Does anyone use TOR/privoxy?

Conor108

Now I'm a complete newbie to this type of thing!

I've installed TOR and according to the Tor Detector site its working but I'm a little confused. Nothing shows up on that network map but a map of the world. I have Firefox connecting through a Proxy -

HTTP - Localhost - 8118
SSL - Localhost - 8118
Socks host - Localhost - 9050

Is that right? And what am I supposed to do with privoxy? just let it run? I've disabled cookies on Firefox, but not java & javascript.

So I'm just a little confused wheter or not that doing anything. I'd only run it when I'm out and about in open hotspots/hotels/airports. That's kinda what its for isn't it?

Thanks in advance:)

Thomas_S_Hunterson

Yea pretty much just let it run.

You'll know it's working if your internet connection is really really slow!

Have a look for a firefox extention called TorButton. This allows you to turn it on and off with just a click of a mouse and its really handy. You dont have to set up the proxies or anything.

JohnnieM

You'll know its working if you type www.whatismyip.com in to firefox browser...

Eoin_Sheehy

If I want to use Tor through another program that's not an internet browser do I then set it up as a proxy and what are those settings?

BaconZombie

OP, have a look at Tor Browser Bundle.

It's an all-in-one package with TOR + Firefox {+ Pidgin} all pre-configured for you.

Gavin

Conor108 wrote: »

So I'm just a little confused wheter or not that doing anything. I'd only run it when I'm out and about in open hotspots/hotels/airports. That's kinda what its for isn't it?

Thanks in advance:)

No. This is not what Tor is for. Tor is for anonymity, NOT confidentiality. If you want a secure connection when you are using an insecure network, you need to use a VPN.

If you are using Tor, and want confidentiality, you need to use end to end encryption and be very careful with the public certificate of the remote server.

pieface_ie

Gavin Quote:
Originally Posted by Conor108
So I'm just a little confused wheter or not that doing anything. I'd only run it when I'm out and about in open hotspots/hotels/airports. That's kinda what its for isn't it?

Thanks in advance

No. This is not what Tor is for. Tor is for anonymity, NOT confidentiality. If you want a secure connection when you are using an insecure network, you need to use a VPN.

If you are using Tor, and want confidentiality, you need to use end to end encryption and be very careful with the public certificate of the remote server.

+1

How do you know your data is not been sniffed on the exit node!

Dermot Illogical

pieface_ie wrote: »

+1

How do you know your data is not been sniffed on the exit node!

I think you can safely assume it is.

JohnK

RT66 wrote: »

I think you can safely assume it is.

Most certainly! Granted its an old article but this is the sort of thing that people are doing http://www.securityfocus.com/news/11486

wolfric

i just want to add very quickly that using tor if anything makes your connection very insecure and very high chance of it being sniffed.

High target websites will usually have an encryption on them which makes login secure. You'll see a picture of a padlock and at the bottom right usually a message about the connection that's SSL. Examples being banks, email services such as gmail etc. This works fine even if you're on an insecure website. Note however you should heed warnings by your browser about the security certificate (usually comes up like this http://2.bp.blogspot.com/_j2psQ3ZHDcg/SZi8SZPqwFI/AAAAAAAAAGs/2qXB4O10ujA/s320/firefox-security-warning.png for firefox at least).

If you need absolute confidentiality, consider setting up your own ssl/ssh proxy or buying a service for it.

Black Swan

I stopped using Tor about 3 years ago. I found that during peak periods of use, it appeared sluggish, and the delay skipping through a hub sometimes timed me out on a site I was accessing.

Tor is not for security, rather anonymity. When I want security, I go VPN with encryption.