Best OpSec(?) for browsing/reading? [RSS]


Is there a generally accepted best practice for reading/browsing on whonix? Would using something like an RSS reader then opening up links in the TB be the best? That is, the best if one wants to use RSS feeds. Suggestions/recomendations appreciated.


Yes use Tor Browser only. We don’t know what cookies or tracking data RSS readers could be picking up. Also since it doesn’t have stream isolation it will leak to observers at the exit that one single person is reading all these sources which allows easier profiling.

As for opsec check out our wiki. A lot of good info on est practices have been written over time.



I’m hereby hijacking this thread to make it the official RSS documentation work-in-progress thread.

RSS readers have become a one-stop shop not just for downloading feeds and displaying web pages, but also for being able to process audio and video content contained in both feeds and pages. Generally speaking, this approach conflicts with our best practices of isolating data types to the respective tools best suited to protect privacy. To that end, RSS use should be limited to being a simple notification mechanism - that new content has been published at a specified link.

After some preliminary tinkering, my best solution is to use Thunderbird’s built-in “Feeds” account.

  • Thunderbird is included in Whonix and TorBirdy is preconfigured to socksify Thunderbird traffic.

  • While the feeds’ XML still needs to be parsed, Thunderbird can be configured to display only “Plain text”:
    Menu -> View -> Feed Message Body As -> Summary, Plain Text
    The following setting should also be changed so that opening (double-clicking) a message does not invoke the internal browser:
    Menu -> Message -> When Opening Feed Messages -> Open as Summary
    I was unable to override the internal browser with an option to launch an external browser when opening messages. (https://bugzilla.mozilla.org/show_bug.cgi?id=675510)
    These settings are clearly a workaround - it would have been preferable to disable the internal browser completely.

  • To open an item of interest, simply click the link. Thunderbird is preconfigured to open links in Tor Browser. (Qubes users can configure their machines to open Tor Browser in another VM.)

Open questions:

  • What exploits are possible while parsing the XML? Ideally, Thunderbird would ignore everything that doesn’t display as text.

  • What identifiers are provided by Thunderbird to the RSS host? What trackers are accepted by Thunderbird from the RSS host?

  • Confirm stream isolation is working as expected. TorBirdy (port 9102) has IsolateDestAddress & IsolateDestPort so we would expect one circuit per feed (assuming each feed has a unique host).

Other clients

  • Liferea does not support socks5 proxies (only http).

  • Quiterss successfully socksifies DNS and IP requests but I was unable (within 10 minutes) to prevent all non-text items from being downloaded / displayed.


Can agree with all you said! :slight_smile:


  • Liferea does not support socks5 proxies (only http).

And… Last time I checked it was webkit based and rendering lots of