logs archiveIRC Archive / Oftc / #tor / 2015 / August / 14 / 1
kurey
what does obfs4 mean
mrphs
it's a type of pluggable transport
kurey
nd pluggable transport is?
mrphs
a censorship circumvention technology
kurey
oh okey.
mrphs
https://www.torproject.org/docs/pluggable-transports.html.en
kurey
so it is all about you -------------------- entry (guard) node. With pluggable transport ISP will see innocent traffic.
_aeris_
hello !
kurey
welcome
         

_aeris_
why tor change group permission on all it files ?
even if I chmod g+rX on tor directory and state file (for having access to bandwidth preloading on arm), all restore to u=rX,og=0 after some times :'(
kurey
This is when technology starts thinking itself.
therron1
are there some circumstances where a tor circuit would have 2 middle nodes?
TvdW
sure, HS connections
therron1
oh thats right. Thanks
mrphs
therron1: no
TvdW: that's 2 different circuits with a RP
TvdW
meh, fair enough
DotExit traffic then
:D
therron1
mrphs: I am lookint at Arm, it shows what appear to be several circuits and identifies which is entry,middle or guard. A couple of the circuits have two middle nodes
TvdW
do directory connections count?
I mean, I suppose they're not really middle nodes if they're at the edge, but whatever
meejah
therron1: you mean, there are 4 hops? or the exit is shown as a "middle" node?
therron1
meejah: to me it looks like 4 hops. it shows Entry, Middle, Middle, Exit
The rest of the circuits are Entry,Middle,Exit
meejah
IIRC, some circuits are 4 hops now?
therron1
Yes. Btw I do happen to be downloading from a hidden service
mrphs
someone could manipulate their tor to do 4 hops
but that's crazy
therron1
I have not adjusted anything that I know of
meejah
i can't recall if arm shows the purpose, but if so it should be HS_REND or similar?
(if it's for a hidden-service connection)
mrphs
to me it's more likely that it's a bug in arm
therron1
I will take a look
I don't see purpose listed. I am using Whonix btw, maybe that is the reason
wgreenhouse
arm's circuit viewing does have some known bugs btw
olina
BECOME A SOLDIER OF TRUTH!!! WWW.EXPOSINGCOMMUNISM.COM
         

marcusw
what year is it?
therron1
Ok. Once these downloads are done, i will take another look and then just watch Arm for awhile to see what it does.
kurey
Can I basically think of using Tor this way? You connect to Tor means you established connection between your computer and entry node. Every time you want to access, lets say login on website, it then sends (how? encrypted, yet still 'clearnet' traffic?) request to the entry node and it routes the traffic through nodes and finishes on exit node. Data is sent to the server and you are logged in. So the route goes backwards to the entry node from
therron1
2015
is there a better alternative to Tor Arm?
kurey
Tor Leg
wgreenhouse
therron1: not really atm. there are some different alternatives, but probably less mature and more broken
therron1
ok
wgreenhouse
arm is in the midst of a big rewrite right now, which you can check out in the "nyx" repo at gitweb.torproject.org
but there's not a stable release of that code yet
therron1
great glad they are working on it
wgreenhouse
therron1: mostly just atagar; if you're interested in python and writing tor controller code in python you might be able to help with open bugs, though :)
therron1: that is, it is mostly just atagar and not a big "they" :)
therron1
wgreenhouse: Well thanks to atagar. If he/she wants a noob with non existent/lousy programming skills to help out they can feel free to pm me heh
wgreenhouse
kurey: the website FAQ pages and infographics cover this more clearly, but in short: client assembles a "circuit" consisting of guard middle and exit (these days, guard is reused for many weeks to avoid guard rotation attacks); the data is gathered from the tor directory "consensus" data but it is the client that chooses its own path (so directory servers can't command or easily predict this). client sends a message containing three
layers of encryption, addressed to each relay in the circuit. guard is able to decrypt the first layer, and reads its instructions to send the remainder of the cell to the middle relay revealed there. then middle decrypts its layer, which tells it to forward the rest to the exit. then exit decrypts its layer, resolves the hostname requested using its own configured DNS, and opens a TCP connection to that host (approximately).
