subject:"Problem with Tor \& IceCat"

Re: Problem with Tor & IceCat

2019-01-10 Thread Ricardo Wurmus

Joshua Branson  writes:

> Archetyp Jung  writes:
>
>> Sorry Ludo, but I reinstalled the operating system yesterday. :-(
>>
>> Thanks to my customized config.scm, everything works fine here,
>> including Tor. ;-)
>>
>> BTW: I no longer use Tor in GNU IceCat with the Tor™ browser button,
>> but directly via Proxy DNS when using SOCKS v5.
>
> Can you describe this setup?  I would like to use Tor properly, and
> currently I cannot.  :(

You only need to add (tor-service) to the list of services.  Then tell
your browser to connect to the SOCKS proxy at localhost:9050.  If you
use Epiphany or Eolie that would be done through the network settings
where you can configure GNOME-wide settings.

For Icecat that would be done in Preferences, searching for “proxy”,
hitting “Settings…” and specifying a manual proxy in the “SOCKS Host”
line.  Also check the box next to “Proxy DNS when using SOCKS v5”.

--
Ricardo

Re: Problem with Tor & IceCat

2019-01-10 Thread Joshua Branson

Ricardo Wurmus  writes:

> Joshua Branson  writes:
>
>> Archetyp Jung  writes:
>>
>>> Sorry Ludo, but I reinstalled the operating system yesterday. :-(
>>>
>>> Thanks to my customized config.scm, everything works fine here,
>>> including Tor. ;-)
>>>
>>> BTW: I no longer use Tor in GNU IceCat with the Tor™ browser button,
>>> but directly via Proxy DNS when using SOCKS v5.
>>
>> Can you describe this setup?  I would like to use Tor properly, and
>> currently I cannot.  :(
>
> You only need to add (tor-service) to the list of services.  Then tell
> your browser to connect to the SOCKS proxy at localhost:9050.  If you
> use Epiphany or Eolie that would be done through the network settings
> where you can configure GNOME-wide settings.
>
> For Icecat that would be done in Preferences, searching for “proxy”,
> hitting “Settings…” and specifying a manual proxy in the “SOCKS Host”
> line.  Also check the box next to “Proxy DNS when using SOCKS v5”.

Thanks for getting back to me.  So just to verify, using Tor via the Tor
plugin provided in Icecat, is not enough?  I have to manually going into
settings and tinker some settings?  A user mentioned the following a few
days ago, which makes me think that DNS is not being sent to TOR.  When
I said, that using icecat with the tor-service, that I could not connect to
tor hidden services, then he said the following:

   That's concerning to me: it seems to imply that DNS requests are _not_
   being proxied through Tor, which could leak very sensitive information
   to your ISP and other parties.

Was he incorrect in his assumption?  Does the default Icecat + the tor
plugin, and (service tor-service-type), correctly route all icecat
traffic through tor?  How can I check that DNS is not being sent over
HTTP?

Thanks,

Joshua

>
> --
> Ricardo
>

--
Joshua Branson
Sent from Emacs and Gnus

Re: Problem with Tor & IceCat

2019-01-09 Thread Archetyp Jung

Oh yes, here are the correct settings for Tor in GNU IceCat:

---> Manual proxy configuration

---> SOCKS Host: localhost Port: 9050

---> Proxy DNS when using SOCKS v5

If you do not want to use the Tor browser button. ;-)

Joshua Branson  writes:

Archetyp Jung  writes:

> Sorry Ludo, but I reinstalled the operating system yesterday. :-(
>
> Thanks to my customized config.scm, everything works fine here,
> including Tor. ;-)
>
> BTW: I no longer use Tor in GNU IceCat with the Tor? browser button,
> but directly via Proxy DNS when using SOCKS v5.

Can you describe this setup?  I would like to use Tor properly, and
currently I cannot.  :( 

-- 
Joshua Branson
Sent from Emacs and Gnus

Hello Joshua, this is my current config.scm:

;; This is an operating system configuration template
;; for a "desktop" setup with Xfce.

(use-modules (gnu) (gnu system nss))
(use-service-modules desktop networking)
(use-package-modules certs xfce)

(operating-system
  (host-name "gnu")
  (timezone "Europe/Berlin")
  (locale "de_DE.UTF-8")

  ;; Assuming /dev/sda is the target hard disk, and "my-root"
  ;; is the label of the target root file system.
  (bootloader (grub-configuration (device "/dev/sda")))
  (file-systems (cons (file-system
(device "my-root")
(title 'label)
(mount-point "/")
(type "ext4"))
  %base-file-systems))

  (users (cons (user-account
(name "user")
(comment "")
(group "users")
(supplementary-groups '("wheel" "netdev"
"audio" "video"))
(home-directory "/home/user"))
   %base-user-accounts))

  ;; This is where we specify system-wide packages.
  (packages (cons* nss-certs ;for HTTPS access
   %base-packages))

  ;; Add GNOME and/or Xfce---we can choose at the log-in
  ;; screen with F1.  Use the "desktop" services, which
  ;; include the X11 log-in service, networking with
  ;; NetworkManager, and more.
  (services (cons* (console-keymap-service "de")
   (service tor-service-type)
   (xfce-desktop-service)
   %desktop-services))

  ;; Allow resolution of '.local' host names with mDNS.
  (name-service-switch %mdns-host-lookup-nss))

And here are the relevant entries for Tor:

(use-service-modules desktop networking)

(service tor-service-type)

-- 
Sent from GNU

Re: Problem with Tor & IceCat

2019-01-09 Thread Archetyp Jung

Okay, I had accidentally posted here under a false name, please remove
this name from help-guix archive and replace it with Archetyp Jung.

