Slashdot Mirror
Tor Named One of the Year's Best Products
Iorek writes "PC World lauds Tor, an anonymous Internet communication system, as better than its paid competitors, and one of the best 100 products of 2005. The Electronic Frontier Foundation, which is supporting Tor development, has a press release as well."
How does slashdot get away with publicly lauding Tor as the great application that it is, while simultaneously blocking over 90% of the nodes from posting to slashdot? Try it now, it took me thirty tries to post a comment to slashdot using Tor the other day.
Making the moon less necessary since 1998.
These lists will become more and more common as people figure out what Tor is.. it's a nice idea but..
Even freenode has banned known tor connections. But that's what happens when you give 12 and 13 year old uber el3et linux hax0rs more power than they deserve.
I have been a Tor users for a very long time and, to a certain extent, the fact that it is not very well publicized has kept the system relatively free of the possibilty abuse. When I say possibility of abuse, I am talking about the media saying that Tor is a way to do anonymous torrents of copyrighted material, transferring child porn, etc. As Tor becomes more publicized, will I have to deal with articles from self-proclaimed experts accusing Tor of being a vehicle for such activity? Will I then see some politician try to pass legislation against anonymizer type software? Maybe I'm being alarmist, but these days anything is possible.
Anyone know if there is (or will be) a Linux Tor binary for NAT routers? I have a Linux router, and I'd like to use it as a client in the Tor network but a server for local computers (behind the router).
There are many reasons. Yes, it can be abused, just as a stick or a rock can be abused.
KOA
Giant Missile Defense Radar Sails
I don't get why so many people put letters in envelopes, what have they got to hide?
Why not write on the back of postcards so everybody can make sure they're not hiding illegal words..
It's a slippery slope. Encryption is useful.
It's a simple fact that People like privacy and place a non zero value on it. The phrase "what are you trying to hide" is the last refuge of the voyeur.
"Cursed is he who rises early in the morning..." Isiah 5:11
Yes, the US Naval blah blah funded the original development and in fact they said that civilian use of the service would help mask any "other" usage - so I consider it a patriotic duty of every citizen of the USA to run a TOR node - to aid the US government in its fight against terrorism and to assist their intelligence efforts.
This isn't even an insightful question. "That much encryption?" What the hell does that mean? If the encryption is easily cracked it's not worth doing, you might as well just be doing your banking over something like ROT13 encoded connections, huh?
.de domain and you're doing anything to interest the FBI.
I've been wondering why the hell the network has been getting slower and slower and slower over the last weeks. I guess now I know.
Why is an anonymous network needed? Well for one thing it's not anonymous regarding the type of uses the critics like to trot out i.e kiddie porn and cracking, since a good many of the connection nodes originate in the US or Germany, two of the most monitored countries in the world. Your connection can go through a hundred drops after that it won't matter at all if you make that first hit straight to MIT or some
What it IS useful for (that is before it became so terribly overloaded every click ends up taking thirty seconds or more to respond) is surfing without worrying about your local "community standards" enforced ISP looking over your shoulder or the bazillions of admonkies being able to snoop. Tor is commonly packaged with privoxy, the two together make moving about the net a lot nicer (even slashdot).
I don't even believe that one should be required to justify's one use of tools which protect one's privacy. There is no need to say why I choose to use Tor (such as commercial secrets or pornography, as you have stated). The simple fact remains that I should be entitled to my privacy.
But, it does appear that you would agree with my opinion, so this isn't really directed at (or attacking) what you are saying.
And the problem with onion routing is that it is neither high-bandwidth or low-latency - just anonymous. Sharing files over Tor is a blatant misuse - but tracker comm over it is perfectly valid (Azureus already has a plugin - though I like dht better).
Interestingly, I2P calls them Garlic routers (the pun is not lost on some of us).Quidquid latine dictum sit, altum videtur
I don't understand why you would need tor to hit here. Just put slashdot on the "exception list" in your proxy config and it works great. The ads still get killed (if you are using privoxy) but the content is fast and complete.
