Does it Leak? — Tumbleweed Edition

The following is a spreadsheet that I put together this weekend testing Linux applications and how well the work on Tor.

The first column is the name of the application and the second is the Linux distribution. In this case, I am using the latest build of OpenSUSE Tumbleweed with the latest patches applied.

The Torsocks column is whether or not the application is compatible with torsocks which is a wrapper around an application that send it’s networking requests to Tor instead of the standard internet.

The Proxy column is whether or not the application supports a SOCKS5 proxy with a DNS Proxy, specifically the one used by the Tor application.

The DNS Leak column is a test that I ran with Wireshark to see if any of the applications were misbehaving with DNS. i.e. Did they try to use DNS even though I set a proxy not to use it and/or did they go around the torsocks application and use DNS directly?

In the No DNS Test, I commented out the nameserver entry in /etc/resolv.conf so that the VM that I was using as a whole would not have access to DNS. Would the application be able to use DNS via Tor alone?

Finally, I tested to see if the application could reach a .onion site. I don’t have a OpenSUSE Repo in an .onion site or a steaming service like youtube to try so I didn’t test those.

ApplicationLinuxTorsocksProxyDNS LeakNo DNS Test.onion
FirefoxTumbleweedNoYesNoPassYes
ZypperTumbleweedYesNoNoPassn/a
LinksTumbleweedNoYesNoPassYes
LynxTumbleweedYesNoNoPassYes
w3mTumbleweedYesNoNoPassYes
curlTumbleweedYesYesNoPassYes
ChromiumTumbleweedNoYesNoPassYes
BraveTumbleweedNoYesNoPassYes
OtterTumbleweedNoYesNoPassYes
Youtube-dlTumbleweedYesNoNoPassn/a

My findings were that none of the applications that I tested had DNS Leaks though there could be other issues that I did not test for. If your concern is strictly about privacy and not being tracked, the official Tor Browser is the way to go. However I am keenly interested in other applications for Tor so this is my first step in finding what could be possible.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.