I hear it every day

Thursday, 17 January 2008

It bothers me that my Tor usage is less than I'd like because it is just so fiddly.

When it comes to privacy I want to keep things simple, I want to use tor, but I dont want to use it for things that aren't sane.

In practise that means I want to use tor for a small amount of browsing:

  • When the host is a.com, b.com, & c.com
  • When the traffic is not over SSL.

To do that I have to install privoxy, and use that with a configuration file like this:

# don't forward by default.
forward-socks4   /    .
# don't forward by default, even more so for HTTPS
forward-socks4   :443 .

# but we do want tor on these three sites:
forward-socks4   a.com/       127.0.0.1:9050 .
forward-socks4   b.com/       127.0.0.1:9050 .
forward-socks4   c.com/       127.0.0.1:9050 .

I'm using absolutely nothing else in my Privoxy configuration, so it seems like overkill.

I'd love to hear about a simple rule-based proxy-chaining tool - if there is one out there then I'd love to know about it lazyweb.

If not it shouldn't be too hard to write one with the Net::Proxy & Net::Socks module(s).

<global>
  listen 1234
  no-proxy
</global>

<sites>  
  hostname one.com
  port != 443
  proxy socks localhost 8050
</sites>

<sites>  
  hostname two.com
  port != 443
  proxy socks localhost 8050
</sites>

<sites>
  hostname foo.com
  port = 80
  proxy localhost 8000
</sites>

| 7 comments.

 

Comments On This Entry

[gravitar] Erik Johansson

Submitted at 10:42:17 on 17 january 2008

You can use javascript to configure proxy settings in a browser. I never finnished this so I don't know if it works properly, but I think you can find out..
http://wp.netscape.com/eng/mozilla/2.0/relnotes/demo/proxy-live.html

function FindProxyForURL(url, host){ var proxy= new Array(); proxy["a.example.com"]="PROXY localhost:990"; proxy["b.example.com"]="SOCKS localhost:991"; proxy["c.example.com"]="DIRECT"; connection_method=proxy[host]; if(connection_method == null) { return("DIRECT"); }else{ return(connection_method); } }
[gravitar] James

Submitted at 16:27:20 on 17 january 2008

Create yourself a proxy autoconfig file? It uses javascript to match on URLs so should meet your needs.
[gravitar] Alex

Submitted at 18:23:08 on 17 january 2008

All of the previous comments assume Mozilla Firefox, it'd be nice to see a solution that's browser independent and could also work with stuff like 'wget' :)
[gravitar] Vladimir Penov

Submitted at 19:25:00 on 17 january 2008

If you want it only for browsing using Firefox - FoxyProxy works great. https://addons.mozilla.org/en-US/firefox/addon/2464
[gravitar] Anonymous

Submitted at 01:43:06 on 18 january 2008

Why would you not want SSL traffic going over Tor? That seems like exactly the kind of traffic you should route over Tor.
[gravitar] Sam

Submitted at 10:42:52 on 20 january 2008

Sorry, my English is bad. I think this solution breaks privacy! For example: HTML-page http://one.com/index.html contains links to another hosts (counters, ADs, images, js, css, php, etc.) Your traffic to these hosts going NOT over Tor! Somebody analyses logs of these hosts and ascertains your IP and more.
[gravitar] Erik Johansson

Submitted at 11:57:50 on 20 january 2008

Alex, AFAIK there is no way to handle wget, curl or apt privoxy is the only way then because you can just set http_proxy enviroment.

 

Comments are closed on posts which are more than ten days old.

Recent Posts

Recent Tags