FAQ

This FAQ is related to questions around TorBox. For additional questions and feedback, visit our GitHub page or contact me. For questions relating to Tor or the Tor Browser, check the general FAQ page of the Tor Project or the official Tor support website.

Table of contents
1. Should I change the default passwords? How can I change my passwords?
2. Should I change the name of the wireless network (SSID) of my TorBox? How can I change it?
3. Can I hide the name of the wireless network (SSID) of my TorBox?
4. Which SSH client do you prefer?
5. Do you know some useful browser add-ons to improve anonymity, security and/or usability?
6. Do you know some essential configuration adjustments for Firefox (via about:config) to
    improve anonymity and security?
7. I’m connected to TorBox, and all is working as expected, but I’m not able to download
    something with my BitTorrent client. What’s wrong?
8. Isn’t there a workaround so that I can use TorBox and BitTorrent the same time?
9. I’m connected to TorBox, and all is working as expected, but Firefox, Safari and any iOS device
    don’t display .onion sites. What’s wrong?
10. For starters, do you know some interesting .onion sites?
11. Tor statistics (main menu entry 1) doesn’t show up — the screen stays black. What can I do?
12. How can I be sure, if my device is using the Tor network?
13. Why do I receive a yellow onion on the Tor Project’s check-site?
14. My client, which is connected to the TorBox, doesn’t receive an IP address.
15. My TorBox doesn’t receive an IP address from the network router.
16. My TorBox receives an IP address (192.168.42.*) from the network router, but it doesn’t work.
17. How can I overcome censorship with TorBox?
18. How can I obtain bridges? How do they look like and how can I check, if my bridges are still
      valid?
19. How getting around captive portals?
20. I’m connected to a public wireless network; everything works as expected. However, every
      x minutes, the connection to the wireless network stops completely, and I have to repeat
      the entire login procedure. What could be the reason?
21. Wicd (the network manager) tries to connect a wireless network, but it sticks with “Validating
      authentication”, the program crashes and/or seems to have many bugs. What’s wrong?
22. “Under-voltage detected!” / Red blicking LED on the Raspberry Pi 3 Model B+ – What do
      these things mean? (And all the other things that have to do with power supply).
23. I can’t get tethering to work. What’s wrong with it?

• • •

Question #1:
Should I change the default passwords? How can I change my passwords?
Answer:
You should change the default passwords a soon as possible. This is an easy task: login into your TorBox with an SSH client, go to the Configuration & Update Menu (main menu entry 4) and choose the associated menu entries under the section “Configuration” (see the image below).

The Configuration & Update Menu in TorBox v.0.2.4.
The Configuration & Update Menu in TorBox v.0.2.4.

 
Question #2:
Should I change the name of the wireless network (SSID) of my TorBox? How can I change it?
Answer:
This is not mandatory, but you can do it without considerable effort: login into your TorBox with an SSH client, go to the Configuration & Update Menu (main menu entry 4) and choose the associated menu entries under the section “Configuration” (see the image above).

Question #3:
Can I hide the name of the wireless network (SSID) of my TorBox?
Answer:
Yes, and it is easy to accomplish: login into your TorBox with an SSH client, go to the Configuration & Update Menu (main menu entry 4) and choose the associated menu entries under the section “Configuration” (see the image above).

Question #4:
Which SSH client do you prefer?
Answer:
There is an extensive collection of SSH clients. Usually, it doesn’t matter which one you are using. These are my recommendations:

For a list of other SSH clients, see here.

An iPad connected to TorBox running arm (Tor statistics) in a vSSH terminal.
An iPad connected to TorBox running arm (Tor statistics) in a vSSH terminal.

 
Question #5:
Do you know some useful browser add-ons to improve anonymity, security and/or usability?
Answer:
Yes, but first let me repeat one crucial point: if your well-being depends from your anonymity, then is highly recommended to use the Tor Browser only or even better Tails (read here, here and here why).

