tor weather subscription problem

     I just tried to sign up for the "tor weather" email service.  Clicking
on the subscribe button after entering the information requested in various
places earlier on the page yielded,

Forbidden (403)

CSRF verification failed. Request aborted.

You are seeing this message because this HTTPS site requires a 'Referer header' to be sent
by your web browser, but none was sent. This header is required for security reasons, to 
ensure that your browser is not being hijacked by third parties.

If you have configured your browser to disable 'Referer' headers, please re-enable them, at
least for this site, or for HTTPS connections, or for 'same-origin' requests.

More information is available with DEBUG=True.

                                  Scott Bennett, Comm. ASMELG, CFIAG
**********************************************************************
* Internet:       bennett at cs.niu.edu                              *
*--------------------------------------------------------------------*
* "A well regulated and disciplined militia, is at all times a good  *
* objection to the introduction of that bane of all free governments *
* -- a standing army."                                               *
*    -- Gov. John Hancock, New York Journal, 28 January 1790         *
**********************************************************************
***********************************************************************
To unsubscribe, send an e-mail to majordomo <at> torproject.org with
unsubscribe or-talk    in the body. http://archives.seul.org/or/talk/

IP address blocked on certain site

Using latest stable Vidalia / Tor bundle for Win (Vista x64).

Never really had this prob before installing latest ver, but could be 
coincidence.  When using Tor/ Torbutton, only one site gave message (to 
the effect) "the IP address you're using has been determined to be 
abusing this site ? / server ?.  Access denied."

Then it showed the full IP address.  I could never get that site to stop 
showing that same, blocked address, no matter what I did.
Tried closing the tab in Firefox.
Then tried closing Tor & Firefox, restarting.  Same msg from site, w/ 
same IP address shown.  Also, tried refreshing the Tor network, so all 
new nodes.  Made no diff.

After doing the above (& site still showing old IP address when I opened 
a new browser tab, then tried site again) I checked my ACTUAL current 
exit IP address by going to a Tor check site.  As I figured, it showed a 
diff IP address than the blocked site was still showing, at the very 
same time as I checked at Tor check site.
Somehow that old IP address was being stored somewhere, even though it 
was no longer the exit address being used in Tor network.  How / why did 
the site keep showing the old address after doing all those steps?

Is there an easier way to deal w/ this problem than the many steps I 
took?  Thanks.
***********************************************************************
To unsubscribe, send an e-mail to majordomo <at> torproject.org with
unsubscribe or-talk    in the body. http://archives.seul.org/or/talk/

Re: Sent e-mails going into spam folders.

On 2/7/2011 4:17 PM, Jon wrote:
>
> I don't have any problems generally. It depends on what is in the body
> of the email and what one's filters are.
> ***********************************************************************
> To unsubscribe, send an e-mail to majordomo <at> torproject.org with
> unsubscribe or-talk    in the body. http://archives.seul.org/or/talk/
>
No problems here.  Are or-talk messages you're SENDING or RECEIVING 
getting flagged?  Assuming ones received, just add or-talk <at> seul.org and 
or-talk <at> freehaven.net to your address book, or create filters to allow 
them through.  I created subfolders in Thunderbird, for sent or-talk 
msgs, & rec'd.  That way, there's not so many in main inbox.
***********************************************************************
To unsubscribe, send an e-mail to majordomo <at> torproject.org with
unsubscribe or-talk    in the body. http://archives.seul.org/or/talk/

Could not rotate onionkey

Sometime earlier this morning, in checking the logs, I notice that I
am suddenly getting the following error and warnings.:

error: Couldn't write generated onion key to :  c\********\secret_onion_key
warning: couldn't open c:\***********\secret_onion_key.tmp
warning: couldn't rotate onion key

any  ideas or is this a possible bug?
I am running the latest Tor v0.2.1.29

In trying to reboot, it appears that It has gotten corrupted:

Videlia would even start, showing the errors on startup:

warning: error creating directory c\*********\cached-status: No such
file or directory
warning: failed to parse/validate config: couldn't access/create
private data directory c:\**********\cached-status
error: reading config file failed

I am going to do a clean install and see what happens. The previous up
time was almost 10 days without any problems.
***********************************************************************
To unsubscribe, send an e-mail to majordomo <at> torproject.org with
unsubscribe or-talk    in the body. http://archives.seul.org/or/talk/

Scroogle and Tor

I've been fighting two different Tor users for a week. Each is
apparently having a good time trying to see how quickly they
can get results from Scroogle searches via Tor exit nodes.
The fastest I've seen is about two per second. Since Tor users
are only two percent of all Scroogle searches, I'm not adverse
to blocking all Tor exits for a while when all else fails.
These two Tor users were rotating their search terms, and one
also switched his user-agent once. You can see why I might be
tempted to throw my "block all Tor" switch on occasion --
sometimes there's no other way to convince the bad guy that
he's not going to succeed.

When a nonprofit such as the Tor Project or Scroogle offers a
public service, the script kiddies should have more respect.
I don't expect everyone to donate to Tor and Scroogle, but I
do expect that no one will steal time and effort from us.

By the way, my "block all Tor" options for my Scroogle servers
use an expanded definition of which IPs are Tor exit nodes.
I pull the blutmagie.de exit node list, or the torproject.org
exit node list (both port 80 and port 443) once per half hour,
alternating between the two sites.

One custom switch I use is a cumulative list from yesterday and
today, all in one list with duplicates purged. The other switch
I created is a moving cumulative list from today plus the
previous six days.

Why do I do this? Well, Tor's DNSEL using "dig" is too much
overhead, compared to searching a sorted list on my servers.

Re: Scroogle and Tor

> Gregory Maxwell wrote:
>
> As far as performance goes, you can download a list of nodes which can
> reach a particular address at
> https://check.torproject.org/cgi-bin/TorBulkExitList.py?ip=1.2.3.4
> but, these results have the same problem with omitted nodes that I
> mentioned.

That's the torproject.org bulk list I've been using, alternating with
the blutmagie.de list. When I download the torproject.org list I ask
for exit nodes that can reach one of my servers. I alternate between
asking for port 443 and port 80 on that server.

> Someone else emailed me directly:
>
> Seems like you could get a lot smarter about this and block successive
> queries from the same IP that happen less than a few seconds from each
> other.

Difficult, because blutmagie.de and another high-traffic site account for
about 20 percent of my total Tor requests. I have to exempt them from some
of my screening if there's a chance of false positives. I'm already doing
something like what you suggest, after exempting these two sites. It's
normally turned off, but I try this first when I have a problem. I try
other things too before blocking all exit nodes.

Another problem is that search-engine use presents a special challenge.
Often legitimate searchers fire off a few searches in quick succession.
The input box is right there, and they may modify it just slightly and
fire off another search.

Re: Scroogle and Tor

Some have wondered why anyone would want to abuse Scroogle
using Tor. Apart from some malicious types that may be
doing it for their own amusement, it looks to me like they
are trying to datamine Google -- arguably the largest,
most diverse database on the planet.

If you can manage to run a script 24/7 that datamines
Google, you can monetize your results. Search engine
optimizers would like to be able to do this. So would
various directory builders.

Doing it by scraping google.com directly is not easy.
Scroogle provides 100 links of organic results per
request, with less than one-half the byte-bloat that
Google delivers for the same links and snippets. It is
also much easier to parse Scroogle's simple output page
than it is to parse Google's output page.

I spend a couple hours per day blocking abusers. A huge
amount of this is done through a couple dozen monitoring
programs I've written, but for the most part these
programs provide candidates for blocking only, and
my wetware is needed to make the final determination.

My efforts to counter abuse occasionally cause some
programmers to consider using Tor to get Scroogle's
results. About a year ago I began requiring any and all
Tor searches at Scroogle to use SSL. Using SSL is always
a good idea, but the main reason I did this is that the
SSL requirement discouraged script writers who didn't

Balancing?

With the latest TOR version and the increased in nodes, with the new
balancing in the new version, does it mean that it would be possible
that the volume load would have been decrease from what it was on some
of the nodes?

Maybe a better explanation I am trying to ask is before the updated
version, the amt of band usage was a lot higher than it is now. I
suspect with the more nodes we have n ow that might explain some of us
not being used like we were, but does the new balancing be making that
adjustment also by distributing the users thru out the nodes better?.

Hopefully that explains it better what I am trying to ask.

Jon
***********************************************************************
To unsubscribe, send an e-mail to majordomo <at> torproject.org with
unsubscribe or-talk    in the body. http://archives.seul.org/or/talk/

Where is vidalia config file?.MacOSX.