[tor-talk] Setting up Tor on Ubuntu

Mike Perry mikeperry at torproject.org
Wed Mar 21 19:26:32 UTC 2012


Thus spake Simon Brereton (simon.brereton at buongiorno.com):

> On 21 March 2012 07:20,  <tor324890 at rainslide.net> wrote:
> > I'd do what you originally intended: keep it simple, you want to learn tor
> > so just run tor alone for now. Get back to the position you were at when you
> > just had tor, no Vidalia, and you've confirmed it's running with nmap. By
> > default it'll run on port 9050 - nmap should confirm that, so you should set
> > your proxy setting in your browser to localhost:9050. Set your browser to
> > manual proxy for now, just to eliminate 'system proxy' from the equation.
>
> Sadly, that has the consequence that when I fire up Firefox, Firefox
> also uses that proxy - whether proxying in Firefox is enabled or not.
> That's bad.  Loathe as I am to have a third browser installed, it
> looks like I might have to use the TBB for secure browsing instead of
> Chromium (which had been my plan.  Firefox is altogether safer and
> easier to configure for a higher-level of safety without going torshit
> crazy (and it's also useful to have a browser that stores some
> cookies).

You can configure TBB to allow you to store history and cookies, it's
just painful and spread across like 3 different options in Torbutton.
They are under subtabs in the the Security Settings tab:

History->"Block history writes during Tor"
Cookies->"Use the Cookie Protections Dialog to Choose"
Shutdown->"Do not clear my cookies at shutdown"

Yes, of course this is insane and sucks. It's a relic of Torbutton's
incremental development and the need for testers and security
researchers to debug features individually.

https://trac.torproject.org/projects/tor/ticket/3100 is the trac ticket
to create something more reasonable from all of those prefs. Patches
welcome :).

> So now I have the following questions.
> 
> 1)  Can I use the TBB even though I have tor installed and running
> successfully?

Yes. There are two ways to do this. The easiest is to just start the
fucker, let Tor bootstrap, let Tor Browser launch, and then tell Vidalia
to "Stop Tor". The Tor Browser should still remain open.

After that, you can go into the Torbutton Preferences and tell the TBB
Firefox to use an alternate Tor SOCKS port (9050 is the system tor
default on Ubuntu). You can also click the "Transparent Torification"
radiobutton if you are using transparent firewall rules to torify all of
your traffic.

The more involved method is to edit the start-tor-browser shell
script...

> 2)  Is there a danger in having tor running even when I'm not using it?

Not really. In fact, traffic analysis is made easier if you only run tor
when you are actually using it.

> 3)  I was reading up on exit-point safety and apologies to the people
> who spent time documenting it, but I didn't understand that well at
> all.  I'm a native speaker and technically literate, so I'm concerned
> other people might not understand it either.

Does this warning make sense:
https://www.torproject.org/download/download-easy.html#warning

Point (c) is about exit point safety. If we can do anything to improve
it, let us know.

> 4)  Do I need privoxy or obfusproxy?

Privoxy and polipo are no longer maintained. We've stopped using them in
favor of pure SOCKS4A+SOCKS5.

Obfsproxy is experimental still, but has some very attractive features.
In particular, it can make traffic analysis even harder by preventing
your ISP from easily telling you're even using Tor. It is meant for
deployment in censored locations with a high degree of risk and/or
conflict. But I bet people concerned with privacy will be interested in
it too. It's a bit early for end users to just jump in and start using
it, though.


-- 
Mike Perry
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 198 bytes
Desc: Digital signature
URL: <http://lists.torproject.org/pipermail/tor-talk/attachments/20120321/68938cd3/attachment-0001.pgp>


More information about the tor-talk mailing list