logs archiveIRC Archive / Oftc / #tor / 2009 / November / 24 / 1
arma
shanepancake: all defended? :)
ShanePancake
haha yup, it went really well, now I have to work on the thesis some more to make it better where it is lacking
and run some measurements
(The actual paper, the presentation was fine. I'm just lacking a clear attack model and some latency/bandwidth measurements)
Do you know if it's possible to create some sort of fixed router for testing in puppetor?
fixed route*
arma
i don't know much about puppetor i'm afraid. karsten or sebastian or maybe nickm might know more.
ShanePancake
Alright, cool.
SwissTorExit_
there is something i don't really get it, i try now on a VM ( karmic version ) to run decloak test with java, cripts and all enabled but have only socks5 enabled, Tor warn me about that while it say that only one ip are give but i can't leak my ip, same result with other tests done.
it is possible that FF have new fix or karmic maybe ?
i don't see why no ip are found
arma
torbutton is on?
SwissTorExit_
no
only jondofox with Tor option or only with manualy socks5 added and nothing for http etc
early was minimum flash who bypassed my ip, no proxy are installed and no special config done
time to eat, i need experiment on different environnement,
arma
yeah. i dunno. let us know as you learn more. :)
SwissTorExit_
yeah for sure, that's really the first time that i can't bypass the socks... i keep in touch for sure arma ;) cya later , i am very hungry :P
arma: i am on thinking now, Tor listen automatically socks5 on 9050 ?
because i have nothing config for that, like my DNS though Tor on my other OS without enabled it but only to bind trafic to it
well i run libevent 2 , i don't know if that's for something
         

SwissTorExit
arma: well i have try on this computer who run in real enviromment and no plugins have bypass my socks5. i have done 6 times the test
seem that socks are fixed yet :P
so i have test FF 3.5.5 to 3.5.6pre, will be great if a few peoples tests too, but 2 machines give me the same resultat
well after 20x, it have bypass.. was too beautiful to can be always ;)
nsa
or: phobos committed revision 21017 (/projects/todo): add in mike's tasks, update the pdf
ShanePancake1
anyone on who knows much about puppetor?
was wondering if there is an easy way to send NEWNYM to the spawned proxy in that
Sebastian
ShanePancake1: doesn't look like it. You would need to hack jtorcl
jtorctl even
ShanePancake1: I'm taking off to university now, but I could put that in there and push a new jtroctl version this afternoon, if you want.
ShanePancake1: just ping me later, if you still need help.
ShanePancake1
Sebastian: If you could do that easily I'd love it
If not I can try and look into doing that
Sanata
excuse me, I discovered just now the obfuscaTOR worpdress plugin
http://www.ryanday.net/?cat=8
do you think it is a good/useful thing?
sorry, I will re-paste
<Sanata> excuse me, I discovered just now the obfuscaTOR worpdress plugin
<Sanata> http://www.ryanday.net/?cat=8
<Sanata> do you think it is a good/useful thing?
phobos
yes, we encouraged him to create it
Sebastian
ShanePancake: hey
Sanata
ok phobos, thank you
tntcoda
Hi, im after a subject for my thesis based on information security / internet anonymity which is fairly research intensive. Is there any research for (or related to) the Tor project that could make for a good thesis in this area?
Sebastian
your best bet is to read through anonbib first
http://freehaven.net/anonbib/
tntcoda
thanks, will have a read through
It certainly isn't easy to come up with an original idea
Sebastian
no, not really
phobos
or conversely, extend the research in those papers
since many of them leave ideas wide open for further research
tntcoda
thanks, good idea
phobos
and many of them are continuations of previous research
dr|z3d
tntcoda: Also have a look at http://i2p2.de perhaps.. that might also trigger some ideas.
tntcoda
brilliant thanks
phobos
we need to rework our volunteer page
i'm sure there's plenty more research both theoretical and applied people could work on
Sebastian
totally. We should incorporate some parts of the faq, or vice versa.
         

phobos
right now the volunteer page is mostly GSoC-sized projects
MayaT
hello :)
Sebastian
I think we should cut the gsoc stuff out. gsoc work isn't volunteer work, anyways
hi MayaT, how can phobos help you? I'm about to leave ;P
phobos
ha
MayaT
just read n learn here :)
Sebastian
hrm, not too much wisdom for that guy :)
Runa
phobos: hm.. yeah, that would be good :)
keb
dr|z3d why are you promoting i2p in here ;)
phobos
because it's an alternative to tor
keb
i wonder if that dude ever got his i2p <-> tor gateway working
dr|z3d
keb: What phobos said. :)
Well, mostly. I see I2P as a complimentary project, not a conflicting one.
keb
i suppose a solid i2p network can divert all the 1-hop 2-hop people away from here
dr|z3d
Sure, and the p2p'ers.
phobos
to be fair, the i2p network is fairly solid already
and they seem to be improving the code steadily
dr|z3d
Yes indeed. It's seeing some good progress.
keb
yeah i mean widely used
phobos
i think what i2p lacks is all of these people trying to attack it and break it, in order to make it stronger
dr|z3d
About time you had your tpo.i2p site up, phobos *prod(
hanru_
Nov 25 00:14:55.796 [err] Bug: circuitbuild.c:380: circuit_build_times_shuffle_array: Assertion cbt->total_build_times == cbt->build_times_idx failed; aborting.
phobos
someone posted to onionforums with a tor to i2p gateway
or, otherway, i2p to tor
hanru_
starting from today, Tor can't start, always exit with the above error
dr|z3d
Yeah, the latter makes more sense.
hanru_
is this a known bug?
dr|z3d
hanru_: Tried the latest alpha?
phobos
hanru_: which version?
hanru_
winxp, 0.2.2.3-alpha
dr|z3d
There is a bug floating about, sure.
phobos
yeah, known
0.2.2.5 i think fixes it, 0.2.2.6-alpha is current
hanru_
ok I'll upgrade, thanks
phobos
you may have to remove your cached-* files
hanru_
ok
Sebastian
the tor update should make that unnecessary
phobos
that's what I thought
hanru_
yeah, it's fine now
Sebastian
hanru_: generally it's a good idea to update to the latest available version when you have a problem :)
keb
unless the problem is new in the latest version
hanru_
true
Sebastian
keb: well, then it's worthy of a report :)
keb
agreed
it would be easier for users to know the latest version if we posted it in the topic
OFFShare
thats an interesting aspect :)
Sebastian
you're so right, keb... unfortunately all ops are busy recommending i2p :)
(and can't take a hint ;P)
keb
in some jurisdictiosn this sort of talk would get us banned
dr|z3d
New version eh?
(Action) attacks Sebastian with a schnitzel (hint taken).
nsa
or: phobos committed revision 21018 (/projects/todo): add in research progress, remove the date so it's always current
phobos
i don't mind the promoting i2p when it makes sense
i'll get concerned when dr|z3d says things like i2p is all that and a bag of chips and tor is useless
dr|z3d
Indeed, phobos. Context is key :)
phobos
i2p is open source and they talk to us once in a while
dr|z3d
Lots of potential for collaboration, not least because of recent efforts to get Tor running under java.
keb
does Tor run on Androids and on ChromiumOS
phobos
it runs on android
there soon should be an "orbot" app in the market
Sebastian
I don't think anything yet runs on Chromium
phobos
i worry that chromium becomes yet another closed system, ala apple osx
dr|z3d
Nah.. unlikely. It's broadly Ubuntu with a bespoke front end.
phobos
osx is broadly freebsd with a quartz front end
dr|z3d
Yeah, but google are opensourcing the entire stack, unlike Apple.
keb
it cant be closed if its GPL, unless people become unmotivated to work on it
phobos
we'll need tor written in javascript
dr|z3d
(Action) smirks.
Tor running on the GPU I imagine isn't so far off, at least the crypto.
Anyone looking at that?
keb
shoulda CUDA
phobos
I don't think so, dr|z3d
dr|z3d
phobos: tntcoda's research project in the making, perhaps? :)
keb
does a port to new hardware count as a phd
dr|z3d
"Addressing inherent processor bound limits of cryptography"
keb
oic
dr|z3d
Or somesuch.. doesn't take much to make a phd relevant. *wink*
Sebastian
it would be good to get Tor to support moving its crypto into another thread on a cpu
tntcoda
hmm that sounds interesting
nsa
or: bogdro committed revision 21019 (/website/trunk/pl): Mainetance/polish translation update.
phobos
i think solving the "offload crypto to gpu" problem is closer to the "make tor multi-thread its crypto"
dr|z3d
Indeed. 2 sides of the same coin.
phobos
because where the thread goes for offload may not matter so much
until someone starts to find all sorts of bugs in gpus
keb
maybe some interesting attacks can be done in realtime when you have nodes running teraflops of calcs
were there plans to make a torbutton sort of thing for webkit based browsers?
would that be a gsoc
Sebastian
no, probably no
t
unless the student already has tons of experience analyzing software for privacy-related problems, which probably means they'd be working on Tor already :P
keb
many of the problems are already documented in the torbutton adversary model. the ones that are firefox workarounds could be ignored initially
Sebastian
keb: definitely, but you'd also need to make sure there are no more problems, and that requires a review of the webkit codebase. You might be interested in torora
UsingRndNames
hi there
arma
hey
UsingRndNames
i have several questions ....i think i just begin ;)
on the tor-site there is a tip that i dont use google toolbar ....thats not the searchbar or;?)
in the portable firefox from the tor-site is the searchbar for google...i hope this traffic goes throught tor
arma
google toolbar is a firefox extension. different from the search box in the upper right corner.
google toolbar monitors your web browsing and tells google what you browse for. great for improving their data set, not so good for you.
keb
it also runs in IE
UsingRndNames
why the portable firefox in tor is version 3.0.15 ...is there a must to use this version or can i uptade to version 3.5.5 ?
thx arma and keb
on the tor-site there is a hint that you/they need hints for configuring apache that it doesn't show some informations....is there still the need? when yes, i can write wich configurationsettings must be changed that apache2 don't show this info's
is there a list of wich firefox extensions are "safe"? examples: NoScript / AdBlockPlus ?
arma
usingrndnames: firefox 3.5.x still has some risks with torbutton. expect a new torbutton release soon that works better with 3.5
there isn't really a list of safe extensions. there are a lot of extensions, and they change often. we tried to keep a list but couldn't do it.
UsingRndNames
ok thx arma
arma
as for how to configure your apache safely for a hidden service, sure, that'd be great. nobody's written it down i think.
UsingRndNames
should i send this little text for configuring to you?
arma
you could make a wiki page and put it there?
keb
https://www.torproject.org/torbutton/faq.html.en#extensionconflicts
UsingRndNames
thx keb
n1 n1
do you mean a wiki page on wikipedia?
keb
do you think the discussion of extensions on torbutton page is obsolete
UsingRndNames
sry i closed accidently my tor ;)
thanks a lot 4 ur great help ;)
lol with tor it's not possible to make an account lol
on wiki
arma
usingrndnames: wiki.torproject.org
keb: not obsolete, as long as it makes clear that this discusses general properties to look for, rather than provides a list to blindly follow.
UsingRndNames
ah k ;)
hmm....You are not allowed to do newaccount on this page. Login and try again
arma
cypherpunks writecode, i hear. unless they do something else these days.
phobos
....complain to or-talk
nsa
or: phobos committed revision 21020 (/projects/misc-sysadmin): add one minor detail on dnsel2
phobos
arma
so much for that trick
phobos
The Man in the browser
UsingRndNames
i see it...thx arma
Triskelios
does anyone happen to know if livejournal.com and pastebin.com block Tor nodes?
arma
i think pastebin.com sometimes does, yes. alas.
no idea about livejournal. possibly. especially since they're run by the kgb, who likes to monitor things. :)
UsingRndNames
hrhr
`Orum
pastey doesn't
but they make you enter in some funny stuff if you paste URLs (tor node or not)
arma
well, that's a shame.
(see the recent or-talk post, too)
ar0nic
hey guys prolly a newb question, can someone point me in the way of some documentation for using tor with MIRC
ive looked threw the entire faq and wiki
Sebastian
ar0nic: http://wiki.noreply.org/noreply/TheOnionRouter/TorifyHOWTO/IrcSilc#mIrc
« prev 1 2 next »