Ive recently decided to try out so called “nested virtualization” as a way of running windows without any security sacrifices.
My problem is that any BitTorrent client i download from within whonix wont connect (Transmission&Deluge), all ports are supposedly closed?
Maybe this has something to do with the ports the Gateway is allowing but im not smart enough to work it out on my own so was hoping someone could help me out or point me in the correct direction because im a little lost.
How do i get the clients connected properly because their default state wont connect from within Whonix workstation?
Is there any additional information on how to actually configure a bit-torrent client within Whonix Workstation, so that it will connect and function properly? Aside from the general suggestion in the link above to limit torrenting activity to a minimum, what are the actual technical steps to make such a client work?
I have tried Deluge, Tixati, and qBittorrent, and none of them will connect under any circumstances to download even a small perfectly legal test file.
Can some technical instructions please be provided on how to enable these clients to work?
Okay, but keep in mind the link above entitled “File Sharing” only encourages users to restrict such activities to minimal usage, while stating that it can be effectively done when needed. Example, the Whonix files themselves are available as torrents, as are many other legitimate things like Debian, other open source packages etc. Why take a philosphical stance on this and completely prevent users from torrenting over Whonix as needed, instead of leaving it as a tool to be used by users at their own discretion? Operating System developers making forced decisions for end users (like Apple does) is one of the things the Free Software community generally objects to and dislikes.
“Whonix will keep your IP address hidden while you use BitTorrent and other file sharing and P2P programs. However, because the Tor network suffers from limited bandwidth shared among many users, please be aware of how much you are downloading and uploading with these programs”
This seems to suggest leaving it up to users to decide for themselves how much traffic is acceptable, but in actual fact they are completely prohibited and forbidden from doing any at all.
BitTorrent over Tor will never fully work, because Tor only supports TCP, while BitTorrent makes use of UDP as well.
DHT? Won’t work over Tor, it requires UDP.
Magnet links? Won’t work over Tor, it requires UDP.
UDP trackers? Won’t work over Tor, for obvious reasons.
However, if you have a torrent with functional HTTP trackers that do not block Tor exit nodes, BitTorrent will work that way, since HTTP works over TCP. Of course, others won’t be able to connect to you, but you will be able to connect to other peers and download from them, or even upload to them, if they will recuire data that you got, since TCP does data transfer in both directions.
Yes… I suppose/realize that it is more a question of BT clients and protocol just inherently not working very well over tor network, as you say above, and needing very special/strange configuration to get even partial functionality. Rather than deliberate disabling or sabotage of torrent connectivity within Whonix.
I can accept that, if it just isn’t feasible to make it work properly, and isn’t being prevented from working intentionally. It doesn’t matter that much anyway, as I wasn’t looking to do much torrenting through tor/whonix. I just needed a couple of large linux ISO files as a one-time thing, and still prefer to keep all of my traffic private/anonymous even though it is all totally legitimate.
I just ended up torrenting them via the host system instead of whonix, in the clear, so now my isp (maybe) knows I downloaded a couple of free linux images. No big deal.
greenwhonix is right. the issue you are likely dealing with is related to the majority of torrent trackers requiring a udp connection. since tor does not support udp, and the gateway forces everything over tor, simply installing a bittorrent client in the workstation and expecting it to function transparently will not work.
there are a number of technological measures you can employ to deal with this limitation inside the workstation. however, due to the fact that a sizeable portion of the tor community frowns upon bittorrent over tor, particularly due to the implications of piracy and the problems it causes for tor exit node operators in various locales, direct instructions on how to do it aren’t casually offered. the answer i’ve mor commonly experienced is “rtfm” which, i imagine, is to not hand out an easy paint by numbers approach for the unknowledgeable to simply download pirated movies or games.
however, the fact remains that it is doable. if you do it, please do it sparingly. torrent activity can cause a significant amount of bandwidth to be used up, which can harm the tor community at large. additionally, if you are planning to use it for piracy, understand that you are putting an exit node operator in the position to be harassed with copyright complaints, since it will be their ip address that is initially discovered. finally, understand that, due to the number of connections your client will make, among other factors, as a direct result of the nature of how the bittorrent technology operates, it has been speculated that downloading and sharing torrents over tor may make it much easier for various types of adversaries to break your anonymity.
No worries and thanks for the information, all. I was in a situation where the .ISO files I needed were on an incredibly slow http server and taking ages to download, but a torrent was also available and worth trying. Granted they were large and would have used some bandwidth if downloaded over tor, though certainly no one would have been harassed since they are completely libre files to begin with.
It did turn out to be much, much faster to get them via torrents over clearnet, than from the http server. I am just the type who likes to conceal all of my activity whenever possible, so thus why I asked.