Re: Firefox extension: TorButton

[Roger Dingledine <arma@xxxxxxx>]

I poked at torbutton a bit with my Firefox 1.0.x on Debian Sarge, and
I couldn't get it to install. Perhaps I did something wrong or perhaps
it is not easily compatible that far back.

On Tue, Mar 07, 2006 at 03:01:16PM -0600, Scott Squires wrote:
> Thanks for the feedback.  This is a good point that you mention.  How should
> the extension behave with the "no proxy for" setting?  Should it assume
>that if
> the user is running local services that they will be smart enough to fill in
> this setting themselves?  Or should it consider leaving this setting alone a 
> threat, with the possibility of having an inadvertant hole in the proxy?

Trying to be smarter than the users will make them sad. I think the
best plan is to leave this setting alone.

> Also, I just realized that TorButton leaves the "use this proxy for all
> protocols" option unchecked.  It should probably set this option, yes?

Correct. You should point all the protocols to privoxy (localhost 8118)
including clicking the button, and you should *also* point socks 5 to
tor (localhost 9050). This is for protocols that don't obey the standard
proxy settings but do obey the socks proxy setting.

Bonus points if you set the socks_remote_dns value to true:
http://www.imperialviolet.org/deerpark.html
but this will only work on some firefoxes so it will make portability
even more exciting. :)

--Roger