[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

[tor-talk] Is it secure to use Tor with HTTP Proxies?

To: tor-talk@xxxxxxxxxxxxxxxxxxxx
Subject: [tor-talk] Is it secure to use Tor with HTTP Proxies?
From: Laura Sharpe <laurasharpe@xxxxxxxxxxx>
Date: Fri, 14 Oct 2016 14:20:00 +0200 (CEST)
Delivered-to: archiver@xxxxxxxx
Delivery-date: Fri, 14 Oct 2016 08:20:31 -0400
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/simple; d=mailbox.org; h= content-type:content-type:mime-version:subject:subject :message-id:reply-to:from:from:date:date:received; s= mail20150812; t=1476447600; bh=Ci1UbDIAGSq7ocywpdk1pD8Gax7fSzSes NA94mdjUDA=; b=n3cAdKudtwPESjcD5+2DCw1YuGYKn0LC+UMx2GnBXXG6VmHre WzGKzhoLIvLHplMtLXVqfORPnJU/0Vfne3GUM4UH5niQLhZpnemhYh1ny+shVb+j mF0iaQqcbRLcm0Kzkns8W7I80C7I4k1ho/O88ZFE7DAeNr8N8Fe52oxdW6CiAJoO wxlyABPd4jg7zBe9FLK0hM5+WZ/XYEq+mhrRMQsKT8BS0K20nUsoOpYTTI6kBsEp aO0QDGr7takMc5QIAJvHJpehnB0lDuF14uaFMc2RD8OALJEyhYvdzap2odYotSMF hdL3rb6NHvM9JJ0zbRl99yJufnKDKrw2vwuMA==
Importance: Medium
List-archive: <http://lists.torproject.org/pipermail/tor-talk/>
List-help: <mailto:tor-talk-request@lists.torproject.org?subject=help>
List-id: "all discussion about theory, design, and development of Onion Routing" <tor-talk.lists.torproject.org>
List-post: <mailto:tor-talk@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=unsubscribe>
Reply-to: tor-talk@xxxxxxxxxxxxxxxxxxxx
Sender: "tor-talk" <tor-talk-bounces@xxxxxxxxxxxxxxxxxxxx>

Is it secure to use Tor with HTTP proxies? Like this:


Use proxychains and in /etc/proxychains.conf use:


[ProxyList]

# defaults set to "tor"

socks5 127.0.0.1 9050


In "standard" Firefox (not the TBB) set Manual Proxy Configuration to a HTTP proxy and use the same proxy for all protocols. Make sure Remote DNS is ticked.


Assume that the HTTP proxy is legitimate.


From the command line run:


proxychains firefoxhttp://www.example_site.com/


Traffic will be routed by proxychains through Tor then is transferred through the HTTP proxy.


You may say that this is a bad idea since HTTP works at the application layer and hence traffic can be intercepted by the provider of the HTTP proxy (unlike SOCKS proxies which work at the transport layer (I think)). But if the traffic from the user is always to a HTTPS site, then why should there be a problem even if the content was intercepted?


I know that you can also use proxychains with SOCKS proxies but my questions is specifically about using proxychains with HTTP proxies.
-- 
tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

Follow-Ups:
- Re: [tor-talk] Is it secure to use Tor with HTTP Proxies?
  - From: Flipchan
- Re: [tor-talk] Is it secure to use Tor with HTTP Proxies?
  - From: Nicolas Vigier

Prev by Author: Re: [tor-talk] problem reinstalling NoScript
Next by Author: Re: [tor-talk] transparent tor routers
Previous by thread: [tor-talk] S. Rambam hope xi 2016 - Slide: "How You Move Your Mouse Could Help Others Track You - Even on Tor"
Next by thread: Re: [tor-talk] Is it secure to use Tor with HTTP Proxies?
Index(es):
- Author
- Thread