[tor-talk] tor-talk Digest, Vol 48, Issue 13

盼盼李 ilovelipanpan at gmail.com
Sat Jan 3 03:09:32 UTC 2015 

Thanks.virtualbox xp system is host-only,I can use chrome and tor browser
to surf internet,I see the proxy is 127.0.0.1 9150,so I write this into
QQ's proxy settings,but the QQ can not log in,I did not know why,the
virtualbox xp system's firewall is off.
This is the phenomenon,help me,thank you.

On Sat, Jan 3, 2015 at 10:30 AM, <tor-talk-request at lists.torproject.org>
wrote:

> Send tor-talk mailing list submissions to
>         tor-talk at lists.torproject.org
>
> To subscribe or unsubscribe via the World Wide Web, visit
>         https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
> or, via email, send a message with subject or body 'help' to
>         tor-talk-request at lists.torproject.org
>
> You can reach the person managing the list at
>         tor-talk-owner at lists.torproject.org
>
> When replying, please edit your Subject line so it is more specific
> than "Re: Contents of tor-talk digest..."
>
>
> Today's Topics:
>
>    1. Re: Hidden Service Hosting (Free experimental, offer) (Xiaolan.Me)
>    2. problem with qq while toring (???)
>    3. Re: problem with qq while toring (Sadiq Saif)
>    4. Re: problem with qq while toring (Xiaolan.Me)
>    5. Re: Giving Hidden Services some love (Jesse B. Crawford)
>    6. Re: Hidden Service Hosting (Free experimental, offer)
>       (Thomas White)
>
>
> ----------------------------------------------------------------------
>
> Message: 1
> Date: Sat, 3 Jan 2015 09:43:24 +0800
> From: "Xiaolan.Me" <xiaolan65535 at gmail.com>
> To: tor-talk at lists.torproject.org
> Subject: Re: [tor-talk] Hidden Service Hosting (Free experimental,
>         offer)
> Message-ID:
>         <CAJaLD9Ko___=_EGaq=
> qSm95_v_N8XLEAi+oRF2Vcq1C025Eqow at mail.gmail.com>
> Content-Type: text/plain; charset=UTF-8
>
> I am using another way to solve IP leaks problem.
> my host-os is CentOS and only installed VirtualBox
> I have 2 virtual machines running on the host-os
> the first one is a CentOS with 2 network adapter, one is NAT , another is
> Internal(ip: 192.168.222.1).
> it running Tor and ShadowSocks(bypass GFW) , Tor through ShadowSocks and
> listen on 192.168.222.1:9050 (Internal Adapter)
>
>
> Another is also CentOS and running apache, only one network
> adapter(Internal ip:192.168.222.2)
> when this virutal machine wants to access internet , must set socks5 proxy
> to 192.168.222.1:9050
> so even this VM gets hacked, the attacker still can't know the real IP....
>
> 2015-01-03 6:21 GMT+08:00 Larry Brandt <lbrandt at cni.net>:
>
> > I'm interested but a slow mover.  Work sometimes gets in my way.  I am
> > putting together pages for a hidden site but I don't think I can be ready
> > to put it on line til month's end.  It will be a legal site everywhere.
> > This is a wonderful offer Thomas.  Hope someone takes you up on it.
> > Larry Brandt
> >
> >
> > Just wanted to point out that I think it's awesome Thomas is doing this!
> > Buy him a beer if you see him.
> >
> > Tom
> >
> >
> >
> > Thomas White schreef op 02/01/15 om 09:42:
> >
> >  Hey all,
> >>
> >> So following my other mail, I just want to offer people on this
> >> mailing list a chance to test something out before I go into the wider
> >> public with it.
> >>
> >> I have been reviewing some ways in which to offer "hosting" solutions
> >> for hidden services, and although there are ways to do like regular
> >> shared hosting environments by isolating users on an apache server for
> >> example, I feel a little experimental way to give people more freedom
> >> is to assign individual VPS's which are accessed via a separate .onion
> >> over SSH. For example, the HS address would be example1*.onion but to
> >> SSH into it, for security, would use a different address such as
> >> sshaddress*.onion. This ensures no user of the service would know the
> >> true IP of the server it is hosted on and allows for shared
> >> environments without putting others at risk.
