Delivery-Date: Sun, 12 Apr 2015 01:02:56 -0400
Return-Path: <tor-talk-bounces@lists.torproject.org>
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on moria.seul.org
X-Spam-Level: 
X-Spam-Status: No, score=-4.1 required=5.0 tests=BAYES_00,DKIM_SIGNED,
	RCVD_IN_DNSWL_MED,T_DKIM_INVALID,T_RP_MATCHES_RCVD,UNPARSEABLE_RELAY
	autolearn=ham version=3.3.1
X-Original-To: archiver@seul.org
Delivered-To: archiver@seul.org
Received: from eugeni.torproject.org (eugeni.torproject.org [38.229.72.13])
	(using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by khazad-dum.seul.org (Postfix) with ESMTPS id E6A0E1E0C06
	for <archiver@seul.org>; Sun, 12 Apr 2015 01:02:53 -0400 (EDT)
Received: from eugeni.torproject.org (localhost [127.0.0.1])
	by eugeni.torproject.org (Postfix) with ESMTP id 5777834BAB;
	Sun, 12 Apr 2015 05:02:49 +0000 (UTC)
Received: from localhost (localhost [127.0.0.1])
 by eugeni.torproject.org (Postfix) with ESMTP id 457AF2377A
 for <tor-talk@lists.torproject.org>; Sun, 12 Apr 2015 05:02:45 +0000 (UTC)
X-Virus-Scanned: Debian amavisd-new at 
Received: from eugeni.torproject.org ([127.0.0.1])
 by localhost (eugeni.torproject.org [127.0.0.1]) (amavisd-new, port 10024)
 with ESMTP id Oti0PWsbETyc for <tor-talk@lists.torproject.org>;
 Sun, 12 Apr 2015 05:02:45 +0000 (UTC)
Received: from mx1.riseup.net (mx1.riseup.net [198.252.153.129])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (Client CN "*.riseup.net",
 Issuer "COMODO RSA Domain Validation Secure Server CA" (not verified))
 by eugeni.torproject.org (Postfix) with ESMTPS id 1ECCF21423
 for <tor-talk@lists.torproject.org>; Sun, 12 Apr 2015 05:02:45 +0000 (UTC)
Received: from plantcutter.riseup.net (plantcutter-pn.riseup.net [10.0.1.121])
 (using TLSv1 with cipher ECDHE-RSA-AES256-SHA (256/256 bits))
 (Client CN "*.riseup.net",
 Issuer "COMODO RSA Domain Validation Secure Server CA" (verified OK))
 by mx1.riseup.net (Postfix) with ESMTPS id 3E2F441037
 for <tor-talk@lists.torproject.org>; Sun, 12 Apr 2015 05:02:42 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=riseup.net; s=squak;
 t=1428814962; bh=Nsoj2HH24VDApXGMx/WGU+ON2L5uf3z++q7cp7ntKN0=;
 h=Date:From:To:Subject:References:In-Reply-To:From;
 b=RGj153KTVXJosTPU5asz4feRy/3b55docUDxfS+8JneDtDGjFcSWI907/R0Ypakfu
 tKVlUZdHSPvn89znOT/JnI+os6mpXJ8Uh879BXhjZUe4h+I9hqcWSOlUvMpC1VGokC
 tDO7PKWIi0VhlSjNWsCqid88unJs2U2nQAhrS4yg=
Received: from [127.0.0.1] (localhost [127.0.0.1])
 (Authenticated sender: mirimir) with ESMTPSA id 546E922107
Message-ID: <5529FC73.8070600@riseup.net>
Date: Sat, 11 Apr 2015 23:02:43 -0600
From: Mirimir <mirimir@riseup.net>
User-Agent: Mozilla/5.0 (X11; Linux x86_64;
 rv:31.0) Gecko/20100101 Thunderbird/31.6.0
MIME-Version: 1.0
To: tor-talk@lists.torproject.org
References: <54E36CA2.9040504@mykolab.com> <5529BA28.30909@rawbw.com>
In-Reply-To: <5529BA28.30909@rawbw.com>
X-Virus-Scanned: clamav-milter 0.98.6 at mx1
X-Virus-Status: Clean
Subject: Re: [tor-talk] [tor-dev] Porting Tor Browser to the BSDs
X-BeenThere: tor-talk@lists.torproject.org
X-Mailman-Version: 2.1.15
Precedence: list
Reply-To: tor-talk@lists.torproject.org
List-Id: "all discussion about theory, design,
 and development of Onion Routing" <tor-talk.lists.torproject.org>
List-Unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-talk>, 
 <mailto:tor-talk-request@lists.torproject.org?subject=unsubscribe>
List-Archive: <http://lists.torproject.org/pipermail/tor-talk/>
List-Post: <mailto:tor-talk@lists.torproject.org>
List-Help: <mailto:tor-talk-request@lists.torproject.org?subject=help>
List-Subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>, 
 <mailto:tor-talk-request@lists.torproject.org?subject=subscribe>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: tor-talk-bounces@lists.torproject.org
Sender: "tor-talk" <tor-talk-bounces@lists.torproject.org>

On 04/11/2015 06:19 PM, Yuri wrote:
> On 02/17/2015 08:30, Libertas wrote:
>> Has anyone looked into this? I talked to the maintainer of the OpenBSD
>> Firefox port, but he wasn't very interested and pointed out the
>> difficulty caused by the deterministic build system.
>>
>> I can verify that it doesn't work out of the box, but haven't had time
>> to play with it much more than that. I think that the Tor Browser is an
>> increasingly important tool, and that it's a problem that it isn't
>> available on the BSDs.
>>
>> Thoughts? Suggestions?
> 
> 
> There is no need to port TBB to BSD. Not worth of the effort. TBB is
> unable to 100% separate tor and non-tor connections due to the network
> stack architecture. TBB users are typically recommended to disable
> JavaScript, to disable Flash, to not go to certain websites, to not use
> any plugins and addons, etc. This doesn't sound like a very secure
> system. The potential leaks (IP and DNS) are virtually unavoidable with
> TBB.

Well, Tor browser is arguably better for anonymity than stock Firefox.

> Security-by-isolation approach provides much better security in general,
> because it relies on the small and simple code in the core of the
> network tunnel.
> 
> Whonix https://www.whonix.org is a very good solution available on all
> BSDs today. For some reason it remains under-appreciated.

I totally agree. But Whonix uses Tor browser :)

> I myself also designed and implemented another solution for FreeBSD:
> vbox-to-tor https://github.com/yurivict/freebsd-vbox-to-tor It allows to
> run the user choice of OS in VirtualBox machine which is connected to
> the tor instance that is running on the host. It is extremely easy to
> setup, only few lines in rc.conf. (well, it will be extremely easy when
> it will be in ports and when kernel and port patches are in).

That's cool. I like running the Tor client in pfSense VMs. Or in
Raspberry Pi
<http://lwcl5doqq2uzjmom.onion/Raspian-wheezy-VPN-Tor-Gateway-Workspace-r0.html>.
And then there's Whonix in Qubes <https://www.whonix.org/wiki/Qubes> :)

> Yuri
-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

