In short, don't.
Look, when you use a plugin or addon, that piece of software might not obey
the proxy settings, or it might gather some identifying information on your
computer that might de-anonymize you. It doesn't matter that "it's free
software", free software respects the user, but most software (free or not)
was not made to be "anonymous" or "work over Tor". So, yes, free software
will hardly betray you by having backdoors and anti-features. However, the
way that the software itself works, might not work well with a software like
Tor.
For example, a video plugin might be configured to send a report in case of
an error, which might contain the website that you visited. It is not a case
of "the developer trying to control the user", it might just be an attempt at
making the software better. However, in security and privacy matters... you
can't afford any mistake. The first identifying bit of information that
leaves your computer ruins everything else that you have protected so well.
You can, however, try to audit the software yourself. Get in contact with Tor
project and ask what tests you should run to see if those addons would hurt
Tor's anonymity. You can run a few tests, report back the results and have
the software get better adjusted to your needs. But one can't say "using
addons on Tor is fine as long as they are free software".
If I remember correctly, there was the same debate on TAILS. I don't know how
it is right now, but back in the day, the idea that people had was that
"Totem will probably respect proxy settings and if it doesn't it will just
fail the connection, but it is not 100% secure because it was never audited".
Try checking with them, maybe they have something better to offer now =)
- Re: [Trisquel-users] proper/practical use of tor gnuser
-