I installed Tor and...

Jeffrey F. Bloss jbloss at tampabay.rr.com
Tue Mar 13 23:06:31 UTC 2007 

Homer wrote:

> ...it seems to be working, I've read some docs, but I've got a
> question.  Is network traffic anonymized from the moment it leaves my
> computer or could internal network monitors still see what sites I

The short answer is "yes". With a Tor client installed on your machine
TCP connections sent through Tor are encrypted even before they reach
the network card in your machine. Even you can't see where you're going
using something like tcpdump or Ethereal/Wireshark. :)

The thing is, you need to better define "anonymous". It's obvious to
anyone watching your end of the connection that you're using Tor. They
can't see where you are going, or what you are doing, but your identity
is known. This is more accurately defined as privacy than anonymity. At
the other end, beyond the Tor exit node, anyone and everyone can see
what you're doing and where you're going. They can not, however, know
who you are (unless you do something that tells them like log into an
account where your identity is known, or otherwise let information
about yourself leak through).

There are subtle but important differences between privacy and anonymity
that need to be recognized in order to use Tor effectively. Knowing
when each "state" occurs helps you avoid the things that can usurp any
benefit Tor gives you. They certainly overlap to a great extent, but
one can be anonymous with no privacy, and have privacy without being
anonymous.

> request?  That is, am I anonymous before my traffic reaches a Tor
> server?
> 
> Also, can I enable it on one browser, e.g., firefox, but not opera?

Of course. Tor is essentially a SOCKS proxy as far as your other
software is concerned. Firefox can be configured to use it directly.
Edit > Preferences > Network > Connection Settings button... set SOCKS
Host: to 127.0.0.1 and Port: to 9050 (assuming a default Tor install).
Leave the HTTP and other proxy settings blank. Make sure you select the
SOCKS 5 button and not SOCKS 4. 

Opera doesn't speak SOCKS naively so you need to use another "layer".
Typically it will be either Privoxy or Polipo. I think Privoxy is in
one of the standard Ubuntu repositories. If you need links or
instructions for either ask away. :)

Using Privoxy is a good idea in any case because it helps route DNS
requests through Tor also. Without it some browsers that don't use
SOCKS proxies properly will ask for DNS resolution "in the clear",
essentially telling the world you're about to establish an alleged
"anonymous" connection to www.wherever.com and potentially defeating
Tor entirely. I do believe Firefox v2.x and above routes DNS through Tor
when SOCKS 5 is selected though. If you're doing more tha just
"playing" it would pay to make sure though.

Be aware that which ever method or whatever software you choose to use
with Tor, it's essential that you turn off Java/Javascript, cookies,
referrer-logging, plugins, and any sort of "add on" software like
geolocation utilities or Google Toolbar. Essentially anythign that's
not plain vanilla HTTP. Ay of these things can be used to gather bits
of informaiton about you, and thigns like Java and ActiveX can beuse to
attack your anonymity directly.

There are also utilities that can help you avoid making mistakes. The
Firefox NoScript plugin set to disallow everything except for "white
listed" sites is valuable for instance. There are also plugins that
make Tor easier to enable/disable like "Foxy Proxy" [sic], however they
need to be use with caution. It's easy to hit a site that's set up for
"in the clear" access when you intended to be anonymous. One site can
maliciously redirect part of your connecting this way in fact. In my
opinion it's best to enable and disable Tor "universally". I believe
there's a Firefox "Proxy Button" plugin that will do this. 

-- 
     _?_      Outside of a dog, a book is a man's best friend.
    (o o)         Inside of a dog, it's too dark to read.
-oOO-(_)--OOo------------------------------[ Groucho Marx ]---
                    http://wrench.homelinux.net/~jeff/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 892 bytes
Desc: not available
URL: <https://lists.ubuntu.com/archives/ubuntu-users/attachments/20070313/b7fb0a4a/attachment.sig>

More information about the ubuntu-users mailing list