[tor-talk] catastrophe: ip-api.com sees me
mr-4 at bitmessage.ch
Thu Feb 8 20:04:43 UTC 2018
Roger Dingledine wrote:
> Using any browser with Tor besides Tor Browser is usually a bad idea:
I disagree with that statement. It is certainly _not_ a bad idea, provided you know what you are doing.
I don't use TBB, except when I am in "internet cafe" setup/environment (which is pretty rare in my case).
For all other cases, I use regular browser, which routes all traffic locally (using the loopback device only) and traverses it over encrypted tunnel to my tor
machine (all using 2 distinctly different subnets), which in turn routes it out via a 3rd machine that is connected to the real world via a VPN.
My "browser traffic" passes through 3 different firewalls before it gets out, so the chances of something going astray are close to nil.
I tend to keep tor at arms length - in my DMZ subnet - and that is how it should be. OK, admittedly, not the garden-variety setup, but it served me well over
the years and I have no complaints.
As far as ip-api.com goes, they use the old "rawsocket" trick to bypass normal traffic/firewall rules - pretty amateurish.
> You can read more about all the fixes in Tor Browser here:
> Chrome, Opera, and others all have bugs that allow a website to route
> traffic around the configured proxy -- and in some cases allow a website
> to bypass VPNs too.
> Stay safe out there,
More information about the tor-talk