[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: [tor-talk] Setting up Tor on Ubuntu
On 21 March 2012 15:26, Mike Perry <mikeperry@xxxxxxxxxxxxxx> wrote:
> Thus spake Simon Brereton (simon.brereton@xxxxxxxxxxxxxx):
>
>> On 21 March 2012 07:20, Â<tor324890@xxxxxxxxxxxxx> wrote:
>> > I'd do what you originally intended: keep it simple, you want to learn tor
>> > so just run tor alone for now. Get back to the position you were at when you
>> > just had tor, no Vidalia, and you've confirmed it's running with nmap. By
>> > default it'll run on port 9050 - nmap should confirm that, so you should set
>> > your proxy setting in your browser to localhost:9050. Set your browser to
>> > manual proxy for now, just to eliminate 'system proxy' from the equation.
>>
>> Sadly, that has the consequence that when I fire up Firefox, Firefox
>> also uses that proxy - whether proxying in Firefox is enabled or not.
>> That's bad. ÂLoathe as I am to have a third browser installed, it
>> looks like I might have to use the TBB for secure browsing instead of
>> Chromium (which had been my plan. ÂFirefox is altogether safer and
>> easier to configure for a higher-level of safety without going torshit
>> crazy (and it's also useful to have a browser that stores some
>> cookies).
>
> You can configure TBB to allow you to store history and cookies, it's
> just painful and spread across like 3 different options in Torbutton.
> They are under subtabs in the the Security Settings tab:
>
> History->"Block history writes during Tor"
> Cookies->"Use the Cookie Protections Dialog to Choose"
> Shutdown->"Do not clear my cookies at shutdown"
>
> Yes, of course this is insane and sucks. It's a relic of Torbutton's
> incremental development and the need for testers and security
> researchers to debug features individually.
>
> https://trac.torproject.org/projects/tor/ticket/3100 is the trac ticket
> to create something more reasonable from all of those prefs. Patches
> welcome :).
>
>> So now I have the following questions.
>>
>> 1) ÂCan I use the TBB even though I have tor installed and running
>> successfully?
>
> Yes. There are two ways to do this. The easiest is to just start the
> fucker, let Tor bootstrap, let Tor Browser launch, and then tell Vidalia
> to "Stop Tor". The Tor Browser should still remain open.
>
> After that, you can go into the Torbutton Preferences and tell the TBB
> Firefox to use an alternate Tor SOCKS port (9050 is the system tor
> default on Ubuntu). You can also click the "Transparent Torification"
> radiobutton if you are using transparent firewall rules to torify all of
> your traffic.
>
> The more involved method is to edit the start-tor-browser shell
> script...
Thanks. Dererk's reply means I can probably go this route.
Additionally today I was reading that simply proxying through
localhost:9050 might not be enough to make FF safe (something about
DNS leaks).
>> 2) ÂIs there a danger in having tor running even when I'm not using it?
>
> Not really. In fact, traffic analysis is made easier if you only run tor
> when you are actually using it.
>> 3) ÂI was reading up on exit-point safety and apologies to the people
>> who spent time documenting it, but I didn't understand that well at
>> all. ÂI'm a native speaker and technically literate, so I'm concerned
>> other people might not understand it either.
>
> Does this warning make sense:
> https://www.torproject.org/download/download-easy.html#warning
>
> Point (c) is about exit point safety. If we can do anything to improve
> it, let us know.
If HTTPS Everywhere encrypts traffic from the exit-point, doesn't that
break SSL? Or is it working the same way an SSL VPN would work at
that point?
>> 4) ÂDo I need privoxy or obfusproxy?
>
> Privoxy and polipo are no longer maintained. We've stopped using them in
> favor of pure SOCKS4A+SOCKS5.
Uninstalled then.
> Obfsproxy is experimental still, but has some very attractive features.
> In particular, it can make traffic analysis even harder by preventing
> your ISP from easily telling you're even using Tor. It is meant for
> deployment in censored locations with a high degree of risk and/or
> conflict. But I bet people concerned with privacy will be interested in
> it too. It's a bit early for end users to just jump in and start using
> it, though.
Well, at the moment I don't even have a real need for using Tor - but
you never know. So, I'll probably install it anyway and see what
gives. If I can contribute feedback, well and good.
I'm still al little unsure how/why this works. In my mind it would be
better to have a quantum approach such that (neither) you (nor anyone
else) can determine which hole the light particle goes through. But I
guess I'll figure it out in time.
Thanks for the help so far.
Simon
_______________________________________________
tor-talk mailing list
tor-talk@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk