Tor - The Onion Router
Hi, I've just installed `tor` ( 0.4.5.16 ) When I launch it ( debian fork ) I'm stuck at > Opened Socks listener connection (ready) on 127.0.0.1:9050 I have a strong set of `nftables` maybe that what block it ? What should open in order to have `tor` connect ? Thanks.
Hi, I'm currently struggling to connect to **TOR** (see my previous posts) Therefore I'm looking in the documentation and in the support community. (and been already greatly helped trough lemmy :) ) I was considering to use also the official **TOR** [forum](forum.torproject.org) But I'm surprised that for a project that claim to protect users anonymity and freedom of WWW to use a forum that - request an email address[^one] - That a moderator [^two] need to approve the account - that each new post need to be approved ! So I can't use it[^one] , hopefully their is Lemmy :D [^one]: Do you know a lot of email service that do not require to provide a proof of ID ? (phone number, ISP email etc..) ? So hard to keep anonymous in those conditions.. . [^two]: Moderation do not exist, it is simply censorship, see the work of Noam Chomsky\ "If the freedom of expression is limited to the ideas that we like, it is not freedom of expression."
Hi,\ in `etc/tor/torrc` (the tor config file) we can read the following > \## Entry policies to allow/deny SOCKS requests based on IP address.\ > \## First entry that matches wins. If no SocksPolicy is set, we accept\ > \## all (and only) requests that reach a SocksPort. Untrusted users who\ > \## can access your SocksPort may be able to learn about the connections\ > \## you make.\ > \#SocksPolicy accept 192.168.0.0/16\ > \#SocksPolicy reject *\ I don't understand, is this for the TOR network to query the local daemon ? or is it for LAN node to use the local TOR daemon ? Thanks
blog.torproject.org
[Onion link](http://pzhdfe7jraknpj2qgu5cz2u3i4deuyfwmonvzu5i3nyw4t4bmg7o5pad.onion/tor-tails-join-forces) >Today the Tor Project, a global non-profit developing tools for online privacy and anonymity, and Tails, a portable operating system that uses Tor to protect users from digital surveillance, have joined forces and merged operations. Incorporating Tails into the Tor Project's structure allows for easier collaboration, better sustainability, reduced overhead, and expanded training and outreach programs to counter a larger number of digital threats. In short, coming together will strengthen both organizations' ability to protect people worldwide from surveillance and censorship.
blog.torproject.org
[Onion link](http://pzhdfe7jraknpj2qgu5cz2u3i4deuyfwmonvzu5i3nyw4t4bmg7o5pad.onion/new-release-tor-browser-1355) >This is a minor Desktop-only release containing (primarily) updated strings for users on legacy Windows and macOS.
blog.torproject.org
[Onion link](pzhdfe7jraknpj2qgu5cz2u3i4deuyfwmonvzu5i3nyw4t4bmg7o5pad.onion/new-release-tor-browser-1354) >This version includes important security updates to Firefox.
blog.torproject.org
[Onion link](http://pzhdfe7jraknpj2qgu5cz2u3i4deuyfwmonvzu5i3nyw4t4bmg7o5pad.onion/new-release-tor-browser-1353) >This version includes important security updates to Firefox.
It amazes me that onion sites aren't everywhere. They are easy to spin up, you don't have to pay anything and can run it from your own home. No need to purchase a domain, worry about expiration, have an open port. Built-in DoS protection. Anonymity and authentication by default. No need to configure HTTPS. Sure, uptime is on you and there is some latency/bandwidth limits to be considered, but once you are over that, onions are a solution to many problems and the benefits are enormous.
When a website can be accessed via a clearnet and a .onion url, is there a benefit to making use of the .onion url? ------ Context: I am considering pointing a ".onion" url to my instance (mander.xyz). I did some tests with and it seems like [mlmym](https://github.com/rystaf/mlmym) works well with JavaScript disabled. Since JavaScript is often disabled in the tor browser, I could make the .onion url point at that front-end instead. This would be fun to do, but I wonder if there is a practical benefit to the ".onion" url as opposed to simply accessing the clearnet url via the tor browser. EDIT: I went ahead and created an onion URL to try out, but I would still like to know if there is an actual advantage to .onion urls: http://mandermybrewn3sll4kptj2ubeyuiujz6felbaanzj3ympcrlykfs2id.onion/
There is a 2 monero bounty ~$300USD if you can get PoW working for us https://github.com/haveno-dex/haveno/issues/1122
Reposted from: https://lemmings.world/post/10879238 > I am talking about some way to report it (without exposing my identity - using Tor browser) or let it be shutdown. > > Related Tor FAQ: https://support.torproject.org/abuse/#abuse_remove-content > > Report1: https://report.cybertip.org > > Report2: https://www.iwf.org.uk/en/uk-report/ > > Report3: https://www.inhope.org/EN#hotlineReferral > > **Here is how to report bad site, in case you find any clearnet traces on the .onion site, incl. email address.** > > In this particular case, I have been able to spot the ODER/BUY NOW link which lead to a clearnet site. Within a second, it then redirected to a onion site, where I have found an e-mail address. So i had 2 ways to report this (clearnet website and an e-mail). > > So run whois lookup (for example at https://who.is/whois/ for mentioned clearnet redirect domain name) and inside the output, discover which nameservers/hosting company it is using. Since it has been using Cloudflare, I have submitted the [report form on Cloudflare site](https://abuse.cloudflare.com). Second thing is that e-mail address the paedopile worm provided on the site. I could visit that email service domain to find abuse contact. I have written steps on how i have discovered the initial link and found the e-mail so they can verify the case. > > **Do you know other way when you do not find any clearnet traces?**
I just got an update from the Guardian project here recently for the Tor Browser version 13.5 on Android. Before, there always used to be a notification in the notification tray that would say the download and upload speed and have a new identity button to switch circuits if one was lagging. But I do not see that anymore. So how do I change circuits now without completely closing the browser and reopening it which would be a total pain in the ass?
blog.torproject.org
[Onion link](http://pzhdfe7jraknpj2qgu5cz2u3i4deuyfwmonvzu5i3nyw4t4bmg7o5pad.onion/new-release-tor-browser-135/) >In that respect, Tor Browser 13.5 feels like a milestone: in addition to the dozens of bug fixes and minor improvements noted in the changelog below, this release features major changes to Android's connection experience in preparation for the future addition of Connection Assist, including full access to Settings before connecting and a new, permanent home for Tor logs. >For desktop, we're continuing our efforts to improve the user experience of Tor Browser's fingerprinting protections. Following the changes we introduced to new window sizes in Tor Browser 13.0 for Desktop, this release features welcome design changes to letterboxing, including new options to remember your last used window size and adjust the alignment of the letterbox in General Settings. Bridge users will also discover a myriad of improvements to bridge settings, including a complete redesign of bridge cards with improved sharing features, and a new section designed to help you find more bridges elsewhere. Lastly, the design of onion site errors has received a visual refresh aimed at making them consistent with the other kinds of Network Errors you can find in Tor Browser.
blog.torproject.org
[Onion link](http://pzhdfe7jraknpj2qgu5cz2u3i4deuyfwmonvzu5i3nyw4t4bmg7o5pad.onion/new-release-tor-browser-13016)
Hi all! A group of researchers from two major U.S. universities is seeking to understand how people act on Darknet forums and markets. We would very much appreciate your responses. Our **anonymous** survey can be found here: https://blocksurvey.io/darknet-decision-making-survey-Cqozn_nrQbOr65TV2OEK9A?v=o (supports Tor) or here https://neu.co1.qualtrics.com/jfe/form/SV_02IV26Gkdf4IuQm (supports all other browsers). You can also use our Telegram bot (@OnlineMarketSurveyBot). We know your time is valuable, so the survey will only take 2-3 minutes of your time. Although we will not log your IP address or ask any identifying questions, please do not share any identifying information while filling out our form. Your responses will be analyzed in groups; no individual responses will be used in data analyses. **Please note that this post has been kindly reviewed by the lemmings.world admin.** A huge thanks to the administrators, moderators, and all participants from our research group! #research #darknet #decisionmaking #survey #Markets
I'm looking for search engines for tor, what do you recommend? Besides that, I'm also looking for the link to time to confess, the one I have stopped working, will the website still be active?
Hi, Since ~two days I noticed drastic slowdown on the TOR network :/ Is this happening for you too ? Do you know a website (or other) where we can see if the network have a problem ? BTW, I wanted to post this on their [forum ](https://forum.torproject.org/) but at the end of registration I got: > A moderator must manually approve your new account before you can access this forum. You'll get an email when your account is approved! Never got the email :/ , for a project that protect user and anonymity I don't see why they use such a huge filter to create account.
Trying to access this https://web.archive.org/web/https://www.dataguidance.com/news/czechia-%C3%BAoo%C3%BA-fines-avast-czk-351m-gdpr-violations got a 403. Never had that before with the WayBackMachine. Then I tried to load it directly and got a "You are blocked!". Does the WBM not really make a full copy ? Not very Tor friendly !!!
TLDR: If I use SSH as a Tor hidden service and do not share the public hostname of that service, do I need any more hardening? Full Post: I am planning to setup a clearnet service on a server where my normal "in bound" management will be over SSH tunneled through Wireguard. I also want "out of bound" management in case the incoming ports I am using get blocked and I cannot access my Wireguard tunnel. I was thinking that I could have an SSH bastion host as a virtual machine, which will expose SSH as a a hidden service. I would SSH into this VM over Tor and then proxy SSH into the host OS from there. As I would only be using this rarely as a backup connection, I do not care about speed or convenience of connecting to it, only that it is always available and secure. Also, I would treat the public hostname like any other secret, as only I need access to it. Other than setting up secure configs for SSH and Tor themselves, is it worth doing other hardening like running Wireguard over Tor? I know that extra layers of security can't hurt, but I want this backup connection to be as reliable as possible so I want to avoid unneeded complexity.
blog.torproject.org
[Onion link](http://pzhdfe7jraknpj2qgu5cz2u3i4deuyfwmonvzu5i3nyw4t4bmg7o5pad.onion/new-release-tor-browser-13013) >This is an unscheduled emergency release with important security updates to Firefox for Desktop platforms. Android is unaffected.
I can't figure out which one it is. Does the service actually still get all the ddos flood and just drop them until a request comes in with the correct PoW level, or does the browser/daemon somehow calculate the PoW and only send the request when its reached. I don't see how the second one would work because your browser would not know if the service was under attack. But the first option still requires the service to get the request and then spend a little time dropping it instead of serving it.
I see that 127.0.0.1:9050 is being opened as my socks5 port. Can i somehow also get it to listen on [::1]:9050? I am trying to connect to an ipv6 client but if i use 127.0.0.1 the connection fails. If i turn off socks it works fine Edit: it actually appears to be the socks application not accepting "::1" or "[::1]" as a valid proxy. It just wants to go back to 127.0.0.1
blog.torproject.org
Amnesty International is launching their website as a .onion site to provide unrestricted access to its human rights resources, enabling more people to safely and securely engage with the vital work of speaking truth to power, and defending human rights.
Most sites i see on tor are http://blahblahblah.onion even for sites that have logins such as dread or pitch. However, duckduckgo appears to have an https onion which i didnt think was possible. Now the question is if i submit my user/pass on an http onion is it actually safe and is my session with that site properly secure? I know in transport to me it is secure, but if the exit node knows i want the pitch onion is my account info safe from that node since pitch is http.
For example, I downloaded Tor network and using it for illegal activities. Can my govt track me? Can US govt track me? With Signal fiasco, I can't trust softwares that I'm not familiar with. I know it *encrypts* something but if I remember correct, FBI was able to find some Tor users before. Note: illegal activities was for example. I'm not going to do anything illegal. I'm just planning to serve my instance with a onion address.
4get is a metasearch engine, similar to Searx and SearXNG You can find the source code here: https://git.lolcat.ca/lolcat/4get And use it here: http://4getwebfrq5zr4sxugk6htxvawqehxtdgjrbcn2oslllcol2vepa23yd.onion/
I saw the tor project blog saying that the new PoW DDOS protection had been released and thought "that will be great for dread". Unfortunately dread has been down for me for several days with both the dreadytofat and dreadytobig onions. Anyone else able to get on?
blog.torproject.org
Onion link: http://pzhdfe7jraknpj2qgu5cz2u3i4deuyfwmonvzu5i3nyw4t4bmg7o5pad.onion/new-release-tor-browser-125/
I currently use Orbot as a general proxy on my phone. However, my school's WiFi requires me to sign in through a portal. I was wondering if there's a way of allowing my phone to bypass Orbot and connect to a single IP address, whilst continuing to proxy everything else.
Tor - The Onion Router
!tor@lemmy.mlTips, tricks and information about the Tor network!