[tor-talk] jondonym over tor, tor over jondo?

adrelanos adrelanos at riseup.net
Sun Jan 5 20:39:15 UTC 2014

BM-2cTjsegDfZQNGQWUQjSwro6jrWLC9B3MN3 at bitmessage.ch:
>> From these links:
> https://anonymous-proxy-servers.net/en/help/net.html 
> https://anonymous-proxy-servers.net/en/help/services_tor.html
> It appears that with JonDo (similar to tor), it is possible to use
> tor as the initial proxy used to connect to the jondo network. Is
> it appropriate to call this "jondo over tor"?

It is. From my experiences with Whonix user questions, I recommend to
always write down the connection scheme, i.e. user -> Tor -> JonDo.
Otherwise there will be confusion.

> This can also be done in Whonix:
> https://www.whonix.org/wiki/JonDonym
> Is it be possible to do the opposite, "tor over jondo", where jondo
> is used as the initial proxy into tor?

user -> JonDo -> Tor
For that case you'd have to configure Tor to use the proxy ports JonDo
is providing. Haven't tested the following [at least I don't remember
right now]. Try and tell us if it worked. Set https proxy, port 4001
in Tor's config file (torrc) (or tor-launcher settings).

And I quote https://anonymous-proxy-servers.net/en/help/about.html:

"Please note: free services can only contact destination ports 80 and
443, which are used for the HTTP and HTTPS protocol. You can use these
services only for web browsing and ftp downloads. All other web
services you can use only with premium services."

Therefore setting "FascistFirewall 1" in Tor's config (or using the
"This computer goes through a firewall..." setting in tor-launcher)
would still be required.

And let me add, that only the premium users of JonDo can use socks.

If the above doesn't work, configuring JonDo to use Tor's socks proxy
should have a better chance of working.

> Particularly, by entering the jondo ip/port settings into this
> vidalia panel: https://www.torproject.org/docs/proxychain.html.en

Vidalia has been deprecated in latest TBB (but the new tor-launcher
addon seems to support changing proxy settings in Tor). Not sure if
Vidalia is able to change proxy settings for system Tor.

> What would the implications of each be, and is this kind of thing
> just strengthening a link that doesn't happen to be the weakest in
> the first place?

We tried to collect the arguments of all sides here:

> Which setup would you trust more, and could this cause any
> potential problems?

There is no clear answer. It depends on your assumptions and threat model.

When using JonDo free, you'd have to limit what entry guards (or
bridges) you could use to those running on port 80 / 443.

More information about the tor-talk mailing list