apt-get over tor

What are the dangers of using apt-get over Tor?

 Is privoxy + Tor the safest way to go? What attacks are possible? Any idea if there a way to setup a iptables
firewall to prevent leaks? I don't think it currently leaks although should there be a risk introduced in
the future a firewall that could protect against it would be ideal I think.

/etc/apt/apt.conf Acquire::http::Proxy "http://127.0.0.1:8118/"; 
What about curl?

 Any idea how to do this with curl?

 Or proxychains?

 http://www.switchroot.com/how-to-run-apt-get-wget-whois-etc-via-socks-proxy-using-proxychains
_______________________________________________
tor-talk mailing list
tor-talk <at> lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

Torbutton-birdy version 0.0.2

Hi,

I'm pleased to say that Sukhbir, tanaq, and I are making progress on
Torbutton-birdy, the Torbutton like plugin for Thunderbird. Today marks
the second release with two important fixes:

  the auto-configuration wizard leaks, so we disabled it
  the timezone is now UTC and does not leak your actual timezone

You may download the xpi here:
https://github.com/downloads/ioerror/torbutton-birdy/torbutton-birdy.xpi

We had around 57 downloads for our first release, we'd love to see that
many users upgrade and send us feedback. We're really looking for
informational leaks but the most important kinds of leaks are proxy
bypass or other kinds of seriously harmful bugs.

Here is our long running open bug about reviewing torbutton-birdy:
https://trac.torproject.org/projects/tor/ticket/5797

All the best,
Jacob
_______________________________________________
tor-talk mailing list
tor-talk <at> lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

anonymity: bridge users vs. entry guard users

If I understand correctly, a bridge will be used as the first of three hops.

While users in non-censored areas can will use a certain amount of entry guards, users in censored areas get
only three bridges per mail.

The entry guard users are more unlikely to suffer from unstable (goes offline) entry guards and blocking is
also no issue. I read, that 80% of all bridges are blocked. Therefore I think it's safe to assume that 2 of 3
bridges, bridgedb gives out to users, are already blocked. And over time probable also that bridge will
get blocked and the user has to request new bridges.

That means, that bridge users rotate their first hops more often than entry guard users. Is that true?

If that is true, that also means, that bridge users are sufficiently more vulnerable to attacks, which are
circumvented by entry guards?

______________________________________________________
powered by Secure-Mail.biz - anonymous and secure e-mail accounts.

_______________________________________________
tor-talk mailing list
tor-talk <at> lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

Python upgrade breaks 'random' in ARM..

Hi Damian et al.

I'm running Tor-0.2.3.15.alpha on FreeBSD 9.0, all fine..
However, I upgraded Python26 to version 2.6.8 (= up-to-date with port) & it
breaks ARM..

=> File "/usr/share/arm/starter.py" line 18 in <module>
import cli.controller
=> File "/usr/share/arm/cli/controller.py" line 11 in <module>
import cli.menu.menu
=> File "/usr/share/arm/cli/menu/menu.py" line 10 in <module>
import cli.menu.actions
=> File "/usr/share/arm/cli/menu/actions.py" line 8 in <module>
import cli.wizzard
=> File "/usr/share/arm/cli/wizzard.py" line 9 in <module>
import random
=> File "/usr/local/lib/python2.6/random.py" line 47 in <module>
from os import urandom as _urandom

=> ImportError: cannot import name urandom

Would you know a way around this because I'm not familiar with Python at
all..
Any suggestions would be much appreciated..

Regards,
E.

PS. Running ARM from the executable comes down to the same problem..
_______________________________________________

No Ident response on IRC when using Tor

I used to be able to (mis)use the TorBrowserBundle's Tor to connect to
OFTC with PChat (Xchat fork). Note: I don't use the hidden-service.

It's some time since I visited the IRC channels, I don't know which TBB
worked.

It fails with "tor-browser-2.2.35-12_en-US" and with
"tor-browser-2.2.35-7.1_en-US". I also tried 0.2.3.15 alpha.

I always get:
* Connected. Now logging in...
* *** Looking up your hostname...
* *** Checking Ident
* *** No Ident response
* *** Found your hostname

That's not related to OFTC, since I get "No Ident response" on other IRC
services as well. Some even let me in.

OFTC however does not:
* Closing Link: [any exit name] (No more connections permitted from your
host)
* Disconnected (Remote host closed socket).

I got and tried different exits as well.

Without Tor (any proxy) I can connect and get an Ident response.
Therefor I guess it is not the firewall.

I'm on Windows 7 (64bit) and PChat has not changed since I was able to

HttpProxy and Squid

Helli,

What is the HttpProxy configuration directive for in torrc?

What if I am an exit relay and I have:

HttpProxy 127.0.0.1:3128

(a Squid proxy running locally) -- Do outgoing connections process through
Squid then?
_______________________________________________
tor-talk mailing list
tor-talk <at> lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

(no subject)

_______________________________________________
tor-talk mailing list
tor-talk <at> lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

unscribe

unscribe
_______________________________________________
tor-talk mailing list
tor-talk <at> lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

"*.onion" performance tru "onion.to"

I am thinking about deploying a few "*.onion" services, and I am
getting a quite surprising result: accessing the services from the
open web via "onion.to" proxy is *FAR* faster that going TOR native.

What am I doing wrong?.

Example of accessing "burninetliliito5.onion"

Via "onion.to" proxy service: 3.44 seconds.
Via TOR native: 9.21 seconds.

--

-- 
Jesus Cea Avion                         _/_/      _/_/_/        _/_/_/
jcea <at> jcea.es - http://www.jcea.es/     _/_/    _/_/  _/_/    _/_/  _/_/
jabber / xmpp:jcea <at> jabber.org         _/_/    _/_/          _/_/_/_/_/
.                              _/_/  _/_/    _/_/          _/_/  _/_/
"Things are not so easy"      _/_/  _/_/    _/_/  _/_/    _/_/  _/_/
"My name is Dump, Core Dump"   _/_/_/        _/_/_/      _/_/  _/_/
"El amor es poner tu felicidad en la felicidad de otro" - Leibniz

Website auto login <if anonimous>

Tor crew,

I am having this idea:

A user visits a site wants to log in, but to have an account you are
NOT anonimous anymore..

What about a auto login if user is anonimous..

I realise it might be one hell of a task to do such a thing

Some kind of button, or plugin for browser and website CMS (like
wordpress typo3  drupal joomla etc.)

Can it be done to block everyone who is not anonimised but give true
anonimous connects FULL access to a site.

I already mailed with someone of the tor team and I gained some
insight on the matter and i hope my idea is formulated in the best
basic manner of the task i have in mind.

M.
_______________________________________________
tor-talk mailing list
tor-talk <at> lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

Tor relay denial of service

Hello,

I found a strange behavior in Tor relays that allow me to make a remote Tor
relay crash or at least have a 100 % CPU usage.
It crashes only if it is possible to send more data than RAM (and swap) can
store in 300 s (5 minutes) to the relay.

I attach a proof of concept.

HardKor

_______________________________________________
tor-talk mailing list
tor-talk <at> lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk