[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [tor-talk] tor-talk Digest, Vol 54, Issue 8



Send tor-talk mailing list submissions to
        tor-talk@lists.torproject.org

To subscribe or unsubscribe via the World Wide Web, visit
        https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
or, via email, send a message with subject or body 'help' to
        tor-talk-request@lists.torproject.org

You can reach the person managing the list at
        tor-talk-owner@lists.torproject.org

When replying, please edit your Subject line so it is more specific
than "Re: Contents of tor-talk digest..."


Today's Topics:

   1. Re: pdf with tor (Mirimir)
   2. Re: pdf with tor (Lars Luthman)
   3. Fwd: Re: Fwd: CALL FOR TESTING: new port scanning subsystem
      (allows scanning behind proxies, including Tor!) (Jacek Wielemborek)
   4. Re: pdf with tor (Mirimir)
   5. Re: Fwd: Re: Fwd: CALL FOR TESTING: new port scanning
      subsystem (allows scanning behind proxies, including Tor!) (spriver)


------------------------------
----------------------------------------

Message: 1
Date: Fri, 03 Jul 2015 14:30:29 -0600
From: Mirimir <mirimir@riseup.net>
To: tor-talk@lists.torproject.org
Subject: Re: [tor-talk] pdf with tor
Message-ID: <5596F0E5.8050101@riseup.net>
Content-Type: text/plain; charset=windows-1252

On 07/03/2015 02:16 PM, mtsio wrote:
> Hello everyone,
>
> Is it safe to open pdf documents inside Tor Browser?

As other have said, it is NOT safe to do that, because PDFs can bypass
Tor. However, it IS safe to open PDFs in Whonix, because all
Internet-bound traffic either uses Tor, or is black-holed.


------------------------------

Message: 2
Date: Fri, 03 Jul 2015 22:36:24 +0200
From: Lars Luthman <mail@larsluthman.net>
To: tor-talk@lists.torproject.org
Subject: Re: [tor-talk] pdf with tor
Message-ID: <1435955784.11081.31.camel@larsluthman.net>
Content-Type: text/plain; charset="utf-8"

On Fri, 2015-07-03 at 14:30 -0600, Mirimir wrote:
> On 07/03/2015 02:16 PM, mtsio wrote:
> > Hello everyone,
> >
> > Is it safe to open pdf documents inside Tor Browser?
>
> As other have said, it is NOT safe to do that, because PDFs can bypass
> Tor. However, it IS safe to open PDFs in Whonix, because all
> Internet-bound traffic either uses Tor, or is black-holed.

Can PDF.js bypass Tor? How? I thought it used the same networking code
and proxy settings as the rest of Firefox.


--ll
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 801 bytes
Desc: This is a digitally signed message part
URL: <
http://lists.torproject.org/pipermail/tor-talk/attachments/20150703/86d0a5b5/attachment-0001.sig
>

------------------------------

Message: 3
Date: Fri, 03 Jul 2015 23:27:59 +0200
From: Jacek Wielemborek <d33tah@gmail.com>
To: tor-talk@lists.torproject.org, grarpamp@gmail.com
Subject: [tor-talk] Fwd: Re: Fwd: CALL FOR TESTING: new port scanning
        subsystem (allows scanning behind proxies, including Tor!)
Message-ID: <5596FE5F.60401@gmail.com>
Content-Type: text/plain; charset="windows-1252"

(reposting again because I still wasn't subscribed to tor-talk)

W dniu 03.07.2015 o 22:01, grarpamp pisze:
>> One of the features that my modifications enable is performing port
>> scanning behind proxies. I only scanned it using SOCKS4 server built
>> into Tor
>>
>> ./nmap -sT --proxy socks4://localhost:9050 scanme.nmap.org
>>
>> Please do note that even though port scanning within Tor is possible,
>> you cannot scan .onion names due to lack of SOCKS4A support.
>
> SOCKS4 and SOCKS4A are old and deprecated and should not
> be implemented (unless you're also implementing the current SOCKS5
> and adding in 4/4A as a bonus).
>
> Tor supports SOCKS5 (and the deprecated 4/4A but it will complain).
> So scanning onions and anything else by name should be possible.
>
> SOCKS5 also supports IPv6 which is becoming the way of things.
> Therefore, implement SOCKS5 :)

I think that SOCKS5 support within Nsock library (on which my
modification depends) is planned. SOCKS5 also supports UDP, so it could
bring even more benefits. For now, SOCKS4 has to do though.







-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: OpenPGP digital signature
URL: <
http://lists.torproject.org/pipermail/tor-talk/attachments/20150703/25871d04/attachment-0001.sig
>

------------------------------

Message: 4
Date: Fri, 03 Jul 2015 17:45:17 -0600
From: Mirimir <mirimir@riseup.net>
To: tor-talk@lists.torproject.org
Subject: Re: [tor-talk] pdf with tor
Message-ID: <55971E8D.7090507@riseup.net>
Content-Type: text/plain; charset=windows-1252

On 07/03/2015 02:36 PM, Lars Luthman wrote:
> On Fri, 2015-07-03 at 14:30 -0600, Mirimir wrote:
>> On 07/03/2015 02:16 PM, mtsio wrote:
>>> Hello everyone,
>>>
>>> Is it safe to open pdf documents inside Tor Browser?
>>
>> As other have said, it is NOT safe to do that, because PDFs can bypass
>> Tor. However, it IS safe to open PDFs in Whonix, because all
>> Internet-bound traffic either uses Tor, or is black-holed.
>
> Can PDF.js bypass Tor? How? I thought it used the same networking code
> and proxy settings as the rest of Firefox.

Maybe so. But without firewall rules, there's risk. There's also risk of
downloading the PDF, and opening it with another app.


------------------------------

Message: 5
Date: Sat, 04 Jul 2015 09:12:30 +0200
From: spriver <spriver@autistici.org>
To: tor-talk@lists.torproject.org
Subject: Re: [tor-talk] Fwd: Re: Fwd: CALL FOR TESTING: new port
        scanning subsystem (allows scanning behind proxies, including Tor!)
Message-ID: <5597875E.1090704@autistici.org>
Content-Type: text/plain; charset=windows-1252

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hi,
thanks for the info! I will try it out these days.

Cheers,
spriver

On 07/03/2015 23:27, Jacek Wielemborek wrote:
> (reposting again because I still wasn't subscribed to tor-talk)
>
> W dniu 03.07.2015 o 22:01, grarpamp pisze:
>>> One of the features that my modifications enable is performing
>>> port scanning behind proxies. I only scanned it using SOCKS4
>>> server built into Tor
>>>
>>> ./nmap -sT --proxy socks4://localhost:9050 scanme.nmap.org
>>>
>>> Please do note that even though port scanning within Tor is
>>> possible, you cannot scan .onion names due to lack of SOCKS4A
>>> support.
>>
>> SOCKS4 and SOCKS4A are old and deprecated and should not be
>> implemented (unless you're also implementing the current SOCKS5
>> and adding in 4/4A as a bonus).
>>
>> Tor supports SOCKS5 (and the deprecated 4/4A but it will
>> complain). So scanning onions and anything else by name should be
>> possible.
>>
>> SOCKS5 also supports IPv6 which is becoming the way of things.
>> Therefore, implement SOCKS5 :)
>
> I think that SOCKS5 support within Nsock library (on which my
> modification depends) is planned. SOCKS5 also supports UDP, so it
> could bring even more benefits. For now, SOCKS4 has to do though.
>
>
>
>
>
>
>
>
>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)

