logs archiveIRC Archive / Oftc / #tor / 2010 / June / 21 / 1
kmm
hrrm
I switched to firefox using a proxy in sunnyvale
same issue
I think you may have a cached copy
I can get to the directory it is in
and I can get to the english text version
https://www.torproject.org/eff/en/tor-legal-faq.wml
I can read
my question wasn't so much legal
as how aggressively LE looks at the nodes
i.e. how much privacy it provides
and this works
https://www.torproject.org/eff/tor-legal-faq.html.en
katmagic
Hmmm... Kevin Bankston should have a PGP key listed.
kmm
anyhoo
thanks
Malkovich
Hey, Some body, please help
I wanna connect to FreeNode, try this hidden irc serv: irc.tor.freenode.net
use this onion domain p4fsi4ockecnea7l.onion
in torrc add this: mapaddress 10.40.40.40 p4fsi4ockecnea7l.onion
and /connect p4fsi4ockecnea7l.onion
So, i try
to connect
and irssi say: - Irssi: Connecting to p4fsi4ockecnea7l.onion [127.0.69.0] port 6667
:/
!- ERROR Closing Link: gateway/tor-sasl/account (SASL access only
ioerror
hi kmm
Malkovich
Solve my problem, by using /load cap_sasl.pl
thx
BarkerJr
phobos: http://www.torproject.org/eff/.cvsignore
we don't use cvs, do we?
atagar
nope, the site's currently under svn
Malkovich
I have some problem with saving private key, and have tor relay node,
         

BarkerJr
we need someone to go on a delete rampage on the tor site :)
there are three instances of .cvsignore
Malkovich
some times its start so fast, i catch the same flags, and staying dir v 2 node, etc
but, more often, relay doesnt get up
I use always one ip adress.
and Every day new private key.
Is it problem in keys?
nsa
or: [Tor Bug Tracker & Wiki] #1574 filed by pde: #1574: Apparently we break Request Policy - http://trac.torproject.org/projects/tor/ticket/1574
or: From Justin Samuel:
or: Thanks for making HTTPS Everywhere. It would be great if it could be
or: compatible with extensions that needs to know when URIs get rewritten.
or: [...]
or: [Tor Bug Tracker & Wiki] #1575 filed by pde: #1575: We need a hierarchical system for rules - http://trac.torproject.org/projects/tor/ticket/1575
or: If we're going to add all the user rules that have been flooding in over
or: email, we'll need a system of hierarchical tabs to characterise them.
or: It should default to having the most important rules open by default, with
or: other categories ("digital civil liberties", "finance and online banking",[...]
or: [Tor Bug Tracker & Wiki] #1575 was updated: #1575: We need a hierarchical system for rules - http://trac.torproject.org/projects/tor/ticket/1575#comment:1
or: Changes (by pde):
or: * component: Tor-Tor client => EFF-HTTPS Everywhere
or: [Tor Bug Tracker & Wiki] #1576 filed by pde: #1576: Fail to recognise some non-US google searches - http://trac.torproject.org/projects/tor/ticket/1576
or: This happens when the search comes from some source like a toolbar search
or: that does not use an hl=<lang> parameter, but instead something like
or: rls=com.ubuntu:nl:official
or: or[...]
or: [Tor Bug Tracker & Wiki] #1577 filed by pde: #1577: Incompatible with new Firefox development builds - http://trac.torproject.org/projects/tor/ticket/1577
or: From Brian Sanders:
or: Saw some comments about people not being able to use this add on with the
or: latest Firefox alpha code, guess there are a few people checking out webm
or: and the vp8 codec :-)[...]
or: [Tor Bug Tracker & Wiki] #1578 filed by pde: #1578: Split off a development branch - http://trac.torproject.org/projects/tor/ticket/1578
or: New features and rules will need to be tested by an appropriately sized
or: population before they're pushed out to all of the users of this plugin.
or: We could achieve this by using an alternative update.rdf for people who
or: are willing to be bleeding and edgy.
tntcoda
how do you stor tor refreshing its nodes every few mins? i.e just use the same once from when the daemon is initially started
arma
pick your exit relay, perhaps
you may also like trackhostexits
Goldstein
can you say why you want to do so?
tntcoda
sorry yes, i meant just the exit node. I just need to have the same exit IP for a certain time period
dr|z3d
tntcoda: you can augment maxcircuitdirtyness if you want to make all circuits refresh less frequently. Default is 600 (seconds).
