September 2011 - tor-commits - lists.torproject.org

r25125: {} Transifex supports xml files, so we'll use that instead (sol (translation/trunk/projects)
by Runa Sandvik 27 Sep '11

27 Sep '11

Author: runa Date: 2011-09-27 11:18:40 +0000 (Tue, 27 Sep 2011) New Revision: 25125 Removed: translation/trunk/projects/orbot/ Log: Transifex supports xml files, so we'll use that instead (solves #3987)

1 0

r25124: {website} two more tbb faqs, with placeholder answers (website/trunk/docs/en)
by Roger Dingledine 27 Sep '11

27 Sep '11

Author: arma Date: 2011-09-27 10:04:14 +0000 (Tue, 27 Sep 2011) New Revision: 25124 Modified: website/trunk/docs/en/faq.wml Log: two more tbb faqs, with placeholder answers Modified: website/trunk/docs/en/faq.wml =================================================================== --- website/trunk/docs/en/faq.wml 2011-09-27 09:45:08 UTC (rev 25123) +++ website/trunk/docs/en/faq.wml 2011-09-27 10:04:14 UTC (rev 25124) @@ -738,6 +738,15 @@ <hr> +<a id="TBBFlash"></a> +<h3><a class="anchor" href="#TBBFlash">Why doesn't Flash work?</a></h3> + +<p> +<a href="https://www.torproject.org/torbutton/torbutton-faq.html.en#noflash">Answer</a> +</p> + +<hr> + <a id="TBBSocksPort"></a> <h3><a class="anchor" href="#TBBSocksPort">I'm on OSX or Linux and I want to run another application through the Tor launched by Tor @@ -794,6 +803,19 @@ <hr> +<a id="TBBOtherExtensions"></a> +<h3><a class="anchor" href="#TBBOtherExtensions">Can I install other +Firefox extensions?</a></h3> + +<p> +Yes. Just install them like normal. But be sure to avoid extensions like +Foxyproxy that screw up your proxy settings. Also, avoid privacy-invasive +extensions (for example, pretty much anything with the word Toolbar in +its name). +</p> + +<hr> + <a id="TBBOtherBrowser"></a> <h3><a class="anchor" href="#TBBOtherBrowser">I want to use Chrome/IE/Opera/etc with Tor.</a></h3>

1 0

r25123: {website} the original author spelled it correctly in his usenix sec 9 (website/trunk/docs/en)
by Roger Dingledine 27 Sep '11

27 Sep '11

Author: arma Date: 2011-09-27 09:45:08 +0000 (Tue, 27 Sep 2011) New Revision: 25123 Modified: website/trunk/docs/en/faq.wml Log: the original author spelled it correctly in his usenix sec 92 paper. so will we. Modified: website/trunk/docs/en/faq.wml =================================================================== --- website/trunk/docs/en/faq.wml 2011-09-27 09:42:40 UTC (rev 25122) +++ website/trunk/docs/en/faq.wml 2011-09-27 09:45:08 UTC (rev 25123) @@ -53,7 +53,7 @@ <li><a href="#TBBSocksPort">I'm on OSX or Linux and I want to run another application through the Tor launched by Tor Browser - Bundle. How do I predict my SOCKS port?</a></li> + Bundle. How do I predict my Socks port?</a></li> <li><a href="#TBBPolipo">I need an HTTP proxy. Where did Polipo go?</a></li> <li><a href="#TBBOtherBrowser">I want to use Chrome/IE/Opera/etc @@ -741,10 +741,10 @@ <a id="TBBSocksPort"></a> <h3><a class="anchor" href="#TBBSocksPort">I'm on OSX or Linux and I want to run another application through the Tor launched by Tor -Browser Bundle. How do I predict my SOCKS port?</a></h3> +Browser Bundle. How do I predict my Socks port?</a></h3> <p> -Typically Tor listens for SOCKS connections on port 9050. TBB +Typically Tor listens for Socks connections on port 9050. TBB on OSX and Linux has an experimental feature where Tor listens on random unused ports rather than a fixed port each time. The goal is to avoid conflicting with a "system" Tor install, @@ -752,14 +752,14 @@ href="https://trac.torproject.org/projects/tor/ticket/3948">working on a feature</a> where Tor will try the usual ports first and then back off to a random choice if they're already in use. Until then, if you -want to configure some other application to use Tor as a SOCKS proxy, +want to configure some other application to use Tor as a Socks proxy, here's a workaround: </p> <p> In Vidalia, go to Settings->Advanced and uncheck the box that says 'Configure ControlPort automatically'. Click OK and restart TBB. Your -SOCKS port will then be on 9050. +Socks port will then be on 9050. </p> <hr> @@ -780,7 +780,7 @@ If you are trying to use some external application with Tor, step zero should be to <a href="<page download/download>#warning">reread the set of warnings</a> for ways you can screw up. Step one should be to try -to use a SOCKS proxy rather than an http proxy — Tor runs a SOCKS +to use a Socks proxy rather than an http proxy — Tor runs a Socks proxy on port 9050 on Windows, or <a href="#TBBSocksPort">see above</a> for OSX and Linux. </p> @@ -1221,7 +1221,7 @@ sure there are no spaces between the commas and the list items. </p> <p> - If you want to access a service directly through Tor's SOCKS interface + If you want to access a service directly through Tor's Socks interface (eg. using ssh via connect.c), another option is to set up an internal mapping in your configuration file using <tt>MapAddress</tt>. See the manual page for details.

