Christopher Lemmer Webber writes: > Ludovic Courtès writes: > >> Christopher Lemmer Webber skribis: >> >>> Anyone have recommendations on how they're doing web browsing via Tor, >>> sans tor-browser? In the interim I have been using the more >>> lightweight, non-js using browsers like links. >> >> I use Privoxy, and as written in the ‘privoxy.conf’ example, I have: >> >> forward-socks5 / 127.0.0.1:9050 . >> >> where Tor is listening on port 9050 (I use the Tor service of GuixSD.) >> >> Ludo’. > > I wonder if localhost + port is a good idea for tor or really any other > service. Our experience with the confused deputy attack against guile's > live REPL makes me suspicious of anything that's localhost + port. > > I notice that the Tor configuration file supports a unix domain socket: > > ControlSocket Path > Like ControlPort, but listens on a Unix domain socket, rather than a TCP socket. 0 disables > ControlSocket (Unix and Unix-like systems only.) > > I wonder if that would be safer? WDYT? I know what you mean, but I think having TOR listen on localhost is safer than having a Guile REPL listen on localhost. In the case of Guile, the risk is arbitrary code execution. In the case of TOR, I suppose the risks might be that an attacker would be able to make requests over TOR from your machine. Perhaps by making such requests, they might also be able to infer that you are using TOR (although it's already possible to determine that a person is using TOR simply by watching their IP traffic). In any case, since TOR is functioning as a proxy, not a Turing-complete programming language, the things an attacker could do or learn by making requests from your machine to the localhost TOR seem limited. Compared to the risk of arbitrary code execution, it seems much safer to me. I run the TOR service on GuixSD, and I manually tell IceCat to use it as a SOCKS5 proxy. You can configure this in the "Advanced" section of the "Preferences" menu. IceCat also lets you send DNS requests over the SOCKS5 proxy, which increases your privacy. Unlike Ludo, I don't currently use Privoxy; I just have some extensions installed that I think are probably helpful (SpyBlock, HTTPS Everywhere, Privacy Badger, NoScript). I don't know if IceCat or Firefox supports a proxy via a UNIX domain socket; I'd be curious to know if it did! -- Chris