[tor-talk] newbie: tor browser bundle and privoxy
Ivan Ivanov
grobokopatel at list.ru
Fri Dec 30 16:31:18 UTC 2011
Hello, list. I am newbie in Tor. By reading an information about tor i
found article(
http://www.hermann-uwe.de/blog/howto-anonymous-communication-with-tor-some-hints-and-some-pitfalls
), that says:
"The biggest problem with many applications is that they /leak DNS
requests/. That is, although they use Tor to anonymize the traffic, they
first send a DNS request /untorified/ in order to get the IP address of
the target system. /Then/ they communicate "anonymously" with that
target. The problem: any eavesdropper with more than three brain cells
can conclude what website you visited, if they see that you send a DNS
request for rsf.org <http://www.rsf.org>, followed by some "anonymous"
Tor traffic. The solution: *use Tor together with Privoxy*, that
prevents DNS leaks."
Next, on
https://www.torproject.org/projects/torbrowser-details.html.en#contents
i found, that *Tor Browser Bundle* consist of:
* Vidalia 0.2.15
* Tor 0.2.2.35 (with libevent-2.0.16-stable, zlib-1.2.5, openssl-1.0.0e)
* Mozilla Aurora 9.0.1 and Torbutton 1.4.5.1)
* Pidgin 2.7.5 and OTR 3.2 (only in Tor IM Browser Bundle)
So, Tor Browser Bundle does not contain Privoxy.
Now question: does this mean, that Tor Browser Bundle is less secure
than separately installed Tor + Privoxy?
P.S. sorry for my rough english.
More information about the tor-talk
mailing list