1 0

r25122: {website} every time you talk about SOCKS you have to yell (website/trunk/docs/en)
by Roger Dingledine 27 Sep '11

27 Sep '11

Author: arma Date: 2011-09-27 09:42:40 +0000 (Tue, 27 Sep 2011) New Revision: 25122 Modified: website/trunk/docs/en/faq.wml Log: every time you talk about SOCKS you have to yell Modified: website/trunk/docs/en/faq.wml =================================================================== --- website/trunk/docs/en/faq.wml 2011-09-27 09:39:10 UTC (rev 25121) +++ website/trunk/docs/en/faq.wml 2011-09-27 09:42:40 UTC (rev 25122) @@ -752,7 +752,7 @@ href="https://trac.torproject.org/projects/tor/ticket/3948">working on a feature</a> where Tor will try the usual ports first and then back off to a random choice if they're already in use. Until then, if you -want to configure some other application to use Tor as a socks proxy, +want to configure some other application to use Tor as a SOCKS proxy, here's a workaround: </p> @@ -778,7 +778,7 @@ <p> If you are trying to use some external application with Tor, step zero -should be to <a href="<page download/download>#warning">read the set +should be to <a href="<page download/download>#warning">reread the set of warnings</a> for ways you can screw up. Step one should be to try to use a SOCKS proxy rather than an http proxy — Tor runs a SOCKS proxy on port 9050 on Windows, or <a href="#TBBSocksPort">see above</a>

1 0

r25121: {website} import and flesh out helix's tbb faq entries (website/trunk/docs/en)
by Roger Dingledine 27 Sep '11

27 Sep '11

Author: arma Date: 2011-09-27 09:39:10 +0000 (Tue, 27 Sep 2011) New Revision: 25121 Modified: website/trunk/docs/en/faq.wml Log: import and flesh out helix's tbb faq entries Modified: website/trunk/docs/en/faq.wml =================================================================== --- website/trunk/docs/en/faq.wml 2011-09-27 07:24:45 UTC (rev 25120) +++ website/trunk/docs/en/faq.wml 2011-09-27 09:39:10 UTC (rev 25121) @@ -50,6 +50,17 @@ <p>Tor Browser Bundle:</p> <ul> + + <li><a href="#TBBSocksPort">I'm on OSX or Linux and I want to + run another application through the Tor launched by Tor Browser + Bundle. How do I predict my SOCKS port?</a></li> + <li><a href="#TBBPolipo">I need an HTTP proxy. Where did Polipo + go?</a></li> + <li><a href="#TBBOtherBrowser">I want to use Chrome/IE/Opera/etc + with Tor.</a></li> + <li><a href="#TBBCloseBrowser">I want to leave Tor Browser Bundle + running but close the browser.</a></li> + <li><a href="#GoogleCaptcha">Google makes me solve a Captcha or tells me I have spyware installed.</a></li> <li><a href="#GmailWarning">Gmail warns me that my account may have @@ -727,6 +738,95 @@ <hr> +<a id="TBBSocksPort"></a> +<h3><a class="anchor" href="#TBBSocksPort">I'm on OSX or Linux and +I want to run another application through the Tor launched by Tor +Browser Bundle. How do I predict my SOCKS port?</a></h3> + +<p> +Typically Tor listens for SOCKS connections on port 9050. TBB +on OSX and Linux has an experimental feature where Tor listens +on random unused ports rather than a fixed port each time. The +goal is to avoid conflicting with a "system" Tor install, +so you can run a system Tor and TBB at the same time. We're <a +href="https://trac.torproject.org/projects/tor/ticket/3948">working on +a feature</a> where Tor will try the usual ports first and then back +off to a random choice if they're already in use. Until then, if you +want to configure some other application to use Tor as a socks proxy, +here's a workaround: +</p> + +<p> +In Vidalia, go to Settings->Advanced and uncheck the box that says +'Configure ControlPort automatically'. Click OK and restart TBB. Your +SOCKS port will then be on 9050. +</p> + +<hr> + +<a id="TBBPolipo"></a> +<h3><a class="anchor" href="#TBBPolipo">I need an HTTP proxy. Where did +Polipo go?</a></h3> + +<p> +In the past, Tor bundles included an HTTP proxy like Privoxy or Polipo, +solely to work around a bug in Firefox that was finally fixed in Firefox +6. Now you don't need a separate HTTP proxy to use Tor, and in fact +leaving it out makes you safer because Torbutton has better control over +Firefox's interaction with websites. +</p> + +<p> +If you are trying to use some external application with Tor, step zero +should be to <a href="<page download/download>#warning">read the set +of warnings</a> for ways you can screw up. Step one should be to try +to use a SOCKS proxy rather than an http proxy — Tor runs a SOCKS +proxy on port 9050 on Windows, or <a href="#TBBSocksPort">see above</a> +for OSX and Linux. +</p> + +<p> +If that fails, feel free to install privoxy or polipo. You can use <a +href="https://gitweb.torproject.org/torbrowser.git/blob_plain/HEAD:/build-scripts…">our +old polipo config file</a> if you like. However, please realize that +this approach is unsupported. +</p> + +<hr> + +<a id="TBBOtherBrowser"></a> +<h3><a class="anchor" href="#TBBOtherBrowser">I want to use +Chrome/IE/Opera/etc with Tor.</a></h3> + +<p> +Unfortunately, Torbutton only works with Firefox right now, and without +<a href="https://www.torproject.org/torbutton/en/design/">Torbutton's +extensive privacy fixes</a> there are many ways for websites or other +attackers to recognize you, track you back to your IP address, and so on. +In short, using any browser besides Tor Browser Bundle with Tor is a +really bad idea. +</p> + +<p> +We're working with the Chrome team to <a +href="https://blog.torproject.org/blog/google-chrome-incognito-mode-tor-and-finge…">fix +some bugs and missing APIs in Chrome</a> so it will be possible to write a +Torbutton for Chrome. No support for any other browser is on the horizon. +</p> + +<hr> + +<a id="TBBCloseBrowser"></a> +<h3><a class="anchor" href="#TBBCloseBrowser">I want to leave Tor Browser +Bundle running but close the browser.</a></h3> + +<p> +We're working on a way to make this possible on all platforms. Please +be patient. +</p> + +<hr> + <a id="GoogleCaptcha"></a> <h3><a class="anchor" href="#GoogleCaptcha">Google makes me solve a Captcha or tells me I have spyware installed.</a></h3>

1 0

r25120: {website} break off some questions into a new tbb faq section (website/trunk/docs/en)
by Roger Dingledine 27 Sep '11

27 Sep '11

Author: arma Date: 2011-09-27 07:24:45 +0000 (Tue, 27 Sep 2011) New Revision: 25120 Modified: website/trunk/docs/en/faq.wml Log: break off some questions into a new tbb faq section Modified: website/trunk/docs/en/faq.wml =================================================================== --- website/trunk/docs/en/faq.wml 2011-09-27 04:54:21 UTC (rev 25119) +++ website/trunk/docs/en/faq.wml 2011-09-27 07:24:45 UTC (rev 25120) @@ -48,26 +48,26 @@ <li><a href="#LiveCD">Is there a LiveCD or other bundle that includes Tor?</a></li> </ul> - <p>Running Tor:</p> + <p>Tor Browser Bundle:</p> <ul> + <li><a href="#GoogleCaptcha">Google makes me solve a Captcha or tells + me I have spyware installed.</a></li> + <li><a href="#GmailWarning">Gmail warns me that my account may have + been compromised.</a></li> + </ul> + + <p>Advanced Tor usage:</p> + <ul> <li><a href="#torrc">I'm supposed to "edit my torrc". What does that mean?</a></li> <li><a href="#Logs">How do I set up logging, or see Tor's logs?</a></li> - </ul> - - <p>Running a Tor client:</p> - <ul> <li><a href="#DoesntWork">I installed Tor and Polipo but it's not working.</a></li> <li><a href="#VidaliaPassword">Tor/Vidalia prompts for a password at start.</a></li> <li><a href="#ChooseEntryExit">Can I control which nodes (or country) are used for entry/exit?</a></li> - <li><a href="#GoogleCaptcha">Google makes me solve a Captcha or tells - me I have spyware installed.</a></li> - <li><a href="#GmailWarning">Gmail warns me that my account may have - been compromised.</a></li> <li><a href="#FirewallPorts">My firewall only allows a few outgoing ports.</a></li> </ul> @@ -727,6 +727,90 @@ <hr> +<a id="GoogleCaptcha"></a> +<h3><a class="anchor" href="#GoogleCaptcha">Google makes me solve a Captcha or tells me I have spyware installed.</a></h3> + +<p> +This is a known and intermittent problem; it does not mean that Google +considers Tor to be spyware. +</p> + +<p> +When you use Tor, you are sending queries through exit relays that are also +shared by thousands of other users. Tor users typically see this message +when many Tor users are querying Google in a short period of time. Google +interprets the high volume of traffic from a single IP address (the exit +relay you happened to pick) as somebody trying to "crawl" their website, +so it slows down traffic from that IP address for a short time. +</p> +<p> +An alternate explanation is that Google tries to detect certain +kinds of spyware or viruses that send distinctive queries to Google +Search. It notes the IP addresses from which those queries are received +(not realizing that they are Tor exit relays), and tries to warn any +connections coming from those IP addresses that recent queries indicate +an infection. +</p> + +<p> +To our knowledge, Google is not doing anything intentionally specifically +to deter or block Tor use. The error message about an infected machine +should clear up again after a short time. +</p> + +<p> +Torbutton 1.2.5 (released in mid 2010) detects Google captchas and can +automatically redirect you to a more Tor-friendly search engine such as +Ixquick or Bing. +</p> + +<hr /> + +<a id="GmailWarning"></a> +<h3><a class="anchor" href="#GmailWarning">Gmail warns me that my account may have been compromised.</a></h3> + +<p> +Sometimes, after you've used Gmail over Tor, Google presents a +pop-up notification that your account may have been compromised. +The notification window lists a series of IP addresses and locations +throughout the world recently used to access your account. +</p> + +<p> +In general this is a false alarm: Google saw a bunch of logins from +different places, as a result of running the service via Tor, and decided +it was a good idea to confirm the account was being accessed by it's +rightful owner. +</p> + +<p> +Even though this may be a biproduct of using the service via tor, +that doesn't mean you can entirely ignore the warning. It is +<i>probably</i> a false positive, but it might not be since it is +possible for someone to hijack your Google cookie. +</p> + +<p> +Cookie hijacking is possible by either physical access to your computer +or by watching your network traffic. In theory only physical access +should compromise your system because Gmail and similar services +should only send the cookie over an SSL link. In practice, alas, it's <a +href="http://fscked.org/blog/fully-automated-active-https-cookie-hijacking"> +way more complex than that</a>. +</p> + +<p> +And if somebody <i>did</i> steal your google cookie, they might end +up logging in from unusual places (though of course they also might +not). So the summary is that since you're using Tor, this security +measure that Google uses isn't so useful for you, because it's full of +false positives. You'll have to use other approaches, like seeing if +anything looks weird on the account, or looking at the timestamps for +recent logins and wondering if you actually logged in at those times. +</p> + +<hr> + <a id="torrc"></a> <h3><a class="anchor" href="#torrc">I'm supposed to "edit my torrc". What does that mean?</a></h3> @@ -1045,90 +1129,6 @@ <hr> -<a id="GoogleCaptcha"></a> -<h3><a class="anchor" href="#GoogleCaptcha">Google makes me solve a Captcha or tells me I have spyware installed.</a></h3> - -<p> -This is a known and intermittent problem; it does not mean that Google -considers Tor to be spyware. -</p> - -<p> -When you use Tor, you are sending queries through exit relays that are also -shared by thousands of other users. Tor users typically see this message -when many Tor users are querying Google in a short period of time. Google -interprets the high volume of traffic from a single IP address (the exit -relay you happened to pick) as somebody trying to "crawl" their website, -so it slows down traffic from that IP address for a short time. -</p> -<p> -An alternate explanation is that Google tries to detect certain -kinds of spyware or viruses that send distinctive queries to Google -Search. It notes the IP addresses from which those queries are received -(not realizing that they are Tor exit relays), and tries to warn any -connections coming from those IP addresses that recent queries indicate -an infection. -</p> - -<p> -To our knowledge, Google is not doing anything intentionally specifically -to deter or block Tor use. The error message about an infected machine -should clear up again after a short time. -</p> - -<p> -Torbutton 1.2.5 (released in mid 2010) detects Google captchas and can -automatically redirect you to a more Tor-friendly search engine such as -Ixquick or Bing. -</p> - -<hr /> - -<a id="GmailWarning"></a> -<h3><a class="anchor" href="#GmailWarning">Gmail warns me that my account may have been compromised.</a></h3> - -<p> -Sometimes, after you've used Gmail over Tor, Google presents a -pop-up notification that your account may have been compromised. -The notification window lists a series of IP addresses and locations -throughout the world recently used to access your account. -</p> - -<p> -In general this is a false alarm: Google saw a bunch of logins from -different places, as a result of running the service via Tor, and decided -it was a good idea to confirm the account was being accessed by it's -rightful owner. -</p> - -<p> -Even though this may be a biproduct of using the service via tor, -that doesn't mean you can entirely ignore the warning. It is -<i>probably</i> a false positive, but it might not be since it is -possible for someone to hijack your Google cookie. -</p> - -<p> -Cookie hijacking is possible by either physical access to your computer -or by watching your network traffic. In theory only physical access -should compromise your system because Gmail and similar services -should only send the cookie over an SSL link. In practice, alas, it's <a -href="http://fscked.org/blog/fully-automated-active-https-cookie-hijacking"> -way more complex than that</a>. -</p> - -<p> -And if somebody <i>did</i> steal your google cookie, they might end -up logging in from unusual places (though of course they also might -not). So the summary is that since you're using Tor, this security -measure that Google uses isn't so useful for you, because it's full of -false positives. You'll have to use other approaches, like seeing if -anything looks weird on the account, or looking at the timestamps for -recent logins and wondering if you actually logged in at those times. -</p> - -<hr> - <a id="FirewallPorts"></a> <h3><a class="anchor" href="#FirewallPorts">My firewall only allows a few outgoing ports.</a></h3>

1 0

r25119: {website} get rid of the "unnecessary software jargon" (website/trunk/docs/en)
by Roger Dingledine 27 Sep '11

27 Sep '11

Author: arma Date: 2011-09-27 04:54:21 +0000 (Tue, 27 Sep 2011) New Revision: 25119 Modified: website/trunk/docs/en/faq.wml Log: get rid of the "unnecessary software jargon" Modified: website/trunk/docs/en/faq.wml =================================================================== --- website/trunk/docs/en/faq.wml 2011-09-27 02:10:04 UTC (rev 25118) +++ website/trunk/docs/en/faq.wml 2011-09-27 04:54:21 UTC (rev 25119) @@ -1399,7 +1399,8 @@ <p> These organizations are not the same as <a href="<page donate/donate>">The Tor Project, Inc</a>, but we consider that a - feature. They're both run by nice people. + good thing. They're both run by nice people who are part of the + Tor community. </p> <p> @@ -1409,7 +1410,7 @@ improving Tor's anonymity more than by donating. At the same time though, economies of scale for bandwidth mean that combining many small donations into - several larger relays is much more efficient at improving network + several larger relays is more efficient at improving network performance. Improving anonymity and improving performance are both worthwhile goals, so however you can help is great! </p>

1 0

r25118: {website} two fixes from velope (website/trunk/docs/en)
by Roger Dingledine 26 Sep '11

