Friday, 30 November 2007

Jury Trial, Jury Nullification

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

There is an ongoing discussion on the OnionRouter-Talk mailing list that may be of interest to readers familar with the jury-system in the United Stated of (northern) America.

Apperently there was a 1996-case in the US where a jury-member got a sentence because of informing the other jury-members of (truthfully) a right they had. Also interesting to this topic may be the Fija-organisation.

Note that we did not check the facts presented here to be true. Thus don't trust a site just because "it's written" and don't trust us for that matter.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
Comment: http://firegpg.tuxfamily.org

iD8DBQFHZ6ebLAZ+Vq4hPgARAkbGAKDLd4KDVvYykW/JIIxodXB1qy7WQgCfRCbF
tAN58vYa98vIpU4Bvvid4Cg=
=QsrD
-----END PGP SIGNATURE-----
Posted by at No comments:
Labels:

Thursday, 29 November 2007

password need not be produced in USofA-court

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

the source(pdf)

A US-District-Court issued a ruling that a canadian need not release the password for his pgp-drive because that is a thought and he has the right to remain silent about his thoughts.
Formerly a password was often seen as a key by the accusers that could be forced to be produced.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
Comment: http://firegpg.tuxfamily.org

iD8DBQFHZ6eVLAZ+Vq4hPgARAmbZAKCLC9tuRWuNC5cfGk+RgCC7g4mhPwCbBR9H
KL76qxeXZ0AfpVi3rvirCIM=
=6ewt
-----END PGP SIGNATURE-----
Posted by at No comments:
Labels:

Wednesday, 28 November 2007

setting up your own search-enging for torland

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

We stumbled over YaCy as a distributed search-enging. It's quite a nice thing
but being distributed unless changed it just starts connecting to it's non-tor-peers
and index the web.
But...you can configure it to be part of the network of CaCy-Servers on tor and help
index torland. As a side-effect you get a local search-index that is allways reachable
without lag.

Parts needed:

Java 1.4.x
some free ram and disk
some free bandwidth

english setup-instructions

german setup-instructions

short YaCy+ot howto on the hidden wiki

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
Comment: http://firegpg.tuxfamily.org

iD8DBQFHZ6eJLAZ+Vq4hPgARAmxVAJ9tfw+DWJ2Vo+rx1uDf6LxJGo7jPgCfalQV
BhKl2PEIR9n/PgspJxuFdA0=
=Ir1d
-----END PGP SIGNATURE-----
Posted by at 2 comments:
Labels: ,

newsflash: Google hands over IP address of anonymous blogger

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

from: globes.co.il:

(shortened)

In an unprecedented move, Google has agreed to supply the IP address of an Israeli blogger who 
used "Google Blogger" for a blog in which he slandered Shaarei Tikva council members running for 
reelection...

The council members asked Google for the blogger's name.
They reached a settlement with the company on the basis of an Israeli ruling on the subject.
The settlement stipulates that 72 hours before a hearing ...the council members would leave the 
blogger a message on his blog summoning him to the hearing, or else his IP address would be 
handed over. The notice would invite the blogger to disclose his identity, participate in the 
hearing, or oppose the disclosure of his identity by filing a motion as "anonymous".
...
Google initially said that disclosing the blogger's identity violated rulings on the balance 
between freedom of expression and a person's right to his reputation.

However, in a pre-ruling, Judge Oren Schwartz said that the blog's content raised suspicions of 
criminal conduct, and Google took the hint. 
...
In line with Judge Schwartz's ruling, Google and the councilmen reached a settlement in their 
dispute. Following the 72 hour period, Google was ordered to hand over the IP address to the 
court....



note: this is not about us. "anonymous" is a fairly...common name nowadays. ;)


