Skip to content

GitLab

  • Projects
  • Groups
  • Snippets
  • Help
    • Loading...
  • Help
    • Help
    • Support
    • Community forum
    • Submit feedback
    • Contribute to GitLab
  • Sign in / Register
T
tails
  • Project overview
    • Project overview
    • Details
    • Activity
    • Releases
  • Repository
    • Repository
    • Files
    • Commits
    • Branches
    • Tags
    • Contributors
    • Graph
    • Compare
  • Issues 961
    • Issues 961
    • List
    • Boards
    • Labels
    • Service Desk
    • Milestones
  • Merge Requests 16
    • Merge Requests 16
  • CI / CD
    • CI / CD
    • Pipelines
    • Jobs
    • Schedules
  • Operations
    • Operations
    • Incidents
    • Environments
  • Analytics
    • Analytics
    • CI / CD
    • Repository
    • Value Stream
  • Members
    • Members
  • Activity
  • Graph
  • Create a new issue
  • Jobs
  • Commits
  • Issue Boards
Collapse sidebar
  • tails
  • tails
  • Issues
  • #13599

Closed
Open
Opened Aug 06, 2017 by tailshark@tailshark

Switch to the DuckDuckGo .onion by default

Originally created by @tailshark on #13599 (Redmine)

In proper form I did an initial search on this it was mentioned some years ago but never followed through on: https://labs.riseup.net/code/issues/6059

To start, I’m running a remastered version of Tails where I have swapped the .com out for the .onion. Security was lingering in my mind somewhat (anyone with CA keys being able to read traffic from the Tor exit) but the primary issue I had was that duckduckgo.com would intermittently stop responding across almost all of the exits I could reach simultaneously but the .onion address would still resolve and work. And on the note of security I found it very cumbersome to copy the .onion address into a new tab each time. Personally I’ve found my searches to be way more reliable without the intermittent downtime since doing the remaster change a number of months ago.

Replacing the address is not a big deal, especially in remastering, but may need some thought if you want it in your build process. Honestly it might be easier to do the change at boot rather than tor-browser installation unless you have an automated tor-browser post-installer already handy.

Here’s the code I’m using for the remaster:
——
find /usr/local/lib/tor-browser/distribution/searchplugins/locale/ -type f -print0\
| xargs –0 sed -i “s/duckduckgo\.com/3g2upl4pq6kufc4m.onion/g”
——

If this board eats the text I apologize in advance.

If you want something that modifies it at boot I can look at posting a commit on my gitlab fork.

P.S. Something I think is often left out of the “to onion or not to onion” conversation is it reduces possible connection interference. (e.g. if powerful attackers want to block traffic to certain sites it’s easier to block an exit to a specific clearnet address than it is to block access to a specific .onion).

Related issues

  • Related to #12121 (closed)
  • Related to #10265 (closed)
  • Related to #6059 (closed)
Edited May 15, 2020 by tailshark
To upload designs, you'll need to enable LFS and have an admin enable hashed storage. More information
Assignee
Assign to
None
Milestone
None
Assign milestone
Time tracking
None
Due date
None
Reference: tails/tails#13599