#tor

magdoz@diaspora.psyco.fr

#Session sur Framalibre

https://framalibre.org/content/session
Nouveauté : une fiche #Framalibre

Session est une #alternative à #Whatsapp qui respecte le confidentialité des utilisateurs. Elle permet d'envoyer des #messages (textes et audio) et gère la création de groupes. Elle ne nécessite pas de numéro de #téléphone pour la connexion et les contacts et la #messagerie chiffre les messages de bouts en bouts et les envoie via le réseau #Tor. Session permet d'atteindre un bon niveau de #confidentialité à travers une interface simple d'utilisation.

#GetSession : https://getsession.org/

#Logiciel #Libre #LogicielLibre #ViePrivée #Surveillance

sascha@anonsys.net

News |heise: Netzsperren umgehen: Tor Browser 11.5 erhält Verbindungs-Automatik

Version 11.5 des Anonymisierungs-Browsers Tor umgeht Netzsperren mit nur einem Klick und vereinfacht das Verwalten von Bridges ins Tor-Netz.

Das Tor Project hat eine neue Hauptversion seines gleichnamigen, auf Privatsphäre ausgerichteten Browsers veröffentlicht. Der Tor Browser 11.5 enthält ein Werkzeug, mit dem sich etwa landesweite Sperren des Tor-Netzes leicht umgehen lassen sollen. Außerdem sind verschlüsselte Verbindungen per integriertem HTTPS-Only-Modus nun standardmäßig eingeschaltet und die Netzwerk-Einstellungen wurden überarbeitet und vereinfacht. Das schildert das Tor Project in einem Blogbeitrag zur Freigabe der neuen Browser-Version. Mit dem Tor Browser können Nutzer anonym im Web surfen und ihre Spuren durch das dahinter stehende Anonymisierungsnetzwerk Tor verwischen lassen... (weiter)

Meine Meinung: Gut das die Entwicklung weiter geht und in meinen Augen auch in eine richtige Richtung. Allerdings denke ich das es im Tor Netzwerk noch Diskussionsforen etc. bräuchte die leicht zugänglich sind und in denen es nicht wie meist nur um Drogen, Sex, Rechte Inhalte etc. geht.

Tags: #News #Tor #Tor-Browser #Release #Sicherheit #Anonymität #Meinung #Heise #2022-07-17 #Sascha #2022-07-18
Gruppen: @FediverseDE

57b731e9@nerdpol.ch

EasyGPG’s Tor Onion Service Has Upgraded to Tor 0.4.7.8

EasyGPG is an easy-to-use GUI for GPG that uses Zenity and XClip.

This affects all three of the services: the HTTP server, the Gopher server, and the Minus server.

http://7hinc6ucgvwbcjjoe44lhzzxyjptb3da6tzl33oe7ezl2qgwlrkfe6yd.onion/
gopher://7hinc6ucgvwbcjjoe44lhzzxyjptb3da6tzl33oe7ezl2qgwlrkfe6yd.onion/
minus://7hinc6ucgvwbcjjoe44lhzzxyjptb3da6tzl33oe7ezl2qgwlrkfe6yd.onion/

The most recent release of the Tor Browser also uses this same version of Tor.

Changes in version 0.4.7.8 - 2022-06-17
  This version fixes several bugfixes including a High severity security issue
  categorized as a Denial of Service. Everyone running an earlier version
  should upgrade to this version.

  o Major bugfixes (congestion control, TROVE-2022-001):
    - Fix a scenario where RTT estimation can become wedged, seriously
      degrading congestion control performance on all circuits. This
      impacts clients, onion services, and relays, and can be triggered
      remotely by a malicious endpoint. Tracked as CVE-2022-33903. Fixes
      bug 40626; bugfix on 0.4.7.5-alpha.

  o Minor features (fallbackdir):
    - Regenerate fallback directories generated on June 17, 2022.

  o Minor features (geoip data):
    - Update the geoip files to match the IPFire Location Database, as
      retrieved on 2022/06/17.

  o Minor bugfixes (linux seccomp2 sandbox):
    - Allow the rseq system call in the sandbox. This solves a crash
      issue with glibc 2.35 on Linux. Patch from pmu-ipf. Fixes bug
      40601; bugfix on 0.3.5.11.

  o Minor bugfixes (logging):
    - Demote a harmless warn log message about finding a second hop to
      from warn level to info level, if we do not have enough
      descriptors yet. Leave it at notice level for other cases. Fixes
      bug 40603; bugfix on 0.4.7.1-alpha.
    - Demote a notice log message about "Unexpected path length" to info
      level. These cases seem to happen arbitrarily, and we likely will
      never find all of them before the switch to arti. Fixes bug 40612;
      bugfix on 0.4.7.5-alpha.

  o Minor bugfixes (relay, logging):
    - Demote a harmless XOFF log message to from notice level to info
      level. Fixes bug 40620; bugfix on 0.4.7.5-alpha.

#easygpg #gpg #encryption #privacy #surveillance #security #cryptography #tor

57b731e9@nerdpol.ch

How to run your Minus server as a Tor Onion Service

  1. Create a new, empty folder called onion-service.
  2. Find your Tor Browser folder. If you have no Tor Browser folder, download https://www.torproject.org/dist/torbrowser/11.0.14/tor-browser-linux64-11.0.14_en-US.tar.xz and then unpack it. Locate the folder you just created.
  3. Inside the Tor Browser folder is a folder called Browser. Inside the Browser folder is a folder called TorBrowser. Inside the TorBrowser folder is a folder called Tor. Copy (do not move, but copy) the Tor folder to your new onion-service folder.
  4. Save the two scripts below to the onion-service folder, and mark them executable with chmod or your graphical file manager.
  5. Run start-service.sh. New folders and files will be created in your onion-service folder. The new file called hostname contains the name of your new Tor Onion Service. This will be a domain name that ends with .onion. My domain name is 7hinc6ucgvwbcjjoe44lhzzxyjptb3da6tzl33oe7ezl2qgwlrkfe6yd.onion so the URL of my Minus server is minus://7hinc6ucgvwbcjjoe44lhzzxyjptb3da6tzl33oe7ezl2qgwlrkfe6yd.onion/. Apart from reading the hostname file, you should leave these newly-created files and folders alone.

Here are the two scripts mentioned in number 4 above.

start-service.sh
````
#!/bin/sh

thisfile=readlink -e "${0}"
thisdir=dirname "${thisfile}"

chmod 700 "${thisdir}" # If this is not the permission, Tor will not run.

"${thisdir}/stop-service.sh"

printf "%s\n%s\n%s\n%s\n%s\n%s\n%s\n" "SocksPort 0" "RunAsDaemon 1" "AvoidDiskWrites 1" "DataDirectory ${thisdir}" "HiddenServiceDir ${thisdir}" "PidFile ${thisdir}/tor.pid" "HiddenServicePort 1990 127.0.0.1:1990" > "${thisdir}/torrc"
chmod 600 "${thisdir}/torrc"

env LD_LIBRARY_PATH="${thisdir}/Tor" "${thisdir}/Tor/tor" -f "${thisdir}/torrc" # start Tor

exit 0
````

stop-service.sh
````
#!/bin/sh

thisfile=readlink -e "${0}"
thisdir=dirname "${thisfile}"

if test -f "${thisdir}/tor.pid"
then
theID=cat "${thisdir}/tor.pid"
if ps ${theID} | grep "${thisdir}/Tor/tor" > /dev/null
then
kill ${theID}
fi
rm -f "${thisdir}/tor.pid"
fi

exit 0
````

Please tell me about your new Minus servers. I want to keep and publish a list of all known public Minus servers and publish it on my Minus server.

#internet #protocol #tcp #file-server #hypertext #minus #minus-protocol #tor #onion-service #minus-server