logs archiveIRC Archive / Oftc / #tor / 2010 / February / 28 / 1
v1ttu
how do i set up a relay just for people in censored countries?
nsa
or: Nick Mathewson <nickm@torproject.org>: 2010-02-27 22:13:37 [tor/maint-0.2.1]: Update Tor Project copyright years
atagar
v1ttu: look into setting up a bridge (that's a relay expressly for counter-censorship)
v1ttu
i've tried that, but nothing comes thru
atagar
many bridges are kept in reserve so it's quite likely you won't be used
nsa
or: Nick Mathewson <nickm@torproject.org>: 2010-02-27 22:17:43 [tor/master]: Update copyright dates for files not in maint-0.2.1
or: Nick Mathewson <nickm@torproject.org>: 2010-02-27 22:16:31 [tor/master]: Merge remote branch 'origin/maint-0.2.1'
or: Nick Mathewson <nickm@torproject.org>: 2010-02-27 22:13:37 [tor/master]: Update Tor Project copyright years
G-Lo
or maybe your IP is already blacklisted by censors, because you ran a relay
v1ttu
i can blacklisted for trying to help censored people?
how dumb ¬¬
atagar
no you can't
         

ilter
Can we see which IPs are on blaclist?
*blacklist
atagar
G-Lo is saying that perhapse you were running a *normal* (ie, nonbridge) relay and got censored
G-Lo
that's what i meant
v1ttu
so it's not pissible to be a relay for somewhere like china or something like that?
atagar
again, many bridges (a third I think) are kept in reserve
Runa
v1ttu: not sure if you can choose just one specific country
v1ttu
i really dont wanna relay for some f*cking paedo :/
atagar
if you're a bridge then you're doing the right thing
v1ttu
bridging helps?
atagar
yes
v1ttu
how does that work?
atagar
I'd suggest reading the documentation if you want the details
v1ttu
is it safe?
atagar
yes
v1ttu
i wont be helping illegal sh*t?
atagar
you will be helping with counter-censorship (technically that's illegal in their country)
G-Lo
depends on what you consider illedal, free surfing is illegal in china
*gal
v1ttu
sweet thanks ;D
screw their censorship lol
as long as i dont get polie knocking at my door ^^
police*
atagar
you won't unless you're an exit node
G-Lo
bridges cannot be exit nodes, by design
         

atagar
sorry, that's what I meant ;)
G-Lo
:)
v1ttu
my isp wont puish my for doing this yeah?
atagar
the only possible concern would be that you use too much bandwidth (for instance comcast has a cap)
v1ttu
punish*
mines unlimited so no problem then
thanks guys ^^
atagar
np, thanks for running a bridge!
v1ttu
is there anyway to test that my bridge is definitley working?
atagar
I'm pretty sure tor will warn you if your bridge port can't be reached
v1ttu
even on linux?
G-Lo
check in the vidalia logs the line "you're reachable from the outside"
v1ttu
i have set up upnp
and it says the test was successful
G-Lo
so you're okay
v1ttu
sweet
G-Lo
but that doesn't mean your bridge will be used, nor it isn't blacklisted
a pretty good test is to try to connect directly to irc.freenode.org
v1ttu
ok it says that someone in germany has used my bridge?
G-Lo
if your IP is listed as a Tor one, you'll be banned
v1ttu
germany is censored?
i dont wanna use tor
i dont need it :)
atagar
v1ttu: many countries have censorship (australia, a big chunk of europe is discussing it, etc), though I think the only countries to block tor is Iran and China (that I know of...)
G-Lo
and some universities
v1ttu
umm maybe a screenshot will help hold on
ilter
How do they block Tor in their counrty? For example China?
atagar
by ip (deny access to known tor relays)
nsa
or: Karsten Loesing <karsten.loesing@gmx.net>: 2010-02-27 22:30:45 [ernie/master]: Cut off last day from all graphs, as it may have incomplete data.
or: Karsten Loesing <karsten.loesing@gmx.net>: 2010-02-27 22:21:19 [ernie/master]: Remove comments in CSV files. R doesn't like them.
G-Lo
ilter: the list of nodes is public
https://torstatus.all.de/
v1ttu
http://i.imagehost.org/0703/snapshot4.png
is that normal?
G-Lo
it's not abnormal
ilter
Yes i know the list is public because of providing anonymity. But the list changes dynamically. Do they changes their blocking list continuously?
v1ttu
so germany is a censored countrie O__0
lol
okkkkkkkkk
G-Lo
ilter: it's not so hard, a script grabbing the IP is not so hard to code
v1ttu: maybe your geoip is not up to date
don't trust what it's saying
v1ttu
what doesnt?
G-Lo
what doesn't what?
Sebastian
G-Lo: Bridges can be exit nodes, too. Not so easily, but if they have a non-rejectall exit policy, they can be used as exit nodes.
atagar
v1ttu: anyone can use a bridge (though it's rare unless you're censored since it's not as easy as connecting normally), also geoip isn't infallable
Sebastian
G-Lo: so always remember to set ExitPolicy reject *:*
v1ttu
i have the authentication set tp passowrd/random is thst correct?
G-Lo
Sebastian: I learned something then o_o
v1ttu
to*
that*
ilter
Hmm .. I think that their blocking list is on only one backbone router. And they write static-route on this backbone router for IPs of ORs to black-hole by metric 1. Am i right?
G-Lo
I was sure to have read somewhere that bridge and exit were exclusives
Sebastian
G-Lo: if you use normal, not modified Tor clients, yes.
that's the default mode of behaviour, and the intention
G-Lo
okay
v1ttu
doesnt it bother you guys that you maybe helping paedos and sh*t like that?
G-Lo
v1ttu: i don't think making computers that help pedos to watch their sh*t bothers dell or IBM
but you can tell both of'em to stop, if you want ;)
v1ttu
fair point
:P
is the password authentication correct, or should i set it back to none?
G-Lo
unless you have to send commands to Tor (which is not adviced, un less you know perfectly what you're doing), it's fine
*advised
v1ttu
ok (y)
nsa
or: n8fr8 committed revision 21761 (/projects/android/trunk/Orbot/src/org/torproject/android): added transproxy app chooser view
or: n8fr8 committed revision 21762 (/projects/android/trunk/Orbot/res): added new list layout resources for transproxy app chooser view
or: phobos committed revision 21763 (/torbrowser/trunk/build-scripts): fix the find command to remove the other languages, update the makefile
or: to realize farsi is a supported language in firefox, and set versions to
or: make it easier to get current tbb and firefox.
or: phobos committed revision 21764 (/torbrowser/trunk): correct capitalization of pidgin.
or: phobos committed revision 21765 (/torbrowser/trunk): bump to torbrowser 1.3.3
or: phobos committed revision 21766 (/torbrowser/tags): tag torbrowser 1.3.3, fix a dead url in 1.3.2
or: phobos committed revision 21767 (/torbrowser/trunk): bump to 1.3.4-dev
or: phobos committed revision 21768 (/torbrowser/trunk/build-scripts): persian firefox is just fa, not fa-IR anymore.
or: phobos committed revision 21769 (/torbrowser/tags/torbrowser-1_3_3/build-scripts): persian firefox is just fa, not fa-IR anymore.
bja
phobos: Go get a beer, I'll deposit you on your paypal account
:)
phobos
ha
getting pidgin to use portable firefox by default is proving to be more of a challenge
bja
ohh
phobos
however, the tbb is now 1MB smaller
bja
Good luck, you'll eventually make it work as you like :)
phobos
users keep clicking on "online help" and having IE open up
not an optimal situation for anonymity
bja
"online help" is a simlink to IE or is it an application?
phobos
it's a url
but pidgin defaults to the system default browser
and apparently one can't change this
bja
Somehow the system reads that data unless it is hardcoded. Its a matter of finding the proper file
phobos: have you tried to contact ms and directly ask them? I believe they are compelled to tell you
phobos
the problem is pidgin, and it's a common complaint
nsa
or: phobos committed revision 21770 (/website/trunk/include): 0.2.2.9-alpha packages on the way.
or: phobos committed revision 21771 (/website/trunk/torbrowser): It's not fa-IR anymore, it's fa.
bja
(Action) takes a guinnes of the fridge and toast to phobos health
nsa
or: atagar committed revision 21772 (/arm/trunk): Hiding client/exit information to address privacy concerns and fixes for numerous issues brought up in irc.
or: added: scrubbing connection details of possible client and exit connections
or: change: providing file descriptions in README, updated known issues and future plans in TODO
or: change: added precision for bandwidth cap and burst if uneven values (requested by mete1989)
or: fix: HiddenService* parameters fetched via a special option (caught by dun, karsten, and grumpy3)
or: fix: workaround for os specific torrc validation bug - unfortunately haven't managed to repro yet so no fix (caught by grumpy3, Tas, and dun)
atagar
Sebastian: I don't have an exit relay so wasn't able to test this as much as I'd like - hopefully the guinea pigs... er, I mean users will report any scrubbing bugs
bja
:)
mib_bqgi63
?
Sergio`
I'm trying to run elinks with privoxy and tor but I get SOCKS request rejected or failed. I have forward-socks4a / 127.0.0.1:9050 . in privoxy's config.
I remember that once I just uncommented this line and it worked.
bja
Sergio`: That line should be on privoxys config file to use tor as a proxy, then you have to configure your browser to use privoxy
Don't forget to restart privoxy
nsa
or: phobos committed revision 21773 (/website/trunk/include): win32 stables updated too.
ilter
Hello. I can't access proposals and specs of tor from http://gitweb.torproject.org/tor/tor.git/blob_plain/HEAD:/doc/spec/proposals/ site. Is it be changed?
atagar
ilter: http://gitweb.torproject.org/tor.git?a=tree;hb=HEAD;f=doc/spec/proposals
ilter
Thank you atagar.
Scott told me there are consensus documents but i can't find it. Do you know what are the consensus documents?
atagar
not sure what exactly you mean, the only 'consensus' I'm aware of is the authority consensus
ilter
Yes it should be the authority consensus. How can i find it?
atagar
it's the percepton of the tor network at a given time by the majority of the consensus authorities - when you run a relay you download the consensus (or tor status sites like https://torstat.xenobite.eu/ are probably reflecting it)
ack s/consensus autorities/directory authorities (thanks tequila)
ilter
I asked a question on or-talk which subject is "Dir-spec / Directory server administrators".
Then Scott advise me that the consensus documents. I wonder what are they?
atagar
in the tor source there's a few servers that are the 'authority' servers (run by various tor developers) - they make up the consensus
ilter
Sorry i couldn't understand what is the "ack s/consensus autorities/directory authorities"?
atagar
vim syntax substitution (it's common to say "sorry, I made a mistake, I meant X")
it means that they're called directory authorities, not consensus authorities
ilter
What are the criterias while they're making up the consensus? Is there any written procedure for the consensus?
Ok i got it. I've also learnt vim syntax, thank you.
atagar
the consensus is determined by the majority of the authorities (for more details see the docs)
ilter
Which docs?
atagar
tor has a *lot* of documentation: http://www.torproject.org/documentation.html.en
ilter
:) I know and i've read already a lot of them. It's the reason why i asked for a special doc.
atagar
the consensus aspect is pretty simple - they vote on a perception of the conensus and the majority wins (ie, if three out of four authorities think you're a relay with the 'fast' flag then you are - at least that's my understanding of it)
btw, what scott meant was relays with the 'authority' flag
ilter
Yes so which relays has an 'authority' flag?
atagar
looks like they're listed in src/or/config.c
in the dirservers array (moria1, dizum, etc)
ilter
Yeah that's it. Thank you so much. So you mean that they (moria1, dizum .. ) has 'authority' flags. Am i right?
atagar
yup
ilter
Thank you so much. I got it. And they decide which relay has an exit, guard, dual also non-flagged. One more question if you've time; for example I'll be an relay. Do i decide i'm a guard or they decide?
I mean who decides of assigning flags (exit, guard, dual (exit+guard) and non-flagged) to ORs?
atagar
they decide based on various attributes (uptime, advertised bandwidth, exit policy, etc)
ilter
For example for guard flag, what are the criterias?
atagar
I don't know off the top of my head, I'd assume uptime plays a big part (you'd need to check the documentation (perhapse the dir-spec for this one? Haven't read it: http://gitweb.torproject.org/tor.git?a=blob_plain;hb=HEAD;f=doc/spec/dir-spec.txt)
ilter
Not all of it but i've read some parts of it.
Afaik when i want to be a relay i can select if i want an exit. But i don't know anything about guard flag.
atagar
exit is determined by your exit policy (kinda), other flags like guard, named, hsdir, etc are based on other attributes
one sec, looking for the specifics...
dun
there is no. you become a guard when your fast, stable... and other things atagar will tell you in a moment ;)
*none
atagar
yup, flags are defined in the dir-spec under ""s" SP Flags NL
ilter
"Guard" if the router is suitable for use as an entry guard."
atagar
you're right, that isn't very specific
ilter
:)
dun
A router is a possible 'Guard' if its Weighted Fractional
Uptime is at least the median for "familiar" active routers, and if
its bandwidth is at least median or at least 250KB/s.
atagar
you'll need to check with arma for more details (this is as much as I know)
dun
(same doc)
atagar
dun: nice
dun
3.3 deciding how to vote, lots of information *reads*
ilter
Yeah thak you dun i got it now.
So can we say that; directory servers decide assigning all flags except exit flag to ORs due to these criterias?
atagar
yup (though they assign all flags - including exit)
ilter
It seems assigning procedure has two stages.
atagar
it's simple really - each directory receives your descripor, if they think you meet the criteria they give you a flag, if the majority give you the flag then you've got it in the consensus
« prev 1 2 3 4 next »