logs archiveIRC Archive / Oftc / #tor / 2015 / October / 19 / 1
arma
if this is true, it would be kind of you to say so on the ticket, or close it, or something
else it will remain open forever
torQUES
https://blog.torproject.org/blog/new-sslv3-attack-found-disable-sslv3-torbrowser
SnowyNight
Hello. :) Are there any possibilities to make MITM attack by bad hidden service directory? If attacker change the hidden service descriptor in his bad hidden service directory? Are .onion fingerprint protects before that? Can attacker generate identical fingerprint .onion? What hash function is using .onion fingerprint? Maybe own Certification Authority (like https) is protection about this?
torQUES
it appears disabling SSLv3 is an option
arma
torques: and we already did that yes?
SnowyNight: many questions! i recommend you read the rend-spec.txt document, among others.
snowynight: the short answer is "no, most of those attacks are hard"
SnowyNight
Thank You arma . I will read rend-spec.txt :)
torQUES
security.tls.version.min is set to 1 by default in TBB v5.0.3 so problem solved
ghetto
what happens if someone runs a relay and puts every other relay hash as a family member?
arma
ghetto: families only count if both sides say it
snowynight: if the user gets the real .onion name, that resolves most of the mitm issues. so a big one remaining is that somehow the user clicks on the wrong link.
         

SnowyNight
Thank You arma .
torQUES
arma: I closed the ticket but what the "security.tls.unrestricted_rc4_fallback true" is doing if the security.tls.version.min is set to 1?
arma
torques: dunno, somebody would have to know how firefox works
torQUES
a firefox contributor said "I think security.tls.unrestricted_rc4_fallback It should default to false" https://support.mozilla.org/en-US/questions/1056008 so the problem still remains because in TBB v5.0.3 is default to true
gorana
FF will disable it from Vers 44 on
torQUES
gorana, TBB 5.0.3 is based on Mozilla Firefox 38.3.0
gorana
its a patched esr
Deprecating the RC4 Cipher https://blog.mozilla.org/security/
Omares
How to protect against traffic correlation, identifying you (Tor user) as your identity. What steps can be taken.
torQUES
keep low profile - use the same TBB like the majority users
gorana
^
torQUES
make some dummy traffic with another tor instance on your LAN
SnowyNight
Chocolate_Chip
I got a bug to report
Arm was runing at 98% CPU and somehow had 4 instances despite me opening it once
torQUES
Chocolate_Chip, close your SSH client if any and all arm instances will dissapear
Chocolate_Chip
I'm not using SHH
arma
torques: that makes no sense
Chocolate_Chip
I'm talking about on my host machine. I am using it to control my tor proxy
torQUES
I happen too, I had many arm instances opened ,dunno why, and I closed and reopend my SSH client - the arm instances gone
I use arm through putty to control my relay opened on another machine (a dedicated server) in LAN
arma
chocolate_chip: most likely it is spawning some threads, and the output of top is confusing you into thinking they are separate processes
(or heck, maybe they are separate processes. but i hope not.)
torQUES
I had separated processes with different pids
         

ncl
arm spawns 6 threads for me
torQUES
and sometimes arm freeze with no reason
InternetFreedom
Support Internet Freedom and widespread tor access
Bitcoin Wallet : 1Bw77Ze4xjzxY1HgLyPfDxfXGwwUsyyvR5
https://www.gofundme.com/7n6mksec
http://igg.me/at/vaporousconnect/x/12492425
torQUES
Chocolate_Chip, using CTRL-Z only stoped arm but the process remanied alive as I see with top
use m and exit tab to close arm
atagar
(sorry about any arm issues, shiny new codebase is on its way)
torQUES
atagar, generally arm works well, only minor bugs: uptime not show and measured bandwidth not real
arm, version 1.4.5.0 (released April 28, 2012) installed with apt-get
ncl
the only bugs I've had with arm is after leaving it open for a while it apparently gets spurious input and the output gets mangled
atagar
ncl: Yup, I've seen that too and consider it the worse known bug. Unfortunately not completely sure what's up but suspect it shouldn't be an issue going forward (it was a new regression in 1.4.5, and what I'm working on now is a complete rewrite).
s/worse/worst
torQUES
atagar: tweak the colors, the dark blue lines are hard to see
atagar
torQUES: That really depends on your terminal color configuration. I only have only a tiny number of colors to work with (red, green, cyan, magenta, yellow, white) so avoiding one of them all-together ties my hands. Blue does have more trouble than most though so I'll keep that in mind.
torQUES
atagar, I use arm through a putty cmd window
the other colors are ok and intuitive
the outbound lines in connections tab are dark blue
anyway is the best tor controller I saw so far
atagar
Thanks. On a side note there's an armrc option to drop all colors (just using white) if you'd like. I included that in case the colors impaired readability on any platform.
torQUES
arma: about the machine/OS tor performances, first run my relay on a win32 XP machine and then I moved the relay to a xeon server Debian Linux 3.16.0-4-amd64 - 66 times faster http://paste.ubuntu.com/12814754/
arma
torques: i totally believe this.
ploopkazoo
Top visitor hosts sorted by hits - [avg. time served]
20081 150 9.55% 19.65 GiB 127.0.0.1 |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
1177 9 0.56% 556.78 MiB xx.xx.xxx.xxx |||||||||
1057 8 0.50% 76.35 MiB xxx.xxx.xx.xxx ||||||||
1043 5 0.50% 123.36 MiB xxx.xxx.xx.x ||||||||
people _really_ like the onion on my site apparently
ruds
<ploopkazoo> people _really_ like the onion on my site apparently
s/people/the NSA/
ploopkazoo
of course
well to be fair, those bars are comparing all users of the hidden service to one user of the regular site
so it's not really a remotely fair comparison
lunch
Is there some major software or hardware that ships with .onion support outside of Tor Browser and Tor itself?
Or is anything like that planned?
Basically, I want as many as possible to be able to access my .onion site.
Even if their security isn't guaranteed.
BarryBlue
lunch: https://en.wikipedia.org/wiki/.onion#WWW_to_.onion_gateways
"To use a gateway, replace the domain suffix .onion of any hidden service with, for example, .tor2web.org
lunch
BarryBlue: No, that's not good enough.
Those services (which are always down except maybe one of them) are way too flimsy.
And don't provide "actual" access.
BarryBlue
why dont they provide 'actual' access?
lunch
And are subject to all sorts of block lists and censorship and interception.
They cannot provide actual access because they are a web proxy.
And they modify pages by adding a (necessary for legal reasons) warning.
BarryBlue
"Basically, I want as many as possible to be able to access my .onion site." <--- i'm just tryin to help bro
lunch
We don't seem to be coming anywhere. Both Tor and Bitcoin remain ultra-obscure.
Nobody makes a single payment via Bitcoin on my services.
But they do use all kinds of other methods.
But never Bitcoin.
And none of them use the Tor version.
People don't have Bitcoins and people don't have Tor access.
Both need to change :/
BarryBlue
well, those people dont see that the need for it outweighs the headache of setting it up
but it keeps getting easier, so thats the good news
lunch
BarryBlue: It will never be easy enough as long as it takes manual operation.
BarryBlue: That is, "go to this site, download this file, run it".
It needs to just work for them.
BarryBlue
Yeh, i just heard a good analogy, that people want to keep programs hard to use. It's like a "hipster" mentality, the harder it is to use, and therefore less mainstream, the "cooler" it is.
lunch
BarryBlue: Not sure how it applies to this, but that generally seems to be the mentality, yes.
Tor Browser didn't even use to have an auto updater.
« prev 1 2 3 next »