logs archiveIRC Archive / Oftc / #tor / 2010 / February / 15 / 1
BarkerJr
is the metrics site down?
Sebastian_
no
but the host is having severe network problems for some people
For example, it always works for phobos :-)
nsa
or: kaner committed revision 21643 (/projects/gettor/lib/gettor): Ignore non-dirs in distdir
BarkerJr
maybe we should make it https
nsa
or: kaner committed revision 21644 (/projects/gettor/lib/gettor): More fault tolerance in package building
or: kaner committed revision 21645 (/projects/gettor/lib/gettor): Minor fix
MoiraA
that is you
urk!
sorry
unexpected
seb
or BarkerJr
formalist
i knew it.
MoiraA
why am I showing as using tor?
formalist
you're an exit node.
         

MoiraA
how???
tor is not even installed on this pc
mac
much less set up in xchat
atagar
MoiraA: what's more important is if the ip is shared with an exit node
nsa
or: Karsten Loesing <karsten.loesing@gmx.net>: 2010-02-14 22:56:14 [ernie/master]: Add parser and graphs for gettor stats.
MoiraA
I keep getting told from time to time it's shown on some blacklist
but I have got it removed I don't know how many times
and it always eventually comes back
nsa: when you use a hidden server over http
nsa
or: Karsten Loesing <karsten.loesing@gmx.net>: 2010-02-14 22:57:46 [ernie/master]: gettor stats are downloaded, not imported.
MoiraA
what would be the error if you tried to connect to that url with a tor exit node?
nsa
or: Karsten Loesing <karsten.loesing@gmx.net>: 2010-02-14 23:03:37 [ernie/master]: Download gettor stats every hour for now.
SwissTorExit
evening to everyone, it is a know bug with the geoip data file on windows seven x64 for the version 0.2.2.7 alpha ? in fact it search the "geoip" file in wrong folder , if are not know, i will fullfil a bug report
nsa
or: atagar committed revision 21646 (/arm/trunk): Refactoring goodness and bug fixes.
or: change: revised curses utilities to further simplify interface implementations
or: change: substantial layout changes (adding util and init packages) and including a copy of the gpl
or: fix: bug with handing of DST for accounting's 'Time to reset' (patch provided by waltman)
or: fix: header and connection panels weren't accounting for having ORListenAddress set (caught by waltman)
or: fix: crashing bug when shrank too much for scrollbars to be drawn
AstralStorm
I wonder if tor prefers tcp_low_latency (Linux tunable) set or not
formalist
i just learned that onion addresses are base 32, not 36.
:/
i can't call myself erudite. so it's [a-z2-7]{16}.onion for regexp :)
Manny
what's going on with tor on this network?
BarkerJr
it gets banned frequently
Manny
i see
i've never had problems until today
formalist
lately it has been getting banned more frequently.
Manny
so when it's banned, it's banned. it's not like they set up a user limit right?
formalist
perhaps the user limit is set to zero.
effectively a ban.
Manny
wha happened to NickServ?
atagar
Manny: one thing to try might be using tor to connect to mibbit (ie, use them as a proxy)
Manny
seems to me the tor community needs to provide irc servers a standard way of dealing with abuse
tor banning seems to be increasing imo
         

atagar
and your suggestion for separating abusers from general tor users?
Manny
it would have to be client puzzles
make it cost a lot to reg a nick
atagar
doubt captchas are the way to go for a variety of reasons - an important one being that any protections done on the client only work against script kiddies until someone with a little programming experience provides a version of tor stripped of those 'features'
Manny
well freenode apparently feels that simply requiring valid email is enough to stop abuse
and the only thing stopping massive registration of emails is frequently capthas
atagar
yes - server side capchas (that's the important point)
Manny
o, well yeah. i was assuming that it would be a web reg process
AstralStorm
not just that
Manny
you reg on www.oftc.net
AstralStorm
freenode also provides a .onion access
Manny
then nickserv has your reg
AstralStorm
and they add extra hoops such as recent addition of pointless SASL auth
(grmbl)
Manny
not sure how that makes abuse harder
AstralStorm
nick registration requirement does
email auth seems enough
oh, and it makes banning abusers selectively far easier
Manny
but i dont have anything against .onion or sasl as far as not being transport layer security based
AstralStorm
thanks to the cloaks
huh?
.onion is a hidden service, goes via Tor
Tor is TLS.
Manny
yes i know
AstralStorm
it's nowhere sent plaintext, so SASL is pointless ;p
Manny
yes but it doesnt make the tor reg process dependent on transport layer
AstralStorm
bonus point is that in this way it's impossible to get good pseudonymity and anonymity
Manny
so it doesnt bother me wrt that
AstralStorm
yeah, it doesn't *require* registering via TLS
Manny
why not
AstralStorm
but you can do that already
it's your choice
pity that one can't connect via .onion and register just then... but...
w/o captchas there would be too much abuse
Manny
i have no problem with captcha either
AstralStorm
(heck, you can easily get a throwaway email address)
Manny
i have a problem with transport layer based authentication
AstralStorm
freenode can ban a mail domain from registering nicks
:>
Manny: uh? that it's not required, or?
