Active Topics
-
The N900 is now 15 years old! (7)
to Nokia N900 by Danct12 - 22 hrs, 35 mins ago -
Sailfish OS for the Motorola Moto G7 Power (XT1955-5) - (ocean) (4)
to SailfishOS by Maemish - 1 day, 18 hrs ago -
F(x)tec Pro1x (QWERTY) for sale (0)
to Buy & Sell by aln00000 - 4 days, 2 hrs ago - more...
|
nieldk
|
2014-01-12
, 21:01
|
|
Guest |
Posts: n/a |
Thanked: 0 times |
Joined on
|
#11
|
@custodian thanks, I really dont want anything on my openrepos that can cause issues like this
 |
|
2014-01-13
, 06:35
|
|
Posts: 747 |
Thanked: 2,370 times |
Joined on May 2012
@ Moscow, Russia
|
#12
|
Originally Posted by nieldk
I think that this issue is resolved now.
@custodian thanks, I really dont want anything on my openrepos that can cause issues like this
If you upload multiple rpm(deb) files with differen names (i.e. tor, libevent), order them and make main package to be the first one.
But true way is to create separate packages
library libevent, and application tor.Warehouse recieves package name for install/remove/update from first file attached to application node.
__________________
twitter: @basil_s home: http://thecust.net
OpenRepos.net - community driven repository project. Warehouse - native client for OpenRepos.net
Buy me a beer
twitter: @basil_s home: http://thecust.net
OpenRepos.net - community driven repository project. Warehouse - native client for OpenRepos.net
Buy me a beer
| The Following User Says Thank You to Custodian For This Useful Post: | ||
|
|
2014-05-03
, 07:28
|
|
Guest |
Posts: n/a |
Thanked: 0 times |
Joined on
|
#13
|
tor is back!
working great with my new build, changed default browser config (installation does this for you) so default browser actually uses tor by default, also, tor daemon is configured to listen on 127.0.0.1/9050 for socks connections, and is started and enabled so it stays permanent after boot.
working great with my new build, changed default browser config (installation does this for you) so default browser actually uses tor by default, also, tor daemon is configured to listen on 127.0.0.1/9050 for socks connections, and is started and enabled so it stays permanent after boot.
| The Following 6 Users Say Thank You to For This Useful Post: | ||
 |
|
2014-05-12
, 00:14
|
|
Posts: 58 |
Thanked: 63 times |
Joined on Dec 2009
@ Marlborough, Wiltshire, UK
|
#14
|
This will really help to improve the privacy and security when browsing.
Richard
Richard
|
|
2014-05-12
, 13:08
|
|
Posts: 11 |
Thanked: 7 times |
Joined on Sep 2009
|
#15
|
Thanks for building this nieldk.
It works great but everyone please note that installing this and using the default sailfish browser will not give you the same level of anonymity or censorship circumvention of the Tor Browser Bundle on a typical desktop machine. This is because DNS will still be working as usual - not through tor. If you attempt to browse to example.org then you will be telling that to your DNS provider (typically your ISP). In addition this means you can't access .onion sites by default.
Perhaps it would be a good idea for this tor package to set up TorDNS[1], potentially changing /etc/resolv.conf to point to it.
[1] https://wiki.archlinux.org/index.php/Tor#TorDNS
It works great but everyone please note that installing this and using the default sailfish browser will not give you the same level of anonymity or censorship circumvention of the Tor Browser Bundle on a typical desktop machine. This is because DNS will still be working as usual - not through tor. If you attempt to browse to example.org then you will be telling that to your DNS provider (typically your ISP). In addition this means you can't access .onion sites by default.
Perhaps it would be a good idea for this tor package to set up TorDNS[1], potentially changing /etc/resolv.conf to point to it.
[1] https://wiki.archlinux.org/index.php/Tor#TorDNS
| The Following 2 Users Say Thank You to equim For This Useful Post: | ||
|
|
2014-05-12
, 14:14
|
|
Guest |
Posts: n/a |
Thanked: 0 times |
Joined on
|
#16
|
this is somewhat true, But, using tordns does add some other (for me) not wanted issues regarding DNS queries ( it can only handle certain record types)
It also is just a bit more tricky due to services already running on Device, which prevents you from using port 53. Now, that would be just fine, had proxy been working fully with conman, It doesnt. So, this was a build to obtain a good level of anonimousity surfing with the default browser.
Not saying im giving up further work on this, but it doesnt have high priority at least until a system wide proxy availability is done.
Regarding the DNS issue and the leaking of ISP DNS and browser behaviour, this is some good reading on the topic, I think ots less worryong, and certainly an improvement as-is
http://www.antitree.com/how-tor-does...aking-bad-way/
It also is just a bit more tricky due to services already running on Device, which prevents you from using port 53. Now, that would be just fine, had proxy been working fully with conman, It doesnt. So, this was a build to obtain a good level of anonimousity surfing with the default browser.
Not saying im giving up further work on this, but it doesnt have high priority at least until a system wide proxy availability is done.
Regarding the DNS issue and the leaking of ISP DNS and browser behaviour, this is some good reading on the topic, I think ots less worryong, and certainly an improvement as-is
http://www.antitree.com/how-tor-does...aking-bad-way/
| The Following 2 Users Say Thank You to For This Useful Post: | ||
|
|
2014-05-12
, 20:11
|
|
Posts: 11 |
Thanked: 7 times |
Joined on Sep 2009
|
#17
|
Thanks nieldk - I agree it might be problematic to get this working without breaking some DNS queries.
For anyone intereseted, I got TorDNS working by redirecting all outgoing DNS queries to it with iptables. Here are the instructions (only do it if you have a good idea what what all this means, and again it might break certain DNS queries):
Add the following to /etc/tor/torrc:
su-devel
iptables -t nat -A OUTPUT -p udp --dport 53 -j REDIRECT --to-ports 9053
Then restart tor. Check that it's working by going to a tor hidden service like duckduckgo's: 3g2upl4pq6kufc4m.onion.
For anyone intereseted, I got TorDNS working by redirecting all outgoing DNS queries to it with iptables. Here are the instructions (only do it if you have a good idea what what all this means, and again it might break certain DNS queries):
Add the following to /etc/tor/torrc:
DNSPort 9053
AutomapHostsOnResolve 1
AutomapHostsSuffixes .exit,.onion
iptables -t nat -A OUTPUT -p udp --dport 53 -j REDIRECT --to-ports 9053
Then restart tor. Check that it's working by going to a tor hidden service like duckduckgo's: 3g2upl4pq6kufc4m.onion.
| The Following User Says Thank You to equim For This Useful Post: | ||
|
|
2014-05-14
, 16:33
|
|
Posts: 64 |
Thanked: 36 times |
Joined on Feb 2012
@ US
|
#18
|
Originally Posted by nieldk
Just got redsocks (system-wide transparent proxy) packed and uploaded to openrepos
this is somewhat true, But, using tordns does add some other (for me) not wanted issues regarding DNS queries ( it can only handle certain record types)
It also is just a bit more tricky due to services already running on Device, which prevents you from using port 53. Now, that would be just fine, had proxy been working fully with conman, It doesnt. So, this was a build to obtain a good level of anonimousity surfing with the default browser.
Not saying im giving up further work on this, but it doesnt have high priority at least until a system wide proxy availability is done.
Regarding the DNS issue and the leaking of ISP DNS and browser behaviour, this is some good reading on the topic, I think ots less worryong, and certainly an improvement as-is
http://www.antitree.com/how-tor-does...aking-bad-way/
|
|
2014-05-14
, 16:54
|
|
Guest |
Posts: n/a |
Thanked: 0 times |
Joined on
|
#19
|
Originally Posted by gexc
does it adjust by the propeties set in WLAN configuration on Sailfish? I build squid and while it wirks, the Jolla itself doesnt seem to care about the proxy settings available in system.
Just got redsocks (system-wide transparent proxy) packed and uploaded to openrepos
|
|
2014-05-14
, 17:01
|
|
Posts: 64 |
Thanked: 36 times |
Joined on Feb 2012
@ US
|
#20
|
It does not use the WLAN configs. Instead an iptables script is needed to 'hijack' all the traffic through the proxy. 'Transparent' means that the system does not know there is a proxy set up.
Last edited by gexc; 2014-05-14 at 17:19.
Last edited by gexc; 2014-05-14 at 17:19.
| The Following User Says Thank You to gexc For This Useful Post: | ||