[tor-talk] darkweb-everywhere - was: Using HTTPS Everywhere to redirect to .onion
adrelanos at riseup.net
Tue May 13 23:24:29 UTC 2014
-----BEGIN PGP SIGNED MESSAGE-----
"HTTPS Everywhere rulesets for hidden services and eepsites."
Just sharing it, because I thought it's an interesting follow up to
our previous discussion "Using HTTPS Everywhere to redirect to .onion"
here on tor-talk. I haven't looked closer into that project.
> Hello all,
> I am the web admin on the Whonix project (www.whonix.org /
> kkkkkkkkkk63ava6.onion), where we serve the same wiki, blog, and
> forums on both a .org and .onion, for censorship-resistance
> Most web applications expect to "be" at one base URL, and generate
> dynamic links based off the "known" location, which is usually
> entered by hand during installation. That works great for most use
> cases; but .onions are not a typical use case.
> While trying to come up with a way for the forum users to be able
> to browse without having to manually edit the .org links into
> .onion links, I threw together a HTTPS Everywhere user ruleset:
> <ruleset name="Whonix Onion"> <target host="www.whonix.org" />
> <target host="kkkkkkkkkk63ava6.onion" />7 <rule
> to="http://kkkkkkkkkk63ava6.onion/"/> </ruleset>
> and it works beautifully. With this ruleset enabled, the user can
> type in "whonix.org/forum" and the browser will actually make the
> request for "http://kkkkkkkkkk63ava6.onion/forum". If the user
> wants the .org version, they can toggle the ruleset off.
> My question is does this have more potential than being a weird
> (rather effective) hack? Could we make an "onion Everywhere" as it
> were to help solve the difficult-to-remember onion names? Or is
> this just another layer of confusion that further increases the
> barrier of entry on successful Tor use?
> It's a pretty simple idea, and I am open to any questions,
> comments, or rude remarks.
-----BEGIN PGP SIGNATURE-----
-----END PGP SIGNATURE-----
More information about the tor-talk