[Noisebridge-discuss] tor proxies

[T]

I'm not involved with the Noisebridge TOR network (yet)[1]

But I do have an opinion.


> Hey all,
>
> I notice NB has a tor network.
>
> I've been implementing something similar at home by installing tor and polipo
> together, so that I can select the polipo proxy as a proxy (using e.g. FoxyProxy)
> and go over tor.

I usually configure browser to use privoxy, privoxy to use polipo, and
polipo to use tor.  Privoxy weeds out privacy headers and blocks
traffic to advert sites, so less traffic gets cached, polipo does the
caching and opens up the tcp lines through tor early, so when the
request goes to tor more of the job has already been done.  See the
Privoxy and Tor sections of the Polipo FAQ:
http://www.pps.jussieu.fr/~jch/software/polipo/faq.html#features

> Actually, torbutton works better, especially against hostile web sites trying
> to identify you, and if your cache isn't on an encrypted disk.  However, it does
> not work for other browsers or HTTP clients, which my polipo-tor Ubuntu package
> does.

Polipo can be configured for memory-only cache.  It's goal is
performance, not persistency, so it operates by prefeching and caching
the head parts of the things you are likely to visit (again) IIRC

> I am wondering what NB uses, and if they solved the DNS lookup problem
> (it's UDP, so doesn't normally get tunnelled over tor, which IIUC is
> TCP-only).

Using Socks4A (not Socks5) prevents DNS leaks.  How to test:

https://trac.torproject.org/projects/tor/wiki/TheOnionRouter/TorFAQ#HowdoIcheckifmyapplicationthatusesSOCKSisleakingDNSrequests

> I am also wondering if anyone thinks the polipo-tor package useful enough
> to put in Ubuntu repositories.

What would it do?  Set up the two or three lines of config in
/etc/polipo/config?  Run an alternate polipo on an alternate port
that's configured to go through tor instead?

T


[1] And arguably I shouldn't be (should you really know which servers
you connect through on TOR?)