Delivery-Date: Tue, 05 May 2015 19:50:12 -0400
Return-Path: <tor-talk-bounces@lists.torproject.org>
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on moria.seul.org
X-Spam-Level: 
X-Spam-Status: No, score=-4.1 required=5.0 tests=BAYES_00,DKIM_SIGNED,
	RCVD_IN_DNSWL_MED,T_DKIM_INVALID,T_RP_MATCHES_RCVD autolearn=ham version=3.3.1
X-Original-To: archiver@seul.org
Delivered-To: archiver@seul.org
Received: from eugeni.torproject.org (eugeni.torproject.org [38.229.72.13])
	(using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by khazad-dum.seul.org (Postfix) with ESMTPS id 19B7C1E1079
	for <archiver@seul.org>; Tue,  5 May 2015 19:50:10 -0400 (EDT)
Received: from eugeni.torproject.org (localhost [127.0.0.1])
	by eugeni.torproject.org (Postfix) with ESMTP id B2294351B2;
	Tue,  5 May 2015 23:50:05 +0000 (UTC)
Received: from localhost (localhost [127.0.0.1])
 by eugeni.torproject.org (Postfix) with ESMTP id EC0C634FCB
 for <tor-talk@lists.torproject.org>; Tue,  5 May 2015 23:50:02 +0000 (UTC)
X-Virus-Scanned: Debian amavisd-new at 
Received: from eugeni.torproject.org ([127.0.0.1])
 by localhost (eugeni.torproject.org [127.0.0.1]) (amavisd-new, port 10024)
 with ESMTP id ZsdwwXRJIBIs for <tor-talk@lists.torproject.org>;
 Tue,  5 May 2015 23:50:02 +0000 (UTC)
Received: from mail-wi0-x22c.google.com (mail-wi0-x22c.google.com
 [IPv6:2a00:1450:400c:c05::22c])
 (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
 (Client CN "smtp.gmail.com",
 Issuer "Google Internet Authority G2" (not verified))
 by eugeni.torproject.org (Postfix) with ESMTPS id AF17D34EF8
 for <tor-talk@lists.torproject.org>; Tue,  5 May 2015 23:50:02 +0000 (UTC)
Received: by wizk4 with SMTP id k4so181616070wiz.1
 for <tor-talk@lists.torproject.org>; Tue, 05 May 2015 16:49:59 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ritter.vg; s=vg;
 h=mime-version:in-reply-to:references:from:date:message-id:subject:to
 :content-type; bh=7C+/zfAKB5OyFUFdKBW0IPZ4MOyKS8eydaJJEHNMKrg=;
 b=fCPsYx17BpVymZ7OrKykBzzh5g1kZ3L7otncGHd6fM5mRIezbe0N/7QLd9xR1qPP2+
 sl6w8evolN+S1GpGlttFMgQYBcFYbQYLoaHK1yoFFmygZn78B0TIkWb0rSRStY2NmgW6
 PYDTJgQkSGuMzl2Y83kcfiC76LGuEE2KefKtY=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20130820;
 h=x-gm-message-state:mime-version:in-reply-to:references:from:date
 :message-id:subject:to:content-type;
 bh=7C+/zfAKB5OyFUFdKBW0IPZ4MOyKS8eydaJJEHNMKrg=;
 b=N6A5fr562PE62CWtlvOoGgYtGsRUdtM9CaFQfGmXBmleAoTqBKSg3RuOW5df8rhj45
 1AF9iAgEfP9OioR8jyBxbWq+EsZqbh5jLGA5daWOHRPFcT+daWS7JOjdYVlXGYvp+v96
 Qk6vqYtbQOp0P/BhAds+lu5lXJnCjNoYSfQH6X/RSLv7Y2Zdw7oFImMIWYpqcvfWP4qJ
 NMsg+8WNVzi9vPjADcuZMuCo8TokncqYKmKVrNd4lSR7kIfnPLq69YORbSrCgyedK3eT
 GzIilCcDvfBoZlWszgGYohTnHtHN3bAgsoYirsYMNIneZ/fZ/JlOVV2I0JBU5pAdAfAO
 uUIQ==
X-Gm-Message-State: ALoCoQlMiRcEaS+o0D3OAEuZEe25DRFtxVsUFYJNt/sJoouxcLw55d7I5HFYCMMnfE9DAzri/PX8
X-Received: by 10.180.14.135 with SMTP id p7mr2751754wic.8.1430869799861; Tue,
 05 May 2015 16:49:59 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.28.141.80 with HTTP; Tue, 5 May 2015 16:49:39 -0700 (PDT)
In-Reply-To: <16b261d3.1934b0ef@fabiankeil.de>
References: <CA+cU71kwWqGhtPaSbtQyOEtXXxTNUeJPULvnzvUCTC0oTxbu=A@mail.gmail.com>
 <16b261d3.1934b0ef@fabiankeil.de>
From: Tom Ritter <tom@ritter.vg>
Date: Tue, 5 May 2015 18:49:39 -0500
Message-ID: <CA+cU71=ubxOH7-+=J9XB6Wqe0YOekOEWJtnXmzcggkOqaSP9CQ@mail.gmail.com>
To: tor-talk@lists.torproject.org
Subject: Re: [tor-talk] 100-Foot Overview on Tor
X-BeenThere: tor-talk@lists.torproject.org
X-Mailman-Version: 2.1.15
Precedence: list
Reply-To: tor-talk@lists.torproject.org
List-Id: "all discussion about theory, design,
 and development of Onion Routing" <tor-talk.lists.torproject.org>
List-Unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-talk>, 
 <mailto:tor-talk-request@lists.torproject.org?subject=unsubscribe>
List-Archive: <http://lists.torproject.org/pipermail/tor-talk/>
List-Post: <mailto:tor-talk@lists.torproject.org>
List-Help: <mailto:tor-talk-request@lists.torproject.org?subject=help>
List-Subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>, 
 <mailto:tor-talk-request@lists.torproject.org?subject=subscribe>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: tor-talk-bounces@lists.torproject.org
Sender: "tor-talk" <tor-talk-bounces@lists.torproject.org>

On 5 May 2015 at 07:53, Fabian Keil <freebsd-listen@fabiankeil.de> wrote:
> Great.
>
> A couple of comments (about v1.3):

Thanks! I made the changes and put up a 1.4

> Page 141 and 142 seem to suggest that parsing strings is more
> likely to be vulnerable than parsing binary data. Is that intended?

No but mostly yes. It's more a surprise factor: when I tell people tor
uses HTTP to upload and download things, they're not surprised - when
I tell them it has its own HTTP server implementation that does all
the parsing of the requests, they're much more surprised.  I'm not
saying tor's code is insecure (I put up a $bounty inside my company
with my own money to anyone who finds a bug in it actually) - but
implementing your own HTTP server is not a recommended action. :)

> Is the source of the PDF available under a free license?
>
> I'm currently preparing a (German) presentation about location
> hidden block storage and could reuse the HS-related parts:
> http://chaos.cologne/Fahrplan/events/6653.html

It's (now) http://creativecommons.org/licenses/by-sa/4.0/

As far as the sources.... well, I made it in keynote. Yes, I know I'm
a bad person. I can export it as powerpoint, html, images, or pdf and
send you any one of those five. (Or all of them.)

-tom
-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

