#+TITLE: #+AUTHOR: Bob Mottram #+EMAIL: bob@freedombone.net #+KEYWORDS: Freedombone, RSS #+DESCRIPTION: How to use the RSS reader #+OPTIONS: ^:nil toc:nil #+HTML_HEAD: #+attr_html: :width 80% :height 10% :align center [[file:images/logo.png]] * RSS Reader The way that RSS reading is set up on Freedombone gives you strong reading privacy. Not only is there onion routing between you and the server but also between the server and the source of the RSS feed. The only down side is that many RSS feeds are still http only, and so could be vulnerable to injection attacks, but it's expected that more of this will go to https in the foreseeable future due to a combination of growing recognition of security issues and systems like Let's Encrypt which make obtaining certificates much easier. #+attr_html: :width 80% :align center [[file:images/rss_reader_mobile.jpg]] * Finding the onion address See the control panel for the RSS reader onion address. #+BEGIN_SRC bash ssh username@domainname -p 2222 #+END_SRC Select *Administrator controls* then select the *About* screen. The RSS reader is accessible only via an onion address. This provides a reasonable degree of reading privacy, making it difficult for passive adversaries such as governments, corporations or criminals to create lists of sites which you are subscribed to. To set up the system open http://rss_reader_onion_address and log in with username *admin* and the password which can be found within the *Passwords* section of the *Administrator control panel*. You can then select the *Actions* menu and begin adding your feeds. * On mobile To access the RSS reader from a mobile device you can install a Tor compatible browser such as OrFox, then use the mobile onion address shown on the *About* screen of the *Administrator controls*. Remember to add the site to the NoScript whitelist, and you may also need to turn HTTPS Everywhere off. #+BEGIN_QUOTE A note for the paranoid is that on mobile devices you get redirected to a different onion address which is specially set up for the mobile interface, so don't be alarmed that it looks like your connection is being hijacked. #+END_QUOTE * With Emacs If you are an Emacs user then you can also read your RSS feeds via the [[https://github.com/dk87/avandu][Avandu]] mode. Add the following to your configuration, changing the address and password as appropriate. #+begin_src emacs-lisp :tangle no (setq avandu-tt-rss-api-url "http://rss_reader_onion_address/api/" avandu-user "admin" avandu-password "mypassword") #+end_src If you don't already have Emacs set up to route through Tor then also add the following: #+begin_src emacs-lisp :tangle no (setq socks-noproxy '("localhost")) (require 'socks) (require 'tls) (setq socks-server (list "Tor socks" "localhost" 9050 5)) #+end_src And ensure that the Tor daemon is installed. On a debian based system: #+begin_src bash :tangle no sudo apt-get install tor #+end_src or on Arch/Parabola: #+begin_src bash :tangle no sudo pacman -S tor sudo systemctl enable tor sudo systemctl start tor #+end_src