when I download files in TOR with some websites the download fails after a while. In the TOR download manager you can click the little circular-arrow “Retry” icon and it will resume downloading from where it left (and not from the beginning of the file). However often I would have to press that icon 10 to 100 times for bigger files to finish.
I could make those downloads outside of Whonix/TOR since it is nothing security related - however I switched a while back entirely to Whonix and this is one of the main problems I am still having.
My questions:
is failing downloads generally a bad sign and a possible attempt for deanonymisation? The problem is not on my end. I don’t know why the download fails, but I assume it is the server who closes it somehow (can I debug this?)
I think there is no add-on (since the Firefox API doesn’t offer it) to auto-resume failed downloads automatically. What is the preferred way to work around this problem? Use something like CURL for download - or does this make fingerprinting super easy?
Alternatively one could install Chromium (since auto-resume add-ons exist). However I guess this would also make fingerprinting easier and add a whole level of possible attack vectors (flatpak, Chromium, the add-on itself, etc.)
I am not aware into any research of this. curl is far less complex than Tor Browser. I would be surprised if fingerprinting curl is easier than Firefox / Tor Browser which has far more fingerprinting surface.
Well, 99.9% of users in the TOR network, use the TOR browser. Using scurl or anything else but the TOR browser would make one stick out like a sore thumb, no? Doesn’t curl also send something like a 'user-agent- signature? For TOR browser the user-agents are all identical. I don’t assume curl would imitate TOR browser, right?