The visibility of the wrong name is a security problem for me!

Joshua Branson  writes:

Archetyp Jung  writes:

I believe we generally do not delete email postings.  I suppose we could
if it was spam for instance.

> Would someone please delete the posting from Mon, 7 Jan 2019 02:37:13
> +0100?
>
> https://lists.gnu.org/archive/html/help-guix/2019-01/msg00061.html  

-- 
Joshua Branson
Sent from Emacs and Gnus

-- 
Sent from GNU

Re: Problem with Tor & IceCat

2019-01-09 Thread Archetyp Jung

Joshua Branson  writes:

Archetyp Jung  writes:

> Sorry Ludo, but I reinstalled the operating system yesterday. :-(
>
> Thanks to my customized config.scm, everything works fine here,
> including Tor. ;-)
>
> BTW: I no longer use Tor in GNU IceCat with the Tor? browser button,
> but directly via Proxy DNS when using SOCKS v5.  

Can you describe this setup?  I would like to use Tor properly, and
currently I cannot.  :( 

-- 
Joshua Branson
Sent from Emacs and Gnus

Hello Joshua, this is my current config.scm:

;; This is an operating system configuration template
;; for a "desktop" setup with Xfce.

(use-modules (gnu) (gnu system nss))
(use-service-modules desktop networking)
(use-package-modules certs xfce)

(operating-system
  (host-name "gnu")
  (timezone "Europe/Berlin")
  (locale "de_DE.UTF-8")

  ;; Assuming /dev/sda is the target hard disk, and "my-root"
  ;; is the label of the target root file system.
  (bootloader (grub-configuration (device "/dev/sda")))
  (file-systems (cons (file-system
(device "my-root")
(title 'label)
(mount-point "/")
(type "ext4"))
  %base-file-systems))

  (users (cons (user-account
(name "user")
(comment "")
(group "users")
(supplementary-groups '("wheel" "netdev"
"audio" "video"))
(home-directory "/home/user"))
   %base-user-accounts))

  ;; This is where we specify system-wide packages.
  (packages (cons* nss-certs ;for HTTPS access
   %base-packages))

  ;; Add GNOME and/or Xfce---we can choose at the log-in
  ;; screen with F1.  Use the "desktop" services, which
  ;; include the X11 log-in service, networking with
  ;; NetworkManager, and more.
  (services (cons* (console-keymap-service "de")
   (service tor-service-type)
   (xfce-desktop-service)
   %desktop-services))

  ;; Allow resolution of '.local' host names with mDNS.
  (name-service-switch %mdns-host-lookup-nss))

And here are the relevant entries for Tor:

(use-service-modules desktop networking)

(service tor-service-type)

-- 
Sent from GNU

Re: Problem with Tor & IceCat

2019-01-09 Thread Joshua Branson

Archetyp Jung  writes:

I believe we generally do not delete email postings.  I suppose we could
if it was spam for instance.

> Would someone please delete the posting from Mon, 7 Jan 2019 02:37:13
> +0100?
>
> https://lists.gnu.org/archive/html/help-guix/2019-01/msg00061.html

-- 
Joshua Branson
Sent from Emacs and Gnus

Re: Problem with Tor & IceCat

2019-01-09 Thread Joshua Branson

Archetyp Jung  writes:

> Sorry Ludo, but I reinstalled the operating system yesterday. :-(
>
> Thanks to my customized config.scm, everything works fine here,
> including Tor. ;-)
>
> BTW: I no longer use Tor in GNU IceCat with the Tor™ browser button,
> but directly via Proxy DNS when using SOCKS v5.

Can you describe this setup?  I would like to use Tor properly, and
currently I cannot.  :( 

