- doc
- anonymous internet
- Mit dem Tor Browser im Internet surfen
- Proxy server refusing connections
- AppArmor confinement, downloading, and uploading files
- Hiding that you are using Tor Browser
- HTTPS-Verschlüsselung mit HTTPS Everywhere
- Schutz gegen gefährliches JavaScript
- Sicherheitsstufe
- Tor Verbindungen
- Neue Identität-Funktion
- NoScript um noch mehr Kontrolle über JavaScript zu haben
- Letterboxing
Tor Browser ist ein Webbrowser, der auf Mozilla Firefox basiert und konfiguriert ist, Ihre Privatsphäre zu schützen.
Ihre Verbindungen zu Websites über das Tor-Netzwerk zu senden, reicht nicht aus, um Sie beim Surfen im Web vollständig zu schützen:
- Cookies können verwendet werden, um Sie auf verschiedenen Websites zu verfolgen und zu identifizieren.
- Sicherheitslücken in JavaScript wurden in der Vergangenheit benutzt um, den Tor Browser zu deanonymisieren. (https://arstechnica.com/information-technology/2013/08/attackers-wield-firefox-exploit-to-uncloak-anonymous-tor-users/).
Das ist auch der Grund, warum Tor Browser alle Arten von Sicherheitsfeatures in den Browser eingebaut hat.
Einige häufig gestellte Fragen zum Tor-Browser finden Sie im FAQ.
Proxy server refusing connections
The following error message in Tor Browser means that Tails is not yet connected to the Tor network:
The proxy server is refusing connections
Make sure that you are:
AppArmor confinement, downloading, and uploading files
Tor Browser ist in Tails mit AppArmor eingeschränkt, um das System und Ihre Daten vor einigen Arten von Angriffen gegen den Tor Browser zu schützen. Eine Konsequenz davon ist, dass der Tor Browser in Tails nur auf eine beschränkte Anzahl von Ordnern lesen und schreiben kann.
Deshalb könnten Sie beispielsweise auf Zugriff verweigert-Fehler stoßen, wenn Sie versuchen, Dateien in den Home-Ordner herunterzuladen.
Sie können Dateien vom Tor Browser in den Tor Browser Ordner speichern, der sich im Home-Verzeichnis befindet. Der Inhalt dieses Ordners wird verschwinden, sobald Sie Tails herunterfahren.
Wenn Sie Dateien mit dem Tor Browser hochladen möchten, kopieren Sie diese zuerst in diesen Ordner.
Wenn Sie die Funktion Dauerhafter Ordner des Dauerhaften Speichers aktiviert haben, können Sie auch den Ordner Persistent/Tor Browser verwenden, um Dateien mit dem Tor Browser herunterzuladen und hochzuladen. Der Inhalt des Ordners Persistent/Tor Browser wird über verschiedene Arbeitssitzungen hinweg gespeichert.
To prevent Tails from running out of memory and crashing, download very big files to the Persistent/Tor Browser folder. All the files that you download outside of the Persistent Storage are stored in memory (RAM), which is more limited.
Hiding that you are using Tor Browser
It is impossible to hide to the websites that you visit that you are using Tor, because the list of exit nodes of the Tor network is public.
That is why many more websites ask you to solve a CAPTCHA when using Tor Browser.
The anonymity provided by Tor Browser works by making all users look the same to make it impossible to know who is who among the millions of users of Tor Browser.
Tails tries to make it as difficult as possible for websites to distinguish Tails users from other users of Tor Browser. If it was possible for a website to determine whether you are a user of Tor Browser inside or outside of Tails, this would provide a little bit more information about you and reduce your anonymity.
The websites that you visit can retrieve a lot of information about your browser, whether it's Tor Browser or a regular browser. This information is called the fingerprint of the browser and includes the name and version of the browser, the size of the window, the time zone, the available fonts, etc.
To make it difficult to distinguish Tails users from other users of Tor Browser, Tor Browser in Tails tries to provide the same information as Tor Browser on other operating systems.
A difference is that Tails includes the uBlock Origin extension, which removes advertisements. If an attacker can determine that you are not downloading the advertisements that are included in a webpage, that could reveal that you are a Tails user.
To hide to someone monitoring your Internet connection that you are connecting to Tor, see our documentation about connecting to the Tor network.
HTTPS-Verschlüsselung mit HTTPS Everywhere
Using HTTPS instead of HTTP encrypts your communications with the website and prevents the Tor exit node from intercepting your communications.
For example, here is how the browser looks when we try to log in to an email account at riseup.net, using their webmail interface:
Notice the padlock icon on the left of the address bar saying "mail.riseup.net". Notice also the address beginning with "https://" (instead of "http://"). These are the indicators that an encrypted connection using HTTPS is being used.
When you are sending or retrieving sensitive information (like passwords), you should try to only use services providing HTTPS. Otherwise, it is very easy for an eavesdropper to steal whatever information you are sending, or to modify the content of a page on its way to your browser.
HTTPS Everywhere is a Firefox extension included in Tor Browser. It is produced as a collaboration between The Tor Project and the Electronic Frontier Foundation. It encrypts your communications with a number of major websites. Many sites on the web offer some limited support for encryption over HTTPS, but make it difficult to use. For example, they might default to unencrypted HTTP, or fill encrypted pages with links that go back to the unencrypted site. The HTTPS Everywhere extension fixes these problems by rewriting all requests to these sites to HTTPS.
To learn more about HTTPS Everywhere, you can see:
Schutz gegen gefährliches JavaScript
Having all JavaScript disabled by default would disable a lot of harmless and possibly useful JavaScript, and might render many websites unusable.
That is why JavaScript is enabled by default but Tor Browser disables all potentially dangerous JavaScript. We consider this as a necessary compromise between security and usability.
To understand better the behavior of Tor Browser, for example, regarding JavaScript and cookies, you can refer to the Tor Browser design document.
Sicherheitsstufe
Sie können das Sicherheitslevel des Tor Browsers ändern, um Browserfunktionen als Kompromiss zwischen Sicherheit und Benutzerfreundlichkeit zu deaktivieren. Zum Beispiel können Sie das Sicherheitslevel auf Am sichersten setzen, um JavaScript komplett zu deaktivieren.
The security level is set to Standard by default which gives the most usable experience.
Um das Sicherheitslevel zu ändern, klicken Sie auf das Symbol rechts in der Adressleiste
und wählen Sie
Erweiterte Sicherheitseinstellungen….
You can safely disregard the message, "Your browser is being managed by your organization," which appears in the Tor Browser preferences.
All this message means is that the automatic updates feature of Tor Browser has been disabled. This is done intentionally in Tails to make sure that no security feature or configuration gets broken by automatic updates of Tor Browser.
Tor Verbindungen
Click on the padlock in the address bar to show the Tor circuit that is used to connect to the website in the current tab, its 3 relays, their countries, and IP addresses.
The last relay in the circuit, the one immediately above the destination website, is the exit relay. Its country might influence how the website behaves.
Click on the New Circuit for this Site button to use a different circuit.
You can use Onion Circuits to get more detailed information about the circuits being used.
Neue Identität-Funktion
To switch to a new identity, choose
.Die neue Identitätsfunktion des Tor Browsers:
- Schließt alle Tabs.
- Clears the session state including cache, history, and cookies.
- Beendet alle bestehenden Webverbindungen und erstellt neue Tor-Verbindungen.
Diese Funktion ist nicht ausreichend, um kontextbezogene Identitäten stark zu trennen da die außerhalb des Tor Browsers verwendeten Tor-Schaltkreise nicht geändert werden.
Restart Tails instead.
For more details, see the design and implementation of the Tor Browser.
NoScript um noch mehr Kontrolle über JavaScript zu haben
Tor Browser includes the NoScript extension to:
- Protect from more JavaScript attacks. For example, cross-site scripting (XSS) attacks.
- Allow you to disable JavaScript completely on some websites only.
For more information, you can refer to the NoScript website and features.
Letterboxing
The letterboxing feature of Tor Browser helps to prevent websites from identifying your browser based on the size of its window. Without letterboxing, websites could use the size of the browser window to track visitors or weaken your anonymity.
The letterboxing feature of Tor Browser works by adding gray margins to the browser window when the window is resized. The webpage remains as close as possible to the desired size without revealing the actual size of the window.