logs archiveIRC Archive / Oftc / #tor / 2015 / July / 24 / 1
Filystyn
guys not sure question fits here. is it hard to set onion site?
Just a dum text + pictures of some people.
kernelcorn
no, it's pretty straightforward
Filystyn
is it hard to maintain such a site?
cacahuatl
It's 1-2 torrc config lines harder than setting up a website.
kernelcorn
1) get a web server up and running, make your site work on localhost, 2) go into /etc/tor/torrc and comment out the first couple lines regarding hidden service configuration, 3) browse your site through Tor
Filystyn
ok.
For now that is all.
Thank you very much
Im very happy it's so easy.
kernelcorn
if you want a somewhat-meaningful HS address, you could look at Shallot on Github
Filystyn
HS ?
kernelcorn
hidden service
         

cacahuatl
but beware, because vanity onions can give a false sense of authentication.
kernelcorn
true
Filystyn
ok atm im only gaining basic data
kernelcorn
so then you probably don't even need Shallot
Filystyn
thx guys.
kernelcorn
np
velope
we probably should not be raising the topic of shallot here, and certainly not recommending it as important or necessary
people who already know about it will find it
l0bst3r
is the general philosophy of #tor that we should assume people who join this channel are unintelligent and deserving of a paternalistic attitude?
cacahuatl
No but vanity onions aren't functionally useful and we weren't assuming the user was "unintelligent", rather that potential users of the onion may not take the time to perform proper verifications and may be mislead by it, as we've seen in the past.
kernelcorn
those are fair points velope and cacahuatl. I'll stop recommending it.
ryonaloli_
i would have thought that shallot might actually provide a small level of protection, because it requires anyone trying to fish to match the amount of computing power you used (and slightly more, since most people can recognize at least one or two characters past the vanity text)
like if i wanted to impersonate the kpvz hidden wiki, i'd just impersonate four or five letters. but my own onion address has 8 letters, so unless someone really, really wanted to impersonate it, they wouldn't go to the trouble of creating a 9 or 10 character vanity onion
l0bst3r_
I think the point remains, velope assumes anyone who joins the channel lacks all intelligence or reasoning ability
velope regularly shows contempt for people asking reasonable questions
ryonaloli_
i know, i just don't like to assume that the harm (of people not fully verifying the onion) outweighs the gain (an imperonator would have to put some effort into it)
cacahuatl
I'd like to point out that I stated it to the user, velope concurred after the user had left.
ryonaloli_
(i wasn't objecting to how anyone handled answering the user's questions. i was just expressing my doubts that any significant number of people actually do fully verify a url just because it is not a vanity onion)
l0bst3r_
it's clear arma and the rest of the tor project approves of velope's contempt for honest questions
#tor is just an unfriendly place
ryonaloli_
though i don't always agree with velope's handling of noobs, i don't see in this instance any case where velope was showing contempt
(also, this probably belongs in #nottor)
cacahuatl
Surely it would be quite easy to attack onions homonyms at scale too, rather than any one specific onion.
Generating the keys is the intensive part, string comparisons later not so much. compare it against a set of strings for matches.
ryonaloli_
ah, that's a good point
i'm too use to assuming everything is a salted hash lol
in that case, i would think that the third lesser known vanity generator would be a good idea, the one that creates human-readable full urls
the first onion i memorized was xycpusearchon2mc.onion (a tor search engine) because it used that generator
cacahuatl
you mean it searches for onions where "valid words" cover the majority of the address rather than for a specific leading byte?
         

ryonaloli_
valid words, or easy to memorize strings ("xy", "on2", etc)
basically anything that can be efficiently used with the chunking mnemonic
cacahuatl
hmmm, at first glance that'd seem like a better approach, less vanity, more memorable as a whole, I can't do the maths in my head though :P I'd need to think about it
velope
btw, my primary thought about shallot and such is a simple one, just that apparently human-readable .onion domain names tempt users into relying on their intuition, so they are phishable. less so for random ones.
nothing perfect of course
ryonaloli_
but do random names actually make any significant number of people check the entire domain?
cacahuatl
It doesn't trick certain users into thinking they have
qwerty1
a random-looking hostname is less likely to be looked at closely
users check the start and end, the middle is just some random stuff i dunno i looks similar
cacahuatl
So what you're saying is we should try to make the middle human readable to solve the problem and teach users to check that part of it? ;)
rndom456
Can anybody help me get into irc2p irc network ogn5vbujhrvbihko.onion:6667 Keep getting error. *** Looking up your hostname... :irc.dg.i2p.onion NOTICE AUTH :*** Found your hostname (cached)
mrphs
contact the maintainers of that irc network and seek for help. this is a place for people to learn and ask question about tor not about the services running by someone else, using tor network or protocol
rndom456: ^
rndom456
:mrphs Sorry, I was informed yesterday that was the official Tor IRC.
:mrphs How would I contact the maintainers?
ryonaloli_
there is no official tor irc
well, there's irc.oftc.net channel #tor
that's as official as you'll get
arma
right. this is the official tor irc. that other one is not.
rndom456
:ryonaloli :arma Ok ,sorry. OP was bullsh*tter confirmed.
velope
historically i2p seems to be afflicted with such
happyfr0gg
Where can I find an updated list (preferably 0day) of .onion sites?
rom1v
hi
I downloaded and extracted tor-browser, it works, but by default all files have user $USER. Instead, I would like them to be writable only by root (and execute them by $USER), like any program installed from debian packages
however, if I do that, tor browser does not start
IMO it is very important for security, otherwise a flaw in tor browser could allow to modify tor browser binaries
so I: chmod -r +R *; find -type d -exec chmod +x {} ';'; chown $USER: Browser/TorBrowser/Data -R; chmod +x Browser/TorBrowser/Tor/tor
don't you think these rights should be the default ones?
if no, why not?
chmod +r -R * #of course
and before all: chown root: * -R
arma
rom1v: i can see why you would want that, but as you can see, it won't be super easy. tor browser aims to be portable, meaning you can stick it on a usb key and it will stay within its directory tree.
probably you can lock down nearly all of it, but you're locking down some directory that it needs to write to
naif
Improve Latests TBB Format to be easily parsable https://trac.torproject.org/projects/tor/ticket/16551#comment:4
BOUNTY: I offer 1 liter of Italian Grappa from Venice for the implementation of ticket #16551
rom1v
arma: is it planned to have a package in the main debian repo?
dbclk
hey guys..question
are there any non-scam electronics store on the deep web?
and would anyone here advise buying anything off there
barbequedtux
hey all.
anyone hre?
*here
cacahuatl
Yes, but this is mostly a support channel. If you've a question, just ask.
barbequedtux
I'm honestly scared right now :P
for reasons I can't go into I'm curious how long it'll be before HLS bust down my door
cacahuatl
the more you talk about it, the smaller the timeframe. my advice is: don't
barbequedtux
thanks.
(Action) has screwed up.
WubTheCaptain
I have DirPort 188.126.81.155:80 in /etc/tor/torrc on OpenBSD, Tor 0.2.5.12, yet in Tor logs it says: Jul 24 14:56:28.000 [warn] Received http status code 301 ("Moved Permanently") from server '188.126.81.149:80' while fetching "/tor/server/authority.z". I'll try again soon.
What gives?
It's trying the wrong IP-address. .149 is the default IP
Default IP for the whole server
Trying OutboundBindAddress now
That seems to do it. I set it to 188.126.81.155 and now it works.
s7r
what does this line mean exactly
[notice] Your network connection speed appears to have changed. Resetting timeout to 60s after 18 timeouts and 1000 buildtimes.
i am getting it more and more on a hidden service instance
arma
it means enough of the circuits you built took enough longer than the earlier estimate that tor gave up on its earlier estimate
« prev 1 2 next »