[HOME] [DOWNLOAD] [DOCS] [NEWS] [SUPPORT] [TIPS] [ISSUES] [Priority Support]

Multiple Tor Browsers safe setup in Whonix


#1

How can I create multiples of Tor Browser (AnonDist)? The Tor Browser Downloader (AnonDist) only offers an upgrade.

I assume using the Tor Browser (AnonDist) that gets installed by Tor Browser Downloader (AnonDist) is better than using a manually downloaded Tor Browser from https://torproject.org. Please correct me if I’m wrong.
BTW: what is AnonDist supposed to mean, why not just replace it with Whonix?

Does not using multiple Tor Browsers at the same time simplify things so the following steps from the link above can be omitted:

  • Use a different SocksPort
  • Change/Remove Proxy Settings

I would then only want to use different directories for the different browers.


#2

Follow the instructions to manually download Tor Browser.

Tor Browser installed in Whonix has no modifications to any files in the Tor Browser folder. There are only a few enviornmental variable changes.

https://www.whonix.org/wiki/Tor_Browser#Whonix_Tor_Browser_Differences

https://trac.torproject.org/projects/tor/ticket/19652

The stream isolation page explains why different SocksPorts should be used

To better separate different contextual identities, users should consider starting multiple Tor Browser instances and running them through different SocksPorts


#3

I still don’t know how to set this up.

https://www.whonix.org/wiki/Advanced_Security_Guide#Multiple_Tor_Browser_Instances says to look at https://www.whonix.org/wiki/Tor_Browser#Change.2FRemove_Proxy_Settings which is in a section called unsafe tor browsers habits. If I ignore that I find in a single line titled ‘Proxy Settings’ one broken link, which I assume should point to https://www.whonix.org/wiki/Tor_Browser/Advanced_Users#Proxy_Settings. This page isn’t a guide for configuring socks ports, but it says that stream isolation will break when removing or changing proxy settings. Not what I’m looking for I guess?

Back to the firstmost link which says that Tor Browser must be extracted into a different directory and a different SocksPort must be used. Then mentioned are SocksPorts ‘without IsolateDestAddr’ and ‘without IsolateDestPort’. SocksPorts aren’t numbers? Given next are some numbers: 9153 to 9159. Lastly noted is https://www.whonix.org/wiki/Stream_Isolation where I can see that Tor Browser is configured to use port 9150. Below at ‘How to mitigate identity correlation’ are again mentioned ‘without IsolateDestAddr’ and ‘without IsolateDestPort’. It says unless you know better, you’re usually better off not using them. Whonix-Gateway is also named, so now I’m not even sure in which VM I should be making changes anymore. It also says to look at the Tor manual where I learn IsolateDestAddr and IsolateDestPort are options for not sharing circuits. Further below on this page are notes on how to deactivate stream isolation. From this point on I don’t know where to look, much less how to proceed.

If Tor Browser must be downloaded manually for using more than one browser then is there a purpose to Tor Browser Downloader (AnonDist) beyond downloading Tor Browser the first time and updating that same one browser?


Long Wiki Edits Thread
#4

AnonDist may have been used to allow upstreaming / sharing with other privacy projects. Likelihood of that seems rather low. I agree it would be less confusing to replace AnonDist with Whonix.

No.


These instructions are for Whonix-13 running under VirtualBox. I’m not up to speed on Whonix-14 and those who do know are busy getting Whonix-14 released.

! As stated in wiki, using multiple workstations to separate identities is preferable to using multiple tor browsers. Also better not to use both TBB at same time.

  1. Get latest stable TBB from torproject.org and extract to a new folder in your home directory.

  2. To enable stream isolation, go to Menu -> Preferences -> Advanced -> Network -> Settings

As you said, port can be any number from 9153 to 9159.


#5

Hi clockworld

I forgot to thank you for reporting the broken link. It will be fixed shortly thanks to your report!


#6

Not sure that’s still working now that Tor Browser is using SocksSocket.

In future Tor Browser will no longer have TCP, meaning SocksSocket only.

So multiple Tor Browser within the same VM… Doing it right (keeping SocksSocket) is currently undocumented. Would require creating another SocksSocket redirection (anon-gw-disable-stacked-tor) and changing the environment variable using a small Tor Browser startup script.


#7

Undocumented for Whonix 13 or 14 or both? Is this SocksSocket a longterm Tor Browser thing, so whatever platform Tor Browser is run on, a safe multiple Tor browser setup isn’t currently viable and won’t be in the future?

Please confirm, because if that’s the case then the only safe option now is using multiple workstations or using separately maintained VM snapshots in one workstation. Which of the two would be recommended for greater simplicity of use?


#8

clockworld:

Undocumented for Whonix 13 or 14 or both?

Yes.

Is this SocksSocket a longterm Tor Browser thing, so whatever platform Tor Browser is run on,

a safe multiple Tor browser setup isn’t currently viable and won’t be in the future?

Just needs figuring out, documentation. Not too hard.

Please confirm, because if that’s the case then the only safe option now is using multiple workstations.

If you want to run them at the same time, yes.


#9

I don’t need to run them at the same time. So are there other options apart from separate Workstations or using an undocumented setup? Before I thought you clearly said no, but now there’s an if.


#10

Now

If you were planning on running more than one Tor Browser at the same time to seperate your conceptual identities. Otherwise, running at least 2 Whonix-Workstations simultaneously would be needed ( to seperate identities). No?

Based on the information you’ve given, using multiple Workstations is recommended for simplicity


#11

Just tested with Tor Browser 7.5.3 (Qubes 3.2 / Whonix 13). Still works. (Confirmed port usage in Gateway).

@clockworld Follow my instructions above if you want multiple Tor Browsers. (Also, “undocumented” means that it’s not written down in the wiki - not that it’s inherently dangerous or leaky.)


#12

Misunderstanding? Both quotes say not at the same time. Glad to help with the broken link.

@entr0py Thanks for checking that. No documentation is not a problem when configuring something, but in knowing if it is secure.

Thanks everyone! To safely use multiple Tor Browsers in Whonix you can either configure them as entr0py described or use separate workstations.


#13

Yes

Assumed you were considering using the multiple Workstation method in lieu of multiple Tor Browsers i.e. running 1 Tor Browser in each workstation.

Glad to hear you have multiple Tor Browsers up and running!


#14

I think the problem more broadly is insisting on using multiple Tor Browsers at the same time, which mainly seems like a gimmick and risking confusion about what activity should be done in which browser.

How often is this really necessary?

The wiki also talks about preferably doing one single instance of anonymous (hopefully) activity, shutting down the Workstation (anon-whonix AppVM), rotating circuits and engaging in the next bout of anonymous activity from the Workstation after a random period of time has elapsed (or even rebooting the gateway entirely beforehand). Even better if one is not running multiple tabs within a single Tor Browser session.

The wiki also talks about having clean snapshots (or AppVMs) for activities & creating special snapshots (or AppVMs) that are only used for special activities e.g. onionshare etc.

What comes out in the docs consistently is that simplicity is next to godliness for maintaining security/anonymity in general and it is user practices/preferences outside of that paradigm that lead to disasters.

That said, users should not be artificially constrained in their choices. Also, those instructions are confusing as it stands in the Tor Browser entry and there are broken/circular links there.

If entropy’s stuff is working nicely, then it would be ideal to use his snapshot in the docs, and fix the steps, because the wiki is currently inadequate in describing this. Nudge, nudge, wink wink @0brand (although over-worked, underpaid, and underappreciated already) :wink:


Long Wiki Edits Thread
#15

Go-Go-Gadget pocket notebook!

TODO

Great minds think alike re: entr0py snapshots

We’ll have the wiki updated in no time at all :slightly_smiling_face: