LinuxQuestions.org
Welcome to the most active Linux Forum on the web.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Software
User Name
Password
Linux - Software This forum is for Software issues.
Having a problem installing a new program? Want to know which application is best for the job? Post your question in this forum.

Notices


Reply
  Search this Thread
Old 01-11-2015, 12:01 PM   #1
umbloaded
Member
 
Registered: Apr 2013
Posts: 38

Rep: Reputation: Disabled
tor sends browser headers


Hi, I've found out that tor sends my browser headers in the http requests instead of the exit node ones, is it possible to change this behaviour ?

Thanks
 
Old 01-11-2015, 03:10 PM   #2
cepheus11
Member
 
Registered: Nov 2010
Location: Germany
Distribution: Gentoo
Posts: 286

Rep: Reputation: 91
Tor operates only on the IP layer, application layer data is passed unmodified. HTTP headers belong to application layer. It is not in the scope of tor to do "deep packet inspection" and mangle data of higher layers, and the tor program does not have functionality for that. And the exit node does not run an own HTTP client.

It is your browser's responsibility to send headers from a large anonymity set, to keep you indistinguishable from many other internet users. If you set your browsers content language to english, and user agent to something often used, you should be fine.

Firefox addon for spoofing user agent: UAControl

Test how unique you appear: Panopticlick. The lower the number, the better.

Or you could run a local proxy which mangles HTTP headers.

Last edited by cepheus11; 01-14-2015 at 01:25 AM. Reason: clarification: panopticlick does not test anonymity in tor's sense, but uniqueness of browser behaviour among a large userset
 
Old 01-11-2015, 03:40 PM   #3
John VV
LQ Muse
 
Registered: Aug 2005
Location: A2 area Mi.
Posts: 17,629

Rep: Reputation: 2652Reputation: 2652Reputation: 2652Reputation: 2652Reputation: 2652Reputation: 2652Reputation: 2652Reputation: 2652Reputation: 2652Reputation: 2652Reputation: 2652
Why do you think that almost ALL!!!! plugins are DISABLED including
Flash
ALL video
iframe
and javascript
along with deleting ALL !!!! cookies and stopping all "stealth" cookies

this turns "tor-browser" into something you do NOT want to use for facebook
 
Old 01-13-2015, 03:41 PM   #4
273
LQ Addict
 
Registered: Dec 2011
Location: UK
Distribution: Debian Sid AMD64, Raspbian Wheezy, various VMs
Posts: 7,680

Rep: Reputation: 2373Reputation: 2373Reputation: 2373Reputation: 2373Reputation: 2373Reputation: 2373Reputation: 2373Reputation: 2373Reputation: 2373Reputation: 2373Reputation: 2373
Quote:
Originally Posted by John VV View Post
Why do you think that almost ALL!!!! plugins are DISABLED including
Flash
ALL video
iframe
and javascript
along with deleting ALL !!!! cookies and stopping all "stealth" cookies

this turns "tor-browser" into something you do NOT want to use for facebook
I notice that a lot of people do not realise this. I fear TOR is being used by many people who are gaining no anonymity whatsoever yet are losing out on bandwidth and functionality due to misunderstanding what TOR is and what it is for.
 
Old 01-13-2015, 10:07 PM   #5
John VV
LQ Muse
 
Registered: Aug 2005
Location: A2 area Mi.
Posts: 17,629

Rep: Reputation: 2652Reputation: 2652Reputation: 2652Reputation: 2652Reputation: 2652Reputation: 2652Reputation: 2652Reputation: 2652Reputation: 2652Reputation: 2652Reputation: 2652
this leaves us that have been on tor for many years to pick up the pieces
and MOVE to i2p

now if only the bundle auto set up nodes on the rote ends by default

at least we could get out of it a ton of slow exits ( all be it on the network ends)
hide in the masses


but even the bundle is NOT!!! secure
noscript ALLOWS ALL SCRIPTS by default
and you have to go into
Code:
about:config
to disable javascript
and manually disable iframes

Last edited by John VV; 01-13-2015 at 10:20 PM.
 
Old 01-14-2015, 01:22 AM   #6
cepheus11
Member
 
Registered: Nov 2010
Location: Germany
Distribution: Gentoo
Posts: 286

Rep: Reputation: 91
Quote:
Originally Posted by John VV View Post
pick up the pieces
and MOVE to i2p
This is an unjustified rant against tor. Tor is reasonable anonymous (nothing is 100% as always). How is i2p different from tor wrt application layer data like HTTP headers or HTTP cookies?
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Tor Browser ChrisAbela LQ Suggestions & Feedback 2 01-23-2014 09:34 AM
tor-browser question lleb Linux - General 4 10-27-2013 03:59 PM
Tor Bundle Browser stubborn Linux - Software 2 08-20-2013 05:33 PM
LXer: Tor Browser Bundle-Tor Goes Portable LXer Syndicated Linux News 1 09-02-2011 02:29 AM
Browser sends complete URL before SSL ? anon243 Linux - Security 2 04-10-2007 07:29 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Software

All times are GMT -5. The time now is 08:05 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration