其它
How do I check if my application that uses SOCKS is leaking DNS requests?
Even if your application is using the correct variant of the SOCKS protocol, there is still a risk that it could be leaking DNS queries. This problem happens in Firefox extensions that resolve the destination hostname themselves, for example to show you its IP address, what country it's in, etc. If you suspect your application might behave like this, follow the instructions below to check.
- Add
TestSocks 1to your torrc file. - Start Tor, and point your program's SOCKS proxy settings to Tor's SOCKS5 server (
socks5://127.0.0.1:9050by default). - Watch your logs as you use your application. For each socks connection, Tor will log a
noticefor safe connections, and awarnfor connections leaking DNS requests.
If you want to automatically disable all connections leaking DNS requests, set SafeSocks 1 in your torrc file.
Tor Project 有开发私密聊天软件吗?
不,在几次 beta 版之后,我们终止了 Tor Messenger 的支持。 即使现在没有那么多资源进行这项工作,我们依旧相信 Tor 可以和即时消息结合。 你也相信吗?联系我们。
如何提交漏洞或给予反馈
Tor 依靠全球用户和志愿者的支持来帮助我们改进我们的软件和资源,因此您的反馈对我们(以及所有 Tor 用户)都非常有价值。
反馈模板
给我们发送反馈或者报告程序问题时,请尽量包含以下信息,越多越好:
- Operating System you are using
- Tor 浏览器版本
- Tor Browser Security Level
- 请详细叙述您遇到问题的过程和步骤,以便于我们重新还原您遇到的问题。(比如,“我打开了浏览器,输入了一个网页地址,点击了图标,然后我的浏览器就崩溃了。”)
- 一张有关该问题的截屏。
- 日志文件
如何与我们联系
有多种方式可以联系我们,请选择对您来说最方便的一种。
Tor Forum
We recommend asking for help on the Tor Forum. You will need to create an account to submit a new topic. Before you ask, please review our discussion guidelines. At the moment, for the fastest response, please write in English. If you found a bug, please use GitLab.
GitLab
First, check if the bug is already known. You can search and read all the issues at https://gitlab.torproject.org/. To create a new issue, please request a new account to access Tor Project's GitLab instance and find the right repository to report your issue. We track all Tor Browser related issues at Tor Browser issue tracker. Issues related to our websites should be filed under the Web issue tracker.
电子邮件
给我们发送邮件至frontdesk@torproject.org
In the subject line of your email, please tell us what you're reporting. The more specific your subject line is (e.g. "Connection failure", "feedback on website", "feedback on Tor Browser, "I need a bridge"), the easier it will be for us to understand and follow up. Sometimes when we receive emails without subject lines, they're marked as spam and we don't see them.
For the fastest response, please write in English, Spanish, and/or Portuguese if you can. If none of these languages works for you, please write in any language you feel comfortable with, but keep in mind it will take us a bit longer to answer as we will need help with translation to understand it.
博客文章评论
You can always leave comments on the blog post related to the issue or feedback you want to report. If there is not a blog post related to your issue, please contact us another way.
IRC
You can find us in the #tor channel on OFTC to give us feedback or report bugs/issues. We may not respond right away, but we do check the backlog and will get back to you when we can.
Learn how to connect to OFTC servers.
邮件列表
For reporting issues or feedback using email lists, we recommend that you do so on the one that is related to what you would like to report. A complete directory of our mailing lists can be found here.
想要反馈或有关 Tor 浏览器、Tor 网络和 Tor 开发的其他项目的问题:tor-talk
想要反馈或有关我们网站的问题:ux
想要获得反馈或有关运行 Tor 中继服务器的问题: tor-relays
反馈有关 Tor 浏览器使用手册或支持网站的问题:tor-community-team
报告安全问题
如果您在我们的项目或基础设施里发现了问题,请发邮件至tor-security@lists.torproject.org。 如果您在 Tor或 Tor 浏览器里找到了安全漏洞,请报告给我们的漏洞悬赏项目. 如果您想要加密您的邮件,可以通过与tor-security-sendkey@lists.torproject.org联系或从pool.sks-keyservers.net获取列表的GPG公钥。 这是指纹:
gpg --fingerprint tor-security@lists.torproject.org
pub 4096R/1A7BF184 2017-03-13
Key fingerprint = 8B90 4624 C5A2 8654 E453 9BC2 E135 A8B4 1A7B F184
uid tor-security@lists.torproject.org
uid tor-security@lists.torproject.org
uid tor-security@lists.torproject.org
sub 4096R/C00942E4 2017-03-13
我如何使用 Tor 匿名的分享文件?
要想在 Tor 上共享文件,onionShare 是个好的选择。 洋葱共享是一个开源、安全、匿名式收发文件的工具,使用的是 Tor 洋葱服务。 它的工作原理是:直接在您的计算机上开启网络服务器,并将其变成一个不可猜测的 Tor 网络地址以便访问,他人可以登陆 Tor 浏览器来从您这里下载文件,或者向您上传文件。 这不要求设置一个独立的服务器,使用第三方文件共享服务,或甚至是登陆账户。
不像邮件、Google Drive、DropBox、WeTransfer 或几乎其他任何一种人们通常用来发送文件的服务,当您使用洋葱共享时,您不需要授予任何公司您共享文件的访问权限。 只要您以一种安全的方式共享不可猜测的网络地址(比如用编码过的通信软件进行传输),除了您和与您共享的人以外没有人可以访问这些文件。
OnionShare由Micah Lee开发。
很多出口节点会设置成阻止 BitTorrent 一类的文件共享服务的流量。 特别地,BitTorrent 在 Tor 中是无法匿名的。
我能在 Tor 网络中使用 BitTorrent 吗?
不推荐将 Tor 和 BitTorrent 一起使用。 更多详情,请看我们有关该话题的博客帖子。
You should hide the list of Tor relays, so people can't block the exits.
There are a few reasons we don't:
- We can't help but make the information available, since Tor clients need to use it to pick their paths. So if the "blockers" want it, they can get it anyway. Further, even if we didn't tell clients about the list of relays directly, somebody could still make a lot of connections through Tor to a test site and build a list of the addresses they see.
- If people want to block us, we believe that they should be allowed to do so. Obviously, we would prefer for everybody to allow Tor users to connect to them, but people have the right to decide who their services should allow connections from, and if they want to block anonymous users, they can.
- Being blockable also has tactical advantages: it may be a persuasive response to website maintainers who feel threatened by Tor. Giving them the option may inspire them to stop and think about whether they really want to eliminate private access to their system, and if not, what other options they might have. The time they might otherwise have spent blocking Tor, they may instead spend rethinking their overall approach to privacy and anonymity.