tor-relays

tor-relays@lists.torproject.org

36 participants
4815 discussions

Re: [tor-relays] Tor Cloud/AWS relay set up but no Tor installed
by aredocilla＠gmail.com 28 Apr '15

28 Apr '15

Hi there, After a long month of not having time for this, I've got it working thanks to Sina's help. I've attached patches to the ec2-prep.sh script that should make it work again (nothing extensive, basically just what Sina pointed out plus something about ExtORPort I saw it complaining about in the log. Bridge is now up. :) Best wishes, allicoder On Sun, Mar 22, 2015 at 10:51:42AM +0000, tor-relays-request(a)lists.torproject.org wrote: > Send tor-relays mailing list submissions to > tor-relays(a)lists.torproject.org > > To subscribe or unsubscribe via the World Wide Web, visit > https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays > or, via email, send a message with subject or body 'help' to > tor-relays-request(a)lists.torproject.org > > You can reach the person managing the list at > tor-relays-owner(a)lists.torproject.org > > When replying, please edit your Subject line so it is more specific > than "Re: Contents of tor-relays digest..." > > > Today's Topics: > > 1. Re: IPv6 HiddenServicePort (teor) > 2. Tor Cloud/AWS relay set up but no Tor installed > (aredocilla(a)gmail.com) > 3. Re: Tor Cloud/AWS relay set up but no Tor installed (SiNA Rabbani) > 4. Tor-Tshirts (Nchinda Nchinda) > 5. Re: Tor-Tshirts (Roger Dingledine) > > Message: 2 > Date: Sun, 22 Mar 2015 03:10:53 +0000 > From: aredocilla(a)gmail.com > To: tor-relays(a)lists.torproject.org > Subject: [tor-relays] Tor Cloud/AWS relay set up but no Tor installed > Message-ID: <20150322031053.GB5948@MadHatter> > Content-Type: text/plain; charset=us-ascii > > Hello, > > I've been trying to set up a tor relay on AWS using the free tier using the > instructions in various places (e.g. https://cloud.torproject.org/, > https://www.fak3r.com/2012/08/11/howto-run-a-tor-node-in-the-cloud-for-free/). > But sshing in from my PC shows clearly that not only is tor not running, it's > not even installed! > > ubuntu@ip-172-31-28-207:~$ aptitude show tor > Package: tor > State: not installed > Version: 0.2.5.11-1~precise+1 > Priority: optional > Section: net > ... > > ubuntu@ip-172-31-28-207:~$ ps -ely | grep tor > ubuntu@ip-172-31-28-207:~$ ls /var/log > alternatives.log auth.log btmp dist-upgrade dmesg.0 dmesg.2.gz fsck landscape mail.err news udev unattended-upgrades wtmp > apt boot.log cloud-init.log dmesg dmesg.1.gz dpkg.log kern.log lastlog mail.log syslog ufw.log upstart > > Has something changed, and the images no longer include tor on start-up (I made > sure I followed the gist of the cloud.torproject.org steps, given that the > interface has changed significantly; even went to the previous page from the > linked one to check that the AMI thing mentioned tor)? I've noticed various > people have posted online saying it's not safe to run Tor on cloud services - > has the image been deleted because of this? I wanted to try it anyway because > the main torproject website still says in several places that running a relay > on AWS is A Good Thing. > > Or did I just do something wrong? > > Best wishes, > allicoder. > > -- > PGP key available on request > > > ------------------------------ > > Message: 3 > Date: Sun, 22 Mar 2015 04:52:34 +0000 (UTC) > From: SiNA Rabbani <sina(a)redteam.net> > To: tor-relays(a)lists.torproject.org > Subject: Re: [tor-relays] Tor Cloud/AWS relay set up but no Tor > installed > Message-ID: > <1101716784.98280.1426999954497.JavaMail.zimbra(a)redteam.net> > Content-Type: text/plain; charset=utf-8 > > Hi allicoder, > > The images on Tor Cloud website have not been updated for a while. The project is lacking someone > that can keep it up to date. I tried to take on the responsibility but so far I have failed to dedicate > the necessary time. Sorry for the bad experience. > > As far as the specific problem with the Cloud image itself, there is a script that is supposed to install the relay > on first boot. See /etc/rc.local. > > You can also find that script here: https://gitweb.torproject.org/tor-cloud.git/plain/ec2-prep.sh > > There are a couple of issues with the script itself that I noticed immediately: > 1) the harcoded pgp key is expired > 2) the debian experimental repository is returning a 404 > W: Failed to fetch http://deb.torproject.org/torproject.org/dists/experimental-precise/main/bi… 404 Not Found [IP: 38.229.72.16 80] > > If you wish to do some trouble-shooting, try to get these commands to run without any errors: > sudo apt-get -y update > sudo apt-get -y upgrade > sudo bash /etc/ec2-prep.sh bridge > > Finally, now that you have a running image and ssh access, you can just follow the Tor relay installations here: > https://www.torproject.org/docs/debian.html.en > > I apologize for the inconvenience and thank you for running a relay. > > All the best, > Sina > > > > > "Be the change that you wish to see in the world." - Mahatma Gandhi > > ----- On Mar 21, 2015, at 11:10 PM, aredocilla(a)gmail.com wrote: > > > Hello, > > > > I've been trying to set up a tor relay on AWS using the free tier using the > > instructions in various places (e.g. https://cloud.torproject.org/, > > https://www.fak3r.com/2012/08/11/howto-run-a-tor-node-in-the-cloud-for-free/). > > But sshing in from my PC shows clearly that not only is tor not running, it's > > not even installed! > > > > ubuntu@ip-172-31-28-207:~$ aptitude show tor > > Package: tor > > State: not installed > > Version: 0.2.5.11-1~precise+1 > > Priority: optional > > Section: net > > ... > > > > ubuntu@ip-172-31-28-207:~$ ps -ely | grep tor > > ubuntu@ip-172-31-28-207:~$ ls /var/log > > alternatives.log auth.log btmp dist-upgrade dmesg.0 dmesg.2.gz > > fsck landscape mail.err news udev unattended-upgrades wtmp > > apt boot.log cloud-init.log dmesg dmesg.1.gz dpkg.log > > kern.log lastlog mail.log syslog ufw.log upstart > > > > Has something changed, and the images no longer include tor on start-up (I made > > sure I followed the gist of the cloud.torproject.org steps, given that the > > interface has changed significantly; even went to the previous page from the > > linked one to check that the AMI thing mentioned tor)? I've noticed various > > people have posted online saying it's not safe to run Tor on cloud services - > > has the image been deleted because of this? I wanted to try it anyway because > > the main torproject website still says in several places that running a relay > > on AWS is A Good Thing. > > > > Or did I just do something wrong? > > > > Best wishes, > > allicoder. > > > > -- > > PGP key available on request > > _______________________________________________ > > tor-relays mailing list > > tor-relays(a)lists.torproject.org > > https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays > > > ------------------------------ > > End of tor-relays Digest, Vol 50, Issue 31 > ****************************************** -- PGP key available on request

1 0

Installing obfs4 on Raspberry Pi bridge
by jchase 25 Apr '15

25 Apr '15

Hello, Thanks, everyone, for all the help. Obfs4proxy is up and running on a Pi2. Although the information on the subject is scattered across several issues on this list, I hope others can use it to build some bridges! http://www.zipplet.co.uk/index.php/content/raspberrypi_golang was a useful page on getting go 1.2 or higher installed on a Pi2. Thanks again, J Chase > Message: 1 > Date: Thu, 23 Apr 2015 20:42:42 +0000 > From: Yawning Angel <yawning(a)schwanenlied.me> > To: tor-relays(a)lists.torproject.org > Subject: Re: [tor-relays] Installing obfs4 on Raspberry Pi bridge > Message-ID: <20150423204242.65bed2f9(a)schwanenlied.me> > Content-Type: text/plain; charset="us-ascii" > > On Thu, 23 Apr 2015 19:53:55 +0000 > jchase <jchase(a)riseup.net> wrote: >> Hello, >> When I run >> >> $ go get git.torproject.org/pluggable-transports/obfs4.git/obfs4proxy >> $ sudo cp $GOPATH/bin/obfs4proxy /usr/local/bin >> >> on a laptop running linuxmint/ubuntu it produces a nice binary >> executable. Unfortunately it doesn't work to copy it to the Pi2, >> because it's not an ARM binary. >> When I run the same script on the Pi2 I get the following error >> messages: >> >> go get git.torproject.org/pluggable-transports/obfs4.git/obfs4proxy >> # git.torproject.org/pluggable-transports/obfs4.git/common/ntor >> /usr/lib/go/src/pkg/git.torproject.org/pluggable-transports/obfs4.git/common/ntor/ntor.go:272: >> undefined: sha256.Sum256 >> >> [snip] >> >> Any idea how I can get it cleanly on a Pi2? > > This is covered in the README.md: >> * Go 1.2.0 or later. Prior versions of Go (Eg: 1.0.2) are missing >> certain important parts of the runtime library like a SHA256 >> implementation. > > Go 1.2 was released on December 1, 2013, so I'm not particularly > inclined to support older versions, especially since it means > re-implementing parts of the standard runtime library. > > Regards, >

1 0

Subpoena received
by Tyler Durden 24 Apr '15

24 Apr '15

Hi I just wanted to let you know that Washington sent us a subpoena regarding one of our exit nodes in Romania. They want to know the real IP behind the Tor Network. I mailed them what Tor is and why I can't help them in identifying this person. Nevertheless I will give you the link to the full subpoena. Maybe you guys find it interesting. I will forward the subpoena to our lawyer as well. https://mega.co.nz/#!ilIjlZSb!-deirKharWaDtp_UMxhev58E14zeouyoWUbzxeWPvEQ Greetings -- Sam Grüneisen - President Frënn vun der Ënn A.S.B.L. enn.lu

16 28

Relay Consensus Weight
by Marco Morgia 24 Apr '15

24 Apr '15

Hello, on friday my realay's Consensus Weight felt down suddenly to 20 and the its bandwidth is not used anymore (https://atlas.torproject.org/#details/94212674A2C6AEBF77354D959D464E49BC878…). I don't understand why, as nothing is changed in its configuration. And, I don't know if it's related, but I noticed that the tor network has slow down in the last days and some times it's very difficult to use it. Thanks for your help, Marco ____________________________________________________________ Receive Notifications of Incoming Messages Easily monitor multiple email accounts & access them with a click. Visit http://www.inbox.com/notifier and check it out!

