tmsr - Search: tor

600+ entries in 0.435s

mircea_popescu: and if one checks it not via tor ?

EIC: worth checking out #Agora via tor. quiet, but similar thinking.

mircea_popescu: you know, like tor. sure symptom of "it's totally leaderless yah" http://btcbase.org/log/2017-07-01#1678144 ☝︎

a111: Logged on 2017-06-30 09:07 sina: once long ago, I ran a tor hidden service that allowed anyone to execute any command they liked on it, as a deanonymisation challenge

asciilifeform: Framedragger: srs q, btw, i know nothing about this supposed great guru other than 'pretty gurl posing for usg.tor photo ops, oh-so-oppressed, oh-so-orangerev' etc

Framedragger: regardless of tor being a thing or not

trinque: and "tor is a thing, really, because reasons" ?

sina: at the time I was v interested in tor hs, before it became completely obvious that GCHQ/NSA had ability to look across the whole onion, and I just wanted to demonstrate hey it is actually possible to not ride your bike into the side of the bus

sina: once long ago, I ran a tor hidden service that allowed anyone to execute any command they liked on it, as a deanonymisation challenge ☟︎

shinohai: So (signal + ETH - Tor)

Framedragger is also curious if isis from tor is still in berlin, too

a111: Logged on 2017-06-12 10:29 sina: it's like, you say, someone hacked my box and stole my bitcoins and then my response is "use signal. use tor"

sina: and then you say "someone phished my brother" and your response is "use signal. use tor"

sina: it's like, you say, someone hacked my box and stole my bitcoins and then my response is "use signal. use tor" ☟︎

sina: shinohai: thegrugq makes a joke, that infosec people have no good advice but just always say "use signal, use tor" for all problems

asciilifeform: lol, even tor used rsa

mircea_popescu: contact id based on pubkey, i have nfi why they think it dun leak metadata ; also no idea why they bundled tor in it.

mircea_popescu: seems a sort of gossipd-over-tor

asciilifeform: 'Ricochet uses the Tor network to reach your contacts without relying on messaging servers. It creates a hidden service, which is used to rendezvous with your contacts without revealing your location or IP address.'

asciilifeform: http://btcbase.org/log/2017-05-19#1659175 << afaik the monero users give approx. as much shit as the tor users gave . ☝︎

mircea_popescu: aaand in the random relulz of today, http://trilema.com/2014/the-lulz-of-today-ddos-attacks-ransom-notes-tor-anonimity-and-other-faits-darmes-of-the-retarded-generation/

asciilifeform: https://archive.is/Ihgo4 << and then debian revokes his commit. as if it weren't 'tor exit node operating', haskell-teaching, fine folx who made debian what it is today, poetteringolade

Framedragger: fwiw when i was running searchable tor metrics db (>= 80GB tho would need to check) and had search there, it ran ~fine~, including wildcard support.

asciilifeform: in https://nymity.ch/anomalous-tor-keys/pdf/anomalous-tor-keys.pdf .

Framedragger: asciilifeform: wait you must mean some other page than https://nymity.ch/anomalous-tor-keys/ because para 3 on there starts with "What does our work mean for Tor users?"

Framedragger: what particular paragraph ticked you off on https://nymity.ch/anomalous-tor-keys/ asciilifeform?

Framedragger: possible weaknesses of rsa keys and the idea to run a "your relay key is weak" service as part of tor metrics infrastructure (tor metrics itself is an old project, ca. 2011)

asciilifeform: ( in unrelated lulz, https://nymity.ch/anomalous-tor-keys/ << guess who not cited!111 )

asciilifeform: speaking of which, at some point we oughta snarf tor 'onion' etc keyz

mircea_popescu: to think that, much like "tor", those passed for the "forefront of internets" at some point, a decade prior.

Framedragger: it's one thing tor jumping ahead with newhope because omg POSTQUANTUM, but a pgp board.. lol

asciilifeform: ^ complete with 'oh it wasn't the tor, believe'

asciilifeform: was this the one that downloaded blacklist from mike hearn's tor onion ? or was that a previous idiocy

Framedragger: also, ip packets with custom proto number would (1) stand out more easily to enemy, and could be more easily filtered out (vs. udp header with rng-data within) - see how chinese firewall blocked tor bridges etc etc; and (2) i'm sure quite a few appliances would filter them out by default (like how they filter out icmp, etc.)

Framedragger: (not implying that there's much worth for any noob to start running a tor node *now*.)

