[Tim Retout] > I think this idea is worth trying - even if secure apt prevents > someone putting fake packages onto your machine, this will stop > people seeing which software they need to find zero-day > vulnerabilities in. :)
Yeah. :) > What's the best apt mirror to use with tor? Maybe http.debian.net? > It's probably important to preserve anonymity that everyone uses the > same mirror. Either cdn.debian.net or http.debian.net I believe. I've had some problems using both from time to time, but I do not believe we have any better option. > I'm surprised that apt doesn't support SOCKS proxies directly - > random people on the internet seem to think that it does, but > there's no mention in apt's source code. Yeah. I asked for SOCKS support today in <URL: http://bugs.debian.org/744934 >. If someone got time to provide the C++ patch needed, I am sure it would be well received. > s/provixy/privoxy/ Thanks > Privoxy cannot proxy ftp traffic, according to its FAQ. You might > want to add https, but I don't think anyone uses that? Aha. On second thought, I believe it is better to put this functionallity in plinth, behind an option, instead of in freedombox-setup. The option should probably be enabled by default. The options for apt can be to use privoxy, and for privoxy to use tor. I would prefer to have one option for apt to use tor, but without SOCKS support, that is not trivial. An alternative which Nick mentioned on IRC today, is <URL: https://code.google.com/p/badvpn/wiki/tun2socks >. The idea is to not confiture apt and privoxy, but instead change the IP setup on the machine to send everything via tor. Perhaps a better option? But that package is not in Debian, as far as I know. -- Happy hacking Petter Reinholdtsen _______________________________________________ Freedombox-discuss mailing list Freedombox-discuss@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/freedombox-discuss