X-Git-Url: http://www.privoxy.org/gitweb/?a=blobdiff_plain;f=doc%2Fwebserver%2Ffaq%2Fmisc.html;h=c6d06520cbb05cf4aeb36e782aeb1fb60ef7cc52;hb=2a265300791da04a1b27f2bb883dcfedc9358f79;hp=56727a111ed04f625ecf68fe8b730888232c49d9;hpb=765008e5d1851f7e9fadf9e077516422a86f0936;p=privoxy.git diff --git a/doc/webserver/faq/misc.html b/doc/webserver/faq/misc.html index 56727a11..c6d06520 100644 --- a/doc/webserver/faq/misc.html +++ b/doc/webserver/faq/misc.html @@ -1,11 +1,11 @@ +
How much of an impact depends on many things, including the CPU of the host system, how aggressive the configuration is, which specific actions are being triggered, @@ -98,8 +101,8 @@ CLASS="APPLICATION" >Privoxy itself for each page, is relatively small in the overall scheme of things, and happens very quickly. This is typically - more than offset by time saved not downloading and rendering ad images (if ad - blocking is being used).
deanimate-gifs - actions will certainly cause a perceived slowdown, since the entire document - needs to be buffered before displaying. And on very large documents, filtering may have - some measurable impact. How much depends on the page size, the actual - definition of the filter(s), etc. See below. Most other actions have little - to no impact on speed.
- Also, when filtering is enabled, typically there is a disabling of
- compression, (see Also, when filtering is enabled but zlib support isn't available, compression
+ is often disabled (see prevent-compression).
- This can have an impact on speed as well. Again, the page size, etc. will
- determine how much of an impact.
If you use any only knows how to differentiate filterable content because of the MIME type as reported by the server, or because of some configuration setting that enables/disables - filtering.
web site at config.privoxy.org.
With recent versions of Privoxy (version 2.9.x and - later), the user interface features information on the run time status, the - configuration, and even a built-in editor for the actions files.
Note that the built-in URLs from earlier versions of Junkbuster - / Privoxy, http://example.com/show-proxy-args and http://i.j.b/, - are no longer supported. If you still use such an old version, you should really consider - upgrading to 3.0.5.
Please see the 4.5. If I do submit missed ads, will -they be included in future updates?
Whether such submissions are eventually included in the 4.6. Why doesn't anyone answer my support -request?
Rest assured that it has been read and considered. Why it is not answered, could be for various reasons, including no one has a good answer for it, no @@ -340,8 +320,8 @@ CLASS="SECT2" CLASS="SECT2" >4.7. How can I hide my IP address?4.7. How can I hide my IP address?
If you run both the browser and However, these proxies are called "anonymous" because you don't need
- a password, not because they would offer any real anonymity.
+ to authenticate, not because they would offer any real anonymity.
Most of them will log your IP address and make it available to the
authorities in case you violate the law of the country they run in. In fact
you can't even rule out that some of them only exist to *collect* information
on (those suspicious) people with a more than average preference for privacy. Your best bet is to chain If you want to hide your IP address from most adversaries,
+ you should consider chaining Privoxy
with Tor,
- an EFF supported onion routing system.
+>.
The configuration details can be found in
How do I use Privoxy together with together
+ with Tor section No. Your chances of remaining anonymous are greatly improved, but unless you
+> No. Your chances of remaining anonymous are improved, but unless you
Tor you more freedom to decide which sites
+> more freedom to decide which sites
you can trust, and what details you want to reveal. But it neither
hides your IP address, nor can it guarantee that the rest of the system
behaves correctly. There are several possibilities how a web sites can find
@@ -443,7 +420,7 @@ CLASS="APPLICATION"
> Most of Privoxy's protection can be easily subverted
+> privacy-enhancing features can be easily subverted
by an insecure browser configuration, therefore you should use a browser that can
be configured to only execute code from trusted sites, and be careful which sites you trust.
For example there is no point in having Good! Actually, they are probably testing for some other kinds of proxies.
Hiding yourself completely would require additional steps. Before you configure Privoxy to use Tor
- ( to use
+ http://tor.eff.org/),
+>Tor,
please follow the User Manual
If it is, refer to Tor's
extensive documentationTor This is enough to reach the Internet, but additionally you should
+> This is enough to reach the Internet, but additionally you might want to
uncomment the following forward rules, to make sure your local network is still
reachable through Privoxy: Unencrypted connections to systems in these address ranges will
be as (un)secure as the local network is, but the alternative is
- that you can't reach the network at all.
- If you also want to be able to reach servers in your local
- network by using their names, you will need additional
- exceptions that look like this: If you want your browser to be able to reach servers in your local
+ network by using their names, you will need additional exceptions
+ that look like this: Afterwards, please take the time to at least skim through the rest
+> Afterward, please take the time to at least skim through the rest
of Tor'sTor does, why it is no replacement for
- application level security, and why you shouldn't use it for unencrypted logins. Definitely. It is common for sites to use browser type, browser version,
HTTP header content, and various other techniques in order to dynamically
@@ -737,16 +712,13 @@ content is being altered? The "User-Agent" is often used in this way to identify
- the browser, and adjust content accordingly. Changing this now (at least not
- further than removing the OS information) is not recommended, since so many
- sites do look for it. You may get undesirable results by changing just this
- one aspect. Also, different browsers use different encodings of Russian and Czech
+> Also, different browsers use different encodings of non-English
characters, certain web servers convert pages on-the-fly according to the
User Agent header. Giving a "Referer" or cookie is provided, is another example. (But you
can forge both headers without giving information away). There are
- many other ways things that can go wrong when trying to fool a web server. The
+ many other ways things can go wrong when trying to fool a web server. The
results of which could inadvertently cause pages to load incorrectly,
partially, or even not at all. And there may be no obvious clues as to just
what went wrong, or why. Nowhere will there be a message that says
@@ -796,21 +768,26 @@ CLASS="SECT2"
> No, it does not have this ability at all. You want something like
Squid for this. And, yes,
- before you ask, or
+ Polipo for this.
+ And, yes, before you ask, Privoxy can co-exist
@@ -835,17 +812,17 @@ CLASS="SECT2"
> Not in the way you mean, or in the way a true firewall can.
+> Not in the way you mean, or in the way some firewall vendors claim they can.
Privoxy can help protect your privacy, but not
- protect you from intrusion attempts. It is, of course, perfectly possible
- and recommended to use can help protect your privacy, but can't
+ protect your system from intrusion attempts. It is, of course, perfectly possible
+ to use It would be technically possible eliminate the banners in a way that frees
- their screen estate in many cases, by doing all banner blocking with filters,
- i.e. eliminating the whole image references from the HTML pages instead
- of letting them stay in, and blocking the resulting requests for the
- banners themselves. But this would consume considerable CPU resources, would likely destroy
- the layout of many web pages which rely on the banners consuming a certain
- amount of screen space, and would fail in other cases, where the screen space
- is reserved e.g. by tables anyway. Also, making the banners disappear without
- a visual trace complicates troubleshooting. So we won't support this in the default configuration, but you can of course
- define appropriate filters yourself. It is technically possible to eliminate banners and ads in a way that frees
+ their allocated page space. This could easily be done by blocking with
+ Privoxy's filters,
+ and eliminating the entire image references from the
+ HTML page source. But, this would consume considerably more CPU resources (IOW, slow things
+ down), would likely destroy the layout of some web pages which rely on the
+ banners utilizing a certain amount of page space, and might fail in other
+ cases, where the screen space is reserved (e.g. by HTML tables for instance).
+ Also, making ads and banners disappear without any trace complicates
+ troubleshooting, and would sooner or later be problematic. The better alternative is to instead let them stay, and block the resulting
+ requests for the banners themselves as is now the case. This leaves either
+ empty space, or the familiar checkerboard pattern. So the developers won't support this in the default configuration, but you
+ can of course define appropriate filters yourself to achieve this. Since secure HTTP connections are encrypted SSL sessions between your browser
and the secure site, and are meant to be reliably There are no known exploits that might affect
- Privoxy. On Unix-like systems,
- On Unix-like systems, Privoxy can run as a non-privileged
- user, which is how we recommend it be run. Also, by default
+ user, which is how we recommend it be run. Also, by default
Privoxy only listens to requests
- from listens to requests from "localhost" only. The server aspect of
-
+ only. The server aspect of Privoxy is not itself directly exposed to the
- Internet in this configuration. If you want to have
+> is not itself directly
+ exposed to the Internet in this configuration. If you want to have
Privoxy4.17. How can I temporarily disable Privoxy?4.17. Can I temporarily disable Privoxy? The easiest way is to access Privoxy with your
- browser by using the remote toggle URL: doesn't have a transparent proxy mode,
+ but you can toggle off blocking and content filtering. The easiest way to do that is to point your browser
+ to the remote toggle URL: http://config.privoxy.org/toggle.
- See the . See the Bookmarklets sectionUser Manual for an easy way to access this
- feature. No, this just means all filtering and actions are disabled.
+> No, this just means all optional filtering and actions are disabled.
Privoxy is still acting as a proxy, but just not
- doing any of the things that is still acting as a proxy, but just
+ doing less of the things that Privoxy would
@@ -1050,7 +1045,24 @@ CLASS="APPLICATION"
CLASS="QUOTE"
>"middle-man" in
- the interaction between your browser and web sites. Bypassing a proxy, or proxying based on arbitrary criteria, is purely a browser
+ configuration issue, not a Privoxy issue. Modern browsers typically do have
+ settings for not proxying certain sites. Check your browser's help files. A "crunch". Since version 3.0.7, Privoxy will also log the crunch reason.
+ If you are using an older version you might want to upgrade. From the webserver's perspective, there is no difference between
viewing a document (i.e. a page), and downloading a file. The same is true of
@@ -1162,7 +1177,7 @@ CLASS="APPLICATION"
> knows the differences in files according
to the "Document Type""Content Type" as reported by the webserver. If this is
reported accurately (e.g. In short, filtering is "ON" if a) the Document Type as reported
+> if a) the content type as reported
by the webserver is appropriate "bad". It's the configuration that let's it all happen or not. If you download text files, you probably do not want these to be filtered,
particularly if the content is source code, or other critical content. Source
@@ -1239,7 +1254,7 @@ CLASS="EMPHASIS"
CLASS="APPLICATION"
>Privoxy does not do FTP at all, only HTTP
- and HTTPS (SSL) protocols, so please don't try. Please read above. One time-tested technique to defeat common ads is to trick the local DNS
system by giving a phony IP address for the ad generator in the local
@@ -1292,8 +1307,8 @@ CLASS="APPLICATION"
CLASS="FILENAME"
>HOSTS file, in fact, not only
- duplicates effort, but may get in the way. It is recommended to remove
- such entries from your HOSTS file. If you think
@@ -1330,9 +1345,9 @@ CLASS="SECT2"
CLASS="SECT2"
>4.23. Where can I find more information about Privoxy
-and related issues?4.24. Where can I find more information about Privoxy
+and related issues? Other references and sites of interest to We're not. The text substitutions that you are seeing are disabled
in the default configuration as shipped. You have either manually
@@ -1628,11 +1649,34 @@ CLASS="QUOTE"
>"Text replacements for subversive browsing
fun!" Privoxy generates HTML in both its own "templates", and possibly
+ whenever there are text substitutions via a Privoxy filter. While this
+ should always conform to the HTML 4.01 specifications, it has not been
+ validated against this or any other standard. 4.8. Can Privoxy guarantee I am anonymous?
4.8. Can Privoxy guarantee I am anonymous?4.9. A test site says I am not using a Proxy.
4.9. A test site says I am not using a Proxy.Tor
Faq 4.2Tor.
4.11. Might some things break because header information or
-content is being altered?
4.12. Can Privoxy act as a "caching" proxy to
-speed up web browsing?
4.13. What about as a firewall? Can Privoxy protect me?
4.13. What about as a firewall? Can Privoxy protect me?4.14. I have large empty spaces / a checkerboard pattern now where
-ads used to be. Why?
4.15. How can Privoxy filter Secure (HTTPS) URLs?
4.15. How can Privoxy filter Secure (HTTPS) URLs?4.16. Privoxy runs as a "server". How
-secure is it? Do I need to take any special precautions?
4.19. How can I tell Privoxy to totally ignore certain sites?
http://sourceforge.net/projects/ijbswa/https://sourceforge.net/projects/ijbswa/,
the Project Page for http://sourceforge.net/tracker/?group_id=11118&atid=460288https://sourceforge.net/tracker/?group_id=11118&atid=460288, to submit "misses"
-
-
http://privacy.net/, a useful site
- to check what information about you is leaked while you browse the web.
+>http://www.squid-cache.org/, a popular
+ caching proxy, which is often used together with Privoxy.
http://www.squid-cache.org/, a very popular
- caching proxy, which is often used together with http://www.pps.jussieu.fr/~jch/software/polipo/,
+ Privoxy.
+>Polipo is a caching proxy with advanced features
+ like pipelining, multiplexing and caching of partial instances. In many setups
+ it can be used as Squid replacement.
http://tor.eff.org/https://www.torproject.org/,
4.24. I've noticed that Privoxy changes 4.25. I've noticed that Privoxy changes "Microsoft" to
"MicroSuck"! Why are you manipulating my browsing?! Why are you manipulating my browsing? 4.26. Does Privoxy produce "valid" HTML (or XHTML)?