Seems like Brave choose USA DoD entry nodes.

It isn't saying "you helped x people" or the firewall is showing any traffic

For the past few weeks, when I was updating my website, the tor browser reported that my onion address is not available.

Turns out, the systemd service that I use to run the onion service broke in between the migration. I still have no idea why. But I noticed that the Apparmor service is also failed to run.

For the past few weeks, when I was updating my website, the tor browser reported that my onion address is not available.

Turns out, the systemd service that I use to run the onion service broke in between the migration. I still have no idea why. But I noticed that the Apparmor service is also failed to run.

I successfully setup an obfs4 bridge. I would've wanted to contribute with a normal middle or entry(?) relay, but I don't know where my ISP stands on the subject...

The stats are slowly starting to roll in after two days of uptime. My distribution method is still being reported as 'Telegram' only. Do I need to add 'any' or explicitly mention the other methods in torrc, or is it a matter of time before the other methods also start working?

I have a 1 Gbps connection. Is there a way to maximize how much I give to the bridge? Either through the OS (Linux) or through torrc?

Is it a huge blow to the bandwidth and/or reachability if I only use IPv4? If that's the case, I'll have to check with my ISP whether the public IP that they gave me also includes an IPv6...

Any other recommendations are also welcome! Especially now that the Danes reportedly are starting to use Signal in such numbers, which to me means that there might be a need for further censorship circumvention and/or internet anonymity...

cross-posted from: https://lemmy.ml/post/41309316

Hi,

I need to run Tor Browser as another user..

So here what I'm doing under, MX Linux ( Debian, SysVinit, xfce)

#as root, in a terminal under xfce

useradd --create-home --system --shell /usr/sbin/nologin TorUser
# btw --system or not ?

tar -xf tor-browser-linux...tar -C /opt --totals
chown -R TorUser:TorUser /opt/tor-browser

runuser -u TorUser -- /opt/tor-browser/start-tor-browser.desktop

return

Launching './Browser/start-tor-browser --detach'...

But nothing happen, and I don't see any process for TorUser

any ideas ?

Posted on the offical Tor-browser in June, but no reactions so far... :/

deleted

A server which i want to turn into a Tor node (meaning relay, bridge.. https://community.torproject.org/relay/setup/ ), i want to install one of these:

OBFS4 bridge
Snowflake
Middle/guard relay

which one should i choose first and how exactly to figure out that it is time to switch to another type, and which one it should be + why?

My idea is that into account should be taken how easy it is to block certain type of Tor software and if or how hard it is to use such type of tor node if it is discovered/blocked by censor. Question is also how to find such blocking if i do not live in a censor country nor knowing anyone who lives there.

Private AI https://lumo.proton.me/ told me that I should start with middle/guard relay because of its usefulness and then i can run second Tor instance on a diff. port and DataDirectory or a bridge or a pluggable transport. This AI suggestion can be easily wrong.

Regarding way to evaluate if the node type is blocked, it suggested to check consensus weight at https://metrics.torproject.org/rs.html#search while low weight means the network isn’t using the node much, though IMO this does not look like a reliable enough indicator. At Tor Metrics I should also check “reachability” figure.

#!/bin/bash
weight=$(curl -s https://onionoo.torproject.org/details?search=MyRelay | jq -r '.relays[0].consensus_weight')
if (( weight < 10000 )); then
    echo "Relay weight low: $weight" | mail -s "Tor relay alert" you@example.com
fi

AI:

Start → Middle/Guard relay
   │
   ├─ Weight stable & bandwidth OK → Keep as is
   └─ Weight drops / many probes fail
          │
          ├─ Try moving ORPort to a common port (443, 80) → If improves, stay as relay
          └─ Still blocked
                │
                ├─ Deploy obfs4 bridge (new port) → Register with BridgeDB
                └─ If bridge also blocked → Deploy Snowflake (WebRTC) on separate VM

Other theory is opposite, start with node that is least discoverable by censors (possibly Snowflake, OBFS4) and when blocked (one may see it when the censor countries disappear from "cat /var/lib/tor/stats/bridge-stats" command output - indicating significant decrease of a conenctions from censored countries), then setup middle relay?

Hello,

I wrote a rather lengthy post about the shenenigans regarding for-profit TOR exit node hoster called "Conrad Rockenhaus".

I posted this text to forum.torproject.org, after going through the new account approval process, my text was pending moderation.

After a few days I came back, the text had disappeared entirely, I searched everywhere, not only there were no reason for rejection or even an acknowledgement that the text was denied, there is no evidence left whatsoever that I posted ANYTHING ...

So I wrote a second text complaining of this and demanding answers

and today, the SAME THING happened my post

There is no evidence I even made the post at all.

I have no choice now but to call into question the legitimacy of this forum and the TOR organization as a whole as suspect.

This might sound like a stupid question for some, but how often do you use tor and under what conditions. I mean do you use it as your main browser, when you are looking up something sensitive, or just to get around blocks?

Our system thinks you might be a robot!

We're really sorry about this, but it's getting harder and harder to tell the difference between humans and bots these days.

Well I guess this is because the exit nodes IP address was recognized and got blocked by some automated system x.x 😱

This will be the regular tor user experience on the open clear-net, and I think it will get worse. I observed this since 2020 – bot recognition systems become more frequently used and block tor exit nodes IPs.

Some cool anti-bot systems that allow access through tor, if you enable javascript is called "anubis".

catbox.moe is a static image/file host I guess. As a tor user catbox.moe files do not load. Is this because they block them?

Sample link: https://files.catbox.moe/8fxsli.webp

Problem loading page

I get the page:

Unable to connect

An error occurred during a connection to files.catbox.moe.

cross-posted from: https://lemmy.dbzer0.com/post/36880616

Help Combat Internet Censorship by Running a Snowflake Proxy (Browser or Android)

Internet censorship remains a critical threat to free expression and access to information worldwide. In regions like Iran, Russia, and Belarus, journalists, activists, and ordinary citizens face severe restrictions when trying to communicate or access uncensored news. You can support their efforts by operating a Snowflake proxy—a simple, low-impact way to contribute to a freer internet. No technical expertise is required. Here’s how it works:

What Is Snowflake?

Snowflake is a privacy tool integrated with the Tor network. By running a Snowflake proxy, you temporarily route internet traffic for users in censored regions, allowing them to bypass government or institutional blocks. Unlike traditional Tor relays, Snowflake requires minimal bandwidth, no configuration, and no ongoing maintenance. Your device acts as a temporary bridge, not a permanent node, ensuring both safety and ease of use.

Is This Safe for Me?

Short answer: Yes.

Long answer: pobably. Here is why:

• Your IP address is not exposed to the websites they access. So, you don't have to worry about what they are doing either. You are not an exit node.
• No activity logs. Snowflake cannot monitor or record what users do through your connection. The only stored information is how many people have connected to your bridge. Check docs for further info on this.
• Low resource usage. The data consumed is comparable to background app activity—far less than streaming video or music.
• No direct access to your system
• No storage of sensitive data. Snowflake proxies do not store any sensitive data, such as IP addresses or browsing history, on your system.
• Encrypted communication. All communication between the Snowflake proxy and the Tor network is encrypted, making it difficult for attackers to intercept or manipulate data.

You are not hosting a VPN or a full Tor relay. Your role is limited to facilitating encrypted connections, similar to relaying a sealed envelope.

Your IP address is exposed to the user (in a P2P-like connection). Be mindful that your ISP could also potentially see the WebRTC traffic and the connections being made to it (but not the contents), so be mindful of your threat model.

For most users, it is generally safe to run Snowflake proxies. Theoretically, your ISP will be able to know that there are connections being made there, but to them it will look like you're calling someone on, say, Zoom.

Historically, as far as we know, there haven't been any cases of people getting in legal trouble for running entry relays, middle relays, or bridges. There have a been a few cases of people running exit nodes and getting in trouble with law enforcement agencies, but none of them have been arrested or prosecuted as far as I know it. If you are aware of any cases, let me know so I can update this post.

Do not hesitate to check Snowflake's official documentation for further reference and to make informed decisions.

How to Set Up a Snowflake Proxy

Option 1: Browser Extension (Brave, Firefox, or Chrome)

1. Install the Snowflake extension.
2. Click the Snowflake icon in your browser toolbar and toggle "Enable Snowflake."
3. Keep the browser open. That’s all.

Note: Brave users can enable Snowflake directly in settings. Navigate to brave://settings/privacy and activate the option under "Privacy and security."

Option 2: Android Devices via Orbot

1. Download Orbot (Tor’s official Android app).
2. Open the app’s menu, select "Snowflake Proxy," and toggle it on.
3. For continuous operation, keep your device charged and connected to Wi-Fi.

Your device will now contribute as a proxy whenever the app is active.

Addressing Common Concerns

• Battery drain: Negligible. Snowflake consumes fewer resources than typical social media or messaging apps.
• Data usage: Most users report under 1 GB per month. Adjust data limits in Orbot’s settings or restrict operation to Wi-Fi if necessary.

Why Your Participation Matters

Censorship mechanisms grow more sophisticated every year, but tools like Snowflake empower ordinary users to counteract them. Each proxy strengthens the Tor network’s resilience, making it harder for authoritarian regimes to isolate their populations. By donating a small amount of bandwidth, you provide someone with a critical connection to uncensored information, education, and global dialogue.

Recent surges in demand—particularly in Russia—highlight the urgent need for more proxies. Your contribution, however small, has an impact.

By participating, you become part of a global effort to defend digital rights and counter censorship. Please, also be mindful of your threat mode and understand the potential risks (though very little for most people). Check Snowflake's official documentation for further reference and don't make any decisions based on this post before taking your time to read through it.

Please share this post to raise awareness. The more proxies, the stronger the network.

– llama

So I set up my relay last night on the system that runs my onion service, but I do not have direct access via IPv4 because of CGNAT, but my IPv6 ORPort is reachable. It's only been running for about 15 hours, but when I look at the relay search on the website, it's not showing up yet. So I was wondering if it's supposed to already be showing up, or if it won't start showing up until day three.

@tor
Mulvad browser https://mullvad.net/en/download/browser/windows

• https://blog.torproject.org/new-release-tor-browser-1357/
• https://www.mozilla.org/en-US/security/advisories/mfsa2024-51/#CVE-2024-9680

Mozilla Firefox itself and all Mozilla Firefox forks should be updated accordingly once a new build is released.

Hi,

I'm currently struggling to connect to TOR (see my previous posts)

Therefore I'm looking in the documentation and in the support community. (and been already greatly helped trough lemmy :) )

I was considering to use also the official TOR forum

But I'm surprised that for a project that claim to protect users anonymity and freedom of WWW to use a forum that

• request an email address[^one]
• That a moderator [^two] need to approve the account
• that each new post need to be approved !

So I can't use it[^one] , hopefully their is Lemmy :D

[^one]: Do you know a lot of email service that do not require to provide a proof of ID ? (phone number, ISP email etc..) ? So hard to keep anonymous in those conditions..

.

[^two]: Moderation do not exist, it is simply censorship, see the work of Noam Chomsky
"If the freedom of expression is limited to the ideas that we like, it is not freedom of expression."

Hi,

I've just installed tor ( 0.4.5.16 )

When I launch it ( debian fork ) I'm stuck at

Opened Socks listener connection (ready) on 127.0.0.1:9050

I have a strong set of nftables maybe that what block it ?

What should open in order to have tor connect ?

Thanks.

Hi,
in etc/tor/torrc (the tor config file) we can read the following

## Entry policies to allow/deny SOCKS requests based on IP address.
## First entry that matches wins. If no SocksPolicy is set, we accept
## all (and only) requests that reach a SocksPort. Untrusted users who
## can access your SocksPort may be able to learn about the connections
## you make.
#SocksPolicy accept 192.168.0.0/16
#SocksPolicy reject *\

I don't understand, is this for the TOR network to query the local daemon ? or is it for LAN node to use the local TOR daemon ?

Thanks

Onion link

Today the Tor Project, a global non-profit developing tools for online privacy and anonymity, and Tails, a portable operating system that uses Tor to protect users from digital surveillance, have joined forces and merged operations. Incorporating Tails into the Tor Project's structure allows for easier collaboration, better sustainability, reduced overhead, and expanded training and outreach programs to counter a larger number of digital threats. In short, coming together will strengthen both organizations' ability to protect people worldwide from surveillance and censorship.

Onion link

This is a minor Desktop-only release containing (primarily) updated strings for users on legacy Windows and macOS.

Onion link

This version includes important security updates to Firefox.

Onion link

This version includes important security updates to Firefox.

It amazes me that onion sites aren't everywhere. They are easy to spin up, you don't have to pay anything and can run it from your own home. No need to purchase a domain, worry about expiration, have an open port. Built-in DoS protection. Anonymity and authentication by default. No need to configure HTTPS. Sure, uptime is on you and there is some latency/bandwidth limits to be considered, but once you are over that, onions are a solution to many problems and the benefits are enormous.

When a website can be accessed via a clearnet and a .onion url, is there a benefit to making use of the .onion url?

Context:

I am considering pointing a ".onion" url to my instance (mander.xyz).

I did some tests with and it seems like mlmym works well with JavaScript disabled. Since JavaScript is often disabled in the tor browser, I could make the .onion url point at that front-end instead.

This would be fun to do, but I wonder if there is a practical benefit to the ".onion" url as opposed to simply accessing the clearnet url via the tor browser.

EDIT: I went ahead and created an onion URL to try out, but I would still like to know if there is an actual advantage to .onion urls:

http://mandermybrewn3sll4kptj2ubeyuiujz6felbaanzj3ympcrlykfs2id.onion/