> >>
> >> If anyone wants to test this out with me, I am offering the VPS for
> >> free for a few weeks/months so I can get the architecture right and
> >> fine tune the setup. All the traffic on the VPS is automatically
> >> routed through Tor so IP leaks won't be a huge problem, but of course
> >> you still maintain responsibility for the security of your machine and
> >> whatever you install on it. The use cases are unlimited but for
> >> obvious reasons it must be legal under British & Swedish law (feel
> >> free to ask beforehand but if it is legal I will defend it to the best
> >> of my ability).
> >>
> >> If you'd like to take up this offer and try it out please email me
> >> privately (my key is below). I ask that if you wish to request one,
> >> please mention anything specific like RAM/CPU/Hard disk requirements
> >> (no bandwidth limitations) so I can appropriately assign them. For now
> >> unfortunately only debian installs will be available and nothing
> >> except sshd will come preconfigured on the VPS so if you aren't
> >> familiar with the command line on debian you may not find this useful.
> >> Also any custom onion address you want please keep it to 7 characters
> >> or below for now as my GPU is really on it's last limb after
> >> generating over 1.4 million keys.
> >>
> >> I offer no guarantees on the availability of this, nor do I take
> >> responsibility for it, this is an entirely experimental project and I
> >> am hoping any participants take up this offer to perhaps
> >> mirror/reverse proxy their blogs, or of course bring any interesting
> >> ideas to the table. All feedback on it is welcome too
> >>
> >> Time to give these hidden services some lovin'
> >>
> >> Regards,
> >> T
> >>
> > --
> > tor-talk mailing list - tor-talk at lists.torproject.org
> > To unsubscribe or change other settings go to
> > https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
> >
>
>
> ------------------------------
>
> Message: 2
> Date: Sat, 3 Jan 2015 09:49:01 +0800
> From: ??? <ilovelipanpan at gmail.com>
> To: tor-talk at lists.torproject.org
> Subject: [tor-talk] problem with qq while toring
> Message-ID:
>         <CAJr25e_77saKJHRE5na=CpgtnmvWVXQoyBSgLtyGbWodbe=
> 2Gg at mail.gmail.com>
> Content-Type: text/plain; charset=UTF-8
>
> i start tor on a virtualbox xp system,host-only mode,i start tor
> successfuly,but I have problem when I want to start QQ,anyone can help? 3x!
>
>
> ------------------------------
>
> Message: 3
> Date: Fri, 02 Jan 2015 20:50:50 -0500
> From: Sadiq Saif <lists at sadiqs.com>
> To: tor-talk at lists.torproject.org
> Subject: Re: [tor-talk] problem with qq while toring
> Message-ID: <54A74AFA.2010600 at sadiqs.com>
> Content-Type: text/plain; charset=UTF-8
>
> On 1/2/2015 20:49, ??? wrote:
> > i start tor on a virtualbox xp system,host-only mode,i start tor
> > successfuly,but I have problem when I want to start QQ,anyone can help?
> 3x!
> >
>
> Hi,
>
> Can you be more explicit please? Are you seeing any error messages, if
> so what are them?
>
> --
> Sadiq Saif
> https://staticsafe.ca
>
>
> ------------------------------
>
> Message: 4
> Date: Sat, 3 Jan 2015 09:57:54 +0800
> From: "Xiaolan.Me" <xiaolan65535 at gmail.com>
> To: tor-talk at lists.torproject.org
> Subject: Re: [tor-talk] problem with qq while toring
> Message-ID:
>         <
> CAJaLD9+zFVfoMT07Mj-1EmDhstAiSCG01spdG38dHDA95gdMBg at mail.gmail.com>
> Content-Type: text/plain; charset=UTF-8
>
> check host-os' port or firewall
> ===================
> ??????????? ?????????
>
>
> 2015-01-03 9:49 GMT+08:00 ??? <ilovelipanpan at gmail.com>:
>
> > i start tor on a virtualbox xp system,host-only mode,i start tor
> > successfuly,but I have problem when I want to start QQ,anyone can help?