In my opinion following browser add-ons are very useful:

  • https-everywhere: Automatically makes websites use a more secure HTTPS connection instead of HTTP if they support it. With HTTPS, even the connection between the Tor exit node and the web server is encrypted. Tor Browser also uses this add-on. (USED BY TOR BROWSER; ESSENTIAL for SECURITY / ANONYMITY; available for Firefox, Firefox for Android, Chrome, and Opera).
  • NoScript: Allows JavaScript, Java, Flash, and other plugins to be executed only by trusted web sites of the users choice. NoScript also provides powerful anti-XSS and anti-Clickjacking protection. Tor Browser also uses this add-on. (USED BY TOR BROWSER; ESSENTIAL for SECURITY / ANONYMITY; available for Firefox and Chrome).
  • First Party Isolation: First Party Isolation, also known as Cross-Origin Identifier Unlinkability, is a concept from the Tor Browser. The idea is to key every source of browser identification with the domain in the URL bar (the first party). This makes all access to identifiers distinct between usage in the website itself and through third-party. Think of it as blocking Third-party cookies, but more exhaustively. (USED BY TOR BROWSER; ESSENTIAL for SECURITY / ANONYMITY; available for Firefox).
  • uBlock Origin: The only real working and independent ad blocker (ESSENTIAL for SECURITY / ANONYMITY / USABILITY; available for Firefox, Chrome, Safari, and Opera).
  • Smart Referer: Prevents Cross Domain Referer Leakage (ESSENTIAL for ANONYMITY; available for Firefox).
  • CanvasBlocker: Allows users to prevent websites from using the Javascript canvas API for fingerprinting them. (ESSENTIAL for ANONYMITY; available for Firefox)
  • Decentraleyes: This browser add-on emulates Content Delivery Networks (CDN) by finding supported resources locally, and injecting them into the environment. All of this happens automatically, so no prior configuration is required. Here is a testing utility to find out if you are properly protected against a CDN vulnerability (ESSENTIAL for ANONYMITY; available for Firefox, Chrome, Opera).
  • Neat URL: Cleans URLs, removing parameters such as Google Analytics’ utm parameters. (ESSENTIAL for ANONYMITY; available for Firefox)
  • Skip Redirect: Some web pages use intermediary pages before redirecting to a final page. This add-on tries to extract the final url from the intermediary url and goes there straight away if successful. (ESSENTIAL for PRIVACY / USABILITY; available for Firefox)
  • Privacy Pass: Allow users to redeem validly signed tokens instead of completing captcha solutions. Clients receive 30 signed tokens for each captcha that is initially solved. Cloudflare currently supports Privacy Pass. (ESSENTIAL for USABILITY; available for Firefox and Chrome).
  • uMatrix: Point and click matrix to filter net requests according to its source, destination, and type (available Firefox, Chrome, and Opera).
  • Privacy Badger: A balanced approach to internet privacy between consumers and content providers by blocking advertisements and tracking cookies that do not respect the Do Not Track setting in a user’s web browser (available for Firefox, Chrome, and Opera).
  • FoxyProxy: FoxyProxy is an advanced proxy management tool (see also here; available for Firefox, Chrome, Safari, Opera, and others).
  • Bypass Paywalls: Let’s say you are a researcher and one of your sources is an article in the Washington Post. Would you subscribe, only for that one article? Yes, we thought so, too 😉 (available for Firefox and Chrome).

Do you have another very useful browser add-on? Let me know in the comment section below!

Question #6:
Do you know some essential configuration adjustments for Firefox (via about:config) to improve anonymity and security?
Answer:
Yes, but first let me repeat one crucial point: if your well-being depends from your anonymity, then is highly recommended to use the Tor Browser only or even better Tails (read here, here and here why).
In my opinion following configuration adjustments for Firefox are very useful:

  • To enable strict First Party Isolation, also known as Cross-Origin Identifier Unlinkability, search for privacy.firstparty.isolate and privacy.firstparty.isolate.restrict_opener_access and set both to true. Alternatively, the browser add-on First Party Isolation does the same (see above). You should really do that!
  • To disable WebRTC (possible IP leak!!), search for media.peerconnection.enabled and double-click on it –> false.
  • To disable face detection using cameras, search for camera.control.face_detection.enabled and double-click on it –> false.
  • To disable geolocation services, search for geo.enabled and double-click on it –> false.
  • To disable the ability to report what plugins are installed, search plugin.scan.plid.all and double-click on it –> false.
  • To disable web speech recognition through the microphone, search media.webspeech.synth.enable and media.webspeech.recognition.enable and double-click on them –> false.
  • To disable all telemetry features, search for “telemetry” and disable all true/false settings related to telemetry by setting them to false.
  • To harden your browser (a little bit) against fingerprinting, search for “privacy.resistFingerprinting” and double-click on them –> true.
  • To enable tracking protection, search for “privacy.trackingprotection.enabled” and double-click on them –> true.

For more information see here or here. Do you have other essential configuration adjustments for Firefox or any other browser? Let me know in the comment section below!

Question #7:
I’m connected to TorBox, and all is working as expected, but I’m not able to download something with my BitTorrent client. What’s wrong?
Answer:
BitTorrent is not working over Tor, because Tor doesn’t support UDP. There are clients with a “Tor-switch” and there are people using the SOCKS v5 feature of the Tor Browser. However, this doesn’t change the fact that UDP is not routed through Tor. If in these configurations BitTorrent works properly, this means that the UDP packages go clear-net, revealing the identity of the client. With TorBox client-devices don’t have direct access to the clear-net. Consequently, UDP packages are dropped and the identity of the client is safeguarded. By the way: due to the high bandwidth usage caused by the BitTorrent protocol, it is considered impolite and inappropriate by Tor community members to use the Tor network for BitTorrent transfers. For that reason, some Tor exit nodes block BitTorrent traffic.

Question #8:
Isn’t there a workaround so that I can use TorBox and BitTorrent the same time?
Answer:
Yes, there is, but it is a little bit complicated and slow. You need a SOCKS v5 proxy server and a BitTorrent client, which works properly with it (for example: Deluge and Vuze). BitTorrent is now tunneled through Tor to the proxy server. Regarding the Socks5 proxy server: we didn’t find any reliable working free public proxy server. The best server we found is coming with costs, even not so much: Private Internet Access (for alternative commercial proxy providers see here). Nevertheless, you should think very carefully about the necessity to use Tor for your BitTorrent traffic, because it is slow and due to the high bandwidth the Tor community doesn’t like it.

BitTorrent tunneled through Tor with a proxy server from “Private Internet Access”. It works, but it is slow. It is probably useful to circumvent censorship but not for daily use. After the screenshot, I canceled the download; no bytes were harmed.

 
Question #9:
I’m connected to TorBox, and all is working as expected, but Firefox, Safari and any iOS device don’t display .onion sites. What’s wrong?
Answer:
As per IETF RFC 7686, “Applications that do not implement the Tor protocol should generate an error upon the use of .onion and should not perform a DNS lookup.” To display a .onion site, you have to use the Tor Browser or the Onion Browser on iOS.

Nevertheless, the display of .onion sites is still possible with certain browsers:
Google Chrome (tested with Version 74) and Chromium (Version 76) resolve .onion addresses by default, without any adjustments.
With Mozilla Firefox you have to use the SOCKS v5 proxy functionality of your TorBox and to configure Firefox accordingly:

  • Under about:preferences, “Network Settings”, click on “Settings…”, choose “Manual proxy configuration”, under “SOCKS Host” enter following IP: 192.168.42.1 / Port: 9050. Toggle on “Proxy DNS when using SOCKS v5”.
  • Under about:config, search for “network.dns.blockDotOnion” and set it to “false”.

The add-on FoxyProxy Standard offers another interesting way to resolve .onion addresses, only using the TorBox SOCKS v5 proxy for that kind of addresses:

  • Install the add-on.
  • Under “Options” add a new proxy, choosing as “Proxy Type” “SOCKS5”, enter IP: 192.168.42.1 / Port: 9050. Toggle on “Send DNS through SOCKS5 proxy?” and save the changes.
  • Under “Patterns” whitelist .onion (see images below).
  • Activate the new proxy settings and activate “Use Enabled Proxies by Patterns and Priority” by clicking on the FoxyProxy icon.
  • Now, all .onion addresses are sent through TorBox’s SOCKS v5; all other addresses are not affected.

• • •

• • •

• • •

 
Question #10:
For starters, do you know some interesting .onion sites?
Answer:
Of course, here is a very short collection: Ahmia Search Engine, OnionDir – Deep Web Link Directory, Deep Web Search Engine, Duck Duck Go Search Engine, Facebook, Imperial Library, The Hidden Wiki, The Pirate Bay, The Tor Project Homepage, TorLinks.

For more sites, see also here (on “clear-web”): Deep Web links, here or here (in German).

Question #11:
Tor statistics (main menu entry 1) doesn’t show up — the screen stays black. What can I do?
Answer:
The program “nyx”, which shows the Tor statistics uses the control port of the local Tor installation. If the loading of the Tor process gets stuck or takes a lot of time (possible in case of network connection problems or censorship), nyx doesn’t start either. However, we implemented an alternative way to check the log file of Tor quickly: go to the countermeasures & troubleshooting menu and chose entry 11. The screen updates automatically when a new entry is written to the log file.

All works just fine....
All works just fine….
Question #12:
How can I be sure, if my device is using the Tor network?
Answer:
Go to https://check.torproject.org/ or http://onionbr5zulufnuj.onion. For more information, you can also use the check site operated by JonDonym. Check with Panopticlick (by the EFF), if your browser is safe against tracking? To check for other browser leaks, go here (an excellent analytic tool!); additionally, you could also test against IP leaks and DNS Nameserver spoofability. You can also monitor your data transfer by using TorBox’s main menu entry 1. On macOS, there is a nice program (IP in Menubar), which permanently displays the IP address of your Tor exit node in the menu bar.

Question #13:
Why do I receive a grey onion on the Tor Project’s check-site?
Answer:
Because the user agent string of your web browser differs from the one from the Tor Browser. The Tor Browser is using following user agent string: “Mozilla/5.0 (Windows NT 6.1; rv:52.0) Gecko/20100101 Firefox/52.0”. You can easily switch your current user agent string with “User Agent Switcher” (for Firefox). However, there are side effects:

  1. Changing the user agent without changing to a similar platform makes your browser nearly unique and allow for fingerprinting your device.
  2. If your string is saying that you are running Windows NT 6.1, most likely a download page automatically offers you a download package for Windows NT, even if you are running OS X. Therefore, a user agent switcher allows you to change the string in one or two clicks if needed.

 
Question #14:
My client, which is connected to the TorBox, doesn’t receive an IP address.
Answer:
Usually, the DHCP-server on TorBox provides your client with all necessary information. If it doesn’t work, and you are sure that your client is configured accordingly, first try to restart TorBox. Shouldn’t that doesn’t work either, then try to configure your client manually:

IPv4-address of your device: 192.168.42.x  (x > 12)
Net Masq: 255.255.255.0
Router / Gateway: 192.168.42.1
DNS: 192.168.42.1 / torbox.ch

 
Question #15:
My TorBox doesn’t receive an IP address from the network router.
Answer:
TorBox is configured as a DHCP client, which means that the router has to give TorBox all necessary network information (usually, the router is configured like that). If that doesn’t work, try to configure TorBox manually according to the data of your provider or an actual client, which works with your router properly:

sudo iptables <interface> <static_IP_address>
sudo route add default gw <gateway_ip>

 
Question #16:
My TorBox receives an IP address (192.168.42.*) from the network router, but it doesn’t work.
Answer:
TorBox in its default configuration occupies the IP-addresses 192.168.42.0 – 192.168.42.255 for its purpose. In the very rare case in which the network router uses the same IP range, you have either to change the IP range of the router or to change the configuration of the TorBox (for example changing all 192.168.42.* to 192.168.43.*. For more information, please contact me.

Question #17:
How can I overcome censorship with TorBox?
Answer:
To circumvent sophisticated censorship, Tor introduced bridges which support pluggable transports. These transports manipulate all Tor traffic between the client and its first hop such that it is not identifiable as a Tor connection. Currently, TorBox supports only OBFS4, because it is currently the most effective transport to bypass censorship (meek-azure probably follows later).

In TorBox to circumvent censorship is a 3-step procedure and is located in the countermeasures & troubleshooting menu (see image below):

  1. Toggle Bridge Mode from off to on (menu entry 2).
  2. Activate already configured bridges or add/replace new bridges.
  3. Restart Tor (menu entry 9) or check Tor log (menu entry 11).

Important!
After restarting Tor, the process to build circuits could last for several minutes, depending on your network and the contacted bridge server! In the end, you should see “Bootstrapped 100%: Done” (menu entry 9 or 11).

The Countermeasures & Troubleshooting Menu in TorBox v.0.2.4.
The Countermeasures & Troubleshooting Menu in TorBox v.0.2.4.

 
Question #18:
How can I obtain bridges? How do they look like and how can I check, if my bridges are still valid?
Answer:
You have two ways to obtain the necessary bridge-addresses:

  1. Get them here https://bridges.torproject.org/ (chose “Advanced Options”, “obfs4” and press “Get Bridges)
  2. Or send an email to [email protected], using an address from Riseup, Gmail or Yahoo with “get transport obfs4” in the body of the mail.

 

Elements of a Bridge address
Elements of a Bridge address

 
You can check the validity of a bridge address with the help of the Relay Search on the Tor Metrics page. Just copy the fingerprint of the specific bridge address. Tor Metrics should then show you the information of that particular bridge server. If it doesn’t show up, the bridge is no longer valid.

Question #19:
How getting around captive portals?
Answer:
Usually, getting around a captive portal is an easy process. In order to do that, you have to follow this initial steps:

  • Access your TorBox (192.168.42.1) with an SSH-client.
  • In the appearing TorBox menu, choose the preferred connection setup (with a Captive Portal, usually it is “Wireless-internet to wireless-clients”).
  • Now you can choose between “Captive Portal” and “Open Access” (see image below).
  • The rest of the procedure is guided through a menu dialog and should be self-explanatory.

 
Question #20:
I’m connected to a public wireless network; everything works as expected. However, every x minutes, the connection to the wireless network stops completely, and I have to repeat the entire login procedure. What could be the reason?
Answer:
Certain Internet provider (usually at airports, in hotels, coffee houses, etc.) disconnect the network connection after a particular time of inactivity. In this case, the Tor statistics (main menu entry 1) no longer shows any data transfer and after about 15 seconds, errors in communication with the Tor network will appear. Try to activate in the countermeasures & troubleshooting menu entry 10 “Countermeasure against a disconnection when idle feature”.

Question #21:
Wicd (the network manager) tries to connect a wireless network, but it sticks with “Validating authentication”, the program crashes and/or seems to have many bugs. What’s wrong?
Answer:
It is crucial that your Raspberry Pi does receive enough power (the red LED must not blink!!). If your Raspberry Pi doesn’t get enough power — for example, if it is connected with a USB port of your Laptop — wicd tends to malfunction. In this case, try to unplug all other USB devices, use a power adapter or put a power bank between the power source and your Raspberry Pi (something like the RS Pro PB-10400 Power Bank, 5V / 10,4Ah or the Ansmann Li-Polymer Power Bank, 5V / 15Ah). See also the question below!