kurey: then that circuit is held open until either 10 minutes have passed or the tor client has explicitly closed it
kurey: this way the exit has no knowledge of the guard (it didn't get to see that part of the message) and the guard has no knowledge of the exit.
kurey: also the story is different and a bit more complicated for hidden services
kurey
wgreenhouse: wow. didn't expect any answer at all. thanks!
meejah
therron1: if you're inclined, you could try "carml" too (carml monitor) to see realtime "what tor is doing" ...
wgreenhouse
kurey: my answer is deficient in many specifics, there's a git repo full of specs to see what actually happens, but it's a first-order approximation of reality :-)
meejah
http://carml.readthedocs.org
kurey
wgreenhouse: of course, understand.
wgreenhouse
meejah: I like carml myself, but I wasn't sure you actually wanted users for it yet, because you still call it 0.0.0 ;-)
meejah
(if there are differences between that and arm, one of the two has a bug ;) )
wgreenhouse: yeah, I guess I should change that ;)
(and thanks :) )
i still kind of see it as "experts-mostly" i guess?
but, if you think it's useful for a slightly-wider audience, i'll upgrade the version and link it a bit more...? My biggest concern is the lack of auditing on "carml downloadbundle" :/
kurey
With Tor hidden service, is it basically more anonymous or safer beacause traffic never leaves Tor network?
meejah
kurey: the urls are self-authenticating, too. and yes, traffic never leaves the network.
wgreenhouse
meejah: I'd concentrate your warning lights on that; I think "carml pastebin" and "carml monitor" are great, though, and "carml newid" is great for being able to newnym from a shell alias, which isn't possible with arm
meejah
(although, it's possible that a HS operator configures things such that traffic leaves the tor-termination box ...)
kurey
meejah: But otherwise it works the same? That means you - entry node - mid node - HS?
wgreenhouse
kurey: "self-authenticating" in that they're derived from a public/private key pair that sits on the tor of the machine serving the hidden service. but yes, as meejah says, beware that the content of the HS could forward stuff to a clearnet site (cf., for example, an .onion that used some clearnet-hosted copy of jquery or something)
meejah
wgreenhouse: when i get "carml pastebin" working with "carml copybin" and stealth-services correctly I'll consider it "suitable for wider consumption".
:)
wgreenhouse
meejah: yeah, that'd make it a pretty viable alternative to onionshare &c.
meejah
no, it's entry -> middle -> revenvous -> middle -> hs-guard or thereabouts
pastebin does work with stealth-auth stuff, sort of, but it needs more testing and a bit of attention.
therron1
meejah: Thanks I might do that
kurey
no matter anything, I am completely blown away by your answers guys. Thanks a lot. Will leave it like that. Lot of information is obviously already there. So do not want to bother you.
meejah
(hmm, shouldn't it be 6 hops for a HS circuit?)
gyro
Hello everyone. I've been experiencing downloading problems using the tor browswer. It seems like when I go to download a file about about few MBs the download will cut out and tor will call it complete. Is anyone else experiencing this problem? I emailed the tor help desk about a week ago and haven't received any response. I'm using a Mac.
Any torified download managers for Mac?
cacahuatl
curl? :P
wgreenhouse
kurey: https://www.torproject.org/docs/hidden-services.html.en has a good infographic for hidden services
meejah
ah, right i guess my picture shoud be: client-guard -> middle -> rendevous -> rendevous -> middle -> HS-guard
wgreenhouse
gyro: are you using any antivirus/antimalware/firewall type stuff on your Mac that could be declaring tor browser malware and cutting off its connection?
meejah
(it is odd that it considers the download finished, not aborted...)
cacahuatl
the client picks the RP and the HS builds a full circuit then contacts the RP from there
(since the client picked it, it wants a full circuit of it's own choosing)
gyro
no antivirus/antimalware/or firewall that I know of
I'll go to download a 50MB file. After like 7MBs it cuts off the download and calls it complete instead of failed
therron1
odd
gyro
tried with and without vpn, get same result
wgreenhouse
gyro: does it matter which exit you use? (in other words, does "new identity" help?)
gyro
doesn't matter on the exit. I have tried the new identify and got same result
my next move might be to use tails
cacahuatl
Is it downloading over a weird port number?
gyro
not sure how to check that? What is considered a weird port number?
« prev 1 2 3 4 5 6 7 8 9 next »