+<para>
+ It should be noted that the <quote>Advanced</quote> profile (formerly known
+ as the <quote>Adventuresome</quote> profile) is more
+ aggressive, and will make use of some of
+ <application>Privoxy's</application> advanced features. Use at your own risk!
+</para>
+
+</sect2>
+
+<sect2 renderas="sect3" id="browseconfig"> <title>Why can I change the configuration
+with a browser? Does that not raise security issues?</title>
+ <para>
+ It may seem strange that regular users can edit the config files with their
+ browsers, although the whole <filename>/etc/privoxy</filename> hierarchy
+ belongs to the user <quote>privoxy</quote>, with only 644 permissions.
+ </para>
+ <para>
+ When you use the browser-based editor, <application>Privoxy</application>
+ itself is writing to the config files. Because
+ <application>Privoxy</application> is running as the user <quote>privoxy</quote>,
+ it can update its own config files.
+ </para>
+ <para>
+ If you run <application>Privoxy</application> for multiple untrusted users (e.g. in
+ a LAN) or aren't entirely in control of your own browser, you will probably want
+ to make sure that the web-based editor and remote toggle features are
+ <quote>off</quote> by setting <quote><literal><ulink
+ url="../user-manual/config.html#ENABLE-EDIT-ACTIONS">enable-edit-actions</ulink>
+ 0</literal></quote> and <quote><literal><ulink
+ url="../user-manual/config.html#ENABLE-REMOTE-TOGGLE">enable-remote-toggle</ulink>
+ 0</literal></quote> in the <ulink url="../user-manual/config.html">main configuration file</ulink>.
+ </para>
+ <para>
+ As of &my-app; 3.0.7 these options are disabled by default.
+ </para>
+</sect2>
+
+
+<sect2 renderas="sect3" id="filterfile">
+<title>What is the <filename>default.filter</filename> file? What is a <quote>filter</quote>?</title>
+<para>
+ The <ulink url="../user-manual/filter-file.html"><filename>default.filter</filename></ulink>
+ file is where <emphasis>filters</emphasis> as supplied by the developers are defined.
+ Filters are a special subset of actions that can be used to modify or
+ remove web page content or headers on the fly. Content filters can
+ be applied to <emphasis>anything</emphasis> in the page source,
+ header filters can be applied to either server or client headers.
+ Regular expressions are used to accomplish this.
+</para>
+<para>
+ There are a number of pre-defined filters to deal with common annoyances. The
+ filters are only defined here, to invoke them, you need to use the
+ <ulink
+ url="../user-manual/actions-file.html#FILTER"><literal>filter</literal>
+ action</ulink> in one of the actions files. Content filtering is automatically
+ disabled for inappropriate MIME types, but if you know better than Privoxy
+ what should or should not be filtered you can filter any content you like.
+</para>
+<para>
+ Filters should
+ <emphasis>not</emphasis> be confused with <ulink
+ url="../user-manual/actions-file.html#BLOCK"><literal>blocks</literal></ulink>, which
+ is a completely different action, and is more typically used to block ads and
+ unwanted sites.
+</para>
+
+<para>
+ If you are familiar with regular expressions, and HTML, you can look at
+ the provided <filename>default.filter</filename> with a text editor and define
+ your own filters. This is potentially a very powerful feature, but
+ requires some expertise in both regular expressions and HTML/HTTP.
+ <![%p-newstuff;[ You should
+ place any modifications to the default filters, or any new ones you create
+ in a separate file, such as <filename>user.filter</filename>, so they won't
+ be overwritten during upgrades.
+ The ability to define multiple filter files
+ in <filename>config</filename> is a new feature as of v. 3.0.5.]]>
+</para>
+
+<para>
+ There is no GUI editor option for this part of the configuration,
+ but you can disable/enable the various pre-defined filters of the included
+ <filename>default.filter</filename> file with the <ulink
+ url="http://config.privoxy.org/show-status">web-based actions file editor</ulink>.
+ Note that the custom actions editor must be explicitly enabled in
+ the main config file (see <ulink
+ url="../user-manual/config.html#ENABLE-EDIT-ACTIONS">enable-edit-actions</ulink>).
+</para>
+
+<para>
+ If you intend to develop your own filters, you might want to have a look at
+ <ulink
+ url="https://www.fabiankeil.de/sourcecode/pft/">Privoxy-Filter-Test</ulink>.
+</para>
+
+</sect2>
+
+<sect2 renderas="sect3" id="lanconfig">
+<title>How can I set up Privoxy to act as a proxy for my
+ LAN?</title>
+<para>
+ By default, <application>Privoxy</application> only responds to requests
+ from <literal>127.0.0.1</literal> (localhost). To have it act as a server for
+ a network, this needs to be changed in the <ulink
+ url="../user-manual/config.html">main configuration file</ulink>. Look for
+ the <literal><ulink
+ url="../user-manual/config.html#LISTEN-ADDRESS">listen-address</ulink></literal>
+ option, which may be commented out with a <quote>#</quote> symbol. Make sure
+ it is uncommented, and assign it the address of the LAN gateway interface,
+ and port number to use. Assuming your LAN address is 192.168.1.1 and you
+ wish to run <application>Privoxy</application> on port 8118, this line
+ should look like:
+</para>
+
+<para>
+ <screen>
+ listen-address 192.168.1.1:8118</screen>
+</para>
+
+<para>
+ Save the file, and restart <application>Privoxy</application>. Configure
+ all browsers on the network then to use this address and port number.
+</para>
+
+<para>
+ Alternately, you can have <application>Privoxy</application> listen on
+ all available interfaces:
+</para>
+
+<para>
+ <screen>
+ listen-address :8118</screen>
+</para>
+
+<para>
+ And then use <application>Privoxy's</application>
+ <ulink
+ url="../user-manual/config.html#PERMIT-ACCESS">permit-access</ulink>
+ feature to limit connections. A firewall in this situation is recommended
+ as well.
+</para>
+
+<para>
+ The above steps should be the same for any TCP network, regardless of
+ operating system.
+</para>
+
+<para>
+ If you run <application>Privoxy</application> on a LAN with untrusted users,
+ we recommend that you double-check the <ulink
+ url="../user-manual/config.html#ACCESS-CONTROL">access control and security</ulink>
+ options!
+</para>
+
+</sect2>
+
+
+<sect2 renderas="sect3" id="noseeum">
+<title>Instead of ads, now I get a checkerboard pattern. I don't want to see anything.</title>
+<para>
+ The replacement for blocked images can be controlled with the <ulink
+ url="../user-manual/actions-file.html#SET-IMAGE-BLOCKER"><literal>set-image-blocker</literal>
+ action</ulink>. You have the choice of a checkerboard pattern, a transparent 1x1 GIF
+ image (aka <quote>blank</quote>), or a redirect to a custom image of your choice.
+ Note that this choice only has effect for images which are blocked as images, i.e.
+ whose URLs match both a <literal><ulink
+ url="../user-manual/actions-file.html#HANDLE-AS-IMAGE">handle-as-image</ulink></literal>
+ <emphasis>and</emphasis> <literal><ulink
+ url="../user-manual/actions-file.html#BLOCK">block</ulink></literal> action.
+</para>
+<para>
+ If you want to see nothing, then change the <ulink
+ url="../user-manual/actions-file.html#SET-IMAGE-BLOCKER"><literal>set-image-blocker</literal>
+ action</ulink> to <quote>blank</quote>. This can be done by editing the
+ <filename>user.action</filename> file, or through the <ulink
+ url="http://config.privoxy.org/show-status">web-based actions file editor</ulink>.
+</para>
+
+</sect2>
+
+<sect2 renderas="sect3" id="whyseeum">
+<title>Why would anybody want to see a checkerboard pattern?</title>
+<para>
+ Remember that <link linkend="whatsanad">telling which image is an ad and which
+ isn't</link>, is an educated guess. While we hope that the standard configuration
+ is rather smart, it will make occasional mistakes. The checkerboard image is visually
+ decent, and it shows you where images have been blocked, which can be very
+ helpful in case some navigation aid or otherwise innocent image was
+ erroneously blocked. It is recommended for new users so they can
+ <quote>see</quote> what is happening. Some people might also enjoy seeing how
+ many banners they <emphasis>don't</emphasis> have to see.
+</para>
+
+</sect2>
+
+<sect2 renderas="sect3" id="blockedbytext">
+<title>I see some images being replaced with text
+instead of the checkerboard image. Why and how do I get rid of this?</title>
+<para>
+ This happens when the banners are not embedded in the HTML code of the
+ page itself, but in separate HTML (sub)documents that are loaded into (i)frames
+ or (i)layers, and these external HTML documents are blocked. Being non-images
+ they get replaced by a substitute HTML page rather than a substitute image,
+ which wouldn't work out technically, since the browser expects and accepts
+ only HTML when it has requested an HTML document.
+</para>
+<para>
+ The substitute page adapts to the available space and shows itself as a
+ miniature two-liner if loaded into small frames, or full-blown with a
+ large red "BLOCKED" banner if space allows.
+</para>
+<para>
+ If you prefer the banners to be blocked by images, you must see to it that
+ the HTML documents in which they are embedded are not blocked. Clicking
+ the <quote>See why</quote> link offered in the substitute page will show
+ you which rule blocked the page. After changing the rule and un-blocking
+ the HTML documents, the browser will try to load the actual banner images
+ and the usual image blocking will (hopefully!) kick in.
+</para>
+</sect2>
+
+
+<sect2 renderas="sect3" id="srvany">
+<title>Can Privoxy run as a service
+on Win2K/NT/XP?</title>
+<para>
+<![%p-newstuff;[
+ Yes. Version 3.0.5 introduces full <application>Windows</application> service
+ functionality. See <ulink url="../user-manual/installation.html#installation-pack-win">
+ the <citetitle>User Manual</citetitle></ulink> for details on how to install and configure
+ <application>Privoxy</application> as a service.
+</para>
+<para>
+ Earlier ]]>3.x versions could run as a system service using <command>srvany.exe</command>.
+ See the discussion at <ulink
+ url="https://sourceforge.net/tracker/?func=detail&atid=361118&aid=485617&group_id=11118">https://sourceforge.net/tracker/?func=detail&atid=361118&aid=485617&group_id=11118</ulink>,
+ for details, and a sample configuration.
+</para>
+</sect2>
+
+
+<sect2 renderas="sect3" id="otherproxy">
+<title>How can I make Privoxy work with other proxies?</title>
+<para>
+ This can be done and is often useful to combine the benefits of
+ <application>Privoxy</application> with those of a another proxy,
+ for example to cache content.
+ See the <ulink
+ url="../user-manual/config.html#FORWARDING">forwarding chapter</ulink>
+ in the <ulink url="../user-manual/index.html">User Manual</ulink> which
+ describes how to do this. If you intend to use Privoxy with Tor,
+ please also have a look at
+ <link linkend="TOR">How do I use Privoxy together with Tor</link>.
+</para>
+</sect2>
+
+<sect2 renderas="sect3" id="port-80">
+<title>Can I just set Privoxy to use port 80
+and thus avoid individual browser configuration?</title>
+
+<para>
+ No, its more complicated than that. This only works with special kinds
+ of proxies known as <quote>intercepting</quote> proxies
+ (<link linkend="INTERCEPTING">see below</link>).
+</para>
+
+</sect2>
+
+<sect2 renderas="sect3" id="transparent">
+<title>Can Privoxy run as a <quote>transparent
+</quote> proxy?</title>
+<para>
+ The whole idea of Privoxy is to modify client requests
+ and server responses in all sorts of ways and therefore
+ it's not a transparent proxy as described in
+ <ulink url="http://tools.ietf.org/html/rfc2616">RFC 2616</ulink>.
+</para>
+<para>
+ However, some people say <quote>transparent proxy</quote> when they
+ mean <quote>intercepting proxy</quote>. If you are one of them,
+ please read the <link linkend="INTERCEPTING">next entry</link>.
+</para>
+
+</sect2>
+
+<sect2 renderas="sect3" id="intercepting">
+<title>Can Privoxy run as a <quote>intercepting</quote> proxy?</title>
+<para>
+ <application>Privoxy</application> can't intercept traffic itself,
+ but it can handle requests that where intercepted and redirected
+ with a packet filter (like <application>PF</application> or
+ <application>iptables</application>), as long as the <literal>Host</literal>
+ header is present.
+ </para>
+<para>
+ As the <literal>Host</literal> header is required by HTTP/1.1 and as most
+ web sites rely on it anyway, this limitation shouldn't be a problem.
+</para>
+<para>
+ Please refer to your packet filter's documentation to learn how to
+ intercept and redirect traffic into <application>Privoxy</application>.
+ Afterward you just have to configure <application>Privoxy</application> to
+ <ulink url="../user-manual/config.html#ACCEPT-INTERCEPTED-REQUESTS">accept
+ intercepted requests</ulink>.
+</para>
+
+</sect2>
+
+<sect2 renderas="sect3" id="outlook">
+<title>How can I configure Privoxy for use with Outlook?</title>
+<para>
+ Versions of <application>Outlook</application> prior to Office 2007, use
+ <application>Internet Explorer</application> components to both render HTML,
+ and fetch any HTTP requests that may be embedded in an HTML email. So however
+ you have <application>Privoxy</application> configured to work with IE, this
+ configuration should automatically be shared, at least with older version of
+ Internet Explorer.
+</para>
+<para>
+ Starting with Office 2007, Microsoft is instead using the MS-Word rendering
+ engine with Outlook. It is unknown whether this can be configured to use a
+ proxy.
+ <!-- FIXME HB 2009-02-15 -->
+</para>
+</sect2>
+
+<sect2 renderas="sect3" id="outlook-more">
+<title>How can I have separate rules just for HTML mail?</title>
+<para>
+ The short answer is, you can't. <application>Privoxy</application> has no way
+ of knowing which particular application makes a request, so there is no way to
+ distinguish between web pages and HTML mail.
+ <application>Privoxy</application> just blindly proxies all requests. In the
+ case of <application>Outlook Express</application> (see above), OE uses
+ IE anyway, and there is no way for <application>Privoxy</application> to ever
+ be able to distinguish between them (nor could any other proxy type application for
+ that matter).
+</para>
+<para>
+ For a good discussion of some of the issues involved (including privacy and
+ security issues), see
+ <ulink url="https://sourceforge.net/tracker/?func=detail&atid=211118&aid=629518&group_id=11118">https://sourceforge.net/tracker/?func=detail&atid=211118&aid=629518&group_id=11118</ulink>.
+</para>
+</sect2>
+
+<sect2 renderas="sect3" id="sneaky-cookies">
+<title>I sometimes notice cookies sneaking through. How?</title>
+<para>
+ <ulink
+ url="http://en.wikipedia.org/wiki/Browser_cookie">Cookies</ulink> can be
+ set in several ways. The classic method is via the
+ <literal>Set-Cookie</literal> HTTP header. This is straightforward, and an
+ easy one to manipulate, such as the &my-app; concept of
+ <ulink url="../user-manual/actions-file.html#SESSION-COOKIES-ONLY">session-cookies-only</ulink>.
+ There is also the possibility of using
+ <ulink url="http://en.wikipedia.org/wiki/Javascript">Javascript</ulink> to
+ set cookies (&my-app; calls these <literal>content-cookies</literal>). This
+ is trickier because the syntax can vary widely, and thus requires a certain
+ amount of guesswork. It is not realistic to catch all of these short of
+ disabling Javascript, which would break many sites. And lastly, if the
+ cookies are embedded in a HTTPS/SSL secure session via Javascript, they are beyond
+ <application>Privoxy's</application> reach.
+</para>
+<para>
+ All in all, &my-app; can help manage cookies in general, can help minimize
+ the loss of privacy posed by cookies, but can't realistically stop all
+ cookies.
+</para>
+</sect2>
+
+<sect2 renderas="sect3" id="evil-cookies">
+<title>Are all cookies bad? Why?</title>
+<para>
+ No, in fact there are many beneficial uses of
+ <ulink
+ url="http://en.wikipedia.org/wiki/Browser_cookie">cookies</ulink>. Cookies are just a
+ method that browsers can use to store data between pages, or between browser
+ sessions. Sometimes there is a good reason for this, and the user's life is a
+ bit easier as a result. But there is a long history of some websites taking
+ advantage of this layer of trust, and using the data they glean from you and
+ your browsing habits for their own purposes, and maybe to your potential
+ detriment. Such sites are using you and storing their data on your system.
+ That is why the privacy conscious watch from whom those cookies come, and why
+ they really <emphasis>need</emphasis> to be there.
+</para>
+<para>
+ See the
+ <ulink url="http://en.wikipedia.org/wiki/Browser_cookie">Wikipedia cookie
+ definition</ulink> for more.
+</para>
+</sect2>
+
+<sect2 renderas="sect3" id="allow-cookies">
+<title>How can I allow permanent cookies for my trusted sites?</title>
+
+<para>
+ There are several actions that relate to cookies. The default behavior is to
+ allow only <quote>session cookies</quote>, which means the cookies only last
+ for the current browser session. This eliminates most kinds of abuse related
+ to cookies. But there may be cases where you want cookies to last.
+</para>
+<para>
+ To disable all cookie actions, so that cookies are allowed unrestricted,
+ both in and out, for <literal>example.com</literal>:
+</para>
+<para>
+ <screen>
+ { -crunch-incoming-cookies -crunch-outgoing-cookies -session-cookies-only -filter{content-cookies} }
+ .example.com</screen>
+</para>
+<para>
+ Place the above in <filename>user.action</filename>. Note that some of these may
+ be off by default anyway, so this might be redundant, but there is no harm
+ being explicit in what you want to happen. <filename>user.action</filename>
+ includes an alias for this situation, called
+ <literal>allow-all-cookies</literal>.
+</para>
+</sect2>
+
+<sect2 renderas="sect3" id="multiples">
+<title>Can I have separate configurations for different users?</title>
+<para>
+ Each instance of <application>Privoxy</application> has its own
+ configuration, including such attributes as the TCP port that it listens on.
