#Orbot lies brazenly to the user

Source: guardianproject.info/apps/org.…

Orbot is a very useful app for using the #TOR #network on #Android. With all due respect to floss and the achievements of the altruistic developers, I still think it's downright cheeky to lie so blatantly to the user.

The bridge functionality, which can be optionally activated, allows users from the censored Internet, where all TOR servers are blocked, to connect anyway.

Orbot is writing:

It will not drain your battery

This is wrong. There will be more background activity for this connections and this will cost battery power. This is a damn lie!

It will not slow down your internet

This is wrong. There will be connections from others and they will slow down your internet. With a big bandwidth you won't note it but not everyone have high speed internet. This is a damm lie!

🤥

#news #fail #Software #gui #Problem #onion #privacy #snowflake #bridge #documentation #user #lie #internet

Something is up with the #Tor network, they must be under heavy attack. Our #DEFCON relays are working, but our .onion server can't fully complete a connection and so our sites remain off-line for now.

" [warn] Guard ZKP1984 ($7C22E89AB620E77DF1B4A33787A5EC3F2AB4A8D1) is failing a very large amount of circuits. Most likely this means the Tor network is overloaded, but it could also mean an attack against you or potentially the guard itself."

It should eventually connect, but could take a while. @torproject

@torproject Under Attack - #ThreatWire via @endingwithali

#Tor #iOS

youtube.com/watch?v=-FnGQTs_LK…

Wild ass day in the Tor node operator world. Got an email from my VPS, forwarding a complaint from WatchDog CyberSecurity saying that my box was scanning SSH ports!

> Oh no, oh no, I knew I should have set up fail2ban, oh god why was I so lackadaisical!

So I remote in to the machine: no unusual network activity, no unusual processes, users, logins, command history, no sign that anything is doing anything I didn't tell it to do.

So what's up? Turns out there's been a widespread campaign where some actor is spoofing IPs to make it look like systems running Tor are scanning port 22: forum.torproject.org/t/tor-rel…

Operators from all over are saying they're getting nastygrams from their VPS providers because WatchDog is fingering their source IPs (which are being spoofed and NOT part of a global portscanning botnet).

@delroth did an amazing writeup of the whole thing here: delroth.net/posts/spoofed-mass…

#tor #infosec #cybersecurity #threatintel #privacy

[tor-relays] Tor relays source IPs spoofed to mass-scan port 22?

It would be hard to explain to Verizon I run Tor relays since they technically don't allow servers. I hope I'm not forced onto AT&T Internet Air as my particular co-op rental unit won't let met get Spectrum even when other units can, not that I wante…

^{Tor Project Forum}

#Tor is under #attack: delroth.net/posts/spoofed-mass…

#ssh #spoofing #Problem #internet #hoster #news #network #abuse

On my blog: One weird trick to get the whole planet to send abuse complaints to your best friend(s)

delroth.net/posts/spoofed-mass…

Summary of my adventures from last evening, as read in this Mastodon thread: mastodon.delroth.net/@delroth/…

#infosec #networking #tor