Tor_logo1

Tor (which stands for The Onion Router), is a powerful anonymity service originally developed by the US Navy, which helps protect citizens around the world from abuse and monitoring.

Most people use Tor via the Tor Browser, which simplifies setup, and I encourage you to use that where you can. This article discusses going one step further, and routing all traffic through Tor via the use of a HTTP proxy.

In the UK, the passage of the disastrous #IPBill places everyone under suspicionless surveillance, and I have client confidentiality to consider. So, as a matter of due diligence, I wanted to ensure that when my ISP’s surveillance database was inevitably hacked, the information the Russian Mafia got was of limited use.

This was easy enough to set up.

Install and configure Tor

The first step is to install Tor; not the browser, but the software the browser talks to in order to make it’s connection. On Debian based systems, apt-get install tor.

Tor comes with a SOCKS proxy, so enable support by editing /etc/tor/torrc and uncomment the line:

If this is a network server, you may want to enable an external proxy on your network as well (for example, I have an always on Raspberry Pi running a tor proxy for all the various iOS devices on my home network).

Chain a simple HTTP Proxy

Once that’s done, you’ll have a SOCKS proxy up and running that’ll route anything it gets through Tor. Many things (e.g. the aforementioned iOS devices) won’t talk SOCKS. To solve this, I use a light weight HTTP proxy called polipo to create a HTTP proxy wrapper for Tor’s SOCKS proxy.

Install polipo: apt-get install polipo

Then configure the proxy to chain to Tor’s SOCKS proxy, modify /etc/polipo/config:

On my Raspberry Pi, I also disable the caching by adding diskCacheRoot = "" to the config, as this prevents polipo from filling up the SD card and breaking the proxy.

Restart both tor and polipo, and now you should have both a tor SOCKS and HTTP proxy.

Change your browser settings

Finally, you need to configure your browser (or your entire system) to use this proxy. This is different depending on what you’re using, but on Ubuntu you can set global proxy settings in your system settings, which will route all traffic over your new proxy.

iOS devices have a per-network proxy configuration found in your wireless network configuration (click on the little “i” icon).

Verify everything is working by visiting check.torproject.org.

IzqGaQEL

The other week The Register wrote an article, which talked about the Indieweb, and Webmentions in particular.

The article covered a bunch of things, but highlighted the potential spam issue with webmention, which I’ve been meaning to do something about in Known for a while. Since Known was mentioned right at the end of the article, I figured I should probably pull my finger out.

So, while the community build a better way of handling spammy comments and webmentions (e.g. Vouch, or similar graph based filter), I put together a very quick Akismet plugin. Obviously this is centralisation / single point of failure, but it’s a quick fix that’ll hopefully stop the worst of the problems while we build something better.

Usage

Install in the normal way, and activate with your wordpress API key.

Now, all new annotations (including comments and webmentions) will be passed through akismet before being posted. Note, the entire thing requires you to be running a version of Known with the annotation/save event hook added by this pull request.

Enjoy.

» Visit the project on Github...

IzqGaQEL

I had a little bit of time over the weekend (actually, that’s a complete lie, I had no time, I was just procrastinating), so I dusted off and fixed up some old code I was working on but never finished.

So, here you are, a quick plugin which adds lightbox modal display for Photos. Currently it just shows the image, but if you’ve applied this patch (which hopefully will be merged soon), you’ll also see titles and description.

The library makes use of Ashley White’s Bootstrap 3 javascript lightbox library, which is distributed under the MIT licence.

» Visit the project on Github...