Re: Other web-browser for tor

2018-10-11 Thread Devan Carpenter 
I would like to point out again on this ML, since nobody in this thread
ever mentioned it, that using any browser other than the TorBrowser over
Tor is _not safe_. One of the big modifications to firefox, implemented
in TorBrowser, is tab isolation. No cookies or any other identifying
attributes are shared between tabs, unlike _all_ other browsers. It's
great to be able to have privoxy and Epiphany working with Tor, but
please be aware that it will be very simple to deanonymize the user.

There are ways to mitigate this problem, eg. by running Epiphany in a
fresh ad-hoc envirnoment every time you open a new page :) but this is
prone to mistake of course.

All that said, now that we have Icecat 60 due to the fantastic work by some
members of our community, perhaps the packaging of TorBrowser would not
be such a labourous effort. I think it's a very important piece of
software to make available to people, and I would love to see it in
Guix.

I personally won't be able to focus time on packaging for at least the
next  2 weeks, but I thought I'd mention it in case anyone wants to 
give it a crack.


- dvn

znavko transcribed 2.1K bytes:
> Hello! I am using GNU IceCat, that has Network Settings for using proxy. I can
> use tor with it. I was using Abrowaser on trisquel, but GuixSD repository has
> no such:
> $ guix package -s abrowser
> $
> 
> I've found other browsers with `guix package -s 'web browser'` but all of that
> I've installed has no Network configurations . Epiphany, Dillo, Conkeror 
> can't.
> Netsurf browser has network settings, but there is only http proxy, and I get
> this when type proxy: 127.0.0.1:9050 : "This is a SOCKs proxy, not an HTTP
> proxy."
> 
> Which other free software browser can work on socks4 proxy? On trisquel I had
> Abrowser, but here it is only Icecat.


signature.asc
Description: PGP signature

Re: Other web-browser for tor

2018-10-04 Thread Pierre Neidhardt 
Oops!  Indeed, it's http://config.privoxy.org.
But I can't have possibly made the other URL up, I must have seen it somewhere
else.

I've checked the doc again and it's the right URL indeed.  I'm clueless...
Anyways, problem solved!

I've reported a bug regarding privoxy that cannot be started in daemon mode.

-- 
Pierre Neidhardt
https://ambrevar.xyz/


signature.asc
Description: PGP signature

Re: Other web-browser for tor

2018-10-04 Thread Ricardo Wurmus 


Hi Pierre,

> Does the above work for you?  If so, I guess the environment has some 
> influence
> on prixovy.
> Could you try privoxy from a container?

I can visit http://config.privoxy.org/ with Epiphany after setting up
localhost:8118 as a proxy in the GNOME network settings.  It shows me
that privoxy is in fact being used.

https://www.privoxy.org/config shows me that Privoxy is not used;
https://config.privoxy.org does not resolve.

I asked Privoxy how the URL “https://www.privoxy.org/config” would be
redirected, and it tells me:

   This is a HTTPS URL, so the part after the "/" is ignored as Privoxy
   doesn't see the path for real HTTPS requests either.

That makes sense.

--
Ricardo

Re: Other web-browser for tor

2018-10-04 Thread Pierre Neidhardt 
Nope, it does not seem to cut it:

--8<---cut here---start->8---
$ env http_proxy=127.0.0.1:8118 https_proxy=127.0.0.1:8118 wget -O - 
https://www.privoxy.org/config/
--2018-10-04 15:11:45--  https://www.privoxy.org/config/
Connecting to 127.0.0.1:8118... connected.
Proxy request sent, awaiting response... 200 OK
Length: 3486 (3.4K) [text/html]
Saving to: ‘STDOUT’

- 0%[]   0  --.-KB/s   
http://www.w3.org/TR/html4/loose.dtd;>





  Privoxy is not being used
...
--8<---cut here---end--->8---

Does the above work for you?  If so, I guess the environment has some influence
on prixovy.
Could you try privoxy from a container?

-- 
Pierre Neidhardt
https://ambrevar.xyz/


signature.asc
Description: PGP signature

Re: Other web-browser for tor

2018-10-02 Thread Ludovic Courtès 
Pierre Neidhardt  skribis:

> By the way the
>
>> > #[STATUS] End time 2018-10-02 13:17:09, duration 1.006s
>
> line is my Eshell config, it's not part of privoxy's output.
>
>> Does running it with ‘--no-daemon’ display any hints?
>
> It works!
> So what's up with the daemon?

I just realized that you were running strace without ‘-f’, so it was not
tracing the daemon post-fork.

Ludo’.

Re: Other web-browser for tor

2018-10-02 Thread Ludovic Courtès 
Pierre Neidhardt  skribis:

> $ privoxy 
> /gnu/store/d3q0nz8568j32gslkc3lskxpzmimcx9z-privoxy-3.0.26/etc/privoxy/config
> #[STATUS] End time 2018-10-02 13:17:09, duration 1.006s

Here’s what I see:

--8<---cut here---start->8---
$ /gnu/store/d3q0nz8568j32gslkc3lskxpzmimcx9z-privoxy-3.0.26/sbin/privoxy 
--no-daemon 
/gnu/store/d3q0nz8568j32gslkc3lskxpzmimcx9z-privoxy-3.0.26/etc/privoxy/config
2018-10-02 13:48:52.646 7f6805ca9740 Info: Privoxy version 3.0.26
2018-10-02 13:48:52.646 7f6805ca9740 Info: Program name: 
/gnu/store/d3q0nz8568j32gslkc3lskxpzmimcx9z-privoxy-3.0.26/sbin/privoxy
# … runs fine
--8<---cut here---end--->8---

Does running it with ‘--no-daemon’ display any hints?

Ludo’.

Re: Other web-browser for tor

2018-10-02 Thread Pierre Neidhardt 

$ privoxy 
/gnu/store/d3q0nz8568j32gslkc3lskxpzmimcx9z-privoxy-3.0.26/etc/privoxy/config
#[STATUS] End time 2018-10-02 13:17:09, duration 1.006s

