[tor-talk] wget - secure?

Maxim Kammerer mk at dee.su
Wed Apr 18 05:52:07 UTC 2012


On Wed, Apr 18, 2012 at 08:01, Runa A. Sandvik <runa.sandvik at gmail.com> wrote:
> According to a table on https://code.google.com/p/torsocks/, wget is
> not 100% safe to use with Tor and it does leak DNS.

No, what that table shows is that there are possible issues with
torifying wget with torsocks (as opposed to, e.g., pointing
http(s)_proxy to Privoxy; this probably just means that wget sends its
version in User-Agent header), and that wget does not leak DNS
requests when used with torsocks (a rather useless information, since
it says nothing about what happens without transparent torification).
My tests show that wget does not leak DNS requests when HTTP(S)
proxies are specified via environment variables.

TL;DR: wget is 100% safe to use with Tor and it does not leak DNS
(also true for curl, by the way).

-- 
Maxim Kammerer
Liberté Linux (discussion / support: http://dee.su/liberte-contribute)


More information about the tor-talk mailing list