>
> Am Tue, 08 Jan 2019 23:46:36 +0100
> schrieb Ludovic Courtès :
>
>> Hello,
>> 
>> Ricardo Wurmus  skribis:
>> 
>> >> Thanks, actually this would be the solution for me, but now I've
>> >> probably stumbled upon a real problem:
>> >>
>> >> user@gnu ~$ su
>> >> Password: ...
>> >> root@gnu /home/user# guix system reconfigure /etc/config.scm
>> >> ...
>> >> ...
>> >> The following profile hooks will be built:
>> >>/gnu/store/rdc3rj3ycgvp4ryzjn0f30cpnpcq659m-manual-database.drv
>> >>/gnu/store/4kf8pyj9qfycq81flb3apd847kk5m8d9-info-dir.drv
>> >>/gnu/store/vq23i377lxy5fr04400kigpj34ah89h6-xdg-mime-database.drv
>> >>/gnu/store/zzy8vi3lp6h6f4lzxdrhs1zz975pn8p2-xdg-desktop-database.drv
>> >> building directory of Info manuals...
>> >> builder for
>> >> `/gnu/store/4kf8pyj9qfycq81flb3apd847kk5m8d9-info-dir.drv' failed
>> >> with exit code 1 build
>> >> of /gnu/store/4kf8pyj9qfycq81flb3apd847kk5m8d9-info-dir.drv
>> >> failed  
>> >
>> > This is probably this bug:
>> >
>> > https://issues.guix.info/issue/28144  
>> 
>> To be sure Archetyp, could you run:
>> 
>>   bzcat $(guix build
>> --log-file /gnu/store/4kf8pyj9qfycq81flb3apd847kk5m8d9-info-dir.drv)
>> 
>> and send the output?
>> 
>> Also, was the ‘guix’ command you’re running produced by ‘guix pull’?
>> 
>> Thanks,
>> Ludo’.

-- 
Joshua Branson
Sent from Emacs and Gnus

Re: Problem with Tor & IceCat

2019-01-08 Thread Archetyp Jung

Would someone please delete the posting from Mon, 7 Jan 2019 02:37:13
+0100?

https://lists.gnu.org/archive/html/help-guix/2019-01/msg00061.html

-- 
Sent from GNU

Re: Problem with Tor & IceCat

2019-01-08 Thread Archetyp Jung

Sorry Ludo, but I reinstalled the operating system yesterday. :-(

Thanks to my customized config.scm, everything works fine here,
including Tor. ;-)

BTW: I no longer use Tor in GNU IceCat with the Tor™ browser button,
but directly via Proxy DNS when using SOCKS v5.

Am Tue, 08 Jan 2019 23:46:36 +0100
schrieb Ludovic Courtès :

> Hello,
> 
> Ricardo Wurmus  skribis:
> 
> >> Thanks, actually this would be the solution for me, but now I've
> >> probably stumbled upon a real problem:
> >>
> >> user@gnu ~$ su
> >> Password: ...
> >> root@gnu /home/user# guix system reconfigure /etc/config.scm
> >> ...
> >> ...
> >> The following profile hooks will be built:
> >>/gnu/store/rdc3rj3ycgvp4ryzjn0f30cpnpcq659m-manual-database.drv
> >>/gnu/store/4kf8pyj9qfycq81flb3apd847kk5m8d9-info-dir.drv
> >>/gnu/store/vq23i377lxy5fr04400kigpj34ah89h6-xdg-mime-database.drv
> >>/gnu/store/zzy8vi3lp6h6f4lzxdrhs1zz975pn8p2-xdg-desktop-database.drv
> >> building directory of Info manuals...
> >> builder for
> >> `/gnu/store/4kf8pyj9qfycq81flb3apd847kk5m8d9-info-dir.drv' failed
> >> with exit code 1 build
> >> of /gnu/store/4kf8pyj9qfycq81flb3apd847kk5m8d9-info-dir.drv
> >> failed  
> >
> > This is probably this bug:
> >
> > https://issues.guix.info/issue/28144  
> 
> To be sure Archetyp, could you run:
> 
>   bzcat $(guix build
> --log-file /gnu/store/4kf8pyj9qfycq81flb3apd847kk5m8d9-info-dir.drv)
> 
> and send the output?
> 
> Also, was the ‘guix’ command you’re running produced by ‘guix pull’?
> 
> Thanks,
> Ludo’.

-- 
Sent from GNU

Re: Problem with Tor & IceCat

2019-01-08 Thread Ludovic Courtès

Hello,

Ricardo Wurmus  skribis:

>> Thanks, actually this would be the solution for me, but now I've
>> probably stumbled upon a real problem:
>>
>> user@gnu ~$ su
>> Password: ...
>> root@gnu /home/user# guix system reconfigure /etc/config.scm
>> ...
>> ...
>> The following profile hooks will be built:
>>/gnu/store/rdc3rj3ycgvp4ryzjn0f30cpnpcq659m-manual-database.drv
>>/gnu/store/4kf8pyj9qfycq81flb3apd847kk5m8d9-info-dir.drv
>>/gnu/store/vq23i377lxy5fr04400kigpj34ah89h6-xdg-mime-database.drv
>>/gnu/store/zzy8vi3lp6h6f4lzxdrhs1zz975pn8p2-xdg-desktop-database.drv
>> building directory of Info manuals...
>> builder for `/gnu/store/4kf8pyj9qfycq81flb3apd847kk5m8d9-info-dir.drv'
>> failed with exit code 1 build
>> of /gnu/store/4kf8pyj9qfycq81flb3apd847kk5m8d9-info-dir.drv failed
>
> This is probably this bug:
>
> https://issues.guix.info/issue/28144

To be sure Archetyp, could you run:

  bzcat $(guix build --log-file 
/gnu/store/4kf8pyj9qfycq81flb3apd847kk5m8d9-info-dir.drv)

and send the output?

Also, was the ‘guix’ command you’re running produced by ‘guix pull’?

Thanks,
Ludo’.