Question #22:
“Under-voltage detected!” / Red blicking LED on the Raspberry Pi 3 Model B+ – What do these things mean? (And all the other things that have to do with power supply).

If "pwr" flashes red => Problems are coming ahead!
If “pwr” flashes red => Problems are coming ahead!
Answer:
It is crucial that your Raspberry Pi does receive enough power. The “pwr”-LED on your Raspberry Pi board indicates, if it receives enough power. Unfortunately, the way how the LED indicates the status of the power supply isn’t consistent between the different models. In the Model A and Model B (rev 1), the LED is connected directly to the 3.3V supply. If it fails to light or flashes it indicates that there is a problem with the power supply. In the later models (A+, B+, Pi 2 & Pi 3) the power supply chip is slightly more intelligent. It is connected to the 5V and flashes if the voltage drops below 4.63V. In other words, with the recommended Raspberry Pi 3: if a LED on your board flashes red => Problems are coming ahead! (see also the question above).

Additionally, with the Raspberry Pi 3 Model B+, the drop below 4.63V is notified by an “Under-voltage detected!” in the terminal. Such situations can lead to strange behaviors, to data losses or even to a corruption of your SD card. If this message regularly arises or/and “pwr” LED flashes red for a longer time then you should switch to a more reliable power supply such as the “the official and recommended universal micro USB power supply for Raspberry Pi” or the 12W USB Power Adapter by Apple (which is compacter than the one from the Raspberry Pi foundation). If the warning spams your console or your log, a temporary fix is to ignore it. Simply create /etc/rsyslog.d/ignore-underpowering.conf with :msg, contains, “voltage” ~ and you can enjoy your unstable system.

Three USB WiFi adapters: the one far left needs too much power during boot up. The other two function without any problem. Adapters with long external antennas usually do not work.
Even with a reliable power supply, you could run into problems, especially if you are using a “Wireless-internet to wireless-clients” connection. As a rule, simpler USB WiFi Adapters lead to fewer problems (see image below). Especially booting up your Raspberry Pi with an already attached USB WiFi Adapter could be too much for the power supply of your board. In such a case, try to boot up the Raspberry Pi first and to attach the USB WiFi Adapter later when the system is already running.

In certain cases, especially with an unreliable power supply, a power bank between the power source and your Raspberry Pi could probably help (something like the RS Pro PB-10400 Power Bank, 5V / 10,4Ah or the Ansmann Li-Polymer Power Bank, 5V / 15Ah).

This TorBox (Raspberry Pi 2 Model B) with a TFT display, two wireless network adapter and an RS Pro PB-10400 Power Bank, 5V / 10,4Ah as a power source is connected to a wireless network in a Starbucks Coffee shop.
This TorBox (Raspberry Pi 2 Model B) with a TFT display, two wireless network adapter, and an RS Pro PB-10400 Power Bank, 5V / 10,4Ah as a power source is connected to a wireless network in a Starbucks Coffee shop.

Question #23:
I can’t get tethering to work. What’s wrong with it?
Answer:
If you use tethering via USB your smartphone probably charges its battery. This could be problematic: if the Raspberry Pi doesn’t receive enough power (indicated by a flashing red LED), you eventually are unable to connect to the AP of an Internet provider or experience all sorts of other strange behaviors. A better solution may be to create a personal hotspot with your smartphone instead of using tethering. However, if you are using the tethering option, you should remove other power consumption devices and make sure that your Raspberry Pi has the best power source as you can get. For example the RS Pro PB-10400 Power Bank, 5V / 10,4Ah works well.

Using tethering is simple. For example, in case of an iPhone: unlock your iPhone, but let the personal hotspot disabled for the time being and connect your iPhone with your Raspberry Pi’s USB port. Choose to trust your iPhone (necessary!). Enable personal hotspot on your iPhone (USB only). Finally, in the “TorBox menu”, use entry number 6 or 9, depending on how your client is connected to the TorBox.

Leave a Reply