LinuxQuestions.org
Latest LQ Deal: Latest LQ Deals
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Software
User Name
Password
Linux - Software This forum is for Software issues.
Having a problem installing a new program? Want to know which application is best for the job? Post your question in this forum.

Notices


Reply
  Search this Thread
Old 12-23-2020, 02:49 AM   #1
JASlinux
Member
 
Registered: Oct 2020
Posts: 80

Rep: Reputation: Disabled
Question Is it possible to run Tor Browser without Tor?


I'm trying to prevent Tor from forced updating.

In Firefox, if you turn off networking, you can change the Update option to "Never" on older versions.

Alas, you need a connection to start the Tor Browser, and if you start with a connection, it will automatically begin to update.
 
Old 12-23-2020, 03:59 AM   #2
ondoho
LQ Addict
 
Registered: Dec 2013
Posts: 17,072
Blog Entries: 10

Rep: Reputation: 5123Reputation: 5123Reputation: 5123Reputation: 5123Reputation: 5123Reputation: 5123Reputation: 5123Reputation: 5123Reputation: 5123Reputation: 5123Reputation: 5123
Quote:
Originally Posted by JASlinux View Post
I'm trying to prevent Tor from forced updating.

In Firefox, if you turn off networking, you can change the Update option to "Never" on older versions.

Alas, you need a connection to start the Tor Browser, and if you start with a connection, it will automatically begin to update.
How does yout thread title "Is it possible to run Tor Browser without Tor?" relate to what you wrote after that?
Updating TBB is not done over the TOR network.
Running TB without tor is not desirable and not possible.
Without tor, TB would be just a slightly modified Firefox.
 
Old 12-25-2020, 07:57 PM   #3
JASlinux
Member
 
Registered: Oct 2020
Posts: 80

Original Poster
Rep: Reputation: Disabled
Quote:
Originally Posted by ondoho View Post
How does yout thread title "Is it possible to run Tor Browser without Tor?" relate to what you wrote after that?
Updating TBB is not done over the TOR network.
Running TB without tor is not desirable and not possible.
Without tor, TB would be just a slightly modified Firefox.
Please understand, the goal is to thwart forced updates.

You have to have access to Tor Browser configuration to turn off updates, and the Tor package won't let you do that without starting Tor. It doesn't matter if updates don't use Tor. You have to get to the browser to make changes, and once you're there updates are forced before you have any choice.
 
Old 12-26-2020, 05:01 AM   #4
ondoho
LQ Addict
 
Registered: Dec 2013
Posts: 17,072
Blog Entries: 10

Rep: Reputation: 5123Reputation: 5123Reputation: 5123Reputation: 5123Reputation: 5123Reputation: 5123Reputation: 5123Reputation: 5123Reputation: 5123Reputation: 5123Reputation: 5123
Quote:
Originally Posted by JASlinux View Post
the goal is to thwart forced updates.
Why?
This is beginning to sound like an XY-problem to me.

Be that as it may - what distro is this happening on?
And which package are you using?
The package that I use (torbrowser-launcher) is specifically designed to install updates before starting the browser.
But there might be other packages that don't do that.
Or you can go into the install directory and start the browser directly ($HOME/.local/share/torbrowser/tbb/x86_64/tor-browser_en-US/start-tor-browser.desktop in my case).

Inside the browser preferences, there's an opttion to not install updates (but still check for them), just like on FF.

I have to say it again, your thread title makes no sense at all.
 
1 members found this post helpful.
Old 12-27-2020, 11:48 PM   #5
bhoopalkiran
LQ Newbie
 
Registered: Dec 2020
Location: Hyderabad
Posts: 4

Rep: Reputation: 0
Quote:
Originally Posted by JASlinux View Post
I'm trying to prevent Tor from forced updating.

In Firefox, if you turn off networking, you can change the Update option to "Never" on older versions.

Alas, you need a connection to start the Tor Browser, and if you start with a connection, it will automatically begin to update.
However, using Tor for normal browsing is not a good idea. While the architecture does a good job of providing anonymity, browsing Tor is much slower than normal browsing. In my opinion, using TOR completely is a little extreme, which is beyond my patience.
 
Old 12-30-2020, 09:47 AM   #6
TB0ne
LQ Guru
 
Registered: Jul 2003
Location: Birmingham, Alabama
Distribution: SuSE, RedHat, Slack,CentOS
Posts: 23,710

Rep: Reputation: 6940Reputation: 6940Reputation: 6940Reputation: 6940Reputation: 6940Reputation: 6940Reputation: 6940Reputation: 6940Reputation: 6940Reputation: 6940Reputation: 6940
Quote:
Originally Posted by bhoopalkiran View Post
However, using Tor for normal browsing is not a good idea. While the architecture does a good job of providing anonymity, browsing Tor is much slower than normal browsing. In my opinion, using TOR completely is a little extreme, which is beyond my patience.
This doesn't address the OP's question. Saying "it's slower" doesn't address their issue in any way. And not sure why you say it's not a 'good idea' to use a secure, anonymized browser if someone wants to. What's the rationale behind that statement?
 
1 members found this post helpful.
Old 12-31-2020, 07:47 AM   #7
JASlinux
Member
 
Registered: Oct 2020
Posts: 80

Original Poster
Rep: Reputation: Disabled
Quote:
Originally Posted by ondoho View Post

Inside the browser preferences, there's an opttion to not install updates (but still check for them), just like on FF.

If there's a way to manually change that configuration setting (i.e., edit the file outside of Tor), that's exactly the kind of fix that's in order.

It makes perfect sense for updates being involuntary, and updates being undesirable for any reason. Newer isn't always necessary or better.
 
Old 12-31-2020, 08:40 AM   #8
TB0ne
LQ Guru
 
Registered: Jul 2003
Location: Birmingham, Alabama
Distribution: SuSE, RedHat, Slack,CentOS
Posts: 23,710

Rep: Reputation: 6940Reputation: 6940Reputation: 6940Reputation: 6940Reputation: 6940Reputation: 6940Reputation: 6940Reputation: 6940Reputation: 6940Reputation: 6940Reputation: 6940
Quote:
Originally Posted by JASlinux View Post
If there's a way to manually change that configuration setting (i.e., edit the file outside of Tor), that's exactly the kind of fix that's in order. It makes perfect sense for updates being involuntary, and updates being undesirable for any reason. Newer isn't always necessary or better.
Except in the case of encryption, which is what TOR uses to remain secure and anonymous. Updating things ensures this...if you're not going to keep the TOR pieces up to date, there's not much point in using it. Use a regular version of Firefox instead.
 
3 members found this post helpful.
Old 12-31-2020, 02:51 PM   #9
sevendogsbsd
Senior Member
 
Registered: Sep 2017
Distribution: FreeBSD
Posts: 2,256

Rep: Reputation: 1003Reputation: 1003Reputation: 1003Reputation: 1003Reputation: 1003Reputation: 1003Reputation: 1003Reputation: 1003
Agree: cryptography is a never ending race and without updates, vulnerabilities will creep in. This is absolutely critical in something like a browser.
 
Old 01-05-2021, 08:07 PM   #10
JASlinux
Member
 
Registered: Oct 2020
Posts: 80

Original Poster
Rep: Reputation: Disabled
Quote:
Originally Posted by TB0ne View Post
Except in the case of encryption, which is what TOR uses to remain secure and anonymous. Updating things ensures this...if you're not going to keep the TOR pieces up to date, there's not much point in using it. Use a regular version of Firefox instead.
Quote:
Originally Posted by sevendogsbsd View Post
Agree: cryptography is a never ending race and without updates, vulnerabilities will creep in. This is absolutely critical in something like a browser.
Your opinions are tangential, and worthy contributions would be stating your values and answering the question, or stating your values and that you cannot answer the question without judgement. It's smarter.

Most browser versions and especially those with VPN yet vulnerable to security threats are potentially useful, period.
 
Old 01-06-2021, 08:43 AM   #11
ondoho
LQ Addict
 
Registered: Dec 2013
Posts: 17,072
Blog Entries: 10

Rep: Reputation: 5123Reputation: 5123Reputation: 5123Reputation: 5123Reputation: 5123Reputation: 5123Reputation: 5123Reputation: 5123Reputation: 5123Reputation: 5123Reputation: 5123
Quote:
Originally Posted by JASlinux View Post
Your opinions are tangential, and worthy contributions would be stating your values and answering the question, or stating your values and that you cannot answer the question without judgement. It's smarter.

Most browser versions and especially those with VPN yet vulnerable to security threats are potentially useful, period.
You have been handed plenty of potential answers to your "actual problem" and never reported back with any real progress.
Until you do I'm sure it's ok to have a "tangential" chat.
 
2 members found this post helpful.
Old 01-06-2021, 09:31 AM   #12
TB0ne
LQ Guru
 
Registered: Jul 2003
Location: Birmingham, Alabama
Distribution: SuSE, RedHat, Slack,CentOS
Posts: 23,710

Rep: Reputation: 6940Reputation: 6940Reputation: 6940Reputation: 6940Reputation: 6940Reputation: 6940Reputation: 6940Reputation: 6940Reputation: 6940Reputation: 6940Reputation: 6940
Quote:
Originally Posted by JASlinux View Post
Your opinions are tangential, and worthy contributions would be stating your values and answering the question, or stating your values and that you cannot answer the question without judgement. It's smarter.
Wrong; it is not an OPINION that keeping cryptographic systems up to date keeps them secure, it's a fact. My 'values' have zero to do with that, and your question was answered very clearly. Either keep TOR browser up to date or don't bother using it. Complaining about how 'slow' it is, is the nature of the crypto and the anonymizing nature of the routing, period.

Want fast with no updates? Use Firefox and don't update it when asked. Simple.
Quote:
Most browser versions and especially those with VPN yet vulnerable to security threats are potentially useful, period.
So back to "use a regular version of Firefox". Easily used over whatever VPN you want. Your 'problem' makes very little sense and has been clearly addressed. Either use it or don't, choose one...it's smarter.
 
3 members found this post helpful.
Old 01-06-2021, 09:48 AM   #13
sevendogsbsd
Senior Member
 
Registered: Sep 2017
Distribution: FreeBSD
Posts: 2,256

Rep: Reputation: 1003Reputation: 1003Reputation: 1003Reputation: 1003Reputation: 1003Reputation: 1003Reputation: 1003Reputation: 1003
Quote:
Originally Posted by JASlinux View Post
Your opinions are tangential, and worthy contributions would be stating your values and answering the question, or stating your values and that you cannot answer the question without judgement. It's smarter.

Most browser versions and especially those with VPN yet vulnerable to security threats are potentially useful, period.
What is smarter, as others have stated, is to keep the tor browser updated. I didn't answer the question because the question asks about doing something that is not "smart", which is leave a security/anonymity tool vulnerable by not updating it.

Not judging, I am providing the intelligent course of action.
 
2 members found this post helpful.
Old 01-06-2021, 11:25 AM   #14
boughtonp
Senior Member
 
Registered: Feb 2007
Location: UK
Distribution: Debian
Posts: 1,225

Rep: Reputation: 1050Reputation: 1050Reputation: 1050Reputation: 1050Reputation: 1050Reputation: 1050Reputation: 1050Reputation: 1050
Quote:
Originally Posted by JASlinux View Post
In Firefox, if you turn off networking, you can change the Update option to "Never" on older versions.
Firefox stores that setting somewhere. Presumably either a config file (ini/json/xml/whatever) or a database (sqlite).

Since Tor Browser is a configured Firefox, there's a fair chance that the same setting is used, meaning you can modify the equivalent file to prevent it from upgrading before you start the browser.

If you don't know what the setting is called, use about:config to identify it then search the filesystem for files containing that value and/or manually check each SQLite database for it.


If it's a Tor Launcher doing the upgrading (i.e. not the browser), you'll have to examine the source code for that to determine how it decides to upgrade and if you can disable it with config or whether something more involved is necessary. Since updates are liable to come from a similar place as new Tor downloads, you can probably search for the relevant URL/domain to identify where that logic is.

 
  


Reply

Tags
tor, tor browser, update


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Advice on Adapting Transports from Tor Browser Bundle to Tor? Nonetas Linux - Security 0 01-22-2018 03:45 PM
Tor Browser Bundle/Tor and IPTables: Working Solution Sought Nonetas Linux - Security 1 01-14-2018 06:23 PM
LXer: Tails 2.6 Anonymous Linux Live CD Is Out, Brings Tor 0.2.8.7 and Tor Browser 6.0.5 LXer Syndicated Linux News 0 09-21-2016 01:32 AM
LXer: Tor Browser 4.5.2 Is Out with the Latest Tor Anonymity Network Software LXer Syndicated Linux News 0 06-17-2015 02:40 PM
LXer: Tor Browser Bundle-Tor Goes Portable LXer Syndicated Linux News 1 09-02-2011 02:29 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Software

All times are GMT -5. The time now is 09:04 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration