[Freedombox-discuss] Privoxy via Tor, and APT via Privoxy?
pere at hungry.com
Wed Apr 16 16:37:13 UTC 2014
> I think this idea is worth trying - even if secure apt prevents
> someone putting fake packages onto your machine, this will stop
> people seeing which software they need to find zero-day
> vulnerabilities in. :)
> What's the best apt mirror to use with tor? Maybe http.debian.net?
> It's probably important to preserve anonymity that everyone uses the
> same mirror.
Either cdn.debian.net or http.debian.net I believe. I've had some
problems using both from time to time, but I do not believe we have
any better option.
> I'm surprised that apt doesn't support SOCKS proxies directly -
> random people on the internet seem to think that it does, but
> there's no mention in apt's source code.
Yeah. I asked for SOCKS support today in
<URL: http://bugs.debian.org/744934 >. If someone got time to provide
the C++ patch needed, I am sure it would be well received.
> Privoxy cannot proxy ftp traffic, according to its FAQ. You might
> want to add https, but I don't think anyone uses that?
On second thought, I believe it is better to put this functionallity
in plinth, behind an option, instead of in freedombox-setup. The
option should probably be enabled by default.
The options for apt can be to use privoxy, and for privoxy to use tor.
I would prefer to have one option for apt to use tor, but without
SOCKS support, that is not trivial.
An alternative which Nick mentioned on IRC today, is
<URL: https://code.google.com/p/badvpn/wiki/tun2socks >. The idea is
to not confiture apt and privoxy, but instead change the IP setup on
the machine to send everything via tor. Perhaps a better option? But
that package is not in Debian, as far as I know.
More information about the Freedombox-discuss