[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: [tor-talk] tor-talk Digest, Vol 48, Issue 13
try to use Proxifier, QQ sometimes bypasses your proxy setting....
2015-01-03 11:09 GMT+08:00 ççæ <ilovelipanpan@xxxxxxxxx>:
> Thanks.virtualbox xp system is host-only,I can use chrome and tor browser
> to surf internet,I see the proxy is 127.0.0.1 9150,so I write this into
> QQ's proxy settings,but the QQ can not log in,I did not know why,the
> virtualbox xp system's firewall is off.
> This is the phenomenon,help me,thank you.
>
> On Sat, Jan 3, 2015 at 10:30 AM, <tor-talk-request@xxxxxxxxxxxxxxxxxxxx>
> wrote:
>
> > Send tor-talk mailing list submissions to
> > tor-talk@xxxxxxxxxxxxxxxxxxxx
> >
> > To subscribe or unsubscribe via the World Wide Web, visit
> > https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
> > or, via email, send a message with subject or body 'help' to
> > tor-talk-request@xxxxxxxxxxxxxxxxxxxx
> >
> > You can reach the person managing the list at
> > tor-talk-owner@xxxxxxxxxxxxxxxxxxxx
> >
> > When replying, please edit your Subject line so it is more specific
> > than "Re: Contents of tor-talk digest..."
> >
> >
> > Today's Topics:
> >
> > 1. Re: Hidden Service Hosting (Free experimental, offer) (Xiaolan.Me)
> > 2. problem with qq while toring (???)
> > 3. Re: problem with qq while toring (Sadiq Saif)
> > 4. Re: problem with qq while toring (Xiaolan.Me)
> > 5. Re: Giving Hidden Services some love (Jesse B. Crawford)
> > 6. Re: Hidden Service Hosting (Free experimental, offer)
> > (Thomas White)
> >
> >
> > ----------------------------------------------------------------------
> >
> > Message: 1
> > Date: Sat, 3 Jan 2015 09:43:24 +0800
> > From: "Xiaolan.Me" <xiaolan65535@xxxxxxxxx>
> > To: tor-talk@xxxxxxxxxxxxxxxxxxxx
> > Subject: Re: [tor-talk] Hidden Service Hosting (Free experimental,
> > offer)
> > Message-ID:
> > <CAJaLD9Ko___=_EGaq=
> > qSm95_v_N8XLEAi+oRF2Vcq1C025Eqow@xxxxxxxxxxxxxx>
> > Content-Type: text/plain; charset=UTF-8
> >
> > I am using another way to solve IP leaks problem.
> > my host-os is CentOS and only installed VirtualBox
> > I have 2 virtual machines running on the host-os
> > the first one is a CentOS with 2 network adapter, one is NAT , another is
> > Internal(ip: 192.168.222.1).
> > it running Tor and ShadowSocks(bypass GFW) , Tor through ShadowSocks and
> > listen on 192.168.222.1:9050 (Internal Adapter)
> >
> >
> > Another is also CentOS and running apache, only one network
> > adapter(Internal ip:192.168.222.2)
> > when this virutal machine wants to access internet , must set socks5
> proxy
> > to 192.168.222.1:9050
> > so even this VM gets hacked, the attacker still can't know the real
> IP....
> >
> > 2015-01-03 6:21 GMT+08:00 Larry Brandt <lbrandt@xxxxxxx>:
> >
> > > I'm interested but a slow mover. Work sometimes gets in my way. I am
> > > putting together pages for a hidden site but I don't think I can be
> ready
> > > to put it on line til month's end. It will be a legal site everywhere.
> > > This is a wonderful offer Thomas. Hope someone takes you up on it.
> > > Larry Brandt
> > >
> > >
> > > Just wanted to point out that I think it's awesome Thomas is doing
> this!
> > > Buy him a beer if you see him.
> > >
> > > Tom
> > >
> > >
> > >
> > > Thomas White schreef op 02/01/15 om 09:42:
> > >
> > > Hey all,
> > >>
> > >> So following my other mail, I just want to offer people on this
> > >> mailing list a chance to test something out before I go into the wider
> > >> public with it.
> > >>
> > >> I have been reviewing some ways in which to offer "hosting" solutions
> > >> for hidden services, and although there are ways to do like regular
> > >> shared hosting environments by isolating users on an apache server for
> > >> example, I feel a little experimental way to give people more freedom
> > >> is to assign individual VPS's which are accessed via a separate .onion
> > >> over SSH. For example, the HS address would be example1*.onion but to
> > >> SSH into it, for security, would use a different address such as
> > >> sshaddress*.onion. This ensures no user of the service would know the
> > >> true IP of the server it is hosted on and allows for shared
> > >> environments without putting others at risk.
