Flash Proxy[edit]

Flashproxy has been removed from Tor Browser. Therefore it can be considered deprecated.

Credits: anonym on tails-dev wrote some things about Flash Proxy. These have been adapted for Whonix ™. ^[1]

• Each flashproxy client requires a listening port on the open Internet. That's something we've never had in Whonix ™ before, neither by default or through some options (our firewall even blocks it). That enables fingerprintability when scanning the ports of a Whonix ™ host.
• Listening on a port like that also increases the attack surface dramatically; before this, no random host could try to attack Whonix ™ by connecting to it -- the Whonix ™ host had to (some how) connect to them first. So, yeah, these two things are quite contradictory.
• The above point also raises some practical issues: in order to listen on an Internet-exposed port, the user must either use IPv6 (which is not served by all ISPs, and is unsupported/disabled by default in many routers in use) or, in the case of IPv4, set up port-forwarding (since most people are behind NAT). This limits the usefulness of flashproxy.
• The flashproxy client requires a direct connection to gmail.com, which I feel a bit uncomfortable with for a number of reasons. Currently Whonix ™ only "speaks Tor" outwards, i.e. it communicates directly only with the Tor network or Tor bridges (exceptions: unsafe user on Whonix-Gateway ™ (e.g. for physical isolation users and captive portal login).
• Bridges#flashproxy
• forum discussion

Snowflake[edit]

Soon to replace flashproxy. It uses WebRTC peers to solve NAT connection problems.

• https://lists.torproject.org/pipermail/tor-dev/2016-January/010319.html
• https://trac.torproject.org/projects/tor/wiki/doc/Snowflake

References[edit]

No comments for now due to spam. Use Whonix forums instead.

https | (forcing) onion