logs archiveIRC Archive / Oftc / #tor / 2010 / January / 8 / 1
nsa
polipo: chrisd@seul.org committed patch by Christopher Davis <chrisd@mangrin.org> at Thu, 7 Jan 2010 17:07:05 -0500 (EST) to polipo-commits: [polipo/master] Abort dynamic objects in httpServerAbort.
polipo: chrisd@seul.org committed patch by Christopher Davis <chrisd@mangrin.org> at Thu, 7 Jan 2010 17:07:04 -0500 (EST) to polipo-commits: [polipo/master] Don't set OBJECT_VALIDATING when recreating the request structure.
polipo: chrisd@seul.org committed patch by Christopher Davis <chrisd@mangrin.org> at Thu, 7 Jan 2010 17:07:05 -0500 (EST) to polipo-commits: [polipo/master] Raise an error when a server drops the connection abruptly.
polipo: chrisd@seul.org committed patch by Christopher Davis <chrisd@mangrin.org> at Thu, 7 Jan 2010 17:07:04 -0500 (EST) to polipo-commits: [polipo/master] Adjust locking to prevent clients from stalling out when memory is reclaimed.
jr__
arma: do you think the codeen approach is one to encourage?
zuuloop
hello
what time in usa
Runa
middle of the night
zuuloop
ah ok so you will sleep now :)
Runa
I'm not in the us, so no :)
zuuloop
aha
i need some more Information about guards
or guard nodes
how can I find guards, and how can I self bea guardnode
ilter
Hello. I can't access: https://git.torproject.org/checkout/tor/master/doc/spec/proposals/
Is there another way to access proposals?
I need proposal 160 & 161.
Runa
ilter: http://gitweb.torproject.org/tor/tor.git/tree/HEAD:/doc/spec/proposals
         

ilter
Runa: Thank you so much.
I got it.
Runa
np :)
zuuloop
how can I find guards, and how can I self bea guardnode
can it be configured?
Runa
zuuloop: you don't have to repeat the question :)
zuuloop
but nobody answer yet
Runa
wait until more people are awake and then try to ask again
nickm
zuuloop: my best guess is: you don't need to find guards, Tor does it for you. To be a guard node, be a regular relay that is very fast and has very high bandwidth.
That's just a guess though.
Runa
thanks nickm :)
zuuloop
ok..
Runa
zuuloop: are you running a relay already?
zuuloop
no
Runa
ok
zuuloop
what is a tagging attack
Runa
http://en.wikipedia.org/wiki/VLAN_hopping -- that article does have some info on 'double tagging'. Not sure if that's what you're after, though.
zuuloop
wit respect to tor i mean
Runa
where did you read / hear about it? :)
zuuloop
i think in some spec.. but i dont remember.
nickm
tagging, in anonymity systems, is generally modifying stuff at one end of the channel so as to observe a corresponding change at the other end.
zuuloop
so it is a sort of traffic analysis
nickm
It is an active attack.
The mixminion and tor papers describe it more, and their responses to it.
         

zuuloop
ah
ok
is traffic padding has been realized
in tor
zuuluupaul
hello
Adam44
Hello. My Tor client sometimes tends to choose an entry node whose station is located in the same city as I. Should I be concerned about it or is it normal for a Tor client to prefer a node for some reason? Thank you.
zuuluupaul
someone now mybe an irc channel to get detail information about securtity stuff?
know
which server to recommend one
what is the sucrest way to deploy a hidden service?
whats the best way?
Runa
zuuluupaul: see http://www.torproject.org/docs/tor-hidden-service.html.en
Adam44
Hello. My Tor client sometimes tends to choose a particular entry node whose station is located in the same city as I. Should I be concerned about it or is it normal for a Tor client to prefer a node for some reason? Thank you.
mkob
maybe its a guard node
or fbi is watchingyou :)
Adam44
Guard node? Is this part of your joke?
Hello. My Tor client sometimes tends to choose a particular entry node whose station is located in the same city as I. Should I be concerned about it or is it normal for a Tor client to prefer a node for some reason? Thank you.
arma
adam44: https://wiki.torproject.org/noreply/TheOnionRouter/TorFAQ#EntryGuards
jr_: what part of codeen are you asking about? do i think more people should set up tor-like overlay networks and get experience with them? sure.
Runa
arma: :)
Adam44
arma: Thanks for the link. Is it documented somewhere how the Tor client picks the nodes and their roles in the circuit?
arma
doc/spec/path-spec.txt is a start at the documentation
Adam44
!seen marcus
[ITA]mitticoo
hi where can i found old tor release?
Sebastian
http://archive.torproject.org/tor-package-archive/
[ITA]mitticoo
ty, i was searching vidalia with Privoxy release on win XP can you help me?
Sebastian
not sure which one still has privoxy.
[ITA]mitticoo
i try with 2.4
olegb
When I try to checkout the Tor source with git (as recomended on the web: git clone git://git.torproject.org/git/tor) I get errno=Connection refused. Am I doing anything wrong? Whats the recomended way to get the source from git/svn ?
http://archives.seul.org/or/talk/Jan-2010/msg00046.html says it all - i'll try again in a few days
lord-carlos
Hi there
after watching the Tor talk from 26c3 i installed a Tor Bridge on my desktop Computer. But how do i know it's working?
arma
Dec 29 23:19:13.445 [notice] Self-testing indicates your ORPort is reachable fro
m the outside. Excellent. Publishing server descriptor.
that sort of line in your logs is your hint
lord-carlos: and, thanks for running the bridge. :) (any questions from my talk?)
lord-carlos
sweet
thanks arma
not right now
arma: is it a problem that my computer is not allways on?
arma
nope. but the more it's on, the more likely it is somebody will find your bridge useful.
lord-carlos
indeed
i think i will install it on my v-server
arma
great :)
lord-carlos
up and running :) I hope the V-server provider does not notice. Tor is not allowed on the servers
arma: one more thing. If i am an Bridge, are only clients connecting that need an bridge? Or am i also inside the network as a normal relay?
on https://www.torproject.org/docs/tor-doc-relay.html.de is a 404 link >> https://www.torproject.org/faq.html.de%20#RelayFlexible
phobos
if a bridge, only clients that configure your bridge will connect to you
lord-carlos
ok
so there probably wont be much traffik?
phobos
not for a bit
arma
lord-carlos: yeah, there won't be much traffic. most of it will be from china, once there is traffic, i suspect.
Sebastian
lord-carlos: thanks for the dead link report. Something seems to be wrong with the translation there, it's already on my checklist for when our subversion server is back up.
arma
sebastian: last i checked, de/faq.wml was just a shell of a file. it would be better to delete it. or maybe the new pootle website will create a mostly-english version.
Sebastian
arma: right, I was going to delete it to see what happens.
Or translate it some more, or ask runa what's uo.
up*
No use doing any of that now, though :)
arma
sad-face
Sebastian
well, you can't have everything
OFFShare
"
phobos
it's hosted at dreamhost
jr_
arma: no, I meant sites using their approach to bot-checking
arma
jr_: i seem to have cleared my mental connection table. what is codeen's approach to bot-checking?
jr_: hey, you're a freebsd person, right? what's your take on http://archives.seul.org/tor/talk/Jan-2010/msg00076.html ?
jr_
arma: "scotty beam me up"
<kmacy> cperciva: ping
<link paste>
<cperciva> kmacy: this is true.
kmacy: SSL renegotiation, as it existed, was broken by design, so the only solution was to disable it entirely.
arma
yeah? how come the openssl people had a different solution?
we were using ssl renegotiation, and using it (we believe) safely.
jr_
arma: I'm not taking sides
arma
didn't anybody learn their lesson from debian's "i know how to patch openssl better than openssl does" fiasco?
jr_
arma: <cperciva> kmacy: there's a new ssl renegotiation mechanism in the process of being standardized
arma: that isn't a good analogy - they kept security functionality which was not in fact secure - freebsd is crippling functionality which Colin doesn't believe to be secure
<brd\> cperciva: so later in the thread they mention updating to 0.8.9l does that fix the broken by design problem?
<cperciva> brd\: 0.8.9l is broken
arma
i'm actually unclear on which versions are which anymore (not being a freebsd person). rumor has it you can use the openssl from ports, rather than base, and it will have an openssl similar enough to what the openssl people ship that it works.
jr_
arma: it will
one sec
arma
ok. i guess that's an acceptable workaround. i wonder where to document that.
jr_
arma: verifying that that is correct
<cperciva> kmacy: ports probably just has whatever openssl shipped
ok
it sounds as if he hasn't done anything there
phobos
which is 0.9.8l
jr_
I'm looking at: http://www.freebsd.org/cgi/cvsweb.cgi/ports/security/openssl/files/
it doesn't look like they do anything to cripple re-negotiation
arma: from Colin's paper on the risks of the L1 cache as a covert channel one can conclude that his notions of risk do not correspond to those of most people
arma
i wonder if anybody has clear concise instructions for how to build tor on freebsd now
all i've seen is people bickering over 20-line build scripts
s/scripts/suggestions
jr_
uhm
probably a matter of updating one line in the port
let me see who the maintainer is
when I tried it Vidalia was unusable on freebsd
looks like miwi does the bulk of the updates - he is very responsive
arma
did vidalia not build, or not run like you expected?
jr_
it ran but was rather broken
buttons didn't render
I don't think I spent more than an hour or two on TOR
I just switched to my laptop
:<
sjmurdoch_: did you meet up with lstewart at some point?
arma
jr_: sjmurdoch tends not to actually be here when he's here, lately
jr_
ok
just his laptop connecting to wireless somewhere I guess
« prev next »