+ What you can do is run multiple instances of <application>Privoxy</application>, each with
+ a unique
+ <ulink url="../user-manual/config.html#LISTEN-ADDRESS">listen-address</ulink>
+ configuration setting, and configuration path, and then
+ each of these can have their own configurations. Think of it as per-port
+ configuration.
+</para>
+<para>
+ Simple enough for a few users, but for large installations, consider having
+ groups of users that might share like configurations.
+</para>
+</sect2>
+
+<sect2 renderas="sect3" id="whitelists">
+<title>Can I set-up Privoxy as a whitelist of
+<quote>good</quote> sites?</title>
+<para>
+ Sure. There are a couple of things you can do for simple white-listing.
+ Here's one real easy one:
+</para>
+ <screen>
+ ############################################################
+ # Blacklist
+ ############################################################
+ { <ulink url="../user-manual/actions-file.html#BLOCK">+block</ulink> }
+ / # Block *all* URLs
+
+ ############################################################
+ # Whitelist
+ ############################################################
+ { <ulink url="../user-manual/actions-file.html#BLOCK">-block</ulink> }
+ kids.example.com
+ toys.example.com
+ games.example.com</screen>
+<para>
+ This allows access to only those three sites by first blocking all URLs, and
+ then subsequently allowing three specific exceptions.
+</para>
+<para>
+ Another approach is <application>Privoxy's</application>
+ <literal>trustfile</literal> concept, which incorporates the notion of
+ <quote>trusted referrers</quote>. See the <ulink
+ url="../user-manual/config.html#TRUSTFILE">Trust documentation</ulink>
+ for details.
+</para>
+<para>
+ These are fairly simple approaches and are not completely foolproof. There
+ are various other configuration options that should be disabled (described
+ elsewhere here and in <ulink url="../user-manual/">the User Manual</ulink>)
+ so that users can't modify their own configuration and easily circumvent the
+ whitelist.
+</para>
+</sect2>
+
+<sect2 renderas="sect3" id="no-adblock">
+<title>How can I turn off ad-blocking?</title>
+<para>
+ Ad blocking is achieved through a complex application of various &my-app;
+ <ulink url="../user-manual/actions-file.html">actions</ulink>. These
+ actions are deployed against simple images, banners, flash animations,
+ text pages, JavaScript, pop-ups and pop-unders, etc., so its not as simple as
+ just turning one or two actions off. The various actions that make up
+ &my-app; ad blocking are hard-coded into the default configuration files. It
+ has been assumed that everyone using &my-app; is interested in this
+ particular feature.
+ </para>
+ <para>
+ If you want to do without this, there are several approaches you can take:
+ You can manually undo the many block rules in
+ <filename>default.action</filename>. Or even easier, just create your own
+ <filename>default.action</filename> file from scratch without the many ad
+ blocking rules, and corresponding exceptions. Or lastly, if you are not
+ concerned about the additional blocks that are done for privacy reasons, you
+ can very easily over-ride <emphasis>all</emphasis> blocking with the
+ following very simple rule in your <filename>user.action</filename>:
+ </para>
+ <para>
+ <screen>
+ # Unblock everybody, everywhere
+ { <ulink url="../user-manual/actions-file.html#BLOCK">-block</ulink> }
+ / # UN-Block *all* URLs</screen>
+</para>
+<para>
+ Or even a more comprehensive reversing of various ad related actions:
+</para>
+<para>
+ <screen>
+ # Unblock everybody, everywhere, and turn off appropriate filtering, etc
+ { <ulink url="../user-manual/actions-file.html#BLOCK">-block</ulink> \
+ <ulink url="../user-manual/actions-file.html#FILTER-BANNERS-BY-SIZE">-filter{banners-by-size}</ulink> \
+ <ulink url="../user-manual/actions-file.html#FILTER-BANNERS-BY-LINK">-filter{banners-by-link}</ulink> \
+ <literal>allow-popups</literal> \
+ }
+ / # UN-Block *all* URLs and allow ads</screen>
+</para>
+<para>
+ This last <quote>action</quote> in this compound statement,
+ <literal>allow-popups</literal>, is an <ulink
+ url="../user-manual/actions-file.html#ALIASES">alias</ulink> that disables
+ various pop-up blocking features.
+</para>
+</sect2>
+
+<sect2 renderas="sect3" id="templates">
+<title>How can I have custom template pages, like the
+<emphasis>BLOCKED</emphasis> page?</title>
+<para>
+ &my-app; <quote>templates</quote> are specialized text files utilized by
+ &my-app; for various purposes and can easily be modified using any text
+ editor. All the template pages are installed in a sub-directory appropriately
+ named: <filename>templates</filename>. Knowing something about HTML syntax
+ will of course be helpful.
