No choice (general talk is closed), so I’m using the closest subforum. I still haven’t installed whonix[1].
Anybody knows how to download torbrowser via onion hidden service?
It used to be possible via:
I use vanguards, not for OR Tor, my Tor is not a relay or a server. I get 5-6 hops to internal or external destination. It’s way safer.
Because just three hops, the guard, the middle relay and exit node before the clear net… That’s not good enough.
That would download torbrowser, sure. But with a redirection.
Luckily, I did not click it. No way. I used:
torsocks curl
with that link as arg.
And it was “302 Found” redirection to clearnet usual address… Which means… I’m not going to say what it means…
Let me try see if I can post clearly what I got with curl, it’s HTML tags, so I probably need to convert the greater than and less then chars to HTML entities…
Yup! Clicking on that link gives you this same link clickable above.
Creators of hidden services do not want to use hidden services… No, they want that whoever downloads TorBrowser, goes through no more than three hops. Fullstop.
http://expyuzz4wqqyqhjn.onion/dist/torbrowser/9.5.4/tor-browser-linux64-9.5.4_en-US.tar.xz redirects to https://dist.torproject.org/torbrowser/9.5.4/tor-browser-linux64-9.5.4_en-US.tar.xz.
This is an issue indeed. But Whonix isn’t the cause of this issue. The Whonix project controls whonix.org. But the Whonix project does not control torproject.org / Tor Project onion. What happens with Tor Project server is entirely up to The Tor Project.
Therefore as per Self Support First Policy for Whonix the appropriate point of contact is The Tor Project (TPO). Please check if this bug has already been reported to TPO and if not please submit a bug report and leave a link here since this is interesting for Whonix too.
vanguards is enabled by default in Whonix. See:
Also please 1 topic = 1 forum threat. Not productive to mix vanguards with download of Tor Browser over onion.
Inside Whonix you won’t even need torsocks. That is automatically the case. See package uwt and Stream Isolation
Absolutely so. And no shadow is cast on Whonix because of that. I only complained about the fishy state of affairs there.
I see @torjunkie replied. I read your post where you link to Wikileaks for Amazon locations. Great! And sorry for digressing. I just often find good reads on Whonix web pages.
I really respect your work, guys.
Allow more time to such a slow adopter that I am!
I’m sorry. But no, it’s what is suspicious, of course, not on Whonix, but on… Well I said it in the post.
Closing this talk on that one threat, not two threats really, because for non-server Tor as well, Vanguards makes the hops 4, 5 even 6 or 7.
And it is fixed, stinking fixed, fishily fixed on 3 hops only if no Vanguards, and nothing like Vanguards can be deployed on Tor connections to clearnet. So…
Found this thread via search after I noticed that Tor Browser in my whonix-ws template was no longer getting updated via update-torbrowser with the message: http://rqef5a5mebgq46y5.onion could not be reached. Just to confirm, recommended workaround is simply to drop --onion, right?