From d97ab35aa14dfa3575cc1042603540885aaba21f Mon Sep 17 00:00:00 2001 From: Roger Dingledine Date: Mon, 11 Oct 2010 05:37:19 +0000 Subject: [PATCH] add back the faq entries that got dropped in the move. also add back a correction. --- docs/en/faq.wml | 249 +++++++++++++++++++++++++++++++++++++++++++++++- 1 file changed, 245 insertions(+), 4 deletions(-) diff --git a/docs/en/faq.wml b/docs/en/faq.wml index e2fd69c9..75738ad9 100644 --- a/docs/en/faq.wml +++ b/docs/en/faq.wml @@ -46,7 +46,16 @@

Running a Tor client:

Running a Tor relay:

@@ -712,7 +721,154 @@

Please contact us if you know any others.

- + +
+ + +

I installed Tor and Polipo but +it's not working.

+ +

+Once you've installed the Tor bundle, there are two questions to ask: +first, is your Tor able to establish a circuit? Second, is your +Firefox correctly configured to send its traffic through Tor? +

+ +

If Tor can establish a circuit, the onion icon in +Vidalia will turn green. You can also check in the Vidalia +Control Panel to make sure it says "Connected to the Tor +network!" under Status. For those not using Vidalia, check your Tor logs for +a line saying that Tor "has successfully opened a circuit. Looks like +client functionality is working." +

+ +

+If Tor can't establish a circuit, here are some hints: +

+ +
    +
  1. Are you sure Tor is running? If you're using Vidalia, you may have +to click on the onion and select "Start" to launch Tor.
    2. +
  2. Check your system clock. If it's more than a few hours off, Tor will +refuse to build circuits. For XP users, synchronize your clock under +the clock -> Internet time tab. In addition, correct the day and date +under the 'Date & Time' Tab.
    3. +
  3. Is your Internet connection firewalled, +or do you normally need to use a proxy? +
    4. +
  4. Are you running programs like Norton Internet Security or SELinux that +block certain connections, even though you don't realize they do? They +could be preventing Tor from making network connections.
    5. +
  5. Are you in China, or behind a restrictive corporate network firewall +that blocks the public Tor relays? If so, you should learn about Tor bridges.
    6. +
  6. Check your Tor +logs. Do they give you any hints about what's going wrong?
    7. +
+ +

+Step two is to confirm that Firefox is correctly configured to send its +traffic through Tor. Try the Tor +Check site and see whether it thinks you are using Tor. See the +Tor Check FAQ entry for details. +

+ +

+If it thinks you're not using Tor, here are some hints: +

+ +
    +
  1. Did you install the Torbutton extension for Firefox? The installation +bundles include it, but sometimes people forget to install it. Make sure +it says "Tor enabled" at the bottom right of your Firefox window. (For +expert users, make sure your http proxy is set to localhost port +8118.)
    2. +
  2. Do you have incompatible Firefox extensions like FoxyProxy +installed? If so, uninstall them. (Note that using FoxyProxy is NOT +a sufficient substitute for Torbutton. There are many known attacks +against a browser setup that does not include Torbutton. Read more +in the Torbutton FAQ and the Torbutton design +specification.)
    3. +
  3. If your browser says "The proxy server is refusing connections.", +check that Polipo (the http proxy that passes traffic between Firefox +and Tor) is running. On Windows, look in the task manager and check for +a polipo.exe. On OS X, open the utilities folder in your applications +folder, and open Terminal.app. Then run "ps aux|grep polipo".
    4. +
  4. If you're upgrading from OS X, some of the earlier OS X installers +were broken in really unfortunate ways. You may find that uninstalling everything and then +installing a fresh bundle helps. Alas, the current uninstall instructions +may not apply anymore to your old bundle. Sorry.
    5. +
  5. If you're on Linux, make sure Privoxy isn't running, since it will +conflict with the port that our Polipo configuration file picks.
    6. +
  6. If you installed Polipo yourself (not from a bundle), did you edit the +config file as described? Did you restart Polipo after this change?
    7. +
  7. For Red Hat Linux and related systems, do you have SELinux enabled? If +so, it might be preventing Polipo from talking to Tor. We also run across +BSD users periodically who have local firewall rules that prevent some +connections to localhost.
    8. +
+ +
+ + +

Tor/Vidalia prompts for +a password at start.

+ +

+Vidalia interacts with the Tor software via Tor's "control port". The +control port lets Vidalia receive status updates from Tor, request a new +identity, configure Tor's settings, etc. Each time Vidalia starts Tor, +Vidalia sets a random password for Tor's control port to prevent other +applications from also connecting to the control port and potentially +compromising your anonymity. +

+ +

+Usually this process of generating and setting a random control password +happens in the background. There are three common situations, though, +where Vidalia may prompt you for a password: +

+ +
    +
  1. You're already running Vidalia and Tor. For example, this situation +can happen if you installed the Vidalia bundle and now you're trying to +run the Tor Browser Bundle. In that case, you'll need to close the old +Vidalia and Tor before you can run this one. +
    2. +
  2. Vidalia crashed, but left Tor running with the last known random +password. After you restart Vidalia, it generates a new random password, +but Vidalia can't talk to Tor, because the random passwords are different. +
    +If the dialog that prompts you for a control password has a Reset button, +you can click the button and Vidalia will restart Tor with a new random +control password. +
    +If you do not see a Reset button, or if Vidalia is unable to restart +Tor for you, you can still fix the problem manually. Simply go into your +process or task manager, and terminate the Tor process. Then use Vidalia +to restart Tor and all will work again. +
    3. +
  3. You had previously set Tor to run as a Windows NT service. When Tor +is set to +run as a service, it starts up when the system boots. If you configured +Tor to start as a service through Vidalia, a random password was set +and saved in Tor. When you reboot, Tor starts up and uses the random +password it saved. You login and start up Vidalia. Vidalia attempts to +talk to the already running Tor. Vidalia generates a random password, +but it is different than the saved password in the Tor service. +
    +You need to reconfigure Tor to not be a service. See the FAQ entry on +running Tor as a Windows NT service +for more information on how to remove the Tor service. +
    4. +
+
@@ -771,7 +927,92 @@

- + + +

Google makes me solve a +Captcha or tells me I have spyware installed.

+ +

+This is a known and intermittent problem; it does not mean that Google +considers Tor to be spyware. +

+ +

+When you use Tor, you are sending queries through exit relays that are also +shared by thousands of other users. Tor users typically see this message +when many Tor users are querying Google in a short period of time. Google +interprets the high volume of traffic from a single IP address (the exit +relay you happened to pick) as somebody trying to "crawl" their website, +so it slows down traffic from that IP address for a short time. +

+

+An alternate explanation is that Google tries to detect certain +kinds of spyware or viruses that send distinctive queries to Google +Search. It notes the IP addresses from which those queries are received +(not realizing that they are Tor exit relays), and tries to warn any +connections coming from those IP addresses that recent queries indicate +an infection. +

+ +

+To our knowledge, Google is not doing anything intentionally specifically +to deter or block Tor use. The error message about an infected machine +should clear up again after a short time. +

+ +

+Torbutton 1.2.5 (released in mid 2010) detects Google captchas and can +automatically redirect you to a more Tor-friendly search engine such as +Ixquick or Bing. +

+ +
+ + +

Gmail warns me that my account +may have been compromised.

+ +

+Sometimes, after you've used Gmail over Tor, Google presents a +pop-up notification that your account may have been compromised. The +notification window lists a series of IP addresses and locations throughout +the world recently used to access your account. +

+ +

+In general this is a false alarm: Google saw a bunch of logins from +different places and wanted to let +you know. If you use Tor to access a Google service, then it will appear +like you're coming from lots of different places. Nothing to worry about +in particular. +

+ +

+But that doesn't mean you can entirely ignore the warning. It's +probably a false positive, but it might not be. It is possible +that somebody could at some point steal your Google cookie, which would +allow them to log in to the Google service as you. They might steal it +by breaking into your computer, or by watching your network traffic at +Starbucks or sniffing your wireless at home (when you're not using Tor), +or by watching traffic going over the Tor network. In theory none of +this should be possible because Gmail and similar services should only +send the cookie over an SSL link. In practice, alas, it's way +more complex than that. +

+ +

+And if somebody did steal your google cookie, they might end +up logging in from unusual places (though of course they also might +not). So the summary is that since you're using Tor, this security +measure that Google uses isn't so useful for you, because it's full of +false positives. You'll have to use other approaches, like seeing if +anything looks weird on the account, or looking at the timestamps for +recent logins and wondering if you actually logged in at those times. +

+ +
+

How stable does my relay need to be?

@@ -880,7 +1121,7 @@ publically or not.

-

Right now, there are roughly zero places in the world that filter +

Right now, there are a small number of places in the world that filter connections to the Tor network. So getting a lot of bridges running right now is mostly a backup measure, a) in case the Tor network does get blocked somewhere, and b) for people who want an extra layer of