Anyone tried XeroBank (formerly Torrify)

We are entirely aware of this problem. We are doing some hardening to the computers and that requires some rekeying. This caused one of the key generators to incorrectly generate the SSH keys required for logins. This is being corrected. Standby

We will have that shortly. We are still bringing all the services online and development is mostly happening in the background. Right now you can cancel through the payment processor, directly.

 

Exactly right. Now I rewrote the next version of xBB to user KillProcDLL.dll instead of KillProc.dll or nsProcess.dll, which throw up many more false alarms. KillProcDLL I have recently sent to AVG and a host of others telling them to remove it from their virus databases. They did. So now that you have updated virus scanners and it isn't popping up, no surprise.

 

Definitely. They are especially fast in Europe.

Yes, they should be included in the next versions of xBB 2.0.0.4b, which I should have complete anytime now.

Oh, you mean for the website too? We will have translations in other languages, just haven't finished writing all the official copy for the english pages. Once we decide on the finished format we will translate.

What languages would you like to see? Regarding international credit cards, we accept all visa, mastercard, discover, amex, diners club, etc etc. I don't think it matters what country you order from.

 

By the way,

I have completed the first beta of XeroBank Mail, the anonymizing email client. Would anybody like to help me test it? email arrakistor at gmail dot com.

 

I belong to a group and there was a guy who tried to use his regular browser to download a rapidshare file for free and then use torpark to download another one without the wait time. He said that rapidshare knew that he had just downloaded a file when he tried his second download with torpark. I didn't think that was possible. I have had a paid account with rapidshare for a long time and have no interested in using tor for this purpose, but I wanted to see if it was possible for rapidshare to detect me......and evidently it was.

I downloaded a file as a free user. Then I ex'd out of firefox...clearing the data...and then I enabled the tor button (privoxy, vidalia, tor with firefox). Rapidshare knew that I had just downloaded a file. So I went into Opera Tor (with a different IP), and they still knew and told me how many minutes I had to wait. So then I went into the Xerobank browser.....a different IP.....and they still knew. I went back to Firefox and opera again, clearing the data each time, and watched the minutes that they said I had to wait. They were consistent. I thought that maybe other people were downloading for free with the same IP and maybe this was the problem. But I watched my wait time decrease in consistant increments with each attempt. I even restarted my computer once.

I am a newbie at this and I know very little so maybe someone can help me understand this. Either I do not understand what I have read about tor, or tor is not doing what it is said to do, or the good people at rapidshare know how to see right through it. I don't care about rapidshare, like I said I have a paid account and have for months, but I would like to have a clearer understanding as to what tor can and can't do....and VPN's for that matter. So hopefully someone here can be kind enough to explain this to me.

 

Rapidshare didn't know he had downloaded a file. What it knew was that someone using that tor exit node had maxed out the limit that day. And that is exactly what happened. Some other tor user had already maxed out the rapidshare limit and he presumed it meant him. Consider, rapidshare isn't exactly a secret, so with millions of people downloading from only a thousand servers, it is an inevitability.

 

As Steve has noted, Rapidshare keeps track of usage by IP address so when you used a proxy server shared with others, it is quite likely that it will have hit Rapidshare's limit.

Going OT a little, I find Rapidshare downloads an utter PITA and have now blocked access to all of their download servers on my Tor exit node. These downloads were continually using 30-50% of the bandwidth I had allocated for Tor and are doubtless a key reason why the main Tor network has slowed down lately. It is particularly galling to see a resource for online anonymity being swamped by those who hog it to avoid having to pay for a Rapidshare account or even worse, just to speed up an existing download with a second connection. Prior to imposing a block I was regularly seeing downloads exceeding 100MB, which took up bandwidth that could have been used to anonymise about 1,000 webpage accesses instead...

"P2P Downloaders, please note: the Tor Network was designed to protect private citizens' personal privacy, especially in the important areas of Freedom of Speech, Freedom of Conscience, and Freedom of Democracy. Tor and Prixovy were not designed to help people download megabytes of movies and songs. Please do not abuse the Tor-Privoxy system by turning it into a P2P downloading avenue."

 

Good for you, It is something everyone running a server/exit node in the Tor community needs to do. Much as is done by blocking ports 119, 563 etc. Trying to reason with these people, well most of them, is a waste of time... closing all the p2p doors on them is what is needed if Tor's intended purpose is to continue. If they want to p2p, let them cough-up E5 to 10/month for a commercial VPN connection.

 

I was asking that because I don't have international credit card, a few people have, but they are exception.

I believe there are another methods of international bank payments but I am not aware of them, and don't have a clue how to use them. Perhaps if you try to explain this matter on your main site.

About the languages, can you put Brazilian-Portuguese on your list?

Steve, it will be necessary for all users to drop the current Torpark version and download the current XeroBank browser, or they can keep this previous version?

I am asking that because sometimes I was experiencing some crashes from Torpark always when the browser is loading for the first time. They are not crashes in fact, instead, they are error messages from some Windows DLL (unknown file?). Torpark still remains open, and working fine, and these messages appears for no reason. Do you know what that means?

My computer and connection are fast enough.

I usually never use Torpark to do large downloads. All my downloads are from P2P. Only to surf on web, and my downloads, if necessary, are very small files. This is a coincidence. Yesterday I was testing TORPARK and Rapidshare for one single download.

And I was able to make 2 downloads from a large file (about 90 MB) one after another, it was about 03:00 AM here, local time. All Torpark required me to do was allow Rapidshare.de on NOSCRIPT whitelist and voilà, I did it.

I don't know about other places, but three o'clock in the morning, here, it's a excellent time to use this browser. Everyone is sleeping, so, you may not have any problems.

 

Tis is a bug: http://www.zaoproxy.ru/index.php?data=119'

Can you tell me what is it?

 

Okay. Thanks guys for the response. I am aware that tor should not be used for this purpose. I only did this experiment to try and understand what was going on. Even if it was okay to use tor for this purpose, it is far too slow for me. But when I tried this, I used an Opera browser with an IP in Virginia, and then when I tried it in Firefox with an IP in Germany, it gave me the same number of minutes remaining....minus a couple. I just assumed if I was using a different IP, it would see me as a different user. But I guess I was wrong. But I am new to all of this and I don't even scratch the surface of having the knowledge that you guys do. So I appreciate the help. Thanks

 

The first languages we will probably have translations for, if we do, will be German, French, and Chinese. Portuguese do Brasil is something we would have to work up to. I'll have to see how many customers we will have from there.

Regarding payment methods, we will accept international money orders, cash in $USD, wire transfers, and gold.

 

Update: We have added the PrefBar plugin to xB Browser 2.0.0.4b. I have uploaded it to the server and a build should be available tonight.

 

PROBLEMS!

I decided to download Xerobank free browser (2.0.0.4a) and make some tests. It seems that, after my first add-on update (NOSCRIPT), the browser redirects himself to NOSCRIPT developer's site, which explains what have changed along with a thank message.

That's OK, I understand.

The problem is, after that, I can't save any configurations regarding Xerobank browser. Anything at all.

For example: I don't want to erase saved passwords. I can change that, okay? So, I close Xerobank after that, and open again. It's no use. All previous configurations are untouched and were NOT SAVED.

And the most strange thing is - the website described before, from NOSCRIPT, is being OPENED AGAIN and AGAIN!

What's going on?

Another question: I am running a firewall here, which is allowing Xerobank browser for all his functions, such as:

ANY TCP ACTIVITY (Allow Inbound and Outbound TCP Connections)

ANY UDP ACTIVITY (Allow Inbound and Outbound UDP packets)

DNS SERVICE (Allow Outbound (stream) UDP packets where: Remote Port: 53)

BROWSER HTTP ACTIVITY (Allow Outbound (stream) TCP connections where: Remote Port: 80-83)

BROWSER HTTPS ACTIVITY (Allow Outbound (stream) TCP connections where: Remote Port: 443)

BROWSER SOCKS ACTIVITY (Allow Outbound (stream) TCP connections where: Remote Port: 1080)

BROWSER PROXY ACTIVITY (Allow Outbound (stream) TCP connections where: Remote Port: 3128, 8080, 8088 )

BROWSER FTP ACTIVITY (Allow Outbound (stream) TCP connections where: Remote Port: 21)

BROWSER FTP DATA ACTIVITY (Allow Inbound (stream) TCP connections where: Remote Port: 20)

I guess FIREFOX.exe have the same rules.

Also, SIGNAL.EXE have these rules from my firewall:

Allow Inbound and Outbound TCP connections
Allow Inbound and Outbound UDP packets

The question is, why XCONFIG.exe (and the old TCONFIG) have the option "I am using proxy/firewall"? I should leave unmarked? What this option does?

 

Okay, the problem of settings not getting saved is solved. We have the new xB Browser 2.0.0.4b due out today (it has been complete for a couple days now, but has to get processed through our system).

Signal speaks to the Tor process and tells it to get new circuits or shutdown.
What it does is send signals back to your own computer, from one port to another. No worries.

XConfig is the new Tconfig. The reason for marking proxy/firewall is if you are already behind some restrictive firewall that requires you to enter in credentials, etc., like in a corporate environment.

 

Steve, now I have Xerobank 2.0.0.4b and everything seems fine, all configurations were saved this time, but Adblock Plus displays a message that he is not working, and looks like he was not installed properly for the first place, and have a exclamation mark warning us that. I tried to open this plugin, and there was nothing inside him. Perhaps you could fix this installation file once more?

So I uninstall this add-on, and now my first step should be download him again, on developer's page or Mozilla add-ons dedicated site, right? Wrong. When I tried to download Ad-Block Plus, this message was displayed, followed by a "download error" pop-up:

Not compatible with Firefox 2.0.0.4.

What??

So, both sites can't install Ad-Block Plus on my machine. Until now, I can't solve this problem. That's the reason I need to get back to Torpark 2.0.0.3 now. Unless there's some way to install this plugin on XEROBANK browser.

And forgive me but I prefer the old Torpark browser design, from the Navigation BAR, and buttons (BACK, FORWARD, STOP, RELOAD and HOME) and Tabs (the tabs were larger before).

There's no way to change it back or even customize these items? From my point of view this is simple a skin, and everyone should be allowed to modify. If there's some way to change that please let me know.

 

PrefBar is okay BUT the user agent snaps back to the actual one whenever the browser is closed and I don't always remember to look. Doesn't JavaScript also snap back to "on" on occasion? I'm not certain about that one, but I do know that the useragent snaps back.

 

First, I want to thank Steve again for being so good about addressing our concerns and answering our questions. Steve's openness and access, I believe, is key to Xerobank being treated over time more like cotse and less like metropipe. To be blunt, Metropipe failed miserably in the customer service and public relations category, but it STILL suffers because nothing it does today counteracts the complaints and other negative remarks that are forever itched into the internet and accessed by people like me who Googles extensively what's been said about these services BEFORE signing up. The Metropipe 'reputation' on the internet was such that I never signed up despite investigating it twice over several years. In contrast, Cotse still comes out strong despite (or perhaps reinforced by) the recent privacy.li attacks because any normal people reading the dialogues can't help but come out on the side of cotse. That feeling is further enhanced when I visited the cotse.com site. In contrast, visiting the metropipe website doesn't really change the feeling that there's something weird about this service. The site is very impersonal for a start.

With that opening comment, here are a few other suggestions/questions for Steve/Xerobank:

(1) IMPERSONAL FEELING TO XEROBANK.COM: The cotse site has a feel to it like a decent person(s) are running it, whereas I've already noted that the metropipe site conveys a very different feeling. Even the privacy.li site has a friendlier feeling to it than Metropipe's site! Unfortunately, the xerobank site trends more towards the metropipe site than towards the more friendly appearing cotse site. It can only help xerobank's overall presence on the web if Steve's openness is captured within the site so that xerobank.com appears less impersonal. Maybe this "look" is purposeful, but I can't see that it conveys any benefits. Steve, if you're insistent that the site look impersonal/professional, at least consider putting in a Blog of your privacy thoughts as an official part of the xerobank site or SOMETHING that personalizes the site a little more. Xerobank.com doesn't have to contain smiley faces to appear like some place that is owned/run by decent people who really care about privacy as a matter of conviction as much as making money. The sooner the site is attractive, the more it reaps the financial rewards too.

(2) WEBMAIL: Any chance that we could access our xerobank e-mail accounts via a webmail feature?

(3) E-MAIL FEATURES: Fastmail is really one of the best e-mail services that provides a high level of privacy AND has features. It's a good model, wouldn't you think, for the features that Xeromail will eventually embrace?

(4) XEROMAIL.COM PORTAL: What I like best about the Tor system relates to the need for privacy for political dissidence in oppressed countries as well as corporate whistle-blowing. Anyone who's deep in those kinds of activities quickly realizes that the more evidence you display that you're using an anonymizinng service, the less seriously your messages are taken, thus the less impact they have. In other words, free speech/whistleblowing message(s) are much more powerful IF people do NOT recognize that you're coming from an anonymity service. The Anonymizer finally achieved that admirably when they started switching IPs on a daily basis AND Anonymizer's IPs don't have a name attached. Of course, TOR can be even better. And since people can't trace back to Xerobank (I hope this is true) based on the TOR access IP being used, no one even thinks of looking up "xerobank". However, XEROMAIL is something else altogether. When we use the xeromail service, even casual investigators (Example: "who's posting that stuff on this discussion forum) quickly discover that xeromail is an anonymous e-mail, and they can find that out the moment they type www.xeromail.com HOWEVER: If xeromail.com was changed into being a portal for webmail access only, a casual sniffer might surf over to it, look it over and decide that "it's just another e-mail service". Furthermore, if you keep the mention of the word "xeromail" to a minimum throughout your xerobank site (or put it on pages where search engine bots can't go), you will have created an e-mail service that more closely replicates what TOR/remailers are all about, and why people like them so much. The problem with using remailers these days is that so many spam filters block those kinds of mail. Xeromail thus offers a potential advantage of getting through those spam filters but that advantage is lost if the term 'xeromail' and the site 'xeromail.com' continues to point straight to xerobank! SUGGESTION: Change xeromail.com into a webmail accessing portal only that doesn't lead to xerobank.

(4) FTP UPLOADS: Sadly, a lot of anonymity services have gotten rid of FTP protocal options, due to illegal music/video file sharing. But what about people who are in the political dissidence/whistleblosing category and have anonymized all connections to a webhost EXCEPT for the ftp upload? We need the ability to distance ourselves from web content we create, not for criminal reasons, but to avoid successful civil lawsuits that effectively shut up whistleblowers/dissidents. QUESTION: Does Xerobank's PRO service permit truly anonymous FTP? Is it possible to achieve with the PRO service through an FTP client such as Filezilla (used commonly by Firefox users)?

(5) WHAT DOES XEROBANK PROMOTE AS ITS VISION? Xerobank service will attract all kinds of usages, including attempted illegal activities. But even legal activities don't always give anonymity services a good name (READ: pornography and hate site access, etc). I've noticed that many Anonymizer services try to create a good image around their names by saying that they help political dissidents/whistleblowers/citizens in oppressive governments get around internet censors, etc. Steve, is there any paricular kind of use for Xerobank that you see as something you would promote as how Xerobank more specifically contributes in a positive way to society? It may be nothing more than "fighting censorship," although that kind of generality embraces the less savoury legal uses of Anonymizing services that tend to sully their names. I'm just curious what convictions and beliefs have driven you to set up the service.

Feedback/input from anyone, including Steve, is much appreciated!

 

(1) Yeah, the COTSE website definitely has the look and feel of being run by an individual, I can't deny that at all. While ease of use is what we are striving for with the new xB website, we aren't going to compromise professionalism for a more homely feel. That isn't xB's target market. You'll notice xB does thing very different from the other guys, including its website. Personally, I like the website, and I liked the prior Torrify website as well. At the end of the day, we're just more professional all around.

(2) None at this time. Webmail is horribly insecure. It is constantly hacked, and we are not in the business of offering insecure services. Beware of anyone who offers webmail that isn't fabricated from the ground up for that specific service. Instead of webmail, we will offer xB Mail downloads for our clients. They can log into their account, download the software, and it will come preconfigured to access their offshore XeroBank mailboxes. Naturally, it is portable as well.

(3) See above.

(4) Xeromail isn't just anonymity without responsibility. We won't allow it to be used for spamming or attacks, so it is unlikely to end up on block lists. Thus we have no intention of hiding it, and no anti-spam lists have any legitimate reason for blocking Xeromail as opposed to any other private mail site.

(5) Dissidents... lets stop and think about that. Dissidents are mostly uninformed and don't even know the government is watching them until they get thrown in jail, thanks to yahoo, google, etc. If they at least knew *that* they would be a step in the right direction. Thinking that they need ftp software is pretty lofty. Maybe you are suggesting an anonymizing FTP client software, but that would be abusive to the Tor network I think. But doable. Now to answer your question about xB Pro, YES! All traffic is anonymized and routed through the XeroBank network. That includes ftp, skype, video, web, chat, etc. Everything.

(6) That is top secret

 

Jim,

I liked the old skin better too, but we got voted off the island on that one. It is possible to install it back. But you know what... it is much more likely we will see a new xB Theme than anything else.

Regarding AdBlock, try using this one:

https://addons.mozilla.org/en-US/firefox/downloads/file/15307/adblock_plus-0.7.5.1-fx tb sm fl.xpi

 

I am sorry, no luck, Steve. The same message:

Error - pop-up window:

Firefox could not install the file at

http://releases.mozilla.org/pub/mozilla.org/addons/1865/adblock_plus-0.7.5.1-fx tb sm fl.xpi

because: Download error
-228

And I have tried with Tor both enabled and disabled. Nothing changes. Xerobank is rejecting AdBlock Plus.

I'll keep Torpark for the moment, AdBlock Plus is important to me.

Considering that many images and frames (specially from Google) takes too much time to load, and this network is slow even if you're using a high-speed connection, I can't afford to drop this feature. Anyway, thanks for your help.

 

Try redownloading from the XeroBank website. I just updated 2.0.0.4b to fix that problem.

 

Oh boy, something is always wrong here! I see new problems instead of others. Now, all configs are being saved and Adblock Plus is here.

The problem is, there is no sign of "Modify Headers" and "Ref Control" plugins from the previous Torpark browser on Xerobank's list. Where are these options?

I don't want to send informations about where I came from, so I need Modify Headers.

And when I tried to click on "FireSomething" options button, my XeroBank is freezing, and I can't do anything against it, only shutdown the entire browser by pressing control + ALT + DEL.

 

Now everything is fine. What I have done:

It was necessary to uninstall Firesomething.

Steve, you need to modify your installation file again, if someone tries to download XeroBank free browser from your site.

I solve this problem by unistalling Firesomething and installing again from Mozilla add-ons.

"Modify Headers" and "Ref Control" plugins from previous Torpark were not included this time. I don't know why Steve remove them, but again, they are also available on addons.mozilla.org.

As for the skin, it is possible for FIREFOX users to modify their skins. Torpark was using Torrify Theme 2.0. I can't find this template on internet. Like I said before, I don't like this default theme for XeroBank. So I changed mine to Winestripe (default Firefox 1.5 theme for Firefox 2.0) and now at least all buttons are different.

When I was downloading/installing this theme, this message was showed: Not compatible with Firefox 2.0.0.4. So, suddenly, this theme was installed. I was thinking (oh no, not again), but in this case, nothing happened.

That's it.

 

Jim,

ModifyHeaders and RefControl have been replaced by PrefBar. You will notice at the top, on the nav bar that you can simply switch your useragent right there. Additionally, if you go to addons;refBar, you can add "Send Referrer" button to the nav so you can also control if that gets sent as well. Two birds, one stone.

Steve