$ strace privoxy 
/gnu/store/d3q0nz8568j32gslkc3lskxpzmimcx9z-privoxy-3.0.26/etc/privoxy/config
execve("/home/ambrevar/.guix-profile/sbin/privoxy", ["privoxy", 
"/gnu/store/d3q0nz8568j32gslkc3ls"...], 0x7ffdb068a838 /* 60 vars */) = 0
brk(NULL)   = 0x100f000
mmap(NULL, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 
0x7f657baa8000
access("/etc/ld.so.preload", R_OK)  = -1 ENOENT (No such file or directory)
openat(AT_FDCWD, 
"/gnu/store/l4lr0f5cjd0nbsaaf8b5dmcw1a1yypr3-glibc-2.27/lib/tls/haswell/x86_64/libz.so.1",
 O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory)
stat("/gnu/store/l4lr0f5cjd0nbsaaf8b5dmcw1a1yypr3-glibc-2.27/lib/tls/haswell/x86_64",
 0x7ffcc1460cb0) = -1 ENOENT (No such file or directory)
openat(AT_FDCWD, 
"/gnu/store/l4lr0f5cjd0nbsaaf8b5dmcw1a1yypr3-glibc-2.27/lib/tls/haswell/libz.so.1",
 O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory)
stat("/gnu/store/l4lr0f5cjd0nbsaaf8b5dmcw1a1yypr3-glibc-2.27/lib/tls/haswell", 
0x7ffcc1460cb0) = -1 ENOENT (No such file or directory)
openat(AT_FDCWD, 
"/gnu/store/l4lr0f5cjd0nbsaaf8b5dmcw1a1yypr3-glibc-2.27/lib/tls/x86_64/libz.so.1",
 O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory)
stat("/gnu/store/l4lr0f5cjd0nbsaaf8b5dmcw1a1yypr3-glibc-2.27/lib/tls/x86_64", 
0x7ffcc1460cb0) = -1 ENOENT (No such file or directory)
openat(AT_FDCWD, 
"/gnu/store/l4lr0f5cjd0nbsaaf8b5dmcw1a1yypr3-glibc-2.27/lib/tls/libz.so.1", 
O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory)
stat("/gnu/store/l4lr0f5cjd0nbsaaf8b5dmcw1a1yypr3-glibc-2.27/lib/tls", 
0x7ffcc1460cb0) = -1 ENOENT (No such file or directory)
openat(AT_FDCWD, 
"/gnu/store/l4lr0f5cjd0nbsaaf8b5dmcw1a1yypr3-glibc-2.27/lib/haswell/x86_64/libz.so.1",
 O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory)
stat("/gnu/store/l4lr0f5cjd0nbsaaf8b5dmcw1a1yypr3-glibc-2.27/lib/haswell/x86_64",
 0x7ffcc1460cb0) = -1 ENOENT (No such file or directory)
openat(AT_FDCWD, 
"/gnu/store/l4lr0f5cjd0nbsaaf8b5dmcw1a1yypr3-glibc-2.27/lib/haswell/libz.so.1", 
O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory)
stat("/gnu/store/l4lr0f5cjd0nbsaaf8b5dmcw1a1yypr3-glibc-2.27/lib/haswell", 
0x7ffcc1460cb0) = -1 ENOENT (No such file or directory)
openat(AT_FDCWD, 
"/gnu/store/l4lr0f5cjd0nbsaaf8b5dmcw1a1yypr3-glibc-2.27/lib/x86_64/libz.so.1", 
O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory)
stat("/gnu/store/l4lr0f5cjd0nbsaaf8b5dmcw1a1yypr3-glibc-2.27/lib/x86_64", 
0x7ffcc1460cb0) = -1 ENOENT (No such file or directory)
openat(AT_FDCWD, 
"/gnu/store/l4lr0f5cjd0nbsaaf8b5dmcw1a1yypr3-glibc-2.27/lib/libz.so.1", 
O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory)
stat("/gnu/store/l4lr0f5cjd0nbsaaf8b5dmcw1a1yypr3-glibc-2.27/lib", 
{st_mode=S_IFDIR|0555, st_size=4096, ...}) = 0
openat(AT_FDCWD, 
"/gnu/store/vla5j7pbkpcp39lsdfsmz7m9azn48lr4-gcc-5.5.0-lib/lib/tls/haswell/x86_64/libz.so.1",
 O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory)
stat("/gnu/store/vla5j7pbkpcp39lsdfsmz7m9azn48lr4-gcc-5.5.0-lib/lib/tls/haswell/x86_64",
 0x7ffcc1460cb0) = -1 ENOENT (No such file or directory)
openat(AT_FDCWD, 
"/gnu/store/vla5j7pbkpcp39lsdfsmz7m9azn48lr4-gcc-5.5.0-lib/lib/tls/haswell/libz.so.1",
 O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory)
stat("/gnu/store/vla5j7pbkpcp39lsdfsmz7m9azn48lr4-gcc-5.5.0-lib/lib/tls/haswell",
 0x7ffcc1460cb0) = -1 ENOENT (No such file or directory)
openat(AT_FDCWD, 
"/gnu/store/vla5j7pbkpcp39lsdfsmz7m9azn48lr4-gcc-5.5.0-lib/lib/tls/x86_64/libz.so.1",
 O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory)
stat("/gnu/store/vla5j7pbkpcp39lsdfsmz7m9azn48lr4-gcc-5.5.0-lib/lib/tls/x86_64",
 0x7ffcc1460cb0) = -1 ENOENT (No such file or directory)
openat(AT_FDCWD, 
"/gnu/store/vla5j7pbkpcp39lsdfsmz7m9azn48lr4-gcc-5.5.0-lib/lib/tls/libz.so.1", 
O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory)
stat("/gnu/store/vla5j7pbkpcp39lsdfsmz7m9azn48lr4-gcc-5.5.0-lib/lib/tls", 
0x7ffcc1460cb0) = -1 ENOENT (No such file or directory)
openat(AT_FDCWD, 
"/gnu/store/vla5j7pbkpcp39lsdfsmz7m9azn48lr4-gcc-5.5.0-lib/lib/haswell/x86_64/libz.so.1",
 O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory)
stat("/gnu/store/vla5j7pbkpcp39lsdfsmz7m9azn48lr4-gcc-5.5.0-lib/lib/haswell/x86_64",
 0x7ffcc1460cb0) = -1 ENOENT (No such file or directory)
openat(AT_FDCWD, 
"/gnu/store/vla5j7pbkpcp39lsdfsmz7m9azn48lr4-gcc-5.5.0-lib/lib/haswell/libz.so.1",
 O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory)
stat("/gnu/store/vla5j7pbkpcp39lsdfsmz7m9azn48lr4-gcc-5.5.0-lib/lib/haswell", 
0x7ffcc1460cb0) = -1 ENOENT (No such file or directory)
openat(AT_FDCWD, 
"/gnu/store/vla5j7pbkpcp39lsdfsmz7m9azn48lr4-gcc-5.5.0-lib/lib/x86_64/libz.so.1",
 O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory)

