Translation(s): none
Tor Browser protects your privacy while you are surfing the Internet: * it prevents somebody watching your Internet connection from learning what sites you visit, * it prevents the sites you visit from learning your physical location, * and it lets you access sites which are blocked.
Tor Browser is based on Firefox and will be familiar to many users.
To keep your protection strong you need to update the Tor Browser regularly. In Debian the easier way to do that is to install Tor Browser using torbrowser-launcher, which automatically installs Tor Browser, run it, and update it to keep its protection strong and protect your privacy.
The advantage of using torbrowser-launcher over the manual installation of the TorBrowser package (called Tor Browser Bundle) is threefold:
- You will benefit from automatic upgrades
If using AppArmor, you will benefit from the AppArmor profiles contained in the package
- Program launchers and menu entries will be created for you automatically
Contents
Installing the official Debian package
Debian 11 and later
With Debian 11 and later, or Debian Sid (Unstable), installing it is as simple as installing the torbrowser-launcher package with whatever tool you prefer.
After installation, two new entries can be found in the launcher of your preferred desktop, "Tor Browser" and "Tor Browser Launcher Settings". The latter will allow you to configure the way that Tor Browser is downloaded (such as the mirror, whether or not you use the system Tor service to download it, etc.), while the former will simply launch the browser and download it if it isn't currently installed.
These can both be accessed via terminal commands by running torbrowser-launcher or torbrowser-launcher --settings respectively.
Debian 10 and older
The torbrowser-launcher package isn't available in the regular release of Debian 9 and 10, but it was made later available via the backports system and can be installed through it.
Follow the instructions to add the backports repository to your sources.list. Because the package is only available in the backports section without room for ambiguity, Apt will install it without any extra arguments necessary. Just install the torbrowser-launcher package with your preferred tool.
After installation, two new entries can be found in the launcher of your preferred desktop, "Tor Browser" and "Tor Browser Launcher Settings". The latter will allow you to configure the way that Tor Browser is downloaded (such as the mirror, whether or not you use the system Tor service to download it, etc.), while the former will simply launch the browser and download it if it isn't currently installed.
These can both be accessed via terminal commands by running torbrowser-launcher or torbrowser-launcher --settings respectively.
Installing from the website
Tarballs containing the latest stable version of the Tor Browser Bundle can be found on the official Tor Browser website, they contain a .desktop file that'll run the browser in-place. This can be run just by double-clicking it in most file managers. GNOME will require you to run the file from the terminal instead.
After being run, it will also auto-update in place as new versions are released.
Advanced Tor Usage
Torrc File Location
If you installed "torbrowser-launcher" on a 64-bit (amd64) system, the "torrc" advanced configuration file is located at:
~/.local/share/torbrowser/tbb/x86_64/tor-browser_en-US/Browser/TorBrowser/Data/Tor/torrc
If you installed "torbrowser-launcher" on a 32-bit (i386) system, the "torrc" advanced configuration file is located at:
~/.local/share/torbrowser/tbb/i686/tor-browser_en-US/Browser/TorBrowser/Data/Tor/torrc
Related documentation
AppArmor confinement and Xserver isolation
HolgerLevsen has written some scripts which are available in /usr/share/doc/torbrowser-launcher/examples/ if you have installed the package.
These scripts show how to run torbrowser-launcher (and thus torbrowser), confined with AppArmor, in Xephyr (a virtual Xserver running on another Xserver) as another user. This, using AppArmor and Xephyr, shall have two effects:
the browser process (and it's subprocesses) can - thanks to AppArmor confinement - only access a tiny part of the filesystem
- the real Xserver is not exposed to the browser application, so hopefully that application cannot exploit bugs to grab keyboard input from other applications.
In order to use these scripts, please refer to /usr/share/doc/torbrowser-launcher/examples/.
You can also read those scripts here if interested: https://anonscm.debian.org/git/pkg-privacy/packages/torbrowser-launcher.git/tree/debian/examples?h=debian/sid
Bugs and known issues
Clarifying common misconceptions
Tor isn't illegal to use
While in some extremely authoritarian countries Tor may carry legal risk, it's generally fine. Through United States and most of Europe, the very worst you can expect is to be potentially put on a watchlist. Your ISP is unable to see what you're doing over Tor, but they can see that you're using Tor.
If your government or ISP attempts to block Tor, many mirror sites offer downloads of the browser bundle, and you may consider setting up apt-transport-https to securely download it from the repositories. Tor bridges are also available in case connection to the network itself is censored.
The deep web/dark web aren't dangerous to browse, and won't expose you to hackers and malware
Though the terms are often used as synonyms, typically, the "deep web" refers to any website not indexed by search engines such as Google, and the "dark web" refers to websites that require a service such as Tor to view.
In both cases, neither are inherently dangerous. They carry the same risk as almost any small website, and require a vulnerability in your web browser to serve malware. As long as you update regularly, there's generally little risk.
Tor isn't only used for illegal purposes
While Tor is used for plenty of terrible reasons as well, journalists, free speech activists, and whistleblowers all make use of Tor in order to do important work for the common good. Citizens of oppressive countries also make use of Tor in order to access important information that otherwise is restricted.
There are numerous legal reasons to use Tor as well, such as communicating with people across authoritarian borders, or accessing legal content that you nonetheless want to keep hidden from your ISP for whatever reason.
You won't get arrested or get into trouble with your ISP or someone else for running Tor
You will only need to worry about this if you are running a Tor exit node. There are also some excellent resources created by the Tor staff; give them a read:
Tor and streaming/torrenting
Tor's speed comes from how many resources are provided by generous people. Torrenting or streaming over Tor not only leaks your IP address, but it also slows the network for everyone else. Tor is not for torrenting.
You may also be interested in the Tor Metrics pages which will show you how common the use of Tor is in your country:
Source: https://wiki.installgentoo.com/index.php/Tor
Firefox Add-Ons
The Tor Project says:
"Should I install a new add-on or extension in Tor Browser, like ?AdBlock Plus or uBlock Origin?
It's strongly discouraged to install new add-ons in Tor Browser, because they can compromise your privacy and security.
Installing new add-ons may affect Tor Browser in unforeseen ways and potentially make your Tor Browser fingerprint unique. If your copy of Tor Browser has a unique fingerprint, your browsing activities can be deanonymized and tracked even though you are using Tor Browser.
Basically, each browser's settings and features create what is called a "browser fingerprint". Most browsers inadvertently create a unique fingerprint for each user which can be tracked across the internet. Tor Browser is specifically engineered to have a nearly identical (we're not perfect!) fingerprint across its users. This means each Tor Browser user looks like every other Tor Browser user, making it difficult to track any individual user.
There's also a good chance a new add-on will increase the attack surface of Tor Browser. This may allow sensitive data to be leaked or allow an attacker to infect Tor Browser. The add-on itself could even be maliciously designed to spy on you.
Tor Browser already comes installed with two add-ons — HTTPS Everywhere and ?NoScript — and adding anything else could deanonymize you.
Want to learn more about browser fingerprinting? Here's an article on The Tor Blog all about it."
Further discussion here and here.
See also
Alternative WebBrowsers under Debian
References
CategorySoftware | CategoryNetworkApplication | CategoryWebBrowser