> > >>
> > >> If anyone wants to test this out with me, I am offering the VPS for
> > >> free for a few weeks/months so I can get the architecture right and
> > >> fine tune the setup. All the traffic on the VPS is automatically
> > >> routed through Tor so IP leaks won't be a huge problem, but of course
> > >> you still maintain responsibility for the security of your machine and
> > >> whatever you install on it. The use cases are unlimited but for
> > >> obvious reasons it must be legal under British & Swedish law (feel
> > >> free to ask beforehand but if it is legal I will defend it to the best
> > >> of my ability).
> > >>
> > >> If you'd like to take up this offer and try it out please email me
> > >> privately (my key is below). I ask that if you wish to request one,
> > >> please mention anything specific like RAM/CPU/Hard disk requirements
> > >> (no bandwidth limitations) so I can appropriately assign them. For now
> > >> unfortunately only debian installs will be available and nothing
> > >> except sshd will come preconfigured on the VPS so if you aren't
> > >> familiar with the command line on debian you may not find this useful.
> > >> Also any custom onion address you want please keep it to 7 characters
> > >> or below for now as my GPU is really on it's last limb after
> > >> generating over 1.4 million keys.
> > >>
> > >> I offer no guarantees on the availability of this, nor do I take
> > >> responsibility for it, this is an entirely experimental project and I
> > >> am hoping any participants take up this offer to perhaps
> > >> mirror/reverse proxy their blogs, or of course bring any interesting
> > >> ideas to the table. All feedback on it is welcome too
> > >>
> > >> Time to give these hidden services some lovin'
> > >>
> > >> Regards,
> > >> T
> > >>
> > > --
> > > tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
> > > To unsubscribe or change other settings go to
> > > https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
> > >
> >
> >
> > ------------------------------
> >
> > Message: 2
> > Date: Sat, 3 Jan 2015 09:49:01 +0800
> > From: ??? <ilovelipanpan@xxxxxxxxx>
> > To: tor-talk@xxxxxxxxxxxxxxxxxxxx
> > Subject: [tor-talk] problem with qq while toring
> > Message-ID:
> > <CAJr25e_77saKJHRE5na=CpgtnmvWVXQoyBSgLtyGbWodbe=
> > 2Gg@xxxxxxxxxxxxxx>
> > Content-Type: text/plain; charset=UTF-8
> >
> > i start tor on a virtualbox xp system,host-only mode,i start tor
> > successfuly,but I have problem when I want to start QQ,anyone can help?
> 3x!
> >
> >
> > ------------------------------
> >
> > Message: 3
> > Date: Fri, 02 Jan 2015 20:50:50 -0500
> > From: Sadiq Saif <lists@xxxxxxxxxx>
> > To: tor-talk@xxxxxxxxxxxxxxxxxxxx
> > Subject: Re: [tor-talk] problem with qq while toring
> > Message-ID: <54A74AFA.2010600@xxxxxxxxxx>
> > Content-Type: text/plain; charset=UTF-8
> >
> > On 1/2/2015 20:49, ??? wrote:
> > > i start tor on a virtualbox xp system,host-only mode,i start tor
> > > successfuly,but I have problem when I want to start QQ,anyone can help?
> > 3x!
> > >
> >
> > Hi,
> >
> > Can you be more explicit please? Are you seeing any error messages, if
> > so what are them?
> >
> > --
> > Sadiq Saif
> > https://staticsafe.ca
> >
> >
> > ------------------------------
> >
> > Message: 4
> > Date: Sat, 3 Jan 2015 09:57:54 +0800
> > From: "Xiaolan.Me" <xiaolan65535@xxxxxxxxx>
> > To: tor-talk@xxxxxxxxxxxxxxxxxxxx
> > Subject: Re: [tor-talk] problem with qq while toring
> > Message-ID:
> > <
> > CAJaLD9+zFVfoMT07Mj-1EmDhstAiSCG01spdG38dHDA95gdMBg@xxxxxxxxxxxxxx>
> > Content-Type: text/plain; charset=UTF-8
> >
> > check host-os' port or firewall
> > ===================
> > ??????????? ?????????
> >
> >
> > 2015-01-03 9:49 GMT+08:00 ??? <ilovelipanpan@xxxxxxxxx>:
> >
> > > i start tor on a virtualbox xp system,host-only mode,i start tor
> > > successfuly,but I have problem when I want to start QQ,anyone can help?
> > 3x!
> > > --
> > > tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
> > > To unsubscribe or change other settings go to
> > > https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
> > >
> >
> >
> > ------------------------------
> >
> > Message: 5
> > Date: Fri, 02 Jan 2015 18:06:53 -0800
> > From: "Jesse B. Crawford" <jesse@xxxxxxxxxxxxx>
> > To: tor-talk@xxxxxxxxxxxxxxxxxxxx
> > Subject: Re: [tor-talk] Giving Hidden Services some love
> > Message-ID: <54A74EBD.5070407@xxxxxxxxxxxxx>
> > Content-Type: text/plain; charset=windows-1252
> >
> > -----BEGIN PGP SIGNED MESSAGE-----
> > Hash: SHA1
> >
> > On 2015-01-02 15:55, s7r wrote:
> > >
> > > .onion Tor Hidden Services _already provide end to end encryption
> > > and authentication_ when used with the default http. They are not
> > > vulnerable to man in the middle attacks or hijacks. On top of this
> > > primary layer of encryption, there are more crypto layers in the
> > > Tor circuits connecting a client to a hidden service.
> >
> > Respectfully, I think many people are missing the point of why there
> > is interest in HTTPS for Tor hidden sites. I think it is generally for
> > authentication, not session encryption.
> >
> > Facebook having a signed SSL certificate for their hidden service
> > reliably anchors it to their corporate identity, preventing phishing
> > attacks and giving users confidence.
> >
> > Really, the phishing problem for hidden sites is very bad. Hidden site
> > addresses, even "vanity" ones, contain a lot of random hexadecimal
> > characters that no one looks at. This makes it very easy to get
> > someone to click to the wrong domain.
> >
> > Using a "vanity" address should be considered a best practice against
> > this since it requires attackers to put computational power into
> > finding another address with the same first n characters, but it only
> > increases the cost of the attack. I suspect that in the whole it is
> > still easier than for non-hidden services since users not deceived by
> > facebook.com.sketchy.ru will likely still be deceived by
> > facebook[differenthexcharacters].onion.
> >
> > I think this is a smaller risk profile for hidden services than open
> > internet websites since 1) users of hidden services will tend to be
> > more security conscious (although easy-to-use tools like the browser
> > bundle make this less true than it used to be) and 2) users will not
> > generally expect to get emails etc. with links to hidden services. But
> > of course 2 depends on 1 to some extent.
> >
> > Obviously this identity authentication is completely irrelevant when
> > the hidden site operator intends to remain anonymous, but some hidden
> > site operators, like Facebook, do not. They benefit from the strong
> > authentication that SSL provides and Tor's built-in encryption does not.
> >
> > (Well, Tor's built-in encryption does provide reliable tying of a
> > hidden service to its address - but so does DNS in most practical
> > situations, the whole problem is that users do not check that the
> > hostname/hidden service key is exactly correct but will hopefully
> > respond better to their browser's SSL indicator)
> >
> > Yes, the CA infrastructure is not the best solution to the
> > authentication problem, but it is the best solution that is
> > implemented in user agents right now, so I think it is obvious and
> > desirable that hidden service operators that wish to prove their
> > identity as a corporation or natural person will use it.
> >
> > (note: here we are using measures like GPG to prove our identities to
> > any list members who care that much - because of the huge risk of
> > phishing ALL web users should care that much)
> >
> > Jesse B. Crawford
> > Student, Information Technology
> > New Mexico Inst. of Mining & Technology
> >
> > https://jbcrawford.us // jesse@xxxxxxxxxxxxx
> > https://cs.nmt.edu/~jcrawford // jcrawford@xxxxxxxxxx
> > -----BEGIN PGP SIGNATURE-----
> > Version: GnuPG v2
> >
> > iQEcBAEBAgAGBQJUp069AAoJEBPrCUVAhb3Bo60H/026+eUWVs3jlvWQBZ/2Sm1+
> > ITYxiv7w9cxC9yQemJzFlHhOsZzPbzr8KmUzZsGvN3erQM/OHZZnnXlMKfpS/j0u
> > YTHq3nM4395OpNsPPghTzWUKijw9mb4MNZi8qyeuXz12ddI1tIWUkb1VmXIWJx7w
> > Ibgr0jS7L2Br0ZZg/DDgU4xV8jkQn98H8Jqi31mDZ10ymS4vdLwCi6sVu1lA7wcu
> > 7Ho6/AfZ1PHdhFoioQmA+k9ZjGAji7mI9FkM0rGl4uwhDbihRgMu6HOP/VAtu/WC
> > lGBt3Gw3CAuhh7pkbD7MF56j1AaWQsSRkPWgaToo+rvFmZrQ8hL+LotnTaiK/5E=
> > =pWLV
> > -----END PGP SIGNATURE-----
> >
> >
> > ------------------------------
> >
> > Message: 6
> > Date: Sat, 03 Jan 2015 02:29:43 +0000
> > From: Thomas White <thomaswhite@xxxxxxxxxx>
> > To: tor-talk@xxxxxxxxxxxxxxxxxxxx
> > Subject: Re: [tor-talk] Hidden Service Hosting (Free experimental,
> > offer)
> > Message-ID: <54A75417.2000908@xxxxxxxxxx>
> > Content-Type: text/plain; charset=windows-1252
> >
> > -----BEGIN PGP SIGNED MESSAGE-----
> > Hash: SHA512
> >
> > Very similar to the setup I have in terms of using one virtual machine
> > as a Tor gateway for others to connect to via an internal network. My
> > concern is how well the model will scale and whether it can hold
> > multiple high traffic hidden services. I am looking around the config
> > options to see what can be optimised etc.
> >
> > Question to the tor devs: In the torrc when setting "NumEntryGuards
> > NUM", does this specify how many guards may be used simultaneously or
> > only how many from a pool may be rotated between? Any input on how to
> > speed up the connection (losing a little location anonymity is fine
> > right now) for hidden services would also be appreciated :)
> >
> > T
> >
> > Xiaolan.Me:
> > > I am using another way to solve IP leaks problem. my host-os is
> > > CentOS and only installed VirtualBox I have 2 virtual machines
> > > running on the host-os the first one is a CentOS with 2 network
> > > adapter, one is NAT , another is Internal(ip: 192.168.222.1). it
> > > running Tor and ShadowSocks(bypass GFW) , Tor through ShadowSocks
> > > and listen on 192.168.222.1:9050 (Internal Adapter)
> > >
> > >
> > > Another is also CentOS and running apache, only one network
> > > adapter(Internal ip:192.168.222.2) when this virutal machine wants
> > > to access internet , must set socks5 proxy to 192.168.222.1:9050 so
> > > even this VM gets hacked, the attacker still can't know the real
> > > IP....
> > >
> > > 2015-01-03 6:21 GMT+08:00 Larry Brandt <lbrandt@xxxxxxx>:
> > >
> > >> I'm interested but a slow mover. Work sometimes gets in my way.
> > >> I am putting together pages for a hidden site but I don't think I
> > >> can be ready to put it on line til month's end. It will be a
> > >> legal site everywhere. This is a wonderful offer Thomas. Hope
> > >> someone takes you up on it. Larry Brandt
> > >>
> > >>
> > >> Just wanted to point out that I think it's awesome Thomas is
> > >> doing this! Buy him a beer if you see him.
> > >>
> > >> Tom
> > >>
> > >>
> > >>
> > >> Thomas White schreef op 02/01/15 om 09:42:
> > >>
> > >> Hey all,
> > >>>
> > >>> So following my other mail, I just want to offer people on
> > >>> this mailing list a chance to test something out before I go
> > >>> into the wider public with it.
> > >>>
> > >>> I have been reviewing some ways in which to offer "hosting"
> > >>> solutions for hidden services, and although there are ways to
> > >>> do like regular shared hosting environments by isolating users
> > >>> on an apache server for example, I feel a little experimental
> > >>> way to give people more freedom is to assign individual VPS's
> > >>> which are accessed via a separate .onion over SSH. For example,
> > >>> the HS address would be example1*.onion but to SSH into it, for
> > >>> security, would use a different address such as
> > >>> sshaddress*.onion. This ensures no user of the service would
> > >>> know the true IP of the server it is hosted on and allows for
> > >>> shared environments without putting others at risk.
> > >>>
> > >>> If anyone wants to test this out with me, I am offering the VPS
> > >>> for free for a few weeks/months so I can get the architecture
> > >>> right and fine tune the setup. All the traffic on the VPS is
> > >>> automatically routed through Tor so IP leaks won't be a huge
> > >>> problem, but of course you still maintain responsibility for
> > >>> the security of your machine and whatever you install on it.