3 11

Re: [tor-relays] Installing obfs4 on Raspberry Pi bridge
by jchase 23 Apr '15

23 Apr '15

Hello, When I run $ go get git.torproject.org/pluggable-transports/obfs4.git/obfs4proxy $ sudo cp $GOPATH/bin/obfs4proxy /usr/local/bin on a laptop running linuxmint/ubuntu it produces a nice binary executable. Unfortunately it doesn't work to copy it to the Pi2, because it's not an ARM binary. When I run the same script on the Pi2 I get the following error messages: go get git.torproject.org/pluggable-transports/obfs4.git/obfs4proxy # git.torproject.org/pluggable-transports/obfs4.git/common/ntor /usr/lib/go/src/pkg/git.torproject.org/pluggable-transports/obfs4.git/common/ntor/ntor.go:272: undefined: sha256.Sum256 /usr/lib/go/src/pkg/git.torproject.org/pluggable-transports/obfs4.git/common/ntor/ntor.go:369: undefined: hmac.Equal # git.torproject.org/pluggable-transports/obfs4.git/common/log /usr/lib/go/src/pkg/git.torproject.org/pluggable-transports/obfs4.git/common/log/log.go:131: function ends without a return statement # git.torproject.org/pluggable-transports/obfs4.git/transports/obfs3 /usr/lib/go/src/pkg/git.torproject.org/pluggable-transports/obfs4.git/transports/obfs3/obfs3.go:278: function ends without a return statement # git.torproject.org/pluggable-transports/obfs4.git/transports/scramblesuit /usr/lib/go/src/pkg/git.torproject.org/pluggable-transports/obfs4.git/transports/scramblesuit/conn.go:322: undefined: hmac.Equal /usr/lib/go/src/pkg/git.torproject.org/pluggable-transports/obfs4.git/transports/scramblesuit/handshake_uniformdh.go:143: undefined: hmac.Equal /usr/lib/go/src/pkg/git.torproject.org/pluggable-transports/obfs4.git/transports/scramblesuit/handshake_uniformdh.go:152: undefined: sha256.Sum256 and the script exits Any idea how I can get it cleanly on a Pi2? Thanks, J. Chase tor-relays-request(a)lists.torproject.org: > Send tor-relays mailing list submissions to > tor-relays(a)lists.torproject.org > > To subscribe or unsubscribe via the World Wide Web, visit > https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays > or, via email, send a message with subject or body 'help' to > tor-relays-request(a)lists.torproject.org > > You can reach the person managing the list at > tor-relays-owner(a)lists.torproject.org > > When replying, please edit your Subject line so it is more specific > than "Re: Contents of tor-relays digest..." > > > Today's Topics: > > 1. Re: Installing obfs4 on Raspberry Pi bridge (jchase) > 2. Re: Installing obfs4 on Raspberry Pi bridge (Yawning Angel) > > > ---------------------------------------------------------------------- > > Message: 1 > Date: Sun, 12 Apr 2015 17:43:55 +0000 > From: jchase <jchase(a)riseup.net> > To: tor-relays(a)lists.torproject.org > Subject: Re: [tor-relays] Installing obfs4 on Raspberry Pi bridge > Message-ID: <552AAEDB.4020007(a)riseup.net> > Content-Type: text/plain; charset=windows-1252 > > Hello, > Thanks to you I have tor 0.2.5.11 running on a Raspberry Pi2 and obfs4 > installed from git. I have good news and bad news. > The largest problem is that I get the warning "could not launch managed > proxy executable at '/path/obfs4proxy'('Permission denied')" In the past > this used to be a problem with apparmor, but apparmor isn't installed. > Any idea where I can start looking for a solution? > Here are a couple of details and small problems: > I didn't install obfs4 directly (due to problems), but installed it to > another laptop and copied it to the Pi2 using scp. > I have ORPort somewhere above 9000. When I set it to auto, I got a late > warning that the port chosen by tor was presenting problems, had I > arranged port forwarding, etc.? ExtORPort is "auto" and I get no > complaints (probably because obfs4 isn't working). > And I have ServerTransportListenAddr obfs3 0.0.0.0:90xx because a lower > port, like 80, with port forwarding, received a warning (and didn't work). > One thing at a time... Like I asked, where can I look for answers to the > obfs4proxy permission denied problem? If I get that fixed, I assume I > can play around with the rest until I can use lower ports. > Thanks, > J Chase > > > ------------------------------ > > Message: 2 > Date: Sun, 12 Apr 2015 20:14:33 +0000 > From: Yawning Angel <yawning(a)schwanenlied.me> > To: tor-relays(a)lists.torproject.org > Subject: Re: [tor-relays] Installing obfs4 on Raspberry Pi bridge > Message-ID: <20150412201433.6c42f28d(a)schwanenlied.me> > Content-Type: text/plain; charset="us-ascii" > > On Sun, 12 Apr 2015 17:43:55 +0000 > jchase <jchase(a)riseup.net> wrote: >> Hello, >> Thanks to you I have tor 0.2.5.11 running on a Raspberry Pi2 and obfs4 >> installed from git. I have good news and bad news. >> The largest problem is that I get the warning "could not launch >> managed proxy executable at '/path/obfs4proxy'('Permission denied')" >> In the past this used to be a problem with apparmor, but apparmor >> isn't installed. Any idea where I can start looking for a solution? >> Here are a couple of details and small problems: >> I didn't install obfs4 directly (due to problems), but installed it to >> another laptop and copied it to the Pi2 using scp. > > Oh dear. What happens when you run the obfs4proxy executable in a > shell directly (on the pi2)? > > It should look something like: > $ ./obfs4proxy > 2015/04/12 20:13:02 [ERROR]: obfs4proxy - must be run as a managed > transport > > If not, what does 'file /path/obfs4proxy' say? > > Regards, >

2 1

Any t-shirts being sent?
by I 23 Apr '15

23 Apr '15

2 1

Delete keys on reboot
by CJ Barlow 23 Apr '15

23 Apr '15

The Tor Relay Security document suggests deleting keys upon reboot to prevent one-time key theft. I have tried to do this in Raspbian via cron but have been unsuccessful. The cronjob I have running is: @reboot rm -f /var/lib/tor/keys/* && echo "keys gone!" > /home/[me]/reboot.txt 2>&1 I have the echo as a debugger. When I changed /var/lib/tor/keys/* to /home/[me]/test/* the job runs successfully. When changing it back to /var/lib/tor/keys/* it does not. Is this something I should resolve? If so, is there something with my cronjob that's preventing it from working?

4 6

Re: [tor-relays] tor-relays Digest, Vol 51, Issue 27
by Rekha Tokas 23 Apr '15

23 Apr '15

Can I get the list of those sites which are blocking tor traffic to view or edit their page? On 23 Apr 2015 17:30, <tor-relays-request(a)lists.torproject.org> wrote: > Send tor-relays mailing list submissions to > tor-relays(a)lists.torproject.org > > To subscribe or unsubscribe via the World Wide Web, visit > https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays > or, via email, send a message with subject or body 'help' to > tor-relays-request(a)lists.torproject.org > > You can reach the person managing the list at > tor-relays-owner(a)lists.torproject.org > > When replying, please edit your Subject line so it is more specific > than "Re: Contents of tor-relays digest..." > > > Today's Topics: > > 1. Re: Subpoena received (Jan GUTH) > 2. Re: Subpoena received (Jan GUTH) > 3. Re: Subpoena received (Brian Kroll) > 4. Re: Subpoena received (renke(a)mobtm.com) > 5. Re: Quantum Insert detection for everyone (tor(a)t-3.net) > 6. Re: Subpoena received (Moritz Bartl) > > > ---------------------------------------------------------------------- > > Message: 1 > Date: Thu, 23 Apr 2015 10:15:32 +0200 > From: Jan GUTH <prometheus(a)enn.lu> > To: tor-relays(a)lists.torproject.org > Subject: Re: [tor-relays] Subpoena received > Message-ID: <5538AA24.3040802(a)enn.lu> > Content-Type: text/plain; charset=utf-8 > > On 20/04/15 16:32, Tyler Durden wrote: > > Hi > > I just wanted to let you know that Washington sent us a subpoena > > regarding one of our exit nodes in Romania. They want to know the real > > IP behind the Tor Network. I mailed them what Tor is and why I can't > > help them in identifying this person. Nevertheless I will give you the > > link to the full subpoena. Maybe you guys find it interesting. I will > > forward the subpoena to our lawyer as well. > > > > > > > https://mega.co.nz/#!ilIjlZSb!-deirKharWaDtp_UMxhev58E14zeouyoWUbzxeWPvEQ > > Good morning list, > > I just called up Alistar and explained the entire situation. They IT > guys know what Tor is and their company is strongly interested in > continuing supporting Tor. They are a partner company now of Voxility, > and the apparently while moving some clients, someone did forget to tell > them that they'll get a client running Tor exit nodes. > > They are simply overchallenged with this request as it is the very first > one they have ever received. > > The good news is, that they will _not_ shutdown our server, nor take any > logs, which are non-existant. The counterpart we need to contribute is a > letter by our lawyer and favorably a letter from EFF or some other > bigger organization guaranteeing Tor is what it is and we as client do > not try to fool them. > > This is a request from the administration level of the company, not the > tech guys - as always. > > So, I'll get in touch with our lawyer & with EFF. Is there anyone else > within EU, whom could certify them what Tor is and what it is capable of > and what not? Moritz? > > Cheers, > J. > > -- > Jan GUTH > International Coordinator > > Fr?nn vun der ?nn A.S.B.L. (NGO) > e. info(a)enn.lu (GPG: 0x02225522) > t. +352?691?71?77?44 > w. http://enn.lu/ > > > ------------------------------ > > Message: 2 > Date: Thu, 23 Apr 2015 10:20:10 +0200 > From: Jan GUTH <prometheus(a)enn.lu> > To: tor-relays(a)lists.torproject.org > Subject: Re: [tor-relays] Subpoena received > Message-ID: <5538AB3A.2050701(a)enn.lu> > Content-Type: text/plain; charset=utf-8 > > On 20/04/15 16:32, Tyler Durden wrote: > > Hi > > I just wanted to let you know that Washington sent us a subpoena > > regarding one of our exit nodes in Romania. They want to know the real > > IP behind the Tor Network. I mailed them what Tor is and why I can't > > help them in identifying this person. Nevertheless I will give you the > > link to the full subpoena. Maybe you guys find it interesting. I will > > forward the subpoena to our lawyer as well. > > > > > > > https://mega.co.nz/#!ilIjlZSb!-deirKharWaDtp_UMxhev58E14zeouyoWUbzxeWPvEQ > > Good morning list, > > I just called up Alistar and explained the entire situation. They IT > guys know what Tor is and their company is strongly interested in > continuing supporting Tor. They are a partner company now of Voxility, > and the apparently while moving some clients, someone did forget to tell > them that they'll get a client running Tor exit nodes. > > They are simply overchallenged with this request as it is the very first > one they have ever received. > > The good news is, that they will _not_ shutdown our server, nor take any > logs, which are non-existant. The counterpart we need to contribute is a > letter by our lawyer and favorably a letter from EFF or some other > bigger organization guaranteeing Tor is what it is and we as client do > not try to fool them. > > This is a request from the administration level of the company, not the > tech guys - as always. > > So, I'll get in touch with our lawyer & with EFF. Is there anyone else > within EU, whom could certify them what Tor is and what it is capable of > and what not? Moritz? > > Cheers, > J. > > -- > Jan GUTH > International Coordinator > > Fr?nn vun der ?nn A.S.B.L. (NGO) > e. info(a)enn.lu (GPG: 0x02225522) > t. +352?691?71?77?44 > w. http://enn.lu/ > > > ------------------------------ > > Message: 3 > Date: Thu, 23 Apr 2015 08:29:45 +0000 > From: Brian Kroll <brian(a)fiberoverethernet.com> > To: tor-relays(a)lists.torproject.org > Subject: Re: [tor-relays] Subpoena received > Message-ID: <5538AD79.3060902(a)fiberoverethernet.com> > Content-Type: text/plain; charset=windows-1252 > > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA512 > > > Zack Weinberg: > > On Mon, Apr 20, 2015 at 10:32 AM, Tyler Durden <virii(a)enn.lu> > > wrote: > >> I just wanted to let you know that Washington sent us a subpoena > >> regarding one of our exit nodes in Romania > > > > Just FYI, "Washington" doesn't appear to have anything to do with > > this. The subpoena is on the letterhead of an office of Cook > > County, Illinois, which is the locality containing the city of > > Chicago. Per > > http://www.cookcountyil.gov/office-of-the-independent-inspector-general/ > > > > > this office investigates misconduct by county officials. > > > > This matters because, first, this is probably a tiny little outfit > > with little or no clue about either the Internet or international > > law. > > As a resident of Cook Country I can safely say it's not a small > locality, but I'm sure their knowledge about international law is > quite low. > > > They *should have* hired an international lawyer when they saw > > they'd need to talk to someone operating out of Romania and/or > > Luxembourg, but it doesn't surprise me in the slightest that they > > didn't. > > > And they've probably never even heard of Tor before. > > I know the Chicago Police claim they don't know what Tor is. > > http://www.muckrock.com/foi/chicago-169/chicago-police-use-of-tor-15392/ > > > Second, the incident which triggered the investigation, whatever it > > is, is probably quite minor. (This is backed up by their asking > > for one IP address active at a single point in time.) It would > > have been booted up to the state or federal level if it were any > > kind of serious. For both those reasons, I would rate the odds of > > them actually bothering to jump through all the necessary legal > > hoops