Differences between revisions 14 and 75 (spanning 61 versions)
Revision 14 as of 2017-05-03 10:20:13
Size: 4341
Editor: UlrikeUhlig
Comment: Add instructions for Debian stable
Revision 75 as of 2020-07-19 17:32:13
Size: 10741
Editor: ?SergiyKolesnikov
Comment: Clarifying one of the misconception descriptions
Deletions are marked like this. Additions are marked like this.
Line 1: Line 1:
<<TableOfContents(3)>>

== Introduction ==

Tor Browser protects your privacy while you are surfing the Internet: it prevents somebody watching your Internet connection from learning what sites you visit, it prevents the sites you visit from learning your physical location, and it lets you access sites which are blocked.
#language en
~-[[DebianWiki/EditorGuide#translation|Translation(s)]]: none-~
----
Tor Browser protects your privacy while you are surfing the Internet:
* it prevents somebody watching your Internet connection from learning what sites you visit,
* it prevents the sites you visit from learning your physical location,
* and it lets you access sites which are blocked.
Line 9: Line 11:
To keep your protection strong you need to update the Tor Browser regularly. In Debian the easier way to do that is to install Tor Browser using [[DebianPkg:torbrowser-launcher|torbrowser-launcher]]. Which automatically install Tor Browser, run it, update it to keep its protection strong and protect your privacy. To keep your protection strong you need to update the Tor Browser regularly. In Debian the easier way to do that is to install Tor Browser using [[DebianPkg:torbrowser-launcher|torbrowser-launcher]], which automatically installs Tor Browser, run it, and update it to keep its protection strong and protect your privacy.
Line 11: Line 13:
== Debian stable == The advantage of using [[DebianPkg:torbrowser-launcher|torbrowser-launcher]] over the manual installation of the TorBrowser package (called Tor Browser Bundle) is threefold:
Line 13: Line 15:
When running Debian stable, it might be that the version of torbrowser-launcher is outdated. Please [[verify on the Debian package tracker|https://tracker.debian.org/pkg/torbrowser-launcher]] which is the latest version for your system. On Debian stable, you might want to [[add the backports repository before installing|https://wiki.debian.org/Backports#Adding_the_repository]].  * You will benefit from automatic upgrades
 * If using AppArmor, you will benefit from the AppArmor profiles contained in the package
 * Program launchers and menu entries will be created for you automatically
<<TableOfContents(3)>>
----
= Installing the official Debian package =
Line 15: Line 22:
== Install == == Debian 11 and later ==
Line 17: Line 24:
 1. Using Terminal as Root execute the following command With Debian 11 and later, or Debian Sid (Unstable),
installing it is as simple as installing the DebianPkg:torbrowser-launcher package with whatever tool you prefer.

After installation, two new entries can be found in the launcher of your preferred desktop,
"Tor Browser" and "Tor Browser Launcher Settings".
The latter will allow you to configure the way that Tor Browser is downloaded (such as the mirror, whether or not you use the system Tor service to download it, etc.),
while the former will simply launch the browser and download it if it isn't currently installed.

These can both be accessed via terminal commands by running {{{torbrowser-launcher}}} or {{{torbrowser-launcher --settings}}} respectively.

== Debian 10 and older ==

The DebianPkg:torbrowser-launcher package isn't available in the regular release of Debian 9 and 10, but it was made later available via the backports system and can be installed through it.

Follow the instructions to [[https://wiki.debian.org/Backports#Adding_the_repository|add the backports repository to your sources.list]].
Because the package is '''only''' available in the backports section without room for ambiguity,
Apt will install it without any extra arguments necessary.
Just install the DebianPkg:torbrowser-launcher package with your preferred tool.

After installation, two new entries can be found in the launcher of your preferred desktop,
"Tor Browser" and "Tor Browser Launcher Settings".
The latter will allow you to configure the way that Tor Browser is downloaded (such as the mirror, whether or not you use the system Tor service to download it, etc.),
while the former will simply launch the browser and download it if it isn't currently installed.

These can both be accessed via terminal commands by running {{{torbrowser-launcher}}} or {{{torbrowser-launcher --settings}}} respectively.
----
= Installing from the website =

Tarballs containing the latest stable version of the Tor Browser Bundle can be found on the official [[https://www.torproject.org/download/|Tor Browser website]], they contain a .desktop file that'll run the browser in-place. This can be run just by double-clicking it in most file managers. GNOME will require you to run the file from the terminal instead.

After being run, it will also auto-update in place as new versions are released.
----
= Advanced Tor Usage =
== Torrc File Location ==

If you installed "torbrowser-launcher" on a 64-bit (amd64) system, the "torrc" advanced configuration file is located at:
Line 19: Line 61:
apt-get install torbrowser-launcher ~/.local/share/torbrowser/tbb/x86_64/tor-browser_en-US/Browser/TorBrowser/Data/Tor/torrc
Line 22: Line 64:
 1. Run the browser in GNOME by typing "Tor Browser" in the Activities Search. Alternatively, run it form the Terminal by entering `torbrowser-launcher` command.

 1. On the first start the new version of the browser will automatically be downloaded and installed. On every subsequent run a check for updates will be done.


== Update ==

To update choose one of the following two options. If unsure, the "automatic update" option is easier and recommended.

 * [[#Automatic_update|Automatic update]]
 * [[#Manual_update|Manual update]]


=== Automatic update ===

Tor Browser will automatically prompt you to update the software once a new version has been released. The Torbutton icon will display a small yellow triangle. When you are prompted to update Tor Browser:

 1. Click on the Torbutton icon
 1. Select “Check for Tor Browser Update” option. If needed see [[https://tb-manual.torproject.org/en-US/updating.html|those screenshots]] to clarify the location.
 1. When Tor Browser has finished checking for updates, click on the “Update” button.
 1. Wait for the update to download and install, then restart Tor Browser. You will now be running the latest version.

Alternatively, if you installed Tor Browser using the `torbrowser-launcher` package. Simply close all Tor Browser windows. Then re-open Tor Browser. It will automatically check if a new version is available. Follow the instructions on your screen.


=== Manual update ===

Before manually updating Tor Browser it is suggested to periodically backup any valuable data. Such as your bookmarks. Which you could import after the manual update.

Manually update Tor Browser

 1. When you are prompted to update Tor Browser, finish the browsing session and close the program.
 1. Remove Tor Browser from your system by deleting the folder that contains it. If needed see [[https://tb-manual.torproject.org/en-US/uninstalling.html|that Uninstalling section]] for more information.
 1. Visit https://www.torproject.org/projects/torbrowser.html.en and download a copy of the latest Tor Browser release, then install it as before.


== Advanced Tor Usage ==
=== Torrc File Location ===
==== Wheezy-Backports 64 Bit ====

If you installed "torbrowser-launcher" using "wheezy-backports" on 64 bit. The "torrc" advanced configuration file is located at:
If you installed "torbrowser-launcher" on a 32-bit (i386) system, the "torrc" advanced configuration file is located at:
Line 64: Line 66:
~/.local/share/torbrowser/tbb/x86_64/tor-browser_en-US/Browser/TorBrowser/Data/Tor/torrc ~/.local/share/torbrowser/tbb/i686/tor-browser_en-US/Browser/TorBrowser/Data/Tor/torrc
Line 70: Line 72:
== AppArmor confinement and Xserver isolation ==
Line 71: Line 74:
== See also == HolgerLevsen has written some scripts which are available in /usr/share/doc/torbrowser-launcher/examples/ if you have installed the package.
Line 73: Line 76:
 * Good additions to the Tor Browser are the [[https://adblockplus.org/|Adblock Plus]] and [[https://www.eff.org/privacybadger|Privacy Badger]] Firefox-add-ons. These scripts show how to run torbrowser-launcher (and thus torbrowser),
confined with AppArmor, in Xephyr (a virtual Xserver running on another
Xserver) as another user. This, using AppArmor and Xephyr, shall have two
effects:

 * the browser process (and it's subprocesses) can - thanks to AppArmor confinement - only access a tiny part of the filesystem

 * the real Xserver is not exposed to the browser application, so hopefully that application cannot exploit bugs to grab keyboard input from other applications.

In order to use these scripts, please refer to /usr/share/doc/torbrowser-launcher/examples/.

You can also read those scripts here if interested: https://anonscm.debian.org/git/pkg-privacy/packages/torbrowser-launcher.git/tree/debian/examples?h=debian/sid
----
= Bugs and known issues =

 * [[https://tracker.debian.org/pkg/torbrowser-launcher|torbrowser-launcher package page]]
 * [[https://bugs.debian.org/cgi-bin/pkgreport.cgi?repeatmerged=no&src=torbrowser-launcher|torbrowser-launcher bugs and known issues]]
 * [[https://github.com/micahflee/torbrowser-launcher/issues|torbrowser-launcher Upstream bugtracker]]
----
= Clarifying common misconceptions =

== Tor isn't illegal to use ==

While in some extremely authoritarian countries Tor may carry legal risk, it's generally fine. Through United States and most of Europe, the very worst you can expect is to be potentially put on a watchlist. Your ISP is unable to see what you're doing over Tor, but they can see that you're using Tor.

If your government or ISP attempts to block Tor, many mirror sites offer downloads of the browser bundle, and you may consider setting up [[DebianPkg:apt-transport-https]] to securely download it from the repositories. Tor bridges are also available in case connection to the network itself is censored.

== The deep web/dark web aren't dangerous to browse, and won't expose you to hackers and malware ==

Though the terms are often used as synonyms, typically, the "deep web" refers to any website not indexed by search engines such as Google, and the "dark web" refers to websites that require a service such as Tor to view.

In both cases, neither are inherently dangerous. They carry the same risk as almost any small website, and require a vulnerability in your web browser to serve malware. As long as you update regularly, there's generally little risk.

== Tor isn't only used for illegal purposes ==

While Tor is used for plenty of terrible reasons as well, journalists, free speech activists, and whistleblowers all make use of Tor in order to do important work for the common good. Citizens of oppressive countries also make use of Tor in order to access important information that otherwise is restricted.

There are numerous legal reasons to use Tor as well, such as communicating with people across authoritarian borders, or accessing legal content that you nonetheless want to keep hidden from your ISP for whatever reason.

== You won't get arrested or get into trouble with your ISP or someone else for running Tor ==

You will only need to worry about this [[https://www.torproject.org/docs/faq-abuse.html.en#TypicalAbuses|if you are running a Tor exit node]]. There are also some excellent resources created by the Tor staff; give them a read:

== Tor and streaming/torrenting ==

Tor's speed comes from how many resources are provided by generous people. Torrenting or streaming over Tor not only leaks your IP address, but it also slows the network for everyone else. [[https://blog.torproject.org/bittorrent-over-tor-isnt-good-idea|Tor is not for torrenting]].

 * [[https://blog.torproject.org/tips-running-exit-node|Running a Tor exit node for minimal harassment]]
 * [[https://trac.torproject.org/projects/tor/wiki/doc/TorAbuseTemplates|a list of template letters you can send to your ISP about Tor abuse]]
 * [[https://www.torproject.org/docs/faq-abuse.html.en|A FAQ list on Tor abuse]]

You may also be interested in the [[https://metrics.torproject.org/|Tor Metrics]] pages which will show you how common the use of Tor is in your country:

 * [[https://metrics.torproject.org/userstats-relay-country.html?graph=userstats-relay-country&country=us&events=off|Direct Tor connections from the US]]
 * [[https://metrics.torproject.org/userstats-relay-country.html?graph=userstats-relay-country&country=gb&events=off|Direct Tor connections from the UK]]
 * [[https://metrics.torproject.org/userstats-relay-country.html?graph=userstats-relay-countrycountry=aq&events=off|All Direct Tor connections]]

Source: https://wiki.installgentoo.com/index.php/Tor
----
= See also =

 * Good additions to the Tor Browser are the [[https://addons.mozilla.org/en-US/firefox/addon/ublock-origin/|uBlock Origin]] and [[https://www.eff.org/privacybadger|Privacy Badger]] Firefox-add-ons.
    * <<Icon(icon-info.png)>> Notes
        * It is suggested to consider using ''uBlock Origin'' instead of ''!AdBlock Plus''. Mostly because ''uBlock Origin'' has a [[https://en.wikipedia.org/wiki/UBlock_Origin#Blocking_and_filtering|better track record at fully protecting your privacy]], than ''!AdBlock Plus''. Also there is a [[https://en.wikipedia.org/wiki/Adblock_Plus#Controversy_over_ad_filtering_and_ad_whitelisting|controversy]] around ''!AdBlock Plus'' and a for-profit corporation trying to monetize it via ad whitelisting. Also ''uBlock Origin'' [[https://en.wikipedia.org/wiki/UBlock_Origin#Performance|uses fewer resources and has better performance]] than ''!AdBlock Plus''.
        * ''uBlock Origin'' is [[https://en.wikipedia.org/wiki/UBlock_Origin#uBlock_.28ublock.org.29|not to be confused]] with ''uBlock''. As of May 2017 ''uBlock Origin'' is actively maintain and updated, compare to ''uBlock'' who has not been maintained or updated for more than 2 years, [[https://github.com/chrisaljoudi/ublock|since 2015]].
Line 78: Line 145:
== References == = References =
Line 81: Line 148:
 * https://adblockplus.org/
----
CategorySoftware | CategoryNetworkApplication | CategoryWebBrowser

Translation(s): none


Tor Browser protects your privacy while you are surfing the Internet: * it prevents somebody watching your Internet connection from learning what sites you visit, * it prevents the sites you visit from learning your physical location, * and it lets you access sites which are blocked.

Tor Browser is based on Firefox and will be familiar to many users.

To keep your protection strong you need to update the Tor Browser regularly. In Debian the easier way to do that is to install Tor Browser using torbrowser-launcher, which automatically installs Tor Browser, run it, and update it to keep its protection strong and protect your privacy.

The advantage of using torbrowser-launcher over the manual installation of the TorBrowser package (called Tor Browser Bundle) is threefold:

  • You will benefit from automatic upgrades
  • If using AppArmor, you will benefit from the AppArmor profiles contained in the package

  • Program launchers and menu entries will be created for you automatically


Installing the official Debian package

Debian 11 and later

With Debian 11 and later, or Debian Sid (Unstable), installing it is as simple as installing the torbrowser-launcher package with whatever tool you prefer.

After installation, two new entries can be found in the launcher of your preferred desktop, "Tor Browser" and "Tor Browser Launcher Settings". The latter will allow you to configure the way that Tor Browser is downloaded (such as the mirror, whether or not you use the system Tor service to download it, etc.), while the former will simply launch the browser and download it if it isn't currently installed.

These can both be accessed via terminal commands by running torbrowser-launcher or torbrowser-launcher --settings respectively.

Debian 10 and older

The torbrowser-launcher package isn't available in the regular release of Debian 9 and 10, but it was made later available via the backports system and can be installed through it.

Follow the instructions to add the backports repository to your sources.list. Because the package is only available in the backports section without room for ambiguity, Apt will install it without any extra arguments necessary. Just install the torbrowser-launcher package with your preferred tool.

After installation, two new entries can be found in the launcher of your preferred desktop, "Tor Browser" and "Tor Browser Launcher Settings". The latter will allow you to configure the way that Tor Browser is downloaded (such as the mirror, whether or not you use the system Tor service to download it, etc.), while the former will simply launch the browser and download it if it isn't currently installed.

These can both be accessed via terminal commands by running torbrowser-launcher or torbrowser-launcher --settings respectively.


Installing from the website

Tarballs containing the latest stable version of the Tor Browser Bundle can be found on the official Tor Browser website, they contain a .desktop file that'll run the browser in-place. This can be run just by double-clicking it in most file managers. GNOME will require you to run the file from the terminal instead.

After being run, it will also auto-update in place as new versions are released.


Advanced Tor Usage

Torrc File Location

If you installed "torbrowser-launcher" on a 64-bit (amd64) system, the "torrc" advanced configuration file is located at:

  • ~/.local/share/torbrowser/tbb/x86_64/tor-browser_en-US/Browser/TorBrowser/Data/Tor/torrc

If you installed "torbrowser-launcher" on a 32-bit (i386) system, the "torrc" advanced configuration file is located at:

  • ~/.local/share/torbrowser/tbb/i686/tor-browser_en-US/Browser/TorBrowser/Data/Tor/torrc

Related documentation

AppArmor confinement and Xserver isolation

HolgerLevsen has written some scripts which are available in /usr/share/doc/torbrowser-launcher/examples/ if you have installed the package.

These scripts show how to run torbrowser-launcher (and thus torbrowser), confined with AppArmor, in Xephyr (a virtual Xserver running on another Xserver) as another user. This, using AppArmor and Xephyr, shall have two effects:

  • the browser process (and it's subprocesses) can - thanks to AppArmor confinement - only access a tiny part of the filesystem

  • the real Xserver is not exposed to the browser application, so hopefully that application cannot exploit bugs to grab keyboard input from other applications.

In order to use these scripts, please refer to /usr/share/doc/torbrowser-launcher/examples/.

You can also read those scripts here if interested: https://anonscm.debian.org/git/pkg-privacy/packages/torbrowser-launcher.git/tree/debian/examples?h=debian/sid


Bugs and known issues


Clarifying common misconceptions

Tor isn't illegal to use

While in some extremely authoritarian countries Tor may carry legal risk, it's generally fine. Through United States and most of Europe, the very worst you can expect is to be potentially put on a watchlist. Your ISP is unable to see what you're doing over Tor, but they can see that you're using Tor.

If your government or ISP attempts to block Tor, many mirror sites offer downloads of the browser bundle, and you may consider setting up apt-transport-https to securely download it from the repositories. Tor bridges are also available in case connection to the network itself is censored.

The deep web/dark web aren't dangerous to browse, and won't expose you to hackers and malware

Though the terms are often used as synonyms, typically, the "deep web" refers to any website not indexed by search engines such as Google, and the "dark web" refers to websites that require a service such as Tor to view.

In both cases, neither are inherently dangerous. They carry the same risk as almost any small website, and require a vulnerability in your web browser to serve malware. As long as you update regularly, there's generally little risk.

Tor isn't only used for illegal purposes

While Tor is used for plenty of terrible reasons as well, journalists, free speech activists, and whistleblowers all make use of Tor in order to do important work for the common good. Citizens of oppressive countries also make use of Tor in order to access important information that otherwise is restricted.

There are numerous legal reasons to use Tor as well, such as communicating with people across authoritarian borders, or accessing legal content that you nonetheless want to keep hidden from your ISP for whatever reason.

You won't get arrested or get into trouble with your ISP or someone else for running Tor

You will only need to worry about this if you are running a Tor exit node. There are also some excellent resources created by the Tor staff; give them a read:

Tor and streaming/torrenting

Tor's speed comes from how many resources are provided by generous people. Torrenting or streaming over Tor not only leaks your IP address, but it also slows the network for everyone else. Tor is not for torrenting.

You may also be interested in the Tor Metrics pages which will show you how common the use of Tor is in your country:

Source: https://wiki.installgentoo.com/index.php/Tor


See also

References


CategorySoftware | CategoryNetworkApplication | CategoryWebBrowser