[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] (no subject)

To: tor-talk@xxxxxxxxxxxxxxxxxxxx
Subject: Re: [tor-talk] (no subject)
From: ideas buenas <ideasbuenas@xxxxxxxxx>
Date: Fri, 4 Jul 2014 15:51:27 +0000
Delivered-to: archiver@xxxxxxxx
Delivery-date: Fri, 04 Jul 2014 11:58:31 -0400
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :content-type; bh=WjjGWwf1Jji1t/waS9LFysKv4nN10TkIatnGlNgsrzw=; b=ne56mMzMdG5Zf4iiIZQGs3Bq0FV37/zyDoH9Jd4+13Ca0BAamPTpbbBdp4/bhN5Ma1 dTXFRDKpDBD5tinF2ZN1n0BgIJCL75f1tFR7YATkzQa2eKxxKDLEhINCGKvtfpZAAktL Tibj3ZLNGdtudrctX2iOz+vgex17Ia+PAcTzhFjDur2RrXZHZAnzJEypxpknYPT4VQQP LFwN971Rl0kI3JjXYj60VZNmZ3gMu1PDc4bhHHgIiW0J5ba+YcDZQe1SMzlHryXRC31P YrQxWwf6T/iNZJdGNibSNnguxOa1D8lbxn/vGYjNM+DydclQcRMwLyUuyRL84agp+Z4V QdMA==
In-reply-to: <1404485267.21221.138112469.74B31215@xxxxxxxxxxxxxxxxxxxxxxxxxxx>
List-archive: <http://lists.torproject.org/pipermail/tor-talk/>
List-help: <mailto:tor-talk-request@lists.torproject.org?subject=help>
List-id: "all discussion about theory, design, and development of Onion Routing" <tor-talk.lists.torproject.org>
List-post: <mailto:tor-talk@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=unsubscribe>
References: <CAP-DOiTPMHavRep1c6mEjM8ykoeMXjYq-ddyD3ewSyLywS4aYQ@xxxxxxxxxxxxxx> <53b4d10c.32658c0a.3341.783eSMTPIN_ADDED_BROKEN@xxxxxxxxxxxxx> <CAP-DOiQGg7C8soyDGTe9R7E85mB8Soxhr4VuaAOifXtp5cdwVg@xxxxxxxxxxxxxx> <CAP-DOiTPssFAZU3zOPZ35=bMUvmRz_+zA9XA+MyOowBdh44K8Q@xxxxxxxxxxxxxx> <CAP-DOiS2RznRJc=b5NHRFH-sV6r3mLQ_82_H0d0S5PeYc2k5og@xxxxxxxxxxxxxx> <1404429568.28355.137903905.2900BE8A@xxxxxxxxxxxxxxxxxxxxxxxxxxx> <CAP-DOiQo3NYWKpOt-sd-P6sjshT9B8RrfFniC7BKHzZc3NRuxg@xxxxxxxxxxxxxx> <1404485267.21221.138112469.74B31215@xxxxxxxxxxxxxxxxxxxxxxxxxxx>
Reply-to: tor-talk@xxxxxxxxxxxxxxxxxxxx
Sender: "tor-talk" <tor-talk-bounces@xxxxxxxxxxxxxxxxxxxx>

Visiting the same website with Tor or normal Firefox its gave me the same
Remote Address:
s3-us-west-2-w.amazonaws.com
ec2-174-129-247-121.compute-1.amazonaws.com
edge-star-shv-04-gru1.facebook.com
as an example. While ones repeat themselves in both browsers, others not.

One class of unidentifies servers are the ones that not respond to a whois
lookup. Other class use an address that not resolve in whois with that
address and instead belongs to other




On Fri, Jul 4, 2014 at 2:47 PM, Geoff Down <geoffdown@xxxxxxxxxxxx> wrote:

> I don't have any unidentified servers - I don't know what you mean by
> that. Which webpage are you visiting? Have you compared what happens
> when visiting with Torbrowser and visiting with normal Firefox over the
> normal internet?
>
> On Fri, Jul 4, 2014, at 02:06 PM, ideas buenas wrote:
> > I don think is chatbeat. How many inindetifed servers do u have?
> >
> >
> > On Thu, Jul 3, 2014 at 11:19 PM, Geoff Down <geoffdown@xxxxxxxxxxxx>
> > wrote:
> >
> > > See https://chartbeat.com/faq/what-is-ping-chartbeat-net
> > > for what I think you are seeing - website analytics.
> > >
> > > On Thu, Jul 3, 2014, at 11:56 PM, ideas buenas wrote:
> > > > Another inidentified URI in TBB: rev-213.189.48.245.atman.pl . Check
> > > > this,please. Nor in Whois
> > > >
> > > >
> > > > On Thu, Jul 3, 2014 at 9:27 PM, ideas buenas <ideasbuenas@xxxxxxxxx>
> > > > wrote:
> > > >
> > > > > Another example is this   s3-website-eu-west-1.amazonaws.com    OR
> > > > > edge-star-shv-08-gru1.facebook.com  OR
> > > > > ec2-54-225-215-244.compute-1.amazonaws.com   everyone resolving to
> > > > > markmonitor.com
> > > > >
> > > > >
> > > > > On Thu, Jul 3, 2014 at 9:19 PM, ideas buenas <
> ideasbuenas@xxxxxxxxx>
> > > > > wrote:
> > > > >
> > > > >> I'm not referring to this.I'm talking of a lot of URI that appears
> > > when I
> > > > >> try to link to any site. Every one of those Remote Address start
> with
> > > a
> > > > >> couple o letters followed by numbers like this:
> > > > >> server-54-230-83-145.mia50.r.cloudfront.net  .
> > > > >>
> > > > >>
> > > > >>
> > > > >>
> > > > >> On Thu, Jul 3, 2014 at 2:59 AM, Seth David Schoen <schoen@xxxxxxx
> >
> > > wrote:
> > > > >>
> > > > >>> ideas buenas writes:
> > > > >>>
> > > > >>> > Why is markmonitor.com and its derivates in my TBB? How can I
> do
> > > to
> > > > >>> delete
> > > > >>> > this ? Are they watching me?
> > > > >>>
> > > > >>> Hi,
> > > > >>>
> > > > >>> Are you talking about seeing a markmonitor.com rule in the HTTPS
> > > > >>> Everywhere
> > > > >>> Enable/Disable Rules menu?
> > > > >>>
> > > > >>>
> > >
> https://www.eff.org/https-everywhere/atlas/domains/markmonitor.com.html
> > > > >>>
> > > > >>> If so, this is one of thousands of HTTPS Everywhere rewrite rules
> > > that
> > > > >>> are included with HTTPS Everywhere, which is included with the
> Tor
> > > > >>> Browser Bundle.  The goal of HTTPS Everywhere and its rewrite
> rules
> > > > >>> is to automatically access as many sites as possible with secure
> > > HTTPS
> > > > >>> connections.
> > > > >>>
> > > > >>> HTTPS Everywhere typically does not make your browser access
> sites or
> > > > >>> services that it would not otherwise have accessed, so it
> shouldn't
> > > help
> > > > >>> sites monitor your web browsing if they would otherwise not have
> been
> > > > >>> able to.  There are definitely lots of sites that can monitor
> some
> > > > >>> aspects
> > > > >>> of your web browsing because the site operator has included
> content
> > > > >>> loaded
> > > > >>> from those sites in their web page (so your browser automatically
> > > > >>> retrieves
> > > > >>> that content when you visit the page that embedded the content).
>  For
> > > > >>> example, there are ad networks whose ads are embedded in
> thousands or
> > > > >>> millions of different sites, and if you visit any of those sites
> > > without
> > > > >>> blocking those ads, the ad network operator will get some
> information
> > > > >>> about your visit when your browser loads the embedded content
> from
> > > those
> > > > >>> servers.
> > > > >>>
> > > > >>> The "monitor" in the name of markmonitor is not a reference to
> > > monitoring
> > > > >>> users' web browsing.  Instead, it's part of the name of the
> company
> > > > >>> MarkMonitor, a subsidiary of Thomson Reuters, that provides
> certain
> > > > >>> Internet services mostly to very large companies.
> > > > >>>
> > > > >>> https://www.markmonitor.com/
> > > > >>>
> > > > >>> Their name is supposed to suggest that they can "monitor" their
> > > clients'
> > > > >>> trademarks, but not specifically by spying on Internet (or Tor)
> > > users'
> > > > >>> web browsing.  It seems that one of their original lines of
> business
> > > was
> > > > >>> letting companies know about trademark infringement on web
> sites, so
> > > that
> > > > >>> MarkMonitor's customers could threaten to sue those web sites'
> > > operators.
> > > > >>> They subsequently went into other more infrastructural lines of
> > > business.
> > > > >>>
> > > > >>> There was an article a few years ago criticizing the large
> amount of
> > > > >>> power that MarkMonitor has, but most of that power seems to have
> > > arisen
> > > > >>> mainly because it's an infrastructure provider that some very
> popular
> > > > >>> sites decided to sign up with for various purposes (primarily to
> > > register
> > > > >>> Internet domain names, because MarkMonitor's domain name
> registration
> > > > >>> services make it extremely difficult for somebody else to take
> over
> > > > >>> control of a domain name illicitly).
> > > > >>>
> > > > >>> The markmonitor.com HTTPS Everywhere rule is one of thousands of
> > > HTTPS
> > > > >>> Everywhere rules, and its goal is solely to make sure that if
> you're
> > > > >>> visiting a web page hosted at (or loading content from)
> > > markmonitor.com
> > > > >>> itself, that your browser's connection to markmonitor.com's
> servers
> > > will
> > > > >>> be a secure HTTPS connection instead of an insecure HTTP
> connection.
> > >  It
> > > > >>> is not trying to give any additional information to those
> servers or
> > > to
> > > > >>> cause your browser to connect to those servers when it would not
> > > > >>> otherwise have done so.
> > > > >>>
> > > > >>> (You can see the rule itself in the atlas link toward the
> beginning
> > > of
> > > > >>> my message, and see that its effect is to rewrite some http://
> links
> > > > >>> into
> > > > >>> corresponding https:// links, just like other HTTPS Everywhere
> rules
> > > > >>> do.)
> > > > >>>
> > > > >>> Having HTTPS Everywhere rules that relate to a site does not
> > > necessarily
> > > > >>> mean that your browser has ever visited that site or will ever
> visit
> > > > >>> that site.  We've tried to make this clear because many of the
> rules
> > > > >>> do relate to controversial or unpopular sites, or sites that
> somebody
> > > > >>> could disagree with or be unhappy about in some way.  Each rule
> just
> > > > >>> tries to make your connection more secure if and when you as the
> end
> > > > >>> user of HTTPS Everywhere decide to visit a site that loads
> content
> > > from
> > > > >>> the servers in question.
> > > > >>>
> > > > >>> You can disable the markmonitor.com HTTPS Everywhere rule from
> > > within
> > > > >>> the
> > > > >>> Enable/Disable Rules menu -- but that won't stop your web browser
> > > from
> > > > >>> loading things from markmonitor.com's servers if and when you
> visit
> > > > >>> pages
> > > > >>> that refer to content that's hosted on those servers.  It will
> just
> > > stop
> > > > >>> HTTPS Eveyrwhere from rewriting that access to take place over
> HTTPS
> > > > >>> URLs.
> > > > >>>
> > > > >>> --
> > > > >>> Seth Schoen  <schoen@xxxxxxx>
> > > > >>> Senior Staff Technologist
> https://www.eff.org/
> > > > >>> Electronic Frontier Foundation
> > > https://www.eff.org/join
> > > > >>> 815 Eddy Street, San Francisco, CA  94109       +1 415 436 9333
> x107
> > > > >>> --
> > > > >>> tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
> > > > >>> To unsubscribe or change other settings go to
> > > > >>> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
> > > > >>>
> > > > >>
> > > > >>
> > > > >
> > > > --
> > > > tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
> > > > To unsubscribe or change other settings go to
> > > > https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
> > >
> > > --
> > > http://www.fastmail.fm - mmm... Fastmail...
> > >
> > > --
> > > tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
> > > To unsubscribe or change other settings go to
> > > https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
> > >
> > --
> > tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
> > To unsubscribe or change other settings go to
> > https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
>
> --
> http://www.fastmail.fm - Email service worth paying for. Try it for free
>
> --
> tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
> To unsubscribe or change other settings go to
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
>
-- 
tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

Follow-Ups:
- Re: [tor-talk] (no subject)
  - From: Geoff Down

References:
- [tor-talk] (no subject)
  - From: ideas buenas
- Re: [tor-talk] (no subject)
  - From: ideas buenas
- Re: [tor-talk] (no subject)
  - From: ideas buenas
- Re: [tor-talk] (no subject)
  - From: ideas buenas
- Re: [tor-talk] (no subject)
  - From: Geoff Down
- Re: [tor-talk] (no subject)
  - From: ideas buenas
- Re: [tor-talk] (no subject)
  - From: Geoff Down

Prev by Author: Re: [tor-talk] (no subject)
Next by Author: Re: [tor-talk] (no subject)
Previous by thread: Re: [tor-talk] (no subject)
Next by thread: Re: [tor-talk] (no subject)
Index(es):
- Author
- Thread