On Wed, 26 Oct 2005, JЖrn Schmidt wrote:

> --- "Travis H." <[EMAIL PROTECTED]> wrote:
> [snip]
> > Another issue involves the ease of use when switching between a
> > [slower] anonymous service and a fast non-anonymous service.  I
> > have a tool called metaprox on my website (see URL in sig) that
> > allows you to choose what proxies you use on a domain-by-domain
> > basis.  Something like this is essential if you want to be
> > consistent about accessing certain sites only through an anonymous
> > proxy.  Short of that, perhaps a Firefox plug-in that allows you
> > to select proxies with a single click would be useful.
> You can already do the latter with SwitchProxy
> (http://www.roundtwo.com/product/switchproxy). Basically, it's a
> Firefox extension that saves you the trouble of going into the
> 'preferences' dialogue everytime you want to switch from one proxy
> to another (or go from using a proxy to not using one, that is).

In fact, it is possible to setup it all thru privoxy alone:

#  =============
#  This feature allows routing of HTTP requests through a chain
#  of multiple proxies. It can be used to better protect privacy
#  and confidentiality when accessing specific domains by routing
#  requests to those domains through an anonymous public proxy (see
#  e.g. http://www.multiproxy.org/anon_list.htm) Or to use a caching
#  proxy to speed up browsing. Or chaining to a parent proxy may be
#  necessary because the machine that Privoxy runs on has no direct
#  Internet access.
#  Also specified here are SOCKS proxies. Privoxy supports the SOCKS
#  4 and SOCKS 4A protocols.


#  5.1. forward
#  ============
#  Specifies:
#      To which parent HTTP proxy specific requests should be routed.
#  Type of value:
#      target_pattern http_parent[:port]
#      where target_pattern is a URL pattern that specifies to which
#      requests (i.e. URLs) this forward rule shall apply. Use /
#      to denote "all URLs".  http_parent[:port] is the DNS name or
#      IP address of the parent HTTP proxy through which the requests
#      should be forwarded, optionally followed by its listening port
#      (default: 8080). Use a single dot (.) to denote "no forwarding".

Btw, I guess everybody who installs tor with privoxy has to know about
this since he has to change this section.

The problem is that it is not clear how to protect against `malicious'
sites: if you separate fast and tor-enabled sites by the site's name,
e.g., tor for search.yahoo.com, and no proxy for everything else,
yahoo can trace you thru images served from .yimg.com; OTOH if you
change proxy `with one click' first of all you can easily forget to do
it, but also a site can create a time-bomb -- a javascript (or just
http/html refresh) which waits some time in background (presumably,
until you switch tor off) and makes another request which allows to
find out your real ip.


Reply via email to