[Whonix-devel] [guardian-dev] making Debian's software updates more private
Hans-Christoph Steiner
hans at guardianproject.info
Sun Feb 8 13:11:16 CET 2015
Hey Patrick,
You are correct, and yes, the archive does indeed show my incorrect assumption
at that time. So I'm CCing that thread to add this correction to the archive.
When I was looking, Acquire::socks::proxy was on a lot of forums as a way to
add a proxy to apt, so thanks for correcting the record here, Patrick. The
tricky part is that there is no warning or error pointing out that
Acquire::socks::proxy is doing nothing at all.
Here is a more thorough discussion of how to do it, with correct and tested
config:
https://guardianproject.info/2014/10/16/reducing-metadata-leakage-from-software-updates/
And a more details on a related issue report:
https://labs.riseup.net/code/issues/8143
.hc
Patrick Schleizer:
> Hi Hans-Christoph!
>
> In reference to:
> https://lists.mayfirst.org/pipermail/guardian-dev/2014-July/003647.html
>
> I think "Acquire::socks::proxy" does not exist, even though often
> referenced on search engines.
>
> Checked apt-get's source code apt-1.1~exp8.
>
> Positive:
>
> grep -r -i Acquire::http *
>
> Negative:
>
> grep -r -i socks
>
> Hard to prove a negative, but I don't think they could have implemented
> socks support without using the string "socks" (and I am quite certain
> they didn't obfuscate it ;). This also matches what they told me on IRC,
> even though that's a while ago.
>
> Happy to be proven wrong! Am I wrong? Is there socks proxy support in
> apt-get?
>
> By answering to this e-mail, your reply will be posted on the
> whonix-devel public mailing list, so everyone from the Whonix project
> can benefit.
>
> Thanks for all your work!
>
> Cheers,
> Patrick
>
--
PGP fingerprint: 5E61 C878 0F86 295C E17D 8677 9F0F E587 374B BE81
https://pgp.mit.edu/pks/lookup?op=vindex&search=0x9F0FE587374BBE81
More information about the Whonix-devel
mailing list