Dev/Flash Proxy
< Dev
Contents
Flash Proxy[edit]
Flashproxy has been removed from Tor Browser. Therefore it can be considered deprecated.
Credits: anonym on tails-dev wrote some things about Flash Proxy. These have been adapted for Whonix. [1]
- Each flashproxy client requires a listening port on the open Internet. That's something we've never had in Whonix before, neither by default or through some options (our firewall even blocks it). That enables fingerprintability when scanning the ports of a Whonix host.
- Listening on a port like that also increases the attack surface dramatically; before this, no random host could try to attack Whonix by connecting to it -- the Whonix host had to (some how) connect to them first. So, yeah, these two things are quite contradictory.
- The above point also raises some practical issues: in order to listen on an Internet-exposed port, the user must either use IPv6 (which is not served by all ISPs, and is unsupported/disabled by default in many routers in use) or, in the case of IPv4, set up port-forwarding (since most people are behind NAT). This limits the usefulness of flashproxy.
- The flashproxy client requires a direct connection to gmail.com, which I feel a bit uncomfortable with for a number of reasons. Currently Whonix only "speaks Tor" outwards, i.e. it communicates directly only with the Tor network or Tor bridges (exceptions: unsafe user on Whonix-Gateawy (e.g. for physical isolation users and captive portal login).
- Bridges#flashproxy
- forum discussion
Snowflake[edit]
Soon to replace flashproxy. It uses WebRTC peers to solve NAT connection problems.
- https://lists.torproject.org/pipermail/tor-dev/2016-January/010319.html
- https://trac.torproject.org/projects/tor/wiki/doc/Snowflake
References[edit]
Want to get involved with Whonix? Check out our Contribute page.
This is a wiki. Want to improve this page? Help is welcome and volunteer contributions are happily considered! See Conditions for Contributions to Whonix, then Edit! IP addresses are scrubbed, but editing over Tor is recommended. Edits are held for moderation.
Whonix is a licensee of the Open Invention Network. Unless otherwise noted, the content of this page is copyrighted and licensed under the same Libre Software license as Whonix itself. (Why?)