Re: Other web-browser for tor

2018-10-02 Thread Ricardo Wurmus 


Pierre Neidhardt  writes:

>> Privoxy has always worked great for me.  Any error messages or hints?
>
> Nothing at all, sadly :(

How do you run it?  It worked fine for me.

-- 
Ricardo

Re: Other web-browser for tor

2018-10-02 Thread Ludovic Courtès 
Hello,

znavko  skribis:

> $ conkeror
> JavaScript error: 
> file:///gnu/store/1as3pf6ynv3045gd96yi4vv5l9hy4vhr-conkeror-1.1.0/share/conkeror/components/application.js,
>  line 164: SyntaxError: missing ) after catch
> JavaScript error: 
> file:///gnu/store/1as3pf6ynv3045gd96yi4vv5l9hy4vhr-conkeror-1.1.0/share/conkeror/components/command-line.js,
>  line 21: NS_ERROR_XPC_GS_RETURNED_FAILURE: Component returned failure code: 
> 0x80570016 (NS_ERROR_XPC_GS_RETURNED_FAILURE) [nsIJSCID.getService]
> JavaScript strict warning: resource://gre/modules/ProfileAge.jsm, line 201: 
> ReferenceError: reference to undefined property "reset"
> *** UTM:SVC TimerManager:registerTimer called after profile-before-change 
> notification. Ignoring timer registration for id: telemetry_modules_ping

That’s because we just upgraded to IceCat 60, and Conkeror cannot work
with it.  I suppose Conkeror is not usable anymore, unless we keep a
copy of IceCat 52 around.  :-/

Ludo’.

Re: Other web-browser for tor

2018-10-02 Thread Ludovic Courtès 
Hello,

Pierre Neidhardt  skribis:

> I can't seem to be able to run privoxy: it exists in a second with no output.
> Did anyone manage to run it succesfully?

Privoxy has always worked great for me.  Any error messages or hints?

Thanks,
Ludo’.

Re: Other web-browser for tor

2018-09-27 Thread Mark H Weaver 
znavko  writes:

> Hello! I am using GNU IceCat, that has Network Settings for using
> proxy. I can use tor with it. I was using Abrowaser on trisquel, but
> GuixSD repository has no such:
>
> $ guix package -s abrowser
> $
>
> I've found other browsers with `guix package -s 'web browser'` but all
> of that I've installed has no Network configurations . Epiphany,
> Dillo, Conkeror can't.  Netsurf browser has network settings, but
> there is only http proxy, and I get this when type proxy:
> 127.0.0.1:9050 : "This is a SOCKs proxy, not an HTTP proxy."
>
> Which other free software browser can work on socks4 proxy? On
> trisquel I had Abrowser, but here it is only Icecat.

Epiphany can be configured to use a SOCKs proxy via the "Network"
section of GNOME settings.

Conkeror can be configured to use a SOCKs proxy.  See
.

For software that does not support SOCKs proxies, you can use 'privoxy'
as a gateway.  'privoxy' presents itself as an HTTP/HTTPS proxy, and it
can be configured to use a SOCKs proxy.  See
.

Dillo can be configured to use an HTTP/HTTPS proxy in its
~/.dillo/dillorc.

Wget and some other command-line utilities will honor the http_proxy and
https_proxy environment variables.  Alternatively, you can configure
wget to use a proxy via ~/.wgetrc.

I do not know off-hand whether these programs leak information in
practice (e.g. by making untorified DNS requests) when configured in
this way.

  Mark

Re: Other web-browser for tor

2018-09-26 Thread Ricardo Wurmus 
Hi,

please always keep the mailing list in Cc.

> I have not yet configured wpa_supplicant + dhclient services to
> connect to Wifi on GuixSD on startup, cause I cannot imagine how to
> type config.scm.
[…]
> Default NetworkManager is overabundant for me. I type every time: `su
> - && ./go` where 'go' has lines to up the wifi and to connect via
> wpa_supplicant and dhclient.  And after that I type from non-root user
> `tor`.

That seems very inconvenient.

Your system’s config.scm contains a “services” field.  To add Tor as a
system service and use GNOME you only need this:

  (services (cons* (tor-service)
   (gnome-desktop-service)
   %desktop-services))

For XFCE replace the “gnome-desktop-service” with
“xfce-desktop-service”.  %desktop-services includes networking with
NetworkManager, which you should configure either using “nmtui” or
through the graphical user interface provided by the desktop
environment.

You don’t configure the Wifi settings in config.scm.

We provide template configuration files in the gnu/system/examples
directory of the Guix source tree.

--
Ricardo

Re: Other web-browser for tor

2018-09-25 Thread v88m 
On Mon, Sep 24 2018, znavko wrote:

> I've found other browsers with `guix package -s 'web browser'` but all
> of that I've installed has no Network configurations . Epiphany,
> Dillo, Conkeror can't.  Netsurf browser has network settings, but
> there is only http proxy, and I get this when type proxy:
> 127.0.0.1:9050 : "This is a SOCKs proxy, not an HTTP proxy."
>
> Which other free software browser can work on socks4 proxy? On
> trisquel I had Abrowser, but here it is only Icecat.

Conkeror does.

http://conkeror.org/Tips?highlight=%28tor%29#Browsing_through_Tor

-- 
WBR

Re: Other web-browser for tor

2018-09-25 Thread Ricardo Wurmus 


Hi znavko,

> I've found other browsers with `guix package -s 'web browser'` but all
> of that I've installed has no Network configurations . Epiphany,
> Dillo, Conkeror can't.

Epiphany and Eolie both should accept the GNOME network settings, where
you can configure a SOCKS proxy.  Unfortunately, this doesn’t seem to
work properly.

I’m investigating this now.

--
Ricardo

Re: Other web-browser for tor

2018-09-24 Thread Ricardo Wurmus 


Ricardo Wurmus  writes:

> Hi znavko,
>
>> I've found other browsers with `guix package -s 'web browser'` but all
>> of that I've installed has no Network configurations . Epiphany,
>> Dillo, Conkeror can't.
>
> Epiphany and Eolie both should accept the GNOME network settings, where
> you can configure a SOCKS proxy.  Unfortunately, this doesn’t seem to
> work properly.
>
> I’m investigating this now.

This works now.  I just had to replace the line “exec gnome-shell” in my
~/.xsession file with “gnome-session” (no “exec”), which makes sure that
the GNOME session manager is started.  Epiphany connects to the GNOME
session manager to read the session-wide network settings, including
the SOCKS proxy settings.

I think it will work out of the box if you’re not using a ~/.xsession
file.

--
Ricardo