+</para>
+<para>
+ Be forewarned that the default templates are subject to being overwritten
+ during upgrades. You can, however, create completely new templates,
+ place them in another directory and specify the alternate path in the main
+ <filename>config</filename>. For details, have a look at the <ulink
+ url="../user-manual/config.html#templdir">templdir</ulink> option.
+</para>
+</sect2>
+
+<sect2 renderas="sect3" id="blockall">
+<title>How can I remove the <quote>Go There Anyway</quote> link from
+the <emphasis>BLOCKED</emphasis> page?</title>
+<para>
+ There is more than one way to do it (although Perl is not involved).
+</para>
+<para>
+ Editing the BLOCKED template page (see above) may dissuade some users, but
+ this method is easily circumvented. Where you need this level of control, you
+ might want to build &my-app; from source, and disable various features that are
+ available as compile-time options. You should
+ <command>configure</command> the sources as follows:
+</para>
+<para>
+ <screen>
+ ./configure --disable-toggle --disable-editor --disable-force</screen>
+</para>
+<para>
+ This will create an executable with hard-coded security features so that
+ &my-app; does not allow easy bypassing of blocked sites, or changing the
+ current configuration via any connected user's web browser.
+</para>
+<para>
+ Finally, all of these features can also be toggled on/off via options in
+ <application>Privoxy's</application> main <ulink
+ url="../user-manual/config.html#ACCESS-CONTROL">config</ulink> file which
+ means you don't have to recompile anything.
+</para>
+</sect2>
+
+</sect1>
+
+<!-- ~ End section ~ -->
+
+
+<!-- ~~~~~ New section ~~~~~ -->
+
+<sect1 id="misc"><title>Miscellaneous</title>
+
+<sect2 renderas="sect3" id="slowsme">
+<title>How much does Privoxy slow my browsing down? This
+has to add extra time to browsing.</title>
+<para>
+ How much of an impact depends on many things, including the CPU of the host
+ system, how aggressive the configuration is, which specific actions are being triggered,
+ the size of the page, the bandwidth of the connection, etc.
+</para>
+<para>
+ Overall, it should not slow you down any in real terms, and may actually help
+ speed things up since ads, banners and other junk are not typically being
+ retrieved and displayed. The actual processing time required by
+ <application>Privoxy</application> itself for each page, is relatively small
+ in the overall scheme of things, and happens very quickly. This is typically
+ more than offset by time saved not downloading and rendering ad images and
+ other junk content (if ad blocking is being used).
+</para>
+
+<para>
+ <quote>Filtering</quote> content via the <literal><ulink
+ url="../user-manual/actions-file.html#FILTER">filter</ulink></literal> or
+ <literal><ulink
+ url="../user-manual/actions-file.html#DEANIMATE-GIFS">deanimate-gifs</ulink></literal>
+ actions may cause a perceived slowdown, since the entire document
+ needs to be buffered before displaying. And on very large documents,
+ filtering may have some measurable impact. How much depends on the page size,
+ the actual definition of the filter(s), etc. See below. Most other actions
+ have little to no impact on speed.
+</para>
+<para>
+ Also, when filtering is enabled but zlib support isn't available, compression
+ is often disabled (see <ulink
+ url="../user-manual/actions-file.html#PREVENT-COMPRESSION">prevent-compression</ulink>).
+ This can have an impact on speed as well, although it's probably smaller than
+ you might think. Again, the page size, etc. will determine how much of an impact.
+</para>
+
+</sect2>
+
+
+<sect2 renderas="sect3" id="loadingtimes"><title>I notice considerable
+delays in page requests. What's wrong?</title>
+<para>
+ If you use any <literal><ulink
+ url="../user-manual/actions-file.html#FILTER">filter</ulink></literal> action,
+ such as filtering banners by size, web-bugs etc, or the <literal><ulink
+ url="../user-manual/actions-file.html#DEANIMATE-GIFS">deanimate-gifs</ulink></literal>
+ action, the entire document must be loaded into memory in order for the filtering
+ mechanism to work, and nothing is sent to the browser during this time.
+</para>
+<para>
+ The loading time typically does not really change much in real numbers, but
+ the feeling is different, because most browsers are able to start rendering
+ incomplete content, giving the user a feeling of "it works". This effect is
+ more noticeable on slower dialup connections. Extremely large documents
+ may have some impact on the time to load the page where there is filtering
+ being done. But overall, the difference should be very minimal. If there is a
+ big impact, then probably some other situation is contributing (like
+ anti-virus software).
+ </para>
+<para>
+ Filtering is automatically disabled for inappropriate MIME types. But note
+ that if the web server mis-reports the MIME type, then content that should
+ not be filtered, could be. <application>Privoxy</application> only knows how
+ to differentiate filterable content because of the MIME type as reported by
+ the server, or because of some configuration setting that enables/disables
+ filtering.
+</para>
+</sect2>
+
+<sect2 renderas="sect3" id="configurl"><title>What are "http://config.privoxy.org/" and
+"http://p.p/"?</title>
+<para>
+ <ulink url="http://config.privoxy.org/">http://config.privoxy.org/</ulink> is the
+ address of <application>Privoxy</application>'s built-in user interface, and
+ <ulink url="http://p.p/">http://p.p/</ulink> is a shortcut for it.
+</para>
+<para>
+ Since <application>Privoxy</application> sits between your web browser and the Internet,
+ it can simply intercept requests for these addresses and answer them with its built-in
+ <quote>web server</quote>.
+</para>
+<para>
+ This also makes for a good test for your browser configuration: If entering the
+ URL <ulink url="http://config.privoxy.org/">http://config.privoxy.org/</ulink>
+ takes you to a page saying <quote>This is Privoxy ...</quote>, everything is OK.
+ If you get a page saying <quote>Privoxy is not working</quote> instead, then
+ your browser didn't use <application>Privoxy</application> for the request,
+ hence it could not be intercepted, and you have accessed the <emphasis>real</emphasis>
+ web site at config.privoxy.org.
+</para>
+<para>
+ Note that config.privoxy.org resolves to a public IP address.
+ If you use config.privoxy.org as ping or traceroute target you will
+ reach the system on the Internet (Privoxy can't intercept ICMP requests).
+ If you want to ping the system Privoxy runs on,
+ you should use its IP address or local DNS name (if it has got one).
+</para>
+
+</sect2>
+
+<!--
+ out of date 09/02/06 HB
+<sect2 renderas="sect3" id="blocklist"><title>Do you still maintain the blocklists?</title>
+ <para>
+ No. The patterns for blocking now reside (among other things) in the <ulink
+ url="../user-manual/actions-file.html">actions files</ulink>, which are
+ actively maintained instead. See next question ...
+</para>
+</sect2>
+-->
+<sect2 renderas="sect3" id="newads"><title>How can I submit new ads, or report
+problems?</title>
+<para>
+Please see the <link linkend="contact">Contact section</link> for
+various ways to interact with the developers.
+</para>
+
+</sect2>
+
+<sect2 renderas="sect3" id="newads2"><title>If I do submit missed ads, will
+they be included in future updates?</title>
+<para>
+ Whether such submissions are eventually included in the
+ <filename>default.action</filename> configuration file depends on how
+ significant the issue is. We of course want to address any potential
+ problem with major, high-profile sites such as <citetitle>Google</citetitle>,
+ <citetitle>Yahoo</citetitle>, etc. Any site with global or regional reach,
+ has a good chance of being a candidate. But at the other end of the spectrum
+ are any number of smaller, low-profile sites such as for local clubs or
+ schools. Since their reach and impact are much less, they are best handled by
+ inclusion in the user's <filename>user.action</filename>, and thus would be
+ unlikely to be included.
+</para>
+
+</sect2>
+
+
+<sect2 renderas="sect3" id="noonecares"><title>Why doesn't anyone answer my support
+request?</title>
+<para>
+Rest assured that it has been read and considered. Why it is not answered,
+could be for various reasons, including no one has a good answer for it, no
+one has had time to yet investigate it thoroughly, it has been reported
+numerous times already, or because not enough information was provided to help
+us help you. Your efforts are not wasted, and we do appreciate them.
+</para>
+
+</sect2>
+
+
+<sect2 renderas="sect3" id="ip"><title>How can I hide my IP address?</title>
+<para>
+ If you run both the browser and &my-app; locally, you cannot hide your IP
+ address with <application>Privoxy</application> or ultimately any other
+ software alone. The server needs to know your IP address so that it knows
+ where to send the responses back.
+</para>
+<para>
+ There are many publicly usable "anonymous" proxies out there, which
+ provide a further level of indirection between you and the web server.
+</para>
+<para>
+ However, these proxies are called "anonymous" because you don't need
+ to authenticate, not because they would offer any real anonymity.
+ Most of them will log your IP address and make it available to the
+ authorities in case you violate the law of the country they run in. In fact
+ you can't even rule out that some of them only exist to *collect* information
+ on (those suspicious) people with a more than average preference for privacy.
+</para>
+<para>
+ If you want to hide your IP address from most adversaries,
+ you should consider chaining <application>Privoxy</application>
+ with <ulink url="https://www.torproject.org/">Tor</ulink>.
+ The configuration details can be found in
+ <ulink url="#TOR">How do I use <application>Privoxy</application> together
+ with <application>Tor</application> section</ulink>
+ just below.
+</para>
+</sect2>
+
+<sect2 renderas="sect3" id="anonforsure">
+<title>Can Privoxy guarantee I am anonymous?</title>
+<para>
+ No. Your chances of remaining anonymous are improved, but unless you
+ <ulink url="#TOR">chain <application>Privoxy</application> with <application>Tor</application></ulink>
+ or a similar proxy and know what you're doing when it comes to configuring
+ the rest of your system, you should assume that everything you do
+ on the Web can be traced back to you.
+</para>
+<para>
+ <application>Privoxy</application> can remove various information about you,
+ and allows <emphasis>you</emphasis> more freedom to decide which sites
+ you can trust, and what details you want to reveal. But it neither
+ hides your IP address, nor can it guarantee that the rest of the system
+ behaves correctly. There are several possibilities how a web sites can find
+ out who you are, even if you are using a strict <application>Privoxy</application>
+ configuration and chained it with <application>Tor</application>.
+</para>
+<para>
+ Most of <application>Privoxy's</application> privacy-enhancing features can be easily subverted
+ by an insecure browser configuration, therefore you should use a browser that can
+ be configured to only execute code from trusted sites, and be careful which sites you trust.
+ For example there is no point in having <application>Privoxy</application>
+ modify the User-Agent header, if websites can get all the information they want
+ through JavaScript, ActiveX, Flash, Java etc.
+</para>
+<para>
+ A few browsers disclose the user's email address in certain situations, such
+ as when transferring a file by FTP. <application>Privoxy</application>
+ does not filter FTP. If you need this feature, or are concerned about the
+ mail handler of your browser disclosing your email address, you might
+ consider products such as <application>NSClean</application>.
+</para>
+<para>
+ Browsers available only as binaries could use non-standard headers to give
+ out any information they can have access to: see the manufacturer's license
+ agreement. It's impossible to anticipate and prevent every breach of privacy
+ that might occur. The professionally paranoid prefer browsers available as
+ source code, because anticipating their behavior is easier. Trust the source,
+ Luke!
+</para>
+
+</sect2>
+
+<sect2 renderas="sect3" id="proxytest">
+<title>A test site says I am not using a Proxy.</title>
+<para>
+ Good! Actually, they are probably testing for some other kinds of proxies.
+ Hiding yourself completely would require additional steps.
+</para>
+</sect2>
+
+<sect2 renderas="sect3" id="tor"><title>How do I use Privoxy
+ together with Tor?</title>
+<para>
+ Before you configure <application>Privoxy</application> to use
+ <ulink url="https://www.torproject.org/">Tor</ulink>,
+ please follow the <citetitle>User Manual</citetitle> chapters
+ <ulink url="../user-manual/installation.html">2. Installation</ulink> and
+ <ulink url="../user-manual/startup.html">5. Startup</ulink> to make sure
+ <application>Privoxy</application> itself is setup correctly.
+</para>
+<para>
+ If it is, refer to <ulink url="https://www.torproject.org/documentation.html">Tor's
+ extensive documentation</ulink> to learn how to install <application>Tor</application>,
+ and make sure <application>Tor</application>'s logfile says that
+ <quote>Tor has successfully opened a circuit</quote> and it
+ <quote>looks like client functionality is working</quote>.
+</para>
+<para>
+ If either <application>Tor</application> or <application>Privoxy</application>
+ isn't working, their combination most likely will neither. Testing them on their
+ own will also help you to direct problem reports to the right audience.
+ If <application>Privoxy</application> isn't working, don't bother the
+ <application>Tor</application> developers. If <application>Tor</application>
+ isn't working, don't send bug reports to the <application>Privoxy</application> Team.
+</para>
+<para>
+ If you verified that <application>Privoxy</application> and <application>Tor</application>
+ are working, it is time to connect them. As far as <application>Privoxy</application>
+ is concerned, <application>Tor</application> is just another proxy that can be reached
+ by socks4, socks4a and socks5. Most likely you are interested in <application>Tor</application>
+ to increase your anonymity level, therefore you should use socks5, to make sure DNS
+ requests are done through <application>Tor</application> and thus invisible to your
+ local network. Using socks4a would work too, but with socks5 you get more precise error
+ messages.
+</para>
+
+<para>
+ <application>Privoxy's</application>
+ <ulink url="../user-manual/config.html">main configuration file</ulink>
+ is already prepared for <application>Tor</application>, if you are using a
+ default <application>Tor</application> configuration and run it on the same
+ system as &my-app;, you just have to edit the
+ <ulink url="../user-manual/config.html#FORWARDING">forwarding section</ulink>
+ and uncomment the line:
+</para>