Introducing Torfox 3.0.10

Jacob Appelbaum jacob at
Wed Jun 10 16:47:41 UTC 2009

Tor Fox wrote:
> Jacob wrote:
>> That sorta seems like a risky proposition, no?
> In what way?

It doesn't appear to protect you against a variety of attacks?

Have you read the design document that Mike wrote about Torbutton?

>> Do you integrate Torbutton or something like it in some way?
> It works more like Freecap but I've added the code directly to the Firefox
> socket code.

Torbutton does more than simply set a proxy. Hooking the sockets may be
useful, I'm pretty sure that won't protect you against say, rogue
browser extensions that are often installed on Windows machines. Those
seem to pop up from time to time and we've disabled that "feature" in
the Tor Browser Bundle. You may want to look into that also.

>> Additionally, if Firefox only talks to Tor, do you have a control port
> open?
> No, only the socks port 9060 (non-default) is open.

Why not use 9050? To not conflict with other running Tors?

>> I assume I'd just find the matching files in Firefox 3.0.10 and clobber
> them with your files?
> That's right.


>> How does someone replicate your builds on Do you plan on
> publishing that too? Perhaps it would be useful to have a
> with patching and building information?
> After you replace the files you can build Firefox normally. Other than those
> 3 source code files in the SVN I've only changed the branding stuff and
> startup options. I just search and replace the string "firefox" with
> "torfox" and I have some icons and graphics I've made. I have some parts I
> need to automate but I will definitely add a build section and the branding
> stuff for building from source.

It is important to be able to build it and produce the same binary that
you offer for download.

>> It seems like you're not getting much more over the current Tor
> Browser Bundle. Additionally, do you take into account the
> non-Torbutton protection and usability improvements that we have added?
> I think it just appeals to a different style of usage. That's the reason I
> wanted to make it anyways. I've disabled Java, set it to auto delete private
> data on shutdown, etc. I'm looking for input as far as what kinds of
> protection needs to be added.

I'm not sure what you mean when you say that it appeals to a different
style of usage. Do you mean because it lacks a Torbutton logo, or that
it lacks Vidalia?

We do a lot to protect users with the Tor Browser Bundle (much of it is
protection added by Torbutton), it would be a really good idea to make
sure you're familiar with those things.

I look forward to reproducible builds! Don't forget the pgp signatures
too. ;-)


More information about the tor-talk mailing list