> 3x!
> > --
> > tor-talk mailing list - tor-talk at lists.torproject.org
> > To unsubscribe or change other settings go to
> > https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
> >
>
>
> ------------------------------
>
> Message: 5
> Date: Fri, 02 Jan 2015 18:06:53 -0800
> From: "Jesse B. Crawford" <jesse at jbcrawford.us>
> To: tor-talk at lists.torproject.org
> Subject: Re: [tor-talk] Giving Hidden Services some love
> Message-ID: <54A74EBD.5070407 at jbcrawford.us>
> Content-Type: text/plain; charset=windows-1252
>
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> On 2015-01-02 15:55, s7r wrote:
> >
> > .onion Tor Hidden Services _already provide end to end encryption
> > and authentication_ when used with the default http. They are not
> > vulnerable to man in the middle attacks or hijacks. On top of this
> > primary layer of encryption, there are more crypto layers in the
> > Tor circuits connecting a client to a hidden service.
>
> Respectfully, I think many people are missing the point of why there
> is interest in HTTPS for Tor hidden sites. I think it is generally for
> authentication, not session encryption.
>
> Facebook having a signed SSL certificate for their hidden service
> reliably anchors it to their corporate identity, preventing phishing
> attacks and giving users confidence.
>
> Really, the phishing problem for hidden sites is very bad. Hidden site
> addresses, even "vanity" ones, contain a lot of random hexadecimal
> characters that no one looks at. This makes it very easy to get
> someone to click to the wrong domain.
>
> Using a "vanity" address should be considered a best practice against
> this since it requires attackers to put computational power into
> finding another address with the same first n characters, but it only
> increases the cost of the attack. I suspect that in the whole it is
> still easier than for non-hidden services since users not deceived by
> facebook.com.sketchy.ru will likely still be deceived by
> facebook[differenthexcharacters].onion.
>
> I think this is a smaller risk profile for hidden services than open
> internet websites since 1) users of hidden services will tend to be
> more security conscious (although easy-to-use tools like the browser
> bundle make this less true than it used to be) and 2) users will not
> generally expect to get emails etc. with links to hidden services. But
> of course 2 depends on 1 to some extent.
>
> Obviously this identity authentication is completely irrelevant when
> the hidden site operator intends to remain anonymous, but some hidden
> site operators, like Facebook, do not. They benefit from the strong
> authentication that SSL provides and Tor's built-in encryption does not.
>
> (Well, Tor's built-in encryption does provide reliable tying of a
> hidden service to its address - but so does DNS in most practical
> situations, the whole problem is that users do not check that the
> hostname/hidden service key is exactly correct but will hopefully
> respond better to their browser's SSL indicator)
>
> Yes, the CA infrastructure is not the best solution to the
> authentication problem, but it is the best solution that is
> implemented in user agents right now, so I think it is obvious and
> desirable that hidden service operators that wish to prove their
> identity as a corporation or natural person will use it.
>
> (note: here we are using measures like GPG to prove our identities to
> any list members who care that much - because of the huge risk of
> phishing ALL web users should care that much)
>
> Jesse B. Crawford
> Student, Information Technology
> New Mexico Inst. of Mining & Technology
>
> https://jbcrawford.us // jesse at jbcrawford.us
> https://cs.nmt.edu/~jcrawford // jcrawford at cs.nmt.edu
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v2
>
> iQEcBAEBAgAGBQJUp069AAoJEBPrCUVAhb3Bo60H/026+eUWVs3jlvWQBZ/2Sm1+
> ITYxiv7w9cxC9yQemJzFlHhOsZzPbzr8KmUzZsGvN3erQM/OHZZnnXlMKfpS/j0u
> YTHq3nM4395OpNsPPghTzWUKijw9mb4MNZi8qyeuXz12ddI1tIWUkb1VmXIWJx7w
> Ibgr0jS7L2Br0ZZg/DDgU4xV8jkQn98H8Jqi31mDZ10ymS4vdLwCi6sVu1lA7wcu
> 7Ho6/AfZ1PHdhFoioQmA+k9ZjGAji7mI9FkM0rGl4uwhDbihRgMu6HOP/VAtu/WC
> lGBt3Gw3CAuhh7pkbD7MF56j1AaWQsSRkPWgaToo+rvFmZrQ8hL+LotnTaiK/5E=
> =pWLV
> -----END PGP SIGNATURE-----
>
>
> ------------------------------
>
> Message: 6
> Date: Sat, 03 Jan 2015 02:29:43 +0000
> From: Thomas White <thomaswhite at riseup.net>
> To: tor-talk at lists.torproject.org
> Subject: Re: [tor-talk] Hidden Service Hosting (Free experimental,
>         offer)
> Message-ID: <54A75417.2000908 at riseup.net>
> Content-Type: text/plain; charset=windows-1252
>
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA512
>
> Very similar to the setup I have in terms of using one virtual machine
> as a Tor gateway for others to connect to via an internal network. My
> concern is how well the model will scale and whether it can hold
> multiple high traffic hidden services. I am looking around the config
> options to see what can be optimised etc.
>
> Question to the tor devs: In the torrc when setting "NumEntryGuards
> NUM", does this specify how many guards may be used simultaneously or
> only how many from a pool may be rotated between? Any input on how to
> speed up the connection (losing a little location anonymity is fine
> right now) for hidden services would also be appreciated :)
>
> T
>
> Xiaolan.Me:
> > I am using another way to solve IP leaks problem. my host-os is
> > CentOS and only installed VirtualBox I have 2 virtual machines
> > running on the host-os the first one is a CentOS with 2 network
> > adapter, one is NAT , another is Internal(ip: 192.168.222.1). it
> > running Tor and ShadowSocks(bypass GFW) , Tor through ShadowSocks
> > and listen on 192.168.222.1:9050 (Internal Adapter)
> >
> >
> > Another is also CentOS and running apache, only one network
> > adapter(Internal ip:192.168.222.2) when this virutal machine wants
> > to access internet , must set socks5 proxy to 192.168.222.1:9050 so
> > even this VM gets hacked, the attacker still can't know the real
> > IP....
> >
> > 2015-01-03 6:21 GMT+08:00 Larry Brandt <lbrandt at cni.net>:
> >
> >> I'm interested but a slow mover.  Work sometimes gets in my way.
> >> I am putting together pages for a hidden site but I don't think I
> >> can be ready to put it on line til month's end.  It will be a
> >> legal site everywhere. This is a wonderful offer Thomas.  Hope
> >> someone takes you up on it. Larry Brandt
> >>
> >>
> >> Just wanted to point out that I think it's awesome Thomas is
> >> doing this! Buy him a beer if you see him.
> >>
> >> Tom
> >>
> >>
> >>
> >> Thomas White schreef op 02/01/15 om 09:42:
> >>
> >> Hey all,
> >>>
> >>> So following my other mail, I just want to offer people on
> >>> this mailing list a chance to test something out before I go
> >>> into the wider public with it.
> >>>
> >>> I have been reviewing some ways in which to offer "hosting"
> >>> solutions for hidden services, and although there are ways to
> >>> do like regular shared hosting environments by isolating users
> >>> on an apache server for example, I feel a little experimental
> >>> way to give people more freedom is to assign individual VPS's
> >>> which are accessed via a separate .onion over SSH. For example,
> >>> the HS address would be example1*.onion but to SSH into it, for
> >>> security, would use a different address such as
> >>> sshaddress*.onion. This ensures no user of the service would
> >>> know the true IP of the server it is hosted on and allows for
> >>> shared environments without putting others at risk.
> >>>
> >>> If anyone wants to test this out with me, I am offering the VPS
> >>> for free for a few weeks/months so I can get the architecture
> >>> right and fine tune the setup. All the traffic on the VPS is
> >>> automatically routed through Tor so IP leaks won't be a huge
> >>> problem, but of course you still maintain responsibility for
> >>> the security of your machine and whatever you install on it.
> >>> The use cases are unlimited but for obvious reasons it must be
> >>> legal under British & Swedish law (feel free to ask beforehand
> >>> but if it is legal I will defend it to the best of my
> >>> ability).
> >>>
> >>> If you'd like to take up this offer and try it out please email
> >>> me privately (my key is below). I ask that if you wish to
> >>> request one, please mention anything specific like RAM/CPU/Hard
> >>> disk requirements (no bandwidth limitations) so I can
> >>> appropriately assign them. For now unfortunately only debian
> >>> installs will be available and nothing except sshd will come
> >>> preconfigured on the VPS so if you aren't familiar with the
> >>> command line on debian you may not find this useful. Also any
> >>> custom onion address you want please keep it to 7 characters or
> >>> below for now as my GPU is really on it's last limb after
> >>> generating over 1.4 million keys.
> >>>
> >>> I offer no guarantees on the availability of this, nor do I
> >>> take responsibility for it, this is an entirely experimental
> >>> project and I am hoping any participants take up this offer to
> >>> perhaps mirror/reverse proxy their blogs, or of course bring
> >>> any interesting ideas to the table. All feedback on it is
> >>> welcome too
> >>>
> >>> Time to give these hidden services some lovin'
> >>>
> >>> Regards, T
> >>>
> >> -- tor-talk mailing list - tor-talk at lists.torproject.org To
> >> unsubscribe or change other settings go to
> >> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
> >>
>
> - --
> Activist, anarchist and a bit of a dreamer.
>
> PGP Keys: key.thecthulhu.com
> Current Fingerprint: E771 BE69 4696 F742 DB94 AA8C 5C2A 8C5A 0CCA 4983
> Key-ID: 0CCA4983
> Master Fingerprint: DDEF AB9B 1962 5D09 4264 2558 1F23 39B7 EF10 09F0
> Key-ID: EF1009F0
>
> Twitter: @CthulhuSec
> XMPP: thecthulhu at jabber.ccc.de
> XMPP-OTR: 4321B19F A9A3462C FE64BAC7 294C8A7E A53CC966
> -----BEGIN PGP SIGNATURE-----
>
> iQIcBAEBCgAGBQJUp1QUAAoJEFwqjFoMykmD41UP/1j6Zs07l7dAwW0fcXOe6qci
> 7S2VUEkcXVujm7g2QI+rdoz5FdnoFoXchd4J3Umx5LZ4sLrGwORWW/gAjSnUw59s
> I92akGl7QjEHUKOkbN99+ZtiKFHRF/1rbU7jwt1Cb87Iegi15Vhajog0IWfHH9x8
> +gNTgIGtPft1JW8jE9XbO1/QXy6TnM2DHHmedn0SJFJ9yyNgLUgbYn/6o+vve4XZ
> UIVU1J2M6xMK8RlTdQA6f9pUVpDYovLTq/leQzjeHnB+koGPphlIc/bsQEbZKv4e
> qAgPwx+7R2kvCO3LQwzhEjbKBO9NDYea8tcb9+aoy9JIfRfuMQtTRHSVOSqRBdPB
> Gkrv+yJSPvE9RyXkaeVOdaXeXHGlVFt263OnL3RiAaPRV/71ZSyFvjOBFk5ddVwQ
> 8avr8X3QXWA7Xu55K0aiNd8qeBvIflFpboomfo4dWEgUam/R6tKfH4Q5l5E7F6xc
> LtRGlY7qSgK78JwxedwWJwqqesJ+4PG8MEzcRu0AI5Xe3/F2KE1g2vt/C/QiDc/M
> wAuPv8A+z+IXPXKbE5amFm7h8nWooPqCNYvJ5ozYRBjZuakQy0QSsP9W+V1Y8u0d
> CfKIiDGKskmlZcW038hekBxcB9iJ64Bfh0PjIfnkKCPr6ycxWBbUQikfCjxEj2wo
> F1mgjD5pNLmPL++jNhFe
> =pdyG
> -----END PGP SIGNATURE-----
>
>
> ------------------------------
>
> Subject: Digest Footer
>
> _______________________________________________
> tor-talk mailing list
> tor-talk at lists.torproject.org
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
>
>
> ------------------------------
>
> End of tor-talk Digest, Vol 48, Issue 13
> ****************************************
>

More information about the tor-talk mailing list