4. Miscellaneous

4.1. How much does Privoxy slow my browsing down? This has to add extra time to browsing.

It should not slow you down any in real terms, and may actually help speed things up since ads, banners and other junk are not being displayed. The actual processing time required by Privoxy itself for each page, is relatively small in the overall scheme of things, and happens very quickly. This is typically more than offset by time saved not downloading and rendering ad images.

"Filtering" content via the filter or deanimate-gifs actions may cause a perceived slowdown, since the entire document needs to be buffered before displaying. See below.

4.2. I noticed considerable delays in page requests compared to the old Junkbuster. What's wrong?

If you use any filter action, such as filtering banners by size, web-bugs etc, or the deanimate-gifs action, the entire document must be loaded into memory in order for the filtering mechanism to work, and nothing is sent to the browser during this time.

The loading time does not really change in real numbers, but the feeling is different, because most browsers are able to start rendering incomplete content, giving the user a feeling of "it works". This effect is especially noticeable on slow dialup connections.

Filtering is automatically disabled for inappropriate MIME types.

4.3. What are "http://config.privoxy.org/" and "http://p.p/"?

http://config.privoxy.org/ is the address of Privoxy's built-in user interface, and http://p.p/ is a shortcut for it.

Since Privoxy sits between your web browser and the Internet, it can simply intercept requests for these addresses and answer them with its built-in "web server".

This also makes for a good test for your browser configuration: If entering the URL http://config.privoxy.org/ takes you to a page saying "This is Privoxy..", everything is OK. If you get a page saying "Privoxy is not working" instead, then your browser didn't use Privoxy for the request, hence it could not be intercepted, and you have accessed the real web site at config.privoxy.org.

With recent versions of Privoxy (version 2.9.x and later), the user interface features information on the run time status, the configuration, and even a built-in editor for the actions files.

Note that the built-in URLs from earlier versions of Junkbuster / Privoxy, http://example.com/show-proxy-args and http://i.j.b/, are no longer supported. If you still use such an old version, you should really consider upgrading to 3.0.0.

4.4. Do you still maintain the blocklists?

No. The patterns for blocking now reside (among other things) in the actions files, which are actively maintained instead. See next question ...

4.5. How can I submit new ads?

Yes, absolutely! Please see the Contact section for how to do that. Please note that you (technically) need the latest Privoxy version for this to work.

4.6. How can I hide my IP address?

If you run both the browser and the proxy locally, you cannot hide your IP address with Privoxy or any other software. The server needs to know your IP address to send the answers back to you.

Fortunately there are many publicly usable anonymous proxies out there, which solve the problem by providing a further level of indirection between you and the web server, shared by many people, and thus letting your requests "drown" in white noise of unrelated requests as far as user tracking is concerned.

Most of them will, however, log your IP address and make it available to the authorities in case you abuse that anonymity for criminal purposes. In fact you can't even rule out that some of them only exist to *collect* information on (those suspicious) people with a more than average preference for privacy.

You can find a list of anonymous public proxies at multiproxy.org and many more through Google. A particularly interesting project is the JAP service offered by the Technical University of Dresden (http://anon.inf.tu-dresden.de/index_en.html.

There is, however, even in the single-machine case the possibility to make the server believe that your machine is in fact a shared proxy serving a whole big LAN, and we are looking into that.

4.7. Can Privoxy guarantee I am anonymous?

No. Your chances of remaining anonymous are greatly improved, but unless you are an expert on Internet security it would be safest to assume that everything you do on the Web can be traced back to you.

Privoxy can remove various information about you, and allows you more freedom to decide which sites you can trust, and what details you want to reveal. But it's still possible that web sites can find out who you are. Here's one way this can happen.

A few browsers disclose the user's email address in certain situations, such as when transferring a file by FTP. Privoxy does not filter FTP. If you need this feature, or are concerned about the mail handler of your browser disclosing your email address, you might consider products such as NSClean.

Browsers available only as binaries could use non-standard headers to give out any information they can have access to: see the manufacturer's license agreement. It's impossible to anticipate and prevent every breach of privacy that might occur. The professionally paranoid prefer browsers available as source code, because anticipating their behavior is easier. Trust the source, Luke!

4.8. Might some things break because header information or content is being altered?

Definitely. More and more sites use HTTP header content to decide what to display and how to display it. There is many ways that this can be handled, so having hard and fast rules, is tricky.

"User-Agent" in particular is often used in this way to identify the browser, and adjust content accordingly. Changing this now (at least not further than removing the OS information) is not recommended, since so many sites do look for it. You may get undesirable results by changing this.

For instance, different browsers use different encodings of Russian and Czech characters, certain web servers convert pages on-the-fly according to the User Agent header. Giving a "User Agent" with the wrong operating system or browser manufacturer causes some sites in these languages to be garbled; Surfers to Eastern European sites should change it to something closer. And then some page access counters work by looking at the "Referer" header; they may fail or break if unavailable. The weather maps of Intellicast have been blocked by their server when no "Referer" or cookie is provided, is another example. (But you can forge both headers without giving information away). There are many other ways things can go wrong when trying to fool a web server.

Similar thoughts apply to modifying JavaScript, and, to a lesser degree, HTML elements.

If you have problems with a site, you will have to adjust your configuration accordingly. Cookies are probably the most likely adjustment that may be required, but by no means the only one.

4.9. Can Privoxy act as a "caching" proxy to speed up web browsing?

No, it does not have this ability at all. You want something like Squid for this. And, yes, before you ask, Privoxy can co-exist with other kinds of proxies like Squid. See the forwarding chapter in the user manual for details.

4.10. What about as a firewall? Can Privoxy protect me?

Not in the way you mean, or in the way a true firewall can. Privoxy can help protect your privacy, but not protect you from intrusion attempts. It is, of course, perfectly possible and recommended to use both.

4.11. I have large empty spaces / a checkerboard pattern now where ads used to be. Why?

It would be technically possible eliminate the banners in a way that frees their screen estate in many cases, by doing all banner blocking with filters, i.e. eliminating the whole image references from the HTML pages instead of letting them stay in, and blocking the resulting requests for the banners themselves.

But this would consume considerable CPU resources, would likely destroy the layout of many web pages which rely on the banners consuming a certain amount of screen space, and would fail in other cases, where the screen space is reserved e.g. by tables anyway. Also, making the banners disappear without a visual trace complicates troubleshooting.

So we won't support this in the default configuration, but you can of course define appropriate filters yourself.

4.12. How can Privoxy filter Secure (HTTPS) URLs?

Since secure HTTP connections are encrypted SSL sessions between your browser and the secure site, and are meant to be reliably secure, there is little that Privoxy can do but hand the raw gibberish data though from one end to the other unprocessed.

The only exception to this is blocking by host patterns, as the client needs to tell Privoxy the name of the remote server, so that Privoxy can establish the connection. If that name matches a host-only pattern, the connection will be blocked.

As far as ad blocking is concerned, this is less of a restriction than it may seem, since ad sources are often identifiable by the host name, and often the banners to be placed in an encrypted page come unencrypted nonetheless for efficiency reasons, which exposes them to the full power of Privoxy's ad blocking.

4.13. Privoxy runs as a "server". How secure is it? Do I need to take any special precautions?

There are no known exploits that might affect Privoxy. On Unix-like systems, Privoxy can run as a non-privileged user, which is how we recommend it be run. Also, by default Privoxy only listens to requests from "localhost" only. The server aspect of Privoxy is not itself directly exposed to the Internet in this configuration. If you want to have Privoxy serve as a LAN proxy, this will have to be opened up to allow for LAN requests. In this case, we'd recommend you specify only the LAN gateway address, e.g. 192.168.1.1, in the main Privoxy configuration file and check all access control and security options. All LAN hosts can then use this as their proxy address in the browser proxy configuration, but Privoxy will not listen on any external interfaces. ACLs can be defined in addition, and using a firewall is always good too. Better safe than sorry.

4.14. How can I temporarily disable Privoxy?

The easiest way is to access Privoxy with your browser by using the remote toggle URL: http://config.privoxy.org/toggle. See the Bookmarklets section of the User Manual for an easy way to access this feature.

4.15. When "disabled" is Privoxy totally out of the picture?

No, this just means all filtering and actions are disabled. Privoxy is still acting as a proxy, but just not doing any of the things that Privoxy would normally be expected to do. It is still a "middle-man" in the interaction between your browser and web sites.

4.16. My logs show Privoxy "crunches" ads, but also its own CGI pages. What is a "crunch"?

A "crunch" simply means Privoxy intercepted something, nothing more. Often this is indeed ads or banners, but Privoxy uses the same mechanism for trapping requests for its own internal pages. For instance, a request for Privoxy's configuration page at: http://config.privoxy.org, is intercepted (i.e. it does not go out to the 'net), and the familiar CGI configuration is returned to the browser, and the log consequently will show a "crunch".

4.17. Can Privoxy effect files that I download from a webserver? FTP server?

From the webserver's perspective, there is no difference between viewing a document (i.e. a page), and downloading a file. The same is true of Privoxy. If there is a match for a block pattern, it will still be blocked, and of course this is obvious. Filtering is potentially more of a concern since the results are not always so obvious.

Privoxy knows the differences in files according to the "Document Type" as reported by the webserver. If this is reported accurately (e.g. "application/zip" for a zip archive), then Privoxy knows to ignore these where appropriate. It is possible, however, that documents that are of an unknown type (generally assumed to be "text/plain") will be filtered, as will those that might be incorrectly reported by the webserver. If such a file is a downloaded file that is intended to be saved to disk, then any content that might have been altered by filtering, will be saved too, for these (probably very rare) cases.

Privoxy does not do FTP at all, only HTTP protocols.

4.18. Where can I find more information about Privoxy and related issues?

Other references and sites of interest to Privoxy users: