free blog   apache   shopping directory   php powered
donovanquestion: how can i increse  browsing site  when im using tor  ?
donovananyone ? , thanx
donovan..incresing  browsing speed at maximum
darrobdonovan: consider using polipo and/or squid. maybe even a dns caching proxy though i haven't looked into that myself.
frodoJust started using Tor.  I'm in the US.  When I go to www.google.com I get the russian page www.google.ru.  Is this normal when using Tor?  I guess this is because google is getting a Russia IP address from the last server that my request went through?  
darrobfrodo: correct
murbfrodo: go to http://www.google.com/ncr
frodoThanks guys.  I tried http://www.google.com/ncr and that brought up the English page.
dr|z3dfrodo: add your own language search via mycroft, or specify google.us or google.co.nz. or google.co.uk for English results.
dr|z3dhttp://mycroft.mozdev.org .. you might also consider adding https://ssl.scroogle.org to your Firefox quicksearch bar, assuming you're using Firefox..
frododr|z3d: Good ideas.  Thanks.
dr|z3dfrodo: No worries. Also you might like to browse to about:config in Firefox, filter for keyword, and then amend the url you'll see there.
frodoAnother question... With Tor your http requests gets bounced around to different To servers to make who is the origial sender.  I see from the Tor site that anyone can sign up to be a Tor server.  Does this not mean that someone with bad intentions could sign up to be a Tor server, capture all of the packets I am sending and then extract personal information from them?  For instance if I'm doing on-line banking of shopping.  I guess in those
frodo case the packets would be encrypted but what about when the packets are not encyrpted.  Am I right about this or am I missing somehting?
katmagicYou're absolutely right.
dr|z3dfrodo: Exactly right.
katmagicThat's an inherent flaw in the Tor design.
dr|z3dThe exit server is the weakest link.
katmagicOr in the design of the Internet in general, actually.
dr|z3dFor best results, ensure all traffic that passes over Tor is encrypted.
katmagicYour ISP can do that to you when you're not using Tor.
katmagicOr any of the servers in between.
katmagicTry running a traceroute. It's scary.
rudi_sfrodo: And make sure you verify SSL certificates to prevent Man-In-The-Middle attacks.
katmagichttps://addons.mozilla.org/en-US/firefox/addon/6415
katmagic^ That's a pretty cool add-on.
phoboscert patrol is neat
phobospetname used to do something similar
phobosbut then stopped tracking changes to certs
katmagicI wish there was an option to disable the pop-ups the first time you see a site, though.
mikeperrydoes cert patrol do anything other than be annoying?
mikeperryI've been running it for a while
mikeperryI still don't understand what it actually does
mikeperryother than make me click OK sometimes to a big bunch of text
phobosit simply records the cert fingerprint
phobosso you can get a warning if the cert doesn't match in the future
phobosotherwise, no, it does nothing else
mikeperrydoes it ever tell you if it has actually changed? or is it still the same big bunch of text?
mikeperryor perhaps a very similar big bunch of text that I've already clicked OK to after being owned without realizing it :)
katmagicIt tells you if a certificate's changed.
katmagicThe big bunch of text at the beginning is the annoying first show.
mikeperrytell me the warning looks significantly differnet
katmagicI've never had a certificate change, though, so I don't know what happens.
mikeperryif its a also a big grey window, its a pretty useless addon
mikeperryway too much warning fatigue
phobosthis is why i remove all CAs
mikeperryno preferences for it either
katmagicYeah, that's really annoying.
phobosnope
mikeperryyep, the warning looks almost exactly the same as the new cert window, which you can't seem to disable
phobosand you can't see what it has stored
katmagicReally? That's vexing.
phobosnor can you stop it from saving a cert
mikeperrywhen is this certlock thingy coming out?
mikeperrythat sounds like it could actually be useful
phobosand i'd like it so say "this same cert was used on domains x, y, z"
mikeperryor is it just a reasearch paper, and forever so it will remain just to pad someone's CV
phobosi wonder if you could enumerate this domains cert patrol has saved and get a browsing history
phoboss/this/the/
phobosi'm sure it's in someone's CV for a good decade
mikeperryyou can do that with normal SSL certs
mikeperrythere actually is some torbutton code written to try to isolate the SSL cert stores between tor states. but the firefox apis for interacting with the cert store are super buggy and prone to crash bugs
phobossweet
mikeperryand other weirdness with client certs
phobosfail, extremely, and brittle
mikeperryI should reinvestigate them in a recent FF release
katmagicI suppose I'm going to uninstall CertPatrol, then.
phobosi worry about the enumeration attack for not using CAs too
katmagicSomeone should become a Tor liaison to Firefox.
phobosi'm sure i have a unique set of certs saved
phoboswhich would leave a fine fingerprint
phoboswe have two people who know firefox people well
phobosit's firefox that doesn't seem to care so much
phobosor, doesn't prioritize what we do
mikeperryhrmm Soghoian did certlock. he is pretty good at releasing code, at least. maybe he's just busy..
phobosclearly we need to just exploit ff, do a defcon/blackhat talk, and then wait for the fix
phobosi'm sure he's busy taking on the entire ad industry
phobosabusing his ftc powers
phobos"have a taco, punks"
nsaor: phobos committed revision 22170 (/torbrowser/trunk): update tbb todo to current state.
Hamragreetings everyone. my tor setup is set to intercept packets transparently. is there anyway i can filter out torrent data out?
Sebastianyour firewall might have a way to filter data by application
Hamrathe most plausible idea was using --cmd-owner in iptables to filter ktorrent packets, but alas, ubuntu doesn't support it
katmagicYou could use a different user account for torrenting.
Hamrayeah, i thought of that. iptables becomes a piece of cake, but will mean chowning soe directories, and an edit to sudoers to avoid having to type a password everytime. i think this would be the simplest way so far
Hamratorrent is all TCP, right?
katmagicUse gksudo.
katmagic(if you're having X problems.)
katmagicSome torrents use UDP.
dr|z3dTorrent is mostly TCP, but there is some UDP support as well.
katmagicEspecially for trackers.
Action: dr|z3d stops being an echo and leaves katmagic to it.
katmagicThey sometimes have udp:// URLs.
katmagiclol
Hamraas long as it has an http tracker this shouldn'r be a problem, almost all do.
katmagicBut you want the torrents to _not_ go over Tor, right?
Hamrayeah
Hamraeverything goes through tor now, i want torrent data to go directly, with the exception of the tracker bit, which can be easily configured in ktorrent's settings itself
katmagicYes. So the answer is to run it as a different user.
katmagicI do not believe you can filter traffic by the process's binary's location. I might be wrong, though.
Hamrathere is a parameter called --cmd-owner for ptables, but it needs to be compiled in the kernel. it was removed from mainstream kernel a while ago, and most distros dont use it anymore
katmagicWell, cool.
katmagicThen start using Gentoo, I guess.
Hamralol, nah
Hamramy peers disappeared from the tor network map, and i can see them in iftop, everything working fine :D
dr|z3dVidalia's just not managed to connect to Tor properly, then..
dr|z3dMaybe Tor's running as a service?
Hamrano no, that's the intended response. i *want* them to disappear from the network map, i dont want my torrents running through tor
katmagicI think Hamra means the BitTorrent peers.
dr|z3dAh, my bad. As you were.
Hamraand my tor is running in a chroot jail. vidalia cant start it, but if set to not try and start tor, it can connect it, but cant modify its settings. vidalia should include an option for blindly connecting to tor, without access to its files
Hamraktor can do it, but IMHO it's not as useful and friendly as vidalia
dr|z3dIs that distinct from TorK?
Hamraoops, i meant torK :P not sure why ktor came to my mind
dr|z3dAh, thought you might have meant TorK :) Well, for some things, I find TorK actually streets ahead of Vidalia.. connection monitoring, automatic application proxying to name but two.
figaroanyone have a URL (non tor) list somewhere on the internet of IRC based networks, and or web based IRC networks who do not block tor as policy?
dr|z3dNot afaik, figaro, no.
dr|z3dIf there's a list out there, likely google knows it.
dr|z3dSee ya!
dr|z3d(Don't rush back)
ln5looks like one of my relays got thrown out of the consensus at midnight (GMT).  the tor process seems happy enough.  anybody else seeing the same?
armaa couple of people have been reporting something similar lately
armano clue what it might be.
armamy first guess is that it tried to publish a new descriptor, but it didn't get the descriptor to enough authorities, so not enough people voted Running
ln5arma: hmm, anything i can do in helping debugging it?
armanickname?
ln5maatuska
armayep. i see four votes for it
armaonly three of them vote Running
arma(ides doesn't like you)
armai think my diagnosis is right
armawe screwed up the network by ditching the v2 directory system too early
armai have a patch in my git, but it doesn't quite work right
arma"restart your relay" is my only suggestion for now.
armaor wait 16 hours and it'll publish again
ln5it's been restarted, we'll see what happens
ln5thanks
ln5why would ides not like it btw?
armano idea
katmagichttp://arxiv.org/abs/1004.1267v1
TJhow and where can i have 0.9.8n?
TJopenssl
katmagichttp://openssl.org/source/openssl-0.9.8n.tar.gz
TJis there an rpm ready for this? im a noob
katmagic(1.0.0 is the latest stable version, though.)
katmagichttp://www.openssl.org/support/faq.html#MISC4
katmagicI'd suggest searching for OpenSSLl in your package manager or compiling it from source. (It's quite easy, though you won't get automatic upgrades.)
TJthe thing is disto dont have that version and im particularly need it to have my node work
RunaTJ: what if you downgrade? (not very pretty, but it might be a solution)
TJi did for several times. here's the thing downgrade or upgrade it works initially but as soon as i restart tor. it goes back to the same problem
katmagicDoes Tor require 0.9.8n?
TJi wondering if those centos nodes owners have no problem after retarting :(
TJsomeone claimed that 0.9.8n fixed his problem so im freaking find a way to have that but it'snot  included in my distro update (
katmagicTor builds just fine without it.
katmagichttp://www.linuxquestions.org/linux/answers/Applications_GUI_Multimedia/Compiling_Programs_from_Source
katmagicUse the link I provided before and that if you really feel you need the new version.
katmagic(Actually, you should probably use 1.0.0.)
TJso i have to compile to have such version?
katmagicAs far as I know, no pre-made RPMs of 1.0.0 exist. If you can find one, cool. If not, then you either need to get someone to make an RPM for you or compile it yourself.
katmagicIt's really just three commands. `./configure; make; sudo make install`.
katmagicOr `./configure; make; su` then `make install`, depending on whether or not your distribution uses sudo.
TJoh.ok.i will try it now
katmagic(Yes, it is supposed to make that big mess on your screen.)
katmagicI'm not sure how well this will coexist with your vendor-supplied version, though.
katmagicYou may have to compile Tor relinked with the new location, too.
katmagicYou should ask someone who knows about Red Hat.
katmagic(I don't think this is going to help, either.)
Dragon_Eroshello
katmagicHi.
Dragon_Eroshow do I connect to a TOR version of Firefox?
katmagicYou can access the Internet over Tor with Firefox by using TorButton, which should be included in the Tor Browser Bundle or can be found at https://www.torproject.org/torbutton/ .
Dragon_ErosI d/l the Vadalia bundle....I do not see a "Tor Button"
katmagicDid you restart Firefox?
Dragon_ErosI am on the tor button page now...........gimme a sec plz
Dragon_Erosdoes it matter if I install from tor sire or mozella site?
katmagicYes. Apparently the version at addons.mozilla.org will no longer automatically update.
Dragon_Erossee..........I always thought that when I started Tor it would open a new Firefox browser.....but it never does
katmagicNo. You toggle TorButton to switch the browser.
katmagic(The rationale for discontinuing auto-updates is at https://blog.torproject.org/blog/torbutton-release-125-google-captchas-and-addonsmozillaorg .)
Dragon_Erosit says it can not instal
katmagicWhy?
Dragon_ErosInvalid file hash
katmagic*Very* interesting. Do you mind if I ask who your ISP is?
Dragon_ErosI am on a SSL Server
Dragon_ErosI think
Dragon_Eroseverything to and from My PC is run through a tunnel
katmagicYou restarted Firefox after installing the bundle, right?
Dragon_Erosyes..........I installed the bundle months ago
katmagicIt looks like TorButton goes over clear text even if you're accessing the HTTPS version of the web site.
katmagicSo your ISP would be able to tamper with the file.
katmagic(Though obviously not allow it to install.)
Dragon_ErosEmbarq is My servrer
katmagicAnd you don't have a 'Tor Disabled' button on the right side of your Firefox status bar?
Dragon_Erosyes
Dragon_Erosbut the onion is green
Dragon_Erosit says tor is disabled
katmagicClick on it.
Dragon_Erosjust switched tgo "tor enabled"
katmagic(The Vidalia icon means that the Tor daemon is running; the 'Tor Enabled' means that Firefox is using Tor.)
Dragon_Erosbut............
Popular searches: ettercap remote browser   tsm scheduler aix   toggle overlay 1   vxedvtoc   

Generated by irclog2html.pl 2.1mg by Jeff Waugh - return