[tor-talk] Performance

Fabian Keil freebsd-listen at fabiankeil.de
Sat Aug 16 13:23:23 UTC 2014 

Roger Dingledine <arma at mit.edu> wrote:

> On Wed, Aug 13, 2014 at 03:18:23PM -0500, Joe Btfsplk wrote:
> > The Privoxy part of the chain could be an issue.  What is your
> > reason for using Privoxy?
> > In general, I find Tor to be faster overall, since overhauls in
> > TorBrowser - when they stopped using Privoxy (& likely started other
> > speed increasing methods).
> > Other network changes could be partly responsibility for increased
> > speed.
> 
> Privoxy will be slower for two reasons:
>
> A) It doesn't do the pipelining, etc that your browser can do. Earlier
> versions of privoxy would fetch the whole page before passing any of
> it to the browser. Maybe newer versions of Privoxy are smarter, but I
> bet there are still web performance features that it disables by adding
> another link in the chain.

Privoxy has to buffer the whole page if it's configured to filter it
as the last byte might affect whether or not the first byte has to
be modified.

If filtering is disabled (globally or for the current response),
the page isn't buffered. Encrypted responses aren't buffered either.
Earlier versions of Privoxy behaved the same way and I believe even
Privoxy's predecessor was "smart" enough for this.

> B) It doesn't make use of Tor's "optimistic data" feature, which sends
> the first chunk of application-level data along with the begin cell,
> effectively cutting out one of the two round-trips for a new page fetch.

Privoxy 3.0.21 and later support Tor's "optimistic data" feature
(with some limitations). While it technically improves performance,
it's seems rather hard for a human to tell whether or not it's enabled,
though.

> I guess the broader question is what the original poster was trying
> to do -- if the goal is to give Tor's protection to everybody in the
> organization, and the way they did it was to leave everybody using
> Internet Explorer, and then redirect outgoing traffic into Privoxy
> which sends it through Tor, then the users are missing out on all
> the application-level privacy and security features that Tor Browser
> gives you:
> https://www.torproject.org/projects/torbrowser/design/

No arguments there.

Whether or not they are missing out on "performance" and which
part of the chain is to blame is a different question, though.

Fabian
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 181 bytes
Desc: not available
URL: <http://lists.torproject.org/pipermail/tor-talk/attachments/20140816/1f314631/attachment.sig>

More information about the tor-talk mailing list