I'm trying to understand what I get out of SSH tunneling vs using Tor and why I need Privoxy in the middle.

Obviously Tor gives me anonymity that I don't get with an SSH tunnel. But why do I need Privoxy? FF3 has built in SOCKS4 and 5 support. I understand that I don't want to use SOCKS4 because of DNS leaking. While SOCKS4a would be ideal, wouldn't it work just as well to point Firefox right at Tor on 9050 as a SOCKS5 proxy and then set FF to point DNS to SOCKS? It sounds like this is easy with: Tor is deathly slow and the jumping endpoint seems to break a lot of things. Why not just setup a local SOCKS proxy to an SSH tunnel and do the FF DNS mod? That's even easier, just change one line in about:config and: I'm not interested in getting endpoint anonymity just out from behind a draconian content filter. As such it seems like Tor offers little benefit to offset the speed hit. Am I missing something obvious? For general knowledge if I am going to use Tor what's the point of using Privoxy? It looks like it's all about DNS leak.

Using Privxoy with Tor is all about DNS leaks. (Although after using it to prevent DNS leaks, I have grown rather partial to some of the filtering it allows ) I am not knowledgeable enough about SOCKS to definitively answer your question. If SOCKS 5 absolutely never does it own DNS request then what you say should work fine. Also, at some point the capability of accepting an HTML proxy request (on a different port which I don't remember off the top of my head) was added to Tor. (I believe it has to be enabled with a configuration file option.) It is intended for allowing Tor to be used as a transparent proxy. It seems to me there may be some downside to using it, but I can't remember what that might be.

If that dodges the content filter (something I've use Tor for), then, yeah, go ahead and use it. It should work as a SOCKS proxy just fine.

You are right about Tor being quite slow. There has been some discussion of that on the or-talk mailing list recently. One person said he had measured the speed that, on average, was around dialup speed (50 - 70 kbps), but that it tended to come in bursts with peak speeds being over 1 Mbps. The Tor project has published a document of ways it is considering to try to speed things up.

Thanks for the info. The code I posted will not work $ssh -N -D -C 431 you@example.com will however work.

Tor is so promising but so problematic all at the same time. The ramifications of running an endpoint are such that I don't see Tor speeding up any time soon. The IronKey private Tor network is wonderful. But, the client side is windows only, too bad.

Thanks for the clarification. I've been tripped up more than once by the way ssh handles options.

And thanks for the heads up about Iron Key. I had not heard of it before. Glancing over their FAQ it sounds like they run all of the servers in their onion router network. I am no expert on this, but I think that would have horrible implications for anonymity. Also it sounds like Iron Key will be running your exit router. That's fine ... if you trust Iron Key! (Tor is designed so you don't have to trust anybody, but that adds some restrictions for safe use as an attacker could be running the exit router.)



If you've not already seen it, you might want to take a look at this:

https://blog.torproject.org/blog/why-tor-is-slow

IronKey's network isn't designed to compete with Tor; rather, it's a reapplication of the onion-router technology to accomplish a different goal. Or at the very least a different set of priorities.