logs archiveIRC Archive / Oftc / #tor / 2015 / August / 3 / 1
Guest308
q3wdfg
eightyeight
?
qiana
could anyone says about how they got the servers of SR in tor??
ross..
mrphs99_
I'm afraid no one can help you here
arma
qiana: you mean the original silk road? there are many versions of the story, but all of them involve the silk road dude fu*king up
kernelcorn
arma: I think the topic was sufficiently covered in #nottor
velope
... sufficiently covered the first 100 times it was discussed
kernelcorn
again and again, same speculation
Guest308
maybe it had been discussed 100 times but how does that matter if some haven't heard the discussion?
         

velope
because the discussion is boring and inconclusive
wardial
that the results of these discussions are most likely now to be found on the project's blog, or elsewhere
velope
except to say that, despite what news articles tend to say, it did not involve "breaking tor"
Guest308
i think that was just meant to scare people out of using tor
qiana
SR -> https://en.wikipedia.org/wiki/Mark_Karpel%C3%A8s
cacahuatl
keep that kind of discussion to #nottor, please
qiana
sorry
wrong tab
pickorickolickosticko
Hello guys! How are you? This is my first time on IRC. Can anyone read my stuff?
kernelcorn
yes, hello
pickorickolickosticko
hi! the reason I came to this channel is the following : I want to host a tor bridge. I am thinking about using a good VPS. Are there any suggestions?
gamambel
pickorickolickosticko: cool. you might want to pick one that is less popular than others for higher diversity. other than that, any VPS will work.
and with irc, bring patience. sometimes it takes a full day or so until someone replies to your questions. don't make the often-seen mistake of disconnecting to quickly
kernelcorn
I would recommend that you set up an obfs4 bridge
yes, it's really annoying when you try to answer a question, only to find that the user left a minute after asking
pickorickolickosticko
I know, I was even planning on leaving my pc on to wait for the replies.
The thing is, what should I consider whilst picking the VPS
looking
people expect instant answears these days.
kernelcorn
usually questions are addressed within a few minutes anyway, but sometimes longer
looking
the facebook generation, see
pickorickolickosticko
what are the requirements and what are the VPS providers who are known to respect their customers privacy
looking
very few. and those who say they do, lie. ;)
whitanne_
just buy ur own server and put it in ur closet
looking
yeah. i would suggest you get a rasberry PI
the cool thing with those, you can hook them up any where ;)
         

whitanne_
any place ;-)
looking
any time ;)
pickorickolickosticko
many people are talking about rasberry PI and I have no clue what they are. I am to check now
qiana
run anywhere..?
kernelcorn
Beaglebone Black if you want a bit more power ;)
whitanne_
^^^^
kernelcorn
they are tiny computers, basically
it's a computer about a centimeter tall and the size of your hand
looking
creditcard sized computer
kernelcorn
using a Pi or a BBB on your own network is a decent idea if your ISP allows server or connections from the outside
gamambel
i would go for a VPS on proper line. it's hard to get raspPis into a datacenter, and they're unlikely to make a lot of throughput
a bridge at home is not as useful as a bridge in a datacenter
pickorickolickosticko: you don't need a special "privacy-friendly" ISP for a bridge
kernelcorn
^
gamambel
lowendbox.com is not a bad site to hunt cheap VPS
what you need is at least 256M RAM. i'd go with 512.
and bandwidth.
pickorickolickosticko
excellent
thanks for your advice
so I don't need much ram etc right?
looking
why do you want to run a bridge?
gamambel
i think you can get it to work with 256, but i'd go with 512 to be safe
kernelcorn
a Beaglebone has 512 MB of RAM, just saying
pickorickolickosticko
I want to host it to contribute to the network, plus to let me connect too more privately. Is the idea that if I would connect through my own bridge more 'secure' in terms of monitoring?
absurd*
kernelcorn
that seems like a fine thing to do
gamambel
pickorickolickosticko: hmm it depends on what you mean by 'more secure' (compared to what?).
kernelcorn
make sure to set the ORPort of the bridge to 443, as some places have restrictive firewalls that only let certain ports through
pickorickolickosticko
if someone else had a bridge. could he monitor the traffic?
kernelcorn
no, it's encrypted
pickorickolickosticko
even the IPs?
cacahuatl
Also, if a concern is targeted surveillance then being your own bridge might not be a great plan
kernelcorn
the bridge acts as the first hop in the Tor circuit, which is never exposed to user traffic
the bridge knows user IP addresses, but that's about it
gamambel
it's not a totally stupid idea to use your own bridge, but like most things in life it's a tradeoff
cacahuatl
Yes
looking
i think in your case, just running tails would suffice.
pickorickolickosticko
well that's my concern. others knowing my IP. so 'building' a bridge, using a VPS that i rent, isn't a great idea?
kernelcorn
gamambel and cacahuatl, isn't using his own bridge better than using Tor normally?
see that's why I think using your own bridge is a good idea. It exposes your IP to a VPS that already knows you, rather than to someone else.
pickorickolickosticko
my other problem is, if I am not a security expert, which I am not, how do I secure my bridge?
cacahuatl
It can be, it's a trade-off. If you run your own bridge then if someone is like "spy on Bob" then their warrant might cover Bob and all Bob's servers
kernelcorn
ah
cacahuatl
So if they're targeting you then the provider might be legally obliged to assist LE
pickorickolickosticko
but how will they know 100% it is mine?
looking
by reading documentation and learning about TCP/IP and programming. :)
kernelcorn
pickorickolickosticko: a big part of that is the firewall and locking down external access to only essential ports. I would recommend that you install the UFW firewall with "sudo apt-get install ufw" and then look at its manpage.
ufw allow in port 443 proto tcp
ufw enable
cacahuatl
That's very hard and you can't ever know 100%, which is why Tor is designed to require as little trust in any one single node.
*as possible
looking
im excited about this new HORNET network
cacahuatl
There is no HORNET network, not a single line of code, it's an academic paper
pickorickolickosticko
that sounds cool. hopefully it will be good
pff
looking
really? i thought the paper was based on POC
pickorickolickosticko
cacahuatl, would make any sense to operate the bridge, only when I want to use it?
cacahuatl
I'd be concerned about being the only user of it. Bridges are for by-passing censorship, primarily. If you can connect to Tor without them, you won't gain much of an advantage by using them.
looking
thought you wanted to contribute/
if you just want anonmity when you need it. just fire up a tail session.
pickorickolickosticko
well now that I know the requirements, it is very cheap so why not build a few
i want to. I am just trying to understand how things work
looking
well, you would find that reading the documentation would be of great help
and then you could also go ahead and read a bit more about how TCP/IP works. at least the basics.
and dont forget coffee. lots and lots of coffee.
« prev 1 2 3 4 5 next »