*maxcircuitdirtiness
tntcoda
thanks dr|z3d
dr|z3d
There's also mapaddress if you want to lock a certain address to a specific node.
arma
maxcircuitdirtiness won't really do what you want,
because tor will still abandon a circuit that it thinks sucks too much
dr|z3d
Can that be mitigated with maxcircuitbuildtime, arma?
tntcoda
hmm dont worry its not essential, i thought it might be a simple switch to reuse the same node path
arma
tntcoda: you want trackhostexits
tntcoda
ok thanks
arma
dr|z3d: not really, because "sucks" is also a function of how long it takes your stream to receive a connected cell
dr|z3d
arma: Ok, just curious :)
velope
tntcoda: tor switches exit nodes frequently to reduce your exposure to being de-anoymized. you should use something like the trackhostexits option only if the server (resource) you're accessing can't tolerate it's client's switching IP. (Most do just fine, perhaps aided by session cookies.)
tntcoda
velope, thanks. Yer that's the problem im having. My endpoint server needs the same IP, so trackhostsexits should do the job.
Goldstein
what protocol are you using?
         

tntcoda
it's a custom one im developing. Im going to extend it to support IP changes, just working on debugging
nsa
or: [Tor Bug Tracker & Wiki] #1573 was updated: #1573: duplicated filters in HTTPS everywhere - http://trac.torproject.org/projects/tor/ticket/1573#comment:1
or: Changes (by mikeperry):
or: * owner: mikeperry => pde
or: * component: Tor-Torbutton => EFF-HTTPS Everywhere
ihaveanick
everyone asleep?
nsa
or: pootle committed revision 22522 (/projects/gettor/i18n/sr): updated files from pootle
or: pootle committed revision 22523 (/translation/trunk/projects/torbutton/sr): updated files from pootle
or: pootle committed revision 22524 (/translation/trunk/projects/torcheck): updated files from pootle
or: pootle committed revision 22525 (/translation/trunk/projects/website): updated files from pootle
ihaveanick
got a problem with accessing my hidden service
getting the evil "Tried for 120 seconds to get a connection to [scrubbed]"
and "rend_service_load_keys(): Loading hidden-service keys from...."
in the debug log that is
funny thing is that i get the message twice in quick succession
nsa
or: runa committed revision 22526 (/website/trunk): new and updated translations for the website
ihaveanick
any clever ideas? :-)
nsa
or: runa committed revision 22527 (/translation/trunk/projects/website): updated files for pootle
Akira
Hello. Westerner living in China looking for unblocked bridges. All the GMAIL / website ones seem to get blocked almost instantly. I heard bridges can be obtained via QQ?
Malkovich
ololo
d-b
Malkovich: o o o o
switchgirl
hi anyone know anything about setting up tor on a linux ubuntu 9.04 eeepc g4 701
i need to have it so that there is ONE small exception - it doesnt use tor for iplayer or youtube
as i need to stream media stuffs
hi kwagner
d-b
darkNemesis: you can use foxyproxy
or just firefox network proxy options for that
darkNemesis
d-b, there is a small problem - screen v small
omg i just ruined my crt desktop monitor :'(
tipped 520ml water over it by mistake
d-b
lol
darkNemesis
no really i did
:((((
and i was planning to list it on ebay
murb
darkNemesis: you may have problems with things likeiplayer and youtube and tor also because of geographic restrictions.
also be warned that the flash streaming (rtmp) will ignore proxy settings.
nsa
or: [Tor Bug Tracker & Wiki] #1579 filed by bee: #1579: Tracking users - http://trac.torproject.org/projects/tor/ticket/1579
or: Yeah!!!!!!!! I found a way to track what users are doing!!! It works
or: against all tor bundles (for windows, linux and even against my
or: factorbee!!! with or without polipo and torbutton!!!!) I wrote a demo
or: too!!!!!!!!!!!!!!!
or: [...]
vegard
O.o
nickm
"Multiple exclamation points. A sure sign of insanity."
phobos
omg!!!!!!!!!!!!!!!!!!!!!!!
(Action) couldn't resist
n8fr8
dude i love that guy.
weasel
every time I read these messages I die a little bit
nsa
or: [Tor Bug Tracker & Wiki] #1579 was updated: #1579: Tracking users - http://trac.torproject.org/projects/tor/ticket/1579#comment:1
or: Changes (by nickm):
or: * priority: blocker => normal
or: [...]
nickm
The text was "So, are you going to say what the attack is?"
nsa
or: [Tor Bug Tracker & Wiki] #1579 was updated: #1579: Tracking users - http://trac.torproject.org/projects/tor/ticket/1579#comment:2
or: Changes (by bee):
or: * priority: normal => blocker
or: [...]
vegard
...eh
this could be fun ;-)
phobos
hmm
Last modified: 2010-06-21 17:21:57 Expires: 1970-01-01 00:00:00
negative expiry time
nickm
on what?
phobos
http://honeybeenet.altervista.org/fun/tracker/
katmagic
Wow. That's disturbing.
Also, bee isn't a complete imbecile. This is surprising.
nickm
Fortunately, it's (now) a nicely written proof-of-concept thing. It _isn't_ messing with IPs or cookies; restarting your browser works fine
phobos
i suspect css or history attack
arma
if you telnet to it and ask it for the page manually, it never answers. just hangs.
nickm
And attack doesn't work against curl.
murb
arma: echo -en "GET /fun/tracker/ HTTP/1.0\r\nHost: honeybeenet.altervista.org\r\n\r\n"|nc honeybeenet.altervista.org 80 # answers
nickm
murb: it answers and gives me a 400.
murb
hmm, on one host it works, elsewhere i get no reply.
kaner
murb: what do you see on the host where it works?
vegard
what's ETag: header? that doesn't look like valid HTTP
nickm
got it.
dr|z3d
ETag's totally legit.
kaner
he implemented that browser fingerprint attack the EFF was talking about earlier?
nickm
kaner: I doubt it.
dr|z3d
It's like a UUID for resources.
kaner
nickm: i'm on it using two different browsers, got differnet "ID"s for both
nickm
My browser is sending the thing that he reports as an ID in the "If-None-Match" header.
Aaaaand my browser is doing this because of the ETag header.
vegard
told ya ;)
nickm
Yep.
And somebody's confirmed that current torbutton doesn't block this, right?
kaner
dunno. ask mike?
katmagic
Yep. It works with TorButton.
kaner
i was hoping to get a bit more serious attack here. i'm getting disappointed with bee
nsa
or: [Tor Bug Tracker & Wiki] #1579 was updated: #1579: ETag and If-None-Match header can link multiple requests to the same page - http://trac.torproject.org/projects/tor/ticket/1579#comment:3
or: Changes (by nickm):
or: * status: new => assigned
Guest309
serious? it works. isn't that serious enough?
nsa
or: [...]
nickm
Well, it wasn't hard to diagnose, and doesn't look hard to fix.
vegard
still, credits to bee for discovering something and letting you know about it.
nickm
Well, for discovering something and letting us know he discovered it.
Not saying what it was is still an as****e move.
vegard
Well, it wasn't hard to diagnose, and doesn't look hard to fix.
nickm
heh.
vegard: I acked you in the bug report, btw. If you don't want to get acked in the torbutton changelog, you should probably say so.
weasel
that wasn't a bug report. it was taunting. no credits are due for that sort of behaviour
nickm
He could have been a much bigger ass about it, and built a big obfuscated system that first tried javascript, then cookies, etc etc, and only fell back on ETag when nothing else worked.
Of course, I don't know whether the usefulness of the demo stems from helpfulness or what.
vegard
hm, is valgrind on tor supposed to give hundreds of warnings for uninitialized memory accesses on key initialisation? (SSL_CTX_new, X590_sign, RSA_setup_blinding, etc.)
nickm
that's a notorious openssl issue...
openssl likes to read uninitialized RAM when it seeds its rngs.
vegard
ah. this is by design?
nickm
check out doc/HACKING in the tor source; it tells you some option you can pass to ignore the openssl warnings.
or you can rebuild your openssl with -DPURIFY
It's a by-design thing that openssl does. Many sensible people think it is stupid. :)
vegard
great, thanks.
« prev 1 2 next »