Framedragger: sure. well, tor had been rather useful to me before, i took from it more than it's taken from me, so at least there's that. :)

Framedragger: reminds me, i think i'm still running one tor exit lol. mebbe time to redirect resources

asciilifeform: ( while we're on subj, gotta wonder how many of the 'death ray' folx even ~did~ ever do any such thing as running tor, 'dealing on darkmarket', etc. and how many -- simply idiots, infected with usg shitware and then 'plea bargain' because 0 effective defense )

asciilifeform: the real lul imho is that there appears to be no serious shortage of monkeys willing to run tor

asciilifeform: 'the good toys' being what -- presumably, items built against something other than tor, winblowz, etc ..?

trinque: aside the fact that tor doesn't work

asciilifeform: ( to square this circle, appears to be an irresistible lure to 'tor' types, they keep coming up with 'zkp' schemes )

asciilifeform: 'Windows users running the Tor browser can be tricked into uncloaking themselves, with a pretty straightforward trick based on Microsoft's DRM system.'

mircea_popescu: speaking of qntras, the tor hacker etc never showed up huh

deedbot: http://qntra.net/2017/02/tor-based-hosting-service-hacked/ << Qntra - Tor Based Hosting Service Hacked

mircea_popescu: Reuel if i were into that, why wouldn't i do exactly what the retard with "coreboot" did, or that unmentionable dimwit with "tor" ?

deedbot: http://qntra.net/2017/01/shinohais-saturday-shitcoin-roundup-xtend-again-tor-21-and-buttfunex/ << Qntra - Shinohai's Saturday Shitcoin Roundup Xtend Again: Tor, 21, and Buttfunex

Framedragger: http://www.burojansen.nl/bvd-aivd/dutch-secret-service-tries-to-recruit-tor-admin/ << student getting recruited to spy on kommunities

asciilifeform: https://www.reddit.com/r/onions/comments/5i6qa3/can_the_nsafbi_use_intel_me_to_defeat_tor_on_95/db7xvu7/ << the only 'evidence'.

mircea_popescu: o mention ancient strongholds of usgism such as kock-gpg, tor or (again) openssl are being butchered left and right. the attempted anti-bitcoins failed to catch on.

Framedragger: this reminds me of when i earnestly tried to pull a "do you even positivism" russell's teapot "prove it" on mp re. his claims on Tor

asciilifeform: as it is, no one who understands the actual purpose of tor could possibly suffer illusions re firefox, or vice-versa

a111: Logged on 2017-01-03 13:38 Framedragger: https://blog.torproject.org/blog/tor-heart-firefox << systematic incorporation of security/privacy related (anti-tracking, sandboxing, etc.) patches by tor browser team into firefox mainline. (http://archive.is/SSNzk)

Framedragger: https://blog.torproject.org/blog/tor-heart-firefox << systematic incorporation of security/privacy related (anti-tracking, sandboxing, etc.) patches by tor browser team into firefox mainline. (http://archive.is/SSNzk) ☟︎

a111: Logged on 2016-12-28 21:49 Framedragger: lulz including http://www.ibtimes.co.uk/tor-developer-isis-agora-lovecruft-publicly-accuses-fbi-harassment-1558607 etc

asciilifeform: to briefly revisit upstack, yes, the tor derps are gonna move to permissioned nodes ('wanna run tor relay ? get 'anonymous' privkey signed by this-here-chixxxxx0r-with-niiice-legs, first!')

asciilifeform: tor, prb, etc.

asciilifeform: at one time ~i, personally~ was logging a small double digit % of all tor traffic.

asciilifeform: understand, folx who associate with tor, are a riotous laugh

asciilifeform: now, back to Framedragger's gurl, 'This work is potentially applicable to other OTF and internet freedom projects, including Tor (if we ever allow linking against Rust code) and Signal. After a meeting with Trevor Perrin, we've also added to our todo list (probably after this project is done, so with alternate funding) to incorporate into curve25519-dalek some additional functionality required for the Signal protocol.'

Framedragger: she wrote current version of, and afaik (maybe old info) still maintains tor bridge infrastructure. at the very least includes saltmining with 'cryptographers' and implementing their ideas (not whole cryptosystems), unless saltmine implies academia

asciilifeform comes upon first mention of the handle, https://lists.torproject.org/pipermail/tor-reports/2016-December/001113.html , and reads:

Framedragger: site:https://lists.torproject.org/pipermail/tor-reports/ isis

Framedragger: phf: fair. with regards to chatting up it was more to do with me not being involved with tor anymore; but even that particular still stands, so yes fair

trinque: Framedragger must've used tor at some point, wants very much to believe no one saw him in there.

mircea_popescu: for my own edification, how many people would you think have root access to tor boxen in bridge infrastructure as of say today ?

Framedragger: person with current root access to tor boxen in bridge infrastructure = person sitting here and teaching me stuff, etc

Framedragger: (obvs i'm not defending her being core part of tor, or tor.)

Framedragger: lulz including http://www.ibtimes.co.uk/tor-developer-isis-agora-lovecruft-publicly-accuses-fbi-harassment-1558607 etc ☟︎

mircea_popescu: lol this isis girl in tor

Framedragger: this isis girl in tor reads crypto papers and implements them and runs their bridges infrastructure which uses its own nifty things (hashrings for distributing bridge nodes etc), i'm quite certain she hasn't heard ☟︎

asciilifeform: when i ran evil tor exit, collected a bunch of these

Framedragger: it seems that tor main folx were banned from presenting at CCC this year (it's tradition that they normally do it every year), allegedly due to the appelbaum debacle..

Framedragger: oh yeah, i've seen quite a bit of this on various tor irc channels

asciilifeform: it's almost as if the 2014-15 tor busts neverhappened(tm)

shinohai: That's one of the biggest `Signal+Tor makes you invincible!!!!!` guys too.

asciilifeform: 'Pay Shield, SIGAINT's Bitcoin mixer, is on separate infrastructure and was in no way affected. SIGAINT's Monero server is on separate infrastructure and was in no way affected. SIGAINT also runs 4 Tor middle nodes in support of the Tor network, these machines are also on separate infrastructure and were in no way affected.'

Framedragger: certainly. (also while on topic, large part of tor relay network. "decentralization!!!")

Framedragger: (i use tor to access things like library genesis while still in airstrip one, but that says more about airstrip one than anything else.)

Framedragger: even Framedragger doesn't push tor anymore. *and that's telling you somethin'* :D

mircea_popescu: the incredible audacity of the usg assets. really, they are STILL pushing tor ?

shinohai: I shall make haste to leave these walls the day you recommend using signal+tor

Framedragger: /me received one from google even, once. (for doing stuff related to... tor!!11eleven)

a111: Logged on 2016-12-07 16:42 mircea_popescu: must has indirection! java good asm bad ; unicode good ascii bad ; usd good bitcoin bad ; "signal" "tor" whatever good rsa pgp etc bad and so on it goes.

mircea_popescu: must has indirection! java good asm bad ; unicode good ascii bad ; usd good bitcoin bad ; "signal" "tor" whatever good rsa pgp etc bad and so on it goes. ☟︎

shinohai: "I'm gonna quit using gpg, but you can contact me using signal + tor!"

mircea_popescu: asciilifeform so the tor enthusiasts will buy fuckgoats.

asciilifeform: anybody here have occasion to ~actually run 'tor'~ lately ? it is hilarious in some new ways:

mats: looks like this is mentioned in the tor ml already

mats: the shell code in this tor bug looks almost exactly like the one in fbi 'network investigative tool' from three years ago

a111: Logged on 2016-11-30 00:04 shinohai: https://lists.torproject.org/pipermail/tor-talk/2016-November/042639.html

mats: http://btcbase.org/log/2016-11-30#1574660 << https://lists.torproject.org/pipermail/tor-talk/2016-November/042641.html lul ☝︎

shinohai: https://lists.torproject.org/pipermail/tor-talk/2016-November/042639.html ☟︎

mircea_popescu: and in the more important contributions to human culture of the tor derps, http://www.tor.com/2013/05/06/boob-plate-armor-would-kill-you/

Framedragger: fair enough. note thought that offline geoip DBs need updating. like, tor ships with new maxmind geoip DB for AS numbers (need to ensure tor circuit is from different ASes [*dodge mp laughing*]) every month

asciilifeform: tor exits patching all exes coming through may be close 2nd place medalist

asciilifeform: 'secret tor market', keybase keys / plaintext, 'assassin service', all of the leprosies in one convenient leprosorium .

mircea_popescu: dude... on the fucking "secret" market on tor, whose secret author ACTUALLY VOLUNTEERED IT TO TRAFFIC COPS or anyone who'd listen,

scourge: the irony is that tor+VM+cafe wifi is a recommended minimum for working with hacking a potential pedo ring, but that "cafe WIFI" is usually located inside... a cafe (which is full of dones)

a111: Logged on 2016-11-02 15:39 mircea_popescu: lol right. the sort of idiot who imagines tor is a thing, aka 20something potheads.