Torify my Software Updater and Synaptic

13 respostas [Última entrada]
Trisk Spellian
Desconectado
Joined: 03/20/2015

I would like to make it so that all of my software updates and installs are done through Tor.

Is this possible? If so, how?

Thank you!

Alexander Stephen Thomas Ross
Desconectado
Joined: 09/17/2012

hmm, global system proxy or maybe apt has a proxy setting? if your not
doing a global system proxy then try searching "apt settings proxy" maybe?

tomlukeywood
Desconectado
Joined: 12/05/2014

just while i can ask

dose anyone know how to use tor with irc clients?

Alexander Stephen Thomas Ross
Desconectado
Joined: 09/17/2012

look on the tor website, i think there’s a howto on there.

On 18/04/15 23:39, name at domain wrote:
> just while i can ask
>
> dose anyone know how to use tor with irc clients?

Legimet
Desconectado
Joined: 12/10/2013

It's not in the repos of the Trisquel 7 (it probably will be in 8), but take a look at https://github.com/diocles/apt-transport-tor.

Mangy Dog

I am a member!

I am a translator!

Desconectado
Joined: 03/15/2015

https://trac.torproject.org/projects/tor/wiki/doc/TorifyHOWTO
https://trac.torproject.org/projects/tor/wiki/doc/TorifyHOWTO/IsolatingProxy

quote:
In short, do not torify any applications yourself unless you know exactly what you are doing...see this article more as a reference for developers and advanced users If you don't fall into one of these two categories then for your own security, stick with the Tor(IceCat) or
https://www.torproject.org/docs/debian.html.en

Do not use automatic software updates over Tor that do not verify downloads. That being said, operating system updates are generally secure. If you use GNU/Linux and only your package management software suite, then you can consider your self safe..

for example if the updates aren't signed/authenticated, malevolent exit nodes can change what code is downloaded and installed and thereby gain remote code execution rights. This could potentially lead to your public IP address and your physical location being revealed. If you don't use a generic system (such as Tails or Whonix's Whonix-Workstation), then the software update can leak identifying fingerprints (what software and versions are installed) to exit nodes and repository mirrors.

http://pkgs.org/debian-wheezy/debian-main-i386/anon-proxy_00.05.38+20081230-2.1_i386.deb.html
https://en.wikipedia.org/wiki/Squid_%28software%29
http://www.blackhatworld.com/blackhat-seo/proxies/222258-create-your-private-secure-high-anonymous-proxy-step-step-guide.html

GNUser
Desconectado
Joined: 07/17/2013

If you can, try contacting ioerror, Jacob Appelbaum, I remember him saying he did that very same thing to prevent someone from feeding him a fake update on Debian.

GNUser
Desconectado
Joined: 07/17/2013

Did this ever get solved? I would like to do the same thing.

lembas
Desconectado
Joined: 05/13/2010

In related news looks like some Debian guys are putting up Tor-Enabled Debian Mirrors. Watch out for proprietary software though.

https://soylentnews.org/article.pl?sid=15/09/06/1542241

GNUser
Desconectado
Joined: 07/17/2013

I knew of that. It would be awesome if Trisquel did the same thing, but I don't think the project can handle it right now (the immense amount of work it requires is prohibitive).
However, maybe trying to ask Ruben to get apt-transport-tor in the repositories would be a nice idea. Think it's worth it?

I actually tried to compile it in my machine but it didn't work...

lembas
Desconectado
Joined: 05/13/2010

It's all really above my paygrade! :)

I think it would be a good thing and that the threats are real but I'm no expert. Privacy and security are always good things and as Snowden taught us being paranoid is probably not enough.

SuperTramp83

I am a translator!

Desconectado
Joined: 10/31/2014

A trusted and safe VPN may ease your mind maybe..

GNUser
Desconectado
Joined: 07/17/2013

VPN's are not safe. No one will go to prison for you. Tor is the way to go. Decentralized and with no central point of failure.

SuperTramp83

I am a translator!

Desconectado
Joined: 10/31/2014

that depends on the vpn provider.