From mboxrd@z Thu Jan  1 00:00:00 1970
From: Chris Marusich <cmmarusich@gmail.com>
Subject: Re: Recommendations for browsing via Tor pre tor-browser?
Date: Wed, 18 Jul 2018 23:52:48 -0700
Message-ID: <87wotriunz.fsf@gmail.com>
References: <87zhywl72t.fsf@dustycloud.org> <87muuvjwwj.fsf@gnu.org>
	<87tvp3l2eb.fsf@dustycloud.org>
Mime-Version: 1.0
Content-Type: multipart/signed; boundary="=-=-=";
	micalg=pgp-sha256; protocol="application/pgp-signature"
Return-path: <help-guix-bounces+gcggh-help-guix=m.gmane.org@gnu.org>
Received: from eggs.gnu.org ([2001:4830:134:3::10]:42294)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <cmmarusich@gmail.com>) id 1fg2o5-00087f-3T
	for help-guix@gnu.org; Thu, 19 Jul 2018 02:52:58 -0400
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
	(envelope-from <cmmarusich@gmail.com>) id 1fg2o4-00036J-3h
	for help-guix@gnu.org; Thu, 19 Jul 2018 02:52:57 -0400
In-Reply-To: <87tvp3l2eb.fsf@dustycloud.org> (Christopher Lemmer Webber's
	message of "Fri, 13 Jul 2018 08:57:00 -0400")
List-Id: <help-guix.gnu.org>
List-Unsubscribe: <https://lists.gnu.org/mailman/options/help-guix>,
	<mailto:help-guix-request@gnu.org?subject=unsubscribe>
List-Archive: <http://lists.gnu.org/archive/html/help-guix/>
List-Post: <mailto:help-guix@gnu.org>
List-Help: <mailto:help-guix-request@gnu.org?subject=help>
List-Subscribe: <https://lists.gnu.org/mailman/listinfo/help-guix>,
	<mailto:help-guix-request@gnu.org?subject=subscribe>
Errors-To: help-guix-bounces+gcggh-help-guix=m.gmane.org@gnu.org
Sender: "Help-Guix" <help-guix-bounces+gcggh-help-guix=m.gmane.org@gnu.org>
To: Christopher Lemmer Webber <cwebber@dustycloud.org>
Cc: help-guix <help-guix@gnu.org>

--=-=-=
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: quoted-printable

Christopher Lemmer Webber <cwebber@dustycloud.org> writes:

> Ludovic Court=C3=A8s writes:
>
>> Christopher Lemmer Webber <cwebber@dustycloud.org> skribis:
>>
>>> Anyone have recommendations on how they're doing web browsing via Tor,
>>> sans tor-browser?  In the interim I have been using the more
>>> lightweight, non-js using browsers like links.
>>
>> I use Privoxy, and as written in the =E2=80=98privoxy.conf=E2=80=99 exam=
ple, I have:
>>
>>          forward-socks5   /               127.0.0.1:9050 .
>>
>> where Tor is listening on port 9050 (I use the Tor service of GuixSD.)
>>
>> Ludo=E2=80=99.
>
> I wonder if localhost + port is a good idea for tor or really any other
> service.  Our experience with the confused deputy attack against guile's
> live REPL makes me suspicious of anything that's localhost + port.
>
> I notice that the Tor configuration file supports a unix domain socket:
>
>        ControlSocket Path
>            Like ControlPort, but listens on a Unix domain socket, rather =
than a TCP socket.  0 disables
>            ControlSocket (Unix and Unix-like systems only.)
>
> I wonder if that would be safer?  WDYT?

I know what you mean, but I think having TOR listen on localhost is
safer than having a Guile REPL listen on localhost.  In the case of
Guile, the risk is arbitrary code execution.  In the case of TOR, I
suppose the risks might be that an attacker would be able to make
requests over TOR from your machine.  Perhaps by making such requests,
they might also be able to infer that you are using TOR (although it's
already possible to determine that a person is using TOR simply by
watching their IP traffic).  In any case, since TOR is functioning as a
proxy, not a Turing-complete programming language, the things an
attacker could do or learn by making requests from your machine to the
localhost TOR seem limited.  Compared to the risk of arbitrary code
execution, it seems much safer to me.

I run the TOR service on GuixSD, and I manually tell IceCat to use it as
a SOCKS5 proxy.  You can configure this in the "Advanced" section of the
"Preferences" menu.  IceCat also lets you send DNS requests over the
SOCKS5 proxy, which increases your privacy.  Unlike Ludo, I don't
currently use Privoxy; I just have some extensions installed that I
think are probably helpful (SpyBlock, HTTPS Everywhere, Privacy Badger,
NoScript).

I don't know if IceCat or Firefox supports a proxy via a UNIX domain
socket; I'd be curious to know if it did!

=2D-=20
Chris

--=-=-=
Content-Type: application/pgp-signature; name="signature.asc"

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEEy/WXVcvn5+/vGD+x3UCaFdgiRp0FAltQNUAACgkQ3UCaFdgi
Rp07zBAAyE2w7Ff328qUvkf5Dk+eB7dDdMMm+VDqPMkSvtRVtpYPNdZjqqVcjb6V
GJj8mwZePuPvZR/7KrkKx915H1oetGkCIryauxp3mmzU67fOqoHDjxJjIpOde3ko
e7ImYlPa1p/awt2RO+D0y7ki9fg56VENVs4FfcOwZLaxcupmO/Hrb5/PCcjKNqx0
W1LSpJscx3/OGdtRJXIDt8BEdii/+872/Tev5ZHcZK5YkR1RLo7bY2ZvFlnCztWK
c88VszbaqXnA5eNy/wN75zzeJ5xxGZlZbEFoofrvPVZuBU5huYR/zResQ7xAdI5W
n8/MlhhL/AkJwXiPpZLl3rh2z1kXv9kWV+dPgZS5bgZQ6UgaO7y3cPP26piOgJ9x
5KaJzXwj5DFii7W/xyzkS9Q776V4nwBLzTRt/di7NZPKFcLt1vloJ+x6U1otgiDd
6SABnROe0VBenB5Da5dAoA8PMQAZClB5tqz2P7S1lygWBwAQKnKs4UnXcYZMQxlX
fskpdPKNryadN1vowjQYlwCLTxrQFnfaEZCNPJhbosEa3Wo3tYy4X2KiivVNeiWn
ZWO3gko8J3SwhXuS5f7TYrbdDW1n9SHro24q2IcOCvNVSHL22RKana13kqpcZ7up
bNdsvMDA24cyi9LI9+rEAmMjCQx2YCu8YLo3MKR8QRudbtbHQtQ=
=FwKW
-----END PGP SIGNATURE-----
--=-=-=--