Update #1; These updates are hacks to the "about:config" menu to improve anonymity and the anonymity set by increasing the scope of the Tor HTTP/S Header template.
A double asteric "**" denotes an important update hack. Great page on RFC specs for "Header Field Definitions" at cotse <http://www.cotse.com/CIE/RFC/2068/155.htm> ------- To all: Please read and tell me your opinions. ------- The anonymity set that I am attempting to use is as follows: -Updates are letters 'G', 'H' and 'I' below- A. User-Agent: Mozilla, Windows XP, 128-bit encryption, English (non-localized), Firefox. B. Referer(Referrer): Is set to the root (home page) of the site you are currently visiting (eg."http://www.example-root.com";;). I think it is wise to use {forge} for the template Referer setting. If we use a real domain with the {custom} paramiter it may get Tor in trouble with the real domain's owners. I am pretty sure we can not use {block} as it breakes many sites. Note: HTTPS referrer from one HTTPS URL directly to another HTTPS URL is set to {block} incase RegControl can not properly handle these headers. This is because I have not tested (and I don't know) HTTPS to HTTPS referrer headers. C. Keep-Alive: Close D. Compression: Prevented E. X-Forwarded-for: Not removed or spoofed as FF does not have this capibility. Besides, the entry node removes your real "X-Forwarded-for:" header and it already has your real IP. F. Ping: FF will supress the Ping function in HTTP/S. ** G. Accept-Languages: Configured to match the language in "User-Agent"; English non-localized (<en>). H. Accept-Default: Used a configuration that should allow all relevent file types and is used by a wide range of people already. I. Accept-Charsets: Again, use of a general default setting <iso-8859-1> and I also used the all parm {*}. ----------- **Directions** -Updated settings are #7, #8 and #9 below- 1. Start Firefox 2. Type this into the URL bar and hit [enter]: about:config 3. -HTTPS Referrer- <http://kb.mozillazine.org/Network.http.sendSecureXSiteReferrer> 3a. Copy/paste the following line into the "Filter:" bar: "network.http.sendSecureXSiteReferrer" 3b. Right click on the title and choose "toggle" ensure the 'Value' entry reads "False". {false} = Don't send the Referer header when navigating from a https site to another https site. 4. -Keep-Alive(proxy connection)- <http://kb.mozillazine.org/Network.http.proxy.keep-alive> 4a. Copy/paste the following line into the "Filter:" bar: "Network.http.proxy.keep-alive" 4b. Right click on the title and choose "toggle" ensure the 'Value' entry reads "False". {false} = Never use keep-alive connections. 5. -Keep-Alive- <http://kb.mozillazine.org/Network.http.keep-alive> 5a. Copy/paste the following line into the "Filter:" bar: "Network.http.keep-alive" 5b. Right click on the title and choose "toggle" ensure the 'Value' entry reads "False". {false} = Never use keep-alive connections. 6. -Accept-Encoding- <http://kb.mozillazine.org/Network.http.accept-encoding> Prevent compression of HTTP/S data. 6a. Copy/paste the following line into the "Filter:" bar: "network.http.accept-encoding" 6b. Right click on the title and choose "modify". 6c. Delete the text from the box and copy/paste the following line into the box: "gzip;q=0,deflate;q=0,compress;q=0" 6d. Now click "OK" {gzip;q=0,deflate;q=0,compress;q=0} = No compression ** 7. -Accept-Languages- This should be set to the same language that is used by the User-Agent; ie. English, non-localized <en>. 7a. Copy/paste the following line into the "Filter:" bar: "intl.accept_languages" 7b. Right click on the title and choose "modify". 7c. Delete the text from the box and copy/paste the following line into the box: "en" 7d. Now click "OK" {en} = English, non-localized 8. -Accept-Default- <http://kb.mozillazine.org/Network.http.accept.default> 8a. Copy/paste the following line into the "Filter:" bar: "network.http.accept.default" 8b. Right click on the title and choose "modify". 8c. Delete the text from the box and copy/paste the following line into the box: Note: line should not be wrapped. {text/xml,application/xml,application/xhtml+xml, text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5} 9. -Accept-Charsets- 9a. Copy/paste the following line into the "Filter:" bar: "intl.accept_charsets" 9b. Right click on the title and choose "modify". 9c. Delete the text from the box and copy/paste the following line into the box: {ISO-8859-1,*} 10. -Send Ping- <http://kb.mozillazine.org/Browser.send_pings> 10a. This option is not required, you do not need to use it. 10b. Right click anywhere in the 'about:config' window and select "New > Boolean". 10c. Copy/paste the following line into the 'Perference Name" box: "Browser.send pings" 10d. In the next window select "false" {false} = Ignore the ping attribute. 11. -User_Agent- <http://en.wikipedia.org/wiki/User_agent> "User Agent Switcher" is a great FireFox extension. 11a. Install "User Agent Switcher" <https://addons.mozilla.org/firefox/59/> 11b. Restart Firefox 11c. Click on "Tools > User Agent Switcher > Options > Options...". 11d. In the next window click the text "User Agents" 11e. Then click the "Add" button and enter the following text in the appropriate boxes: Note: Lines should not be wrapped. -- Description: Mozilla, Windows XP, 128-bit encryption, English User Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en; rv:1.7.10) Gecko/20050716 Firefox/1.0.5 App Name: Firefox App version: 5.0 (Windows; U; Windows NT 5.1; en; rv:1.7.10) Gecko/20050716 Firefox/1.0.5 Platform: Win32 Vendor: Vendor Sub: -- 11f. Now close and reopen Firefox again and select "Tools > Mozilla, Windows XP, 128-bit encryption, English" 12. -HTTP/S Referrer- The FF extension "RefControl" is a great tool. 12a. Install "RefControl" <http://www.stardrifter.org/refcontrol/> 12b. Restart Firefox 12c. Click on "Tools > RefControl Options..." 12d. In the window that loads click the button "Edit" 12e. Then click the button "Forge" then the buttons "OK" and "OK". ----------- Please try this out and let me know how you fare and where improvments may be made. ----------- **TESTING** After following the directions... A. Go to the following site and record your results: <http://www.stilllistener.com/checkpoint1/test2/> B. Then goto this site and record your results: <http://www.stilllistener.com/checkpoint1/ssi/> C. Then compare the results from both tests. The results should be the same as each other and the same as Tor's official Privoxy configuration. __________________________________________________ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com
