Indeed. I wasn’t trying to argue otherwise. My reasoning is, if we can’t convince/stop people from doing this usecase then we could try and figure the least damaging way possible to enable it while mitigating TransPort leaks caused by unsupported apps.
PS. Second reply to my TPO discussion. Don’t know if it changes anything.
File sharing (emule style) / torrent doesn’t get better/worse by using
SocksPort vs HttpPort vs TransPort.
Only if we would be using TransPort IsolateDestAddr (which we don’t and
ought not to) then it would make sense to preinstall a torrent client
preconfigured to use a SocksPort without IsolateDestAddr.
Well, there would be a very small harm reduction for torrent users by
installing it by default and configuring it for stream isolation. Then
torrent users would not pollute their TransPort with it. But that would
come at the expense of higher Tor network torrent traffic if we
encourage torrenting by preinstalling one.
The global proxy will be set to Tor. But if you go for “add existing account”, then look under connection, it still defaults to Proxy none. Or if you go to new account and then click advanced the Proxy setting will also be set to none.
@patrick. gajim’s “tor” setting defaults to “localhost:9050.” shouldn’t this be set to “10.152.152.10:9152?” since tor messenger is discontinued, that already set port is usable.
btw, i’m running into perhaps a weird bug where various global preferences get reset for privacy upon either the creation of a new xmpp account or deletion of one. trying to isolate it further. i was leaning towards coyim for the guide i work on. but, the current inability to block events/messages from users that are not on a user’s contact list by default is making me reconsider. gajim has this functionality and the omemo support is tempting.
@hulahoop. i believe stream isolation is there. it simply requires a per account setting, rather than a global setting. i pointed the global proxy to tor. i created individual accounts and pointed them to the tor proxy. i configured the tor proxy to use 10.152.152.10:9152. transparent tcp and dns were disabled for the workstation on the gateway. it worked fine. am i missing something?
For manual configuration that should be ok. If you want to test more, disable the separate SocksPorts in Tor config also. If that account no longer works, there is a pretty good chance that things are alright indeed.
Feel free to enhance Instant Messenger Chat.
i’m now leaning towards using gajim for the instant messenger chapter in my own guide. so, when i wrap that up, if there’s anything useful to add to the wiki for gajim, i’ll do that. thank you, @patrick.
i’ve come up against a rather annoying bug in gajim at the moment. can anyone else give it a test to see if they can reproduce? i’ve disabled all of the logging options. however, when in an omemo encrypted chat, a hover over the shield icon states “your chat session will be logged.” however, from what i can tell, it does not actually appear to be logging the chat.
That was one of the problems IIRC. Instead of inheriting the global setting choice of Tor as proxy, the new accounts are oblivious to this and use the Transport by default. There is no way to configure all new accounts to be Tor aware.