Stream Isolation for Mullvad Browser on Whonix

How do I get stream isolation configured correctly for Mullvad browser? I’m not technical in this and I don’t know what is correct.

In the connection settings there are several options:
HTTP Proxy, HTTPS Proxy, SOCKS Host and toggle options for - Proxy DNS when using SOCKS v4, Proxy DNS when using SOCKS v5

Should I set 127.0.0.1:9050 to SOCKS Host? Or is it 127.0.0.1:9150? Neither seem to work. I don’t know which port to use.

1 Like

What’s the point?

Why not use Tor Browser which has much better stream isolation actually supported by developers?

1 Like

Some services are aggressive against Tor. For example, I registered to X.com and after trying to log back in on a new session, it refused to accept my login and responded with an error message.

I installed Mullvad Browser and was able to log in. X.com showed me a message that they refused my login because it came from a “suspicious location”. They only refuse logins if I’m using the Tor Browser.

So that’s the point.

1 Like

I don’t know if Mullvad Browser (MB) has this feature.

Tor Browser might have more fine grained stream isolation.

Quote Stream Isolation wiki page, chapter Tor Browser:

Tor Browser has a feature Tor Browser should set SOCKS username for a request based on first party domainarchive.org iconarchive.today icon. Tor Browser makes use of Tor’s IsolateSOCKSAuth option.

Configuring Firefox / Chromium based browsers to reliably use a proxy is difficult. That’s 1 reason why Tor Browser exists.

This is more of a MB question rather than Whonix question. You need to ask Mullvad about that. Hence, you’re asking in the wrong place.

Unspecific to Whonix.

Can be resolved as per:

That is the least complicated part of this issue. See:
How to mitigate identity correlation

I recommend to configure something other applications first for stream isolation as an exercise. Not a browser because that’s the hardest.

1 Like