iQIcBAEBAgAGBQJVl4deAAoJEMkUf8VoejgP77MP/1PaxsQiyb1dEp+rW0ioBN5R
pu1x19j6wDSHgBToS/WRIGULhiFXmDomAqfqIou6B6FGrCNVNH3gtFL6mcEBPCBU
p6BOONMKczbT6ogV6yUirQpQubJTBKgCr/S2ZZMK7IQ1tfKUUoDED2DkLfd7F2vK
LJt9Xg5kCWnPdggLQlpFYaEzHmzQHvE+T8N/rcl9HJM4QdwK31CVKST0Ic4kTUW0
pmd53ozLsSmcDqaQp9nRKDnW0chjAVq4vlmGJLEqAMzw9siklXgBx1dSZuRG/c1P
ue/ICHfnY7m3StzyUUT6u83zv1OjTj9m5KMl7Fkwo3TFIs7BNKTHPI3TwCm3AUCQ
q9Xn6ENgUONC+BRToKPgTfa+RnW1kwIObQ5hvx5XVmLuj+o4xbxMLUnNMXiyeVsd
6FvJd8MLydBqfiGhc3qQBEQh0d1duz3WzQykbdgSywhERjx4NCOEhDUCQ9sbMMQc
LBSN+WL2eKQ2YsYvYgEenFP2bUPI6ikyDiyd2ED/ne/f8ub8owFGrTbwpCITucp5
LGHj0lmoSm0pjE64WbLbaDlGA/94g7zv4ThdOgTt0WefYnDCqONBjY9M9MrdADRp
yrhJj5jYuDp8GG7bEUBjEVxr+O3sKKkR+FYg3n3yZemCU8gZ5O49txNoZwtmfSx2
q/LwxfFX9Qv8LvqNydh4
=e7gh
-----END PGP SIGNATURE-----


------------------------------

Subject: Digest Footer

2015-07-04 15:00 GMT+03:00 <tor-talk-request@lists.torproject.org>:

> Send tor-talk mailing list submissions to
>         tor-talk@lists.torproject.org
>
> To subscribe or unsubscribe via the World Wide Web, visit
>         https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
> or, via email, send a message with subject or body 'help' to
>         tor-talk-request@lists.torproject.org
>
> You can reach the person managing the list at
>         tor-talk-owner@lists.torproject.org
>
> When replying, please edit your Subject line so it is more specific
> than "Re: Contents of tor-talk digest..."
>
>
> Today's Topics:
>
>    1. Re: pdf with tor (Mirimir)
>    2. Re: pdf with tor (Lars Luthman)
>    3. Fwd: Re: Fwd: CALL FOR TESTING: new port scanning subsystem
>       (allows scanning behind proxies, including Tor!) (Jacek Wielemborek)
>    4. Re: pdf with tor (Mirimir)
>    5. Re: Fwd: Re: Fwd: CALL FOR TESTING: new port scanning
>       subsystem (allows scanning behind proxies, including Tor!) (spriver)
>
>
> ----------------------------------------------------------------------
>
> Message: 1
> Date: Fri, 03 Jul 2015 14:30:29 -0600
> From: Mirimir <mirimir@riseup.net>
> To: tor-talk@lists.torproject.org
> Subject: Re: [tor-talk] pdf with tor
> Message-ID: <5596F0E5.8050101@riseup.net>
> Content-Type: text/plain; charset=windows-1252
>
> On 07/03/2015 02:16 PM, mtsio wrote:
> > Hello everyone,
> >
> > Is it safe to open pdf documents inside Tor Browser?
>
> As other have said, it is NOT safe to do that, because PDFs can bypass
> Tor. However, it IS safe to open PDFs in Whonix, because all
> Internet-bound traffic either uses Tor, or is black-holed.
>
>
> ------------------------------
>
> Message: 2
> Date: Fri, 03 Jul 2015 22:36:24 +0200
> From: Lars Luthman <mail@larsluthman.net>
> To: tor-talk@lists.torproject.org
> Subject: Re: [tor-talk] pdf with tor
> Message-ID: <1435955784.11081.31.camel@larsluthman.net>
> Content-Type: text/plain; charset="utf-8"
>
> On Fri, 2015-07-03 at 14:30 -0600, Mirimir wrote:
> > On 07/03/2015 02:16 PM, mtsio wrote:
> > > Hello everyone,
> > >
> > > Is it safe to open pdf documents inside Tor Browser?
> >
> > As other have said, it is NOT safe to do that, because PDFs can bypass
> > Tor. However, it IS safe to open PDFs in Whonix, because all
> > Internet-bound traffic either uses Tor, or is black-holed.
>
> Can PDF.js bypass Tor? How? I thought it used the same networking code
> and proxy settings as the rest of Firefox.
>
>
> --ll
> -------------- next part --------------
> A non-text attachment was scrubbed...
> Name: signature.asc
> Type: application/pgp-signature
> Size: 801 bytes
> Desc: This is a digitally signed message part
> URL: <
> http://lists.torproject.org/pipermail/tor-talk/attachments/20150703/86d0a5b5/attachment-0001.sig
> >
>
> ------------------------------
>
> Message: 3
> Date: Fri, 03 Jul 2015 23:27:59 +0200
> From: Jacek Wielemborek <d33tah@gmail.com>
> To: tor-talk@lists.torproject.org, grarpamp@gmail.com
> Subject: [tor-talk] Fwd: Re: Fwd: CALL FOR TESTING: new port scanning
>         subsystem (allows scanning behind proxies, including Tor!)
> Message-ID: <5596FE5F.60401@gmail.com>
> Content-Type: text/plain; charset="windows-1252"
>
> (reposting again because I still wasn't subscribed to tor-talk)
>
> W dniu 03.07.2015 o 22:01, grarpamp pisze:
> >> One of the features that my modifications enable is performing port
> >> scanning behind proxies. I only scanned it using SOCKS4 server built
> >> into Tor
> >>
> >> ./nmap -sT --proxy socks4://localhost:9050 scanme.nmap.org
> >>
> >> Please do note that even though port scanning within Tor is possible,
> >> you cannot scan .onion names due to lack of SOCKS4A support.
> >
> > SOCKS4 and SOCKS4A are old and deprecated and should not
> > be implemented (unless you're also implementing the current SOCKS5
> > and adding in 4/4A as a bonus).
> >
> > Tor supports SOCKS5 (and the deprecated 4/4A but it will complain).
> > So scanning onions and anything else by name should be possible.
> >
> > SOCKS5 also supports IPv6 which is becoming the way of things.
> > Therefore, implement SOCKS5 :)
>
> I think that SOCKS5 support within Nsock library (on which my
> modification depends) is planned. SOCKS5 also supports UDP, so it could
> bring even more benefits. For now, SOCKS4 has to do though.
>
>
>
>
>
>
>
> -------------- next part --------------
> A non-text attachment was scrubbed...
> Name: signature.asc
> Type: application/pgp-signature
> Size: 819 bytes
> Desc: OpenPGP digital signature
> URL: <
> http://lists.torproject.org/pipermail/tor-talk/attachments/20150703/25871d04/attachment-0001.sig
> >
>
> ------------------------------
>
> Message: 4
> Date: Fri, 03 Jul 2015 17:45:17 -0600
> From: Mirimir <mirimir@riseup.net>
> To: tor-talk@lists.torproject.org
> Subject: Re: [tor-talk] pdf with tor
> Message-ID: <55971E8D.7090507@riseup.net>
> Content-Type: text/plain; charset=windows-1252
>
> On 07/03/2015 02:36 PM, Lars Luthman wrote:
> > On Fri, 2015-07-03 at 14:30 -0600, Mirimir wrote:
> >> On 07/03/2015 02:16 PM, mtsio wrote:
> >>> Hello everyone,
> >>>
> >>> Is it safe to open pdf documents inside Tor Browser?
> >>
> >> As other have said, it is NOT safe to do that, because PDFs can bypass
> >> Tor. However, it IS safe to open PDFs in Whonix, because all
> >> Internet-bound traffic either uses Tor, or is black-holed.
> >
> > Can PDF.js bypass Tor? How? I thought it used the same networking code
> > and proxy settings as the rest of Firefox.
>
> Maybe so. But without firewall rules, there's risk. There's also risk of
> downloading the PDF, and opening it with another app.
>
>
> ------------------------------
>
> Message: 5
> Date: Sat, 04 Jul 2015 09:12:30 +0200
> From: spriver <spriver@autistici.org>
> To: tor-talk@lists.torproject.org
> Subject: Re: [tor-talk] Fwd: Re: Fwd: CALL FOR TESTING: new port
>         scanning subsystem (allows scanning behind proxies, including Tor!)
> Message-ID: <5597875E.1090704@autistici.org>
> Content-Type: text/plain; charset=windows-1252
>
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> Hi,
> thanks for the info! I will try it out these days.
>
> Cheers,
> spriver
>
> On 07/03/2015 23:27, Jacek Wielemborek wrote:
> > (reposting again because I still wasn't subscribed to tor-talk)
> >
> > W dniu 03.07.2015 o 22:01, grarpamp pisze:
> >>> One of the features that my modifications enable is performing
> >>> port scanning behind proxies. I only scanned it using SOCKS4
> >>> server built into Tor
> >>>
> >>> ./nmap -sT --proxy socks4://localhost:9050 scanme.nmap.org
> >>>
> >>> Please do note that even though port scanning within Tor is
> >>> possible, you cannot scan .onion names due to lack of SOCKS4A
> >>> support.
> >>
> >> SOCKS4 and SOCKS4A are old and deprecated and should not be
> >> implemented (unless you're also implementing the current SOCKS5
> >> and adding in 4/4A as a bonus).
> >>
> >> Tor supports SOCKS5 (and the deprecated 4/4A but it will
> >> complain). So scanning onions and anything else by name should be
> >> possible.
> >>
> >> SOCKS5 also supports IPv6 which is becoming the way of things.
> >> Therefore, implement SOCKS5 :)
> >
> > I think that SOCKS5 support within Nsock library (on which my
> > modification depends) is planned. SOCKS5 also supports UDP, so it
> > could bring even more benefits. For now, SOCKS4 has to do though.
> >
> >
> >
> >
> >
> >
> >
> >
> >
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.4.12 (GNU/Linux)
>
> iQIcBAEBAgAGBQJVl4deAAoJEMkUf8VoejgP77MP/1PaxsQiyb1dEp+rW0ioBN5R
> pu1x19j6wDSHgBToS/WRIGULhiFXmDomAqfqIou6B6FGrCNVNH3gtFL6mcEBPCBU
> p6BOONMKczbT6ogV6yUirQpQubJTBKgCr/S2ZZMK7IQ1tfKUUoDED2DkLfd7F2vK
> LJt9Xg5kCWnPdggLQlpFYaEzHmzQHvE+T8N/rcl9HJM4QdwK31CVKST0Ic4kTUW0
> pmd53ozLsSmcDqaQp9nRKDnW0chjAVq4vlmGJLEqAMzw9siklXgBx1dSZuRG/c1P
> ue/ICHfnY7m3StzyUUT6u83zv1OjTj9m5KMl7Fkwo3TFIs7BNKTHPI3TwCm3AUCQ
> q9Xn6ENgUONC+BRToKPgTfa+RnW1kwIObQ5hvx5XVmLuj+o4xbxMLUnNMXiyeVsd
> 6FvJd8MLydBqfiGhc3qQBEQh0d1duz3WzQykbdgSywhERjx4NCOEhDUCQ9sbMMQc
> LBSN+WL2eKQ2YsYvYgEenFP2bUPI6ikyDiyd2ED/ne/f8ub8owFGrTbwpCITucp5
> LGHj0lmoSm0pjE64WbLbaDlGA/94g7zv4ThdOgTt0WefYnDCqONBjY9M9MrdADRp
> yrhJj5jYuDp8GG7bEUBjEVxr+O3sKKkR+FYg3n3yZemCU8gZ5O49txNoZwtmfSx2
> q/LwxfFX9Qv8LvqNydh4
> =e7gh
> -----END PGP SIGNATURE-----
>
>
> ------------------------------
>
> Subject: Digest Footer
>
> _______________________________________________
> tor-talk mailing list
> tor-talk@lists.torproject.org
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
>
>
> ------------------------------
>
> End of tor-talk Digest, Vol 54, Issue 8
> ***************************************
>
-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk