Jump to: navigation, search


Add FoxyProxy to Tor Browser in Whonix.

Warning: Installing FoxyProxy worsens the user's browser fingerprint and adversely affects anonymity since it is not a default Tor Browser add-on. The Tor Project's anonymity warning is explicit: [1]

Can I install other Firefox extensions?

Tor Browser is free software, so there is nothing preventing you from modifying it any way you like. However, we do not recommend installing any additional Firefox add-ons with Tor Browser. Add-ons can break your anonymity in a number of ways, including browser fingerprinting and bypassing proxy settings.

When using a browser and FoxyProxy in combination, a user's web fingerprint becomes more unique. The potential fingerprinting harm to user anonymity depends on how many others are running Tor Browser in conjunction with FoxyProxy.

This configuration is so specialized that probably very few are doing it, reducing the user pool to a small subset. Due to the risk, this approach is generally recommended against. If a user decides to proceed anyhow, the tunnel configuration should not be combined with any browser other than Tor Browser (like Firefox or Chrome), due to an even greater browser fingerprinting risk.

This warning equally applies to configurations such as Tor Browser and I2P, or Tor Browser and remote (http(s)/socks4/5) proxies.

To install FoxyProxy, follow these steps in the Whonix-Workstation (Qubes-Whonix: Whonix-Workstation AppVM). [2] [3]

Make the tbb-foxyproxy config file available to Tor Browser. [4] [5]

cp /usr/share/usability-misc/tbb-foxyproxy/foxyproxy.xml /home/user/.tb/tor-browser/Browser/TorBrowser/Data/Browser/profile.default/

Navigate to addons.mozilla.org.

Tor Browser Menu -> Tools -> Add-ons

Download and install the FoxyProxy add-on. [6]

Search: "foxyproxy" -> Install: FoxyProxy Standard

Restart Tor Browser.

When prompted, select Restart now.

After restart, the FoxyProxy icon should appear in the Tor Browser toolbar and be enabled. Check you can interact with it and change proxy settings as required.

To reverse this procedure and restore the default Tor Browser fingerprint:

  • Non-Qubes-Whonix: It is best to use a VM snapshot taken before installing the add-on.
  • Qubes-Whonix: FoxyProxy should be installed to a specific Whonix-Workstation AppVM set up for proxy purposes. The AppVM can be discarded at leisure.

If Non-Qubes-Whonix users did not take a snapshot prior to these changes, Tor Browser can be downloaded again. Alternatively, FoxyProxy can be removed via the about:addons -> Extensions menu.

Tor Browser will soon ship with sandboxing on an opt-in basis. Unfortunately, the initial sandbox versions are incompatible with this configuration and it must not be enabled. [7] Users with AppArmor enabled may see Tor Browser profile warning messages. These messages can be safely ignored, since they do not prevent FoxyProxy functioning at this time.

For further technical discussion of FoxyProxy, see the Whonix forum.

  1. https://www.torproject.org/docs/faq.html.en
  2. The following instructions have been tested as functional in Tor Browser versions 6.5, 7.0a1 and 7.0a2 "hardened". https://lists.torproject.org/pipermail/tbb-dev/2017-February/000471.html
  3. Some users report xpinstall.signatures.required needs to be disabled in Tor Browser about:config settings to enable FoxyProxy, when it is installed from the Debian repository. This workaround is not required when installing FoxyProxy from addons.mozilla.org. https://forums.whonix.org/t/new-version-of-tbb-no-longer-accepts-foxyproxy-plugin
  4. https://github.com/Whonix/usability-misc
  5. https://github.com/Whonix/usability-misc/blob/master/usr/share/usability-misc/tbb-foxyproxy/foxyproxy.xml
  6. This procedure is safe. Since Firefox 43, all add-ons on Mozilla's servers are signed and verified. https://wiki.mozilla.org/Add-ons/Extension_Signing
  7. https://lists.torproject.org/pipermail/tor-dev/2016-December/011733.html