[HTTPS-Everywhere] Why is HTTPS-Everywhere trying to connect to 127.0.0.1:9050?

Seth Woodworth seth at sethish.com
Fri Feb 28 11:10:49 PST 2014 

https://github.com/EFForg/https-everywhere/blob/9651d668da793c7791f778f4fae0b654099122d9/src/components/ssl-observatory.js#L852


On Fri, Feb 28, 2014 at 1:57 PM, Seth David Schoen <schoen at eff.org> wrote:

> Dave Warren writes:
>
> > On 2014-02-28 08:21, paulrcc at hushmail.com wrote:
> > >On 02/19/2014 at 10:40 PM, "Daniel Kahn Gillmor"
> > ><dkg at fifthhorseman.net> wrote:
> > >
> > >    On 02/19/2014 08:41 AM, paulrcc at hushmail.com wrote:
> > >    > I use Firefox plugin and I detected connections to
> > >    localhost:9050 when
> > >    > HTTPS-Everywhere plugin is enabled. When plugin is disabled,
> > >    this does
> > >    > not occur. Observatory is disabled.
> > >
> > >    localhost:9050 is a common port for the system tor socks proxy to
> run
> > >    on. Are you sure you didn't also do some sort of tor configuration
> or
> > >    reconfigure your proxy settings around the same time as installing
> > >    https-everywhere
> > >
> > >
> > >No, I did no proxy configuration. I just installed Firefox with
> > >HTTPS Everywhere and when the plugin is enabled my firewall
> > >detects connections to 127.0.0.1:9050.
> >
> > Given that HTTPS Everywhere has some internal Tor support, I wonder
> > if it's simply checking to see if a typical Tor install is
> > available?
>
> Yes, this has to do with the Observatory wanting to submit cert
> observations via Tor.  If the Observatory is enabled with default
> settings, it looks for a Tor proxy on localhost:9050.  You should
> be able to stop this (if it isn't what you want) with the HTTPS
> Everywhere SSL Observatory Preferences by disabling all Observatory
> reporting.
>
> Note that if Tor isn't installed, the failed connections to port
> 9050 won't harm anything -- depending on your Observatory settings,
> they'd just cause HTTPS Everywhere to conclude that you don't have Tor
> installed and then not submit any observations to the Observatory.
>
> You can see the details of the implementation of this functionality in
>
>
> https://gitweb.torproject.org/https-everywhere.git/blob/HEAD:/src/components/ssl-observatory.js
>
> --
> Seth Schoen  <schoen at eff.org>
> Senior Staff Technologist                       https://www.eff.org/
> Electronic Frontier Foundation                  https://www.eff.org/join
> 815 Eddy Street, San Francisco, CA  94109       +1 415 436 9333 x107
> _______________________________________________
> HTTPS-Everywhere mailing list
> HTTPS-Everywhere at lists.eff.org
> https://lists.eff.org/mailman/listinfo/https-everywhere
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.eff.org/pipermail/https-everywhere/attachments/20140228/51d1af6f/attachment.html>

More information about the HTTPS-Everywhere mailing list