26 Sep '11

Author: arma Date: 2011-09-27 02:10:04 +0000 (Tue, 27 Sep 2011) New Revision: 25118 Modified: website/trunk/docs/en/faq.wml Log: two fixes from velope Modified: website/trunk/docs/en/faq.wml =================================================================== --- website/trunk/docs/en/faq.wml 2011-09-27 01:55:00 UTC (rev 25117) +++ website/trunk/docs/en/faq.wml 2011-09-27 02:10:04 UTC (rev 25118) @@ -1389,8 +1389,7 @@ <ul> <li><a href="https://www.torservers.net/">torservers.net</a> is a German charitable non-profit that runs a wide variety of - exit relays. Note that they also like donations of bandwidth from - ISPs.</li> + exit relays. They also like donations of bandwidth from ISPs.</li> <li><a href="https://www.noisebridge.net/wiki/Noisebridge_Tor">Noisebridge</a> is a US-based 501(c)(3) non-profit that collects donations and turns @@ -1407,7 +1406,8 @@ Note that there can be a tradeoff here between anonymity and performance. The Tor network's anonymity comes in part from diversity, so if you are in a position to run your own relay, you will be - improving Tor's anonymity more. At the same time though, economies + improving Tor's anonymity more than by donating. At the same time + though, economies of scale for bandwidth mean that combining many small donations into several larger relays is much more efficient at improving network performance. Improving anonymity and improving performance are both

1 0

r25117: {website} change faq title (website/trunk/docs/en)
by Roger Dingledine 26 Sep '11

26 Sep '11

Author: arma Date: 2011-09-27 01:55:00 +0000 (Tue, 27 Sep 2011) New Revision: 25117 Modified: website/trunk/docs/en/faq.wml Log: change faq title Modified: website/trunk/docs/en/faq.wml =================================================================== --- website/trunk/docs/en/faq.wml 2011-09-27 01:51:22 UTC (rev 25116) +++ website/trunk/docs/en/faq.wml 2011-09-27 01:55:00 UTC (rev 25117) @@ -82,8 +82,8 @@ <li><a href="#MultipleRelays">I want to run more than one relay.</a></li> <li><a href="#RelayMemory">Why is my Tor relay using so much memory?</a></li> <li><a href="#WhyNotNamed">Why is my Tor relay not named?</a></li> - <li><a href="#RelayDonations">Can I donate rather than run my own - relay?</a></li> + <li><a href="#RelayDonations">Can I donate for a relay rather than + run my own?</a></li> </ul> <p>Running a Tor hidden service:</p> @@ -1379,8 +1379,8 @@ <hr> <a id="RelayDonations"></a> - <h3><a class="anchor" href="#RelayDonations">Can I donate rather - than run my own relay?</a></h3> + <h3><a class="anchor" href="#RelayDonations">Can I donate for a + relay rather than run my own?</a></h3> <p> Sure! We recommend two non-profit charities that are happy to turn

1 0

r25116: {website} future-proof our user and traffic counts (website/trunk/docs/en)
by Roger Dingledine 26 Sep '11

26 Sep '11

Author: arma Date: 2011-09-27 01:51:22 +0000 (Tue, 27 Sep 2011) New Revision: 25116 Modified: website/trunk/docs/en/faq.wml Log: future-proof our user and traffic counts Modified: website/trunk/docs/en/faq.wml =================================================================== --- website/trunk/docs/en/faq.wml 2011-09-27 01:46:49 UTC (rev 25115) +++ website/trunk/docs/en/faq.wml 2011-09-27 01:51:22 UTC (rev 25116) @@ -478,9 +478,14 @@ <h3><a class="anchor" href="#Funding">What would The Tor Project do with more funding?</a></h3> <p> - We have about 1800 relays right now, pushing over 150 MB/s average - traffic. We have several hundred thousand active users. But the Tor - network is not yet self-sustaining. + The Tor network's <a + href="https://metrics.torproject.org/network.html#networksize">several + thousand</a> relays push <a + href="https://metrics.torproject.org/network.html#bandwidth">over + 1GB per second on average</a>. We have <a + href="https://metrics.torproject.org/users.html#direct-users">several + hundred thousand daily users</a>. But the Tor network is not yet + self-sustaining. </p> <p>

1 0