[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-bugs] #25529 [Core Tor/Tor]: Tor not reading torrc-defaults when started from command line, while it reads it successfully when started from Tor Browser



#25529: Tor not reading torrc-defaults when started from command line, while it
reads it successfully when started from Tor Browser
-------------------------------------------------+-------------------------
 Reporter:  omareg94                             |          Owner:  tbb-
                                                 |  team
     Type:  defect                               |         Status:  new
 Priority:  Medium                               |      Milestone:
Component:  Core Tor/Tor                         |        Version:  Tor:
                                                 |  0.3.2.10
 Severity:  Normal                               |     Resolution:
 Keywords:  torrc torrc-defaults defaults meek   |  Actual Points:
  tor-browser-bundle configuration bridge        |
  pluggable-transports connection                |
Parent ID:                                       |         Points:
 Reviewer:                                       |        Sponsor:
-------------------------------------------------+-------------------------

Comment (by cypherpunks):

 Replying to [comment:12 omareg94]:
 > Replying to [comment:10 cypherpunks]:
 > > By the way as far as I know the `meek` that you're seeing there has
 become more and more coupled to the Tor Browser, and for those who want to
 use `meek` the way to go would be to use `meek_lite` ...
 > \\
 > Yes the original meek used in my included log is exactly the same one (I
 thought it was something not widely used so I manipulated it in the
 included log to protect my privacy).

 They use the same front, same url. It's only the ''implementation'' that
 is different.

 > ● I don't get this, why something widely used like this can't be blocked
 by ISP?

 If they want to block it then they have to block all of cloudfront, making
 a lot of collateral damage that isn't a choice for some censors.

 > ● Also is it a security vulnerability to give many users the ''SAME
 MEEK''?

 It isn't by design.

 > ● Also what's the difference between `meek` & `meek_lite` and why to use
 it?

 `meek_lite` is a different implementation of the `meek` client. You should
 use it if you don't want to run the whole Tor Browser just to get the
 standard `meek` implementation going.

 > The only idea I have about meeks is that it's an
 [https://www.bamsoftware.com/papers/fronting/meek-architecture.svg
 implementation of Domain Fronting]
 ([https://www.bamsoftware.com/papers/fronting/ source]). It will really
 help if you could suggest something to read explaining this in order to
 figure out what's really a meek and why to use meek_lite not meek.

 I thought this had all the necessary info
 ​https://lists.torproject.org/pipermail/tor-talk/2017-December/043850.html
 :)

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/25529#comment:13>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs