Freemor’s Weblog

I have recently noticed several hits on my blog looking for TOR and Firefox 3.0b5. So Since I use both and Since I know that TorButton does not yet (at least the last time I checked) work with Firefox 3.0b5. I figured I’d write a quick howto on setting up a Safe Tor/Firefox in Hardy Heron.

The instructions below assume that you have already installed TOR and Privoxy and set them up correctly.

The first thing you will need to do is to create a separate profile for Tor browsing. The more paranoid may wish to set up a separate user account for TOR browsing thus further preventing the chance of data leakage.

To set up a separate profile, make sure there are no instances of Firefox running, then open a terminal and enter the command:

firefox -ProfileManager

A window that looks like this should show up:

Create a new profile that you will use for tor only, I called mine TorFox to avoid confusion.

Now we need to create a new launcher to use the TorFox profile.

right click on the desktop and choose Create Launcher

that will bring up this Dialog

Fill it in like this

Type:          Leave set to Application

Name:        A name you like (I used TorFox)

Command: firefox -P TorFox -no-remote

(The value after the -P should be the name you called you TOR Profile)

Comment:  Whatever you want to show up as the tooltip

now click the icon button and if you want the Firefox icon you can find it in:

/usr/share/pixmaps/firefox-3.0.png

then click OK and we are ready to start setting up your TorFox.

Click the launcher (or double click if you system is set to use double clicks)

a Firefox will open up. Just double check that it is not your normal (default) profile firefox. It shouldn’t have any of your favourites, add-ons, or other setting.. It should be a fresh firefox.

once you have that, Click Edit -> Preferences

on the Main Tab

click Manage Add-ons and disable or uninstall all Add-ons (there should only be the Ubuntu firefox modifications as this should be a fresh profile)

Then at the top of the Add-ons window you will see an option for Plugins

Click it and then disable all plugins.

Once that is done exit the add-ons window and click Content on the Preferences window.

on the Content tab uncheck Enable JavaScript and Enable Java

now click Applications at the top of the Preferences window

Set all the action so that they do not use external applications. So either set them to Preview in Firefox or Always Ask or Save File Of these Save File is probably the safest bit some things don’t have that option (Podcast, Video Podcast, Web Feed) so those you will need to set to Preview in Firefox. It should look something like this:

Now click the Privacy tab at the top of the Preferences window

uncheck all the history items.

The more paranoid can uncheck all the cookie options but that will greatly limit the sites you can go to so I personally accept both types of cookies but have the Keep Until option set to clear the cookies when I close firefox.

Check the Always Clear Private Data. Click the Settings button beside it and make sure all options are checked. Uncheck Ask me before clearing private data.

Now we move on to the Security Tab

I uncheck both of the Tell me if the site… options because these most likely leak information by looking up the site you are going to against a on a remote site.

Also uncheck the Remember passwords options. (If you don’t store them they cant leak)

and finally on to the Advanced tab:

under Advanced there are several tabs

we’ll start on the Network Tab, Click the Settings button beside Connections

set it up like this:

Also Check the Tell me when a website asks to store data offline and use the Exceptions button to be sure that are no pre-set exceptions.

On the Update Tab under Advanced

uncheck all the Update options.

Your  Tor/Firefox should now be ready for a test drive. If you find you cannot connect to anything you probably need to edit the /etc/privoxy/config file and be sure it has:

forward-socks4a   /               127.0.0.1:9050 .

in it. The . at the end of that line is necessary.

I hope this help get people going. If anyone sees something I missed (yes I know that changing user agents might be a good idea but that is a little more advanced then I wanted to get into in this howto) Please let me know.

Enjoy!!

P.S. If you want to use both firefoxes tor and non TOR you will need to edit the launchers for the regular Firefox and add the options -P default -no-remote to their command lines so that it launches the correct profile and does not open a tab in the other browser. This will create the minor annoyance of needing to close out the browser before clicking a link in another program (like evolution) but I feel the assurance that I’m not opening a TOR browser when I meant to open a Regular one worth that minor hassle.

Also you may want to set different Themes for each browser so you can quickly spot which one you are woring in (prevents “ooopses” of accidentaly usinf a TOR browser for something that you’d rather not have going over the TOR network.)