Re: Problem with Tor & IceCat

2019-01-07 Thread Joshua Branson

 writes:

> Yes, Tor plugin in Icecat 63 not works properly. I reported it to a developer 
> through his website.

What developer?  Can you link me to the bug report?

>
> There is one important thing that Tor plugin breaks. If you look at 
> https://wiki.gentoo.org/wiki/Tor#Firefox there are lines you should configure 
> in
> about:config page in Icecat
> network.proxy.socks_remote_dnstrue
> network.dns.disablePrefetch   true
> network.dns.disableIPv6   true
>
> So plugin resets  'network.proxy.socks_remote_dns' to 'false' every time it 
> runs and every time you start Icecat having tor plugin is activated. And this 
> is
> why ISP performs dns requests. 
>
> Jan 7, 2019, 2:02 AM by m...@gnu.org:
>
>  On Sun, Jan 06, 2019 at 15:09:51 -0500, Joshua Branson wrote:
>
>  Now, when you start icecat, you may have to click on the tor plugin to
>  activate it, but it normally autostarts for me.
>
>  Also, at least for me, that doesn't configure my browser to access tor
>  hidden services. But it does run all of your http traffic through the
>  tor network, which is pretty cool.
>
>  That's concerning to me: it seems to imply that DNS requests are _not_
>  being proxied through Tor, which could leak very sensitive information
>  to your ISP and other parties.
>
>  I use FoxyProxy Standard[0] (just by habit over the many years I've used
>  Tor with Firefox), so I hadn't tried the Addon distributed with
>  Icecat. FoxyProxy has an option to proxy DNS requests through Tor (and
>  does so by default IIRC).
>
>  [0]: https://directory.fsf.org/wiki/FoxyProxy_Standard
>
>  -- 
>  Mike Gerwitz
>  Free Software Hacker+Activist | GNU Maintainer & Volunteer
>  GPG: D6E9 B930 028A 6C38 F43B 2388 FEF6 3574 5E6F 6D05
>  https://mikegerwitz.com
>

-- 
Joshua Branson
Sent from Emacs and Gnus

Re: Problem with Tor & IceCat

2019-01-07 Thread Joshua Branson

Mike Gerwitz  writes:

> On Sun, Jan 06, 2019 at 15:09:51 -0500, Joshua Branson wrote:
>> Now, when you start icecat, you may have to click on the tor plugin to
>> activate it, but it normally autostarts for me.
>>
>> Also, at least for me, that doesn't configure my browser to access tor
>> hidden services.  But it does run all of your http traffic through the
>> tor network, which is pretty cool.
>
> That's concerning to me: it seems to imply that DNS requests are _not_
> being proxied through Tor, which could leak very sensitive information
> to your ISP and other parties.

Really!?  That's annoying.  We should probably report that as a bug!
It's not much help if your DNS is going to your ISP!

>
> I use FoxyProxy Standard[0] (just by habit over the many years I've used
> Tor with Firefox), so I hadn't tried the Addon distributed with
> Icecat.  FoxyProxy has an option to proxy DNS requests through Tor (and
> does so by default IIRC).

I'm actually super curious about using local proxies!  Ludo uses a
different proxy I think...but there are probably a ton of proxies that
you can run.  Can you give me a brief overview of why to use proxies...?

I'm also interested in performance caching proxies...

>
> [0]: https://directory.fsf.org/wiki/FoxyProxy_Standard

--
Joshua Branson
Sent from Emacs and Gnus

Re: Problem with Tor & IceCat

2019-01-07 Thread Ricardo Wurmus

Archetyp Jung  writes:

> Hi Ricardo, is there a workaround that can be used for me?
>
> Bug 28144 prevents regonfigure & pull. :-(

It’s tricky.  Do you happen to have a different version of Guix on your
system?  If you ran “guix pull” before you should have a few
~/.config/guix/current-* links, each containing “bin/guix” that you
could use instead of the default.

--
Ricardo

Re: Problem with Tor & IceCat

2019-01-07 Thread Archetyp Jung

Hi Ricardo, is there a workaround that can be used for me?

Bug 28144 prevents regonfigure & pull. :-(

Am Mon, 07 Jan 2019 09:16:30 +0100
schrieb Ricardo Wurmus :

> Hi Archetyp,
> 
> > Thanks, actually this would be the solution for me, but now I've
> > probably stumbled upon a real problem:
> >
> > user@gnu ~$ su
> > Password: ...
> > root@gnu /home/user# guix system reconfigure /etc/config.scm
> > ...
> > ...
> > The following profile hooks will be built:
> >/gnu/store/rdc3rj3ycgvp4ryzjn0f30cpnpcq659m-manual-database.drv
> >/gnu/store/4kf8pyj9qfycq81flb3apd847kk5m8d9-info-dir.drv
> >/gnu/store/vq23i377lxy5fr04400kigpj34ah89h6-xdg-mime-database.drv
> >/gnu/store/zzy8vi3lp6h6f4lzxdrhs1zz975pn8p2-xdg-desktop-database.drv
> > building directory of Info manuals...
> > builder for
> > `/gnu/store/4kf8pyj9qfycq81flb3apd847kk5m8d9-info-dir.drv' failed
> > with exit code 1 build
> > of /gnu/store/4kf8pyj9qfycq81flb3apd847kk5m8d9-info-dir.drv failed  
> 
> This is probably this bug:
> 
> https://issues.guix.info/issue/28144
> 
> It’s a bug in Guile that results in miscompilation.
> 

-- 
Sent from GNU

Re: Problem with Tor & IceCat

2019-01-07 Thread Archetyp Jung

Thanks for this important hint, I will consider it! ;-)

Am Mon, 7 Jan 2019 08:16:34 +0100 (CET)
schrieb :

> 
> Yes, Tor plugin in Icecat 63 not works properly. I reported it to a
> developer through his website.
> 
> There is one important thing that Tor plugin breaks. If you look at
> https://wiki.gentoo.org/wiki/Tor#Firefox
>  there are lines you should
> configure in about:config page in Icecat
> network.proxy.socks_remote_dns
> truenetwork.dns.disablePrefetch
> truenetwork.dns.disableIPv6   true So plugin resets
> 'network.proxy.socks_remote_dns' to 'false' every time it runs and
> every time you start Icecat having tor plugin is activated. And this
> is why ISP performs dns requests. 
> 
> 
> Jan 7, 2019, 2:02 AM by m...@gnu.org:
> 
> > On Sun, Jan 06, 2019 at 15:09:51 -0500, Joshua Branson wrote:
> >
> >> Now, when you start icecat, you may have to click on the tor
> >> plugin to activate it, but it normally autostarts for me.
> >>
> >> Also, at least for me, that doesn't configure my browser to access
> >> tor hidden services.  But it does run all of your http traffic
> >> through the tor network, which is pretty cool.
> >>
> >
> > That's concerning to me: it seems to imply that DNS requests are
> > _not_ being proxied through Tor, which could leak very sensitive
> > information to your ISP and other parties.
> >
> > I use FoxyProxy Standard[0] (just by habit over the many years I've
> > used Tor with Firefox), so I hadn't tried the Addon distributed with
> > Icecat.  FoxyProxy has an option to proxy DNS requests through Tor
> > (and does so by default IIRC).
> >
> > [0]: > https://directory.fsf.org/wiki/FoxyProxy_Standard
> > 
> >
> > -- 
> > Mike Gerwitz
> > Free Software Hacker+Activist | GNU Maintainer & Volunteer
> > GPG: D6E9 B930 028A 6C38 F43B  2388 FEF6 3574 5E6F 6D05
> > https://mikegerwitz.com 
> >
> 

-- 
Sent from GNU

Re: Problem with Tor & IceCat

2019-01-07 Thread Ricardo Wurmus



Hi Archetyp,

> Thanks, actually this would be the solution for me, but now I've
> probably stumbled upon a real problem:
>
> user@gnu ~$ su
> Password: ...
> root@gnu /home/user# guix system reconfigure /etc/config.scm
> ...
> ...
> The following profile hooks will be built:
>/gnu/store/rdc3rj3ycgvp4ryzjn0f30cpnpcq659m-manual-database.drv
>/gnu/store/4kf8pyj9qfycq81flb3apd847kk5m8d9-info-dir.drv
>/gnu/store/vq23i377lxy5fr04400kigpj34ah89h6-xdg-mime-database.drv
>/gnu/store/zzy8vi3lp6h6f4lzxdrhs1zz975pn8p2-xdg-desktop-database.drv
> building directory of Info manuals...
> builder for `/gnu/store/4kf8pyj9qfycq81flb3apd847kk5m8d9-info-dir.drv'
> failed with exit code 1 build
> of /gnu/store/4kf8pyj9qfycq81flb3apd847kk5m8d9-info-dir.drv failed

This is probably this bug:

https://issues.guix.info/issue/28144

It’s a bug in Guile that results in miscompilation.

-- 
Ricardo

Re: Problem with Tor & IceCat

2019-01-06 Thread znavko

Yes, Tor plugin in Icecat 63 not works properly. I reported it to a developer 
through his website.

There is one important thing that Tor plugin breaks. If you look at 
https://wiki.gentoo.org/wiki/Tor#Firefox 
 there are lines you should configure 
in about:config page in Icecat
network.proxy.socks_remote_dnstruenetwork.dns.disablePrefetch   
truenetwork.dns.disableIPv6   true
So plugin resets  'network.proxy.socks_remote_dns' to 'false' every time it 
runs and every time you start Icecat having tor plugin is activated. And this 
is why ISP performs dns requests. 

Jan 7, 2019, 2:02 AM by m...@gnu.org:

> On Sun, Jan 06, 2019 at 15:09:51 -0500, Joshua Branson wrote:
>
>> Now, when you start icecat, you may have to click on the tor plugin to
>> activate it, but it normally autostarts for me.
>>
>> Also, at least for me, that doesn't configure my browser to access tor
>> hidden services.  But it does run all of your http traffic through the
>> tor network, which is pretty cool.
>>
>
> That's concerning to me: it seems to imply that DNS requests are _not_
> being proxied through Tor, which could leak very sensitive information
> to your ISP and other parties.
>
> I use FoxyProxy Standard[0] (just by habit over the many years I've used
> Tor with Firefox), so I hadn't tried the Addon distributed with
> Icecat.  FoxyProxy has an option to proxy DNS requests through Tor (and
> does so by default IIRC).
>
> [0]: > https://directory.fsf.org/wiki/FoxyProxy_Standard 
> 
>
> -- 
> Mike Gerwitz
> Free Software Hacker+Activist | GNU Maintainer & Volunteer
> GPG: D6E9 B930 028A 6C38 F43B  2388 FEF6 3574 5E6F 6D05
> https://mikegerwitz.com 
>

Re: Problem with Tor & IceCat

2019-01-06 Thread Mike Gerwitz

On Sun, Jan 06, 2019 at 15:09:51 -0500, Joshua Branson wrote:
> Now, when you start icecat, you may have to click on the tor plugin to
> activate it, but it normally autostarts for me.
>
> Also, at least for me, that doesn't configure my browser to access tor
> hidden services.  But it does run all of your http traffic through the
> tor network, which is pretty cool.

That's concerning to me: it seems to imply that DNS requests are _not_
being proxied through Tor, which could leak very sensitive information
to your ISP and other parties.

I use FoxyProxy Standard[0] (just by habit over the many years I've used
Tor with Firefox), so I hadn't tried the Addon distributed with
Icecat.  FoxyProxy has an option to proxy DNS requests through Tor (and
does so by default IIRC).

[0]: https://directory.fsf.org/wiki/FoxyProxy_Standard

-- 
Mike Gerwitz
Free Software Hacker+Activist | GNU Maintainer & Volunteer
GPG: D6E9 B930 028A 6C38 F43B  2388 FEF6 3574 5E6F 6D05
https://mikegerwitz.com

signature.asc
Description: PGP signature

Re: Problem with Tor & IceCat

2019-01-06 Thread Matthias Lehr

Thanks, actually this would be the solution for me, but now I've
probably stumbled upon a real problem:

user@gnu ~$ su
Password: ...
root@gnu /home/user# guix system reconfigure /etc/config.scm
...
...
The following profile hooks will be built:
   /gnu/store/rdc3rj3ycgvp4ryzjn0f30cpnpcq659m-manual-database.drv
   /gnu/store/4kf8pyj9qfycq81flb3apd847kk5m8d9-info-dir.drv
   /gnu/store/vq23i377lxy5fr04400kigpj34ah89h6-xdg-mime-database.drv
   /gnu/store/zzy8vi3lp6h6f4lzxdrhs1zz975pn8p2-xdg-desktop-database.drv
building directory of Info manuals...
builder for `/gnu/store/4kf8pyj9qfycq81flb3apd847kk5m8d9-info-dir.drv'
failed with exit code 1 build
of /gnu/store/4kf8pyj9qfycq81flb3apd847kk5m8d9-info-dir.drv failed View
build log at
'/var/log/guix/drvs/4k/f8pyj9qfycq81flb3apd847kk5m8d9-info-dir.drv.bz2'.
cannot build derivation
`/gnu/store/y2815l3amfc87fah1xfppx22nqhydn55-profile.drv': 1
dependencies couldn't be built killing process 5397 cannot build
derivation `/gnu/store/ccfx4skdimjv3m2rn2h6jjm4kbzlr9qf-system.drv': 1
dependencies couldn't be built guix system: error: build failed: build
of `/gnu/store/ccfx4skdimjv3m2rn2h6jjm4kbzlr9qf-system.drv' failed
root@gnu /home/user#

Backtrace:
  10 (primitive-load "/gnu/store/y80hdrjx3rkvlc8nynncwflpxyc?")
In ice-9/eval.scm:
   721:20  9 (primitive-eval (begin (use-modules (guix build #) ?) ?))
In ice-9/psyntax.scm:
  1235:36  8 (expand-top-sequence ((begin (use-modules (# # ?) ?) ?)) ?)
  1182:24  7 (parse _ (("placeholder" placeholder)) ((top) #(# # ?)) ?)
  1182:24  6 (parse _ (("placeholder" placeholder)) ((top) #(# # ?)) ?)
   285:10  5 (parse _ (("placeholder" placeholder)) (()) _ c (eval) ?)
In ice-9/boot-9.scm:
  3377:20  4 (process-use-modules _)
   222:17  3 (map1 (((guix build utils)) ((srfi srfi-1)) ((srfi ?)) ?))
  3378:31  2 (_ ((guix build utils)))
   2803:6  1 (resolve-interface _ #:select _ #:hide _ #:prefix _ # _ ?)
In unknown file:
   0 (scm-error misc-error #f "~A ~S" ("no code for modu?" ?) ?)

ERROR: In procedure scm-error:
no code for module (guix build utils)

What is going wrong where? A new bug? Or a local system error?

Am Sun, 06 Jan 2019 15:09:51 -0500
schrieb Joshua Branson <>:

> Archetyp Jung  writes:
> 
> > Hello, the use of Tor with GNU IceCat does not work, Tor must be
> > configured as a system service?
> >
> > How exactly does Tor have to be entered here as a system service
> > in this config.scm?  
> 
> It's pretty easy actually.
> 

> 
> Now, when you start icecat, you may have to click on the tor plugin to
> activate it, but it normally autostarts for me.
> 
> Also, at least for me, that doesn't configure my browser to access tor
> hidden services.  But it does run all of your http traffic through the
> tor network, which is pretty cool.
> 
> --
> Joshua Branson
> Sent from Emacs and Gnus
> 

-- 
Sent from GNU

Re: Problem with Tor & IceCat

2019-01-06 Thread Archetyp Jung

Thanks, actually this would be the solution for me, but now I've
probably stumbled upon a real problem:

user@gnu ~$ su
Password: ...
root@gnu /home/user# guix system reconfigure /etc/config.scm
...
...
The following profile hooks will be built:
   /gnu/store/rdc3rj3ycgvp4ryzjn0f30cpnpcq659m-manual-database.drv
   /gnu/store/4kf8pyj9qfycq81flb3apd847kk5m8d9-info-dir.drv
   /gnu/store/vq23i377lxy5fr04400kigpj34ah89h6-xdg-mime-database.drv
   /gnu/store/zzy8vi3lp6h6f4lzxdrhs1zz975pn8p2-xdg-desktop-database.drv
building directory of Info manuals...
builder for `/gnu/store/4kf8pyj9qfycq81flb3apd847kk5m8d9-info-dir.drv'
failed with exit code 1 build
of /gnu/store/4kf8pyj9qfycq81flb3apd847kk5m8d9-info-dir.drv failed View
build log at
'/var/log/guix/drvs/4k/f8pyj9qfycq81flb3apd847kk5m8d9-info-dir.drv.bz2'.
cannot build derivation
`/gnu/store/y2815l3amfc87fah1xfppx22nqhydn55-profile.drv': 1
dependencies couldn't be built killing process 5397 cannot build
derivation `/gnu/store/ccfx4skdimjv3m2rn2h6jjm4kbzlr9qf-system.drv': 1
dependencies couldn't be built guix system: error: build failed: build
of `/gnu/store/ccfx4skdimjv3m2rn2h6jjm4kbzlr9qf-system.drv' failed
root@gnu /home/user#

Backtrace:
  10 (primitive-load "/gnu/store/y80hdrjx3rkvlc8nynncwflpxyc?")
In ice-9/eval.scm:
   721:20  9 (primitive-eval (begin (use-modules (guix build #) ?) ?))
In ice-9/psyntax.scm:
  1235:36  8 (expand-top-sequence ((begin (use-modules (# # ?) ?) ?)) ?)
  1182:24  7 (parse _ (("placeholder" placeholder)) ((top) #(# # ?)) ?)
  1182:24  6 (parse _ (("placeholder" placeholder)) ((top) #(# # ?)) ?)
   285:10  5 (parse _ (("placeholder" placeholder)) (()) _ c (eval) ?)
In ice-9/boot-9.scm:
  3377:20  4 (process-use-modules _)
   222:17  3 (map1 (((guix build utils)) ((srfi srfi-1)) ((srfi ?)) ?))
  3378:31  2 (_ ((guix build utils)))
   2803:6  1 (resolve-interface _ #:select _ #:hide _ #:prefix _ # _ ?)
In unknown file:
   0 (scm-error misc-error #f "~A ~S" ("no code for modu?" ?) ?)

ERROR: In procedure scm-error:
no code for module (guix build utils)

What is going wrong where? A new bug? Or a local system error?

Am Sun, 06 Jan 2019 15:09:51 -0500
schrieb Joshua Branson <>:

> Archetyp Jung  writes:
> 
> > Hello, the use of Tor with GNU IceCat does not work, Tor must be
> > configured as a system service?
> >
> > How exactly does Tor have to be entered here as a system service
> > in this config.scm?  
> 
> It's pretty easy actually.
> 

> Now, when you start icecat, you may have to click on the tor plugin to
> activate it, but it normally autostarts for me.
> 
> Also, at least for me, that doesn't configure my browser to access tor
> hidden services.  But it does run all of your http traffic through the
> tor network, which is pretty cool.
> 
> --
> Joshua Branson
> Sent from Emacs and Gnus
> 

-- 
Sent from GNU

Re: Problem with Tor & IceCat

2019-01-06 Thread Chris Marusich

Hi Archetyp,

Archetyp Jung  writes:

> Hello, the use of Tor with GNU IceCat does not work, Tor must be
> configured as a system service?
>
> How exactly does Tor have to be entered here as a system service
> in this config.scm?

The section "(guix) Networking Services" in the Guix manual describes
how to create a Tor service:

https://www.gnu.org/software/guix/manual/en/html_node/Networking-Services.html#index-tor_002dservice_002dtype

For example, here is how you would define a Tor service that uses a UNIX
domain socket:

  (service tor-service-type
   (tor-configuration
 (socks-socket-type 'unix)))

For details on how to configure Firefox or IceCat to use it, see:

https://lists.gnu.org/archive/html/help-guix/2018-07/msg00082.html

You might also want to read Devan's thoughtful message here, in which he
reminds us that the safest option is to use Tor Browser:

https://lists.gnu.org/archive/html/help-guix/2018-07/msg00075.html

I hope that helps!

