[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] ip-api.com sees me





​Sent from ProtonMail, Swiss-based encrypted email.​

‐‐‐‐‐‐‐ Original Message ‐‐‐‐‐‐‐

On February 18, 2018 8:57 AM, Anon Hyde <mail@xxxxxxx> wrote:

> ​​
> 
> On 2/17/18, Wanderingnet wanderingnet@xxxxxxxxxxxxxx wrote:
> 
> > not be snooped. I seem to be unable now to locate the page, but this would
> > 
> > solve many of the problems of bad nodes in the Tor network, at least if a
> > 
> > filtered network composed solely of such systems were used. Of course, you
> > 
> > would wonder why this hadn't been done if it were possible...but then again,
> 
> slow down not so hard guys!
> 
> i mean "bad" node for me, for user, not for onionwork. 


Well, by bad I meant any serious hazard to anonymity. The 'bad apple' attack was put forward as long ago as 2006, a full eleven years back. Tor exit nodes have since come under suspicion, and de-anonymization attacks based on entire exit node clusters to which user can be redirected have become a threat. 
The solution I was referring to, which is alleged to make exit node logging impossible, was Tor Ramdisk, a Tor Project item. The solution would of course be to establish a filtered network based on Tor Ramdisks, throwing out the suspected or actual bad apples. 
The touting of solutions based on ensconcing a further encrypted tunnel inside a Tor route makes no sense: an encrypted tunnel is simply a straight line to a destination, be it a tor exit node, an ssh shell account, a VPN sever or a VPS account: in each case the encryption last as long as the destination and no more. Anyone routing throught Tor to a shell, VPN or VPS only defers exit node logging to a further link in the proxying chain, if Tor is to be used further, including to access the deep web which can only be done 'raw' through Tor anyway, making exit node logging an inescapable hazard as yet; again, the caveat is that Tor can only provide anonymity, if that, not privacy, and any identifying activity through Tor risks deanon or disruption. Of course, if you just want to use tor to obsfucate your route to a shell, VPS or VPN then.... All that talk of online activity involving emails, forums, the deep and dark net must avoid either identification of any kind and accept potential disruption or destruction of transactions of any kind as a basic hazard, 
As for my part, I have also observed problems I would attribute to DNS capture on some strange scale, through tor or not: poisoned DNS is an established attack, though I am not quite suggesting this. The problem can only be ascertained by me through feedback using online randomizers, suggesting result washing indicative of behavioural advertising. I leave it at that. 


> 
> i'm rookie in using the tor, and have some TORubles, which can be
> 
> studied to improve the subject. first of all, you must reading the
> 
> Interface by JRaskin all the time. i'm rookie for tor, but have some
> 
> skills in computing, otherwise I would not have managed with the
> 
> TORubles.
> 
> So, most often this is
> 
> 1.  very bad/slow connection with/across the node
> 2.  captcha
> 3.  blacklist
> 4.  traffic redirection to hostile territory
>     
>     theOnion should provide to lamer a convenient interface for fast
>     
>     editing the ExcludeNodes list and method to share it. with onion URL
>     
>     for example.
>     
>     Q: by the way, why onion need dot-onion for URL?
>     
>     is it possible used just hash without dot?
>     
>     And another one news: under linux (opera and chrome) ip-api.com
>     
>     showing my real ip not every time. So far I have no idea why
>     
>     WBR
>     
>     --
>     
>     tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
>     
>     To unsubscribe or change other settings go to
>     
>     https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
>


-- 
tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk