[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

[tor-talk] newbie: tor browser bundle and privoxy



Hello, list. I am newbie in Tor. By reading an information about tor i found article( http://www.hermann-uwe.de/blog/howto-anonymous-communication-with-tor-some-hints-and-some-pitfalls ), that says:

"The biggest problem with many applications is that they /leak DNS requests/. That is, although they use Tor to anonymize the traffic, they first send a DNS request /untorified/ in order to get the IP address of the target system. /Then/ they communicate "anonymously" with that target. The problem: any eavesdropper with more than three brain cells can conclude what website you visited, if they see that you send a DNS request for rsf.org <http://www.rsf.org>, followed by some "anonymous" Tor traffic. The solution: *use Tor together with Privoxy*, that prevents DNS leaks."

Next, on https://www.torproject.org/projects/torbrowser-details.html.en#contents i found, that *Tor Browser Bundle* consist of:

   * Vidalia 0.2.15
   * Tor 0.2.2.35 (with libevent-2.0.16-stable, zlib-1.2.5, openssl-1.0.0e)
   * Mozilla Aurora 9.0.1 and Torbutton 1.4.5.1)
   * Pidgin 2.7.5 and OTR 3.2 (only in Tor IM Browser Bundle)

So, Tor Browser Bundle does not contain Privoxy.
Now question: does this mean, that Tor Browser Bundle is less secure than separately installed Tor + Privoxy?
P.S. sorry for my rough english.



_______________________________________________
tor-talk mailing list
tor-talk@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk