[tor-talk] Using HTTPS Everywhere to redirect to .onion
fortasse at riseup.net
Wed Feb 26 23:27:10 UTC 2014
-----BEGIN PGP SIGNED MESSAGE-----
I am the web admin on the Whonix project (www.whonix.org /
kkkkkkkkkk63ava6.onion), where we serve the same wiki, blog, and
forums on both a .org and .onion, for censorship-resistance purposes.
Most web applications expect to "be" at one base URL, and generate
dynamic links based off the "known" location, which is usually entered
by hand during installation. That works great for most use cases; but
.onions are not a typical use case.
While trying to come up with a way for the forum users to be able to
browse without having to manually edit the .org links into .onion
links, I threw together a HTTPS Everywhere user ruleset:
<ruleset name="Whonix Onion">
<target host="www.whonix.org" />
<target host="kkkkkkkkkk63ava6.onion" />
and it works beautifully. With this ruleset enabled, the user can type
in "whonix.org/forum" and the browser will actually make the request
for "http://kkkkkkkkkk63ava6.onion/forum". If the user wants the .org
version, they can toggle the ruleset off.
My question is does this have more potential than being a weird
(rather effective) hack? Could we make an "onion Everywhere" as it
were to help solve the difficult-to-remember onion names? Or is this
just another layer of confusion that further increases the barrier of
entry on successful Tor use?
It's a pretty simple idea, and I am open to any questions, comments,
or rude remarks.
-----BEGIN PGP SIGNATURE-----
-----END PGP SIGNATURE-----
More information about the tor-talk