-- 
Chris

signature.asc
Description: PGP signature

Re: Problem with Tor & IceCat

2019-01-06 Thread Joshua Branson

Archetyp Jung  writes:

> Hello, the use of Tor with GNU IceCat does not work, Tor must be
> configured as a system service?
>
> How exactly does Tor have to be entered here as a system service
> in this config.scm?

It's pretty easy actually.

>
> ;; This is an operating system configuration template
> ;; for a "desktop" setup with Xfce.
>
> (use-modules (gnu) (gnu system nss))
  (use-service-modules desktop networking)
> (use-package-modules certs)
>
> (operating-system
>   (host-name "gnu")
>   (timezone "Europe/Berlin")
>   (locale "de_DE.UTF-8")
>
>   ;; Assuming /dev/sda is the target hard disk, and "my-root"
>   ;; is the label of the target root file system.
>   (bootloader (grub-configuration (device "/dev/sda")))
>   (file-systems (cons (file-system
> (device "my-root")
> (title 'label)
> (mount-point "/")
> (type "ext4"))
>   %base-file-systems))
>
>   (users (cons (user-account
> (name "user")
> (comment "")
> (group "users")
> (supplementary-groups '("wheel" "netdev"
> "audio" "video"))
> (home-directory "/home/user"))
>%base-user-accounts))
>
>   ;; This is where we specify system-wide packages.
>   (packages (cons* nss-certs ;for HTTPS access
>%base-packages))
>
>   ;; Add GNOME and/or Xfce---we can choose at the log-in
>   ;; screen with F1.  Use the "desktop" services, which
>   ;; include the X11 log-in service, networking with
>   ;; NetworkManager, and more.
>   (services (cons* (console-keymap-service "de")
 (service tor-service-type)
>(xfce-desktop-service)
>%desktop-services))
>
>   ;; Allow resolution of '.local' host names with mDNS.
>   (name-service-switch %mdns-host-lookup-nss))

Now, when you start icecat, you may have to click on the tor plugin to
activate it, but it normally autostarts for me.

Also, at least for me, that doesn't configure my browser to access tor
hidden services.  But it does run all of your http traffic through the
tor network, which is pretty cool.

--
Joshua Branson
Sent from Emacs and Gnus

Problem with Tor & IceCat

2019-01-06 Thread Archetyp Jung

Hello, the use of Tor with GNU IceCat does not work, Tor must be
configured as a system service?

How exactly does Tor have to be entered here as a system service
in this config.scm?

;; This is an operating system configuration template
;; for a "desktop" setup with Xfce.

(use-modules (gnu) (gnu system nss))
(use-service-modules desktop)
(use-package-modules certs)

(operating-system
  (host-name "gnu")
  (timezone "Europe/Berlin")
  (locale "de_DE.UTF-8")

  ;; Assuming /dev/sda is the target hard disk, and "my-root"
  ;; is the label of the target root file system.
  (bootloader (grub-configuration (device "/dev/sda")))
  (file-systems (cons (file-system
(device "my-root")
(title 'label)
(mount-point "/")
(type "ext4"))
  %base-file-systems))

  (users (cons (user-account
(name "user")
(comment "")
(group "users")
(supplementary-groups '("wheel" "netdev"
"audio" "video"))
(home-directory "/home/user"))
   %base-user-accounts))

  ;; This is where we specify system-wide packages.
  (packages (cons* nss-certs ;for HTTPS access
   %base-packages))

  ;; Add GNOME and/or Xfce---we can choose at the log-in
  ;; screen with F1.  Use the "desktop" services, which
  ;; include the X11 log-in service, networking with
  ;; NetworkManager, and more.
  (services (cons* (console-keymap-service "de")
   (xfce-desktop-service)
   %desktop-services))
 
  ;; Allow resolution of '.local' host names with mDNS.
  (name-service-switch %mdns-host-lookup-nss))

-- 
Sent from GNU

Re: Problem with Tor & IceCat

Re: Problem with Tor & IceCat

Re: Problem with Tor & IceCat

Re: Problem with Tor & IceCat

Re: Problem with Tor & IceCat

Re: Problem with Tor & IceCat

Re: Problem with Tor & IceCat

Re: Problem with Tor & IceCat

Re: Problem with Tor & IceCat

Re: Problem with Tor & IceCat

Re: Problem with Tor & IceCat

Re: Problem with Tor & IceCat

Re: Problem with Tor & IceCat

Re: Problem with Tor & IceCat

Re: Problem with Tor & IceCat

Re: Problem with Tor & IceCat

Re: Problem with Tor & IceCat

Re: Problem with Tor & IceCat

Re: Problem with Tor & IceCat

Re: Problem with Tor & IceCat

Re: Problem with Tor & IceCat

Re: Problem with Tor & IceCat

Problem with Tor & IceCat

23 matches

Site Navigation

Mail list logo

Footer information