Re: tor and debian
On 13/09/11 06:05, Hans-J. Ullrich wrote:
> Hello list,
>
> I am a little bit confused, how to correctly configure tor in debian.
> Maybe you can make something more clear.
>
> This is my environment: I have installed
>
> tor tor-geoip tor-data privoxy polipo vidalia
>
> 1. Vidalia is starting the tor daemon = ok 2. privoxy is configured
> as in the doc been told and running = ok 3. polipo is configured and
> running 4. the browser (konqueror) is pointing to 127.0.0.1:8123
>
> Due to http://check.torproject.org it is all correctly configured.
>
> But now my questions:
>
> 1. Is polipo a successor for the tor daemon?
No. it's just a web proxy.
>
> 2. Do I need polipo AND privoxy AND tor?
Choose privoxy OR polipo - they are both web proxies that can be used
for tor. Running both is redundant.
> Or what is the required combination? I understood, that polipo and
> privoxy are both proxies, whilst polipo is listening to port 8123,
> and privoxy is listening to port 8118.
I'm fairly certain you can reconfigure the default ports.
> Are they both forwarding to tor at port 9050? Or 9051?
Is it relevant? See the above comment.
>
> 3. Which is the optimal combination of packages and configuration
> when I want to use tor?
If I was to use tor (see further down as to why I don't bother) I'd use
polipo instead of privoxy.
>
> I will be pleased, when someone can tell me the difference
> (advantages/disadvantages) among privoxy, polipo and tor.
>
> Thank you very much.
>
> Hans
>
>
>
>
Privoxy is a web proxy (as is squid).
Polipo is also a web proxy.
Polipo is lighter than Privoxy, (which is lighter than squid)
They all have different features - and share common abilities (modify
pages on the fly, filter, etc.).
Privoxy is non-caching, which doesn't really affect tor use.
Tor is an "attempt"[*1] to anonomyise web browsing - it generally
doesn't work because people don't RTFM and run bittorrents, untored rss
feeds, iirc sessions, apt, pgp, smtp etc, etc, on it, and because exit
nodes have been compromised (orginally developed by the, um, US Navy, to
help promote world peace and spread democracy). Tor is designed to *try*
and prevent "traffic analysis" *not* prevent end-to-end proof.
Though you don't ask:-
garlic (I2P) is a protocol designed to be an improvement on tor.
freenet is another, more secure, approach.
I can't list advantages/disadvantages without knowing specific
applications and circumstances - I can only suggest that using tor to
"hide" is like wearing a paper bag on your head in public - we won't
know who you are, but... ;-p
[*1] http://www.cl.cam.ac.uk/users/sjm217/papers/oakland05torta.pdf
https://blog.torproject.org/blog/one-cell-enough
https://www.usenix.org/events/leet11/tech/full_papers/LeBlond.pdf
NOTE: the US "military" originally designed tor - the above is by no
means an exhaustive list of Tor failings.
IMHO until you can be assured that *every* node is trusted, that the EFF
is more worthy of trust than Greenpeace/Red Cross, and, that *every*
user is not leaking DNS, then tor is useless.
Also consider that your traffic can be recorded, the future is not the
present.
If you want to anonymously lookup information that may prejudice your
employment in a myopic fascist regime - leave your mobile phone at home,
travel, use a live cd and a disposable wireless usb key, with your bad
hand while wearing gloves, use disposable site logins and email
accounts, never use same sites/procedures, and then don't use them
again. Anything you do on the 'tubes is like information recorded in
pre-WWII Polish census... once it can be recorded it can always be
replayed in the future.
RE: Debian and tor....
==========/etc/apt/apt-conf====================
Acquire::http::Proxy "http://127.0.0.1:8118/";;
===============================================
Do not use ftp repositories.
Cheers
--
"I ascribe to Mark Twain's theory that the last person who should be
President is the one who wants it the most. The one who should be picked
is the one who should be dragged kicking and screaming into the White
House."
— Bill Hicks
Reply to: