From Tor Browser Bundle (2.3.25-4) (2/2/13) "Set the Tor SOCKS+Control ports to 9150, 9151 respectively on all platforms This fixes a SOCKS race condition with our SOCKS autoport configuration and HTTPS-Everywhere's Tor test. Firefox 17 appears to cache proxy settings per URL now, which resulted in a proxy error for check.torproject.org if we lost the race."
We should switch the port from 9050 to 9150 in Bitcoin.
I think this is just the tor browser-bundle specific. Tor itself still listens on 9050.
Yes. System Tor uses 9050 and TBB uses 9150.
Might it be worth adding an option for trying 9150 after 9050 as many users use TBB rather than straight Tor? Or defaulting to 9150? Could there be a security risk from using just -proxy rather than -proxy with -nodnsseed? (IIRC the -proxy when it detects Tor no longer does DNS seed and -noirc)
The underlying issue here is that we detect tor-ness (and thus extra anonymity features) of a socks proxy based on the port. Currently this is only 9050. This isn't a very flexible or robust approach.
Any better suggestions?
Here are the Tor SOCKS extensions: https://gitweb.torproject.org/torspec.git?a=blob_plain;hb=HEAD;f=socks-extensions.txt
This could be used to detect Tor: 4. HTTP-resistance
Tor checks the first byte of each SOCKS request to see whether it looks more like an HTTP request (that is, it starts with a "G", "H", or "P"). If so, Tor returns a small webpage, telling the user that his/her browser is misconfigured. This is helpful for the many users who mistakenly try to use Tor as an HTTP proxy instead of a SOCKS proxy.
A bit of a hack though... but if it returns then we are on Tor.
The underlying issue here is that we detect tor-ness (and thus extra anonymity features) of a socks proxy based on the port.
No we don't. We used to a long time ago, we do not now. "DNS"seed even works safely over a proxy now. Nowhere in the code does it try to figure out if we're using tor based on the port-numbers— the only place 9050 shows up is in the default port used for the proxy and tor settings.
In that case, why is this an issue at all? Just use the new port in your proxy settings.
Thanks gmaxwell, I didn't realize dnsseed worked safely over a proxy. So there are no known leaks when using a proxy?
I received this from the Tor team: "After a quick look at the code (or/buffers.c:parse_socks), it looks like there's a way, but it is a little bit of a hack. To help users that have misconfigured their browser to use Tor as an HTTP proxy, Tor will answer to HTTP-like requests with:
HTTP/1.0 501 Tor is not an HTTP Proxy
Which is further followed by a valid HTTP/1.0 response. I am not sure that is is a good idea to rely on this behaviour.
Please also note that, overall, it might be a bad idea to encourage users to mix the Tor instance used for browsing purpose with software that use identity keys and longer connections. It probably can provide some more hints to an observer to link, in your case, Bitcoin activity to the visited web sites."
Can be closed AFAIK, as bitcoin does nothing specific depending on what the proxy port is anymore. Users that have Tor running on port 9150 should simply configure the client to use that port.