+ You cannot hide your IP address with <application>Privoxy</application> or any other software, since
+the server needs to know your IP address to send the answer to you.
+</para>
+<para>
+Fortunately there are many publicly usable anonymous proxies out there, which
+solve the problem by providing a further level of indirection between you and
+the web server, shared by many people and thus letting your requests "drown"
+in white noise of unrelated requests as far as user tracking is concerned.
+</para>
+<para>
+Most of them will, however, log your IP address and make it available to the
+authorities in case you abuse that anonymity for criminal purposes. In fact
+you can't even rule out that some of them only exist to *collect* information
+on (those suspicious) people with a more than average preference for privacy.
+</para>
+<para>
+You can find a list of anonymous public proxies at <ulink
+url="http://www.multiproxy.org/anon_list.htm">multiproxy.org</ulink> and many
+more through Google.
+</para>
+</sect3>
+
+<!-- <sect3 id="image"><title>What is the imagefile (simage.ini, etc.) for?</title> -->
+<!-- <para> -->
+<!-- Anytime <application>Privoxy</application> determines (with the help of the blocklist) that a URL -->
+<!-- contains an advertisement, it has to decide whether this advertisement is an -->
+<!-- image or not. <application>Privoxy</application> uses the imagefile for that purpose. -->
+<!-- </para> -->
+<!-- </sect3> -->
+
+<sect3>
+<title id="anonforsure">Can <application>Privoxy</application> guarantee I am anonymous?</title>
+<para>
+ No. Your chances of remaining anonymous are greatly improved, but unless you
+ are an expert on Internet security it would be safest to assume that
+ everything you do on the Web can be traced back to you.
+</para>
+<para>
+ <application>Privoxy</application> can remove various information about you,
+ and allows <emphasis>you</emphasis> more freedom to decide which sites
+ you can trust. But it's still possible that web sites can find out who you
+ are. Here's one way this can happen.
+</para>
+<para>
+ A few browsers disclose the user's email address in certain situations, such
+ as when transferring a file by FTP. <application>Privoxy</application>
+ does not filter FTP. If you need this feature, or are concerned about the
+ mail handler of your browser disclosing your email address, you might
+ consider products such as <application>NSClean</application>.
+</para>
+<para>
+ Browsers available only as binaries could use non-standard headers to give
+ out any information they can have access to: see the manufacturer's license
+ agreement. It's impossible to anticipate and prevent every breach of privacy
+ that might occur. The professionally paranoid prefer browsers available as
+ source code, because anticipating their behavior is easier. Trust the source,
+ Luke!
+</para>
+
+</sect3>
+
+<sect3>
+<title id="sitebreak">Might some things break because header information is
+being altered?</title>
+
+<para>
+ Definitely. More and more sites use HTTP header content to decide what to
+ display and how to display it. There is many ways that this can be handled,
+ so having hard and fast rules, is tricky.
+</para>
+
+<para>
+ <quote>USER AGENT</quote> in particular is often used in this way to identify
+ the browser, and adjust content accordingly. Changing this now is not
+ recommended, since so many sites do look for this. You may get undesirable
+ results by changing this.
+</para>
+
+<para>
+ For instance, different browsers use different encodings of Russian and Czech
+ characters, certain web servers convert pages on-the-fly according to the
+ User Agent header. Giving a <quote>User Agent</quote> with the wrong
+ operating system or browser manufacturer causes some sites in these languages
+ to be garbled; Surfers to Eastern European sites should change it to
+ something closer. And then some page access counters work by looking at the
+ <quote>REFERER</quote> header; they may fail or break if unavailable. The
+ weather maps of Intellicast have been blocked by their server when no
+ <quote>REFERER</quote> or cookie is provided, is another example. There are
+ many, many other ways things can go wrong when trying to fool a web server.
+</para>
+
+<para>
+ If you have problems with a site, you will have to adjust your configuration
+ accordingly. Cookies are probably the most likely adjustment that may
+ be required, but by no means the only one.
+
+</para>
+
+</sect3>
+
+
+<sect3>
+<title id="caching">Can <application>Privoxy</application> act as a <quote>caching</quote> proxy to
+speed up web browsing?</title>
+<para>
+ No, it does not have this ability at all. You want something like
+ <ulink url="http://www.squid-cache.org/">Squid</ulink> for this. And, yes,
+ before you ask, <application>Privoxy</application> can co-exist
+ with other kinds of proxies like <quote>Squid</quote>.
+</para>
+</sect3>
+
+<sect3>
+<title id="firewall">What about as a firewall? Can <application>Privoxy</application> protect me?</title>
+<para>
+ Not in the way you mean, or in the way a true firewall can, or a proxy that
+ has this specific capability. <application>Privoxy</application> can help
+ protect your privacy, but not really protect you from intrusion attempts.
+</para>
+</sect3>
+
+
+<sect3>
+<title id="logo">The <application>Privoxy</application> logo that replaces ads is very blocky
+and ugly looking. Can't a better font be used?</title>
+
+<para>
+ This is not a font problem. The logo is an image that is created by
+ <application>Privoxy</application> on the fly. So as to not waste
+ memory, the image is rather small. The blockiness comes when the
+ image is scaled to fill a largish area. There is not much to be done
+ about this, other than to use one of the other
+ <quote>imageblock</quote> directives: <emphasis>pattern</emphasis>,
+ <emphasis>blank</emphasis>, or a URL of your choosing.
+</para>
+<para>
+Given the above problem, we have decided to remove the logo option entirely
+[as of v2.9.13].
+</para>
+</sect3>
+
+
+<sect3>
+<title id="wasted">I have large empty spaces now where ads used to be.
+Why does <application>Privoxy</application> leave these large gaps?</title>
+<para>
+ It would be easy enough to just eliminate this space altogether, rather than
+ fill it with blank space. But, this would create problems with many pages
+ that use the overall size of the ad to help organize the page layout and
+ position the various components of the page where they were intended to be.
+ It is best left this way.
+</para>
+
+</sect3>
+
+<sect3>
+<title id="ssl">How can <application>Privoxy</application> filter Secure (HTTPS) URLs?</title>
+<para>
+ This is a limitation since HTTPS transactions are encrypted SSL sessions
+ between your browser and the secure site, and are meant to be reliably
+ <emphasis>secure</emphasis> and private. This means that all cookies and HTTP
+ header information are also encrypted from the time they leave your browser,
+ to the site, and vice versa. <application>Privoxy</application> does not
+ try to unencrypt this information, so it just passes through as is.
+ <application>Privoxy</application> can still catch images and ads that
+ are embedded in the SSL stream though.
+</para>
+
+</sect3>
+
+
+<sect3>
+<title id="secure"><application>Privoxy</application> runs as a <quote>server</quote>. How
+secure is it? Do I need to take any special precautions?</title>
+<para>
+ There are no known exploits that might effect
+ <application>Privoxy</application>. On Unix-like systems,
+ <application>Privoxy</application> can run as a non-privileged
+ user, which is how we recommend it be run. Also, by default
+ <application>Privoxy</application> only listens to requests
+ from <quote>localhost</quote>. It is not itself directly exposed to the
+ Internet in this configuration. If you want to have
+ <application>Privoxy</application> serve as a LAN proxy, this will have to
+ be opened up to allow for LAN requests. In this case, we'd recommend
+ you specify only the LAN gateway address, e.g. 192.168.1.1 in the main
+ <application>Privoxy</application> config file. All LAN hosts can then use
+ this as their proxy address in the browser proxy configuration. In this way,
+ <application>Privoxy</application> will not listen on any external ports.
+ Of course, a firewall is always good too. Better safe than sorry.
+</para>
+
+</sect3>
+
+<sect3 id="turnoff">
+<title>How can I temporarily disable <application>Privoxy</application>?</title>
+<para>
+ The easiest way is to access <application>Privoxy</application> with your
+ browser by using the special URL: <ulink url="http://p.p/">http://p.p/</ulink>
+ and select "Toggle Privoxy on or off" from that page.
+
+</para>
+</sect3>
+
+</sect2>
+
+
+<!-- ~~~~~ New section ~~~~~ -->
+
+<sect2>
+<title id="trouble">Troubleshooting</title>
+
+<sect3>
+<title id="refused">I just upgraded and am getting <quote>connection refused</quote>
+with every web page?</title>
+<para>
+ Either <application>Privoxy</application> is not running, or your
+ browser is configured for a different port than what
+ <application>Privoxy</application> is using.
+</para>
+
+<para>
+ The old <application>Privoxy</application> (and also
+ <application>Junkbuster</application>) used port 8000 by
+ default. This has been changed to port 8118 now, due to a conflict
+ with NAS (Network Audio Service), which uses port 8000. If you haven't,
+ you need to change your browser to the new port number, or alternately
+ change <application>Privoxy's</application> <quote>listen-address</quote>
+ setting in the <filename>config</filename> file used to start
+ <application>Privoxy</application>.