Hello,
By default the Tor Browser Bundle connects through SOCKS5 to the TOR daemon.
Is there any advantage today to configure Privoxy to use TOR and configure the Tor Browser in the Tor Network Settings to use proxy access type HTTP/HTTPS pointing to Privoxy?
Thanks in advance.
Paulo Roberto.
Hi Paulo,
This sounds highly inadvisable to me. Interposing Privoxy between Tor Browser and Tor will most likely drastically reduce the anonymity provided by Tor Browser, for multiple reasons:
1. Privoxy filters and modifies the web page in ways that are likely to be observable to both to visited websites and to third parties, including exit nodes. These modifications will distinguish you from most other Tor Browser users who are not using Privoxy. And if you use any custom Privoxy settings, those settings may make you unique among Tor users.
2. It will prevent Tor Browser's normal SOCKS5 connection to the Tor process, which is what Tor Browser uses to ensure a separate Tor circuit is used for the connection to each website. In other words, all your website visits will pass through the same Tor circuit, allowing them to be correlated.
3. From what I understand, Privoxy (at least by default) does a lot of logging to the disk of your local computer, including the URLs you visit. Not good for privacy.
I hope this helps!
Sincerely, Arthur Edelstein
On Sat, Jun 4, 2016 at 1:34 PM, Paulo Roberto betobrandao@gmail.com wrote:
Hello,
By default the Tor Browser Bundle connects through SOCKS5 to the TOR daemon.
Is there any advantage today to configure Privoxy to use TOR and configure the Tor Browser in the Tor Network Settings to use proxy access type HTTP/HTTPS pointing to Privoxy?
Thanks in advance.
Paulo Roberto.
tor-dev mailing list tor-dev@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev
Arthur, Thank you very much. I won't use it.
Regards.
Paulo Roberto
On Sat, Jun 4, 2016 at 8:59 PM, Arthur D. Edelstein < arthuredelstein@gmail.com> wrote:
Hi Paulo,
This sounds highly inadvisable to me. Interposing Privoxy between Tor Browser and Tor will most likely drastically reduce the anonymity provided by Tor Browser, for multiple reasons:
- Privoxy filters and modifies the web page in ways that are likely
to be observable to both to visited websites and to third parties, including exit nodes. These modifications will distinguish you from most other Tor Browser users who are not using Privoxy. And if you use any custom Privoxy settings, those settings may make you unique among Tor users.
- It will prevent Tor Browser's normal SOCKS5 connection to the Tor
process, which is what Tor Browser uses to ensure a separate Tor circuit is used for the connection to each website. In other words, all your website visits will pass through the same Tor circuit, allowing them to be correlated.
- From what I understand, Privoxy (at least by default) does a lot of
logging to the disk of your local computer, including the URLs you visit. Not good for privacy.
I hope this helps!
Sincerely, Arthur Edelstein
On Sat, Jun 4, 2016 at 1:34 PM, Paulo Roberto betobrandao@gmail.com wrote:
Hello,
By default the Tor Browser Bundle connects through SOCKS5 to the TOR
daemon.
Is there any advantage today to configure Privoxy to use TOR and
configure
the Tor Browser in the Tor Network Settings to use proxy access type HTTP/HTTPS pointing to Privoxy?
Thanks in advance.
Paulo Roberto.
tor-dev mailing list tor-dev@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev
tor-dev mailing list tor-dev@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev
Arthur D. Edelstein:
Hi Paulo,
This sounds highly inadvisable to me. Interposing Privoxy between Tor Browser and Tor will most likely drastically reduce the anonymity provided by Tor Browser, for multiple reasons:
- Privoxy filters and modifies the web page in ways that are likely
to be observable to both to visited websites and to third parties, including exit nodes. These modifications will distinguish you from most other Tor Browser users who are not using Privoxy. And if you use any custom Privoxy settings, those settings may make you unique among Tor users.
Last time I looked into privoxy, the filtering was optional and not enabled by default. Is this still the case?
And if filtering in Privoxy is disabled, how could Privoxy make Tor Browser easier to fingerprint?
[I am asking this question somewhat separate from 2.]
- It will prevent Tor Browser's normal SOCKS5 connection to the Tor
process, which is what Tor Browser uses to ensure a separate Tor circuit is used for the connection to each website. In other words, all your website visits will pass through the same Tor circuit, allowing them to be correlated.
Yes.
But what in case when using Tor Browser in combination with another proxifier for example lets say I2P? Perhaps I2P is already torified (using Whonix or so). That would still be better than using a non-privacy optimized browser such as Firefox?
What if someone needed an http2socks converter or vice versa socks3http converter? [Which was last time I checked one use case of privoxy if I remember right.] Would privoxy necessarily mess up the traffic fingerprint?
- From what I understand, Privoxy (at least by default) does a lot of
logging to the disk of your local computer, including the URLs you visit. Not good for privacy.
Perhaps this can be disabled? Or is disabled by default?
Cheers, Patrick
I hope this helps!
Sincerely, Arthur Edelstein
On Sat, Jun 4, 2016 at 1:34 PM, Paulo Roberto betobrandao@gmail.com wrote:
Hello,
By default the Tor Browser Bundle connects through SOCKS5 to the TOR daemon.
Is there any advantage today to configure Privoxy to use TOR and configure the Tor Browser in the Tor Network Settings to use proxy access type HTTP/HTTPS pointing to Privoxy?
Thanks in advance.
Paulo Roberto.
[Kept full quote so privoxy list and developer could be cc'd.]
-
Arthur D. Edelstein -
Patrick Schleizer -
Paulo Roberto