logs archiveIRC Archive / Oftc / #tor / 2010 / April / 26 / 1
nsa
or: atagar committed revision 22234 (/arm/trunk): The last batch commit (note: this is *not* a shiny, new release - just the parts I have done).
or: added: custom settings config, currently just used for the controller password (requested by ioerror)
or: fix: removed -p option due to being a gaping security problem (caught by ioerror and nickm)
or: fix: preventing the connection panel from resetting while in blind mode (caught by micah)
or: fix: ss resolution wasn't specifying the use of numeric ports (caught by data)
or: fix: crashing issue when trying to resolve addresses without network connectivity
atagar
the arm trunk is going to start being used as a proper devo brach, so to everyone using it I'd suggest switching to release unless you're anxious to help in finding my mistakes ;)
ioerror: this'll do the password persistance you wanted (make a ~/.armrc with "init.password <password>" to use)
oops, I mean ioerror_ ^^^
sylar
ln5, bw authority? salsa? Are you referring to the same salsa that I am? The one I refer to is the one on this doc http://ranger.uta.edu/~mwright/papers/salsa-ccs06.pdf ?
shahn
salsa is a hostname
sylar
aha
shahn
(computer systems are commonly refered to by some arbitrary names. The host running this particular bandwidth authority is called salsa. That's all there is to the mystery)
sylar
I am trying to read that PDF, about the other salsa, from what I get it is some way to defend against attackers that join as servers in the network
I didn't quite figure out how their algorithm works , yet , though :/
shahn
atagar: heh, you killed the nice tags dir. :p
sylar
I think it splits the nodes into groups, and force selection from each group , or something like that
"To improve the value of redundant requests, we propose
the Salsa network architecture, a novel structured overlay
designed to aid the random selection of nodes for anonymous communications."
now what's "value of redundant requests"?
         

atagar
shahn: Does it have a use? I was suspecting that it's an appendix from the repo setup. :P
shahn
atagar: it's part of the so-called svn standard repo structure. No big deal not to use it. svn is a broken concept anyways :-)
atagar: the idea is that you make a new subdir for each tag (usually the released versions)
atagar
ah, gotcha
shahn
one day, you will see the light and understand distributed vc ;)
atagar
just sat through a intro-to-git presentation yesterday - I wouldn't mind switching over, though didn't see any compelling reasons why
shahn
hehe
let's see you do a couple of releases, and then talk again :-)
atagar
we'll see... (though I gotta admit, having local commits is *very* tempting)
Francis
what's this talk of some guy adding 200,000 relays andor exitnodes to Tor?
shahn
Trolls exist
Francis
that actually brings up another question. How do you know 50% of the exit nodes aren't owned by goverment(s)
shahn
We don't
We know many relay operators, though.
Francis
that's too bad :(
yes but do you know them all, or even a good percentage of them?
atagar
the goal of tor is to prevent correlation of you to the exit traffic, not to hide what the traffic actually is
shahn
Anyone can run a relay
We don't know most relay operators, and that's probably a good thing.
dandon
Francis: where did you read that?
the amoutn..
Francis
please correct me if i'm wrong, but if a person/organization owns all the relays a person is connecting from, can't they know both where the traffic is originating and where its going?
shahn
If they own all the nodes in your circuit, yes.
Francis
dandon, #nottor from someone of the nick "F22"
shahn
This is an attack on Tor, and it works well if you control large parts of the network. The idea is that this isn't an easy thing to do.
dandon
ah ok didn't know he was there too..
no. he was only in #nottor. my bad. and ok
         

shahn
Francis: Please try and avoid spreading FUD. "I have a cruise missile in my basement, and I'm going to launch it on the white house in 5 minutes" is not a very believable statement.
Francis
shahn, is there any way to prevent this?
shahn
Francis: get everyone you know to run fast relays, so the attack gets harder
Francis
I don't know if you can avoid a determined organization from doing this though.
shahn
You cannot. Tor explicitly does not defend against a global adversary.
There is no low-latency anonymity design that can. (Note that not only is there no network, but there isn't even a design for one)
Tor is probably your best bet, but it is not perfect.
Francis
what is "FUD" exactly?
shahn
http://en.wikipedia.org/wiki/Fear,_uncertainty_and_doubt
While it is important to understand the attacks that exist, it is also important not to go crazy because someone makes an anonymous statement.
Francis
I apologize, but if you don't ask questions, hypothetical questions, any questions, I don't believe you'll be able to strengthen Tor as much as possible.
shahn
It's fine to talk about what would happen if someone made 200k relays join the network. I explained what would happen when the issue was raised. Saying "200k botnetted relays will join/have joined the network" is FUD.
katmagic
Two hundred thousand relays would be somewhat noticeable, and quite expensive.
Francis
I have a side question in #nottor on this subject, if anyone would be so kind to help.
ok
katmagic
Also, given the scaling issues that occurred with ~1500 nodes, I'd suspect 200,000 new nodes would be more of a DOS thing.
nsa
or: phobos committed revision 22235 (/website/trunk): fix the Makefile, plz stop changing this.
or: phobos committed revision 22236 (/website/trunk/include): when a new version is released, it helps to update the website.
keb
(Action) looks askance at the topic
BarkerJr
the topic and the blog both could use some updates :P
keb
well they just did the blog a couple days ago
the captcha is way improved
BarkerJr
is it humanly possible to do it now?
keb
i dunno if most humans can do grade 2 math anymore
BarkerJr
lol
nsa
or: phobos committed revision 22237 (/projects/presentations): update some tex files to point to the right image page, add in some of
or: the missing images, add in the details of security-part2-anon
or: presentation from sjmurdoch.
or: phobos committed revision 22238 (/projects/presentations): fix image paths on more presentations.
or: phobos committed revision 22239 (/projects/presentations): move some straggler images to the correct folder.
or: phobos committed revision 22240 (/projects/presentations/images): add the updated ohloh stats.
kfisher
hi
any expericne users around?
nsa
or: phobos committed revision 22241 (/projects/presentations): clean up the general presentations.
kfisher
I finally figured out my my relay on windows 7 was pulling up a wrong ip address as host... it was using the hamachi address insated of the isp address.
how to i configure it to use isp ip instread of hamachi?
nsa
or: phobos committed revision 22242 (/projects/presentations): fix up the general anonymity presentation, build a pdf too.
phobos
kfisher: set an Address line in your torrc
kfisher
i have tor ic open where to i set exin not info in it?
what line to in input in torrcc?
phobos
Address (your external IP address here)
or domain name if you have that
kfisher
Here? # Address/port ranges for which to accept or reject outgoing connections on
where can i find a default non edited torrc file?
phobos
torrc.sample in c:/program files/tor
or vidalia bundle, whichever you installed
kfisher
i open vidalia then tor. there is no such fille torrc.sample
phobos
it's in c:\program files\vidalia bundle\tor\
kfisher
yea its not there though.
phobos
odd
i don't have win7, just xp
kfisher
there are document foler.in tor folder, but no torcc files
phobos
https://trac.torproject.org/projects/tor/wiki/TheOnionRouter/TorFAQ#torrc
maybe we should just link to it in the program folder
instead of making people hunt for it
in fact, we do
CreateShortCut "$SMPROGRAMS\Tor\Torrc.lnk" "Notepad.exe" "$CONFIGDIR\torrc"
kfisher
still dont have it
phobos
odd
nsa
or: arma committed revision 22243 (/website/trunk/en): write an actual research page for us
tgmini
tor connects but blocks all traffic on ff
keb
tgmini did you install polipo and check it is working
polipo goes between firefox and tor
tgmini
keb I am not sure/ how do i check that?
just installed polipo. still tor blocks accsess. got "The proxy server is refusing connections"
shahn
tgmini: Have you used the configuration file as suggested in our instructions?
https://www.torproject.org/docs/tor-doc-unix
tgmini
shahn i am on win7 :-(
katmagic
How, specifically, are the Tor binaries built?
shahn
tgmini: And the installation bundles don't work for you?
katmagic: there should be instructions in Tor's source for the standalone versions and instructions for the bundle inside vidalia
katmagic
I mean the exact version of the compiler, libraries, etc., so that one could generate a byte-for-byte copy from the source.
shahn
ah. no clue.
nsa
or: runa committed revision 22244 (/website/trunk/en): andrew signs packages for mac as well
or: runa committed revision 22245 (/website/trunk/en): updated key
SwissTorExit
hello to everyone
hi karsten, i looked in tor metric and see my old relay or exit in the stats by relay but i don't see my new one, it is up to dateon that list ?
another question are that i see that a few has buffer stats too, it is another command to add it or it is for exit only ?
Sebastian
SwissTorExit: hey, I think you're talking about "Statistics produced by relays", yes?
SwissTorExit
yes my friend and hello :D
Sebastian
SwissTorExit: hello
see the sentence above
SwissTorExit
oky i will take a look
Sebastian
"Relays running version 0.2.2.4-alpha can include these statistics in extra-info descriptors, so that they are included in the relay descriptor archives. The following files contain the statistics produced by relays running earlier versions:"
So that means that only old data is available there
and new data is in the extra-info descriptors
SwissTorExit
oh oky, so cannot see if my data are right send with new versions, oky, thanks for your answer :D
or maybe if i download the whole list
Sebastian
Yeah, you can download all the extra-info descriptors
SwissTorExit
but anyway too early, the stats are to mars for the moment, i will take a look when new april will be updated :D
thanks , just to be sure that all work fine :D
dandon
does anyone know why this happens? || 515 Authentication failed: Password did not match HashedControlPassword value from configuration
(Action) win xp
Sebastian
dandon: My best guess is that the password did not match the password in the config. Now if you tell us more about your setup, we might be able to learn more.
dandon
yes. i tried || pw: a |and| no password
lol ok. worked
who's using google to search?
Runa
a lot of people? :)
dandon
in here i mean :) what query string are you using?
Runa
you're asking me what I search for?
dandon
no.. search?q=
google.com/search?q=
Fernmelderfing
Hi
Runa
hello
koryk
wooo thanks for the GSOC acceptance <3
ln5
koryk: gratz!
hbock
koryk: congrats! :)
Sebastian
hbock: grats
hbock
and thanks for GSoC acceptance too :)
damn i'm excited
smoke time!
koryk
grats hbock!
Runa
congrats koryk, hbock :)
dandon
what was were your submissions?
*-was
katoda
congrat hbock, koryk
Sebastian
hbock: read the checklist, you'll notice it doesn't say anything about smoking ;p
atagar_
dandon: koryk is working on JTor and hbock is tackling TorDNSEL
katoda
how many students are working for Tor this year?
atagar_
katoda: four
dandon
mhm. forgot to google ^^
koryk
time to give my thesis presentation ^_^
monkey_d_luffy
I'm trying to set up a specific exit node for a particular domain, let's say it's google.com. The problem is that when I try to go there with firefox, it gives an error message saying "An external application is needed to handle...."
This was what I did: I telneted with TOR, typed my password and typed the command: mapaddress google.com=google.com.TorNickname.exit
The tor node nickname (TorNickname) was obtained with torstatus.kgprog.com by querying the tor node IP.
What am I doing wrong? Can anyone help me?
dandon
oooooooneeeeeeee piiiiiiiiieeeeeeeeeeeeeece
gomu gomu noooooo
gattelingu ;)
(Action) j/k
monkey_d_luffy: you want your exit node to only be able to access google.com ?
monkey_d_luffy
dandon: no! I want to be able to access all the internet, but when I go to google.com, I want a specific exit node to be used.
dandon
did you do setconf mapaddress......
monkey_d_luffy
no, I only typed that command after I telnet'ed
dandon: trying that now...
kjbbb
thanks for the gsoc acceptance Tor :)
wohooooo!
dandon
monkey_d_luffy: no you need either setconf or getconf. i don't know where the instructions for control port are
monkey_d_luffy
I just noticed something also, when I type the mapaddress command, telnet never returns with the reply "250 OK"
« prev next »