You might also trying setting up your tor config file. You do not HAVE to use the "trusted gateways" for the final drop, that is only how it is configured OOTB. Add "exit" to the untrusted gateway nodes permissions - heck you can even remove "exit" from the "trusted nodes" permissions. Now you're not connecting via those "known tor nodes."
BTW it ain't just slashdot. Lots of sites still use IP information instead of session variables and it will drive you nuts trying to post to one of them or even stay connected without having to log in again every two minutes. Simple solution is to just add those sites to the "don't proxy these sites" list. May not be the solution you want if it's a "controversial" site that could lead to leagal attention, but if you're really worried about that sort of thing you're a fool for using tor for it anyway.
Are you still convinced that a network of potential "illegal" uses is such a bad thing?
"BSD: Free as in speech. Linux: Free as in beer. Windows 10: Free as in herpes." --Man On Pink Corner in #52607549.
Do you even think for one nanosecond that the EFF would be supporting it if it were closed???
Donald 'Duck' Dunn: We had a band powerful enough to turn goat piss into gasoline.
"Version 10 combines a compact interface with an innovative DRM technology for enabling music subscriptions that you can take with you on your MP3 player."
Better DRM features help Microsoft onto the list?
I wonder how many advertising spots MS buys through PC World?
You have been eaten by a Hurd of GNU.
Freenet is an astoundingly better concept than tor, all tor does is hide the ends of a connection from one or both peers. But tor works right now, and Freenet doesn't.
Freenet guaranties that data cannot be removed from the network once it is injected, tor hides the ends of the connection.
And yet, tor (and i2p) allows users to setup forums and wikis accessible only across the network which for the purposes of freedom of speech is not half bad.
**** lying is wrong even for sleeping dogs
It seems one of the first companies to jump on the Tor bandwagon is VPM. They are selling a Linux desktop on a 128MB USB stick with everything preconfigured to connect using Tor. Sounds like a neat idea even though you could make it all yourself without paying $45.
Slashdot either eliminate "Anonymous Coward" posting, or else allow posting from TOR nodes?
Wikileaks, no DNS
If they'd just let the things I wanted IRC to do before there was a split from one unified IRC network, then we wouldn't be having this discussion.
"Champagne for my real friends - and real pain for my sham friends!" http://ericblade.postalboard.com/
Freenet is an astoundingly better concept than tor, all tor does is hide the ends of a connection from one or both peers. But tor works right now, and Freenet doesn't.
You're entirely right. For example, what happens if someone decides to run dozens* of Tor nodes? They could intercept and possibly trace a lot of traffic.
*I have no clue how many Tor nodes there are right now, so substitute a sufficiently large number if dozens won't do the trick.
"The newly born animals are then whisked off for a quick run through a giant baking oven." --heard on Food Network
For example, China has sophisticated monitoring of the internet.
As another example, a company with aggressive surveillance might retain data being posted, to be analysed. If Slashdot had an SSL connection, that risk might be avoided, but they don't. One side-effect of TOR is that packets arrive and leave multiply encrypted.
Wikileaks, no DNS
Tor very happy to win award. Make Tor happy. Tor not smash now.
Read my blog.
>>In some places, it's verboten for women to bare their necks or ankles (much less anything else) in public....
Well where I live it is illegal for my wife to bare her naked breasts in public. I demand her freedom!
But seriously they have their laws and we have ours, you cant really compare human rights with laws regarding decency. Dont get me worng I am all for emancipation but please choose your battles better.
On a interesting side note , in the UK I believe we do not have a freedom of speech. CAn someone confirm this?
"in the UK I believe we do not have a freedom of speech. CAn someone confirm this?"
We don't: "Piggins is also charged with two counts of possession of the magazine Stormer". Charging people for posession of a damn magazine doesnt sound like freedom of speech to me - I can see why distributing the magazine would be illegal under "incitement to racial hatred" laws even if I disagree with them, but having people charged because they posess a magazine is absurd in my opinion.
Linux Wireless Hardware in the UK
"Community standards" had nothing to do with it; the standards were set by a fairly small group of lunatics who happened to have a lot of guns. The same can be said of places like North Korea, Iraq, Sudan, and (dare I say it) perhaps even the United States. The FCC, backed by the federal government, which happens to have a lot more firepower than you or I, decides what is or isn't OK on television. As in several other above-listed states, the relatively small group with the superior firepower are the ones who set the rules, communities be damned.
Community standards are hogwash, anyway. I live in the deep south, the Bible belt. I know people who are staunch conservatives, or republicans, or Bush-Frist voters, or whatever you want to call them. These are the guys who go to that annual rally (I forget what it's called) where they profess their faith to God and their wives, and denounce pornography and infidelity. Yet I run into these guys at the strip clubs, at the liquor stores, you name it. All of the "sins" they're supposedly dead-set against, they more often than not participate in themselves.
Your average Bible-belter will vote against gambling, but then you'll find him in the casinos in Tunica or Biloxi. He'll vote against a state lottery, but darned if you don't run into him buying Powerball tickets at the gas station. He'll write to the FCC complaining about Janet Jackson, but as you drive past the adult bookstore, you see his car parked outside. He set the so-called "community standards" when he voted, but he doesn't even follow them himself. That's your average "community standards" progenitor.
Look no further than the Parents' Television Council for evidence of this. The PTC - which as you may recall from prior articles here is responsible for some 98% of all complaints to the FCC - proudly hosts on their own website the offensive clips from television shows they complain about. Even (gasp) children can surf by and find the stuff that's so offensive, they don't want their children to see it. How's that for irony?
For several months they hosted a video clip at http://www.parentstv.org/PTC/clips/WithoutaTrace_
Earth to Parents Television Council, your website is fully accessible to any child who has internet access, why are you hosting "extremely graphic and sexually explicit" content there? Fucking hypocrites.
A human being who has tasted freedom, who knows about life without oppression, who understands the value of the right to read and speak freely, and who hates seeing women all covered up.
"BSD: Free as in speech. Linux: Free as in beer. Windows 10: Free as in herpes." --Man On Pink Corner in #52607549.
I'm British but I live and work in China. Many websites are unreachable because of the censorship here (e.g.: news.bbc.co.uk).
Tor lets me surf those websites and find out what is going on in the world, and find out the things the PRC government doesn't want its citizens knowing about.
In short, it is my window on the world.
"Place me in the company of those who seek Truth, but deliver me from those who believe to have found it."
Using Tor can help you anonymize web browsing and publishing, instant messaging, IRC, SSH, and more.
Don't we have enough problems with script kiddies trying to SSH into our machines without making them anonymous?GETPKG - Package Management for Slackware
The problem is for people in China and probably Iran Tor is useless or worse dangerous.
To use tor you have to know where a tor site is. If you know where it is so do the security people in china. Since in China going around the Great Firewall is a crime connecting to Tor is a crime.
So Tor is really only useful in countries that have some degree of freedom of speech.
That means it will be of most use for people that are going to abuse it.
Now I need to figure out how to block Tor on my office network.
See my blog http://ilovecookes.blogspot.com/ for light hearted technical information.
Discussing democracy is illegal on MSN? Figures...
I believe in the "none of your f-ing business" concept. I also lock my doors to my house and car.
The reason? Because it's no one else's business what the hell I do, what I like, where I browse, etc..
I deeply despise parasitic corporations that seek to suck my soul away by following my every move, tracking my every breath and step and force feeding shit to me in a fruitless effort to get me to turn over my hard to come by $$ to them in exchange for a cheaply made piece of shit that I don't need and don't want.
I don't want big brother (the New KGB) sniffing my farts. F*ck them all. Leave me alone. Stay the f*ck out of my life. It's none of your GD biz..
Why is it always instantly assumed that anyone that doesn't want to share every intimate momenet of their lives with the rest of the planet, that that person is some evil ne'er do gooder??
Now that there are 6bn people on earth, SOME of them assume that everyone wants to live in one huge, happy hippy commune.. Bzzzzt... Some of us don't like that plan. Some of us simply like to be left the hell alone..
The letter analogy doesn't work in this case though. On a letter it says where it is going and where it came from. And it also has the post office seal over the stamps showing where it was processed. Under TOR this is exactly what you are hiding--your tracks. To be honest the main purpose of the letter is that it holds more material inside than a postcard and whatever is inside is sealed up not so much for the content but to insure the contents are not lost; something TCP/IP takes care of but not the Post Office.
Quality Hosting e3 Servers
I was banned within hours of settiing up Tor on my host.
Join Tor today!
page 1
Only one point, though ( the other one disappeared, it seems)
.
/kinds/ of worth, and some are worth more to any individual than are others.
/don't/ so deeply value.
/made/ on us, is oriented to making our lives' expenditure/work into grazing-fodder for "corporations" ( keeping in mind that governments, churches, etc are other-appearing instances of what I really mean here, not just business-entities ), then what result is inevitable?
/can/ induce such learning ( think of ones who have endured near obliteration, over the course of years, say reasonably-advanced Huntingtons, or something, and ask what their values are, compared with "money". . .
--
More seriously, that's an accommodation of humanity: it's more convenient to erode worth than to grow it, and if one wants to get one's own gain, then one has to be more aggressive a predator-of-worth than Others are, so. .
The only problem with that equasion is that there are different
I find autonomy, quiet, harmony, freedom-of-intelligence, spiritual freedom, etc. to be worth more than
{ belonging, social-sentience, status, position, image, money, "self-esteem" which is One's Social-Circle's Opinion Of One, a car, a partner, "education", etc }.
Therefore I can't be manipulated to sacrifice the kind-of-worth I hold-to, in order to have the kind-of-worth I
BUT, since the entire "education" of a someone in the society/machine we
WWIII will change that, because it'll be a pogrom/tantrum so deep/profound that humanity is going-to learn the difference between kinds-of-values.
ANY sufficiently profound obliteration-experience
WHEN humanity experiences something that heavy, humanity will change the same way, but not before: ideas and understanding are different in substance/nature, see. . . )
Cheers,
-me
IPTables enhancement Fail2Ban bans cracker-login's
if you want to surf anonymously without downloading and installing stuff, check out anonycat.
http://anonycat.com/
it's open source, so you can download and run it from your own computer if you want, but you can also just surfy anonymously from the main page.
it's pretty good for viewing slashdot, too, which you can't do with Tor.
"Is this just useless, or is it expensive as well?"
Every time tor is mentioned on Slashdot, the networks gains speed thanks to a surge in runnin server numbers.
'Once scientists, even the dim-witted social scientists, get muzzled, the Western Civilization is finished.' - oldhack
Because Tor works, apparently.
It's the same with any other internet service - give it a few days, and watch the abuse roll on in. Web, Email, Chat, they can ALL be used for great things but the perpensity for abuse lurks just around the corner, and Tor isn't an exception to this.
No, it's because Slashcode lacks support for anonymous use. Until someone adds said support, Slashdot will not be anonymously usable.
If everyone created an account, no problem.
The thing is that Slashdot's codebase uses blacklisting as part of its functionality (it's how they keep abusers from flooding the board). Blacklisting does not work in a pure anonymous environment (that allows abuse if many entities collaborate to abuse the system, which is the case for most systems) without "expensive IDs" (the use of some resource which one cannot produce en-masse to identify onesself). Slashcode treats IP addresses as "expensive IDs", intending that those wanting to abuse the board have a limited set of IP addresses available to them, and those become blacklisted. Tor extends the availability of Tor-enabled IPs (expensive IDs) to anyone who wants. Slashcode cannot understand this. To make Slashcode work in an anonymous environment, support for expensive IDs that work in an anonymous environment must be added. There are many mechanisms for doing expensive IDs.
Slashcode currently uses both IPs (they can get banned) and accounts (they can get banned as well, and it takes a while to work up a high-post, low UIN account) as expensive IDs. IPs cannot be used in an anonymous environment. Accounts could, but probably must be boostrapped in a non-anonymous environment. That is, it would be possible for Slashdot to allow only registered users to use Slashdot from Tor systems (I could even register my IP as one that only allows registered use), but to prevent someone from mass-creating accounts, these accounts would have to be bootstrapped from a non-anonymous environment -- for example, perhaps an IP could only create an account a week, but once created, users could use their accounts on Tor systems.
Another popular expensive ID that saw some interest during the antispam discussion days is solved problems that require many CPU cycles. Generate a hard mathematical problem, to an anonymous user and the person has to burn 5 CPU-minutes of cycles solving a problem in order to post. They'll have a hard time flooding the board.
Another popular expensive ID is human time -- hence the OCRable letters that low-karma accounts and ACs have been seeing recently.
Another expensive ID is transitive trust -- allow accounts that have "trusted" accounts marking those accounts as, in turn, "trusted" (something like the friends system, but should not use the friend marking, which means something different) to use the board anonymously. If those accounts abuse the board, the abusing account loses his trust and the account that endorsed him loses some trust, transitively back to the source. This isn't *fully* anonymous (since the truster has to have some relationship with the trustee, even if it's nothing more than reading a Slashdot post made in non-anonymous mode).
Any other mechanism that uses expensive IDs that can function in an anonymous environment will also work.
I'm going to see whether or not open source solves this one. The Slashcode codebase is there, free, and open, and any number of people with crypto and security design experience read this board and presumably want to use Tor.
I don't really care much about using Slashdot anonymously, so I'm not going to do it. I'll probably take advantage of it if someone else adds support to Slashcode for working in an anonymous environment, though.
Any program relying on (nontrivial) preemptive multithreading will be buggy.
Uh, a US letter currently doesn't have to have a return address, much less a validated one. And a public mailbox in a big US city is pretty darn anonymizing. After all, they still haven't caught the folks who sent anthrax-filled letters to US government officials---and I'm guessing it's not for want of trying.
Tsk, tsk. You must be new here.
And remember kids: Never trust a computer you can actually lift.
I consider pseudonymity just as important as anonymity. The ability to anonymously and untraceably place digitally signed newsletters and documents that people can retrieve. For example dissidents should be able to publish a monthly or weekly index of all the files they upload with their md5's or whatever hash. Then people can download those other documents while being sure of the source. This would prevcent fake documents being put out there by evil organizations because people can be able to authenticate that the doc they are downloading comes from a reputable dissident group.
Firefox won Product of the Year! Congratulations to the Firefox guys!
Hopefully this will help further "legitimatize" Firefox to those who are reluctant to switch to something "underground".
Somebody mentioned in an earlier post schemes that could be used to limit the posting ability of an anonymous client without further reducing the anonymity of the client -- captchas discriminate against the blind, but 'hashcash' or having the client system perform a computationally-expensive operation that can be trivially checked at the server seems a practical way to limit flooding at least. But a larger problem cannot be solved by technical means: anonymous posts that create legal problems for public servers.
Avoiding issues with censorship is best left to a closed system where mechanisms for posting. hosting, and reading are all anonymous. Tor, at present, is better for not leaving an easy to follow trail of everything you read online or bypassing webfilters than anything else -- but it offers no protection to the servers one visits with it, and if this wasn't a problem there wouldn't be a demand for anonymizing protocols to start with.
