[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: Warnings on the download page

Thus spake Roger Dingledine (arma@xxxxxxx):

> Also, isn't Portable Firefox Windows-only? Or am I confused?

True, just going for what I assume is the majority of our
userbase first. Especially people who are going to have difficulty
with this stuff. Was also in a rush and didn't check out the plugin
thing right away, sorry.
> > I think we should also mention that we do scan the exits to try to
> > verify they are behaving well, but we may miss some.
> How often are you doing this scanning at this point?

Couple times a week for overnight runs. Pretty much whenever I add new
functionality to the stats gatherering system I do an SSL + http scan
with the old perl scanner controlling the new python core before

The problem is the http scanner itself is MD5 based, and it does
nothing to find nodes that deliberately target dynamic content.. So
maybe I'm doing nothing of substance at this point.

> Speaking of which, a frequently asked question that isn't answered on
> the FAQ is: "I'm pretty sure my exit node is screwing with me. How do
> I figure out which exit node it is?" My answers so far have been
>   - Run at loglevel info and go look through all the stuff that
>     makes no sense to you. Not so easy.
>   - Use Vidalia's Network Map window and watch which circuit your
>     stream is connecting to. Easy -- if you use Vidalia.
>   - Connect to the control port manually and ask for stream and
>     circuit events and then let it scroll. When something goes
>     wrong, look at the output and piece it back together.
> Any ideas on a more foolproof approach? :)

Heh. I haven't had much luck with 'foolproof' anything lately. It
definitely shouldn't be anything other than in-memory. It would be
nice is Vidalia had a list of recently used exits and a list if IPs
visited for each (with some expiration time of like 5 min?) 

Even with Vidalia it is hard to open the network window while the
stream is still attached to your circuit. Usually by the time you
notice its long closed.

Mike Perry
Mad Computer Scientist
fscked.org evil labs