[tor-talk] Tor exit+proxy

hmoh at Safe-mail.net hmoh at Safe-mail.net
Sat Jan 7 01:30:11 UTC 2012


> I know about proxychains and windows implementations of it and I
> woudn`t ask for help if it was that easy as "proxychains
> firefox" :)

Oh no offense. I added it for completely reasons. And I think proxychains isn't that well known.

> VPN through Tor is in my todo list, so i will appreciate any solutions
> you will make.

I began work on it but now I am somewhat stuck. Here is what I've got so far.
https://trac.torproject.org/projects/tor/wiki/doc/TorVPN
Let's work on it together. Feel free edit my page, it's a wiki.

> Problems begin when you try to apply this for TB. Since TorBrowser is
> hard alloy of Tor and patched Firefox+Torbutton now, it is not a
> regular question how to make it work with additional proxy.

True. Has been discussed last moth (over 20 reply's or so). There are some solutions proposed.
https://lists.torproject.org/pipermail/tor-talk/2011-December/022514.html

> I
> specifically mentioned TB as the way I want it run, because i think
> that TBB is the best and most secure way to use Tor to browse the web,
> isn`t it?

Agreed, it's good. Not sure it's best. There are text mode browsers. Always a question of comfort versus security. A hardened operating system and a hardened Firefox would be even better, of course, together with their patches. Not sure they already used all available features to harden Firefox.

> Maybe I should ask a different question: If I separate Vidalia+Tor and
> run proxified TBB`s Firefox with its profile after Tor made its chain,
> would that system be less secure?

I guess you mean TBB -> normal Tor chain with 3 proxys -> additional proxy, like open proxy.

[1]
It has been discussed. Like here.
https://lists.torproject.org/pipermail/tor-talk/2007-February/005653.html
Has been discussed many times like this.

It's not recommend. And for cleartext http (not https) there will be now not one, but two servers who can log and tamper your cleartext traffic.

> I`m not advanced that much to

By the way it's ' not `. No offense but this makes it a lot more easy to identify different accounts as not much people use `.

> understand inner working of patches developers made to Firefox, so
> please forgive my slightly ignorant question. 

There is a paper where they explain the changes they made to Firefox.
 
> I see an instruction that tells use privoxy`s forward settings, didn`t
> try that yet, but I tried 3proxy (something the same proxy) with no
> success :(

Sorry, didn't understand that. You mean a privoxy proxy chain? Yes, privoxy supports that but I never tried it.
 
> IMHO ideally it would be perfect if Vidalia had option like "Hide Tor
> usage and add http or socks proxy at the Tor exit nodes:". Dreams,
> dreams...

Indeed. But i think the Tor devs do not like that idea much. 1. because of mentioned earlier [1].

2. because the list of Tor exit servers is available to the open public. That is good. See https://trac.torproject.org/projects/tor/wiki/doc/TorAbuseTemplates#CommentForumSpam

People who get spammed by Tor can easily blacklist Tor.

And nowadays it's well known that it's dumb only to use a single random open proxy from a public proxy list or even from scanning. Just one proxy might log you and tell later who he did forward for. But mostly those proxys are not blacklisted, no mass abuse, no Google captcha and so on.

Now imagine the idea Tor + open proxy gets promoted because the devs encourage that with a new option like Tor + your personal extra proxy chain... That wouldn't give Tor more credibility as it would be even harder to stop abuse form it.


More information about the tor-talk mailing list