4.1. How much does Privoxy slow my browsing down? This
-has to add extra time to browsing.
How much of an impact depends on many things, including the CPU of the host
system, how aggressive the configuration is, which specific actions are being triggered,
- the size of the page, etc.
Overall, it should not slow you down any in real terms, and may actually help
speed things up since ads, banners and other junk are not typically being
@@ -98,8 +101,8 @@ CLASS="APPLICATION"
>Privoxy itself for each page, is relatively small
in the overall scheme of things, and happens very quickly. This is typically
- more than offset by time saved not downloading and rendering ad images (if ad
- blocking is being used).
deanimate-gifs
- actions will certainly cause a perceived slowdown, since the entire document
- needs to be buffered before displaying. And on very large documents, there may be
- some impact. How much depends on the page size, the actual definition of the
- filter(s), etc. See below. Most other actions have little to no impact on
- speed.
Also, when filtering is enabled but zlib support isn't available, compression
+ is often disabled (see prevent-compression).
+ This can have an impact on speed as well, although it's probably smaller than
+ you might think. Again, the page size, etc. will determine how much of an impact.
4.3. What are "http://config.privoxy.org/" and
-"http://p.p/"?
web site at config.privoxy.org.
With recent versions of Privoxy (version 2.9.x and
- later), the user interface features information on the run time status, the
- configuration, and even a built-in editor for the actions files.
Note that the built-in URLs from earlier versions of Junkbuster
- / Privoxy, http://example.com/show-proxy-args and http://i.j.b/,
- are no longer supported. If you still use such an old version, you should really consider
- upgrading to 3.0.5.
4.5. Why doesn't anyone answer my support
-request?
4.6. Why doesn't anyone answer my support
+request?
Rest assured that it has been read and considered. Why it is not answered,
could be for various reasons, including no one has a good answer for it, no
@@ -296,28 +320,32 @@ CLASS="SECT2"
CLASS="SECT2"
>4.6. How can I hide my IP address?4.7. How can I hide my IP address?
If you run both the browser and the proxy locally, you cannot hide your IP
+> If you run both the browser and Privoxy locally, you cannot hide your IP
address with Privoxy or ultimately any other
- software. The server needs to know your IP address so that it knows where to
- send the responses back.
There are many publicly usable "anonymous" proxies out there, which
provide a further level of indirection between you and the web server.
However, these proxies are called "anonymous" because you don't need
- a password, not because they would offer any real anonymity.
+ to authenticate, not because they would offer any real anonymity.
Most of them will log your IP address and make it available to the
authorities in case you violate the law of the country they run in. In fact
you can't even rule out that some of them only exist to *collect* information
on (those suspicious) people with a more than average preference for privacy.
Your best bet is to chain If you want to hide your IP address from most adversaries,
+ you should consider chaining Privoxy
@@ -325,12 +353,7 @@ CLASS="APPLICATION"
HREF="http://tor.eff.org/"
TARGET="_top"
>Tor,
- an EFF supported onion routing system.
+>.
The configuration details can be found in
How do I use Privoxy together with together
+ with Tor section4.7. Can Privoxy guarantee I am anonymous?
4.8. Can Privoxy guarantee I am anonymous? No. Your chances of remaining anonymous are greatly improved, but unless you
+> No. Your chances of remaining anonymous are improved, but unless you
Tor
- or a similar system and know what you're doing when it comes to configuring
- the rest of your system, it would be safest to assume that everything you do
+ or a similar proxy and know what you're doing when it comes to configuring
+ the rest of your system, you should assume that everything you do
on the Web can be traced back to you.
you more freedom to decide which sites
+> more freedom to decide which sites
you can trust, and what details you want to reveal. But it neither
- hides your ip address, nor can it guarantee that the rest of the system
+ hides your IP address, nor can it guarantee that the rest of the system
behaves correctly. There are several possibilities how a web sites can find
out who you are, even if you are using a strict Most of Privoxy's protection can be easily subverted
+> privacy-enhancing features can be easily subverted
by an insecure browser configuration, therefore you should use a browser that can
be configured to only execute code from trusted sites, and be careful which sites you trust.
For example there is no point in having 4.8. A test site says I am not using a Proxy.
4.9. A test site says I am not using a Proxy. Good! Actually, they are probably testing for some other kinds of proxies.
Hiding yourself completely would require additional steps.
4.9. How do I use Privoxy
- together with Tor?4.10. How do I use Privoxy
+ together with Tor? Before you configure Privoxy to use Tor
- ( to use
+ http://tor.eff.org/),
- please follow the User Manual chapters
+>Tor,
+ please follow the User Manual chapters
If it is, refer to Tor's
extensive documentationTor
- to increase your anonymity level, therefore you should use socks4a,
- to make sure Privoxy's DNS requests are
+ to increase your anonymity level, therefore you should use socks4a, to make sure DNS requests are
done through Tor Since Privoxy 3.0.4, its configuration (section 5.2)
+> 3.0.5, its
+ main configuration file
is already prepared for TorPrivoxy, you just have to uncomment the line:
, you just have to edit the
+
forwarding section
+ and uncomment the line:
This is enough to reach the Internet, but additionally you should
+> This is enough to reach the Internet, but additionally you might want to
uncomment the following forward rules, to make sure your local network is still
reachable through Privoxy:
Unencrypted connections to systems in these address ranges will
be as (un)secure as the local network is, but the alternative is
- that you can't reach the network at all.
- If you also want to be able to reach servers in your local
- network by using their names, you will need additional
- exceptions that look like this:
If you want your browser to be able to reach servers in your local
+ network by using their names, you will need additional exceptions
+ that look like this:
Privoxy has reloaded its configuration
- and that there are no other forward lines, unless you know that you need them. I everything looks good,
+ and that there are no other forward lines, unless you know that you need them. If everything looks good,
refer to
Tor
Faq 4.2Tor does, why it is no replacement for
- application level security, and why you shouldn't use it for unencrypted logins.4.10. Might some things break because header information or
-content is being altered?
Definitely. More and more sites use HTTP header content to decide what to
- display and how to display it. There is many ways that this can be handled,
+NAME="AEN862"
+>4.11. Might some things break because header information or
+content is being altered?
Definitely. It is common for sites to use browser type, browser version,
+ HTTP header content, and various other techniques in order to dynamically
+ decide what to display and how to display it. What you see, and what I see,
+ might be very different. There are many, many ways that this can be handled,
so having hard and fast rules, is tricky.
The "User-Agent" in particular is often used in this way to identify
- the browser, and adjust content accordingly. Changing this now (at least not
- further than removing the OS information) is not recommended, since so many
- sites do look for it. You may get undesirable results by changing this.
is sometimes used in this way to identify
+ the browser, and adjust content accordingly.
For instance, different browsers use different encodings of Russian and Czech
+> Also, different browsers use different encodings of non-English
characters, certain web servers convert pages on-the-fly according to the
User Agent header. Giving a "Referer" or cookie is provided, is another example. (But you
can forge both headers without giving information away). There are
- many other ways things can go wrong when trying to fool a web server.
"
Turn off fast-redirects or else!
+ "
Similar thoughts apply to modifying JavaScript, and, to a lesser degree,
HTML elements.
4.11. Can Privoxy act as a 4.12. Can Privoxy act as a "caching" proxy to
-speed up web browsing?
No, it does not have this ability at all. You want something like
Squid for this. And, yes,
- before you ask, or
+ Polipo for this.
+ And, yes, before you ask, Privoxy can co-exist
@@ -754,17 +812,17 @@ CLASS="SECT2"
>4.12. What about as a firewall? Can Privoxy protect me?
4.13. What about as a firewall? Can Privoxy protect me? Not in the way you mean, or in the way a true firewall can.
+> Not in the way you mean, or in the way some firewall vendors claim they can.
Privoxy can help protect your privacy, but not
- protect you from intrusion attempts. It is, of course, perfectly possible
- and recommended to use can help protect your privacy, but can't
+ protect your system from intrusion attempts. It is, of course, perfectly possible
+ to use 4.13. I have large empty spaces / a checkerboard pattern now where
-ads used to be. Why?
It would be technically possible eliminate the banners in a way that frees
- their screen estate in many cases, by doing all banner blocking with filters,
- i.e. eliminating the whole image references from the HTML pages instead
- of letting them stay in, and blocking the resulting requests for the
- banners themselves.
But this would consume considerable CPU resources, would likely destroy
- the layout of many web pages which rely on the banners consuming a certain
- amount of screen space, and would fail in other cases, where the screen space
- is reserved e.g. by tables anyway. Also, making the banners disappear without
- a visual trace complicates troubleshooting.
So we won't support this in the default configuration, but you can of course
- define appropriate filters yourself.
4.14. I have large empty spaces / a checkerboard pattern now where
+ads used to be. Why? It is technically possible to eliminate banners and ads in a way that frees
+ their allocated page space. This could easily be done by blocking with
+ Privoxy's filters,
+ and eliminating the entire image references from the
+ HTML page source.
But, this would consume considerably more CPU resources (IOW, slow things
+ down), would likely destroy the layout of some web pages which rely on the
+ banners utilizing a certain amount of page space, and might fail in other
+ cases, where the screen space is reserved (e.g. by HTML tables for instance).
+ Also, making ads and banners disappear without any trace complicates
+ troubleshooting, and would sooner or later be problematic.
The better alternative is to instead let them stay, and block the resulting
+ requests for the banners themselves as is now the case. This leaves either
+ empty space, or the familiar checkerboard pattern.
So the developers won't support this in the default configuration, but you
+ can of course define appropriate filters yourself to achieve this.
4.14. How can Privoxy filter Secure (HTTPS) URLs?
4.15. How can Privoxy filter Secure (HTTPS) URLs?
Since secure HTTP connections are encrypted SSL sessions between your browser
and the secure site, and are meant to be reliably 4.15. Privoxy runs as a 4.16. Privoxy runs as a "server". How
-secure is it? Do I need to take any special precautions?
There are no known exploits that might affect
- Privoxy. On Unix-like systems,
- On Unix-like systems, Privoxy can run as a non-privileged
- user, which is how we recommend it be run. Also, by default
+ user, which is how we recommend it be run. Also, by default
Privoxy only listens to requests
- from listens to requests from "localhost" only. The server aspect of
-
+ only.
The server aspect of Privoxy is not itself directly exposed to the
- Internet in this configuration. If you want to have
+> is not itself directly
+ exposed to the Internet in this configuration. If you want to have
Privoxy4.16. How can I temporarily disable Privoxy?4.17. Can I temporarily disable Privoxy?
The easiest way is to access Privoxy with your
- browser by using the remote toggle URL: doesn't have a transparent proxy mode,
+ but you can toggle off blocking and content filtering.
The easiest way to do that is to point your browser
+ to the remote toggle URL: http://config.privoxy.org/toggle.
- See the .
See the Bookmarklets sectionUser Manual for an easy way to access this
- feature.
config file.
4.17. When
4.18. When "disabled" is Privoxy totally
-out of the picture? No, this just means all filtering and actions are disabled.
+> No, this just means all optional filtering and actions are disabled.
Privoxy is still acting as a proxy, but just not
- doing any of the things that is still acting as a proxy, but just
+ doing less of the things that Privoxy would
@@ -969,7 +1045,24 @@ CLASS="APPLICATION"
CLASS="QUOTE"
>"middle-man" in
- the interaction between your browser and web sites.
Bypassing a proxy, or proxying based on arbitrary criteria, is purely a browser
+ configuration issue, not a Privoxy issue. Modern browsers typically do have
+ settings for not proxying certain sites. Check your browser's help files.
4.18. My logs show Privoxy
4.20. My logs show Privoxy "crunches"
ads, but also its own internal CGI pages. What is a "crunch"?? A "crunch".
Since version 3.0.7, Privoxy will also log the crunch reason.
+ If you are using an older version you might want to upgrade.
4.19. Can Privoxy effect files that I download
-from a webserver? FTP server?4.21. Can Privoxy effect files that I download
+from a webserver? FTP server?
From the webserver's perspective, there is no difference between
viewing a document (i.e. a page), and downloading a file. The same is true of
@@ -1081,7 +1177,7 @@ CLASS="APPLICATION"
> knows the differences in files according
to the "Document Type""Content Type" as reported by the webserver. If this is
reported accurately (e.g. In short, filtering is "ON" if a) the Document Type as reported
+> if a) the content type as reported
by the webserver is appropriate "bad". It's the configuration that let's it all happen or not.
. It's the configuration that lets it all happen or not.
If you download text files, you probably do not want these to be filtered,
particularly if the content is source code, or other critical content. Source
@@ -1158,7 +1254,7 @@ CLASS="EMPHASIS"
CLASS="APPLICATION"
>Privoxy does not do FTP at all, only HTTP
- and HTTPS (SSL) protocols, so please don't try.
4.20. I just downloaded a Perl script, and Privoxy
-altered it! Yikes, what is wrong!4.22. I just downloaded a Perl script, and Privoxy
+altered it! Yikes, what is wrong!
Please read above.
One time-tested technique to defeat common ads is to trick the local DNS
system by giving a phony IP address for the ad generator in the local
@@ -1211,8 +1307,8 @@ CLASS="APPLICATION"
CLASS="FILENAME"
>HOSTS file, in fact, not only
- duplicates effort, but may get in the way. It is recommended to remove
- such entries from your HOSTS file. If you think
@@ -1249,9 +1345,9 @@ CLASS="SECT2"
CLASS="SECT2"
>4.22. Where can I find more information about Privoxy
-and related issues?4.24. Where can I find more information about Privoxy
+and related issues?
Other references and sites of interest to http://sourceforge.net/tracker/?group_id=11118&atid=460288, to submit
-
http://www.squid-cache.org/, a very popular
+>, a popular
caching proxy, which is often used together with Privoxy| http://www.pps.jussieu.fr/~jch/software/polipo/,
+ Polipo is a caching proxy with advanced features
+ like pipelining, multiplexing and caching of partial instances. In many setups
+ it can be used as Squid replacement.
+ |
+ | http://tor.eff.org/4.23. I've noticed that Privoxy changes 4.25. I've noticed that Privoxy changes "Microsoft" to
"MicroSuck"! Why are you manipulating my browsing?! Why are you manipulating my browsing? We're not. The text substitutions that you are seeing are disabled
in the default configuration as shipped. You have either manually
@@ -1547,11 +1670,34 @@ CLASS="QUOTE"
>"Text replacements for subversive browsing
fun!" or you are using an older Privoxy version and have implicitly
- activated it by choosing the "Adventuresome""Advanced" profile in the
- web-based editor. Please upgrade! Privoxy generates HTML in both its own "templates", and possibly
+ whenever there are text substitutions via a Privoxy filter. While this
+ should always conform to the HTML 4.01 specifications, it has not been
+ validated against this or any other standard. |
|