Delivery-Date: Fri, 24 Apr 2015 04:36:49 -0400
Return-Path: <tor-talk-bounces@lists.torproject.org>
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on moria.seul.org
X-Spam-Level: 
X-Spam-Status: No, score=-4.1 required=5.0 tests=BAYES_00,DKIM_ADSP_CUSTOM_MED,
	DKIM_SIGNED,FREEMAIL_FROM,RCVD_IN_DNSWL_MED,T_DKIM_INVALID,T_RP_MATCHES_RCVD
	autolearn=ham version=3.3.1
X-Original-To: archiver@seul.org
Delivered-To: archiver@seul.org
Received: from eugeni.torproject.org (eugeni.torproject.org [38.229.72.13])
	(using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by khazad-dum.seul.org (Postfix) with ESMTPS id 9AD2A1E04CC
	for <archiver@seul.org>; Fri, 24 Apr 2015 04:36:47 -0400 (EDT)
Received: from eugeni.torproject.org (localhost [127.0.0.1])
	by eugeni.torproject.org (Postfix) with ESMTP id 98B38351A5;
	Fri, 24 Apr 2015 08:36:43 +0000 (UTC)
Received: from localhost (localhost [127.0.0.1])
 by eugeni.torproject.org (Postfix) with ESMTP id 206A4351AD
 for <tor-talk@lists.torproject.org>; Fri, 24 Apr 2015 08:36:40 +0000 (UTC)
X-Virus-Scanned: Debian amavisd-new at 
Received: from eugeni.torproject.org ([127.0.0.1])
 by localhost (eugeni.torproject.org [127.0.0.1]) (amavisd-new, port 10024)
 with ESMTP id ls4rIllP5Rh6 for <tor-talk@lists.torproject.org>;
 Fri, 24 Apr 2015 08:36:40 +0000 (UTC)
Received: from mail-pa0-x22f.google.com (mail-pa0-x22f.google.com
 [IPv6:2607:f8b0:400e:c03::22f])
 (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
 (Client CN "smtp.gmail.com",
 Issuer "Google Internet Authority G2" (not verified))
 by eugeni.torproject.org (Postfix) with ESMTPS id DFCC2351AB
 for <tor-talk@lists.torproject.org>; Fri, 24 Apr 2015 08:36:39 +0000 (UTC)
Received: by pacwv17 with SMTP id wv17so20614884pac.0
 for <tor-talk@lists.torproject.org>; Fri, 24 Apr 2015 01:36:37 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113;
 h=content-type:mime-version:subject:from:in-reply-to:date:message-id
 :references:to;
 bh=CTm82cs0JGnuG5l5i6lIS8c/pZ6+WlwM17hcVHvBCqM=;
 b=gol/EHj1Cd6XkxuL0R/j6sMPw+A2ElbrnfPTbrh3dKs3ifFFBaypV0vPMAeDLwOwQe
 p+eEd5Tkm4sgU4G/AloDlMU+bz4PQk4MKGUXqUgqd58ZzBTFjXXqtEl9bKWAjBwV9GFa
 Z1JR0JjprfAix+QjqZo/9lDeEAt392/UMMyF1zmLTpXipflT5l6ffTzaPVYY4SrP5Rt2
 3FYHZwwQNiW4M7RF2ztAQpVs/HrtSObU58bcxTS73YwURGdoRoCZ0p8K7UH5tw06zNIt
 UUqqWtYVDQMcz6ipIKnSp6A3uHKj9bftbRwpCO1MkUTOskTrhh4rLNmDMud/PxjUfoAT
 CyCw==
X-Received: by 10.70.64.138 with SMTP id o10mr4246379pds.104.1429864597418;
 Fri, 24 Apr 2015 01:36:37 -0700 (PDT)
Received: from [192.168.1.10] (14-202-224-251.static.tpgi.com.au.
 [14.202.224.251])
 by mx.google.com with ESMTPSA id m2sm10379482pdp.4.2015.04.24.01.36.35
 for <tor-talk@lists.torproject.org>
 (version=TLSv1 cipher=ECDHE-RSA-RC4-SHA bits=128/128);
 Fri, 24 Apr 2015 01:36:36 -0700 (PDT)
Mime-Version: 1.0 (Mac OS X Mail 8.2 \(2098\))
X-Pgp-Agent: GPGMail 2.5b6
From: teor <teor2345@gmail.com>
In-Reply-To: <mailman.1792.1429863964.6921.tor-talk@lists.torproject.org>
Date: Fri, 24 Apr 2015 18:36:26 +1000
Message-Id: <79B84641-96E9-4712-89F0-803065D67139@gmail.com>
References: <mailman.1792.1429863964.6921.tor-talk@lists.torproject.org>
To: tor-talk@lists.torproject.org
X-Mailer: Apple Mail (2.2098)
Subject: Re: [tor-talk] TorBirdy seems to connect to the same exit
	node	again and again
X-BeenThere: tor-talk@lists.torproject.org
X-Mailman-Version: 2.1.15
Precedence: list
Reply-To: tor-talk@lists.torproject.org
List-Id: "all discussion about theory, design,
 and development of Onion Routing" <tor-talk.lists.torproject.org>
List-Unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-talk>, 
 <mailto:tor-talk-request@lists.torproject.org?subject=unsubscribe>
List-Archive: <http://lists.torproject.org/pipermail/tor-talk/>
List-Post: <mailto:tor-talk@lists.torproject.org>
List-Help: <mailto:tor-talk-request@lists.torproject.org?subject=help>
List-Subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>, 
 <mailto:tor-talk-request@lists.torproject.org?subject=subscribe>
Content-Type: multipart/mixed; boundary="===============8503829317071030457=="
Errors-To: tor-talk-bounces@lists.torproject.org
Sender: "tor-talk" <tor-talk-bounces@lists.torproject.org>


--===============8503829317071030457==
Content-Type: multipart/signed; boundary="Apple-Mail=_377DD2DB-7742-4501-A1C3-3C2EA98651BD"; protocol="application/pgp-signature"; micalg=pgp-sha256


--Apple-Mail=_377DD2DB-7742-4501-A1C3-3C2EA98651BD
Content-Transfer-Encoding: quoted-printable
Content-Type: text/plain;
	charset=utf-8

>=20
> Date: Thu, 23 Apr 2015 20:06:09 -0400
> From: "l.m" <ter.one.leeboi@hush.com>
>=20
> Hi Sophie,
>=20
> =E2=80=A6

> When using Tor Browser, the tor process is kind enough to take notice
> when using certain ports (WarnPlaintextPorts). So maybe TorBirdy
> should do the same. That is to say, make TorBirdy more verbose about
> choices for mail server port. Had you been warned that port 25 is not
> the port you're looking for you might have chosen differently. Even if
> the port was chosen temporarily, a reminder could've helped. To make
> things worse you have to switch between TorBirdy and Tor Browser to
> change identities. Then you have to run something like
> check.torproject.org to ensure your ip is different from a
> (potentially blocked) previous ip.
>=20
> So things TorBirdy could do better to avoid this problem in the future
> include:
> a) Be more verbose about choosing the mail server port. Possibly
> include a reminder which can be disabled. Warn when making a hazardous
> choice such as 25. A known abuse port and one which is blocked in the
> default exit policy and reduced exit policy.
> b) Provide new identity functionality in TorBirdy. It would need to be
> careful not to "step on the toes" of Tor Browser. To this end it could
> emulate the NEWNYM signal by leveraging stream isolation. New
> identities triggered by TorBirdy would create streams isolated from
> previous streams. By tracking streams associated with mail servers
> TorBirdy can ensure old connections are closed before new ones. It can
> do this in a way such that no interference occurs with Tor Browser.
> c) Enable TorBirdy to configure use of TrackHostExits/Expire. Purely a
> preference to deal with Tor Browser triggering a new identity when you
> might prefer to have TorBirdy continue to use the last exit for a
> time. If you've triggered a new identity in TorBirdy to avoid a
> blocked exit this could also mitigate the problem of a blocked exit
> being reused. Is there a better way to achieve the same result here?

You could run TorBirdy through its own instance of the tor client =
software, with a separate socks port.

This would avoid many of the issues you're trying to work around in b) =
and c), as TorBirdy could happily send NEWNYM to its own client instance =
all it liked. There is a slightly increased network load involved in =
running two instances, and there could be security implications of =
running separate tor clients - but mainly if their connections are =
distinguishable.

teor

teor2345 at gmail dot com
pgp 0xABFED1AC
https://gist.github.com/teor2345/d033b8ce0a99adbc89c5

teor at blah dot im
OTR D5BE4EC2 255D7585 F3874930 DB130265 7C9EBBC7


--Apple-Mail=_377DD2DB-7742-4501-A1C3-3C2EA98651BD
Content-Transfer-Encoding: 7bit
Content-Disposition: attachment;
	filename=signature.asc
Content-Type: application/pgp-signature;
	name=signature.asc
Content-Description: Message signed with OpenPGP using GPGMail

-----BEGIN PGP SIGNATURE-----
Version: GnuPG/MacGPG2 v2.0.27

iQIcBAEBCAAGBQJVOgCRAAoJEAA+T02r/tGsvqYQAL91MKndDmXRxhlrhtS/Q6mC
WvPafKoejfUBXf3F+xnk/FYmdvTm6OXQRs6T2iY+eDm5yi0cjtfE6Ei0CiVO5S6H
6Kp2RnlH5Mt//xzpdtakGOtwEqrZhGvkjXUAQbsiEWq1sP7n5Fv41R08HSatHpD5
eR4wngTN4AfsHFhZ9t/lrQS0xD+otbwqRKcku6ZFZf5eApK90GYcs8kjDmlZeoKj
PRVZIKPb9P/mN6zlEVZvmGPCC1Qd8JOMPxRaMLLOaOnSTHQtUV5DYwkg80rqjO/d
UwCfi7zQkw+UA6JimgzjDaJv3n6JhcXCvANmAEqJOCyomuSSybEy0N+WM1u2ln0U
6E3o0D2VyuTGkqGZSf5eN5yNSLK3ZH6dgUVwoo6lN7/tYROCIL8sDpjc4NiT2h/V
jU8Eo9f9gHHFxRxadTxvQhGeIsiYtzLym2KtEwgeVm/uLOd+19MAqJG0nAXQBvxz
52iGQjN8gT0WS/7jynX/gadzI7GDW7uA0WEN5XQkgsQrKZ7EGviwQCrgWglLMf3p
c8KC5WSgCZDKweAT7UjVm1MAhs+rjca6wS/Z9Ki+nI74bhCJmpTgwso0dUbKTrEo
AM7I6fQU9Sf0GLg/muGXmx1SIXEC/ZkbBkeErLUefmiVVjivBtEzXsZx7d5HLr00
K0EuPRmzZ+w5z9Egk+K9
=eUEq
-----END PGP SIGNATURE-----

--Apple-Mail=_377DD2DB-7742-4501-A1C3-3C2EA98651BD--

--===============8503829317071030457==
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline

-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

--===============8503829317071030457==--

