b4 they get to flash and can also remove them when sent by the client b4 they get to the server.
I'm sure Privoxy can also be told to downgrade all cookies to session cookies, so they are gone when you exit.
sahal
you can easily clear flash cookies by deleting .macromedia or .flash in your home directory iirc
cheako
What do flash cookies look like on the wire?
http://en.wikipedia.org/wiki/Local_Shared_Object
nsa
or: hanru committed revision 21011 (/website/trunk/zh-cn): zh-cn bridges.wml update from yfdyh000.
hanru_
btw, this is committed via Tor :)
randazzollo
hi
arma
hanru: woo :)
hanru: using a bridge, or is the latest alpha/stable somewhat working for you now?
hanru_
0.2.2.3-alpha without a bridge
randazzollo
can someone explain why some networks block people using tor?
arma
randazzollo: some countries want to filter their internet, so their citizens can't read certain websites. if they're serious about it, they need to block every proxy, every circumvention tool, every tool like tor, or people can get around their filters
randazzollo
ok, ty, but i mean why irc networks do it? users can be banned the same
G00gle
i dont think thats what he was asking
arma
ah. many irc networks are plagued by jerks. the jerks use all sorts of avenues to show up. the irc networks end up with a larger and larger ban list of ip addresses that the jerks have used.
some of them look at tor, look at the jerks coming from tor, and decide that hearing from users who want to keep safe just isn't worth it.
see also torproject.org/faq-abuse, there's an entry about irc
randazzollo
thanks
ShanePancake1
(I know java is, but it has to use the Tor process somehow.)
Is PuppetTor cross-platform?
-tt +T
TranceControl
hey guys .. Getting this: "502 Read from server failed: Timeout" is that if the exit relay isnt able to connect to the server or?.
i seem to be getting them alot in the last few days.
anyone?
keb
it is a standard http error
could happen with any website. do you get it on all destinations or only some
TranceControl
well i'm getting it on facebook, but it has been working perfectly for the last hmm 10-12 days ..
also its only sometimes im getting it .. so thats why im thinking that some of the relays might be broken or something.
Lucky
No clock skew on my Tor servers in the 5 days since I switched to the 2.6.30 kernel. This is looking encouraging.
keb
TranceControl well i can get into facebook through Tor, so maybe it is related to circuit and/or exit node performance
TranceControl
aye thats what i was thinking .. which is just a bit annoying :(
hehe thats kinda why i asked sometime ago if it was possible to only run on the high performance exits nodes. :) but i guess that was a silly question :P
ShanePancake
Anyone on used PuppeTor?
keb
TranceControl mostly there is a bias to do that already
in the system
TranceControl
mmh there is ?
ShanePancake, nope :)
wow .. either im just very unlucky, or some or the nodes are just very very sucky :/
StrangeCharm
do relays verify that clients are using 3-hop circuits?
AstralStorm
they can't really
there's no way to pass that information without losing privacy
then you could launch a partitioning attack on middle nodes until you're chosen as an end node
given enough percentage of such broken nodes, the network privacy would collapse
(say, a set of nodes routing middleman only to a given chosen set of nodes)
actually, that's still a possible attack
with a specially modified tor relay server
:/
w/e
nodes don't verify that, as there are legitimate reasons for using 1-hop connections
or 2-hop
« prev 1 2 3 next »