Actions

Dev/Flash Proxy

From Whonix

< Dev



Flash Proxy[edit]

Flashproxy has been removed from Tor Browser. [archive] Therefore it can be considered deprecated.

Credits: anonym on tails-dev wrote some things about Flash Proxy. These have been adapted for Whonix ™. [1]

  • Each flashproxy client requires a listening port on the open Internet. That's something we've never had in Whonix ™ before, neither by default or through some options (our firewall even blocks it). That enables fingerprintability when scanning the ports of a Whonix ™ host.
  • Listening on a port like that also increases the attack surface dramatically; before this, no random host could try to attack Whonix ™ by connecting to it -- the Whonix ™ host had to (some how) connect to them first. So, yeah, these two things are quite contradictory.
  • The above point also raises some practical issues: in order to listen on an Internet-exposed port, the user must either use IPv6 (which is not served by all ISPs, and is unsupported/disabled by default in many routers in use) or, in the case of IPv4, set up port-forwarding (since most people are behind NAT). This limits the usefulness of flashproxy.
  • The flashproxy client requires a direct connection to gmail.com, which I feel a bit uncomfortable with for a number of reasons. Currently Whonix ™ only "speaks Tor" outwards, i.e. it communicates directly only with the Tor network or Tor bridges (exceptions: unsafe user on Whonix-Gateway ™ (e.g. for physical isolation users and captive portal login).
  • Bridges#flashproxy
  • forum discussion [archive]

Snowflake[edit]

Soon to replace flashproxy. It uses WebRTC peers to solve NAT connection problems.

References[edit]



Follow: Twitter.png Facebook.png 1280px-Gab text logo.svg.png Rss.png Matrix logo.svg.png 1024px-Telegram 2019 Logo.svg.png Discourse logo.svg

Donate: Donate Bank Wire Paypal Bitcoin accepted here Monero accepted here Contriute

Whonix donate bitcoin.png Monero donate whonix.png

Share: Twitter | Facebook

Please consider a recurring donation [archive]!

https [archive] | (forcing) onion [archive]

This is a wiki. Want to improve this page? Help is welcome and volunteer contributions are happily considered! Read, understand and agree to Conditions for Contributions to Whonix ™, then Edit! Edits are held for moderation.

Copyright (C) 2012 - 2019 ENCRYPTED SUPPORT LP. Whonix ™ is a trademark. Whonix ™ is a licensee [archive] of the Open Invention Network [archive]. Unless otherwise noted, the content of this page is copyrighted and licensed under the same Freedom Software license as Whonix ™ itself. (Why?)

Whonix ™ is a derivative of and not affiliated with Debian [archive]. Debian is a registered trademark [archive] owned by Software in the Public Interest, Inc [archive].

Whonix ™ is produced independently from the Tor® [archive] anonymity software and carries no guarantee from The Tor Project [archive] about quality, suitability or anything else.

By using our website, you acknowledge that you have read, understood and agreed to our Privacy Policy, Cookie Policy, Terms of Service, and E-Sign Consent. Whonix ™ is provided by ENCRYPTED SUPPORT LP. See Imprint.