[tor-talk] Is it secure to use Tor with HTTP Proxies?

Laura Sharpe laurasharpe at mailbox.org
Fri Oct 14 12:20:00 UTC 2016


Is it secure to use Tor with HTTP proxies? Like this:


Use proxychains and in /etc/proxychains.conf use:


[ProxyList]

# defaults set to "tor"

socks5 127.0.0.1 9050


In "standard" Firefox (not the TBB) set Manual Proxy Configuration to a HTTP proxy and use the same proxy for all protocols. Make sure Remote DNS is ticked.


Assume that the HTTP proxy is legitimate.


>From the command line run:


proxychains firefoxhttp://www.example_site.com/


Traffic will be routed by proxychains through Tor then is transferred through the HTTP proxy.


You may say that this is a bad idea since HTTP works at the application layer and hence traffic can be intercepted by the provider of the HTTP proxy (unlike SOCKS proxies which work at the transport layer (I think)). But if the traffic from the user is always to a HTTPS site, then why should there be a problem even if the content was intercepted?


I know that you can also use proxychains with SOCKS proxies but my questions is specifically about using proxychains with HTTP proxies.


More information about the tor-talk mailing list