See you mostly fixed it already. +1
No problem. See you’re busy. Seeing this one still:
Lua error in package.lua at line 80: module ‘Module:Namespace detect/data’ not found.
On lovely mboxes here and there still e.g. Email page.
The rest is generally looking much better with upgrades. No doubt various security fixes too.
Could you please add to documentation and elsewhere where you see fit?
Anyone come up with better ideas for naming Tor Browser without Tor. Almost finished writing Qubes doc enhancement. It would be good to at least append something to the name.
Tor Browser without Tor (Security focused clearnet browser)
Tor Browser without Tor (Hardened clearnet browser )
Thanks for doing this, a refresh is a good idea. A scientific approach to repopulation might be: If forum comments on a solitary thread related to a reasonable FAQ issue >= 25 (30?) and comments are not just ignorant trolling (or related to existing entries), then seriously consider a new entry.
Doesn’t have to be war and peace. Some distro FAQ entries are a few lines and to the point. Otherwise the FAQ will become obese in size again later on.
Tails FAQ can be an inspriation - brief, pretty and relevant.
https://tails.boum.org/support/faq/index.en.html
Hi 0brand,
Thanks for your work on this. I agree that “…without Tor” thing doesn’t look good.
I like the naming ideas. The only issue with “clearnet browser” might be the fact Tor Browser is not evident in the title i.e. some might confuse with another browser (?) when skimming the ToC.
How about “Clearnet Tor Browser”?
I was thinking of something along the lines of https://www.qubes-os.org/doc/#privacy-guides
Specifically, the subheading “Reducing the fingerprint of the text-based web browser w3m”. The title gives that name of the app and a little information on the purpose of the tutorial. We could could do something similar with Tor Browser without Tor? Meaning "Tor Browser without Tor…something…something"
Would that work? Any ideas?
without Tor sounds bad indeed. Sounds like something is missing. I’d drop the whole part before the parentheses, drop the parentheses.
Issue is “clearnet” is a not well defined term to begin with and unpopular outside the Tor sphere.
https://www.whonix.org/wiki/FAQ
Ideas:
Bonus point if we find an acronym which is still unused on the internet (which may be challenging).
What about creating a Clearnet Template and adding where needed.
For starters an entry could be added…
Have to brainstorm while Im finishing up.
I’m a bit late but something like SecBrowser has a nice ring to it.
A post was merged into an existing topic: TODO research and document - How to use Tor Browser for security not anonymity? How to use TBB using clearnet?
That’s really the question. Let’s redirect that question here.
With the exception of changing the name, the Tor Browser without Tor Qubes documentation enhancement is completed. Could anyone please review this before I make the pull request? I put it in a README.md temporary.
Migrated “What is Clearnet?” to a template.
https://whonix.org/wiki/Template:What_is_Clearnet
And added to https://whonix.org/w/index.php?title=DoNot&oldid=48093&diff=cur
I’ll add it to Tor Browser without Tor once I get that page cleaned up.
Dunno if Qubes wiki supports footnotes. Never seen.
Tor Browser without TorTor Browser
Looks strange.
is a fork of the Mozilla Firefox web browser with patches that enhance both security and privacy. It routes all traffic through the Tor network to conceal a users and usage from anyone conducting network surveillance or traffic analysis. Using Tor makes it very difficult to trace Internet activity to the user: this includes "visits to Web sites, online posts, instant messages, and other communication forms.[1]
But it is also possible (and easy!) to use Tor Browser without Tor and take advantage of its excellent enhancements for reducing linkability, which is, “the ability for a user’s activity on one site to be linked with their activity on another site without their knowledge or explicit consent.”[2] Even without routing traffic over the Tor network, Tor Browser offers better protection from online tracking than Firefox, Google Chrome/Chromium or Microsoft Edge, especially against fingerprinting, without any customization necessary.[3]
Could you please swap that? First say, what it really is. Not mentioning Tor. Better for attention. Then later say, that it is based on Tor Browser which gets reconfigured.
Privacy and Security Focused Browser
Would suggest to drop privacy from title only. Those who wants privacy would look into Whonix, I suppose. However, security focused browser is a strong thing. Privacy could be mentioned last since kinda the weaker argument, more of a bonus for that user group.
qubes-core-agent (git master) depends on apt-transport-https. Default installed package already? Therefore possible in Qubes to use https by default? Qubes repos also https by default nowadays anyhow?
--clearnet
Perhaps better to use config option tb_clearnet=true so users don’t have to remember using --clearnet all the time?
While tb-updater package Recommends: tb-starter package, this isn’t reliable if someone only installed tb-updater.
sudo apt-get install tb-updater
sudo apt-get install tb-updater tb-starter
Not sure if also worth mentioning https://github.com/Whonix/tb-default-browser or leaving that open for further enhancement.
This is very nice! Well done. 
What do you think of HulaHoop’s SecBrowser name? Looks pretty catchy.
Suggestions
It routes all traffic through the Tor network to conceal a users and usage from anyone conducting network surveillance or traffic analysis.
Reword “users and usage” section to clarify.
Missing quotation on first paragraph, last line.
Selfrando is being deprecated. I footnoted that on the Hardening List page or Tor Browser page somewhere (the Tor bug referencing it). Also the devs opine that they don’t believe it offers much more protection, hence why it will be gone shortly.
So, I’d remove that or footnote it for posterity.
You might footnote somewhere that users could manually attempt to make a ton of about:config changes, install specific add-ons etc to try and approach Tor Browser sec level, but a) waste of time & b) unlikely to get the refined benefit of devs who know what they are doing
Security Slider bullet point
attack you security -> attack your security
Then tb-updater can be downloaded and verify in the TemplateVM. ->
Then tb-updater can be downloaded and verified in the TemplateVM.
Steps 1 to 9, there are a bunch of periods missing at the end of sentences.
keys -> key’s
If you prefer to disable this feature open tb_without_tor_settings.js in an editor as previously shown.
I would repeat the one line step to protect against user error here.
Whonix developers focus their efforts on an ->
Whonix developers focus their efforts on
(more conventional IMO)
Can is use the --clearnet switch ->
Can I use the --clearnet switch
Yes, but this could degrade security and privacy. See; Normalizing Tor Browser behavior. ->
Yes, but this could degrade security and privacy, see: Normalizing Tor Browser behavior.
Yes, all the customization thing could go to a separate wiki page? Otherwise it makes this beautiful thing look more difficult that it is.
sudo gedit /usr/share/tb-updater/tb_without_tor_settings.js
This file will get overwritten on tb-starter package upgrade. Nothing against it since that works for newly created AppVMs if keeping that in mind.
Editing ~/.tb//Browser/TorBrowser/Data/Browser/profile.default/user.js might be better, but that is AppVM specific.
The current code is this:
if diff /usr/share/tb-updater/tb_without_tor_settings.js "$tb_browser_folder/Browser/TorBrowser/Data/Browser/profile.default/user.js" >/dev/null 2>&1 ; then
true "our version exists"
elif test -f "$tb_browser_folder/Browser/TorBrowser/Data/Browser/profile.default/user.js" ; then
true "some version exists"
else
cp /usr/share/tb-updater/tb_without_tor_settings.js "$tb_browser_folder/Browser/TorBrowser/Data/Browser/profile.default/user.js"
fi
In other words, if the our version of user.js or some version already exists in home folder, we won’t overwrite. But if no version of user.js exists yet we will copy our version there.
Variables are currently not supported. But would be easy to add in case /usr/share/tb-updater/tb_without_tor_settings.js is too limited / a nuisance for customization. By using a variable users could point away from /usr/share/tb-updater/tb_without_tor_settings.js to their own settings.js file somewhere.
HulaHoop via Whonix Forum:
Ca we run the mediawiki extension that check for dead links and replaces them with their offline archived versions form archive.org?
Which one would that be?
See also:
There’s another besides this that scans for broken links but it is maintained and not expected to work with newer mediawiki versions.