Actions

Dev/Flash Proxy

From Whonix

< Dev


Flash Proxy[edit]

Flashproxy has been removed from Tor Browser. Therefore it can be considered deprecated.

Credits: anonym on tails-dev wrote some things about Flash Proxy. These have been adapted for Whonix ™. [1]

  • Each flashproxy client requires a listening port on the open Internet. That's something we've never had in Whonix ™ before, neither by default or through some options (our firewall even blocks it). That enables fingerprintability when scanning the ports of a Whonix ™ host.
  • Listening on a port like that also increases the attack surface dramatically; before this, no random host could try to attack Whonix ™ by connecting to it -- the Whonix ™ host had to (some how) connect to them first. So, yeah, these two things are quite contradictory.
  • The above point also raises some practical issues: in order to listen on an Internet-exposed port, the user must either use IPv6 (which is not served by all ISPs, and is unsupported/disabled by default in many routers in use) or, in the case of IPv4, set up port-forwarding (since most people are behind NAT). This limits the usefulness of flashproxy.
  • The flashproxy client requires a direct connection to gmail.com, which I feel a bit uncomfortable with for a number of reasons. Currently Whonix ™ only "speaks Tor" outwards, i.e. it communicates directly only with the Tor network or Tor bridges (exceptions: unsafe user on Whonix-Gateway ™ (e.g. for physical isolation users and captive portal login).
  • Bridges#flashproxy
  • forum discussion

Snowflake[edit]

Soon to replace flashproxy. It uses WebRTC peers to solve NAT connection problems.

References[edit]

  1. https://mailman.boum.org/pipermail/tails-dev/2013-June/003127.html

No user support in comments. See Support. Comments will be deleted after some time. Specifically after comments have been addressed in form of wiki enhancements. See Wiki Comments Policy.


Add your comment
Whonix welcomes all comments. If you do not want to be anonymous, register or log in. It is free.

Random News:

Please contribute by helping to answer Whonix questions.

https | (forcing) onion

Follow: Twitter | Facebook | gab.ai | Stay Tuned | Whonix News

Share: Twitter | Facebook

This is a wiki. Want to improve this page? Help is welcome and volunteer contributions are happily considered! Read, understand and agree to Conditions for Contributions to Whonix ™, then Edit! Edits are held for moderation.

Copyright (C) 2012 - 2019 ENCRYPTED SUPPORT LP. Whonix ™ is a trademark. Whonix ™ is a licensee of the Open Invention Network. Unless otherwise noted, the content of this page is copyrighted and licensed under the same Freedom Software license as Whonix ™ itself. (Why?)

Whonix ™ is a derivative of and not affiliated with Debian. Debian is a registered trademark owned by Software in the Public Interest, Inc.

Whonix ™ is produced independently from the Tor® anonymity software and carries no guarantee from The Tor Project about quality, suitability or anything else.

By using our website, you acknowledge that you have read, understood and agreed to our Privacy Policy, Cookie Policy, Terms of Service, and E-Sign Consent. Whonix ™ is provided by ENCRYPTED SUPPORT LP. See Imprint.

Retrieved from "https://www.whonix.org/w/index.php?title=Dev/Flash_Proxy&oldid=46785"