November 2012 - tor-commits - lists.torproject.org

[ooni-probe/master] twisted Headers() class edited to avoid header fix in reference to: https://trac.torproject.org/projects/tor/ticket/7432
by art＠torproject.org 19 Nov '12

19 Nov '12

commit 07ed416a6ad4735d1bd6ca0dcdd07e20be05b788 Author: Giovanni Pellerano <evilaliv3(a)evilretis.(none)> Date: Mon Nov 19 14:23:46 2012 +0100 twisted Headers() class edited to avoid header fix in reference to: https://trac.torproject.org/projects/tor/ticket/7432 --- ooni/lib/txagentwithsocks.py | 164 +++++++++++++++++++++++++++--------------- 1 files changed, 106 insertions(+), 58 deletions(-) diff --git a/ooni/lib/txagentwithsocks.py b/ooni/lib/txagentwithsocks.py index fecd9fc..a1f7f48 100644 --- a/ooni/lib/txagentwithsocks.py +++ b/ooni/lib/txagentwithsocks.py @@ -6,10 +6,13 @@ import struct from zope.interface import implements -from twisted.web import client +from twisted.web import client, _newclient, http_headers +from twisted.web._newclient import Request, RequestNotSent, RequestGenerationFailed, TransportProxyProducer, STATUS +from twisted.internet import protocol from twisted.internet.protocol import ClientFactory, Protocol from twisted.internet.endpoints import TCP4ClientEndpoint, SSL4ClientEndpoint, _WrappingProtocol, _WrappingFactory from twisted.internet import interfaces, defer +from twisted.internet.defer import Deferred, succeed, fail, maybeDeferred class SOCKSError(Exception): def __init__(self, value): @@ -24,7 +27,6 @@ class SOCKSv5ClientProtocol(_WrappingProtocol): self._host = host self._port = port self.ready = False - self.buf = [] def socks_state_0(self, data): # error state @@ -55,20 +57,13 @@ class SOCKSv5ClientProtocol(_WrappingProtocol): self._wrappedProtocol.transport = self.transport self._wrappedProtocol.connectionMade() - if self.buf != []: - self.transport.write(''.join(self.buf)) - self.buf = [] - self._connectedDeferred.callback(self._wrappedProtocol) def connectionMade(self): # We implement only Anonymous access self.transport.write(struct.pack("!BB", 5, len("\x00")) + "\x00") - - self.state = self.state + 1 - def connectionLost(self, reason): - pass + self.state = self.state + 1 def write(self, data): if self.ready: @@ -79,7 +74,7 @@ class SOCKSv5ClientProtocol(_WrappingProtocol): def dataReceived(self, data): if self.state != 3: getattr(self, 'socks_state_%s' % (self.state), - self.socks_state_0)(data) + self.socks_state_0)(data) self.state = self.state + 1 else: self._wrappedProtocol.dataReceived(data) @@ -92,46 +87,20 @@ class SOCKSv5ClientFactory(_WrappingFactory): self._host, self._port = host, port def buildProtocol(self, addr): - """ - Proxy C{buildProtocol} to our C{self._wrappedFactory} or errback - the C{self._onConnection} L{Deferred}. - - @return: An instance of L{_WrappingProtocol} or C{None} - """'' try: proto = self._wrappedFactory.buildProtocol(addr) except: self._onConnection.errback() else: - print self._host return self.protocol(self._onConnection, proto, self._host, self._port) class SOCKS5ClientEndpoint(object): - """ - TCP client endpoint with an IPv4 configuration. - """ implements(interfaces.IStreamClientEndpoint) def __init__(self, reactor, sockhost, sockport, - host, port, timeout=30,bindAddress=None): - """ - @param reactor: An L{IReactorTCP} provider - - @param host: A hostname, used when connecting - @type host: str - - @param port: The port number, used when connecting - @type port: int + host, port, timeout=30, bindAddress=None): - @param timeout: The number of seconds to wait before assuming the - connection has failed. - @type timeout: int - - @param bindAddress: A (host, port) tuple of local address to bind to, - or None. - @type bindAddress: tuple - """ self._reactor = reactor self._sockhost = sockhost self._sockport = sockport @@ -141,9 +110,6 @@ class SOCKS5ClientEndpoint(object): self._bindAddress = bindAddress def connect(self, protocolFactory): - """ - Implement L{IStreamClientEndpoint.connect} to connect via TCP. - """ try: wf = SOCKSv5ClientFactory(protocolFactory, self._host, self._port) self._reactor.connectTCP( @@ -153,13 +119,94 @@ class SOCKS5ClientEndpoint(object): except: return defer.fail() +class Headers(http_headers.Headers): + def __init__(self, rawHeaders=None): + self._rawHeaders = dict() + if rawHeaders is not None: + for name, values in rawHeaders.iteritems(): + if type(values) is list: + self.setRawHeaders(name, values[:]) + elif type(values) is dict: + self._rawHeaders[name.lower()] = values + + def setRawHeaders(self, name, values): + if name.lower() not in self._rawHeaders: + self._rawHeaders[name.lower()] = dict() + self._rawHeaders[name.lower()]['name'] = name + self._rawHeaders[name.lower()]['values'] = values + + def getAllRawHeaders(self): + for k, v in self._rawHeaders.iteritems(): + yield v['name'], v['values'] + + def getRawHeaders(self, name, default=None): + if name.lower() in self._rawHeaders: + return self._rawHeaders[name.lower()]["values"] + return default +class HTTPClientParser(_newclient.HTTPClientParser): + def connectionMade(self): + self.headers = Headers() + self.connHeaders = Headers() + self.state = STATUS + self._partialHeader = None + + def headerReceived(self, name, value): + if self.isConnectionControlHeader(name): + headers = self.connHeaders + else: + headers = self.headers + headers.addRawHeader(name, value) + + +class HTTP11ClientProtocol(_newclient.HTTP11ClientProtocol): + def request(self, request): + if self._state != 'QUIESCENT': + return fail(RequestNotSent()) + + self._state = 'TRANSMITTING' + _requestDeferred = maybeDeferred(request.writeTo, self.transport) + self._finishedRequest = Deferred() + + self._currentRequest = request + + self._transportProxy = TransportProxyProducer(self.transport) + self._parser = HTTPClientParser(request, self._finishResponse) + self._parser.makeConnection(self._transportProxy) + self._responseDeferred = self._parser._responseDeferred + + def cbRequestWrotten(ignored): + if self._state == 'TRANSMITTING': + self._state = 'WAITING' + self._responseDeferred.chainDeferred(self._finishedRequest) + + def ebRequestWriting(err): + if self._state == 'TRANSMITTING': + self._state = 'GENERATION_FAILED' + self.transport.loseConnection() + self._finishedRequest.errback( + Failure(RequestGenerationFailed([err]))) + else: + log.err(err, 'Error writing request, but not in valid state ' + 'to finalize request: %s' % self._state) + + _requestDeferred.addCallbacks(cbRequestWrotten, ebRequestWriting) + + return self._finishedRequest + +class _HTTP11ClientFactory(client._HTTP11ClientFactory): + def buildProtocol(self, addr): + return HTTP11ClientProtocol(self._quiescentCallback) + +class HTTPConnectionPool(client.HTTPConnectionPool): + _factory = _HTTP11ClientFactory + class Agent(client.Agent): def __init__(self, reactor, contextFactory=client.WebClientContextFactory(), connectTimeout=None, bindAddress=None, pool=None, sockhost=None, sockport=None): if pool is None: - pool = client.HTTPConnectionPool(reactor, False) + pool = HTTPConnectionPool(reactor, False) self._reactor = reactor self._pool = pool self._contextFactory = contextFactory @@ -169,22 +216,6 @@ class Agent(client.Agent): self._sockport = sockport def _getEndpoint(self, scheme, host, port): - """ - Get an endpoint for the given host and port, using a transport - selected based on scheme. - - @param scheme: A string like C{'http'} or C{'https'} (the only two - supported values) to use to determine how to establish the - connection. - - @param host: A C{str} giving the hostname which will be connected to in - order to issue a request. - - @param port: An C{int} giving the port number the connection will be - on. - - @return: An endpoint which can be used to connect to given address. - """ kwargs = {} if self._connectTimeout is not None: kwargs['timeout'] = self._connectTimeout @@ -201,3 +232,20 @@ class Agent(client.Agent): else: raise SchemeNotSupported("Unsupported scheme: %r" % (scheme,)) + def _requestWithEndpoint(self, key, endpoint, method, parsedURI, + headers, bodyProducer, requestPath): + if headers is None: + headers = Headers() + if not headers.hasHeader('host'): + headers = headers.copy() + headers.addRawHeader( + 'host', self._computeHostValue(parsedURI.scheme, parsedURI.host, + parsedURI.port)) + + d = self._pool.getConnection(key, endpoint) + def cbConnected(proto): + return proto.request( + Request(method, requestPath, headers, bodyProducer, + persistent=self._pool.persistent)) + d.addCallback(cbConnected) + return d

1 0

[ooni-probe/master] Fix bug that lead to httpt based reports to not have the url attribute set properly
by art＠torproject.org 19 Nov '12

19 Nov '12

commit 51902f84f2849e17164bd100141d0f5ef5aa151a Author: Arturo Filastò <art(a)fuffa.org> Date: Mon Nov 19 18:05:28 2012 +0100 Fix bug that lead to httpt based reports to not have the url attribute set properly * It has to do with the fact that the request dict was being passed to the report as a reference and not being reinstanced for every test --- ooni/templates/httpt.py | 4 +++- 1 files changed, 3 insertions(+), 1 deletions(-) diff --git a/ooni/templates/httpt.py b/ooni/templates/httpt.py index c2db6f5..9bce30f 100644 --- a/ooni/templates/httpt.py +++ b/ooni/templates/httpt.py @@ -146,7 +146,9 @@ class HTTPTest(NetTestCase): self.randomize_useragent() log.debug("Writing to report the request") - self.report['request'] = self.request + # Here we need to create a copy of the request object for reporting + # purposes + self.report['request'] = dict(self.request) # If we have a request body payload, set the request body to such # content

1 0

[ooni-probe/master] Merge remote-tracking branch 'evil/master' into httprequests
by art＠torproject.org 19 Nov '12

19 Nov '12

commit be68c6cea8475ec845f6b4eac8747218bb7a7914 Merge: 51902f8 07ed416 Author: Arturo Filastò <art(a)fuffa.org> Date: Mon Nov 19 18:53:04 2012 +0100 Merge remote-tracking branch 'evil/master' into httprequests * evil/master: twisted Headers() class edited to avoid header fix in reference to: https://trac.torproject.org/projects/tor/ticket/7432 ooni/lib/txagentwithsocks.py | 164 +++++++++++++++++++++++++++--------------- 1 files changed, 106 insertions(+), 58 deletions(-)

1 0

[translation/torbirdy] Update translations for torbirdy
by translation＠torproject.org 19 Nov '12

19 Nov '12

commit dd2ab47e68d84c19e3e581889a21847e28119b79 Author: Translation commit bot <translation(a)torproject.org> Date: Mon Nov 19 17:16:07 2012 +0000 Update translations for torbirdy --- ar/torbirdy.dtd | 40 ++++++++++++++++++++++++++++++++++++++++ ar/torbirdy.properties | 13 +++++++++++++ 2 files changed, 53 insertions(+), 0 deletions(-) diff --git a/ar/torbirdy.dtd b/ar/torbirdy.dtd new file mode 100644 index 0000000..4f77df6 --- /dev/null +++ b/ar/torbirdy.dtd @@ -0,0 +1,40 @@ +<!ENTITY torbirdy.accountprefs.title "تهيئة الحساب"> +<!ENTITY torbirdy.accountprefs.startup.label "تحقق من وجود رسائل جديدة عند الاقلاع"> +<!ENTITY torbirdy.accountprefs.startup.key ""> +<!ENTITY torbirdy.accountprefs.minutes.label "تحقق من وجود رسائل كل"> +<!ENTITY torbirdy.accountprefs.minutes.key ""> +<!ENTITY torbirdy.accountprefs.minutes.trail.label "دقائق"> +<!ENTITY torbirdy.accountprefs.cancel.button "الغاء"> +<!ENTITY torbirdy.accountprefs.save.button "حفظ"> +<!ENTITY torbirdy.accountprefs.save.key ""> + +<!ENTITY torbirdy.prefs.title "تغضيلات توربيردي"> +<!ENTITY torbirdy.prefs.save.button "احفظ"> +<!ENTITY torbirdy.prefs.save.key ""> +<!ENTITY torbirdy.prefs.cancel.button "الغاء"> +<!ENTITY torbirdy.prefs.extra2.button "اختبر الإعدادات"> +<!ENTITY torbirdy.prefs.extra2.key ""> +<!ENTITY torbirdy.prefs.proxy.label "إعدادات الروكسي"> +<!ENTITY torbirdy.prefs.privacy.label "اعدادات الخصوصية"> +<!ENTITY torbirdy.prefs.recommended.text "استعمل خيارات البوكسي الموصى بها لتوربيردي (تور)"> +<!ENTITY torbirdy.prefs.recommended.key ""> +<!ENTITY torbirdy.prefs.anonservice.text "اختر خدمة اخفاء هوية"> +<!ENTITY torbirdy.prefs.anonservice.key ""> +<!ENTITY torbirdy.prefs.customsettings.text "استعمل اعدادات البروكسي المحددة"> +<!ENTITY torbirdy.prefs.customsettings.key ""> +<!ENTITY torbirdy.prefs.socks_host.label "مضيف ال SOCKS"> +<!ENTITY torbirdy.prefs.socks_host.key ""> +<!ENTITY torbirdy.prefs.socks_port.label "بوابة"> +<!ENTITY torbirdy.prefs.socks_port.key ""> +<!ENTITY torbirdy.prefs.torification.label "تور شفاف"> +<!ENTITY torbirdy.prefs.torification.key ""> +<!ENTITY torbirdy.prefs.global "عالمي"> +<!ENTITY torbirdy.prefs.imap.label ""> +<!ENTITY torbirdy.prefs.imap.key ""> +<!ENTITY torbirdy.prefs.startup_folder.label ""> +<!ENTITY torbirdy.prefs.startup_folder.key ""> +<!ENTITY torbirdy.prefs.enigmail_throwkeyid.label ""> +<!ENTITY torbirdy.prefs.enigmail_throwkeyid.key ""> +<!ENTITY torbirdy.prefs.account_specific ""> +<!ENTITY torbirdy.prefs.select_account.key ""> +<!ENTITY torbirdy.prefs.select_account.label "اختر حساباً"> diff --git a/ar/torbirdy.properties b/ar/torbirdy.properties new file mode 100644 index 0000000..59ef3a7 --- /dev/null +++ b/ar/torbirdy.properties @@ -0,0 +1,13 @@ +# torbirdy.name=TorBirdy + +# torbirdy.enabled.tor=TorBirdy Enabled: Tor +# torbirdy.enabled.jondo=TorBirdy Enabled: JonDo +# torbirdy.enabled.custom=TorBirdy Enabled: Custom Proxy +# torbirdy.enabled.torification=TorBirdy Enabled: Transparent Torification +# torbirdy.disabled=TorBirdy: Disabled! + +# torbirdy.email.prompt=TorBirdy has disabled Thunderbird's auto-configuration wizard to protect your anonymity.\n\nThe recommended security settings for %S have been set.\n\nYou can now configure the other account settings manually. + +# torbirdy.email.advanced=Please note that changing the advanced settings of TorBirdy is NOT recommended.\n\nYou should only continue if you are sure of what you are doing. +# torbirdy.email.advanced.nextwarning=Show this warning next time +# torbirdy.email.advanced.title=TorBirdy Advanced Settings

1 0

[translation/liveusb-creator] Update translations for liveusb-creator
by translation＠torproject.org 19 Nov '12

19 Nov '12

commit 571199a44b095572fb7ea7adf5deff016ec95598 Author: Translation commit bot <translation(a)torproject.org> Date: Mon Nov 19 17:16:00 2012 +0000 Update translations for liveusb-creator --- ar/ar.po | 6 +++--- 1 files changed, 3 insertions(+), 3 deletions(-) diff --git a/ar/ar.po b/ar/ar.po index 17342bd..77bbb3f 100644 --- a/ar/ar.po +++ b/ar/ar.po @@ -11,7 +11,7 @@ msgstr "" "Project-Id-Version: The Tor Project\n" "Report-Msgid-Bugs-To: https://trac.torproject.org/projects/tor\n" "POT-Creation-Date: 2012-04-13 14:16+0200\n" -"PO-Revision-Date: 2012-11-19 16:43+0000\n" +"PO-Revision-Date: 2012-11-19 16:50+0000\n" "Last-Translator: abo0ody <abo0ody2689(a)gmail.com>\n" "Language-Team: LANGUAGE <LL(a)li.org>\n" "MIME-Version: 1.0\n" @@ -74,7 +74,7 @@ msgstr "لا توجد مساحة فارغة على الجهاز %(device)s" #: ../liveusb/gui.py:533 msgid "Partition is FAT16; Restricting overlay size to 2G" -msgstr "" +msgstr "صيغة هذا القسم هي FAT16؛ سيتم حد ال\"overlay size\" الى 2 جيجابايت" #: ../liveusb/gui.py:577 msgid "Persistent Storage" @@ -200,7 +200,7 @@ msgstr "تجهيز ملف البوت \"OLPC\"..." msgid "" "There was a problem executing the following command: `%(command)s`.\n" "A more detailed error log has been written to '%(filename)s'." -msgstr "" +msgstr "كان هناك مشكلة في تنفيذ الأمر التالي: `%(command)s`. تمت كتابة تفاصيل ادق في '%(filename)s'." #: ../liveusb/creator.py:384 msgid "Verifying SHA1 checksum of LiveCD image..."

1 0

[translation/vidalia_help_completed] Update translations for vidalia_help_completed
by translation＠torproject.org 19 Nov '12

19 Nov '12

commit c1bb99caf9c8e861200480a873ea5a1e0231e2e1 Author: Translation commit bot <translation(a)torproject.org> Date: Mon Nov 19 17:15:40 2012 +0000 Update translations for vidalia_help_completed --- ar/links.po | 9 +++++---- 1 files changed, 5 insertions(+), 4 deletions(-) diff --git a/ar/links.po b/ar/links.po index 9a1db21..9d5ce49 100644 --- a/ar/links.po +++ b/ar/links.po @@ -1,5 +1,6 @@ # # Translators: +# <abo0ody2689(a)gmail.com>, 2012. # mohammad Alhargan <malham1(a)gmail.com>, 2011. # runasand <runa.sandvik(a)gmail.com>, 2011. msgid "" @@ -7,14 +8,14 @@ msgstr "" "Project-Id-Version: The Tor Project\n" "Report-Msgid-Bugs-To: https://trac.torproject.org/projects/tor\n" "POT-Creation-Date: 2011-05-05 20:21+0200\n" -"PO-Revision-Date: 2012-02-14 10:02+0000\n" -"Last-Translator: محمد الحرقان <malham1(a)gmail.com>\n" +"PO-Revision-Date: 2012-11-19 17:15+0000\n" +"Last-Translator: abo0ody <abo0ody2689(a)gmail.com>\n" "Language-Team: LANGUAGE <LL(a)li.org>\n" "MIME-Version: 1.0\n" "Content-Type: text/plain; charset=UTF-8\n" "Content-Transfer-Encoding: 8bit\n" "Language: ar\n" -"Plural-Forms: nplurals=6; plural=n==0 ? 0 : n==1 ? 1 : n==2 ? 2 : n%100>=3 && n%100<=10 ? 3 : n%100>=11 && n%100<=99 ? 4 : 5\n" +"Plural-Forms: nplurals=6; plural=n==0 ? 0 : n==1 ? 1 : n==2 ? 2 : n%100>=3 && n%100<=10 ? 3 : n%100>=11 && n%100<=99 ? 4 : 5;\n" #. type: Content of: <html><body><h1> #: links.html:16 @@ -46,7 +47,7 @@ msgstr "<a href=\"https://www.torproject.org/vidalia/\"> https://www.torproject. #. type: Content of: <html><body><table><tr><td> #: links.html:31 links.html:58 msgid "Wiki and Bugtracker" -msgstr "ويكي و مراقب العلل" +msgstr "ويكي البرنامج و مراقب العلل" #. type: Content of: <html><body><table><tr><td> #: links.html:33

1 0

[translation/vidalia_help] Update translations for vidalia_help
by translation＠torproject.org 19 Nov '12

19 Nov '12

commit b36d4223b3987c3ff0ac08b6f4f575c867e327cf Author: Translation commit bot <translation(a)torproject.org> Date: Mon Nov 19 17:15:32 2012 +0000 Update translations for vidalia_help --- ar/links.po | 9 +++++---- 1 files changed, 5 insertions(+), 4 deletions(-) diff --git a/ar/links.po b/ar/links.po index 9a1db21..9d5ce49 100644 --- a/ar/links.po +++ b/ar/links.po @@ -1,5 +1,6 @@ # # Translators: +# <abo0ody2689(a)gmail.com>, 2012. # mohammad Alhargan <malham1(a)gmail.com>, 2011. # runasand <runa.sandvik(a)gmail.com>, 2011. msgid "" @@ -7,14 +8,14 @@ msgstr "" "Project-Id-Version: The Tor Project\n" "Report-Msgid-Bugs-To: https://trac.torproject.org/projects/tor\n" "POT-Creation-Date: 2011-05-05 20:21+0200\n" -"PO-Revision-Date: 2012-02-14 10:02+0000\n" -"Last-Translator: محمد الحرقان <malham1(a)gmail.com>\n" +"PO-Revision-Date: 2012-11-19 17:15+0000\n" +"Last-Translator: abo0ody <abo0ody2689(a)gmail.com>\n" "Language-Team: LANGUAGE <LL(a)li.org>\n" "MIME-Version: 1.0\n" "Content-Type: text/plain; charset=UTF-8\n" "Content-Transfer-Encoding: 8bit\n" "Language: ar\n" -"Plural-Forms: nplurals=6; plural=n==0 ? 0 : n==1 ? 1 : n==2 ? 2 : n%100>=3 && n%100<=10 ? 3 : n%100>=11 && n%100<=99 ? 4 : 5\n" +"Plural-Forms: nplurals=6; plural=n==0 ? 0 : n==1 ? 1 : n==2 ? 2 : n%100>=3 && n%100<=10 ? 3 : n%100>=11 && n%100<=99 ? 4 : 5;\n" #. type: Content of: <html><body><h1> #: links.html:16 @@ -46,7 +47,7 @@ msgstr "<a href=\"https://www.torproject.org/vidalia/\"> https://www.torproject. #. type: Content of: <html><body><table><tr><td> #: links.html:31 links.html:58 msgid "Wiki and Bugtracker" -msgstr "ويكي و مراقب العلل" +msgstr "ويكي البرنامج و مراقب العلل" #. type: Content of: <html><body><table><tr><td> #: links.html:33

1 0

[translation/liveusb-creator] Update translations for liveusb-creator
by translation＠torproject.org 19 Nov '12

19 Nov '12

commit e6ca3f86ee8d55cdd64aa80d01989f85f69b2a5c Author: Translation commit bot <translation(a)torproject.org> Date: Mon Nov 19 16:45:52 2012 +0000 Update translations for liveusb-creator --- ar/ar.po | 9 +++++---- 1 files changed, 5 insertions(+), 4 deletions(-) diff --git a/ar/ar.po b/ar/ar.po index 981b8fc..17342bd 100644 --- a/ar/ar.po +++ b/ar/ar.po @@ -3,6 +3,7 @@ # This file is distributed under the same license as the PACKAGE package. # # Translators: +# <abo0ody2689(a)gmail.com>, 2012. # Fadi Mansour <fadi.redeemer.mansour(a)gmail.com>, 2012. # Tareq Al Jurf <taljurf(a)fedoraproject.org>, 2009. msgid "" @@ -10,8 +11,8 @@ msgstr "" "Project-Id-Version: The Tor Project\n" "Report-Msgid-Bugs-To: https://trac.torproject.org/projects/tor\n" "POT-Creation-Date: 2012-04-13 14:16+0200\n" -"PO-Revision-Date: 2012-11-18 18:31+0000\n" -"Last-Translator: Fadi Mansour <fadi.redeemer.mansour(a)gmail.com>\n" +"PO-Revision-Date: 2012-11-19 16:43+0000\n" +"Last-Translator: abo0ody <abo0ody2689(a)gmail.com>\n" "Language-Team: LANGUAGE <LL(a)li.org>\n" "MIME-Version: 1.0\n" "Content-Type: text/plain; charset=UTF-8\n" @@ -98,7 +99,7 @@ msgid "" "Warning: The Master Boot Record on your device does not match your system's " "syslinux MBR. If you have trouble booting this stick, try running the " "liveusb-creator with the --reset-mbr option." -msgstr "" +msgstr "تحذير: سجل البوت الرئيسي \"Master Boot Record\"في جيهازك ﻻ يماثل سجل البوت الرئيسي ل سيلينوكس syslinux, اذا كنت تواجه مشاكل في اجراء عملية البوت لذاكرة اليو اس بي هذه فجري تشغل برنامج \"liveusbcreator\" مع الخيار reset-mbr-- " #: ../liveusb/gui.py:638 msgid "Unable to mount device" @@ -192,7 +193,7 @@ msgstr "تمت الكتابة للجهاز بسرعة %(speed)d ميغابايت #: ../liveusb/creator.py:181 msgid "Setting up OLPC boot file..." -msgstr "" +msgstr "تجهيز ملف البوت \"OLPC\"..." #: ../liveusb/creator.py:365 #, python-format

1 0

r25895: {} add my EADV presentation, remove the old tech pres we never (in projects/presentations: . images)
by Andrew Lewman 19 Nov '12

19 Nov '12

Author: phobos Date: 2012-11-19 15:55:44 +0000 (Mon, 19 Nov 2012) New Revision: 25895 Added: projects/presentations/2012-11-16-EADV-Tech-Stalking-Advice.odp projects/presentations/2012-11-16-EADV-Tech-Stalking-Advice.pdf projects/presentations/images/2012-09-27-top-10-country-table.png projects/presentations/images/direct-users-2009-09-27-off-300-2012-09-27-all.png projects/presentations/images/grand-mosque-du-paris.jpg projects/presentations/images/grandma-at-computer.jpg projects/presentations/images/networksize-2009-09-27-300-2012-09-27.png projects/presentations/images/porn-star.jpg projects/presentations/images/save-the-corps.jpg projects/presentations/images/stalker-2.jpg Removed: projects/presentations/technical-solutions-to-internet-surveillance.tex Log: add my EADV presentation, remove the old tech pres we never use Added: projects/presentations/2012-11-16-EADV-Tech-Stalking-Advice.odp =================================================================== (Binary files differ) Property changes on: projects/presentations/2012-11-16-EADV-Tech-Stalking-Advice.odp ___________________________________________________________________ Added: svn:mime-type + application/octet-stream Added: projects/presentations/2012-11-16-EADV-Tech-Stalking-Advice.pdf =================================================================== (Binary files differ) Property changes on: projects/presentations/2012-11-16-EADV-Tech-Stalking-Advice.pdf ___________________________________________________________________ Added: svn:mime-type + application/octet-stream Added: projects/presentations/images/2012-09-27-top-10-country-table.png =================================================================== (Binary files differ) Property changes on: projects/presentations/images/2012-09-27-top-10-country-table.png ___________________________________________________________________ Added: svn:mime-type + image/png Added: projects/presentations/images/direct-users-2009-09-27-off-300-2012-09-27-all.png =================================================================== (Binary files differ) Property changes on: projects/presentations/images/direct-users-2009-09-27-off-300-2012-09-27-all.png ___________________________________________________________________ Added: svn:mime-type + image/png Added: projects/presentations/images/grand-mosque-du-paris.jpg =================================================================== (Binary files differ) Property changes on: projects/presentations/images/grand-mosque-du-paris.jpg ___________________________________________________________________ Added: svn:mime-type + image/jpeg Added: projects/presentations/images/grandma-at-computer.jpg =================================================================== (Binary files differ) Property changes on: projects/presentations/images/grandma-at-computer.jpg ___________________________________________________________________ Added: svn:mime-type + image/jpeg Added: projects/presentations/images/networksize-2009-09-27-300-2012-09-27.png =================================================================== (Binary files differ) Property changes on: projects/presentations/images/networksize-2009-09-27-300-2012-09-27.png ___________________________________________________________________ Added: svn:mime-type + image/png Added: projects/presentations/images/porn-star.jpg =================================================================== (Binary files differ) Property changes on: projects/presentations/images/porn-star.jpg ___________________________________________________________________ Added: svn:mime-type + image/jpeg Added: projects/presentations/images/save-the-corps.jpg =================================================================== (Binary files differ) Property changes on: projects/presentations/images/save-the-corps.jpg ___________________________________________________________________ Added: svn:mime-type + image/jpeg Added: projects/presentations/images/stalker-2.jpg =================================================================== (Binary files differ) Property changes on: projects/presentations/images/stalker-2.jpg ___________________________________________________________________ Added: svn:mime-type + image/jpeg Deleted: projects/presentations/technical-solutions-to-internet-surveillance.tex =================================================================== --- projects/presentations/technical-solutions-to-internet-surveillance.tex 2012-11-18 20:54:03 UTC (rev 25894) +++ projects/presentations/technical-solutions-to-internet-surveillance.tex 2012-11-19 15:55:44 UTC (rev 25895) @@ -1,428 +0,0 @@ -\documentclass{beamer} -\mode<presentation> -\usetheme{Pittsburgh} -\usecolortheme{beaver} -\title{Technical Solutions to Internet Surveillance} -\author{Andrew Lewman \\ andrew(a)torproject.org \\ https://torproject.org} -\date{\today} -\begin{document} - -% General flow: -% internet is becoming centralized; good: cheaper to deploy, easier to manage; bad: control points, surveillance points -% govt wants data, see total info awareness (wow, look at that logo or how to freak out your population) (give credit to moxie) -% wiretapping the internet: mention some countries with programs about wiretapping, show nsa-room in AT&T San Fran -% here's a better way to collect vast amounts of data about your population: show facebook logo -% want more than just social interactions? show google logo, look at all of this data, email, instant messaging, topics of interest (search queries, results clicked, ads shown/clicked) -% is absence of signal enough to arouse suspicion? cell phone location data, google services, facebook accounts? -% how do you hide in a crowd without arousing suspicion? show tor headed liberty bell pic, don't be this guy -% - -\begin{frame} - \maketitle - \begin{center} - \includegraphics[height=3cm]{./images/2009-tor-logo} - \hspace{1cm} - \includegraphics[height=3cm]{./images/TIA-logo} - \end{center} -\end{frame} - -\begin{frame} -\frametitle{Internet architecture is becoming centralized} -\includegraphics[width=10cm]{./images/cnmap} -\flushright -\tiny Diagram: China Internet Network Information Center -\end{frame} - -\begin{frame} -\frametitle{Internet surveillance is pervasive} - - \begin{columns}[t] - \column{7cm} -\begin{itemize} -\item Conventional surveillance methods had to be targeted -\item Internet censorship is capable of monitoring everyone, all of the time -\item Governments are increasing monitoring: SORM (Russia), Golden Shield (China), Data Retention Directive (EU), and Interception Modernisation Programme (UK), Warrantless Wiretapping (USA) -\item 1 in 7 East German citizens worked for the Stasi. Today we can achieve the same results with a fraction of the cost -\end{itemize} - - \column{5cm} - \vbox{} - \parbox{5cm}{\includegraphics[width=4.5cm]{./images/nsa-room}} - \end{columns} - -\end{frame} - -\begin{frame} -\frametitle{Traffic data surveillance} - -\begin{itemize} -\item Traffic data (who talks to whom, how often and for how long) is the core of intelligence capabilities -\item This information is cheaper to record and store, compared to full content -\item Because it can be easily processed by computer, data mining techniques can be used to understand social structures -\end{itemize} - -\begin{quotation} -\noindent \includegraphics[width=1cm]{./images/opquo}\quad No government of any colour is to be trusted with such a roadmap to our souls -\end{quotation} -\flushright --- Sir Ken Macdonald, former director of public prosecutions, on the UK Interception Modernisation Program - -\end{frame} - -\begin{frame} - \frametitle{Importantly, information on social networks can be derived} - \begin{columns}[t] - \column{4.5cm} - \vspace{0cm} - - {\color{red}$\bullet$} Communities\newline - {\color{blue}$\bullet$} People - \column{7cm} - \vbox{} - - \includegraphics[clip, trim=5cm 12cm 2cm 5cm,width=7cm]{./images/network} - \end{columns} - \flushright{\tiny From "The Economics of Mass Surveillance" by George Danezis and Bettina Wittneben} - \end{frame} - -\begin{frame} -\frametitle{Search Engine results are censored} -\includegraphics[width=11cm]{./images/tiananmen} -\begin{center} -Searching for "Tiananmen Square" on Google.com and Google.cn -\end{center} -\end{frame} - -\begin{frame} -\frametitle{Sweden's iPRED experience} -\includegraphics[scale=1]{./images/netnodnov} -\end{frame} - -\begin{frame} -\frametitle{Incentives} -\noindent \includegraphics[width=1cm]{./images/opquo}\quad Our analysis shows that consumers increasingly want to decide for themselves when to watch and from which screen. Unfortunately, many have become adept at circumventing the IPRED legislation. -\flushright --- Jens Heron, Mediavision -\end{frame} - -\begin{frame} -\frametitle{Resisting Internet censorship} - -\begin{quotation} -\noindent \includegraphics[width=1cm]{./images/opquo}\quad The Net interprets censorship as damage and routes around it. -\end{quotation} -\flushright --- John Gilmore, 1993 - -\flushleft - -No longer true on a technical level: censorship is in the routers. -\medskip - -Remains true on a social level: when material is censored, people distribute copies and draw attention to them -\medskip - -But what if people are too afraid to do this? -\end{frame} - -\begin{frame} -\frametitle{Twitter in Iran: Good.} -\includegraphics[scale=0.5]{./images/twitter-iran-protests-time} -\flushright{\tiny From http://www.time.com/time/world/article/0,8599,1905125,00.html} -\end{frame} - -\begin{frame} -\frametitle{Twitter in USA: Bad.} -\includegraphics[scale=0.45]{./images/twitter-g20-pittsburgh-gothamist} -\flushright{\tiny from http://gothamist.com/2009/10/05/fbi\_raids\_queens\_home\_in\_g20\_protes.p… -\end{frame} - - \begin{frame} - \frametitle{The Transparent Society} - - \begin{columns}[t] - \column{7cm} -\begin{itemize} -\item David Brin proposed that in a world of pervasive surveillance, balance could be maintained by allowing everyone to monitor everyone else -\item Bruce Schneier retorted that surveillance amplifies existing powers -\item Many countries restrict anonymous speech (e.g.\ Germany and China) -\item It is easy for those in power to call on the weak to link their names to opinions -\end{itemize} - - \column{5cm} - \vbox{} - \parbox{5cm}{\includegraphics[width=4.5cm]{./images/namesheet}} - -\flushright{\tiny Photo: Manos Simonides} - \end{columns} -\end{frame} - -\begin{frame} -\frametitle{Censorship resistance systems} -\begin{itemize} -\item Software to resist censorship should -\begin{itemize} - \item have a diverse set of users - \item work where you are without special steps - \item be sustainable (what if the company goes broke?) - \item be decentralized (swapping censors doesn't help you) - \item protect you by default - \item have accessible standards and published designs (black box vs. glass box) - \item be fast enough that you'll use it daily - \item doesn't promise perfect everything including a fully encrypted Internet -\end{itemize} -\item<1-> These properties should be maintained even if the censorship resistance system is partially compromised -\end{itemize} -\end{frame} - -\begin{frame} -\frametitle{Blocking with technology} -\begin{itemize} -\item When a country's government controls international connectivity, they can block requests for banned websites and destinations -\item There are a number of different approaches (DNS blocking, IP address blocking, etc.) -\item Software may be produced in-country, but often is an adapted commercial product -\item These companies not only make the software, but provide a continuously updated list of websites to be blocked -\end{itemize} -\end{frame} - - \begin{frame} - \frametitle{Normal web browsing} - - \begin{centering} - \vbox{} - - \includegraphics[clip, trim=1cm 4cm 1cm 2.2cm, width=10cm]{./images/no-proxy} - \end{centering} - -\vspace{-1cm} - - \flushright - - \tiny Diagram: Jane Gowan - - \end{frame} - - \begin{frame} - \frametitle{DNS tampering} - - \begin{centering} - \vbox{} - - \includegraphics[clip, trim=1cm 4cm 1cm 2.2cm, width=10cm]{./images/dns} - \end{centering} - -\vspace{-1cm} - - \flushright - - \tiny Diagram: Jane Gowan - - \end{frame} - - \begin{frame} - \frametitle{IP blocking} - - \begin{centering} - \vbox{} - - \includegraphics[clip, trim=1cm 4cm 1cm 2.2cm, width=10cm]{./images/ip} - \end{centering} - -\vspace{-1cm} - - \flushright - - \tiny Diagram: Jane Gowan - - \end{frame} - - \begin{frame} -\frametitle{Trade-offs in blocking systems} -\begin{itemize} -\item<1-> DNS blocking -\begin{itemize} -\item Easy and cheap to implement -\item Blocks at domain name granularity -- over blocks protocols, web pages -\item Trivial to bypass -\end{itemize} -\item<2-> IP blocking -\begin{itemize} -\item Easy and cheap to implement -\item Blocks at IP address (perhaps port) -- over-blocks virtual hosting -\end{itemize} -\item<3-> Proxy blocking -\begin{itemize} -\item Expensive to implement -\item Blocks at webpage level -- low over-blocking -\end{itemize} -\item<4-> Hybrid blocking -- IP based redirection to proxy -\begin{itemize} -\item Tricky to get right, but cheap -\item Has some vulnerabilities -\item Blocks at webpage level -- low over-blocking -\end{itemize} -\end{itemize} -\end{frame} - -\begin{frame} -\frametitle{Who wants online privacy?} -\begin{itemize} -\item<1-> Ordinary people -\begin{itemize} -\item To avoid personal information being sold to marketers -\item Protect themselves when researching sensitive topics -\end{itemize} -\item<2-> Military and Law Enforcement -\begin{itemize} -\item To carry out intelligence gathering -\item Protect undercover field agents -\item Offer anonymous tip lines -\end{itemize} -\item<3-> Journalists -\begin{itemize} -\item To protect sources, such as whistle blowers -\end{itemize} -\item<4-> Human rights workers -\begin{itemize} -\item To publicize abuses and protect themselves from surveillance -\item Blogging about controversial subjects -\end{itemize} -\item<5-> Businesses -\begin{itemize} -\item To observe their competition and build anonymous collaborations -\end{itemize} -\end{itemize} -\end{frame} - -\begin{frame} -\frametitle{Anonymous communication} -\begin{itemize} -\item People have to hide in a crowd of other people ("anonymity loves company") -\item The goal of the system is to make all users look as similar as possible, to give a bigger crowd -\item Hide who is communicating with whom -\item Layered encryption and random delays hide correlation between input traffic and output traffic -\end{itemize} -\end{frame} - -\begin{frame} -\frametitle{Tor is a low-latency anonymity system} -\begin{itemize} -\item<1-> Based on technology developed in the Onion Routing project -\item<2-> Privacy by design, not by policy (no data collected) -\item<3-> Commonly used for web browsing and instant messaging (works for any TCP traffic) -\item<4-> Originally built as a pure anonymity system (hides who is talking to whom) -\item<5-> Now designed to resist censorship too (hides whether someone is using the system at all) -\item<6-> Centralized directory authorities publish a list of all servers; client doesn't trust the network by design -\end{itemize} - -\begin{center} -\includegraphics[height=3cm]{./images/2009-tor-logo} -\end{center} - -\end{frame} - - \begin{frame} - \frametitle{Tor hides communication patterns by relaying data through volunteer servers} - \begin{center} - \begin{overlayarea}{9cm}{6cm} - \only<1>{\includegraphics[width=9cm]{./images/tor-network}} - \only<2>{\includegraphics[width=9cm]{./images/tor-safe-selection}} - \only<3>{\includegraphics[width=9cm]{./images/tor-safe-path}} - \end{overlayarea} - \flushright - - \tiny Diagram: Robert Watson - \end{center} - \end{frame} - -\begin{frame} -\frametitle{Tor hidden services allow censorship resistant services} -\includegraphics[scale=0.5]{./images/wikileaks} -\end{frame} - -\begin{frame} -\frametitle{How is Tor different from other systems?} -\\[1cm] -\begin{center} -\only<1>{\includegraphics[height=7cm]{./images/single_hop_relay}} -\only<2>{\includegraphics[height=7cm]{./images/evil_single_hop_relay}} -\only<3>{\includegraphics[height=7cm]{./images/data_snooping_single_hop_relay}} -\end{center} -\end{frame} - -\begin{frame} -\frametitle{Limitations of censorship resistance} -\begin{itemize} -\item Censorship resistance is thought controversial -- especially by the censors -\item There is something for everyone to like, and something for everyone to dislike, going on with censorship resistance systems -\item Bad people do use them to do bad things (for many different definitions of bad people) -\item It is impossible to block bad uses, even if we could come up with a common definition of bad content -\item The systems are not perfect, so it is possible some people will be caught -\end{itemize} -\end{frame} - -\begin{frame} -\frametitle{Conclusions} - \begin{columns}[t] - \column{7cm} - \begin{itemize} - \item The Internet and centralisation can both improve and harm freedom of speech - \item Slogans regarding the borderless nature and inherent freedoms of the Internet are frequently wrong - \item Technical details matter: how a system is implemented can make a radical difference - \item Technologies can be used to resist censorship and improve privacy - \item However, policies must be changed too and pressure is needed on legislators - \end{itemize} - \column{5cm} - \vbox{} - \begin{overlayarea}{5cm}{10cm} - \resizebox{5cm}{!}{\includegraphics{./images/collage}} - \end{overlayarea} - \end{columns} -\end{frame} - -\begin{frame} -\frametitle{One Version of the Future} -\begin{quotation} -\noindent \includegraphics[width=1cm]{./images/opquo}\quad I'd like to change the design of the Internet by introducing -regulation--Internet passports, Internet police and international -agreement--about following Internet standards. And if some countries -don't agree with or don't pay attention to the agreement, just cut -them off. -\end{quotation} -\flushright --- Eugene Kaspersky, Co-Founder \& CEO of Kaspersky Labs -\end{frame} - -\begin{frame} -\frametitle{A better version of the future} -\textbf{Internet Access as a Human Right} -\medskip -\begin{quotation} -\noindent \includegraphics[width=1cm]{./images/opquo}\quad -We think it's something you cannot live without in modern society. Like banking services or water or electricity, you need an Internet connection -\end{quotation} -\flushright --- Laura Vilkkonen, Ministry of Transport and Communications, Finland - -\bigskip -\textbf{Tor Project's Mission} -\medskip -\begin{quotation} -\noinent \includegraphics[width=1cm]{./images/opquo}\quad We remain committed to defending online privacy and anonymity as a human right. -\end{quotation} -\end{frame} - -\begin{frame} -\frametitle{How to get there} -\begin{itemize} -\item Increased funding of research and development for privacy, circumvention, and anti-censorship technologies -\item Policy and Legal frameworks for free access, free speech, and anonymity -%\item Mobile devices and telco innovation -%\item Ambient connectivity -\end{itemize} -\end{frame} - -\begin{frame} -\frametitle{Credits} -\begin{itemize} -\item Thank you to Steven J. Murdoch, \url{http://www.cl.cam.ac.uk/users/sjm217/}, for the research and basis for this presentation. \\ -\item Photographer and Diagram credits as listed throughout the presentation. -\end{itemize} -\end{frame} - -\end{document}

1 0

[torspec/master] Add proposal 215: Let the minimum consensus method change with time
by nickm＠torproject.org 19 Nov '12

19 Nov '12

commit 07ca8670182464f24c587ec68a0dbdeb78dfccc5 Author: Nick Mathewson <nickm(a)torproject.org> Date: Mon Nov 19 09:55:43 2012 -0500 Add proposal 215: Let the minimum consensus method change with time --- proposals/000-index.txt | 2 + proposals/215-update-min-consensus-ver.txt | 94 ++++++++++++++++++++++++++++ 2 files changed, 96 insertions(+), 0 deletions(-) diff --git a/proposals/000-index.txt b/proposals/000-index.txt index 332b64d..caec770 100644 --- a/proposals/000-index.txt +++ b/proposals/000-index.txt @@ -135,6 +135,7 @@ Proposals by number: 212 Increase Acceptable Consensus Age [OPEN] 213 Remove stream-level sendmes from the design [OPEN] 214 Allow 4-byte circuit IDs in a new link protocol [OPEN] +215 Let the minimum consensus method change with time [OPEN] Proposals by status: @@ -186,6 +187,7 @@ Proposals by status: 212 Increase Acceptable Consensus Age [for 0.2.4.x+] 213 Remove stream-level sendmes from the design 214 Allow 4-byte circuit IDs in a new link protocol + 215 Let the minimum consensus method change with time ACCEPTED: 117 IPv6 exits [for 0.2.4.x] 140 Provide diffs between consensuses diff --git a/proposals/215-update-min-consensus-ver.txt b/proposals/215-update-min-consensus-ver.txt new file mode 100644 index 0000000..a38145a --- /dev/null +++ b/proposals/215-update-min-consensus-ver.txt @@ -0,0 +1,94 @@ +Filename: 215-update-min-consensus-ver.txt +Title: Let the minimum consensus method change with time +Author: Nick Mathewson +Created: 15 Nov 2012 +Status: Open + + +0. Overview + + This proposal suggests that we drop the requirement that + authorities support the very old consensus method "1", and instead + move to a wider window of recognized consensus methods as Tor + evolves. + +1. Background and Motivation + + When we designed the directory voting system, we added the notion + of "consensus method" so that we could smoothly upgrade the voting + process over time. We also said that all authorities must support + the consensus method '1', and must fall back to it if they don't + support the method that the supermajority of authorities will + choose. + + Consensus method 1 is no longer viable for the Tor network. It + doesn't result in a microdescriptor consensus, and omits other + fields that clients need in order to work well. Consensus methods + under 12 have security issues, since they let a single authority + set a consensus parameter. + + In the future, new consensus methods will be needed so that + microdescriptor-using clients can use IPv6 exits and ECC + onion-keys. Rolling back from those would degrade functionality. + + We need a way to change the minimum consensus method over time. + +2. Design + + I propose that we change the minimum consensus method about once + per release cycle, or once per ever other release cycle. + + As a rule of thumb, let the minimum consensus method in Tor series + X be the highest method supported by the oldest version that + "anybody reasonable" would use for running an authority. + Typically, that's the stable version of the previous release + series. + + For flexibility, it might make sense to choose a slightly older + method, if falling back to that method wouldn't cause security + problems. + + + For example, while Tor 0.2.4.x is under development, authorities + should really not be running anything before Tor 0.2.3.x. Tor + 0.2.3.x has supported consensus method 13 since 0.2.3.21-rc, so + it's okay for 0.2.4.x to require 13 as the minimum method. We even + might go back to method 12, since the worst outcome of not using 13 + would be some warnings in client logs. Consensus method 12 was a + security improvement, so we don't want to roll back before that. + +2.1. Behavior when the method used is one we don't know + + The spec currently says that if an authority sees that a method + will be used that it doesn't support, it should act as if the + consensus method will be "1". This attempt will be doomed, since + the other authorities will be computing the consensus with a more + recent method, and any attempt to use method "1" won't get enough + signatures. + + Instead, let's say that authorities fall back to the most recent + method that they *do* support. This isn't any likelier to reach + consensus, but it is less likely to result in anybody signing + something they don't like. + + +3. Likely outcomes + + If a bunch of authorities were to downgrade to a much older + version, all at once, then newer authorities would not be able to + sign the consensus they made. That's probably for the best: if a + bunch of authorities were to suddenly start running 0.2.0.x, + consensing along with them would be a poor idea. + +4. Alternatives + + We might choose a less narrow window of allowable method, when we + can do so securely. Maybe two release series, rather than one, + would be a good interval to do when the consensus format isn't + changing rapidly. + + We might want to have the behavior when we see that everybody else + will be using a method we don't support be "Don't make a consensus + at all." That's harder to program, though. + +

1 0