logs archiveIRC Archive / Oftc / #tor / 2015 / October / 10 / 1
torQUES
the end of the "end-to-end" encryption? FBI wants backdoors in the encryption software (the https encryption?) to watch the US nation back - this oxymoronic "wisdom" will be very fast exploited by foreign reverse engineering and hackers - a strong blow for the online legal business, too
as I know so far, google and apple ask the White House to stop this madness
iratemonk
.t @ernestmonz
tacky
lol
NotTheFakeQwerty1
death to infidels
ncl
hi qwerty1
kvm234
Help the FSF stay strong for 30 more years https://www.fsf.org/appeal
prosit-
1
ryonaloli_
2
arie^
http://oniichanylo2tsi4.onion/thread-b820fa539c.html#194fe5e0860ff716ccbf40b0f4e901e8114bdf1d
Does the fact that onion addresses can be 'brute forced to specification' eg. facebookcorewwwi.onion mean all hidden services are essentially non-hidden? Their private keys are easily brute-forced
         

ryonaloli_
no
facebookcorewwwi.onion was not what facebook decided to use when they started brute forcing
they generated a massive list, and facebookcorewwi.onion was the one that looke dth ebest, so they used it
it could have equally been facebooksiteabc1.onion[C
Peng
Also that doesn't mean the private key can be easily brute-forced.
arie^
Pardon my ignorance - the above link implies random generation of private keys until one with a pleasing onion address is found. So if I generate private keys until I get the one matching some onion address, I've basically discovered that hidden site's private key? (though I understand ryonaloli_'s point this is not easy - the link also says RSA-1024 is too easy though)
ryonaloli_
RSA 1024 is not easy
perhaps the NSA could break it with a year or two of heavy computing power
arie^
OK thanks - the OP's logic is faulty then
ailleen
on that thread "psi AKA chi AKA chisquare AKA Jeff Becker, operator of overchan.oniichan, FBI informant "
jesopo
(debian) what permissions should a hidden service directory have? I was assuming chown debian-tor:debian-tor and chmod 700
ryonaloli_
jesopo: the directory with the private key, or the directory with the web data?
jesopo
private key
Peng
arie^: No, you've discovered *a* private key with that onion address.
ryonaloli_
mode 2700
jesopo
oh
I see
I was getting a "read-only file system" error
ryonaloli_
2700 won't alleviate that
it just makes it "sticky" so it stays 700
arie^
Peng: aaaaaah. Now I will do some reading but I get your point
ryonaloli_
(we, umask 077)
Peng
arie^: I don't remember the numbers off hand, but there are bazillion times more 1024-bit RSA keys than onion hashes.
ryonaloli_
*well
jesopo
yeah, still getting this error
and I have it on two seperate boxes
[warn] Couldn't open "/etc/hiddenservice/private_key.tmp" (/etc/hiddenservice/private_key) for writing: Read-only file system
chmodded 2700 and chowned debian-tor:debian-tor
ryonaloli_
is tor running as the same user that everything in there is running as?
also, why /etc? it's typically in /var/lib/tor
jesopo
dunno, personal preference?
and there's nothing running in there, it's an empty dir
oh
putting it in there works
weird.
         

Peng
arie^: And, as ryonaloli_ said, Facebook didn't intentionally brute force "facebookcorewwwi". They just brute-forced a bunch of things that started with "facebook" and one of them happened to end in "corewwwi" rather than "zteszsfh" or whatever. It'd be pretty easy for you to generate some other onions that started with "facebook", very expensive or impossible to generate a "facebookcorewwwi" one, but even if you did, it would almost...
...certainly (99.lotsofnines%) be a totally different key pair that just happens to have the same hash.
arie^
thanks again
dan1
hey, Tor is crashing when i attempt to play videos on Tumblr
I'm running Tor 5.0.3 (based on Mozilla Firefox 38.3.0) on Debian Unstable
cacahuatl
You mean the browser? And if so, when you say crash do you mean it closes or does it hang up?
dan1
it closes completely, and yea, this is a Firefox issue
I haven't updated Tor in the past week, and I know I played videos off tumblr yesterday
the only significant thing I've done is do apt updates, which broke systemd. Then I updated again to fix systemd.
cacahuatl
5.0.3 is the latest, it's unlike to be related to Tor.
Does `dmesg` give any details on the crash?
dan1
nothing with the words tor or firefox
let me run tor from terminal and crash it
cacahuatl
try with '--verbose'
It might be hitting an OOM error, there was a case before with the webm player allowing a negative audio sample rate that caused it to try to allocate -1 bytes cause firefox to abort
dan1
https://ncry.pt/p/TaBn#J18mhs5PXC4nkMZOAIx1vOuEGKTZpNFp0HsZqTMAg5M
^^ looks like I'm hitting the stack smashing protector?
cacahuatl: here is a crash caused by visiting the exact same page with --verbose https://ncry.pt/p/UaBn#qs45zLD-LD6hrp6iSUI9p8b6AaNHjjoNFVL7FbalRtY
cacahuatl
Well that's never good :/
dan1
yea
so, is tumblr or one of the sites it loads likely causing the buffer overflow then?
cacahuatl
I guess it's better than not having SSP but looks like it's in gstreamer
dan1
well, crap
cacahuatl
which is a media player library, so it's possible that it's a bug in the current lib shipped with debian unstable?
dan1
very possible
like, unstable had systemd broken for a few hours yesterday
it wouldn't suprise me if I updated gstreamer the first time too
(Action) checks
hmm, looks like the version of libgstreamer that comes with sid aka unstable was last updated almost a year ago https://packages.debian.org/sid/libgstreamer0.10-0
also, I can't recreate this crash in iceweasel
cacahuatl
Interesting, got an example link that I can test locally?
dan1
yes, but all the asy to find videos are porn
like, that is 80% of what tumblr videos are
*easy
cacahuatl
I'm surprised no one else has encountered the error yet, then :P
dan1
lol
let me find a non-porn video
the only ones that pop up are just youtube vids
http://ussgecko.tumblr.com/
^^ least porny site I could find
like, I'm sure someone has a thing for geckos, but that site isn't making porn and has videos that crash tor on my computer
cacahuatl
I can't play any of them :P
"No compatible source was found for this video." on any video on the site.
dan1
huh
seems to work fine for me in iceweasel and chromium, used to work fine in TBB
cacahuatl
It's definitely related to the video but it doesn't seem to be coming from any of the libs that are actually shipped with Tor Browser
dan1
hmm
cacahuatl
https://debianforum.de/forum/viewtopic.php?f=29&t=157679#p1061277 someone with the same problem in firefox on debian, looks like it dies at the same offset
"libgstfaad.so(+0x21c2)"
dan1
yeah
seems like a very similar bug
cacahuatl
probably worth poking people in #debian to see if it's a known issue
dan1
yea
it crashes when I go to youtube too
« prev 1 2 next »