> > >>> The use cases are unlimited but for obvious reasons it must be
> > >>> legal under British & Swedish law (feel free to ask beforehand
> > >>> but if it is legal I will defend it to the best of my
> > >>> ability).
> > >>>
> > >>> If you'd like to take up this offer and try it out please email
> > >>> me privately (my key is below). I ask that if you wish to
> > >>> request one, please mention anything specific like RAM/CPU/Hard
> > >>> disk requirements (no bandwidth limitations) so I can
> > >>> appropriately assign them. For now unfortunately only debian
> > >>> installs will be available and nothing except sshd will come
> > >>> preconfigured on the VPS so if you aren't familiar with the
> > >>> command line on debian you may not find this useful. Also any
> > >>> custom onion address you want please keep it to 7 characters or
> > >>> below for now as my GPU is really on it's last limb after
> > >>> generating over 1.4 million keys.
> > >>>
> > >>> I offer no guarantees on the availability of this, nor do I
> > >>> take responsibility for it, this is an entirely experimental
> > >>> project and I am hoping any participants take up this offer to
> > >>> perhaps mirror/reverse proxy their blogs, or of course bring
> > >>> any interesting ideas to the table. All feedback on it is
> > >>> welcome too
> > >>>
> > >>> Time to give these hidden services some lovin'
> > >>>
> > >>> Regards, T
> > >>>
> > >> -- tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx To
> > >> unsubscribe or change other settings go to
> > >> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
> > >>
> >
> > - --
> > Activist, anarchist and a bit of a dreamer.
> >
> > PGP Keys: key.thecthulhu.com
> > Current Fingerprint: E771 BE69 4696 F742 DB94 AA8C 5C2A 8C5A 0CCA 4983
> > Key-ID: 0CCA4983
> > Master Fingerprint: DDEF AB9B 1962 5D09 4264 2558 1F23 39B7 EF10 09F0
> > Key-ID: EF1009F0
> >
> > Twitter: @CthulhuSec
> > XMPP: thecthulhu at jabber.ccc.de
> > XMPP-OTR: 4321B19F A9A3462C FE64BAC7 294C8A7E A53CC966
> > -----BEGIN PGP SIGNATURE-----
> >
> > iQIcBAEBCgAGBQJUp1QUAAoJEFwqjFoMykmD41UP/1j6Zs07l7dAwW0fcXOe6qci
> > 7S2VUEkcXVujm7g2QI+rdoz5FdnoFoXchd4J3Umx5LZ4sLrGwORWW/gAjSnUw59s
> > I92akGl7QjEHUKOkbN99+ZtiKFHRF/1rbU7jwt1Cb87Iegi15Vhajog0IWfHH9x8
> > +gNTgIGtPft1JW8jE9XbO1/QXy6TnM2DHHmedn0SJFJ9yyNgLUgbYn/6o+vve4XZ
> > UIVU1J2M6xMK8RlTdQA6f9pUVpDYovLTq/leQzjeHnB+koGPphlIc/bsQEbZKv4e
> > qAgPwx+7R2kvCO3LQwzhEjbKBO9NDYea8tcb9+aoy9JIfRfuMQtTRHSVOSqRBdPB
> > Gkrv+yJSPvE9RyXkaeVOdaXeXHGlVFt263OnL3RiAaPRV/71ZSyFvjOBFk5ddVwQ
> > 8avr8X3QXWA7Xu55K0aiNd8qeBvIflFpboomfo4dWEgUam/R6tKfH4Q5l5E7F6xc
> > LtRGlY7qSgK78JwxedwWJwqqesJ+4PG8MEzcRu0AI5Xe3/F2KE1g2vt/C/QiDc/M
> > wAuPv8A+z+IXPXKbE5amFm7h8nWooPqCNYvJ5ozYRBjZuakQy0QSsP9W+V1Y8u0d
> > CfKIiDGKskmlZcW038hekBxcB9iJ64Bfh0PjIfnkKCPr6ycxWBbUQikfCjxEj2wo
> > F1mgjD5pNLmPL++jNhFe
> > =pdyG
> > -----END PGP SIGNATURE-----
> >
> >
> > ------------------------------
> >
> > Subject: Digest Footer
> >
> > _______________________________________________
> > tor-talk mailing list
> > tor-talk@xxxxxxxxxxxxxxxxxxxx
> > https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
> >
> >
> > ------------------------------
> >
> > End of tor-talk Digest, Vol 48, Issue 13
> > ****************************************
> >
> --
> tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
> To unsubscribe or change other settings go to
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
>
--
tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk