From: Gottfried <gottfried@posteo.de>
To: Denis 'GNUtoo' Carikli <GNUtoo@cyberdimension.org>, help-guix@gnu.org
Subject: Re: tor
Date: Thu, 1 Sep 2022 17:35:57 +0000 [thread overview]
Message-ID: <0572b3c3-5cd6-5773-c9f5-481c905d31b7@posteo.de> (raw)
In-Reply-To: <20220901162735.785a14c9@primary_laptop>
[-- Attachment #1.1.1: Type: text/plain, Size: 3446 bytes --]
Hi Denis,
Thanks very much for your explanation. I am understanding a bit more.
The best would be to run Guix System and to use Tor browser in it, if
needed.
I have already
(service tor-service-type) in my config.scm and Tor runs inside Icecat.
I have installed
Guix System,
GNUinOS
and Ubuntu (Ubuntu was installed when I bought the laptop, but I don't
use it, for safety reasons I left it).
So in my case:
to use the Tor browser itself, as far as I understand it right now would
be to use a virtual machine software and in it to install Tails.
Is that possible?
Because then Tails has already safety measures and hopefully Guix is
going to develope in future something to use the Tor browser somehow.
Gottfried
Am 01.09.22 um 16:27 schrieb Denis 'GNUtoo' Carikli:
> On Tue, 30 Aug 2022 18:32:26 +0000
> Gottfried <gottfried@posteo.de> wrote:
>
>> As far as I understand you I can delete the package:
>> tor-client and tor-socks, because I have tor installed.
>> Am I right?
> tor is just a daemon that somehow connects your machine to the
> tor-network but it doesn't automatically route any traffic through that
> network.
>
> And to start it you either need to run it manually or configure it in
> your list of services in your system.scm with something that looks like
> that:
>> (service tor-service-type
>> (tor-configuration))
>
> The tor-client only contains some utilities that are not very
> interesting.
>
> As for torsocks, it's an application to enable other applications to
> route their traffic through Tor, but in an extremely unreliable way.
>
> The Tor project documentation has been advising people not to rely on
> torsocks because some of the times it doesn't work at all and the
> application doesn't use Tor at all, even with torsocks.
>
> And in many cases, with torsocks, very important private information
> (like DNS querries) do not go through the Tor network.
>
> The alternative is to configure each applications to talk to the tor
> daemon through the socks5 protocol.
>
> And even that is not perfect because if you do that with a browser, the
> browser will still not be anonymous because of browser fingerprinting.
> But at least your location will be hidden which is already something
> good.
>
> Tails works by preventing almost all applications from accessing the
> Internet directly, and they are configured for using the Tor daemon.
>
> So if there is any application misbehaving, it's not that problematic
> because the only way the applications can send data is through Tor.
>
> To have something like that in Guix we would need to package the ferm
> firewall tool Tails used to implement this, and have users adapt the
> Tails ferm configuration for their usage and/or enable users to use a
> default configuration that is very restrictive (and so doesn't work for
> everybody).
>
> I've managed to relatively easily reproduce something like that on
> Parabola (because ferm is packaged there), but not yet to have a fully
> functional system with it because I didn't manage yet to run the
> tor-browser as another user yet, which is required for that setup to
> work.
>
> The issue is that we obviously need to put more resources on things
> like that (by funding the tor-project, having more people work on that,
> etc), but resources are also not easy to find.
>
> Denis.
[-- Attachment #1.1.2: OpenPGP public key --]
[-- Type: application/pgp-keys, Size: 3191 bytes --]
[-- Attachment #2: OpenPGP digital signature --]
[-- Type: application/pgp-signature, Size: 840 bytes --]
next prev parent reply other threads:[~2022-09-01 17:43 UTC|newest]
Thread overview: 21+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-08-28 10:52 tor Gottfried
2022-08-28 12:09 ` tor Csepp
2022-08-29 14:19 ` tor Gottfried
2022-08-30 10:54 ` tor Csepp
2022-08-30 18:32 ` tor Gottfried
2022-08-31 16:23 ` tor Denis 'GNUtoo' Carikli
2022-09-01 13:59 ` tor Denis 'GNUtoo' Carikli
2022-09-02 18:31 ` tor Gottfried
2022-09-21 9:52 ` tor Gottfried
2022-09-22 11:52 ` tor Chris Keschnat via
2022-09-01 14:27 ` tor Denis 'GNUtoo' Carikli
2022-09-01 17:35 ` Gottfried [this message]
2022-09-01 23:35 ` tor Denis 'GNUtoo' Carikli
2022-11-05 0:29 ` tor Denis 'GNUtoo' Carikli
2022-11-07 19:24 ` tor Gottfried
2022-11-07 20:14 ` tor Wojtek Kosior via
2022-11-07 23:19 ` tor Denis 'GNUtoo' Carikli
-- strict thread matches above, loose matches on Subject: below --
2022-09-23 16:36 tor Gottfried
2020-09-17 12:32 Tor Rasa Gulla via
2020-09-17 13:15 ` Tor Julien Lepiller
2020-09-17 13:18 ` Tor Rasa Gulla
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=0572b3c3-5cd6-5773-c9f5-481c905d31b7@posteo.de \
--to=gottfried@posteo.de \
--cc=GNUtoo@cyberdimension.org \
--cc=help-guix@gnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
Code repositories for project(s) associated with this external index
https://git.savannah.gnu.org/cgit/guix.git
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.