[p2p-hackers] peertech quorum public offset 0000000 / januswireless / alpine / feedbackfs

coderman coderman at gmail.com
Tue Jun 13 18:01:32 UTC 2006


On 6/13/06, Enzo Michelangeli <enzomich at gmail.com> wrote:
> ...
> The archive at http://januswifi.dyndns.org:85/JanusVM.zip appears to be
> corrupted... The installer, on the other hand, is OK.

thanks for the heads up; there was a bad image at one point due to an
FTP as ASCII issue and i'll have Kyle double check this.


> By the way, doesn't VMware's .vmem file, left on the disk, represent a
> privacy hole? That's one reason I like qemu better than VMware, despite its
> slower speed (esp. when used without kqemu).

there are a number of privacy holes in this release.  it's really more
a proof of concept than a finished cut.  (any suggestions for
mitigating the .vmem issue?)

some other known holes we are in the process of fixing (slowly, due to
external factors) and intend to have published by the 4th of july or
earlier:

- dns leaks, which will be mitigated by dns-proxy-tor
- http on ports other than 80 and 8080, which will be mitigated by L7
matching for http type
- https and other TCP traffic which is not going through tor to be
mitigated by trans-proxy-tor.
- general hardening of the appliance against users on the same local network.
- removing caching for squid, and using it transparent http proxy
only, since it is too aggressive with caching pages and images.
- resolving some issues with CGI get parameters through squid/privoxy.
- release sources and scripts for building your own installers and images.

thanks again,



More information about the P2p-hackers mailing list