Try not. Do or do not, there is no try.
-- Dr. Spock, stardate 2822-3.
allow people who *FLOOD* or spam to the point of interfereing, be-aloud-to?
Exuse me, but if someone *interferes* with my ability to talk (like the spamers/flooders were with /.), then I have a right (natural reaction) to find away around that.
I would say that the moderation and steps taken by /. to stop the spamers, does more to help (us) all talk, instead of those clowns who dont' like /.
Let them (spammers/flooders) go form their own /. if they dont' like it... or, they can *keep trying*, and /. will keep trying, and the best-man-will-win! :)
What I am investigating, is the theory that bill-gate$-the-turd-junior is behind these attacks.
I will gladly loose all of life's battles.. in order to win the war..
CHINX!! (lol).
Anyone who takes so-called derogitory terms personally, needs counceling/pills, or to be ostracized!
LEARN to laff! maybe we'd then *all-get-along* better!! =:O
I will gladly loose all of life's battles.. in order to win the war..
You (we) need to define a *GOOD* track record.
And you can't say: "whatever the community decides", cause although that may work for THE COMMUNITY, it is not nescessarily good, fair, legal, moral, or whatever, and because of this, it will continue to morph (as it should). :)
I will gladly loose all of life's battles.. in order to win the war..
Maybe this was a mis-communication on my part-- on what this part of the thread was about originally.
We (me too, in my reply) were talking about /. HAVING to control people who were FLOODING the network to the point where everyone would be affected. In other words, to the point where /. was not useable (it happens with dos attacks, etc u know..)
Now I don't know about you, but I would prefer if /. stopped those (spamming/flooding) arswholes, this way we (you & I) could continue our discussion.
Why would'nt anyone defend themselves like that? I mean, it is common sense! Why would u let the *spammers* control /.?
And as far m$ interfering with places like /., linux, or whatever else they see as a threat.. then actually you would be considered *more nuts* by professionals, by claiming that this would be un-heard-of (like you implied) :)
I will gladly loose all of life's battles.. in order to win the war..
the other way around when it comes to programs like Tor.
BUHHT..I dont' blame /. for *defending* itself against spam & flood attacks. This is only common sense. If they didn't we wouldn't have /.
And I can't see why anyone (even after reading ALL the threads) would act like /. is hypocritical.
If you RTFM (/.'s) you'd see that not only do they speak-a-good-game, but they walk it tooo.
Censoring can ONLY be over come by MORE & LOUDER freedom of speech, period.
ANYTHING short of this will be giving in to the bad-guys... and that is the ONLY way they can win!!
I am always curious as to why people and the governments..always seem more concerned with what people *say*, then what they actually *do*.
Ahhhnd, I *think* I have part of the anwswer, which is, because *words* are everything..
After all, even before someone *pulls-the-triger*.. there is that *little voice* inside that *says* (do it! or DON'T DO IT!!), which then controls the actions of the individual.. :)
I will gladly loose all of life's battles.. in order to win the war..
So fight for it. Other people are.
Some people don't want their personal business displayed to the public, which is why we don't live in glass houses.
I remember when JAP did this function. Then the German Gov't forced an upgrade to let them snoop. I get the feeling that this network isn't as secure as many seem to believe.
apparently your traffic goes out from a single machine acting as you - if that machine is a dialup, you're screwed. there isn't any form of load balancing that I can tell. I'll revisit TOR later.
No one has seen what you have seen, and until that happens, we're all going to think that you're nuts. - Jack O'Neil
You maybe do not need them at all. Just a combination of the OCRable letters (or a similar measure) with indication in the title of the post that the post is from an anonymized IP, and allow assigning users a modifier for anonymous posts (one more criterium in addition to already existing ones).
Anything that involves a non-anonymous IP breaks anonymity and can lead to the Goons With Guns coming and requesting the logs.
should have been:
from the it's-so-great-we-banned-it dept.
Get your torrents...