to get a court order binding on a foreign national as slim to > > none. > > > ATB > //Brian > -----BEGIN PGP SIGNATURE----- > > iQIcBAEBCgAGBQJVOK1xAAoJEFjBjkteF9VaV2EP/3OrGZqHMdqWccR0Qkrt80rc > vw9RgIAtnhUfZVLlt8Y/RNhpSUOwrBf2gFxcc48zN3/Llad1ybF1PDFQym516ntK > RLRmGDf945qRxTsApXCN9WjRD0iMqyfQuq/NddTYKCMeMZadYW9MoUNe3md8wwKg > feeYNpCRmrTTh1Q7gRKYa4dRS6jLrNqNv5o/pL3jp5OlX8nLz+LyJxNVopZ2khAq > T4B51NOD0D5rLJ8cEQf528dmAM6QipUvtY3r5mVqb7VRO5NJuAxsRCnql6qTi68h > FIeLRZh44miY/vOS//dPlSFyb/h3ECVGCMH3ngtaJ5LLkAUXXWc8XYiEeDFyUrxg > O5/pUy9uo4ZRz9UXU7ZEpsttw2Gs1GDc7bRRrL4aHp8OGr+85p493aBqyixmr16d > Wz2lUdVioVBO5sj7rG+QXSc5b4Wp1/jKOWszKUNjX02AMnpe21idQrS0qn9kzSNP > Gsi8XyFP/08m+n2weTZ9W000uznjMCKWvWlOfJtTyo9oB23cZ7g/4Rs1j4wQR4W4 > 8/iuQFwjx3OipdxjzP4g3HwYLYeFT5DECVEzWtqx2LaIMI6ObTjDOnyO/PDIqzWA > YSK8hUqCKI6SqJE5l1kP4bzDsbQaY13nxoK0uVbW35h01FpHRIjyIXrFJorTqjrT > 8c3B2zNha+ogBOljvYtJ > =uUdm > -----END PGP SIGNATURE----- > > > ------------------------------ > > Message: 4 > Date: Thu, 23 Apr 2015 11:47:17 +0200 (CEST) > From: renke(a)mobtm.com > To: tor-relays(a)lists.torproject.org > Subject: Re: [tor-relays] Subpoena received > Message-ID: <20150423094717.382558A02B7(a)dd1818.kasserver.com> > Content-Type: text/plain; charset=ISO-8859-1 > > Hi, > > > The counterpart we need to contribute is a > > letter by our lawyer and favorably a letter from EFF or some other > > bigger organization guaranteeing Tor is what it is and we as client do > > not try to fool them. > > as the US government sponsored (parts of) the Tor development - what about > giving them US military research papers about the Tor network? > > http://www.dtic.mil/dtic/tr/fulltext/u2/a465464.pdf is one of them, > co-authored by a Navy researcher and performed by the Naval Research > Laboratory. > > Not itself sufficient, but done by a bigger organisation w/o triggering > anarchist/commie/hacker/terroristsupporting/publicenemy bias reactions. > > Renke > > > ------------------------------ > > Message: 5 > Date: Thu, 23 Apr 2015 07:39:07 -0400 > From: tor(a)t-3.net > To: <tor-relays(a)lists.torproject.org> > Subject: Re: [tor-relays] Quantum Insert detection for everyone > Message-ID: <5538d9db.9d8.3c445700.6bd5299c(a)t-3.net> > Content-Type: text/plain; charset=us-ascii; format=flowed > > > On 04/23/2015 01:56 AM, David Stainton wrote: > > > It is possible to add a "prevention" mechanism to HoneyBadger; an > > event based firewall ruleset generator made to block TCP injection > > attacks as they are happening... yes. This is possible. I could > write > > that if there was interest from enough people. > > Gief. > > > > > > ------------------------------ > > Message: 6 > Date: Thu, 23 Apr 2015 13:57:32 +0200 > From: Moritz Bartl <moritz(a)torservers.net> > To: tor-relays(a)lists.torproject.org > Subject: Re: [tor-relays] Subpoena received > Message-ID: <5538DE2C.3030200(a)torservers.net> > Content-Type: text/plain; charset=utf-8 > > On 04/23/2015 10:20 AM, Jan GUTH wrote: > > So, I'll get in touch with our lawyer & with EFF. Is there anyone else > > within EU, whom could certify them what Tor is and what it is capable of > > and what not? Moritz? > > Depends on what convinces them. :-) Sounds like it may make sense to get > a generic letter signed by all our partner organizations (which includes > Reporters without Borders, Institute of War & Peace Reporting, > Article19, and potentially other Human Rights Orgs) in the long run. > > I'm happy to write something as Torservers.net, in a way representing > all the current partner orgs. Then, we can send the letter around and > get it co-signed by all the partner orgs and other orgs. > > -- > Moritz Bartl > https://www.torservers.net/ > > > ------------------------------ > > Subject: Digest Footer > > _______________________________________________ > tor-relays mailing list > tor-relays(a)lists.torproject.org > https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays > > > ------------------------------ > > End of tor-relays Digest, Vol 51, Issue 27 > ****************************************** >

1 0

Re: [tor-relays] Quantum Insert detection for everyone
by tor＠t-3.net 23 Apr '15

23 Apr '15

On 04/23/2015 01:56 AM, David Stainton wrote: > It is possible to add a "prevention" mechanism to HoneyBadger; an > event based firewall ruleset generator made to block TCP injection > attacks as they are happening... yes. This is possible. I could write > that if there was interest from enough people. Gief.

1 0

Quantum Insert detection for everyone
by David Stainton 22 Apr '15

22 Apr '15

Greetings, Did you all see this Wired article about Quantum Insert detection? https://www.wired.com/2015/04/researchers-uncover-method-detect-nsa-quantum… These TCP injection attacks are used by various entities around the world (not just NSA!) to target individuals for surveillance or perhaps to add their computers to a botnet for other purposes. If you do not use a VPN or Tor you can run "Quantum Insert" detection on your computer and detect when you receive an attack attempt. However be advised that proper sandboxing is important here because intrusion detection and protocol anylsis tools are notoriously insecure and get pwned all the time. If you are a Tor exit relay operator you have the options of running detection software; However you should not publish the results publicly without mixing in some noise or your published data might make it possible for some adversaries to deanonymize Tor users. If your country has strict telecommunications laws then it might only be legal for you to perform this type of detection if you do not perform logging. For the past several months... in my free time I've been slowly developing a very comprehensive TCP injection attack detection tool called HoneyBadger: https://github.com/david415/HoneyBadger Quantum Insert is a NSA codeword for "TCP injection attack", however either of these terms are too vague. During my research I was able to classify 4 different types of TCP injection attack. When I say that HoneytBadger is comprehensive what I mean is that Honeybadger can detect ALL of these types of TCP injection attack types... I describe them briefly here: https://honeybadger.readthedocs.org/en/latest/ Here's the Fox-IT blog post about their Quantum Insert detection software: http://blog.fox-it.com/2015/04/20/deep-dive-into-quantum-insert/ I am going to work on writing a much more comprehensive blog post; it will be filled with gory technical details AND it will include information on how to use HoneyBadger. HoneyBadger has optional (off by default) full-take logging which could enable you to capture a zero-day payload from a TCP attack; you should then responsibly disclose to the software vendor or contact a malware analyst to help out! Sincerely, David Stainton

2 4

Jump to page:

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

tor-relays