Bug #4100

second proxy port for isolated streams

Added by hans about 3 years ago. Updated about 3 years ago.

Status:NewStart date:11/21/2014
Priority:NormalDue date:
Assignee:n8fr8% Done:

0%

Category:-Spent time:-
Target version:-
Component:

Description

TAILS and Whonix provide a separate Tor proxy port that isolates each stream in its own Tor circuit. This is quite easy to do, and it would be quite useful for long-lived, background network connections like ChatSecure, Twitter, email, etc. It will slow things down a bit since it has to make more circuits, but it drastically reduces the ability to fingerprint the traffic coming out of the exit node.

All that is needed it to add a single line to the torrc:
  • SocksPort localhost:9062 IsolateDestAddr IsolateDestPort

Port 9062 is the port that TAILS uses for this, I think it makes sense to use that one as well. I suppose there should also be the port conflict handling, the same as with 9050.


Related issues

Copied to Orbot - Bug #4119: second proxy port for isolated streams New 11/21/2014

History

#2 Updated by n8fr8 about 3 years ago

  • Assignee set to n8fr8

It is a good idea to offer it.

You can already generate a new circuit for your SOCKS connection to Tor by specifying a random user/pwd combo when you connect. ChatSecureAndroid does this now, I believe.

Also available in: Atom PDF