We have been given the following links with good articles about the case in major german online-publications.
coverage on lawblog and coverage on heise.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
Comment: http://firegpg.tuxfamily.org

iD8DBQFHZ6eBLAZ+Vq4hPgARAkYyAJ9e8yC/ibAkBe638Dk/zkxJll6ifgCgmj5W
j16gdMwdUnGf2jRar/I/GJg=
=8KO8
-----END PGP SIGNATURE-----
Posted by at No comments:
Labels:

providing ssh as a tor-hidden-service

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

step 1: create the service

create the service-directory

mkdir /var/lib/tor/hidden_service
mkdir /var/lib/tor/hidden_service/ssh
chown tor /var/lib/tor/hidden_service/ssh   (may be "debian-tor" for debian-users)


now add to your /etc/tor/torrc

HiddenServiceDir /var/lib/tor/hidden_service/ssh
HiddenServicePort 22 127.0.0.1:22


step 1a: reload tor and check that it works

/etc/init.d/tor reload
tail /var/log/tor/log

now

cat  /var/lib/tor/hidden_service/ssh/hostname

will give you the .onion-address to use

step 2: configure the client

first, download connect.c from latency.net to allo ssh to connect to a socks-proxy.
compile it with 

gcc connect.c -o /etc/ssh/connect

and in /etc/ssh/ssh_config
add the following configuration for all .onion-addresses


# use /etc/ssh/connect to use tor to connect to ssh in torland
Host *.onion
  ProxyCommand /etc/ssh/connect -S localhost:9050 %h %p



done. Now you can do a "ssh fox@XYZ.onion" every time your local tor-server is running.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
Comment: http://firegpg.tuxfamily.org

iD8DBQFHZ6d7LAZ+Vq4hPgARAiDUAJ4zj99ZM8vwwNnEhi6UeR9WbUNTEACgtSgb
Br17oxsyxfwoTwLxL+rr2zg=
=rQE0
-----END PGP SIGNATURE-----
Posted by at No comments:
Labels:

"anonymous living"-blog

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

We just discovered the anonymous living -blog.
You may want to have a look there. It looks quite good and lively!
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
Comment: http://firegpg.tuxfamily.org

iD8DBQFHZ6dxLAZ+Vq4hPgARAiUrAJ9TQwPz1cgYqPLVloK6pxwjxoHExACdGOE+
LeFIIZHSM68H8b+dMI+n2q4=
=NWhE
-----END PGP SIGNATURE-----
Posted by at No comments:
Labels:

Tuesday, 27 November 2007

Tor 0.2.0.12-alpha fixes

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Today Tor 0.2.0.12-alpha was released, fixing among other things "a giant memory-leak".
Here is the Freshmeat announcement.


This release fixes some build problems with the previous snapshot. It also includes a more 
secure-by-default exit policy for relays, fixes an enormous memory leak for exit relays, and fixes 
another bug where servers were falling out of the directory list.

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
Comment: http://firegpg.tuxfamily.org

iD8DBQFHZ6dfLAZ+Vq4hPgARApnLAJ4r8HWmehEyrQGISTkkdooJI1llKACdH0cB
YDoEyRbiXy4x1cv65qD65is=
=U0Uj
-----END PGP SIGNATURE-----
Posted by at No comments:
Labels: ,

masked.name

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

We recently discovered a nice service we wanted you to know about:
masked.name

You can register here(using tor) and then use a mail, im, irc, ftp in torland and have a public (as in outside torland and on the normal internet) blog on NAME.masked.name.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
Comment: http://firegpg.tuxfamily.org

iD8DBQFHZ6dHLAZ+Vq4hPgARAk8lAJ47fJuUCo1LbyCN2ZiZGOYOJKbViQCfYl37
VHqEsP6AopDM9r9ZleHak4w=
=gG+3
-----END PGP SIGNATURE-----
Posted by at No comments:
Labels: , ,

Saturday, 24 November 2007

small personal fight in torland

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

It looks like a small fight has started in torland.
Matt and Jamon are fighting over "who provides the best hidden services".

Well, we are allways pro-competition so let us see how much improvement in quality and quantity of hidden services we will end up with.

Matt is operating

Jamon operates

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
Comment: http://firegpg.tuxfamily.org

iD8DBQFHZ6ckLAZ+Vq4hPgARAu44AJ9Zt46BW5l59y4YjrtbbRbvtxI/QgCfdq0D
cch04g3ri3/GTx3vLYZcbak=
=HIw8
-----END PGP SIGNATURE-----
Posted by at No comments:
Labels:

Tuesday, 20 November 2007

transocks - transparently torify all tcp connections on the router

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

transocks from Mike Fisk looks pretty cool.

usage:

#!/bin/sh

# start transocks
/usr/local/sbin/transocks  -p 1211

LOCAL_NET=192.168.0.0/16

# create a new chain 'SOCKSIFY' for it to simplify management
iptables -t nat -X SOCKSIFY
iptables -t nat -N SOCKSIFY

# exceptions that are not to be run through tor
iptables -t nat -A SOCKSIFY -o lo -j RETURN
iptables -t nat -A SOCKSIFY --dst 127.0.0.1 -j RETURN
iptables -t nat -A SOCKSIFY --dst $LOCAL_NET -j RETURN

# avoid feedback loops
iptables -t nat -A SOCKSIFY -m owner --cmd-owner transocks -j RETURN

# log every new connection in the SOCKSIFY-chain
iptables -t nat -A SOCKSIFY -j LOG -p tcp --syn --log-level info \
- --log-prefix "SOCKSify "

# send tcp-connections in the SOCKSIFY-chain to transocks
iptables -t nat -A SOCKSIFY -p tcp -j REDIRECT --to-port 1211

# Socksify traffic leaving this host:
iptables -t nat -A OUTPUT -p tcp --syn -j SOCKSIFY

# Socksify traffic routing through this host:
iptables -t nat -A PREROUTING -p tcp -s $LOCAL_NET --syn -j SOCKSIFY

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
Comment: http://firegpg.tuxfamily.org

iD8DBQFHZ6cdLAZ+Vq4hPgARAjDTAKCRkUEB5+nz54xId38XWi2RXKckeQCffJ8i
qKTGU+Fk/w56t+UwiGFd1CQ=
=tq8N
-----END PGP SIGNATURE-----
Posted by at No comments:
Labels:

Sunday, 18 November 2007

Potential Firefox Leak

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

As Matt reported in his/her/their blog there are interesting privacy-implications for torbutton-users with the way firefox loads favicons.

Usually I would link but because the article is in torland I repost it here:


Potential Firefox Leak (18 November 2007)
I have discovered a potential leak with any version of firefox (current version as of writing is 2.0.0.9).
The Problem:
Every time you switch tabs, firefox will automatically load the favicon.ico for web sites that did not have one the first time it tried retrieving it (if it's not there the first time, why would it be there later?). If you have multiple tabs open -- some initially loaded with tor enabled (torbutton) and some loaded with tor disabled -- every time you alt+tab or click on a different tab with Tor disabled, firefox is automatically (and without your knowledge) connecting to each site that did NOT have an icon on its initial load. This means that you are revealing your IP address to anyone when you have tor disabled, even when you don't reload any tabs or visit any web sites. Additionally, if you do the inverse (tor enabled with a few non-tor tabs open) you will be revealing that you use tor to any web sites you normally have tor off for.

This problem is not a bug in torbutton, but a bug in firefox that was probably there at one point as a "feature," but is effectively useless.

Workaround:
Close all tabs before toggling torbutton!

Mozilla developers: You can remove that stupid and pointless repeated favicon.ico loading. If it wasn't there 30 seconds ago, why the hell would it be there now? Load it only when the web site is initially loaded and when the tab is refreshed.

- --Matt

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
Comment: http://firegpg.tuxfamily.org

iD4DBQFHZ6cSLAZ+Vq4hPgARAoRRAKDc9YKJntY2doXyAoMM3O1nmLIpBACVFxXf
OHgxnM3ja9bGS1R0RD5bGg==
=9L31
-----END PGP SIGNATURE-----
Posted by at No comments:
Labels: ,
Subscribe to: Posts (Atom)