Tor and Privoxy
Abstract
Introduction to the use of The onion router (Tor) for anonymizing TCP streams (such as IRC, HTTP, etc,) it's use together with Privoxy to accomplish safe anonymous and ad-free web browsing, and how they work.
An insight to the reasons this technologies are important and some comments on advanced functionalities.
Description
The lecture will tackle the issues of privacy and anonymity in the Internet. We will start with a broad discussion of the topic, introducing the most common problems to address when attempting to secure these.
Having set the basic understanding of the problem, we will introduce The onion router (Tor,) which is an anonymizer of TCP streams that works as a SOCKS proxy. Tor guarantees that the communication channel is anonymized. This not only means that the sender's IP address is hid, but also that traffic analysis attacks are very hard to perform successfully.
After this, we explain why Tor alone is not sufficient for "safe" web browsing.
Tor provides an anonymous channel, but it does not touch the data passing through it. We will introduce Privoxy as a means to solve this potential threat to privacy.
Privoxy is a HTTP proxy that filters sensitive content from HTTP transactions to protect privacy. It can also edit web content to remove unwanted content such as ads, and is highly configurable.
We will explain how to use these programs and if there is still time, comment on some interesting advanced functionalities such as Tor hidden services or custom Privoxy filters.
Tor and Privoxy are both free software. Privoxy is distributed under the GNU GPLv2 and Tor is distributed under this (BSD-style) license: http://tor.eff.org/cvs/tor/LICENSE
See http://tor.eff.org/ and http://www.privoxy.org/ for more information about them.
Tor: The onion router
The path of the righteous man is beset on all sides by the iniquities of the selfish and the tyranny of evil men. Blessed is he who in the name of charity and good will shepherds the weak through the valley of darkness, for he is truly his brother's keeper and the finder of lost children. And I will strike down upon thee with great vengeance and furious anger those who attempt to poison and destroy my brothers. And you will know my name is The Onion Router when I lay my vengeance upon thee. -- Ezekiel 25:17 (not really)
Tor (http://tor.eff.org/)
-
Is a distributed network
-
Aims to improve anonymity by, e.g., making it near-impossible for the receiver to find the sender's IP address
-
Is designed to be strong against traffic analysis attacks
In short, Tor enables you to connect to a host without it being able to determine the originating (your) IP address.
Why is it necessary?
Tor can help protect the privacy and anonymity of its users. These are not only rights but can also be of capital importance under certain circumstances.
You may need the anonymity Tor can provide you if, for example,
-
You are transmitting and/or publishing sensitive information
-
You need or want to conceal your geographical location
-
You find yourself in a situation where your right of free speech is potentially threatened
-
You want to denounce your employer or government officials but doing it openly would compromise your safety, freedom or life
-
You simply want to exercise your right to remain anonymous on the internet
Tor can be (and is) used for unlawful or unethical purposes; But, there are many legitimate uses for this technology.
OK, I want to try it out. Is it hard to install?
Not at all!
Tor comes packaged in most GNU/Linux distributions. If you use a debian-based distribution, for example, installing Tor is as simple as
cholo@saki:~$ sudo aptitude install tor
In general, the standard method for installing software in your distribution should work.
But I bet it's a pain to configure!
Not at all!
Tor runs as a daemon in the system. Normally, when the package is installed, a service will be set up automatically that starts Tor at boot. If that does not happen, you will have to add the service by hand. If you don't know how to do this, check your distribution's documentation; it is highly distribution dependent. In debian-based systems, you would use the update-rc.d script.
The configuration file that comes by default is alright for basic use, so there's no need to worry about that. Anyway, reading the Tor configuration file is a good exercise and is recommended. It is normally located in /etc/tor/torrc.
So, normally, after you install it, you can start using it right away!
That was easy! How do I use it now?
Tor runs as a SOCKS proxy on port 9050.
That last sentence may look frightening at first, but don't worry, we'll see later what all that means. For now, it's just information to have present in the examples.
Actually, it's always the same. You have to tell your application to use the SOCKS proxy on port 9050.
Example 1: IRC and IM in Gaim
Example 2: IRC in XChat
There are various versions of SOCKS. Whenever possible, use SOCKS 4a. (More on this later.)
Wait! My application doesn't support SOCKS proxies!
Despair not, my friend, for there is still hope.
If your application can't be configured to use SOCKS by itself, you can use the torify wrapper to route your program's connections through Tor. It'll look like this:
cholo@saki:~$ torify dumbprog --some-option some-argument
Great! Now I'll configure my web browser to use the SOCKS proxy!
Wait! Web surfing is a little trickier; Let's see why.
Tor can only anonymize the communication channel. The content travelling through the TCP stream is not modified in any way; so if there is sensitive information there, then it will leak.
Say you type http://www.foo.com/ on your browser's address text-box and hit enter. Now there are various things that happen. Let's first suppose you're not using Tor nor any other kind of proxy, i.e., you are connecting directly to the internet. The browser will make a DNS query for www.foo.com, to get it's IP number; then it'll connect to that IP and send an HTTP Request. This request alone, generally carries some information you may not want the site to know, including the name and exact version of your browser, operative system, computer architecture and from which site you came (your referrer).
Setting your browser to use Tor directly as a SOCKS proxy will unable the site to know the IP address from which you are attempting to connect, but that's all it'll do. No more, no less. So, as you can see, there's still a lot of information about you available there. You are not anonymous at all actually.
You need something that can take care of what goes inside the anonymous TCP stream that Tor provides you. You need Privoxy.
Privoxy
What is Privoxy?
cholo@saki:~$ whatis privoxy privoxy (8) - Privacy Enhancing Proxy cholo@saki:~$
From the manpage,
Privoxy is a web proxy with advanced filtering capabilities for protecting privacy, modifying web page content, managing cookies, controlling access, and removing ads, banners, pop-ups and other obnoxious Internet junk. Privoxy has a very flexible configuration and can be customized to suit individual needs and tastes. Privoxy has application for both stand-alone systems and multi-user networks.
Privoxy provides an HTTP proxy (normally on port 8118) that will help you clean those requests! Moreover, it'll filter the contents of webpages that could be dangerous for your privacy. It'll even filter ads!
Using Privoxy and Tor together
You need to edit the file /etc/privoxy/config, which is lengthily self-documented.
In section 5.2. forward-socks4 and forward-socks4a you'll add a line like this:
forward-socks4a / localhost:9050 . # Tor
Luckily Privoxy has proper support for Socks4A, which is the preferred protocol.
Configuring your browser for anonymous and privacy-protected surfing
Advanced Tor: Hidden Services
There is also another cool Tor feature: hidden services. Hidden services allow you to provide services (like HTTP, FTP, SSH, whatever) while keeping the location of your server secret.
In this case, your packets will not go through a Tor exit node, but stay in the Tor network and reach its destination thanks to a rendezvouz algorithm. (Which of course is designed to maintain the anonymity of both ends of the communication.)
The URL of a hidden service will look like this: http://6sxoyfb3h2nvok2d.onion/
That one in particular is the Hidden Wiki, a wiki containing a list of all kinds of Tor hidden services, including Mail, SSH, Usenet and many others.
The infamous DNS problem
booga booga booga!
One of the most common Tor pitfalls is the DNS request information leak.
The problem is that if an application that is using Tor makes a plain DNS query, an observer can infer where the following Tor connection is directed, which is a serious information leak.
The application should route its DNS queries through Tor, but most applications today don't support this functionality. This is because the widely used SOCKS4 protocol uses IP addresses only, and although the newer SOCKS5 protocol provides the option of using names instead of IP addresses, it is generally not implemented in the client applications. There is also another intermediate version, SOCKS4A, which specifically adds support for the resolution of domain names with the SOCKS server, but very few programs implement it.
Due to the severity of this problem, Tor shows the following message in its logs when it receives an IP address instead of a domain name:
Your application (using socks5 on port 9050) is giving Tor only an IP address. Applications that do DNS resolves themselves may leak information. Consider using Socks4A (e.g. via privoxy or socat) instead.
If you are seeing this message in your Tor logs, your client application may be leaking DNS requests. The several methods that exist for solving this problem are highly technical and thus beyond the scope of this talk. The easiest way to fix it is to use a client that supports SOCKS4A or SOCKS5 with domain names.
![[WWW]](CharlaTor_2bPrivoxy_files/moin-www.png){kind=small}
Tor