Manny
yes, not req
if it's required, it breaks tor
wrt a network
mlrd
(Action) i am also locked out of freenode for some weeks due to 'sasl'
AstralStorm
why would that break tor?
mlrd: ah that, yes
someone trying stuff out on tor users
SASL is totally pointless via Tor
as the connection is end-to-end encrypted
(because it exits locally)
mlrd
i like oftc much better. the operator doesn't seem to think they are such as superior to other users, but it has less channels
AstralStorm
:)
SASL is good for non-encrypted connections
Manny
if they need to block people based on ip, they will have to ban the whole tor exit node list
mlrd
freenode also fixed a bug, you used to be able to connect with open CGI::IRC using tor without it noticing
Manny
either from connecting period or registration
AstralStorm
mlrd: haha, "bug"
actually they switched the Tor node ban from "exits to irc" to "exits to irc and web"
just that
mlrd
the key now is to look for brand-new relays and connect via them, before their database updates the list
AstralStorm
and they do detect gateways
that's really hard actually
mlrd
yes, but it is successful sometimes
AstralStorm
there isn't enough churn
so what?
you still need a registered nick
doing that anonymously is possible of course (web gateway I guess... not sure if any works from Tor)
but you need a throwaway email address
mlrd
they have banned most of the webmails and mailinator aliases from registering as well
AstralStorm
have they? gmail still works afaicr...
so do certain other webmails
mlrd
gmail still requires phone number for new account?
AstralStorm
;>
does that matter? you can enter anything there, nobody validates
mlrd
i never tried
AstralStorm
still, scripting abuse that way means making google angry
and that's bad for your health, unless you're in a funny country
mlrd
i have a register nickname, but no way to connect with this obscure authentication protocol
AstralStorm
...
mlrd
if i could connect, i could make registering for your account with fake details
AstralStorm
there is info on freenode site
sure you could, but they know who registered :)
it's logged
mlrd
doesn't matter to me, i registered it in the past with tor and webmail accessed only by tor
AstralStorm
:)
so, that SASL part is scriptabl
Manny
for freenode, do you have to reg without tor in order to use tor bascially?
AstralStorm
yeah, that's what it looks like
mlrd
at least you could connect, then make a second nickname and use that to jump off
AstralStorm
makes it fairly pointless
mlrd
you can be anonymous. you just have to tell them who you are first
Manny
true
AstralStorm
mlrd: that's not anonymous ;p
they don't want anonymous, they do want "hard to censor"
Legion_
freenode sure is sec conscious
Manny
so basically, you have to wait until you take a trip, then find a open access point
AstralStorm
yeah
that way you can establish a pseudonym
Legion_
I beat them though
They have false info and I connect via SASL
mlrd
not as much inconvience for people who can just crack a windows pc and install a jump-proxy
Legion_
Web gateway IRC
AstralStorm
so what. don't spam or hack them, it's flaky enough
Legion_: yeah, I thought they've plugged that hole ;p
dummies
Legion_
Nope
I used a mailinator alias too
I guess I got lucky.
Anyway
I win freenode lost
mlrd
in recently, they ban mailinator by looking at the address it goes to, not by domain
AstralStorm
mlrd: indeed
but there are so many sites you can set up a mail via Tor
Legion
Yeah
AstralStorm
and webmail is not really necessary anyway ;)
Legion
Its really easy
mlrd
yes, infinite webmails. but mailinator is a favorite
AstralStorm
yeah, because it's so easy to script
bugmenot is banned as well I think
right now, freenode via Tor is good only to hide the fact that you're connecting to IRC
(now that they support TLS)
oh, and in case you're running an exit node
;p
mlrd
did you found any portal into their network, so far?
AstralStorm
?
you mean a web gateway unknown to them? nah.
all have proper cloaks
mlrd
a way to connect without this sasl
AstralStorm
why would you need one?
just grab a script/plugin for your client
I don't know any for weechat yet though
mlrd
only supported for irssi and mirc
AstralStorm
nah, xchat is somewhere as well
they forgot to copy it
sasl-lite-xchat.pl
so, only bi**hx and weechat are missing really
and a bunch of fringe clients ;p
but, they do need some LART, SASL is totally unnecessary
via Tor
I bet SASL was done to frustrate spammers some
Legion
You jsut ened to find a CGI IRC server
one that lets you specify your relname
since CGI IRC by default copies your hostname into the real name.
so either find one that lets you change it and connect directly
or proxy to one.
google "cgi:irc login"
should find you a few.
« prev 1 2 3 4 next »