freedombone/doc/EN/app_rss.org

77 lines
3.1 KiB
Org Mode

#+TITLE:
#+AUTHOR: Bob Mottram
#+EMAIL: bob@freedombone.net
#+KEYWORDS: Freedombone, RSS
#+DESCRIPTION: How to use the RSS reader
#+OPTIONS: ^:nil toc:nil
#+HTML_HEAD: <link rel="stylesheet" type="text/css" href="freedombone.css" />
#+BEGIN_CENTER
[[file:images/logo.png]]
#+END_CENTER
#+BEGIN_EXPORT html
<center>
<h1>RSS Reader</h1>
</center>
#+END_EXPORT
The way that RSS reading is set up on Freedombone gives you strong reading privacy. Not only is there onion routing between you and the server but also between the server and the source of the RSS feed. The only down side is that many RSS feeds are still http only, and so could be vulnerable to injection attacks, but it's expected that more of this will go to https in the foreseeable future due to a combination of growing recognition of security issues and systems like Let's Encrypt which make obtaining certificates much easier.
#+BEGIN_CENTER
[[file:images/rss_reader_mobile.jpg]]
#+END_CENTER
* Finding the onion address
See the control panel for the RSS reader onion address.
#+BEGIN_SRC bash
ssh username@domainname -p 2222
#+END_SRC
Select *Administrator controls* then select the *About* screen.
The RSS reader is accessible only via an onion address. This provides a reasonable degree of reading privacy, making it difficult for passive adversaries such as governments, corporations or criminals to create lists of sites which you are subscribed to.
To set up the system open http://rss_reader_onion_address and log in with username *admin* and the password obtained either at the beginning of the install or from the README file in your home directory. You can then select the *Actions* menu and begin adding your feeds.
* On mobile
To access the RSS reader from a mobile device you can install a Tor compatible browser such as OrFox, then use the mobile onion address shown on the *About* screen of the *Administrator controls*. Remember to add the site to the NoScript whitelist, and you may also need to turn HTTPS Everywhere off.
#+BEGIN_QUOTE
A note for the paranoid is that on mobile devices you get redirected to a different onion address which is specially set up for the mobile interface, so don't be alarmed that it looks like your connection is being hijacked.
#+END_QUOTE
* With Emacs
If you are an Emacs user then you can also read your RSS feeds via the [[https://github.com/dk87/avandu][Avandu]] mode.
Add the following to your configuration, changing the address and password as appropriate.
#+begin_src emacs-lisp :tangle no
(setq avandu-tt-rss-api-url "http://rss_reader_onion_address/api/"
avandu-user "admin"
avandu-password "mypassword")
#+end_src
If you don't already have Emacs set up to route through Tor then also add the following:
#+begin_src emacs-lisp :tangle no
(setq socks-noproxy '("localhost"))
(require 'socks)
(require 'tls)
(setq socks-server (list "Tor socks" "localhost" 9050 5))
#+end_src
And ensure that the Tor daemon is installed. On a debian based system:
#+begin_src bash :tangle no
sudo apt-get install tor
#+end_src
or on Arch/Parabola:
#+begin_src bash :tangle no
sudo pacman -S tor
sudo systemctl enable tor
sudo systemctl start tor
#+end_src