Re: [ANNOUNCE] Tor anonymous proxy
 

@custodian thanks, I really dont want anything on my openrepos that can cause issues like this

Re: [ANNOUNCE] Tor anonymous proxy
 

I think that this issue is resolved now.
If you upload multiple rpm(deb) files with differen names (i.e. tor, libevent), order them and make main package to be the first one.
But true way is to create separate packages ;) library libevent, and application tor.

Warehouse recieves package name for install/remove/update from first file attached to application node.

Re: [ANNOUNCE] Tor anonymous proxy
 

tor is back!
working great with my new build, changed default browser config (installation does this for you) so default browser actually uses tor by default, also, tor daemon is configured to listen on 127.0.0.1/9050 for socks connections, and is started and enabled so it stays permanent after boot.

Re: [ANNOUNCE] Tor anonymous proxy
 

This will really help to improve the privacy and security when browsing.

Richard

Re: [ANNOUNCE] Tor anonymous proxy
 

Thanks for building this nieldk.

It works great but everyone please note that installing this and using the default sailfish browser will not give you the same level of anonymity or censorship circumvention of the Tor Browser Bundle on a typical desktop machine. This is because DNS will still be working as usual - not through tor. If you attempt to browse to example.org then you will be telling that to your DNS provider (typically your ISP). In addition this means you can't access .onion sites by default.

Perhaps it would be a good idea for this tor package to set up TorDNS[1], potentially changing /etc/resolv.conf to point to it.


[1] https://wiki.archlinux.org/index.php/Tor#TorDNS

Re: [ANNOUNCE] Tor anonymous proxy
 

this is somewhat true, But, using tordns does add some other (for me) not wanted issues regarding DNS queries ( it can only handle certain record types)
It also is just a bit more tricky due to services already running on Device, which prevents you from using port 53. Now, that would be just fine, had proxy been working fully with conman, It doesnt. So, this was a build to obtain a good level of anonimousity surfing with the default browser.
Not saying im giving up further work on this, but it doesnt have high priority at least until a system wide proxy availability is done.

Regarding the DNS issue and the leaking of ISP DNS and browser behaviour, this is some good reading on the topic, I think ots less worryong, and certainly an improvement as-is ;)

http://www.antitree.com/how-tor-does...aking-bad-way/

Re: [ANNOUNCE] Tor anonymous proxy
 

Thanks nieldk - I agree it might be problematic to get this working without breaking some DNS queries.

For anyone intereseted, I got TorDNS working by redirecting all outgoing DNS queries to it with iptables. Here are the instructions (only do it if you have a good idea what what all this means, and again it might break certain DNS queries):

Add the following to /etc/tor/torrc:
su-devel
iptables -t nat -A OUTPUT -p udp --dport 53 -j REDIRECT --to-ports 9053

Then restart tor. Check that it's working by going to a tor hidden service like duckduckgo's: 3g2upl4pq6kufc4m.onion.

Re: [ANNOUNCE] Tor anonymous proxy
 

Just got redsocks (system-wide transparent proxy) packed and uploaded to openrepos :D

Re: [ANNOUNCE] Tor anonymous proxy
 

does it adjust by the propeties set in WLAN configuration on Sailfish? I build squid and while it wirks, the Jolla itself doesnt seem to care about the proxy settings available in system.

Re: [ANNOUNCE] Tor anonymous proxy
 

It does not use the WLAN configs. Instead an iptables script is needed to 'hijack' all the traffic through the proxy. 'Transparent' means that the system does not know there is a proxy set up.