logs archiveIRC Archive / Oftc / #tor / 2015 / August / 11 / 1
naif
DonnchaC: i see the idea, sounds like a very cool approach, that could also concretely simplify the operational complexity of deployment of Tor2web site https://github.com/globaleaks/Tor2web/issues/252
DonnchaC: added a comment on possible easy handling domain:onion mapping
rb33
question, when a tor browser update is released and it doesnt show up in tails, is that because tails uses a different version of the tor browser specifically for it? does it have different vulns or what?
otia
i think the entire distro would have to be updated first
rb33
anyone have any recommendations for an article or website to help get my head aroung PGP?
gamambel
rb33: this is off topic here, but maybe https://freedom.press/encryption-works for starters?
rb33
thanks gamambel
syndikal
is there a hidden service frontend for trac
gamambel
syndikal: no
syndikal
:(
         

gamambel
https://trac.torproject.org/projects/tor/ticket/13829
ncl
what's the point
gamambel
syndikal: torproject.org's certs are pinned in most browsers, so it's not that bad
syndikal
yeah i guess
it's always great to have a HS tho
gamambel
i agree. and eat your own dogfood and things. :)
i find it a bit embarrassing that torproject out of all things cannot manage to have hidden services up for their own stuff :(
syndikal
i think some core torproject people don't want to deal with hidden services in fear of publicity
negative publicity, that is, in regards to sr/cp/*
woossa
some ppl won't contribute to tor unless they can be anonymous
gamambel
syndikal: nah it's not that
there used to be official torproject hidden services
woossa: you can still do that
syndikal
mo: do you have any idea why we don't have multicore yet
gamambel
woossa: torproject.org including the bugtracker is reachable just fine via tor, and there's a shared login even for trac
syndikal: it's not an easy problem... https://trac.torproject.org/projects/tor/wiki/org/projects/Tor/MultithreadedCrypto
syndikal
yeah but trac spits out unsolvable captchas all the fu*king time
gamambel
the biggest problem is that there's too few core developers
(and too many areas that demand work)
syndikal
so what did the 85k from reddit go to? a PR person? lol
gamambel
syndikal: huh? i don't get any captchas on torproject trac
syndikal: 85k sounds like a lot, but a large org like tor burns that very quickly
also, how do you find good people? that's an even harder question than money
syndikal
edit doc/GoodBadISPs gives you captchas
gamambel
ah yeah the spam protection ones
they suck, i agree
Braindron
FIGHT FOR FREEDOM!
WWW.EXPOSINGCOMMUNISM.COM
woossa
so if i was gonna build a exit node to help out what country should it be in
zoltan
whatever country that's most convenient for you?
woossa
well ima use a vps so
         

syndikal
well, generally non-US locations are preferred
as we have a lot in the US, as well as germany and the netherlands
woossa
o ok
not non-us b/c of more monitoring
zoltan
so a non-EU and non-US country would be best for the network, but probably not the most convenient for you
syndikal
norway or hong kong would be great places
woossa
well i was gonna use btc for it so country dont matter as long as i can find a place
zoltan
norway is not de jure a part of EU, but de facto...
syndikal
regardless we need some more reliable exit nodes from NO
zoltan
more tor nodes in latin america would be great, but apparently bandwidth is expensive there
syndikal
i think the network has a total of like 15 nodes in Africa
zoltan
well, you also need to have something to plug the computer into...
syndikal
yeah that is an obstacle
zoltan
probably so for (many parts of) africa, yes
breanie
Any reason we arn't doing massive solar farming in Africa.
syndikal
i don't know
zoltan
but it should be possible to find a high speed internet conection in latin america...one would think
woossa
k so if i setup a node so i can use it for a bridge from school does that make my routes less secure
b/c my guard is always the same
syndikal
i don't believe so exactly
woossa
or does my tor use 4 hops all the time instead
syndikal
always 3 hops
unless you modify it. there is a decrease in security/anonymity if you use the bridge from the same network it is hosted on
teor
(except when it's 4 hops, due to repurposing of existing unused circuits)
zoltan
woossa: the point with a guard is that it stays the same
woossa
syndikal: unless i modify what
syndikal
unless you change tor's code and build it from that
which is useless and might hurt anonymity. it's not reccommended
woossa
well how do ppl in restricted countries do it
zoltan
woossa: they use bridges usually
woossa
zoltan: ok rite
so how do they stay anonymous if they have to use the same bridge all the time
zoltan
woossa: but since you (i guess) have a non-filtered internet connection at home you don't have to
woossa
zoltan: rite but i want to setup something for school too
zoltan
woossa: so run tor at home and tunnel it from school?
woossa
nah
i want to setup something faster n share it
zoltan
well, you could share a tor router you run from home
but the other way is bridges
woossa
hehe ok so
back to my question
if im always using the same bridge how do i keep full security
sounds like i need to hack my tor to use 4 hops
breanie
woossa: the bridge is just your first connection, there are x hops after that that keep you anon and secure. The only worry is whoever is inbetween you and the first bridge snooping traffic (isp, school)
cacahuatl
unlinkability, same as when you use the same small set of guards
zoltan
there, supposedly, is no security problem with that...provided the bridge isn't malicious
breanie
but the traffic between you and the bridge is encrypted of course
woossa
breanie: yah
breanie
Just trying to point out adding a 4th bridge doesnt help much, if anything makes things slower.
If you have the power to trace someone through 3 hops you can probably do it just as easily in 4.
syndikal
what about routing tor through tor
cacahuatl
Superflous and incredibly slow.
breanie
http://www.zoominfo.com/s/#!search/profile/person?personId=-1869748789&targetid=profile
ErikBjare
My node keeps crashing
Ran for >15 days fine, and now starts messing up.
https://globe.torproject.org/#/relay/64B96B2A660F0077A58A689DF808241D55914BF5
Here is the error log from yesterday: http://pastebin.com/khn6p3JR
cypherman
it is possible to setup a tor relay that wouldn't act as an exit node?
ErikBjare
cypherman: Yes, reject all ports
« prev 1 2 3 4 5 next »